OpenBSD/src hpbGTXZsys/net if_sec.c

   count if_enqueue/ifq_enqueue errors as oqdrops.

   this helps narrow down where some "output failures" on sec interfaces
   occur.

   based on discussion with jason tubnor
VersionDeltaFile
1.11+2-2sys/net/if_sec.c
+2-21 files

OpenBSD/ports 29Y4C3Adevel/py-nbconvert Makefile distinfo, devel/py-nbconvert/pkg PLIST DESCR

   update nbconvert to 7.16.2 and mistune to 2.0.5
VersionDeltaFile
1.11+25-229devel/py-nbconvert/pkg/PLIST
1.6+63-4textproc/py-mistune/pkg/PLIST
1.23+11-16devel/py-nbconvert/Makefile
1.2+13-2devel/py-nbconvert/pkg/DESCR
1.18+1-4textproc/py-mistune/Makefile
1.9+2-2devel/py-nbconvert/distinfo
+115-2571 files not shown
+117-2597 files

OpenBSD/ports h7kll6Jnet/py-zmq Makefile distinfo

   update py-zmq to 25.1.1 for Python 3.12 support
VersionDeltaFile
1.37+4-1net/py-zmq/Makefile
1.21+2-2net/py-zmq/distinfo
+6-32 files

OpenBSD/ports fxsK6OHsysutils/grafana distinfo Makefile, sysutils/grafana/patches patch-conf_sample_ini

   sysutils/grafana: update to 10.4.0
VersionDeltaFile
1.28+940-742sysutils/grafana/pkg/PLIST
1.27+4-4sysutils/grafana/distinfo
1.19+2-2sysutils/grafana/patches/patch-conf_sample_ini
1.40+1-1sysutils/grafana/Makefile
+947-7494 files

OpenBSD/ports VXUXEk5sysutils/telegraf distinfo modules.inc

   sysutils/telegraf: update to 1.30.0

   ok landry@
VersionDeltaFile
1.16+294-218sysutils/telegraf/distinfo
1.15+105-75sysutils/telegraf/modules.inc
1.33+1-1sysutils/telegraf/Makefile
+400-2943 files

OpenBSD/src fPOCjfSsys/arch/arm64/arm64 cpu.c, sys/dev/fdt psci.c pscivar.h

   Implement Spectre-V4 mitigations.  The only real effect of this change is
   that we now make a firmware call to enable the mitigations if the
   firmware tells us mitigations are implemented and needed.  But according
   to the specification these mitigations should be enabled by default.
   The open source TF-A implementation only implements mitigations for older
   Cortex-A76 cores.  Newer Cortex-A76 revisions are not vulnerable and as
   far as I can tell we only support SoCs with the newer cores.

   ok patrick@
VersionDeltaFile
1.113+41-2sys/arch/arm64/arm64/cpu.c
1.15+19-2sys/dev/fdt/psci.c
1.8+3-0sys/dev/fdt/pscivar.h
+63-43 files

OpenBSD/src mjD7fExsys/dev/fdt if_mvpp.c

   Pass PHY OF node to the MII layer for use by PHY drivers.
VersionDeltaFile
1.52+2-1sys/dev/fdt/if_mvpp.c
+2-11 files

OpenBSD/src XoMBGZisys/dev/pci pci.c

   Reduce dmesg spam and only print about resource conflicts for resources
   that are actually enabled.

   ok dlg@, deraadt@
VersionDeltaFile
1.128+20-10sys/dev/pci/pci.c
+20-101 files

OpenBSD/src 6DsuZafsys/arch/arm64/arm64 cpu.c, sys/arch/arm64/include armreg.h

   Add support for the new layout of the CCSIDR_EL1 register that was
   introduced in Armv8.3 when the CCIDX feature is advertised.  This
   makes us properly detect the cache size on newer CPU cores like
   Neoverse N2, at least when emulated by QEMU.

