Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Security issues that affect the FreeBSD operating system or applications in the FreeBSD Ports Collection are documented using the Vulnerabilities and Exposures Markup Language (VuXML). The current VuXML document that serves as the source for the content of this site can be found:

Please report security issues to the FreeBSD Security Team at . Full contact details, including information handling policies and PGP key, can be found on the FreeBSD Security page.


Entered Topic
2020-09-03 gnupg -- AEAD key import overflow
2019-07-09 GnuPG -- denial of service
2018-06-08 gnupg -- unsanitized output (CVE-2018-12020)
2014-06-23 gnupg -- possible DoS using garbled compressed data packets
2013-12-18 gnupg -- RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis attack
2013-10-05 gnupg -- possible infinite recursion in the compressed packet parser
2013-07-25 gnupg -- side channel attack on RSA secret keys
2008-04-26 gnupg -- memory corruption vulnerability
2006-12-07 gnupg -- remotely controllable function pointer
2006-11-27 gnupg -- buffer overflow
2006-08-02 gnupg -- 2 more possible memory allocation attacks
2006-06-25 gnupg -- user id integer overflow vulnerability
2006-03-10 GnuPG does not detect injection of unsigned data
2006-02-17 gnupg -- false positive signature verification
2005-07-31 gnupg -- OpenPGP symmetric encryption vulnerability
2003-12-12 ElGamal sign+encrypt keys created by GnuPG can be compromised