git: 228a04e25150 - main - security/zeek: Update to 8.0.2
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 13 Oct 2025 21:43:29 UTC
The branch main has been updated by leres:
URL: https://cgit.FreeBSD.org/ports/commit/?id=228a04e25150e5f3cc20f22bd1365d77d2918525
commit 228a04e25150e5f3cc20f22bd1365d77d2918525
Author: Craig Leres <leres@FreeBSD.org>
AuthorDate: 2025-10-13 21:43:04 +0000
Commit: Craig Leres <leres@FreeBSD.org>
CommitDate: 2025-10-13 21:43:04 +0000
security/zeek: Update to 8.0.2
https://github.com/zeek/zeek/releases/tag/v8.0.2
This release fixes the following vulnerability:
- The KRB analyzer can leak information about hosts in analyzed
traffic via external DNS lookups.
This release fixes the following bugs:
- The get_current_packet_header() BIF now populates the returned
record also for fragmented IP datagrams.
- The decompose_uri() script function now correctly handles URIs
containing IPv6 addresses.
- The QUIC parser now discards packets with the fixed_bit field
set to 0, rather than continuing to parse and potentially running
into analyzer violations.
While here, conform to hier(7) by moving default log and spool
directories to /var (thanks to Klemens Nanni for reporting this).
This change only affects new installs of zeek since zeekctl.cfg is
not modified.
Reported by: Tim Wojtulewicz, Klemens Nanni
---
security/zeek/Makefile | 30 ++++++++++++-------------
security/zeek/distinfo | 6 ++---
security/zeek/files/pkg-message.in | 26 +++++++++++++++++++---
security/zeek/pkg-plist | 45 ++++++++++++++++----------------------
4 files changed, 60 insertions(+), 47 deletions(-)
diff --git a/security/zeek/Makefile b/security/zeek/Makefile
index 15dd7d7a4249..378d33f5ae68 100644
--- a/security/zeek/Makefile
+++ b/security/zeek/Makefile
@@ -1,5 +1,5 @@
PORTNAME= zeek
-DISTVERSION= 8.0.1
+DISTVERSION= 8.0.2
CATEGORIES= security
MASTER_SITES= https://download.zeek.org/
@@ -82,8 +82,10 @@ CMAKE_ARGS= -DCARES_ROOT_DIR:PATH=${PREFIX} \
-DINSTALL_ZKG:BOOL=OFF \
-DPY_MOD_INSTALL_DIR:PATH=${PREFIX}/lib/zeekctl \
-DZEEK_ETC_INSTALL_DIR:PATH=${PREFIX}/etc \
+ -DZEEK_LOG_DIR:PATH=/var/log/zeek \
-DZEEK_ROOT_DIR:PATH=${PREFIX} \
- -DZEEK_SCRIPT_INSTALL_PATH:PATH=${PREFIX}/share/zeek
+ -DZEEK_SCRIPT_INSTALL_PATH:PATH=${PREFIX}/share/zeek \
+ -DZEEK_SPOOL_DIR:PATH=/var/spool/zeek
ZEEKUSER?= zeek
ZEEKGROUP?= zeek
@@ -158,28 +160,26 @@ STRIP=
USE_RC_SUBR= zeek
.endif
+post-install:
+ ${MV} ${STAGEDIR}${DATADIR}/site/local.zeek \
+ ${STAGEDIR}${DATADIR}/site/local.zeek.sample
+ @${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/zeek-cut
+ @${RM} ${STAGEDIR}${PREFIX}/share/zeek/tests
+ ${LN} -s ../btest/data ${STAGEDIR}${PREFIX}/share/zeek/tests
+
post-install-ZEEKCTL-on:
- ${MKDIR} ${STAGEDIR}${PREFIX}/logs
- ${MKDIR} ${STAGEDIR}${PREFIX}/spool/tmp
- ${MKDIR} ${STAGEDIR}${PREFIX}/spool/installed-scripts-do-not-touch/auto
- ${MKDIR} ${STAGEDIR}${PREFIX}/spool/installed-scripts-do-not-touch/site
+ ${MKDIR} ${STAGEDIR}/var/spool/zeek/installed-scripts-do-not-touch/auto
+ ${MKDIR} ${STAGEDIR}/var/spool/zeek/installed-scripts-do-not-touch/site
.for F in zeekctl.cfg networks.cfg node.cfg
${MV} ${STAGEDIR}${PREFIX}/etc/${F} ${STAGEDIR}${PREFIX}/etc/${F}.sample
.endfor
