OpenBSD/ports TZauOB1geo/mapserver distinfo Makefile

   geo/mapserver: security update to 8.6.2.

   see https://mapserver.org/development/changelog/changelog-8-6.html#changelog-8-6
   fixes https://github.com/MapServer/MapServer/security/advisories/GHSA-4g9f-ph64-hg2x

   ok naddy@
VersionDeltaFile
1.44+2-2geo/mapserver/distinfo
1.111+1-1geo/mapserver/Makefile
+3-32 files

OpenBSD/src rciq5iSusr.bin/vi/common screen.c

   vi: fix indent by trailing extra space

   from Walter Alejandro Iglesias
VersionDeltaFile
1.15+3-3usr.bin/vi/common/screen.c
+3-31 files

OpenBSD/src J4KjEm5usr.bin/vi/common options.c exf.c, usr.bin/vi/ex ex_tag.c ex_subst.c

   vi: whitespace fixes

   Zap trailing whitespace, remove spaces before tabs, and expand 8 spaces to
   tabs.

   Prompted by a diff by Walter Alejandro Iglesias
VersionDeltaFile
1.27+13-13usr.bin/vi/ex/ex_tag.c
1.31+11-11usr.bin/vi/common/options.c
1.51+11-11usr.bin/vi/common/exf.c
1.18+10-10usr.bin/vi/common/line.c
1.32+7-7usr.bin/vi/ex/ex_subst.c
1.15+7-7usr.bin/vi/common/seq.c
+59-5933 files not shown
+147-14839 files

OpenBSD/src K3jh61ousr.bin/vi/cl cl_funcs.c, usr.bin/vi/common recover.c

   vi: avoid set but not used warnings

   From Walter Alejandro Iglesias
   ok claudio
VersionDeltaFile
1.15+2-4usr.bin/vi/ex/ex_append.c
1.24+1-5usr.bin/vi/cl/cl_funcs.c
1.14+2-3usr.bin/vi/ex/ex_bang.c
1.17+1-4usr.bin/vi/vi/vs_split.c
1.33+1-3usr.bin/vi/common/recover.c
1.18+1-3usr.bin/vi/ex/ex_global.c
+8-226 files

OpenBSD/src GOI7JHulib/libcrypto/mlkem mlkem_internal.h

   mlkem: use <openssl/mlkem.h> instead of "mlkem.h"

   patch from portable
VersionDeltaFile
1.15+3-2lib/libcrypto/mlkem/mlkem_internal.h
+3-21 files

OpenBSD/src HVnGIIYusr.bin/ssh channels.c

   Clarify comment on what setting extended types for channels does

   OK djm@
VersionDeltaFile
1.459+2-2usr.bin/ssh/channels.c
+2-21 files

OpenBSD/ports M5qz8yKx11/gtk+4 distinfo Makefile

   Update to gtk+4-4.22.3.

   ok naddy@
VersionDeltaFile
1.69+2-2x11/gtk+4/distinfo
1.124+1-1x11/gtk+4/Makefile
+3-32 files

OpenBSD/src P1dsWPRlib/libtls tls_keypair.c

   tls_keypair: add missing <limits.h>

   from bcook kenjiro
VersionDeltaFile
1.13+3-1lib/libtls/tls_keypair.c
+3-11 files

OpenBSD/src 3Rvfl7Nlib/libcrypto/ec ec_pmeth.c

   ec_pmeth: fix 20yo comment: *outlen -> *keylen
VersionDeltaFile
1.28+2-2lib/libcrypto/ec/ec_pmeth.c
+2-21 files

OpenBSD/src uzskfyusys/dev/pci/drm/i915/display intel_psr.c

   drm/i915/psr: Do not use pipe_src as borders for SU area

   From Jouni Hogander
   de9aa7e89b98157d2650f25691e40711b8404151 in linux-6.18.y/6.18.23
   75519f5df2a9b23f7bf305e12dc9a6e3e65c24b7 in mainline linux
VersionDeltaFile
1.17+19-11sys/dev/pci/drm/i915/display/intel_psr.c
+19-111 files

OpenBSD/src gmgqCKAsys/dev/pci/drm/i915/gt intel_engine_heartbeat.c

   drm/i915/gt: fix refcount underflow in intel_engine_park_heartbeat

   From Sebastian Brzezinka
   2af8b200cae3fdd0e917ecc2753b28bb40c876c1 in linux-6.18.y/6.18.23
   4c71fd099513bfa8acab529b626e1f0097b76061 in mainline linux
VersionDeltaFile
1.7+18-8sys/dev/pci/drm/i915/gt/intel_engine_heartbeat.c
+18-81 files

