OpenBSD/ports uPa5vlxaudio/gradio Makefile distinfo, audio/gradio/pkg PLIST

   Update to gradio 7.1.
   ok bcallah@

OpenBSD/ports KHHz1wQgraphics/cal3d Makefile

   gna.org was shutdown in Jan 2017 so update HOMEPAGE and MASTER_SITES.
   Maintainer timeout.
VersionDeltaFile
1.16+4-4graphics/cal3d/Makefile
+4-41 files

OpenBSD/ports MwXWcbpeditors/emacs Makefile

   Mark as BROKEN on arm, SIGILL when trying to use SIMD instructions

   We don't know yet why those instructions are used here, the best way
   forward might just be to support hardfp...
VersionDeltaFile
1.72+3-1editors/emacs/Makefile
+3-11 files

OpenBSD/src 2UklYiOshare/man/man9 bpf_mtap.9

   document bpfsattach and bpfsdetach
VersionDeltaFile
1.12+33-2share/man/man9/bpf_mtap.9
+33-21 files

OpenBSD/src 7R0m2yLsys/net bpf.c bpf.h

   add support for bpf on "subsystems", not just network interfaces

   bpf assumed that it was being unconditionally attached to network
   interfaces, and maintained a pointer to a struct ifnet *. this was
   mostly used to get at the name of the interface, which is how
   userland asks to be attached to a particular interface. this diff
   adds a pointer to the name and uses it instead of the interface
   pointer for these lookups. this in turn allows bpf to be attached
   to arbitrary subsystems in the kernel which just have to supply a
   name rather than an interface pointer. for example, bpf could be
   attached to pf_test so you can see what packets are about to be
   filtered. mpi@ is using this to look at usb transfers.

   bpf still uses the interface pointer for bpfwrite, and for enabling
   and disabling promisc. however, these are nopped out for subsystems.

   ok mpi@
VersionDeltaFile
1.166+54-38sys/net/bpf.c
1.63+3-1sys/net/bpf.h
1.36+2-1sys/net/bpfdesc.h
+59-403 files

OpenBSD/ports 8KSh8umdevel/gdb Makefile, devel/gdb/patches patch-gdb_armnbsd-nat_c

   Adapt to the recent changes in <arm/reg.h>

   Based on Mark's diff for base gdb.  ok kettenis@ pascal@ (maintainer)

OpenBSD/src tIhdBfQregress/sys/kern/mount Makefile

   Add a smarter test that opens a file, unlinks it, and remounts the
   file system read-only.  After unmounting this should result in a
   dirty file system that is not marked clean.  Disable both tests
   with dangling vnodes for now as they fail.
VersionDeltaFile
1.6+46-13regress/sys/kern/mount/Makefile
+46-131 files

OpenBSD/src WbtKvN8sys/netinet6 nd6_rtr.c

   The IPv6 gateway address passed to rt6_flush() comes either from a
   packet through ip6_input() or from the routing table.  In both cases
   the KAME hack has added the embeded scope to the address, so it is
   not necessary to fill the scope id again in rt6_flush().  Assert
   that it is already there.
   OK mpi@
VersionDeltaFile
1.166+3-3sys/netinet6/nd6_rtr.c
+3-31 files

OpenBSD/src XG1EELwshare/zoneinfo/datfiles europe asia

   Update to tzdata2018c from ftp.iana.org

OpenBSD/src ejh2EsZsys/netinet tcp_timer.c tcp_subr.c

   The TCP reaper timeout was still imlemented as soft timeout.  So
   it could run immediately and was not synchronized with the TCP
   timeouts, although that was the intension when it was introduced
   in revision 1.85.  Convert the reaper to an ordinary TCP timeout
   so it is scheduled on the same timeout thread after all timeouts
   have finished.  A net lock is not necessary as the process calling
   tcp_close() will not access the tcpcb after arming the reaper
   timeout.
   OK mikeb@

OpenBSD/src 17424bXsys/netinet tcp_timer.c

   Although it is a dead store here, always reassign the tcpcb after
   calling tcp_close(), tcp_drop(), and tcp_disconnect().  Then no
   freed memory can be used after closing a TCP connection.
   OK mikeb@ mpi@
VersionDeltaFile
1.61+2-2sys/netinet/tcp_timer.c
+2-21 files