+ # Do this here because later zeek won't be running as root
${RM} ${STAGEDIR}${PREFIX}/share/zeekctl/scripts/zeekctl-config.sh
- ${LN} -s ../../../spool/zeekctl-config.sh \
+ ${LN} -s ../../../../../var/spool/zeek/zeekctl-config.sh \
${STAGEDIR}${PREFIX}/share/zeekctl/scripts/zeekctl-config.sh
${RM} ${STAGEDIR}${PREFIX}/lib/broctl
${LN} -s zeek/python/zeekctl ${STAGEDIR}${PREFIX}/lib/broctl
-post-install:
- ${MV} ${STAGEDIR}${DATADIR}/site/local.zeek \
- ${STAGEDIR}${DATADIR}/site/local.zeek.sample
- @${RM} -rf ${STAGEDIR}${PREFIX}/var
- @${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/zeek-cut
- @${RM} ${STAGEDIR}${PREFIX}/share/zeek/tests
- ${LN} -s ../btest/data ${STAGEDIR}${PREFIX}/share/zeek/tests
-
post-install-SPICY-on:
@${RM} -rf ${STAGEDIR}${PREFIX}/include/hilti/rt/3rdparty/SafeInt/Archive
@${RM} -rf ${STAGEDIR}${PREFIX}/include/hilti/rt/3rdparty/SafeInt/Test
diff --git a/security/zeek/distinfo b/security/zeek/distinfo
index cf681afb7421..fe5b893c7586 100644
--- a/security/zeek/distinfo
+++ b/security/zeek/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1756236375
-SHA256 (zeek-8.0.1.tar.gz) = ee916387e762345a6ffa84514cc3b66761f110d845a08b88e4a8da48db97ce8a
-SIZE (zeek-8.0.1.tar.gz) = 99592537
+TIMESTAMP = 1760391181
+SHA256 (zeek-8.0.2.tar.gz) = 140d2e570812a8281e2e228a479da499a8c34260d44b9ba237aab0077f96a45c
+SIZE (zeek-8.0.2.tar.gz) = 99610790
diff --git a/security/zeek/files/pkg-message.in b/security/zeek/files/pkg-message.in
index 5b311b6cda33..ba18b01c0a45 100644
--- a/security/zeek/files/pkg-message.in
+++ b/security/zeek/files/pkg-message.in
@@ -35,10 +35,30 @@ EOM
During deinstall of this package, the cfg files for zeekctl are not
deleted if you have edited them. Instead the software will create
a .sample file and the edited files will remain in place when you
-upgrade. If you want to delete them, you have to remove the
-%%PREFIX%%/etc directory manually.
+upgrade. If you want to delete them, you have to remove
+%%PREFIX%%/etc/zeekctl.cfg manually.
-You may also need to manually remove %%PREFIX%%/spool/state.db
+You may also need to manually remove /var/spool/state.db
+EOM
+}
+{ type: upgrade
+ message: <<EOM
+The default LogDir and SpoolDir have moved from %%PREFIX%% to /var.
+
+To migrate an existing installation to the new layout:
+
+ - service zeek stop
+
+ - pkg upgrade -y zeek
+
+ - edit %%PREFIX%%/etc/zeekctl.cfg and make these changes:
+
+ LogDir = /var/log/zeek
+ SpoolDir = /var/spool/zeek
+
+ - move/create the log directory
+
+ - service zeek deploy
EOM
}
]
diff --git a/security/zeek/pkg-plist b/security/zeek/pkg-plist
index c913e47f378d..2888ca696ecb 100644
--- a/security/zeek/pkg-plist
+++ b/security/zeek/pkg-plist
@@ -1,7 +1,10 @@
-@postexec chown %%ZEEKUSER%%:%%ZEEKGROUP%% %D/logs
-%%ZEEKCTL%%@postexec chown %%ZEEKUSER%%:%%ZEEKGROUP%% %D/spool
-%%ZEEKCTL%%@postexec chown %%ZEEKUSER%%:%%ZEEKGROUP%% %D/spool/tmp
-%%ZEEKCTL%%@postexec chown -R %%ZEEKUSER%%:%%ZEEKGROUP%% %D/spool/installed-scripts-do-not-touch
+@dir(%%ZEEKUSER%%,%%ZEEKGROUP%%,) /var/log/zeek
+@dir(%%ZEEKUSER%%,%%ZEEKGROUP%%,) /var/spool/zeek
+@dir(%%ZEEKUSER%%,%%ZEEKGROUP%%,) /var/spool/zeek/tmp
+%%ZEEKCTL%%@dir(%%ZEEKUSER%%,%%ZEEKGROUP%%,) /var/spool/zeek/installed-scripts-do-not-touch
