www/librewolf: update to 152.0.6-1
www/mozilla-firefox/files/policies.json has some changes that may
be relevant for LibreWolf but I don't have time to look at that.
Can be done later.
MAINTAINER indicated not working on this port for now
Identical diff from yaydn, thanks
OK landry@
Make dtls1_do_write_ccs() self contained.
A ChangeCipherSpec message is always the same single byte. Make
dtls1_do_write_ccs() know how to send this message, which avoids the use of
buffers and needing to keep copies for retransmission.
ok kenjiro@ tb@
Clean up sequence number and message header handling.
dtls1_set_message_header() is only called in one place - inline the write
handshake sequence number handling. Rename dtls1_set_message_header_int()
to dtls1_set_message_header().
The dtls12_write_ccs() code does not use handshake sequence numbers (since
they're not handshake messages) - stop pretending that it does.
ok kenjiro@ tb@
Fix netstat(1) man page and options.
Use switch -v to avoid IPv6 address truncation everywhere. Remove
special meaning of -l for IPv6 multicast routing table. Fix
combination of options in usage. Clarify man page.
input and OK claudio@
Make IP multicast router global variable MP safe.
Use a multicast router rwlock to protect the mrt_mrouter array.
Since we support one router per route table, also implement an API
version per router. Sockets in mrt_mrouter are reference counted.
Fix the name space a bit by using mrt_ prefix consistently. Keep
existing netlock and kernel lock until fine grained locking has
been finished.
OK claudio@
Repair last steps of portimport(1) ran from mystuff/
Obviously we can't update the freshly imported directory directly from
mystuff/, it has to be done from the real target directory. So trim
mystuff/ from the path before cd'ing there. This fixes the error below:
cvs server: failed to create lock directory for `/cvs' (/cvs/#cvs.lock): Permission denied
cvs server: failed to obtain dir lock in repository `/cvs'
cvs [server aborted]: read lock failed - giving up
While here revert rev 1.8 which didn't fix the underlying issue.
ok tb@
ld.so: print symbol name if lazy binding failed
It's a useful clue where to go look and various people working in ports
used similar diffs to track problems they were facing down.
fine by guenther
ok deraadt jca
update to 1.30.4; from Mark Patruck
fixes the following:
- buffer overflow vulnerability when using map with regex
(CVE-2026-42533)
- memory disclosure vulnerability when using ngx_http_slice_module
(CVE-2026-60005)
- use-after-free vulnerability when using ngx_http_ssi_module
(CVE-2026-56434)