OpenBSD/src dX4JHNfsys/uvm uvm_pdaemon.c

   When the pagedaemon is triggered to create free memory, there may be
   sleeping pmemrange allocations with multi-page alignment requirements
   which can't be satisfied by the simplistic freeing of (solo) pages
   which the pagedaemon performs.  As we near starvation, fragmentation
   is the main problem.  Our free list could be large enough that the
   pagedaemon sees no reason to do more work, but also too fragmented to
   satisfy a pending allocation request with complex requirements
   (imagine asking for 512K of physically linear memory which is DMA
   reachable).  When the requirement isn't satisfied, the pagedaemon is
   told to try again, but again doesn't mean harder because it has no
   mechanism to try harder.  It's tracking variables do not show the
   fragmentation problem.  It spins a lot.  Often this becomes a
   deadlock.
   Time to change strategy: Overshoot creation of (both) inactive and
   free pages each time through the loop. After inspecting existing
   variables, we generate minumum 128 inactive pages (which may be
   dynamically drawn down asyncronously by accesses), and then try to
   convert minumum 128 inactives into free pages (different pages
   get freed different ways, including via swapcluster which has been

    [7 lines not shown]
VersionDeltaFile
1.156+14-11sys/uvm/uvm_pdaemon.c
+14-111 files

OpenBSD/src jQ5yTjmsys/uvm uvm_swap.c uvm_pdaemon.c

   To support swapencrypt, the swapcluster code has a memory allocation codepath.
   Since this is runs inside the pagedaemon that is unworkable.  We'd like to
   encrypt the pages inplace for IO, but there are architectures not ready for
   a high-mem page to be written to a dma-restricted device (work in progress).
   So for now we need to bounce through dma-reachable memory buffer.  A previous
   attempt had 1 extra bounce buffer, but then slept on allocation inside the
   pagedaemon context which is also unworkable.  This version contains 32
   pre-allocated swapclusters (64K each), and through a counter signals to the
   pagedaemon when it should stop trying to create memory.  32 swap clusters
   is comfortably more than the minimum we expect the pagedaemon frantically
   generate.  This crummy solution is good enough until we the dma reach problem
   is solved (soon)
   ok kettenis kirill (who looked into other solutions) beck
VersionDeltaFile
1.180+61-12sys/uvm/uvm_swap.c
1.155+12-1sys/uvm/uvm_pdaemon.c
1.22+3-1sys/uvm/uvm_swap.h
+76-143 files

OpenBSD/ports ZWXnAg4print/poppler Makefile distinfo

   Update to poppler-26.04.0.
VersionDeltaFile
1.208+2-2print/poppler/Makefile
1.124+2-2print/poppler/distinfo
+4-42 files

OpenBSD/ports tkcwNmfx11/kde-applications/kitinerary/patches patch-src_lib_pdf_pdfdocument_cpp

   Prepare for poppler-26.04.0.
VersionDeltaFile
1.14+46-17x11/kde-applications/kitinerary/patches/patch-src_lib_pdf_pdfdocument_cpp
+46-171 files

OpenBSD/ports oH40LZUprint/scribus/patches patch-scribus_plugins_import_pdf_slaoutput_cpp patch-scribus_plugins_import_pdf_slaoutput_h

   Prepare for poppler-26.04.0.
VersionDeltaFile
1.25+75-26print/scribus/patches/patch-scribus_plugins_import_pdf_slaoutput_cpp
1.12+12-21print/scribus/patches/patch-scribus_plugins_import_pdf_slaoutput_h
+87-472 files

OpenBSD/ports PuGnwCVgraphics/inkscape/patches patch-src_extension_internal_pdfinput_poppler-utils_cpp patch-src_extension_internal_pdfinput_pdf-parser_cpp

   Prepare for poppler-26.04.0.

