git: 88e61376dbdf - 2023Q1 - security/zeek: Update to 5.0.6
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 21 Feb 2023 22:59:22 UTC
The branch 2023Q1 has been updated by leres: URL: https://cgit.FreeBSD.org/ports/commit/?id=88e61376dbdfcb40d5454c1bc6e154835b8060a5 commit 88e61376dbdfcb40d5454c1bc6e154835b8060a5 Author: Craig Leres <leres@FreeBSD.org> AuthorDate: 2023-02-01 19:06:38 +0000 Commit: Craig Leres <leres@FreeBSD.org> CommitDate: 2023-02-21 22:59:05 +0000 security/zeek: Update to 5.0.6 https://github.com/zeek/zeek/releases/tag/v5.0.6 This release fixes the following potential DoS vulnerabilities: - A missing field in the SMB FSControl script-land record could cause a heap buffer overflow when receiving packets containing those header types. - Receiving a series of packets that start with HTTP/1.0 and then switch to HTTP/0.9 could cause Zeek to spend a large amount of time processing the packets. - Receiving large numbers of FTP commands sequentially from the network with bad data in them could cause Zeek to spend a large amount of time processing the packets, and generate a large amount of events. This release fixes the following bugs: - Zeek could throw a scripting error when receiving SMB1 packets containing connect_andx_response messages prior to receiving an associated request. - A performance regression from 4.2 to 5.0 when reading pcap files related to Broker's internal clock was fixed. - Notices created for files transferred over multiple connections will now be associated with one of the connections rather than none. - A new file_over_new_connection event was added to the Intel framework, for use when receiving files over established connections (for example, HTTP). - The error message returned when trying use invalid enums in scripts now correctly includes the script location. Reported by: Tim Wojtulewicz Security: 2b5fc9c4-eaca-46e0-83d0-9b10c51c4b1b (cherry picked from commit 85faac2f4c4a9a545a15ffb797ecb41ea3d985e5) --- security/zeek/Makefile | 2 +- security/zeek/distinfo | 6 +++--- security/zeek/pkg-plist | 1 + 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/security/zeek/Makefile b/security/zeek/Makefile index 947b07007578..1f01fc9b8ff8 100644 --- a/security/zeek/Makefile +++ b/security/zeek/Makefile @@ -1,5 +1,5 @@ PORTNAME= zeek -DISTVERSION= 5.0.5 +DISTVERSION= 5.0.6 CATEGORIES= security MASTER_SITES= https://download.zeek.org/ DISTFILES= ${DISTNAME}${EXTRACT_SUFX} diff --git a/security/zeek/distinfo b/security/zeek/distinfo index 0e73e546fd53..4de597e32031 100644 --- a/security/zeek/distinfo +++ b/security/zeek/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1673303190 -SHA256 (zeek-5.0.5.tar.gz) = 3efed010ab2dcf623667d13b485dfec6d28f2b65f97e4c9f0f9192c37ace88d1 -SIZE (zeek-5.0.5.tar.gz) = 42718981 +TIMESTAMP = 1675274462 +SHA256 (zeek-5.0.6.tar.gz) = 8e09916c43beba457f76484be46dad2858a5983d95624e55a70e06a1c76ce2d2 +SIZE (zeek-5.0.6.tar.gz) = 42794815 SHA256 (zeek-zeek-netmap-v2.0.0_GH0.tar.gz) = d37a69babfbb62a51a2413d6b83ae792ce1e7f1ccb1d51bd6b209a10fe5c4d75 SIZE (zeek-zeek-netmap-v2.0.0_GH0.tar.gz) = 9100 diff --git a/security/zeek/pkg-plist b/security/zeek/pkg-plist index 283d0503be86..687552ce21bc 100644 --- a/security/zeek/pkg-plist +++ b/security/zeek/pkg-plist @@ -354,6 +354,7 @@ include/broker/zeek.hh %%SPICY%%include/hilti/rt/3rdparty/ghc/fs_std.hpp %%SPICY%%include/hilti/rt/3rdparty/ghc/fs_std_fwd.hpp %%SPICY%%include/hilti/rt/3rdparty/ghc/fs_std_impl.hpp +%%SPICY%%include/hilti/rt/3rdparty/nlohmann/json.hpp %%SPICY%%include/hilti/rt/3rdparty/nlohmann/json_fwd.hpp %%SPICY%%include/hilti/rt/3rdparty/tinyformat/tinyformat.h %%SPICY%%include/hilti/rt/any.h