OpenBSD/src 5KnVyFausr.bin/tmux key-bindings.c

   Add detach to default session menu, suggested by Przemyslaw Sztoch.
VersionDeltaFile
1.165+2-1usr.bin/tmux/key-bindings.c
+2-11 files

OpenBSD/src tHoyXSkusr.bin/tmux key-bindings.c

   Fix key binding conflict in session menu, from Dane Jensen.
VersionDeltaFile
1.164+2-2usr.bin/tmux/key-bindings.c
+2-21 files

OpenBSD/src i4BWCERusr.bin/tmux notify.c

   Include window bits for pane notifications, GitHub issue 5007 from Saul
   Nogueras.
VersionDeltaFile
1.45+6-2usr.bin/tmux/notify.c
+6-21 files

OpenBSD/src G3Edqx2usr.bin/tmux format.c

   Limit precision to 100 to stop silly formats from running out of memory,
   reported by z1281552865 at gmail dot com.
VersionDeltaFile
1.358+6-2usr.bin/tmux/format.c
+6-21 files

OpenBSD/src v4eSbzMusr.bin/tmux options-table.c

   Add WAYLAND_DISPLAY to default update-environment, GitHub issue 4965 from
   wgh at torlan dot ru.
VersionDeltaFile
1.207+7-6usr.bin/tmux/options-table.c
+7-61 files

OpenBSD/ports tPpcj5hwww/ungoogled-chromium Makefile, www/ungoogled-chromium/patches patch-third_party_libvpx_source_config_linux_arm64_vpx_dsp_rtcd_h patch-third_party_libvpx_libvpx_srcs_gni

   unbreak build on arm64
VersionDeltaFile
1.1+99-0www/ungoogled-chromium/patches/patch-third_party_libvpx_source_config_linux_arm64_vpx_dsp_rtcd_h
1.1+19-0www/ungoogled-chromium/patches/patch-third_party_libvpx_libvpx_srcs_gni
1.223+2-1www/ungoogled-chromium/Makefile
+120-13 files

OpenBSD/ports algNLwTwww/chromium/patches patch-third_party_libvpx_source_config_linux_arm64_vpx_dsp_rtcd_h patch-modcargo-crates_psm-0_1_23_src_arch_aarch64_armasm_asm, www/iridium/patches patch-third_party_libvpx_source_config_linux_arm64_vpx_dsp_rtcd_h patch-modcargo-crates_psm-0_1_23_src_arch_aarch_aapcs64_s

   unbreak build on arm64 and add IBT patches for the psm crate from lang/deno
VersionDeltaFile
1.1+99-0www/iridium/patches/patch-third_party_libvpx_source_config_linux_arm64_vpx_dsp_rtcd_h
1.1+99-0www/chromium/patches/patch-third_party_libvpx_source_config_linux_arm64_vpx_dsp_rtcd_h
1.1+35-0www/chromium/patches/patch-modcargo-crates_psm-0_1_23_src_arch_aarch64_armasm_asm
1.1+35-0www/chromium/patches/patch-modcargo-crates_psm-0_1_23_src_arch_x86_64_s
1.1+35-0www/chromium/patches/patch-modcargo-crates_psm-0_1_23_src_arch_x86_s
1.1+35-0www/iridium/patches/patch-modcargo-crates_psm-0_1_23_src_arch_aarch_aapcs64_s
+338-08 files not shown
+520-214 files

OpenBSD/ports ZYiy16Fgames/dunelegacy Makefile, games/dunelegacy/patches patch-src_CMakeLists_txt patch-CMakeLists_txt

   switch to cmake
VersionDeltaFile
1.6+35-4games/dunelegacy/pkg/PLIST
1.1+36-0games/dunelegacy/patches/patch-src_CMakeLists_txt
1.18+8-21games/dunelegacy/Makefile
1.1+25-0games/dunelegacy/patches/patch-CMakeLists_txt
1.3+0-0games/dunelegacy/patches/patch-src_Makefile_am
1.2+0-0games/dunelegacy/patches/patch-Makefile_am
+104-256 files

OpenBSD/ports Vku4BFndevel/zizmor Makefile distinfo

   zizmor: bump to 1.24.1, take maintainer

   https://github.com/zizmorcore/zizmor/releases/tag/v1.24.1
VersionDeltaFile
1.5+3-1devel/zizmor/Makefile
1.3+2-2devel/zizmor/distinfo
+5-32 files

OpenBSD/ports 6qZFm8ntextproc/p5-XML-Parser distinfo Makefile

   update p5-XML-Parser to 2.57
   fixes regression in p5-XML-Twig
VersionDeltaFile
1.18+2-2textproc/p5-XML-Parser/distinfo
1.43+1-1textproc/p5-XML-Parser/Makefile
+3-32 files

OpenBSD/ports sxtnodZsecurity/vaultwarden distinfo Makefile

   Update to vaultwarden-1.35.7

   Changes: https://github.com/dani-garcia/vaultwarden/releases/tag/1.35.7
VersionDeltaFile
1.35+2-2security/vaultwarden/distinfo
1.55+1-1security/vaultwarden/Makefile
+3-32 files

