ld.elf_so: Fix more races with recursive threaded dlopen/dlclose.
1. When loading an object, keep track of a finer-grained state for
relocation so that a concurrent _rtld_relocate_objects doesn't
relocate an object too early (e.g., while waiting in
_rtld_load_needed_objects for an object that is concurrently being
dlclosed to finish before we can map it afresh) leading to
spurious symbol resolution failures:
- OBJRELOC_NONE (0): object has been created but the rtld state
isn't enough to attempt relocation yet (either not all DT_NEEDED
entries have been resolved, or the dldags lists have not yet
been populated)
- OBJRELOC_READY (1): object has been created and rtld state is
ready to relocate (all DT_NEEDED entries have been resolved and
the dldags lists have been populated), but object has not yet
been relocated.
[44 lines not shown]
Make swap encryption truly optional, rather than just able to be
default-disabled
- New option VMSWAP_ENCRYPTION (enabled by default in conf/std along with
VMSWAP)
- Remove the "aes" attribute from VMSWAP and hand it to VMSWAP_ENCRYPTION.
- Conditionalize all code and data related to swap encryption on the
new VMSWAP_ENCRYPTION option.
While the swap encryption code itself is not that large, it drags in
the AES code if enabled. If a constrained platform doesn't care about
encrypted swap, this lets it not pay the cost for AES.
bulk-test-boost: Drop mongodb3
because it's about to be deleted.
(It seems all mongodb are using vendored boost, but as non-MAINTAINER
I'm simply deleting mongodb3.)
The "iic" instance does not depend on i2c_bitbang, so it should not
express it as a dependency. That's the responsibility of the back-ends
that do require it.
p5-Mojo-JWT: update to 1.02.
1.02 2026-06-03
- This release contains fixes for security issues, everybody should upgrade!
- Improved security of decode to prevent timing side-channel attacks in symmetric signatures
1.01 2024-10-15
- Fix non-portable test
1.00 2024-10-15
- Use CryptX (libtomcrypt) for all cryptographic functions
- Crypt::OpenSSL input is still accepted but converted in-use