Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 12 Sep 2023 21:28:24 GMT
From:      Craig Leres <leres@FreeBSD.org>
To:        ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org
Subject:   git: 730455c58e93 - main - security/zeek: Update to 6.0.0
Message-ID:  <202309122128.38CLSOY4039305@gitrepo.freebsd.org>

next in thread | raw e-mail | index | archive | help
The branch main has been updated by leres:

URL: https://cgit.FreeBSD.org/ports/commit/?id=730455c58e931465b3b8b9abf2e1edfb58863c29

commit 730455c58e931465b3b8b9abf2e1edfb58863c29
Author:     Craig Leres <leres@FreeBSD.org>
AuthorDate: 2023-09-12 21:27:54 +0000
Commit:     Craig Leres <leres@FreeBSD.org>
CommitDate: 2023-09-12 21:27:54 +0000

    security/zeek: Update to 6.0.0
    
        https://github.com/zeek/zeek/releases/tag/v6.0.1
    
    This release fixes the following potential DoS vulnerabilities:
    
     - File extraction limits were not correctly enforced for files
       containing large amounts of missing bytes.
    
     - Sessions are sometimes not cleaned up completely within Zeek
       during shutdown,
       potentially causing a crash when using the -B dpd flag for debug logging.
    
     - A specially-crafted HTTP packet can cause Zeek's filename
       extraction code to take a long time to process the data.
    
     - A specially-crafted series of FTP packets made up of a CWD request
       followed by a large amount of ERPT requests may cause Zeek to
       spend a long time logging the commands.
    
     - A specially-crafted VLAN packet can cause Zeek to overflow memory
       and potentially crash.
    
    This release fixes the following bugs:
    
     - Fixed a base64 decoding issue with the authorization field of
       HTTP request headers that was sometimes causing Zeek to output
       error messages.
    
     - Ensure that Zeek builds use the internal version of Spicy instead
       of external installations, unless specifically configured for
       that mode.
    
     - Support was added for switch fields when exporting Spicy types
       to Zeek.
    
     - A number of fixes were added to protect against potential unbounded
       state growth with the SMB and DCE-RPC analyzers. SMB close
       requests will properly tear down an related DCE-RPC analyzers.
    
     - Fixed a regression in the UDP and TCP analyzers that was causing
       more data than necessary to be forwarded to the next analyzer
       in the chain.
    
     - A connection's value is now updated in-place when its directionality
       is flipped due to Zeek's heuristics (for example, SYN/SYN-ACK
       reversal or protocol specific approaches).
    
     - Fixed undefined symbols being reported from Spicy when building
       some of the binary packages for Zeek.
    
     - Loading policy/frameworks/notice/community-id.zeek now also
       automatically community ID logging.
    
     - Spicy no longer registers an extra port for every port registered
       in a plugin's .evt file.
    
     - Timeouts in DNS resolution no longer cause uncontrolled memory
       growth.
    
     - Fix check to skip DNS hostname lookups for notices that are not
       delivered via email in policy/frameworks/notice/extend-email/hostnames.
    
    Reported by:    Tim Wojtulewicz
    Security:       8eefa87f-31f1-496d-bf8e-2b465b6e4e8a
---
 security/zeek/Makefile  | 2 +-
 security/zeek/distinfo  | 6 +++---
 security/zeek/pkg-plist | 4 ++--
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/security/zeek/Makefile b/security/zeek/Makefile
index af4bf8e71088..ada76177bba3 100644
--- a/security/zeek/Makefile
+++ b/security/zeek/Makefile
@@ -1,5 +1,5 @@
 PORTNAME=	zeek
-DISTVERSION=	6.0.0
+DISTVERSION=	6.0.1
 CATEGORIES=	security
 MASTER_SITES=	https://download.zeek.org/
 DISTFILES=	${DISTNAME}${EXTRACT_SUFX}
diff --git a/security/zeek/distinfo b/security/zeek/distinfo
index 8f96203cdbfc..760fbcbfb021 100644
--- a/security/zeek/distinfo
+++ b/security/zeek/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1692569614
-SHA256 (zeek-6.0.0.tar.gz) = cc37587389ec96a2437c48851a6ef8300b19a39d9e6a1c9066570c25b070d0e2
-SIZE (zeek-6.0.0.tar.gz) = 60086607
+TIMESTAMP = 1694552456
+SHA256 (zeek-6.0.1.tar.gz) = cfc329a170439195d7070ec5387d95cdda7eb6b86ac85ec707b9ed0e9d576a29
+SIZE (zeek-6.0.1.tar.gz) = 60152791
diff --git a/security/zeek/pkg-plist b/security/zeek/pkg-plist
index 62c8a3eb223c..94a224c990f7 100644
--- a/security/zeek/pkg-plist
+++ b/security/zeek/pkg-plist
@@ -1233,7 +1233,6 @@ lib/libparaglob.a
 %%SPICY%%lib/libspicy-rt-debug.a
 %%SPICY%%lib/libspicy-rt.a
 %%SPICY%%lib/libspicy.so
-@dir lib/zeek/plugins
 lib/zeek/python/SubnetTree.py
 lib/zeek/python/_SubnetTree.so
 lib/zeek/python/broker/__init__.py
@@ -1284,7 +1283,6 @@ lib/zeek/python/zeekctl/plugins/lb_pf_ring.py
 lib/zeek/python/zeekctl/plugins/ps.py
 lib/zeek/python/zeekctl/plugins/zeek_port_warning.py
 lib/zeek/python/zeekctl/plugins/zzz_af_packet.py
-@dir lib/zeek/spicy
 %%ZEEKCTL%%man/man1/trace-summary.1.gz
 man/man1/zeek-cut.1.gz
 man/man8/zeek.8.gz
@@ -2102,4 +2100,6 @@ share/btest/scripts/spicy/diff-sort
 %%ZEEKCTL%%@dir spool/brokerstore
 %%ZEEKCTL%%@dir spool
 %%ZEEKCTL%%@dir logs
+%%SPICY%%@dir lib/zeek/spicy
+@dir lib/zeek/plugins
 %%ZEEKCTL%%@postexec su -fm %%ZEEKUSER%% -c '%D/bin/zeekctl install; rm -f %D/spool/debug.log'



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202309122128.38CLSOY4039305>