Date: Tue, 21 Feb 2023 22:59:24 GMT From: Craig Leres <leres@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-branches@FreeBSD.org Subject: git: 4533313d493c - 2023Q1 - security/zeek: Update to 5.0.7 Message-ID: <202302212259.31LMxOp6082510@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch 2023Q1 has been updated by leres: URL: https://cgit.FreeBSD.org/ports/commit/?id=4533313d493cce2213a2b30f2e93e17c959b52f0 commit 4533313d493cce2213a2b30f2e93e17c959b52f0 Author: Craig Leres <leres@FreeBSD.org> AuthorDate: 2023-02-21 22:39:32 +0000 Commit: Craig Leres <leres@FreeBSD.org> CommitDate: 2023-02-21 22:59:06 +0000 security/zeek: Update to 5.0.7 https://github.com/zeek/zeek/releases/tag/v5.0.7 This release fixes the following potential DoS vulnerabilities: - Receiving DNS responses from async DNS requests (via the lookup_addr, etc BIF methods) with the TTL set to zero could cause the DNS manager to eventually stop being able to make new requests. - Specially-crafted FTP packets with excessively long usernames, passwords, or other fields could cause log writes to use large amounts of disk space. - The find_all and find_all_ordered BIF methods could take extremely large amounts of time to process incoming data depending on the size of the input. This release fixes the following bugs: - Various issues with signed/unsigned character discrepancies on arm64 builds are fixed. - A performance degredation in debug builds involving hashing large keys for Dictionaries was fixed. Reported by: Tim Wojtulewicz Security: 7a425536-74f7-4ce4-9768-0079a9d44d11 (cherry picked from commit 4e0e0f48d7e3d4f0c495e2f6ac03fd70988f8777) --- security/zeek/Makefile | 2 +- security/zeek/distinfo | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/security/zeek/Makefile b/security/zeek/Makefile index 1f01fc9b8ff8..bd19db02f84e 100644 --- a/security/zeek/Makefile +++ b/security/zeek/Makefile @@ -1,5 +1,5 @@ PORTNAME= zeek -DISTVERSION= 5.0.6 +DISTVERSION= 5.0.7 CATEGORIES= security MASTER_SITES= https://download.zeek.org/ DISTFILES= ${DISTNAME}${EXTRACT_SUFX} diff --git a/security/zeek/distinfo b/security/zeek/distinfo index 4de597e32031..e7a1a8a92fc2 100644 --- a/security/zeek/distinfo +++ b/security/zeek/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1675274462 -SHA256 (zeek-5.0.6.tar.gz) = 8e09916c43beba457f76484be46dad2858a5983d95624e55a70e06a1c76ce2d2 -SIZE (zeek-5.0.6.tar.gz) = 42794815 +TIMESTAMP = 1677013835 +SHA256 (zeek-5.0.7.tar.gz) = dbb9788260269c5a75eb5d18fd9ad0df1f06f00757cdde9d86994b35428b5776 +SIZE (zeek-5.0.7.tar.gz) = 42798267 SHA256 (zeek-zeek-netmap-v2.0.0_GH0.tar.gz) = d37a69babfbb62a51a2413d6b83ae792ce1e7f1ccb1d51bd6b209a10fe5c4d75 SIZE (zeek-zeek-netmap-v2.0.0_GH0.tar.gz) = 9100
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202302212259.31LMxOp6082510>