https://github.com/zeek/zeek/releases/tag/v7.0.4
This release fixes the following bugs:
- The community-id-logging.zeek policy script was used to set
c$conn$community_id during new_connection() rather than
connection_state_remove(), allowing other scripts to reuse its
value early.
- The input framework will no longer get stuck and use 100% of the
CPU when encountering lines not immediately terminated by a new
line.
- The Modbus analyzer added some additional protocol checks and
should no longer over-match on traffic that's not specifically
on port 502.
- ZeekJS was updated to version v0.13.2, which brings support for
newer versions of Node.js and a fix for a segfault when running
under Alpine.
- A minor bug was fixed in the detect-sqli policy script to handle
spaces being encoded as plus signs.
Reported by: Tim Wojtulewicz
f4bc82f812