OPNSense/core 09e72b4src/etc/inc/plugins.inc.d pf.inc, src/opnsense/mvc/app/models/OPNsense/Firewall Alias.php

by Franco Fichtner on ⎇
system: audit "staticroute" config access for #10027

(cherry picked from commit faa7dab4190eb501142b0f63dc0a6e93bd650628)
DeltaFile
+1-4src/etc/inc/plugins.inc.d/pf.inc
+0-1src/opnsense/mvc/app/models/OPNsense/Firewall/Alias.php
+1-52 files

OPNSense/core 113a65bsrc/opnsense/mvc/app/models/OPNsense/Firewall Filter.xml Filter.php

by Franco Fichtner on ⎇
firewall: fix NPTv6 validation; closes #10242

(cherry picked from commit 6e10711078ffd3235222cd5566a28d858fa31bf6)
DeltaFile
+12-0src/opnsense/mvc/app/models/OPNsense/Firewall/Filter.xml
+1-3src/opnsense/mvc/app/models/OPNsense/Firewall/Filter.php
+13-32 files

OPNSense/core 21eca5fsrc/opnsense/mvc/app/models/OPNsense/Firewall Category.php, src/opnsense/mvc/app/models/OPNsense/Interfaces Bridge.php

by Franco Fichtner on ⎇
mvc: remove Util imports where not needed

(cherry picked from commit d092f74bb1a5205ea0ff25398123f5b54b1698fc)
DeltaFile
+20-23src/opnsense/mvc/app/models/OPNsense/Firewall/Category.php
+5-1src/opnsense/mvc/app/models/OPNsense/Interfaces/Bridge.php
+25-242 files

OPNSense/core 8baf6a0src/opnsense/mvc/app/views/OPNsense/Firewall filter_rule.volt

by Franco Fichtner on ⎇
firewall: remove duplicated CSV hook

(cherry picked from commit 8c40e2d5d6a2aa14bdba93e72e2de2103fe05fbf)
DeltaFile
+0-8src/opnsense/mvc/app/views/OPNsense/Firewall/filter_rule.volt
+0-81 files

OPNSense/core ac7e0b1src/opnsense/mvc/app/views/OPNsense/IPsec vti.volt

by Franco Fichtner on ⎇
ipsec: remove unused styling

(cherry picked from commit d9eba2f0eb78aa9693767296ba7e115d560025de)
DeltaFile
+0-10src/opnsense/mvc/app/views/OPNsense/IPsec/vti.volt
+0-101 files

OPNSense/core 4747675src/opnsense/scripts/filter list_legacy_rules.php

by Franco Fichtner on ⎇
firewall: safe config access in list_legacy_rules.php
DeltaFile
+11-4src/opnsense/scripts/filter/list_legacy_rules.php
+11-41 files

OPNSense/core 6dbc691src/opnsense/mvc/app/views/layout_partials base_dialog.volt

by Franco Fichtner on ⎇
ui: add static dialog header support and fix bool/string compare

(cherry picked from commit f8af03c8ecf8c15f1e99d1d5bd4da69291f6ba1d)
DeltaFile
+7-5src/opnsense/mvc/app/views/layout_partials/base_dialog.volt
+7-51 files

OPNSense/core b00fae9src/opnsense/mvc/app/views/layout_partials form_input_tr.volt

by Franco Fichtner on ⎇
ui: add save/cancel button support to form rendering

This is a fringe use case, but it's better to do this here
than to handroll upcoming changes in the ipsec connections page.

