HardenedBSD/src fe2dd04share/mk src.opts.mk

HBSD: Resolve merge conflict

Signed-off-by:  Shawn Webb <shawn.webb at hardenedbsd.org>
DeltaFile
+0-3share/mk/src.opts.mk
+0-31 files

HardenedBSD/src e748bc2bin/timeout timeout.c, share/man/man4 multicast.4

Merge remote-tracking branch 'origin/freebsd/current/main' into hardened/current/master

Conflicts:
        share/mk/src.opts.mk (unresolved)
DeltaFile
+73-85bin/timeout/timeout.c
+54-38usr.bin/diff/tests/diff_test.sh
+26-18usr.bin/diff/diff.c
+20-15sys/netinet6/ip6_mroute.c
+15-14sys/netinet/ip_mroute.c
+22-4share/man/man4/multicast.4
+210-17420 files not shown
+294-21526 files

HardenedBSD/ports 2d05dd3security/libgcrypt/files patch-mpi_ec.c patch-cipher_ecc.c, security/voa distinfo Makefile.crates

Merge branch 'freebsd/main' into hardenedbsd/main
DeltaFile
+162-0security/libgcrypt/files/patch-mpi_ec.c
+153-0security/libgcrypt/files/patch-cipher_ecc.c
+117-0security/libgcrypt/files/patch-cipher_ecc-eddsa.c
+57-55security/voa/distinfo
+68-0security/libgcrypt/files/patch-cipher_ecc-sm2.c
+28-27security/voa/Makefile.crates
+585-8263 files not shown
+929-19369 files

HardenedBSD/ports fb751basysutils/backrest distinfo Makefile

sysutils/backrest: Update to 1.11.2

ChangeLog: https://github.com/garethgeorge/backrest/releases/tag/v1.11.2
DeltaFile
+7-7sysutils/backrest/distinfo
+4-5sysutils/backrest/Makefile
+11-122 files

HardenedBSD/ports 141378bmultimedia/navidrome Makefile, security/opkssh Makefile

*/*: Add more information about instructions for creating assets

Reported by:    bapt@
DeltaFile
+2-0multimedia/navidrome/Makefile
+2-0security/opkssh/Makefile
+2-0sysutils/backrest/Makefile
+2-0sysutils/go-ntfy/Makefile
+2-0sysutils/gol/Makefile
+2-0sysutils/nginx-ui/Makefile
+12-011 files not shown
+34-017 files

HardenedBSD/ports e6fbff1net-im/telegram-desktop distinfo Makefile

net-im/telegram-desktop: update 6.5.0 -> 6.5.1

ChangeLog:      https://github.com/telegramdesktop/tdesktop/compare/v6.5.0...v6.5.1

Sponsored by:   tipi.work
DeltaFile
+3-3net-im/telegram-desktop/distinfo
+1-2net-im/telegram-desktop/Makefile
+4-52 files

HardenedBSD/ports 4fb0ecclang/quickjs-ng distinfo Makefile

lang/quickjs-ng: update: 0.11.0 -> 0.12.1

ChangeLog:      https://github.com/quickjs-ng/quickjs/compare/v0.11.0...v0.12.1

Sponsored by:   tipi.work
DeltaFile
+3-3lang/quickjs-ng/distinfo
+1-1lang/quickjs-ng/Makefile
+4-42 files

HardenedBSD/src cc3d59flib/clang/libllvm Makefile

HBSD: Missed a file in the last merge conflict resolution

Signed-off-by:  Shawn Webb <shawn.webb at hardenedbsd.org>
DeltaFile
+4-2lib/clang/libllvm/Makefile
+4-21 files

HardenedBSD/ports aa7a14esecurity/wazuh-dashboard distinfo

security/wazuh-dashboard: Fix distinfo

Reported by:    girgen
DeltaFile
+3-3security/wazuh-dashboard/distinfo
+3-31 files

HardenedBSD/src fc6a600usr.bin/diff3 diff3.c, usr.bin/diff3/tests diff3_test.sh

Merge remote-tracking branch 'origin/freebsd/current/main' into hardened/current/master
DeltaFile
+110-125usr.sbin/ngctl/main.c
+25-26usr.bin/diff3/diff3.c
+42-3usr.bin/diff3/tests/diff3_test.sh
+16-23usr.sbin/ngctl/msg.c
+18-13usr.sbin/ngctl/config.c
+18-10usr.sbin/ngctl/write.c
+229-20034 files not shown
+430-27040 files

HardenedBSD/src ed285eblib/clang/libclang Makefile, lib/clang/liblldb Makefile

HBSD: Resolve merge conflicts

This also brings us a little closer to upstream's llvm-related
Makefiles. Reintroduce the MK_LLVM_LINK_STATIC_LIBRARIES option,
defaulted to yes.

It is not advised for HardenedBSD users to set
WITHOUT_LLVM_LINK_STATIC_LIBRARIES just yet. Initial testing
demonstrated some issues with linking the right libraries. I do plan to
still move us towards supporting the src compiler toolchain being
compiled as PIEs.

