OpenBSD/ports B9odY8Vdevel/opendht Makefile

   avoid picking up doxygen during build, to avoid build failure with dpb junking
   requested by naddy
VersionDeltaFile
1.2+2-5devel/opendht/Makefile
+2-51 files

OpenBSD/src pjyDuyvsys/dev/ic qwz.c

   Enable nwid scanning by doing two things:

   1. Disable the 802.11d scanning command for now, since it causes a firmware
      error for which we currently have no solution.  This isn't a critical
      feature, and we can progress without it until we find a solution.

   2. Send the HTT software ring setup messages for the receive rings, otherwise
      the firmware never initializes its RXDMA pipeline, and delivers no frames
      to the host.  For that we did port over the
      ath12k_dp_rxdma_ring_sel_config_wcn7850() and ath12k_dp_rx_htt_setup()
      functions from the linux driver.

   Tested and ok kettenis@, kirill@
VersionDeltaFile
1.25+85-1sys/dev/ic/qwz.c
+85-11 files

OpenBSD/src RfrXUhWlibexec/tradcpp macro.c

   expand_domacro() handled a defined() with the wrong argument count via
   an error path that doesn't drain es->args

   OK jsg
VersionDeltaFile
1.5+1-0libexec/tradcpp/macro.c
+1-01 files

OpenBSD/src DFINAHJsys/net pf_if.c

   PFI_FLAG_SKIP may be lost when interface disappears and then reappears

   if 'set skip on ...' in pf.conf(5) refers to interface (or interface group)
   which is yet to be created in system, then all is good.

   However if the interface (or interface group) exists in system at the time
   when pf.conf(5) is being loaded to pf(4) the effect of skip flag might get
   lost. The scenario for tap0 interface goes as follows:

   tap0 (and tap interface) exist in system and is known to pf(4), meaning
   'pfctl -sI' reports tap0 and tap.

   pf.conf with 'set skip on tap' is loaded. The pf(4) sets the flag on
   `kif` instance without obtaining a reference to keep it in table
   until skip flag (PFI_FLAG_SKIP) is reset.

   tap0 interface is removed from system (ifconfig tap0 destroy),
   the tap0 is removed from system and also corresponding kif instance
   is removed from pf(4). kif is forgotten together with flag settings. If tap0

    [13 lines not shown]
VersionDeltaFile
1.113+16-2sys/net/pf_if.c
+16-21 files

OpenBSD/src eycBTRfregress/lib/libcrypto/pkcs7 pkcs7test.c

   pkcs7test: factor main into a helper so we can add some unit tests easily
VersionDeltaFile
1.6+13-3regress/lib/libcrypto/pkcs7/pkcs7test.c
+13-31 files

OpenBSD/ports aviuzeNsysutils/rclone distinfo Makefile

   Update to rclone-1.73.5

   CVE-2026-41176
   rc: add AuthRequired to options/set to prevent auth bypass
   rc: snapshot NoAuth at startup to prevent runtime auth bypass

   CVE-2026-41179
   operations: add AuthRequired to operations/fsinfo to prevent backend
   creation

   Changelog: https://rclone.org/changelog/#v1-73-5-2026-04-19

   OK sthen@
VersionDeltaFile
1.64+4-4sysutils/rclone/distinfo
1.74+1-1sysutils/rclone/Makefile
+5-52 files

OpenBSD/src 2Jt23D4distrib/notes/riscv64 prep

   Remove the bootcmd hint for now

   On this jupiter box, U-Boot's bootcmd can't be interrupted on the serial
   console by pressing any key, Ctrl+C or ESC, even though the official
   docs say it should be possible by pressing any key.

   sigh
VersionDeltaFile
1.11+1-8distrib/notes/riscv64/prep
+1-81 files

OpenBSD/src T3SRD7Mdistrib/notes/riscv64 prep

   Better wording and typo fix for the Spacemit K1 boards
VersionDeltaFile
1.10+5-6distrib/notes/riscv64/prep
+5-61 files

OpenBSD/src 3tls1sIdistrib/notes/riscv64 hardware

   Mention some Spacemit K1 boards that kettenis added support for

   BananaPi F3, Orange Pi RV2, and Milk-V Jupiter
VersionDeltaFile
1.5+4-1distrib/notes/riscv64/hardware
+4-11 files

