notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)
Want a good monitor light? See my photosAll times are UTC
Ukraine
This referral link gives you 10% off a Fastmail.com account and gives me a discount on my Fastmail account.
New feature planned: get notified when the package is available. Now is the time to contribute ideas/suggestions.
non port: security/zeek/pkg-plist

Number of commits found: 25

Monday, 22 Jan 2024
17:53 Craig Leres (leres) search for other commits by this committer
security/zeek: Update to 6.0.3

    https://github.com/zeek/zeek/releases/tag/v6.0.3

This release fixes the following potential DoS vulnerability:

 - A specially-crafted series of packets containing nested MIME
   entities can cause Zeek to spend large amounts of time parsing
   the entities.

This release fixes the following bugs:

 - CMake correctly passes along third-party package information
   when building plugins.

 - Fix a problem with the HTTP analyzer where a signature regex
   ending in '$' used to match against 'http-request-body' or
   'http-reply-bdoy' will never succeed.

 - The DNS analyzer now understands the Ed25519 and Ed448 signature
   algorithms.

 - The SMB::State$recent_files field was not correctly expiring
   entries, leading to unbounded state growth.

 - The &create_expire attribute is now kept valid after clearing a
   table.

Reported by:	Tim Wojtulewicz
Security:	fedf7e71-61bd-49ec-aaf0-6da14bdbb319
commit hash: e81dfaab6a0511eeb704adfffeb68c6be034bb4c commit hash: e81dfaab6a0511eeb704adfffeb68c6be034bb4c commit hash: e81dfaab6a0511eeb704adfffeb68c6be034bb4c commit hash: e81dfaab6a0511eeb704adfffeb68c6be034bb4c e81dfaa
Sunday, 21 Jan 2024
23:16 Craig Leres (leres) search for other commits by this committer
security/zeek: Install man pages in share/man
commit hash: 59df11ec848a3484847a14a7e0f3649c5694d70b commit hash: 59df11ec848a3484847a14a7e0f3649c5694d70b commit hash: 59df11ec848a3484847a14a7e0f3649c5694d70b commit hash: 59df11ec848a3484847a14a7e0f3649c5694d70b 59df11e
Tuesday, 12 Sep 2023
21:27 Craig Leres (leres) search for other commits by this committer
security/zeek: Update to 6.0.0

    https://github.com/zeek/zeek/releases/tag/v6.0.1

This release fixes the following potential DoS vulnerabilities:

 - File extraction limits were not correctly enforced for files
   containing large amounts of missing bytes.

 - Sessions are sometimes not cleaned up completely within Zeek
   during shutdown,
   potentially causing a crash when using the -B dpd flag for debug logging.

 - A specially-crafted HTTP packet can cause Zeek's filename
   extraction code to take a long time to process the data.

 - A specially-crafted series of FTP packets made up of a CWD request
   followed by a large amount of ERPT requests may cause Zeek to
   spend a long time logging the commands.

 - A specially-crafted VLAN packet can cause Zeek to overflow memory
   and potentially crash.

This release fixes the following bugs:

 - Fixed a base64 decoding issue with the authorization field of
   HTTP request headers that was sometimes causing Zeek to output
   error messages.

 - Ensure that Zeek builds use the internal version of Spicy instead
   of external installations, unless specifically configured for
   that mode.

 - Support was added for switch fields when exporting Spicy types
   to Zeek.

 - A number of fixes were added to protect against potential unbounded
   state growth with the SMB and DCE-RPC analyzers. SMB close
   requests will properly tear down an related DCE-RPC analyzers.

 - Fixed a regression in the UDP and TCP analyzers that was causing
   more data than necessary to be forwarded to the next analyzer
   in the chain.

 - A connection's value is now updated in-place when its directionality
   is flipped due to Zeek's heuristics (for example, SYN/SYN-ACK
   reversal or protocol specific approaches).

 - Fixed undefined symbols being reported from Spicy when building
   some of the binary packages for Zeek.

 - Loading policy/frameworks/notice/community-id.zeek now also
   automatically community ID logging.