OpenBSD/ports ku519D2lang/ghc Makefile

   Enable the build of lang/ghc again.
VersionDeltaFile
1.155+1-3lang/ghc/Makefile
+1-31 files

OpenBSD/src XliZcc9sys/netinet tcp_usrreq.c, sys/sys protosw.h

   Bring back the PRU_ATTACH constant and description.  Then trpt(8)
   prints the ATTACH action for TCP debugging socketes correctly.
   OK bluhm@
VersionDeltaFile
1.165+3-3sys/netinet/tcp_usrreq.c
1.31+3-2sys/sys/protosw.h
+6-52 files

OpenBSD/src 2ejPxKvsys/netinet tcp_debug.c tcp_debug.h, sys/sys protosw.h

   Fix printf(9) format strings so that a kernel with TCPDEBUG compiles.
   Mark the string variables with TCP debugging names as constant.
   OK mpi@

OpenBSD/src UMNCaBQusr.bin/ssh sshd.c

   Fix a logic bug in sshd_exchange_identification which prevented clients
   using major protocol version 2 from connecting to the server.
   ok millert@
VersionDeltaFile
1.503+2-2usr.bin/ssh/sshd.c
+2-21 files

OpenBSD/ports ezxCUbfwww/mozilla-firefox distinfo Makefile, www/mozilla-firefox/patches patch-build_moz_configure_rust_configure patch-old-configure

   MFC: update to firefox 58.0.

   See https://www.mozilla.org/en-US/firefox/58.0/releasenotes/
   Fixes https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/

   Add two ugly hacks to loosen the dependency or recent rust/nss we don't
   have in -stable.. somewhat gross, but it builds and runs.

   6.2 packages for i386 & amd64 at the usual place.

OpenBSD/ports VpEzIYLwww/firefox-esr distinfo Makefile

   MFC: update to firefox-esr 52.6.0.

   See https://www.mozilla.org/en-US/firefox/52.6.0/releasenotes/
   Fixes https://www.mozilla.org/en-US/security/advisories/mfsa2018-01/
   (spectre mitigations) and
   https://www.mozilla.org/en-US/security/advisories/mfsa2018-03/

   6.2 packages for i386 & amd64 at the usual place.
VersionDeltaFile
1.46.2.4+2-2www/firefox-esr/distinfo
1.64.2.4+2-2www/firefox-esr/Makefile
+4-42 files

OpenBSD/ports mPNm0Jawww/firefox-esr Makefile distinfo, www/firefox-esr-i18n distinfo Makefile.inc

OpenBSD/ports eMY0oALwww/mozilla-firefox/patches patch-layout_style_bindgen_toml_in

   Also remove this one, was merged upstream in #1341234

OpenBSD/ports yghxldbwww/firefox-i18n distinfo Makefile.inc, www/mozilla-firefox Makefile distinfo

   Update to firefox 58.0.

   See https://www.mozilla.org/en-US/firefox/58.0/releasenotes/
   Fixes https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/

   Remove rust/i386 related patch from #1401093, doesnt apply and i'm not
   really sure of the situation of rust on i386 anyway..
   Remove sndio-related patches from #1221580 (merged upstream)

OpenBSD/src ihAmxSousr.bin/ssh sshconnect.c

   Add missing braces; fixes 'write: Socket is not connected' error in ssh.
   ok deraadt@
VersionDeltaFile
1.292+3-2usr.bin/ssh/sshconnect.c
+3-21 files

OpenBSD/ports WR9MOzLsysutils/salt Makefile, sysutils/salt/pkg DESCR

   remove mentions of the RAET transport; development has been rather
   quiet in recent years and upstream confirmed raet development isn't
   pursued anymore.

   ok aja@
VersionDeltaFile
1.117+2-8sysutils/salt/Makefile
1.3+0-3sysutils/salt/pkg/DESCR
+2-112 files

OpenBSD/ports TRfkhsssysutils/salt Makefile

   add py-croniter to the list of optional dependencies; it can be used
   to write schedules with cron-like syntax
VersionDeltaFile
1.116+2-1sysutils/salt/Makefile
+2-11 files

OpenBSD/ports 3K8pFBEsysutils Makefile

   +py-croniter
   +py-croniter,python3
VersionDeltaFile
1.468+3-1sysutils/Makefile
+3-11 files

