Date: Mon, 22 Jan 2024 17:53:55 GMT From: Craig Leres <leres@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: e81dfaab6a05 - main - security/zeek: Update to 6.0.3 Message-ID: <202401221753.40MHrtRu058251@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by leres: URL: https://cgit.FreeBSD.org/ports/commit/?id=e81dfaab6a0511eeb704adfffeb68c6be034bb4c commit e81dfaab6a0511eeb704adfffeb68c6be034bb4c Author: Craig Leres <leres@FreeBSD.org> AuthorDate: 2024-01-22 17:53:28 +0000 Commit: Craig Leres <leres@FreeBSD.org> CommitDate: 2024-01-22 17:53:28 +0000 security/zeek: Update to 6.0.3 https://github.com/zeek/zeek/releases/tag/v6.0.3 This release fixes the following potential DoS vulnerability: - A specially-crafted series of packets containing nested MIME entities can cause Zeek to spend large amounts of time parsing the entities. This release fixes the following bugs: - CMake correctly passes along third-party package information when building plugins. - Fix a problem with the HTTP analyzer where a signature regex ending in '$' used to match against 'http-request-body' or 'http-reply-bdoy' will never succeed. - The DNS analyzer now understands the Ed25519 and Ed448 signature algorithms. - The SMB::State$recent_files field was not correctly expiring entries, leading to unbounded state growth. - The &create_expire attribute is now kept valid after clearing a table. Reported by: Tim Wojtulewicz Security: fedf7e71-61bd-49ec-aaf0-6da14bdbb319 --- security/zeek/Makefile | 3 +-- security/zeek/distinfo | 6 +++--- security/zeek/pkg-plist | 2 ++ 3 files changed, 6 insertions(+), 5 deletions(-) diff --git a/security/zeek/Makefile b/security/zeek/Makefile index 79b7ba0eed14..b2c0bc260b52 100644 --- a/security/zeek/Makefile +++ b/security/zeek/Makefile @@ -1,6 +1,5 @@ PORTNAME= zeek -DISTVERSION= 6.0.2 -PORTREVISION= 1 +DISTVERSION= 6.0.3 CATEGORIES= security MASTER_SITES= https://download.zeek.org/ DISTFILES= ${DISTNAME}${EXTRACT_SUFX} diff --git a/security/zeek/distinfo b/security/zeek/distinfo index 2f9b2eae87e8..677c0645e529 100644 --- a/security/zeek/distinfo +++ b/security/zeek/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1698437165 -SHA256 (zeek-6.0.2.tar.gz) = 2421989adcee6a29f48a8f7272f719edbe954d66c2e86e3a52e79cae177f887c -SIZE (zeek-6.0.2.tar.gz) = 60175209 +TIMESTAMP = 1705944333 +SHA256 (zeek-6.0.3.tar.gz) = 227edf0e1e6b54dc9893cfd1ecd8621291cc85d1d06808874394aad555f8a8a4 +SIZE (zeek-6.0.3.tar.gz) = 60225127 diff --git a/security/zeek/pkg-plist b/security/zeek/pkg-plist index d7c06b5f6092..c009aca9bf16 100644 --- a/security/zeek/pkg-plist +++ b/security/zeek/pkg-plist @@ -739,6 +739,7 @@ include/zeek/analyzer/protocol/login/Telnet.h include/zeek/analyzer/protocol/login/events.bif.h include/zeek/analyzer/protocol/login/functions.bif.h include/zeek/analyzer/protocol/mime/MIME.h +include/zeek/analyzer/protocol/mime/consts.bif.h include/zeek/analyzer/protocol/mime/events.bif.h include/zeek/analyzer/protocol/modbus/Modbus.h include/zeek/analyzer/protocol/modbus/events.bif.h @@ -1379,6 +1380,7 @@ share/man/man8/zeek.8.gz %%DATADIR%%/base/bif/plugins/Zeek_KRB.types.bif.zeek %%DATADIR%%/base/bif/plugins/Zeek_Login.events.bif.zeek %%DATADIR%%/base/bif/plugins/Zeek_Login.functions.bif.zeek +%%DATADIR%%/base/bif/plugins/Zeek_MIME.consts.bif.zeek %%DATADIR%%/base/bif/plugins/Zeek_MIME.events.bif.zeek %%DATADIR%%/base/bif/plugins/Zeek_MQTT.events.bif.zeek %%DATADIR%%/base/bif/plugins/Zeek_MQTT.types.bif.zeek
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202401221753.40MHrtRu058251>