CVSROOT: /cvs Module name: www Changes by: bcook@cvs.openbsd.org 2026/04/18 19:43:10 Modified files: libressl : index.html releases.html Log message: LibreSSL 4.3.1 CVSROOT: /cvs Module name: src Changes by: kettenis@cvs.openbsd.org 2026/04/19 03:36:56 Modified files: sys/dev/ic : com.c Log message: Get rid of the COM_CONSOLE ifdef maze. This was introduced for sparc which is no longer with us. ok jsg@ CVSROOT: /cvs Module name: src Changes by: kettenis@cvs.openbsd.org 2026/04/19 03:59:22 Modified files: sys/arch/amd64/amd64: autoconf.c bus_dma.c sys/arch/amd64/include: bus.h Log message: Extend the SEV bounce buffer implementation to make it usable for bouncing memory that isn't DMA reachable. ok deraadt@ CVSROOT: /cvs Module name: src Changes by: kettenis@cvs.openbsd.org 2026/04/19 13:29:53 Modified files: sys/arch/arm64/stand/efiboot: efiboot.c Log message: Terminate SMBIOS vendor/product matching at first match. ok jsg@, tobhe@, deraadt@ CVSROOT: /cvs Module name: ports Changes by: matthieu@cvs.openbsd.org 2026/04/19 13:38:52 Modified files: graphics/png : Makefile distinfo Log message: Update to png 1.6.58. ok deraadt@, naddy@. Fixes a regression introduced in 1.6.56 xenocara will be updated after unlock as it's not affected. CVSROOT: /cvs Module name: ports Changes by: matthieu@cvs.openbsd.org 2026/04/19 13:43:31 Modified files: graphics/png : Tag: OPENBSD_7_8 Makefile distinfo Log message: Update to png 1.6.58. ok deraadt@, naddy@. Fixes a regression introduced in 1.6.56 CVSROOT: /cvs Module name: src Changes by: millert@cvs.openbsd.org 2026/04/19 13:54:02 Modified files: libexec/login_chpass: Makefile Log message: login_chpass: No longer need to install this setuid root When the YP code was removed login_chpass became wrapper that just execs login_lchpass. OK deraadt@ CVSROOT: /cvs Module name: ports Changes by: volker@cvs.openbsd.org 2026/04/19 14:18:57 Modified files: shells/elvish : Makefile distinfo modules.inc shells/elvish/pkg: PLIST Log message: shells/elvish: Update to 0.21.0 The current version in ports is broken/non-functional. approved by naddy@ CVSROOT: /cvs Module name: ports Changes by: bcook@cvs.openbsd.org 2026/04/19 14:37:52 Modified files: sysutils/btop : Makefile Added files: sysutils/btop/patches: patch-src_openbsd_btop_collect.cpp Log message: Patch btop to report active CPU usage correctly from upstream https://github.com/aristocratos/btop/pull/1587 This also allows building on spark64 with gcc 15. CVSROOT: /cvs Module name: src Changes by: djm@cvs.openbsd.org 2026/04/19 17:37:22 Modified files: usr.bin/ssh : clientloop.c Log message: correctly set extended type for client-side channels. Fixes interactive vs bulk IPQoS for client->server traffic. ok job@ CVSROOT: /cvs Module name: src Changes by: jsg@cvs.openbsd.org 2026/04/19 18:18:21 Modified files: sys/conf : newvers.sh Log message: 7.9-current ok deraadt@ CVSROOT: /cvs Module name: src Changes by: jsg@cvs.openbsd.org 2026/04/19 19:25:12 Modified files: sys/dev/pci/drm/i915/gt: intel_engine_heartbeat.c Log message: drm/i915/gt: fix refcount underflow in intel_engine_park_heartbeat From Sebastian Brzezinka 2af8b200cae3fdd0e917ecc2753b28bb40c876c1 in linux-6.18.y/6.18.23 4c71fd099513bfa8acab529b626e1f0097b76061 in mainline linux CVSROOT: /cvs Module name: src Changes by: jsg@cvs.openbsd.org 2026/04/19 19:27:42 Modified files: sys/dev/pci/drm/i915/display: intel_psr.c Log message: drm/i915/psr: Do not use pipe_src as borders for SU area From Jouni Hogander de9aa7e89b98157d2650f25691e40711b8404151 in linux-6.18.y/6.18.23 75519f5df2a9b23f7bf305e12dc9a6e3e65c24b7 in mainline linux CVSROOT: /cvs Module name: src Changes by: tb@cvs.openbsd.org 2026/04/19 22:26:12 Modified files: lib/libcrypto/ec: ec_pmeth.c Log message: ec_pmeth: fix 20yo comment: *outlen -> *keylen CVSROOT: /cvs Module name: src Changes by: tb@cvs.openbsd.org 2026/04/19 22:35:00 Modified files: lib/libtls : tls_keypair.c Log message: tls_keypair: add missing from bcook kenjiro CVSROOT: /cvs Module name: ports Changes by: ajacoutot@cvs.openbsd.org 2026/04/20 00:34:11 Modified files: x11/gtk+4 : Makefile distinfo Log message: Update to gtk+4-4.22.3. ok naddy@ CVSROOT: /cvs Module name: src Changes by: job@cvs.openbsd.org 2026/04/20 01:43:52 Modified files: usr.bin/ssh : channels.c Log message: Clarify comment on what setting extended types for channels does OK djm@ CVSROOT: /cvs Module name: src Changes by: tb@cvs.openbsd.org 2026/04/20 02:14:29 Modified files: lib/libcrypto/mlkem: mlkem_internal.h Log message: mlkem: use instead of "mlkem.h" patch from portable CVSROOT: /cvs Module name: src Changes by: tb@cvs.openbsd.org 2026/04/20 02:44:48 Modified files: usr.bin/vi/cl : cl_funcs.c usr.bin/vi/common: recover.c usr.bin/vi/ex : ex_append.c ex_bang.c ex_global.c usr.bin/vi/vi : vs_split.c Log message: vi: avoid set but not used warnings From Walter Alejandro Iglesias ok claudio CVSROOT: /cvs Module name: src Changes by: tb@cvs.openbsd.org 2026/04/20 04:30:02 Modified files: usr.bin/vi/cl : cl_funcs.c cl_read.c cl_screen.c usr.bin/vi/common: cut.c delete.c exf.c gs.h key.c line.c main.c mark.c mem.h msg.c options.c seq.c usr.bin/vi/ex : ex.h ex_argv.c ex_cmd.c ex_filter.c ex_global.c ex_init.c ex_join.c ex_read.c ex_script.c ex_subst.c ex_tag.c ex_txt.c ex_util.c usr.bin/vi/vi : v_cmd.c v_delete.c v_ex.c v_screen.c v_search.c v_txt.c v_yank.c vi.c vs_msg.c vs_smap.c vs_split.c Log message: vi: whitespace fixes Zap trailing whitespace, remove spaces before tabs, and expand 8 spaces to tabs. Prompted by a diff by Walter Alejandro Iglesias CVSROOT: /cvs Module name: src Changes by: tb@cvs.openbsd.org 2026/04/20 05:37:18 Modified files: usr.bin/vi/common: screen.c Log message: vi: fix indent by trailing extra space from Walter Alejandro Iglesias CVSROOT: /cvs Module name: ports Changes by: landry@cvs.openbsd.org 2026/04/20 10:46:15 Modified files: geo/mapserver : Makefile distinfo Log message: geo/mapserver: security update to 8.6.2. see https://mapserver.org/development/changelog/changelog-8-6.html#changelog-8-6 fixes https://github.com/MapServer/MapServer/security/advisories/GHSA-4g9f-ph64-hg2x ok naddy@ CVSROOT: /cvs Module name: ports Changes by: kn@cvs.openbsd.org 2026/04/20 12:16:56 Modified files: net/gelatod : Makefile distinfo Log message: update to gelatod-1.7; same fix as 029_v6daemons; OK naddy CVSROOT: /cvs Module name: ports Changes by: volker@cvs.openbsd.org 2026/04/20 13:07:42 Modified files: graphics/lcms2 : Makefile distinfo Log message: graphics/lcms2: Update to 2.19rc2 Fixes several issues, for reference see https://marc.info/?l=oss-security&m=177646929211758&w=2 pointed out by and ok tb@, ok naddy@ CVSROOT: /cvs Module name: src Changes by: kirill@cvs.openbsd.org 2026/04/20 15:18:37 Modified files: sys/arch/octeon/dev: octeon_intr.c Log message: sys/octeon: accept linux,phandle for IRQs SRX300 firmware DT describes the CIU root and several CIB interrupt controllers with linux,phandle, but omits phandle. octeon_intr_register() consumed only the latter; the controllers therefore never entered the interrupt controller registry, and every later interrupt-parent lookup for CIB, AHCI, and xHCI failed. Thus, dev/ofw/fdt lookup code already treats phandle and linux,phandle as equivalent; so the Octeon interrupt layer should do the same when registering interrupt controllers. OK: kettenis@, visa@ CVSROOT: /cvs Module name: src Changes by: kirill@cvs.openbsd.org 2026/04/20 15:20:38 Modified files: sys/arch/octeon/dev: cn30xxuart.c Log message: sys/octeon: preserve bootloader console baud The SRX300 console runs at 9600 baud under U-Boot; OpenBSD forced 115200 during console handoff, which garbled output immediately after early memory setup and made a live kernel look dead. Here, I read the programmed UART divisor instead and derive comconsrate from it, so the kernel preserves the bootloader console configuration. OK: visa@ CVSROOT: /cvs Module name: src Changes by: jca@cvs.openbsd.org 2026/04/20 15:35:08 Modified files: distrib/notes/riscv64: prep Log message: Move hw-specific parts at the end of this file CVSROOT: /cvs Module name: src Changes by: jca@cvs.openbsd.org 2026/04/20 15:38:55 Modified files: distrib/notes/riscv64: prep Log message: Document specifics for spacemit K1-based boards Orange Pi RV2, BananaPi F3, and Milk-V Jupiter Requested by deraadt CVSROOT: /cvs Module name: src Changes by: jca@cvs.openbsd.org 2026/04/20 15:43:39 Modified files: distrib/notes/riscv64: prep Log message: Add post-install hints for boards without distro_bootcmd (like BPi F3/Jupiter) The default bootcmd is useless on these boards, so suggest some simple default boot command. CVSROOT: /cvs Module name: src Changes by: jca@cvs.openbsd.org 2026/04/20 15:47:00 Modified files: distrib/notes/riscv64: hardware Log message: Mention some Spacemit K1 boards that kettenis added support for BananaPi F3, Orange Pi RV2, and Milk-V Jupiter CVSROOT: /cvs Module name: src Changes by: jca@cvs.openbsd.org 2026/04/20 15:51:22 Modified files: distrib/notes/riscv64: prep Log message: Better wording and typo fix for the Spacemit K1 boards CVSROOT: /cvs Module name: src Changes by: jca@cvs.openbsd.org 2026/04/20 16:20:07 Modified files: distrib/notes/riscv64: prep Log message: Remove the bootcmd hint for now On this jupiter box, U-Boot's bootcmd can't be interrupted on the serial console by pressing any key, Ctrl+C or ESC, even though the official docs say it should be possible by pressing any key. sigh CVSROOT: /cvs Module name: ports Changes by: bket@cvs.openbsd.org 2026/04/20 21:20:14 Modified files: sysutils/rclone: Makefile distinfo Log message: Update to rclone-1.73.5 CVE-2026-41176 rc: add AuthRequired to options/set to prevent auth bypass rc: snapshot NoAuth at startup to prevent runtime auth bypass CVE-2026-41179 operations: add AuthRequired to operations/fsinfo to prevent backend creation Changelog: https://rclone.org/changelog/#v1-73-5-2026-04-19 OK sthen@ CVSROOT: /cvs Module name: src Changes by: tb@cvs.openbsd.org 2026/04/20 23:18:35 Modified files: regress/lib/libcrypto/pkcs7: pkcs7test.c Log message: pkcs7test: factor main into a helper so we can add some unit tests easily CVSROOT: /cvs Module name: src Changes by: sashan@cvs.openbsd.org 2026/04/21 00:38:28 Modified files: sys/net : pf_if.c Log message: PFI_FLAG_SKIP may be lost when interface disappears and then reappears if 'set skip on ...' in pf.conf(5) refers to interface (or interface group) which is yet to be created in system, then all is good. However if the interface (or interface group) exists in system at the time when pf.conf(5) is being loaded to pf(4) the effect of skip flag might get lost. The scenario for tap0 interface goes as follows: tap0 (and tap interface) exist in system and is known to pf(4), meaning 'pfctl -sI' reports tap0 and tap. pf.conf with 'set skip on tap' is loaded. The pf(4) sets the flag on `kif` instance without obtaining a reference to keep it in table until skip flag (PFI_FLAG_SKIP) is reset. tap0 interface is removed from system (ifconfig tap0 destroy), the tap0 is removed from system and also corresponding kif instance is removed from pf(4). kif is forgotten together with flag settings. If tap0 happens to be the last tap interface, then tap interface group (including its kif) is also removed from system (and pf(4)). Now tap0 is going to be re-created by running 'ifconfig tap0 up'. The corresponding kif instances (kif instance for tap0 interface and tap interface group) are inserted to interface table in pf(4) with default interface flags, loosing 'set skip on tap...' setting found in pf.conf. To workaround this one has to reload pf.conf so interface flags are set again. The issue has been noticed and kindly reported by Atanas Vladimirov OK bluhm@ CVSROOT: /cvs Module name: src Changes by: renaud@cvs.openbsd.org 2026/04/21 01:42:38 Modified files: libexec/tradcpp: macro.c Log message: expand_domacro() handled a defined() with the wrong argument count via an error path that doesn't drain es->args OK jsg CVSROOT: /cvs Module name: src Changes by: mglocker@cvs.openbsd.org 2026/04/21 02:56:22 Modified files: sys/dev/ic : qwz.c Log message: Enable nwid scanning by doing two things: 1. Disable the 802.11d scanning command for now, since it causes a firmware error for which we currently have no solution. This isn't a critical feature, and we can progress without it until we find a solution. 2. Send the HTT software ring setup messages for the receive rings, otherwise the firmware never initializes its RXDMA pipeline, and delivers no frames to the host. For that we did port over the ath12k_dp_rxdma_ring_sel_config_wcn7850() and ath12k_dp_rx_htt_setup() functions from the linux driver. Tested and ok kettenis@, kirill@ CVSROOT: /cvs Module name: ports Changes by: sthen@cvs.openbsd.org 2026/04/21 05:31:15 Modified files: devel/opendht : Makefile Log message: avoid picking up doxygen during build, to avoid build failure with dpb junking requested by naddy CVSROOT: /cvs Module name: src Changes by: henning@cvs.openbsd.org 2026/04/21 06:35:45 Modified files: usr.sbin/ntpd : ntp_dns.c Log message: we use clock_gettime() here and thus shall explicitely include time.h from bcook's portable repo, ok bcook CVSROOT: /cvs Module name: xenocara Changes by: matthieu@cvs.openbsd.org 2026/04/21 07:19:01 Modified files: lib/libXpm/src : data.c parse.c Log message: Fix Out-of-bounds read. CVE-2026-4367 CVSROOT: /cvs Module name: ports Changes by: landry@cvs.openbsd.org 2026/04/21 07:22:18 Modified files: www/mozilla-firefox: Makefile distinfo www/mozilla-firefox/patches: patch-widget_NativeKeyToDOMCodeName_inc www/firefox-i18n: Makefile.inc distinfo Log message: www/mozilla-firefox: update to 150.0. see https://www.firefox.com/en-US/firefox/150.0/releasenotes/ fixes https://www.mozilla.org/en-US/security/advisories/mfsa2026-30/ - disable PGO again, fixes wasm crashes seen with element-web (cf #2030583) - will need to move to llvm 21 or patch llvm 19 to reenable PGO - add workaround to avoid fetching some pip wheels during configure (#2026497), another workaround would be to move to ./mach configure ? ok naddy@ CVSROOT: /cvs Module name: ports Changes by: landry@cvs.openbsd.org 2026/04/21 07:24:36 Modified files: www/firefox-esr: Makefile distinfo www/firefox-esr-i18n: Makefile.inc distinfo Log message: www/firefox-esr: update to 140.10.0. see https://www.firefox.com/en-US/firefox/140.10.0/releasenotes/ fixes https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/ ok naddy@ CVSROOT: /cvs Module name: ports Changes by: landry@cvs.openbsd.org 2026/04/21 07:25:31 Modified files: www/firefox-esr: Tag: OPENBSD_7_8 Makefile distinfo Log message: www/firefox-esr: MFC update to 140.10.0. see https://www.firefox.com/en-US/firefox/140.10.0/releasenotes/ fixes https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/ CVSROOT: /cvs Module name: ports Changes by: landry@cvs.openbsd.org 2026/04/21 07:26:10 Modified files: www/mozilla-firefox: Tag: OPENBSD_7_8 Makefile distinfo www/mozilla-firefox/patches: Tag: OPENBSD_7_8 patch-security_manager_ssl_nsNSSCallbacks_cpp patch-security_nss_lib_nss_nss_h Log message: www/mozilla-firefox: MFC update to 150.0. see https://www.firefox.com/en-US/firefox/150.0/releasenotes/ fixes https://www.mozilla.org/en-US/security/advisories/mfsa2026-30/ CVSROOT: /cvs Module name: xenocara Changes by: bluhm@cvs.openbsd.org 2026/04/21 08:06:16 Modified files: lib/libXpm/src : Tag: OPENBSD_7_8 data.c parse.c Log message: Fix Out-of-bounds read. CVE-2026-4367 from matthieu@ this is errata/7.8/032_libxpm.patch.sig CVSROOT: /cvs Module name: xenocara Changes by: bluhm@cvs.openbsd.org 2026/04/21 08:07:07 Modified files: lib/libXpm/src : Tag: OPENBSD_7_7 data.c parse.c Log message: Fix Out-of-bounds read. CVE-2026-4367 from matthieu@ this is errata/7.7/038_libxpm.patch.sig CVSROOT: /cvs Module name: src Changes by: henning@cvs.openbsd.org 2026/04/21 08:20:00 Modified files: usr.sbin/ntpd : control.c Log message: in control_check(), rename struct sockaddr_un sun to sa - for consistency with control_init() just underneath, and because "sun" causes problems for portable on solaris pretty much from bcook's portable repo, but