go126: update to 1.26rc2.
This release includes 6 security fixes following the security policy:
- archive/zip: denial of service when parsing arbitrary ZIP archives
archive/zip used a super-linear file name indexing algorithm that is invoked
the first time a file in an archive is opened. This can lead to a denial of
service when consuming a maliciously constructed ZIP archive.
Thanks to Thanks to Jakub Ciolek for reporting this issue.
This is CVE-2025-61728 and Go issue https://go.dev/issue/77102.
- net/http: memory exhaustion in Request.ParseForm
When parsing a URL-encoded form net/http may allocate an unexpected amount of
memory when provided a large number of key-value pairs. This can result in a
denial of service due to memory exhaustion.
[91 lines not shown]
Pull up following revision(s) (requested by nia in ticket #1224):
usr.sbin/makefs/cd9660.c: revision 1.61
makefs: cd9660: Honour the -m option to set the maximum disc size.
PR port-i386/59889 i386 cd-rom iso for -current is overflowing 700MB limit
Pull up following revision(s) (requested by nia in ticket #161):
usr.sbin/makefs/cd9660.c: revision 1.61
makefs: cd9660: Honour the -m option to set the maximum disc size.
PR port-i386/59889 i386 cd-rom iso for -current is overflowing 700MB limit
Pull up following revision(s) (requested by isaki in ticket #160):
sys/dev/ic/nslm7x.c: revision 1.80
Support AuxFan3 and AuxFan4 sensors for NCT6794D.
PR kern/59802
Pull up following revision(s) (requested by tsutsui in ticket #158):
distrib/common/bootimage/Makefile.bootimage: revision 1.47
distrib/common/bootimage/diskproto2sunlabel.awk: revision 1.1
bootimage: Derive sunlabel(8) input from the disklabel protofile
For USE_SUNLABEL labeling, stop hard-coding the sunlabel(8) geometry
in cylinders in Makefile.bootimage. Instead, generate the sunlabel(8)
command stream by parsing the generated disklabel protofile with
a small awk helper.
This keeps the Sun disk label consistent with the disklabel(8) protofile
and avoids maintaining two independent sets of geometry/partition logic.
Tested with a sun3 live-image on TME.
Pull up following revision(s) (requested by tsutsui in ticket #157):
usr.sbin/sunlabel/sunlabel.8: revision 1.10
sunlabel: document partition map line printed by the 'P' command
The interactive 'P' command prints the partition table and
also emits a simple textual map of the partition layout
(e.g., a line of 'a' when the whole disk is covered by partition a).
Mention this additional output in the man page to avoid confusion.
py-packaging: updated to 26.0
26.0 - 2026-01-20
Features:
* PEP 751: support pylock
* PEP 794: import name metadata
* Support for writing metadata to a file
* Support ``__replace__`` on Version
* Support positional pattern matching for ``Version`` and ``SpecifierSet``
Behavior adaptations:
* PEP 440 handling of prereleases for ``Specifier.contains``, ``SpecifierSet.contains``, and ``SpecifierSet.filter``
* Handle PEP 440 edge case in ``SpecifierSet.filter``
* Adjust arbitrary equality intersection preservation in ``SpecifierSet``
* Return ``False`` instead of raising for ``.contains`` with invalid version
* Support arbitrary equality on arbitrary strings for ``Specifier`` and ``SpecifierSet``'s ``filter`` and ``contains`` method.
[69 lines not shown]
Pull up following revision(s) (requested by tsutsui in ticket #156):
usr.bin/elf2ecoff/elf2ecoff.c: revision 1.40
usr.bin/elf2ecoff/elf2ecoff.c: revision 1.41
usr.bin/elf2ecoff/elf2ecoff.c: revision 1.39
elf2ecoff: fix various incorrect byteswap ops
- make sure to use host byte order in debug printfs
- fix incorrect byte swap ops for struct ecoff32_symhdr using
bswap32_region() (only first two magic and vstamp members are int16_t)
- make sure to use proper host's endian to calclate symbol table size
- don't do byteswap unconditionally for struct ecoff_extsym
(especially on building as a native tool)
Patch from Steve Rumble on port-mips@:
https://mail-index.netbsd.org/port-mips/2025/12/06/msg001544.html
elf2ecoff: remove an incorrect but unused assigment to ecoff32_exechdr
Probably harmless but confusing on endiannes sanity check.
