This is the OpenBSD 2.5 release errata & patch list:
For OpenBSD patch branch information, please refer here.
For errata on a certain release, click below:
2.1,
2.2,
2.3,
2.4,
2.6,
2.7,
2.8,
2.9,
3.0,
3.1,
3.2,
3.3,
3.4,
3.5,
3.6,
3.7,
3.8,
3.9,
4.0,
4.1,
4.2,
4.3,
4.4.
You can also fetch a tar.gz file containing all the following patches.
This file is updated once a day.
For more detailed information on how to install patches to OpenBSD, please
consult the OpenBSD FAQ.
All architectures
-
SECURITY FIX: Aug 30, 1999
In cron(8), make sure argv[] is NULL terminated in the fake popen() and
run sendmail as the user, not as root.
A source code patch exists which remedies this problem.
-
SECURITY FIX: Aug 12, 1999
The procfs and fdescfs filesystems had an overrun in their handling
of uio_offset in their readdir() routines. (These filesystems are not
enabled by default).
A source code patch exists which remedies this problem.
-
SECURITY FIX: Aug 9, 1999
Stop profiling (see profil(2)) when we execve() a new process.
A source code patch exists which remedies this problem.
-
SECURITY FIX: Aug 6, 1999
Packets that should have been handled by IPsec may be transmitted
as cleartext. PF_KEY SA expirations may leak kernel resources.
A source code patch exists which remedies this problem.
-
SECURITY FIX: Aug 5, 1999
In /etc/rc, use mktemp(1) for motd re-writing, and change the find(1)
to use -execdir.
A source code patch exists which remedies this problem.
-
SECURITY FIX: Jul 30, 1999
Do not permit regular users to chflags(2) or fchflags(2) on character or
block devices which they may currently be the owner of.
A source code patch exists which remedies this problem.
-
SECURITY FIX: Jul 27, 1999
Cause groff(1) to be invoked with the -S flag, when called by nroff(1),
to avoid various groff features which may be security issues. On the
whole, this is not really a security issue, but it was discussed on
BUGTRAQ as if it is.
A source code patch exists which remedies this problem.
-
RELIABILITY FIX: May 19, 1999
Programs using fts(3) could dump core when given a directory structure
with a very large number of entries.
A source code patch exists which remedies this problem.
-
RELIABILITY FIX: May 19, 1999
Sequence numbers could wrap with TCP_SACK and TCP_NEWRENO, resulting in
failure to retransmit correctly.
A source code patch exists which remedies this problem.
-
RELIABILITY FIX
Retransmitted TCP packets could get corrupted when flowing over an
IPSEC ESP tunnel.
A source code patch exists which remedies this problem.
-
RELIABILITY FIX
A local user can crash the system by reading a file larger than 64meg
from an ext2fs partition.
A source code patch exists which remedies this problem.
-
RELIABILITY FIX
PF_KEY socket operations leak internal kernel resources, so that a
system running an IPsec key management daemon like photurisd or isakmpd
will cause the networking subsystem to stop working after a finite amount
of time.
A source code patch exists which remedies this problem.
i386
mac68k
sparc
- No problems identified yet.
amiga
- No problems identified yet.
pmax
- No problems identified yet.
arc
- No problems identified yet.
alpha
- No problems identified yet.
hp300
- No problems identified yet.
mvme68k
- No problems identified yet.
powerpc
For OpenBSD patch branch information, please refer here.
For errata on a certain release, click below:
2.1,
2.2,
2.3,
2.4,
2.6,
2.7,
2.8,
2.9,
3.0,
3.1,
3.2,
3.3,
3.4,
3.5,
3.6,
3.7,
3.8,
3.9,
4.0,
4.1,
4.2,
4.3,
4.4.
www@openbsd.org
$OpenBSD: errata25.html,v 1.37 2008/08/23 17:36:40 deraadt Exp $