This is the OpenBSD 4.4 release errata & patch list:
For OpenBSD patch branch information, please refer here.
For important packages updates, please refer here.
For errata on a certain release, click below:
2.1,
2.2,
2.3,
2.4,
2.5,
2.6,
2.7,
2.8,
2.9,
3.0,
3.1,
3.2,
3.3,
3.4,
3.5,
3.6,
3.7,
3.8,
3.9,
4.0,
4.1,
4.2,
4.3.
You can also fetch a tar.gz file containing all the following patches.
This file is updated once a day.
The patches below are available in CVS via the
OPENBSD_4_4
patch branch.
For more detailed information on how to install patches to OpenBSD, please
consult the OpenBSD FAQ.
-
005: RELIABILITY FIX: November 7, 2008 All architectures
A software bug could cause memory allocation to cause a kernel panic
accessing an array out of its bounds, when physical memory is exhausted.
A source code patch exists which remedies this problem.
-
004: RELIABILITY FIX: November 6, 2008 All architectures
Fix
httpd(8)'s
mod_proxy module which is broken on 64-bit architectures. Due to the bug this
will result in child processes crashing when utilizing proxy rules during an
HTTP session.
A source code patch exists which remedies this problem.
-
003: RELIABILITY FIX: November 6, 2008 All architectures
Fix the IPv4 TCP/IP stack's TIME_WAIT socket recycling. Due to the bug this
can result in TCP connections between two IPs being reset instead of accepted
if being received on a socket in the TIME_WAIT state.
A source code patch exists which remedies this problem.
-
002: RELIABILITY FIX: November 2, 2008 All architectures
Due to a bug in the vr(4) driver it is possible for a system using the vr(4)
driver to panic under heavy load if the RX path runs out of mbufs.
A source code patch exists which remedies this problem.
-
001: SECURITY FIX: November 2, 2008 All architectures
The Neighbor Discovery Protocol (ndp) did not correctly verify neighbor
solicitation requests maybe allowing a nearby attacker to intercept traffic.
The attacker must have IPv6 connectivity to the same router as their target for
this vulnerability to be exploited.
CVE-2008-2476.
A source code patch exists which remedies this problem.
For OpenBSD patch branch information, please refer here.
For important packages updates, please refer here.
For errata on a certain release, click below:
2.1,
2.2,
2.3,
2.4,
2.5,
2.6,
2.7,
2.8,
2.9,
3.0,
3.1,
3.2,
3.3,
3.4,
3.5,
3.6,
3.7,
3.8,
3.9,
4.0,
4.1,
4.2,
4.3.
www@openbsd.org
$OpenBSD: errata44.html,v 1.6 2008/11/07 20:35:43 brad Exp $