OpenBSD/ports DfTWFjhgames/luanti distinfo Makefile, games/luanti/patches patch-src_CMakeLists_txt

   Update to luanti 5.16.1 from maintainer
VersionDeltaFile
1.6+11-0games/luanti/pkg/PLIST
1.7+2-2games/luanti/distinfo
1.5+2-2games/luanti/patches/patch-src_CMakeLists_txt
1.10+1-1games/luanti/Makefile
+16-54 files

OpenBSD/ports rxWPrmvgames/recoil-rts distinfo Makefile

   Update to latest release engine 2025.06.24. (Illustrating the problems
   with conflating semantic and date-based versioning starkly.)
VersionDeltaFile
1.17+2-2games/recoil-rts/distinfo
1.26+1-1games/recoil-rts/Makefile
+3-32 files

OpenBSD/ports Gnfedsotextproc/ruby-rouge distinfo Makefile, textproc/ruby-rouge/pkg PLIST

   Update ruby-rouge to 5.0.0.
VersionDeltaFile
1.35+26-5textproc/ruby-rouge/pkg/PLIST
1.47+2-2textproc/ruby-rouge/distinfo
1.49+1-1textproc/ruby-rouge/Makefile
+29-83 files

OpenBSD/src 7u9hKeMsys/kern exec_elf.c

   unzero'd padding bytes in struct reg and struct fpreg (both machine dependent)
   leak kernel stack contents.
   from Andrew Griffiths at Calif
VersionDeltaFile
1.198+3-1sys/kern/exec_elf.c
+3-11 files

OpenBSD/ports oaHLM5Anet/filezilla Makefile distinfo, net/filezilla/patches patch-src_engine_Makefile_am patch-src_commonui_Makefile_am

   Update to filezilla-3.70.5

   Changes: https://filezilla-project.org/

   Major bumps for libfzclient-private and fzclient-commonui-private
VersionDeltaFile
1.128+20-19net/filezilla/Makefile
1.11+2-2net/filezilla/patches/patch-src_engine_Makefile_am
1.72+2-2net/filezilla/distinfo
1.3+2-2net/filezilla/patches/patch-src_commonui_Makefile_am
1.3+2-2net/filezilla/patches/patch-src_interface_Mainfrm_h
1.34+0-4net/filezilla/pkg/PLIST
+28-311 files not shown
+28-317 files

OpenBSD/ports Ow79Efcnet Makefile

   +fzssh
VersionDeltaFile
1.1463+1-0net/Makefile
+1-01 files

OpenBSD/src RdVCBWzusr.sbin/vmd virtio.c

   A privileged guest can program an out-of-layout Virtio 1.x `queue_avail`
   address for the `vioscsi` device and then notify the queue. The host-side
   `vioscsi` device process dereferences a pointer derived from the unchecked
   offset and terminates with `SIGSEGV`.
   from Quarkslab
   ok hshoexer, mlarkin
VersionDeltaFile
1.139+22-5usr.sbin/vmd/virtio.c
+22-51 files

OpenBSD/ports pkThjK9net/fzssh Makefile distinfo, net/fzssh/pkg PLIST DESCR

   Initial revision
VersionDeltaFile
1.1+37-0net/fzssh/Makefile
1.1+16-0net/fzssh/pkg/PLIST
1.1+2-0net/fzssh/distinfo
1.1+1-0net/fzssh/pkg/DESCR
1.1.1.1+0-0net/fzssh/distinfo
1.1.1.1+0-0net/fzssh/pkg/DESCR
+56-02 files not shown
+56-08 files

OpenBSD/src iDE4FFFusr.sbin/vmd vioscsi.c

   A privileged guest can notify an invalid virtio-scsi queue index. The
   host-side `vioscsi` device process uses the guest-controlled value as an array
   index without a bounds check, interprets adjacent process memory as virtqueue
   metadata, and terminates with `SIGSEGV`.
   from Quarkslab
   ok hshoexer, mlarkin
VersionDeltaFile
1.30+17-2usr.sbin/vmd/vioscsi.c
+17-21 files

OpenBSD/src Coz8abhusr.sbin/vmd virtio.c

   Do not call `fatalx()` on malformed guest-provided descriptor lengths. Reject
   the request and return without terminating the VM process.
   from Quarkslab
   ok hshoexer, mlarkin
VersionDeltaFile
1.138+5-3usr.sbin/vmd/virtio.c
+5-31 files

