For OpenBSD patch branch information, please refer here.
For errata on a certain release, click below:
2.1,
2.2,
2.3,
2.4,
2.5,
2.6,
2.7,
2.8,
2.9,
3.0,
3.1,
3.2,
3.3,
3.4,
3.5,
3.6,
3.7,
3.8,
3.9,
4.0,
4.1,
4.2,
4.3,
4.4,
4.5,
4.6,
4.7,
4.8,
4.9,
5.0,
5.1,
5.2,
5.3,
5.4,
5.5,
5.6,
5.7,
5.8,
6.0.
You can also fetch a tar.gz file containing all the following patches.
This file is updated once a day.
The patches below are available in CVS via the
OPENBSD_5_9
patch branch.
For more detailed information on how to install patches to OpenBSD, please
consult the OpenBSD FAQ.
-
001: SECURITY FIX: March 10, 2016
All architectures
Lack of credential sanitization allows injection of commands to xauth(1).
Prevent this problem immediately by not using the "X11Forwarding" feature
(which is disabled by default)
A source code patch exists which remedies this problem.
-
002: SECURITY FIX: March 16, 2016
All architectures
Insufficient checks in IPv6 socket binding and UDP IPv6 option
processing allow a local user to send UDP packets with a source
(IPv6 address + port) already reserved by another user.
A source code patch exists which remedies this problem.
-
003: RELIABILITY FIX: March 16, 2016
All architectures
Incorrect path processing in pledge_namei() could result in unexpected
program termination of pledge(2)'d programs.
A source code patch exists which remedies this problem.
-
004: RELIABILITY FIX: April 30, 2016
All architectures
A problem in m_dup_pkt() can result in kernel crashes with carp(4).
A source code patch exists which remedies this problem.
-
005: SECURITY FIX: May 3, 2016
All architectures
Fix issues in the libcrypto library.
Refer to the advisory.
- Memory corruption in the ASN.1 encoder (CVE-2016-2108)
- Padding oracle in AES-NI CBC MAC check (CVE-2016-2107)
- EVP_EncodeUpdate overflow (CVE-2016-2105)
- EVP_EncryptUpdate overflow (CVE-2016-2106)
- ASN.1 BIO excessive memory allocation (CVE-2016-2109)
A source code patch exists which remedies this problem.
-
006: RELIABILITY FIX: May 16, 2016
All architectures
Fix issues in smtpd.
- Fix logic issue in smtp state machine that can lead to invalid state and result in crash.
- Plug file pointer leak that can lead to resources exhaustion and result in crash.
A source code patch exists which remedies this problem.
-
007: SECURITY FIX: May 17, 2016
All architectures
Insufficient checks in the uvideo(4) V4L2 ioctl handling leak kernel
memory contents to a local user.
A source code patch exists which remedies this problem.
-
008: RELIABILITY FIX: May 18, 2016
All architectures
Fix issue in the bnx(4) ethernet driver that could cause data corruption.
A source code patch exists which remedies this problem.
-
009: RELIABILITY FIX: May 29, 2016
All architectures
Fix a bug in the libcrypto library when parsing certain ASN.1 elements.
A source code patch exists which remedies this problem.
-
010: SECURITY FIX: June 2, 2016
All architectures
Fix issues in the libexpat library to prevent multiple integer and
buffer overflows.
A source code patch exists which remedies this problem.
-
011: SECURITY FIX: June 6, 2016
All architectures
Correct a problem that prevents the DSA signing algorithm from running
in constant time even if the flag BN_FLG_CONSTTIME is set.
A source code patch exists which remedies this problem.
-
012: SECURITY FIX: June 27, 2016
All architectures
Correct a problem that could result in incorrect parsing/encoding of times in OCSP messages.
A source code patch exists which remedies this problem.
-
013: RELIABILITY FIX: July 14, 2016
All architectures
Splicing sockets in a loop could cause a kernel spin.
A source code patch exists which remedies this problem.
-
014: RELIABILITY FIX: July 14, 2016
All architectures
Multiple processes exiting with a fd-passing control message on a
shared socket could crash the system.
A source code patch exists which remedies this problem.
-
015: RELIABILITY FIX: July 14, 2016
All architectures
ufs_readdir failed to limit size of memory allocation, leading to panics.
A source code patch exists which remedies this problem.
-
016: SECURITY FIX: July 14, 2016
All architectures
The mmap extension __MAP_NOFAULT could overcommit resources and crash
the system.
A source code patch exists which remedies this problem.
-
017: RELIABILITY FIX: July 14, 2016
All architectures
A race occuring in the unlocked ARP input path can lead to a kernel
NULL dereference.
A source code patch exists which remedies this problem.
-
018: RELIABILITY FIX: July 14, 2016
All architectures
Tick counting overflows could cause a kernel crash.
A source code patch exists which remedies this problem.
-
019: RELIABILITY FIX: July 14, 2016
All architectures
Invalid file descriptor use with kevent(2) could lead to a kernel crash.
A source code patch exists which remedies this problem.
-
020: RELIABILITY FIX: July 14, 2016
All architectures
Unchecked parameters and integer overflows in the amap allocation routines
could cause malloc(9) to either not allocate enough memory, leading to memory
corruption, or to trigger a "malloc: allocation too large" panic.
A source code patch exists which remedies this problem.
-
021: RELIABILITY FIX: July 25, 2016
All architectures
When signaling an error to an HTTP relay client, the connection can be
terminated prematurely, leading to a crash.
A source code patch exists which remedies this problem.
-
022: RELIABILITY FIX: August 2, 2016
All architectures
A missing NULL check in sysctl code results in a crash.
A source code patch exists which remedies this problem.
-
023: RELIABILITY FIX: August 2, 2016
All architectures
Missing overflow checks in uvm may result in panics.
A source code patch exists which remedies this problem.
-
024: SECURITY FIX: August 6, 2016
All architectures
Don't look in the current working directory for perl modules to load.
See the
perl5-porters announcement for details.
A source code patch exists which remedies this problem.
-
025: RELIABILITY FIX: August 6, 2016
All architectures
Improve relayd's parsing of the Host-header by following RFC 7230
Section 5.4 more strictly.
A source code patch exists which remedies this problem.