This release fixes the following security issues:
-
The AYIYA and GTPv1 parsing/decapsulation logic may leak memory if the inner
packet uses the same connection tuple as the outer packet while also having
another level of encapsulation within the inner packet using the same
tunneling protocol, respectively (AYIYA or GTPv1). These leaks have
potential for remote exploitation to cause Denial of Service via resource
exhaustion.Credit to OSS-Fuzz for discovery
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25256
(OSS-Fuzz opens full issue details up to the public 30 days from patch releases)
This release fixes the following bugs:
-
Exclude installing "zeek -> ." include-dir symlink
bc3df06 -
Fix ftp data-channel minimization function not returning a value
#1120 -
Fix
zeek -NN
not printing canonical file analyzer names
#1136 -
Fix closing timestamp of rotated log files in supervised-cluster mode
99d9a3a
Reminder: Zeek 3.0.x is the Long-Term Support release, receiving bug fixes until at least November 2020 while Zeek 3.2.x is the current feature release, receiving bug fixes until approximately November 2020 when the next 4.0.x LTS release series is expected to begin.