OpenBSD/ports LQxsiqhx11/mruby-zest Makefile

by phessler on ⎇
   armv7: build frozen for over 12 hours
VersionDeltaFile
1.6+2-0x11/mruby-zest/Makefile
+2-01 files

OpenBSD/ports p5zHJhZwww/webkitgtk4 distinfo Makefile, www/webkitgtk4/patches patch-Source_cmake_WebKitCompilerFlags_cmake patch-Source_JavaScriptCore_offlineasm_arm64_rb

by ajacoutot on ⎇
   Update to webkitgtk{40,41,60}-2.48.1.

   ok naddy@
VersionDeltaFile
1.130+2-2www/webkitgtk4/distinfo
1.18+1-1www/webkitgtk4/patches/patch-Source_cmake_WebKitCompilerFlags_cmake
1.234+1-1www/webkitgtk4/Makefile
1.14+1-1www/webkitgtk4/patches/patch-Source_JavaScriptCore_offlineasm_arm64_rb
1.6+1-1www/webkitgtk4/patches/patch-Source_WTF_wtf_PlatformCPU_h
1.26+1-1www/webkitgtk4/patches/patch-Source_cmake_OptionsCommon_cmake
+7-76 files

OpenBSD/ports y04qCL6archivers/xz Makefile, archivers/xz/patches patch-src_liblzma_common_stream_decoder_mt_c

by naddy on ⎇
   archivers/xz: security fix for CVE-2025-31115

   The multithreaded .xz decoder in liblzma has a bug where invalid input
   can at least result in a crash.

   reported by jca@
VersionDeltaFile
1.1+186-0archivers/xz/patches/patch-src_liblzma_common_stream_decoder_mt_c
1.54+1-0archivers/xz/Makefile
+187-02 files

OpenBSD/ports CWIEE03net/curl distinfo Makefile, net/curl/pkg PLIST

by naddy on ⎇
   net/curl: update to 8.13.0

   Changes:
   * curl: add write-out variable 'tls_earlydata'
   * curl: make --url support a file with URLs
   * IMAP: add CURLOPT_UPLOAD_FLAGS and --upload-flags
   * lib: add CURLFOLLOW_OBEYCODE and CURLFOLLOW_FIRSTONLY
   * OpenSSL/quictls: add support for TLSv1.3 early data
   * var: add a '64dec' function that can base64 decode a string

   Committed now to minimize the difference for the inevitable security
   updates during the lifetime of OpenBSD 7.7-stable.
VersionDeltaFile
1.138+2-2net/curl/distinfo
1.205+2-2net/curl/Makefile
1.86+1-0net/curl/pkg/PLIST
+5-43 files

OpenBSD/ports q42qsWClang/rust distinfo Makefile, lang/rust/patches patch-vendor_libgit2-sys_build_rs patch-compiler_rustc_session_src_options_rs

by semarie on ⎇
   update lang/rust to 1.86.0

   Announce: https://blog.rust-lang.org/2025/04/03/Rust-1.86.0.html
   Release notes: https://doc.rust-lang.org/stable/releases.html#version-1860-2025-04-03
VersionDeltaFile
1.18+280-263lang/rust/pkg/PLIST-src
1.54+16-4lang/rust/pkg/PLIST-main
1.149+8-8lang/rust/distinfo
1.229+5-7lang/rust/Makefile
1.10+5-5lang/rust/patches/patch-vendor_libgit2-sys_build_rs
1.19+4-4lang/rust/patches/patch-compiler_rustc_session_src_options_rs
+318-2913 files not shown
+324-2979 files

OpenBSD/ports RmVyPIltelephony/kamailio Makefile

by phessler on ⎇
   seen on armv7: Unsupported compiler (cc:clang)
VersionDeltaFile
1.59+2-0telephony/kamailio/Makefile
+2-01 files

OpenBSD/ports bTjLO0Nwww/anubis distinfo Makefile

by sthen on ⎇
   update to anubis-1.15.1

   only change is a fix for: "due to an incorrect logic change in a refactor.
   This allows an attacker to mint a valid access token by passing any SHA-256
   hash instead of one that matches the proof-of-work test"
VersionDeltaFile
1.3+2-2www/anubis/distinfo
1.3+1-1www/anubis/Makefile
+3-32 files

