1
0
mirror of https://git.FreeBSD.org/ports.git synced 2024-12-16 03:24:07 +00:00
freebsd-ports/security/bro
Craig Leres 6446738031 Update to 2.5.4 which fixes multiple memory allocation issues:
- Multiple fixes and improvements to BinPAC generated code
   related to array parsing, with potential impact to all Bro's
   BinPAC-generated analyzers in the form of buffer over-reads
   or other invalid memory accesses depending on whether a
   particular analyzer incorrectly assumed that the
   evaulated-array-length expression is actually the number of
   elements that were parsed out from the input.

 - The NCP analyzer (not enabled by default and also updated
   to actually work with newer Bro APIs in the release) performed
   a memory allocation based directly on a field in the input
   packet and using signed integer storage. This could result
   in a signed integer overflow and memory allocations of
   negative or very large size, leading to a crash or memory
   exhaustion. The new NCP::max_frame_size tuning option now
   limits the maximum amount of memory that can be allocated.

Other fixes:

 - A memory leak in the SMBv1 analyzer.

 - The MySQL analyzer was generally not working as intended,
   for example, it now is able to parse responses that contain
   multiple results/rows.

Add gettext-runtime to USES to address a poudriere testport
warning.

Reviewed by:	matthew (mentor)
Approved by:	matthew (mentor)
MFH:		2018Q2
Security:	2f4fd3aa-32f8-4116-92f2-68f05398348e
Differential Revision:	https://reviews.freebsd.org/D15678
2018-06-08 16:40:46 +00:00
..
files
distinfo Update to 2.5.4 which fixes multiple memory allocation issues: 2018-06-08 16:40:46 +00:00
Makefile Update to 2.5.4 which fixes multiple memory allocation issues: 2018-06-08 16:40:46 +00:00
pkg-descr
pkg-plist Update to 2.5.4 which fixes multiple memory allocation issues: 2018-06-08 16:40:46 +00:00