There has been a significant change to the behaviour of sysupgrade(8):

CVSROOT:	/cvs
Module name:	src
Changes by:	florian@cvs.openbsd.org	2024/09/24 01:33:35

Modified files:
	usr.sbin/sysupgrade: sysupgrade.8 sysupgrade.sh 

Log message:
Remove -r toggle and generally be less smart.

The default is to install the next release. Snapshots are only
installed when invoked with -s.

Theo de Raadt (deraadt@) updated the version of OpenBSD -current to "7.6-current".

Those running the latest-and-greatest [via a sufficiently new snapshot or built from source] no longer need to use "-D snap" with pkg_add(1) (and pkg_info(1)).

Our favorite operating system is now changing the default shell (ksh) to enforce not allowing invalid NUL characters in input that will be parsed as parts of the script.

The commit message reads,

List:       openbsd-cvs
Subject:    CVS: cvs.openbsd.org: src
From:       Theo de Raadt <deraadt () cvs ! openbsd ! org>
Date:       2024-09-23 21:18:33

CVSROOT:	/cvs
Module name:	src
Changes by:	deraadt@cvs.openbsd.org	2024/09/23 15:18:33

Modified files:
	bin/ksh        : shf.c 

Log message:
If during parsing lines in the script, ksh finds a NUL byte on the
line, it should abort ("syntax error: NUL byte unexpected").  There
appears to be one piece of software which is misinterpreting guidance
of this, and trying to depend upon embedded NUL.  During research,
every shell we tested has one or more cases where a NUL byte in the
input or inside variable contents will create divergent behaviour from
other shells.  (ie. gets converted to a space, is silently skipped, or
aborts script parsing or later execution).  All the shells are written
in C, and majority of them use C strings for everything, which means
they cannot embed a NUL, so this is not surprising.  It is quite
unbelievable there are people trying to rewrite history on a lark, and
expecting the world to follow alone.

EuroBSDCon 2024 [in Dublin, Ireland] has now ended, and slides for many of the OpenBSD developer presentations are now available in the usual place.

Video of the individual presentations can be expected somewhat later. In the meantime, OpenBSD-related presentations [including those from non-developers] can be found in the recordings of the "Foyer B" streams.

In addition, there was a full day PF tutorial with some updates to the publicly available slides.

Sebastian Benoit (benno@) announced the release of version 9.3 of rpki-client, the essential component for routing security.

See the full announcement for further details.

Key excerpts from the release announcement:

In a fediverse post, Damien Miller (djm@) announced the availability of the new OpenSSH version 9.9:

OpenSSH 9.9 has just been released. New features include support for hybrid ML-KEM X25519 post-quantum key exchange (using a formally-verified ML-KEM implementation), improved controls to drop and penalise unwanted connections, faster NTRUPrime key exchange code and more.

Claudio Jeker (claudio@) announced the release of version 8.6 of OpenBGPD, the OpenBSD project's Border Gateway Protocol (BGP) daemon:

We have released OpenBGPD 8.6, which will be arriving in the
OpenBGPD directory of your local OpenBSD mirror soon.

This release includes the following changes to the previous release:

The OpenBSD 7.6 release cycle is entering its final phases…

With the following commit, Theo de Raadt (deraadt@) moved -current to version 7.6:

CVSROOT:	/cvs
Module name:	src
Changes by:	deraadt@cvs.openbsd.org	2024/09/17 07:39:17

Modified files:
	sys/conf       : newvers.sh 

Log message:
head into release

For those unfamiliar with the process: this is not the 7.6 release, but is part of the standard build-up to the release.

Remember: It's time to start using "-D snap" with pkg_add(1) (and pkg_info(1)).

(Regular readers will know what comes next…)
This serves as an excellent reminder to upgrade snapshots frequently, test both base and ports, and report problems [plus, of course, donate!].

Version 0.103 of Game of Trees has been released (and the port updated).

* got 0.103; 2024-09-24
  see git repository history for per-change authorship information
- fix bug causing performance to degrade as more and more pack files appear
- tog: add diff view 'p' keymap to write the diff to file
- tog: display diffstat in diff view when diffing blobs or trees directly
- gotwebd: show commit id prefix on briefs page
- add support for HMAC digests to gotd HTTP notifications
- move authentication credentials from gotd.conf(5) to gotd-secrets.conf(5)
- fix spurious tog regression test failures on slower machines
- restore abort() calls in lib/hash.c to quiet potential compiler warnings
- gotwebd: unbreak listing of tags on the summary page (regression from 0.102)
- gotwebd: minor tweaks to the HTML for ease of styling