On Wed, Dec 03, 2025 at 03:51:18AM -0700, Alexander Bluhm wrote: > CVSROOT: /cvs > Module name: www > Changes by: [email protected] 2025/12/03 03:51:18 > > Modified files: > . : errata78.html > > Log message: > I failed to count patches, 010 is between 009 and 011.
miod@ suggested to count in octal to avoid further confusion. Here we go. Index: errata77.html =================================================================== RCS file: /data/mirror/openbsd/cvs/www/errata77.html,v diff -u -p -r1.13 errata77.html --- errata77.html 3 Dec 2025 10:03:45 -0000 1.13 +++ errata77.html 3 Dec 2025 14:00:45 -0000 @@ -188,7 +188,7 @@ A source code patch exists which remedie <p> <li id="p008_pledge"> -<strong>008: RELIABILITY FIX: July 1, 2025</strong> +<strong>010: RELIABILITY FIX: July 1, 2025</strong> <i>All architectures</i> <br> TIOCUCNTL ioctl(2) could crash the kernel if called with a non-file @@ -199,7 +199,7 @@ A source code patch exists which remedie <p> <li id="p009_expat"> -<strong>009: SECURITY FIX: September 30, 2025</strong> +<strong>011: SECURITY FIX: September 30, 2025</strong> <i>All architectures</i> <br> In libexpat fix denial of service due to memory exhaustion. @@ -210,7 +210,7 @@ A source code patch exists which remedie <p> <li id="p010_libcrypto"> -<strong>010: SECURITY FIX: September 30, 2025</strong> +<strong>012: SECURITY FIX: September 30, 2025</strong> <i>All architectures</i> <br> Fix out-of-bounds read and write, memory leaks and incorrect error @@ -221,7 +221,7 @@ A source code patch exists which remedie <p> <li id="p011_xserver"> -<strong>011: SECURITY FIX: October 28, 2025</strong> +<strong>013: SECURITY FIX: October 28, 2025</strong> <i>All architectures</i> <br> Use-after-free and integer overflow in the Xkb and Present X server @@ -232,7 +232,7 @@ A source code patch exists which remedie <p> <li id="p012_unbound"> -<strong>012: SECURITY FIX: October 28, 2025</strong> +<strong>014: SECURITY FIX: October 28, 2025</strong> <i>All architectures</i> <br> DNS cache poisoning vulnerabilities in unbound could lead to domain @@ -243,7 +243,7 @@ A source code patch exists which remedie <p> <li id="p013_libssl"> -<strong>013: RELIABILITY FIX: October 28, 2025</strong> +<strong>015: RELIABILITY FIX: October 28, 2025</strong> <i>All architectures</i> <br> Ensure the group selected by a TLSv1.3 server for a HelloRetryRequest is @@ -254,7 +254,7 @@ A source code patch exists which remedie <p> <li id="p014_smtpd"> -<strong>014: SECURITY FIX: October 31, 2025</strong> +<strong>016: SECURITY FIX: October 31, 2025</strong> <i>All architectures</i> <br> smtpd(8) can die if a malformed imsg is sent on the local socket. @@ -265,7 +265,7 @@ A source code patch exists which remedie <p> <li id="p015_drm"> -<strong>015: RELIABILITY FIX: December 3, 2025</strong> +<strong>017: RELIABILITY FIX: December 3, 2025</strong> <i>All architectures</i> <br> Fix drm(4) to avoid spurious sleep errors leading to crashes. @@ -275,7 +275,7 @@ A source code patch exists which remedie <p> <li id="p016_xkbcomp"> -<strong>016: SECURITY FIX: December 3, 2025</strong> +<strong>020: SECURITY FIX: December 3, 2025</strong> <i>All architectures</i> <br> Fix incorrect handling of invalid inputs to xkbcomp(1). @@ -286,7 +286,7 @@ A source code patch exists which remedie <p> <li id="p017_unbound"> -<strong>017: SECURITY FIX: December 3, 2025</strong> +<strong>021: SECURITY FIX: December 3, 2025</strong> <i>All architectures</i> <br> Fix incomplete mitigation of DNS cache poisoning vulnerabilities Index: errata78.html =================================================================== RCS file: /data/mirror/openbsd/cvs/www/errata78.html,v diff -u -p -r1.8 errata78.html --- errata78.html 3 Dec 2025 10:51:18 -0000 1.8 +++ errata78.html 3 Dec 2025 14:01:27 -0000 @@ -194,7 +194,7 @@ A source code patch exists which remedie <p> <li id="p008_libpng"> -<strong>008: SECURITY FIX: December 3, 2025</strong> +<strong>010: SECURITY FIX: December 3, 2025</strong> <i>All architectures</i> <br> Fix buffer overflow vulnerabilities in libpng which is part of @@ -206,7 +206,7 @@ A source code patch exists which remedie <p> <li id="p009_xkbcomp"> -<strong>009: SECURITY FIX: December 3, 2025</strong> +<strong>011: SECURITY FIX: December 3, 2025</strong> <i>All architectures</i> <br> Fix incorrect handling of invalid inputs to xkbcomp(1). @@ -217,7 +217,7 @@ A source code patch exists which remedie <p> <li id="p010_unbound"> -<strong>010: SECURITY FIX: December 3, 2025</strong> +<strong>012: SECURITY FIX: December 3, 2025</strong> <i>All architectures</i> <br> Fix incomplete mitigation of DNS cache poisoning vulnerabilities @@ -228,7 +228,7 @@ A source code patch exists which remedie <p> <li id="p011_nd6"> -<strong>011: RELIABILITY FIX: December 3, 2025</strong> +<strong>013: RELIABILITY FIX: December 3, 2025</strong> <i>All architectures</i> <br> Due to a race, the kernel could crash when adding IPv6 neighbor
