https://github.com/zeek/zeek/releases/tag/v7.0.5
This release fixes the following potential DoS vulnerability:
- Large QUIC packets can cause Zeek to overflow memory and potentially
crash. Due to the possibility of receiving these packets from
remote hosts, this is a DoS risk.
This release fixes the following bugs:
- The ZAM script optimization feature gained some fixes for some
minor memory leaks.
- The ZeekJS submodule was updated to v0.14.0. In certain environment,
ZeekJS would fail to start a debugging thread due to limited
stack size, producing spurious log messages
Reported by: Tim Wojtulewicz
Craig Leres
c9f050487d