OpenBSD/src 7BRWOLKdistrib/notes/riscv64 prep

   Add post-install hints for boards without distro_bootcmd (like BPi F3/Jupiter)

   The default bootcmd is useless on these boards, so suggest some simple
   default boot command.
VersionDeltaFile
1.9+7-0distrib/notes/riscv64/prep
+7-01 files

OpenBSD/src Ax5vXUOdistrib/notes/riscv64 prep

   Document specifics for spacemit K1-based boards

   Orange Pi RV2, BananaPi F3, and Milk-V Jupiter
   Requested by deraadt
VersionDeltaFile
1.8+15-0distrib/notes/riscv64/prep
+15-01 files

OpenBSD/src wRBwZJkdistrib/notes/riscv64 prep

   Move hw-specific parts at the end of this file
VersionDeltaFile
1.7+12-13distrib/notes/riscv64/prep
+12-131 files

OpenBSD/src f8ckbbZsys/arch/octeon/dev cn30xxuart.c

   sys/octeon: preserve bootloader console baud

   The SRX300 console runs at 9600 baud under U-Boot; OpenBSD forced 115200
   during console handoff, which garbled output immediately after early
   memory setup and made a live kernel look dead.

   Here, I read the programmed UART divisor instead and derive comconsrate
   from it, so the kernel preserves the bootloader console configuration.

   OK: visa@
VersionDeltaFile
1.14+24-8sys/arch/octeon/dev/cn30xxuart.c
+24-81 files

OpenBSD/src CEOXBMMsys/arch/octeon/dev octeon_intr.c

   sys/octeon: accept linux,phandle for IRQs

   SRX300 firmware DT describes the CIU root and several CIB interrupt
   controllers with linux,phandle, but omits phandle.

   octeon_intr_register() consumed only the latter; the controllers
   therefore never entered the interrupt controller registry, and every
   later interrupt-parent lookup for CIB, AHCI, and xHCI failed.

   Thus, dev/ofw/fdt lookup code already treats phandle and linux,phandle
   as equivalent; so the Octeon interrupt layer should do the same when
   registering interrupt controllers.

   OK: kettenis@, visa@
VersionDeltaFile
1.26+3-1sys/arch/octeon/dev/octeon_intr.c
+3-11 files

OpenBSD/ports P8tI8U4graphics/lcms2 Makefile distinfo

   graphics/lcms2: Update to 2.19rc2

   Fixes several issues, for reference see
   https://marc.info/?l=oss-security&m=177646929211758&w=2

   pointed out by and ok tb@, ok naddy@
VersionDeltaFile
1.29+6-3graphics/lcms2/Makefile
1.15+2-2graphics/lcms2/distinfo
+8-52 files

OpenBSD/ports XvX9o9Hnet/gelatod distinfo Makefile

   update to gelatod-1.7;  same fix as 029_v6daemons;  OK naddy
VersionDeltaFile
1.6+2-2net/gelatod/distinfo
1.12+1-1net/gelatod/Makefile
+3-32 files

OpenBSD/ports TZauOB1geo/mapserver distinfo Makefile

   geo/mapserver: security update to 8.6.2.

   see https://mapserver.org/development/changelog/changelog-8-6.html#changelog-8-6
   fixes https://github.com/MapServer/MapServer/security/advisories/GHSA-4g9f-ph64-hg2x

   ok naddy@
VersionDeltaFile
1.44+2-2geo/mapserver/distinfo
1.111+1-1geo/mapserver/Makefile
+3-32 files

OpenBSD/src rciq5iSusr.bin/vi/common screen.c

   vi: fix indent by trailing extra space

   from Walter Alejandro Iglesias
VersionDeltaFile
1.15+3-3usr.bin/vi/common/screen.c
+3-31 files

OpenBSD/src J4KjEm5usr.bin/vi/common options.c exf.c, usr.bin/vi/ex ex_tag.c ex_subst.c

   vi: whitespace fixes

   Zap trailing whitespace, remove spaces before tabs, and expand 8 spaces to
   tabs.

