Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Security issues that affect the FreeBSD operating system or applications in the FreeBSD Ports Collection are documented using the Vulnerabilities and Exposures Markup Language (VuXML). The current VuXML document that serves as the source for the content of this site can be found:

Please report security issues to the FreeBSD Security Team at . Full contact details, including information handling policies and PGP key, can be found on the FreeBSD Security page.


Entered Topic
2024-04-16 PuTTY and embedders (f.i., filezilla) -- biased RNG with NIST P521/ecdsa-sha2-nistp521 signatures permits recovering private key
2023-12-19 putty -- add protocol extension against 'Terrapin attack'
2020-06-28 PuTTY -- Release 0.74 fixes two security vulnerabilities
2019-07-20 PuTTY 0.72 -- buffer overflow in SSH-1 and integer overflow in SSH client
2019-03-17 PuTTY -- security fixes in new release
2017-03-16 PuTTY -- integer overflow permits memory overwrite by forwarded ssh-agent connections
2016-03-07 PuTTY - old-style scp downloads may allow remote code execution
2015-11-09 PuTTY -- memory corruption in terminal emulator's erase character handling
2015-03-05 PuTTY -- fails to scrub private keys from memory after use
2013-08-07 PuTTY -- Four security holes in versions before 0.63
2011-12-12 PuTTY -- Password vulnerability
2005-02-20 putty -- pscp/psftp heap corruption vulnerabilities
2004-11-04 putty -- buffer overflow vulnerability in ssh2 support