OpenBSD/src iEp5ePvusr.bin/tmux colour.c format.c

   Add a couple of format c/f and c/b to emit colours.
VersionDeltaFile
1.34+53-1usr.bin/tmux/colour.c
1.390+33-8usr.bin/tmux/format.c
1.1114+7-1usr.bin/tmux/tmux.1
1.78+2-2usr.bin/tmux/cmd-list-keys.c
1.1383+2-1usr.bin/tmux/tmux.h
+97-135 files

OpenBSD/src h365cGZusr.sbin/rpki-client nca.c extern.h

   Use macro instead of hardcoding the name of the file containing NCA history

   OK tb@
VersionDeltaFile
1.7+8-8usr.sbin/rpki-client/nca.c
1.287+3-1usr.sbin/rpki-client/extern.h
1.88+2-2usr.sbin/rpki-client/repo.c
+13-113 files

OpenBSD/src e9FnDSbusr.sbin/bgpd rde_peer.c rde_decide.c

   Pass peer to rde_enqueue_updates() to enqueue updates on.

   This allows withdraws to be queued on the peer that caused them and not
   on peerself. Also only enqueue a rib entry once and try to keep FIFO
   order. Before every call to rde_enqueue_updates() would requeue the
   rib entry at the end of the list. Doing this requeue could delay updates
   for long time.  Further optimisation may need to happen here.

   OK tb@
VersionDeltaFile
1.77+31-38usr.sbin/bgpd/rde_peer.c
1.109+15-6usr.sbin/bgpd/rde_decide.c
1.355+3-3usr.sbin/bgpd/rde.h
1.301+3-3usr.sbin/bgpd/rde_rib.c
1.708+2-2usr.sbin/bgpd/rde.c
+54-525 files

OpenBSD/src shfAF8qusr.bin/tmux screen-write.c

   Do not draw to tty if PANE_REDRAW has been set since it is just going to
   be replaced.
VersionDeltaFile
1.279+36-22usr.bin/tmux/screen-write.c
+36-221 files

OpenBSD/src RDZv4uPusr.bin/tmux tty-features.c

   Add overline for ghostty also, GitHub issue 5309.
VersionDeltaFile
1.40+2-1usr.bin/tmux/tty-features.c
+2-11 files

OpenBSD/src 705aXkMusr.bin/ssh ssh-keygen.1

   more missing mldsa44-ed25519, based on GHPR696 from
   Loganaden Velvindron
VersionDeltaFile
1.238+10-6usr.bin/ssh/ssh-keygen.1
+10-61 files

OpenBSD/src xQSnZw5usr.bin/ssh clientloop.c

   whitespace
VersionDeltaFile
1.425+2-2usr.bin/ssh/clientloop.c
+2-21 files

OpenBSD/src Ysv2WeEusr.bin/ssh clientloop.c

   simplify SIGINFO output: remove list of active channels (too verbose)
   and just display destination and connection duration; requested deraadt@
VersionDeltaFile
1.424+8-2usr.bin/ssh/clientloop.c
+8-21 files

OpenBSD/src SjxayKsusr.bin/ssh ssh_config.5

   Tighten up the introduction a little:

   Mention Match as a conditional directive (previously it only
   mentioned Host)

   Try to use consistent language in the introduction to refer to
   configuration directives (previously it used "parameters" and
   "keywords" interchangeably).

   Mention that comments may appear at the end of the line too, and that
   whitespace at the beginning/end of lines is not significant.
VersionDeltaFile
1.426+22-17usr.bin/ssh/ssh_config.5
+22-171 files

OpenBSD/src ajxpd1eusr.bin/ssh sftp-server.c

   Move negative-FD checks to before first use.  CID 909998, ok djm@
VersionDeltaFile
1.156+7-2usr.bin/ssh/sftp-server.c
+7-21 files

OpenBSD/src a9cfUawsbin/reboot reboot.c

   fix openlog() arguments, LOG_CONS should not be or'd into facility
   from Ricardo Branco
VersionDeltaFile
1.39+3-3sbin/reboot/reboot.c
+3-31 files

