BSD Commit Log Search

net/nats-surveyor: Update to 0.9.10

net/nats-nsc: Update to 2.15.0

net/nats-server: Update to 2.14.2

devel/toomanycooks: New port - C++20 concurrency framework

Sponsored by:   tipi.work

lang/gnat1?: gettext is always required

Ignore the portlint warning and always depends on gettext.
(See PR 277508)

PR:             295966
Reported by:    Robert William Vesterman

elf_common: Add FDO package metadata note type

Reviewed by:    fuz
Sponsored by:   The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D57525

crypto/openssl: update artifacts to match 3.5.7 release

MFC after:      3 days
MFC with:       1523ccfd9

MFV: openssl 3.5.7

This change is a security release which resolves several issues with OpenSSL 3.5,
the highest severity issue being ranked "High". Users are strongly encouraged to
update to this release.

More information about the release (from a high level) can be found in
the release notes [1].

1. https://github.com/openssl/openssl/blob/openssl-3.5.7/NEWS.md

All conflicts were resolved with `--theirs`, taking the release diff
over the local diff; the conflicts occurred due to preemptive security
fixes applied by so@ in e508c343.

MFC after:      3 days (the important security issues have been
preemptively addressed)
Merge commit '3a71a35ad9dad0e5d2cad8efecc8ba9d57c42d43'


    [6 lines not shown]

net/ovhcloud-cli: update to 0.12.0

Changes: https://github.com/ovh/ovhcloud-cli/releases/tag/v0.12.0

www/linux-freetube: Update to 0.24.1.b

ChangeLog:      https://github.com/FreeTubeApp/FreeTube/releases/tag/v0.24.1-beta
Reported by:    efb4f5ff-1298-471a-8973-3d47447115dc <notifications at github.com>

powerpc/booke: Add watchdog driver

The Book-E watchdog is effectively a state machine based around an AND
mask of the timebase register.  A single bit (0-63) is watched in the
timebase register, and when it transitions (by counting *or* by
programmatically setting) an exception is triggered.  The first
exception triggers a core interrupt.  The second is programmable.
In our case, we panic on the first and reset on second.

watchdog: Fix a couple type issues

* Force the type of the literal `1` passed to nstosbt() to ensure it's a
  64-bit type (or larger).  Otherwise it gets inconveniently typed to
  int, resulting in truncation.
* Use `flsll()` when converting sbt to power-of-2-nanoseconds to fix
  32-bit compatibility.

PR:             292616
Obtained from:  Hewlett Packard Enterprise
Fixes:  26d6617f3 ("watchdog: Convert to using sbintime_t format")
MFC after:      3 days

ppp: Reject FSM messages whose length is smaller than the message header

PR:             271843
Reported by:    Robert Morris <rtm at lcs.mit.edu>
Reviewed by:    des, emaste
Differential Revision:  https://reviews.freebsd.org/D57139

ppp: Permit CHAP challenges up to 255 bytes

RFC 1994 does not place any limit on the length of the value field in
challenge messages except that the length is a single octet which
bounds the maximum length to 255.

NB: I'm not sure why the local[] and peer[] arrays contain room for an
authentication name (AUTHLEN) in addition to a challenge value/response,
but I've just left that in place.

PR:             271955
Reported by:    Robert Morris <rtm at lcs.mit.edu>
Reviewed by:    des
Differential Revision:  https://reviews.freebsd.org/D57138

ppp: Don't fetch a non-existent variadic argument

Only fetch the optional mode argument to ID0open to pass to open(2) if
O_CREAT is present in the flags argument.  It is UB to fetch an
argument that doesn't exist.  On CHERI this UB results in a fault.

Reviewed by:    brooks
Obtained from:  CheriBSD
Sponsored by:   AFRL, DARPA
Differential Revision:  https://reviews.freebsd.org/D57137

cd9660: Don't parse RRIP records whose length overflows the sector boundary

PR:             272896
Reported by:    Robert Morris <rtm at lcs.mit.edu>
Reviewed by:    des, emaste
Differential Revision:  https://reviews.freebsd.org/D57135

mii: Fix SMSC name

The LAN8700 / LAN8710 PHYs were Standard Microsystems Corporation (SMSC)
parts.  I presume SMC was chosen as an abbreviation, but the company
always used SMSC as its short name.

