K 10
svn:author
V 5
leres
K 8
svn:date
V 27
2018-08-30T22:26:48.251126Z
K 7
svn:log
V 1246
MFH: r478427

Update to 2.5.5 which addresses security issues:

    - Fix array bounds checking in BinPAC: for arrays that are
      fields within a record, the bounds check was based on a pointer
      to the start of the record rather than the start of the array
      field, potentially resulting in a buffer over-read.

    - Fix SMTP command string comparisons: the number of bytes
      compared was based on the user-supplied string length and can
      lead to incorrect matches. e.g. giving a command of "X"
      incorrectly matched "X-ANONYMOUSTLS" (and an empty commands
      match anything).

    - Weird" events are now generally suppressed/sampled by default
      according to some tunable parameters.

    - Improved handling of empty lines in several text protocol
      analyzers that can cause performance issues when seen in long
      sequences.

    - Add `smtp_excessive_pending_cmds' weird which serves as a
      notification for when the "pending command" queue has reached
      an upper limit and been cleared to prevent one from attempting
      to slowly exhaust memory.

Approved by: ler (mentor, implicit)
Security: d0be41fe-2a20-4633-b057-4e8b25c41780

Approved by:	ports-secteam (miwi), ler (mentor, implicit)

END