BSD Commit Log Search

   Remove reference to an option that hasn't been added yet.

   add back the local #undef DEBUG lost with last drm update
   reported by Jan Schreiber

   Sync the nexthop comperators in rde_rib.c and kroute.c

   While nexthop_cmp() already looked for the scope_id for link-local IPv6
   nexthops, knexthop_compare() did not.

   Reported by 7Asecurity
   OK tb@

   update to py3-puremagic-2.2.0

   update to py3-pdm-backend-2.4.8

   update to luadbi-0.7.5

   update to ccache-4.13.6

   update to libplist-2.7.0

   update to py3-sqlalchemy-2.0.50

   update to py3-apsw-3.53.1.0

   update to sqlcipher-4.16.0

   update to libmtp-1.1.23

   devel/codex: update to 0.134.0

   update to freetds-1.5.18

   update to py3-psycopg2-2.9.12

   update to py3-mediafile-0.17.0

   Bring in some more floating panes changes - obscured panes need to be
   handled specially in screen_write_* rather than dropping into the client
   redraw (tty.c).

   Add some extra checks to the mrtparser

   Fail if the mrt message length is larger than MRT_MAX_LEN (1MB).
   No message should have such a large size.
   Ensure the dump callback is never called with a mrt peer table
   that is NULL.

   Reported by 7Asecurity
   OK tb@

   drop bug-1962139-ffmpeg8-140esr.patch from -stable as well, it breaks patching

   distinfo missed from -stable

   Update mattermost 11.3.0 -> 11.7.1
   Changelog: https://docs.mattermost.com/product-overview/mattermost-v11-changelog.html

   Add an explict "--" argument for portable.

   GNU libc getopt allows options out of order with other arguments
   so force getopt to stop option parsing using "--".
   OK tb@

   Add a "--" argv to the execvp of bgpctl for portable.

   GNU libc has this stupid behaviour of allowing options in any order
   and so one needs to terminate the option parsing to be sure none of
   the later user supplied arguments could be interpreted as an option.

   Reported by 7Asecurity
   OK tb@

   Update unifont to 17.0.04.

   From Manuel Giraud, thanks!

   update to hk-0.3.3, from Laurence Tratt (maintainer)

   Don't fail hard on version mismatch and ignore extra end-of-params messages.

   Replace the lerrx on version mismatch with a lwarnx and error return.
   Switch to ssize_t return for that so that slowcgi_request() can properly
   fail when this happens.

   Also do not execute multiple bgplgd commands when extra end-of-params
   messages are received. Once a command is executed fail to start a 2nd
   one.

   Reported by Frank Denis
   OK tb@

   Improve handling of unknown extended communities

   Ext communities are split over the 3 data fields of struct community.
   All ext communities put the first 2 bytes (type and subtype) into data3.
   For EXT_COMMUNITY_TRANS_IPV4 and EXT_COMMUNITY_TRANS_FOUR_AS a 2-4-2 split
   is used. All other types use a 2-2-4 split this should include all unknown
   types. So add default cases into the various switch statements to make this
   happen.

   Reported by 7Asecurity
   OK tb@

   Increase the MRT attribute buffer to MAX_EXT_PKTSIZE so it works in all cases.

   Dumping messages from peers with extended message capability would fail
   since the MRT code was still limited to the old 4096byte size.

   Reported by 7Asecurity
   OK tb@

   Fix use-after-free problems in parse.y

   In error cases using YYERROR data is freed but the global pointer is not
   reset (to NULL or in the case of curpeer to curgroup). On YYERROR yacc
   still moves on and so any rules using e.g. curpeer do a use-after-free.

   Reported by 7Asecurity
   OK tb@

   Move pt_unref() after the RB_REMOVE() call in rib_remove() to
   prevent use-after-free.

   rib_remove calls pt_unref() before the RB_REMOVE() call which also uses
   re_rib(). re_rib() evaluates re->prefix but pt_unref() could free the
   prefix if the refcount drops to 0.

   Reported by 7Asecurity
   OK tb@