security/zeek: Update to 8.0.7
040af0887ed9
Actions

Description

security/zeek: Update to 8.0.7

https://github.com/zeek/zeek/releases/tag/v8.0.7

This release fixes the following potential DoS vulnerabilities:

A series of DNS messages containing long DNS compression chains can cause Zeek to spend a long time processing packets and potentially crash. Due to the fact that these packets can be received from remote hosts, this is a DoS risk.
A specially-crafted LDAP search request can cause Zeek to spend a long time processing the packet, resulting in Zeek silently dropping the LDAP analyzer for the connection. Due to the fact that these packets can be received from remote hosts, this is an evasion risk.
A specially-crafted series of ASN.1 messages in LDAP packets can cause Zeek to spend a long time processing the packets, resulting in Zeek silently dropping the LDAP analyzer for the connection. Due to the fact that these packets can be received from remote hosts, this is an evasion risk.

This release fixes the following bugs:

Support for non-Broker cluster backends was added to the cluster/experimental set of scripts.
The SQLite storage backend now uses quick_check instead of integrity_check in the default set of pragmas.
The events ssl_extension_pre_shared_key_server_hello and ssl_extension_pre_shared_key_client_hello can now be used independently.
The SSH analyzer now supports the ML-KEM family of key exchange algorithms.
A memory leak in the telemetry framework's process handling on FreeBSD was fixed.
ZeekJS was updated to v0.22.1.

Reported by: Tim Wojtulewicz