FreeBSD/ports 1546840security/vuxml/vuln 2026.xml

security/vuxml: add FreeBSD SAs issued on 2026-03-25

FreeBSD-SA-26:06.tcp affects FreeBSD 14.3R, 14.4R and 15.0R
FreeBSD-SA-26:07.nvmf affects FreeBSD 15.0R
FreeBSD-SA-26:08.rpcsec_gss affects all supported releases
FreeBSD-SA-26:09.pf affects FreeBSD 14.3R, 14.4R and 15.0R
DeltaFile
+151-0security/vuxml/vuln/2026.xml
+151-01 files

LLVM/project 0041bf4llvm/lib/ExecutionEngine/RuntimeDyld/Targets RuntimeDyldCOFFThumb.h RuntimeDyldCOFFI386.h, llvm/lib/IR ConstantsContext.h

Add missing #undef DEBUG_TYPE to headers that #define it

Several headers define DEBUG_TYPE but never undefine it before the
closing include guard. This means any translation unit that includes
these headers (directly or transitively) gets the header's DEBUG_TYPE
leaked into its scope, which can silently override or conflict with
the file's own DEBUG_TYPE.

Add the missing #undef DEBUG_TYPE before the final #endif in each
affected header, matching the convention used by the majority of
LLVM/Clang/LLD headers that define DEBUG_TYPE.

Affected headers:
- lld/wasm/SyntheticSections.h
- llvm/include/llvm/CodeGen/GlobalISel/LegalizationArtifactCombiner.h
- llvm/lib/ExecutionEngine/JITLink/COFFLinkGraphBuilder.h
- llvm/lib/ExecutionEngine/RuntimeDyld/Targets/RuntimeDyldCOFFI386.h
- llvm/lib/ExecutionEngine/RuntimeDyld/Targets/RuntimeDyldCOFFThumb.h
- llvm/lib/IR/ConstantsContext.h

    [3 lines not shown]
DeltaFile
+2-0llvm/tools/llvm-mca/Views/InstructionInfoView.h
+2-0llvm/tools/llvm-mca/PipelinePrinter.h
+2-0llvm/tools/llvm-ir2vec/lib/Utils.h
+2-0llvm/lib/IR/ConstantsContext.h
+2-0llvm/lib/ExecutionEngine/RuntimeDyld/Targets/RuntimeDyldCOFFThumb.h
+2-0llvm/lib/ExecutionEngine/RuntimeDyld/Targets/RuntimeDyldCOFFI386.h
+12-03 files not shown
+18-09 files

LLVM/project 8514c66clang/include/clang/CIR/Dialect/IR CIRCUDAAttrs.td, clang/lib/CIR/CodeGen CIRGenCall.cpp

address more string copies stuff yo
DeltaFile
+4-3clang/lib/CIR/Dialect/Transforms/LoweringPrepare.cpp
+4-2clang/lib/CIR/CodeGen/CIRGenCall.cpp
+1-1clang/include/clang/CIR/Dialect/IR/CIRCUDAAttrs.td
+9-63 files

NetBSD/pkgsrc nsQjHlSdoc CHANGES-2026

   doc: Updated textproc/split-thai to 2.42
VersionDeltaFile
1.1858+2-1doc/CHANGES-2026
+2-11 files

FreeBSD/doc 9ab94ecwebsite/content/en/releases/13.5R errata.adoc, website/content/en/releases/14.3R errata.adoc

Add security advisories affecting 13.5R, 14.3R, 14.4R and 15.0R

FreeBSD-SA-26:06.tcp affects FreeBSD 14.3R, 14.4R and 15.0R
FreeBSD-SA-26:07.nvmf affects FreeBSD 15.0R
FreeBSD-SA-26:08.rpcsec_gss affects all supported releases
FreeBSD-SA-26:09.pf affects FreeBSD 14.3R, 14.4R and 15.0R
DeltaFile
+3-3website/content/en/releases/14.4R/errata.adoc
+4-0website/content/en/releases/15.0R/errata.adoc
+3-0website/content/en/releases/14.3R/errata.adoc
+1-0website/content/en/releases/13.5R/errata.adoc
+11-34 files

FreeBSD/doc 59523d3website/content/en administration.adoc

administration: welcome khorben to the security-officer team

Approved by:    so
DeltaFile
+1-0website/content/en/administration.adoc
+1-01 files

NetBSD/pkgsrc 3LCOXpEtextproc/split-thai distinfo Makefile

   Update to version 2.42
   - update dictionary format slightly, now ignore anything in []
   - change sampledict.txt accordingly, add a couple more examples
   - handle dictionary format errors better in 'pthai-dictionary-parse-classifiers
   - replace line-beginning-position,line-end-position with pos-bol,pos-eol (requires emacs 29.1)
   - simplify 'pthai-dictionary-read-file not to inhibit message buffer messages
   - small clean-ups to 'pthai-classifier-practice-region
VersionDeltaFile
1.47+4-4textproc/split-thai/distinfo
1.70+3-3textproc/split-thai/Makefile
+7-72 files

