OpenBSD/ports VubMJfzdatabases/timescaledb distinfo Makefile, databases/timescaledb/pkg PLIST

by sthen on ⎇
   update to timescaledb-2.26.2, from Mark Patruck, looks good to maintainer
   (this is the version that was tested with the zabbix update that went in
   a few days ago)
VersionDeltaFile
1.31+4-4databases/timescaledb/distinfo
1.37+2-2databases/timescaledb/Makefile
1.32+3-0databases/timescaledb/pkg/PLIST
+9-63 files

OpenBSD/ports X6w7f0isysutils/ansible-runner Makefile distinfo

by sthen on ⎇
   update to ansible-runner-2.4.3, from Mikolaj Kucharski (maintainer)
   plus add missing RDEP and TDEPs
VersionDeltaFile
1.3+10-2sysutils/ansible-runner/Makefile
1.3+2-2sysutils/ansible-runner/distinfo
+12-42 files

OpenBSD/ports 3WkaQ6osecurity/openssl/4.0 Makefile distinfo, security/openssl/4.0/pkg PLIST

by tb on ⎇
   Update to OpenSSL 4.0.0

   The 00: printing still is the most important thing. Rest mostly the same
   as in the beta.

   https://github.com/openssl/openssl/releases/tag/openssl-4.0.0
VersionDeltaFile
1.4+2-2security/openssl/4.0/Makefile
1.2+2-2security/openssl/4.0/distinfo
1.2+2-0security/openssl/4.0/pkg/PLIST
+6-43 files

OpenBSD/ports ZimmRvZnet/monitoring-plugins Makefile distinfo, net/monitoring-plugins/patches patch-plugins_check_disk_c patch-plugins_check_snmp_c

by sthen on ⎇
   update to monitoring-plugins-3.0.0rc3, from Alvar Penning, + tweak to pkgnames
VersionDeltaFile
1.5+1-24net/monitoring-plugins/patches/patch-plugins_check_disk_c
1.58+2-3net/monitoring-plugins/Makefile
1.16+2-2net/monitoring-plugins/distinfo
1.2+2-2net/monitoring-plugins/patches/patch-plugins_check_snmp_c
1.3+1-1net/monitoring-plugins/patches/patch-plugins_Makefile_am
+8-325 files

OpenBSD/xenocara 07hkFfo. MODULES

by matthieu on ⎇
   update
VersionDeltaFile
1.556+2-2MODULES
+2-21 files

OpenBSD/ports PgT25Dwlang/go go.port.mk

by jsing on ⎇
   Bump _MODGO_SYSTEM_VERSION for lang/go update.
VersionDeltaFile
1.99+1-1lang/go/go.port.mk
+1-11 files

OpenBSD/ports E8Wu17Flang/go distinfo Makefile, lang/go/pkg PLIST

by jsing on ⎇
   Update lang/go to 1.26.2.

   ok naddy@
VersionDeltaFile
1.96+18-0lang/go/pkg/PLIST
1.118+2-2lang/go/distinfo
1.178+1-1lang/go/Makefile
+21-33 files

OpenBSD/src VQLI8d0usr.sbin/vmd virtio.c vmm.c

by dv on ⎇
   vmd(8): zero potential heap pointers before IPC.

   vmd sends two large structs over an ipc socket after fork+exec:
   vmd_vm and virtio_dev.

   Both have heap pointers from being put in TAILQs in the parent
   process and both carry some used for setting up imsg event channels.
   Zero all these things before send to be safe and not leak deatils
   on the parent's address space.

   Issue raised by Systopia Team.

   ok hshoexer@
VersionDeltaFile
1.136+22-6usr.sbin/vmd/virtio.c
1.137+15-4usr.sbin/vmd/vmm.c
1.173+1-2usr.sbin/vmd/vmd.c
+38-123 files

OpenBSD/xenocara FmMjbJlxserver/miext/sync misync.c, xserver/xkb xkb.c

by bluhm on ⎇
   Merge fixes from upstream for multiple Xserver issues:
   * CVE-2026-33999: XKB Integer Underflow in XkbSetCompatMap()
   * CVE-2026-34000: XKB Out-of-bounds Read in CheckSetGeom()
   * CVE-2026-34001: XSYNC Use-after-free in miSyncTriggerFence()
   * CVE-2026-34002: XKB Out-of-bounds read in CheckModifierMap()
   * CVE-2026-34003: XKB Buffer overflow in CheckKeyTypes()
   from matthieu@

   this is errata/7.7/034_xserver.patch.sig
VersionDeltaFile
1.26.2.2+79-19xserver/xkb/xkb.c
1.6.16.1+12-6xserver/miext/sync/misync.c
+91-252 files

