13,305,989 commits found in 6 milliseconds
ccid: updated to 1.8.2
1.8.2
- Fix initialisation of composite devices (like Yubico tokens)
- Correctly close the slots of a multi-slots reader (serial
Updated lang/nodejs, lang/nodejs24, lang/nodejs22
nodejs22: updated to 22.23.0
22.23.0 'Jod' (LTS)
Notable Changes
(CVE-2026-48618 ) tls: normalize hostname for server identity checks (Matteo Collina) – High
(CVE-2026-48933 ) crypto: guard WebCrypto cipher output length (Filip Skokan) – High
(CVE-2026-48937 ) deps: fix integration issues with the latest nghttp2 – Medium
(CVE-2026-48930 ) dns,net: reject hostnames with embedded NUL bytes (Matteo Collina) – Medium
(CVE-2026-48619 ) http2: cap originSet size to prevent unbounded memory growth (Matteo Collina) – Medium
(CVE-2026-48615 ) lib,test: redact proxy credentials in tunnel errors (Matteo Collina) – Medium
(CVE-2026-48934 ) tls: bind reusable sessions to authenticated host (Matteo Collina) – Medium
(CVE-2026-48928 ) tls: fix case-sensitive SNI context matching (Matteo Collina) – Medium
(CVE-2026-48617 ) permission: handle process.chdir on writereport (RafaelGSS) – Low
(CVE-2026-48931 ) http: fix response queue poisoning in http.Agent (Matteo Collina) – Low
(CVE-2026-48935 ) permission: disable FileHandle utimes with permission model (RafaelGSS) – Low
nodejs24: updated to 24.17.0
24.17.0 'Krypton' (LTS)
Notable Changes
(CVE-2026-48618 ) tls: normalize hostname for server identity checks (Matteo Collina) – High
(CVE-2026-48933 ) crypto: guard WebCrypto cipher output length (Filip Skokan) – High
(CVE-2026-48615 ) lib,test: redact proxy credentials in tunnel errors (Matteo Collina) – Medium
(CVE-2026-48619 ) http2: cap originSet size to prevent unbounded memory growth (Matteo Collina) – Medium
(CVE-2026-48928 ) tls: fix case-sensitive SNI context matching (Matteo Collina) – Medium
(CVE-2026-48930 ) dns,net: reject hostnames with embedded NUL bytes (Matteo Collina) – Medium
(CVE-2026-48934 ) tls: bind reusable sessions to authenticated host (Matteo Collina) – Medium
(CVE-2026-48937 ) deps: fix integration issues with the latest nghttp2 – Medium
(CVE-2026-48617 ) permission: handle process.chdir on writereport (RafaelGSS) – Low
(CVE-2026-48931 ) http: fix response queue poisoning in http.Agent (Matteo Collina) – Low
(CVE-2026-48935 ) permission: disable FileHandle utimes with permission model (RafaelGSS) – Low
nodejs: updated to 26.3.1
26.3.1 (Current)
Notable Changes
(CVE-2026-48618 ) tls: normalize hostname for server identity checks (Matteo Collina) – High
(CVE-2026-48933 ) crypto: guard WebCrypto cipher output length (Filip Skokan) – High
(CVE-2026-48615 ) lib,test: redact proxy credentials in tunnel errors (Matteo Collina) – Medium
(CVE-2026-48619 ) http2: cap originSet size to prevent unbounded memory growth (Matteo Collina) – Medium
(CVE-2026-48928 ) tls: fix case-sensitive SNI context matching (Matteo Collina) – Medium
(CVE-2026-48930 ) dns,net: reject hostnames with embedded NUL bytes (Matteo Collina) – Medium
(CVE-2026-48934 ) tls: bind reusable sessions to authenticated host (Matteo Collina) – Medium
(CVE-2026-48617 ) permission: handle process.chdir on writereport (RafaelGSS) – Low
(CVE-2026-48931 ) http: fix response queue poisoning in http.Agent (Matteo Collina) – Low
(CVE-2026-48935 ) permission: disable FileHandle utimes with permission model (RafaelGSS) – Low
(CVE-2026-48936 ) permission: guard pipe open and chmod with net scope (RafaelGSS) – Low
LLVM /project 6daa021 — mlir/lib/Dialect/Tosa/IR TosaOps.cpp, mlir/test/Dialect/Tosa verifier.mlir [mlir][tosa] Check same input/output types in pooling ops verifier (#203565)
Adds a missing check to make sure the input and output types of pooling
ops have the same element type. LLVM /project f782f54 — llvm/include/llvm/Transforms/Scalar Reassociate.h, llvm/lib/Transforms/Scalar Reassociate.cpp review
OpenBSD /ports 5o50ydb — emulators/fuse Makefile distinfo, emulators/fuse/patches patch-configure_ac Update fuse to 1.9.0.
