For errata on a certain release, click below:
2.1,
2.2,
2.3,
2.4,
2.5,
2.6,
2.7,
2.8,
2.9,
3.0,
3.1,
3.2,
3.3,
3.4,
3.5,
3.6,
3.7,
3.8,
3.9,
4.0,
4.1,
4.2,
4.3,
4.4,
4.5,
4.6,
4.7,
4.8,
4.9,
5.0,
5.1,
5.2,
5.3,
5.4,
5.5,
5.6,
5.7,
5.8,
5.9,
6.0,
6.1,
6.2.
Patches for the OpenBSD base system are distributed as unified diffs.
Each patch is cryptographically signed with the
signify(1) tool and contains
usage instructions.
All the following patches are also available in one
tar.gz file
for convenience.
Alternatively, the syspatch(8)
utility can be used to apply binary updates on the following architectures:
amd64, i386, arm64.
Patches for supported releases are also incorporated into the
-stable branch, which is maintained for one year
after release.
-
001: SECURITY FIX: April 14, 2018
All architectures
Heap overflows exist in perl which can lead to segmentation faults,
crashes, and reading memory past the buffer.
A source code patch exists which remedies this problem.
-
002: RELIABILITY FIX: April 21, 2018
All architectures
Additional data is inadvertently removed when private keys are cleared from
TLS configuration, which can prevent OCSP from functioning correctly.
A source code patch exists which remedies this problem.
-
003: RELIABILITY FIX: April 21, 2018
All architectures
ARP replies could be sent on the wrong member of a bridge(4) interface.
A source code patch exists which remedies this problem.
-
004: SECURITY FIX: April 21, 2018
All architectures
In the gif(4) interface, use the specified protocol for IPv6, plug
a mbuf leak and avoid a use after free.
A source code patch exists which remedies this problem.
-
005: RELIABILITY FIX: April 21, 2018
All architectures
httpd can leak file descriptors when servicing range requests.
A source code patch exists which remedies this problem.