FreeBSD/ports 0821906security/vuxml/vuln 2026.xml

security/vuxml: add FreeBSD SAs issued on 2026-04-29

FreeBSD-SA-26:12.dhclient affects all supported releases
FreeBSD-SA-26:13.exec affects all supported releases
FreeBSD-SA-26:14.pf affects all supported releases
FreeBSD-SA-26:15.dhclient affects all supported releases
FreeBSD-SA-26:16.libnv affects all supported releases
FreeBSD-SA-26:17.libnv affects all supported releases
DeltaFile
+204-0security/vuxml/vuln/2026.xml
+204-01 files

FreeBSD/doc 6f9601cwebsite/content/en/releases/13.5R errata.adoc, website/content/en/releases/14.3R errata.adoc

Add errata affecting 13.5R, 14.3R, 14.4R and 15.0R

FreeBSD-EN-26:08.pf affects 15.0R
FreeBSD-EN-26:09.tzdata affects all supported releases
FreeBSD-EN-26:10.amd64 affects 14.3R, 14.4R and 15.0R
DeltaFile
+3-0website/content/en/releases/15.0R/errata.adoc
+2-0website/content/en/releases/14.3R/errata.adoc
+2-0website/content/en/releases/14.4R/errata.adoc
+1-0website/content/en/releases/13.5R/errata.adoc
+8-04 files

FreeBSD/doc f6ce52fwebsite/content/en/releases/13.5R errata.adoc, website/content/en/releases/14.3R errata.adoc

Add security advisories affecting 13.5R, 14.3R, 14.4R and 15.0R

FreeBSD-SA-26:12.dhclient affects all supported releases
FreeBSD-SA-26:13.exec affects all supported releases
FreeBSD-SA-26:14.pf affects all supported releases
FreeBSD-SA-26:15.dhclient affects all supported releases
FreeBSD-SA-26:16.libnv affects all supported releases
FreeBSD-SA-26:17.libnv affects all supported releases
DeltaFile
+6-0website/content/en/releases/13.5R/errata.adoc
+6-0website/content/en/releases/14.3R/errata.adoc
+6-0website/content/en/releases/14.4R/errata.adoc
+6-0website/content/en/releases/15.0R/errata.adoc
+24-04 files

LLVM/project 9f51527llvm/lib/Transforms/Utils LoopUnroll.cpp

Fix typo
DeltaFile
+1-1llvm/lib/Transforms/Utils/LoopUnroll.cpp
+1-11 files

LLVM/project 29d62a9llvm/lib/Transforms/Utils LoopUnroll.cpp

Report unexpected infinite frequency
DeltaFile
+10-3llvm/lib/Transforms/Utils/LoopUnroll.cpp
+10-31 files

LLVM/project 4a91296llvm/lib/Transforms/Utils LoopUnroll.cpp

O(n^2) -> O(n)
DeltaFile
+79-50llvm/lib/Transforms/Utils/LoopUnroll.cpp
+79-501 files

LLVM/project 10e8fe0llvm/lib/Transforms/Utils LoopUnroll.cpp

Address small reviewer suggestions
DeltaFile
+7-3llvm/lib/Transforms/Utils/LoopUnroll.cpp
+7-31 files

LLVM/project 1b5874blld/MachO ConcatOutputSection.cpp

call markBranchAsResolved in more places
DeltaFile
+5-4lld/MachO/ConcatOutputSection.cpp
+5-41 files

FreeBSD/src e7f4269sys/dev/asmc asmc.c asmcvar.h

asmc: replace hardcoded model table with universal probing

Probe SMC keys at attach time to detect hardware capabilities,
supporting all Intel Apple machines without per-model entries.

Sensors are discovered by scanning sorted SMC key ranges for
known prefixes and types. Capabilities such as SMS, fan safe
speed, and ambient light are detected by key presence.

A global key description table provides human-readable names
for well-known temperature sensors.

