For errata on a certain release, click below:
2.0,
2.1,
2.2,
2.3,
2.4,
2.5,
2.6,
2.7,
2.8,
2.9,
3.0,
3.1,
3.2,
3.3,
3.4,
3.5,
3.6,
3.7,
3.8,
3.9,
4.0,
4.1,
4.2,
4.3,
4.4,
4.5,
4.6,
4.7,
4.8,
4.9,
5.0,
5.1,
5.2,
5.3,
5.4,
5.5,
5.6,
5.7,
5.8,
5.9,
6.0,
6.1,
6.2,
6.3,
6.4,
6.5,
6.6,
6.7,
6.8,
6.9,
7.0,
7.2.
Patches for the OpenBSD base system are distributed as unified diffs.
Each patch is cryptographically signed with the
signify(1) tool and contains
usage instructions.
All the following patches are also available in one
tar.gz file
for convenience.
Alternatively, the syspatch(8)
utility can be used to apply binary updates on the following architectures:
amd64, i386, arm64.
Patches for supported releases are also incorporated into the
-stable branch, which is maintained for one year
after release.
-
001: RELIABILITY FIX: April 22, 2022
All architectures
Many wireless network drivers could not scan access points correctly.
A source code patch exists which remedies this problem.
Notice:
Some users will have installed a broken version of the
syspatch71-001_wifi.tgz file (which prevents future syspatch files
from installing), and must manually perform the following step to force
deletion of the old file, and then syspatch forward:
# sed -i /release/d /usr/sbin/syspatch && syspatch -R && syspatch
-
002: RELIABILITY FIX: May 5, 2022
All architectures
When using IPsec, the kernel could crash.
A source code patch exists which remedies this problem.
-
003: RELIABILITY FIX: May 16, 2022
All architectures
The kernel could crash due to a race in kqueue.
A source code patch exists which remedies this problem.
-
004: RELIABILITY FIX: May 16, 2022
All architectures
libcrypto would incorrectly decode certain ASN.1 objects.
A source code patch exists which remedies this problem.
-
005: SECURITY FIX: May 16, 2022
All architectures
Malicious PPPoE packets could corrupt kernel memory.
A source code patch exists which remedies this problem.
-
006: SECURITY FIX: July 24, 2022
All architectures
Input validation failures in the X server request parsing code can
lead to out of bounds memory accesses for authorized clients.
A source code patch exists which remedies this problem.
-
007: RELIABILITY FIX: July 24, 2022
All architectures
cron(8) aborted due to strange poll timevals.
A source code patch exists which remedies this problem.
-
008: RELIABILITY FIX: August 2, 2022
All architectures
bgpd(8) could fail to invalidate nexthops and incorrectly leave them in
the FIB or Adj-RIB-Out.
A source code patch exists which remedies this problem.
-
009: SECURITY FIX: August 12, 2022
All architectures
A missing length check in zlib could lead to a heap buffer overflow.
A source code patch exists which remedies this problem.
-
010: SECURITY FIX: September 23, 2022
All architectures
In libexpat fix heap use-after-free vulnerability CVE-2022-40674.
A source code patch exists which remedies this problem.
-
011: SECURITY FIX: September 26, 2022
All architectures
In smtpd(8), possible use-after-free if TLS handshake fails for
outbound connections.
A source code patch exists which remedies this problem.