Skip to content

Commit

Permalink
security/zeek: Update to 6.0.3
Browse files Browse the repository at this point in the history 
    https://github.com/zeek/zeek/releases/tag/v6.0.3

This release fixes the following potential DoS vulnerability:

 - A specially-crafted series of packets containing nested MIME
   entities can cause Zeek to spend large amounts of time parsing
   the entities.

This release fixes the following bugs:

 - CMake correctly passes along third-party package information
   when building plugins.

 - Fix a problem with the HTTP analyzer where a signature regex
   ending in '$' used to match against 'http-request-body' or
   'http-reply-bdoy' will never succeed.

 - The DNS analyzer now understands the Ed25519 and Ed448 signature
   algorithms.

 - The SMB::State$recent_files field was not correctly expiring
   entries, leading to unbounded state growth.

 - The &create_expire attribute is now kept valid after clearing a
   table.

Reported by:	Tim Wojtulewicz
Security:	fedf7e71-61bd-49ec-aaf0-6da14bdbb319
  • Loading branch information
Craig Leres authored and Craig Leres committed Jan 22, 2024
1 parent 0922b4e commit e81dfaa
Show file tree
Hide file tree
Showing 3 changed files with 6 additions and 5 deletions.
3 changes: 1 addition & 2 deletions security/zeek/Makefile
View file
@@ -1,6 +1,5 @@
PORTNAME= zeek
DISTVERSION= 6.0.2
PORTREVISION= 1
DISTVERSION= 6.0.3
CATEGORIES= security
MASTER_SITES= https://download.zeek.org/
DISTFILES= ${DISTNAME}${EXTRACT_SUFX}
Expand Down
6 changes: 3 additions & 3 deletions security/zeek/distinfo
View file
@@ -1,3 +1,3 @@
TIMESTAMP = 1698437165
SHA256 (zeek-6.0.2.tar.gz) = 2421989adcee6a29f48a8f7272f719edbe954d66c2e86e3a52e79cae177f887c
SIZE (zeek-6.0.2.tar.gz) = 60175209
TIMESTAMP = 1705944333
SHA256 (zeek-6.0.3.tar.gz) = 227edf0e1e6b54dc9893cfd1ecd8621291cc85d1d06808874394aad555f8a8a4
SIZE (zeek-6.0.3.tar.gz) = 60225127
2 changes: 2 additions & 0 deletions security/zeek/pkg-plist
View file
Expand Up @@ -739,6 +739,7 @@ include/zeek/analyzer/protocol/login/Telnet.h
include/zeek/analyzer/protocol/login/events.bif.h
include/zeek/analyzer/protocol/login/functions.bif.h
include/zeek/analyzer/protocol/mime/MIME.h
include/zeek/analyzer/protocol/mime/consts.bif.h
include/zeek/analyzer/protocol/mime/events.bif.h
include/zeek/analyzer/protocol/modbus/Modbus.h
include/zeek/analyzer/protocol/modbus/events.bif.h
Expand Down Expand Up @@ -1379,6 +1380,7 @@ share/man/man8/zeek.8.gz
%%DATADIR%%/base/bif/plugins/Zeek_KRB.types.bif.zeek
%%DATADIR%%/base/bif/plugins/Zeek_Login.events.bif.zeek
%%DATADIR%%/base/bif/plugins/Zeek_Login.functions.bif.zeek
%%DATADIR%%/base/bif/plugins/Zeek_MIME.consts.bif.zeek
%%DATADIR%%/base/bif/plugins/Zeek_MIME.events.bif.zeek
%%DATADIR%%/base/bif/plugins/Zeek_MQTT.events.bif.zeek
%%DATADIR%%/base/bif/plugins/Zeek_MQTT.types.bif.zeek
Expand Down

0 comments on commit e81dfaa

Please sign in to comment.