BSD Commit Log Search

   Move header files to no-qt6

   Respect qmake "lessThan(QT_MAJOR_VERSION, 6)" in the port

   Spotted by tb

   Update to py3-astropy-iers-data-0.2026.1.19.0.42.31.

   Update mcast-proxy to HEAD

   - Router Alert added to MLD and IGMP queries
   - IGMP checksum fix and added bounds checks
   - MLDv1 queries aligned with RFC 2710 (reference added)
   - MLD upstream filtering aligned with IGMP; fixes for MLD unregistration
     and IPv6 address tracking
   - Safety/cleanup: socket validity checks, default IGMP switch case,
     restricted file-local visibility, moved local prototypes

   Tested by Joel Knight.

   OK Paul de Weerd (MAINTAINER)

   bn_ffdh: unifdef HAVE_SCAPY_SPECIAL

   DH_check: teach this DoS vector about RFC 7919 primes

   ok beck

   bn_ffdh: unifdef HAVE_RFC7919_PRIMES

   Update to terragrunt-0.98.0.

   bn_const: add RFC 7919 primes

   There is no intention to expose these via public API or to use them in TLS.
   For now these will only be used for short-circuiting pointless expensive
   computations in DH_check().

   ok beck

   Update to ocserv-1.4.0

   Changes: https://gitlab.com/openconnect/ocserv/-/releases/1.4.0

   From Renaud Allard <renaud AT allard DOT it> (MAINTAINER)

   Scapy special for DH_check()

   The latest release of Scapy calls DH_check() on all the well-known
   Diffie-Hellman parameters for RFCs 2409, 3526, and 7919. It does this
   via pyca/cryptography at startup. Every single time. This is obviously
   very expensive, due to our 64 MR rounds (which are complete overkill
   now that we have BPSW). Instead of pondering the ideal number of rounds
   for BPSW with FFDH, simply skip the check if the parameter matches a
   well-known prime. These are known to be safe primes, so we can skip
   those super-expensive and pointless checks without any risk.

   This is only done for the public dh->p parameter. It could be further
   optimized, but with the follow-up commit adding the RFC 7919 primes this
   reduces the startup time to what it was before Scapy 2.7.0: < 1s.

   Reverting from 64 MR rounds to BN_check_primes rounds, we would still
   have ~8s startup time without this optimization, which isn't great for
   an interactive tool.


    [11 lines not shown]

   use the correct profile path

   Update to opentofu-1.11.4.

   bn regress: add test that double checks the RFC 2409 and 3526 primes

   Also has code to check the RFC 7919 primes and run DH_check() once that
   knows about these.

   Update to google-cloud-sdk-553.0.0.

   Update to ibus-typing-booster-2.30.0.

   sync

   gcc 4.x fixes, found by tb

   sysutils/docker-compose: update to 5.0.2

   Update nudoku to 7.0.0.

   Update ocp to 3.1.1.

   Skip two linker flags on mips64/octeon to unbreak build and strip during fake

   This is the last build dep to get sysutils/collect to package.

   Feedback OK jca

   update open62541 to 1.3.16
   patches have been commited upstream

   net/rabbitmq: Update to 4.2.3

   shells/nushell: Update to 0.110.0

   sysutils/eza: Update to 0.23.4

   enable widevine support; these can also utilize multimedia/openwv to play content

   devel/sccache: update to 0.13.0

   Make it clear that DenyUsers/DenyGroups overrides AllowUsers/AllowGroups.
   Previously we specified the order in which the directives are
   processed but it was ambiguous as to what happened if both matched.
   OK djm@

   update to libheif-1.21.2, from Brad, I tweaked the comment about heif-view
   as well

   now that svt-av1 has been updated, drop the patch that was previously
   added to allow handbrake to build with old svt-av1. from Brad.