OpenBSD/ports MxmMhRLgeo/lib2geom Makefile

   Remove BROKEN-sparc64 since there is no longer a lack of C++20 with
   GCC 15
VersionDeltaFile
1.13+0-1geo/lib2geom/Makefile
+0-11 files

OpenBSD/ports YgiNLGOeditors/vim-classic Makefile distinfo, editors/vim-classic/patches patch-runtime_filetype_vim

   update to newer vim-classic commit
VersionDeltaFile
1.11+2-2editors/vim-classic/Makefile
1.6+2-2editors/vim-classic/distinfo
1.2+1-1editors/vim-classic/patches/patch-runtime_filetype_vim
1.5+1-0editors/vim-classic/pkg/PLIST
+6-54 files

OpenBSD/src lQAzqwOdistrib/sets/lists/man mi

   sync
VersionDeltaFile
1.1766+3-0distrib/sets/lists/man/mi
+3-01 files

OpenBSD/ports INP2Prxdevel/llvm/22 distinfo Makefile, devel/llvm/22/patches patch-libunwind_src_Registers_hpp patch-llvm_lib_Target_ARM_ARMISelLowering_cpp

   update to 22.1.3
VersionDeltaFile
1.2+4-4devel/llvm/22/patches/patch-libunwind_src_Registers_hpp
1.4+2-2devel/llvm/22/distinfo
1.2+1-1devel/llvm/22/patches/patch-llvm_lib_Target_ARM_ARMISelLowering_cpp
1.5+1-1devel/llvm/22/Makefile
1.2+0-0devel/llvm/22/patches/patch-llvm_lib_MC_MCELFStreamer_cpp
+8-85 files

OpenBSD/ports zGUEhGGnet/p5-Net-CIDR-Lite Makefile distinfo

   update p5-Net-CIDR-Lite to 0.23
   take maintainer
   CVE-2026-40198 CVE-2026-40199
VersionDeltaFile
1.16+14-8net/p5-Net-CIDR-Lite/Makefile
1.9+2-2net/p5-Net-CIDR-Lite/distinfo
+16-102 files

OpenBSD/src DVMShbKsys/conf newvers.sh

   move out of -beta
VersionDeltaFile
1.215+3-3sys/conf/newvers.sh
+3-31 files

OpenBSD/ports H18RQ0plang/lucee/v6 distinfo Makefile

   update to lucee-6.2.6.19
VersionDeltaFile
1.13+2-2lang/lucee/v6/distinfo
1.16+1-1lang/lucee/v6/Makefile
+3-32 files

OpenBSD/ports mzsV60Udevel/ccache Makefile distinfo

   update to ccache-4.13.3
VersionDeltaFile
1.110+2-2devel/ccache/Makefile
1.79+2-2devel/ccache/distinfo
+4-42 files

OpenBSD/ports b2yYtsEdatabases/py-sqlalchemy distinfo Makefile

   update to py3-sqlalchemy-2.0.49
VersionDeltaFile
1.53+2-2databases/py-sqlalchemy/distinfo
1.86+1-1databases/py-sqlalchemy/Makefile
+3-32 files

OpenBSD/ports Gb596pAdevel/py-build distinfo Makefile

   update to py3-build-1.4.3
VersionDeltaFile
1.11+2-2devel/py-build/distinfo
1.16+1-1devel/py-build/Makefile
+3-32 files

OpenBSD/src 2hllHbclib/libcrypto/x509 x509_constraints.c x509_internal.h, regress/lib/libcrypto/x509 constraints.c

   Prior to this we substring matched and allowed a leading .
   on a SAN DNSname constraint. This is not correct, as with
   a DNSname constraint, it may exacly match or match zero or
   more additional components on the front of the candidte to
   match.

   Spotted by Haruto Kimura <hkimura2026 at gmail.com>

   ok tb@ kenjiro@
VersionDeltaFile
1.19+49-2regress/lib/libcrypto/x509/constraints.c
1.33+23-4lib/libcrypto/x509/x509_constraints.c
1.29+3-1lib/libcrypto/x509/x509_internal.h
+75-73 files

OpenBSD/src VwcOZUXlib/libc/time ctime.3

   Document RETURN value for timegm(3)

   APIs with in-band errors that conflate the error with a legitimate return
   value are about the worst you can get. Near and dear to my heart is the API
   aptly described as "gibbering eidritch horror" by beck: ASN1_INTEGER_get(3).
   Adapt the wording of its RETURN VALUES to timegm() and mktime(), for which
   Dec 31, 1969 at 23:59:59 will yield the error return -1 and thereby errata.

   Missing docs pointed out by claudio a while back and yesterday by deraadt

   ok deraadt millert
VersionDeltaFile
1.51+7-4lib/libc/time/ctime.3
+7-41 files

OpenBSD/src W1CqX6gusr.sbin/rpki-client http.c x509.c

   At the end of parsing the http response header do some sanity checks
   to ensure that the response includes all needed data.