Signed-off-by:  Shawn Webb <shawn.webb at hardenedbsd.org>
DeltaFile
+19-6lib/clang/libclang/Makefile
+20-5lib/clang/liblldb/Makefile
+0-5lib/clang/libllvm/Makefile
+0-4sys/netinet6/nd6_rtr.c
+0-4sys/arm64/arm64/pmap.c
+1-0share/mk/src.opts.mk
+40-246 files

HardenedBSD/ports 8b3dd5ewww/firefox-esr distinfo Makefile

www/firefox-esr: update to 140.7.1 (rc1)

Release Notes (soon):
  https://www.firefox.com/en-US/firefox/140.7.1/releasenotes/
DeltaFile
+3-3www/firefox-esr/distinfo
+1-2www/firefox-esr/Makefile
+4-52 files

HardenedBSD/ports b742d70www/firefox distinfo Makefile

www/firefox: update to 147.0.4 (rc1)

Release Notes (soon):
  https://www.firefox.com/en-US/firefox/147.0.4/releasenotes/
DeltaFile
+3-3www/firefox/distinfo
+1-1www/firefox/Makefile
+4-42 files

HardenedBSD/src 07c4eb5sys/compat/freebsd32 freebsd32.h

sys/compat/freebsd32: Fix i386 compilation

The compile assertion now failing is due to the change '__int64_t' =>
'__int32_t' as the type of 'time32_t' on i386, which is the correct
value.  The use of 'freebsd32.h' on i386 may seem strange, but it comes
from 'kern_umtx.c' including it unconditionally as it needs 'struct
umutex32'.

Fixes:          87632ddf67b0 ("openzfs sys/types32.h: use abi_compat.h for time32_t")
Sponsored by:   The FreeBSD Foundation
DeltaFile
+1-1sys/compat/freebsd32/freebsd32.h
+1-11 files

HardenedBSD/src 2ce028esys/kern link_elf_obj.c, sys/sys elf_common.h

sys: ELF: Rename SHN_FBSD_CACHED => SHN_FREEBSD_CACHED

All other FreeBSD-specific constants have FREEBSD fully spelled out in
their names.  Be consistent.

No functional change (intended).

Reviewed by:    kib
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D55224
DeltaFile
+2-2sys/kern/link_elf_obj.c
+2-1sys/sys/elf_common.h
+4-32 files

HardenedBSD/src f2c2e5bshare/man/man4 multicast.4

multicast.4: Fix disabling multicast forwarding

Reviewed by: markj, glebius
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D55266
DeltaFile
+22-4share/man/man4/multicast.4
+22-41 files

HardenedBSD/ports be18d9fsecurity/libgcrypt/files patch-mpi_ec.c patch-cipher_ecc.c

security/libgcrypt: Fix Curve25519 key validation

Starting with version 1.12.0, libgcrypt was failing to validate
Curve25519 secret keys on FreeBSD-main.  This resulted in failures such
as in the example below.  Incorporate the patch from
https://dev.gnupg.org/T8094 to fix the problem.

% TEMP_GPG=$(mktemp -d)

% GNUPGHOME=$TEMP_GPG gpg --batch --import < ./test/openpgp4-secret-key.asc
gpg: keybox '/tmp/tmp.gkqFaMAlVu/pubring.kbx' created
gpg: /tmp/tmp.gkqFaMAlVu/trustdb.gpg: trustdb created
gpg: key 7E6ABE924645CC60: public key "Notmuch Test Suite (INSECURE!) <test_suite at notmuchmail.org>" imported
gpg: key 7E6ABE924645CC60: secret key imported
gpg: Total number processed: 1
gpg:               imported: 1
gpg:       secret keys read: 1
gpg:   secret keys imported: 1


    [10 lines not shown]
DeltaFile
+162-0security/libgcrypt/files/patch-mpi_ec.c
+153-0security/libgcrypt/files/patch-cipher_ecc.c
+117-0security/libgcrypt/files/patch-cipher_ecc-eddsa.c
+68-0security/libgcrypt/files/patch-cipher_ecc-sm2.c
+37-0security/libgcrypt/files/patch-cipher_ecc-misc.c
+28-0security/libgcrypt/files/patch-cipher_ecc-ecdh.c
+565-07 files not shown
+678-013 files

HardenedBSD/ports a104966graphics/darktable pkg-plist Makefile, graphics/darktable/files patch-src_iop_lens.cc

graphics/darktable: Update to 5.4.1

Release notes:
* https://github.com/darktable-org/darktable/releases/tag/release-5.4.0
* https://github.com/darktable-org/darktable/releases/tag/release-5.4.1

PR:             292928
Submitted by:   Matthieu Volat <mazhe at alkumuna.eu> (initial patch)
DeltaFile
+8-4graphics/darktable/pkg-plist
+5-5graphics/darktable/files/patch-src_iop_lens.cc
+5-3graphics/darktable/Makefile
+3-3graphics/darktable/distinfo
+21-154 files

HardenedBSD/src fd52a9bcontrib/diff/src diff3.c, gnu/usr.bin/diff3 Makefile

diff3: Use a format string to quiet a compiler warning

And bump WARNS to 2
DeltaFile
+1-1gnu/usr.bin/diff3/Makefile
+1-1contrib/diff/src/diff3.c
+2-22 files

HardenedBSD/src 08208cdbin/timeout timeout.c timeout.1

timeout: Clean up

* Annotate logv() and fix format string bug.

