Theo de Raadt (deraadt@) posted to tech@ regarding restrictions on the addresses from which system calls can be made.

In addition to providing background, the post contains information (and a patch) for an imminent change - the introduction of a new syscall, pinsyscalls(2) [link not working at the time of writing because change not yet committed], which specifies the addresses from which individual system calls are permitted.

pinsyscalls(2) will be called only from the shared library linker, ld.so(1).

Version 0.95 of Game of Trees has been released (and the port updated):

* got 0.95; 2023-12-08
  see git repository history for per-change authorship information

Otto Moerbeek (otto@), the author of OpenBSD's malloc(3) implementation, has comitted another great feature - backtraces for leak detection:

CVSROOT:	/cvs
Module name:	src
Changes by:	otto@cvs.openbsd.org	2023/12/04 00:01:45

Modified files:
	lib/libc/stdlib: malloc.3 malloc.c 

Log message:
Save backtraces to show in leak dump. Depth of backtrace set by
malloc option D (aka 1), 2, 3 or 4.  No performance impact if not
used.  ok asou@

Otto's original message to tech@ includes an example use of the feature.

Version 0.94 of Game of Trees has been released (and the port updated):

* got 0.94; 2023-11-29
  see git repository history for per-change authorship information

Tobias Heider (tobhe@) has announced the release of version 7.3 of OpenIKED:

We have released OpenIKED 7.3, which will be arriving in the OpenIKED
directory of your local OpenBSD mirror soon.

Omar Polo (op@) has announced the release of version 7.4.0p1 of OpenSMTPD.

It is a bugfix release.

In a long series of commits, Robert Nagy (robert@) updated clang(1)/llvm in -current to version 16:

CVSROOT:	/cvs
Module name:	src
Changes by:	robert@cvs.openbsd.org	2023/11/11 11:01:31

Log message:
    import of llvm from LLVM 16.0.6
    
    Status:
    
    Vendor Tag:	LLVM
    Release Tags:	LLVM_16_0_6
    
    U src/gnu/llvm/llvm/.clang-format
    U src/gnu/llvm/llvm/.clang-tidy
    U src/gnu/llvm/llvm/.gitattributes
[…]
    U src/gnu/llvm/llvm/utils/vscode/llvm/syntaxes/ll.tmLanguage.yaml
    U src/gnu/llvm/llvm/utils/yaml-bench/CMakeLists.txt
    U src/gnu/llvm/llvm/utils/yaml-bench/YAMLBench.cpp
    
    67 conflicts created by this import.
    Use the following command to help the merge:
    
    cvs checkout -jLLVM:yesterday -jLLVM src/gnu/llvm/llvm

Naturally, this has involved supporting work elsewhere in base, and in ports.

A new stable release of LibreSSL is out, and should be arriving on a mirror near you shortly.

Brent Cook (bcook@)'s announcement reads:

We have released LibreSSL 3.8.2, which will be arriving in the
LibreSSL directory of your local OpenBSD mirror soon. This is the
first stable release for the 3.8.x branch, also available with OpenBSD 7.4

Theo de Raadt (deraadt@) posted to tech@ a message entitled disruptive amd64 snapshot coming. It reads:

There is a pretty disruptive amd64 snapshot coming, so anyone who is
using snapshots for critical stuff should take a pause.  (This warning
about a development step is unusual, I won't make it common practice).

Of course, on non-critical amd64 systems running snapshots, this is a good opportunity to test (and report any problems).