Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 2 Jun 2019 15:41:14 +0000 (UTC)
From:      Craig Leres <leres@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org
Subject:   svn commit: r503318 - branches/2019Q2/security/bro
Message-ID:  <201906021541.x52FfELG015392@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: leres
Date: Sun Jun  2 15:41:13 2019
New Revision: 503318
URL: https://svnweb.freebsd.org/changeset/ports/503318

Log:
  MFH: r503191
  
  security/bro: Update to 2.6.2 and address several denial of service
  vulnerabilities:
  
     https://raw.githubusercontent.com/zeek/zeek/bb979702cf9a2fa67b8d1a1c7f88d0b56c6af104/NEWS
  
   - Integer type mismatches in BinPAC-generated parser code and Bro
     analyzer code may allow for crafted packet data to cause
     unintentional code paths in the analysis logic to be taken due
     to unsafe integer conversions causing the parser and analysis
     logic to each expect different fields to have been parsed.  One
     such example, reported by Maksim Shudrak, causes the Kerberos
     analyzer to dereference a null pointer.  CVE-2019-12175 was
     assigned for this issue.
  
   - The Kerberos parser allows for several fields to be left
     uninitialized, but they were not marked with an &optional attribute
     and several usages lacked existence checks.  Crafted packet data
     could potentially cause an attempt to access such uninitialized
     fields, generate a runtime error/exception, and leak memory.
     Existence checks and &optional attributes have been added to the
     relevent Kerberos fields.
  
   - BinPAC-generated protocol parsers commonly contain fields whose
     length is derived from other packet input, and for those that
     allow for incremental parsing, BinPAC did not impose a limit on
     how large such a field could grow, allowing for remotely-controlled
     packet data to cause growth of BinPAC's flowbuffer bounded only
     by the numeric limit of an unsigned 64-bit integer, leading to
     memory exhaustion.  There is now a generalized limit for how
     large flowbuffers are allowed to grow, tunable by setting
     "BinPAC::flowbuffer_capacity_max".
  
  Approved by:	ler (mentor, implicit)
  Security:	177fa455-48fc-4ded-ba1b-9975caa7f62a
  
  Approved by:	ports-secteam (miwi)

Modified:
  branches/2019Q2/security/bro/Makefile
  branches/2019Q2/security/bro/distinfo
Directory Properties:
  branches/2019Q2/   (props changed)

Modified: branches/2019Q2/security/bro/Makefile
==============================================================================
--- branches/2019Q2/security/bro/Makefile	Sun Jun  2 15:30:33 2019	(r503317)
+++ branches/2019Q2/security/bro/Makefile	Sun Jun  2 15:41:13 2019	(r503318)
@@ -2,8 +2,7 @@
 # $FreeBSD$
 
 PORTNAME=	bro
-PORTVERSION=	2.6.1
-PORTREVISION=	2
+PORTVERSION=	2.6.2
 CATEGORIES=	security
 MASTER_SITES=	https://www.zeek.org/downloads/
 DISTFILES=	${DISTNAME}${EXTRACT_SUFX}

Modified: branches/2019Q2/security/bro/distinfo
==============================================================================
--- branches/2019Q2/security/bro/distinfo	Sun Jun  2 15:30:33 2019	(r503317)
+++ branches/2019Q2/security/bro/distinfo	Sun Jun  2 15:41:13 2019	(r503318)
@@ -1,5 +1,5 @@
-TIMESTAMP = 1545247794
-SHA256 (bro-2.6.1.tar.gz) = d9718b83fdae0c76eea5254a4b9470304c4d1d3778687de9a4fe0b5dffea521b
-SIZE (bro-2.6.1.tar.gz) = 28432762
+TIMESTAMP = 1559318790
+SHA256 (bro-2.6.2.tar.gz) = 6df6876f3f7b1dd8afeb3d5f88bfb9269f52d5d796258c4414bdd91aa2eac0a6
+SIZE (bro-2.6.2.tar.gz) = 28477996
 SHA256 (bro-bro-netmap-cf88debf487b31ab30dc3b5bac64783b4e49997e_GH0.tar.gz) = 383423f92932c3ef244194954708b3a237b4f37ebc358014f51dcb3b9786896b
 SIZE (bro-bro-netmap-cf88debf487b31ab30dc3b5bac64783b4e49997e_GH0.tar.gz) = 24630



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201906021541.x52FfELG015392>