OpenBSD 7.2 is being released!

hitest · 12-22-2022, 02:33 PM

Updated. Thanks.

YesItsMe · 01-13-2023, 04:06 AM

Syspatch 013 (all architectures):
A TCP packet with destination port 0 that matches a pf divert-to rule could crash the kernel.

YesItsMe · 01-18-2023, 04:57 AM

Syspatch 014 (all architectures):
Input validation issues and path validation issues in libXpm can lead to infinite loops, memory corruption or arbitrary command execution. CVE-2022-46285, CVE-2022-44617 and CVE-2022-4883

YesItsMe · 01-23-2023, 08:47 AM

Syspatch 015 (all architectures):
vmm(4) exposed unsupported cpuid feature flags to guests.

Syspatch 016 (all architectures):
vmd(8) exposed unsupported cpuid feature flags to guests.

YesItsMe · 02-02-2023, 12:26 PM

Syspatch 017 (all architectures):
A double-free in the sshd pre-auth unprivileged process (not believed to be exploitable).

YesItsMe · 02-07-2023, 02:43 PM

Syspatch 018 (all architectures):
A malicious certificate revocation list or timestamp response token would allow an attacker to read arbitrary memory.

Syspatch 019 (all architectures):
CVE-2023-0494: use after free in the Xinput X server extension.

Syspatch 020 (all architectures):
smtpd(8) could abort due to a connection from a local, scoped ipv6 address.

YesItsMe · 02-27-2023, 04:04 AM

Syspatch 021 (all architectures):
Missing bounds check in console terminal emulation could cause a kernel crash after receiving specially crafted escape sequences.

YesItsMe · 03-18-2023, 08:51 PM

Syspatch 022 (all architectures):
Out of bounds accesses in libc resolver.