diff options
author | Craig Leres <leres@FreeBSD.org> | 2020-03-18 00:24:50 +0000 |
---|---|---|
committer | Craig Leres <leres@FreeBSD.org> | 2020-03-18 00:24:50 +0000 |
commit | f57f99ffdc579306f58108211fed24e26f5284a7 (patch) | |
tree | 8abb856e0eecfa2a631cf8c8c5c159221b782d9d | |
parent | 0e87813769ad4b5acf065e3695ca6bca0769dd31 (diff) | |
download | ports-f57f99ffdc579306f58108211fed24e26f5284a7.tar.gz ports-f57f99ffdc579306f58108211fed24e26f5284a7.zip |
MFH: r528508
security/bro: Update to 3.0.3 and address a number of potential
denial of service issues:
https://github.com/zeek/zeek/releases/tag/v3.0.2
https://github.com/zeek/zeek/releases/tag/v3.0.3
- Potential Denial of Service due to memory leak in DNS TSIG message
parsing.
- Potential Denial of Service due to memory leak (or assertion
when compiling with assertions enabled) when receiving a second
SSH KEX message after a first.
- Potential Denial of Service due to buffer read overflow and/or
memory leaks in Kerberos analyzer. The buffer read overflow
could occur when the Kerberos message indicates it contains an
IPv6 address, but does not send enough data to parse out a full
IPv6 address. A memory leak could occur when processing KRB_KDC_REQ
KRB_KDC_REP messages for message types that do not match a
known/expected type.
- Potential Denial of Service when sending many zero-length SSL/TLS
certificate data. Such messages underwent the full Zeek file
analysis treatment which is expensive (and meaninguless here)
compared to how cheaply one can "create" or otherwise indicate
many zero-length contained in an SSL message.
- Potential Denial of Service due to buffer read overflow in SMB
transaction data string handling. The length of strings being
parsed from SMB messages was trusted to be whatever the message
claimed instead of the actual length of data found in the message.
- Potential Denial of Service due to null pointer dereference in
FTP ADAT Base64 decoding.
- Potential Denial of Service due buffer read overflow in FTP
analyzer word/whitespace handling. This typically won't be a
problem in most default deployments of Zeek since the FTP analyzer
receives data from a ContentLine (NVT) support analyzer which
first null-terminates the buffer used for further FTP parsing.
Approved by: ler (mentor, implicit)
Security: 4ae135f7-85cd-4c32-ad94-358271b31f7f
Approved by: ports-secteam (joneum)
Notes
Notes:
svn path=/branches/2020Q1/; revision=528617
-rw-r--r-- | security/zeek/Makefile | 4 | ||||
-rw-r--r-- | security/zeek/distinfo | 6 |
2 files changed, 5 insertions, 5 deletions
diff --git a/security/zeek/Makefile b/security/zeek/Makefile index a844593bf220..5e493e25e2e4 100644 --- a/security/zeek/Makefile +++ b/security/zeek/Makefile @@ -2,9 +2,9 @@ # $FreeBSD$ PORTNAME= zeek -PORTVERSION= 3.0.1 +PORTVERSION= 3.0.3 CATEGORIES= security -MASTER_SITES= https://www.zeek.org/downloads/ +MASTER_SITES= https://old.zeek.org/downloads/ DISTFILES= ${DISTNAME}${EXTRACT_SUFX} MAINTAINER= leres@FreeBSD.org diff --git a/security/zeek/distinfo b/security/zeek/distinfo index 6a6ea65e437e..3131ffb4086a 100644 --- a/security/zeek/distinfo +++ b/security/zeek/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1576099434 -SHA256 (zeek-3.0.1.tar.gz) = 79f4f3efd883c9c2960295778dc290372d10874380fd88450271652e829811d2 -SIZE (zeek-3.0.1.tar.gz) = 29253371 +TIMESTAMP = 1584248063 +SHA256 (zeek-3.0.3.tar.gz) = 42a178cc9d28e4f20373e415727845a2c52bacdab535d6f810fe2d3cd02e9c76 +SIZE (zeek-3.0.3.tar.gz) = 29270043 SHA256 (bro-bro-netmap-f3620df_GH0.tar.gz) = e51f420781c9a01b0494f93d82f94a1b045725c1cff406c33887974a9940c655 SIZE (bro-bro-netmap-f3620df_GH0.tar.gz) = 24661 |