BSD Commit Log Search

   Make the default colours more conservative, its really the greys that
   matter.

   Add nicer dark and light colour sets (themes) used on terminals with 256
   or more colours. Currently based these on emacs but they could change.
   Terminals with fewer colours use the ANSI colours. A new "theme" option
   overrides the detected theme (set to "terminal" to go back to ANSI
   colours).

   grow i386 install media

   Do not silently truncate result of dname_expand.

   This can only happen if the caller provides a buffer that's too
   small. All current callers provide a buffer of size MAXDNAME, which is
   large enough in all cases, otherwise dname_check_label would error out.

   Found by me and independently by Andrew Griffiths.

   OK deraadt, tb

   Backport the SDL3 gamecontroller backend from Godot 4.x to Godot 3
   (godot/pack1). This replaces the thus far "homegrown" gamecontroller
   backend code. Tested with PS4 controller and multiple games.

   "makes a lot of sense" op@

   net/curl: update to 8.21.0

   Changes:
   * curl: named globs in output filename for upload glob references
   * HTTP/3: add proxy CONNECT and MASQUE CONNECT-UDP support (ngtcp2 QUIC)
   * http2: remove stream dependency tracking
   * lib: drop support for CURLAUTH_DIGEST_IE

   Includes fixes for
   CVE-2026-8286: wrong STARTTLS connection reuse
   CVE-2026-8458: wrong reuse for different services
   CVE-2026-8924: trailing dot domain super cookie
   CVE-2026-8926: password leak with netrc and user in URL
   CVE-2026-8927: env-set cross-proxy Digest auth state leak
   CVE-2026-8932: incomplete mTLS config matching in conn reuse
   CVE-2026-9079: stale proxy password leak
   CVE-2026-9080: UAF after pause in socket callback
   CVE-2026-9545: exposing HTTP/3 early data
   CVE-2026-9546: sending old referer

    [4 lines not shown]

   vmd(8): prevent virtio scsi DoS from bad descriptor length.

   A guest can construct a looping, zero-length descriptor chain that
   spins forever when processing a READ_10 command. Check for zero
   length scenario and abort the read with a warning.

   Reported by Frank Denis.

   Discussed with and "go for it" from mlarkin@

   Fix scrollbar with a format colour.

   Update to dleyna-0.8.4.

   Update to avahi-0.9rc5.

   Update to stellarium-26.2.

   Update to exoscale-cli-1.95.3.

   Update to amazon-ssm-agent-3.3.4793.0.

   Update to gnome-control-center-49.8.

   vmd(8): reject invalid PIT periods causing UB.

   A guest can write values to Register A that results in a negative
   shift exponent when computing the resulting timer rate. Detect and
   ignore values to prevent UB from negative shift.

   Reported by Frank Denis.

   Discussed with and "go for it" from mlarkin@

   Expand colours as formats like styles.

   Update qt-creator to 20.0.0

   Add OIDs for CCR, ErikIndex, ErikPartition, CommunityDefinition

   References:
        https://datatracker.ietf.org/doc/html/draft-ietf-sidrops-rpki-ccr
        https://datatracker.ietf.org/doc/html/draft-ietf-sidrops-rpki-erik-protocol
        https://datatracker.ietf.org/doc/html/draft-ietf-grow-yang-bgp-communities

   OK tb@

   vmd(8): fix fw_cfg leak of file directory buffer.

   FW_CFG_FILE_DIR selector requests leak file directory buffers.
   Repeated requests from guests can exhaust vmd process memory.

   Reported by Frank Denis.

   Discussed with and "go for it" from mlarkin@

   sysutils/testdisk: force-disable security/libewf detection

   reported by naddy@

   Format variable for client colours.

   update to dnsdist-2.0.7

   update to powerdns-recursor-5.4.3

   update to powerdns-5.0.6

   Update py-tinytuya to 1.18.1.

   www/mozilla-firefox: MFC update to 152.0.3.

   see https://www.firefox.com/en-US/firefox/152.0.3/releasenotes/

   Fixed an issue that could cause extreme memory usage and freezing on
   startup for users with language packs installed. (Bug 2049845)

   www/mozilla-firefox: update to 152.0.3.

   see https://www.firefox.com/en-US/firefox/152.0.3/releasenotes/

   Fixed an issue that could cause extreme memory usage and freezing on
   startup for users with language packs installed. (Bug 2049845)

   Update to PowerDNS Recursor 5.4.3

   See https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2026-08.html

   ospfd(8) must be more paranoid about what it sends
   to its peers using IPC messages (see imsg_add(3)).
   The data passed between processes must not leak
   information on memory address layout from process.
   The process must be sending to its peers either data which
   are needed or, if taking a shortcut, zeroize fields
   which carry pointer (memory addresses) from process.

   The issue has been reported by students
   from British Columbia University earlier this year.

   The fix includes generous feedback from claudio@

   OK claudio@

   Put back IPV6_RTHDR to ip6_getpcbopt() as no operation.

   Reported-by: syzbot+7788d13ea3345629ceae at syzkaller.appspotmail.com