security/zeek: Update to 8.0.9
https://github.com/zeek/zeek/releases/tag/v8.0.9
This release fixes the following potential DoS vulnerabilities:
- The NVT, Rlogin, and RSH analyzers have received fixes to avoid
unbounded state growth. Due to the fact that these packets can
be received from remote hosts, these are considered DoS risks.
- A specially crafted WebSocket payload can cause the Spicy WebSocket
analyzer to use excessive memory when processing close, ping,
and pong frames. Due to the fact that these packets can be
received from remote hosts, these are considered a DoS risk.
- A specially crafted series of Finger packets can cause the Spicy
Finger analyzer to use excessive amounts of memory and potentially
crash Zeek. Due to the fact that these packets can be received
from remote hosts, this is considered a DoS risk.
[100 lines not shown]
security/vuxml: Mark security/zeek < 8.0.9 as vulnerable as per:
https://github.com/zeek/zeek/releases/tag/v8.0.9
This release fixes the following potential DoS vulnerabilities:
- The NVT, Rlogin, and RSH analyzers have received fixes to avoid
unbounded state growth. Due to the fact that these packets can
be received from remote hosts, these are considered DoS risks.
- A specially crafted WebSocket payload can cause the Spicy WebSocket
analyzer to use excessive memory when processing close, ping,
and pong frames. Due to the fact that these packets can be
received from remote hosts, these are considered a DoS risk.
- A specially crafted series of Finger packets can cause the Spicy
Finger analyzer to use excessive amounts of memory and potentially
crash Zeek. Due to the fact that these packets can be received
from remote hosts, this is considered a DoS risk.
[52 lines not shown]