From 32214ef983287cd91b223f24e957e57547d7d0b6 Mon Sep 17 00:00:00 2001
From: Christian Kreibich <christian@corelight.com>
Date: Fri, 4 Oct 2024 14:50:18 -0700
Subject: [PATCH] Update CHANGES, VERSION, and NEWS for 6.0.8 release

---
 CHANGES |  4 ++++
 NEWS    | 12 ++++++++++++
 VERSION |  2 +-
 3 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/CHANGES b/CHANGES
index 6694839aab..906247820a 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,7 @@
+6.0.8 | 2024-10-04 14:50:18 -0700
+
+  * Update CHANGES, VERSION, and NEWS for 6.0.8 release (Christian Kreibich, Corelight)
+
 6.0.7-1 | 2024-10-04 10:49:29 -0700
 
   * Merge remote-tracking branch 'security/topic/awelzel/215-pop3-mail-null-deref' (Christian Kreibich, Corelight)
diff --git a/NEWS b/NEWS
index 52f198b653..5e7b0a7306 100644
--- a/NEWS
+++ b/NEWS
@@ -3,6 +3,18 @@ This document summarizes the most important changes in the current Zeek
 release. For an exhaustive list of changes, see the ``CHANGES`` file
 (note that submodules, such as Broker, come with their own ``CHANGES``.)
 
+Zeek 6.0.8
+==========
+
+This release fixes the following security issue:
+
+- Adding to the POP3 hardening in 6.0.7, the parser now simply discards too many
+  pending commands, rather than any attempting to process them. Further, invalid
+  server responses do not result in command completion anymore.  Processing
+  out-of-order commands or finishing commands based on invalid server responses
+  could result in inconsistent analyzer state, potentially triggering null
+  pointer references for crafted traffic.
+
 Zeek 6.0.7
 ==========
 
diff --git a/VERSION b/VERSION
index d6f91a0cfd..4b786f5755 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-6.0.7-1
+6.0.8