security/zeek: Update to 4.0.6 (23f90b96) · Commits · FreeBSD / FreeBSD ports · GitLab

Commit 23f90b96 authored Apr 21, 2022 by Craig Leres

security/zeek: Update to 4.0.6

    https://github.com/zeek/zeek/releases/tag/v4.0.6

Security fixes since 4.0.5:

 - Fix potential unbounded state growth in the FTP analyzer when
   receiving a specially-crafted stream of commands. This may lead
   to a buffer overflow and cause Zeek to crash. Due to the possibility
   of this happening with packets received from the network, this
   is a potential DoS vulnerabilty.

Other changes:

 - Empty table constructors with &default attributes may cause a
   crash.

 - Fix a bug in ZAM when a function containing a loop is inlined

 - Fix a number of bugs with robust dictionary iteration.

 - Fix missing "Reporter" entries when reporting hooks via zeek.

Reported by:    Tim Wojtulewicz

parent c3415cda

Hide whitespace changes

Inline Side-by-side

baptiste daroussin @theonetruebapt
mentioned in commit 5d1eae05
· Jun 04, 2022

mentioned in commit 5d1eae05

mentioned in commit 5d1eae052f8993f50cc0d1670c9bcb2c4f485e01

Toggle commit list

Please register or to comment