-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
NetBSD Security Advisory 2024-001
=
Topic: Inadequate validation of user-supplied hostname in utmp_update(8)
Version:NetBSD-current: affected prior to 2023-09-30
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
NetBSD Security Advisory 2024-002
=
Topic: OpenSSH CVE-2024-6387 `regreSSHion'
Version:NetBSD-current: affected prior to 2024-07-02
NetBSD
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2013-005
=
Topic: bind Denial of Service (CVE-2013-4854)
Version:NetBSD-current: source prior to July 28th, 2013
NetBSD
r finding the problem, and informing
the NetBSD Security Officer about it.
Revision History
2013-07-30 Initial release
More Information
Advisories may be updated as new information becomes available.
The most recent version of this advisory (PGP s
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2013-007
=
Topic: Protocol handling issues in X Window System client libraries
Version:NetBSD-current: source prior to Jun 6th, 2013
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2013-008
=
Topic: Error in authorization check re tcpdrop sysctl
Version:NetBSD-current: affected prior to Aug 2nd, 2013
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2013-009
=
Topic: user settable small BPF buffer can cause a panic
Version:NetBSD-current: source prior to Sept 10th, 2013
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2013-010
=
Topic: Use after free in Xserver handling of ImageText requests
Version:NetBSD-current: source prior to Oct 8th, 2013
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2013-011
=
Topic: embryonic TCP sockets local DoS
Version:NetBSD-current: source prior to Nov 2nd, 2013
NetBSD 6.1 - 6.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2014-001
=
Topic: Stack buffer overflow in libXfont
Version:NetBSD-current: source prior to Tue 7th, 2014
NetBSD 6.1:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2014-002
=
Topic: ntpd used as DDoS amplifier
Version:NetBSD-current: source prior to Dec 27th, 2013
NetBSD 6.1:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
NetBSD Security Advisory 2015-008
=
Topic: OpenSSL and TLS protocol vulnerabilities
Version:NetBSD-current: source prior to July 7th
NetBSD 6.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
NetBSD Security Advisory 2015-007
=
Topic: OpenSSL and SSLv3 vulnerabilities
Version:NetBSD-current: source prior to Mar 19th
NetBSD 6.1 - 6.1
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
NetBSD Security Advisory 2015-009
=
Topic: TCP LAST_ACK state memory exhaustion
Version:NetBSD-current: source prior to Mon, Jul 24th 2015
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2016-001
=
Topic: Multiple vulnerabilities in ntp daemon
Version:NetBSD-current: source prior to Fri, Oct 23 2015
NetB
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2016-002
=
Topic: BDF file parsing issues in libXfont
Version:NetBSD-current: affected prior to 20150319
NetBSD 6.1 -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2016-003
=
Topic: Privilege escalation in calendar(1)
Version:NetBSD-current: source prior to Wed, Jul 1st 2015
NetBS
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2016-004
=
Topic: Multiple vulnerabilities in the compatibility layers
Version:NetBSD current: source prior to Sat, Aug 8th 2015
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2016-005
=
Topic: bozohttpd CGI handlers potential remote code execution
Version:NetBSD-current: 20160415
NetBSD 7.0:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2017-001
=
Topic: Memory leak in the connect system call
Version:NetBSD-current: source prior to Sun, Oct 31st 2016
Ne
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2020-001
=
Topic: Missing permissions checks for network ioctls
Version:NetBSD-current: affected
NetBSD 9.0_RC1:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2020-002
=
Topic: Specific ICMPv6 error message packet can crash the system
Version:NetBSD-current: affected untill January 23, 2020
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2020-003
=
Topic: USB network interface jumbo packets
Version:NetBSD-current: affected prior to 2020-08-28
NetBSD 9*
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2021-001
=
Topic: Predictable ID disclosures in IPv4 and IPv6
Version:NetBSD-current: affected
NetBSD 9.1:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2014-003
=
Topic: posix_spawn unbounded kernel memory allocation
Version:NetBSD-current: affected prior to 2014-02-02
`uname
-m`-heartbleedfix.tgz
ftp http://ftp.netbsd.org/pub/NetBSD/misc/heartbleed/SHA512
ftp http://ftp.netbsd.org/pub/NetBSD/misc/heartbleed/SHA512.asc
gpg --verify SHA512.asc
# check for: Good signature from "NetBSD Security Officer
"
cksum -a sha512 netbsd6-`uname -m`-heartbleedfix.tgz &
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2014-005
=
Topic: libXfont multiple vulnerabilities
Version:NetBSD-current: source prior to May 13th, 2014
NetBSD 6.1 -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2014-006