 - Spicy no longer registers an extra port for every port registered
   in a plugin's .evt file.

 - Timeouts in DNS resolution no longer cause uncontrolled memory
   growth.

 - Fix check to skip DNS hostname lookups for notices that are not
   delivered via email in policy/frameworks/notice/extend-email/hostnames.

Reported by:	Tim Wojtulewicz
Security:	8eefa87f-31f1-496d-bf8e-2b465b6e4e8a
commit hash: 730455c58e931465b3b8b9abf2e1edfb58863c29 commit hash: 730455c58e931465b3b8b9abf2e1edfb58863c29 commit hash: 730455c58e931465b3b8b9abf2e1edfb58863c29 commit hash: 730455c58e931465b3b8b9abf2e1edfb58863c29 730455c
Wednesday, 6 Sep 2023
20:50 Po-Chuan Hsieh (sunpoet) search for other commits by this committer
security/zeek: Clean up USES=python

- While I'm here, fix PLIST

====> Checking for pkg-plist issues (check-plist)
===> Parsing plist
===> Checking for items in STAGEDIR missing from pkg-plist
Error: Orphaned: @dir lib/%%ZEEKUSER%%/plugins
Error: Orphaned: @dir lib/%%ZEEKUSER%%/spicy
===> Checking for items in pkg-plist which are not in STAGEDIR
===> Error: Plist issues found.
*** Error code 1

Approved by:	portmgr (blanket)
With hat:	python
commit hash: 1d00d4804dae5649e741b4a4b2f097e6660cdd05 commit hash: 1d00d4804dae5649e741b4a4b2f097e6660cdd05 commit hash: 1d00d4804dae5649e741b4a4b2f097e6660cdd05 commit hash: 1d00d4804dae5649e741b4a4b2f097e6660cdd05 1d00d48
Thursday, 31 Aug 2023
00:31 Craig Leres (leres) search for other commits by this committer
security/zeek: revert b6a8929a2551 for pkg-plist

I get package errors with that version (for 13.2/amd64 at least):

=======================<phase: package        >============================
===>  Building package for zeek-6.0.0
pkg-static: Unable to access file
/wrkdirs/usr/ports/security/zeek/work/stage/usr/local/include/zeek/analyzer/protocol/finger/legacy/events.bif.h:No
such file or directory
pkg-static: Unable to access file
/wrkdirs/usr/ports/security/zeek/work/stage/usr/local/include/zeek/analyzer/protocol/syslog/legacy/events.bif.h:No
such file or directory
pkg-static: Unable to access file
/wrkdirs/usr/ports/security/zeek/work/stage/usr/local/share/zeek/base/bif/plugins/Zeek_Finger.events.bif.zeek:No
such file or directory
pkg-static: Unable to access file
/wrkdirs/usr/ports/security/zeek/work/stage/usr/local/share/zeek/base/bif/plugins/Zeek_Syslog.events.bif.zeek:No
such file or directory
*** Error code 1

Maybe it's an options thing? I have everything set except PERFTOOLS
and BUILD_TYPE set to RELEASE.

While here update LICENSE.
commit hash: 75702bc2c87ed2234607ab1ca60c59fb94666e40 commit hash: 75702bc2c87ed2234607ab1ca60c59fb94666e40 commit hash: 75702bc2c87ed2234607ab1ca60c59fb94666e40 commit hash: 75702bc2c87ed2234607ab1ca60c59fb94666e40 75702bc
Tuesday, 29 Aug 2023
14:25 Piotr Kubaj (pkubaj) search for other commits by this committer
security/zeek: add shebangfix to zeek-client, fix pkg-plist

Noticed while building on powerpc64.
commit hash: b6a8929a25512556f724fde80df83c1f09bfabb6 commit hash: b6a8929a25512556f724fde80df83c1f09bfabb6 commit hash: b6a8929a25512556f724fde80df83c1f09bfabb6 commit hash: b6a8929a25512556f724fde80df83c1f09bfabb6 b6a8929
Tuesday, 22 Aug 2023
20:34 Craig Leres (leres) search for other commits by this committer
security/zeek: Update to 6.0.0

    https://github.com/zeek/zeek/releases/tag/v6.0.0

This is the latest major version number Long-Term Support (LTS)
release of Zeek.

