the waitpid() can only return a real pid. none of the error cases can
occur. still, it is good style to check for != -1 before using WIFEXITED().
forgot where i heard about this.
don't use an uninitialised value for Chrome EC hello
The Chrome EC hello command adds 0x01020304 to the value and returns.
We don't check the result, so this wasn't a problem. With llvm 22
this caused a -Wuninitialized-const-pointer warning.
Update to PostgreSQL 18.4
Fixes:
* CVE-2026-6472: PostgreSQL CREATE TYPE does not check multirange schema
CREATE privilege
* CVE-2026-6473: PostgreSQL server undersizes allocations, via integer
wraparound
* CVE-2026-6474: PostgreSQL timeofday() can disclose portions of server
memory
* CVE-2026-6475: PostgreSQL pg_basebackup and pg_rewind can overwrite
unrelated files of origin superuser choice
* CVE-2026-6476: PostgreSQL pg_createsubscriber allows SQL injection via
subscription name
* CVE-2026-6477: PostgreSQL libpq lo_* functions let server superuser
overwrite client stack
* CVE-2026-6478: PostgreSQL discloses MD5-hashed passwords via covert
timing channel
* CVE-2026-6479: PostgreSQL SSL/GSS init causes denial of service, via
[9 lines not shown]
bump datasize of the build user to 2.5G on 64-bit arches
The tight limit of 2176M for other 64-bit architectures was not enough for
sparc64. On 64-bit systems we can afford to be a bit more generous.
login.conf merges are always a bit fiddly.
ok jca sthen
Add a bunch of new py-* build depends
As Pyside is a dependency, additional Python components such as build, wheel
and setuptools are required to compile it
Spotted by aja, naddy, thanks! (It took me a while to figure it out)
Fix missing 'compatible' string NUL termination in case the compatible
string is => 32 bytes, which caused an out-of-bounds read later on in
the code path:
- Mimic apliic(4), which uses malloc instead of a fix-width array for
the compatible string.
- Also set 'ia_namelen', which should enable parsing of a secondary
compatible string, if it exists.
ok jca@
