non port: security/zeek/files/patch-src_CMakeLists.txt |
Number of commits found: 2 |
Wednesday, 21 Apr 2021
|
21:11 Craig Leres (leres)
security/zeek: Update to 4.0.1 to fix null-pointer dereference and potential DOS
https://github.com/zeek/zeek/releases/tag/v4.0.1
This release fixes the following vulnerability:
- Fix null-pointer dereference when encountering an invalid enum
name in a config/input file that tries to read it into a set[enum].
For those that have such an input feed whose contents may come
from external/remote sources, this is a potential DoS vulnerability.
Other fixes:
- Fix mime type detection bug in IRC/FTP file_transferred event
for file data containing null-bytes
- Fix potential for missing timestamps in SMB logs
- Remove use of LeakSanitizer API on FreeBSD where it's unsupported
- Fix incorrect parsing of ERSPAN Type I
- Fix incorrect/overflowed n value for SSL_Heartbeat_Many_Requests
notices where number of server heartbeats is greater than number
of client heartbeats.
- Fix missing user_agent existence check in smtp/software.zeek
(causes reporter.log error noise, but no functional difference)
- Fix include order of bundled headers to avoid conflicts with
pre-existing/system-wide installs
- Fix musl build (e.g. Void, Alpine, etc.)
- Fix build with -DENABLE_MOBILE_IPV6 / ./configure --enable-mobile-ipv6
- Add check for null packet data in pcap IOSource, which is an
observed state in Myricom libpcap that crashes Zeek via null-pointer
dereference
- Allow CRLF line-endings in Zeek scripts and signature files
- Fix armv7 build
- Fix unserialization of set[function], generally now used by
connection record removal hooks, and specifically breaking
intel.log of Zeek clusters
- Fix indexing of set/table types with a vector
- Fix precision loss in ASCII logging/printing of large double,
time, or interval values
- Improve handling of invalid SIP data before requests
- Fix copy()/cloning vectors that have holes (indices w/ null
values)
Reported by: Jon Siwek
274b20e |
Wednesday, 14 Apr 2021
|
05:13 Craig Leres (leres)
security/zeek: Unbreak armv7 build and fix testport issue
Add a patch from upstream to fix building on armv7 (used by pfsense):
https://github.com/zeek/zeek/issues/1496
Thanks to @garga for the pointer.
Fix a testport "left over" file @adridg reported. When zeek is run
as part of package installation, it copies some config files to
spool/installed-scripts-do-not-touch/site and local.zeek.sample
hitches a ride and needs to be removed on uninstall. But it is not
really a @sample candidate.
While we're here fix some minor portlint (env -> ${SETENV}) and
clean up some commented out directives.
Reported by: garga adridg
9c36d02 |
Number of commits found: 2 |