The NETMAP option has been removed; it was too difficult to build
it without zeek being installed in %%PREFIX%%. The consensus was
that this was a rarely used feature, please reach out to me if need
this (I've done some work on a new security/zeek-netmap port that
is probably the right way forward).

When I upgraded zeek on my systems I found some cruft left over
from previous versions. The way I recommend upgrading from 5.0.9
to 6.0.0 is:

    service zeek stop
    pkg delete -fy zeek py311-zkg
    [clean up leftover files in /usr/local/lib/zeek]
    pkg install -y zeek
    service zeek deploy

Changes:

 - Zeek now treats private address space (i.e., non-routable IP
   address ranges) as local by default

 - Telemetry centralization and Prometheus exposition is not enabled
   by default anymore

 - Custom source tarballs require a repo-info.json file.

 - Plugin authors should raise the minimum required CMake version
   to 3.15 to ensure compatibility with new CMake scaffolding
   included in this release

 - Zeek container images are not pushed to the zeekurity organization
   anymore

 - The error message returned when using bro_init, bro_done, and
   bro_script_loaded events is now removed

Reported by:	Tim Wojtulewicz
commit hash: 2dbcea6bbf5b3d15f261fd581ed6259566de1c64 commit hash: 2dbcea6bbf5b3d15f261fd581ed6259566de1c64 commit hash: 2dbcea6bbf5b3d15f261fd581ed6259566de1c64 commit hash: 2dbcea6bbf5b3d15f261fd581ed6259566de1c64 2dbcea6
Wednesday, 12 Apr 2023
06:18 Craig Leres (leres) search for other commits by this committer
security/zeek: Update to 5.0.8

    https://github.com/zeek/zeek/releases/tag/v5.0.8

This release fixes the following potential DoS vulnerabilities:

 - A specially-crafted stream of FTP packets containing a command
   reply with many intermediate lines can cause Zeek to spend a
   large amount of time processing data.

 - A specially-crafted set of packets containing extremely large
   file offsets cause cause the reassembler code to allocate large
   amounts of memory.

 - The DNS manager does not correctly expire responses that don't
   contain any data, such those containing NXDOMAIN or NODATA status
   codes. This can lead to Zeek allocating large amounts of memory
   for these responses and never deallocating them.

 - A specially-crafted stream of RDP packets can cause Zeek to spend
   large protocol validation.

 - A specially-crafted stream of SMTP packets can cause Zeek to
   spend large amounts of time processing data.

This release fixes the following bugs:

 - Data stores used by the known-{hosts,certs,services} policies
   now default to using local stores instead of Broker stores.

 - The VXLAN and Geneve report analyzer confirmations once their
   protocols have been fully parsed, but before attempting to forward
   to the tunneled packets to other analyzers.

 - New wierds were added to the AYIYA, Geneve, and VXLAN analyzers
   (ayiya_empty_packet, geneve_empty_packet, and vxlan_empty_packet).

 - A new script-level option Pcap::non_fd_timeout was added to allow
   fine-tuning the amount of time to sleep on each IO loop when
   using a packet source that doesn't provide a file descriptor
   (e.g. Myricom).

 - Avoid attempting to retrieve packets during every loop for a
   packet source, instead switching to a predictive approach that
   keeps track of whether or not that packet source has previously
   seen traffic.

Reported by:	Tim Wojtulewicz
Security:	96d6809a-81df-46d4-87ed-2f78c79f06b1
commit hash: 7705f7bbc42db52bc8bb6686738580b89b49f347 commit hash: 7705f7bbc42db52bc8bb6686738580b89b49f347 commit hash: 7705f7bbc42db52bc8bb6686738580b89b49f347 commit hash: 7705f7bbc42db52bc8bb6686738580b89b49f347 7705f7bbc
Wednesday, 1 Feb 2023
19:06 Craig Leres (leres) search for other commits by this committer
security/zeek: Update to 5.0.6

    https://github.com/zeek/zeek/releases/tag/v5.0.6

This release fixes the following potential DoS vulnerabilities:

 - A missing field in the SMB FSControl script-land record could
   cause a heap buffer overflow when receiving packets containing
   those header types.