OpenBSD/ports p5eojCKsysutils/py-croniter Makefile distinfo, sysutils/py-croniter/pkg PLIST DESCR

   import py-croniter-0.3.20

   croniter provides iteration for the datetime object with a cron like
   format.

   ok aja@

OpenBSD/src V8H0imllib/libc/arch/sh/string ffs.S

   use END_STRONG.  Yes, everything in the sh ecosystem is different..
VersionDeltaFile
1.5+2-2lib/libc/arch/sh/string/ffs.S
+2-21 files

OpenBSD/ports vvX288Sdevel/appstream-glib Makefile distinfo

   Update to appstream-glib-0.7.5.

OpenBSD/ports KZIwtGrarchivers/gcab Makefile distinfo, archivers/gcab/pkg PLIST

   Update to gcab-1.0.

OpenBSD/xenocara Y8JZyJtapp/cwm screen.c

   Fix wins comparison declaration since it's unsigned from XQueryTree().
VersionDeltaFile
1.85+5-4app/cwm/screen.c
+5-41 files

OpenBSD/ports L92uJ9Rnet/cgo Makefile distinfo

   Update to cgo-20180123; note the change in some command letters.
   From Nils Reusse <n.reusse AT hxgn DOT net> -- Thanks!
VersionDeltaFile
1.9+3-3net/cgo/Makefile
1.7+2-2net/cgo/distinfo
+5-52 files

OpenBSD/xenocara Oo2Z3OLapp/cwm conf.c calmwm.h

   Generate name_to_func[] in a clean and readable fashion.
VersionDeltaFile
1.238+106-142app/cwm/conf.c
1.352+10-2app/cwm/calmwm.h
+116-1442 files

OpenBSD/ports 4lrZkTywww/squid Makefile, www/squid/patches patch-src_esi_CustomParser_cc patch-src_client_side_request_cc

   http://www.squid-cache.org/Advisories/SQUID-2018_1.txt

    Due to incorrect pointer handling Squid is vulnerable to denial
    of service attack when processing ESI responses.

    This problem allows a remote server delivering certain ESI
    response syntax to trigger a denial of service for all clients
    accessing the Squid service.

   http://www.squid-cache.org/Advisories/SQUID-2018_2.txt

    Due to incorrect pointer handling Squid is vulnerable to denial
    of service attack when processing ESI responses or downloading
    intermediate CA certificates.

    This problem allows a remote client delivering certain HTTP
    requests in conjunction with certain trusted server responses to
    trigger a denial of service for all clients accessing the Squid
    service.

OpenBSD/ports 3FqW50bwww/squid Makefile, www/squid/patches patch-src_esi_CustomParser_cc patch-src_client_side_request_cc

   http://www.squid-cache.org/Advisories/SQUID-2018_1.txt

    Due to incorrect pointer handling Squid is vulnerable to denial
    of service attack when processing ESI responses.

    This problem allows a remote server delivering certain ESI
    response syntax to trigger a denial of service for all clients
    accessing the Squid service.

   http://www.squid-cache.org/Advisories/SQUID-2018_2.txt

    Due to incorrect pointer handling Squid is vulnerable to denial
    of service attack when processing ESI responses or downloading
    intermediate CA certificates.

    This problem allows a remote client delivering certain HTTP
    requests in conjunction with certain trusted server responses to
    trigger a denial of service for all clients accessing the Squid
    service.

OpenBSD/src nnsZfM1sys/arch/loongson/loongson loongson3_intr.c, sys/arch/octeon/dev octciu.c octcit.c

   Always lock the kernel lock with non-MP-safe interrupt handlers.

   Suggested by kettenis@

OpenBSD/ports Ntrs1vSgeo/qgis Makefile distinfo, geo/qgis/pkg PLIST

   Bugfix update to QGIS 2.18.16.
VersionDeltaFile
1.81+4-4geo/qgis/Makefile
1.41+2-2geo/qgis/distinfo
1.35+2-1geo/qgis/pkg/PLIST
+8-73 files

OpenBSD/ports u839LWfsecurity/gnupg2 Makefile distinfo

   Update to 2.2.4
   ok jca@ gsoares@

OpenBSD/ports 59Ylpi3security/gnupg/patches patch-mpi_longlong_h

   Drop unneeded casts in inline asm to fix the build with clang on armv7

   Fix from Markus Hennecke (thanks!), similar changes available in
   upstream libgcrypt.

