Open jsiwek opened 4 years ago
Past releases:
enum
name in a config/input file that tries to read it into a set[enum]
https://github.com/zeek/zeek/issues/1487
https://github.com/zeek/zeek/pull/1488major_subsys_version
field in pe_optional_header
event
https://github.com/zeek/zeek/pull/1401major_subsys_version
field in pe_optional_header
event
https://github.com/zeek/zeek/pull/1401[x] Incorrect ICMP Neighbor Discovery Option length calculation https://github.com/zeek/zeek/issues/1225 https://github.com/zeek/zeek/pull/1228
[x] Fix SMB2 response status parsing https://github.com/zeek/zeek/pull/1311 https://github.com/zeek/zeek/commit/0b8535b879f1028d556b415ddccded27762e47c2 https://github.com/zeek/zeek/commit/07c4662dc4552ecd4d5b237de331c7b9ab369080
[x] Fix excessive connection_status_update
events for ICMP connections
https://github.com/zeek/zeek/pull/1322
[x] Fix EDNS ECS option parsing bugs (stack-overflow / security issue) https://github.com/zeek/zeek/commit/01f1344bcbb9d40b2b2fd9c6220c72e0011a1620
[x] Incorrect ICMP Neighbor Discovery Option length calculation https://github.com/zeek/zeek/issues/1225 https://github.com/zeek/zeek/pull/1228
[x] Fix memory leak in deprecated Analyzer::ConnectionEvent() https://github.com/zeek/zeek/pull/1294
[x] Fix SMB2 response status parsing https://github.com/zeek/zeek/pull/1311 https://github.com/zeek/zeek/commit/0b8535b879f1028d556b415ddccded27762e47c2 https://github.com/zeek/zeek/commit/07c4662dc4552ecd4d5b237de331c7b9ab369080
[x] Fix excessive connection_status_update
events for ICMP connections
https://github.com/zeek/zeek/pull/1322
[x] Fix incorrect RSTOS0
conn_state
determinations
https://github.com/zeek/zeek/issues/1164
https://github.com/zeek/zeek/pull/1166
[x] Fix multipart MIME leak of sub-part found after closing-boundary https://github.com/zeek/zeek/commit/98ae204fc0623984405fc3b2ed9eab8cc50d3ac3
[x] Fix incorrect RSTOS0
conn_state
determinations
https://github.com/zeek/zeek/issues/1164
https://github.com/zeek/zeek/pull/1166
[x] Fix multipart MIME leak of sub-part found after closing-boundary https://github.com/zeek/zeek/commit/98ae204fc0623984405fc3b2ed9eab8cc50d3ac3
[x] Fix Input Framework 'change' events for 'set' destinations https://github.com/zeek/zeek/issues/1083 https://github.com/zeek/zeek/pull/1087
[x] Fix reported body-length of HTTP messages w/ sub-entities https://github.com/zeek/zeek/pull/1107
[x] Exclude installing "zeek -> ." include dir symlink https://github.com/zeek/zeek/commit/bc3df067376ea80232f57393e69c84a6e045212d
[x] Fix build for PowerPC architecture https://github.com/zeek/zeek/issues/1150 https://github.com/zeek/zeek/commit/e8efab541b49e8202c3896f9219334788e45d40e https://github.com/zeek/zeek/commit/05f7e3fa4353a30a8b105c551f5cacb4f7ff49aa
[x] Fix ftp data-channel minimization function not returning a value https://github.com/zeek/zeek/issues/1120
[x] Fix zeek -NN
not printing canonical file analyzer names
https://github.com/zeek/zeek/pull/1136
[x] Fix closing timestamp of rotated log files in supervised-cluster mode https://github.com/zeek/zeek/commit/99d9a3a48c9c2469d6bc8f58add43901ab901901
[x] Fix DHCP Client ID Option misformat for Hardware Type 0 https://github.com/zeek/zeek/pull/1003
[x] Fix/allow copying/cloning of opaque of Broker::Store
https://github.com/zeek/zeek/pull/1028
[x] Fix ConnPolling memory over-use https://github.com/zeek/zeek/pull/1035
[x] Fix compress_path not normalizing some paths correctly https://github.com/zeek/zeek/issues/1041 https://github.com/zeek/zeek/pull/1050 https://github.com/zeek/zeek/commit/38cd56a3dba076c625045c2b433b5f956ed118c9
[x] Fix integer conversion error for Tag subtypes/enums https://github.com/zeek/zeek/issues/1062 https://github.com/zeek/zeek/pull/1064
[x] Fix bro_prng()
results not staying within modulus
https://github.com/zeek/zeek/issues/1076
https://github.com/zeek/zeek/commit/0f4eb9af0265a256a567ba4203950269b4b52d28
[x] Prevent providing a 0