   This replaces our (manually cherry-picked) patches by those from
   https://gitlab.com/KrIr17/inkscape/-/commits/poppler_26_04_1.4.3.
VersionDeltaFile
1.7+95-1graphics/inkscape/patches/patch-src_extension_internal_pdfinput_poppler-utils_cpp
1.31+57-23graphics/inkscape/patches/patch-src_extension_internal_pdfinput_pdf-parser_cpp
1.15+34-8graphics/inkscape/patches/patch-src_extension_internal_pdfinput_svg-builder_cpp
1.5+15-19graphics/inkscape/patches/patch-src_extension_internal_pdfinput_pdf-parser_h
1.3+10-20graphics/inkscape/patches/patch-src_extension_internal_pdfinput_poppler-utils_h
1.9+18-2graphics/inkscape/patches/patch-src_extension_internal_pdfinput_poppler-transition-api_h
+229-731 files not shown
+238-807 files

OpenBSD/ports Sd7QyhDeditors/calligra/patches patch-filters_karbon_pdf_SvgOutputDev_cpp patch-filters_karbon_pdf_SvgOutputDev_h

   Prepare for poppler-26.04.0.
VersionDeltaFile
1.13+37-21editors/calligra/patches/patch-filters_karbon_pdf_SvgOutputDev_cpp
1.7+12-9editors/calligra/patches/patch-filters_karbon_pdf_SvgOutputDev_h
+49-302 files

OpenBSD/ports IUghJF5editors/libreoffice/patches patch-sdext_source_pdfimport_xpdfwrapper_pdfioutdev_gpl_cxx patch-sdext_source_pdfimport_xpdfwrapper_pdfioutdev_gpl_hxx

   Prepare for poppler-26.04.0.

   ok robert@ (maintainer)
VersionDeltaFile
1.22+14-3editors/libreoffice/patches/patch-sdext_source_pdfimport_xpdfwrapper_pdfioutdev_gpl_cxx
1.13+13-2editors/libreoffice/patches/patch-sdext_source_pdfimport_xpdfwrapper_pdfioutdev_gpl_hxx
+27-52 files

OpenBSD/ports SGY2V20geo/gdal/patches patch-frmts_pdf_pdfobject_cpp patch-frmts_pdf_CMakeLists_txt

   Prepare for poppler-26.04.0.

   ok landry@ (maintainer)
VersionDeltaFile
1.5+36-19geo/gdal/patches/patch-frmts_pdf_pdfobject_cpp
1.1+23-0geo/gdal/patches/patch-frmts_pdf_CMakeLists_txt
+59-192 files

OpenBSD/xenocara FCLxIGO. 3RDPARTY

   update
VersionDeltaFile
1.462+3-33RDPARTY
+3-31 files

OpenBSD/ports 2fItoVsgraphics/png distinfo Makefile

   Update to png 1.6.57. ok deraadt@, naddy@, tb@

   Security fixe for CVE-2026-34757
VersionDeltaFile
1.72.2.6+2-2graphics/png/distinfo
1.143.2.6+1-1graphics/png/Makefile
+3-32 files

OpenBSD/xenocara wLv9OjUlib/libpng pngset.c ANNOUNCE, lib/libpng/contrib/libtests pnggetset.c

   Update to libpng 1.6.57. ok deraadt@, naddy@, tb@

   Security fixe for CVE-2026-34757
VersionDeltaFile
1.1+648-0lib/libpng/contrib/libtests/pnggetset.c
1.3+50-4lib/libpng/pngset.c
1.7+16-36lib/libpng/ANNOUNCE
1.4+37-10lib/libpng/Makefile.in
1.7+14-14lib/libpng/pngrtran.c
1.8+12-12lib/libpng/configure
+777-7617 files not shown
+834-10423 files

OpenBSD/ports meyU78xgraphics/png distinfo Makefile

   Update to png 1.6.57. ok deraadt@, naddy@, tb@

   Security fixe for CVE-2026-34757
VersionDeltaFile
1.78+2-2graphics/png/distinfo
1.149+1-1graphics/png/Makefile
+3-32 files

