BSD Commit Log Search

   sysutils/docker-cli: update to 29.5.1

   Another 'to long' that is too short.
   OK tb@

   Adjust handling of limits in up_generate_addpath()

   The maxpaths limit is straightforward but the handling of plus is more
   sublte. If plus == 0 then no extra paths should be added. So the default
   is to not include any extra paths (unless add-path send all is used).
   If plus is set and mmaxpaths is 0 add up to plus additional paths.
   If plus and max are used together the first limit reached will break the
   loop.

   OK tb@

   Update to libksba-1.8.0

   ChangeLog: https://dev.gnupg.org/T8253

   Update to gnupg-2.5.20

   ChangeLog: https://dev.gnupg.org/T7997

   merge hyphenation fix from ungoogled and update PLIST

   remove '#undef _' added for Windows CE
   ok jsing@ tb@

   Make qwx(4) send the PMF good-bye deauth frame when hopping out of RUN state.

   In addition to sending the PMF good-bye deauth frame from qwx_stop() we
   must also send it when leaving RUN state for other reasons.
   Provided we are still running with IFF_RUNNING since otherwise qwx_stop()
   has already sent the deauth frame. And provided the AP did not just send
   a deauth frame to us, which also covers the background-scan/roaming case
   where a deauth frame is sent via ieee80211_node_tx_stopped() and net80211
   is faking our old AP's deauth event.

   More (currently disabled) bits for creating floating panes, from Michael
   Grant and Dane Jensen.

   Only send the PMF good-bye deauth frame if the WPA handshake has succeeded.

   If the RSN port is not marked valid then we have never exchanged keys with
   our access point and sending a correctly encrypted deauth frame is impossible.

   Ensure no new tasks get scheduled while IFF_RUNNING is set in qwx_stop().

   This should prevent a crash I've seen happen once where the newstate task
   was scheduled after an incoming auth response frame while userland was in
   qwx_stop() (i.e. ifconfig qwx0 down). The newstate task then crashed
   because qwx_stop() had already begun to tear down driver state.

   Fix interlock between the (badly named) CRASH_FLUSH flag which prevents
   new tasks, and IFF_RUNNING which indicates whether the device is ready.
   qwx_stop() now clears IFF_RUNNING before the CRASH_FLUSH flag is cleared.
   There was a small window in qwx_stop() where IFF_RUNNING was still set
   while CRASH_FLUSH was clear again.

   To make this work with PMF we need to send our good-bye deauth frame earlier
   since sending management frames requires IFF_RUNNING to be set.

   update

   More bits for pane Z index tracking from floating panes, mostly by
   Michael Grant.

   update to py3-numpy-2.4.6

   sys/qwz: implement regulatory domain for 2.4Ghz and 5Ghz

   without regulatory domain support it uses world, and some chanells not
   available from firmware point of view when AP can actually use it.

   OK: mglocker@

   libcrypto/ui: mechanically rename the union _ into u

   While mainstream OS use compilers that understand anonymous unions, which
   would be cleaner here, some special snowflakes rely on LibreSSL in their
   stacks and they sometimes use very old and special compilers. There is no
   need to impose a burden on them. There is far more impactful and important
   cleanup that could be done in the ui pit.

   This obviates jsg's upcoming removal of a windows-ce workaround.

   discussed with jsing

   libcrypto/ui: move ui_string_st to ui_lib.c. It's only used there.

   update to librenms-26.5.0

   remove imagemagick workaround

   fix https://github.com/ImageMagick/ImageMagick6/issues/427 - problem
   introduced by 98153baf2e6 (mis-merge from b1db40da509 in 7.x)

   "ImageMagick 6 will only receive security updates and this does
   not seem to be a security issue".

   Prefer ic_bss over the ephemeral node in the scan tree, if possible.

   From mglocker@ via qwz(4)

   Add missing dma syncs after copying firmware images to DMA buffers.

   From mglocker@ via qwz(4).

   The firmware listen_intval is in units of beacons, not TU. Set it properly.

   From mglocker@ via qwz(4).

   Add peer to qwx(4) firmware after starting the vdev, not before.

   From mglocker@ via qwz(4)
   On ath12k this fixed a firmware crash by avoiding the peer getting
   created with a half-initialized vdev. The fix does not hurt on ath11k
   so apply it to qwx(4) as well.

   Update ansible-core -> 2.20.5 -> 2.21.0
   Changelog: https://github.com/ansible/ansible/blob/stable-2.21/changelogs/CHANGELOG-v2.21.rst#v2-21-0

   sync

   Merge libdrm 2.4.133

   Import libdrm 2.4.133

   In lsa_check() handling of LSA_TYPE_INTER_A_PREFIX fix len calculation for
   the lsa_get_prefix() call.

   Reported by Stuart Thomas
   OK tb@ deraadt@

   Ensure that the embedded lsa.len is at least sizeof(lsa) bytes long.

   OK deraadt@ tb@