(cherry picked from commit 097f2e8fd070f3867bb02c88aa42bafd6af2c61e)
DeltaFile
+17-0src/opnsense/mvc/app/views/layout_partials/form_input_tr.volt
+17-01 files

OPNSense/core ddf580csrc/opnsense/mvc/app/views/layout_partials form_input_tr.volt

by Ad Schellevis via Franco Fichtner on ⎇
mvc: volt form template, add type_formatter keyword which was implemented in https://github.com/opnsense/core/commit/528474372b373c720962e5efaad3c7cf6773917a

(cherry picked from commit d46112e8921c74e49caa5ac8d46dd1cd2ff442ce)
DeltaFile
+5-3src/opnsense/mvc/app/views/layout_partials/form_input_tr.volt
+5-31 files

LLVM/project 67e8fc4lld/test/ELF target-specific-options.s aarch64-bti-pac-cli-error.s

by Fangrui Song via GitHub on ⎇
[ELF,test] Cover target-specific option errors (#196247)
DeltaFile
+37-14lld/test/ELF/target-specific-options.s
+0-17lld/test/ELF/aarch64-bti-pac-cli-error.s
+3-0lld/test/ELF/aarch64-execute-only.s
+3-0lld/test/ELF/x86-64-feature-cet.s
+43-314 files

OPNSense/core 2d846e3src/opnsense/scripts/firmware connection.sh read.sh

by Franco Fichtner on ⎇
firmware: move repository listing to connectivity audit
DeltaFile
+3-0src/opnsense/scripts/firmware/connection.sh
+1-1src/opnsense/scripts/firmware/read.sh
+0-1src/opnsense/scripts/firmware/health.sh
+4-23 files

LLVM/project 626e2d2llvm/lib/Target/AArch64 AArch64TargetMachine.cpp

by Cullen Rhodes via GitHub on ⎇
[AArch64] Avoid raw_svector_ostream for SubtargetMap keys (#196003)

AArch64TargetMachine::getSubtargetImpl builds a StringMap key on every
subtarget lookup. This showed up through repeated TTI queries while
profiling sqlite on aarch64-O0-g.

Building the key directly with SmallString appends and utostr instead of
raw_svector_ostream improves compile-time.

We used to do this until 07e7168048b1.

CTMark geomean:
- stage1-aarch64-O3: -0.16%
- stage1-aarch64-O0-g: -0.18%

https://llvm-compile-time-tracker.com/compare.php?from=c9d713aa48a714d20b8502d06b9feb24829e6f22&to=e7ff83884193ee70cf3a69778b891fb729e0bcba&stat=instructions%3Au

Assisted-by: codex
DeltaFile
+16-5llvm/lib/Target/AArch64/AArch64TargetMachine.cpp
+16-51 files

OPNSense/core 5ea6ae3src/opnsense/mvc/app/views/OPNsense/Unbound stats.volt dot.volt

by Franco Fichtner on ⎇
unbound: restyle stats page and minor tweaks in others
DeltaFile
+46-35src/opnsense/mvc/app/views/OPNsense/Unbound/stats.volt
+2-2src/opnsense/mvc/app/views/OPNsense/Unbound/dot.volt
+3-1src/opnsense/mvc/app/views/OPNsense/Unbound/dnsbl.volt
+2-1src/opnsense/mvc/app/views/OPNsense/Unbound/advanced.volt
+2-1src/opnsense/mvc/app/views/OPNsense/Unbound/general.volt
+2-1src/opnsense/mvc/app/views/OPNsense/Unbound/overrides.volt
+57-411 files not shown
+59-427 files

OPNSense/core 75299c9src/opnsense/mvc/app/views/OPNsense/Unbound overrides.volt

by Stephan de Wit via Franco Fichtner on ⎇
unbound: hide unused tree row in form output for overrides

(cherry picked from commit 5ecef2aa253b2b9a73de97592b2fe34ac97f07e5)
DeltaFile
+3-0src/opnsense/mvc/app/views/OPNsense/Unbound/overrides.volt
+3-01 files

OPNSense/core 26a629asrc/etc/inc/plugins.inc.d unbound.inc

by Franco Fichtner on ⎇
unbound: minor style/refactor for safe config access
DeltaFile
+4-3src/etc/inc/plugins.inc.d/unbound.inc
+4-31 files