OpenBSD/ports Bra2vdRdevel/uv Makefile, devel/zizmor Makefile

   uv,zizmor: remove version number of aws-lc-sys in comment

   It will stay this way for a few more versions and we will inevitably
   forget to update this comment.
VersionDeltaFile
1.31+1-1devel/uv/Makefile
1.3+1-1devel/zizmor/Makefile
+2-22 files

OpenBSD/src a8leN0Dsys/arch/riscv64/conf GENERIC RAMDISK

   Actually smtpinctrl(4) should attach early; messed that up when
   transplanting things into a different tree for commit.
VersionDeltaFile
1.63+2-2sys/arch/riscv64/conf/GENERIC
1.55+2-2sys/arch/riscv64/conf/RAMDISK
+4-42 files

OpenBSD/ports vMxEMIxsecurity/openssl/3.6 distinfo, security/openssl/3.6/patches patch-util_perl_OpenSSL_config_pm patch-Configurations_10-main_conf

   Remove openssl/3.6
VersionDeltaFile
1.2+0-0security/openssl/3.6/patches/patch-util_perl_OpenSSL_config_pm
1.4+0-0security/openssl/3.6/distinfo
1.3+0-0security/openssl/3.6/patches/patch-Configurations_10-main_conf
1.2+0-0security/openssl/3.6/patches/patch-Configurations_shared-info_pl
1.3+0-0security/openssl/3.6/patches/patch-Configurations_unix-Makefile_tmpl
1.3+0-0security/openssl/3.6/patches/patch-crypto_aes_asm_aes-riscv64_pl
+0-010 files not shown
+0-016 files

OpenBSD/ports tYWK2bPsecurity/openssl/4.0 Makefile

   hopefully resolve merge conflict after botched imports.
VersionDeltaFile
1.3+85-5security/openssl/4.0/Makefile
+85-51 files

OpenBSD/src Yfhy4Lesys/arch/riscv64/conf files.riscv64 GENERIC, sys/arch/riscv64/dev smtpinctrl.c

   Add smtpinctrl(4), a driver for the pin controller on the SpacemiT K1 SoC.

   ok mlarkin@, jsing@
VersionDeltaFile
1.1+225-0sys/arch/riscv64/dev/smtpinctrl.c
1.37+6-1sys/arch/riscv64/conf/files.riscv64
1.62+2-1sys/arch/riscv64/conf/GENERIC
1.54+2-1sys/arch/riscv64/conf/RAMDISK
+235-34 files

OpenBSD/ports ktqfusAsecurity/openssl/4.0 Makefile, security/openssl/4.0/patches patch-Configurations_shared-info_pl patch-exporters_pkg-config_libssl_pc_in

   Add openssl/4.0 (third time is the charm)

   This imports openssl-4.0.0-beta1 and merges openssl/3.6 into it. The
   actual release is scheduled for April 14 at which point (or whenever
   it happens) we can update to that version.

   There's a lot of new things. Per the list, the most important breaking
   change is that RSA keys having the top bit of the first octet set are
   no longer prefixed with 00: when printed.

   Less important changes include that they finally eliminated the atexit()
   handler to appease Valgrind, that ASN1_STRING is now opaque and there was
   a significant amount of const sprinkling.

   Having ECH support is nice.

