From nobody Wed Feb 01 19:04:50 2023 X-Original-To: dev-commits-ports-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4P6WZC10nPz3bldM; Wed, 1 Feb 2023 19:04:51 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4P6WZC0HFpz3nl1; Wed, 1 Feb 2023 19:04:51 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1675278291; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=tgbQ4Z+cQ2ZUd8a/nAsSyY40TSb/hQlsPz7b8QdRz14=; b=QcfjAcPbkXyaUtMpOh2hWBBBW1cjohp9sAcu8b1FmtttVCBUFXaZrsyp91PBVNXwoSegz2 CkGMdml5GYz+R3aS5LTjn8HdTmERdGRS5ChsyTy+sc8uOPKBEFT1dKUYDHRTFSKaWeluqw 4gEZve3rC9AwJyepQKP1Z9CvAXctuS52Iyp6MhRneibvzqqZBw1uKnn7DgQaNuGOtaV4Gz 77Ckf7su0bzeChBJZk5kuTWhRo2sT7Zk9g5wDf07pnqTJfdIPAgDlH/xepkvuNiDwpbHPa sDWtJjCIhDhW6fRKODTmsi8T7bM1BspcIWbOKO4hT53ehhqGtBSbh7EEJqyE3Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1675278291; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=tgbQ4Z+cQ2ZUd8a/nAsSyY40TSb/hQlsPz7b8QdRz14=; b=lB+RsQZNFHd3QwZdIIfv60tVuhwWmcsKBJtD8tGncpw6UNxMVUsGEYkTlbRJmC0knsRJrA hz1rPIgrMmOwAUQ5af/ie9s0Bqg9/+1LAsCeujKpRy0QEIdZth02SjyRUp8C0kz6WmQ/JK FG7nJzjhigMECvC2jekyS+T5LwdGIt6kdz8d2CV4bZXhOIvhjiweTfikMxZQY6cWO3QP55 IZWaqEtLXUaO9kXucci53M4S9zQg7tF0lfZE0nsC1SgFXGG0mU2ze6Zqbt3aYolyOns6aY xIaRSThOf5mYOcJRi1+piQV0JLMDc+vFYh/FK+iYQ02z74yvvSB6w0Xnsa9CJA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1675278291; a=rsa-sha256; cv=none; b=UlJPTJFAw+eX+5OKWlOxZm4myUWnWpN0obrzl5AfJyHbDX3qTCC0xEjpI3S4h7lQ6J89Oi NCTAp319xzW0MrjAsNRu++JOUUcrrKxFA4md88dVWQv609tIuP8TrrzBiARtgdR59LK8ck LZfcwWlkNvECNAMlJjtsKyMkB43HVhoJBVhLcfl7ihDG1+56sd/4QVdLwbR8vBCPyGKB88 wpUe33onaVGvrOs7wnmcHtGmX/3Y5/IHYwPyu0Wpk60nsllzLkwmD17VHrYCPjsoCW1Jip T9n03Xc0hxYabOWxZgjYuXLrMDVX1xAL3Qop3Pjl4lnwfVPswtwN+HZ4xaGIVw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4P6WZB63mkzQLn; Wed, 1 Feb 2023 19:04:50 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 311J4ofT087187; Wed, 1 Feb 2023 19:04:50 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 311J4odJ087186; Wed, 1 Feb 2023 19:04:50 GMT (envelope-from git) Date: Wed, 1 Feb 2023 19:04:50 GMT Message-Id: <202302011904.311J4odJ087186@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org From: Craig Leres Subject: git: eb9cc2b88cb8 - main - security/vuxml: Mark zeek < 5.0.6 as vulnerable as per: List-Id: Commit messages for all branches of the ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-all@freebsd.org X-BeenThere: dev-commits-ports-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: leres X-Git-Repository: ports X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: eb9cc2b88cb8da14363d7f2119e2b2a008818840 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by leres: URL: https://cgit.FreeBSD.org/ports/commit/?id=eb9cc2b88cb8da14363d7f2119e2b2a008818840 commit eb9cc2b88cb8da14363d7f2119e2b2a008818840 Author: Craig Leres AuthorDate: 2023-02-01 19:04:19 +0000 Commit: Craig Leres CommitDate: 2023-02-01 19:04:19 +0000 security/vuxml: Mark zeek < 5.0.6 as vulnerable as per: https://github.com/zeek/zeek/releases/tag/v5.0.6 This release fixes the following potential DoS vulnerabilities: - A missing field in the SMB FSControl script-land record could cause a heap buffer overflow when receiving packets containing those header types. - Receiving a series of packets that start with HTTP/1.0 and then switch to HTTP/0.9 could cause Zeek to spend a large amount of time processing the packets. - Receiving large numbers of FTP commands sequentially from the network with bad data in them could cause Zeek to spend a large amount of time processing the packets, and generate a large amount of events. Reported by: Tim Wojtulewicz --- security/vuxml/vuln/2023.xml | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/security/vuxml/vuln/2023.xml b/security/vuxml/vuln/2023.xml index 309a52ac539d..3d1fc8654e62 100644 --- a/security/vuxml/vuln/2023.xml +++ b/security/vuxml/vuln/2023.xml @@ -1,3 +1,37 @@ + + zeek -- potential DoS vulnerabilities + + + zeek + 5.0.6 + + + + +

Tim Wojtulewicz of Corelight reports:

+
+

A missing field in the SMB FSControl script-land record could + cause a heap buffer overflow when receiving packets containing + those header types.

+

Receiving a series of packets that start with HTTP/1.0 + and then switch to HTTP/0.9 could cause Zeek to spend a + large amount of time processing the packets.

+

Receiving large numbers of FTP commands sequentially + from the network with bad data in them could cause Zeek + to spend a large amount of time processing the packets, + and generate a large amount of events.

+
+ +
+ + https://github.com/zeek/zeek/releases/tag/v5.0.6 + + + 2023-02-01 + 2023-02-01 + +
+ Gitlab -- Multiple Vulnerabilities