Tested on:
 - MacBook Pro (Early 2007, Mid 2014, Mid 2015)
 - MacBook Air (Early 2015, Mid 2017)
 - iMac (Mid 2011, Late 2013)
 - Mac mini (Mid 2011)

Reviewed by:    adrian
Differential Revision:  https://reviews.freebsd.org/D56405
DeltaFile
+529-642sys/dev/asmc/asmc.c
+17-944sys/dev/asmc/asmcvar.h
+546-1,5862 files

LLVM/project e20557eclang/lib/CIR/Lowering/DirectToLLVM LowerToLLVM.cpp

fix fmt
DeltaFile
+6-4clang/lib/CIR/Lowering/DirectToLLVM/LowerToLLVM.cpp
+6-41 files

LLVM/project 2387cc1clang/include/clang/CIR/Dialect/IR CIROps.td, clang/lib/CIR/Lowering/DirectToLLVM LowerToLLVM.cpp

[CIR] Lower global ConstArrayAttr with string elements to LLVM string constant
DeltaFile
+40-5clang/lib/CIR/Lowering/DirectToLLVM/LowerToLLVM.cpp
+10-0clang/test/CIR/Lowering/array.cpp
+4-0clang/include/clang/CIR/Dialect/IR/CIROps.td
+54-53 files

LLVM/project 0abb456orc-rt/include/orc-rt NativeDylibManager.h, orc-rt/lib/executor NativeDylibManager.cpp

[orc-rt] Add NativeDylibManager. (#194792)

NativeDylibManager is an orc_rt::Service that supports loading,
unloading, and lookup of symbols via the system dynamic loader's native
APIs.

The current implementation only supports the POSIX dlfcn.h APIs (dlopen,
dlclose, dlsym), but it should be straightforward to extend to Windows.
DeltaFile
+199-0orc-rt/unittests/NativeDylibManagerTest.cpp
+183-0orc-rt/unittests/NativeDylibManagerSPSCITest.cpp
+151-0orc-rt/lib/executor/NativeDylibManager.cpp
+94-0orc-rt/include/orc-rt/NativeDylibManager.h
+53-0orc-rt/lib/executor/Unix/NativeDylibAPIs.inc
+46-0orc-rt/lib/executor/sps-ci/NativeDylibManagerSPSCI.cpp
+726-05 files not shown
+776-011 files

FreeBSD/src 59a844bsys/powerpc/mpc85xx pci_mpc85xx.c

mpc85xx/msi: Add compat string for T208x/T4xxx SoCs
DeltaFile
+2-1sys/powerpc/mpc85xx/pci_mpc85xx.c
+2-11 files

FreeBSD/src 787b5e1sys/conf files.powerpc

dtrace: Add missing file for powerpc kernel build
DeltaFile
+1-0sys/conf/files.powerpc
+1-01 files

FreeBSD/src 0a70558sys/dev/iicbus/mux iicmux.c

iicmux: Return the right error codes

I2C subsystem errors belong in the IIC_* error space.  It's pretty clear
this is what is intended in the code.
DeltaFile
+3-3sys/dev/iicbus/mux/iicmux.c
+3-31 files

FreeBSD/src 40bcad5sys/powerpc/include pcpu.h, sys/powerpc/powerpc openpic.c pic_if.m

powerpc/pic: Add a PIC_AP_INIT() to set up AP PIC info

pc_cpuid may not match the PIC's idea of a given CPU.  Since openpic
has a WHOAMI register, we can use that to get the PIC's idea of the CPU.
This needs to be done on each AP, so add a PIC_AP_INIT device method so
the PIC can perform any AP-specific initialization at AP bootstrap time.

This fixes SMP on e6500, which is still lacking SMT support.

Differential Revision:  https://reviews.freebsd.org/D56421
DeltaFile
+21-7sys/powerpc/powerpc/openpic.c
+3-0sys/powerpc/powerpc/pic_if.m
+1-0sys/powerpc/powerpc/mp_machdep.c
+1-0sys/powerpc/include/pcpu.h
+26-74 files

FreeBSD/src 605f537sys/powerpc/include openpicvar.h openpicreg.h, sys/powerpc/powerpc openpic.c

powerpc/openpic: Increase the maximum number of IRQs allowed

The Freescale MPIC supports up to 2048 IRQs, but since we only build an
array of 768 interrupts in intr_machdep, clamp the max at 512.  The most
any Freescale PowerPC chip actually supports is 452 on the T4240, so 512
is sufficient.

