wg-userspace(8): Drop <4-byte UDP packets immediately.
Same as the kernel already does. Add an assertion into
wg_receive_packets about this and a couple comments cross-referencing
wg_overudp_cb and wg_receive_packets.
And, while here, as a precaution in case the
inpcb_register_overudp_cb mechanism ever breaks down or gets
refactored, make wg_receive_packets drop <4-byte packets too -- this
path should be hit only when handling handshake packets, so adding
another predicted-not-taken branch here should cost essentially
nothing.
PR bin/60392: assertion "mbuflen >= sizeof(struct wg_msg)" failed
rescue/ldd: Add a couple new symbols for recent rtld changes.
Should fix:
# link rescue/rescue
...
/tmp/build/2026.07.01.20.39.44-i386/tools/lib/gcc/i486--netbsdelf/14.3.0/../../../../i486--netbsdelf/bin/ld: /tmp/build/2026.07.01.20.39.44-i386/obj/usr.bin/ldd/elf32/libldd_elf32.a(load.o): in function `_rtld_load_object':
load.c:(.text+0x23b): undefined reference to `_rtld_objgen'
/tmp/build/2026.07.01.20.39.44-i386/tools/lib/gcc/i486--netbsdelf/14.3.0/../../../../i486--netbsdelf/bin/ld: load.c:(.text+0x256): undefined reference to `_rtld_objrelocpending'
PR lib/59751: dlclose is not MT-safe depending on the libraries
unloaded
libevent: update to 2.1.13.
Fix pkglint while here.
Changes in version 2.1.13-stable (01 July 2026)
This release contains several security fixes, affecting users of the
following modules: evbuffer, bufferevent, evtag, evrpc, evdns, evhttp.
If you have a program that uses one of those modules,
or if you distribute libevent, you should upgrade.
Additionally, this release backports some small modernizations to
the libevent codebase, to aid in compiling with the compilers
released over the last few years.
Security Fixes (evtag, evrpc):
- Fix an out-of-bounds read in decode_tag_internal.
(Found by @Brubbish. GHSA-fj29-64w6-73h6)
- Fix an integer overflow in evtag_unmarshal_header.
[33 lines not shown]
ld.elf_so(1): Bump _rtld_objgen when changing, not reading, objlist.
Prompted by:
PR lib/59751: dlclose is not MT-safe depending on the libraries
unloaded
ld.elf_so(1): Resolve several races in dlopen/dlclose.
This is difficult because, although rtld generally has a single
exclusive lock, i.e., generally runs single-threaded itself, it can't
hold this lock while calling constructors/destructors (init/fini or
ifunc) -- if it did, then, for example, lazy symbol binding that
happens during the constructor/destructor would deadlock against
itself.
And whenever rtld drops the lock to call constructors/destructors,
any objects it is working on, during dlopen or dlclose, might have
been concurrently closed and invalidated by the time it gets the lock
again.
The key point is that anywhere we pass a sigset_t *mask parameter
during dlopen or dlclose, we might release the rtld lock to sleep and
then reacquire the lock. And anywhere we might release and reacquire
the lock, any objects we hold may be invalidated -- unless we hold some
reference to prevent invalidation. And any object we find in the list
[129 lines not shown]
sdmmc: remove unused cmd fields
c_dmaseg and c_dmaoff are only written using memset(&cmd, 0) when
constructing a command, so they always assume a constant value and can be
removed.