OpenBSD 5.7 errata
For OpenBSD patch branch information, please refer here.
For errata on a certain release, click below:
2.1,
2.2,
2.3,
2.4,
2.5,
2.6,
2.7,
2.8,
2.9,
3.0,
3.1,
3.2,
3.3,
3.4,
3.5,
3.6,
3.7,
3.8,
3.9,
4.0,
4.1,
4.2,
4.3,
4.4,
4.5,
4.6,
4.7,
4.8,
4.9,
5.0,
5.1,
5.2,
5.3,
5.4,
5.5,
5.6.
You can also fetch a tar.gz file containing all the following patches.
This file is updated once a day.
The patches below are available in CVS via the
OPENBSD_5_7
patch branch.
For more detailed information on how to install patches to OpenBSD, please
consult the OpenBSD FAQ.
-
001: INSTALL ISSUE: May 1, 2015
sparc64
The "miniroot" install method is broken (related to the addition of
softraid support). This method is used by the official CD 3, so it fails as well.
No patch is available for obvious reasons, so use a different install method.
-
002: SECURITY FIX: March 18, 2015
All architectures
Buffer overflows in libXfont
For more information, see the
X.org advisory.
A source code patch exists which remedies this problem.
Note that the instructions should read cd /usr/xenocara/lib/libXfont
.
-
003: SECURITY FIX: March 19, 2015
All architectures
Fix several crash causing defects from OpenSSL.
These include:
CVE-2015-0209 - Use After Free following d2i_ECPrivatekey error
CVE-2015-0286 - Segmentation fault in ASN1_TYPE_cmp
CVE-2015-0287 - ASN.1 structure reuse memory corruption
CVE-2015-0288 - X509_to_X509_REQ NULL pointer deref
CVE-2015-0289 - PKCS7 NULL pointer dereferences
Several other issues did not apply or were already fixed.
For more information, see the
OpenSSL advisory.
A source code patch exists which remedies this problem.
-
004: RELIABILITY FIX: April 17, 2015
All architectures
Fix a logic error in smtpd handling of SNI.
This could allow a remote user to crash the server or provoke a disconnect of other sessions.
A source code patch exists which remedies this problem.