 - Receiving a series of packets that start with HTTP/1.0 and then
   switch to HTTP/0.9 could cause Zeek to spend a large amount of
   time processing the packets.

 - Receiving large numbers of FTP commands sequentially from the
   network with bad data in them could cause Zeek to spend a large
   amount of time processing the packets, and generate a large
   amount of events.

This release fixes the following bugs:

 - Zeek could throw a scripting error when receiving SMB1 packets
   containing connect_andx_response messages prior to receiving an
   associated request.

 - A performance regression from 4.2 to 5.0 when reading pcap files
   related to Broker's internal clock was fixed.

 - Notices created for files transferred over multiple connections
   will now be associated with one of the connections rather than
   none.

 - A new file_over_new_connection event was added to the Intel
   framework, for use when receiving files over established connections
   (for example, HTTP).

 - The error message returned when trying use invalid enums in
   scripts now correctly includes the script location.

Reported by:	Tim Wojtulewicz
Security:	2b5fc9c4-eaca-46e0-83d0-9b10c51c4b1b
commit hash: 85faac2f4c4a9a545a15ffb797ecb41ea3d985e5 commit hash: 85faac2f4c4a9a545a15ffb797ecb41ea3d985e5 commit hash: 85faac2f4c4a9a545a15ffb797ecb41ea3d985e5 commit hash: 85faac2f4c4a9a545a15ffb797ecb41ea3d985e5 85faac2
Wednesday, 9 Nov 2022
02:42 Craig Leres (leres) search for other commits by this committer
security/zeek: Update to 5.0.3

    https://github.com/zeek/zeek/releases/tag/v5.0.3

This release fixes the following potential DoS vulnerabilities:

 - Fix an issue where a specially-crafted FTP packet can cause Zeek
   to spend large amounts of time attempting to search for valid
   commands in the data stream.

 - Fix a possible overflow in the Zeek dictionary code that may
   lead to a memory leak.

 - Fix an issue where a specially-crafted packet can cause Zeek to
   spend large amounts of time reporting analyzer violations.

 - Fix a possible assert and crash in the HTTP analyzer when receiving
   a specially-crafted packet.

 - Fix an issue where a specially-crafted HTTP or SMTP packet can
   cause Zeek to spend a large amount of time attempting to search
   for filenames within the packet data.

 - Fix two separate possible crashes when converting processed IP
   headers for logging via the raw_packet event handlers.

This release fixes the following bugs:

 - Fix a possible crash with when statements where lambda captures
   of local variables sometimes overflowed the frame counter.

 - Reduced the amount of analyzer_confirmation events that are
   raised for packets that contain tunnels.

 - Fix a long-standing bug where TCP reassembly would not function
   correctly for some analyzers if dpd_reassemble_first_packets was
   set to false.

 - Fix a performance bug in the Zeek dictionary code in certain
   cases, such as copying a large number of entries from one
   dictionary into another.

 - Fix a performance issue when inserting large numbers of elements
   into a Broker store when Broker::scheduler_policy is set to
   stealing.

 - Fix a Broker performance issue when distributing large amounts
   of data from the input framework to proxies/workers at startup.

 - Fix an issue with messaging between proxies and workers that
   resulted in error messages being reported.

 - Updated the list of DNS type strings to reflect the correct.

Reported by:	Tim Wojtulewicz
Security:	60d4d31a-a573-41bd-8c1e-5af7513c1ee9
commit hash: f7beb19cdf537aacb741f1f19fccff683954371b commit hash: f7beb19cdf537aacb741f1f19fccff683954371b commit hash: f7beb19cdf537aacb741f1f19fccff683954371b commit hash: f7beb19cdf537aacb741f1f19fccff683954371b f7beb19
Thursday, 15 Sep 2022
00:53 Craig Leres (leres) search for other commits by this committer
security/zeek: Port improvements

 - Remove useless BROKER option.

