For OpenBSD patch branch information, please refer here.
For errata on a certain release, click below:
2.1,
2.2,
2.3,
2.4,
2.5,
2.6,
2.7,
2.8,
2.9,
3.0,
3.1,
3.2,
3.3,
3.4,
3.5,
3.6,
3.7,
3.8,
3.9,
4.0,
4.1,
4.2,
4.3,
4.4,
4.5,
4.6,
4.7,
4.8,
4.9,
5.0,
5.1,
5.2,
5.3,
5.4,
5.5,
5.6,
5.7,
5.8,
5.9.
You can also fetch a tar.gz file containing all the following patches.
This file is updated once a day.
The patches below are available in CVS via the
OPENBSD_6_0
patch branch.
For more detailed information on how to install patches to OpenBSD, please
consult the OpenBSD FAQ.
-
001: RELIABILITY FIX: August 2, 2016
All architectures
Missing overflow checks in uvm may result in panics.
A source code patch exists which remedies this problem.
-
002: RELIABILITY FIX: August 6, 2016
All architectures
Fixes IO::Socket::IP complaining about non-numeric version numbers.
A source code patch exists which remedies this problem.
-
003: RELIABILITY FIX: August 6, 2016
All architectures
Improve relayd's parsing of the Host-header by following RFC 7230
Section 5.4 more strictly.
A source code patch exists which remedies this problem.
-
004: RELIABILITY FIX: August 23, 2016
All architectures
A missing initialization can prevent mail headers from being altered as
intended, resulting in mail being sent to incorrect addresses.
A source code patch exists which remedies this problem.
-
005: RELIABILITY FIX: September 17, 2016
All architectures
Limit the number of wscons fonts that can be loaded into the kernel.
A source code patch exists which remedies this problem.
-
006: RELIABILITY FIX: September 17, 2016
All architectures
During parsing of the iked(8) configuration, a variable is set to 0
by mistake, disabling Pre-Shared Key authentication.
A source code patch exists which remedies this problem.
-
007: RELIABILITY FIX: September 22, 2016
All architectures
Revert change that cleans up the EVP cipher context in EVP_EncryptFinal()
and EVP_DecryptFinal(). Some software relies on the previous behaviour.
A source code patch exists which remedies this problem.
-
008: RELIABILITY FIX: September 22, 2016
All architectures
Avoid unbounded memory growth in libssl, which can be triggered by a TLS
client repeatedly renegotiating and sending OCSP Status Request TLS extensions.
A source code patch exists which remedies this problem.
-
009: SECURITY FIX: September 22, 2016
All architectures
Avoid falling back to a weak digest for (EC)DH when using SNI with libssl.
A source code patch exists which remedies this problem.
-
010: RELIABILITY FIX: October 3, 2016
All architectures
A bug in the smtp session logic can lead to a server crash.
A source code patch exists which remedies this problem.
-
011: SECURITY FIX: October 4, 2016
All architectures
Fix a number of issues in the way various X client libraries handle
server responses.
A source code patch exists which remedies this problem.