OpenBSD/xenocara Hz2gKKixserver/miext/sync misync.c, xserver/xkb xkb.c

by bluhm on ⎇
   Merge fixes from upstream for multiple Xserver issues:
   * CVE-2026-33999: XKB Integer Underflow in XkbSetCompatMap()
   * CVE-2026-34000: XKB Out-of-bounds Read in CheckSetGeom()
   * CVE-2026-34001: XSYNC Use-after-free in miSyncTriggerFence()
   * CVE-2026-34002: XKB Out-of-bounds read in CheckModifierMap()
   * CVE-2026-34003: XKB Buffer overflow in CheckKeyTypes()
   from matthieu@

   this is errata/7.8/028_xserver.patch.sig
VersionDeltaFile
1.26.4.2+79-19xserver/xkb/xkb.c
1.6.24.1+12-6xserver/miext/sync/misync.c
+91-252 files

OpenBSD/xenocara PCiGqw0xserver/miext/sync misync.c, xserver/xkb xkb.c

by matthieu on ⎇
   Merge fixes from upstream for multiple Xserver issues:
    * CVE-2026-33999: XKB Integer Underflow in XkbSetCompatMap()
    * CVE-2026-34000: XKB Out-of-bounds Read in CheckSetGeom()
    * CVE-2026-34001: XSYNC Use-after-free in miSyncTriggerFence()
    * CVE-2026-34002: XKB Out-of-bounds read in CheckModifierMap()
    * CVE-2026-34003: XKB Buffer overflow in CheckKeyTypes()
VersionDeltaFile
1.28+79-19xserver/xkb/xkb.c
1.7+12-6xserver/miext/sync/misync.c
+91-252 files

OpenBSD/ports kLhf6tdgraphics/jpeg Makefile, graphics/jpeg/patches patch-simd_CMakeLists_txt

by jca on ⎇
   Tweak cmake files to avoid build errors on archs without SIMD support

   This is nicer than hardcoding in the port a list of archs with/without
   SIMD.  Add an url to this 3.1.x-specific fix, master has more changes
   in this area.

   Prompted by a diff from matthieu@, ok tb@
VersionDeltaFile
1.1+14-0graphics/jpeg/patches/patch-simd_CMakeLists_txt
1.91+0-3graphics/jpeg/Makefile
+14-32 files

OpenBSD/ports zeK7Upnwww/webkitgtk4 distinfo Makefile, www/webkitgtk4/patches patch-Source_JavaScriptCore_runtime_MathCommon_cpp patch-Source_cmake_OptionsCommon_cmake

by ajacoutot on ⎇
   Update to webkitgtk{41,60}-2.52.2.
VersionDeltaFile
1.4+7-35www/webkitgtk4/patches/patch-Source_JavaScriptCore_runtime_MathCommon_cpp
1.145+2-2www/webkitgtk4/distinfo
1.28+1-1www/webkitgtk4/patches/patch-Source_cmake_OptionsCommon_cmake
1.22+1-1www/webkitgtk4/patches/patch-Source_cmake_WebKitFeatures_cmake
1.8+1-1www/webkitgtk4/patches/patch-Source_WebCore_CMakeLists_txt
1.256+1-1www/webkitgtk4/Makefile
+13-412 files not shown
+13-418 files

OpenBSD/src jsGNE6Lusr.bin/tmux format.c

by nicm on ⎇
   Do not leak old time format if it is replaced in same format.
VersionDeltaFile
1.359+4-2usr.bin/tmux/format.c
+4-21 files

OpenBSD/ports uzPrG6Glang/python/3/patches patch-Modules_pyexpat_c patch-Lib_webbrowser_py, lang/python/3/pkg PLIST-tests

by tb on ⎇
   Update to Python 3.13.13, ok kmos sthen

   https://www.python.org/downloads/release/python-31313/

   Apply the fixes for CVE-2026-6100 (also ok kmos sthen) and on top of this
   pull in an additional missing bit in the fix for CVE-2026-4519.
VersionDeltaFile
1.3+1-61lang/python/3/patches/patch-Modules_pyexpat_c
1.1+28-0lang/python/3/patches/patch-Lib_webbrowser_py
1.12+15-11lang/python/3/pkg/PLIST-tests
1.1+26-0lang/python/3/patches/patch-Lib_test_test_webbrowser_py
1.1+21-0lang/python/3/patches/patch-Modules_zlibmodule_c
1.1+21-0lang/python/3/patches/patch-Modules__bz2module_c
+112-729 files not shown
+141-8015 files