 - Remove USES=ninja (now implied by USES=cmake).

 - Make bison, flex, and swig hard dependencies.

 - Strip several installed binaries.

 - Remove some test files and directories mistakenly installed by
   spicy.

 - While we're here, run portfmt.

Thanks to @diizzy for the bulk of these changes.

PR:		266345
Reported by:	diizzy
commit hash: 095788766cc2d89548e39d49051999613680b72d commit hash: 095788766cc2d89548e39d49051999613680b72d commit hash: 095788766cc2d89548e39d49051999613680b72d commit hash: 095788766cc2d89548e39d49051999613680b72d 0957887
Friday, 26 Aug 2022
23:54 Craig Leres (leres) search for other commits by this committer
security/zeek: Update to 5.0.1

    https://github.com/zeek/zeek/releases/tag/v5.0.1

Security fixes since 5.0.0:

 - Fix a possible overflow and crash in the ARP analyzer when
   receiving a specially crafted packet.

 - Fix a possible overflow and crash in the Modbus analyzer when
   receiving a specially crafted packet.

 - Fix two possible crashes when converting IP headers for output
   via the raw_packet event.

 - Fix an abort related to an error related to the ordering of
   record fields when processing DNS EDNS headers via events

Other changes:

 - Fix a number of typos in the weak-keys.zeek script in the SSL
   framework.

 - Fix build of internal Spicy when using the --disable-cpp-tests
   configure flag.

 - Avoid calling safe_realloc unnecessarily from ODesc::Grow(),
   providing a peformance improvement in some cases.

 - Remove use of fallible get_conn_transport_proto() in analyzer_violation
   event handlers.

 - Remove a warning when receiving packets with invalid or unknown
   IP protocol types, preventing it from spamming reporter.log.

 - Fix workers failing to peer with proxies if they take too long
   to start.

 - Fix Zeek build failures when building against an external version
   of Spicy.

 - Update Spicy to version 1.5.1 and spicy-plugin to 1.3.17.

Reported by:	Tim Wojtulewicz
commit hash: 8afc679517af7a25ec736e5a44cea6a1c548c35d commit hash: 8afc679517af7a25ec736e5a44cea6a1c548c35d commit hash: 8afc679517af7a25ec736e5a44cea6a1c548c35d commit hash: 8afc679517af7a25ec736e5a44cea6a1c548c35d 8afc679
Monday, 18 Jul 2022
07:16 Piotr Kubaj (pkubaj) search for other commits by this committer
security/zeek: fix build on non aarch64 / amd64 / armv? / i386

1. Enable SPICY only on aarch64 / amd64 / armv? / i386 as specified in
https://github.com/zeek/spicy/blob/d0bc60537b53c3a951a0bdcb7b1c080bbb068abf/hilti/runtime/src/fiber.cc#L252
2. Correct a parameter passed to CMake to disable Spicy.
3. Correct pkg-plist for build with disabled Spicy.

Approved by:	portmgr (blanket)
commit hash: f7731a46b82fb1a578193ef508e4c5707cf5b04b commit hash: f7731a46b82fb1a578193ef508e4c5707cf5b04b commit hash: f7731a46b82fb1a578193ef508e4c5707cf5b04b commit hash: f7731a46b82fb1a578193ef508e4c5707cf5b04b f7731a4
Saturday, 9 Jul 2022
19:52 Craig Leres (leres) search for other commits by this committer
security/zeek: Patch to allow building without ENABLE_ZEEK_UNIT_TESTS

