BSD Commit Log Search

   Update broot to 1.56.3.

   Update

   sync

   Update to libxkbfile 1.2.0.
   Switch to local build system since autotools was replaced by meson.

   Update to xorgproto 2025.1

   Merge fixes from X.Org repository to build with llvm 22.

   Move xcb-util-xrm later in the build.

   Enabling tests makes it depend on libX11

   Update to pokerth 2.0.7 from maintainer

   Add patch to disable TCP_KEEPALIVE

   Transplant the EL2 virtual timer interrupt into the ACPI device tree if
   it is provided in the GTDT table.
   Based on a diff from Marc Zyngier.

   ok jsg@

   If either tcp_md5_set() or pfkey_establish() fail then also fail the
   ongoing connect.

   The old graceful failure mode was added for strange cases like kernels
   without TCP MD5 support but there is honestly no good reason to limp along.
   The correct way to handle this on such broken systems is to edit the config
   and remove the auth settings. After that a bgpctl reload will fix the problem
   by skipping the TCP MD5 or IPSec setup.

   Reported by Frank Denis
   OK tb@

   regen

   Add "interrupt-names" property to the timer node.

   ok jsg@

   misc/llama.cpp: update to b9097

   devel/libggml: update to 0.11.1

   In log_evpnaddr() the labellen for EVPN_ROUTE_TYPE_2 can either be 3 or 6.

   Currently only the first label is printed so only take the first 3 bytes
   of addr->labelstack to build the VNI. Do this by hand with a few shifts
   and or opertations instead of the memcpy and htonl() fumbling.

   EVPN is still experimental and disabled by default.
   Found by myself and also reported by Frank Denis
   OK denis@ tb@

   Sync cert.pem with mozilla roots; quite a few CA certificates were
   either removed or distrusted for web so are removed here.  ok tb@

   Common policies (moz, google, ca/b) are now to distrust roots with key
   material created before a certain time (currently 2008, this rolls
   forwards by 2 years each April until 2029 when it moves to '15 years
   from creation'), and also roots used for TLS are not permitted to be
   shared with other purposes (Secure Email, Code Signing, or others).

   This removes all root certificates from the following CA operators:

   -AffirmTrust
   -  /C=US/O=AffirmTrust/CN=AffirmTrust Commercial
   -  /C=US/O=AffirmTrust/CN=AffirmTrust Networking
   -  /C=US/O=AffirmTrust/CN=AffirmTrust Premium
   -  /C=US/O=AffirmTrust/CN=AffirmTrust Premium ECC

   -Firmaprofesional SA
   -  /C=ES/O=Firmaprofesional SA/2.5.4.97=VATES-A62634068/CN=FIRMAPROFESIONAL CA ROOT-A WEB

    [67 lines not shown]

   update to hiawatha-12.2

   use DIST_TUPLE for testdata

   remove WRKDIR/bin/python symlinks that aren't needed any more (link now
   included in lang/python/3 -main).

   lang/node: Unbreak on i386 by cherrypicking a fix from upstream V8

   ok sthen@

   net/haproxy: Update to 3.2.19

   From Mark Patruck, thanks
   discussed with tb@

   Update to libepoxy 1.5.10

   Update to manuals-50.1.

   Update to gnome-builder-50.0.

   Update to foundry-1.1.1.

   Update to libdex-1.1.0.

   Update to showtime-50.0.

   Update to papers-50.1.

   Update to xcb-util-xrm 1.3.0

   Update to gnome-maps-50.1.