HardenedBSD/src c43410bsys/dev/aq aq_hw_llh_internal.h aq_hw_llh.c

Merge branch 'freebsd/current/main' into hardened/current/master
DeltaFile
+3,335-0sys/dev/aq/aq_hw_llh_internal.h
+1,986-0sys/dev/aq/aq_hw_llh.c
+1,329-0sys/dev/aq/aq_main.c
+1,176-0sys/dev/aq/aq_hw_llh.h
+906-0sys/dev/aq/aq_hw.c
+581-0sys/dev/aq/aq_ring.c
+9,313-012 files not shown
+12,108-018 files

HardenedBSD/ports d10c9b6mail/sendmail-devel distinfo, misc/crush distinfo

Merge branch 'freebsd/main' into hardenedbsd/main
DeltaFile
+12-7x11-wm/hyprland/Makefile
+7-3x11-wm/hyprland/distinfo
+5-5misc/crush/distinfo
+0-10x11-wm/hyprland/files/patch-src_config_ConfigWatcher.cpp
+9-0x11-wm/hyprland/pkg-plist
+3-3mail/sendmail-devel/distinfo
+36-2814 files not shown
+63-5120 files

HardenedBSD/src 8666fdasys/dev/aq aq_ring.c

aq(4): Fix VLAN tag test

Previously emitted a compiler warning "warning: bitwise comparison
always evaluates to false."

Looking at the OpenBSD driver (which is based on this code) it looks
like the VLAN flag should be set if either of these bits is.  In the
OpenBSD driver these are AQ_RXDESC_TYPE_VLAN and AQ_RXDESC_TYPE_VLAN2
rather than a magic number 0x60.

Sponsored by:   The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D53836
DeltaFile
+1-1sys/dev/aq/aq_ring.c
+1-11 files

HardenedBSD/src 0156be4sys/dev/aq aq_main.c

aq(4): Remove unimplemented functions

aq_if_priv_ioctl and aq_if_debug have prototypes but are not yet
implemented.  Just remove the commented-out DEVMETHODs and the unused
prototypes, to clear a build-time warning; the DEVMETHODs and prototypes
can be readded if / when they are implemented.
DeltaFile
+0-4sys/dev/aq/aq_main.c
+0-41 files

HardenedBSD/src 2b587c0sys/dev/aq aq_main.c

aq(4): Remove unused DRIVER_MODULE devclass
DeltaFile
+4-0sys/dev/aq/aq_main.c
+4-01 files

HardenedBSD/src 4756f5fsys/dev/aq aq_main.c aq_media.c

aq(4): Port to IfAPI

Direct access to struct ifnet members is not possible in FreeBSD 15;
accessors must be used.  These exist in all supported FreeBSD versions,
so we do not need to make this conditional.
DeltaFile
+8-8sys/dev/aq/aq_main.c
+6-6sys/dev/aq/aq_media.c
+2-2sys/dev/aq/aq_ring.c
+16-163 files

HardenedBSD/src 493d26csys/dev/aq aq_hw_llh_internal.h aq_hw_llh.c

sys: Import snapshot of Aquantia ACQ107 vendor driver

Obtained from https://github.com/Aquantia/aqtion-freebsd commit
c61d27b1d94af72c642deefa0595884481ea7377.

This is not using a vendor branch.  The formerly-upstream repo is
abandoned and I do not believe it will receive updates.  This initial
import serves as a snapshot of the vendor code, but from here we will
iterate on it in the tree as our own code.

Bug fixes, code cleanup, and build infrastructure will follow.

NetBSD and OpenBSD have derivatives of this driver (with additional
hardware support).  We can look to changes in those drivers, and the
Linux driver, to add support here.

Reviewed by:    adrian
Sponsored by:   The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D53813
DeltaFile
+3,335-0sys/dev/aq/aq_hw_llh_internal.h
+1,986-0sys/dev/aq/aq_hw_llh.c
+1,329-0sys/dev/aq/aq_main.c
+1,176-0sys/dev/aq/aq_hw_llh.h
+907-0sys/dev/aq/aq_hw.c
+581-0sys/dev/aq/aq_ring.c
+9,314-012 files not shown
+12,109-018 files

HardenedBSD/src 14eb7ecsys/dev/aq aq_hw.c

aq(4): Remove #include of user header <unistd.h>

pause() has 2 different definition in unistd.h and sys/systm.h
DeltaFile
+0-1sys/dev/aq/aq_hw.c
+0-11 files

HardenedBSD/ports 78e0829mail/sendmail-devel distinfo Makefile

mail/sendmail-devel: update to 8.18.1.16
DeltaFile
+3-3mail/sendmail-devel/distinfo
+1-1mail/sendmail-devel/Makefile
+4-42 files

HardenedBSD/ports bc229e6security/wolfssl distinfo Makefile

security/wolfssl: Update to 5.8.4

Changes since 5.8.2:

To download the release bundle of wolfSSL visit the download page at
www.wolfssl.com/download/

PR stands for Pull Request, and PR references a GitHub pull request number
where the code change was added.