5.0.0 does not build without ENABLE_ZEEK_UNIT_TESTS enabled.
Apply upstream patch which solves this:

    https://github.com/zeek/zeek/pull/2256

Obtained from:	Benjamin Bannier
commit hash: 619c9efdbb5b809b2187706427c1ee1d0e57ca1f commit hash: 619c9efdbb5b809b2187706427c1ee1d0e57ca1f commit hash: 619c9efdbb5b809b2187706427c1ee1d0e57ca1f commit hash: 619c9efdbb5b809b2187706427c1ee1d0e57ca1f 619c9ef
02:44 Craig Leres (leres) search for other commits by this committer
security/zeek: Update to 5.0.0 (latest LTS release)

    https://github.com/zeek/zeek/releases/tag/v5.0.0

Changes incompatiable with 4.0.7:

 - The script-land ``union`` and ``timer`` types have been removed.
   They haven't had any actual semantics backing them for some time
   and shouldn't have functioned in any useable way. We opted to
   skip the deprecation cycle for these types for that reason.

 - Broker now uses a new network backend with a custom network
   protocol that is incompatible with the pre-5.0 backend. In
   practice, this means Zeek 4.x will not be able to exchange events
   with Zeek 5.x. Going forward, this new backend will allow us to
   keep the Broker protocol more stable and add new capabilities
   in a backwards compatible way.

While we're here add a comment explaining why we really need uname
-p instead of using ARCH (uname -m). Also solve a portlint nag.

Reported by:	Tim Wojtulewicz
commit hash: c356da85916e14c0844fdf42340a8429e34990f2 commit hash: c356da85916e14c0844fdf42340a8429e34990f2 commit hash: c356da85916e14c0844fdf42340a8429e34990f2 commit hash: c356da85916e14c0844fdf42340a8429e34990f2 c356da8
Tuesday, 25 Jan 2022
22:38 Craig Leres (leres) search for other commits by this committer
security/zeek: Update to 4.0.5

Changes since 4.0.4:

 - The highwayhash module was updated to fix a build failure on
   FreeBSD.

 - A number of fixes for various problems on the CI infrastructure.

 - Writers were not being cleaned up correctly when recreating log
   streams with the same ID as an existing stream. This could lead
   to a crash.

 - IP packets with bad/incorrect IP header lengths were not reporting
   weirds as they should be.

Reported by:	Tim Wojtulewicz
commit hash: 02c1f1a6efdc5211e1c5dead4ec2393cd134daf6 commit hash: 02c1f1a6efdc5211e1c5dead4ec2393cd134daf6 commit hash: 02c1f1a6efdc5211e1c5dead4ec2393cd134daf6 commit hash: 02c1f1a6efdc5211e1c5dead4ec2393cd134daf6 02c1f1a
Monday, 19 Jul 2021
17:08 Craig Leres (leres) search for other commits by this committer
security/zeek: Add @sample for local.zeek

This github issue:

    https://github.com/zeek/zeekctl/issues/35

complained about the lack of a local.zeek file on a fresh install;
adding @sample for local.zeek solves this.

Reported by:	shadonet
commit hash: 7c9b2f40c5f2557d87cc1d2ce7d968377b13d6b3 commit hash: 7c9b2f40c5f2557d87cc1d2ce7d968377b13d6b3 commit hash: 7c9b2f40c5f2557d87cc1d2ce7d968377b13d6b3 commit hash: 7c9b2f40c5f2557d87cc1d2ce7d968377b13d6b3 7c9b2f4
Tuesday, 11 May 2021
04:42 Craig Leres (leres) search for other commits by this committer
security/zeek: Unbreak package when CMAKE_BUILD_TYPE is not Release
commit hash: bb8a04b6c1a877d5c8d04f176be9faaf57eccfa0 commit hash: bb8a04b6c1a877d5c8d04f176be9faaf57eccfa0 commit hash: bb8a04b6c1a877d5c8d04f176be9faaf57eccfa0 commit hash: bb8a04b6c1a877d5c8d04f176be9faaf57eccfa0 bb8a04b
Wednesday, 14 Apr 2021
05:13 Craig Leres (leres) search for other commits by this committer
security/zeek: Unbreak armv7 build and fix testport issue

Add a patch from upstream to fix building on armv7 (used by pfsense):

    https://github.com/zeek/zeek/issues/1496

Thanks to @garga for the pointer.

