security/zeek: Update to 6.0.3 (e81dfaab) · Commits · FreeBSD / FreeBSD ports · GitLab

Commit e81dfaab authored Jan 22, 2024 by Craig Leres

security/zeek: Update to 6.0.3

    https://github.com/zeek/zeek/releases/tag/v6.0.3

This release fixes the following potential DoS vulnerability:

 - A specially-crafted series of packets containing nested MIME
   entities can cause Zeek to spend large amounts of time parsing
   the entities.

This release fixes the following bugs:

 - CMake correctly passes along third-party package information
   when building plugins.

 - Fix a problem with the HTTP analyzer where a signature regex
   ending in '$' used to match against 'http-request-body' or
   'http-reply-bdoy' will never succeed.

 - The DNS analyzer now understands the Ed25519 and Ed448 signature
   algorithms.

 - The SMB::State$recent_files field was not correctly expiring
   entries, leading to unbounded state growth.

 - The &create_expire attribute is now kept valid after clearing a
   table.

Reported by:	Tim Wojtulewicz
Security:	fedf7e71-61bd-49ec-aaf0-6da14bdbb319

parent 0922b4e4

Hide whitespace changes

Inline Side-by-side

baptiste daroussin @theonetruebapt
mentioned in commit c0b43849
· Jan 22, 2024

mentioned in commit c0b43849

mentioned in commit c0b438490e791057088b3867c48ddc3c1628ba1f

Toggle commit list

Please register or to comment