mirror/freebsd-ports
1
0
Fork 0
mirror of https://git.FreeBSD.org/ports.git synced 2024-11-20 00:21:35 +00:00
Code Issues Releases Activity
3738b4f3e3
freebsd-ports/security/zeek/distinfo
Craig Leres 274b20e4c8 security/zeek: Update to 4.0.1 to fix null-pointer dereference and potential DOS 
https://github.com/zeek/zeek/releases/tag/v4.0.1

This release fixes the following vulnerability:

 - Fix null-pointer dereference when encountering an invalid enum
   name in a config/input file that tries to read it into a set[enum].
   For those that have such an input feed whose contents may come
   from external/remote sources, this is a potential DoS vulnerability.

Other fixes:

 - Fix mime type detection bug in IRC/FTP file_transferred event
   for file data containing null-bytes

 - Fix potential for missing timestamps in SMB logs

 - Remove use of LeakSanitizer API on FreeBSD where it's unsupported

 - Fix incorrect parsing of ERSPAN Type I

 - Fix incorrect/overflowed n value for SSL_Heartbeat_Many_Requests
   notices where number of server heartbeats is greater than number
   of client heartbeats.

 - Fix missing user_agent existence check in smtp/software.zeek
   (causes reporter.log error noise, but no functional difference)

 - Fix include order of bundled headers to avoid conflicts with
   pre-existing/system-wide installs

 - Fix musl build (e.g. Void, Alpine, etc.)

 - Fix build with -DENABLE_MOBILE_IPV6 / ./configure --enable-mobile-ipv6

 - Add check for null packet data in pcap IOSource, which is an
   observed state in Myricom libpcap that crashes Zeek via null-pointer
   dereference

 - Allow CRLF line-endings in Zeek scripts and signature files

 - Fix armv7 build

 - Fix unserialization of set[function], generally now used by
   connection record removal hooks, and specifically breaking
   intel.log of Zeek clusters

 - Fix indexing of set/table types with a vector

 - Fix precision loss in ASCII logging/printing of large double,
   time, or interval values

 - Improve handling of invalid SIP data before requests

 - Fix copy()/cloning vectors that have holes (indices w/ null
   values)

Reported by:	Jon Siwek
2021-04-21 14:11:05 -07:00

6 lines
313 B
Plaintext
Raw Blame History

TIMESTAMP = 1619038578
SHA256 (zeek-4.0.1.tar.gz) = 659a890f433cb730519966bdc41f1a03fb67e27e94b5d52ad9ee890022a12c3a
SIZE (zeek-4.0.1.tar.gz) = 29450307
SHA256 (zeek-zeek-netmap-v2.0.0_GH0.tar.gz) = d37a69babfbb62a51a2413d6b83ae792ce1e7f1ccb1d51bd6b209a10fe5c4d75
SIZE (zeek-zeek-netmap-v2.0.0_GH0.tar.gz) = 9100
Reference in New Issue View Git Blame Copy Permalink