OpenBSD/src cNxzNaDusr.bin/ssh ssh.1

   ssh -o doesn't support Host or Include options, they are only
   valid in the config file. bz3968 from xspielinbox
VersionDeltaFile
1.449+2-4usr.bin/ssh/ssh.1
+2-41 files

OpenBSD/src YZCexVxusr.bin/ssh ssh-keygen.c

   mention mldsa44-ed25519 in usage();
   based on GHPR695 from Loganaden Velvindron
VersionDeltaFile
1.492+2-2usr.bin/ssh/ssh-keygen.c
+2-21 files

OpenBSD/src BZP6u3Qusr.bin/tmux server-client.c

   And some other indentation.
VersionDeltaFile
1.484+12-13usr.bin/tmux/server-client.c
+12-131 files

OpenBSD/src ct7b5Dtusr.bin/tmux server-client.c

   Fix some indentation.
VersionDeltaFile
1.483+5-5usr.bin/tmux/server-client.c
+5-51 files

OpenBSD/src bRtmJBvusr.bin/tmux grid.c

   Change a malloc to calloc.
VersionDeltaFile
1.152+2-13usr.bin/tmux/grid.c
+2-131 files

OpenBSD/src n8KWL4Slib/libc/hidden string.h wchar.h, lib/libc/include namespace.h

   LLVM now emits calls to strlen(3) and wcslen(3).  Redirect those calls to
   our hidden aliases to prevent unnecessary PLT entries (like we already do
   for memmove(3), memcpy(4) and memset(3)).

   ok deraadt@
VersionDeltaFile
1.18+5-1lib/libc/include/namespace.h
1.10+2-2lib/libc/string/strlen.c
1.5+2-2lib/libc/string/wcslen.c
1.7+2-2lib/libc/hidden/string.h
1.7+2-2lib/libc/hidden/wchar.h
1.90+2-1libexec/ld.so/Makefile
+15-106 files

OpenBSD/src u5xUngAlibexec/login_ldap aldap.c, usr.bin/ldap aldap.c

   login_ldap(8)/ldap(1): fix endless loop

   Goto fail on closed socket and check for evbuffer_add(3) errors, too.

   Original bug was reported by Matthias Pitzl.

   On Tue, Jun 30, 2026 at 11:35:32AM +0200, Martijn van Duren wrote:
   > Could you also make sure other aldap.c users get the fix?

   OK martijn@
VersionDeltaFile
1.3+4-4libexec/login_ldap/aldap.c
1.11+4-4usr.bin/ldap/aldap.c
+8-82 files

OpenBSD/src viNVE6Kusr.sbin/ypldap aldap.c

   ypldap(8): fix endless loop

   Goto fail on closed socket and check for evbuffer_add(3) errors, too.

   OK martijn@
VersionDeltaFile
1.50+4-4usr.sbin/ypldap/aldap.c
+4-41 files

OpenBSD/src cBBSbWJsys/arch/arm64/dev aplns.c, sys/dev/ic nvme.c

   partially revert previous to return to 64-byte submission queue
   entries by default, only applying 128-byte entries on APPLE_NVME3
   (T2) where we know it's needed

   the previous change broke APPLE_NVME2 which advertises 128 bytes but
   needs 64

   ok dlg
VersionDeltaFile
1.129+3-7sys/dev/ic/nvme.c
1.15+7-1sys/dev/pci/nvme_pci.c
1.19+1-2sys/arch/arm64/dev/aplns.c
+11-103 files

OpenBSD/src o3Ez8Wvlib/libc/sys pledge.2

   Yet another AI assisted report has triggered on the belief that
   kill(2) against 0 (for pgrp) should not be permitted by pledge "proc".
   Nothing validates this premise.  Blocking process group kills would
   break substantial amounts of software in dangeous ways, as it creates
   fragile invarient conditions.  We previously tried to block this belief
   with kern_pledge.c:1.357 by subtly adding "/pgrp" in a comment, but that
   was not effective so try adding "kill(2) may still operate on the
   process group with pid 0." to the manual page.  This is annoying
   because the pledge manual page usually describes what is blocked
   (resulting in process killing) rather than specifically listing
   what allowed.
   Discussed with Ivan Arce
VersionDeltaFile
1.86+5-3lib/libc/sys/pledge.2
+5-31 files

