![[NetBSD Logo]](/tnf/resource/NetBSD-headerlogo.png)
New Security Advisories: NetBSD-SA2011-002 OpenSSL TLS race condition and NetBSD-SA2011-003 kernel memory exhaustion
Two new NetBSD Security Advisories have been published affecting OpenSSL and the kernel.
[Read More] [0 comments]
New Security Advisories: NetBSD-SA2010-012 OpenSSL TLS race condition and NetBSD-SA2010-013 UDP6 Option Local DoS
Two new security advisories were published:
- NetBSD-SA2010-012 OpenSSL TLS extension parsing race condition.
- NetBSD-SA2010-013 UDP6 Option Parsing local Denial of Service
You can find more information about them on the Security and NetBSD page.
[0 comments]
New Security Advisory: NetBSD-SA2010-008 sftp(1)/ftp(1)/glob(3) related resource exhaustion
A new NetBSD security advisory has been published affecting the glob library and the SSH (sftp) and FTP daemons.
[Read More] [0 comments]
New Security Advisory: NetBSD-SA2010-007 Integer overflow in libbz2 decompression code
A new NetBSD security advisory has been published affecting the bzip2(1) program, the libbz2 library and the rescue system.
[Read More] [0 comments]
New Security Advisory: NetBSD-SA2010-003 azalia(4)/hdaudio(4) negative mixer index panic
A new NetBSD security advisory has been published affecting the azalia(4) and hdaudio(4) drivers.
[Read More] [0 comments]
New package security checks
The pkgsrc tools have had, for a long time, the ability to validate the installed packages against a database of known vulnerabilities. We have encouraged administrators to add the proper commands to their crontabs to refresh the database and to run the package auditing command. But... the package tools are shipped with the system, and we ship a crontab for root... we could do better then, could we?
As of now, the /etc/daily script, which is part of the default root crontab, will refresh the vulnerabilities database. And the /etc/security script, executed by /etc/daily, will run the vulnerability and integrity checks provided by pkg_admin. The result is that you will get all the package auditing checks out of the box as soon as you start installing packages on a NetBSD system!
All of these settings are, of course, tunable through /etc/daily.conf and /etc/security.conf, and they will only run if they detect any installed packages.
[3 comments]
New Security Advisories: NetBSD-SA2010-001 (Module autoloading) and NetBSD-SA2010-002 (OpenSSL)
Two new security advisories have been released, affecting the NetBSD kernel file system module autoloader and OpenSSL.
[Read More] [0 comments]
New security advisories: NetBSD-SA2009-011 through NetBSD-SA2009-013
Three new security advisories have been released, affecting ISC dhcpd, ISC bind and the NetBSD libc SHA2 implementation.
[Read More] [0 comments]
New Security Advisory: NetBSD-SA2009-010 ISC dhclient subnet-mask flag stack overflow
One new security advisory was published:
- NetBSD-SA2009-010 ISC dhclient subnet-mask flag stack overflow
You can find more information about them on the Security and NetBSD page.
[0 comments]
New Security Advisories: NetBSD-SA2009-008 and NetBSD-2009-009 (concerning OpenSSL)
Two new security advisories were published concerning OpenSSL:
- NetBSD-SA2009-008 OpenSSL ASN1 parsing denial of service and CMS signature verification weakness
- NetBSD-SA2009-009 OpenSSL DTLS Memory Exhaustion and DSA signature verification vulnerabilities
You can find more information about them on the Security and NetBSD page.
[0 comments]
New Security Advisories: NetBSD-SA2009-005 through NetBSD-2009-007
Three new security advisories were published, covering OpenSSH, ntpd, ntpq and hack:
- NetBSD-SA2009-005 Plaintext Recovery Attack Against SSH
- NetBSD-SA2009-006 Buffer overflows in ntp
- NetBSD-SA2009-007 Buffer overflows in hack(6)
You can find more information about them on the Security and NetBSD page.
[0 comments]
New Security Advisories: NetBSD-SA2009-001 through NetBSD-2009-004
Four new security advisories were published, covering pf, tcpdump, proplib and PAM.
[Read More] [0 comments]