HomeFreeBSD

security/vuxml: Mark zeek < 4.0.2 as vulnerable as per:

Description

security/vuxml: Mark zeek < 4.0.2 as vulnerable as per:

https://github.com/zeek/zeek/releases/tag/v4.0.2
  • Fix potential Undefined Behavior in decode_netbios_name() and decode_netbios_name_type() BIFs. The latter has a possibility of a remote heap-buffer-overread, making this a potential DoS vulnerability.
  • Add some extra length checking when parsing mobile ipv6 packets. Due to the possibility of reading invalid headers from remote sources, this is a potential DoS vulnerability.

Details

Provenance
leresAuthored on Jun 2 2021, 11:53 PM
Parents
R11:48f09edc07d4: security/solana: Install executable that was missing
Branches
Unknown
Tags
Unknown