From nobody Tue Sep 12 21:26:34 2023
X-Original-To: dev-commits-ports-main@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Rlc8p3BQlz4t82J;
	Tue, 12 Sep 2023 21:26:34 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Rlc8p2JfPz3fx0;
	Tue, 12 Sep 2023 21:26:34 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1694553994;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=JYOlsFphlgbO/GR1qppQRI53zagHrPnUuvgAh1lzgDo=;
	b=eUCrxCNWj4GiXHibM+rFCi5MfjQ5EaN1rvTCzO9jjyZVVe/qVspYkXGibg/NJlQSnoLF0E
	YiM87Tr/U1wsZ/wA/ZueIbEC6o5yDAYkPmuBxY89xKA6aoa3njIGitAcgHpOa4CJz5BKiy
	rvv0E6CX8iNv4si9RIwb66gn/sWmRSW1Om5CY7HiBu/Rl7javnY66pIhV8G6ydj3jSakJn
	abmgjMODOPVhauAUDToC4o3XCt40mfmAYmXtq6sYRy2t4Qm38lyFDHFjS6ubcHaK/uraJz
	K3+bvT48W+7+fhBvvnlAGWQapeLbaHZLt/u6i9KZLHOOB9mVhQXaOL06oswHng==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1694553994; a=rsa-sha256; cv=none;
	b=kQ2FPCWISBK7ra7yYkmR9PcAuS7FG1F3qAgsZqif4NjAO/m2g2xUMePhKckI5/3WNxzj8x
	FISAx7rBWFWM5g6XkaKCzUlH+mtESch7lpgmpSIXIeN/+BXqbC3eNkhHMbnv4zOrsRLbur
	peGz3k9CXK47iYjP6lVtwDUMJl6J4NVH4hgWlRZc4cIQcvS99pJ8onV34r4qd7WN1LF7j6
	HdF8gT6ZDncNZRKOnnZ1UnIqAsW8vjYUP/W+FqzE1PPR5XBZiqGXS2eiL5C0bpYThKfJ6t
	abw9CrSimz1+h5L7koF8H9L7VT/mvONi1efVX39jZ/2IknSTGvvX1kESA5A5UA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1694553994;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=JYOlsFphlgbO/GR1qppQRI53zagHrPnUuvgAh1lzgDo=;
	b=VMCB+KJ6DuhAJ2vzqE3E8zrRWh+nJb6oImKwRlJ+kHrF06zXlEOnDAFRjxODZsoTFsEEEl
	buq6K74TnH8WPWPrZ1FrzwC6c0jPxhc5MrK0IcWsJFYLrA7rdBKAEePR9eb+ofsNO3om3y
	Mh9OWFTw8zK3X/EM5icHMQ9jc1d6cSVoa7WC/4e/CUSIf4YU/T3KAd063WpJxqxjGvdJsl
	lqYQ1DwBI2QFZbLCBR07L9E9laCZS+5iW4aurJ5SCNFp447NBKE2bkQJJ0uGTGfxl11Jsa
	3CyjB44a/vRSPtpuzkKAwJI0bmXwy1DSgi85wdy3oLNvZBEGvozYd9OFf+Fctg==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Rlc8p1HTvznNv;
	Tue, 12 Sep 2023 21:26:34 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 38CLQYlV038840;
	Tue, 12 Sep 2023 21:26:34 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 38CLQYp3038837;
	Tue, 12 Sep 2023 21:26:34 GMT
	(envelope-from git)
Date: Tue, 12 Sep 2023 21:26:34 GMT
Message-Id: <202309122126.38CLQYp3038837@gitrepo.freebsd.org>
To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org,
        dev-commits-ports-main@FreeBSD.org
From: Craig Leres <leres@FreeBSD.org>
Subject: git: c729310c3535 - main - security/vuxml: Mark zeek <
  6.0.1 as vulnerable as per:
List-Id: Commits to the main branch of the FreeBSD ports repository <dev-commits-ports-main.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-main
List-Help: <mailto:dev-commits-ports-main+help@freebsd.org>
List-Post: <mailto:dev-commits-ports-main@freebsd.org>
List-Subscribe: <mailto:dev-commits-ports-main+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-ports-main+unsubscribe@freebsd.org>
Sender: owner-dev-commits-ports-main@freebsd.org
X-BeenThere: dev-commits-ports-main@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: leres
X-Git-Repository: ports
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: c729310c3535bd43845fb7fb4c94cc334ad05385
Auto-Submitted: auto-generated