FreeBSD/ports 651d0d8sysutils/bfs distinfo Makefile

by Dries Michiels (driesm) on ⎇
sysutils/bfs: update to 4.1.2

Changes:        https://github.com/tavianator/bfs/releases/tag/4.1.2
DeltaFile
+3-3sysutils/bfs/distinfo
+1-1sysutils/bfs/Makefile
+4-42 files

OPNSense/core fc0c937src/opnsense/mvc/app/controllers/OPNsense/Kea/forms dialogSubnet6.xml dialogSubnet4.xml, src/opnsense/mvc/app/models/OPNsense/Kea KeaDhcpv4.php KeaDhcpv6.php

by Franco Fichtner on ⎇
kea: add subnet vltime

PR: https://github.com/opnsense/core/issues/7592

Co-authored-by: @bgilesmca
DeltaFile
+9-0src/opnsense/mvc/app/controllers/OPNsense/Kea/forms/dialogSubnet6.xml
+9-0src/opnsense/mvc/app/controllers/OPNsense/Kea/forms/dialogSubnet4.xml
+4-0src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv4.php
+4-0src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv6.php
+1-0src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv4.xml
+1-0src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv6.xml
+28-06 files

OPNSense/core 8978c5fsrc/opnsense/service/templates/OPNsense/Cron user.cron

by Franco Fichtner on ⎇
system: archaic style on cron file ;)
DeltaFile
+2-1src/opnsense/service/templates/OPNsense/Cron/user.cron
+2-11 files

OPNSense/core d6a9c71src/opnsense/www/js opnsense_bootgrid.js

by Franco Fichtner on ⎇
ui: bootgrid: remove "event" use from showSaveAlert()

Preps for upcoming apply bar changes.
DeltaFile
+8-8src/opnsense/www/js/opnsense_bootgrid.js
+8-81 files

LLVM/project c303ec1flang/include/flang/Lower OpenMP.h AbstractConverter.h, flang/lib/Lower/OpenMP OpenMP.cpp

by skc7 on ⎇
[flang][OpenMP] Replace OMPGroupprivateDeviceTypeInfo struct with a using alias
DeltaFile
+3-5flang/include/flang/Lower/OpenMP.h
+2-6flang/include/flang/Lower/AbstractConverter.h
+2-3flang/lib/Lower/OpenMP/OpenMP.cpp
+7-143 files

OPNSense/core 44ba0c1src/opnsense/mvc/app/library/OPNsense/Trust Store.php

by Ad Schellevis via Franco Fichtner on ⎇
Trust: parse key_type and digest

PR: https://github.com/opnsense/core/issues/9033

(cherry picked from commit 05813e1be12c90bdc82fbfca930106e760ed300d)
(cherry picked from commit 26b1850ef9fa9ef3c485e3a7f6e9bc9bc719ab5e)
DeltaFile
+13-0src/opnsense/mvc/app/library/OPNsense/Trust/Store.php
+13-01 files

OPNSense/core ef3e94asrc/opnsense/mvc/app/controllers/OPNsense/Trust/Api CertController.php

by Ad Schellevis via Franco Fichtner on ⎇
System: Trust: Certificates - link CA references after all changes, closes https://github.com/opnsense/core/issues/9357

(cherry picked from commit 94835a9761eded11dabd657e00fb09a7da1b48ac)
DeltaFile
+2-1src/opnsense/mvc/app/controllers/OPNsense/Trust/Api/CertController.php
+2-11 files

OPNSense/core fe5734asrc/opnsense/mvc/app/controllers/OPNsense/Syslog/Api SettingsController.php

by Franco Fichtner on ⎇
mvc: clear unused inputs in syslog controller

(cherry picked from commit 477451d9b7db70c68967e3d9c382c11c1bb1ddd5)
DeltaFile
+0-2src/opnsense/mvc/app/controllers/OPNsense/Syslog/Api/SettingsController.php
+0-21 files

OPNSense/core 49bdf69src/opnsense/mvc/app/views/OPNsense/Kea dhcpv6.volt

by Monviech via Franco Fichtner on ⎇
Services: Kea DHCPv6: Fix typo subnet4 to subnet6 in view option data handler (#10268)