[7 lines not shown]
Pull up following revision(s) (requested by tsutsui in ticket #155):
sys/dev/arcbios/arcbios_calls.S: revision 1.5
arcbios: add hazard nops for pre-R4000 MIPS1 machines
All MIPS ARC (Advanced RISC Computing) machines have R4000/R4400
https://www.netbsd.org/docs/Hardware/Machines/ARC/
as supported by NetBSD/arc and they don't require nops,
but the sgimips port fakes ARCS for older R2k/R3k machines,
so it uses this code on older CPUs, too.
Patch from Steve Rumble on port-mips@:
https://mail-index.netbsd.org/port-mips/2025/12/06/msg001542.html
Pull up following revision(s) (requested by tsutsui in ticket #154):
usr.sbin/makefs/ffs/ffs_alloc.c: revision 1.34
usr.sbin/makefs/ffs/mkfs.c: revision 1.43
usr.sbin/makefs/ffs.c: revision 1.78
usr.sbin/makefs/makefs.8: revision 1.74
makefs: add ffs version=0 for "newfs -O 0" compatible FFSv1 images
Allow "makefs -t ffs -o version=0" to create FFSv1 images in the
old on-disk format compatible with "newfs -O 0" (FFSv1 level 1),
intended for systems with ancient boot ROM requirements like LUNA.
This changes the FFSv1/FFSv2 selection to treat version 0 as FFSv1
and generates old-format directory entries (no d_type) when
version=0 is selected. The FFS mkfs parameters are adjusted so
that version 0 does not get overridden by the default FFSv1 settings.
Tested by generating FFS images with version=0, 1, and 2, and
[3 lines not shown]
py-xandikos: updated to 0.3.3
0.3.3
Valarm search
Add python3-qrcode to container image
Fix builds
0.3.2
Allow escaped newlines in calendar text fields
Fix TypeError with mixed date/datetime types in EXDATE/RDATE
Pull up following revision(s) (requested by jmcneill in ticket #1223):
sys/dev/sdmmc/sdmmcreg.h: revision 1.36
sdmmc: Fix swapped SSR cache and card maintenance bit defs
Pull up following revision(s) (requested by jmcneill in ticket #153):
sys/dev/sdmmc/sdmmcreg.h: revision 1.36
sdmmc: Fix swapped SSR cache and card maintenance bit defs
Pull up following revision(s) (requested by lukem in ticket #1222):
usr.bin/ftp/ftp.c: revision 1.179
usr.bin/ftp/version.h: revision 1.101
usr.bin/ftp/util.c: revision 1.169
usr.bin/ftp/extern.h: revision 1.85
ftp: fix ascii transfers with progress bar
Handle stdio interruption by signals and improve error handling
in getc() and putc() on the control and data channels.
Provide ftp_getc() and ftp_putc() wrappers that:
- Retry the operation on EINTR or EAGAIN instead of failing.
- Store other error codes in a return variable separate to errno,
and use that variable in ferror() handling, for more correct
error messages.
Fixes the progress bar display in ascii mode transfers.
[5 lines not shown]
Pull up following revision(s) (requested by lukem in ticket #152):
usr.bin/ftp/ftp.c: revision 1.179
usr.bin/ftp/version.h: revision 1.101
usr.bin/ftp/util.c: revision 1.169
usr.bin/ftp/extern.h: revision 1.85
ftp: fix ascii transfers with progress bar
Handle stdio interruption by signals and improve error handling
in getc() and putc() on the control and data channels.
Provide ftp_getc() and ftp_putc() wrappers that:
- Retry the operation on EINTR or EAGAIN instead of failing.
- Store other error codes in a return variable separate to errno,
and use that variable in ferror() handling, for more correct
error messages.
Fixes the progress bar display in ascii mode transfers.
[5 lines not shown]
Pull up following revision(s) (requested by lukem in ticket #1221):
usr.bin/ftp/version.h: revision 1.100
usr.bin/ftp/cmdtab.c: revision 1.54
usr.bin/ftp/ftp.1: revision 1.161
ftp: connect is a synonym for open
As we have disconnect as a synonym for close,
add connect as a synonym for open.
Suggested by Colby Russell in email.
Pull up following revision(s) (requested by lukem in ticket #151):
usr.bin/ftp/version.h: revision 1.100
usr.bin/ftp/cmdtab.c: revision 1.54
usr.bin/ftp/ftp.1: revision 1.161
ftp: connect is a synonym for open
As we have disconnect as a synonym for close,
add connect as a synonym for open.
Suggested by Colby Russell in email.