The branch main has been updated by leres:

URL: https://cgit.FreeBSD.org/ports/commit/?id=c729310c3535bd43845fb7fb4c94cc334ad05385

commit c729310c3535bd43845fb7fb4c94cc334ad05385
Author:     Craig Leres <leres@FreeBSD.org>
AuthorDate: 2023-09-12 21:26:02 +0000
Commit:     Craig Leres <leres@FreeBSD.org>
CommitDate: 2023-09-12 21:26:02 +0000

    security/vuxml: Mark zeek < 6.0.1 as vulnerable as per:
    
        https://github.com/zeek/zeek/releases/tag/v6.0.1
    
    This release fixes the following potential DoS vulnerabilities:
    
     - File extraction limits were not correctly enforced for files
       containing large amounts of missing bytes.
    
     - Sessions are sometimes not cleaned up completely within Zeek
       during shutdown,
       potentially causing a crash when using the -B dpd flag for debug logging.
    
     - A specially-crafted HTTP packet can cause Zeek's filename
       extraction code to take a long time to process the data.
    
     - A specially-crafted series of FTP packets made up of a CWD request
       followed by a large amount of ERPT requests may cause Zeek to
       spend a long time logging the commands.
    
     - A specially-crafted VLAN packet can cause Zeek to overflow memory
       and potentially crash.
    
    Reported by:    Tim Wojtulewicz
---
 security/vuxml/vuln/2023.xml | 38 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 38 insertions(+)

diff --git a/security/vuxml/vuln/2023.xml b/security/vuxml/vuln/2023.xml
index 722ad283d3e7..4899d98e6897 100644
--- a/security/vuxml/vuln/2023.xml
+++ b/security/vuxml/vuln/2023.xml
@@ -1,3 +1,41 @@
+  <vuln vid="8eefa87f-31f1-496d-bf8e-2b465b6e4e8a">
+    <topic>zeek -- potential DoS vulnerabilities</topic>
+    <affects>
+      <package>
+	<name>zeek</name>
+	<range><lt>6.0.1</lt></range>
+      </package>
+    </affects>
+    <description>
+      <body xmlns="http://www.w3.org/1999/xhtml">
+	<p>Tim Wojtulewicz of Corelight reports:</p>
+	<blockquote cite="https://github.com/zeek/zeek/releases/tag/v6.0.1">
+	  <p> File extraction limits were not correctly enforced
+	  for files containing large amounts of missing bytes. </p>
+	  <p> Sessions are sometimes not cleaned up completely
+	  within Zeek during shutdown, potentially causing a crash
+	  when using the -B dpd flag for debug logging. </p>
+	  <p> A specially-crafted HTTP packet can cause Zeek's
+	  filename extraction code to take a long time to process
+	  the data. </p>
+	  <p> A specially-crafted series of FTP packets made up of
+	  a CWD request followed by a large amount of ERPT requests
+	  may cause Zeek to spend a long time logging the commands.
+	  </p>
+	  <p> A specially-crafted VLAN packet can cause Zeek to
+	  overflow memory and potentially crash. </p>
+	</blockquote>
+      </body>
+    </description>
+    <references>
+      <url>https://github.com/zeek/zeek/releases/tag/v6.0.1</url>
+    </references>
+    <dates>
+      <discovery>2023-09-12</discovery>
+      <entry>2023-09-12</entry>
+    </dates>
+  </vuln>
+
   <vuln vid="4061a4b2-4fb1-11ee-acc7-0151f07bc899">
     <topic>gitea -- block user account creation from blocked email domains</topic>
     <affects>