OpenBSD/src wM0RwaSusr.sbin/rpki-client repo.c

   Don't remove other elements in a RB_FOREACH_SAFE walk since that is not safe.

   repo_move_valid() walks the tree with RB_FOREACH_SAFE() but it also calls
   RB_REMOVE() via filepath_put() on an other element in a case where a
   conflict is resolved. This results in a use-after-free if that element is
   the next one in the tree (nfp). Instead of removing the present
   conflicting node (ofp), replace the contents of it, free fp and swap fp
   with ofp.

   With and OK tb@
VersionDeltaFile
1.90+16-12usr.sbin/rpki-client/repo.c
+16-121 files

OpenBSD/src GI4Xkgcusr.sbin/rpki-client repo.c

   Remove no longer needed cast for the free argument.

   From tb@
VersionDeltaFile
1.89+2-2usr.sbin/rpki-client/repo.c
+2-21 files

OpenBSD/src hSfS28Pusr.sbin/rpki-client main.c

   Rework the special case for CRL files when it comes to the entity_queue.

   CRL are not accounted in the entity_queue, they are loaded together with
   MFT files and passed back together as well. Instead of increasing
   entity_queue skip the entity_queue decrease at the end of the function
   for CRL files. This way goto done cases will account CRLs correctly as well.

   OK tb@
VersionDeltaFile
1.310+4-3usr.sbin/rpki-client/main.c
+4-31 files

OpenBSD/src OMy3tPcusr.bin/tmux regsub.c

   Fix regsub with anchor at start of pattern, GitHub issue 5341.
VersionDeltaFile
1.10+10-7usr.bin/tmux/regsub.c
+10-71 files

OpenBSD/src 8HGVIhbsbin/iked radius.c

   iked: Store RADIUS-assigned IPv6 address in the IPv6 slot

   The IPv6 branch of iked_radius_config() stored the address in the
   IPv4 slot sa_rad_addr and tagged it AF_INET.  Use sa_rad_addr6 and
   AF_INET6 instead.  Also exempt IKEV2_CFG_INTERNAL_IP6_ADDRESS from
   the "use config rather than radius" check, as already done for IPv4.

   ok yasuoka@
VersionDeltaFile
1.16+5-4sbin/iked/radius.c
+5-41 files

OpenBSD/src SxGh3SWusr.bin/tmux screen-redraw.c

   Keep all modes except cursor during redraw, GitHub issue 5337 from Ayman
   Bagabas.
VersionDeltaFile
1.149+2-2usr.bin/tmux/screen-redraw.c
+2-21 files

OpenBSD/src Um4gwGgusr.bin/tmux window.c

   Report the terminal's own theme to panes rather than guessing from the
   background. GitHub issue 5343 from Ayman Bagabas.
VersionDeltaFile
1.358+9-11usr.bin/tmux/window.c
+9-111 files

OpenBSD/src E7QZIseusr.bin/tmux server-fn.c

   Do not crash looking for next or previous session. GitHub issue 5344.
VersionDeltaFile
1.146+6-3usr.bin/tmux/server-fn.c
+6-31 files

OpenBSD/src Vp3ZSTPusr.bin/tmux tmux.1 cmd-copy-mode.c

   Fix empty argument to splitw/newp and add -k to copy-mode.
VersionDeltaFile
1.1128+5-2usr.bin/tmux/tmux.1
1.53+3-3usr.bin/tmux/cmd-copy-mode.c
1.103+2-2usr.bin/tmux/cmd-new-window.c
1.140+2-2usr.bin/tmux/cmd-split-window.c
+12-94 files

OpenBSD/src 1EByWMMusr.bin/tmux layout.c

   Fix a typo (use right var), from Dane Jensen.
VersionDeltaFile
1.92+2-2usr.bin/tmux/layout.c
+2-21 files

OpenBSD/src ExH2VGZusr.sbin/rpki-client nca.c

   rpki-client: avoid bad free in nca_hist_load()

   If the first getline() call fails with a file error, nca_hist remains
   uninitialized and will be passed to nca_hist_free() in the error path.
   Initialize nca_hist to NULL to avoid this.

   ok claudio
VersionDeltaFile
1.8+2-2usr.sbin/rpki-client/nca.c
+2-21 files

OpenBSD/src KF3X4abusr.sbin/rpki-client cert.c

   In cert_ca_sia() use the right notify string in error message.
   At that point cert->notify has not yet been set.

