Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Security issues that affect the FreeBSD operating system or applications in the FreeBSD Ports Collection are documented using the Vulnerabilities and Exposures Markup Language (VuXML). The current VuXML document that serves as the source for the content of this site can be found:

Please report security issues to the FreeBSD Security Team at . Full contact details, including information handling policies and PGP key, can be found on the FreeBSD Security page.


Entered Topic
2020-09-06 GnuTLS -- null pointer dereference
2020-06-04 GnuTLS -- flaw in TLS session ticket key construction
2020-03-31 GnuTLS -- flaw in DTLS protocol implementation
2019-04-19 GnuTLS -- double free, invalid pointer access
2017-06-08 GnuTLS -- Denial of service vulnerability
2017-01-09 GnuTLS -- Memory corruption vulnerabilities
2016-09-09 gnutls -- OCSP validation issue
2016-06-07 gnutls -- file overwrite by setuid programs
2015-08-14 gnutls -- double free in certificate DN decoding
gnutls -- MD5 downgrade in TLS signatures
2014-06-04 gnutls -- client-side memory corruption
2014-03-04 gnutls -- multiple certificate verification issues
2012-03-21 gnutls -- possible overflow/Denial of service vulnerabilities
libtasn1 -- ASN.1 length decoding vulnerability
2011-11-10 gnutls -- client session resumption vulnerability
2009-08-17 GnuTLS -- improper SSL certificate verification
GnuTLS -- multiple vulnerabilities
2008-11-16 gnutls -- X.509 certificate chain validation vulnerability
2008-08-21 gnutls -- "gnutls_handshake()" Denial of Service
2006-10-02 gnutls -- RSA Signature Forgery Vulnerability
2004-10-05 gnutls -- certificate chain verification DoS