Summary of Problem Reports for Category "security"
Automatically generated on 15 Dec 2025 17:00:00 GMT
Security bugs sorted by Priority, and Severity.
![[NetBSD home]](/images/NetBSD-flag.png)
[Summary index] [Search PRs] [Send a PR]
- security/41942
- [open sw-bug] telnetd(8) allows direct root login on tty marked as insecure
- security/51115
- [open change-request] release sum file signatures should be in release dirs
- security/55659
- [open sw-bug] ssh-keygen may generate predictable keys
- security/59649
- [open support] Shim telnet to brut-force login
- security/38276
- [open sw-bug] openpam treats sufficient as optional in "prelim" phase making pam_ldap fail
- security/43160
- [open sw-bug] nss_ldap
- security/50026
- [open sw-bug] buffer overflow ipfilter
- security/55764
- [open sw-bug] per_user_tmp=YES not really usable
- security/57449
- [open sw-bug] Approximately a bajillion buffer overruns in netpgpverify
- security/58738
- [needs-pullups sw-bug] libarchive probably needs security update to 3.7.5
- security/58995
- [open sw-bug] pam-u2f CVE-2025-23013
- security/59744
- [open sw-bug] Public AXFR Zone Transfer Issue
- security/40576
- [open sw-bug] veriexecgen sets no explicit access mode for some files and the default behaviour of veriexec in face of this cause errors
- security/42119
- [open change-request] ippool startup script missing
- security/47630
- [open sw-bug] ssh_host_ecdsa_key is not in /etc/mtree/special
- security/56204
- [open sw-bug] net80211: reject mixed plaintext/encrypted fragments
- security/59115
- [open change-request] x86 can (and should) set securelevel=1 by default
- security/59709
- [open sw-bug] inconsistent entropy $random_file locations settings
- security/59403
- [open support] ping flood without privilege
- security/6594
- [open sw-bug] the default "nobody" credentials (32767:9999) do not match mountd's default (-2:-2)
- security/11146
- [analyzed sw-bug] built-in TCP wrapper in inetd does not protect UDP or internal services
- security/23756
- [open change-request] /dev/random should block on writes if the entropy pool is full
- security/51177
- [open sw-bug] Kerberos still supported?
- security/51682
- [open support] Remote un-authenticated denial of service
[Page top] [Summary index] [Search PRs] [Send a PR]