OpenBSD/ports WdB8Wjxdevel/py-icalendar-searcher Makefile

   wants hatch-vcs, not just hatchling
VersionDeltaFile
1.3+1-1devel/py-icalendar-searcher/Makefile
+1-11 files

OpenBSD/ports Wzbvjibwww/caddy distinfo modules.inc

   switch caddy to a normal modules-based go build
   also results in fixing "caddy -v"
VersionDeltaFile
1.4+2,886-2www/caddy/distinfo
1.1+900-0www/caddy/modules.inc
1.5+13-31www/caddy/Makefile
+3,799-333 files

OpenBSD/ports DQuZQD9www/caddy distinfo Makefile

   update to caddy-2.11.1, from Keith Henderson Jr
VersionDeltaFile
1.3+2-2www/caddy/distinfo
1.4+1-1www/caddy/Makefile
+3-32 files

OpenBSD/ports MDQwpvfmultimedia/gstreamer1/core Makefile, multimedia/gstreamer1/devtools Makefile

   Update GStreamer to version 1.28.1.
VersionDeltaFile
1.141+19-19multimedia/gstreamer1/plugins-bad/Makefile
1.133+12-12multimedia/gstreamer1/plugins-base/Makefile
1.111+5-5multimedia/gstreamer1/core/Makefile
1.6+5-1multimedia/gstreamer1/docs/pkg/PLIST
1.46+5-0multimedia/gstreamer1/plugins-bad/pkg/PLIST
1.16+2-2multimedia/gstreamer1/devtools/Makefile
+48-3918 files not shown
+79-7024 files

OpenBSD/ports Qp4rVAcmultimedia/gstreamer1/plugins-rs distinfo crates.inc, multimedia/gstreamer1/plugins-rs/patches patch-Cargo_toml

   Update to gst-plugins-rs-0.15.0.
VersionDeltaFile
1.8+256-206multimedia/gstreamer1/plugins-rs/distinfo
1.8+124-99multimedia/gstreamer1/plugins-rs/crates.inc
1.10+14-10multimedia/gstreamer1/plugins-rs/Makefile
1.5+4-4multimedia/gstreamer1/plugins-rs/patches/patch-Cargo_toml
+398-3194 files

OpenBSD/ports TsObt4Lnet/isc-bind distinfo Makefile, net/isc-bind/patches patch-bin_dig_host_c patch-bin_dig_dig_c

   update to isc-bind-9.20.20
VersionDeltaFile
1.25.4.1+8-8net/isc-bind/patches/patch-bin_dig_host_c
1.42.2.1+7-6net/isc-bind/patches/patch-bin_dig_dig_c
1.24.6.1+5-4net/isc-bind/patches/patch-bin_dig_nslookup_c
1.3.4.1+3-3net/isc-bind/patches/patch-lib_isc_netmgr_socket_c
1.138.2.6+2-2net/isc-bind/distinfo
1.207.2.6+1-1net/isc-bind/Makefile
+26-246 files

OpenBSD/ports 9QcFhlDnet/isc-bind distinfo Makefile, net/isc-bind/patches patch-bin_dig_host_c patch-bin_dig_dig_c

   update to isc-bind-9.20.20
VersionDeltaFile
1.26+8-8net/isc-bind/patches/patch-bin_dig_host_c
1.43+7-6net/isc-bind/patches/patch-bin_dig_dig_c
1.25+5-4net/isc-bind/patches/patch-bin_dig_nslookup_c
1.4+3-3net/isc-bind/patches/patch-lib_isc_netmgr_socket_c
1.144+2-2net/isc-bind/distinfo
1.215+1-1net/isc-bind/Makefile
+26-246 files

OpenBSD/ports O0kKlwxsecurity/gnupg Makefile

   Drop portroach limitation, missed during the update to the 2.5 branch
VersionDeltaFile
1.147+0-2security/gnupg/Makefile
+0-21 files

OpenBSD/ports 9Nu1EIswww/nextcloud/32 distinfo Makefile, www/nextcloud/32/pkg PLIST

   Update for Nextcloud to 32.0.6:

   https://nextcloud.com/changelog/#32-0-6

   OK landry@
VersionDeltaFile
1.6+722-586www/nextcloud/32/pkg/PLIST
1.6+2-2www/nextcloud/32/distinfo
1.8+1-1www/nextcloud/32/Makefile
+725-5893 files

