dns/rfc2136: allow "*." prefix in hostname for wildcard updates (#5460)
When using rfc2136 dynamic DNS, users may want the same address
record to apply to every subdomain of the configured hostname (e.g.
for host.example.org and *.host.example.org to resolve to the same IP).
monit: remove duplication from these strange test types
tests.xml doesn't list the field so none of this is ever shown
and most could probably be removed, but I have no idea how this
is supposed to work. The default type is pinned to Custom.
net/frr: OSPF/OSPF6 More visibility and safety for ModelRelationField references (#5459)
* Allow multiple prefix list selections in a route map in OSPF6 as well
* Improve visibility for route-maps and prefix-lists in OSPF/OSPF6 and enable internalModelUseSafeDelete
unbound: blocklist improvements (#10149)
* Organizes DNSBLs by provider/category.
* Adds the Social Network blocklist by hegizi.
* The tester now gives you the DNSBL name and category instead of its shortcode.
mvc: OptionField: allow empty values in options
This falls back to the key which isn't going to be translated
since it's likely a technical term or keyword.
Also translate the $subvalue which appears to have been missed
before.
cap_net: do not allow new limits to drop keys from the old ones
If the old limit had family/hosts/sockaddr set, the new limit must
have them too. Before, a missing key in the new limit was treated as
"allow any", which let a caller silently extend their limits.
Approved by: so
Security: FreeBSD-SA-26:24.cap_net
Security: CVE-2026-45254
Reported by: Joshua Rogers of AISLE Research Team
Reviewed by: markj
MFC after: 1 day
Differential Revision: https://reviews.freebsd.org/D56991
(cherry picked from commit d705a519525f2acae3c1efba11436ec6ee8aea0a)
(cherry picked from commit b79faca1c5964d89c125d02de35928b733041f3f)
bsdconfig: Make sure that SSID names are properly escaped
The f_menu_wpa_scan_results() function returns a list of networks
discovered by a scan. The untrusted network names are evaluated in
f_dialog_menu_wireless_edit. The quoting applied in
f_menu_wpa_scan_results() protects against evaluation of something like
"$(whoami)" but one can add single quotes to defeat that.
Pass the SSID names through f_shell_escape to work around this. Escape
single quotes in f_dialog_wireless_edit() and f_menu_wireless_configs()
too for consistency.
I note that this module doesn't seem to actually work, see e.g.,
bugzilla PR 229883.
Approved by: so
Security: FreeBSD-SA-26:23.bsdinstall
Security: CVE-2026-45255
Reported by: Austin Ralls
[2 lines not shown]
bsdinstall: Avoid invoking eval on the wlan SSID list
The wlanconfig utility is not careful about handling untrusted network
names, which can contain shell metacharacters. Factor network selection
into a subroutine and use the `set -- "$@"` trick to build up a list of
positional parameters for bsddialog without evaluating them.
Approved by: so
Security: FreeBSD-SA-26:23.bsdinstall
Security: CVE-2026-45255
Reported by: Austin Ralls
Reviewed by: dteske, des, asiciliano
Differential Revision: https://reviews.freebsd.org/D56973
libcasper: switch from select(2) to poll(2)
The previous implementation used FD_SET() on a stack-allocated fd_set,
which is an out-of-bounds write whenever the socket fd is >= FD_SETSIZE
(1024).
poll(2) takes an array indexed by slot rather than by fd value, so it
has no FD_SETSIZE limit.
Approved by: so
Security: FreeBSD-SA-26:22.libcasper
Security: CVE-2026-39461
Reported by: Joshua Rogers
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D56695
