Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
zeek/scripts
History
Arne Welzel c960d279a2 ssl: Cap number of alerts parsed from SSL record 
Limit the number of events raised from an SSL record with content_type
alert (21) to a configurable maximum number (default 10). For TLS 1.3,
the limit is set to 1 as specified in the RFC. Add a new weird cases
where the limit is exceeded.

OSS-Fuzz managed to generate a reproducer that raised ~660k ssl_plaintext
and ssl_alert events given ~810kb of input data. This change prevents this
with hopefully no negative side-effect in the real-world.
2023-10-25 09:35:10 +02:00
..
base ssl: Cap number of alerts parsed from SSL record 2023-10-25 09:35:10 +02:00
policy Fix check for emailed notices 2023-09-01 13:23:45 -04:00
site telemetry: Disable metrics centralization by default 2023-06-21 20:13:55 +02:00
spicy Spicy: Support additional documentation tags inside EVT files. 2023-09-21 10:54:02 +02:00
zeekygen zeekygen: Disable zeek_init() handlers causing error output 2023-10-11 15:18:33 +02:00
CMakeLists.txt Use the same rules as cmake submodule to reformat Zeek 2023-05-09 08:31:43 -07:00
test-all-policy.zeek telemetry: Disable metrics centralization by default 2023-06-21 20:13:55 +02:00