BSDSec

deadsimple BSD Security Advisories and Announcements

OpenBSD Errata: July 27th, 2020 (rpki)

Errata patches for rpki-client have been released for OpenBSD 6.7.

In rpki-client, incorrect use of EVP_PKEY_cmp allows an authentication bypass.

Binary updates for the amd64, i386, and arm64 platforms are available via
the syspatch utility. Source code patches can be found on the errata page:

  https://www.openbsd.org/errata67.html