This is the OpenBSD 4.5 release errata & patch list:
For OpenBSD patch branch information, please refer here.
For important packages updates, please refer here.
For errata on a certain release, click below:
2.1,
2.2,
2.3,
2.4,
2.5,
2.6,
2.7,
2.8,
2.9,
3.0,
3.1,
3.2,
3.3,
3.4,
3.5,
3.6,
3.7,
3.8,
3.9,
4.0,
4.1,
4.2,
4.3.
4.4.
You can also fetch a tar.gz file containing all the following patches.
This file is updated once a day.
The patches below are available in CVS via the
OPENBSD_4_5
patch branch.
For more detailed information on how to install patches to OpenBSD, please
consult the OpenBSD FAQ.
-
001: RELIABILITY FIX: April 8, 2009 All architectures
The OpenSSL ASN.1 handling code could be forced to perform invalid memory
accesses though the use of certain invalid strings
(CVE-2009-0590)
or under certain error conditions triggerable by invalid ASN.1 structures
(CVE-2009-0789).
These vulnerabilities could be exploited to achieve a
denial-of-service. A more detailed description of these problems is available
in the
OpenSSL security advisory, but note that the other issue described there "Incorrect Error
Checking During CMS verification" relates to code not enabled in OpenBSD.
A source code patch exists which remedies this problem.
For OpenBSD patch branch information, please refer here.
For important packages updates, please refer here.
For errata on a certain release, click below:
2.1,
2.2,
2.3,
2.4,
2.5,
2.6,
2.7,
2.8,
2.9,
3.0,
3.1,
3.2,
3.3,
3.4,
3.5,
3.6,
3.7,
3.8,
3.9,
4.0,
4.1,
4.2,
4.3.
4.4.
www@openbsd.org
$OpenBSD: errata45.html,v 1.2 2009/04/08 02:40:58 djm Exp $