(cherry picked from commit d80efd3d6f8d8aacc70303c3d76b8e4400d90202)
DeltaFile
+1-1src/opnsense/mvc/app/views/OPNsense/Kea/dhcpv6.volt
+1-11 files

FreeBSD/doc a9fdefadocumentation/content/en/books/handbook introduction.adoc

by Marc Fonvieille (blackend) on ⎇
handbook: bump for 14.4-R
DeltaFile
+1-1documentation/content/en/books/handbook/introduction.adoc
+1-11 files

OPNSense/core a89189csrc/etc/inc/plugins.inc.d radvd.inc

by Franco Fichtner on ⎇
radvd: allow to start without primary IPv6 for #10048

Reshuffle the code a little to make it (a bit) more obvious this is
safe to assume and working confirmed by automatic mode already.

Since we have full control via MVC enable/disable this is fine now.

(cherry picked from commit 72ccc1e14e73960b74b402bff397dc40bb440a9c)
(cherry picked from commit 7116a1f591d7fceb4b272ed40d35255a819224f4)
(cherry picked from commit 79ba2da56428c74c1f3ca4e600be06e09d604ed7)
(cherry picked from commit a663c3a6511f79cfca661d987ddc7c6899214881)
DeltaFile
+32-39src/etc/inc/plugins.inc.d/radvd.inc
+32-391 files

LLVM/project e47a97dclang/lib/CIR/FrontendAction CIRGenAction.cpp, clang/test/CIR/CodeGen link-bitcode-file.c

by David Rivera on ⎇
[CIR] Add Support for linking modules on cc1
DeltaFile
+79-0clang/lib/CIR/FrontendAction/CIRGenAction.cpp
+44-0clang/test/CIR/CodeGen/link-bitcode-file.c
+123-02 files

NetBSD/pkgsrc MQPCZvMdoc CHANGES-2026

by wiz on ⎇
   doc: Updated net/tor to 0.4.8.24
VersionDeltaFile
1.2860+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc WrPwLAmnet/tor distinfo Makefile

by wiz on ⎇
   tor: update to 0.4.8.24.

   Changes in version 0.4.8.24 - 2026-05-06
     This is a security release fixing several major bugfixes that were reported
     in the past weeks. Huge thanks to everyone that reported these issues! We
     strongly recommend upgrading as soon as possible.

     o Major bugfixes (cell handling):
       - Fix out-of-bounds read (OOB) when END, TRUNCATE and TRUNCATED cell
         have no reason in their payload. TROVE-2026-011. Found by Brian
         Carpenter (geeknik). Fixes bug 41254; bugfix on 0.1.1.1-alpha.

     o Major bugfixes (conflux):
       - Do not attempt or accept BEGIN_DIR via conflux legs. TROVE-2026-
         008. Credit to Anas Cherni from Calif.io in collaboration with
         Claude and Anthropic Research. Fixes bug 41243; bugfix
         on 0.4.8.1-alpha.

     o Major bugfixes (conflux, relay):

    [25 lines not shown]
VersionDeltaFile
1.141+4-4net/tor/distinfo
1.197+2-2net/tor/Makefile
+6-62 files

OPNSense/core 742413dsrc/opnsense/mvc/app/controllers/OPNsense/IDS/Api SettingsController.php, src/opnsense/mvc/app/controllers/OPNsense/Monit/Api SettingsController.php

by Monviech via Franco Fichtner on ⎇
mvc: Remove UIModelGrid imports in IDS, Monit, Syslog SettingsController, unused

(cherry picked from commit aaf9a1c797cff779812da335f2f532002aeda994)
DeltaFile
+0-1src/opnsense/mvc/app/controllers/OPNsense/IDS/Api/SettingsController.php
+0-1src/opnsense/mvc/app/controllers/OPNsense/Monit/Api/SettingsController.php
+0-1src/opnsense/mvc/app/controllers/OPNsense/Syslog/Api/SettingsController.php
+0-33 files