OpenBSD/ports AsggC3Kwww/nextcloud/31 distinfo Makefile, www/nextcloud/31/pkg PLIST

   Update for Nextcloud to 31.0.14:

   https://nextcloud.com/changelog-unsupported/#latest31

   ok landry@
VersionDeltaFile
1.11+227-145www/nextcloud/31/pkg/PLIST
1.10+2-2www/nextcloud/31/distinfo
1.13+1-1www/nextcloud/31/Makefile
+230-1483 files

OpenBSD/ports UUfH026security/gnupg distinfo Makefile

   Update for gnupg to 2.5.18

   a crafted CMS (S/MIME) EnvelopedData message
   carrying an oversized wrapped session key can
   cause a stack-based buffer overflow in gpg-agent
   during PKDECRYPT--kem=CMS handling

   https://dev.gnupg.org/T8044
   https://dev.gnupg.org/T8049

   OK jca@ (maintainer)
VersionDeltaFile
1.51+2-2security/gnupg/distinfo
1.146+1-1security/gnupg/Makefile
+3-32 files

OpenBSD/ports 5XzbKyunet/dnsq distinfo modules.inc

   update to dnsq-0.19.12, from Renaud Allard (maintainer)
   + small tweak to simplify things
VersionDeltaFile
1.5+336-312net/dnsq/distinfo
1.5+204-191net/dnsq/modules.inc
1.5+2-3net/dnsq/Makefile
+542-5063 files

OpenBSD/ports JpjdPHPprint Makefile

   Add opentype-sanitizer.
VersionDeltaFile
1.160+1-0print/Makefile
+1-01 files

OpenBSD/ports zn7oR1fprint/opentype-sanitizer Makefile distinfo, print/opentype-sanitizer/pkg PLIST DESCR

   Initial revision
VersionDeltaFile
1.1+35-0print/opentype-sanitizer/Makefile
1.1+10-0print/opentype-sanitizer/pkg/PLIST
1.1+2-0print/opentype-sanitizer/pkg/DESCR
1.1+2-0print/opentype-sanitizer/distinfo
1.1.1.1+0-0print/opentype-sanitizer/pkg/DESCR
1.1.1.1+0-0print/opentype-sanitizer/Makefile
+49-02 files not shown
+49-08 files

OpenBSD/ports ohDZGsDx11/kde-applications/pimcommon Makefile, x11/kde-applications/pimcommon/pkg PLIST

   Unbreak build by updating plist

   Spotted by naddy
VersionDeltaFile
1.17+0-22x11/kde-applications/pimcommon/pkg/PLIST
1.32+2-1x11/kde-applications/pimcommon/Makefile
+2-232 files

OpenBSD/src jBvQJPlusr.bin/sndiod sysex.h

   sndiod: Use chars (instead of uint8_t's) for the MIDI slot name

   No behavior change
VersionDeltaFile
1.4+2-2usr.bin/sndiod/sysex.h
+2-21 files

OpenBSD/ports FNnrqKsx11/kde-plasma/aurorae Makefile

   Add missing dependency on ksvg

   spotted by naddy
VersionDeltaFile
1.7+3-1x11/kde-plasma/aurorae/Makefile
+3-11 files

OpenBSD/src A33Vk70usr.bin/sndiod dev.c

   sndiod: Fix ctl_match() when arg0 == NULL

   No behavior change as sndiod doesn't call ctl_match() with
   arg0 == NULL (yet).
VersionDeltaFile
1.128+2-2usr.bin/sndiod/dev.c
+2-21 files

OpenBSD/src yT3OP8gusr.bin/sndiod sock.c

   sndiod: Log unknown network messages to ease debugging the protocol
VersionDeltaFile
1.57+2-2usr.bin/sndiod/sock.c
+2-21 files

OpenBSD/src N0mwYIMlib/libsndio aucat.c, usr.bin/sndioctl sndioctl.c

   Minor spacing tweak
VersionDeltaFile
1.23+2-2usr.bin/sndioctl/sndioctl.c
1.80+1-2lib/libsndio/aucat.c
+3-42 files

