Date: Tue, 17 Sep 2019 23:13:57 +0000 (UTC) From: Craig Leres <leres@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r512245 - head/security/bro Message-ID: <201909172313.x8HNDvjY016917@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: leres Date: Tue Sep 17 23:13:57 2019 New Revision: 512245 URL: https://svnweb.freebsd.org/changeset/ports/512245 Log: security/bro: Update to 2.6.4 and address a potential Denial of Service vulnerability: https://raw.githubusercontent.com/zeek/zeek/3b5a9f88ece1d274edee897837e280ef751bde94/NEWS - The NTLM analyzer did not properly handle AV Pair sequences that were either empty or unterminated, resulting in invalid memory access or heap buffer over-read. The NTLM analyzer is enabled by default and used in the analysis of SMB, DCE/RPC, and GSSAPI protocols. Approved by: ler (mentor, implicit) MFH: 2019Q3 Security: 55571619-454e-4769-b1e5-28354659e152 Modified: head/security/bro/Makefile head/security/bro/distinfo Modified: head/security/bro/Makefile ============================================================================== --- head/security/bro/Makefile Tue Sep 17 23:10:32 2019 (r512244) +++ head/security/bro/Makefile Tue Sep 17 23:13:57 2019 (r512245) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= bro -PORTVERSION= 2.6.3 +PORTVERSION= 2.6.4 CATEGORIES= security MASTER_SITES= https://www.zeek.org/downloads/ DISTFILES= ${DISTNAME}${EXTRACT_SUFX} Modified: head/security/bro/distinfo ============================================================================== --- head/security/bro/distinfo Tue Sep 17 23:10:32 2019 (r512244) +++ head/security/bro/distinfo Tue Sep 17 23:13:57 2019 (r512245) @@ -1,5 +1,5 @@ -TIMESTAMP = 1565320389 -SHA256 (bro-2.6.3.tar.gz) = 469dd7456af388ba65d8722fbfdd5b9182f14def16149aa5ebceb1cfd881697f -SIZE (bro-2.6.3.tar.gz) = 28480249 +TIMESTAMP = 1568760632 +SHA256 (bro-2.6.4.tar.gz) = a47a9cdcef0ea14d5f70c390ab266f0333063ff96f3869a5f1609581a1d1ceb7 +SIZE (bro-2.6.4.tar.gz) = 28481281 SHA256 (bro-bro-netmap-cf88debf487b31ab30dc3b5bac64783b4e49997e_GH0.tar.gz) = 383423f92932c3ef244194954708b3a237b4f37ebc358014f51dcb3b9786896b SIZE (bro-bro-netmap-cf88debf487b31ab30dc3b5bac64783b4e49997e_GH0.tar.gz) = 24630
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201909172313.x8HNDvjY016917>