Summary of Problem Reports for Category "security"
Automatically generated on 28 Jan 2021 05:00:00 GMT
Security bugs sorted by Priority, and Severity.
[Summary index] [Search PRs] [Send a PR]
- [open sw-bug] telnetd(8) allows direct root login on tty marked as insecure
- [open sw-bug] early entropy does not get loaded
- [open change-request] release sum file signatures should be in release dirs
- [needs-pullups sw-bug] [racoon] CVE CVE-2016-10396 Patch Regression
- [open sw-bug] ssh-keygen may generate predictable keys
- [open sw-bug] openpam treats sufficient as optional in "prelim" phase making pam_ldap fail
- [open sw-bug] nss_ldap
- [open sw-bug] buffer overflow ipfilter
- [needs-pullups sw-bug] openssh processes content of AuthorizedKeysCommand file instead of it's output
- [open doc-bug] Website list of security advisories by release not up to date
- [open sw-bug] per_user_tmp=YES not really usable
- [open sw-bug] veriexecgen sets no explicit access mode for some files and the default behaviour of veriexec in face of this cause errors
- [open change-request] ippool startup script missing
- [open sw-bug] ssh_host_ecdsa_key is not in /etc/mtree/special
- [open sw-bug] the default "nobody" credentials (32767:9999) do not match mountd's default (-2:-2)
- [analyzed sw-bug] built-in TCP wrapper in inetd does not protect UDP or internal services
- [open change-request] /dev/random should block on writes if the entropy pool is full
- [open sw-bug] Kerberos still supported?
- [open support] Remote un-authenticated denial of service
[Page top] [Summary index] [Search PRs] [Send a PR]