OpenBSD/ports MA13gzRnet/openvpn distinfo Makefile, net/openvpn/patches patch-src_openvpn_route_c patch-include_Makefile_in

by jca on ⎇
   MFC: SECURITY update to openvpn-2.6.14

   CVE-2025-2704: fix possible ASSERT() on OpenVPN servers
   using --tls-crypt-v2 Security scope
VersionDeltaFile
1.21.4.1+2-2net/openvpn/patches/patch-src_openvpn_route_c
1.65.2.1+2-2net/openvpn/distinfo
1.20.2.1+1-1net/openvpn/patches/patch-include_Makefile_in
1.25.2.1+1-1net/openvpn/patches/patch-src_openvpn_tun_c
1.129.2.1+1-1net/openvpn/Makefile
1.36.2.1+1-1net/openvpn/patches/patch-configure
+8-86 files

OpenBSD/ports lHuZiIunet/openvpn distinfo Makefile, net/openvpn/patches patch-configure patch-include_Makefile_in

by jca on ⎇
   SECURITY update to openvpn-2.6.14

   CVE-2025-2704: fix possible ASSERT() on OpenVPN servers
   using --tls-crypt-v2 Security scope
VersionDeltaFile
1.67+2-2net/openvpn/distinfo
1.133+1-1net/openvpn/Makefile
1.38+1-1net/openvpn/patches/patch-configure
1.22+1-1net/openvpn/patches/patch-include_Makefile_in
+5-54 files

OpenBSD/ports Hx96mcQgeo/gdal Makefile

by landry on ⎇
   geo/gdal: make sure geo/sfcgal is not picked it found at configure time

   i'll enable it post-release when updating to 3.10.3.
VersionDeltaFile
1.153+1-0geo/gdal/Makefile
+1-01 files

OpenBSD/ports r2sNzaPgraphics/gimp/snapshot distinfo Makefile, graphics/gimp/snapshot/patches patch-meson_build patch-tools_in-build-gimp_sh

by landry on ⎇
   graphics/gimp/snapshot: update to 3.0.2.

   see https://www.gimp.org/news/2025/03/16/gimp-3-0-released/
   and https://www.gimp.org/news/2025/03/23/gimp-3-0-2-released/

   better ship that in 7.7 than an rc3.
VersionDeltaFile
1.12+8-0graphics/gimp/snapshot/pkg/PLIST
1.8+2-2graphics/gimp/snapshot/distinfo
1.10+2-2graphics/gimp/snapshot/patches/patch-meson_build
1.32+1-2graphics/gimp/snapshot/Makefile
1.2+1-1graphics/gimp/snapshot/patches/patch-tools_in-build-gimp_sh
+14-75 files

OpenBSD/ports lztAqiWsecurity/libdigidocpp Makefile

by kn on ⎇
   drop obsolete build dependency on devel/xsd

   in last update to 4.1.0 upstream switched to libxml and xmlsec,
   back then I forgot to remove the line from our Makefile.
VersionDeltaFile
1.28+0-1security/libdigidocpp/Makefile
+0-11 files

OpenBSD/ports f0Q5151security/spiped distinfo Makefile

by jturner on ⎇
   Update spiped to 1.6.4

   Fixes a bug which can cause spiped to abort of a RST package arrives
   from one side of a pipe at the same time as a FIN packet arrives from
   the other end.
VersionDeltaFile
1.12+2-2security/spiped/distinfo
1.22+1-1security/spiped/Makefile
+3-32 files

OpenBSD/ports MCNwWelx11/xfce4/terminal Makefile

by naddy on ⎇
   x11/xfce4/terminal: correct dependency for local xsl file

   ok landry@
VersionDeltaFile
1.94+1-1x11/xfce4/terminal/Makefile
+1-11 files

OpenBSD/ports Cics8Jpwww/webkitgtk4 Makefile, www/webkitgtk4/patches patch-Source_WTF_wtf_PlatformEnable_h

by jca on ⎇
   Forcefully disable web assembly on riscv64, fixes the failure seen in 2.48.0

   ok ajacoutot@ (maintainer)
VersionDeltaFile
1.14+11-1www/webkitgtk4/patches/patch-Source_WTF_wtf_PlatformEnable_h
1.233+1-1www/webkitgtk4/Makefile
+12-22 files

OpenBSD/ports nzj6Dqesysutils/py-ansible-libssh Makefile distinfo, sysutils/py-ansible-libssh/pkg PLIST

by sthen on ⎇
   update py3-ansible-libssh to a git checkout baa2ab830d4 fixing issues
   including:

   - Copying >2048M file with scp.put results in the remote file becoming
   0 bytes and pylibssh fails with an exception

   - Intermittent SIGSEGV on consecutive ssh_channel.exec_command() invocations

   - When sftp.get requires reading two chunks, the last chunk overwrites
   earlier ones

   from Mikolaj Kucharski
   "I don't have comments" maintainer
VersionDeltaFile
1.3+12-6sysutils/py-ansible-libssh/pkg/PLIST
1.4+5-4sysutils/py-ansible-libssh/Makefile
1.2+2-2sysutils/py-ansible-libssh/distinfo
+19-123 files

