For errata on a certain release, click below:
2.1,
2.2,
2.3,
2.4,
2.5,
2.6,
2.7,
2.8,
2.9,
3.0,
3.1,
3.2,
3.3,
3.4,
3.5,
3.6,
3.7,
3.8,
3.9,
4.0,
4.1,
4.2,
4.3,
4.4,
4.5,
4.6,
4.7,
4.8,
4.9,
5.0,
5.1,
5.2,
5.3,
5.4,
5.5,
5.6,
5.7,
5.8,
5.9,
6.0,
6.1,
6.2,
6.3,
6.4,
6.5.
Patches for the OpenBSD base system are distributed as unified diffs.
Each patch is cryptographically signed with the
signify(1) tool and contains
usage instructions.
All the following patches are also available in one
tar.gz file
for convenience.
Alternatively, the syspatch(8)
utility can be used to apply binary updates on the following architectures:
amd64, i386, arm64.
Patches for supported releases are also incorporated into the
-stable branch, which is maintained for one year
after release.
-
001: RELIABILITY FIX: October 28, 2019
All architectures
bpf(4) has a race condition during device removal.
A source code patch exists which remedies this problem.
-
002: RELIABILITY FIX: October 28, 2019
All architectures
Various third party applications may crash due to symbol collision.
A source code patch exists which remedies this problem.
-
003: RELIABILITY FIX: October 31, 2019
All architectures
bgpd(8) can crash on nexthop changes or during startup in certain
configurations.
A source code patch exists which remedies this problem.
-
004: RELIABILITY FIX: November 16, 2019
All architectures
The kernel could crash due to a NULL pointer dereference in net80211.
A source code patch exists which remedies this problem.
-
005: RELIABILITY FIX: November 16, 2019
All architectures
A new kernel may require newer firmware images when using sysupgrade.
A source code patch exists which remedies this problem.
-
006: SECURITY FIX: November 16, 2019
All architectures
A regular user could change some network interface parameters due
to missing checks in the ioctl(2) system call.
A source code patch exists which remedies this problem.
-
007: SECURITY FIX: November 22, 2019
i386 and amd64
A local user could cause the system to hang by reading specific
registers when Intel Gen8/Gen9 graphics hardware is in a low power state.
A local user could perform writes to memory that should be blocked with
Intel Gen9 graphics hardware.
A source code patch exists which remedies this problem.
-
008: SECURITY FIX: November 22, 2019
All architectures
Shared memory regions used by some Mesa drivers had permissions which
allowed others to access that memory.
A source code patch exists which remedies this problem.
-
009: SECURITY FIX: December 4, 2019
All architectures
Environment-provided paths are used for dlopen() in mesa, resulting in
escalation to the auth group in xlock(1).
A source code patch exists which remedies this problem.
-
010: SECURITY FIX: December 4, 2019
All architectures
libc's authentication layer performed insufficient username validation.
A source code patch exists which remedies this problem.
-
011: SECURITY FIX: December 4, 2019
All architectures
xenodm uses the libc authentication layer incorrectly.
A source code patch exists which remedies this problem.