=
Topic: Multiple OpenSSL vulnerabilities
Version:NetBSD-current: June 5th, 2014
NetBSD 6.1 - 6.1.4: affec
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2014-007
=
Topic: bozohttpd basic http authentication bypass
Version:NetBSD-current: 20140708
NetBSD 6.1*:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2014-008
=
Topic: Multiple OpenSSL vulnerabilities
Version:NetBSD-current: prior to Aug 10th, 2014
NetBSD 6.1 - 6.1.4:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2014-009
=
Topic: Multiple vulnerabilities in the execve system call
Version:NetBSD-current: source prior to Fri, Feb 14th 2014
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2014-010
=
Topic: Multiple vulnerabilities in the compatibility layers
Version:NetBSD-current: source prior to Tue, Apr 15th 2014
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2014-011
=
Topic: User-controlled memory allocation in the modctl system call
Version:NetBSD-current: source prior to Thu, Jul 10th 201
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2014-008
=
Topic: Multiple OpenSSL vulnerabilities
Version:NetBSD-current: prior to Aug 10th, 2014
NetBSD 6.1 - 6.1.4:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2014-009
=
Topic: Multiple vulnerabilities in the execve system call
Version:NetBSD-current: source prior to Fri, Feb 14th 2014
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2014-010
=
Topic: Multiple vulnerabilities in the compatibility layers
Version:NetBSD-current: source prior to Tue, Apr 15th 2014
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2014-011
=
Topic: User-controlled memory allocation in the modctl system call
Version:NetBSD-current: source prior to Thu, Jul 10th 201
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2014-012
=
Topic: Memory leak in the setsockopt system call
Version:NetBSD-current: source prior to Sat, Aug 16th 2014
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2014-013
=
Topic: ftp(1) can be made to execute arbitrary commands
by a malicious webserver
Version:NetBSD-current: sou
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2014-014
=
Topic: Multiple vulnerabilities in the mount system call
Version:NetBSD-current: source prior to Sun, Apr 20th 2014
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2014-015
=
Topic: OpenSSL and SSLv3 vulnerabilities
Version:NetBSD-current: source prior to Oct 18th, 2014
NetBSD 6.1 -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2015-001
=
Topic: Protocol handling issues in X Window System servers
Version:NetBSD-current: affected prior to 2014-12-22
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2015-002
=
Topic: bind Denial of Service (CVE-2014-8500)
Version:NetBSD-current: source prior to Dec 10, 2014
NetBSD 7
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2015-003
=
Topic: NTPd multiple vulnerabilities (CVE-2014-929[3-6])
Version:NetBSD-current: source prior to Dec 19, 2014
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2015-004
=
Topic: Two vulnerabilities in the compatibility layers
Version:NetBSD-current: source prior to Fri, Oct 10th 2014
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2015-005
=
Topic: buffer overflow in libevent (CVE-2014-6272)
Version:NetBSD-current: source prior to Jan 29th
NetBSD 6
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2015-006
=
Topic: OpenSSL and SSLv3 vulnerabilities
Version:NetBSD-current: source prior to Jan 14th
NetBSD 6.1 - 6.1.5
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2021-001
=
Topic: Predictable ID disclosures in IPv4 and IPv6
Version:NetBSD-current: affected
NetBSD 9.1:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2021-002
=
Topic: Incorrect permissions in kernfs
Version:NetBSD-current: affected between March 3, 2020 and July
6, 2021
-BEGIN PGP MESSAGE-
owGFWH2MVNUVZ0EqO+2oGAUsoBe1uCsz82ZXFpZRhHVYYIXF6S6ujWL1fdyZee57
7z7uvW+HwRaVaq2KFoFAY7RGU1ttajRpJZRqakljrcaP+ofEGmqwtmnV+oGipq3a
c+59b3Z2We1CwrDv3vPxO7/zO+fN9vSUlmktt8w/febRd/s+b3n2bXnqOiovGlyR
HezpzHd2ZvP5jpzcJK3N1y1rbSX6GRmkdsRdWSc9zogrGK+T5Gw6BaeW/r+fdCqd
Ws9C1y60
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
NetBSD Security Advisory 2022-002
=
Topic: Coredump credential reference count leak
Version:NetBSD-current: affected prior to 2022-09-10
Ne
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
NetBSD Security Advisory 2022-002
=
Topic: Coredump credential reference count leak
Version:NetBSD-current: affected prior to 2022-09-10
Ne
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
NetBSD Security Advisory 2022-003
=
Topic: Race condition in mail.local(8)
Version:NetBSD-current: affected prior to 2022-05-17
NetBSD 10:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
NetBSD Security Advisory 2022-004
=
Topic: procfs(5) missing permission checks
Version:NetBSD-current: affected prior to 2022-06-18
NetBSD
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
NetBSD Security Advisory 2023-001
=
Topic: Multiple buffer overflows in USB drivers