   Why on earth they felt the need to add RFC 7919 FFDHE support to TLSv1.2
   when the deprecation is both important and imminent is beyond me:
   https://datatracker.ietf.org/doc/draft-ietf-tls-deprecate-obsolete-kex/

    [5 lines not shown]
VersionDeltaFile
1.1+6,813-0security/openssl/4.0/pkg/PLIST
1.1.1.2+85-5security/openssl/4.0/Makefile
1.1+32-0security/openssl/4.0/patches/patch-Configurations_shared-info_pl
1.1+26-0security/openssl/4.0/patches/patch-exporters_pkg-config_libssl_pc_in
1.1+23-0security/openssl/4.0/patches/patch-Configurations_unix-Makefile_tmpl
1.1+21-0security/openssl/4.0/patches/patch-exporters_pkg-config_libcrypto_pc_in
+7,000-519 files not shown
+7,075-525 files

OpenBSD/ports 0cYnwlKsecurity/openssl/4.0 Makefile Makefile.inc, security/openssl/4.0/4.0/pkg PLIST

   sigh
VersionDeltaFile
1.2+0-0security/openssl/4.0/4.0/pkg/PLIST
1.2+0-0security/openssl/4.0/Makefile
1.2+0-0security/openssl/4.0/Makefile.inc
1.2+0-0security/openssl/4.0/libretls/Makefile
1.2+0-0security/openssl/4.0/libretls/distinfo
1.2+0-0security/openssl/4.0/libretls/patches/patch-tls_conninfo_c
+0-058 files not shown
+0-064 files

OpenBSD/ports ecnNcU1security/openssl/4.0/3.5 Makefile, security/openssl/4.0/3.5/pkg PLIST

   Initial revision
VersionDeltaFile
1.1+6,813-0security/openssl/4.0/4.0/pkg/PLIST
1.1+6,734-0security/openssl/4.0/3.6/pkg/PLIST
1.1+6,701-0security/openssl/4.0/3.5/pkg/PLIST
1.1+231-0security/openssl/4.0/3.6/patches/patch-crypto_aes_asm_aes-sha256-armv8_pl
1.1+93-0security/openssl/4.0/libretls/pkg/PLIST
1.1+92-0security/openssl/4.0/3.5/Makefile
+20,664-096 files not shown
+21,589-0102 files

OpenBSD/ports pSbyzoesecurity/openssl Makefile

   -3.6
   +4.0
VersionDeltaFile
1.50+1-1security/openssl/Makefile
+1-11 files

OpenBSD/ports oCQEbkpsecurity/openssl/40 Makefile, security/openssl/40/patches patch-Configurations_shared-info_pl patch-exporters_pkg-config_libssl_pc_in

   Initial revision
VersionDeltaFile
1.1+6,813-0security/openssl/40/pkg/PLIST
1.1+86-0security/openssl/40/Makefile
1.1+32-0security/openssl/40/patches/patch-Configurations_shared-info_pl
1.1+26-0security/openssl/40/patches/patch-exporters_pkg-config_libssl_pc_in
1.1+23-0security/openssl/40/patches/patch-Configurations_unix-Makefile_tmpl
1.1+21-0security/openssl/40/patches/patch-exporters_pkg-config_libcrypto_pc_in
+7,001-020 files not shown
+7,076-026 files

OpenBSD/ports 7FENAWTdevel/maturin distinfo crates.inc, devel/maturin/patches patch-src_target_mod_rs

   update to maturin-1.13.1 (tested all ports using this)
VersionDeltaFile
1.29+70-46devel/maturin/distinfo
1.18+34-22devel/maturin/crates.inc
1.5+1-1devel/maturin/patches/patch-src_target_mod_rs
1.47+1-1devel/maturin/Makefile
+106-704 files

OpenBSD/ports OE4mldtmultimedia/libde265 Makefile distinfo, multimedia/libde265/patches patch-CMakeLists_txt patch-enc265_Makefile_in

   update to libde265-1.0.18, from Brad, small tweak from me (this matches
   the newer default case for PKGNAME-*)

   CVE-2026-33164, CVE-2026-33165
VersionDeltaFile
1.13+8-15multimedia/libde265/Makefile
1.1+18-0multimedia/libde265/patches/patch-CMakeLists_txt
1.4+0-7multimedia/libde265/pkg/PLIST-tools
1.3+5-2multimedia/libde265/pkg/PLIST-main
1.5+2-2multimedia/libde265/distinfo
1.4+0-0multimedia/libde265/patches/patch-enc265_Makefile_in
+33-265 files not shown
+33-2611 files

OpenBSD/src KDe7rNEsys/arch/amd64/amd64 acpi_machdep.c

   Apparently we shouldn't touch the RTC immediately after restarting the
   i8254 clock either when coming out of S3 suspend.  So move the code
   that checks whether the RTC alarm went off and clears it all the way to
   the end of acpi_cpu_resume.  This fixes a lockup seen on the x220.

