git: 5f0ef242a10c - main - security/zeek: Update to 6.0.2

From: Craig Leres <leres_at_FreeBSD.org>
Date: Fri, 27 Oct 2023 22:46:58 UTC 
The branch main has been updated by leres:

URL: https://cgit.FreeBSD.org/ports/commit/?id=5f0ef242a10cb712c5e1e930e490b197b3d997af

commit 5f0ef242a10cb712c5e1e930e490b197b3d997af
Author:     Craig Leres <leres@FreeBSD.org>
AuthorDate: 2023-10-27 22:46:35 +0000
Commit:     Craig Leres <leres@FreeBSD.org>
CommitDate: 2023-10-27 22:46:35 +0000

    security/zeek: Update to 6.0.2
    
        https://github.com/zeek/zeek/releases/tag/v6.0.2
    
    This release fixes the following potential DoS vulnerabilities:
    
     - A specially-crafted SSL packet could cause Zeek to leak memory
       and potentially crash.
    
     - A specially-crafted series of FTP packets could cause Zeek to
       log entries for requests that have already been completed, using
       resources unnecessarily and potentially causing Zeek to lose
       other traffic.
    
     - A specially-crafted series of SSL packets could cause Zeek to
       output a very large number of unnecessary alerts for the same
       record.
    
     - A specially-crafted series of SSL packets could cause Zeek to
       generate very long ssl_history fields in the ssl.log, potentially
       using a large amount of memory due to unbounded state growth
    
     - A specially-crafted IEEE802.11 packet could cause Zeek to overflow
       memory and potentially crash
    
    This release fixes the following bugs:
    
     - Fixed Spicy type names from causing collisions with existing
       Zeek types.
    
     - On some systems with low values for the maximum number of file
       descriptors, it was possible to run into crashes when doing DNS
       lookups if all of the file descriptors were used.
    
     - Tables backed by a Broker backend now correctly support deletion
       if they have complex index types.
    
     - A significant performance issue with Zeek's supervisor code was
       fixed, revolving around the re-initialization of the Event Manager
       object used to track events.
    
     - The MaxMind DB code now cleans up after itself, resolving a
       memory leak with the loaded database files.
    
     - The ZeekJS submodule was updated to version 0.9.6, bringing fixes
       for zeek.invoke and zeek.event crashes, garbage collection, and
       an issue where Zeek may stop executing events from ZeekJS.
    
    Reported by:    Tim Wojtulewicz
    Security:       386a14bb-1a21-41c6-a2cf-08d79213379b
---
 security/zeek/Makefile | 2 +-
 security/zeek/distinfo | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/security/zeek/Makefile b/security/zeek/Makefile
index c82778ba542a..4623ee6c804a 100644
--- a/security/zeek/Makefile
+++ b/security/zeek/Makefile
@@ -1,5 +1,5 @@
 PORTNAME=	zeek
-DISTVERSION=	6.0.1
+DISTVERSION=	6.0.2
 CATEGORIES=	security
 MASTER_SITES=	https://download.zeek.org/
 DISTFILES=	${DISTNAME}${EXTRACT_SUFX}
diff --git a/security/zeek/distinfo b/security/zeek/distinfo
index 760fbcbfb021..2f9b2eae87e8 100644
--- a/security/zeek/distinfo
+++ b/security/zeek/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1694552456
-SHA256 (zeek-6.0.1.tar.gz) = cfc329a170439195d7070ec5387d95cdda7eb6b86ac85ec707b9ed0e9d576a29
-SIZE (zeek-6.0.1.tar.gz) = 60152791
+TIMESTAMP = 1698437165
+SHA256 (zeek-6.0.2.tar.gz) = 2421989adcee6a29f48a8f7272f719edbe954d66c2e86e3a52e79cae177f887c
+SIZE (zeek-6.0.2.tar.gz) = 60175209