OpenBSD/ports PFUZcdOtextproc/xmlwf distinfo Makefile

by bluhm on ⎇
   update xmlwf to expat 2.7.5
VersionDeltaFile
1.13+4-4textproc/xmlwf/distinfo
1.21+1-1textproc/xmlwf/Makefile
+5-52 files

OpenBSD/ports pKuYz4Ftextproc/libxml Makefile, textproc/libxml/pkg PLIST

by sthen on ⎇
   the "@pkgpath textproc/libxml,-python" marker by itself isn't enough to merge
   any (now removed) py3-libxml-* packages into libxml, so python 3.12 -> 3.13
   updates (i.e. openbsd 7.8 -> -current) were still failing. Add an @conflict
   as well to force the old package to be removed.
VersionDeltaFile
1.246+1-0textproc/libxml/Makefile
1.44+1-0textproc/libxml/pkg/PLIST
+2-02 files

OpenBSD/ports NbefjUeprint/ghostscript/gnu distinfo Makefile, print/ghostscript/gnu/patches patch-configure

by volker on ⎇
   print/ghostscript/gnu: Update to 10.07.0

   ok (with tweaks) sthen@
VersionDeltaFile
1.32+2-2print/ghostscript/gnu/distinfo
1.12+2-2print/ghostscript/gnu/patches/patch-configure
1.140+1-1print/ghostscript/gnu/Makefile
+5-53 files

OpenBSD/ports hcd2oeOcomms/rtl_433 Makefile

by kmos on ⎇
   cc1: error: unrecognized command line option "-Wvla"

   base-gcc doesn't have -Wvla. Move to ports-gcc to fix build on sparc64
VersionDeltaFile
1.2+4-0comms/rtl_433/Makefile
+4-01 files

OpenBSD/ports cHH9jWsgraphics/vulkan-tools distinfo Makefile

by thfr on ⎇
   missed to include vulkan-tools in the vulkan update, spotted by volker@
VersionDeltaFile
1.20+2-2graphics/vulkan-tools/distinfo
1.29+1-1graphics/vulkan-tools/Makefile
+3-32 files

OpenBSD/ports MrUjMszdevel/intellij Makefile distinfo

by kirill on ⎇
   devel/intellij: update to 2025.3.4
VersionDeltaFile
1.116+2-3devel/intellij/Makefile
1.82+2-2devel/intellij/distinfo
+4-52 files

OpenBSD/src kBaRI1Rusr.sbin/bgpd session_bgp.c

by sthen on ⎇
   remove extra spaces in logs, ok claudio
VersionDeltaFile
1.7+7-7usr.sbin/bgpd/session_bgp.c
+7-71 files

OpenBSD/ports gznhQc2mail/roundcubemail distinfo Makefile, mail/roundcubemail/pkg PLIST-main

by sthen on ⎇
   update to roundcubemail-1.6.14
   various security fixes, https://github.com/roundcube/roundcubemail/releases/tag/1.6.14
VersionDeltaFile
1.7.4.2+27-0mail/roundcubemail/pkg/PLIST-main
1.95.2.3+2-2mail/roundcubemail/distinfo
1.191.2.3+1-2mail/roundcubemail/Makefile
+30-43 files

OpenBSD/ports XUqwT5rmail/roundcubemail distinfo Makefile, mail/roundcubemail/pkg PLIST

by sthen on ⎇
   update to roundcubemail-1.6.14
   various security fixes, https://github.com/roundcube/roundcubemail/releases/tag/1.6.14
VersionDeltaFile
1.75+27-0mail/roundcubemail/pkg/PLIST
1.99+2-2mail/roundcubemail/distinfo
1.195+1-1mail/roundcubemail/Makefile
+30-33 files

OpenBSD/ports RBA1Xi9security Makefile

by sthen on ⎇
   py-omemo-dr was not linked to the build properly
VersionDeltaFile
1.777+1-0security/Makefile
+1-01 files

OpenBSD/ports A47rToqsecurity/py-omemo-dr Makefile

by tb on ⎇
   py-omemo-dr: bump after HOMEPAGE change for pypi
VersionDeltaFile
1.7+1-1security/py-omemo-dr/Makefile
+1-11 files

OpenBSD/src OikH7Ahusr.sbin/bgpd util.c

by sthen on ⎇
   typo: Extended Nexhop Encoding (Nexthop)
VersionDeltaFile
1.99+2-2usr.sbin/bgpd/util.c
+2-21 files

OpenBSD/src IsJBD0iusr.bin/calendar calendar.c

by bluhm on ⎇
   /dev/null is no longer implicitly permitted by some pledges, so explicitly
   unveil it. fixes calendar -a. ok deraadt
   calendar also needs to unveil cpp / sendmail, I forgot to make install
   when I was testing :(  from James J. Lippard
   sendmail/cpp only need "x" no "rx" unveil; ok deraadt
   from sthen@

   this is errata/7.7/029_calendar.patch.sig
VersionDeltaFile
1.37.28.2+7-1usr.bin/calendar/calendar.c
+7-11 files