another name, ok bcook CVSROOT: /cvs Module name: www Changes by: bluhm@cvs.openbsd.org 2026/04/21 08:29:25 Modified files: . : errata77.html errata78.html Log message: Release libxpm and slaacd errata. CVSROOT: /cvs Module name: src Changes by: henning@cvs.openbsd.org 2026/04/21 08:31:03 Modified files: usr.sbin/ntpd : ntp.c Log message: newer gcc thinks it's smart (do they call it AI yet?) and points out peercount may be used unitialized. of course it is utterly wrong. move peercount = 0 initialization 2 lines up to shut gcc up pointed out by bcook, dicussed with, gcc-checked by and ok bcook claudio CVSROOT: /cvs Module name: src Changes by: henning@cvs.openbsd.org 2026/04/21 08:36:00 Modified files: usr.sbin/ntpd : ntpd.c Log message: newer gcc is so smart to point out that settime_deadline may be used uninitialized. of course it is wrong. sprinkle a "= 0" to shut it up. pointed out by bcook, discussed with, gcc confronted by and ok claudio bcook CVSROOT: /cvs Module name: xenocara Changes by: matthieu@cvs.openbsd.org 2026/04/21 08:42:57 Modified files: lib/libpng : .gitignore ANNOUNCE CHANGES CMakeLists.txt README configure configure.ac libpng-manual.txt libpng.3 libpngpf.3 png.5 png.c png.h pngconf.h pngrtran.c pngtest.c lib/libpng/contrib/libtests: pnggetset.c lib/libpng/scripts: libpng-config-head.in libpng.pc.in pnglibconf.h.prebuilt Log message: update to libpng 1.6.58. ok deraadt@ CVSROOT: /cvs Module name: src Changes by: millert@cvs.openbsd.org 2026/04/21 08:44:29 Modified files: libexec/spamd : spamd.c Log message: Fix handing of multi-line blacklist error strings in spamd.conf When appending the blacklist error string, spamd splits the message on a newline and continues the message on a new line. There was a bug where the current pointer was incremented too far, which resulted in the message being truncated at the newline instead of continued. For very long blacklist messages (around 8K) in spamd.conf, this could result in heap corruption. However, this is very unlikely in practice. OK jsg@ Reported by and fix from Dhiraj Mishra CVSROOT: /cvs Module name: xenocara Changes by: matthieu@cvs.openbsd.org 2026/04/21 09:03:11 Modified files: . : MODULES 3RDPARTY Log message: update CVSROOT: /cvs Module name: src Changes by: miod@cvs.openbsd.org 2026/04/21 10:23:21 Modified files: distrib/sets/lists/comp: md.loongson Log message: sync CVSROOT: /cvs Module name: src Changes by: kn@cvs.openbsd.org 2026/04/21 11:24:40 Modified files: usr.sbin/rad : frontend.c Log message: Fix PREF64 option corruption if DNSSL is also set On octeon (but not amd64) setting both a NAT64 prefix and a search domain causes the former ICMPv6 option to be corrupted due to how it is added last in the Router Advertisement packet, following too much zero padding. Bytes after the DNSSL option are zeroed up the next 8-byte boundary to align options inside the packet. Instead of checking alignment of the pointer address somewhere inside the packet buffer that lives on the stack, which is thus architecture specific, use their offset, i.e. see how many bytes were already written, in order to zero-fill what is left between last search domain and next 8-byte boundary. This makes RAs byte-identical between octeon and amd64 and prevents rad(8) from sending the kind of invalid packets that clients like slaacd(8) and gelatod(8) (from ports) need 029_v6daemons for. OK florian CVSROOT: /cvs Module name: src Changes by: deraadt@cvs.openbsd.org 2026/04/21 12:18:11 Modified files: sys/sys : systm.h sys/kern : subr_xxx.c Log message: the enosys() stub has not been used for decades ok jsg jca CVSROOT: /cvs Module name: src Changes by: claudio@cvs.openbsd.org 2026/04/21 12:36:13 Modified files: sys/netinet : tcp_input.c Log message: A packet with a FIN flag needs to act as a barrier in tcp_flush_queue. Once a FIN packet is received all following data should simply be discarded. tcp_input handels this FIN but for that tcp_reass() needs to properly return TH_FIN when a FIN is processed in tcp_flush_queue. This reassembly was not quite correct. Unexpected data directly following the FIN packet was also reassembled and the FIN was actually lost. The failure to return TH_FIN caused the regression in the previous fix. tcp_input() passes some FIN packets through reassembly even though they are in sequence and the queue is empty. tcp_flush_queue() needs to treat packets with TH_FIN set as a barrier and stop reassembly after processing this last packet. This ensures that tcp_reass() returns TH_FIN to tcp_input which then changes the state of the session. It also ensures that only data up to the FIN packet are passed to userland. Reported by Xint Code OK sashan@ CVSROOT: /cvs Module name: src Changes by: kirill@cvs.openbsd.org 2026/04/21 13:43:47 Modified files: sys/arch/octeon/dev: octpcie.c Log message: sys/octeon: fix PCIe config tag layout Octeon PCIe config-space MMIO uses a 12-bit register field; function, device, and bus begin at bits 12, 15, and 20. octpcie_make_tag() and octpcie_decompose_tag() used the conventional PCI tag layout instead, so config accesses to non-zero device or function numbers used the wrong MMIO offset. On SRX300 this breaks enumeration of the second Broadcom switch function at 0:0:1, which reads back garbage until the tag layout is corrected. OK: kettenis@, visa@ CVSROOT: /cvs Module name: src Changes by: jca@cvs.openbsd.org 2026/04/21 13:58:21 Modified files: share/man/man4 : gpio.4 Log message: Mention sfgpio(4) and smtgpio(4) CVSROOT: /cvs Module name: src Changes by: jca@cvs.openbsd.org 2026/04/21 13:58:49 Modified files: share/man/man4 : iic.4 Log message: Mention smtiic(4) CVSROOT: /cvs Module name: src Changes by: jca@cvs.openbsd.org 2026/04/21 14:00:55 Modified files: share/man/man4 : openprom.4 Log message: Mention powerpc64 and riscv64 support CVSROOT: /cvs Module name: www Changes by: tb@cvs.openbsd.org 2026/04/21 14:16:15 Modified files: . : 79.html Log message: Add libressl 4.3.0 changelog (portable changes to be added later) CVSROOT: /cvs Module name: ports Changes by: rapha@cvs.openbsd.org 2026/04/21 14:18:54 Modified files: audio/csound : Makefile Log message: disable pipewire ok naddy@ CVSROOT: /cvs Module name: src Changes by: kirill@cvs.openbsd.org 2026/04/21 14:20:09 Modified files: sys/arch/octeon/dev: if_cnmac.c Log message: sys/cnmac: support SoftLRO This work based on previous work of Janne Johansson OK: visa@ CVSROOT: /cvs Module name: src Changes by: tb@cvs.openbsd.org 2026/04/21 14:55:21 Modified files: regress/lib/libcrypto/wycheproof: wycheproof.go Log message: wycheproof: skip BLS test vectors to prepare for update CVSROOT: /cvs Module name: ports Changes by: sthen@cvs.openbsd.org 2026/04/21 15:23:28 Modified files: net/librenms : Makefile distinfo net/librenms/pkg: PLIST-doc PLIST-main Log message: update to librenms-26.4.0, ok naddy includes fix for cross-site scripting in alert template list, and adds missing escaping for a few cli commands etc https://github.com/librenms/librenms/releases/tag/26.4.0 CVSROOT: /cvs Module name: ports Changes by: sthen@cvs.openbsd.org 2026/04/21 15:25:44 Modified files: net/librenms : Tag: OPENBSD_7_8 Makefile distinfo net/librenms/patches: Tag: OPENBSD_7_8 patch-LibreNMS___init___py patch-app_ConfigRepository_php patch-resources_definitions_config_definitions_json Added files: net/librenms/pkg: Tag: OPENBSD_7_8 DESCR-doc DESCR-main PLIST-doc PLIST-main README-main Removed files: net/librenms/pkg: Tag: OPENBSD_7_8 DESCR PLIST README Log message: MFC update to librenms-26.4.0 CVSROOT: /cvs Module name: src Changes by: jsg@cvs.openbsd.org 2026/04/21 19:43:48 Modified files: sys/nfs : nfs_var.h nfs_vnops.c Log message: change nfs_ioctl() from a macro with enoioctl() to a proper function this was the only use of enoioctl() ok claudio@ CVSROOT: /cvs Module name: src Changes by: jsg@cvs.openbsd.org 2026/04/21 19:51:37 Modified files: sys/sys : systm.h sys/kern : subr_xxx.c Log message: remove unused enoioctl() ok claudio@ CVSROOT: /cvs Module name: ports Changes by: landry@cvs.openbsd.org 2026/04/21 23:39:56 Modified files: