Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 21 Feb 2023 22:59:24 GMT
From:      Craig Leres <leres@FreeBSD.org>
To:        ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-branches@FreeBSD.org
Subject:   git: 4533313d493c - 2023Q1 - security/zeek: Update to 5.0.7
Message-ID:  <202302212259.31LMxOp6082510@gitrepo.freebsd.org>

next in thread | raw e-mail | index | archive | help
The branch 2023Q1 has been updated by leres:

URL: https://cgit.FreeBSD.org/ports/commit/?id=4533313d493cce2213a2b30f2e93e17c959b52f0

commit 4533313d493cce2213a2b30f2e93e17c959b52f0
Author:     Craig Leres <leres@FreeBSD.org>
AuthorDate: 2023-02-21 22:39:32 +0000
Commit:     Craig Leres <leres@FreeBSD.org>
CommitDate: 2023-02-21 22:59:06 +0000

    security/zeek: Update to 5.0.7
    
        https://github.com/zeek/zeek/releases/tag/v5.0.7
    
    This release fixes the following potential DoS vulnerabilities:
    
     - Receiving DNS responses from async DNS requests (via the
       lookup_addr, etc BIF methods) with the TTL set to zero could
       cause the DNS manager to eventually stop being able to make new
       requests.
    
     - Specially-crafted FTP packets with excessively long usernames,
       passwords, or other fields could cause log writes to use large
       amounts of disk space.
    
     - The find_all and find_all_ordered BIF methods could take extremely
       large amounts of time to process incoming data depending on the
       size of the input.
    
    This release fixes the following bugs:
    
     - Various issues with signed/unsigned character discrepancies on
       arm64 builds are fixed.
    
     - A performance degredation in debug builds involving hashing large
       keys for Dictionaries was fixed.
    
    Reported by:    Tim Wojtulewicz
    Security:       7a425536-74f7-4ce4-9768-0079a9d44d11
    
    (cherry picked from commit 4e0e0f48d7e3d4f0c495e2f6ac03fd70988f8777)
---
 security/zeek/Makefile | 2 +-
 security/zeek/distinfo | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/security/zeek/Makefile b/security/zeek/Makefile
index 1f01fc9b8ff8..bd19db02f84e 100644
--- a/security/zeek/Makefile
+++ b/security/zeek/Makefile
@@ -1,5 +1,5 @@
 PORTNAME=	zeek
-DISTVERSION=	5.0.6
+DISTVERSION=	5.0.7
 CATEGORIES=	security
 MASTER_SITES=	https://download.zeek.org/
 DISTFILES=	${DISTNAME}${EXTRACT_SUFX}
diff --git a/security/zeek/distinfo b/security/zeek/distinfo
index 4de597e32031..e7a1a8a92fc2 100644
--- a/security/zeek/distinfo
+++ b/security/zeek/distinfo
@@ -1,5 +1,5 @@
-TIMESTAMP = 1675274462
-SHA256 (zeek-5.0.6.tar.gz) = 8e09916c43beba457f76484be46dad2858a5983d95624e55a70e06a1c76ce2d2
-SIZE (zeek-5.0.6.tar.gz) = 42794815
+TIMESTAMP = 1677013835
+SHA256 (zeek-5.0.7.tar.gz) = dbb9788260269c5a75eb5d18fd9ad0df1f06f00757cdde9d86994b35428b5776
+SIZE (zeek-5.0.7.tar.gz) = 42798267
 SHA256 (zeek-zeek-netmap-v2.0.0_GH0.tar.gz) = d37a69babfbb62a51a2413d6b83ae792ce1e7f1ccb1d51bd6b209a10fe5c4d75
 SIZE (zeek-zeek-netmap-v2.0.0_GH0.tar.gz) = 9100



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202302212259.31LMxOp6082510>