December 26, 2018

Important Security Update for TrueNAS

NOTE: Netatalk is included in TrueNAS. However, this vulnerability only impacts those who have the AFP service enabled in TrueNAS.

A new version of Netatalk (3.1.12) has been released that addresses a security vulnerability (CVE-2018-1160) for users of the Apple Filing Protocol (AFP). Due to the severity of this security advisory and the possibility of unauthenticated remote code execution, iXsystems has released a patch for the stable version of TrueNAS and updated the stable install version available for download. To ensure the version you are running is patched, look for this version name: TrueNAS 11.1-U6.3

TrueNAS customers can contact iXsystems Technical Support for a pre-update health check and to ask any technical questions regarding this update. You can contact Customer Support by calling 1-855-GREP-4-iX or emailing support@ixsystems.com.


  • 64611 Bug Address Netatalk CVE-2018-1160

Tickets can be viewed at the iXsystems & FreeNAS Redmine page.