mail/mozilla-thunderbird: Makefile distinfo mail/thunderbird-i18n: Makefile.inc distinfo Log message: mail/mozilla-thunderbird: update to 140.10.0. see https://www.thunderbird.net/en-US/thunderbird/140.10.0esr/releasenotes/ fixes https://www.mozilla.org/en-US/security/advisories/mfsa2026-34/ ok naddy@ CVSROOT: /cvs Module name: ports Changes by: robert@cvs.openbsd.org 2026/04/22 00:12:24 Modified files: devel/llvm/22/patches: patch-lld_ELF_LinkerScript_cpp devel/llvm/20 : Makefile devel/llvm/20/patches: patch-lld_ELF_LinkerScript_cpp devel/llvm/21 : Makefile devel/llvm/21/patches: patch-lld_ELF_LinkerScript_cpp Log message: fix section merging for .srodata and .openbsd.randomdata there was a bad merge of changes and a comma was lost and with that section merging for .srodata and .openbsd.randomdata ok naddy@, sthen@ CVSROOT: /cvs Module name: src Changes by: nicm@cvs.openbsd.org 2026/04/22 00:57:08 Modified files: usr.bin/tmux : tty-features.c tty-keys.c Log message: Add a default set of features for WezTerm. CVSROOT: /cvs Module name: src Changes by: nicm@cvs.openbsd.org 2026/04/22 00:58:59 Modified files: usr.bin/tmux : tmux.1 Log message: Remove no longer accurate statement from tmux.1, reported by dkuettel at gmail dot com. CVSROOT: /cvs Module name: src Changes by: nicm@cvs.openbsd.org 2026/04/22 01:03:06 Modified files: usr.bin/tmux : window-copy.c Log message: Do not leak hyperlinks in copy mode, from Barrett Ruth in GitHub issue 5020. CVSROOT: /cvs Module name: src Changes by: nicm@cvs.openbsd.org 2026/04/22 01:05:03 Modified files: usr.bin/tmux : format.c Log message: Add a fairly low time limit to format evaluation to stop absurdly nested formats from making tmux appear to hang. CVSROOT: /cvs Module name: src Changes by: nicm@cvs.openbsd.org 2026/04/22 01:05:59 Modified files: usr.bin/tmux : window-clock.c Log message: Make clock visible on terminals without colours, from Manuel Einfalt in GitHub issue 5001. CVSROOT: /cvs Module name: src Changes by: nicm@cvs.openbsd.org 2026/04/22 01:10:16 Modified files: usr.bin/tmux : cmd-new-session.c cmd-rename-session.c format.c input.c names.c screen.c session.c spawn.c tmux.c tmux.h window.c Log message: Sanitize pane titles and window and session names more consistently and strictly, prevents C0 characters and other nonvisible characters causing problems. Reported (with a different fix) by Chris Monardo in GitHub issue 4999. CVSROOT: /cvs Module name: src Changes by: nicm@cvs.openbsd.org 2026/04/22 01:13:26 Modified files: usr.bin/tmux : key-bindings.c options-table.c Log message: Add a couple of controls (kill, zoom) to default pane-status-format. Will be more to come with floating panes. From Dane Jensen in GitHub issue 4981. CVSROOT: /cvs Module name: src Changes by: nicm@cvs.openbsd.org 2026/04/22 01:15:34 Modified files: usr.bin/tmux : status.c Log message: Translate keypad keys to text in prompt input. From Barrett Ruth in GitHub issue 4996. CVSROOT: /cvs Module name: src Changes by: renaud@cvs.openbsd.org 2026/04/22 01:15:43 Modified files: usr.bin/vi/ex : ex.c Log message: Fix underflows in ex(1) and vi(1) +cmd parser OK millert@ CVSROOT: /cvs Module name: src Changes by: nicm@cvs.openbsd.org 2026/04/22 01:25:17 Modified files: usr.bin/tmux : server-client.c tmux.1 tmux.h tty-features.c tty-term.c tty.c Log message: Add feature for progress bar and pass to outside terminal, GitHu issue 4972 from Eric Dorland. CVSROOT: /cvs Module name: ports Changes by: landry@cvs.openbsd.org 2026/04/22 02:32:31 Modified files: mail/mozilla-thunderbird: Tag: OPENBSD_7_8 Makefile distinfo Log message: mail/mozilla-thunderbird: MFC update to 140.10.0 see https://www.thunderbird.net/en-US/thunderbird/140.10.0esr/releasenotes/ fixes https://www.mozilla.org/en-US/security/advisories/mfsa2026-34/ CVSROOT: /cvs Module name: src Changes by: tb@cvs.openbsd.org 2026/04/22 04:02:34 Modified files: share/man/man9 : tsleep.9 Log message: tsleep.9: add const volatile qualifiers for ident This matches the changes with kern_synch.c r1.90 (2009). ok claudio jca CVSROOT: /cvs Module name: src Changes by: tb@cvs.openbsd.org 2026/04/22 04:04:41 Modified files: share/man/man9 : tsleep.9 Log message: tsleep.9: replace two instances of -- with em dashes per mandoc -Tlint makes sense to jca CVSROOT: /cvs Module name: src Changes by: claudio@cvs.openbsd.org 2026/04/22 06:28:08 Modified files: sys/scsi : scsi_base.c Log message: Use &nowake as ident in tsleep_nsec call instead of using a stack variable for the same goal. Using &nowake is becomes clear that there is no wakeup call for this sleep. noticed by robert@ with llvm22 OK jca@ krw@ CVSROOT: /cvs Module name: src Changes by: claudio@cvs.openbsd.org 2026/04/22 07:51:46 Modified files: usr.sbin/bgpd : bgpd.conf.5 Log message: Add missing It in '.It Ic min-version Ar number' CVSROOT: /cvs Module name: src Changes by: henning@cvs.openbsd.org 2026/04/22 07:54:50 Modified files: usr.sbin/ntpd : ntpd.c Log message: in show_peer_msg, grow the buffer to hold the sprintf'd stratum by 1 byte. the previous buffer was large enough since startum is clamped to 0..15, however, it is a bit much to ask for analyzers - including those in compilers - to detect that, an extra byte on the stack costs us effectively nothing, and it feels a bit more robust. triggered by bcook's portable diffs, ok claudio CVSROOT: /cvs Module name: src Changes by: henning@cvs.openbsd.org 2026/04/22 07:57:58 Modified files: usr.sbin/ntpd : util.c Log message: grow the buffer to hold the sprintf'd rtable id by 8 bytes so it can hold the full range an int can express. the previous buffer was large enough since the rtable id is clamped to 0.. RT_TABLEID_MAX which is 255, however, it is a bit much to ask for analyzers - including those in compilers - to detect that, 8 extra bytes on the stack cost us effectively nothing, and it feels a bit more robust. triggered by bcook's portable diffs, ok claudio CVSROOT: /cvs Module name: ports Changes by: caspar@cvs.openbsd.org 2026/04/22 09:14:43 Modified files: meta/tor-browser: Makefile www/tor-browser: Makefile.inc www/tor-browser/browser: Makefile distinfo Log message: Tor Browser: update to 15.0.10 OK naddy@ CVSROOT: /cvs Module name: ports Changes by: caspar@cvs.openbsd.org 2026/04/22 09:15:02 Modified files: meta/tor-browser: Tag: OPENBSD_7_8 Makefile www/tor-browser: Tag: OPENBSD_7_8 Makefile.inc www/tor-browser/browser: Tag: OPENBSD_7_8 Makefile distinfo Log message: Tor Browser: update to 15.0.10 CVSROOT: /cvs Module name: src Changes by: claudio@cvs.openbsd.org 2026/04/22 09:17:43 Modified files: sys/net : route.c Log message: Use M_RTABLE and not M_TEMP for MPLS data attached to rt_llinfo. OK phessler@ CVSROOT: /cvs Module name: src Changes by: renaud@cvs.openbsd.org 2026/04/22 09:54:08 Modified files: usr.bin/vi/vi : vs_split.c Log message: vs_split() uses sp's visual map without checking it exists. OK millert CVSROOT: /cvs Module name: src Changes by: millert@cvs.openbsd.org 2026/04/22 10:01:08 Modified files: usr.bin/vi/ex : ex_global.c Log message: When updating the ranges after an insertion or deletion, the range should be up to and including the current line number. This behavior is consistent with historic vi as well as modern vim. Reported by Tim Case, fix from Walter Alejandro Iglesias CVSROOT: /cvs Module name: www Changes by: tj@cvs.openbsd.org 2026/04/22 10:55:44 Modified files: openssh : history.html Log message: fix typos that have been on this page for 26 years CVSROOT: /cvs Module name: src Changes by: kirill@cvs.openbsd.org 2026/04/22 13:11:04 Modified files: sys/arch/octeon/dev: cn30xxgmx.c cn30xxgmxvar.h if_cnmac.c Log message: sys/cnmac: support CN71xx 1000BASE-X ports Some CN71xx boards describe active GMX ports only in the PIP device tree, and mark the CPU facing link as cavium,sgmii-mac-1000x-mode with cavium,disable-autonegotiation, but without a PHY handle. OpenBSD otherwise trusts GMX0_INF_MODE for port discovery and insists on a PHY attach in cn30xxgmx_attach(), so such ports never reach cnmac with a usable media setup. Enumerate CN71xx SGMII ports from