For errata on a certain release, click below:
2.0,
2.1,
2.2,
2.3,
2.4,
2.5,
2.6,
2.7,
2.8,
2.9,
3.0,
3.1,
3.2,
3.3,
3.4,
3.5,
3.6,
3.7,
3.8,
3.9,
4.0,
4.1,
4.2,
4.3,
4.4,
4.5,
4.6,
4.7,
4.8,
4.9,
5.0,
5.1,
5.2,
5.3,
5.4,
5.5,
5.6,
5.7,
5.8,
5.9,
6.0,
6.1,
6.2,
6.3,
6.4,
6.5,
6.6,
6.7,
6.8,
6.9,
7.0,
7.1,
7.2,
7.3,
7.4,
7.6.
Patches for the OpenBSD base system are distributed as unified diffs.
Each patch is cryptographically signed with the
signify(1) tool and contains
usage instructions.
All the following patches are also available in one
tar.gz file
for convenience.
Alternatively, the syspatch(8)
utility can be used to apply binary updates on the following architectures:
amd64, i386, arm64.
Patches for supported releases are also incorporated into the
-stable branch.
-
001: SECURITY FIX: April 8, 2024
All architectures
Fix multiple heap buffer overread and data leakage in the X11 server
Xi extension and use after free in the Render extension.
CVE-2024-31080 CVE-2024-31081 CVE-2024-31083
A source code patch exists which remedies this problem.
-
002: RELIABILITY FIX: April 11, 2024
alpha
Install media for alpha architecture was broken due to strip(1) bug.
A source code patch exists which remedies this problem.
-
003: RELIABILITY FIX: May 10, 2024
All architectures
A missing bounds check could lead to a crash in libcrypto.
A source code patch exists which remedies this problem.
-
004: RELIABILITY FIX: June 26, 2024
All architectures
Repair a withdraw desyncronization problem in bgpd(8).
A source code patch exists which remedies this problem.
-
005: SECURITY FIX: August 2, 2024
All architectures
sndiod(8) main process could crash due to buffer overread.
A source code patch exists which remedies this problem.
-
006: SECURITY FIX: August 19, 2024
All architectures
cron(8) and crontab(1) can crash due to incorrect /step values.
CVE-2024-43688
A source code patch exists which remedies this problem.
-
007: SECURITY FIX: September 17, 2024
All architectures
In libexpat add integer range checks.
CVE-2024-45490 CVE-2024-45491 CVE-2024-45492
A source code patch exists which remedies this problem.
-
008: SECURITY FIX: September 17, 2024
All architectures
Avoid possible mbuf double free in NFS client and server implementation.
Do not use uninitialized variable in error handling of NFS server.
A source code patch exists which remedies this problem.
-
009: SECURITY FIX: September 17, 2024
All architectures
In readdir name validation exclude any '/' to avoid unexpected
directory traversal on untrusted file systems.
A source code patch exists which remedies this problem.
-
010: RELIABILITY FIX: September 17, 2024
All architectures
Invalid ELF files could result in kernel crash.
A source code patch exists which remedies this problem.
-
011: SECURITY FIX: October 14, 2024
All architectures
Querying a maliciously constructed DNS zone could result in degraded
performance or denial of service. CVE-2024-8508
A source code patch exists which remedies this problem.
-
012: SECURITY FIX: October 29, 2024
All architectures
Fix memory allocation error in the Xkb X11 server extension. CVE-2024-9632
A source code patch exists which remedies this problem.
-
013: RELIABILITY FIX: October 31, 2024
arm64
Updating Apple Silicon system firmware to the latest version cripples
OpenBSD. This disabled the onboard WiFi.
A source code patch exists which remedies this problem.