LLVM /project 6be53ab — llvm/lib/Target/AArch64/GISel AArch64InstructionSelector.cpp, llvm/test/CodeGen/AArch64 pr204118.ll [AArch64][GISel] Remove hard-coded operand index from FCVT renderers (#204118) [clang][NFC] Add LLVM_PREFERRED_TYPE to EvaluatedStmt bitfields (#205026) gitignore: Add emacs lock files
LLVM /project e4df739 — llvm/lib/Target/AMDGPU AMDGPUInstructionSelector.h AMDGPUInstructionSelector.cpp, llvm/lib/Target/AMDGPU/Utils AMDGPUBaseInfo.h [AMDGPU] Remove stale declarations. NFC. (#205047)
Remove declarations of functions that are never defined. Also remove
unused field AMDGPUInstructionSelector::TM.
Co-authored-by: Claude Opus 4.8 (1M context) <noreply at anthropic.com> Reject empty CNAMEs in gethostbyname(3) / getaddrinfo(3) .
An empty string is arguably not a correct hostname (even though
res_hnok accepts it). More worrisome though is software not expecting
this and making mistakes. In practice this cannot happen unless the
resolver lies to us.
OK deraadt, jca
LLVM /project 1eb70f1 — clang/lib/Driver Driver.cpp, clang/lib/Driver/ToolChains CommonArgs.cpp AMDGPU.cpp clang/AMDGPU: Use effective triple instead of raw toolchain triple
Start using the effective triple instead of the raw toolchain triple.
For the moment this is NFC, but will change when new uses of the subarch
field are introduced.
doc: Updated graphics/glslang to 1.4.350.1
glslang: update to vulkan-sdk-1.4.350.1
No changelog
doc: Updated parallel/spirv-tools to 1.4.350.1
spirv-tools: update to vulkan-sdk-1.4.350.1
No changelog
doc: Updated parallel/spirv-headers to 1.4.350.1
spirv-headers: update to vulkan-sdk-1.4.350.1
No changelog
doc: Updated graphics/vulkan-tools to 1.4.350.1
NetBSD /pkgsrc 7oPMGDn — graphics/vulkan-tools distinfo Makefile, graphics/vulkan-tools/patches patch-cube_cube.c patch-cube_cube.cpp
vulkan-tools: update to vulkan-sdk-1.4.350.1
No changelog
OpenBSD /ports I6DnVRp — security/yubico/yubikey-manager Makefile, security/yubico/yubikey-manager/patches patch-pyproject_toml yubico/yubikey-manager: remove upper bound for py-cryptography
LLVM /project 5951daf — llvm/lib/Analysis LoopAccessAnalysis.cpp, llvm/test/Transforms/LoopVectorize scalable-first-order-recurrence.ll scalable-lifetime.ll [LV] Allow scalable VFs in `-force-vector-width` (and use in tests) (#204953)
This updates `-force-vector-width=VF` to accept scalable VFs. If a
scalable width is specified it is assumed the target supports scalable
vectors.
So for example, `-force-vector-width="vscale x 4"` works as a shorthand
for `-scalable-vectorization=always -force-target-supports-scalable-vectors=true -force-vector-width=4`. sysutils/bottom: Update to 0.14.1
net/snowflake_proxy: update to 2.14.0
and change email address to my openbsd.org email address while there.
doc: Updated graphics/vulkan-loader to 1.4.350.1
NetBSD /pkgsrc I9uzRe3 — graphics/vulkan-loader distinfo, graphics/vulkan-loader/patches patch-loader_loader__environment.c
vulkan-loader: update to vulkan-sdk-1.4.350.1
No changelog
Place floating cells meaningfully into the layouts, from Dane Jensen.
doc: Updated graphics/vulkan-headers to 1.4.350.1