pip/interface@N when that description is present, carry the 1000x and disable-autonegotiation flags into the per port state, and let cnmac seed fixed 1000baseT full duplex media for that case. Ports that still use a normal SGMII PHY path continue to go through cn30xxsmi_get_phy() and mii_attach() unchanged. Tested on two CN71xx Octeon systems: Juniper SRX300, which uses 1000BASE-X DT ports, and Ubiquiti EdgeRouter 4, which does not. OK: visa@ CVSROOT: /cvs Module name: src Changes by: dlg@cvs.openbsd.org 2026/04/22 15:58:53 Modified files: usr.bin/netstat: mbuf.c sys/kern : uipc_mbuf.c Log message: increase the 9k mbuf clusters to 9k + 128 bytes pools try to amortise the cost of items against the underlying kernel memory allocator by rounding the "page" size up to fit at least 8 items, and then rounding that up to the next power of 2. the 9k clusters are 9 * 1024 bytes, which is 72k after being multiplied by 8, which becomes 128k cos it's the next power of 2. if you divide 128k by 9k, you get 14 and some change. there's enough change that we can raise the cluster size by 128 bytes without affecting the page size or the number of items on the page. ie, it's still going to use 128k "pages" and fit 14 clusters. i can take advantage of this in some drivers for stupid hardware, so given the above it seems like a plan without any drawbacks apart from the pool name getting a bit bigger. ok claudio@ CVSROOT: /cvs Module name: src Changes by: dlg@cvs.openbsd.org 2026/04/22 16:09:18 Modified files: sys/dev/pci : if_ix.c Log message: fix rss hashing on big endian archs i noticed that packets seem to be hashed differently by the network stack and this hardware on sparc64. mucking around with how we handle the endianness of the rss key programmed via registers makes it consistent on both big and little archs. tested by me on sparc64 and arm64 ok claudio@ CVSROOT: /cvs Module name: ports Changes by: jca@cvs.openbsd.org 2026/04/22 16:10:17 Modified files: net/openvpn : Tag: OPENBSD_7_8 Makefile distinfo net/openvpn/patches: Tag: OPENBSD_7_8 patch-configure Log message: SECURITY update to openvpn-2.6.20 fix race condition in TLS handshake that could lead to leaking of packet data from a previous handshake under specific circumstances (CVE-2026-40215) fix server ASSERT() on receiving a suitably malformed packet with a valid tls-crypt-v2 key (CVE-2026-35058) Other changes: https://github.com/OpenVPN/openvpn/blob/v2.6.20/Changes.rst CVSROOT: /cvs Module name: src Changes by: dlg@cvs.openbsd.org 2026/04/22 16:12:49 Modified files: sys/dev/pci : if_ix.c Log message: fix tx dma segment size i thought it was weird that an MI driver like ix(4) is using an MD number like PAGE_SIZE for the maximum segment size in its tx dma maps. the manual says tx segments can be 16k (and goes into a 16bit field), so let's try using the documented value here. the rx descs also use 16 * 1024 as a magic number here, so it's in keeping with other code in the same driver. tested by me on arm64 and sparc64 (which has 8k pages) tested by and ok jan@ CVSROOT: /cvs Module name: src Changes by: sashan@cvs.openbsd.org 2026/04/22 17:06:01 Modified files: sys/net : if_pfsync.c Log message: pf_purge_states() may trip assert(st->timeout == PFTM_UNLINKED) in pf_free_state(). Once member ->timeout in pf_state structure reaches PFTM_UNLINKED value, then the ->timeout member must not not be updated. This diff reminds pfsync(4) to follow PFTM_UNLINKED rule too. The pfsync(4) currently may accidentally update ->timeout member while state is being purged, causing pf_purge_states() to trip the assert. Issue was kindly reported by Stuart Henderson. OK @bluhm CVSROOT: /cvs Module name: src Changes by: jsg@cvs.openbsd.org 2026/04/22 19:08:46 Modified files: sys/dev/pci/drm/amd/amdgpu: amdgpu_vm.c Log message: drm/amdgpu: Handle GPU page faults correctly on non-4K page systems From Donet Tom 6a9f2683c66dc54d3598589684c0b3c5cb2862ad in linux-6.18.y/6.18.24 4e9597f22a3cb8600c72fc266eaac57981d834c8 in mainline linux CVSROOT: /cvs Module name: src Changes by: millert@cvs.openbsd.org 2026/04/22 19:08:47 Modified files: lib/libc/time : difftime.c Log message: Fix difftime() result when it is passed a negative value We need to cast the result of bitwise AND to time_t before the cast to double in the HI and LO macros. Otherwise, we get a very large positive floating point value instead of a negative value. Reported by Xuntao Chi CVSROOT: /cvs Module name: src Changes by: jsg@cvs.openbsd.org 2026/04/22 19:10:33 Modified files: sys/dev/pci/drm/amd/amdkfd: kfd_queue.c Log message: drm/amdkfd: Fix queue preemption/eviction failures by aligning control stack size to GPU page size From Donet Tom 647fb0dc3818733024fc96c1df1ec3af806b0256 in linux-6.18.y/6.18.24 78746a474e92fc7aaed12219bec7c78ae1bd6156 in mainline linux CVSROOT: /cvs Module name: src Changes by: dlg@cvs.openbsd.org 2026/04/22 19:15:07 Modified files: sys/ddb : db_input.c Log message: make ctrl-w remove trailing space from words too this makes it more consistent with what i experience with ctrl-w in the shell. ok deraadt@ claudio@ CVSROOT: /cvs Module name: src Changes by: jsg@cvs.openbsd.org 2026/04/22 19:16:32 Modified files: sys/dev/pci/drm/i915: i915_gem.c Log message: x86: rename and clean up __copy_from_user_inatomic_nocache() From Linus Torvalds 03fd014cd9f3a3d173740ab9c5cbede82fd6322c in linux-6.18.y/6.18.24 5de7bcaadf160c1716b20a263cf8f5b06f658959 in mainline linux CVSROOT: /cvs Module name: src Changes by: jsg@cvs.openbsd.org 2026/04/22 19:16:55 Modified files: sys/dev/pci/drm/include/linux: uaccess.h Log message: rename __copy_from_user_inatomic_nocache() to copy_from_user_inatomic_nontemporal() to follow changes in linux 6.18.24 CVSROOT: /cvs Module name: src Changes by: jsg@cvs.openbsd.org 2026/04/22 19:28:03 Modified files: sys/net : art.h art.c Log message: remove unused art_walk() ok dlg@ CVSROOT: /cvs Module name: src Changes by: jsg@cvs.openbsd.org 2026/04/22 19:33:01 Modified files: sys/net : pf_ioctl.c Log message: remove unused pf_statelim_clr() ok dlg@ CVSROOT: /cvs Module name: ports Changes by: phessler@cvs.openbsd.org 2026/04/23 01:51:18 Modified files: cad/openscad : Makefile Log message: add missing build dep. it wouldn't build without the build dep being available, so no need for a REVISION bump. noticed by myself and naddy on arm64 and amd64 bulk package builds. OK sthen@ CVSROOT: /cvs Module name: src Changes by: nicm@cvs.openbsd.org 2026/04/23 05:29:23 Modified files: usr.bin/tmux : screen-redraw.c Log message: Redraw correctly when a popup is present above pane borders, GitHub issue 4997 from Manuel Einfalt. CVSROOT: /cvs Module name: ports Changes by: jca@cvs.openbsd.org 2026/04/23 05:46:03 Added files: devel/orc/patches: patch-orc_riscv_orcriscvtarget_c Log message: Fix orc riscv64-specific code paths orc previously failed to build because of inconsistent #ifdefs that exposed Linux-only calls. While here hook up call to (__builtin)__clear_cache and correct default assumptions (the 'V' extension can't be assumed, on any OS). Prompted by a report from matthieu@, maintainer timeout, ok sthen@ CVSROOT: /cvs Module name: ports Changes by: robert@cvs.openbsd.org 2026/04/23 06:00:58 Modified files: devel/clang-tools-extra: Makefile devel/py-llvmlite: Makefile lang/zig : Makefile www/chromium : Makefile www/iridium : Makefile www/ungoogled-chromium: Makefile Log message: bump REVISION after the fixes in the llvm ports ok sthen@ CVSROOT: /cvs Module name: src Changes by: nicm@cvs.openbsd.org 2026/04/23 06:36:15 Modified files: usr.bin/tmux : file.c server-client.c tmux.h Log message: Kill client rather than fatalx on bad file handling messages, reported by Tim Zheng. CVSROOT: /cvs Module name: src Changes by: claudio@cvs.openbsd.org 2026/04/23 06:57:47 Modified files: regress/usr.bin/ssh/unittests: Makefile.inc Log message: Drop -Winline from CDIAGFLAGS it breaks on sparc64 On sparc64 ssh/unittests/kex fails to build with: usr.bin/ssh/libcrux_mlkem768_sha3.h:8196: warning: inlining failed in call to 'libcrux_ml_kem_polynomial_ZERO_89_ea': --param