Date: Thu, 30 Aug 2018 22:26:48 +0000 (UTC) From: Craig Leres <leres@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r478498 - branches/2018Q3/security/bro Message-ID: <201808302226.w7UMQm1F029064@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: leres Date: Thu Aug 30 22:26:48 2018 New Revision: 478498 URL: https://svnweb.freebsd.org/changeset/ports/478498 Log: MFH: r478427 Update to 2.5.5 which addresses security issues: - Fix array bounds checking in BinPAC: for arrays that are fields within a record, the bounds check was based on a pointer to the start of the record rather than the start of the array field, potentially resulting in a buffer over-read. - Fix SMTP command string comparisons: the number of bytes compared was based on the user-supplied string length and can lead to incorrect matches. e.g. giving a command of "X" incorrectly matched "X-ANONYMOUSTLS" (and an empty commands match anything). - Weird" events are now generally suppressed/sampled by default according to some tunable parameters. - Improved handling of empty lines in several text protocol analyzers that can cause performance issues when seen in long sequences. - Add `smtp_excessive_pending_cmds' weird which serves as a notification for when the "pending command" queue has reached an upper limit and been cleared to prevent one from attempting to slowly exhaust memory. Approved by: ler (mentor, implicit) Security: d0be41fe-2a20-4633-b057-4e8b25c41780 Approved by: ports-secteam (miwi), ler (mentor, implicit) Modified: branches/2018Q3/security/bro/Makefile branches/2018Q3/security/bro/distinfo branches/2018Q3/security/bro/pkg-plist Directory Properties: branches/2018Q3/ (props changed) Modified: branches/2018Q3/security/bro/Makefile ============================================================================== --- branches/2018Q3/security/bro/Makefile Thu Aug 30 21:00:21 2018 (r478497) +++ branches/2018Q3/security/bro/Makefile Thu Aug 30 22:26:48 2018 (r478498) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= bro -PORTVERSION= 2.5.4 +PORTVERSION= 2.5.5 CATEGORIES= security MASTER_SITES= https://www.bro.org/downloads/ DISTFILES= ${DISTNAME}${EXTRACT_SUFX} Modified: branches/2018Q3/security/bro/distinfo ============================================================================== --- branches/2018Q3/security/bro/distinfo Thu Aug 30 21:00:21 2018 (r478497) +++ branches/2018Q3/security/bro/distinfo Thu Aug 30 22:26:48 2018 (r478498) @@ -1,6 +1,6 @@ -TIMESTAMP = 1528300945 -SHA256 (bro-2.5.4.tar.gz) = 80daea433fa654f2602cf67b19b9121ff6ad57761bad73cc29020c4f490c5f1f -SIZE (bro-2.5.4.tar.gz) = 18520847 +TIMESTAMP = 1535578356 +SHA256 (bro-2.5.5.tar.gz) = 18f2aeb10b4d935d85c115a1e4a93464b9750be19b34997cf6196b29118e73cf +SIZE (bro-2.5.5.tar.gz) = 18525979 SHA256 (actor-framework-actor-framework-0.14.6_GH0.tar.gz) = cbc2033896fe41e42604de2f74673971718a40684996650157484485755f7720 SIZE (actor-framework-actor-framework-0.14.6_GH0.tar.gz) = 1239451 SHA256 (bro-bro-netmap-cf88debf487b31ab30dc3b5bac64783b4e49997e_GH0.tar.gz) = 383423f92932c3ef244194954708b3a237b4f37ebc358014f51dcb3b9786896b Modified: branches/2018Q3/security/bro/pkg-plist ============================================================================== --- branches/2018Q3/security/bro/pkg-plist Thu Aug 30 21:00:21 2018 (r478497) +++ branches/2018Q3/security/bro/pkg-plist Thu Aug 30 22:26:48 2018 (r478498) @@ -574,6 +574,7 @@ man/man8/bro.8.gz %%DATADIR%%/policy/misc/scan.bro %%DATADIR%%/policy/misc/stats.bro %%DATADIR%%/policy/misc/trim-trace-file.bro +%%DATADIR%%/policy/misc/weird-stats.bro %%DATADIR%%/policy/protocols/conn/known-hosts.bro %%DATADIR%%/policy/protocols/conn/known-services.bro %%DATADIR%%/policy/protocols/conn/mac-logging.bro
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201808302226.w7UMQm1F029064>