For errata on a certain release, click below:
2.0,
2.1,
2.2,
2.3,
2.4,
2.5,
2.6,
2.7,
2.8,
2.9,
3.0,
3.1,
3.2,
3.3,
3.4,
3.5,
3.6,
3.7,
3.8,
3.9,
4.0,
4.1,
4.2,
4.3,
4.4,
4.5,
4.6,
4.7,
4.8,
4.9,
5.0,
5.1,
5.2,
5.3,
5.4,
5.5,
5.6,
5.7,
5.8,
5.9,
6.0,
6.1,
6.2,
6.3,
6.5,
6.6,
6.7,
6.8,
6.9,
7.0,
7.1,
7.2,
7.3,
7.4,
7.5.
Patches for the OpenBSD base system are distributed as unified diffs.
Each patch is cryptographically signed with the
signify(1) tool and contains
usage instructions.
All the following patches are also available in one
tar.gz file
for convenience.
Alternatively, the syspatch(8)
utility can be used to apply binary updates on the following architectures:
amd64, i386, arm64.
Patches for supported releases are also incorporated into the
-stable branch.
-
001: SECURITY FIX: October 25, 2018
All architectures
The Xorg X server incorrectly validates certain options, allowing arbitrary
files to be overwritten.
As an immediate (temporary) workaround, the Xorg binary can be disabled
by running: chmod u-s /usr/X11R6/bin/Xorg
A source code patch exists which remedies this problem.
-
002: RELIABILITY FIX: November 2, 2018
i386, amd64, arm64
The syspatch utility incorrectly handles symbolic links.
A source code patch exists which remedies this problem.
-
003: SECURITY FIX: November 17, 2018
All architectures
The portsmash vulnerability allows exfiltration of elliptic curve keys.
A source code patch exists which remedies this problem.
-
004: RELIABILITY FIX: November 17, 2018
All architectures
A recent change to POSIX file locks could cause incorrect results
during lock acquisition.
A source code patch exists which remedies this problem.
-
005: SECURITY FIX: November 29, 2018
All architectures
Various overflows exist in perl.
A source code patch exists which remedies this problem.
-
006: RELIABILITY FIX: November 29, 2018
All architectures
UNIX domain sockets leak kernel memory with MSG_PEEK on SCM_RIGHTS, or can
attempt excessive memory allocations leading to a crash.
A source code patch exists which remedies this problem.
-
007: RELIABILITY FIX: November 29, 2018
All architectures
The mail.mda and mail.lmtp delivery agents were not reporting temporary
failures correctly, causing smtpd to bounce messages in some cases where
it should have retried them.
A source code patch exists which remedies this problem.
-
008: RELIABILITY FIX: November 29, 2018
amd64 and i386
Writing more than 4GB to a qcow2 volume corrupts the virtual disk.
A source code patch exists which remedies this problem.
-
009: RELIABILITY FIX: December 20, 2018
All architectures
While recv(2) with the MSG_WAITALL flag was receiving control
messages from a socket, the kernel could panic.
A source code patch exists which remedies this problem.
-
010: SECURITY FIX: December 22, 2018
All architectures
The setsockopt(2) system call could overflow mbuf cluster kernel
memory by 4 bytes.
A source code patch exists which remedies this problem.
-
011: SECURITY FIX: January 27, 2019
All architectures
The mincore() system call can be used to observe memory access patterns
of other processes.
A source code patch exists which remedies this problem.
-
012: RELIABILITY FIX: January 27, 2019
All architectures
Missing length checks in the NFS server and client can lead to crashes
and other errors.
A source code patch exists which remedies this problem.
-
013: SECURITY FIX: January 27, 2019
All architectures
The unveil() system call can leak memory.
A source code patch exists which remedies this problem.
-
014: SECURITY FIX: March 1, 2019
All architectures
Fragmented IPv6 packets may be erroneously passed by pf or lead to a crash.
A source code patch exists which remedies this problem.
-
015: SECURITY FIX: March 22, 2019
All architectures
A state in pf could pass ICMP packets to a destination IP address
that did not match the state.
A source code patch exists which remedies this problem.
-
016: SECURITY FIX: March 27, 2019
amd64 and i386
GDT and IDT limits were improperly restored during VMM context switches.
A source code patch exists which remedies this problem.
-
017: RELIABILITY FIX: May 3, 2019
All architectures
If a userland program sets the IPv6 checksum offset on a raw socket,
an incoming packet could crash the kernel. ospf6d is such a program.
A source code patch exists which remedies this problem.
-
018: SECURITY FIX: May 29, 2019
amd64
Intel CPUs have a cross privilege side-channel attack (MDS).
A source code patch exists which remedies this problem.
-
019: RELIABILITY FIX: July 25, 2019
All architectures
By creating long chains of TCP SACK holes, an attacker could possibly
slow down the system temporarily.
A source code patch exists which remedies this problem.
-
020: RELIABILITY FIX: August 2, 2019
All architectures
smtpd can crash on excessively large input, causing a denial of service.
A source code patch exists which remedies this problem.
-
021: SECURITY FIX: August 9, 2019
amd64
Intel CPUs have another cross privilege side-channel attack. (SWAPGS)
A source code patch exists which remedies this problem.
-
022: RELIABILITY FIX: September 2, 2019
amd64
Resume forgot to restore MSR/PAT configuration.
A source code patch exists which remedies this problem.
-
023: RELIABILITY FIX: September 2, 2019
All architectures
When processing ECN bits on incoming IPv6 fragments, the kernel
could crash. Per default pf fragment reassemble prevents the crash.
A source code patch exists which remedies this problem.
-
024: SECURITY FIX: September 14, 2019
All architectures
Libexpat 2.2.6 was affected by the heap overflow CVE-2019-15903.
A source code patch exists which remedies this problem.
-
025: RELIABILITY FIX: October 5, 2019
All architectures
Specially crafted queries may crash unwind and unbound.
A source code patch exists which remedies this problem.
-
026: SECURITY FIX: October 5, 2019
All architectures
dhcpd leaks 4 bytes of stack to the network.
A source code patch exists which remedies this problem.