Vulnerabilities

  * [Low CVE-2025-12888] Vulnerability in X25519 constant-time cryptographic
    implementations due to timing side channels introduced by compiler
    optimizations and CPU architecture limitations, specifically with the
    Xtensa-based ESP32 chips. If targeting Xtensa it is recommended to use the
    low memory implementations of X25519, which is now turned on as the default
    for Xtensa. Thanks to Adrian Cinal for the report. Fixed in PR 9275.
  * [Med. CVE-2025-11936] Potential DoS vulnerability due to a memory leak

    [128 lines not shown]
DeltaFile
+3-3security/wolfssl/distinfo
+1-2security/wolfssl/Makefile
+2-1security/wolfssl/pkg-plist
+6-63 files

HardenedBSD/ports efb1081misc/crush distinfo Makefile

misc/crush: Update to 0.19.3

Changelog: https://github.com/charmbracelet/crush/releases/tag/v0.19.3

Reported by:    GitHub (watch releases)
DeltaFile
+5-5misc/crush/distinfo
+1-1misc/crush/Makefile
+6-62 files

HardenedBSD/ports 8182bd3misc/py-huggingface-hub distinfo Makefile

misc/py-huggingface-hub: Update to 1.1.6

Changelog: https://github.com/huggingface/huggingface_hub/releases/tag/v1.1.6

Reported by:    portscout
DeltaFile
+3-3misc/py-huggingface-hub/distinfo
+1-1misc/py-huggingface-hub/Makefile
+4-42 files

HardenedBSD/ports f728901x11-wm/hyprland Makefile distinfo, x11-wm/hyprland/files patch-src_config_ConfigWatcher.cpp patch-hyprctl_main.cpp

x11-wm/hyprland: Update to 0.52.1

Changelog:
- https://github.com/hyprwm/Hyprland/releases/tag/v0.52.0
- https://github.com/hyprwm/Hyprland/releases/tag/v0.52.1

Reported by:    GitHub (watch releases)
DeltaFile
+12-7x11-wm/hyprland/Makefile
+7-3x11-wm/hyprland/distinfo
+0-10x11-wm/hyprland/files/patch-src_config_ConfigWatcher.cpp
+9-0x11-wm/hyprland/pkg-plist
+2-2x11-wm/hyprland/files/patch-hyprctl_main.cpp
+30-225 files

HardenedBSD/ports 1e4b6e3devel/py-rich-toolkit distinfo Makefile

devel/py-rich-toolkit: Update to 0.17.0
DeltaFile
+3-3devel/py-rich-toolkit/distinfo
+1-1devel/py-rich-toolkit/Makefile
+4-42 files

HardenedBSD/ports cff4476www/py-asgiref distinfo Makefile

www/py-asgiref: Update to 3.11.0
DeltaFile
+3-3www/py-asgiref/distinfo
+1-1www/py-asgiref/Makefile
+4-42 files

HardenedBSD/ports 646e363devel/gitaly distinfo Makefile

devel/gitaly: fix build on i386

I provided that patch upstream here:
https://gitlab.com/gitlab-org/gitaly/-/merge_requests/8309
DeltaFile
+3-1devel/gitaly/distinfo
+2-0devel/gitaly/Makefile
+5-12 files

HardenedBSD/src 2532c44sys/sys _types.h

Merge branch 'freebsd/current/main' into hardened/current/master
DeltaFile
+4-1sys/sys/_types.h
+4-11 files

HardenedBSD/src 6e308cbsys/netpfil/pf pf.c, tests/sys/netpfil/pf divert-to.sh

Merge branch 'freebsd/14-stable/main' into hardened/14-stable/master
DeltaFile
+42-2tests/sys/netpfil/pf/divert-to.sh
+12-8sys/netpfil/pf/pf.c
+54-102 files

HardenedBSD/src b9f328esys/netpfil/pf pf.c, tests/sys/netpfil/pf divert-to.sh

Merge branch 'freebsd/15-stable/main' into hardened/15-stable/main
DeltaFile
+43-0tests/sys/netpfil/pf/divert-to.sh
+12-8sys/netpfil/pf/pf.c
+55-82 files

HardenedBSD/ports c6b1bb7audio/wasabi distinfo, devel/freebsd-sysroot pkg-plist.powerpc pkg-plist.amd64