OpenBSD/src mT5mutDsys/conf newvers.sh

   7.9-current
   ok deraadt@
VersionDeltaFile
1.216+3-3sys/conf/newvers.sh
+3-31 files

OpenBSD/src fMu9AsIusr.bin/ssh clientloop.c

   correctly set extended type for client-side channels. Fixes
   interactive vs bulk IPQoS for client->server traffic. ok job@
VersionDeltaFile
1.423+12-6usr.bin/ssh/clientloop.c
+12-61 files

OpenBSD/ports k5A4rZksysutils/btop Makefile, sysutils/btop/patches patch-src_openbsd_btop_collect.cpp

   Patch btop to report active CPU usage correctly

   from upstream https://github.com/aristocratos/btop/pull/1587

   This also allows building on spark64 with gcc 15.
VersionDeltaFile
1.1+86-0sysutils/btop/patches/patch-src_openbsd_btop_collect.cpp
1.9+3-1sysutils/btop/Makefile
+89-12 files

OpenBSD/ports XyvLVE0shells/elvish distinfo modules.inc, shells/elvish/pkg PLIST

   shells/elvish: Update to 0.21.0

   The current version in ports is broken/non-functional.

   approved by naddy@
VersionDeltaFile
1.5+64-22shells/elvish/distinfo
1.2+20-8shells/elvish/modules.inc
1.11+2-6shells/elvish/Makefile
1.4+1-3shells/elvish/pkg/PLIST
+87-394 files

OpenBSD/src xMjylTQlibexec/login_chpass Makefile

   login_chpass: No longer need to install this setuid root

   When the YP code was removed login_chpass became wrapper that just
   execs login_lchpass.

   OK deraadt@
VersionDeltaFile
1.10+2-4libexec/login_chpass/Makefile
+2-41 files

OpenBSD/ports xABnlUagraphics/png distinfo Makefile

   Update to png 1.6.58. ok deraadt@, naddy@.
   Fixes a regression introduced in 1.6.56
VersionDeltaFile
1.72.2.7+2-2graphics/png/distinfo
1.143.2.7+1-1graphics/png/Makefile
+3-32 files

OpenBSD/ports 5DNHSSdgraphics/png distinfo Makefile

   Update to png 1.6.58. ok deraadt@, naddy@.
   Fixes a regression introduced in 1.6.56
   xenocara will be updated after unlock as it's not affected.
VersionDeltaFile
1.79+2-2graphics/png/distinfo
1.150+1-1graphics/png/Makefile
+3-32 files

OpenBSD/src g1NybjTsys/arch/arm64/stand/efiboot efiboot.c

   Terminate SMBIOS vendor/product matching at first match.

   ok jsg@, tobhe@, deraadt@
VersionDeltaFile
1.71+2-1sys/arch/arm64/stand/efiboot/efiboot.c
+2-11 files

OpenBSD/src VAcYhIJsys/arch/amd64/amd64 bus_dma.c autoconf.c, sys/arch/amd64/include bus.h

   Extend the SEV bounce buffer implementation to make it usable for bouncing
   memory that isn't DMA reachable.

   ok deraadt@
VersionDeltaFile
1.61+118-33sys/arch/amd64/amd64/bus_dma.c
1.60+3-1sys/arch/amd64/amd64/autoconf.c
1.38+3-1sys/arch/amd64/include/bus.h
+124-353 files

OpenBSD/src DNUrysLsys/dev/ic com.c

   Get rid of the COM_CONSOLE ifdef maze.  This was introduced for sparc
   which is no longer with us.

   ok jsg@
VersionDeltaFile
1.182+6-35sys/dev/ic/com.c
+6-351 files

OpenBSD/src yCcmTd3sys/arch/amd64/amd64 cpu.c, sys/arch/amd64/include specialreg.h

   floating point state leakage can be observed on AMD Zen/Zen+ (Zen 1)

   This was discovered by the Rootsec research group at the CISPA Helmholtz
   Center for Information Security.  Rootsec named the problem
   Floating Point Divider State Sampling (FP-DSS).

