BSD Commit Log Search

   gtkwave: fix build on Darwin + cleanup

   risc-v: add support for allwinner,sun20i-d1-mmc

   From Rui-Xiang Guo via port-riscv

   risc-v: handle T-Head L1 caches

   Provide and use hooks for L1 cache operations on the T-Head processors.

   Re-worked from diffs provided by Rui-Xiang Guo via port-riscv.

   sunxi: support allwinner,sun20i-d1-wdt

   From Rui-Xiang Guo via port-riscv

   lint: in _Generic expressions, only evaluate the matching branches

   regen

   add korg as a vendor, two of their synths, and an amd root hub.

   add SigmaChip vendor and their usb mouse device.

   No need for an informational printf to flagged as an error.

   From Denis Ahrens.

   Build m68k/m68k/trap_subr.s as a standalone file, remove yet more
   boilerplate from each m68k platform's locore.s

   Remove the last vestigal remains of the simulated software interrupt
   register, or "ssir".  The NetBSD kernel long ago adopted a software
   interrupt thread model along with a "fast software interrupts" mechanism
   that m68k platforms do not (yet) implement, but a few m68k platforms
   were still consuling an "ssir" variable in the return from every exception
   that nothing ever set.

   This cleanup paves the way for futher consolidation of m68k trap handling
   code in future commits.

   splx() is defined to return (void).  Use _spl() directly here instead.

   "overtaken" is actually more widespread than "overcome" by events

py-homeassistant: Rototill for NetBSD 10

and abandon NetBSD9 9.  (If you are on 9 and trying to run HA, you
should update.)

Switch to py314, because HA has.

   doc: Updated textproc/expat to 2.7.5

   expat: update to 2.7.5.

   Ok maya@

   Release 2.7.5 Tue March 17 2026
           Security fixes:
              #1158  CVE-2026-32776 -- Fix NULL function pointer dereference for
                       empty external parameter entities; it takes use of both
                       functions XML_ExternalEntityParserCreate and
                       XML_SetParamEntityParsing for an application to be
                       vulnerable.
        #1161 #1162  CVE-2026-32777 -- Protect from XML_TOK_INSTANCE_START
                       infinite loop in function entityValueProcessor; it takes
                       use of both functions XML_ExternalEntityParserCreate and
                       XML_SetParamEntityParsing for an application to be
                       vulnerable.
              #1163  CVE-2026-32778 -- Fix NULL dereference in function setContext
                       on retry after an earlier ouf-of-memory condition; it takes
                       use of function XML_ParserCreateNS or XML_ParserCreate_MM

    [31 lines not shown]

   +OBE overcome by events

   s/reognizes/recognizes/ and s/unrecogized/unrecognized/ in comments.

   expat 2.7.5 out, another security fix release

   Ajust patterns for xen*418 and xen*420; all known vulnerabilities are fixed
   in the latest version

   Updated sysutils/xenkernel418 to 20260317
   Updated sysutils/xentools418 to 20260317

   Update xenkernel418 and xentools418 to 20260317

   Changes since 20250701: mostly bug fixes and small improvements on
   some hardware, including security fixes up to XSA481

   doc: Updated security/libssh to 0.114

   pkg-vulnerabilities: mark libssh vulns as fixed and adjust versions.

   We package libssh-0.11.4 as 0.114, for historical reasons, as mentioned
   in the package Makefile. Thus, 'libssh<0.11.2' never fires, so adjust
   all the 0.11.x vulnerabilities accordingly.

   libssh: update to 0.11.4

   This is a stable release in the 0.11 series. There is also 0.12.0
   available, but this has less potential for breakage, I assume.

   version 0.11.4 (released 2026-02-10)
    * Security:
      * CVE-2025-14821: libssh loads configuration files from the C:\etc directory
        on Windows
      * CVE-2026-0964: SCP Protocol Path Traversal in ssh_scp_pull_request()
      * CVE-2026-0965: Possible Denial of Service when parsing unexpected
        configuration files
      * CVE-2026-0966: Buffer underflow in ssh_get_hexa() on invalid input
      * CVE-2026-0967: Specially crafted patterns could cause DoS
      * CVE-2026-0968: OOB Read in sftp_parse_longname()
      * libssh-2026-sftp-extensions: Read buffer overrun when handling SFTP
        extensions
    * Stability and compatibility improvements of ProxyJump


    [31 lines not shown]

   libhidapi: reduce diffs from ustream implementation.

   Tested with ch32fun and UIAPduino on NetBSD/i386 10.1 with
   both ohci and xhci.
   Also sync DESCR with the latest version.

   Updated sysutils/xenkernel420 to 20260317
   Updated sysutils/xentools420 to 20260317
   Updated sysutils/xenstoretools to 20260317

   Update xenkernel420, xentools420 and xenstoretools to 20260317.
   Changes since 20251113: mostly bug fixes and small improvements on
   some hardware, including security fixes up to XSA481

   gst-plugins1-bad: PLIST.Linux: sync

   Do the same for m68ksf as for m68k with regard to fno-stack-protector.