LLVM/project 9143998llvm/test/CodeGen/DirectX llc-pipeline.ll

[DirectX] Fix llc-pipeline test after #188573 (#188676)

Missed this update in the previous commit. We now expect CycleInfo
instead of LoopInfo.
DeltaFile
+1-1llvm/test/CodeGen/DirectX/llc-pipeline.ll
+1-11 files

LLVM/project 64e7c77offload/plugins-nextgen/level_zero/include L0Trace.h, offload/plugins-nextgen/level_zero/src L0Device.cpp L0Memory.cpp

[OFFLOAD][L0] More error handling (#188496)

This PR improves cleanup/handling of errors in some memory operations,
allocating event pools, ...
DeltaFile
+22-8offload/plugins-nextgen/level_zero/src/L0Device.cpp
+19-3offload/plugins-nextgen/level_zero/src/L0Memory.cpp
+7-1offload/plugins-nextgen/level_zero/src/L0Kernel.cpp
+6-0offload/plugins-nextgen/level_zero/include/L0Trace.h
+4-2offload/plugins-nextgen/level_zero/src/L0Program.cpp
+58-145 files

NetBSD/pkgsrc-wip 6751d89cargo-nextest distinfo cargo-depends.mk, cargo-nextest/patches patch-.._vendor_mio-1.0.4_src_sys_unix_selector_kqueue.rs

Remove imported
DeltaFile
+0-1,516cargo-nextest/distinfo
+0-505cargo-nextest/cargo-depends.mk
+0-58cargo-nextest/COMMIT_MSG
+0-51cargo-nextest/Makefile
+0-27scrot/Makefile
+0-17cargo-nextest/patches/patch-.._vendor_mio-1.0.4_src_sys_unix_selector_kqueue.rs
+0-2,1748 files not shown
+0-2,23114 files

NetBSD/src Hxw5Pq4sys/net nd.c if_llatbl.h, sys/netinet if_arp.c

   commit 27c3de6c8063a7850ef0efbea0d83f314e541ce8
   Author: Ryota Ozaki <ozaki-r at iij.ad.jp>
   Date:   Thu Mar 12 12:42:03 2026 +0900

       nd: reset ln_asked on state reset

       Even if a userland program such as ping continuously sends packets
       to a (temporarily) unreachable host, the ND resolver only sends
       request packets up to nd_mmaxtries times. This change allows ND
       request packets to continue being sent while the userland process
       is still sending packets.

       Additionally, introduce LLE_UNRESOLVED to fix another issue.
       nd_resolve may incorrectly return an error immediately after sending
       the last ND request packet. For example, if nd_mmaxtries = 1 and two
       packets arrive simultaneously, nd_resolve returns an error for the
       second packet. This occurs because ln_asked is used to determine
       whether the ND resolution is still in progress.


    [75 lines not shown]
VersionDeltaFile
1.10+7-4sys/net/nd.c
1.286+3-2sys/netinet6/nd6.c
1.319+3-2sys/netinet/if_arp.c
1.20+2-1sys/net/if_llatbl.h
+15-94 files

NetBSD/pkgsrc tVxyJ0edoc CHANGES-2026

   doc: Updated graphics/scrot to 2.0.0
VersionDeltaFile
1.1857+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc QR5nlUhgraphics/scrot distinfo Makefile

   graphics/scrot: update to 2.0.0

    - Fixes: --line mode=edge glitches under compositors (#423).
    - Fixes: Selection border getting into the screenshot with --freeze (#409).
    - Fixes: Ringing the bell after taking screenshot (#413).
    - Fixes: Mutually exclusive zsh completion (#415).
    - Improvement: Use Xrandr instead of Xinerama for monitor capture (#406).
    - Improvement: Default line width is derived from the display DPI (#420).
    - Improvement: Install zsh and bash completion by default (#415).
    - Document: Correct description of $f and $m format specifier (#419).
    - Document: Correct image magick example (#414).
    - Document: Minimum required version for the required libraries (#420).
    - Removed: --note and --script options (#420).
    - Upgrade: Upgrade minimum requiring Imlib2 version to 1.11.0 (#420).
VersionDeltaFile
1.20+4-4graphics/scrot/distinfo
1.52+2-2graphics/scrot/Makefile
1.8+2-0graphics/scrot/PLIST
+8-63 files

NetBSD/pkgsrc qWMt67Tdoc CHANGES-2026

   doc: Updated devel/cargo-nextest to 0.9.132
VersionDeltaFile
1.1856+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc KciAKNgdevel/cargo-nextest distinfo cargo-depends.mk

   devel/cargo-nextest: update to 0.9.132

   0.9.32

    - Update aws-lc-sys to 0.39.0 to address GHSA-394x-vwmw-crm3.