OpenBSD/src ZYxxLX3usr.sbin/vmd vioblk.c

   A privileged guest can notify one invalid virtio-block queue index and
   terminate the host-side `vioblk` device process. In the confirmed run, this
   also caused the VM event thread to exit unexpectedly.
   from Quarkslab
   ok hshoexer, mlarkin
VersionDeltaFile
1.30+2-2usr.sbin/vmd/vioblk.c
+2-21 files

OpenBSD/src jzP1s6kusr.sbin/vmd vioblk.c

   A privileged guest can make the host-side `vioblk` backend read a descriptor
   outside the configured virtqueue descriptor table and interpret the out-of-table
   entry as a block request descriptor. In the confirmed run, the guest-controlled
   out-of-table descriptor made `vmd(8)` read and log a guest-chosen block command
   value, and the device entered `DEVICE_NEEDS_RESET`.
   from Quarkslab
   ok hshoexer, mlarkin
VersionDeltaFile
1.29+6-1usr.sbin/vmd/vioblk.c
+6-11 files

OpenBSD/ports e61813Jtextproc/p5-XML-Parser distinfo Makefile

   update p5-XML-Parser to 2.59
VersionDeltaFile
1.20+2-2textproc/p5-XML-Parser/distinfo
1.45+1-1textproc/p5-XML-Parser/Makefile
+3-32 files

OpenBSD/src wq3KSuwsys/arch/i386/stand/biosboot Makefile, sys/arch/i386/stand/boot Makefile

   with llvm22, -Ttext also requires --image-base to be specified

   with robert@
VersionDeltaFile
1.38+2-2sys/arch/i386/stand/pxeboot/Makefile
1.22+2-2sys/arch/i386/stand/mbr/Makefile
1.8+2-2sys/arch/i386/stand/cdbr/Makefile
1.41+2-2sys/arch/i386/stand/cdboot/Makefile
1.77+2-2sys/arch/i386/stand/boot/Makefile
1.31+2-2sys/arch/i386/stand/biosboot/Makefile
+12-126 files not shown
+24-2412 files

OpenBSD/src XDSqv5nsys/dev/ic qwx.c

   add volatile casts to qwx for arm64, as mglocker@ did in qwz
VersionDeltaFile
1.114+7-4sys/dev/ic/qwx.c
+7-41 files

OpenBSD/src 4pyxS2fsys/dev/pci if_qwx_pci.c

   reset qwx command ring "queued" counter when the command ring gets reset

   Should fix bogus "command ring overflow" errors observed in my dmesg.
VersionDeltaFile
1.34+2-1sys/dev/pci/if_qwx_pci.c
+2-11 files

OpenBSD/src 4PD51vwsys/dev/ic qwx.c

   ensure that qwx nq flags are always cleared when switching net80211 state

   similar fix found in mglocker@ qwz diffs
VersionDeltaFile
1.113+9-1sys/dev/ic/qwx.c
+9-11 files

OpenBSD/src LhfEzI3sys/dev/ic qwx.c

   fix number of tx/rx streams set in qwx mac config

   from kirill@ via qwz
VersionDeltaFile
1.112+3-3sys/dev/ic/qwx.c
+3-31 files

OpenBSD/ports hKFQFDCmail/mailparser distinfo Makefile

   update to mailparser-4.3.0
VersionDeltaFile
1.4+2-2mail/mailparser/distinfo
1.6+1-1mail/mailparser/Makefile
+3-32 files

OpenBSD/ports N25bzgWsecurity/gpa distinfo Makefile, security/gpa/patches patch-src_gpa-marshal_list patch-src_gpacontext_c

   update to gpa-0.11.1
VersionDeltaFile
1.9+2-2security/gpa/distinfo
1.46+1-1security/gpa/Makefile
1.2+0-0security/gpa/patches/patch-src_gpa-marshal_list
1.2+0-0security/gpa/patches/patch-src_gpacontext_c
1.2+0-0security/gpa/patches/patch-src_gpacontext_h
1.2+0-0security/gpa/patches/patch-src_gpakeyexpireop_c
+3-31 files not shown
+3-37 files