   Prompted by a diff by Walter Alejandro Iglesias
VersionDeltaFile
1.27+13-13usr.bin/vi/ex/ex_tag.c
1.31+11-11usr.bin/vi/common/options.c
1.51+11-11usr.bin/vi/common/exf.c
1.18+10-10usr.bin/vi/common/line.c
1.32+7-7usr.bin/vi/ex/ex_subst.c
1.15+7-7usr.bin/vi/common/seq.c
+59-5933 files not shown
+147-14839 files

OpenBSD/src K3jh61ousr.bin/vi/cl cl_funcs.c, usr.bin/vi/common recover.c

   vi: avoid set but not used warnings

   From Walter Alejandro Iglesias
   ok claudio
VersionDeltaFile
1.15+2-4usr.bin/vi/ex/ex_append.c
1.24+1-5usr.bin/vi/cl/cl_funcs.c
1.14+2-3usr.bin/vi/ex/ex_bang.c
1.17+1-4usr.bin/vi/vi/vs_split.c
1.33+1-3usr.bin/vi/common/recover.c
1.18+1-3usr.bin/vi/ex/ex_global.c
+8-226 files

OpenBSD/src GOI7JHulib/libcrypto/mlkem mlkem_internal.h

   mlkem: use <openssl/mlkem.h> instead of "mlkem.h"

   patch from portable
VersionDeltaFile
1.15+3-2lib/libcrypto/mlkem/mlkem_internal.h
+3-21 files

OpenBSD/src HVnGIIYusr.bin/ssh channels.c

   Clarify comment on what setting extended types for channels does

   OK djm@
VersionDeltaFile
1.459+2-2usr.bin/ssh/channels.c
+2-21 files

OpenBSD/ports M5qz8yKx11/gtk+4 distinfo Makefile

   Update to gtk+4-4.22.3.

   ok naddy@
VersionDeltaFile
1.69+2-2x11/gtk+4/distinfo
1.124+1-1x11/gtk+4/Makefile
+3-32 files

OpenBSD/src P1dsWPRlib/libtls tls_keypair.c

   tls_keypair: add missing <limits.h>

   from bcook kenjiro
VersionDeltaFile
1.13+3-1lib/libtls/tls_keypair.c
+3-11 files

OpenBSD/src 3Rvfl7Nlib/libcrypto/ec ec_pmeth.c

   ec_pmeth: fix 20yo comment: *outlen -> *keylen
VersionDeltaFile
1.28+2-2lib/libcrypto/ec/ec_pmeth.c
+2-21 files

OpenBSD/src uzskfyusys/dev/pci/drm/i915/display intel_psr.c

   drm/i915/psr: Do not use pipe_src as borders for SU area

   From Jouni Hogander
   de9aa7e89b98157d2650f25691e40711b8404151 in linux-6.18.y/6.18.23
   75519f5df2a9b23f7bf305e12dc9a6e3e65c24b7 in mainline linux
VersionDeltaFile
1.17+19-11sys/dev/pci/drm/i915/display/intel_psr.c
+19-111 files

OpenBSD/src gmgqCKAsys/dev/pci/drm/i915/gt intel_engine_heartbeat.c

   drm/i915/gt: fix refcount underflow in intel_engine_park_heartbeat

   From Sebastian Brzezinka
   2af8b200cae3fdd0e917ecc2753b28bb40c876c1 in linux-6.18.y/6.18.23
   4c71fd099513bfa8acab529b626e1f0097b76061 in mainline linux
VersionDeltaFile
1.7+18-8sys/dev/pci/drm/i915/gt/intel_engine_heartbeat.c
+18-81 files

OpenBSD/src mT5mutDsys/conf newvers.sh

   7.9-current
   ok deraadt@
VersionDeltaFile
1.216+3-3sys/conf/newvers.sh
+3-31 files

OpenBSD/src fMu9AsIusr.bin/ssh clientloop.c

   correctly set extended type for client-side channels. Fixes
   interactive vs bulk IPQoS for client->server traffic. ok job@
VersionDeltaFile
1.423+12-6usr.bin/ssh/clientloop.c
+12-61 files

OpenBSD/ports k5A4rZksysutils/btop Makefile, sysutils/btop/patches patch-src_openbsd_btop_collect.cpp

   Patch btop to report active CPU usage correctly

   from upstream https://github.com/aristocratos/btop/pull/1587

   This also allows building on spark64 with gcc 15.
VersionDeltaFile
1.1+86-0sysutils/btop/patches/patch-src_openbsd_btop_collect.cpp
1.9+3-1sysutils/btop/Makefile
+89-12 files