Commit History - (may be incomplete: see SVNWeb link above for full details) |
Date | By | Description |
22 Dec 2020 17:02:54
3.0.12_2

|
pkubaj  |
security/zeek: enable on powerpc64 head |
17 Dec 2020 22:01:31
3.0.12_2

|
leres  |
security/zeek: Install cmake files
Unstream requested that share/zeek/cmake/* be installed as the files
are used to build zeek plugins.
While here update some pkg-plist @preunexec entries (*.bro -> *.zeek).
Reported by: Robin Sommer, Benjamin Bannier |
16 Dec 2020 01:05:01
3.0.12_1

|
leres  |
security/zeek: Improve the pkg upgrade experience
Don't remove %%PREFIX%%/spool/state.db otherwise when zeek is
upgraded zeekctl doesn't detect the running instance and "restart"
fails.
Split uninstall related info in pkg-message.in to a new remove
section (and fix some typos). |
15 Dec 2020 22:17:29
3.0.12

|
leres  |
security/zeek: Update to 3.0.12
https://github.com/zeek/zeek/releases/tag/v3.0.12
This release fixes the following bugs:
- Incorrect ICMP Neighbor Discovery Option length calculation
- Fix SMB2 response status parsing
- Fix excessive connection_status_update events for ICMP connections
Reported by: Jon Siwek |
19 Nov 2020 00:34:21
3.0.11_2

|
leres  |
security/zeek: Remove deprecated security/broccoli option
Upstream confirms that support for the broccoli protocol will be
removed in a future version of zeek. And given that security/broccoli
requires python2 which will be deprecated at the end of December,
lets remove broccoli support from zeek now. |
06 Nov 2020 18:38:46
3.0.11_1

|
leres  |
security/zeek: Fix build on armv7 and allow running as non-root user
Apply Renato Botelho's fix for the ARCH used in PLIST_SUB (with
some changes). Essentially use uname -m instead of trying to fix
up the ARCH defined by bsd.port.mk (uname -p).
While we're here:
- Convert networks.cfg, node.cfg, and zeekctl.cfg to use @sample
- Use @sample to avoid clobbering site.zeek (oops).
- Remove unnecessary subshell for the post-build-NETMAP-on target.
- Silence the annoying "use ZeekControl.plugin instead of (Only the first 15 lines of the commit message are shown above ) |
07 Oct 2020 21:29:54
3.0.11

|
leres  |
security/zeek: Update to 3.0.11 to fix memory leaks and potential DOS:
https://github.com/zeek/zeek/releases/tag/v3.0.11
- A memory leak in multipart MIME code has potential for remote
exploitation and cause for Denial of Service via resource
exhaustion.
Other fixes:
- Fix incorrect RSTOS0 conn_state determinations
Reported by: Jon Siwek
MFH: 2020Q4
Security: 769a4f60-9056-4c27-89a1-1758a59a21f8 |
10 Sep 2020 00:15:49
3.0.10

|
leres  |
security/zeek: Update to 3.0.10 to fix memory leaks and potential DOS:
https://github.com/zeek/zeek/releases/tag/v3.0.10
- Fix memory leak caused by re-entering AYIYA parsing
- Fix memory leak caused by re-entering GTPv1 parsing
Other fixes:
- Fix Input Framework 'change' events for 'set' destinations
- Fix reported body-length of HTTP messages w/ sub-entities
Reported by: Jon Siwek
MFH: 2020Q3
Security: 2c92fdd3-896c-4a5a-a0d8-52acee69182d |
28 Jul 2020 01:09:39
3.0.8

|
leres  |
security/zeek: Update to 3.0.8 and address various vulnerabilities:
https://github.com/zeek/zeek/releases/tag/v3.0.8
- Fix potential DNS analyzer stack overflow
- Fix potential NetbiosSSN analyzer stack overflow
Other fixes:
- Fix DHCP Client ID Option misformat for Hardware Type 0
- Fix/allow copying/cloning of opaque of Broker::Store
- Fix ConnPolling memory over-use (Only the first 15 lines of the commit message are shown above ) |
05 Jul 2020 09:44:25
3.0.7

|
mikael  |
security/zeek: fix packaging on aarch64
pkg-static: Unable to access file
/wrkdirs/usr/ports/security/zeek/work/stage/usr/local/lib/zeek/plugins/Bro_Netmap/lib/Bro-Netmap.freebsd-aarch64.so:No
such file or directory
Approved by: portmgr (tier-2 blanket) |
17 Jun 2020 18:17:45
3.0.7

|
sunpoet  |
Move devel/swig30 to devel/swig and update to 4.0.1
- Do not silence installation message
- Update dependent ports:
- Fix build with swig 4.0.1
- Update *_DEPENDS
- Remove BINARY_ALIAS
Changes: http://www.swig.org/news.php
PR: 246613
Exp-run by: antoine |
10 Jun 2020 19:15:07
3.0.7

