svn commit: r528617 - branches/2020Q1/security/zeek

Craig Leres leres at FreeBSD.org
Wed Mar 18 00:24:52 UTC 2020 

Author: leres
Date: Wed Mar 18 00:24:50 2020
New Revision: 528617
URL: https://svnweb.freebsd.org/changeset/ports/528617

Log:
  MFH: r528508
  
  security/bro: Update to 3.0.3 and address a number of potential
  denial of service issues:
  
     https://github.com/zeek/zeek/releases/tag/v3.0.2
     https://github.com/zeek/zeek/releases/tag/v3.0.3
  
   - Potential Denial of Service due to memory leak in DNS TSIG message
     parsing.
  
   - Potential Denial of Service due to memory leak (or assertion
     when compiling with assertions enabled) when receiving a second
     SSH KEX message after a first.
  
   - Potential Denial of Service due to buffer read overflow and/or
     memory leaks in Kerberos analyzer.  The buffer read overflow
     could occur when the Kerberos message indicates it contains an
     IPv6 address, but does not send enough data to parse out a full
     IPv6 address.  A memory leak could occur when processing KRB_KDC_REQ
     KRB_KDC_REP messages for message types that do not match a
     known/expected type.
  
   - Potential Denial of Service when sending many zero-length SSL/TLS
     certificate data.  Such messages underwent the full Zeek file
     analysis treatment which is expensive (and meaninguless here)
     compared to how cheaply one can "create" or otherwise indicate
     many zero-length contained in an SSL message.
  
   - Potential Denial of Service due to buffer read overflow in SMB
     transaction data string handling.  The length of strings being
     parsed from SMB messages was trusted to be whatever the message
     claimed instead of the actual length of data found in the message.
  
   - Potential Denial of Service due to null pointer dereference in
     FTP ADAT Base64 decoding.
  
   - Potential Denial of Service due buffer read overflow in FTP
     analyzer word/whitespace handling.  This typically won't be a
     problem in most default deployments of Zeek since the FTP analyzer
     receives data from a ContentLine (NVT) support analyzer which
     first null-terminates the buffer used for further FTP parsing.
  
  Approved by:	ler (mentor, implicit)
  Security:	4ae135f7-85cd-4c32-ad94-358271b31f7f
  
  Approved by:	ports-secteam (joneum)

Modified:
  branches/2020Q1/security/zeek/Makefile
  branches/2020Q1/security/zeek/distinfo
Directory Properties:
  branches/2020Q1/   (props changed)

Modified: branches/2020Q1/security/zeek/Makefile
==============================================================================
--- branches/2020Q1/security/zeek/Makefile	Wed Mar 18 00:21:59 2020	(r528616)
+++ branches/2020Q1/security/zeek/Makefile	Wed Mar 18 00:24:50 2020	(r528617)
@@ -2,9 +2,9 @@
 # $FreeBSD$
 
 PORTNAME=	zeek
-PORTVERSION=	3.0.1
+PORTVERSION=	3.0.3
 CATEGORIES=	security
-MASTER_SITES=	https://www.zeek.org/downloads/
+MASTER_SITES=	https://old.zeek.org/downloads/
 DISTFILES=	${DISTNAME}${EXTRACT_SUFX}
 
 MAINTAINER=	leres at FreeBSD.org

Modified: branches/2020Q1/security/zeek/distinfo
==============================================================================
--- branches/2020Q1/security/zeek/distinfo	Wed Mar 18 00:21:59 2020	(r528616)
+++ branches/2020Q1/security/zeek/distinfo	Wed Mar 18 00:24:50 2020	(r528617)
@@ -1,5 +1,5 @@
-TIMESTAMP = 1576099434
-SHA256 (zeek-3.0.1.tar.gz) = 79f4f3efd883c9c2960295778dc290372d10874380fd88450271652e829811d2
-SIZE (zeek-3.0.1.tar.gz) = 29253371
+TIMESTAMP = 1584248063
+SHA256 (zeek-3.0.3.tar.gz) = 42a178cc9d28e4f20373e415727845a2c52bacdab535d6f810fe2d3cd02e9c76
+SIZE (zeek-3.0.3.tar.gz) = 29270043
 SHA256 (bro-bro-netmap-f3620df_GH0.tar.gz) = e51f420781c9a01b0494f93d82f94a1b045725c1cff406c33887974a9940c655
 SIZE (bro-bro-netmap-f3620df_GH0.tar.gz) = 24661

More information about the svn-ports-all mailing list