seed to bro_prng()
since the LCG parameters don't allow that
https://github.com/zeek/zeek/issues/1076
https://github.com/zeek/zeek/commit/887b53b7f330ad93b090d6be0c4733690a58ff89
[x] Fix DHCP Client ID Option misformat for Hardware Type 0 https://github.com/zeek/zeek/pull/1003
[x] Fix/allow copying/cloning of opaque of Broker::Store
https://github.com/zeek/zeek/pull/1028
[x] Fix ConnPolling memory over-use https://github.com/zeek/zeek/pull/1035
[x] Fix compress_path not normalizing some paths correctly https://github.com/zeek/zeek/issues/1041 https://github.com/zeek/zeek/pull/1050
[x] Fix integer conversion error for Tag subtypes/enums https://github.com/zeek/zeek/issues/1062 https://github.com/zeek/zeek/pull/1064
[x] Fix bro_prng()
results not staying within modulus
https://github.com/zeek/zeek/issues/1076
https://github.com/zeek/zeek/commit/0f4eb9af0265a256a567ba4203950269b4b52d28
[x] Prevent providing a 0
seed to bro_prng()
since the LCG parameters don't allow that
https://github.com/zeek/zeek/issues/1076
https://github.com/zeek/zeek/commit/887b53b7f330ad93b090d6be0c4733690a58ff89
[x] Fix mishandling of getrandom()
to seed RNG (caused unrandom/deterministic RNG -- opposite of what's desired/intended)
https://github.com/zeek/zeek/issues/1076
https://github.com/zeek/zeek/commit/dba764386b38a5b4ac974eb74f142c6ae107acb0
[x] Limit rate of logging MaxMind DB diagnostic messages https://github.com/zeek/zeek/pull/963
[x] Fix wrong return value type for topk_get_top()
BIF
https://github.com/zeek/zeek/pull/996
[x] Fix opaque Broker types lacking a Type after (de)serialization https://github.com/zeek/zeek/pull/984
[x] Fix lack of descriptive printing for intervals converted from double_to_interval()
https://github.com/zeek/zeek/pull/994/commits/e17487e79910fee1bb7ced30446dda0fdf4bcae4
[x] Fix some cases of known-services not being logged https://github.com/zeek/zeek/pull/965 https://github.com/zeek/zeek/commit/2f918ed9b24ae3aca2a7c36bf5b539e0a49b2f96
[x] Fix compilation on Fedora 32 (GCC 10.0.1) https://github.com/zeek/zeek/commit/695457fe44c4adfbf2edab955fee0074ef365980
[x] Fix crash when using some deprecated environment variables https://github.com/zeek/zeek/commit/1c08be1c0f89e9a8437ee230fbdbcd306485847b
[x] Fix use on CentOS 6 (Linux kernel < 3.8) https://github.com/mheily/libkqueue/commit/8707307ec5e09792782916205fb8de4f52ed24bb
[x] Limit rate of logging MaxMind DB diagnostic messages https://github.com/zeek/zeek/pull/963
[x] Fix wrong return value type for topk_get_top()
BIF
https://github.com/zeek/zeek/pull/996
[x] Fix opaque Broker types lacking a Type after (de)serialization https://github.com/zeek/zeek/pull/984
[x] Fix lack of descriptive printing for intervals converted from double_to_interval()
https://github.com/zeek/zeek/pull/994/commits/e17487e79910fee1bb7ced30446dda0fdf4bcae4
[x] Fix some cases of known-services not being logged https://github.com/zeek/zeek/pull/965 https://github.com/zeek/zeek/commit/2f918ed9b24ae3aca2a7c36bf5b539e0a49b2f96
subscriber.poll()
method in Broker Python bindings
https://github.com/zeek/broker/pull/110ssl/log-hostcerts-only.zeek
https://github.com/zeek/zeek/pull/916TypeType
values
https://github.com/zeek/zeek/pull/933misc/stats.zeek
skipping log entry on termination
https://github.com/zeek/zeek/commit/ccdaf5f111936d9c7e6c23995eab1e5f41872894bytestring_to_hexstr()
and hexstr_to_bytestring()
socks-analyzer.pac
: array_to_string()
utf16_bytestring_to_utf8_val()
smb-strings.pac
: uint8s_to_stringval()
and extract_string()
subscriber.poll()
method in Broker Python bindings
https://github.com/zeek/broker/pull/110ssl/log-hostcerts-only.zeek
https://github.com/zeek/zeek/pull/916TypeType
values
https://github.com/zeek/zeek/pull/933misc/stats.zeek
skipping log entry on termination
https://github.com/zeek/zeek/commit/ccdaf5f111936d9c7e6c23995eab1e5f41872894bytestring_to_hexstr()
and hexstr_to_bytestring()
socks-analyzer.pac
: array_to_string()
