BSD Commit Log Search

Merge branch 'freebsd/15-stable/main' into hardened/15-stable/main

Merge branch 'freebsd/main' into hardenedbsd/main

audio/sidplayfp: Update to 2.16.2

misc/hwdata: Update to 0.405

Reported by:    portscout!

devel/py-types-aws-xray-sdk: New port: Typing stubs for aws-xray-sdk

devel/py-types-Flask-Cors: New port: Typing stubs for Flask-Cors

devel/py-schema-salad: New port: Schema Annotations for Linked Avro Data (SALAD)

www/py-yt-dlp-ejs: Remove the IGNORE line

This do-fetch target does not repackage anything.
It fetches the tarball, extracts it, then fetches NodeJS dependencies
into the same folder, and packages this folder as a final tarball
used during build.

AFAIK there is nothing wrong with this port the way it is now.

This can't be done in post-extract due to internet access that is
required.

devel/py-types-boto: New port: Typing stubs for boto

devel/py-cwltest: New port: Common Workflow Language testing framework

www/freenginx-devel: third-party modules management (+)

- update vts module to its recent revision
- update zstd module to its recent revision

Bump PORTREVISION.

Sponsored by:   tipi.work

www/freenginx-devel: update njs module to 0.9.6

<ChangeLog>

nginx modules:

*) Bugfix: fixed expire field truncation in shared dict state files.
   Millisecond timestamps were silently truncated to 10 digits,
   making restored entries appear expired on restart.
   The issue has been present since eca03622 (0.9.1).

*) Bugfix: suppressed slab log_nomem for evict shared dict zones.
   When evict is enabled, memory allocation failures are expected
   and handled by evicting old entries.

*) Bugfix: fixed stack trace for native fetch exceptions for QuickJS
   engine.

Core:

    [38 lines not shown]

devel/libwasmtime: update 42.0.0 -> 42.0.1

ChangeLog:      https://github.com/bytecodealliance/wasmtime/compare/v42.0.0...v42.0.1

Sponsored by:   tipi.work

net-im/telegram-desktop: update: 6.6.1 -> 6.6.2

ChangeLog:      https://github.com/telegramdesktop/tdesktop/compare/v6.6.1...v6.6.2

Sponsored by:   tipi.work

mlx5: report IPSEC offload capabilities whenever IPSEC_OFFLOAD is configured

(cherry picked from commit de29fd0322254127c3ebaedbc91ee4f9620f5fdf)

netipsec/ipsec_offload.c: handle failures to install SA nicely

(cherry picked from commit 477f020c7b5453bcd3bff7f1491e9830027b271e)

ipsec_offload: add comment stating why ipsec_accel_sa_newkey_cb() returns 0

(cherry picked from commit 0e5caac7d543687d540fa83a7125726c7c9e6e58)

mlx5: convert GET_TRUNK_IF() to function

(cherry picked from commit 87ca74de89e0ae96774674f7ae14d303fad5b780)

Merge remote-tracking branch 'origin/hardened/current/master' into hardened/current/cross-dso-cfi

Merge branch 'freebsd/current/main' into hardened/current/master

Merge branch 'freebsd/main' into hardenedbsd/main

sysutils/nginx-ui: Update to 2.3.3

ChangeLog: https://github.com/0xJacky/nginx-ui/releases/tag/v2.3.3

www/filebrowser: Update to 2.61.0

ChangeLog: https://github.com/filebrowser/filebrowser/releases/tag/v2.61.0

x11-fm/xfe: Update to 2.1.5

devel/violet: Update 2.2.2 => 2.3.0

Approved by:  db@, yuri@ (Mentors, implicit)

audio/ft2-clone: Update to 2.07

acpi_spmc: fix revision check reading name as integer

In acpi_spmc_get_constraints_spec(), the revision of the device
constraint detail package was mistakenly read from
constraint_obj->Package.Elements[0], which is the device name
(a string), instead of from the detail sub-package's first element.

Move the initialisation of 'detail' before the revision check and
read the revision from detail->Package.Elements[0] as the comment
already states

Approved by:    obiwac
Differential Revision:  https://reviews.freebsd.org/D55639
Sponsored by:   Netflix

misc/bibletime:  add NOT_FOR_ARCHS i386

libutil: avoid an out-of-bounds read in trimdomain(3)

memchr(3) will happily believe we've passed in a valid object, but
hostsize could easily exceed the bounds of fullhost.  Clamp it down to
the string size to be safe and avoid UB.  This plugs a potential
overread noted in the compat shim that was just added.

Reviewed by:    des
Sponsored by:   Klara, Inc.
Differential Revision:  https://reviews.freebsd.org/D54623

libutil: take a size_t in trimdomain()

INT_MAX is already larger than a reasonable hostname might be, but
size_t makes some of this easier to reason about as we do arithmetic
with it.  This would maybe not be worth it if we had to bump the
soversion because of it, but libutil does symbol versioning now so we
can provide a compat shim.

While we're here, fix some inconsistencies in argument names in the
manpage.

Reviewed by:    des
Obtained from:  https://github.com/apple-oss-distributions/libutil
Sponsored by:   Klara, Inc.
Differential Revision:  https://reviews.freebsd.org/D54622