BSD Commit Log Search

   backout to rspamd 3.14.3 for now, I'm hitting some fairly heavy FD leak
   on the milter socket on my postfix+rspamd setup (noticed when it hit 4k
   FDs and bumped into limits) and not in a good position to attempt debug
   atm.

   Prevent integer overflow in regex repetition count

   Limit the repetition count to 255 like POSIX does.  Also avoid a
   crash when the repetition is the first atom parsed.

   From Renaud Allard.

   sysutils/moor: Update to 2.12.0

   From Maintainer Lydia Sobot, thanks

   relay_tls_ctx_create: plug tls_cfg leak

   If the second tls_cfg_new() call fails, the tls_cfg is leaked.

   From Jan Schreiber

   sync distinfo

   relayd: error check bsearch in relay_httperror_byid()

   If relay_httperror_byid() is passed a HTTP error code not in the table
   this would result in a NULL deref. The intent is that the code fall back
   to "Unknown error" on NULL return.

   From Jan Schreiber

   relayd: fix NULL check for strdup()

   Due to a copy-paste error, relay_lookup_query() would check the wrong kv
   member for NULL.

   From Jan Schreiber

   Add regress test for TCP Selective ACK packets.

   sys/iwx: align antenna patterns and STBC with iwlwifi

   Follow iwlwifi for antenna pattern and STBC advertisement. Advertise RX
   antenna pattern only when RX is effectively 1x1; advertise HT and VHT
   STBC unconditionally, and VHT TX antenna pattern only when TX is
   effectively 1x1, and program the firmware TLC STBC flag when the peer
   advertises RX STBC and the device has more than one valid TX antenna.

   OK: stsp@

   update p5-XML-Parser to 2.55

   update to tdesktop 6.7.1

   Do not leak command in list-keys, reported by tb@. Also tidy up some
   function names while here.

   sysutils/just: upgrade to v1.48.1.

   Do not leak trimmed string when expanding, found by ossfuzz.

   Use INT_MIN + 1 as strtonum lower limits in formats so -ve works, found
   by ossfuzz.

   update to isc-bind-9.20.22

   update to isc-bind-9.20.22

   update to 22.1.2

   Limit argc to between 0 and 1000 to prevent fatal from MSG_COMMAND, from
   Michal Majchrowicz.

   Handle empty regular expression in substitution, found by ossfuzz.

   Check for \0 after skipping # not before in format_expand1, from ossfuzz.

   update to 2026.04.146.5

   Fix NULL dereference in sort.c, from Dane Jensen.

   update to jpeg-3.1.4.1

   thanks to matthieu@ for armv7 and macppc tests (and Jan Stary who started
   on this too but matthieu beat him to it)

   adapt to username validity check change

   openssh-10.3

   move username validity check for usernames specified on the
   commandline to earlier in main(), specifically before some
   contexts where a username with shell characters might be
   expanded by a %u directive in ssh_config.

   We continue to recommend against using untrusted input on
   the SSH commandline. Mitigations like this are not 100%
   guarantees of safety because we can't control every
   combination of user shell and configuration where they are
   used.

   Reported by Florian Kohnhäuser

   correctly match ECDSA signature algorithms against algorithm
   allowlists: HostKeyAlgorithms, PubkeyAcceptedAlgorithms and
   HostbasedAcceptedAlgorithms.

   Previously, if any ECDSA type (say "ecdsa-sha2-nistp521") was
   present in one of these lists, then all ECDSA algorithms would
   be permitted.

   Reported by Christos Papakonstantinou of Cantina and Spearbit.

   when downloading files as root in legacy (-O) mode and without the
   -p (preserve modes) flag set, clear setuid/setgid bits from
   downloaded files as one might expect.

   AFAIK this bug dates back to the original Berkeley rcp program.

   Reported by Christos Papakonstantinou of Cantina and Spearbit.

   add missing askpass check when using ControlMaster=ask/autoask
   and "ssh -O proxy ..."; reported by Michalis Vasileiadis