   OK tb@
VersionDeltaFile
1.242+2-2usr.sbin/rpki-client/cert.c
+2-21 files

OpenBSD/src rVvLGFJsys/dev/pci if_ice.c

   ice(4): set link state to full duplex as all other nics

   tested by bluhm@

   try it stsp@
   ok bluhm@
VersionDeltaFile
1.70+2-2sys/dev/pci/if_ice.c
+2-21 files

OpenBSD/src DO2I85Ssys/dev/acpi dsdt.c amltypes.h

   Avoid potential out-of-bounds access while parsing AML byte stream
   opcodes.  Found by gnezdo@ using KASAN.

   ok gnezdo@
VersionDeltaFile
1.280+31-9sys/dev/acpi/dsdt.c
1.53+2-3sys/dev/acpi/amltypes.h
+33-122 files

OpenBSD/src 9ZFgCqOsys/dev/ic qwx.c

   Use M_WAITOK and BUS_DMA_WAITOK instead of M_NOWAIT and BUS_DMA_NOWAIT in
   places where we're allowed to sleep.  Hopefully this fixes the

   qwx0: failed to init DP: 12

   issue that some of us occasionally experience.

   ok stsp@
VersionDeltaFile
1.127+24-37sys/dev/ic/qwx.c
+24-371 files

OpenBSD/src 8E3sBrgsys/uvm uvm_pager.c uvm_pdaemon.c

   Allocate the psegs that are reserved for the pagedeamon only if no other
   psegs are available.  Let the pagedeamon only start a new swap cluster
   if there are still at least two reserved slots available.  This goes a
   long way towards guaranteeing that we have the resources to actually
   write out the swap cluster once it is filled.  This is important since
   the code that drops a cluster may need to acquire an rwlock, which means
   the pagedaemon could sleep.  This is undesirable and may even lead to
   deadlocks.

   Note that there still is a possibility that we may fail to allocate a buf
   from the bufpool, which would lead us to the same undesirable path.  So
   far I've not been able to hit that case.

   ok claudio@
VersionDeltaFile
1.98+30-4sys/uvm/uvm_pager.c
1.159+6-4sys/uvm/uvm_pdaemon.c
1.35+2-1sys/uvm/uvm_pager.h
+38-93 files

OpenBSD/src JpywGgFdistrib/sets/lists/base mi

   sync libevent major bump
VersionDeltaFile
1.1188+1-1distrib/sets/lists/base/mi
+1-11 files

OpenBSD/src l5309MQregress/lib/libevent event_regress.c

   Delete tests for code that has been removed in base libevent.
VersionDeltaFile
1.2+0-252regress/lib/libevent/event_regress.c
+0-2521 files

OpenBSD/src BNfZAnDlib/libevent event.h Makefile

   Do not ship evtag functions in base libevent.

   Upstream libevent 2.1.13-stable contains several security fixes.
   Our reduced libevent 1.4.15-stable does not contain the affected
   code.  The functions in event_tagging.c are only used by evrpc which
   we have removed from libevent.  As the attack vectors for the
   upstream fixes go through evrpc to evtag, better remove this dead
   code and do not export it in our libevent.  Major library bump
   needed.

   OK dlg@ claudio@ sthen@
VersionDeltaFile
1.32+1-52lib/libevent/event.h
1.44+2-2lib/libevent/Makefile
1.11+2-2lib/libevent/shlib_version
1.11+1-1lib/libevent/event_tagging.c
+6-574 files

OpenBSD/src pXgkmP7usr.sbin/rpki-client ccr.c

   der_len needs to be int so that the error check around i2d_X509_PUBKEY()
   works. Only positive der_len values make it to base64_encode() where it
   is promoted to size_t which is fine.

