HomeFreeBSD
Diffusion FreeBSD ports repository e81dfaab6a05

security/zeek: Update to 6.0.3
e81dfaab6a05
Actions

Description

security/zeek: Update to 6.0.3

https://github.com/zeek/zeek/releases/tag/v6.0.3

This release fixes the following potential DoS vulnerability:

  • A specially-crafted series of packets containing nested MIME entities can cause Zeek to spend large amounts of time parsing the entities.

This release fixes the following bugs:

  • CMake correctly passes along third-party package information when building plugins.
  • Fix a problem with the HTTP analyzer where a signature regex ending in '$' used to match against 'http-request-body' or 'http-reply-bdoy' will never succeed.
  • The DNS analyzer now understands the Ed25519 and Ed448 signature algorithms.
  • The SMB::State$recent_files field was not correctly expiring entries, leading to unbounded state growth.
  • The &create_expire attribute is now kept valid after clearing a table.

Reported by: Tim Wojtulewicz
Security: fedf7e71-61bd-49ec-aaf0-6da14bdbb319

Details

Provenance
leresAuthored on Jan 22 2024, 5:53 PM
Parents
R11:0922b4e467be: security/vuxml: Mark zeek < 6.0.3 as vulnerable as per:
Branches
Unknown
Tags
Unknown

Changes (3)

PathSize
security/
zeek/

R11:e81dfaab6a05

View Options

security/zeek/Makefile

Loading...
View Options

security/zeek/distinfo

Loading...
View Options

security/zeek/pkg-plist

Loading...