For errata on a certain release, click below:
2.0,
2.1,
2.2,
2.3,
2.4,
2.5,
2.6,
2.7,
2.8,
2.9,
3.0,
3.1,
3.2,
3.3,
3.4,
3.5,
3.6,
3.7,
3.8,
3.9,
4.0,
4.1,
4.2,
4.3,
4.4,
4.5,
4.6,
4.7,
4.8,
4.9,
5.0,
5.1,
5.2,
5.3,
5.4,
5.5,
5.6,
5.7,
5.8,
5.9,
6.0,
6.1,
6.2,
6.3,
6.4,
6.5,
6.6,
6.8,
6.9,
7.0,
7.1.
Patches for the OpenBSD base system are distributed as unified diffs.
Each patch is cryptographically signed with the
signify(1) tool and contains
usage instructions.
All the following patches are also available in one
tar.gz file
for convenience.
Alternatively, the syspatch(8)
utility can be used to apply binary updates on the following architectures:
amd64, i386, arm64.
Patches for supported releases are also incorporated into the
-stable branch, which is maintained for one year
after release.
-
001: SECURITY FIX: May 19, 2020
All architectures
An out-of-bounds index access in wscons(4) can cause a kernel crash.
A source code patch exists which remedies this problem.
-
002: RELIABILITY FIX: May 22, 2020
All architectures
rpki-client could hang because of an improper waitpid idiom for rsync
processes.
A source code patch exists which remedies this problem.
-
003: SECURITY FIX: May 22, 2020
All architectures
When attempting to download resident keys from a FIDO token that does
not require a password/PIN, ssh-keygen would crash with a NULL
dereference.
A source code patch exists which remedies this problem.
-
004: RELIABILITY FIX: May 22, 2020
All architectures
A TLS client with peer verification disabled may crash when contacting a
server that sends an empty certificate list.
A source code patch exists which remedies this problem.
-
005: SECURITY FIX: May 22, 2020
All architectures
Specially crafted queries may crash unbound and unwind.
Both can be tricked into amplifying an incoming query.
A source code patch exists which remedies this problem.
-
006: SECURITY FIX: May 25, 2020
All architectures
Incorrect use of getpeername(2) storage for outgoing IPv6 connections
corrupts stack memory. The nature of the corruption and existing
mitigations appear to make this difficult to effectively target.
A source code patch exists which remedies this problem.
-
007: SECURITY FIX: June 1, 2020
All architectures
Several problems in Perl's regular expression compiler could lead to
corruption of the intermediate language state of a compiled regular
expression.
A source code patch exists which remedies this problem.
-
008: SECURITY FIX: June 5, 2020
All architectures
Malicious HID descriptors could be misparsed.
A source code patch exists which remedies this problem.
-
009: RELIABILITY FIX: June 8, 2020
All architectures
libc's resolver could get into a corrupted state.
A source code patch exists which remedies this problem.
-
010: RELIABILITY FIX: June 11, 2020
All architectures
libcrypto may fail to build a valid certificate chain due to
expired untrusted issuer certificates.
A source code patch exists which remedies this problem.
-
011: SECURITY FIX: July 9, 2020
All architectures
shmget IPC_STAT leaked some kernel data.
A source code patch exists which remedies this problem.
-
012: RELIABILITY FIX: July 16, 2020
All architectures
tty subsystem abuse can impact performance badly.
A source code patch exists which remedies this problem.
-
013: RELIABILITY FIX: July 22, 2020
All architectures
Only pty devices need reprint delays.
A source code patch exists which remedies this problem.
-
014: SECURITY FIX: July 27, 2020
All architectures
In iked, incorrect use of EVP_PKEY_cmp allows an authentication bypass.
A source code patch exists which remedies this problem.
-
015: SECURITY FIX: July 27, 2020
All architectures
In rpki-client, incorrect use of EVP_PKEY_cmp allows an authentication bypass.
A source code patch exists which remedies this problem.
-
016: SECURITY FIX: July 31, 2020
All architectures
Malformed messages can cause heap corruption in the X Input Method
client implementation in libX11.
