From nobody Wed Apr 12 06:17:08 2023
X-Original-To: dev-commits-ports-main@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PxCD468kLz45M0g;
	Wed, 12 Apr 2023 06:17:08 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4PxCD45WXNz3jLL;
	Wed, 12 Apr 2023 06:17:08 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1681280228;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=Vomkc6LQoLXfkdseXaVbO/DYPxwquz3IwVPQPVe4mjs=;
	b=hLR6b2HOdLaVUOF7r7gLMQWy04erN+02/8bixzH0Lakze2AccnRZ7C6yS6fiv3FINj/7wo
	XAi0u9Gt0Exgp3WUVHYgpt0p8gbqVVoae82XenUcCnVlSy53VQUlQmABuK8BwDfbrHrMeK
	XAkVs8gyo5onl04kxIxmZzw9rGrzRHYeUETlVUiRAAcsw07f7IQrCwAGttUoZcJyrb9bNM
	938EBIaXY7t+VTdJZGI+R3WKWMHYhpAM4MmZfdMI+x/FPcLUQ7Y8g2SHDPBFMtFrMoKAXy
	rbHK6l5NfPUGiDfCdXLj4TNFWen8JAGWdFEweBPYUdYOZwvaZxJpoePS/vgOWA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1681280228;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=Vomkc6LQoLXfkdseXaVbO/DYPxwquz3IwVPQPVe4mjs=;
	b=FZyQ45DRiBsUWsfd/GRf0OHezACiUkXnTvpBi8uk5n/nD9rBEUYLekUObdjma+nfCn6SzR
	L+a9z33ZPo31D6AKzdhmjzWAxsICZKuKouOnUtBZR04jAnLr6m1X3xp0GGNjeaD2Bwfxio
	0GGXJJgnDuYQz9vr9lB2aFda1t7MuwAgPRP3DiszfknWx5cI7BK6005iq9a8AWFyY3zGdy
	2T5RczoTFroEhCMr1Iee6oNe7SS5hJkTW3i92fq8RGKa8lB9EYX4ueTZ3tXFOkSiI752z7
	5YXfx2Z0icbDqbnN39DWGes9nmEOWdX/wPGQzih5MSHnBUQ5O9Nt+ijy9QOu1Q==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1681280228; a=rsa-sha256; cv=none;
	b=aQM/wg7iFisgnC8P4CCDTBMD9deHmxMoNve2D9ek8ZnUp5fbgaB/kMjPo+N5XaBygOywwg
	5Eu30bF2dWCwvOwmHhbqIVh+RFxxrxwaiCrXFRjD5StmjxpkR9lLVUYL99Ft03iu5XwLnQ
	hXUjHgRZ/RMIGpq/sPJWlB8qSjv/x8xnL9wq4ZJnhI10KEZ1fOJGg8IJHDlIrgVEBjeZLz
	l4foyA5td/qAEQZv+s5cr4HVrj8LUMFlXH3qAnn3MbX5tz/m+/tJP8mKCWB8VvrRGi37em
	sok7P+0mAQ5WOBhfLLnUmwLrcZGRf2aHUXUIR5bieLaoxnYGT4gcu0HFBC81IQ==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4PxCD44PZLzpPl;
	Wed, 12 Apr 2023 06:17:08 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 33C6H8xc080069;
	Wed, 12 Apr 2023 06:17:08 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 33C6H8H6080068;
	Wed, 12 Apr 2023 06:17:08 GMT
	(envelope-from git)
Date: Wed, 12 Apr 2023 06:17:08 GMT
Message-Id: <202304120617.33C6H8H6080068@gitrepo.freebsd.org>
To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org,
        dev-commits-ports-main@FreeBSD.org
From: Craig Leres <leres@FreeBSD.org>
Subject: git: 8045c67d846f - main - security/vuxml: Mark zeek < 5.0.8 as vulnerable as per:
List-Id: Commits to the main branch of the FreeBSD ports repository <dev-commits-ports-main.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-main
List-Help: <mailto:dev-commits-ports-main+help@freebsd.org>
List-Post: <mailto:dev-commits-ports-main@freebsd.org>
List-Subscribe: <mailto:dev-commits-ports-main+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-ports-main+unsubscribe@freebsd.org>
Sender: owner-dev-commits-ports-main@freebsd.org
X-BeenThere: dev-commits-ports-main@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: leres
X-Git-Repository: ports
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: 8045c67d846f4264582d0833fbd114363e05cf27
Auto-Submitted: auto-generated
X-ThisMailContainsUnwantedMimeParts: N

