Date: Thu, 3 Jun 2021 00:15:56 GMT From: Craig Leres <leres@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: b9d6624c2bf0 - main - security/zeek: Update to 4.0.2 Message-ID: <202106030015.1530Fupl067382@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by leres: URL: https://cgit.FreeBSD.org/ports/commit/?id=b9d6624c2bf0584095d15260716597c9e31e37a4 commit b9d6624c2bf0584095d15260716597c9e31e37a4 Author: Craig Leres <leres@FreeBSD.org> AuthorDate: 2021-06-03 00:14:47 +0000 Commit: Craig Leres <leres@FreeBSD.org> CommitDate: 2021-06-03 00:14:47 +0000 security/zeek: Update to 4.0.2 https://github.com/zeek/zeek/releases/tag/v4.0.2 This release fixes several potential DoS vulnerabilities: - Fix potential Undefined Behavior in decode_netbios_name() and decode_netbios_name_type() BIFs. The latter has a possibility of a remote heap-buffer-overread, making this a potential DoS vulnerability. - Add some extra length checking when parsing mobile ipv6 packets. Due to the possibility of reading invalid headers from remote sources, this is a potential DoS vulnerability. Other fixes: - Fix heap-use-after-free after clear_table() on a table that uses expiration attributes. - Add fatal error for if table/Dictionary state ever becomes invalid since the behavior becomes unexpected/unclear at that point (e.g. when table bucket positions become large enough to overflow their 16-bit storage due to aggressive expiration-check settings preventing the re-positioning items) - Add missing "zeek/" to header includes, which can prevent external plugins from compiling against Zeek source-tree (e.g. via ./configure --zeek-dist=) - Fix reading empty set[enum] values and any vector of enum values from config files - Fix type-checks related to list-type equality Reported by: Tim Wojtulewicz MFH: 2021Q2 Security: a550d62c-f78d-4407-97d9-93876b6741b9 --- security/zeek/Makefile | 4 ++-- security/zeek/distinfo | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/security/zeek/Makefile b/security/zeek/Makefile index 1d52451ba418..428551c714ce 100644 --- a/security/zeek/Makefile +++ b/security/zeek/Makefile @@ -1,9 +1,9 @@ # Created by: David O'Brien <obrien@FreeBSD.org> PORTNAME= zeek -PORTVERSION= 4.0.1 +PORTVERSION= 4.0.2 CATEGORIES= security -MASTER_SITES= https://old.zeek.org/downloads/ +MASTER_SITES= https://download.zeek.org/ DISTFILES= ${DISTNAME}${EXTRACT_SUFX} MAINTAINER= leres@FreeBSD.org diff --git a/security/zeek/distinfo b/security/zeek/distinfo index 791c7d2127f7..b9a6ff91c026 100644 --- a/security/zeek/distinfo +++ b/security/zeek/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1619038578 -SHA256 (zeek-4.0.1.tar.gz) = 659a890f433cb730519966bdc41f1a03fb67e27e94b5d52ad9ee890022a12c3a -SIZE (zeek-4.0.1.tar.gz) = 29450307 +TIMESTAMP = 1622678290 +SHA256 (zeek-4.0.2.tar.gz) = 550713a9d3fd348783f39c959af7e569164c95b96cc3be28d7d5557bdeebfd95 +SIZE (zeek-4.0.2.tar.gz) = 29428156 SHA256 (zeek-zeek-netmap-v2.0.0_GH0.tar.gz) = d37a69babfbb62a51a2413d6b83ae792ce1e7f1ccb1d51bd6b209a10fe5c4d75 SIZE (zeek-zeek-netmap-v2.0.0_GH0.tar.gz) = 9100
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202106030015.1530Fupl067382>