FreeBSD VuXML

Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Security issues that affect the FreeBSD operating system or applications in the FreeBSD Ports Collection are documented using the Vulnerabilities and Exposures Markup Language (VuXML). The current VuXML document that serves as the source for the content of this site can be found:

in the FreeBSD Ports Collection repository, path ports/security/vuxml/vuln.xml
as a local copy
as a local copy, compressed with bzip2
as a local copy, compressed with xz
as a local copy, compressed with zstandard

Please report security issues to the FreeBSD Security Team at <ports-secteam@FreeBSD.org>. Full contact details, including information handling policies and PGP key, can be found on the FreeBSD Security page.

openssh-portable

openssh-portable at FreshPorts.org

Entered	Topic
2023-07-21	OpenSSH -- remote code execution via a forwarded agent socket
2021-10-12	OpenSSH -- OpenSSH 6.2 through 8.7 failed to correctly initialise supplemental groups when executing an AuthorizedKeysCommand or AuthorizedPrincipalsCommand
2021-03-13	OpenSSH -- Double-free memory corruption in ssh-agent
2017-01-11	FreeBSD -- OpenSSH multiple vulnerabilities
2016-10-29	FreeBSD -- OpenSSH Remote Denial of Service vulnerability
2016-09-01	openssh -- sshd -- remote valid user discovery and PAM /bin/login attack
2016-03-11	openssh -- command injection when X11Forwarding is enabled
2016-01-14	openssh -- information disclosure
2015-08-21	OpenSSH -- PAM vulnerabilities
2015-08-21	OpenSSH -- PermitRootLogin may allow password connections with 'without-password'
2015-07-27	OpenSSH -- MaxAuthTries limit bypass via duplicates in KbdInteractiveDevices
2013-11-08	OpenSSH -- Memory corruption in sshd
2006-09-30	openssh -- multiple vulnerabilities