Netatalk CVE Announcement
On March 21st 2022, the Netatalk project commited an update announcing 7 CVEs. Of those six affect AFP on TrueNAS 12.0 CVE-2022-23121 CVE-2022-23123 CVE-2022-23122 CVE-2022-23125 CVE-2022-23124 CVE-2022-0194 The CVEs only affect TrueNAS CORE. TrueNAS SCALE is not vulnerable. A fix for these CVEs has been completed, update any TrueNAS systems to version 12.0-U8.1 as soon as possible. iXsystems strongly recommends using the SMB or NFS sharing protocols. Users with different sharing protocols are encouraged to consider migrating.