OpenBSD/src Q6RbpC6usr.bin/tmux cmd-list-panes.c cmd-choose-tree.c

   Validate -O flags, from Dane Jensen in GitHub issue 4889.
VersionDeltaFile
1.39+8-1usr.bin/tmux/cmd-list-panes.c
1.53+8-1usr.bin/tmux/cmd-choose-tree.c
1.50+5-1usr.bin/tmux/cmd-list-windows.c
1.41+5-1usr.bin/tmux/cmd-list-buffers.c
1.42+5-1usr.bin/tmux/cmd-list-clients.c
1.72+5-1usr.bin/tmux/cmd-list-keys.c
+36-62 files not shown
+46-88 files

OpenBSD/src gxyhINyusr.bin/tmux file.c

   Fix memory leak, from Chris Lewis, reported by Huihui Huang.
VersionDeltaFile
1.18+2-1usr.bin/tmux/file.c
+2-11 files

OpenBSD/ports e9NjEPzsysutils/terraform distinfo Makefile

   Update to terraform-1.14.6.
VersionDeltaFile
1.134+2-2sysutils/terraform/distinfo
1.149+1-1sysutils/terraform/Makefile
+3-32 files

OpenBSD/ports Qj7lGP7fonts/adwaita-fonts distinfo Makefile

   Update to adwaita-fonts-50.0.
VersionDeltaFile
1.3+2-2fonts/adwaita-fonts/distinfo
1.3+1-1fonts/adwaita-fonts/Makefile
+3-32 files

OpenBSD/ports fCIHANJsysutils/amazon-ssm-agent distinfo Makefile

   Update to amazon-ssm-agent-3.3.3883.0.
VersionDeltaFile
1.164+2-2sysutils/amazon-ssm-agent/distinfo
1.178+1-1sysutils/amazon-ssm-agent/Makefile
+3-32 files

OpenBSD/ports jL5blJlproductivity/libphonenumber distinfo Makefile

   Update to libphonenumber-9.0.25.
VersionDeltaFile
1.81+2-2productivity/libphonenumber/distinfo
1.92+1-1productivity/libphonenumber/Makefile
+3-32 files

OpenBSD/ports vkZ9AD5databases/postgresql distinfo Makefile, databases/postgresql/pkg PLIST-docs

   Update to PostgreSQL 18.3

   Fixes:

   CVE-2026-2003: PostgreSQL oidvector discloses a few bytes of memory

   CVE-2026-2004: PostgreSQL intarray missing validation of type of input
   to selectivity estimator executes arbitrary code

   CVE-2026-2005: PostgreSQL pgcrypto heap buffer overflow executes
   arbitrary code

   CVE-2026-2006: PostgreSQL missing validation of multibyte character
   length executes arbitrary code

   CVE-2026-2007: PostgreSQL pg_trgm heap buffer overflow writes pattern
   onto server memory

   OK landry@
VersionDeltaFile
1.109+2-2databases/postgresql/distinfo
1.318+1-2databases/postgresql/Makefile
1.122+2-0databases/postgresql/pkg/PLIST-docs
+5-43 files

OpenBSD/src 11RbsOPsys/dev/pci if_ix.c

   ix(4) and ixv(4) can handle 64 bit DMA transfers.

   prodded by Brad Smith; tested by Hrvoje Popovski; OK kettenis@
VersionDeltaFile
1.223+9-9sys/dev/pci/if_ix.c
+9-91 files

OpenBSD/ports dpxsFFldevel/py-icalendar-searcher Makefile distinfo, devel/py-icalendar-searcher/pkg PLIST

   update to py3-icalendar-searcher-1.0.5
VersionDeltaFile
1.2+2-10devel/py-icalendar-searcher/Makefile
1.2+2-2devel/py-icalendar-searcher/distinfo
1.2+3-0devel/py-icalendar-searcher/pkg/PLIST
+7-123 files

OpenBSD/src dD9nIMvsys/dev/acpi acpidmar.c

   Reserve the first MB of the DVA address space because qwx(4) doesn't
   succeed in doing DMA when the DVA is 0x1000 and PCI-PCI bridges may not
   forward address in part of that first MB as well.

   ok chris@
VersionDeltaFile
1.11+12-2sys/dev/acpi/acpidmar.c
+12-21 files