OpenBSD/src BnSIwcoetc/examples login_ldap.conf

   - fix syntax in example login_ldap.conf file, it had :\ on a line
   presumably when converted from getcap in the ports version

   - switch to a more unix-y sample filter, and add a commented-out example
   for ActiveDirectory

   based on a diff from Chaz Kettleson which was ok with tweaks by claudio@,
   and incorporating feedback from Andrew Daugherity
VersionDeltaFile
1.2+6-3etc/examples/login_ldap.conf
+6-31 files

OpenBSD/src FTEEAO3usr.bin/tmux key-bindings.c menu.c

   Add C-b g , and C-b g . for move and resize menus, also add to pane menu
   (and fix to make them work).
VersionDeltaFile
1.185+30-1usr.bin/tmux/key-bindings.c
1.68+16-3usr.bin/tmux/menu.c
1.51+9-1usr.bin/tmux/cmd-display-menu.c
1.1126+5-2usr.bin/tmux/tmux.1
1.1393+4-1usr.bin/tmux/tmux.h
+64-85 files

OpenBSD/ports ohNXHSJsysutils/exoscale-cli distinfo Makefile

   Update to exoscale-cli-1.95.5.
VersionDeltaFile
1.152+2-2sysutils/exoscale-cli/distinfo
1.155+1-1sysutils/exoscale-cli/Makefile
+3-32 files

OpenBSD/src xkBCNzhusr.bin/tmux layout.c tmux.h

   Add a layout_geometry container struct, from Dane Jensen.
VersionDeltaFile
1.91+138-138usr.bin/tmux/layout.c
1.1392+21-22usr.bin/tmux/tmux.h
1.66+20-20usr.bin/tmux/cmd-resize-pane.c
1.36+20-20usr.bin/tmux/layout-custom.c
1.68+18-16usr.bin/tmux/cmd-join-pane.c
1.38+9-9usr.bin/tmux/layout-set.c
+226-2253 files not shown
+243-2449 files

OpenBSD/src M2d1M79usr.bin/tmux key-bindings.c window.c

   Set initial scrollbar state, from Michael Grant.
VersionDeltaFile
1.184+2-2usr.bin/tmux/key-bindings.c
1.357+3-1usr.bin/tmux/window.c
+5-32 files

OpenBSD/src 5wfF932usr.bin/tmux key-bindings.c tmux.1

   Restore { and } to swap-pane and for floating panes and use a separate
   key table accessed by g (short for "gove and/or gesize") for floating
   panes. So "C-b g Up" moves the pane to top-centre, "C-b g M-Up" moves
   and resizes it. This means we not only do not lose the surprisingly
   popular { and } bindings, but we can have more than four keys for moving
   and resizing panes.
VersionDeltaFile
1.183+22-5usr.bin/tmux/key-bindings.c
1.1125+8-8usr.bin/tmux/tmux.1
+30-132 files

OpenBSD/ports IgzpSgYsecurity/qtpass distinfo Makefile

   update qtpass to 1.7.0

   Changes since 1.4.0:
   https://github.com/IJHack/QtPass/releases/tag/v1.7.0
   https://github.com/IJHack/QtPass/releases/tag/v1.6.0
   https://github.com/IJHack/QtPass/releases/tag/v1.5.1
   https://github.com/IJHack/QtPass/releases/tag/v1.5.0
VersionDeltaFile
1.3+2-2security/qtpass/distinfo
1.5+1-1security/qtpass/Makefile
+3-32 files

OpenBSD/src o5k1buHsys/net pipex.c

   don't assume an ipv4 header is always 20 bytes.

   as reported by SecBuddyF, Tencent KeenLab:

   > OpenBSD's pipex PPTP GRE packet handling uses a fixed GRE/IP header
   > length check before later reading the GRE header at an offset derived
   > from the actual IPv4 header length.
   >
   > When IPv4 options are present, the dynamic IPv4 header length can
   > be larger than 20 bytes. A short GRE packet can therefore pass the
   > fixed 28-byte PIPEX_IPGRE_HDRLEN check while still being too short
   > for the later m_copydata(m0, hlen, sizeof(gre), &gre) read.
   >
   > This can trigger:
   >
   >   panic: m_copydata: null mbuf
   >
   > The issue is remotely triggerable when GRE and pipex are enabled
   > and inbound IPv4 GRE packets with IP options are allowed to reach