OpenBSD/ports Zn6epdUdevel/py-typer Makefile

by tb on ⎇
   py3-typer: fix TDEP after shells/fish surgery

   pkglocatedb breakage reported by kevlo,
   tested by kevlo, looks sane to sthen
VersionDeltaFile
1.9+8-1devel/py-typer/Makefile
+8-11 files

OpenBSD/ports OfIS7wJdevel/got Makefile, devel/got/patches patch-lib_repository_c patch-gotd_session_write_c

by stsp on ⎇
   cherrypick a bunch of bug fixes from upstream got.git into devel/got

   The got.git repository contains several new features which are not ready
   to be released. However, some bugs were fixed and pulling these fixes
   into the devel/got port for the upcoming OpenBSD release seems desirable.

   - make got clone/fetch work against Git servers which do not speak English
   - got/gotwebd: fix use-after-free in match_packed_object()
   - gotd: add a missing malloc failure check to repo_write process
   - gotd: close file descriptors passed to gotd_imsg_compose_event() on failure
   - gotd: stop processing more messages upon error in gotd repo_write process
VersionDeltaFile
1.3+45-10devel/got/patches/patch-lib_repository_c
1.1+39-0devel/got/patches/patch-gotd_session_write_c
1.1+29-0devel/got/patches/patch-gotd_repo_write_c
1.1+23-0devel/got/patches/patch-libexec_got-fetch-pack_got-fetch-pack_c
1.1+20-0devel/got/patches/patch-gotd_session_read_c
1.128+1-0devel/got/Makefile
+157-106 files

OpenBSD/ports TZYjzwdmail/mozilla-thunderbird distinfo Makefile

by landry on ⎇
   mail/mozilla-thunderbird: MFC update to 128.9.0.

   see https://www.thunderbird.net/en-US/thunderbird/128.9.0esr/releasenotes/
   fixes https://www.mozilla.org/en-US/security/advisories/mfsa2025-24/
VersionDeltaFile
1.268.2.18+2-2mail/mozilla-thunderbird/distinfo
1.469.2.18+1-1mail/mozilla-thunderbird/Makefile
+3-32 files

OpenBSD/ports KywGv7umail/mozilla-thunderbird distinfo Makefile, mail/thunderbird-i18n distinfo Makefile.inc

by landry on ⎇
   mail/mozilla-thunderbird: update to 128.9.0.

   see https://www.thunderbird.net/en-US/thunderbird/128.9.0esr/releasenotes/
   fixes https://www.mozilla.org/en-US/security/advisories/mfsa2025-24/
VersionDeltaFile
1.271+132-132mail/thunderbird-i18n/distinfo
1.286+2-2mail/mozilla-thunderbird/distinfo
1.491+1-1mail/mozilla-thunderbird/Makefile
1.245+1-1mail/thunderbird-i18n/Makefile.inc
+136-1364 files

OpenBSD/ports AgwGFIgwww/mozilla-firefox Makefile distinfo, www/mozilla-firefox/patches patch-Cargo_toml patch-python_mozboot_mozboot_util_py

by landry on ⎇
   www/mozilla-firefox: MFC update to 137.0.

   see https://www.mozilla.org/en-US/firefox/137.0/releasenotes/
   fixes https://www.mozilla.org/en-US/security/advisories/mfsa2025-20/

   add patches to disable mtu lookup in quic pmtud implementation, since
   socket(AF_ROUTE) is forbidden by pledge. will be configurable in a
   future mtu crate release.

   revert dependency on rust 1.82, 1.81 is enough (and is the version we
   have in 7.6 anyway)
VersionDeltaFile
1.2.2.1+10-16www/mozilla-firefox/patches/patch-Cargo_toml
1.1.2.1+14-0www/mozilla-firefox/patches/patch-python_mozboot_mozboot_util_py
1.604.4.18+2-2www/mozilla-firefox/Makefile
1.341.2.19+2-2www/mozilla-firefox/distinfo
1.105.4.2+0-2www/mozilla-firefox/pkg/PLIST
1.1.2.2+1-1www/mozilla-firefox/patches/patch-js_moz_configure
+29-234 files not shown
+31-2610 files

OpenBSD/ports 3rpc9Arwww/firefox-i18n distinfo Makefile.inc, www/mozilla-firefox Makefile distinfo

by landry on ⎇
   www/mozilla-firefox: update to 137.0.