A source code patch exists which remedies this problem.
-
017: SECURITY FIX: July 31, 2020
All architectures
Pixmaps inside the xserver were an info leak.
A source code patch exists which remedies this problem.
-
018: RELIABILITY FIX: August 7, 2020
All architectures
The recent security errata 016 broke X11 input methods.
A source code patch exists which remedies this problem.
-
019: RELIABILITY FIX: August 11, 2020
All architectures
The TLSv1.3 client could hang, crash, leak memory or not interoperate with
some TLSv1.3 servers.
A source code patch exists which remedies this problem.
-
020: RELIABILITY FIX: August 18, 2020
All architectures
The previous errata patch 019 broke bidirectional SSL_shutdown.
A source code patch exists which remedies this problem.
-
021: SECURITY FIX: August 25, 2020
All architectures
An integer overflow in libX11 could lead to a double free.
Additionally fix a regression in ximcp.
A source code patch exists which remedies this problem.
-
022: SECURITY FIX: August 25, 2020
All architectures
Various X server extensions had deficient input validation.
A source code patch exists which remedies this problem.
-
023: SECURITY FIX: September 5, 2020
amd64, arm64
A buffer overflow was discovered in an amdgpu ioctl.
A source code patch exists which remedies this problem.
-
024: RELIABILITY FIX: October 6, 2020
All architectures
mmap can exhaust kernel memory for PROT_NONE MAP_SHARED mappings.
A source code patch exists which remedies this problem.
-
025: RELIABILITY FIX: October 29, 2020
All architectures
In bgpd, the roa-set parser could leak memory.
A source code patch exists which remedies this problem.
-
026: SECURITY FIX: October 29, 2020
All architectures
When generating the ICMP6 response to an IPv6 packet, the kernel
could use mbuf memory after freeing it.
A source code patch exists which remedies this problem.
-
027: SECURITY FIX: October 29, 2020
All architectures
tmux has a stack overflow in CSI parsing.
A source code patch exists which remedies this problem.
-
028: RELIABILITY FIX: November 10, 2020
All architectures
unwind fails to process large DNS replies.
A source code patch exists which remedies this problem.
-
029: RELIABILITY FIX: November 10, 2020
All architectures
rpki-client incorrectly checks the manifest validity interval.
A source code patch exists which remedies this problem.
-
030: SECURITY FIX: December 1, 2020
All architectures
Multiple input validation failures in the X server XKB extension can lead
to out of bounds memory accesses for authorized clients.
A source code patch exists which remedies this problem.
-
031: SECURITY FIX: December 8, 2020
All architectures
Malformed ASN.1 in a certificate revocation list or a timestamp
response token can lead to a NULL pointer dereference.
A source code patch exists which remedies this problem.
-
032: RELIABILITY FIX: December 8, 2020
All architectures
Process exit in multithreaded programs could result in the wrong exit
code being reported.
A source code patch exists which remedies this problem.
-
033: RELIABILITY FIX: December 24, 2020
All architectures
smtpd's filter state machine can prematurely release resources
leading to a crash.
A source code patch exists which remedies this problem.
-
034: RELIABILITY FIX: January 11, 2021
All architectures
When an NDP entry is invalidated the associated layer 2 address
is not invalidated.
A source code patch exists which remedies this problem.
-
035: SECURITY FIX: February 24, 2021
All architectures
A sequence of overlapping IPv4 fragments could crash the kernel in
pf due to an assertion.
A source code patch exists which remedies this problem.
-
036: SECURITY FIX: March 4, 2021
All architectures
Double free in ssh-agent(1)
A source code patch exists which remedies this problem.
-
037: SECURITY FIX: March 9, 2021
All architectures
npppd PPTP protocol handler can cause heap over-read leading to a crash.
A source code patch exists which remedies this problem.
-
038: SECURITY FIX: April 13, 2021
All architectures
Input validation failures in X server XInput extension can lead to
privileges elevations for authorized clients.
A source code patch exists which remedies this problem.