svn commit: r503191 - head/security/bro
Craig Leres
leres at FreeBSD.org
Fri May 31 19:23:08 UTC 2019
Author: leres
Date: Fri May 31 19:23:07 2019
New Revision: 503191
URL: https://svnweb.freebsd.org/changeset/ports/503191
Log:
security/bro: Update to 2.6.2 and address several denial of service
vulnerabilities:
https://raw.githubusercontent.com/zeek/zeek/bb979702cf9a2fa67b8d1a1c7f88d0b56c6af104/NEWS
- Integer type mismatches in BinPAC-generated parser code and Bro
analyzer code may allow for crafted packet data to cause
unintentional code paths in the analysis logic to be taken due
to unsafe integer conversions causing the parser and analysis
logic to each expect different fields to have been parsed. One
such example, reported by Maksim Shudrak, causes the Kerberos
analyzer to dereference a null pointer. CVE-2019-12175 was
assigned for this issue.
- The Kerberos parser allows for several fields to be left
uninitialized, but they were not marked with an &optional attribute
and several usages lacked existence checks. Crafted packet data
could potentially cause an attempt to access such uninitialized
fields, generate a runtime error/exception, and leak memory.
Existence checks and &optional attributes have been added to the
relevent Kerberos fields.
- BinPAC-generated protocol parsers commonly contain fields whose
length is derived from other packet input, and for those that
allow for incremental parsing, BinPAC did not impose a limit on
how large such a field could grow, allowing for remotely-controlled
packet data to cause growth of BinPAC's flowbuffer bounded only
by the numeric limit of an unsigned 64-bit integer, leading to
memory exhaustion. There is now a generalized limit for how
large flowbuffers are allowed to grow, tunable by setting
"BinPAC::flowbuffer_capacity_max".
Approved by: ler (mentor, implicit)
MFH: 2019Q2
Security: 177fa455-48fc-4ded-ba1b-9975caa7f62a
Modified:
head/security/bro/Makefile
head/security/bro/distinfo
Modified: head/security/bro/Makefile
==============================================================================
--- head/security/bro/Makefile Fri May 31 19:17:59 2019 (r503190)
+++ head/security/bro/Makefile Fri May 31 19:23:07 2019 (r503191)
@@ -2,8 +2,7 @@
# $FreeBSD$
PORTNAME= bro
-PORTVERSION= 2.6.1
-PORTREVISION= 2
+PORTVERSION= 2.6.2
CATEGORIES= security
MASTER_SITES= https://www.zeek.org/downloads/
DISTFILES= ${DISTNAME}${EXTRACT_SUFX}
Modified: head/security/bro/distinfo
==============================================================================
--- head/security/bro/distinfo Fri May 31 19:17:59 2019 (r503190)
+++ head/security/bro/distinfo Fri May 31 19:23:07 2019 (r503191)
@@ -1,5 +1,5 @@
-TIMESTAMP = 1545247794
-SHA256 (bro-2.6.1.tar.gz) = d9718b83fdae0c76eea5254a4b9470304c4d1d3778687de9a4fe0b5dffea521b
-SIZE (bro-2.6.1.tar.gz) = 28432762
+TIMESTAMP = 1559318790
+SHA256 (bro-2.6.2.tar.gz) = 6df6876f3f7b1dd8afeb3d5f88bfb9269f52d5d796258c4414bdd91aa2eac0a6
+SIZE (bro-2.6.2.tar.gz) = 28477996
SHA256 (bro-bro-netmap-cf88debf487b31ab30dc3b5bac64783b4e49997e_GH0.tar.gz) = 383423f92932c3ef244194954708b3a237b4f37ebc358014f51dcb3b9786896b
SIZE (bro-bro-netmap-cf88debf487b31ab30dc3b5bac64783b4e49997e_GH0.tar.gz) = 24630
More information about the svn-ports-all
mailing list