   ok jsg@
VersionDeltaFile
1.112+42-12sys/arch/arm64/arm64/cpu.c
1.33+20-1sys/arch/arm64/include/armreg.h
+62-132 files

OpenBSD/ports qXGwWNEmisc/dialog distinfo Makefile

   Update dialog to 1.3-20240307.
VersionDeltaFile
1.39+2-2misc/dialog/distinfo
1.62+1-1misc/dialog/Makefile
+3-32 files

OpenBSD/ports Aw9zeA8sysutils/broot distinfo crates.inc

   Update broot to 1.36.1.
VersionDeltaFile
1.17+46-40sysutils/broot/distinfo
1.18+22-19sysutils/broot/crates.inc
1.23+1-1sysutils/broot/Makefile
+69-603 files

OpenBSD/ports 1p1H7iHsecurity/libksba distinfo Makefile

   Bugfix update to libksba-1.6.6
VersionDeltaFile
1.13+2-2security/libksba/distinfo
1.31+1-1security/libksba/Makefile
+3-32 files

OpenBSD/ports mBdGurpgraphics/pqiv distinfo Makefile, graphics/pqiv/patches patch-pqiv_c

   Update to pqiv-2.13.1

   time_t patch addressed upstream.
VersionDeltaFile
1.14+2-2graphics/pqiv/distinfo
1.24+1-1graphics/pqiv/Makefile
1.3+0-0graphics/pqiv/patches/patch-pqiv_c
+3-33 files

OpenBSD/ports r8jGcqTsecurity/suricata Makefile, security/suricata/patches patch-src_suricata_c patch-src_util-privs_c

   Readd privdrop patches

   "probably automatically removed" by gonzalo@ in the 7.0.2 update

   OK gonzalo@
VersionDeltaFile
1.14+21-3security/suricata/patches/patch-src_suricata_c
1.7+4-4security/suricata/patches/patch-src_util-privs_c
1.7+3-3security/suricata/patches/patch-src_util-privs_h
1.66+1-0security/suricata/Makefile
+29-104 files

OpenBSD/ports rQ8cDJCgraphics/p5-Image-ExifTool distinfo Makefile, graphics/p5-Image-ExifTool/pkg PLIST

   Update p5-Image-ExifTool to 12.79.
VersionDeltaFile
1.44+19-0graphics/p5-Image-ExifTool/pkg/PLIST
1.55+2-2graphics/p5-Image-ExifTool/distinfo
1.64+1-1graphics/p5-Image-ExifTool/Makefile
+22-33 files

OpenBSD/ports GNvPRYJaudio/schismtracker distinfo Makefile, audio/schismtracker/patches patch-configure_ac

   Update schismtracker to 20240308.
VersionDeltaFile
1.26+2-2audio/schismtracker/distinfo
1.38+1-1audio/schismtracker/Makefile
1.25+1-1audio/schismtracker/patches/patch-configure_ac
+4-43 files

OpenBSD/ports wi2ogJSnet/bird/2 distinfo Makefile

   update to bird-2.15
VersionDeltaFile
1.14+4-4net/bird/2/distinfo
1.18+1-1net/bird/2/Makefile
+5-52 files

OpenBSD/src xwtEClEusr.sbin/bgpd parse.y

   Typecast char argument to isxdigit() to unsigned char since isxdigit()
   only works that way correctly.
   OK deraadt@
VersionDeltaFile
1.456+4-3usr.sbin/bgpd/parse.y
+4-31 files

OpenBSD/ports TwbUBw8lang/python python.port.mk

   add python to TEST_DEPENDS if MODPY_PYTEST is set to 'no'.
VersionDeltaFile
1.184+2-0lang/python/python.port.mk
+2-01 files

OpenBSD/ports pJGqG7jgraphics/ImageMagick Makefile

   remove LIB_DEPENDS on aom, dav1d, libde265, x265 - they're pulled in via
   libheif and not used directly. from Brad.
VersionDeltaFile
1.220+1-4graphics/ImageMagick/Makefile
+1-41 files

OpenBSD/src cM1rs6Clib/libexpat Changes, lib/libexpat/lib xmlparse.c

   Cherry-pick fix for CVE-2024-28757 from libexpat.