* Don't reinvent str2sig(3).

* Reorganize kill_self() so we unblock signals as late as possible, and
  use raise(2) instead of kill(2).

* Explicitly close unused pipe descriptors.

* Use correct type to collect result of read(2) and write(2).

* Compare return values to 0, not -1.

* Sort local variables according to style(9).

* Reduce unnecessary nesting.


    [8 lines not shown]
DeltaFile
+73-85bin/timeout/timeout.c
+1-1bin/timeout/timeout.1
+74-862 files

HardenedBSD/src 790f1d1usr.bin/diff diff.c, usr.bin/diff/tests diff_test.sh

diff: Tweak range of -C and -U arguments

POSIX uses the terms “positive decimal integer” for -C and “non-negative
decimal integer” for -U, which translates into lower bounds of 1 for -C
and 0 for -U.

POSIX does not specify a minimum upper bound for either mode, but as of
5fc739eb5949 both our backends support context sizes up to and including
INT_MAX, so use that.

Having had the opportunity to consult the Unix System Test Suite, the
diff test cases found therein happen to precisely match these bounds.

While here, switch to using strtonum() to parse numerical arguments, and
try to be more consistent in how we report usage errors.

MFC after:      1 week
Sponsored by:   Klara, Inc.
Reviewed by:    kevans
Differential Revision:  https://reviews.freebsd.org/D55261
DeltaFile
+38-24usr.bin/diff/tests/diff_test.sh
+26-18usr.bin/diff/diff.c
+64-422 files

HardenedBSD/src b253243usr.bin/diff/tests diff_test.sh

diff: Tweak recursion tests

The -r flag is not required to compare two directories; it is only
required to compare them recursively, i.e. descend into their common
subdirectories.  Adjust tests that use -r needlessly, and adjust the
dirloop test to verify that these two cases remain distinct.

MFC after:      1 week
Sponsored by:   Klara, Inc.
Reviewed by:    kevans
Differential Revision:  https://reviews.freebsd.org/D55262
DeltaFile
+16-14usr.bin/diff/tests/diff_test.sh
+16-141 files

HardenedBSD/ports 34a8c51security/osslsigncode distinfo Makefile

security/osslsigncode: Update version 2.12=>2.13

Changelog: https://github.com/mtrojnar/osslsigncode/releases/tag/2.13
DeltaFile
+3-3security/osslsigncode/distinfo
+1-1security/osslsigncode/Makefile
+4-42 files

HardenedBSD/ports c6f8619lang/php85 distinfo Makefile

lang/php85: Update version 8.5.2=>8.5.3

Changelog: https://www.php.net/ChangeLog-8.php#8.5.3
DeltaFile
+3-3lang/php85/distinfo
+1-1lang/php85/Makefile
+4-42 files

HardenedBSD/ports eec23denet/google-cloud-sdk distinfo Makefile

net/google-cloud-sdk: Update version 555.0.0=>556.0.0
DeltaFile
+3-3net/google-cloud-sdk/distinfo
+1-1net/google-cloud-sdk/Makefile
+4-42 files

HardenedBSD/ports f9924felang/php84 distinfo Makefile

lang/php84: Update version 8.4.17=>8.4.18

Changelog: https://www.php.net/ChangeLog-8.php#8.4.18
DeltaFile
+3-3lang/php84/distinfo
+1-1lang/php84/Makefile
+4-42 files

HardenedBSD/ports fa3488cdevel/grpc-gateway distinfo Makefile

devel/grpc-gateway: Update version 2.27.7=>2.27.8

Changelog: https://github.com/grpc-ecosystem/grpc-gateway/releases/tag/v2.27.8
DeltaFile
+5-5devel/grpc-gateway/distinfo
+1-2devel/grpc-gateway/Makefile
+6-72 files

HardenedBSD/ports 7d5866cdatabases/freetds-devel distinfo Makefile

databases/freetds-devel: Update version 1.5.245=>1.5.247
DeltaFile
+3-3databases/freetds-devel/distinfo
+1-1databases/freetds-devel/Makefile
+4-42 files

HardenedBSD/ports 445437cdevel/cirrus-cli distinfo Makefile

devel/cirrus-cli: Update version 0.161.4=>0.161.5

Changelog: https://github.com/cirruslabs/cirrus-cli/releases/tag/v0.161.5
DeltaFile
+5-5devel/cirrus-cli/distinfo
+1-1devel/cirrus-cli/Makefile
+6-62 files

HardenedBSD/ports 7a6853dtextproc/groonga distinfo Makefile

textproc/groonga: Update version 15.1.4=>15.1.5

Changelog: https://groonga.org/docs/news/15.html#release-15-1-5
DeltaFile
+3-3textproc/groonga/distinfo
+1-1textproc/groonga/Makefile
+4-42 files