Date: Sat, 20 May 2023 01:09:57 GMT From: Craig Leres <leres@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-branches@FreeBSD.org Subject: git: eaf402948455 - 2023Q2 - security/zeek: Update to 5.0.9 Message-ID: <202305200109.34K19vmh081408@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch 2023Q2 has been updated by leres: URL: https://cgit.FreeBSD.org/ports/commit/?id=eaf4029484557579cc901b3b238b2d49b7fdf35b commit eaf4029484557579cc901b3b238b2d49b7fdf35b Author: Craig Leres <leres@FreeBSD.org> AuthorDate: 2023-05-19 17:37:41 +0000 Commit: Craig Leres <leres@FreeBSD.org> CommitDate: 2023-05-20 01:09:53 +0000 security/zeek: Update to 5.0.9 https://github.com/zeek/zeek/releases/tag/v5.0.9 This release fixes the following potential DoS vulnerabilities: - A specially-crafted series of FTP packets with a CMD command with a large path followed by a very large number of replies could cause Zeek to spend a long time processing the data. - A specially-crafted with a truncated header can cause Zeek to overflow memory and potentially crash. - A specially-crafted series of SMTP packets can cause Zeek to generate a very large number of events and take a long time to process them. - A specially-crafted series of POP3 packets containing MIME data can cause Zeek to spend a long time dealing with each individual file ID. This release fixes the following bug: - This release includes a fixes to Zeek and updates to the Broker and Spicy submodules to support building against GCC 13. Reported by: Tim Wojtulewicz Security: 1ab7357f-a3c2-406a-89fb-fd00e49a71b5 (cherry picked from commit 21ea6c36f4c73c801e038519a0bed76cf212059c) --- security/zeek/Makefile | 2 +- security/zeek/distinfo | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/security/zeek/Makefile b/security/zeek/Makefile index c574c4be6b51..b1226c204d2a 100644 --- a/security/zeek/Makefile +++ b/security/zeek/Makefile @@ -1,5 +1,5 @@ PORTNAME= zeek -DISTVERSION= 5.0.8 +DISTVERSION= 5.0.9 CATEGORIES= security MASTER_SITES= https://download.zeek.org/ DISTFILES= ${DISTNAME}${EXTRACT_SUFX} diff --git a/security/zeek/distinfo b/security/zeek/distinfo index a0457e156766..22ff3939cdf7 100644 --- a/security/zeek/distinfo +++ b/security/zeek/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1681277857 -SHA256 (zeek-5.0.8.tar.gz) = 82fd72c7078fbdb4c025569a6e31fa7f8b9876ca37aab8ac24db92b0c589d2bf -SIZE (zeek-5.0.8.tar.gz) = 42896663 +TIMESTAMP = 1684516872 +SHA256 (zeek-5.0.9.tar.gz) = 2d6247c667c1838d0efd8d860744baadde4b2e8721734dea250e37147899cfcd +SIZE (zeek-5.0.9.tar.gz) = 42904019 SHA256 (zeek-zeek-netmap-v2.0.0_GH0.tar.gz) = d37a69babfbb62a51a2413d6b83ae792ce1e7f1ccb1d51bd6b209a10fe5c4d75 SIZE (zeek-zeek-netmap-v2.0.0_GH0.tar.gz) = 9100
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202305200109.34K19vmh081408>