max-inline-insns-single limit reached OK djm@ (long time ago) reminded by tb@ CVSROOT: /cvs Module name: src Changes by: claudio@cvs.openbsd.org 2026/04/23 08:15:53 Modified files: usr.sbin/rpki-client: parser.c Log message: Move repo_tree_free() up to where the other repo functions live. OK tb@ CVSROOT: /cvs Module name: src Changes by: kettenis@cvs.openbsd.org 2026/04/23 13:51:37 Modified files: sys/arch/riscv64/dev: simplebus.c sys/arch/riscv64/include: bus.h sys/arch/riscv64/riscv64: autoconf.c bus_dma.c Log message: Implement bounce buffers for riscv64. ok jca@ CVSROOT: /cvs Module name: ports Changes by: kmos@cvs.openbsd.org 2026/04/23 14:00:09 Modified files: audio/ncmpc : Makefile Log message: span.h is provided by GCC 15. Drop BROKEN-sparc64 ok naddy CVSROOT: /cvs Module name: ports Changes by: kmos@cvs.openbsd.org 2026/04/23 14:00:49 Modified files: math/libqalculate: Makefile Log message: Now that ports-gcc is gcc 15, this is no longer BROKEN on sparc64 Remove BROKEN-sparc64 ok naddy CVSROOT: /cvs Module name: ports Changes by: kirill@cvs.openbsd.org 2026/04/23 15:11:39 Modified files: net/ejabberd : Makefile Log message: net/ejabberd: prevent linking agains wayland/libei instead erlang's libei.a CVSROOT: /cvs Module name: ports Changes by: naddy@cvs.openbsd.org 2026/04/23 15:44:49 Modified files: lang/gawk : Makefile Log message: lang/gawk: do not pick up gettext-tools in configure configure picks up xgettext and it is then used during the build, but to no effect. Reported by jca@ CVSROOT: /cvs Module name: www Changes by: tj@cvs.openbsd.org 2026/04/23 17:21:41 Modified files: build/mirrors : openbgpd-ftp.html.head libressl : mail.html openbgpd : ftp.html openiked : manual.html openntpd : features.html opensmtpd : report.html Log message: fix broken/outdated links CVSROOT: /cvs Module name: www Changes by: tj@cvs.openbsd.org 2026/04/23 17:22:40 Modified files: libressl : papers.html openbgpd : users.html openntpd/txt : release-6.1p1.txt release-6.8p1.txt opensmtpd : list.html opensmtpd/announces: libasr-1.0.0.txt libasr-1.0.1.txt libasr-1.0.2.txt Log message: fix some typos CVSROOT: /cvs Module name: ports Changes by: matthieu@cvs.openbsd.org 2026/04/23 23:59:22 Modified files: sysutils/ttyplot: Makefile sysutils/ttyplot/patches: patch-ttyplot_c Log message: Fix ttypplot by moving pledge() call after open(/dev/tty). Add 'use pledge()' marker to Makefile while there. ok tb@, fcambus@, naddy@ CVSROOT: /cvs Module name: src Changes by: nicm@cvs.openbsd.org 2026/04/24 04:08:52 Modified files: usr.bin/tmux : window.c Log message: No need to stravis the window name twice. CVSROOT: /cvs Module name: src Changes by: jsg@cvs.openbsd.org 2026/04/24 07:25:44 Modified files: sys/net : pipex_local.h trunklacp.c Log message: use __kprintf__ not __printf__ for format attributes avoids format warnings with clang 21 and later ok robert@ CVSROOT: /cvs Module name: src Changes by: tb@cvs.openbsd.org 2026/04/24 09:10:20 Modified files: lib/libcrypto/pkcs7: pk7_doit.c Log message: Simplify PKCS7_get_issuer_and_serial() The i variable is unused. Likewise for the first assignment to ri. Instead of an incomplete check that idx is in range, which still results in a NULL deref if idx < 0, check if ri is not NULL before accessing, as sk_value() checks the index correctly. ok jsing kenjiro CVSROOT: /cvs Module name: ports Changes by: jca@cvs.openbsd.org 2026/04/24 10:01:38 Modified files: net/openvpn : Makefile distinfo Log message: SECURITY update to openvpn-2.7.2 fix race condition in TLS handshake that could lead to leaking of packet data from a previous handshake under specific circumstances (CVE-2026-40215) fix server ASSERT() on receiving a suitably malformed packet with a valid tls-crypt-v2 key (CVE-2026-35058) Other changes: https://github.com/OpenVPN/openvpn/blob/v2.7.2/Changes.rst ok naddy@ CVSROOT: /cvs Module name: ports Changes by: landry@cvs.openbsd.org 2026/04/24 11:31:12 Modified files: security/nss : Makefile distinfo Log message: security/nss: bugfix update to 3.123.1 fixes #2033783: invalid DTLS CertificateVerify signature breaks Firefox WebRTC to pion and webrtc-rs servers see https://hg-edge.mozilla.org/projects/nss/raw-file/tip/doc/rst/releases/nss_3_123_1.rst ok naddy@ CVSROOT: /cvs Module name: ports Changes by: phessler@cvs.openbsd.org 2026/04/24 11:42:24 Modified files: graphics/ImageMagick: Makefile Log message: remove BROKEN marker to try building on arm(v7). the platform has changed a lot since 2019 OK sthen@ naddy@ CVSROOT: /cvs Module name: www Changes by: kmos@cvs.openbsd.org 2026/04/24 16:33:40 Modified files: . : plus.html Log message: Added changes for November and December 2025 Done with pamela@ CVSROOT: /cvs Module name: src Changes by: jsing@cvs.openbsd.org 2026/04/24 23:47:03 Modified files: lib/libcrypto/sha: sha256.c Log message: Add FIPS 180-4 references for SHA-256 constants. CVSROOT: /cvs Module name: src Changes by: tb@cvs.openbsd.org 2026/04/25 04:30:11 Modified files: lib/libcrypto/pkcs7: pk7_doit.c Log message: pkcs7: Simplify PKCS7_type_is_other() Remove unnecessary isOther and nid variables and use direct returns. The function should probably be removed... ok jsing kenjiro CVSROOT: /cvs Module name: src Changes by: tb@cvs.openbsd.org 2026/04/25 04:48:59 Modified files: lib/libcrypto/pkcs7: pk7_doit.c Log message: pkcs7: avoid assignment to i in PKCS7_dataInit() We can switch over the return value of OBJ_obj2nid() rather than using i for an indirection. ok jsing kenjiro CVSROOT: /cvs Module name: src Changes by: tb@cvs.openbsd.org 2026/04/25 04:50:50 Modified files: lib/libcrypto/pkcs7: pk7_doit.c Log message: pkcs7: don't use i and j for NIDs in PKCS7_dataDecode() There's no need to assign to i before the switch and j is a terrible name for a NID. Inline the latter and switch directly over the return value of OBJ_obj2nid(). ok jsing kenjiro CVSROOT: /cvs Module name: src Changes by: tb@cvs.openbsd.org 2026/04/25 04:53:13 Modified files: lib/libcrypto/pkcs7: pk7_doit.c Log message: pkcs7: don't use i, j for NIDs in PKCS7_dataFinal() Use nid for NIDs and use i only for for loops. ok jsing kenjiro CVSROOT: /cvs Module name: src Changes by: tb@cvs.openbsd.org 2026/04/25 04:54:30 Modified files: lib/libcrypto/pkcs7: pk7_doit.c Log message: pkcs7: drop silly use of i in PKCS7_dataVerify() ok jsing kenjiro CVSROOT: /cvs Module name: src Changes by: kettenis@cvs.openbsd.org 2026/04/25 05:41:41 Modified files: sys/dev/fdt : dwpcie.c Log message: If the PCIe link is down, provide access to config space for bus 0, but return 0xffffffff (and ignore writes) for other busses. This gets rid of the "can't initialize hardware" messages that confuse some users and better matches what happens on other platforms with PCIe when a slot is empty. ok jca@ CVSROOT: /cvs Module name: src Changes by: claudio@cvs.openbsd.org 2026/04/25 06:14:38 Modified files: sys/arch/sparc64/sparc64: trap.c Log message: Do not clear the dirty upper and lower bits when enabling the FPU in fprs When handling a FPU disabled trap and the FPU context is still pointing to curproc then all that needs to be done is enable the FPU but on sparc64 this needs to be done in two places. In pstate and %fprs. Writing FPRS_FEF into %fprs clears the DU and DL bits which marks the FPU state as clean (but it may not be). If the proc only reads the FPU state and later a lazy FPU switch is forced the FPU context is not correctly saved. Instead read %fprs and or FPRS_FEF into it, keeping the DU and DL bits intact. See also rev 1.68 for why %fprs needs to be fumbled with. This fixes various issues seen during ports bulk builds. Like perl tripping over "use 5.12.0;" with a -NaN is not a version error, various awk issues and even cmake failures via 'std::bad_array_new_length'. OK kettenis@ CVSROOT: /cvs Module name: src Changes by: jsing@cvs.openbsd.org 2026/04/25 08:36:12 Modified files: regress/lib/libssl/dtls: Makefile Added files: regress/lib/libssl/dtls: dtls_wire_test.c Log message: Add DTLS wire tests. Add tests that ensure the wire bytes for DTLS are what we expect for both CCS and fragmented