For errata on a certain release, click below:
2.0,
2.1,
2.2,
2.3,
2.4,
2.5,
2.6,
2.7,
2.8,
2.9,
3.0,
3.1,
3.2,
3.3,
3.4,
3.5,
3.6,
3.7,
3.8,
3.9,
4.0,
4.1,
4.2,
4.3,
4.4,
4.5,
4.6,
4.7,
4.8,
4.9,
5.0,
5.1,
5.2,
5.3,
5.4,
5.5,
5.6,
5.7,
5.8,
5.9,
6.0,
6.1,
6.2,
6.3,
6.4,
6.5,
6.6,
6.7,
6.8.
Patches for the OpenBSD base system are distributed as unified diffs.
Each patch is cryptographically signed with the
signify(1) tool and contains
usage instructions.
All the following patches are also available in one
tar.gz file
for convenience.
Alternatively, the syspatch(8)
utility can be used to apply binary updates on the following architectures:
amd64, i386, arm64.
Patches for supported releases are also incorporated into the
-stable branch, which is maintained for one year
after release.
-
001: RELIABILITY FIX: May 4, 2021
amd64
vmd guests can trigger excessive log messages on the host by sending
certain network packets.
A source code patch exists which remedies this problem.
-
002: SECURITY FIX: May 18, 2021
All architectures
Request length checks were missing in libX11.
A source code patch exists which remedies this problem.
-
003: SECURITY FIX: May 18, 2021
amd64
vmd guest virtio drivers could cause stack overflows by crafting
invalid virtio descriptor lengths.
A source code patch exists which remedies this problem.
-
004: SECURITY FIX: May 21, 2021
All architectures
Insufficient validation of A-MSDUs and fragmented 802.11 frames could
be abused to inject arbitrary frames.
A source code patch exists which remedies this problem.
-
005: RELIABILITY FIX: May 24, 2021
amd64
Recent Intel machines could crash or hang as global mappings were
not flushed from TLB.
A source code patch exists which remedies this problem.
-
006: RELIABILITY FIX: June 8, 2021
amd64
Recent Intel or any AMD machines could crash as the kernel did not
flush all TLBs that multi threaded processes require.
A source code patch exists which remedies this problem.
-
007: RELIABILITY FIX: June 8, 2021
amd64, i386
Disable PPGTT on Intel machines with cherryview/braswell graphics
to avoid memory corruption.
A source code patch exists which remedies this problem.
-
008: SECURITY FIX: June 9, 2021
amd64
vmd guests could cause stack overflows by crafting malicious dhcp
requests when using local interfaces.
A source code patch exists which remedies this problem.
-
009: RELIABILITY FIX: June 25, 2021
All architectures
During config reloads prefixes of the wrong address family could leak
to peers resulting in session resets.
A source code patch exists which remedies this problem.
-
010: SECURITY FIX: July 25, 2021
All architectures
relayd(8), when using the the http protocol strip filter directive or http
protocol macro expansion, processes format strings.
A source code patch exists which remedies this problem.
-
011: SECURITY FIX: July 25, 2021
mips64
On mips64, the strchr/index/strrchr/rindex functions in libc handled
signed characters incorrectly.
A source code patch exists which remedies this problem.