OpenBSD/ports HKWWaLLwww/libmicrohttpd distinfo Makefile, www/libmicrohttpd/patches patch-src_include_microhttpd_h

by sthen on ⎇
   update to libmicrohttpd-1.0.4
VersionDeltaFile
1.1+12-0www/libmicrohttpd/patches/patch-src_include_microhttpd_h
1.14+2-2www/libmicrohttpd/distinfo
1.18+2-2www/libmicrohttpd/Makefile
+16-43 files

OpenBSD/ports 7NX03URdevel/py-virtualenv distinfo Makefile, devel/py-virtualenv/pkg PLIST

by sthen on ⎇
   pudate to py3-virtualenv-21.2.3
VersionDeltaFile
1.61+2-2devel/py-virtualenv/distinfo
1.95+1-2devel/py-virtualenv/Makefile
1.62+1-1devel/py-virtualenv/pkg/PLIST
+4-53 files

OpenBSD/ports aAhjxrOdevel/py-zipp distinfo Makefile

by sthen on ⎇
   update to py3-zipp-3.23.1
VersionDeltaFile
1.5+2-2devel/py-zipp/distinfo
1.14+2-1devel/py-zipp/Makefile
+4-32 files

OpenBSD/ports TcwtCYFdevel/py-jaraco-test Makefile

by sthen on ⎇
   add missing RDEP on python,-tests
VersionDeltaFile
1.4+3-1devel/py-jaraco-test/Makefile
+3-11 files

OpenBSD/ports tRkljuPgeo/geoclue2 distinfo Makefile

by ajacoutot on ⎇
   Update to geoclue2-2.8.1.
VersionDeltaFile
1.25+2-2geo/geoclue2/distinfo
1.61+1-2geo/geoclue2/Makefile
+3-42 files

OpenBSD/ports ckI9xaZsysutils/terragrunt distinfo modules.inc

by ajacoutot on ⎇
   Update to terragrunt-1.0.1.
VersionDeltaFile
1.388+314-342sysutils/terragrunt/distinfo
1.106+118-131sysutils/terragrunt/modules.inc
1.395+1-1sysutils/terragrunt/Makefile
+433-4743 files

OpenBSD/src udxOVrtusr.bin/tmux popup.c

by nicm on ⎇
   If job_run fails, do not crash but instead free the popup.
VersionDeltaFile
1.67+27-16usr.bin/tmux/popup.c
+27-161 files

OpenBSD/ports ZgU2T4hx11/gnome/control-center distinfo Makefile

by ajacoutot on ⎇
   Update to gnome-control-center-49.7.
VersionDeltaFile
1.81+2-2x11/gnome/control-center/distinfo
1.145+1-1x11/gnome/control-center/Makefile
+3-32 files

OpenBSD/src NY9prYSusr.bin/tmux control.c

by nicm on ⎇
   Another check for partially initialized control client, from Matt
   Koscica in GitHub issue 5004.
VersionDeltaFile
1.53+5-1usr.bin/tmux/control.c
+5-11 files

OpenBSD/ports mSq4RGqx11/gnome/libshumate distinfo Makefile

by ajacoutot on ⎇
   Update to libshumate-1.6.1.
VersionDeltaFile
1.25+2-2x11/gnome/libshumate/distinfo
1.31+1-1x11/gnome/libshumate/Makefile
+3-32 files

OpenBSD/ports UspZd6ux11/gnome/eog distinfo Makefile, x11/gnome/eog/pkg PLIST

by ajacoutot on ⎇
   Update to eog-49.3.
VersionDeltaFile
1.67+40-0x11/gnome/eog/pkg/PLIST
1.100+2-2x11/gnome/eog/distinfo
1.200+1-1x11/gnome/eog/Makefile
+43-33 files

OpenBSD/src 5KnVyFausr.bin/tmux key-bindings.c

by nicm on ⎇
   Add detach to default session menu, suggested by Przemyslaw Sztoch.
VersionDeltaFile
1.165+2-1usr.bin/tmux/key-bindings.c
+2-11 files

OpenBSD/src tHoyXSkusr.bin/tmux key-bindings.c

by nicm on ⎇
   Fix key binding conflict in session menu, from Dane Jensen.
VersionDeltaFile
1.164+2-2usr.bin/tmux/key-bindings.c
+2-21 files

OpenBSD/src i4BWCERusr.bin/tmux notify.c

by nicm on ⎇
   Include window bits for pane notifications, GitHub issue 5007 from Saul
   Nogueras.
VersionDeltaFile
1.45+6-2usr.bin/tmux/notify.c
+6-21 files

OpenBSD/src G3Edqx2usr.bin/tmux format.c

by nicm on ⎇
   Limit precision to 100 to stop silly formats from running out of memory,
   reported by z1281552865 at gmail dot com.
VersionDeltaFile
1.358+6-2usr.bin/tmux/format.c
+6-21 files