For errata on a certain release, click below:
2.0,
2.1,
2.2,
2.3,
2.4,
2.5,
2.6,
2.7,
2.8,
2.9,
3.0,
3.1,
3.2,
3.3,
3.4,
3.5,
3.6,
3.7,
3.8,
3.9,
4.0,
4.1,
4.2,
4.3,
4.4,
4.5,
4.7,
4.8,
4.9,
5.0,
5.1,
5.2,
5.3,
5.4,
5.5,
5.6,
5.7,
5.8,
5.9,
6.0,
6.1,
6.2,
6.3,
6.4,
6.5,
6.6,
6.7,
6.8,
6.9,
7.0,
7.1,
7.2,
7.3,
7.4,
7.5.
Patches for the OpenBSD base system are distributed as unified diffs.
Each patch contains usage instructions.
All the following patches are also available in one
tar.gz file
for convenience.
Patches for supported releases are also incorporated into the
-stable branch.
-
001: RELIABILITY FIX: July 29, 2009
All architectures
A vulnerability has been found in BIND's named server
(CVE-2009-0696).
An attacker could crash a server with a specially crafted dynamic update message to a
zone for which the server is master.
A source code patch exists which remedies this problem.
-
002: RELIABILITY FIX: October 05, 2009
i386 only
XMM exceptions are not correctly handled resulting in a kernel panic.
A source code patch exists which remedies this problem.
-
003: RELIABILITY FIX: October 28, 2009
All architectures
getsockopt(2) with any of IP_AUTH_LEVEL, IP_ESP_TRANS_LEVEL, IP_ESP_NETWORK_LEVEL,
IP_IPCOMP_LEVEL will crash the system.
A source code patch exists which remedies this problem.
-
004: SECURITY FIX: November 26, 2009
All architectures
The SSL/TLS protocol is subject to man-in-the-middle attacks related to
renegotiation (see CVE-2009-3555, draft-ietf-tls-renegotiation-00).
OpenSSL permitted this protocol feature by default and had no way to
disable it.
A source code patch exists which remedies this problem.
-
005: RELIABILITY FIX: January 29, 2010
All architectures
By using ptrace(2) on an ancestor process, a loop in the process tree
could be created, violating assumptions in other parts of the kernel
and resulting in infinite loops.
A source code patch exists which remedies this problem.
-
006: SECURITY FIX: March 12, 2010
All architectures
OpenSSL is susceptible to a buffer overflow due to a failure
to check for NULL returns from bn_wexpand function calls.
A source code patch exists which remedies this problem.
-
007: RELIABILITY FIX: March 12, 2010
All architectures
Due to a null pointer dereference, it would be possible to crash ftpd when
handling glob(3)'ing requests. This is non-exploitable.
A source code patch exists which remedies this problem.
-
008: RELIABILITY FIX: March 31, 2010
All architectures
When decrypting packets, the internal decryption functions were not
paranoid enough in checking for underruns, which could potentially
lead to crashes.
A source code patch exists which remedies this problem.
-
009: RELIABILITY FIX: April 4, 2010
All architectures
When updating sensors showing the state of RAID volumes
mpi(4)
allocates temporary memory and then returns it to the kernel as
device memory.
This causes kernel memory usage to be misrepresented, eventually
leading to a denial of service when a resource limit is apparently
reached.
A source code patch exists which remedies this problem.
-
010: SECURITY FIX: April 14, 2010
All architectures
In TLS connections, certain incorrectly formatted records can cause
an OpenSSL client or server to crash due to a read attempt at NULL.
A source code patch exists which remedies this problem.
-
011: RELIABILITY FIX: May 14, 2010
All architectures
Incorrectly initialized state updates can cause pfsync update storms.
A source code patch exists which remedies this problem.
-
012: RELIABILITY FIX: May 14, 2010
All architectures
Insufficient protection of the trunk interface queues may cause
LACP trunks to fail under load.
A source code patch exists which remedies this problem.