   Figured out by mlarkin@ who write the initial diff; I just tweaked it.

   ok mlarkin@, deraadt@
VersionDeltaFile
1.115+10-11sys/arch/amd64/amd64/acpi_machdep.c
+10-111 files

OpenBSD/ports WGykvXQsecurity/libsodium Makefile distinfo, security/libsodium/patches patch-src_libsodium_crypto_ipcrypt_ipcrypt_aesni_c patch-src_libsodium_crypto_ipcrypt_ipcrypt_armcrypto_c

   update to libsodium-1.0.22, thanks tb@ for sparc64 tests
VersionDeltaFile
1.2+0-17security/libsodium/patches/patch-src_libsodium_crypto_ipcrypt_ipcrypt_aesni_c
1.2+0-17security/libsodium/patches/patch-src_libsodium_crypto_ipcrypt_ipcrypt_armcrypto_c
1.2+0-17security/libsodium/patches/patch-src_libsodium_crypto_ipcrypt_ipcrypt_soft_c
1.44+8-4security/libsodium/Makefile
1.16+4-0security/libsodium/pkg/PLIST
1.28+2-2security/libsodium/distinfo
+14-576 files

OpenBSD/ports XAT22CMwww/ungoogled-chromium/patches patch-chrome_browser_about_flags_cc patch-chrome_browser_policy_configuration_policy_handler_list_factory_cc

   update to 147.0.7727.55
VersionDeltaFile
1.57+114-78www/ungoogled-chromium/patches/patch-chrome_browser_about_flags_cc
1.43+34-25www/ungoogled-chromium/patches/patch-chrome_browser_policy_configuration_policy_handler_list_factory_cc
1.19+39-12www/ungoogled-chromium/patches/patch-components_signin_public_base_signin_switches_cc
1.43+28-19www/ungoogled-chromium/patches/patch-chrome_browser_profiles_chrome_browser_main_extra_parts_profiles_cc
1.23+43-3www/ungoogled-chromium/patches/patch-net_socket_udp_socket_posix_cc
1.29+21-21www/ungoogled-chromium/patches/patch-remoting_host_remoting_me2me_host_cc
+279-158337 files not shown
+1,595-1,140343 files

OpenBSD/ports 608fLLPdevel/uv distinfo Makefile

   Update to uv 0.11.6, from maintainer

   includes a minor security fix
   https://github.com/astral-sh/uv/releases/tag/0.11.6
VersionDeltaFile
1.27+2-2devel/uv/distinfo
1.30+1-2devel/uv/Makefile
+3-42 files

OpenBSD/ports yEkgmZDtelephony/asterisk/22 distinfo Makefile, telephony/asterisk/22/patches patch-build_tools_make_xml_documentation patch-res_res_pjsip_config_transport_c

   update to asterisk-22.9.0
VersionDeltaFile
1.1+73-0telephony/asterisk/22/patches/patch-build_tools_make_xml_documentation
1.15+4-4telephony/asterisk/22/distinfo
1.2+4-4telephony/asterisk/22/patches/patch-res_res_pjsip_config_transport_c
1.24+2-5telephony/asterisk/22/Makefile
1.6+1-1telephony/asterisk/22/patches/patch-res_res_rtp_asterisk_c
1.8+2-0telephony/asterisk/22/pkg/PLIST-main
+86-141 files not shown
+87-157 files