Summary of Problem Reports for Category "security"

Automatically generated on 4 Dec 2024 17:00:00 GMT

Severity
Prioritycriticalseriousnon-critical
high 3 
medium 64
low  5

Security bugs sorted by Priority, and Severity.


[NetBSD home] [Summary index] [Search PRs] [Send a PR]


Priority: high

Severity: serious

security/41942
[open sw-bug] telnetd(8) allows direct root login on tty marked as insecure
security/51115
[open change-request] release sum file signatures should be in release dirs
security/55659
[open sw-bug] ssh-keygen may generate predictable keys

Priority: medium

Severity: serious

security/38276
[open sw-bug] openpam treats sufficient as optional in "prelim" phase making pam_ldap fail
security/43160
[open sw-bug] nss_ldap
security/50026
[open sw-bug] buffer overflow ipfilter
security/55764
[open sw-bug] per_user_tmp=YES not really usable
security/57449
[open sw-bug] Approximately a bajillion buffer overruns in netpgpverify
security/58738
[needs-pullups sw-bug] libarchive probably needs security update to 3.7.5

Severity: non-critical

security/40576
[open sw-bug] veriexecgen sets no explicit access mode for some files and the default behaviour of veriexec in face of this cause errors
security/42119
[open change-request] ippool startup script missing
security/47630
[open sw-bug] ssh_host_ecdsa_key is not in /etc/mtree/special
security/56204
[open sw-bug] net80211: reject mixed plaintext/encrypted fragments

Priority: low

Severity: non-critical

security/6594
[open sw-bug] the default "nobody" credentials (32767:9999) do not match mountd's default (-2:-2)
security/11146
[analyzed sw-bug] built-in TCP wrapper in inetd does not protect UDP or internal services
security/23756
[open change-request] /dev/random should block on writes if the entropy pool is full
security/51177
[open sw-bug] Kerberos still supported?
security/51682
[open support] Remote un-authenticated denial of service

[NetBSD home] [Page top] [Summary index] [Search PRs] [Send a PR]