FreeBSD

FreeBSD 15 — zh-mutt-devel — security advisory — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — zh-mutt-devel — security advisory — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: mutt — Remote Buffer Overflow Vulnerability Upstream summary: SecurityFocus reports: Mutt is prone to a remote buffer-overflow vulnerability. This issue is due to the application's failure to properly bounds-check user-supplied […]

Read more
FreeBSD 12 — pkcs11-helper — security advisory — patch and remediation guide — diagnosis and fix on FreeBSD 12

FreeBSD 12 — pkcs11-helper — security advisory — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: pkcs11-helper — deserialize buffer overflow Upstream summary: Alon Bar-Lev reports: util: fix deserialize buffer overflow. thanks to Aarnav Bos. Table of contents Symptom & Impact Environment & Reproduction Root Cause […]

Read more
FreeBSD 14 — gstreamer1-rtsp-server — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 14

FreeBSD 14 — gstreamer1-rtsp-server — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: gstreamer1-rtsp-server — Potential Denial-of-Service (DoS) with specially crafted client requests Related CVEs: CVE-2024-44331 Upstream summary: Qingpeng Du reports: A series of specially crafted client requests during streaming setup (post client […]

Read more
FreeBSD 13 — lasso — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — lasso — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: lasso — signature checking failure Related CVEs: CVE-2021-28091 Upstream summary: entrouvert reports: When AuthnResponse messages are not signed (which is permitted by the specifiation), all assertion's signatures should be checked, […]

Read more
FreeBSD 13 — py36-aiohttp — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — py36-aiohttp — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: aiohttp — open redirect vulnerability Related CVEs: CVE-2021-21330 Upstream summary: Sviatoslav Sydorenko reports: Open redirect vulnerability — a maliciously crafted link to an aiohttp-based web-server could redirect the browser to […]

Read more
FreeBSD 13 — libvpx — multiple vulnerabilities (5 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — libvpx — multiple vulnerabilities (5 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: electron{22,24,25} — Heap buffer overflow in vp8 encoding in libvpx Related CVEs: CVE-2014-1578 CVE-2015-4485 CVE-2015-4486 CVE-2015-4506 CVE-2023-5217 Upstream summary: Electron developers report: This update fixes the following vulnerability: Security: backported […]

Read more
FreeBSD 14 — xmltooling — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 14

FreeBSD 14 — xmltooling — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: xmltooling — remote resource access Related CVEs: CVE-2015-2684 CVE-2018-0486 CVE-2018-0489 Upstream summary: Shibboleth consortium reports: An updated version of the XMLTooling library that is part of the OpenSAML and Shibboleth […]

Read more
FreeBSD 12 — graylog — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 12

FreeBSD 12 — graylog — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: graylog — remote code execution in log4j from user-controlled log input Related CVEs: CVE-2021-44228 CVE-2021-45046 Upstream summary: Apache Software Foundation reports: It was found that the fix to address CVE-2021-44228 […]

Read more
FreeBSD 15 — extman — security advisory — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — extman — security advisory — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: extman — password bypass vulnerability Upstream summary: Extmail team reports: Emergency update #4 fixes a serious security vulnerability. Successful exploit of this vulnerability would allow attacker to change user's password […]

Read more
FreeBSD 14 — plasma5-plasma-workspace — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 14

FreeBSD 14 — plasma5-plasma-workspace — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: plasma[56]-plasma-workspace — Unauthorized users can access session manager Related CVEs: CVE-2024-36041 Upstream summary: David Edmundson reports: KSmserver, KDE's XSMP manager, incorrectly allows connections via ICE based purely on the host, […]

Read more
CHAT