As part of this, increase the vector mask to the full openpic vector
mask, and use this limit as the terminator for the dispatch loop,
instead of a hard-coded 255.

Differential Revision:  https://reviews.freebsd.org/D56422
DeltaFile
+8-2sys/powerpc/powerpc/openpic.c
+2-1sys/powerpc/include/openpicvar.h
+1-1sys/powerpc/include/openpicreg.h
+11-43 files

NetBSD/src Hqm1wyiexternal/bsd/atf/dist/atf-c atf-c-api.3

   atf-c-api.3: fix grammar in a sentence
VersionDeltaFile
1.7+1-1external/bsd/atf/dist/atf-c/atf-c-api.3
+1-11 files

NetBSD/src OK4bcpQlib/libc/hash/sha2 sha2.3

   sha2.3: note the SHA-224 functions were added in NetBSD 6
VersionDeltaFile
1.10+4-2lib/libc/hash/sha2/sha2.3
+4-21 files

LLVM/project 6cad48allvm/include/llvm/CodeGen WasmEHFuncInfo.h WasmEHInfo.h, llvm/lib/CodeGen WasmEHPrepare.cpp

[WebAssembly] Remove WasmEHFuncInfo (NFC) (#194972)

This removes `WasmEHFuncInfo` class.

This class was created to maintain the information of, "If an exception
is not caught by EHPad A, what is its next unwind destination?". Turns
out this information is already in the CFG.

After #130374, we use the common `findUnwindDestination`:
https://github.com/llvm/llvm-project/blob/113479d119a997e4c4c3eae63e087588c9662121/llvm/lib/CodeGen/SelectionDAG/SelectionDAGBuilder.cpp#L2107-L2164

Note that in case of `catchswitch`, we follow its unwind destination
chain and add all of them to the invoke BB's successors until it meets a
`cleanuppad`, which always catches an exception. And the order of the
successor is the order of the unwind destination chain. So an invoke
BB's successor list would be like: [normal destination, unwind EHPad 1,
unwind EHPad 2, unwind EHPad 3, ...] where EHPad 2 is the next unwind
destination if EHPad 1 does not catch an exception and so on. So if we
want to know what the current EHPad's next unwind destination is, we can

    [18 lines not shown]
DeltaFile
+0-65llvm/include/llvm/CodeGen/WasmEHFuncInfo.h
+32-7llvm/lib/Target/WebAssembly/WebAssemblyCFGStackify.cpp
+0-34llvm/test/CodeGen/WebAssembly/function-info.mir
+0-30llvm/lib/Target/WebAssembly/WebAssemblyMachineFunctionInfo.cpp
+1-25llvm/lib/CodeGen/WasmEHPrepare.cpp
+24-0llvm/include/llvm/CodeGen/WasmEHInfo.h
+57-1619 files not shown
+60-22215 files

NetBSD/src rQUOddoexternal/bsd/libarchive/include config_netbsd.h, tests/lib/libarchive Makefile

   Undo previous change to (re-)enable libarchive to use zstd directly.
   It broke the sun2 build.
VersionDeltaFile
1.19+1-2tests/lib/libarchive/Makefile
1.18+1-1external/bsd/libarchive/include/config_netbsd.h
+2-32 files

FreeBSD/ports 14bd0e3devel/pecl-swoole Makefile distinfo

devel/pecl-swoole: update to 6.2.0.
DeltaFile
+28-21devel/pecl-swoole/Makefile
+3-3devel/pecl-swoole/distinfo
+31-242 files

FreeBSD/ports 4c2f3bawww/phalcon Makefile distinfo

www/phalcon: update to 5.11.1.
DeltaFile
+2-14www/phalcon/Makefile
+3-3www/phalcon/distinfo
+5-172 files

FreeBSD/src 72e2ae5sys/netinet tcp_timewait.c, sys/sys ktls.h

tcp: release nic ktls send tags when entering time wait

When under heavy load or churn, inline ktls offload NICs may run out
of hardware resources described by ktls send tags.  Rather than
waiting for connections to pass through the time_wait state, reclaim
the ktls send tags early, at entry to time_wait. By preventing
potentially tens or hundreds of thousands of sessions from holding
send tags in time_wait, this allows more ktls sessions to be offloaded
to hardware.