handshake messages. CVSROOT: /cvs Module name: src Changes by: millert@cvs.openbsd.org 2026/04/25 11:47:46 Modified files: usr.bin/vi/common: delete.c Log message: Fix a misapplied patch in rev 1.12, the goto belongs outside the len check. CVSROOT: /cvs Module name: src Changes by: millert@cvs.openbsd.org 2026/04/25 11:51:11 Modified files: usr.bin/vi/vi : v_sentence.c Log message: Prevent '(' from moving the cursor forward. Fixes an issue where '(' moved forward the start of the next (not previous) sentence when used within whitespace at the start if a line. From Debian bug 193498 (Tommy Pettersson) via nvi2. CVSROOT: /cvs Module name: src Changes by: millert@cvs.openbsd.org 2026/04/25 11:58:56 Modified files: usr.bin/vi/vi : v_sentence.c Log message: Fix special case of ')' when the cursor is on white-space. The forward sentence code has a special case to support moving to the start of the next sentence when it is in the middle of a empty line or whitespace between sentences. However, the logic was incorrect and applied when the curson was on _any_ white-space. This change adds logic to look back and detect whether the cursor is actually in between two sentences. Based on a diff from Walter Alejandro. CVSROOT: /cvs Module name: src Changes by: millert@cvs.openbsd.org 2026/04/25 13:30:59 Modified files: usr.bin/vi/vi : v_paragraph.c v_sentence.c Log message: Allow '!}' and '!)' at EOF, even though there is no forward movement. The updated behavior differs from traditional vi but matches vim. It is already possible to run bang commands at EOF in conjunction with some other forward movement commands such as 'l' and 'w'. From Walter Alejandro Iglesias CVSROOT: /cvs Module name: www Changes by: naddy@cvs.openbsd.org 2026/04/25 14:07:56 Modified files: . : 79.html Log message: 13044 amd64 packages CVSROOT: /cvs Module name: www Changes by: tj@cvs.openbsd.org 2026/04/25 15:04:11 Modified files: faq : upgrade78.html Log message: zap invalid

tag CVSROOT: /cvs Module name: www Changes by: tj@cvs.openbsd.org 2026/04/25 15:05:16 Modified files: faq/ports : differences.html specialtopics.html Log message: fix some typos CVSROOT: /cvs Module name: www Changes by: tj@cvs.openbsd.org 2026/04/25 15:21:15 Modified files: faq : faq17.html Log message: android's vpn client supports ikev2 now, so remove some outdated info. discussed with landry CVSROOT: /cvs Module name: src Changes by: tb@cvs.openbsd.org 2026/04/25 22:19:11 Modified files: lib/libcrypto/pkcs7: pk7_doit.c Log message: Fix PKCS7_set_{un,}signed_attributes() In both these functions, if the X509_ATTRIBUTE_dup() fails, the remainder of the sk stack is shared with p7si->{un,}auth_attr and the caller will likely end up freeing it twice. Fix this by writing another sk_deep_copy() patterned after the existing ones in x509_lu.c and x509_vpm.c. PKCS7_set_{un,}signed_attributes() become trivial wrappers of that. ok jsing kenjiro CVSROOT: /cvs Module name: www Changes by: matthieu@cvs.openbsd.org 2026/04/26 00:22:19 Modified files: . : 79.html Log message: Update versions of base+xenocara CVSROOT: /cvs Module name: www Changes by: matthieu@cvs.openbsd.org 2026/04/26 00:24:32 Modified files: . : 79.html Log message: 7.7 -> 7.8 where needed. CVSROOT: /cvs Module name: www Changes by: matthieu@cvs.openbsd.org 2026/04/26 01:00:54 Modified files: . : 79.html Log message: ports versions CVSROOT: /cvs Module name: www Changes by: tb@cvs.openbsd.org 2026/04/26 01:07:31 Modified files: . : 79.html Log message: zlib 1.3.2 CVSROOT: /cvs Module name: src Changes by: kettenis@cvs.openbsd.org 2026/04/26 03:27:15 Modified files: sys/dev/ic : com.c Log message: Attempt to drain the transmit FIFO before resetting or disabling it such that output that is currently in the FIFO makes it out. We already do this when attaching as a console by using a fixed delay, but not in compwroff() which runs when userland closes the associated tty. Instead of using a fixed delay, look at the LSR_TSRE bit which should get set if the FIFO (or the itransmit shift register if the FIFO is disabled) is empty. Use a fixed timeout such that on hardware with a non-functional LSR_TSRE bit the loops still terminate. This should fix issues where we lose serial output when userland closes a tty or when com(4) attaches to the port that is used as the console. ok deraadt@ CVSROOT: /cvs Module name: www Changes by: tb@cvs.openbsd.org 2026/04/26 03:42:46 Modified files: . : 79.html Log message: go 1.26.2 CVSROOT: /cvs Module name: www Changes by: sthen@cvs.openbsd.org 2026/04/26 07:09:56 Modified files: . : 79.html Log message: 10631 i386 packages CVSROOT: /cvs Module name: src Changes by: tb@cvs.openbsd.org 2026/04/26 11:58:58 Modified files: lib/libcrypto/x509: x509_addr.c Log message: make_addressRange: unused bits in max must be zero X509v3_addr_add_range() requires that min and max of an address range have network encoding. In the RFC 3779 encoding of an actual address range (as opposed to a prefix) as a SEQUENCE OF two ASN.1 BIT STRINGs, the trailing one bits of the maximum become unused bits and therefore must be DER encoded as zeroes. The DER encoder will clear them via i2d but these trailing ones are annoying. Make a copy in which the unused bits are cleared. ok kenjiro CVSROOT: /cvs Module name: www Changes by: kirill@cvs.openbsd.org 2026/04/26 12:27:12 Modified files: . : 79.html Log message: 79.html: jdk8 was removed CVSROOT: /cvs Module name: src Changes by: mglocker@cvs.openbsd.org 2026/04/26 13:25:08 Modified files: sys/dev/pci : if_qwz_pci.c sys/dev/ic : qwz.c qwzreg.h qwzvar.h Log message: Bring the qwz driver up to WPA2 association on the Qualcomm WCN7850 chip. Major changes: 1. Fix the RX path. 2. Fix the TX path. 3. Fix MSI interrupt routing. 4. Make the WPA2 4-way handshake complete. 5. Add bus_dmamap_sync() barriers on RX and TX. 6. Update register/descriptor defines from ath11k to ath12k WiFi7. Known limitations: - DHCP does not yet complete on most setups: TX of DISCOVER works (the DHCP server sees it), but the OFFER does not reach the host. Likely an RX-path or post-handshake GTK state issue. Reported by kettenis@ with an athn(4) AP on a Vivobook. - Some hardware (e.g. Honor laptop) hits a firmware page fault during association. RDDM dump shows a fault in dlpager_main.c inside the firmware; likely a memory addressing issue specific to that silicon stepping or IOMMU configuration. Reported by kirill@. - On APs with PMF (Protected Management Frames) enabled, the association flaps continuously; on APs without PMF (Apple hotspot, athn(4)) the connection reaches a stable "active" state and survives subsequent firmware crashes via the recovery path. - Firmware occasionally crashes after sustained traffic on some APs (FritzBox in particular can drive the device into an unrecoverable "tx credits timeout" state); the driver normally recovers via the existing RDDM path in if_qwz_pci.c without a system reboot. - One PN-replay loop in qwz_dp_peer_rx_pn_replay_config doesn't iterate the non-QoS TID slot. Cosmetic for normal use; will land as a separate small commit. This is a foundation commit: enough to associate and exchange some frames, but not yet a usable network connection. Further work is required. OK kettenis@, kirill@ CVSROOT: /cvs Module name: src Changes by: dtucker@cvs.openbsd.org 2026/04/26 23:49:41 Modified files: regress/usr.bin/ssh: keyscan.sh Log message: Use supported hostkeyalgorithms specifically in sshd_config instead of supported key types, which is almost but not completely correct. CVSROOT: /cvs Module name: src Changes by: nicm@cvs.openbsd.org 2026/04/27 06:31:11 Modified files: usr.bin/tmux : cmd-parse.y Log message: Add a limit on maximum length of environment variable assignment in configuration files. CVSROOT: /cvs Module name: src Changes by: hshoexer@cvs.openbsd.org 2026/04/27 07:06:14 Modified files: usr.sbin/vmd : config.c Log message: vmd(8): Avoid reuse of dead filedescriptor When the vmd process sends a kernfd to the vmm process, that descriptor will be closed in msgbuf_write() after a successful sendmsg(). However, that descriptor