   Right now only the presence of a Location header is checked if a HTTP
   redirect was returned (e.g. a 301 status).

   Different fix for a report from Daniel Anderson
   from claudio@; OK tb@

   rpki-client: fix incorrect error exit in x509_get_time()

   A UTCTime represents a time between Jan 1, 1950 and Dec 31, 2049. This
   includes Dec 31, 1969, 23:59:59 UTC, which translates to epoch -1 when
   converted as a time_t. timegm()'s in-band error conflates this time with
   its error return, so a hard error for this creates a DoS.

   Instead, return an error for ASN.1 times that translate to negative time_t
   and bubble up the error to reject the RPKI product as malformed. Real life
   notBefore (or equivalent) are in the ongoing millenium, although strictly

    [8 lines not shown]
VersionDeltaFile
1.93.4.1+8-3usr.sbin/rpki-client/http.c
1.105.4.1+3-3usr.sbin/rpki-client/x509.c
+11-62 files

OpenBSD/src pLSyz3Dusr.sbin/rpki-client http.c x509.c

   At the end of parsing the http response header do some sanity checks
   to ensure that the response includes all needed data.

   Right now only the presence of a Location header is checked if a HTTP
   redirect was returned (e.g. a 301 status).

   Different fix for a report from Daniel Anderson
   from claudio@; OK tb@

   rpki-client: fix incorrect error exit in x509_get_time()

   A UTCTime represents a time between Jan 1, 1950 and Dec 31, 2049. This
   includes Dec 31, 1969, 23:59:59 UTC, which translates to epoch -1 when
   converted as a time_t. timegm()'s in-band error conflates this time with
   its error return, so a hard error for this creates a DoS.

   Instead, return an error for ASN.1 times that translate to negative time_t
   and bubble up the error to reject the RPKI product as malformed. Real life
   notBefore (or equivalent) are in the ongoing millenium, although strictly

    [8 lines not shown]
VersionDeltaFile
1.100.2.1+8-3usr.sbin/rpki-client/http.c
1.119.2.1+3-3usr.sbin/rpki-client/x509.c
+11-62 files

OpenBSD/src ZujAlmksbin/slaacd engine.c, usr.sbin/rad engine.c

   These programs spin if they receive a RA from the local network with
   ND option with length 0.  from Daniel Wade
   from deraadt@; ok florian

   this is errata/7.7/035_v6daemons.patch.sig
VersionDeltaFile
1.99.4.1+5-1sbin/slaacd/engine.c
1.28.4.1+3-1usr.sbin/rad/engine.c
+8-22 files

OpenBSD/src R9loaxKsbin/slaacd engine.c, usr.sbin/rad engine.c

   These programs spin if they receive a RA from the local network with
   ND option with length 0.  from Daniel Wade
   from deraadt@; ok florian

   this is errata/7.8/029_v6daemons.patch.sig
VersionDeltaFile
1.99.2.1+5-1sbin/slaacd/engine.c
1.29.2.1+3-1usr.sbin/rad/engine.c
+8-22 files

OpenBSD/src Dvb11rhsys/uvm uvm_swap.c

   The fault handling code that deals with getting back from swap for an
   anon does not expect failures because we are short on memory.  These
   are synchronous operations so we're expected to wait on memory to
   become available.  This got broken in rev 1.178 (Back out the
   pagedaemon "oom" reserve and sleeping point).  Bring back the code to
   allocate bounce memory using uvm_pglistalloc(9) but only use it for
   the !async case (which will never be use by the pagedaemon).

   This fixes random segfaults when under memory pressure and init dying
   with SIGILL because it can't copy out a signal frame to the stack when
   it happens to trigger such a segfault.

   With deraadt@, who wrote the code to consolidate the allocation of
   bounce memory.

   ok deraadt@
VersionDeltaFile
1.181+41-26sys/uvm/uvm_swap.c
+41-261 files

OpenBSD/ports pZvQdNNdevel/codex distinfo crates.inc, devel/codex/patches patch-codex-rs_core_src_tools_spec_rs patch-codex-rs_tools_src_tool_registry_plan_rs

   devel/codex: update to 0.120.0
VersionDeltaFile
1.14+76-6devel/codex/distinfo
1.3+22-51devel/codex/patches/patch-codex-rs_core_src_tools_spec_rs
1.1+59-0devel/codex/patches/patch-codex-rs_tools_src_tool_registry_plan_rs
1.9+37-2devel/codex/crates.inc
1.2+22-7devel/codex/patches/patch-codex-rs_tools_src_code_mode_rs
1.12+9-11devel/codex/patches/patch-codex-rs_Cargo_toml
+225-7715 files not shown
+285-10721 files

OpenBSD/src 3lXf6OQsys/uvm uvm_pdaemon.c

   decrease the agressiveness of inactive growth from the previous commit.
   A small increase is enough; if not enough free is created in one round,
   it will be created the next time.
   long discussions with kirill
VersionDeltaFile
1.157+2-2sys/uvm/uvm_pdaemon.c
+2-21 files