OpenBSD/src XoMavKmusr.bin/calendar calendar.c

by bluhm on ⎇
   /dev/null is no longer implicitly permitted by some pledges, so explicitly
   unveil it. fixes calendar -a. ok deraadt
   calendar also needs to unveil cpp / sendmail, I forgot to make install
   when I was testing :(  from James J. Lippard
   sendmail/cpp only need "x" no "rx" unveil; ok deraadt
   from sthen@

   this is errata/7.8/023_calendar.patch.sig
VersionDeltaFile
1.37.26.2+7-1usr.bin/calendar/calendar.c
+7-11 files

OpenBSD/ports FlTXxiewww/nghttp2 distinfo Makefile

by sthen on ⎇
   update to nghttp2-1.68.1
   https://github.com/nghttp2/nghttp2/security/advisories/GHSA-6933-cjhr-5qg6
VersionDeltaFile
1.68.2.1+2-2www/nghttp2/distinfo
1.77.2.1+1-1www/nghttp2/Makefile
+3-32 files

OpenBSD/ports TjzGXGkwww/nghttp2 distinfo Makefile

by sthen on ⎇
   update to nghttp2-1.68.1
   https://github.com/nghttp2/nghttp2/security/advisories/GHSA-6933-cjhr-5qg6
VersionDeltaFile
1.70+2-2www/nghttp2/distinfo
1.79+1-1www/nghttp2/Makefile
+3-32 files

OpenBSD/ports hPkQLJFnet/stayrtr distinfo Makefile

by sthen on ⎇
   update to stayrtr-0.6.4
VersionDeltaFile
1.7+2-2net/stayrtr/distinfo
1.10+1-1net/stayrtr/Makefile
+3-32 files

OpenBSD/ports EajEamUbooks/JLS distinfo Makefile

by ian on ⎇
   Oof, JLS 25 is latest.
VersionDeltaFile
1.9+2-2books/JLS/distinfo
1.14+1-1books/JLS/Makefile
+3-32 files

OpenBSD/ports uYTh2Ovbooks/JLS distinfo Makefile

by ian on ⎇
   Update JLS to JDK24.
VersionDeltaFile
1.8+2-2books/JLS/distinfo
1.13+1-1books/JLS/Makefile
+3-32 files

OpenBSD/ports mooRiKLtextproc/asciidoctor distinfo Makefile

by ian on ⎇
   Minor bump asciidoctor 2.0.23 -> 2.0.26
VersionDeltaFile
1.5+2-2textproc/asciidoctor/distinfo
1.13+1-1textproc/asciidoctor/Makefile
+3-32 files

OpenBSD/src r6NHhMTlib/libexpat Changes, lib/libexpat/lib xmlparse.c xmlrole.c

by bluhm on ⎇
   Update libexpat to version 2.7.5.

   Relevant for OpenBSD are security fixes #1158 #1161 #1162 #1163,
   other changes #1156 #1153.  Library bump is not necessary.
   CVE-2026-32776 CVE-2026-32777 CVE-2026-32778

   tested and OK tb@
VersionDeltaFile
1.46+54-11lib/libexpat/lib/xmlparse.c
1.34+53-12lib/libexpat/Changes
1.10+31-1lib/libexpat/tests/misc_tests.c
1.9+27-3lib/libexpat/tests/basic_tests.c
1.3+27-0lib/libexpat/tests/nsalloc_tests.c
1.15+1-1lib/libexpat/lib/xmlrole.c
+193-286 files not shown
+199-3412 files

OpenBSD/ports O9NgN55lang/python/3 Makefile, lang/python/3/files CHANGES.OpenBSD

by sthen on ⎇
   update to python-3.12.13 and patch for recent security fixes.
   backports from tb, .ok tb@ kmos@

   https://mail.python.org/archives/list/security-announce@python.org/thread/H6CADMBCDRFGWCMOXWUIHFJNV43GABJ7/
   Reject control characters in 'http.cookies.Morsel.update' (CVE-2026-3644)

   https://mail.python.org/archives/list/security-announce@python.org/thread/5M7CGUW3XBRY7II4DK43KF7NQQ3TPZ6R/
   Fix C stack overflow (CVE-2026-4224) when an Expat parser with a registered
   'ElementDeclHandler' parses inline DTD containing deeply nested content model.
VersionDeltaFile
1.2.2.1+23-35lang/python/3/patches/patch-Modules_pyexpat_c
1.1.2.1+15-21lang/python/3/patches/patch-Lib_test_test_pyexpat_py
1.1.2.1+15-16lang/python/3/patches/patch-Lib_test_test_http_cookies_py
1.1.2.1+12-10lang/python/3/patches/patch-Lib_http_cookies_py
1.15.2.1+4-1lang/python/3/Makefile
1.2.4.1+4-0lang/python/3/files/CHANGES.OpenBSD
+73-832 files not shown
+76-868 files

