OpenBSD/src viNVE6Kusr.sbin/ypldap aldap.c

   ypldap(8): fix endless loop

   Goto fail on closed socket and check for evbuffer_add(3) errors, too.

   OK martijn@
VersionDeltaFile
1.50+4-4usr.sbin/ypldap/aldap.c
+4-41 files

OpenBSD/src cBBSbWJsys/arch/arm64/dev aplns.c, sys/dev/ic nvme.c

   partially revert previous to return to 64-byte submission queue
   entries by default, only applying 128-byte entries on APPLE_NVME3
   (T2) where we know it's needed

   the previous change broke APPLE_NVME2 which advertises 128 bytes but
   needs 64

   ok dlg
VersionDeltaFile
1.129+3-7sys/dev/ic/nvme.c
1.15+7-1sys/dev/pci/nvme_pci.c
1.19+1-2sys/arch/arm64/dev/aplns.c
+11-103 files

OpenBSD/src o3Ez8Wvlib/libc/sys pledge.2

   Yet another AI assisted report has triggered on the belief that
   kill(2) against 0 (for pgrp) should not be permitted by pledge "proc".
   Nothing validates this premise.  Blocking process group kills would
   break substantial amounts of software in dangeous ways, as it creates
   fragile invarient conditions.  We previously tried to block this belief
   with kern_pledge.c:1.357 by subtly adding "/pgrp" in a comment, but that
   was not effective so try adding "kill(2) may still operate on the
   process group with pid 0." to the manual page.  This is annoying
   because the pledge manual page usually describes what is blocked
   (resulting in process killing) rather than specifically listing
   what allowed.
   Discussed with Ivan Arce
VersionDeltaFile
1.86+5-3lib/libc/sys/pledge.2
+5-31 files

OpenBSD/src JaSuZmdsys/isofs/cd9660 cd9660_node.c, sys/isofs/udf udf_vnops.c

   sys: check vnode identity after vget

   Several vnode lookup paths keep a vnode pointer from a filesystem hash,
   node tree, or alias list, then call vget() after dropping or lacking the
   lookup side protection. If the vnode is recycled while vget() waits, the
   pointer can still name a valid struct vnode, but no longer the object
   found by the lookup.

   Record v_id before vget() and retry the lookup if the id changes after
   the vnode is locked. This matches the existing namecache pattern and
   turns stale vnode hits into lookup retries instead of returning the
   wrong object.

   OK: claudio@
VersionDeltaFile
1.68+13-4sys/ntfs/ntfs_vfsops.c
1.32+3-12sys/ufs/ufs/ufs_ihash.c
1.76+11-3sys/isofs/udf/udf_vnops.c
1.69+8-2sys/msdosfs/msdosfs_denode.c
1.39+7-1sys/isofs/cd9660/cd9660_node.c
1.335+7-1sys/kern/vfs_subr.c
+49-232 files not shown
+63-258 files

OpenBSD/src V1Nnygcusr.sbin/vmd proc.c vmd.c

   vmd(8): remove extraneous control socket objects.

   Vestiges of the past.

   ok hshoexer@
VersionDeltaFile
1.37+1-8usr.sbin/vmd/proc.c
1.175+1-5usr.sbin/vmd/vmd.c
1.31+1-2usr.sbin/vmd/proc.h
+3-153 files

OpenBSD/src EQRWYG2sys/kern sysv_msg.c

   Drop sleeping malloc() handling in sysctl_sysvmsg(). msginfo.msgmni is
   immutable, it can't be changed during sleep.

   ok millert kirill
VersionDeltaFile
1.46+8-15sys/kern/sysv_msg.c
+8-151 files

OpenBSD/src OucXHO5distrib/arm64/iso Makefile

   grow iso
VersionDeltaFile
1.15+2-2distrib/arm64/iso/Makefile
+2-21 files

OpenBSD/src rkObihyusr.bin/tmux tty-features.c tty-keys.c

   Add default features for Ghostty, GitHub issue 5305 from Glib Shpychka.
VersionDeltaFile
1.39+13-1usr.bin/tmux/tty-features.c
1.207+3-1usr.bin/tmux/tty-keys.c
+16-22 files

