Your message dated Mon, 01 Jun 2026 20:24:11 +0000
with message-id <[email protected]>
and subject line Bug#1138551: fixed in netatalk 4.5.0~ds-1
has caused the Debian Bug report #1138551,
regarding CVE-2026-49387: Heap out-of-bounds reads in Spotlight RPC element
counts
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1138551: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1138551
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: netatalk
Version: 4.4.3~ds-1
Severity: critical
Tags: security
X-Debbugs-Cc:
[email protected],[email protected]
will be resolved by upgrading to upstream v4.5.0
publickey - Daniel Markstedt - 0x3C47642E.asc
Description: application/pgp-keys
signature.asc
Description: OpenPGP digital signature
--- End Message ---
--- Begin Message ---
Source: netatalk
Source-Version: 4.5.0~ds-1
Done: Daniel Markstedt <[email protected]>
We believe that the bug you reported is fixed in the latest version of
netatalk, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Daniel Markstedt <[email protected]> (supplier of updated netatalk package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 01 Jun 2026 07:33:20 +0200
Source: netatalk
Architecture: source
Version: 4.5.0~ds-1
Distribution: unstable
Urgency: high
Maintainer: Debian Netatalk team <[email protected]>
Changed-By: Daniel Markstedt <[email protected]>
Closes: 1138551 1138553 1138554 1138556 1138557 1138558 1138559 1138560 1138561
1138562 1138563 1138564 1138565 1138566 1138567 1138568 1138569 1138570 1138571
1138572 1138573 1138574
Changes:
netatalk (4.5.0~ds-1) unstable; urgency=high
.
[ upstream ]
* new release
+ fix CVE-2026-7835 CVE-2026-7836 CVE-2026-7837 CVE-2026-44053
CVE-2026-44056 CVE-2026-44058 CVE-2026-44059 CVE-2026-44061
CVE-2026-44063 CVE-2026-44065 CVE-2026-44067 CVE-2026-44069
CVE-2026-44070 CVE-2026-44071 CVE-2026-44072 CVE-2026-44073
CVE-2026-44074 CVE-2026-44075 CVE-2026-49387 CVE-2026-49388
CVE-2026-49389 CVE-2026-49390
closes: #1138551,#1138553,#1138554,#1138556,#1138557,#1138558,
#1138559,#1138560,#1138561,#1138562,#1138563,#1138564,#1138565,
#1138566,#1138567,#1138568,#1138569,#1138570,#1138571,#1138572,
#1138573,#1138574
+ removed macusers script
+ removed netatalk-dbus.conf
+ ABI change, soversion bumped to v20
.
[ Daniel Markstedt ]
* transition from libevent to libev dependency
* remove libnet-dbus-perl dependency: afpstats now use unix sockets
* add dconf-cli dependency, now required by the localsearch backend
* install dconf config file for localsearch backend
* explicitly build cnid and localsearch spotlight backends
* install uams_srp.so shared library
* testsuite is big-endian compatible now, remove workaround
* use common package description in control
* add patch 001 for missing header include in afpd
Checksums-Sha1:
f000fcd95ca57f4d9d98d2a384e49ca68075484d 3561 netatalk_4.5.0~ds-1.dsc
af9764cf6780bcfe025cccc6efcb898d8f629ca8 1132476 netatalk_4.5.0~ds.orig.tar.xz
9709bfe5ebb99a9e281d9fc84082a1e27ce901d5 48512
netatalk_4.5.0~ds-1.debian.tar.xz
b6f868c79b667681c4826d8f5339c46c99d1a952 13728
netatalk_4.5.0~ds-1_source.buildinfo
Checksums-Sha256:
5118f10842e0b78f4c18e9942788906779c34b662c7526235f53083f1b0df8df 3561
netatalk_4.5.0~ds-1.dsc
7c57cb8cfbeafcfe875c9bb849cfec3b1c3fe55e44656e502013c5b82cefed96 1132476
netatalk_4.5.0~ds.orig.tar.xz
91a7dd98e194d89e689922735dae2354e53d24d5fdb5831c95968b9e5966a3b7 48512
netatalk_4.5.0~ds-1.debian.tar.xz
bc2ab22075486b10330020fb0c49c86c8df8d730fd8d6eb34082b67b02d399e6 13728
netatalk_4.5.0~ds-1_source.buildinfo
Files:
ce3af64d4dbcfd511a712f4249dc4180 3561 net optional netatalk_4.5.0~ds-1.dsc
96feebc8582270e4f1f35437076a45e2 1132476 net optional
netatalk_4.5.0~ds.orig.tar.xz
a55c2b47e7f916c462d9f1649d37a3e5 48512 net optional
netatalk_4.5.0~ds-1.debian.tar.xz
eb17684a7ffa8424f4b5bd0190e0479a 13728 net optional
netatalk_4.5.0~ds-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE8dFYDdvvelvlhX4MQfmhhuT3MaQFAmod5xUACgkQQfmhhuT3
MaSx9w/+Pj8KjRMw/RMXwlUU3HKL0Qzruq8JrKWtouGFxRbHsxTIkgY5qGfWg4Qi
kMi9dyzAGCckt5rnKIjl6ujONvC3yzWYjngcIxmcftdtHEV+wo8rhLXxbeKEnx3e
uxPhjcBpj2jfGQVLmvWDbYDWqA2TzhwGvOCL7hRuvtaabYfLW76bNQPVhcDofjyr
bhB60Z3xIuOwzKUkCLN5xXy9oxbkt9PHcYQzGLINZk7go1PGweznNhGUU7BTSzgZ
CFyDeHfLqXTgStWziFeEJ8qT0WmaTTsrTUCHNCMBSeQHe5gI5Nucorcef5sXbOwF
+kAzXAO+NNylCZxCeeSWG1GlW1uK2nU1rZGBIh0hmB0APC3uRcch8SOhz9WljxkY
BJ6SX4+b2AHT2PSE2u7A6JGWcBT2KcxLfc499tGF1wLWqnoi8Hr3yEUxFd7pXyL+
PYvTHmBjJVTW8ii4mf/+/kStV4AfajbXAJvY9jnNMMNh0gD3/rNcTAry3g4UaXBL
8SriKE2/1taipyVahIkI81rekiuRq0GdDUx4OGpz/SfJKMqlX5x+kECN0m72UYYS
hX4euWAm9NLx4DStlnyLUlU9ukPQHAjFPdim0CNnpVZLOp89SqkCQ2xz4xstHiK7
EalJAxe3rq8VmMJG/QpiKyrOxtBJMLz0ylBrlCA57zSN3P3L4Z8=
=nI1W
-----END PGP SIGNATURE-----
pgpee5dIQTnGA.pgp
Description: PGP signature
--- End Message ---