SMSC was acquired by Microchip in 2012.  I kept the pre-acquisition
name, as NetBSD (from where we obtained miidevs) uses SMSC.

Reviewed by:    adrian
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D56819

(cherry picked from commit 89c883c09ab5e0fdca7ac5dfe74fcc46b7669eb5)

linuxkpi: Make pm_qos.h self-contained

Include <linux/types.h> for `false`.  This is needed by amdgpu somewhere
between Linux 6.12 and 6.15.

Reviewed by:    Minsoo Choo <minsoo at minsoo.io>, bz
Sponsored by:   The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D57415

(cherry picked from commit 67df313015906d84d90df8e37795885e81cf8da5)

xinstall: Do not allow -l and -s together

Cannot strip the target if creating a link.

Reviewed by:    des
Sponsored by:   The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D57398

(cherry picked from commit 521afce6a859c1d7ac9674e8f21ff45418becaf5)

install.1: Convert link flags to a table

The five link flags get lost in prose.

Reviewed by:    ziaee
Sponsored by:   The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D57418

(cherry picked from commit 248dd56d2dea03e4723e8225b890d02fcc10973f)

xinstall: Add test for -d -s not allowed together

Reviewed by:    des
Sponsored by:   The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D57403

(cherry picked from commit 4908bea5b7f5de70032e201e718958ef40bc3b03)

install.1: Document options incompatible with -s

Reported by:    des
Reviewed by:    ziaee
Sponsored by:   The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D57409

(cherry picked from commit b49021b49a78ca6a9e3a1a59c5aa6f2fec503afb)

www/iridium: update to 2026.06.149.1

www/c-icap: update 0.6.4 -> 0.6.5

Changelog: https://sourceforge.net/p/c-icap/news/2026/06/the-c-icap-065-is-released/

Major changes:
    - Fixes some out-of-bounds reads and writes
    - TLS read/write operations may aborted and
      return error because of an interrupted system call.

security/vuxml: Document p5-ack vulnerabilities

misc/p5-Business-ISBN-Data: update 20260523.001 -> 20260604.001

Changelog: https://metacpan.org/dist/Business-ISBN-Data/changes

Port changes: Update TEST_DEPENDS to pass all the tests

textproc/p5-ack: update 3.9.0 -> 3.10.0

Changelog: https://metacpan.org/dist/ack/changes

Security:       CVE-2026-49147
Security:       CVE-2026-49146
Security:       CVE-2026-49145

archivers/p5-Archive-Tar: update 3.10 -> 3.12

Changelog: https://metacpan.org/dist/Archive-Tar/changes

Major changes:
    - Allow '..' links in secure extract in parent path for
      symlinks and hardlinks

Port changes:
    - Update TEST_TEPENDS to pass all the tests

hcreate(3): fix incorrect claim that hdestroy frees keys

The man page incorrectly stated that hdestroy() calls free(3) for
each comparison key. The implementation (hdestroy_r.c) only frees
the internal table structure, not the user-provided keys or data.
This matches POSIX, which says hdestroy "shall dispose of the
search table" without mentioning key deallocation.

Update the description to clarify that the caller is responsible
for freeing any memory associated with table entries.

PR: 291240
Signed-off-by: Kit Dallege <xaum.io at gmail.com>
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/2095

mail(1): fix temporary file path in FILES section

The FILES section listed /tmp/R* but the source code uses
/tmp/mail.R* (e.g. mail.RsXXXXXXXXXX, mail.ReXXXXXXXXXX,
mail.RxXXXXXXXXXX) as the mkstemp template prefix.

PR: 289980
Signed-off-by: Kit Dallege <xaum.io at gmail.com>
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/2103