glib2 glib2-tools gdbus-codegen: updated to 2.88.1
Overview of changes in GLib 2.88.1, 2026-05-02
* Fix miscompilation with GCC 16 due to GLib’s use of the wrong function
attribute (!5145, work by Sam James)
* Fix flag confusion security issue when using `GRegex` with `G_REGEX_RAW` which
can result in unbounded out-of-bounds heap reads off the start of a regex
input string
* Fix various minor (low severity) security issues, typically one-to-five-byte
out-of-bounds reads or ones relying on
very specific (and unlikely) API calls or ones relying on
discouraged P2P D-Bus configurations (work by linhlhq)
* Bugs fixed:
- Buffer Over-read on GLib through glib/gvariant-
serialiser.c:1253 via gvs_tuple_is_normal() (Philip Withnall)
[47 lines not shown]
haproxy: updated to 3.3.8
3.3.8
- BUG/MINOR: tcpcheck: Allow connection reuse without prior traffic
- BUG/MINOR: ssl: fix memory leaks on realloc failure in ssl_ckch.c
- BUG/MINOR: ssl: fix memory leaks on realloc failure in ssl_sock.c
- DOC: config: Fix log-format example with last rule expressions
- BUG/MINOR: ssl: fix double-free on failed realloc in ssl_sock.c
- BUG/MINOR: tools: my_memspn/my_memcspn wrong cast causing incorrect byte reading
- BUG/MINOR: tools: fix memory leak in indent_msg() on out of memory
- BUG/MINOR: tools: free previously allocated strings on strdup failure in backup_env()
- BUG/MINOR: sample: fix memory leak in check_when_cond() when ACL is not found
- BUG/MINOR: sample: fix NULL strm dereference in sample_conv_when
- BUG/MINOR: peers: fix logical "and" when checking for local in PEER_APP_ST_STARTING
- BUG/MINOR: peers: fix wrong flag reported twice for dump_flags
- CLEANUP: peers: fix a few user-visible spelling mistakes
- BUG/MEDIUM: mux_h1: fix stack buffer overflow in h1_append_chunk_size()
- BUG/MINOR: http_ana: use scf to report term_evts in http_wait_for_request()
- BUILD: 51d: fix bool definition on dummy lib v4
[12 lines not shown]
openvpn: updated to 2.7.4
2.7.4
configure: Remove --enable-strict
GHA: Maintenance Update April 2026
GHA: Add caching for vcpkg builds
dns-scripts: Fix dnssec values in comments and Copyright statement format
Fix pkgcs11 vcpkg port installing debug files on release builds
Mbed TLS: Error out if we have no valid tls-groups
dns: minimalist fix for dnssec setting
Partially revert previous to fix the builds.
The UVM stats functions are used (apparently) by the RUMP
"kernel", and need to be exposed as they were before, so
for now, do that.
Feel free to undo this, and fix the problem some other way.
Reduce the pmap API surface exposed to modules. Of the ones that remain,
you could argue that those shouldn't be exposed either, but our file
system <-> pager interface is not that great, among other things, so
they have to remain for now.
arcbios: enable FPU around ARCS calls
This seems required for the SGI O2 for PROM graphics console IO to work
when it scrolls. See PR port-sgimips/60204 for more details.
The issue was introduced in v1.214 of sys/arch/mips/mips/locore.S .
Notably maya@ disabled the FPU early in boot, expecting the rest of
boot to run with the FPU disabled. The FPU is being explicitly
enabled/disabled here to keep to the spirit of maya@'s above commit.
A "better" solution would be to use the pcu API and mark the thread
as needing the FPU for the duration of the arcbios call, however:
* The current MIPS pcu FPU code in sys/arch/mips/mips/mips_fpu.c
doesn't support FPU use in kernel yet; and
* this stuff is called super early during boot and once the OS starts
the ARCBIOS API is no longer supposed to be used.