OpenBSD/ports b7cKapblang/python/3 Makefile, lang/python/3/patches patch-Lib_test_test_http_cookies_py patch-Lib_http_cookies_py

by sthen on ⎇
   update to python-3.13.12 and patch for recent security fixes. ok tb@ kmos@

   https://mail.python.org/archives/list/security-announce@python.org/thread/H6CADMBCDRFGWCMOXWUIHFJNV43GABJ7/
   Reject control characters in 'http.cookies.Morsel.update' (CVE-2026-3644)

   https://mail.python.org/archives/list/security-announce@python.org/thread/5M7CGUW3XBRY7II4DK43KF7NQQ3TPZ6R/
   Fix C stack overflow (CVE-2026-4224) when an Expat parser with a registered
   'ElementDeclHandler' parses inline DTD containing deeply nested content model.
VersionDeltaFile
1.1+79-0lang/python/3/patches/patch-Lib_test_test_http_cookies_py
1.1+71-0lang/python/3/patches/patch-Lib_http_cookies_py
1.2+65-1lang/python/3/patches/patch-Modules_pyexpat_c
1.1+47-0lang/python/3/patches/patch-Lib_test_test_pyexpat_py
1.11+17-0lang/python/3/pkg/PLIST-tests
1.23+1-5lang/python/3/Makefile
+280-63 files not shown
+288-89 files

OpenBSD/src Uz9LYNQusr.bin/tmux popup.c

by nicm on ⎇
   Copy hyperlinks when redrawing popup so they do not vanish, from Antoine
   Gaudreau Simard in GitHub issue 4925.
VersionDeltaFile
1.66+5-1usr.bin/tmux/popup.c
+5-11 files

OpenBSD/src 4erlMkJusr.bin/tmux tmux.1

by nicm on ⎇
   Fix buffer to both for get-clipboard, from Seth Girvan.
VersionDeltaFile
1.1040+3-3usr.bin/tmux/tmux.1
+3-31 files

OpenBSD/src iNzvDQYusr.bin/tmux utf8.c tmux.1

by nicm on ⎇
   Allow codepoint-widths to accept ranges, from san65384 at gmail dot com
   in GitHub issue 4930.
VersionDeltaFile
1.70+53-19usr.bin/tmux/utf8.c
1.1039+4-3usr.bin/tmux/tmux.1
+57-222 files

OpenBSD/ports eyEl1H0sysutils/google-cloud-sdk distinfo Makefile, sysutils/google-cloud-sdk/pkg PLIST

by ajacoutot on ⎇
   Update to google-cloud-sdk-561.0.0.
VersionDeltaFile
1.414+243-20sysutils/google-cloud-sdk/pkg/PLIST
1.431+2-2sysutils/google-cloud-sdk/distinfo
1.451+1-1sysutils/google-cloud-sdk/Makefile
+246-233 files

OpenBSD/ports lCGWu4ptextproc/icu4c distinfo Makefile

by ajacoutot on ⎇
   Update to icu4c-78.3.
VersionDeltaFile
1.50+2-2textproc/icu4c/distinfo
1.108+1-1textproc/icu4c/Makefile
+3-32 files

OpenBSD/ports 9eK1LXBx11/gnome/zenity distinfo Makefile

by ajacoutot on ⎇
   Update to zenity-4.2.2.
VersionDeltaFile
1.53+2-2x11/gnome/zenity/distinfo
1.110+1-1x11/gnome/zenity/Makefile
+3-32 files

OpenBSD/src 4rkulIXlib/libcrypto/ec ec_key.c ec_local.h, lib/libcrypto/ecdh ecdh.c

by tb on ⎇
   libcrypto: prefix EC_KEY methods with ec_key_

   We received reports that the too generic internal ecdsa_{sign,verify}()
   symbol names clash in some static links. The naming here is annoying
   because the EC_KEY_METHOD amalgamated the no longer existing ECDH and
   ECDSA methods which themselves had poorly chosen method names, still
   reflected in public API.

   There are various messes here. The ECDSA verify methods are declared
   in ec_local.h, whereas the ECDSA sign methods are in ecdsa_local.h
   (which is itself pretty useless and really only about EC_KEY_METHOD).
   I therefore merged the ECDSA method declarations into ec_local.h and
   deleted ecdsa_local.h since I see no real benefit to the latter.
   ecdsa.c needs ec_local.h anyway. Having the method declarations next
   to EC_KEY_METHOD seems sensible. I left the order as it was, matching
   ecdsa.c. The eckey_compute_pubkey() prototype should probably be moved
   down.

   With one exception I just added an ec_key_ prefix. This leads to a

    [10 lines not shown]
VersionDeltaFile
1.53+9-10lib/libcrypto/ec/ec_key.c
1.74+12-4lib/libcrypto/ec/ec_local.h
1.22+7-7lib/libcrypto/ecdsa/ecdsa.c
1.13+3-3lib/libcrypto/ecdh/ecdh.c
1.4+1-1lib/libcrypto/ecdsa/ecdsa_local.h
+32-255 files