   OK tb@
VersionDeltaFile
1.41+2-2usr.sbin/rpki-client/ccr.c
+2-21 files

OpenBSD/src 1nK6734usr.sbin/rpki-client filemode.c

   Add missing spl_free() in the proc_parser_file() spaghetti

   OK tb@
VersionDeltaFile
1.85+2-1usr.sbin/rpki-client/filemode.c
+2-11 files

OpenBSD/src N2N0wDyusr.sbin/rpki-client ccr.c

   ccr: use uint32_t and %u for AS numbers

   ok claudio
VersionDeltaFile
1.40+15-15usr.sbin/rpki-client/ccr.c
+15-151 files

OpenBSD/src 2IEHwepusr.sbin/rpki-client tak.c

   Tak files should use RTYPE_TAK not RTYPE_SPL.

   OK tb@
VersionDeltaFile
1.32+2-2usr.sbin/rpki-client/tak.c
+2-21 files

OpenBSD/src UphZKvlusr.sbin/rpki-client output-json.c print.c

   ASnum are unsigned 32bit values. Use %u to print them not %d.

   Also use json_do_uint() just to be consistent. The json encoder operates
   with 64bit values so it does not matter there as much as it does for printf.

   With and OK tb@
VersionDeltaFile
1.61+6-6usr.sbin/rpki-client/output-json.c
1.79+6-6usr.sbin/rpki-client/print.c
1.36+2-2usr.sbin/rpki-client/output-bgpd.c
1.27+2-2usr.sbin/rpki-client/output-bird.c
+16-164 files

OpenBSD/src TTVDPpCusr.bin/tmux tmux.1 key-bindings.c

   Fix . and ; bindings, reported by tb.
VersionDeltaFile
1.1127+2-5usr.bin/tmux/tmux.1
1.186+3-3usr.bin/tmux/key-bindings.c
+5-82 files

OpenBSD/src liGAeqRsys/arch/arm64/arm64 machdep.c, sys/arch/arm64/include cpu.h

   Implement the machdep.led_blink sysctl on arm64 and riscv64 and add support
   for it to gpioleds(4).  Enable gpioleds(4) on riscv64.
VersionDeltaFile
1.100+62-1sys/arch/arm64/arm64/machdep.c
1.45+62-1sys/arch/riscv64/riscv64/machdep.c
1.5+37-5sys/dev/fdt/gpioleds.c
1.56+12-2sys/arch/arm64/include/cpu.h
1.28+12-2sys/arch/riscv64/include/cpu.h
1.65+2-1sys/arch/riscv64/conf/GENERIC
+187-126 files

OpenBSD/src BnSIwcoetc/examples login_ldap.conf

   - fix syntax in example login_ldap.conf file, it had :\ on a line
   presumably when converted from getcap in the ports version

   - switch to a more unix-y sample filter, and add a commented-out example
   for ActiveDirectory

   based on a diff from Chaz Kettleson which was ok with tweaks by claudio@,
   and incorporating feedback from Andrew Daugherity
VersionDeltaFile
1.2+6-3etc/examples/login_ldap.conf
+6-31 files

OpenBSD/src FTEEAO3usr.bin/tmux key-bindings.c menu.c

   Add C-b g , and C-b g . for move and resize menus, also add to pane menu
   (and fix to make them work).
VersionDeltaFile
1.185+30-1usr.bin/tmux/key-bindings.c
1.68+16-3usr.bin/tmux/menu.c
1.51+9-1usr.bin/tmux/cmd-display-menu.c
1.1126+5-2usr.bin/tmux/tmux.1
1.1393+4-1usr.bin/tmux/tmux.h
+64-85 files

OpenBSD/src xkBCNzhusr.bin/tmux layout.c tmux.h

   Add a layout_geometry container struct, from Dane Jensen.
VersionDeltaFile
1.91+138-138usr.bin/tmux/layout.c
1.1392+21-22usr.bin/tmux/tmux.h
1.66+20-20usr.bin/tmux/cmd-resize-pane.c
1.36+20-20usr.bin/tmux/layout-custom.c
1.68+18-16usr.bin/tmux/cmd-join-pane.c
1.38+9-9usr.bin/tmux/layout-set.c
+226-2253 files not shown
+243-2449 files

OpenBSD/src M2d1M79usr.bin/tmux key-bindings.c window.c

   Set initial scrollbar state, from Michael Grant.
VersionDeltaFile
1.184+2-2usr.bin/tmux/key-bindings.c
1.357+3-1usr.bin/tmux/window.c
+5-32 files