Version:NetBSD-current: affected up to 9.99.32
NetBSD 1
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
NetBSD Security Advisory 2023-002
=
Topic: Various compatibility syscall memory access issues
Version:NetBSD-current: affected before 2020-05-15
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
NetBSD Security Advisory 2023-003
=
Topic: Structure padding memory disclosures
Version:NetBSD-current: affected prior to 2021-09-09
NetBSD
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
NetBSD Security Advisory 2023-004
=
Topic: procfs environ exposure
Version:NetBSD-current: affected prior to 9.99.78
NetBSD 10.0_BETA:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
NetBSD Security Advisory 2023-005
=
Topic: su(1) bypass via pam_ksu(8)
Version:NetBSD-current: affected prior to 2023-06-20
NetBSD 10.0_BET
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
NetBSD Security Advisory 2023-006
=
Topic: KDC-spoofing in pam_krb5
Version:NetBSD-current: affected prior to 2023-06-20
NetBSD 10.0_BETA:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
NetBSD Security Advisory 2023-007
=
Topic: multiple vulnerabilities in ftpd(8)
Version:NetBSD-current: affected prior to 2023-10-01
NetBSD 10.0_BET
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2018-009
=
Topic: bozohttpd can allow access to .htpasswd
Version:NetBSD-current: prior to 2018-11-22
NetBSD 8*:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2019-001
=
Topic: Several kernel memory disclosure bugs
Version:NetBSD-current: source prior to Thu, Jan 31st 2019
Ne
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2019-002
=
Topic: Unprivileged kernel memory overwrite in mq_send(3)
Version:NetBSD-current: affected prior to April 16, 2019
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2019-003
=
Topic: Unprivileged user kernel stack disclosure in SIOCGIFCONF
Version:NetBSD-current: affected prior to April 15, 2019
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2019-004
=
Topic: IPv6 neighbor cache leak on expiration
Version:NetBSD-current: affected up to 8.99.51
NetBSD 8.1:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2019-005
=
Topic: Sysctl RNG Key Erasure
Version:NetBSD-current: affected prior to 2019-11-25
NetBSD 8*:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2019-006
=
Topic: Denial of service and possible privilege escallation in filemon
Version:NetBSD-current: affected up to 9.99.17
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2017-002
=
Topic: Several vulnerabilities in ARP
Version:NetBSD-current: source prior to Tue, Jan 24th 2017
NetBSD 7.0
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2017-00X
=
Topic: Xen-amd64: weak privilege separation
Version:NetBSD-current: source prior to Sun, Mar 5th 2017
NetB
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2017-004
=
Topic: buffer overflow via cmap for 4 graphics drivers
Version:NetBSD-current: source prior to June 13th
Ne
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2017-005
=
Topic: x86: vulnerabilities in context handling
Version:NetBSD-current: source prior to Sun, Jul 1st 2017
N
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2017-006
=
Topic: Vnode reference leak in the openat system call
Version:NetBSD-current: source prior to Sun, July 9th 2017
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2018-001
=
Topic: Several vulnerabilities in context handling
Version:NetBSD-current: source prior to Sat, Sep 2nd 2017
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2018-002
=
Topic: Local DoS in virecover
Version:NetBSD-current: source prior to Sat, November 4th 2017
NetBSD 7.0 -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2018-003
=
Topic: Remote DoS in IPsec (IPv6)
Version:NetBSD-current: source prior to Wed, Jan 24th 2018
NetBSD 7.1:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2018-004
=
Topic: Remote Memory Corruption in IPv6
Version:NetBSD-current: source prior to Tue, Jan 30th 2018
NetBSD 7
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2018-003
=
Topic: Remote DoS in IPsec (IPv6)
Version:NetBSD-current: source prior to Wed, Jan 24th 2018
NetBSD 7.1:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2018-004
=
Topic: Remote Memory Corruption in IPv6
Version:NetBSD-current: source prior to Tue, Jan 30th 2018
NetBSD 7
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2018-005
=
Topic: Privilege separation bug in Xen-amd64
Version:NetBSD-current: source prior to Sun, Dec 31st 2017
Net
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2018-006
=
Topic: Several vulnerabilities in the network stack
Version:NetBSD-current: source prior to Fri, Feb 9th 2018
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2018-007
=
Topic: Several vulnerabilities in IPsec
Version:NetBSD-current: source prior to Tue, May 1st 2018
NetBSD 7.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NetBSD Security Advisory 2018-008
=
Topic: Several vulnerabilities in NPF
Version:NetBSD-current: source prior to Thu, Mar 22nd 2018
NetBSD 7.1
83 matches
Mail list logo