    [8 lines not shown]
VersionDeltaFile
1.163+26-8sys/net/pipex.c
+26-81 files

OpenBSD/src A9xxEr9usr.bin/ssh authfile.c

   prefer fstat to stat when it's trivial to do so
VersionDeltaFile
1.152+2-2usr.bin/ssh/authfile.c
+2-21 files

OpenBSD/src uu2Yw7fusr.bin/ssh auth2-gss.c

   unused variables
VersionDeltaFile
1.42+1-3usr.bin/ssh/auth2-gss.c
+1-31 files

OpenBSD/src RxAXLAEusr.bin/ssh servconf.c servconf.h

   fix GSSAPI option names, that I somehow screwed up while refactoring
   servconf.c bz3974 patch from Colin Watson
VersionDeltaFile
1.451+9-9usr.bin/ssh/servconf.c
1.179+9-9usr.bin/ssh/servconf.h
+18-182 files

OpenBSD/src S2wrnPpgnu/usr.bin/perl/cpan/Socket Socket.pm Socket.xs, gnu/usr.bin/perl/cpan/Socket/t sockaddr.t

   Update Socket to 2.041

   CVE-2026-12087:
    Socket versions before 2.041 for Perl have an out-of-bounds heap read

   From security.metacpan.org
VersionDeltaFile
1.8+77-26gnu/usr.bin/perl/cpan/Socket/Socket.pm
1.8+70-33gnu/usr.bin/perl/cpan/Socket/Socket.xs
1.2+71-6gnu/usr.bin/perl/cpan/Socket/t/sockaddr.t
+218-653 files

OpenBSD/ports oRdbsp4www/hugo distinfo modules.inc

   www/hugo: update to 0.164.0
VersionDeltaFile
1.99+78-98www/hugo/distinfo
1.61+23-28www/hugo/modules.inc
1.107+1-1www/hugo/Makefile
+102-1273 files

OpenBSD/ports xjWg5cqgraphics/p5-Imager Makefile distinfo

   update p5-Imager to 1.032
   CVE-2026-13708 CVE-2026-13705 CVE-2026-8454
VersionDeltaFile
1.56+23-21graphics/p5-Imager/Makefile
1.20+2-2graphics/p5-Imager/distinfo
+25-232 files

OpenBSD/ports 7yiX0Wwsysutils/exfetch Makefile distinfo

   sysutils/exfetch: update to 1.7

   from izzy Meyer (maintainer)
VersionDeltaFile
1.9+8-5sysutils/exfetch/Makefile
1.8+4-2sysutils/exfetch/distinfo
+12-72 files

OpenBSD/src 8ndBGEPusr.bin/tmux layout.c options.c

   Could of minor tidy ups.
VersionDeltaFile
1.90+2-6usr.bin/tmux/layout.c
1.89+2-2usr.bin/tmux/options.c
+4-82 files

OpenBSD/ports Zh8XwyNsecurity/p5-Crypt-DSA distinfo Makefile

   update p5-Crypt-DSA to 1.24
VersionDeltaFile
1.8+2-2security/p5-Crypt-DSA/distinfo
1.21+1-2security/p5-Crypt-DSA/Makefile
+3-42 files

OpenBSD/ports zDgXrcrshells/fish/main/patches patch-fish_Cargo_toml patch-fluent-ftl-tools_Cargo_toml

   shells/fish: Forgot to cvs-add the patches
VersionDeltaFile
1.1+32-0shells/fish/main/patches/patch-fish_Cargo_toml
1.1+14-0shells/fish/main/patches/patch-fluent-ftl-tools_Cargo_toml
1.8+0-0shells/fish/main/patches/patch-Cargo_toml
+46-03 files

OpenBSD/ports xJVVN8Tsecurity/p5-IO-Socket-SSL distinfo Makefile, security/p5-IO-Socket-SSL/patches patch-t_memleak_bad_handshake_t

   update p5-IO-Socket-SSL to 2.099
VersionDeltaFile
1.133+2-2security/p5-IO-Socket-SSL/distinfo
1.150+1-1security/p5-IO-Socket-SSL/Makefile
1.2+0-0security/p5-IO-Socket-SSL/patches/patch-t_memleak_bad_handshake_t
+3-33 files

OpenBSD/ports hY2RPYxgraphics/stable-diffusion.cpp distinfo Makefile, graphics/stable-diffusion.cpp/patches patch-CMakeLists_txt

   graphics/stable-diffusion.cpp: Update to 0.0.765
VersionDeltaFile
1.6+8-0graphics/stable-diffusion.cpp/pkg/PLIST
1.6+4-4graphics/stable-diffusion.cpp/distinfo
1.9+2-3graphics/stable-diffusion.cpp/Makefile
1.6+1-1graphics/stable-diffusion.cpp/patches/patch-CMakeLists_txt
+15-84 files