   see https://www.mozilla.org/en-US/firefox/137.0/releasenotes/
   fixes https://www.mozilla.org/en-US/security/advisories/mfsa2025-20/

   add patches to disable mtu lookup in quic pmtud implementation, since
   socket(AF_ROUTE) is forbidden by pledge. will be configurable in a
   future mtu crate release.
VersionDeltaFile
1.350+164-164www/firefox-i18n/distinfo
1.1+26-0www/mozilla-firefox/patches/patch-third_party_rust_neqo-transport_src_path_rs
1.1+7-0www/mozilla-firefox/patches/patch-third_party_rust_neqo-transport__cargo-checksum_json
1.627+3-3www/mozilla-firefox/Makefile
1.361+2-2www/mozilla-firefox/distinfo
1.305+1-1www/firefox-i18n/Makefile.inc
+203-1703 files not shown
+205-1739 files

OpenBSD/ports VK5gaJnwww/firefox-esr distinfo Makefile

by landry on ⎇
   www/firefox-esr: MFC update to 128.9.0.

   see https://www.mozilla.org/en-US/firefox/128.9.0/releasenotes/
   fixes https://www.mozilla.org/en-US/security/advisories/mfsa2025-22/
VersionDeltaFile
1.152.4.10+2-2www/firefox-esr/distinfo
1.228.4.10+1-1www/firefox-esr/Makefile
+3-32 files

OpenBSD/ports 1xkyzypwww/firefox-esr distinfo Makefile, www/firefox-esr-i18n distinfo Makefile.inc

by landry on ⎇
   www/firefox-esr: update to 128.9.0.

   see https://www.mozilla.org/en-US/firefox/128.9.0/releasenotes/
   fixes https://www.mozilla.org/en-US/security/advisories/mfsa2025-22/
VersionDeltaFile
1.160+162-162www/firefox-esr-i18n/distinfo
1.163+2-2www/firefox-esr/distinfo
1.243+1-1www/firefox-esr/Makefile
1.171+1-1www/firefox-esr-i18n/Makefile.inc
+166-1664 files

OpenBSD/ports O5IP7GNsysutils/p5-Data-Entropy Makefile distinfo

by bluhm on ⎇
   update p5-Data-Entropy to 0.008
   CVE 2025-1860
VersionDeltaFile
1.3+6-6sysutils/p5-Data-Entropy/Makefile
1.2+2-2sysutils/p5-Data-Entropy/distinfo
+8-82 files

OpenBSD/ports I2vfrT7editors/vim distinfo Makefile, editors/vim/patches patch-src_filepath_c patch-src_proto_eval_pro

by sthen on ⎇
   update to vim-9.1.1265
   revert the backout of bd4614f43d0e, now fixed upstream in 06774a271a7d
VersionDeltaFile
1.91+14-0editors/vim/pkg/PLIST-main
1.142+2-2editors/vim/distinfo
1.283+1-1editors/vim/Makefile
1.27+1-0editors/vim/pkg/PLIST-lang
1.2+0-0editors/vim/patches/patch-src_filepath_c
1.2+0-0editors/vim/patches/patch-src_proto_eval_pro
+18-32 files not shown
+18-38 files

OpenBSD/ports h8kOebBx11/xfce4/mousepad distinfo Makefile

by landry on ⎇
   x11/xfce4/mousepad: update to 0.6.5.

   see https://gitlab.xfce.org/apps/mousepad/-/tags/mousepad-0.6.5
VersionDeltaFile
1.26+2-2x11/xfce4/mousepad/distinfo
1.66+1-1x11/xfce4/mousepad/Makefile
+3-32 files

OpenBSD/ports rhhaRrhsecurity/nss distinfo Makefile

by landry on ⎇
   security/nss: update to 3.110

   see https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_110.html
VersionDeltaFile
1.154+2-2security/nss/distinfo
1.195+1-1security/nss/Makefile
+3-32 files

OpenBSD/ports rRGeb9Eeditors/qownnotes distinfo Makefile

by kevlo on ⎇
   Update qownnotes to 25.3.5
VersionDeltaFile
1.9+2-2editors/qownnotes/distinfo
1.9+1-1editors/qownnotes/Makefile
+3-32 files

OpenBSD/ports bkt139Gwww/yt-dlp distinfo Makefile, www/yt-dlp/patches patch-pyproject_toml

by tb on ⎇
   Update to yt-dlp 2024.03.31
VersionDeltaFile
1.43+9-6www/yt-dlp/pkg/PLIST
1.48+2-2www/yt-dlp/distinfo
1.5+1-1www/yt-dlp/patches/patch-pyproject_toml
1.56+1-1www/yt-dlp/Makefile
+13-104 files