For errata on a certain release, click below:
2.0,
2.1,
2.2,
2.3,
2.4,
2.5,
2.6,
2.7,
2.8,
2.9,
3.0,
3.1,
3.2,
3.3,
3.4,
3.5,
3.6,
3.7,
3.8,
3.9,
4.0,
4.1,
4.2,
4.3,
4.4,
4.5,
4.6,
4.7,
4.8,
4.9,
5.0,
5.1,
5.2,
5.3,
5.4,
5.5,
5.6,
5.7,
5.8,
5.9,
6.0,
6.1,
6.2,
6.3,
6.4,
6.5,
6.6,
6.7,
6.8,
6.9,
7.0,
7.1.
Patches for the OpenBSD base system are distributed as unified diffs.
Each patch is cryptographically signed with the
signify(1) tool and contains
usage instructions.
All the following patches are also available in one
tar.gz file
for convenience.
Alternatively, the syspatch(8)
utility can be used to apply binary updates on the following architectures:
amd64, i386, arm64.
Patches for supported releases are also incorporated into the
-stable branch, which is maintained for one year
after release.
-
001: SECURITY FIX: October 24, 2022
All architectures
Custom verification callbacks could cause the X.509 verifier to fail
to store errors resulting from leaf certificate verification.
A source code patch exists which remedies this problem.
-
002: RELIABILITY FIX: October 24, 2022
All architectures
Unbreak ASN.1 indefinite length encoding.
A source code patch exists which remedies this problem.
-
003: RELIABILITY FIX: October 27, 2022
All architectures
Restore operation of Apple-specific Fn-key keyboard sequences.
A source code patch exists which remedies this problem.
-
004: SECURITY FIX: November 1, 2022
All architectures
In libexpat fix heap use-after-free vulnerability CVE-2022-43680.
A source code patch exists which remedies this problem.
-
005: SECURITY FIX: November 14, 2022
All architectures
CVE-2022-44638: An integer overflow in pixman may lead to an out-of-bounds
write.
A source code patch exists which remedies this problem.
-
006: RELIABILITY FIX: November 26, 2022
amd64
Incorrect reference counting and locking caused a vmm(4) performance
regression.
A source code patch exists which remedies this problem.
-
007: SECURITY FIX: November 26, 2022
All architectures
A crafted TCP query from localhost could crash the unwind(8) daemon.
A source code patch exists which remedies this problem.
-
008: RELIABILITY FIX: November 26, 2022
All architectures
Fix a assertion crash during pfsync state update.
A source code patch exists which remedies this problem.
-
009: SECURITY FIX: December 14, 2022
All architectures
In X11 server fix local privileges elevation and and remote code
execution for ssh X forwarding sessions. This addresses CVE-2022-46340
CVE-2022-46341 CVE-2022-46342 CVE-2022-46343 CVE-2022-46344.
A source code patch exists which remedies this problem.
-
010: RELIABILITY FIX: December 14, 2022
amd64
Fix booting vmd(8) guests from ramdisk with more than 4g of memory.
A source code patch exists which remedies this problem.
-
011: RELIABILITY FIX: December 14, 2022
amd64 i386
TLB entries were not invalidated for all types of engine on
12th generation Intel graphics (Tiger Lake, Rocket Lake, Alder Lake).
A source code patch exists which remedies this problem.
-
012: RELIABILITY FIX: December 16, 2022
All architectures
Removing a domain can result in an out-of-bounds write in acme-client(8).
A source code patch exists which remedies this problem.