|
leres  |
security/zeek: Update to 3.0.7 and address various vulnerabilities:
https://raw.githubusercontent.com/zeek/zeek/v3.0.7/NEWS
- Fix potential stack overflow in NVT analyzer
- Fix NVT analyzer memory leak from multiple telnet authn name options
- Fix multiple content-transfer-encoding headers causing a memory leak
- Fix potential leak of Analyzers added to tree during Analyzer::Done
- Prevent IP fragment reassembly on packets without minimal IP header
Other fixes: (Only the first 15 lines of the commit message are shown above ) |
08 May 2020 20:51:23
3.0.6_1

|
leres  |
security/zeek: Fix build with PERFTOOLS which needed BUILD_DEPENDS.
While we're here sort options related.
Reported by: James Welcher |
06 May 2020 23:37:35
3.0.6

|
leres  |
security/zeek: Update to 3.0.6 and address multiple vulnerabilites:
https://raw.githubusercontent.com/zeek/zeek/v3.0.6/NEWS
- Fix buffer over-read in Ident analyzer
- Fix SSL scripting error leading to uninitialized field access
and memory leak
- Fix POP3 analyzer global buffer over-read
- Fix potential stack overflows due to use of Variable-Length-Arrays
Other changes since 3.0.5 include:
(Only the first 15 lines of the commit message are shown above ) |
15 Apr 2020 00:01:37
3.0.5

|
leres  |
security/zeek: Update to 3.0.5
Chase latest version number that contains a simple fix not relevant
to supported versions of FreeBSD (hence no MFH).
https://raw.githubusercontent.com/zeek/zeek/3ad19762770c567edc3498b3c1f9f216f46970b0/NEWS
- Same as 3.0.4 but fixes compilation on various platforms with
older compilers, for example GCC 4.8.x. |
14 Apr 2020 20:55:15
3.0.4

|
leres  |
security/zeek: Update to 3.0.4 and address a remote crash vulnerability:
https://github.com/zeek/zeek/blob/e059d4ec2e689b3c8942f4aa08b272f24ed3f612/NEWS
- Fix stack overflow in POP3 analyzer. An attacker can crash Zeek
remotely via crafted packet sequence.
Other fixes:
- Fix use-after-free in Zeek lambda functions with uninitialized
locals
- Fix buffer overflow due to tables/records created at parse-time
not rebuilt on record redef
(Only the first 15 lines of the commit message are shown above ) |
14 Apr 2020 18:10:15
3.0.3_1

|
leres  |
security/zeek: Fix typo in the rc.d script
(From the PR) "bro_stop" should say "zeek_stop" instead.
PR: 245612
Reported by: bugs@codejammer.se
MFH: 2020Q2 |
18 Mar 2020 00:34:19
3.0.3

|
leres  |
security/zeek: Limit portscout to even long term support release versions
https://github.com/zeek/zeek/releases
Zeek 3.0.x is the Long-Term Support release, receiving bug fixes
until at least October 2020 while Zeek 3.1.x is the current
feature release, receiving bug fixes until approximately July
2020 when the 3.2.x release series begins.
Approved by: matthew (mentor, implicit) |
15 Mar 2020 22:44:26
3.0.3

|
leres  |
security/bro: Update to 3.0.3 and address a number of potential
denial of service issues:
https://github.com/zeek/zeek/releases/tag/v3.0.2
https://github.com/zeek/zeek/releases/tag/v3.0.3
- Potential Denial of Service due to memory leak in DNS TSIG message
parsing.
- Potential Denial of Service due to memory leak (or assertion
when compiling with assertions enabled) when receiving a second
SSH KEX message after a first.
- Potential Denial of Service due to buffer read overflow and/or
memory leaks in Kerberos analyzer. The buffer read overflow (Only the first 15 lines of the commit message are shown above ) |
11 Dec 2019 21:43:22
3.0.1

|
leres  |
security/bro: Update to 3.0.1. As announced by Jon Siwek:
This is a bug-fix release that most notably addresses a JSON
logging performance regression in 3.0.0, but also fixes other
minor bugs. A list which details the changes can be found here:
https://github.com/zeek/zeek/releases/tag/v3.0.1
Approved by: ler (mentor, implicit) |
17 Nov 2019 01:03:04
3.0.0

|
leres  |
security/zeek: This adds security/zeek, the new version of security/bro.
This is being done as svn copy instead of rename so that users of
security/bro can have some time to migrate. It also allows for
possible security updates to the old bro port which upstream has
indicated is possible for at least a few months.
Reviewed by: ler (mentor)
Approved by: ler (mentor)
Differential Revision: https://reviews.freebsd.org/D22376 |