BSD Commit Log Search

Merge branch 'freebsd/current/main' into hardened/current/master

Merge branch 'freebsd/main' into hardenedbsd/main

www/gitlab: security and patch update to 18.6.1

Changes:        https://about.gitlab.com/releases/2025/11/26/patch-release-gitlab-18-6-1-released/
Security:       4530fc9f-cb47-11f0-85d8-2cf05da270f3

exterrvar.h: style(9): Fix two small nits

- Use tabs before '\'.
- Comment for '#else' must be the negation of the initial '#if''s test.

No functional change.

Sponsored by:   The FreeBSD Foundation

setcred(2): Fix a panic on too many groups from latest commit

kern_setcred_copyin_supp_groups() is documented to always set
'sc_supp_groups', but did not do it if there are more supplementary
groups than 'ngroups_max'.  Also, that case was omitted from the herald
comment.  Add it there, also including it as a case where
'sc_supp_groups_nb' is reset to 0 as a security measure.

Initially, kern_setcred_copyin_supp_groups() had the usual property that
nothing had to be freed on it returning an error, but was then converted
to relying on the caller to free() even on error, and this part was
missed during the conversion.  The benefits of this unusual convention
are that we can zero or NULLify groups-related attributes in advance,
preventing inadvertent use of stale data (defensive security measure),
and we can avoid some small code duplication (no need to have two same
calls to free()).  This makes sense as kern_setcred_copyin_supp_groups()
is meant to be a private sub-routine of user_setcred() only.  While
here, rename kern_setcred_copyin_supp_groups() =>
user_setcred_copyin_supp_groups().

    [4 lines not shown]

mail/nextcloud-mail: Update to 5.6.1

www/nextcloud: Update to 32.0.2

riscv: include Xilinx PCIe controller driver.

This is used on Codasip Prime.

Sponsonred by: CHERI Research Centre

net-im/flare: Update 0.17.2 => 0.17.3

Changelog:
https://gitlab.com/schmiddi-on-mobile/flare/-/releases/0.17.3

PR:             291000
Reported by:    Yusuf Yaman <nxjoseph at protonmail.com> (maintainer)

lang/tcl90, x11-toolkits/tk90: update to 9.0.3

Announcements:
https://sourceforge.net/p/tcl/mailman/message/59259102/ (Tcl)
https://sourceforge.net/p/tcl/mailman/message/59259103/ (Tk)

graphics/catimg: Update to 2.8.0

shells/bash: Update to 5.3.8

audio/lilv: Update to 0.26.2

ChangeLog: https://drobilla.net/2025/11/25/lilv-0-26-2.html

devel/R-cran-testthat: Update to 3.3.1

ChangeLog: https://cloud.r-project.org/web/packages/testthat/news/news.html

security/aws-c-cal: Update to 0.9.13

ChangeLog:
        https://github.com/awslabs/aws-c-cal/releases/tag/v0.9.13
        https://github.com/awslabs/aws-c-cal/releases/tag/v0.9.12

Merge branch 'freebsd/current/main' into hardened/current/master

Merge branch 'freebsd/15-stable/main' into hardened/15-stable/main

Merge branch 'freebsd/main' into hardenedbsd/main

bsdconfig: RealTek -> Realtek

Realtek changed how it styled its name 25 or so years ago, but the old
style persisted in many places. These products use the new styling in
their datasheets.

Signed-off-by: ykla yklaxds at gmail.com
Sponsored by: Chinese FreeBSD Community
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1901

sys: RealTek -> Realtek

Realtek changed how it styled its name 25 or so years ago, but the old
style persisted in many places. These products use the new styling in
their datasheets.

Signed-off-by: ykla yklaxds at gmail.com
Sponsored by: Chinese FreeBSD Community
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1901

man: RealTek -> Realtek

Realtek changed how it styled its name 25 or so years ago, but the old
style persisted in many places. These products use the new styling in
their datasheets.

Signed-off-by: ykla yklaxds at gmail.com
Sponsored by: Chinese FreeBSD Community
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1901

net/kea-devel: Update to 3.1.4

textproc/moor: Update 2.9.1 => 2.9.2

Changelog:
https://github.com/walles/moor/releases/tag/v2.9.2

PR:             291189
Reported by:    Yusuf Yaman <nxjoseph at protonmail.com> (maintainer)

graphics/xreader: move and update to 4.6.0

This started as a fork of graphics/atril, which in turn forked from
graphics/evince, so move categories to match.

- make PDF and pixbuf support unconditional, support for those
  formats are always expected
- optionalise NLS, previewer, thumbnailer
- exclude DOCS as upstream is still evaluating the build issue

NOTES: fix typos and unify terminology in comments

Signed-off-by: ykla yklaxds at gmail.com
Sponsored by: Chinese FreeBSD Community
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1901

textproc/feluda: Update 1.10.1 => 1.10.3

Added run-time dependency for emojis to appear properly.
Removed accidentally added distinfo entry of openssl-src (from
previous commit) which we don't want use already.

Changelog:
- https://github.com/anistark/feluda/releases/tag/v1.10.2
- https://github.com/anistark/feluda/releases/tag/v1.10.3

PR:             290737
Reported by:    Yusuf Yaman <nxjoseph at protonmail.com> (maintainer)

loader: Note current autoboot_delay behavior

Some time ago, the boot loader stopped polling for a key press during
the kernel and module loading prior to the transition to lua. Inspection
of the code shows the polling is no longer there. Document the change.

Sponsored by:           Netflix

security/vuxml: document gitlab vulnerabilities

devel/grex: Update to 1.4.6

Changelog: https://github.com/pemistahl/grex/releases/tag/v1.4.6

PR:             291219
Reported by:    Petteri Valkonen <petteri.valkonen at iki.fi> (maintainer)

devel/air-go: Update to 1.63.4