New Security Advisories: NetBSD-SA2011-002 OpenSSL TLS race condition and NetBSD-SA2011-003 kernel memory exhaustion


March 08, 2011 posted by Tonnerre Lombard

Two new NetBSD Security Advisories have been published affecting OpenSSL and the kernel.

[Read More] [0 comments]

 

New Security Advisories: NetBSD-SA2010-012 OpenSSL TLS race condition and NetBSD-SA2010-013 UDP6 Option Local DoS


November 29, 2010 posted by Tonnerre Lombard

Two new security advisories were published:

You can find more information about them on the Security and NetBSD page.

[0 comments]

 

New Security Advisory: NetBSD-SA2010-008 sftp(1)/ftp(1)/glob(3) related resource exhaustion


October 07, 2010 posted by Tonnerre Lombard

A new NetBSD security advisory has been published affecting the glob library and the SSH (sftp) and FTP daemons.

[Read More] [0 comments]

 

New Security Advisory: NetBSD-SA2010-007 Integer overflow in libbz2 decompression code


September 29, 2010 posted by Tonnerre Lombard

A new NetBSD security advisory has been published affecting the bzip2(1) program, the libbz2 library and the rescue system.

[Read More] [0 comments]

 

New Security Advisory: NetBSD-SA2010-003 azalia(4)/hdaudio(4) negative mixer index panic


February 05, 2010 posted by Tonnerre Lombard

A new NetBSD security advisory has been published affecting the azalia(4) and hdaudio(4) drivers.

[Read More] [0 comments]

 

New package security checks


January 19, 2010 posted by Julio Merino

The pkgsrc tools have had, for a long time, the ability to validate the installed packages against a database of known vulnerabilities. We have encouraged administrators to add the proper commands to their crontabs to refresh the database and to run the package auditing command. But... the package tools are shipped with the system, and we ship a crontab for root... we could do better then, could we?

As of now, the /etc/daily script, which is part of the default root crontab, will refresh the vulnerabilities database. And the /etc/security script, executed by /etc/daily, will run the vulnerability and integrity checks provided by pkg_admin. The result is that you will get all the package auditing checks out of the box as soon as you start installing packages on a NetBSD system!

All of these settings are, of course, tunable through /etc/daily.conf and /etc/security.conf, and they will only run if they detect any installed packages.

[3 comments]

 

New Security Advisories: NetBSD-SA2010-001 (Module autoloading) and NetBSD-SA2010-002 (OpenSSL)


January 13, 2010 posted by Tonnerre Lombard

Two new security advisories have been released, affecting the NetBSD kernel file system module autoloader and OpenSSL.

[Read More] [0 comments]

 

New security advisories: NetBSD-SA2009-011 through NetBSD-SA2009-013


July 29, 2009 posted by Tonnerre Lombard

Three new security advisories have been released, affecting ISC dhcpd, ISC bind and the NetBSD libc SHA2 implementation.

[Read More] [0 comments]

 

New Security Advisory: NetBSD-SA2009-010 ISC dhclient subnet-mask flag stack overflow


July 16, 2009 posted by Tonnerre Lombard

One new security advisory was published:

You can find more information about them on the Security and NetBSD page.

[0 comments]

 

New Security Advisories: NetBSD-SA2009-008 and NetBSD-2009-009 (concerning OpenSSL)


July 08, 2009 posted by Tonnerre Lombard

Two new security advisories were published concerning OpenSSL:

  • NetBSD-SA2009-008 OpenSSL ASN1 parsing denial of service and CMS signature verification weakness
  • NetBSD-SA2009-009 OpenSSL DTLS Memory Exhaustion and DSA signature verification vulnerabilities

You can find more information about them on the Security and NetBSD page.

[0 comments]

 

New Security Advisories: NetBSD-SA2009-005 through NetBSD-2009-007


June 30, 2009 posted by Tonnerre Lombard

Three new security advisories were published, covering OpenSSH, ntpd, ntpq and hack:

You can find more information about them on the Security and NetBSD page.

[0 comments]

 

New Security Advisories: NetBSD-SA2009-001 through NetBSD-2009-004


June 23, 2009 posted by Tonnerre Lombard

Four new security advisories were published, covering pf, tcpdump, proplib and PAM.

[Read More] [0 comments]