OpenBSD/src ATmvXq4usr.bin/tmux screen-write.c

   Redraw when sync stops again (accidentally turned off), from Japin Li in
   GitHub issue 5304.
VersionDeltaFile
1.278+3-1usr.bin/tmux/screen-write.c
+3-11 files

OpenBSD/src H4DPAtplib/libutil ober_read_elements.3

   ober_read_elements(3): returns NULL on error, not -1

   OK claudio@
   ok tb
VersionDeltaFile
1.6+5-3lib/libutil/ober_read_elements.3
+5-31 files

OpenBSD/src mT0sl3iusr.bin/tmux mode-tree.c

   Remove C-r from help since it does not in fact exist.
VersionDeltaFile
1.97+1-3usr.bin/tmux/mode-tree.c
+1-31 files

OpenBSD/src ccUMQ1musr.bin/ssh ssherr-libcrypto.c

   ssherr-libcrypto: avoid use of deprecated ERR_load_crypto_strings()

   Follow regress and use unchecked OPENSSL_init_crypto() because
   ERR_load_crypto_strings() has been deprecated in OpenSSL 1.1.0.
   This call can in principle fail, in which case there's a fallback
   to generic error strings.

   There is still use of OpenSSL 3.x-deprecated API in here. That's
   a problem for someone else to solve.

   ok djm
VersionDeltaFile
1.2+2-2usr.bin/ssh/ssherr-libcrypto.c
+2-21 files

OpenBSD/src xyyW0Qhusr.bin/units units.lib

   change Venezuelan Bolivar ISO 4217 code from VEF to VES

   VES was used for the 2018 redenomination.  VED was used as part of the 2021
   redenomination process.  VES remains the official code after the 2021
   redenomination according to ISO 4217 amendment number 170.
VersionDeltaFile
1.149+2-2usr.bin/units/units.lib
+2-21 files

OpenBSD/src vvUTsPSusr.bin/ssh sftp.c

   another ruser_name/ruser_group vs attrib_to_stat() ordering
   screwup. Coverity CID 910530 via dtucker@
VersionDeltaFile
1.257+3-3usr.bin/ssh/sftp.c
+3-31 files

OpenBSD/src ckRzXrHusr.bin/ssh sftp.c

   set FD_CLOEXEC on the fds between sftp and its ssh process,
   avoids risk of subcommands that write on odd fds breaking the
   connection. GHPR693 from Manuel Einfalt;
   feedback deraadt@ ok dtucker@
VersionDeltaFile
1.256+3-1usr.bin/ssh/sftp.c
+3-11 files

OpenBSD/src jL5konzusr.bin/ssh packet.c

   check key and IV length received in privsep state transfer
   exactly match the expected sizes for the selected cipher;
   partially redundant to similar checks in cipher_init(), but
   nice to be more exact.

   GHPR from jmestwa-coder; ok dtucker@
VersionDeltaFile
1.339+6-1usr.bin/ssh/packet.c
+6-11 files

OpenBSD/src cXmqTNcusr.bin/ssh sftp.c

   revert bits that weren't ready for commit yet
VersionDeltaFile
1.255+3-5usr.bin/ssh/sftp.c
+3-51 files

OpenBSD/src kDbjyTKusr.bin/ssh sftp.c

   Move user/group name lookup to correct place; coverity CID 910530
   via dtucker@
VersionDeltaFile
1.254+6-4usr.bin/ssh/sftp.c
+6-41 files

OpenBSD/src n5jO0CAusr.sbin/dhcpd options.c dhcpd.h

   create_priority_list: fix the priority_len bounds check
   OK job@
VersionDeltaFile
1.38+9-9usr.sbin/dhcpd/options.c
1.74+8-6usr.sbin/dhcpd/dhcpd.h
+17-152 files

OpenBSD/src EhK7Z8qsys/dev/acpi acpidmar.c

   Use pre-allocated extent region descriptors to prevent bus_dmamap_load(9)
   failures on a dmamap that was created with the BUS_DMA_ALLOCNOW flag.

   ok chris@, hshoexer@
VersionDeltaFile
1.16+33-37sys/dev/acpi/acpidmar.c
+33-371 files

