Date: Tue, 12 Sep 2023 21:26:34 GMT From: Craig Leres <leres@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: c729310c3535 - main - security/vuxml: Mark zeek < 6.0.1 as vulnerable as per: Message-ID: <202309122126.38CLQYp3038837@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by leres: URL: https://cgit.FreeBSD.org/ports/commit/?id=c729310c3535bd43845fb7fb4c94cc334ad05385 commit c729310c3535bd43845fb7fb4c94cc334ad05385 Author: Craig Leres <leres@FreeBSD.org> AuthorDate: 2023-09-12 21:26:02 +0000 Commit: Craig Leres <leres@FreeBSD.org> CommitDate: 2023-09-12 21:26:02 +0000 security/vuxml: Mark zeek < 6.0.1 as vulnerable as per: https://github.com/zeek/zeek/releases/tag/v6.0.1 This release fixes the following potential DoS vulnerabilities: - File extraction limits were not correctly enforced for files containing large amounts of missing bytes. - Sessions are sometimes not cleaned up completely within Zeek during shutdown, potentially causing a crash when using the -B dpd flag for debug logging. - A specially-crafted HTTP packet can cause Zeek's filename extraction code to take a long time to process the data. - A specially-crafted series of FTP packets made up of a CWD request followed by a large amount of ERPT requests may cause Zeek to spend a long time logging the commands. - A specially-crafted VLAN packet can cause Zeek to overflow memory and potentially crash. Reported by: Tim Wojtulewicz --- security/vuxml/vuln/2023.xml | 38 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) diff --git a/security/vuxml/vuln/2023.xml b/security/vuxml/vuln/2023.xml index 722ad283d3e7..4899d98e6897 100644 --- a/security/vuxml/vuln/2023.xml +++ b/security/vuxml/vuln/2023.xml @@ -1,3 +1,41 @@ + <vuln vid="8eefa87f-31f1-496d-bf8e-2b465b6e4e8a"> + <topic>zeek -- potential DoS vulnerabilities</topic> + <affects> + <package> + <name>zeek</name> + <range><lt>6.0.1</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Tim Wojtulewicz of Corelight reports:</p> + <blockquote cite="https://github.com/zeek/zeek/releases/tag/v6.0.1"> + <p> File extraction limits were not correctly enforced + for files containing large amounts of missing bytes. </p> + <p> Sessions are sometimes not cleaned up completely + within Zeek during shutdown, potentially causing a crash + when using the -B dpd flag for debug logging. </p> + <p> A specially-crafted HTTP packet can cause Zeek's + filename extraction code to take a long time to process + the data. </p> + <p> A specially-crafted series of FTP packets made up of + a CWD request followed by a large amount of ERPT requests + may cause Zeek to spend a long time logging the commands. + </p> + <p> A specially-crafted VLAN packet can cause Zeek to + overflow memory and potentially crash. </p> + </blockquote> + </body> + </description> + <references> + <url>https://github.com/zeek/zeek/releases/tag/v6.0.1</url> + </references> + <dates> + <discovery>2023-09-12</discovery> + <entry>2023-09-12</entry> + </dates> + </vuln> + <vuln vid="4061a4b2-4fb1-11ee-acc7-0151f07bc899"> <topic>gitea -- block user account creation from blocked email domains</topic> <affects>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202309122126.38CLQYp3038837>