Reviewed by: glebius, kib, nickbanks_netflix.com, rrs, tuexen
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D56610
DeltaFile
+12-0sys/sys/ktls.h
+10-0sys/netinet/tcp_timewait.c
+22-02 files

LLVM/project fbdc27dclang-tools-extra/modularize CoverageChecker.cpp ModularizeUtilities.cpp

[clang][tools] NFC: Replace `auto` with `Module *` (#194977)

This finishes what #194032 started.
DeltaFile
+1-1clang-tools-extra/modularize/CoverageChecker.cpp
+1-1clang-tools-extra/modularize/ModularizeUtilities.cpp
+2-22 files

LLVM/project df32e69llvm/lib/Target/AMDGPU AMDGPURegBankLegalizeRules.cpp, llvm/test/CodeGen/AMDGPU llvm.amdgcn.cvt.fp8.ll

[AMDGPU]/GlobalISel: RegBankLegalize rules for fp8/bf8 cvt intrinsics (#193551)
DeltaFile
+945-7llvm/test/CodeGen/AMDGPU/llvm.amdgcn.cvt.fp8.ll
+14-0llvm/lib/Target/AMDGPU/AMDGPURegBankLegalizeRules.cpp
+959-72 files

LLVM/project 0ba904dclang/lib/ScalableStaticAnalysisFramework/Analyses/PointerFlow PointerFlowExtractor.cpp PointerFlowFormat.cpp

address comments
DeltaFile
+5-4clang/lib/ScalableStaticAnalysisFramework/Analyses/PointerFlow/PointerFlowExtractor.cpp
+2-2clang/lib/ScalableStaticAnalysisFramework/Analyses/PointerFlow/PointerFlowFormat.cpp
+7-62 files

FreeBSD/ports 2206683devel/py-pyTooling Makefile distinfo, devel/py-pyTooling/files patch-pyproject.toml

devel/py-pyTooling: update 8.11.0 → 8.14.0
DeltaFile
+6-3devel/py-pyTooling/Makefile
+4-5devel/py-pyTooling/files/patch-pyproject.toml
+3-3devel/py-pyTooling/distinfo
+13-113 files

LLVM/project 74f3b56llvm/lib/Target/RISCV RISCVInstrInfo.td RISCVInstrInfoV.td

[RISCV] Remove isAsmParserOnly from isPseudo instructions. NFC (#194958)

isAsmParserOnly is only used to suppress DecoderEmiter, but that's
already supressed by isPseudo. The real usage for this should be for
instructions that have encoding information but we don't want to
disassemble.

Many of these pseudos are emitted from codegen meaning they aren't
really assembler only. So you can't argue this flag is good for
documentation either.
DeltaFile
+16-16llvm/lib/Target/RISCV/RISCVInstrInfo.td
+2-2llvm/lib/Target/RISCV/RISCVInstrInfoV.td
+0-3llvm/lib/Target/RISCV/RISCVInstrFormats.td
+1-2llvm/lib/Target/RISCV/RISCVInstrInfoC.td
+19-234 files

LLVM/project 0177533llvm/lib/Target/RISCV RISCVInstrInfo.td

[RISCV] Remove isAsmParserOnly from LongBccPseudo and LongBcciPseudo.  NFC (#194949)

These instructions are created by assembler relaxation. They aren't
"parsed.". isAsmParserOnly suppresses the disassembler for these, but
that was already suppressed by isPseudo and isCodeGenOnly.
DeltaFile
+0-2llvm/lib/Target/RISCV/RISCVInstrInfo.td
+0-21 files