OpenBSD/src 0WQVHhKusr.bin/tmux window.c server-client.c

   Cache scrollbar options in window to avoid a slow lookup when working
   out visible ranges.
VersionDeltaFile
1.353+20-33usr.bin/tmux/window.c
1.482+22-28usr.bin/tmux/server-client.c
1.83+8-12usr.bin/tmux/layout.c
1.147+5-10usr.bin/tmux/screen-redraw.c
1.65+6-8usr.bin/tmux/cmd-resize-pane.c
1.1382+8-5usr.bin/tmux/tmux.h
+69-962 files not shown
+81-1038 files

OpenBSD/src 8TJOxEUusr.bin/tmux tmux.c input.c

   Allow :. in names again, forbidding them is overly pernickety. Only
   forbid invalid UTF-8 and #(.
VersionDeltaFile
1.221+4-18usr.bin/tmux/tmux.c
1.263+7-9usr.bin/tmux/input.c
1.151+7-7usr.bin/tmux/cmd-new-session.c
1.1381+4-10usr.bin/tmux/tmux.h
1.105+3-9usr.bin/tmux/screen.c
1.70+4-4usr.bin/tmux/cmd-break-pane.c
+29-576 files not shown
+47-7512 files

OpenBSD/src vPBqB8ousr.bin/tmux style.c tmux.1

   Add link=/nolink to styles to specific a hyperlink. GitHub issue 4280
   from Moritz Angermann.
VersionDeltaFile
1.47+44-6usr.bin/tmux/style.c
1.1113+24-2usr.bin/tmux/tmux.1
1.33+14-2usr.bin/tmux/format-draw.c
1.1380+4-1usr.bin/tmux/tmux.h
1.38+2-1usr.bin/tmux/tty-features.c
+88-125 files

OpenBSD/src UdYbPfJusr.bin/tmux hyperlinks.c

   Limit hyperlink URIs to 1024 bytes which seems enough and allows us not
   to have to worry about gigantic URIs in styles, part of a change from
   Moritz Angermann.
VersionDeltaFile
1.5+8-3usr.bin/tmux/hyperlinks.c
+8-31 files

OpenBSD/src S6nYb04usr.bin/tmux tmux.c

   Allow empty window and session names.
VersionDeltaFile
1.220+3-3usr.bin/tmux/tmux.c
+3-31 files

OpenBSD/src EjErnRSsys/kern sysv_msg.c, sys/sys msg.h

   Declare immutable `msginfo' structure as const. Also, `msginfo' is local
   to kern/sysv_msg.c, so remove declaration from sys/msg.h. This
   declaration is not exposed to the userland. usr.bin/ipcs/ipcs.c has
   "#define _KERNEL" before include SysV headers, but doesn't touch
   `msginfo'.

   ok deraadt
VersionDeltaFile
1.45+10-9sys/kern/sysv_msg.c
1.25+1-4sys/sys/msg.h
+11-132 files

OpenBSD/src 67EOQ8Xusr.bin/ssh authfile.c sshbuf-io.c

   fix ineffective max file size check when loading blobs/keys from
   files and add another one on a patch that was not covered by the
   existing ones. From Tess Gauthier via bz3969 and bz3970
VersionDeltaFile
1.151+7-1usr.bin/ssh/authfile.c
1.3+3-4usr.bin/ssh/sshbuf-io.c
+10-52 files

OpenBSD/src 7iHelAsusr.bin/ssh servconf.c

   check strdup() return to avoid NULL deref on failure.
   bz3948 from RuiHe-MO
VersionDeltaFile
1.450+4-4usr.bin/ssh/servconf.c
+4-41 files

OpenBSD/src EU2hpvpusr.bin/ssh authfd.c

   s/calloc/xcalloc/ to reduce noise from AI bug detectors that
   don't understand context
VersionDeltaFile
1.144+2-2usr.bin/ssh/authfd.c
+2-21 files

OpenBSD/src XtswT2Ousr.bin/ssh sftp.c

   fix "ls -n", which was still displaying user/group names rather
   than numeric uids/gids. Based on patch from Tamilan in bz3953
VersionDeltaFile
1.253+14-7usr.bin/ssh/sftp.c
+14-71 files