   Do AMD's suggested mitigation, setting a chicken bit in an MSR.

   https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7053.html
   https://roots.ec/blog/fpdss/

   ok deraadt@ brynet@
VersionDeltaFile
1.205+12-1sys/arch/amd64/amd64/cpu.c
1.679+12-1sys/arch/i386/i386/machdep.c
1.86+3-1sys/arch/i386/include/specialreg.h
1.122+3-1sys/arch/amd64/include/specialreg.h
+30-44 files

OpenBSD/ports 1bm4blXdevel/ruby-rb_sys Makefile, devel/ruby-rb_sys/patches patch-lib_rb_sys_mkmf_rb

   Stop cleaning gem artifacts

   Bulk builds have seen occasional failures building
   textproc/ruby-commonmarker, which is the only reverse dependency. I'm
   not positive the cleaning of gem artifacts is the cause of the failure,
   though I suspect it is.

   Discussed with naddy@
VersionDeltaFile
1.1+15-0devel/ruby-rb_sys/patches/patch-lib_rb_sys_mkmf_rb
1.2+1-0devel/ruby-rb_sys/Makefile
+16-02 files

OpenBSD/ports zvxtHgigames/godot/pack3 distinfo Makefile, games/godot/pack3/patches patch-platform_linuxbsd_os_linuxbsd_cpp patch-platform_linuxbsd_wayland_display_server_wayland_cpp

   Update godot/pack3 to latest release 4.6.2, a stable maintenance
   release. No known incompatibilities. Tested with Road to Vostok.
VersionDeltaFile
1.2+2-2games/godot/pack3/distinfo
1.3+1-2games/godot/pack3/Makefile
1.2+1-1games/godot/pack3/pkg/PLIST-main
1.2+1-1games/godot/pack3/patches/patch-platform_linuxbsd_os_linuxbsd_cpp
1.2+1-1games/godot/pack3/patches/patch-platform_linuxbsd_wayland_display_server_wayland_cpp
1.2+1-0games/godot/pack3/pkg/PLIST-editor
+7-76 files

OpenBSD/ports 8e0LBL5games/luanti Makefile distinfo, games/luanti/patches patch-src_CMakeLists_txt

   MFC: luanti 5.15.2 (security update)
   From maintainer izzy Meyer
VersionDeltaFile
1.2.2.1+24-675games/luanti/pkg/PLIST
1.3.2.1+1-6games/luanti/Makefile
1.2.2.1+2-2games/luanti/distinfo
1.3.2.1+1-1games/luanti/patches/patch-src_CMakeLists_txt
+28-6844 files

OpenBSD/ports OIebBCwsysutils/exfetch Makefile distinfo, sysutils/exfetch/patches patch-Makefile

   Update to exfetch 1.6. From author & maintainer izzy Meyer - thanks!
VersionDeltaFile
1.8+3-2sysutils/exfetch/Makefile
1.7+2-2sysutils/exfetch/distinfo
1.4+0-0sysutils/exfetch/patches/patch-Makefile
+5-43 files

OpenBSD/ports 8YcDLuTarchivers/libarchive Makefile distinfo, archivers/libarchive/patches patch-Makefile_in

   archivers/libarchive: update to 3.8.7

   Fixes for a motley collection of NULL pointer dereference,
   out-of-bounds accesses, heap overflow, etc.
VersionDeltaFile
1.70+2-2archivers/libarchive/Makefile
1.50+2-2archivers/libarchive/distinfo
1.10+1-1archivers/libarchive/patches/patch-Makefile_in
+5-53 files

OpenBSD/src ycP4DrEsbin/slaacd engine.c

   Prevent buffer overflow by checking the correct counter.

   An attacker on the same layer 2 network can send rogue router
   advertisements, potentially crashing slaacd.

   from Maurice Hieronymus (mhi AT mailbox.org), thanks!
   from florian@; OK deraadt

   this is errata/7.7/039_slaacd.patch.sig
VersionDeltaFile
1.99.4.2+2-2sbin/slaacd/engine.c
+2-21 files

OpenBSD/src Mkit1nBsbin/slaacd engine.c

   Prevent buffer overflow by checking the correct counter.

   An attacker on the same layer 2 network can send rogue router
   advertisements, potentially crashing slaacd.

   from Maurice Hieronymus (mhi AT mailbox.org), thanks!
   from florian@; OK deraadt

   this is errata/7.8/033_slaacd.patch.sig
VersionDeltaFile
1.99.2.2+2-2sbin/slaacd/engine.c
+2-21 files

OpenBSD/src iEb9ETLsys/arch/amd64/conf RAMDISK_CD, sys/arch/i386/conf RAMDISK_CD

   Attach puc in RAMDISK_CD on amd64 and i386

   Fixes breakage on my headless amd64. Untested on i386

   OK kettenis@
VersionDeltaFile
1.255+5-1sys/arch/i386/conf/RAMDISK_CD
1.214+4-1sys/arch/amd64/conf/RAMDISK_CD
+9-22 files