diff options
author | Craig Leres <leres@FreeBSD.org> | 2024-10-05 01:33:24 +0000 |
---|---|---|
committer | Craig Leres <leres@FreeBSD.org> | 2024-10-05 01:33:24 +0000 |
commit | e97ac1d5577aa21d4eec693df5a608cb28526599 (patch) | |
tree | 9ab087c6279db5eb9f7357376f77040db97aaf10 /devel/php-dbg/(developers-only) | |
parent | 29c86bfa4cb5d8ee11b032f16f61bd092c42dcf5 (diff) | |
download | ports-main.tar.gz ports-main.zip |
https://github.com/zeek/zeek/releases/tag/v7.0.3
This release fixes the following potential DoS vulnerability:
- Adding to the POP3 hardening in 7.0.2, the parser now simply
discards too many pending commands, rather than any attempting
to process them. Further, invalid server responses do not result
in command completion anymore. Processing out-of-order commands
or finishing commands based on invalid server responses could
result in inconsistent analyzer state, potentially triggering
null pointer references for crafted traffic.
Reported by: Tim Wojtulewicz
Diffstat (limited to 'devel/php-dbg/(developers-only)')
0 files changed, 0 insertions, 0 deletions