Date: Fri, 26 Aug 2022 23:51:26 GMT From: Craig Leres <leres@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: c70809f54d9b - main - security/vuxml: Mark zeek < 5.0.1 as vulnerable as per: Message-ID: <202208262351.27QNpQsw050605@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by leres: URL: https://cgit.FreeBSD.org/ports/commit/?id=c70809f54d9b16527d194e6f229ea1625f6c53c3 commit c70809f54d9b16527d194e6f229ea1625f6c53c3 Author: Craig Leres <leres@FreeBSD.org> AuthorDate: 2022-08-26 23:50:45 +0000 Commit: Craig Leres <leres@FreeBSD.org> CommitDate: 2022-08-26 23:50:45 +0000 security/vuxml: Mark zeek < 5.0.1 as vulnerable as per: https://github.com/zeek/zeek/releases/tag/v5.0.1 The potential DoS vulnerabilities include: - Fix a possible overflow and crash in the ARP analyzer when receiving a specially crafted packet. - Fix a possible overflow and crash in the Modbus analyzer when receiving a specially crafted packet. - Fix two possible crashes when converting IP headers for output via the raw_packet event. - Fix an abort related to an error related to the ordering of record fields when processing DNS EDNS headers via events Reported by: Tim Wojtulewicz --- security/vuxml/vuln-2022.xml | 45 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) diff --git a/security/vuxml/vuln-2022.xml b/security/vuxml/vuln-2022.xml index 77783a209bea..d9e2e9a645fb 100644 --- a/security/vuxml/vuln-2022.xml +++ b/security/vuxml/vuln-2022.xml @@ -1,3 +1,48 @@ + <vuln vid="3110b29e-c82d-4287-9f6c-db82bb883b1e"> + <topic>zeek -- potential DoS vulnerabilities</topic> + <affects> + <package> + <name>zeek</name> + <range><lt>5.0.1</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>Tim Wojtulewicz of Corelight reports:</p> + <blockquote cite="https://github.com/zeek/zeek/releases/tag/v5.0.1">; + <p> Fix a possible overflow and crash in the ARP analyzer + when receiving a specially crafted packet. Due to the + possibility of this happening with packets received from + the network, this is a potential DoS vulnerability. </p> + <p> Fix a possible overflow and crash in the Modbus analyzer + when receiving a specially crafted packet. Due to the + possibility of this happening with packets received from + the network, this is a potential DoS vulnerability. </p> + <p> Fix two possible crashes when converting IP headers for + output via the raw_packet event. Due to the possibility of + this happening with packets received from the network, this + is a potential DoS vulnerability. Note that the raw_packet + event is not enabled by default so these are likely + low-severity issues. </p> + <p> Fix an abort related to an error related to the ordering + of record fields when processing DNS EDNS headers via events. + Due to the possibility of this happening with packets + received from the network, this is a potential DoS + vulnerability. Note that the dns_EDNS events are not + implemented by default so this is likely a low-severity + issue. </p> + </blockquote> + </body> + </description> + <references> + <url>https://github.com/zeek/zeek/releases/tag/v5.0.1</url>; + </references> + <dates> + <discovery>2022-08-23</discovery> + <entry>2022-08-26</entry> + </dates> + </vuln> + <vuln vid="36d10af7-248d-11ed-856e-d4c9ef517024"> <topic>MariaDB -- Multiple vulnerabilities</topic> <affects>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202208262351.27QNpQsw050605>