General note on errata: We do not roll a release CD every time we bump the sub-version. The standard upgrade method is to build from sources. The build manual page gives you information on how to upgrade your system from sources. See the download page for information on tracking changes with cvsup.
No new errata.
Wide symbols (wstring, wint_t etc) support in gcc41 (libstdc++) was broken. Fixed in 1.12.2.
GDB produced incomplete stack traces. Fixed in 1.12.2.
Buffer overflow in ppp(8) command prompt parsing (OpenBSD errata 2008-009, CVE-2008-1215). Fixed in 1.12.2.
The direction flag is not cleared by the signal handler, required by GCC 4.x as specified by i386/amd64 abi. Fixed in 1.12.2.
Relayed PPPoE (ng_pppoe(4)) has issues. Fixed in 1.12.2.
Missing needed libc suppot for GCC 4.x's stack protector. Fixed in 1.12.2.
libthread_xu has fairly serious issues with Firefox and KDE. Fixed in 1.12.2. Note that libthread_xu is the default threading library for 1.12.x so this has a fairly large beneficial impact on 1.12.x systems.
OpenSSH was found to have a vulnerability that allowed users to bypass the sshd_config ForceCommand directive (CVE-2008-1657). Fixed in 1.12.2.
Vulnerability was found in OpenSSH which allowed local users to hijack forwarded X connections (CVE-2008-1483). Fixed in 1.12.2.
Vunerability was found in bzip2 which allowed user-assisted remote attackers to cause a denial of service (crash) via a crafted file (CVE-2008-1372). Fixed in 1.12.2.
The CD installer considers the CD itself a hard disk and gives you the option of partitioning it, installing to it, putting bootblocks on it, etc. This obviously won't work and it is a minor annoyance. Simply uncheck the related boxes during the installation process. This bug will not be fixed in the 1.12.x release cycle.
The release CD contained a vendor sendmail bug which was fixed in 1.12.1.