HomeFreeBSD

security/zeek: Update to 5.0.3

Description

security/zeek: Update to 5.0.3

https://github.com/zeek/zeek/releases/tag/v5.0.3

This release fixes the following potential DoS vulnerabilities:

  • Fix an issue where a specially-crafted FTP packet can cause Zeek to spend large amounts of time attempting to search for valid commands in the data stream.
  • Fix a possible overflow in the Zeek dictionary code that may lead to a memory leak.
  • Fix an issue where a specially-crafted packet can cause Zeek to spend large amounts of time reporting analyzer violations.
  • Fix a possible assert and crash in the HTTP analyzer when receiving a specially-crafted packet.
  • Fix an issue where a specially-crafted HTTP or SMTP packet can cause Zeek to spend a large amount of time attempting to search for filenames within the packet data.
  • Fix two separate possible crashes when converting processed IP headers for logging via the raw_packet event handlers.

This release fixes the following bugs:

  • Fix a possible crash with when statements where lambda captures of local variables sometimes overflowed the frame counter.
  • Reduced the amount of analyzer_confirmation events that are raised for packets that contain tunnels.
  • Fix a long-standing bug where TCP reassembly would not function correctly for some analyzers if dpd_reassemble_first_packets was set to false.
  • Fix a performance bug in the Zeek dictionary code in certain cases, such as copying a large number of entries from one dictionary into another.
  • Fix a performance issue when inserting large numbers of elements into a Broker store when Broker::scheduler_policy is set to stealing.
  • Fix a Broker performance issue when distributing large amounts of data from the input framework to proxies/workers at startup.
  • Fix an issue with messaging between proxies and workers that resulted in error messages being reported.
  • Updated the list of DNS type strings to reflect the correct.

Reported by: Tim Wojtulewicz
Security: 60d4d31a-a573-41bd-8c1e-5af7513c1ee9

(cherry picked from commit f7beb19cdf537aacb741f1f19fccff683954371b)

Details

Provenance
leresAuthored on Nov 9 2022, 2:42 AM
Parents
R11:1c27cf43b4a5: math/Imath: update to patch release 3.1.6
Branches
Unknown
Tags
Unknown