number is still stored in vm->vm_kernel. When termination of one VM is interleaved with lauch of another VM, that number might be reassigned to a _new_ kernfd of the launching VM. Now we have a race: - the vmd process queues an imsg with that descriptor in config_setvm() (for the launching VM) - the vmd process calls in vm_stop() close() on that descriptor (for the terminating VM) - when the vmd process calls proc_dispatch() imsgbuf_send() for imsg queued in config_setvm(), sendmsg() will return EBADF (the descriptor in the control message is invalid) By dupping kernfd we can avoid this race. ok dv@ CVSROOT: /cvs Module name: src Changes by: claudio@cvs.openbsd.org 2026/04/27 09:06:01 Modified files: usr.sbin/bgpd : bgpd.h rde.c rde.h rde_filter.c session.c session.h Log message: Change to enum filter_action and enum direction since the plural form does not work well with these enums. OK denis@ tb@ CVSROOT: /cvs Module name: src Changes by: claudio@cvs.openbsd.org 2026/04/27 09:24:43 Modified files: usr.sbin/bgpd : rde.c Log message: Shuffle the softreconfig functions into an order that makes more sense. OK tb@ CVSROOT: /cvs Module name: src Changes by: claudio@cvs.openbsd.org 2026/04/27 09:52:20 Modified files: usr.sbin/bgpd : rde.c Log message: Rename out_rules to simply rules. In the near future this list will be used for both 'from' and 'to' filter rules. OK tb@ CVSROOT: /cvs Module name: src Changes by: kirill@cvs.openbsd.org 2026/04/27 10:39:50 Modified files: sys/arch/octeon/dev: cn30xxgmx.c cn30xxgmxvar.h if_cnmac.c iobusvar.h octeon_iobus.c octpip.c Log message: sys/cnmac: read MAC address from device tree Read local-mac-address from the matching ethernet port node in device tree; fall back to the old board address allocation when it is absent. As suggested by visa@, this changes HW address assignment on the EdgeRouter Pro, and probably on the ER-8, by swapping ports as follows: cnmac0 <-> cnmac4 cnmac1 <-> cnmac5 cnmac2 <-> cnmac6 cnmac3 <-> cnmac7 Affected devices uses the same MAC addresses as the original firmware. OK: visa@ CVSROOT: /cvs Module name: src Changes by: kirill@cvs.openbsd.org 2026/04/27 10:54:49 Modified files: sys/arch/octeon/dev: cn30xxpip.c cn30xxpipvar.h if_cnmac.c if_cnmacvar.h Log message: sys/cnmac: add RX queues Add RX queues to cnmac, backed by shared POW groups. Use PIP tags for RX group selection and pass the tag up as M_FLOWID. OK: visa@ CVSROOT: /cvs Module name: www Changes by: thfr@cvs.openbsd.org 2026/04/27 14:18:03 Modified files: . : 79.html Log message: mention Vulkan 1.4.341.0 CVSROOT: /cvs Module name: src Changes by: job@cvs.openbsd.org 2026/04/27 16:23:27 Modified files: usr.sbin/rpki-client: parser.c Log message: adjust style OK tb@ CVSROOT: /cvs Module name: src Changes by: jsg@cvs.openbsd.org 2026/04/27 19:14:07 Modified files: sys/dev/pci/drm: drm_linux.c Log message: Make xarray cyclic start looking for a free id at the position specified by the next argument and stop after wrapping back to that position. Previously looking for a free id started at the beginning of the allocation range and stopped at the end, ignoring the next argument. Currently xarray cyclic id allocations are only used by the GuC code in inteldrm. In 6.18.25 drm, the amdgpu PASID allocation changes from using cyclic idr to cyclic xarray. CVSROOT: /cvs Module name: www Changes by: jsg@cvs.openbsd.org 2026/04/27 21:02:50 Modified files: . : 79.html Log message: suporting -> supporting CVSROOT: /cvs Module name: src Changes by: jsg@cvs.openbsd.org 2026/04/27 21:25:46 Modified files: sys/dev/pci/drm/include/linux: xarray.h Log message: add DEFINE_XARRAY_FLAGS() for 6.18.25 drm CVSROOT: /cvs Module name: src Changes by: jsg@cvs.openbsd.org 2026/04/27 21:33:56 Modified files: sys/dev/pci/drm/include/linux: xarray.h Log message: use DEFINE_XARRAY_FLAGS() for DEFINE_XARRAY_ALLOC() CVSROOT: /cvs Module name: src Changes by: jsg@cvs.openbsd.org 2026/04/27 21:44:14 Modified files: sys/dev/pci/drm: drm_linux.c Log message: Change xarray pool from IPL_NONE to IPL_TTY as amdgpu will soon use it from interrupt context. Matches the IPL of the IDR pool. CVSROOT: /cvs Module name: src Changes by: nicm@cvs.openbsd.org 2026/04/28 02:32:44 Modified files: usr.bin/tmux : cmd-join-pane.c Log message: Fix -p for for join-pane, from Dane Jensen. CVSROOT: /cvs Module name: src Changes by: nicm@cvs.openbsd.org 2026/04/28 02:34:15 Modified files: usr.bin/tmux : cmd-run-shell.c Log message: Do not hang run-shell when job_run fails, from Barrett Ruth in GitHub issue 5037. CVSROOT: /cvs Module name: src Changes by: nicm@cvs.openbsd.org 2026/04/28 02:35:21 Modified files: usr.bin/tmux : window-copy.c Log message: Do not deref NULL job in window_copy_pipe_run when job_run fails. From Barrett Ruth in GitHub issue 5036. CVSROOT: /cvs Module name: src Changes by: nicm@cvs.openbsd.org 2026/04/28 02:47:55 Modified files: usr.bin/tmux : cmd-pipe-pane.c Log message: Do not leak socketpair fds in pipe-pane when fork fails. From Barrett Ruth. CVSROOT: /cvs Module name: src Changes by: nicm@cvs.openbsd.org 2026/04/28 02:52:37 Modified files: usr.bin/tmux : paste.c Log message: Sanitize paste buffer names in paste_set and paste_rename, GitHub issue 5032 from Barrett Ruth. CVSROOT: /cvs Module name: src Changes by: jsg@cvs.openbsd.org 2026/04/28 03:23:22 Modified files: sys/dev/pci/drm/amd/amdgpu: amdgpu_ids.c Log message: drm/amdgpu: replace PASID IDR with XArray From Mikhail Gavrilov b7cddf6c017510cd0c79980ea551e7bcdf0edc7e in linux-6.18.y/6.18.25 3c863ff920b45fa7a9b7d4cb932f466488a87a58 in mainline linux CVSROOT: /cvs Module name: src Changes by: nicm@cvs.openbsd.org 2026/04/28 04:01:07 Modified files: usr.bin/tmux : key-bindings.c menu.c mode-tree.c status.c Log message: Make C-[ have the same bindings as Escape for terminals with extended keys where they are different, GitHub issue 5035 from Eric NICOLAS. CVSROOT: /cvs Module name: src Changes by: millert@cvs.openbsd.org 2026/04/28 07:25:04 Modified files: usr.sbin/rdate : Makefile ntp.c rdate.8 rdate.c Removed files: usr.sbin/rdate : ntpleaps.c ntpleaps.h Log message: rdate: remove -c option, we don't install the "right" zone files This option was non-functional since OpenBSD does not ship with the /usr/share/zoneinfo/right time zone files, which include leap seconds. OK dgl@ CVSROOT: /cvs Module name: src Changes by: claudio@cvs.openbsd.org 2026/04/28 08:06:44 Modified files: usr.sbin/bgpd : rde.c Log message: Fix possible reload bug that leave old filters on a peer. In rde_reload_done() the code handling the peer->reconf_rib case has a continue which skips the code path that actually reapplies the outbound filters. The result is that such a peer keeps on running with the old filters -- a subsequent reload will then fix this. Removing the continue changes the way peer->reconf_rib and peer->reconf_out interact. Now reconf_rib needs to be checked before reconf_out since it is possible for both to be set. Adjust the code in rde_softreconfig_in_done() accordingly. OK tb@ CVSROOT: /cvs Module name: src Changes by: millert@cvs.openbsd.org 2026/04/28 09:36:52 Modified files: lib/libc/gen : cgetent.3 Log message: Escape is octal 33, not 27 (which is escape in decimal) From Eric Mulholland CVSROOT: /cvs Module name: www Changes by: sthen@cvs.openbsd.org 2026/04/28 10:23:08 Modified files: . : 79.html Log message: 12883 aarch64 packages CVSROOT: /cvs Module name: src Changes by: millert@cvs.openbsd.org 2026/04/28 15:31:48 Modified files: share/zoneinfo/datfiles: northamerica southamerica zone.tab zone1970.tab zonenow.tab Log message: Update to 2026bgtz from https://github.com/JodaOrg/global-tz CVSROOT: /cvs Module name: src Changes by: djm@cvs.openbsd.org 2026/04/28 15:32:05 Modified files: usr.bin/ssh : ssh-agent.c Log message: unveil the actual listening socket path and its directory so it can be cleaned up at exit. Reported by / tested by David Krause, ok markus@ CVSROOT: /cvs Module name: www Changes by: kmos@cvs.openbsd.org 2026/04/29 00:49:05 Modified files: . : plus.html Log message: Changes for January 2026 Done with pamela@