OpenBSD/src JaSuZmdsys/isofs/cd9660 cd9660_node.c, sys/isofs/udf udf_vnops.c

   sys: check vnode identity after vget

   Several vnode lookup paths keep a vnode pointer from a filesystem hash,
   node tree, or alias list, then call vget() after dropping or lacking the
   lookup side protection. If the vnode is recycled while vget() waits, the
   pointer can still name a valid struct vnode, but no longer the object
   found by the lookup.

   Record v_id before vget() and retry the lookup if the id changes after
   the vnode is locked. This matches the existing namecache pattern and
   turns stale vnode hits into lookup retries instead of returning the
   wrong object.

   OK: claudio@
VersionDeltaFile
1.68+13-4sys/ntfs/ntfs_vfsops.c
1.32+3-12sys/ufs/ufs/ufs_ihash.c
1.76+11-3sys/isofs/udf/udf_vnops.c
1.69+8-2sys/msdosfs/msdosfs_denode.c
1.39+7-1sys/isofs/cd9660/cd9660_node.c
1.335+7-1sys/kern/vfs_subr.c
+49-232 files not shown
+63-258 files

OpenBSD/src V1Nnygcusr.sbin/vmd proc.c vmd.c

   vmd(8): remove extraneous control socket objects.

   Vestiges of the past.

   ok hshoexer@
VersionDeltaFile
1.37+1-8usr.sbin/vmd/proc.c
1.175+1-5usr.sbin/vmd/vmd.c
1.31+1-2usr.sbin/vmd/proc.h
+3-153 files

OpenBSD/src EQRWYG2sys/kern sysv_msg.c

   Drop sleeping malloc() handling in sysctl_sysvmsg(). msginfo.msgmni is
   immutable, it can't be changed during sleep.

   ok millert kirill
VersionDeltaFile
1.46+8-15sys/kern/sysv_msg.c
+8-151 files

OpenBSD/src OucXHO5distrib/arm64/iso Makefile

   grow iso
VersionDeltaFile
1.15+2-2distrib/arm64/iso/Makefile
+2-21 files

OpenBSD/src rkObihyusr.bin/tmux tty-features.c tty-keys.c

   Add default features for Ghostty, GitHub issue 5305 from Glib Shpychka.
VersionDeltaFile
1.39+13-1usr.bin/tmux/tty-features.c
1.207+3-1usr.bin/tmux/tty-keys.c
+16-22 files

OpenBSD/src ATmvXq4usr.bin/tmux screen-write.c

   Redraw when sync stops again (accidentally turned off), from Japin Li in
   GitHub issue 5304.
VersionDeltaFile
1.278+3-1usr.bin/tmux/screen-write.c
+3-11 files

OpenBSD/src H4DPAtplib/libutil ober_read_elements.3

   ober_read_elements(3): returns NULL on error, not -1

   OK claudio@
   ok tb
VersionDeltaFile
1.6+5-3lib/libutil/ober_read_elements.3
+5-31 files

OpenBSD/src mT0sl3iusr.bin/tmux mode-tree.c

   Remove C-r from help since it does not in fact exist.
VersionDeltaFile
1.97+1-3usr.bin/tmux/mode-tree.c
+1-31 files

OpenBSD/src ccUMQ1musr.bin/ssh ssherr-libcrypto.c

   ssherr-libcrypto: avoid use of deprecated ERR_load_crypto_strings()

   Follow regress and use unchecked OPENSSL_init_crypto() because
   ERR_load_crypto_strings() has been deprecated in OpenSSL 1.1.0.
   This call can in principle fail, in which case there's a fallback
   to generic error strings.

   There is still use of OpenSSL 3.x-deprecated API in here. That's
   a problem for someone else to solve.

   ok djm
VersionDeltaFile
1.2+2-2usr.bin/ssh/ssherr-libcrypto.c
+2-21 files