mirror of
https://git.FreeBSD.org/ports.git
synced 2024-11-20 00:21:35 +00:00
274b20e4c8
https://github.com/zeek/zeek/releases/tag/v4.0.1 This release fixes the following vulnerability: - Fix null-pointer dereference when encountering an invalid enum name in a config/input file that tries to read it into a set[enum]. For those that have such an input feed whose contents may come from external/remote sources, this is a potential DoS vulnerability. Other fixes: - Fix mime type detection bug in IRC/FTP file_transferred event for file data containing null-bytes - Fix potential for missing timestamps in SMB logs - Remove use of LeakSanitizer API on FreeBSD where it's unsupported - Fix incorrect parsing of ERSPAN Type I - Fix incorrect/overflowed n value for SSL_Heartbeat_Many_Requests notices where number of server heartbeats is greater than number of client heartbeats. - Fix missing user_agent existence check in smtp/software.zeek (causes reporter.log error noise, but no functional difference) - Fix include order of bundled headers to avoid conflicts with pre-existing/system-wide installs - Fix musl build (e.g. Void, Alpine, etc.) - Fix build with -DENABLE_MOBILE_IPV6 / ./configure --enable-mobile-ipv6 - Add check for null packet data in pcap IOSource, which is an observed state in Myricom libpcap that crashes Zeek via null-pointer dereference - Allow CRLF line-endings in Zeek scripts and signature files - Fix armv7 build - Fix unserialization of set[function], generally now used by connection record removal hooks, and specifically breaking intel.log of Zeek clusters - Fix indexing of set/table types with a vector - Fix precision loss in ASCII logging/printing of large double, time, or interval values - Improve handling of invalid SIP data before requests - Fix copy()/cloning vectors that have holes (indices w/ null values) Reported by: Jon Siwek |
||
|---|---|---|
| .. | ||
| files | ||
| distinfo | ||
| Makefile | ||
| pkg-descr | ||
| pkg-plist | ||