Sun Sep 22 2019 05:49:18 UTC
Beware of bugs in the above code; I have only proved it correct, not tried it.
Hide Search Description
40 bugs found.
ID Product Component Assignee Status Resolution Summary Changed
225451 Base System bin bugs New --- OpenSSH only looks for .k5login in user directory 2018-05-16
233478 Base System bin bugs New --- Authentication fails if password > 128 characters 2018-11-28
239974 Base System bin bugs New --- ping(8) crashes with SIGSEGV - Out-of-Bounds Write of size 1 (global-buffer-overflow) 2019-08-20
239975 Base System bin bugs New --- ping(8) crashes with SIGSEGV - Out-of-Bounds Read of size 2 (global-buffer-overflow) 2019-08-20
239271 Ports & Packages Individual Port(s) mmokhi New --- databases/mysql57-server: Update to 5.7.27 (Fixes multiple CVE) Fri 07:15
239272 Ports & Packages Individual Port(s) mmokhi New --- databases/mysql80-server: Update to 8.0.17 (Fixes multiple CVE) Fri 07:15
203914 Ports & Packages Individual Port(s) sunpoet New --- www/owncloud: DB password unhashed 2019-09-04
239981 Ports & Packages Individual Port(s) brnrd Open --- databases/mariadb104-{server,client}: Update to 10.4.7 (with 5 CVEs fixed) 2019-09-04
182518 Base System conf bugs Open --- [login.conf] Better Password Hashes 2019-02-05
186252 Base System misc bugs Open --- Cannot mount an encrypted swap file in fstab 2019-02-20
233578 Base System bin bugs Open --- Unprivileged local user can prevent other users logging in by locking utx.active 2019-05-19
238635 Ports & Packages Individual Port(s) hrs Open --- security/heimdal: Update to 7.7 (7.6 and 7.7 addresses two CVEs plus bugfixes) 2019-06-17
240505 Ports & Packages Individual Port(s) pi Open --- mail/opendmarc: fix multiple addresses in From vulnerability 2019-09-15
239717 Ports & Packages Individual Port(s) ports-bugs Open --- databases/mongodb34: Update to 3.4.22 (bugfix & security release) 2019-09-11
240126 Ports & Packages Individual Port(s) ports-bugs Open --- databases/mongodb36: Update to 3.6.14 (bugfix & security release) 2019-09-11
240132 Ports & Packages Individual Port(s) ports-bugs Open --- www/mattermost-{webapp,server}: Update to 5.15.0 Tue 20:32
234965 Base System bin secteam Open --- scp client multiple vulnerabilities (openssh in base/ports affected: CVE-2018-20685 CVE-2019-6111 CVE-2019-6109,6110) 2019-08-13
222632 Base System kern bugs Open --- connect(2) not available in capability mode 2019-04-08
238319 Base System kern bugs Open --- login: Extend and add features to session (struct) 2019-06-04
238486 Base System kern bugs Open --- Possible buffer overflow bug in sc_allocate_keyboard() of sys/dev/syscons/syscons.c 2019-06-11
238638 Base System kern bugs Open --- mfi: Remove unnecessary pointer printing in mfi.c 2019-06-17
239976 Base System bin bugs Open --- Integer Overflow: ping(8) option "-s", bypass the invalid packet size check 2019-08-20
239977 Base System bin bugs Open --- Integer Overflow: ping(8) option "-G" and "-g", bypass the invalid sweepmax and sweepmin packet size check 2019-08-20
239978 Base System bin bugs Open --- Integer Overflow: ping(8) option "-h", bypass the invalid sweepincr packet size check 2019-08-20
194699 Ports & Packages Individual Port(s) ports-bugs Open --- no way to disable weak ciphers in mail/imap-uw 2018-01-11
221281 Ports & Packages Individual Port(s) ports-bugs Open --- sysutils/ezjail should verify downloaded tarballs before use 2019-02-15
230753 Ports & Packages Individual Port(s) ports-bugs Open --- comms/minicom: Change minicom's permissions for security reasons 2019-05-31
198813 Ports & Packages Individual Port(s) ports-secteam Open --- devel/psptoolchain-binutils: Multiple security vulnerabilities 2018-01-18
240322 Ports & Packages Individual Port(s) ports-secteam Open --- security/vuxml: Add August FreeBSD Security Advisories Tue 20:34
233801 Base System bin secteam Open --- FreeBSD 11.x vulnerability in OpenSSH 2019-03-12
236010 Base System misc security Open --- rand(3) is a bad RNG, but lots of software uses it. Make it a shim around arcrandom(3) 2019-05-16
239897 Ports & Packages Individual Port(s) joneum In Progress --- www/jetty9: Update to 9.4.20 2019-09-13
238787 Base System kern jtl In Progress --- IPv6 remote DoS (panic) vulnerability via m_pulldown() bug 2019-09-11
237922 Base System kern kib In Progress --- Kernel stack disclosure in function freebsd32_swapcontext of sys/arm64/arm64/freebsd32_machdep.c 2019-05-16
236570 Ports & Packages Individual Port(s) pi In Progress --- databases/percona57-{server,client} update to 5.7.26-29 (fixes several vulnerabilities) 2019-07-11
233896 Ports & Packages Individual Port(s) ports-secteam In Progress --- archivers/libmspack: Update to 0.9.1 (Fixes several security vulnerabilities) 2019-08-23
229322 Ports & Packages Individual Port(s) koobs In Progress --- net/py-urllib3: Update to 1.24.2 2019-07-23
217782 Base System kern mizhka In Progress --- sys/dev/bhnd/cores/pmu/bhnd_pmu_subr.c: PVS-Studio: Assignment to Variable without Use (CWE-563) (3) 2019-01-23
206680 Base System kern mmokhi In Progress --- kbd race attacks 2018-01-21
228054 Ports & Packages Individual Port(s) osa In Progress --- www/rubygem-passenger is missing passenger_native_support.so 2019-03-20
40 bugs found.

as