+%%ZEEKCTL%%@dir(%%ZEEKUSER%%,%%ZEEKGROUP%%,) /var/spool/zeek/installed-scripts-do-not-touch/auto
+%%ZEEKCTL%%@dir(%%ZEEKUSER%%,%%ZEEKGROUP%%,) /var/spool/zeek/installed-scripts-do-not-touch/site
+%%ZEEKCTL%%@preunexec rm -f /var/spool/zeek/state.db
bin/bifcl
bin/binpac
%%ZEEKCTL%%bin/capstats
@@ -2284,32 +2287,22 @@ share/zeek/tests
%%ZEEKCTL%%share/zeekctl/scripts/set-zeek-path
%%ZEEKCTL%%share/zeekctl/scripts/stats-to-csv
%%ZEEKCTL%%share/zeekctl/scripts/zeekctl-config.sh
-%%ZEEKCTL%%spool/zeekctl-config.sh
-%%ZEEKCTL%%@preunexec rm -f %D/logs/current
-%%ZEEKCTL%%@preunexec rm -f %D/spool/zeekctl.dat
-%%ZEEKCTL%%@preunexec rm -f %D/spool/installed-scripts-do-not-touch/auto/zeekctl-config.zeek
-%%ZEEKCTL%%@preunexec rm -f %D/spool/installed-scripts-do-not-touch/auto/local-networks.zeek
-%%ZEEKCTL%%@preunexec rm -f %D/spool/installed-scripts-do-not-touch/auto/standalone-layout.zeek
-%%ZEEKCTL%%@preunexec rm -f %D/spool/installed-scripts-do-not-touch/site/local-logger.zeek
-%%ZEEKCTL%%@preunexec rm -f %D/spool/installed-scripts-do-not-touch/site/local-manager.zeek
-%%ZEEKCTL%%@preunexec rm -f %D/spool/installed-scripts-do-not-touch/site/local-proxy.zeek
-%%ZEEKCTL%%@preunexec rm -f %D/spool/installed-scripts-do-not-touch/site/local-worker.zeek
-%%ZEEKCTL%%@preunexec rm -f %D/spool/installed-scripts-do-not-touch/site/local.zeek
-%%ZEEKCTL%%@preunexec rm -f %D/spool/installed-scripts-do-not-touch/site/local.zeek.sample
-%%ZEEKCTL%%@preunexec rm -f %D/spool/state.db
-%%ZEEKCTL%%@dir spool/tmp
-%%ZEEKCTL%%@dir spool/installed-scripts-do-not-touch/site
-%%ZEEKCTL%%@dir spool/installed-scripts-do-not-touch/auto
-%%ZEEKCTL%%@dir spool/installed-scripts-do-not-touch
-%%ZEEKCTL%%@dir spool/extract_files
-%%ZEEKCTL%%@dir spool/brokerstore
-%%ZEEKCTL%%@dir spool
+%%ZEEKCTL%%@preunexec rm -f /var/log/zeek/current
+%%ZEEKCTL%%@preunexec rm -f /var/spool/zeek/zeekctl.dat
+%%ZEEKCTL%%@preunexec rm -f /var/spool/zeek/installed-scripts-do-not-touch/auto/zeekctl-config.zeek
+%%ZEEKCTL%%@preunexec rm -f /var/spool/zeek/installed-scripts-do-not-touch/auto/local-networks.zeek
+%%ZEEKCTL%%@preunexec rm -f /var/spool/zeek/installed-scripts-do-not-touch/auto/standalone-layout.zeek
+%%ZEEKCTL%%@preunexec rm -f /var/spool/zeek/installed-scripts-do-not-touch/site/local-logger.zeek
+%%ZEEKCTL%%@preunexec rm -f /var/spool/zeek/installed-scripts-do-not-touch/site/local-manager.zeek
+%%ZEEKCTL%%@preunexec rm -f /var/spool/zeek/installed-scripts-do-not-touch/site/local-proxy.zeek
+%%ZEEKCTL%%@preunexec rm -f /var/spool/zeek/installed-scripts-do-not-touch/site/local-worker.zeek
+%%ZEEKCTL%%@preunexec rm -f /var/spool/zeek/installed-scripts-do-not-touch/site/local.zeek
+%%ZEEKCTL%%@preunexec rm -f /var/spool/zeek/installed-scripts-do-not-touch/site/local.zeek.sample
@dir share/man/man8
@dir share/man/man1
@dir share/man
-%%ZEEKCTL%%@dir logs
%%SPICY%%@dir lib/zeek/spicy
@dir lib/zeek/plugins
@dir include/zeek/analyzer/protocol/quic
@dir include/zeek/analyzer/protocol/ldap
-%%ZEEKCTL%%@postexec su -fm %%ZEEKUSER%% -c '%D/bin/zeekctl install; rm -f %D/spool/debug.log'
+%%ZEEKCTL%%@postexec su -fm %%ZEEKUSER%% -c '%D/bin/zeekctl install; rm -f /var/spool/zeek/debug.log'