BSD Commit Log Search

Merge remote-tracking branch 'origin/hardened/current/master' into hardened/current/cross-dso-cfi

Merge branch 'freebsd/current/main' into hardened/current/master

Merge branch 'freebsd/main' into hardenedbsd/main

security/netbird: Update 0.66.1 => 0.66.3

Changelogs:
https://github.com/netbirdio/netbird/releases/tag/v0.66.2
https://github.com/netbirdio/netbird/releases/tag/v0.66.3

Commit log:
https://github.com/netbirdio/netbird/compare/v0.66.1...v0.66.3

PR:     293710

security/chkrootkit: Update 0.58b => 0.59

Changelog:
 - New checks: Process executed from memory
 - New commands: nologin
 - XZ Backdoor Bottkitty (UEFI Bootkit)
 - Bug fixes
https://www.chkrootkit.org/#new

Remove local patches with support FreeBSD 9.

PR:             293520
Approved by:    Lacey Powers <lacey.leanne at gmail.com> (maintainer)
MFH:            2026Q1

biology/salmon: Unbreak: Relax libgff version requirement

Also drop unnecessary libboost dep

Reported by:    pkg-fallout

textproc/elasticsearch7: Correct product name

Rename ElasticSearch to Elasticsearch in the file pkg-message.

PR:             261591
Approved by:    elastic (maintainer, timeout 4+ years)

devel/py-p4python: Update to 2025.2.2863679

PR:             293725
Approved by:    antonfb at hesiod.org (maintainer)

libpmc: Explicitly whitelist json fields

Adds all missing Intel fields and turns jevents.c into an explicit white
list mechanism so that we no longer ignore important fields that often
invalidate the counter.  The json event parser must now parse every
field on each architecture that we support.  This has been tested by
running tinderbox and manually running jevent against our current json
repository.  As a bonus I fixed spelling errors in the AMD JSON
definitions.

Sponsored by: Netflix

Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/2055

net/dpdk: update to latest LTS release, 25.11.0, adopt (+)

Tested on:      aarch64, amd64
Release notes:  http://doc.dpdk.org/guides/rel_notes/release_25_11.html
Approved by:    Bruce Richardson (former maintainer)

tests/kern/ssl_sendfile: fix 'random' and 'basic' flakyness

The read of c.sbytes needs to be synchronized with mutex.  The problem was
fixed for 'truncate' and 'grow' with 8a9508563542, but these two suffer
from the same problem.  Provide require_sbytes(), a locked wrapper around
ATF_REQUIRE() to reduce copy and paste.

Submitted by:           olivier
Differential Revision:  https://reviews.freebsd.org/D55781

tests/kern/ssl_sendfile: reduce copy & paste

Provide sendme_locked_wait() for a common pattern.  Not functional change.

mail/mailpit: Update to 1.29.3

Improved ONLY_FOR_ARCHS_REASON message to better explain the supported
architectures.

audio/subtui: Update to 2.10.0

Changelog: https://github.com/MattiaPun/SubTUI/releases/tag/v2.10.0

ena: Update driver version to v2.8.2

Bug Fixes:
* Verify that an ENA ring is in netmap only in native mode

Minor Changes:
* Move parenthesis to correct place in switch
* Add comment
* Reorder define

MFC after: 2 weeks
Sponsored by: Amazon, Inc.
Reviewed by: cperciva
Differential Revision: https://reviews.freebsd.org/D55698

ena: Verify that an ENA ring is in netmap only in native mode

netmap operates in two modes:
1) Emulated - netmap handling is done by the network stack, the
NIC driver operates transparently to netmap.
2) Native - netmap management is done by the NIC driver.

When checking whether a specific ENA ring is running in netmap
mode, only the following checks were done:
1. IFCAP_NETMAP - Check whether netmap capability is enabled on
the device.
2. NKR_NETMAP_ON - Check whether netmap is actively using this
ring.

The above checks implied that the netmap mode is native and the
ENA driver needs to handle the netmap logic.
The code was missing an explicit check on whether native mode
is actually on (NAF_NATIVE).
This led to a case where though emulated mode was used and

    [18 lines not shown]

ena: Minor changes

1. Move parenthesis to correct place in switch and fix include order
2. Add comment at the end of an ifdef for clarity
3. Change include order.

MFC after: 2 weeks
Sponsored by: Amazon, Inc.
Reviewed by: cperciva
Differential Revision: https://reviews.freebsd.org/D55696

graphics/igt-gpu-tools: Fix builds since D49183

virtio: Restore mb() calls

Until an issue seen on amd64 can be investigated restore two mb() calls
to virtio.

Reviewed by:    andrew
Fixes:  c499ad6f997c ("virtio: Use bus_dma for ring and indirect buffer allocations")
Sponsored by:   Arm Ltd
Differential Revision:  https://reviews.freebsd.org/D55766

Revert "virtio: Restore mb() calls"

This reverts commit d99e725c26a7745aa349eab01ae56ca630b6d0f5.

virtio: Restore mb() calls

Until an issue seen on amd64 can be investigated restore two mb() calls
to virtio.

Reviewed by:    andrew
Fixes:  c499ad6f997c ("virtio: Use bus_dma for ring and indirect buffer allocations")
Sponsored by:   Arm Ltd
Differential Revision:  https://reviews.freebsd.org/D55766

textproc/qo: Update to 0.3.1

sysutils/goaccess: Update to 1.10.1

games/widelands: update 1.2.1 → 1.3.1

PR:             293644
Tested by:      thindil at laeran.pl.eu.org

astro/gpsprune: switch to default java version

games/luanti: update 5.14.0 → 5.15.1

PR:             293560
Tested by:      giorgio.caculli at protonmail.com

astro/josm: update 19439 → 19481

- Switch to latest supported openjdk
- Simplify wrapper script, run with correct java

devel/omnilinter: update 0.7.0 → 0.7.1

astro/osmosis: switch to default java version

devel/cppcheck: update 2.19.1 → 2.20.0