www/nginx-devel: Update to 1.31.2
Changes with nginx 1.31.2 17 Jun
2026
*) Security: use-after-free might occur when using HTTP/3 and
processing
a specially crafted QUIC session, allowing an attacker to cause
worker process memory corruption or segmentation fault in a
worker
process (CVE-2026-42530).
Thanks to Trung Nguyen of CyStack.
*) Security: a heap memory buffer overflow might occur in a worker
process when using a configuration with "ignore_invalid_headers
off;"
and "large_client_header_buffers" with large configured values
when
proxying a specially crafted request to HTTP/2 or gRPC backend,
[28 lines not shown]
virtio_net: Use bus_dma for command/ack buffers
While the majority of virtio platforms will be fully coherent, some may
require cache maintenance or other specific device memory handling (eg for
secure partitioning). Using bus_dma allows for these usecases.
The virtio buffers are marked as coherent; this should ensure that sync
calls are no-ops in the common cases.
Reviewed by: andrew
Sponsored by: Arm Ltd
Differential Revision: https://reviews.freebsd.org/D55564
virtio_net: Use bus_dma for rxq/txq buffers
While the majority of virtio platforms will be fully coherent, some may
require cache maintenance or other specific device memory handling (eg for
secure partitioning). Using bus_dma allows for these usecases.
The virtio buffers are marked as coherent; this should ensure that sync
calls are no-ops in the common cases.
Reviewed by: andrew
Sponsored by: Arm Ltd
Differential Revision: https://reviews.freebsd.org/D55492
www/nginx: Update to 1.30.3
Changes with nginx 1.30.3 17 Jun
2026
*) Security: a heap memory buffer overflow might occur in a worker
process when using a configuration with "ignore_invalid_headers
off;"
and "large_client_header_buffers" with large configured values
when
proxying a specially crafted request to HTTP/2 or gRPC backend,
allowing an attacker to cause worker process memory corruption or
segmentation fault in a worker process (CVE-2026-42055).
Thanks to Mufeed VH of Winfunc Research.
*) Security: a heap memory buffer overread might occur in a worker
process while handling a specially sent response with decoding
from
UTF-8 via the "charset_map" directive, allowing an attacker to
[7 lines not shown]
documentation: Remove sectnumlevels
Asciidoctor documentation says sectnumlevels from 0-5 are accepted.
Since every chapter sets this value to 6, it is not being parsed and
does not do anything.
Reviewed by: aokblast
Fixes: bdf18a045832 ("handbook: Remove sectnumlevels")
Differential Revision: https://reviews.freebsd.org/D57646
nfs_nfsdserv.c: Fix setting of birthtime for some ZFS pools
Some ZFS pools do not support va_birthtime and will return
EINVAL when a VOP_SETATTR() of it is attempted. The MacOS
NFSv4 client sets va_birthtime (TimeCreate) in the same
Setattr with ctime/mtime and other attributes after a new
file is created. The EINVAL failure leaves these new files
messed up (mode == 0).
This patch pretends the setting of TimeCreate succeeded if
ctime/mtime were also set in the same Setattr RPC, which
resolves the problem for the MacOS client.
If this fix is not sufficient, a new pathconf name to detect
if a file system supports birthtime may be needed.
PR: 296066
Tested by: Will <freebsd.geography231 at slmails.com>
MFC after: 2 weeks
arm64: Add an initial GICv5 ITS driver
Add a driver to support the GICv5 interrupt translation service (ITS).
The ITS is responsible to handling ITS events & translating them to an
interrupt to be delivered to the interrupt routing service (IRS).
An example event is a MSI or MSI-X is delivered. The ITS will generate
an LPI depending on which device sent the interrupt and the value the
device wrote.
This is a similar concept to the GICv3 ITS, however the implementation
details are different so it needs a new driver.
Sponsored by: Arm Ltd
Differential Revision: https://reviews.freebsd.org/D54251
arm64: Add an initial GICv5 IWB driver
Add a driver to support the GICv5 interrupt wire bridge (IWB). The IWB
translates the change in state of an input wire and sends a MSI to
the interrupt translation service (ITS) to be translated to an LPI.
Unlike other MSI sources each wire has a fixed Event ID value it will
write in the MSI data.
Sponsored by: Arm Ltd
Differential Revision: https://reviews.freebsd.org/D54252
arm64: Add FEAT_ALWAYS_ENABLE to cpu_feat
A use for it has been found in the GICv5 driver where we need to read
the Interrupt Affinity ID early in the boot on the secondary CPUs.
Sponsored by: Arm Ltd
Differential Revision: https://reviews.freebsd.org/D54249
arm64: Add an initial GICv5 driver
Add an initial driver for the GICv5 interrupt controller.
This provides host-only support for the GICv5 interrupt controller. It
is specified in the ARM-AES-0070 document & based on version 00eac0.
In the GICv5 there are 3 interrupt spaces: PPI, SPI, and LPI. Unlike
previous interrupt controllers they don't share a single interrupt
ID range, so PPI IRQ 1 and SPI IRQ 1 are different interrupts. There
is a common irqsrc stricture that encodes this information as it is
common across the interrupt types.
Unlike previous GIC versions there are no software generated interrupts
that can target a configurable collection of CPUs. These have been
replaced with LPIs, where each CPU will have one allocated for each
IPI type.
This driver handles the CPU interface and interrupt routing service
[6 lines not shown]
arm64: Support building sys/sysl instructions
Add support to build system instructions from a macro. These are based
on the existing support for msr/mrs instructions with adjustments for
the different instruction format.
Sponsored by: Arm Ltd
Differential Revision: https://reviews.freebsd.org/D57017
java/openjdk8: fix build on aarch64/16
>>> Compiling /wrkdirs/usr/ports/java/openjdk8/work/jdk8u-jdk8u482-b08.1/hotspot/src/os/bsd/vm/os_perf_bsd.cpp
>>> In file included from /wrkdirs/usr/ports/java/openjdk8/work/jdk8u-jdk8u482-b08.1/hotspot/src/os/bsd/vm/os_perf_bsd.cpp:67:
>>> In file included from /usr/include/sys/user.h:52:
>>> In file included from /usr/include/vm/pmap.h:88:
>>> In file included from /usr/include/machine/pmap.h:46:
>>> In file included from /usr/include/sys/systm.h:46:
>>> /usr/include/machine/cpufunc.h:35:1: error: static declaration of 'breakpoint' follows non-static declaration
>>> 35 | breakpoint(void)
>>> | ^
>>> /wrkdirs/usr/ports/java/openjdk8/work/jdk8u-jdk8u482-b08.1/hotspot/src/share/vm/utilities/globalDefinitions_gcc.hpp:224:17: note: previous declaration is here
>>> 224 | extern "C" void breakpoint();
>>> | ^
>>> 1 error generated.
I don't know why this does not happen on other architectures or freebsd versions.
- changed post-patch to pre-configure, this makes it a lot easier to use "make makepatch".
[2 lines not shown]
