security/vuxml: Add mongodb vulnerabilities
CVE-2026-6914
Base Score: 7.5 HIGH
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2026-6915
Base Score: 4.3 MEDIUM
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
[MLIR][ODS] Add strict property assembly format mode
Introduce a dialect-level ODS flag for strict property handling in declarative
assembly formats. It is disabled by default for now, preserving existing parser
behavior unless a dialect opts in.
Enable the mode immediately for dialects whose declarative assembly formats
already satisfy these binding rules.
When enabled, a property-backed op format must bind every inherent attribute
and property directly or include prop-dict.
Generated parsers for opted-in dialects also reject inherent attributes that
arrive through attr-dict, preventing Operation::setAttrs from populating
properties through that path.
Add mlir-tblgen coverage and document default and strict dialect behavior.
Assisted-by: Codex
snd_uaudio: Support Roland UA-33
Apply the appropriate quirk. Also, introduce a new uaudio_vendor_audio
table, similar to uaudio_vendor_midi, which includes non-standard USB
audio devices. The Roland UA-33 needs this, bceause it comes with
bInterfaceClass = 0xff (vendor-specific), so snd_uaudio(4) doesn't
detect it.
PR: 294814
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Reviewed by: emaste
Pull Request: https://ron-dev.freebsd.org/FreeBSD/src/pulls/24
(cherry picked from commit 549e740619873716b796a841a10f56fae3c3ad49)
[SelectionDAG] Support vector types in llvm.convert.from.arbitrary.fp expansion (#196185)
Move the bit-twiddling expansion of ISD::CONVERT_FROM_ARBITRARY_FP from
LegalizeDAG to TargetLowering and make it working on vector destination
types.
java/javavmwrapper: JAVA_VERSION does not work with openjdk25
Remove the hard coded lists of java version numbers to iterate over when
JAVA_VERSION is set to N+. Instead use N as the lowest boundary, and the
latest available JDK as the upper bound, and just scan for the highest
available version satisfying the requirement.
Ideally it should be possible to deduce the upper bound from the
available java versions in ${PREFIX}/etc/javavms, but leaving that for
later.
Co-authored-by: jonc at chen.org.nz
PR: 293231
Reported by: jonc at chen.org.nz
Sponsored by: The FreeBSD Foundation
[TableGen][GlobalISel] Skip REG_SEQUENCE with incompatible subreg index (#196184)
The REG_SEQUENCE branch of GlobalISelEmitter::constrainOperands called
SuperClass->getMatchingSubClassWithSubRegs(...) and dereferenced the
returned SrcRCDstRCPair unconditionally, aborting on a libstdc++
optional assertion when incorrect subreg index was passed.
Add the missing guard so the malformed pattern is reported via
failedImport (a skipped pattern) instead of crashing tblgen.
Assisted by Claude.
Fixes https://github.com/llvm/llvm-project/issues/172690
inkscape: update to 1.4.4.
Inkscape 1.4.4 is a maintenance and bugfix release, which brings you
20 crash fixes, among them for three nasty bugs where Inkscape wouldn't even start
almost 20 bug fixes
6 performance improvements
a new palette
a new button for rotating stars and polygons into their 'neutral' or 'upright' position
27 updated interface translations
15 updated documentation translations
installation files for Windows on Arm