For errata on a certain release, click below:
2.0,
2.1,
2.2,
2.3,
2.4,
2.5,
2.6,
2.7,
2.8,
2.9,
3.0,
3.1,
3.2,
3.3,
3.4,
3.5,
3.6,
3.7,
3.8,
3.9,
4.0,
4.1,
4.2,
4.3,
4.4,
4.5,
4.6,
4.7,
4.8,
4.9,
5.0,
5.1,
5.2,
5.3,
5.4,
5.6,
5.7,
5.8,
5.9,
6.0,
6.1,
6.2,
6.3,
6.4,
6.5,
6.6,
6.7,
6.8,
6.9,
7.0,
7.1.
Patches for the OpenBSD base system are distributed as unified diffs.
Each patch is cryptographically signed with the
signify(1) tool and contains
usage instructions.
All the following patches are also available in one
tar.gz file
for convenience.
Patches for supported releases are also incorporated into the
-stable branch.
-
001: RELIABILITY FIX: March 15, 2014
All architectures
Memory corruption happens during
ICMP reflection handling. ICMP reflection is disabled by default.
A source code patch exists which remedies this problem.
-
002: SECURITY FIX: April 8, 2014
All architectures
Missing bounds checking in OpenSSL's implementation of the TLS/DTLS
heartbeat extension (RFC6520) which can result in a leak of memory contents.
A source code patch exists which remedies this problem.
-
003: SECURITY FIX: April 9, 2014
All architectures
Missing hostname check for HTTPS connections in the
ftp(1)
utility.
A source code patch exists which remedies this problem.
-
004: SECURITY FIX: April 12, 2014
All architectures
A use-after-free race condition in OpenSSL's read buffer may permit an attacker
to inject data from one connection into another.
A source code patch exists which remedies this problem.
-
005: RELIABILITY FIX: May 1, 2014
All architectures
An attacker can trigger generation of an SSL alert which could cause
a null pointer dereference.
A source code patch exists which remedies this problem.
-
006: SECURITY FIX: May 24, 2014
All architectures with X server
X Font Service Protocol & Font metadata file handling issues in libXfont
- CVE-2014-0209: integer overflow of allocations in font metadata file parsing
- CVE-2014-0210: unvalidated length fields when parsing xfs protocol replies
- CVE-2014-0211: integer overflows calculating memory needs for xfs replies
Please see the advisory for more information.
A source code patch exists which remedies this problem.
-
007: SECURITY FIX: June 5, 2014
All architectures
Sendmail was not properly closing file descriptions before executing programs.
This could enable local users to interfere with an open SMTP connection.
This issue was assigned CVE-2014-3956.
A source code patch exists which remedies this problem.
-
008: SECURITY FIX: June 6, 2014
All architectures
This patch contains a number of SSL library fixes.
A source code patch exists which remedies this problem.
-
009: RELIABILITY FIX: July 30, 2014
All architectures
Packets with illegal DHCP options can lead to memory exhaustion of
dhclient(8)
and
dhcpd(8).
A source code patch exists which remedies this problem.
-
010: SECURITY FIX: August 9, 2014
All architectures
This patch contains a number of SSL library fixes.
A source code patch exists which remedies this problem.
-
011: SECURITY FIX: October 1, 2014
All architectures
nginx can reuse cached SSL sessions in unrelated contexts, allowing virtual
host confusion attacks in some configurations.
This issue was assigned CVE-2014-3616.
A source code patch exists which remedies this problem.
-
012: RELIABILITY FIX: October 20, 2014
All architectures
Two remotely triggerable memory leaks in OpenSSL can lead to a denial of
service in server applications.
A source code patch exists which remedies this problem.
-
013: RELIABILITY FIX: October 20, 2014
All architectures
Executable headers with an unaligned address will trigger a kernel panic.
A source code patch exists which remedies this problem.
-
014: RELIABILITY FIX: November 17, 2014
All architectures
A PF rule using an IPv4 address
followed by an IPv6 address and then a dynamic address, e.g. "pass
from {192.0.2.1 2001:db8::1} to (pppoe0)", will have an incorrect /32
mask applied to the dynamic address.
A source code patch exists which remedies this problem.
-
015: RELIABILITY FIX: November 17, 2014
All architectures
Querying an invalid hostname with gethostbyname(3) could cause a NULL deref.
A source code patch exists which remedies this problem.
-
016: RELIABILITY FIX: December 5, 2014
All architectures
Several bugs were fixed that allowed a crash from remote when an active pipex
session exists.
A source code patch exists which remedies this problem.
-
017: RELIABILITY FIX: December 5, 2014
All architectures
An incorrect memcpy call would result in corrupted MAC addresses when
using PPPOE.
A source code patch exists which remedies this problem.
-
018: RELIABILITY FIX: December 9, 2014
All architectures
Several bugs in virtio(4) can lead to hangs with virtio devices,
like vio(4) and vioblk(4).
A source code patch exists which remedies this problem.
-
019: SECURITY FIX: December 9, 2014
All architectures
One year after Ilja van Sprundel discovered and reported a large number
of issues in the way the X server code base handles requests from X clients,
they have been fixed.
X Advisory
A source code patch exists which remedies this problem.
-
020: SECURITY FIX: January 13, 2015
All architectures
Fix CVE-2014-6272 in libevent 1.4 event buffer handling. OpenBSD
base uses it for the programs: cu tmux ftp-proxy httpd ldapd relayd
tftp-proxy tftpd
Libevent Advisory
A source code patch exists which remedies this problem.
-
021: SECURITY FIX: March 3, 2015
All architectures
Information leak in the XkbSetGeometry request of X servers.
For more information, see the
X.org advisory.
A source code patch exists which remedies this problem.
-
022: SECURITY FIX: March 13, 2015
All architectures
Another fix for buffer overflows in malformed fonts.
A source code patch exists which remedies this problem.
-
023: SECURITY FIX: March 18, 2015
All architectures
Buffer overflows in libXfont
For more information, see the
X.org advisory.
A source code patch exists which remedies this problem.
Note that the instructions should read cd /usr/xenocara/lib/libXfont
.
-
024: SECURITY FIX: March 19, 2015
All architectures
Fix two possible crash causing defects.
CVE-2015-0286 - Apply fix from OpenSSL for ASN1_TYPE_cmp.
CVE-2015-0292 - Backport existing fix for Base64 decoding.
For more information, see the
OpenSSL advisory.
A source code patch exists which remedies this problem.
Note that instructions should read cd /usr/src/lib/libssl/crypto
.
-
025: RELIABILITY FIX: April 17, 2015
All architectures
Fix a logic error in smtpd handling of SNI.
This could allow a remote user to crash the server or provoke a disconnect of other sessions.
A source code patch exists which remedies this problem.