utf16_bytestring_to_utf8_val()
smb-strings.pac
: uint8s_to_stringval()
and extract_string()
network_time
before first events after zeek_init
get dispatched
https://github.com/zeek/zeek/commit/1b190906c7c2e26dad058176ac969f513e5e391fThis release is the same as v3.0.4, but additionally fixes compilation on various platforms with older compiler, e.g. GCC 4.8.x (see patch at 3ad1976)
redef
https://github.com/zeek/zeek/pull/860X509Common.h
header include for external plugins
https://github.com/zeek/zeek/commit/c83567246ee9d86ca695787821172e3ebe00884aredef
https://github.com/zeek/zeek/pull/860X509Common.h
header include for external plugins
https://github.com/zeek/zeek/commit/c83567246ee9d86ca695787821172e3ebe00884abro
symlink in binary packaging mode
b324fecc0d247830189ef895dae77531af6bc9ddbro
symlink in binary packaging mode
b324fecc0d247830189ef895dae77531af6bc9ddsystem_env()
BIF: 273eb19ff5780d8d823631f906fb2fcf2e81b312Log::Filter
"config" field: bf05add5423cdeedddad21c07b08a3a65ce98431Reporter::get_weird_sampling_whitelist()
BIF: 3b6a2a5f4ebb04dda32f7f35fad4ed603d226a6d&priority
for Log::create_stream()
calls: 7a748526c05f473dd9a1f03db14421c88bf16cb4 via #746Dictionary::Clear()
didn't reset number of entries: 1e499b08318ec87afd9956ad518c91c6390e0c21&type_column
: 51970c256b159a2bb16eb70b3200878533bf2bf9src/script_opt/ZAM/Gen-ZAM.cc
, since not yet in a submodule)zeekctl status
with StatusCmdShowAll = 1
configured
https://github.com/zeek/zeek/pull/1734ignore_checksum_nets
not working with multiple subnets
https://github.com/zeek/zeek/pull/1778
https://github.com/zeek/zeek/commit/802dfd80c13c9c882a68dd9c41e67e8451c59031ignore_checksum_nets
not working with multiple subnets
https://github.com/zeek/zeek/pull/1778
https://github.com/zeek/zeek/commit/802dfd80c13c9c882a68dd9c41e67e8451c59031zeekctl status
with StatusCmdShowAll = 1
configured
https://github.com/zeek/zeek/pull/1734clear_table()
on a table that uses expiration attributes
https://github.com/zeek/zeek/commit/d51bd4bc4675d4d7234da0d11e31dbede5efe17cdecode_netbios_name()
and decode_netbios_name_type()
BIFs (the later also has a potential heap-buffer-overread).
https://github.com/zeek/zeek/pull/1533./configure --zeek-dist=
)
https://github.com/zeek/zeek/pull/1549set[enum]
values and any vector of enum
values from config files
https://github.com/zeek/zeek/issues/1555
https://github.com/zeek/zeek/issues/1558
https://github.com/zeek/zeek/issues/1559file_transferred
event for file data containing null-bytes
https://github.com/zeek/zeek/pull/1430n
value for SSL_Heartbeat_Many_Requests
notices where number of server heartbeats is greater than number of client heartbeats.
https://github.com/zeek/zeek/issues/1454
https://github.com/zeek/zeek/pull/1459
https://github.com/zeek/zeek/commit/c23e3ca1056c03be347da6163a8e447670ce06b1user_agent
existence check in smtp/software.zeek
(causes reporter.log
error noise, but no functional difference)
https://github.com/zeek/zeek/pull/1455
https://github.com/zeek/zeek/commit/83d5b44462722c5571b33eb6bcb0491af90cccc7enum
name in a config/input file that tries to read it into a set[enum]
https://github.com/zeek/zeek/issues/1487
https://github.com/zeek/zeek/pull/1488-DENABLE_MOBILE_IPV6
/ ./configure --enable-mobile-ipv6
https://github.com/zeek/zeek/issues/1493
https://github.com/zeek/zeek/pull/1495set[function]
, generally now used by connection
record removal hooks, and specifically breaking intel.log
of Zeek clusters
https://github.com/zeek/zeek/issues/1506
https://github.com/zeek/zeek/pull/1513copy()
/cloning vectors that have holes (indices w/ null values)
https://github.com/zeek/zeek/commit/180ab3181f7743cf57b74a2840bd1d701679647b
Found as part of https://github.com/zeek/zeek/pull/1512
A collection of bugs/backports to potentially address in upcoming patch releases (e.g. 4.0.x). They get marked done when they are confirmed/backported into a release branch (e.g.
release/4.0
).Zeek 7.0.2
Zeek 6.0.7