mirror of
https://github.com/zeek/zeek.git
synced 2025-10-02 14:48:21 +00:00
Update CHANGES, VERSION, and NEWS for 6.1.1
This commit is contained in:
Tim Wojtulewicz
parent
551cc476c4
commit
37c47f1751
3 changed files with 37 additions and 1 deletions
24
CHANGES
24
CHANGES
|
|
@ -1,3 +1,27 @@
|
|||
6.1.1 | 2024-01-19 08:58:08 -0700
|
||||
|
||||
* Update CHANGES, VERSION, and NEWS for 6.1.1 (Tim Wojtulewicz)
|
||||
|
||||
* MIME: Cap nested MIME analysis depth to 100 (Arne Welzel, Corelight)
|
||||
|
||||
OSS-Fuzz managed to produce a MIME multipart message construction with
|
||||
thousands of nested entities (or that's what Zeek makes out of it anyhow).
|
||||
Prevent such deep analysis by capping at a nesting depth of 100,
|
||||
preventing unnecessary resource usage. A new weird named exceeded_mime_max_depth
|
||||
is reported when this limit is reached.
|
||||
|
||||
This change reduces the runtime of the OSS-Fuzz reproducer from ~45 seconds
|
||||
to ~2.5 seconds.
|
||||
|
||||
The test PCAP was produced from a Python script using the email package
|
||||
and sending the rendered version via POST to a HTTP server.
|
||||
|
||||
(cherry picked from commit 997c017df937ea47d999d9724e247c3d0e38e509)
|
||||
|
||||
* GH-3177: Make sure Spicy symbols are available. (Benjamin Bannier, Corelight)
|
||||
|
||||
(cherry picked from commit 638e8a051959c869261b46ebc56e1bce80d200b0)
|
||||
|
||||
6.1.0-31 | 2024-01-18 16:25:51 -0700
|
||||
|
||||
* CI: Remove unused openssl30_config (Tim Wojtulewicz, Corelight)
|
||||
|
|
|
|||
12
NEWS
12
NEWS
|
|
@ -6,6 +6,15 @@ release. For an exhaustive list of changes, see the ``CHANGES`` file
|
|||
Zeek 6.1.1
|
||||
==========
|
||||
|
||||
This release fixes the following security issues:
|
||||
|
||||
- A specially-crafted series of packets containing nested MIME entities can
|
||||
cause Zeek to spend large amounts of time parsing the entities. Due to the
|
||||
possibility of receiving these packets from remote hosts, this is a DoS
|
||||
risk.The fix included adds a new option (MIME::max_depth) to the MIME parser
|
||||
that limits the depth the parser will attempt to follow the entity nesting. If
|
||||
the limit is reached an exceeded_mime_max_depth weird is generated.
|
||||
|
||||
This release fixes the following bugs:
|
||||
|
||||
- CMake correctly passes along third-party package information when building
|
||||
|
|
@ -29,6 +38,9 @@ This release fixes the following bugs:
|
|||
the &create_expire attribute intact. This broke the "log hosts every 24h"
|
||||
behavior.
|
||||
|
||||
- Zeek builds using the --binary-package argument and including Spicy will now
|
||||
include all necessary Spicy symbols.
|
||||
|
||||
Zeek 6.1.0
|
||||
==========
|
||||
|
||||
|
|
|
|||
2
VERSION
2
VERSION
|
|
@ -1 +1 @@
|
|||
6.1.0-31
|
||||
6.1.1
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue