Diffusion FreeBSD ports repository 228a04e25150

security/zeek: Update to 8.0.2
228a04e25150
Actions

Description

security/zeek: Update to 8.0.2

https://github.com/zeek/zeek/releases/tag/v8.0.2

This release fixes the following vulnerability:

The KRB analyzer can leak information about hosts in analyzed traffic via external DNS lookups.

This release fixes the following bugs:

The get_current_packet_header() BIF now populates the returned record also for fragmented IP datagrams.
The decompose_uri() script function now correctly handles URIs containing IPv6 addresses.
The QUIC parser now discards packets with the fixed_bit field set to 0, rather than continuing to parse and potentially running into analyzer violations.

While here, conform to hier(7) by moving default log and spool
directories to /var (thanks to Klemens Nanni for reporting this).
This change only affects new installs of zeek since zeekctl.cfg is
not modified.

Reported by: Tim Wojtulewicz, Klemens Nanni