From fe861a648a286f1ac87c24d4b86b89fcbf3a6d45 Mon Sep 17 00:00:00 2001 From: Craig Leres Date: Wed, 10 Jun 2020 19:15:07 +0000 Subject: [PATCH] security/zeek: Update to 3.0.7 and address various vulnerabilities: https://raw.githubusercontent.com/zeek/zeek/v3.0.7/NEWS - Fix potential stack overflow in NVT analyzer - Fix NVT analyzer memory leak from multiple telnet authn name options - Fix multiple content-transfer-encoding headers causing a memory leak - Fix potential leak of Analyzers added to tree during Analyzer::Done - Prevent IP fragment reassembly on packets without minimal IP header Other fixes: - Limit rate of logging MaxMind DB diagnostic messages - Fix wrong return value type for `topk_get_top()` BIF - Fix opaque Broker types lacking a Type after (de)serialization - Fix lack of descriptive printing for intervals converted from `double_to_interval()` - Fix some cases of known-services not being logged MFH: 2020Q3 Security: 9f7ae7ea-da93-4f86-b257-ba76707f6d5d --- security/zeek/Makefile | 3 +-- security/zeek/distinfo | 6 +++--- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/security/zeek/Makefile b/security/zeek/Makefile index 75d308075bbc..9582ad0f4b74 100644 --- a/security/zeek/Makefile +++ b/security/zeek/Makefile @@ -2,8 +2,7 @@ # $FreeBSD$ PORTNAME= zeek -PORTVERSION= 3.0.6 -PORTREVISION= 1 +PORTVERSION= 3.0.7 CATEGORIES= security MASTER_SITES= https://old.zeek.org/downloads/ DISTFILES= ${DISTNAME}${EXTRACT_SUFX} diff --git a/security/zeek/distinfo b/security/zeek/distinfo index ec8d23cfdf3d..16af1e2b6189 100644 --- a/security/zeek/distinfo +++ b/security/zeek/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1588807625 -SHA256 (zeek-3.0.6.tar.gz) = 57cd56c21a1c55dbe3e65f704835496fd8ba6f7b1e3166dac9d8b5579cb78ad1 -SIZE (zeek-3.0.6.tar.gz) = 29331321 +TIMESTAMP = 1591815637 +SHA256 (zeek-3.0.7.tar.gz) = 84880d1fc0c373a52d6617166fe48d2e6a6570f985d7f505b61b3a94c5ea17b0 +SIZE (zeek-3.0.7.tar.gz) = 29333447 SHA256 (bro-bro-netmap-f3620df_GH0.tar.gz) = e51f420781c9a01b0494f93d82f94a1b045725c1cff406c33887974a9940c655 SIZE (bro-bro-netmap-f3620df_GH0.tar.gz) = 24661