BSD Commit Log Search

   fix sun2 build.

   s/macdep/machdep/ in comments.

   new xz.

   bump liblzma.

   merge changes between 5.2.4 and 5.8.3

   s/peudo/pseudo/ in comment.

   Import xz-5.8.3 (previous was 5.2.4)

   5.8.3 (2026-03-31)

       * liblzma:

           - Fix a buffer overflow in lzma_index_append(): If
             lzma_index_decoder() was used to decode an Index that
             contained no Records, the resulting lzma_index was left in
             a state where where a subsequent lzma_index_append() would
             allocate too little memory, and a buffer overflow would occur.

             The lzma_index functions are rarely used by applications
             directly. In the few applications that do use these functions,
             the combination of function calls required to trigger this bug
             are unlikely to exist, because there typically is no reason to
             append Records to a decoded lzma_index. Thus, it's likely that
             this bug cannot be triggered in any real-world application.


    [37 lines not shown]

   Check inet_ntop(3) return value.

   new OpenSSH

   bump libssh

   Merge changes between OpenSSH-10.2 and 10.3

   Import OpenSSH-10.3 (previous was 10.2)

   OpenSSH 10.3 was released on 2026-04-02. It is available from the
   mirrors listed at https://www.openssh.com/.
   OpenSSH is a 100% complete SSH protocol 2.0 implementation and
   includes sftp client and server support.

   Once again, we would like to thank the OpenSSH community for their
   continued support of the project, especially those who contributed
   code or patches, reported bugs, tested snapshots or donated to the
   project. More information on donations may be found at:
   https://www.openssh.com/donations.html

   Potentially-incompatible changes
   --------------------------------

    * ssh(1), sshd(8): remove bug compatibility for implementations
      that don't support rekeying. If such an implementation tries to
      interoperate with OpenSSH, it will now eventually fail when the

    [288 lines not shown]

   New OpenSSL

   Merge changes between OpenSSL 3.5.5 and 3.5.6

   Import OpenSSL-3.5.6 (previous was 3.5.5)

   ### Changes between 3.5.5 and 3.5.6 [7 Apr 2026]

    * Fixed incorrect failure handling in RSA KEM RSASVE encapsulation.

      Severity: Moderate

      Issue summary: Applications using RSASVE key encapsulation to establish
      a secret encryption key can send contents of an uninitialized memory buffer
      to a malicious peer.

      Impact summary: The uninitialized buffer might contain sensitive data
      from the previous execution of the application process which leads
      to sensitive data leakage to an attacker.

      Reported by: Simo Sorce (Red Hat).

      ([CVE-2026-31790])

    [126 lines not shown]

   Properly capitalize Ethernet.

   Fix https://sourceware.org/bugzilla/show_bug.cgi?id=34033

   - Deprecate loc_ntoa because it does not specify the size of the destination
     buffer and replace it with loc_ntoa1
   - Replace sprintf(3) with snprintf(3), checking for string overflow.

   This removes all sprintf(3) uses in libc, except in compat/net/compat_ns_ntoa.c

   Thanks to phone@ for reviewing and Florian Weimer for notifying us.

   add the full npf route libs in distrib

   de-obfuscate i2s register use in lightbar

   bsd.own.mk: sort various lists and expressions

   Sort various lists of variables.
   (Manually) sort various .if expressions on platform name.
   Should be no functional change, but easier to cross-check mk.conf(5).

   New sentence, new line. Remove superfluous Pp.

   mk.conf(5): sync with bsd.own.mk 1.1473

   Sort variables in the list: MKAUTOFS, MKKERNFS, MKNLS,

   Update supported platforms per bsd.own.mk changes, including using
   the tested variable (MACHINE vs MACHINE_ARCH):
   MKAMDGPUFIRMWARE, MKCTF, MKDTB, MKFIRMWARE, MKLIBCXX, MKPIE, MKPROFILE,
   MKRELRO, MKSLJIT, MKSOFTFLOAT, MKZFS, USE_SSP, USE_XZ_SETS.

   Sort platforms in: MKXORG_SERVER.

   Document MKGDBSERVER.

   Add NetBSD 10 and NetBSD 11 to RUMP_NBCOMPAT.

   USE_SSP is also controlled by NOFORT.

   Cross reference npf(7) for MKNPF.

   Editorial fixes, including consistent punctuation.

   G/C the do-nothing module_init_md() now that there's a global weak
   equivalent.

   G/C the do-nothing module_init_md() now that there's a global weak
   equivalent.

   df: Rename nbytes to value in prthumanval (not always bytes)

   df: Add human-readable inode counts

   Add Policy based routing by interface in NPF

   bump libdns

   new bind

   Merge changes between 9.20.18 and 9.20.22