Fix a testport "left over" file @adridg reported. When zeek is run
as part of package installation, it copies some config files to
spool/installed-scripts-do-not-touch/site and local.zeek.sample
hitches a ride and needs to be removed on uninstall. But it is not
really a @sample candidate.

While we're here fix some minor portlint (env -> ${SETENV}) and
clean up some commented out directives.

Reported by:	garga adridg
commit hash: 9c36d02b932e632613f6a3948afa2a65afbfdf6b commit hash: 9c36d02b932e632613f6a3948afa2a65afbfdf6b commit hash: 9c36d02b932e632613f6a3948afa2a65afbfdf6b commit hash: 9c36d02b932e632613f6a3948afa2a65afbfdf6b 9c36d02
Saturday, 20 Mar 2021
01:16 leres search for other commits by this committer
security/zeek: Update to 4.0.0

This is the next Long-Term Support (LTS) major version:

    https://github.com/zeek/zeek/releases/tag/v4.0.0
    https://zeek.org/2020/12/15/zeek-4-0-release-candidate/

Support for the previous LTS (3.0.x) will end in about two months.

Reported by:	Jon Siwek
Original commitRevision:568827 
Thursday, 17 Dec 2020
22:01 leres search for other commits by this committer
security/zeek: Install cmake files

Unstream requested that share/zeek/cmake/* be installed as the files
are used to build zeek plugins.

While here update some pkg-plist @preunexec entries (*.bro -> *.zeek).

Reported by:	Robin Sommer, Benjamin Bannier
Original commitRevision:558335 
Wednesday, 16 Dec 2020
01:05 leres search for other commits by this committer
security/zeek: Improve the pkg upgrade experience

Don't remove %%PREFIX%%/spool/state.db otherwise when zeek is
upgraded zeekctl doesn't detect the running instance and "restart"
fails.

Split uninstall related info in pkg-message.in to a new remove
section (and fix some typos).
Original commitRevision:558195 
Friday, 6 Nov 2020
18:38 leres search for other commits by this committer
security/zeek: Fix build on armv7 and allow running as non-root user

Apply Renato Botelho's fix for the ARCH used in PLIST_SUB (with
some changes). Essentially use uname -m instead of trying to fix
up the ARCH defined by bsd.port.mk (uname -p).

While we're here:

 - Convert networks.cfg, node.cfg, and zeekctl.cfg to use @sample

 - Use @sample to avoid clobbering site.zeek (oops).

 - Remove unnecessary subshell for the post-build-NETMAP-on target.

 - Silence the annoying "use ZeekControl.plugin instead of
   BroControl.plugin" nag.

 - Reformat the rc.d script.

 - Update the rc.d script to honor the zeek_user rc.d variable and
   update pkg-message.in with hints on how to run as user zeek.

 - Explain how to configure zeek to ignore checksum errors when NIC
   checksum offloading is in use.

 - Make share/zeekctl/scripts owned by user zeek to allow "zeekctl
   install" when running as user zeek.

PR:		250886
Reported by:	garga
Original commitRevision:554309 
Wednesday, 11 Dec 2019
21:43 leres search for other commits by this committer
security/bro: Update to 3.0.1. As announced by Jon Siwek:

    This is a bug-fix release that most notably addresses a JSON
    logging performance regression in 3.0.0, but also fixes other
    minor bugs. A list which details the changes can be found here:

    https://github.com/zeek/zeek/releases/tag/v3.0.1

Approved by:	ler (mentor, implicit)
Original commitRevision:519842 
Sunday, 17 Nov 2019
01:03 leres search for other commits by this committer
security/zeek: This adds security/zeek, the new version of security/bro.
This is being done as svn copy instead of rename so that users of
security/bro can have some time to migrate. It also allows for
possible security updates to the old bro port which upstream has
indicated is possible for at least a few months.

Reviewed by:	ler (mentor)
Approved by:	ler (mentor)
Differential Revision:	https://reviews.freebsd.org/D22376
Original commitRevision:517788 

Number of commits found: 25