Update NEWS

rvictory · May 6, 2020 · 4f695ca · 4f695ca
1 parent b9fe1f1
commit 4f695ca
Show file tree

Hide file tree

Showing 3 changed files with 69 additions and 2 deletions.
diff --git a/CHANGES b/CHANGES
@@ -1,4 +1,22 @@
 
+3.1.3 | 2020-05-06 11:51:47 -0700
+
+  * Release 3.1.3.
+
+3.1.3-dev.14 | 2020-05-06 11:49:58 -0700
+
+  * Ensure time continues moving forward if a pcap source is suspended
+    (Tim Wojtulewicz, Corelight)
+
+  * GH-938: fix IO loop iterations sometimes skipping offline pcap sources
+    (Jon Siwek, Corelight)
+
+  * Fix potential stack overflow from Variable-Length-Array usages (Jon Siwek, Corelight)
+
+  * Fix global buffer over-read in POP3 analyzer (Justin Azoff, Corelight)
+
+  * Fix SSL scripting error leading to access of unitialized field (Jon Siwek, Corelight)
+
 3.1.3-dev.8 | 2020-04-30 10:18:59 -0700
 
   * Update Broker submodule (Jon Siwek, Corelight)

diff --git a/NEWS b/NEWS
@@ -6,7 +6,56 @@ release. For an exhaustive list of changes, see the ``CHANGES`` file
 Zeek 3.1.3
 ==========
 
-TODO: no changes/release yet
+This release fixes the following security issues:
+
+* Fix buffer over-read in Ident analyzer
+  https://github.com/zeek/zeek/pull/925
+
+  Thanks to Max Kellermann for reporting and patching.
+
+* Fix SSL scripting error leading to uninitialized field access and memory leak
+  https://github.com/zeek/zeek/commit/b749dda5205f1b01aeee03c5874acae7c543f0c5
+
+  Thanks to Justin Azoff for reporting.
+
+* Fix POP3 analyzer global buffer over-read
+  https://github.com/zeek/zeek/commit/280bf567865d8ff6353f85d8863a6bc85dd9afd1
+
+  Thanks to Justin Azoff for reporting and patching.
+
+* Fix potential stack overflows due to use of Variable-Length-Arrays
+  Parts of https://github.com/zeek/zeek/pull/912:
+    * BIFs `bytestring_to_hexstr()` and `hexstr_to_bytestring()`
+    * `socks-analyzer.pac`: `array_to_string()`
+    * SMB, NTLM, and RDP analyzers use of `utf16_bytestring_to_utf8_val()`
+    * `smb-strings.pac`: `uint8s_to_stringval()` and `extract_string()`
+
+Also fixed are the following bugs:
+
+* Fix unusable `subscriber.poll()` method in Broker Python bindings
+  https://github.com/zeek/broker/pull/110
+
+* Fix uninitialized field access in `ssl/log-hostcerts-only.zeek`
+  https://github.com/zeek/zeek/pull/916
+
+* Fix missing default function for Kerberos constant-lookup-tables
+  https://github.com/zeek/zeek/pull/918
+
+* Fix cloning of `TypeType` values
+  https://github.com/zeek/zeek/pull/933
+
+* Remove misleading error message on empty bloomfilter lookup
+  https://github.com/zeek/zeek/pull/930
+
+* Fix `misc/stats.zeek` skipping log entry on termination
+  https://github.com/zeek/zeek/commit/ccdaf5f111936d9c7e6c23995eab1e5f41872894
+
+* Offline pcap processing no longer initializes `network_time` before first
+  events after `zeek_init` get dispatched
+  https://github.com/zeek/zeek/commit/1b190906c7c2e26dad058176ac969f513e5e391f
+
+* Ensure time moves forward when suspending a pcap file IO source
+  https://github.com/zeek/zeek/pull/950
 
 Zeek 3.1.2
 ==========

diff --git a/VERSION b/VERSION
@@ -1 +1 @@
-3.1.3-dev.8
+3.1.3