Merge branch 'freebsd/main' into hardenedbsd/main
DeltaFile
+865-866devel/freebsd-sysroot/pkg-plist.powerpc
+721-313audio/wasabi/distinfo
+329-321devel/freebsd-sysroot/pkg-plist.amd64
+328-320devel/freebsd-sysroot/pkg-plist.aarch64
+320-312devel/freebsd-sysroot/pkg-plist.powerpc64le
+313-305devel/freebsd-sysroot/pkg-plist.powerpc64
+2,876-2,43763 files not shown
+4,949-4,20069 files

HardenedBSD/ports 9ed20a2www Makefile, www/py-litestar Makefile pkg-descr

www/py-litestar: Add new port

Litestar is a powerful, flexible yet opinionated ASGI framework, focused on
building APIs. It offers high-performance data validation, dependency injection,
first-class ORM integration, authorization primitives, a rich plugin API,
middleware, and much more that's needed to get applications up and running.
DeltaFile
+31-0www/py-litestar/Makefile
+4-0www/py-litestar/pkg-descr
+3-0www/py-litestar/distinfo
+1-0www/Makefile
+39-04 files

HardenedBSD/ports ea2ae5firc/weechat distinfo Makefile

irc/weechat: Update to 4.8.0
DeltaFile
+3-3irc/weechat/distinfo
+1-1irc/weechat/Makefile
+4-42 files

HardenedBSD/ports b9b0c68www/py-django-tree-queries distinfo Makefile

www/py-django-tree-queries: Update to 0.23.0

Changelog:

https://github.com/feincms/django-tree-queries/blob/0.23/CHANGELOG.rst
DeltaFile
+3-3www/py-django-tree-queries/distinfo
+1-1www/py-django-tree-queries/Makefile
+4-42 files

HardenedBSD/ports 88e0b6ctextproc/py-pymdown-extensions distinfo Makefile

textproc/py-pymdown-extensions: Update to 10.17.2

Changelog:

https://github.com/facelessuser/pymdown-extensions/releases/tag/10.17.2
DeltaFile
+3-3textproc/py-pymdown-extensions/distinfo
+1-1textproc/py-pymdown-extensions/Makefile
+4-42 files

HardenedBSD/ports 4d21cb6textproc/py-packageurl-python distinfo Makefile

textproc/py-packageurl-python: Update to 0.17.6

Changelog:

https://github.com/package-url/packageurl-python/releases/tag/v0.17.6
DeltaFile
+3-3textproc/py-packageurl-python/distinfo
+1-1textproc/py-packageurl-python/Makefile
+4-42 files

HardenedBSD/ports 09ce5b9devel/py-oslotest Makefile distinfo

devel/py-oslotest: Update to 6.0.0

* Switch to the PEP517 build framework.

* Hook up test suite.

Changelog since 4.4.1:

https://github.com/openstack/oslotest/compare/4.4.1...6.0.0
DeltaFile
+6-8devel/py-oslotest/Makefile
+3-3devel/py-oslotest/distinfo
+9-112 files

HardenedBSD/ports 34a3ee3devel/py-python-subunit Makefile distinfo

devel/py-python-subunit: Update to 1.4.5

Changelog:

https://github.com/testing-cabal/subunit/blob/1.4.5/NEWS
DeltaFile
+7-4devel/py-python-subunit/Makefile
+3-3devel/py-python-subunit/distinfo
+10-72 files

HardenedBSD/ports 90d358ax11/libxkbcommon Makefile distinfo

x11/libxkbcommon: Update to 1.13.0

Changelog: https://github.com/xkbcommon/libxkbcommon/blob/xkbcommon-1.13.0/NEWS.md

PR:             290996
Approved by:    x11 (maintainer, timeout >2 weeks)
DeltaFile
+3-7x11/libxkbcommon/Makefile
+3-5x11/libxkbcommon/distinfo
+5-3x11/libxkbcommon/pkg-plist
+11-153 files

HardenedBSD/ports 0d557b0lang/rust-bootstrap Makefile

lang/rust-bootstrap: enable on aarch64

Builds fine for all flavors.
DeltaFile
+1-1lang/rust-bootstrap/Makefile
+1-11 files

HardenedBSD/ports 463fdcedevel/freebsd-sysroot pkg-plist.powerpc pkg-plist.amd64

devel/freebsd-sysroot: bump to 13.5-RELEASE

The last update for 13-STABLE, next one will be to 14.3-RELEASE.

Reviewed by: mikael
Differential Revision: https://reviews.freebsd.org/D53943
DeltaFile
+865-866devel/freebsd-sysroot/pkg-plist.powerpc
+329-321devel/freebsd-sysroot/pkg-plist.amd64
+328-320devel/freebsd-sysroot/pkg-plist.aarch64
+320-312devel/freebsd-sysroot/pkg-plist.powerpc64le
+313-305devel/freebsd-sysroot/pkg-plist.powerpc64
+312-304devel/freebsd-sysroot/pkg-plist.i386
+2,467-2,4285 files not shown
+3,397-3,33411 files