Summary of Problem Reports Assigned to "security-officer"
Automatically generated on 4 Dec 2020 08:00:00 GMT
Sorted by Category, Severity, and Priority.
[Summary index] [Search PRs] [Send a PR]
- [open high priority sw-bug] telnetd(8) allows direct root login on tty marked as insecure
- [open high priority sw-bug] early entropy does not get loaded
- [open high priority change-request] release sum file signatures should be in release dirs
- [needs-pullups high priority sw-bug] [racoon] CVE CVE-2016-10396 Patch Regression
- [open high priority sw-bug] ssh-keygen may generate predictable keys
- [open medium priority sw-bug] openpam treats sufficient as optional in "prelim" phase making pam_ldap fail
- [open medium priority sw-bug] nss_ldap
- [open medium priority sw-bug] buffer overflow ipfilter
- [needs-pullups medium priority sw-bug] openssh processes content of AuthorizedKeysCommand file instead of it's output
- [open medium priority doc-bug] Website list of security advisories by release not up to date
- [open medium priority sw-bug] per_user_tmp=YES not really usable
- [open medium priority sw-bug] veriexecgen sets no explicit access mode for some files and the default behaviour of veriexec in face of this cause errors
- [open medium priority change-request] ippool startup script missing
- [open medium priority sw-bug] ssh_host_ecdsa_key is not in /etc/mtree/special
- [open low priority sw-bug] the default "nobody" credentials (32767:9999) do not match mountd's default (-2:-2)
- [analyzed low priority sw-bug] built-in TCP wrapper in inetd does not protect UDP or internal services
- [open low priority change-request] /dev/random should block on writes if the entropy pool is full
- [open low priority sw-bug] Kerberos still supported?
- [open low priority support] Remote un-authenticated denial of service
[Page top] [Summary index] [Search PRs] [Send a PR]