BSD Commit Log Search

   Update to harfbuzz-12.3.1.

   mariadb: avoid use of deprecated OpenSSL/LibreSSL API

   ok brad (mainiainer)

   exim: don't force use of ASN1_STRING_data() on recentish LibreSSL

   seems fine to Renaud Allard (maintainer)

   Update keycloak 26.4.7 -> 26.5.1
   Changelogs: https://github.com/keycloak/keycloak/releases
   Release notes: https://www.keycloak.org/docs/latest/release_notes/index.html
   Upgrading guide: https://www.keycloak.org/docs/26.5.1/upgrading

   drm/amdkfd: Fix improper NULL termination of queue restore SMI event string

   From Brian Kocoloski
   47206d70d1fba05470a2bd00ae3d66d27487c195 in linux-6.12.y/6.12.66
   969faea4e9d01787c58bab4d945f7ad82dad222d in mainline linux

   drm/amd/display: Fix DP no audio issue

   From Charlene Liu
   f609041424d56f673e278f38ebbc71e05564b2ea in linux-6.12.y/6.12.66
   3886b198bd6e49c801fe9552fcfbfc387a49fbbc in mainline linux

   drm/amd/display: shrink struct members

   From Rosen Penev
   e83af97d5c3913c5d0bb81dcf0188f7c48731215 in linux-6.12.y/6.12.66
   7329417fc9ac128729c3a092b006c8f1fd0d04a6 in mainline linux

   drm/radeon: Remove __counted_by from ClockInfoArray.clockInfo[]

   From Alex Deucher
   7500ab83bad207341916950bb21248af0a1ee21e in linux-6.12.y/6.12.66
   19158c7332468bc28572bdca428e89c7954ee1b1 in mainline linux

   drm/amdgpu: Fix query for VPE block_type and ip_count

   From Alan Liu
   90b4b130a20d80decfc9b115c187f818ab83a30a in linux-6.12.y/6.12.66
   72d7f4573660287f1b66c30319efecd6fcde92ee in mainline linux

   Fill entropy in a single operation instead of hundreds.

   The sntrup761 code we use from SUPERCOP fills entropy arrays 4 bytes at
   a time.  On some platforms each of these operations has a significant
   overhead, so instead fill it in a single operation and as a precaution
   zero that array after it's used.

   Analysis and code change is from Mike Frysinger via Github PR#621 with
   feedback from djm@ and sed-ification from me.  ok djm@ beck@.

   This change was submitted by Mike to SUPERCOP upstream so hopefully
   future versions will already have it.

   Update to gambit 4.9.7.

   Fix window-size=latest not resizing on switch-client in session groups.
   From Ilya Grigoriev in GitHub issue 4818.

   remove @conflict/@pkgpath that were there to handle the migration from
   nagios-plugins >10y ago

   use pledge in various monitoring-plugins checks; from Alvar Penning

   sysutils/docker-cli: update to 29.1.5

   Symlink tests directory to ${WRKBUILD} to make the 3 remaining tests pass.

   Thanks sthen@!

   set USE_NOBTCFI-amd64 due to issues in svt-av1

   Update to nghttp3 1.15.0

   https://github.com/ngtcp2/nghttp3/releases/tag/v1.15.0

   Update to ngtcp2 1.20.0

   https://github.com/ngtcp2/ngtcp2/releases/tag/v1.20.0

   + xan

   Initial revision

   Use the Tcl module instead of hardcoding dependencies.


   ok volker@

   lang/node: Update to v22.22.0

   Fixes
   CVE-2025-59465 add TLSSocket default error handler
   CVE-2025-55132 disable futimes when permission model is enabled
   CVE-2025-55130 require full read and write to symlink APIs
   CVE-2025-59466 rethrow stack overflow exceptions in async_hooks
   CVE-2025-55131 refactor unsafe buffer creation to remove zero-fill toggle
   CVE-2026-21637 route callback exceptions through error handlers

   In addition, use the port version of textproc/simdutf.

   net/libcares: Update to 1.34.6

   Fixes
   CVE-2025-62408: use-after-free in read_answers() introduced in v1.32.3

   fine with sthen@

   lang/node: Update to v22.22.0

   CVE-2025-59465 add TLSSocket default error handler
   CVE-2025-55132 disable futimes when permission model is enabled
   CVE-2025-55130 require full read and write to symlink APIs
   CVE-2025-59466 rethrow stack overflow exceptions in async_hooks
   CVE-2025-55131 refactor unsafe buffer creation to remove zero-fill toggle
   CVE-2026-21637 route callback exceptions through error handlers

   fine with sthen@

   Tentative fix for ffmpeg on mips64

   Avoid building code that clang rejects:
   :src/libavcodec/mips/cabac.h:160:77: error: instruction requires a CPU feature not currently enabled
   :  160 |         PTR_SUBU   "%[tmp1],         %[c_low],        %[tmp1]             \n\t"
   :      |                                                                             ^
   :<inline asm>:13:2: note: instantiated into assembly here
   :   13 |         movz       $15,          $13,          $24
   :      |         ^

   A smarter approach is left as an exercise for the reader.

   twmn: stop linking against boost_system

   ok sdk (maintainer)

   rpki-client: check SPKI in TAL for trailing garbage

   On deserializing, ensure that the entire DER blob decoded from base64 has
   been consumed.

   ok job

   rpki-client regress: adjust for pkey -> spki rename

   rpki-client: use spki/spkisz for the SPKI in a TAL

   This used to use pkey, which is very confusing since this is the standard
   name for an EVP_PKEY *.

   ok job (part of a larger diff)