OpenBSD/xenocara ODu3oewapp/cwm search.c

   Shrink tier[] by one after removing matchname in r1.55.
VersionDeltaFile
1.68+4-7app/cwm/search.c
+4-71 files

OpenBSD/xenocara O38NN4Tapp/cwm group.c

   If the requested group number is invalid, bail but don't kill cwm.
VersionDeltaFile
1.128+4-4app/cwm/group.c
+4-41 files

OpenBSD/src IO4dJpqgnu/usr.bin/binutils/gdb armnbsd-nat.c, sys/arch/arm/include reg.h

   Revise 'struct fpreg' such that it can actually represent the full VFPv3-D32
   state.

   ok patrick@

OpenBSD/ports zbmr6ejsecurity/libassuan Makefile, security/libassuan/pkg DESCR

   Assorted libassuan tweaks

   - add HOMEPAGE
   - drop unneeded dep on intltool/gettext-tools
   - don't force -fPIC, libtool adds it for objects in shared libs
   - tweaks DESCR, the extra comma looked weird
   - move EXTRACT_SUFX below MASTER_SITES, as per Makefile.template

   "fine with me" jasper@

OpenBSD/ports jwasuOydevel/glib2 Makefile, devel/glib2/patches patch-kqueue_fix patch-gio_tests_file_c

   GIO kqueue(2) backend redesign.

   - Stop using a socketpair(2) to communicate between two threads of
     the same process.

   - Call kevent() in non-blocking mode such that it can be integrated
     in the poller thread of glib.

   - Use glib's abstraction to poll(2) the kqueue instead of adding it
     to itself Oo.

   - Remove the secondary thread, the associated global hash table, its
     broken locking and a lot of abstraction.

   - Properly refcount sources.

   /!\ This backend is still not generating the events Glib is expecting.

   Please report any problem such that this can be pushed upstream.

   ok ajacoutot@

OpenBSD/src lwXHNwCsys/dev/rasops rasops.c

   Fix underline rotation on CCW (quarter counter-clockwise) rotated
   screens.

   The "underline" was actually drawn above text.

   OK jcs@
VersionDeltaFile
1.50+3-1sys/dev/rasops/rasops.c
+3-11 files

OpenBSD/ports rj1mrJ2net/libmaxminddb Makefile distinfo, net/libmaxminddb/patches patch-src_maxminddb_c patch-include_maxminddb_h

   Update libmaxminddb to 1.3.2.

OpenBSD/ports IVqq8Lztextproc/p5-Text-CSV-Hashify Makefile distinfo

   update to p5-Text-CSV-Hashify 0.10 from maintainer, adds support for gzip
   and tab/pipe-separated input.

OpenBSD/src ha9unLCgames/bcd bcd.c

   Fix table wrt missing element and `, detailed analysis and diff from
   David Fifield; ok tb@
VersionDeltaFile
1.26+18-18games/bcd/bcd.c
+18-181 files

OpenBSD/ports Uz2a3Mtgraphics/drawpile Makefile distinfo, graphics/drawpile/pkg PLIST

   Update to drawpile-2.0.6

OpenBSD/src 6kxtuf5usr.bin/ssh ssh-dss.c compat.c

   Drop compatibility hacks for some ancient SSH implementations, including
   ssh.com <=2.* and OpenSSH <= 3.*.

   These versions were all released in or before 2001 and predate the
   final SSH RFCs. The hacks in question aren't necessary for RFC-
   compliant SSH implementations.

   ok markus@

OpenBSD/src JpUpjxDusr.bin/ssh sshconnect.c

   try harder to preserve errno during ssh_connect_direct() to make the
   final error message possibly accurate; bz#2814, ok dtucker@
VersionDeltaFile
1.290+12-5usr.bin/ssh/sshconnect.c
+12-51 files

OpenBSD/ports liQQInsx11/worker Makefile distinfo, x11/worker/pkg PLIST

   Update to worker-3.15.0
   Changelog: http://www.boomerangsworld.de/cms/worker/news.html
VersionDeltaFile
1.10+4-1x11/worker/pkg/PLIST
1.32+2-2x11/worker/Makefile
1.20+2-2x11/worker/distinfo
+8-53 files