OpenBSD/ports uhhPITRshells/fish/main distinfo crates.inc, shells/fish/main/patches patch-Cargo_toml

   shells/fish: Update to 4.8.0

   ok Florian Viehweger (Maintainer)
VersionDeltaFile
1.11+0-1,385shells/fish/main/pkg/PLIST
1.13+172-78shells/fish/main/distinfo
1.10+83-38shells/fish/main/crates.inc
1.14+12-3shells/fish/main/Makefile
1.7+0-12shells/fish/main/patches/patch-Cargo_toml
+267-1,5165 files

OpenBSD/ports 4pECbHptextproc/miller distinfo Makefile

   Update miller to 6.20.2.
VersionDeltaFile
1.21+2-2textproc/miller/distinfo
1.25+1-1textproc/miller/Makefile
+3-32 files

OpenBSD/src a1bjMfmusr.bin/tmux screen-write.c

   When sync is enabled, we need to mark the whole scroll region dirty if
   there has been any scrolling. GitHub issue 5330.
VersionDeltaFile
1.282+5-1usr.bin/tmux/screen-write.c
+5-11 files

OpenBSD/ports PmTqeKLaudio/libxmp distinfo Makefile

   Update libxmp to 4.7.1.
VersionDeltaFile
1.21+2-2audio/libxmp/distinfo
1.28+1-1audio/libxmp/Makefile
+3-32 files

OpenBSD/src Onn9QJRusr.bin/tmux window-customize.c cmd-set-option.c

   Add a key to change an array key in customize mode.
VersionDeltaFile
1.30+87-2usr.bin/tmux/window-customize.c
1.144+3-3usr.bin/tmux/cmd-set-option.c
1.401+3-1usr.bin/tmux/format.c
1.88+2-2usr.bin/tmux/options.c
+95-84 files

OpenBSD/src 6GQA27eusr.bin/tmux options.c window-customize.c

   Change array item keys to be strings instead of numbers which are
   painful to work with.
VersionDeltaFile
1.87+161-46usr.bin/tmux/options.c
1.29+57-49usr.bin/tmux/window-customize.c
1.72+19-17usr.bin/tmux/cmd-show-options.c
1.400+17-16usr.bin/tmux/format.c
1.143+18-13usr.bin/tmux/cmd-set-option.c
1.1391+15-13usr.bin/tmux/tmux.h
+287-1545 files not shown
+314-18011 files

OpenBSD/ports QySi1xwdatabases/sqlports Makefile, databases/sqlports/files/scripts show-reverse-deps

   in show-reverse-deps, use --list when running sqlite3, so that fancy
   line-drawing characters are not used when output is to the console.
   ok espie
VersionDeltaFile
1.12+2-2databases/sqlports/files/scripts/show-reverse-deps
1.154+1-1databases/sqlports/Makefile
+3-32 files

OpenBSD/ports SpAjWFJsecurity/p5-Crypt-DSA distinfo Makefile

   update to p5-Crypt-DSA-1.22
VersionDeltaFile
1.5.6.2+2-2security/p5-Crypt-DSA/distinfo
1.18.6.2+1-1security/p5-Crypt-DSA/Makefile
+3-32 files

OpenBSD/ports fUiXqmhsecurity/p5-Crypt-DSA distinfo Makefile

   update to p5-Crypt-DSA-1.22, fixes key generation issue with previous
   versions:

   "Crypt::DSA::Util::makerandom forces the high bit of every value it
   returns to obtain an exactly N-bit integer for prime search. The
   signing nonce and the private key are drawn from makerandom. Because
   the high bit is always set, the result is not uniform: its top bit is
   fixed, producing insecure values."

   Keys used to sign with an affected version should be considered
   compromised and new keys should be generated.
VersionDeltaFile
1.7+2-2security/p5-Crypt-DSA/distinfo
1.20+1-1security/p5-Crypt-DSA/Makefile
+3-32 files

OpenBSD/src fovRhD0sbin/iked vroute.c

   iked: Wrong data structure zeroized

   The parameter int mask was confused with the local variable struct
   sockaddr_in mask4.  bzero(3) was applied to mask instead of mask4.

   ok markus@
VersionDeltaFile
1.22+2-2sbin/iked/vroute.c
+2-21 files