   0.9.31

   Added

    - Setup scripts and wrapper scripts can now specify per-command environment variables via the env field in the command configuration. (#3001)

      For example:

      [scripts.setup.script1]
      command = {
       command-line = "cargo run -p setup-test-db",
       env = {
           DB_PATH = "sqlite:/path/to/source.db",

    [39 lines not shown]
VersionDeltaFile
1.15+148-151devel/cargo-nextest/distinfo
1.15+48-49devel/cargo-nextest/cargo-depends.mk
1.19+2-2devel/cargo-nextest/Makefile
+198-2023 files

LLVM/project f65b628llvm/test/CodeGen/AMDGPU llvm.amdgcn.reduce.sub.ll llvm.amdgcn.reduce.add.ll

Update test cases
DeltaFile
+424-146llvm/test/CodeGen/AMDGPU/llvm.amdgcn.reduce.sub.ll
+420-142llvm/test/CodeGen/AMDGPU/llvm.amdgcn.reduce.add.ll
+406-108llvm/test/CodeGen/AMDGPU/llvm.amdgcn.reduce.min.ll
+406-108llvm/test/CodeGen/AMDGPU/llvm.amdgcn.reduce.max.ll
+372-132llvm/test/CodeGen/AMDGPU/llvm.amdgcn.reduce.xor.ll
+394-108llvm/test/CodeGen/AMDGPU/llvm.amdgcn.reduce.umin.ll
+2,422-7444 files not shown
+3,515-1,07110 files

LLVM/project 6937866llvm/lib/Transforms/Vectorize SLPVectorizer.cpp

Revert "[SLP][NFC] Refactor to prepare for constant stride stores" (#188669)

Revert 26f344e1703229aea20df616b1dbc949fbc332e1.

Causes crashes. Reduced test case:
https://github.com/llvm/llvm-project/pull/185997#issuecomment-4131405777
DeltaFile
+260-471llvm/lib/Transforms/Vectorize/SLPVectorizer.cpp
+260-4711 files

LLVM/project 4f7a3eaclang/lib/CIR/Dialect/Transforms LoweringPrepare.cpp, clang/test/CIR/CodeGenCUDA device-stub.cu

[CIR][CUDA] Handle CUDA module constructor and destructor emission.
DeltaFile
+122-2clang/lib/CIR/Dialect/Transforms/LoweringPrepare.cpp
+41-0clang/test/CIR/CodeGenCUDA/device-stub.cu
+163-22 files

FreeBSD/ports de44925editors/gram distinfo Makefile.crates, editors/gram/files patch-cargo-crates_crash-handler-0.7.0_src_linux_state.rs patch-cargo-crates_minidumper-0.8.3_src_ipc_server.rs

editors/gram: New port: Fork of the Zed code editor without AI or telemetry
DeltaFile
+2,187-0editors/gram/distinfo
+1,092-0editors/gram/Makefile.crates
+136-0editors/gram/files/patch-cargo-crates_crash-handler-0.7.0_src_linux_state.rs
+69-0editors/gram/files/patch-cargo-crates_minidumper-0.8.3_src_ipc_server.rs
+59-0editors/gram/files/patch-cargo-crates_crash-context-0.6.3_src_freebsd.rs
+42-0editors/gram/files/patch-cargo-crates_crash-handler-0.7.0_src_linux.rs
+3,585-022 files not shown
+3,909-028 files

LLVM/project 3fcf10cclang/lib/AST/ByteCode Interp.cpp Interp.h, clang/test/SemaTemplate stack-exhaustion.cpp

[clang][bytecode] Reapply "Use tailcalls via `[[clang::musttail]]`" (#188419)

1) Disable tailcalls on powerpc and MSVC
2) Disable the `preserve_none` calling convention on aarch64 and i386.
For aarch64, it works but causes problems under asan:
https://github.com/llvm/llvm-project/issues/177519
DeltaFile
+161-90clang/lib/AST/ByteCode/Interp.cpp
+87-48clang/utils/TableGen/ClangOpcodesEmitter.cpp
+41-12clang/lib/AST/ByteCode/Interp.h
+3-3clang/lib/AST/ByteCode/Compiler.cpp
+5-0clang/lib/AST/ByteCode/EvalEmitter.cpp
+4-0clang/test/SemaTemplate/stack-exhaustion.cpp
+301-1533 files not shown
+308-1539 files