   Detect billion laughs attack with isolated external parser.
   github commit 1d50b80cf31de87750103656f6eb693746854aa8

   OK deraadt@

   this is errata/7.3/027_expat.patch.sig
VersionDeltaFile
1.23.4.1+6-0lib/libexpat/Changes
1.35.4.1+5-1lib/libexpat/lib/xmlparse.c
+11-12 files

OpenBSD/src D2Fpdm1lib/libexpat Changes, lib/libexpat/lib xmlparse.c

   Cherry-pick fix for CVE-2024-28757 from libexpat.

   Detect billion laughs attack with isolated external parser.
   github commit 1d50b80cf31de87750103656f6eb693746854aa8

   OK deraadt@

   this is errata/7.4/015_expat.patch.sig
VersionDeltaFile
1.23.2.1+6-0lib/libexpat/Changes
1.35.2.1+5-1lib/libexpat/lib/xmlparse.c
+11-12 files

OpenBSD/src AqjOyBXusr.sbin/bgpd bgpd.h

   Double PEER_DESCR_LEN to 64 characters since 32 is a bit on the short side.
   OK sthen@, deraadt@, dlg@, tb@
VersionDeltaFile
1.487+2-2usr.sbin/bgpd/bgpd.h
+2-21 files

OpenBSD/src diJgjlgusr.sbin/bgpd bgpd.conf.5

   Use same markup for origin-set arguments as for roa-set. The maxlen argument
   is optional.
   OK tb@
VersionDeltaFile
1.238+5-3usr.sbin/bgpd/bgpd.conf.5
+5-31 files

OpenBSD/ports 10gQXQZdevel/luarocks distinfo Makefile, devel/luarocks/pkg PLIST

   update devel/luarocks to 3.11.0

   changelog: https://github.com/luarocks/luarocks/blob/master/CHANGELOG.md
   This "skips" over 3.10.0.
VersionDeltaFile
1.5+4-1devel/luarocks/pkg/PLIST
1.5+2-2devel/luarocks/distinfo
1.12+1-1devel/luarocks/Makefile
+7-43 files

OpenBSD/ports vFJIvetlang/clojure distinfo Makefile

   update lang/clojure to 1.11.2.1446
VersionDeltaFile
1.36+2-2lang/clojure/distinfo
1.65+1-1lang/clojure/Makefile
+3-32 files

OpenBSD/src JYcKj7Nlib/libc/gen login_cap.3

   fix markup of _PATH_DEFPATH (Li -> Dv); ok jmc
VersionDeltaFile
1.24+3-3lib/libc/gen/login_cap.3
+3-31 files

OpenBSD/src Tx7HH2ousr.sbin/smtpd smtpd.conf.5

   improve the MDA documentation

    - add a pointer to the section when documenting the `mda' keyword
    - rename the section to MDA COMMANDS
    - document also what happens when the MDA doesn't exit with status 0
    - add the missing environment variables
    - sort the variables
    - minor other tweaks to the text

   with several improvements from jmc, ok jmc
VersionDeltaFile
1.270+54-22usr.sbin/smtpd/smtpd.conf.5
+54-221 files

OpenBSD/ports GeZTH6Mnet/powerdns distinfo Makefile

   Update to PowerDNS Authoritative Server 4.9.0
VersionDeltaFile
1.48+2-2net/powerdns/distinfo
1.101+1-1net/powerdns/Makefile
+3-32 files

OpenBSD/ports QxTMQECnet/dnsdist distinfo Makefile

   Update to dnsdist 1.9.1
VersionDeltaFile
1.21+2-2net/dnsdist/distinfo
1.38+1-1net/dnsdist/Makefile
+3-32 files