The branch main has been updated by leres:

URL: https://cgit.FreeBSD.org/ports/commit/?id=8045c67d846f4264582d0833fbd114363e05cf27

commit 8045c67d846f4264582d0833fbd114363e05cf27
Author:     Craig Leres <leres@FreeBSD.org>
AuthorDate: 2023-04-12 06:16:37 +0000
Commit:     Craig Leres <leres@FreeBSD.org>
CommitDate: 2023-04-12 06:16:37 +0000

    security/vuxml: Mark zeek < 5.0.8 as vulnerable as per:
    
        https://github.com/zeek/zeek/releases/tag/v5.0.8
    
    This release fixes the following potential DoS vulnerabilities:
    
     - A specially-crafted stream of FTP packets containing a command
       reply with many intermediate lines can cause Zeek to spend a
       large amount of time processing data.
    
     - A specially-crafted set of packets containing extremely large
       file offsets cause cause the reassembler code to allocate large
       amounts of memory.
    
     - The DNS manager does not correctly expire responses that don't
       contain any data, such those containing NXDOMAIN or NODATA status
       codes. This can lead to Zeek allocating large amounts of memory
       for these responses and never deallocating them.
    
     - A specially-crafted stream of RDP packets can cause Zeek to spend
       large protocol validation.
    
     - A specially-crafted stream of SMTP packets can cause Zeek to
       spend large amounts of time processing data.
    
    Reported by:    Tim Wojtulewicz
---
 security/vuxml/vuln/2023.xml | 40 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 40 insertions(+)

diff --git a/security/vuxml/vuln/2023.xml b/security/vuxml/vuln/2023.xml
index 09c522891c70..fb525b701160 100644
--- a/security/vuxml/vuln/2023.xml
+++ b/security/vuxml/vuln/2023.xml
@@ -1,3 +1,43 @@
+  <vuln vid="96d6809a-81df-46d4-87ed-2f78c79f06b1">
+    <topic>zeek -- potential DoS vulnerabilities</topic>
+    <affects>
+      <package>
+	<name>zeek</name>
+	<range><lt>5.0.8</lt></range>
+      </package>
+    </affects>
+    <description>
+      <body xmlns="http://www.w3.org/1999/xhtml">
+	<p>Tim Wojtulewicz of Corelight reports:</p>
+	<blockquote cite="https://github.com/zeek/zeek/releases/tag/v5.0.8">
+	  <p> Receiving DNS responses from async DNS requests (via
+	  A specially-crafted stream of FTP packets containing a
+	  command reply with many intermediate lines can cause Zeek
+	  to spend a large amount of time processing data. </p>
+	  <p> A specially-crafted set of packets containing extremely
+	  large file offsets cause cause the reassembler code to
+	  allocate large amounts of memory. </p>
+	  <p> The DNS manager does not correctly expire responses
+	  that don't contain any data, such those containing NXDOMAIN
+	  or NODATA status codes. This can lead to Zeek allocating
+	  large amounts of memory for these responses and never
+	  deallocating them. </p>
+	  <p> A specially-crafted stream of RDP packets can cause
+	  Zeek to spend large protocol validation. </p>
+	  <p> A specially-crafted stream of SMTP packets can cause
+	  Zeek to spend large amounts of time processing data. </p>
+	</blockquote>
+      </body>
+    </description>
+    <references>
+      <url>https://github.com/zeek/zeek/releases/tag/v5.0.8</url>
+    </references>
+    <dates>
+      <discovery>2023-04-12</discovery>
+      <entry>2023-04-12</entry>
+    </dates>
+  </vuln>
+
   <vuln vid="b54abe9d-7024-4d10-98b2-180cf1717766">
     <topic>py-beaker -- arbitrary code execution vulnerability</topic>
     <affects>