OpenBSD/ports 6HHfsFasecurity/pcsc-lite Makefile distinfo, security/pcsc-lite/patches patch-meson_build patch-src_debuglog_c

   update to pcsc-lite-2.5.0
   add PORTROACH site url pointing at github, doesn't pick up new versions
   correctly at author's site
VersionDeltaFile
1.71+7-1security/pcsc-lite/Makefile
1.7+3-3security/pcsc-lite/patches/patch-meson_build
1.36+2-2security/pcsc-lite/distinfo
1.10+2-2security/pcsc-lite/patches/patch-src_debuglog_c
1.8+1-1security/pcsc-lite/patches/patch-src_testpcsc_c
+15-95 files

OpenBSD/ports VRJJBCdsecurity/ccid Makefile distinfo, security/ccid/pkg PLIST

   update to ccid-1.8.0

   set PORTROACH to gh releases in the hope that it might do a better job of
   picking up new versions
VersionDeltaFile
1.5+4-4security/ccid/pkg/PLIST
1.45+4-2security/ccid/Makefile
1.32+2-2security/ccid/distinfo
+10-83 files

OpenBSD/ports aDJSRKLsysutils/py-platformdirs distinfo Makefile

   update to py3-platformdirs-4.10.0
VersionDeltaFile
1.28+2-2sysutils/py-platformdirs/distinfo
1.36+1-1sysutils/py-platformdirs/Makefile
+3-32 files

OpenBSD/ports nAbFsXFprint/pdfarranger distinfo Makefile, print/pdfarranger/pkg PLIST

   update to pdfarranger-1.14.0
VersionDeltaFile
1.15+2-2print/pdfarranger/distinfo
1.15+3-0print/pdfarranger/pkg/PLIST
1.26+1-1print/pdfarranger/Makefile
+6-33 files

OpenBSD/ports PuQfJqTsecurity/ccid distinfo Makefile

   update to ccid-1.7.1
VersionDeltaFile
1.31+2-2security/ccid/distinfo
1.44+1-1security/ccid/Makefile
+3-32 files

OpenBSD/ports rhfcZJLeditors/vim distinfo Makefile, editors/vim/patches patch-runtime_autoload_tar_vim

   update to vim-9.2.545
VersionDeltaFile
1.161+2-2editors/vim/distinfo
1.308+1-1editors/vim/Makefile
1.17+1-1editors/vim/patches/patch-runtime_autoload_tar_vim
1.32+1-0editors/vim/pkg/PLIST
+5-44 files

OpenBSD/ports kNvPxyTdevel/py-txaio Makefile distinfo, devel/py-txaio/pkg PLIST

   update to py3-txaio-25.12.2
VersionDeltaFile
1.22+2-3devel/py-txaio/Makefile
1.7+2-2devel/py-txaio/distinfo
1.11+1-2devel/py-txaio/pkg/PLIST
+5-73 files

OpenBSD/ports VufTuF9devel/quirks/files Quirks.pm

   devel/quirks: remove unused message key that broke the build
VersionDeltaFile
1.1808+1-2devel/quirks/files/Quirks.pm
+1-21 files

OpenBSD/ports Hd0abbHdevel/apache-ant distinfo Makefile, devel/apache-ant/pkg PLIST

   update to apache-ant-1.10.17
VersionDeltaFile
1.28+36-18devel/apache-ant/pkg/PLIST
1.29+2-2devel/apache-ant/distinfo
1.58+1-2devel/apache-ant/Makefile
+39-223 files

OpenBSD/ports CM4veMaeditors/vim-classic Makefile distinfo, editors/vim-classic/patches patch-runtime_syntax_make_vim patch-runtime_filetype_vim

   MFC vim-classic update to 20260504
VersionDeltaFile
1.1.1.1.2.1+14-12editors/vim-classic/patches/patch-runtime_syntax_make_vim
1.12.2.1+2-2editors/vim-classic/Makefile
1.7.2.1+2-2editors/vim-classic/distinfo
1.2.2.1+2-2editors/vim-classic/patches/patch-runtime_filetype_vim
1.4.2.1+1-1editors/vim-classic/patches/patch-src_configure_ac
1.5.2.1+1-0editors/vim-classic/pkg/PLIST
+22-196 files