FreeBSD 14

FreeBSD 14 — bzip — multiple vulnerabilities (6 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 14

FreeBSD 14 — bzip — multiple vulnerabilities (6 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: bzip2 — multiple issues Related CVEs: CVE-2005-0953 CVE-2005-1260 CVE-2008-1372 CVE-2010-0405 CVE-2016-3189 CVE-2019-12900 Upstream summary: bzip2 developers reports: CVE-2016-3189 – Fix use-after-free in bzip2recover (Jakub Martisko) CVE-2019-12900 – Detect out-of-range nSelectors […]

Read more
FreeBSD 14 — linux-f10-xorg-libs — multiple vulnerabilities (6 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 14

FreeBSD 14 — linux-f10-xorg-libs — multiple vulnerabilities (6 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: libXfont — BDF parsing issues Related CVEs: CVE-2014-0209 CVE-2014-0210 CVE-2014-0211 CVE-2015-1802 CVE-2015-1803 CVE-2015-1804 Upstream summary: Alan Coopersmith reports: Ilja van Sprundel, a security researcher with IOActive, has discovered an issue […]

Read more
FreeBSD 14 — ruby25-gems — multiple vulnerabilities (6 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 14

FreeBSD 14 — ruby25-gems — multiple vulnerabilities (6 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: RubyGems — multiple vulnerabilities Related CVEs: CVE-2019-8320 CVE-2019-8321 CVE-2019-8322 CVE-2019-8323 CVE-2019-8324 CVE-2019-8325 Upstream summary: RubyGems Security Advisories: CVE-2019-8320: Delete directory using symlink when decompressing tar CVE-2019-8321: Escape sequence injection vulnerability […]

Read more
FreeBSD 14 — softether-devel — multiple vulnerabilities (6 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 14

FreeBSD 14 — softether-devel — multiple vulnerabilities (6 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: SoftEtherVPN — multiple vulnerabilities Related CVEs: CVE-2023-22325 CVE-2023-27395 CVE-2023-27516 CVE-2023-31192 CVE-2023-32275 CVE-2023-32634 Upstream summary: Daiyuu Nobori reports: The SoftEther VPN project received a high level code review and technical assistance […]

Read more
FreeBSD 14 — bouncycastle — multiple vulnerabilities (5 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 14

FreeBSD 14 — bouncycastle — multiple vulnerabilities (5 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: bouncycastle15 — bcrypt password checking vulnerability Related CVEs: CVE-2017-13098 CVE-2018-1000180 CVE-2018-1000613 CVE-2020-15522 CVE-2020-28052 Upstream summary: The Bouncy Castle team reports: The OpenBSDBCrypt.checkPassword utility method compared incorrect data when checking the […]

Read more
FreeBSD 14 — openldap-server — multiple vulnerabilities (5 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 14

FreeBSD 14 — openldap-server — multiple vulnerabilities (5 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: openldap — denial of service vulnerability Related CVEs: CVE-2006-4600 CVE-2007-5707 CVE-2007-5708 CVE-2008-0658 CVE-2015-6908 Upstream summary: Denis Andzakovic reports: By sending a crafted packet, an attacker may cause the OpenLDAP server […]

Read more
FreeBSD 14 — WebCalendar — multiple vulnerabilities (5 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 14

FreeBSD 14 — WebCalendar — multiple vulnerabilities (5 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: WebCalendar — Persistent XSS Related CVEs: CAN-2005-2320 CVE-2005-2717 CVE-2006-2762 CVE-2007-1343 CVE-2012-0846 Upstream summary: tom reports, There is no sanitation on the input of the location variable allowing for persistent XSS. […]

Read more
FreeBSD 14 — python313t — multiple vulnerabilities (5 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 14

FreeBSD 14 — python313t — multiple vulnerabilities (5 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Python — The webbrowser.open() API allows leading dashes Related CVEs: CVE-2025-15366 CVE-2025-15367 CVE-2026-0865 CVE-2026-1299 CVE-2026-4519 Upstream summary: https://github.com/python/cpython/pull/143931 reports: The webbrowser.open() API would accept leading dashes in the URL which […]

Read more
FreeBSD 14 — ipython — multiple vulnerabilities (5 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 14

FreeBSD 14 — ipython — multiple vulnerabilities (5 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: devel/ipython — multiple vulnerabilities Related CVEs: CVE-2015-4706 CVE-2015-4707 CVE-2015-5607 CVE-2015-6938 CVE-2015-7337 Upstream summary: Matthias Bussonnier reports: Summary: Local folder name was used in HTML templates without escaping, allowing XSS in […]

Read more
FreeBSD 14 — opendmarc — multiple vulnerabilities (5 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 14

FreeBSD 14 — opendmarc — multiple vulnerabilities (5 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: OpenDMARC – Remote denial of service Related CVEs: CVE-2019-16378 CVE-2019-20790 CVE-2020-12272 CVE-2020-12460 CVE-2021-34555 Upstream summary: OpenDMARC 1.4.1 and 1.4.1.1 will dereference a NULL pointer when encountering a multi-value From: header […]

Read more
CHAT