From be9d947df064b6572fa983345c9a9db083653ade Mon Sep 17 00:00:00 2001 From: Tim Wojtulewicz Date: Fri, 19 Jan 2024 09:00:16 -0700 Subject: [PATCH] Update CHANGES, VERSION, and NEWS for 6.0.3 --- CHANGES | 24 ++++++++++++++++++++++++ NEWS | 3 +++ VERSION | 2 +- 3 files changed, 28 insertions(+), 1 deletion(-) diff --git a/CHANGES b/CHANGES index 313a38009c..f1e2517417 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,27 @@ +6.0.3 | 2024-01-19 09:00:16 -0700 + + * GH-208: MIME: Cap nested MIME analysis depth to 100 (Arne Welzel, Corelight) + + OSS-Fuzz managed to produce a MIME multipart message construction with + thousands of nested entities (or that's what Zeek makes out of it anyhow). + Prevent such deep analysis by capping at a nesting depth of 100, + preventing unnecessary resource usage. A new weird named exceeded_mime_max_depth + is reported when this limit is reached. + + This change reduces the runtime of the OSS-Fuzz reproducer from ~45 seconds + to ~2.5 seconds. + + The test PCAP was produced from a Python script using the email package + and sending the rendered version via POST to a HTTP server. + + Closes #208 + + (cherry picked from commit 4e5849fe82c6097df5d25cd1a74d69ab4fa50f46) + + * GH-3177: Make sure Spicy symbols are available. (Benjamin Bannier, Corelight) + + (cherry picked from commit 638e8a051959c869261b46ebc56e1bce80d200b0) + 6.0.2-42 | 2024-01-18 16:25:03 -0700 * CI: Remove unused openssl30_config (Tim Wojtulewicz, Corelight) diff --git a/NEWS b/NEWS index 1fd977b226..5a6b37e038 100644 --- a/NEWS +++ b/NEWS @@ -38,6 +38,9 @@ This release fixes the following bugs: the &create_expire attribute intact. This broke the "log hosts every 24h" behavior. +- Zeek builds using the --binary-package argument and including Spicy will now + include all necessary Spicy symbols. + Zeek 6.0.2 ========== diff --git a/VERSION b/VERSION index 3250bf71e6..090ea9dad1 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -6.0.2-42 +6.0.3