netatalk.io

Netatalk 4.2.0 is available!

The Netatalk team is proud to announce the first version in the Netatalk 4.2 release series. This release is recommended for early adopters. We made range of breaking changes under the hood, so please take a backup of your shared volumes before proceeding with an upgrade!

Security and Reliability

Netatalk 4.2 is more resilient against buffer overflows, undefined behavior, memory leaks, etc.

We are now more aggressively controlling and validating the size of buffers, check for NULL pointers, free dynamically allocated memory, initialize variables before use, control filesystem access with file handlers to avoid race conditions, and so on.

For the first time ever, we pass our own Quality Gate on SonarQube.

While we haven’t seen any side effects in our testing, there is a small chance that edge cases are seeing different behavior now, for instance due to C strings being truncated instead of allowed to overflow. If you find new bugs, please report them to us!

iniparser

Netatalk 4.2 is now depending on the iniparser shared library on your system. We have completed eliminated our bundled fork/hacked version of iniparser.

As a result, iniparser is now a hard dependency for Netatalk. Among our officially supported operating systems, only Oracle Solaris is lacking a packaged iniparser library. On Solaris, you can build your own shared library from upstream tarball. The iniparser library is written in pure C and has no dependencies, so it’s trivial to build.

Since we had several local hacks to iniparser, this leads to a handful of changed behaviors:

Markdown docs

All XML documentation has been converted to Markdown. We now depend on cmark to transcode Markdown to roff man pages, and cmark-gfm for html pages (because of the Markdown tables extension).

This removes Netatalk’s dependency on DocBook XSL and the XML stack to build documentation.

Changes to afp.conf settings

A handful of afp.conf settings have been added, removed, or changed.

Changes to Meson build system options

Overall, the Meson build system has been cleaned up to remove autoconf-isms and obsolete flags.

pap CUPS backend

We now bundle a modified version of Thomas Kaiser’s pap backend for CUPS. It will be installed next to the other CUPS backends on your system. It enables printing from modern computers to f.e. a LocalTalk networked Apple LaserWriter.

Edit the backend (which is shell script) to configure other printer models.

Please note that the upcoming CUPS v3 is expected to do away with custom backends. CUPS v2 is recommended.

Secure tmp file handling

Temporary file handling has been standardized and made more secure. Rather than hard coding to /tmp, we are now sensitive to the standard TMPDIR env variable. Also, temporary files will be put under unique named subdirs (netatalk-[pid]) to the tmp folder.

Docker container

Several new features have been added to the Docker container.

Additionally, the entrypoint script has been converted to POSIX shell, removing the dependency on bash.

What’s Changed

New Contributors

Full Changelog: https://github.com/Netatalk/netatalk/compare/netatalk-4-1-1…netatalk-4-2-0

Footnotes

Release published on 2025-03-31

Generated from GitHub Release Notes