LLVM/project ee159a1llvm/lib/Transforms/Vectorize SLPVectorizer.cpp

Revert "[SLP][NFC] Refactor to prepare for constant stride stores (#185997)"

This reverts commit 26f344e1703229aea20df616b1dbc949fbc332e1.
DeltaFile
+260-471llvm/lib/Transforms/Vectorize/SLPVectorizer.cpp
+260-4711 files

LLVM/project 4814a9fllvm/lib/ExecutionEngine/Orc LinkGraphLinkingLayer.cpp

[ORC] Fix typo in comment. NFC. (#188664)
DeltaFile
+1-1llvm/lib/ExecutionEngine/Orc/LinkGraphLinkingLayer.cpp
+1-11 files

LLVM/project 6556183llvm/lib/Target/RISCV RISCVInstrInfoXqci.td, llvm/test/CodeGen/RISCV xqciac.ll

[RISCV] Add compress pattern for QC_SHLADD Rd, Rs1, Rd, 4 to QC_C_MULIADD Rd, Rs1, 16 (#188516)
DeltaFile
+5-0llvm/test/MC/RISCV/xqciac-valid.s
+2-2llvm/test/CodeGen/RISCV/xqciac.ll
+2-0llvm/lib/Target/RISCV/RISCVInstrInfoXqci.td
+9-23 files

FreeBSD/ports 2f60394net/freeipa-client distinfo Makefile

net/freeipa-client: update to 4.13.1

Reported by:    portscout
Sponsored by:   Klara, Inc.
DeltaFile
+3-3net/freeipa-client/distinfo
+1-2net/freeipa-client/Makefile
+4-52 files

FreeBSD/doc 10ecd56website/static/security/advisories FreeBSD-SA-26:06.tcp.asc FreeBSD-SA-26:09.pf.asc, website/static/security/patches/SA-26:09 pf-15.patch pf-14.patch

Add SA-26:06 through SA-26:09.

Approved by:    so
DeltaFile
+224-0website/static/security/patches/SA-26:09/pf-15.patch
+212-0website/static/security/patches/SA-26:09/pf-14.patch
+180-0website/static/security/advisories/FreeBSD-SA-26:06.tcp.asc
+168-0website/static/security/advisories/FreeBSD-SA-26:09.pf.asc
+163-0website/static/security/advisories/FreeBSD-SA-26:08.rpcsec_gss.asc
+140-0website/static/security/advisories/FreeBSD-SA-26:07.nvmf.asc
+1,087-09 files not shown
+1,257-015 files

FreeBSD/ports 44e94f4devel/etcd35 distinfo Makefile

devel/etcd35: update to 3.5.38

Reported by:    portscout
Sponsored by:   Entersekt (previously Modirum MDpay)
Sponsored by:   Klara, Inc.
DeltaFile
+25-25devel/etcd35/distinfo
+1-2devel/etcd35/Makefile
+26-272 files

FreeBSD/ports 3fc3abbsysutils/lsblk Makefile

sysutils/lsblk: bump PORTREVISION

PR:     293887
DeltaFile
+1-1sysutils/lsblk/Makefile
+1-11 files

LLVM/project 5a2fedflibc/src/__support/CPP/type_traits is_constant_evaluated.h, libc/src/__support/macros attributes.h config.h

[libc][msvc] Re-enable __builtin_is_constant_evaluated for MSVC. (#188663)
DeltaFile
+6-1libc/src/__support/macros/attributes.h
+1-1libc/src/__support/CPP/type_traits/is_constant_evaluated.h
+2-0libc/src/__support/macros/config.h
+9-23 files

LLVM/project dfcc765llvm/lib/Transforms/Vectorize VectorCombine.cpp, llvm/test/Transforms/VectorCombine/LoongArch shuffle-identity-miscompile.ll lit.local.cfg

[𝘀𝗽𝗿] initial version

Created using spr 1.3.7
DeltaFile
+20-16llvm/lib/Transforms/Vectorize/VectorCombine.cpp
+28-0llvm/test/Transforms/VectorCombine/LoongArch/shuffle-identity-miscompile.ll
+4-0llvm/test/Transforms/VectorCombine/LoongArch/lit.local.cfg
+52-163 files

LLVM/project 3241fd3llvm/test/Transforms/VectorCombine/LoongArch shuffle-identity-miscompile.ll lit.local.cfg

[𝘀𝗽𝗿] changes to main this commit is based on

Created using spr 1.3.7

[skip ci]
DeltaFile
+26-0llvm/test/Transforms/VectorCombine/LoongArch/shuffle-identity-miscompile.ll
+4-0llvm/test/Transforms/VectorCombine/LoongArch/lit.local.cfg
+30-02 files