BSD Commit Log Search

   fix PORTROACH var

   sysutils/docker-compose: update to 5.1.3

   add .login file and pkg-readme for transmission
   ok lucas rsadowski

   drop exim from ports, this has been proposed various times over the last
   couple of years but nobody actually got round to it yet, and it seems like
   a good point in the release cycle to say bye, the port installs it suid
   root and it has had quite a few too many security issues to be comfortable
   with this.

   ok job, tb, renaud (maintainer)

   add some missing boost-* WANTLIB

   Update to duckdb-1.5.2.

   Update for gobuster to 3.8.2

   Update for Artty to 1.6.1:

   https://github.com/mjwhitta/artty/releases/tag/v1.6.1

   OK rsadowski

   Update nextcloud to 33.0.2

   OK gonzalo@

   Update nextcloud to 32.0.8

   OK gonzalo@

   Update to Update to p5-Imager-1.030.

   Update to p5-Image-ExifTool-13.55.

   Update to p5-Devel-Size-0.87.

   Update to dos2unix-7.5.5.

   Update to py3-astropy-iers-data-0.2026.4.13.0.58.2.

   update to openvox 8.26.0

   cd is hard when you're only halfway through the first mug of tea; bump the
   right branch. pointed out by phessler.

   bump again to get above -stable

   add rc script under the elldpd name for -stable (in parallel with the lldpd
   name), so machines can be adjusted to the new name prior to release

   rename rc script for ports lldpd from lldpd to elldpd, so that lldpd could
   be reused in base after release (there is no separate namespace for ports
   and base daemons in rc.d-land)

   Update jenkins to 2.541.3

   Update jenkins to 2.559

   geo/postgis: security update to 3.6.3

   see https://gitea.osgeo.org/postgis/postgis/raw/tag/3.6.3/NEWS

   security/nss: update to 3.122.1, will be required for firefox 150

   see https://hg-edge.mozilla.org/projects/nss/raw-file/tip/doc/rst/releases/nss_3_122_1.rst

   init GuC TLB invalidation xarray with XA_FLAGS_LOCK_IRQ

   The xarray is used from interrupt context:

   xa_lock_irqsave
   wait_wake_outstanding_tlb_g2h
   intel_guc_tlb_invalidation_done
   ct_process_request
   ct_handle_event
   ct_handle_hxg
   ct_handle_msg
   ct_receive
   ct_try_receive_message
   intel_guc_ct_event_handler
   intel_guc_to_host_event_handler
   guc_irq_handler
   gen11_other_irq_handler
   gen11_gt_identity_handler
   gen11_gt_bank_handler

    [5 lines not shown]

   Provide an example how to disambiguate mktime() return values

   OK beck@

   vmd(8): remove config parsing TOCTOU with disk parsing.

   When vmd parses vm.conf, it's inspecting any provided disk images
   to determine the disk format (raw or qcow) if left unspecified.
   This is a big TOCTOU because nothing prevents these files from
   changing between vmd startup and vm launch.

   This change defers detection to vm launch time and tracks the disk
   format as an enum instead of an int to make things more interpretable.

   ok hshoexer@

   backport fix for an issue creating tiled 12-bit JPEGs, triggered by a recent
   change in libjpeg-turbo.  ok tb naddy

   graphics/tiff: fix integer overflows leading to heap overflows

   CVE-2026-4775
   https://gitlab.com/libtiff/libtiff/-/commit/782a11d6

   Further fixes
   https://gitlab.com/libtiff/libtiff/-/commit/67713aae

   ok tb@ sthen@

   Update to Xwayland 24.1.10

   This release contains the fixes for the following issues:
   * CVE-2026-33999: XKB Integer Underflow in XkbSetCompatMap()
   * CVE-2026-34000: XKB Out-of-bounds Read in CheckSetGeom()
   * CVE-2026-34001: XSYNC Use-after-free in miSyncTriggerFence()
   * CVE-2026-34002: XKB Out-of-bounds read in CheckModifierMap()
   * CVE-2026-34003: XKB Buffer overflow in CheckKeyTypes()

   Additionally, it contains a number of other various fixes from the stable
   xwayland-24.1 branch