git: e97ac1d5577a - main - security/zeek: Update to 7.0.3

From: Craig Leres <leres_at_FreeBSD.org>
Date: Sat, 05 Oct 2024 01:33:53 UTC
The branch main has been updated by leres:

URL: https://cgit.FreeBSD.org/ports/commit/?id=e97ac1d5577aa21d4eec693df5a608cb28526599

commit e97ac1d5577aa21d4eec693df5a608cb28526599
Author:     Craig Leres <leres@FreeBSD.org>
AuthorDate: 2024-10-05 01:33:24 +0000
Commit:     Craig Leres <leres@FreeBSD.org>
CommitDate: 2024-10-05 01:33:24 +0000

    security/zeek: Update to 7.0.3
    
        https://github.com/zeek/zeek/releases/tag/v7.0.3
    
    This release fixes the following potential DoS vulnerability:
    
     - Adding to the POP3 hardening in 7.0.2, the parser now simply
       discards too many pending commands, rather than any attempting
       to process them. Further, invalid server responses do not result
       in command completion anymore. Processing out-of-order commands
       or finishing commands based on invalid server responses could
       result in inconsistent analyzer state, potentially triggering
       null pointer references for crafted traffic.
    
    Reported by:    Tim Wojtulewicz
---
 security/zeek/Makefile | 2 +-
 security/zeek/distinfo | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/security/zeek/Makefile b/security/zeek/Makefile
index 3f7841c5239f..927e5cb64d40 100644
--- a/security/zeek/Makefile
+++ b/security/zeek/Makefile
@@ -1,5 +1,5 @@
 PORTNAME=	zeek
-DISTVERSION=	7.0.2
+DISTVERSION=	7.0.3
 CATEGORIES=	security
 MASTER_SITES=	https://download.zeek.org/
 
diff --git a/security/zeek/distinfo b/security/zeek/distinfo
index f386e3a8ceef..f2b29e55f71b 100644
--- a/security/zeek/distinfo
+++ b/security/zeek/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1727154773
-SHA256 (zeek-7.0.2.tar.gz) = 3b40304a01059d08c732e8f24b34f0070ec716e266e69edb24ad96ceed064781
-SIZE (zeek-7.0.2.tar.gz) = 95828919
+TIMESTAMP = 1728089705
+SHA256 (zeek-7.0.3.tar.gz) = 029e389f5405d8831657202a7be542be756a8c5811bfaab7376c1c6b10e1d9e3
+SIZE (zeek-7.0.3.tar.gz) = 95797500