BSD Commit Log Search

   update -stable amd-firmware to 20230809

   update -stable intel-firmware to 20230808

   tweak comment

   add new amd microcode to 7.2-stable

   Update Jenkins -stable to 2.387.2 LTS

   mail/mozilla-thunderbird: MFC update to 102.10.0

   see https://www.thunderbird.net/en-US/thunderbird/102.10.0/releasenotes/
   fixes https://www.mozilla.org/en-US/security/advisories/mfsa2023-15/

   www/firefox-esr: MFC update to 102.10.0.

   see https://www.mozilla.org/en-US/firefox/102.10.0/releasenotes/
   fixes https://www.mozilla.org/en-US/security/advisories/mfsa2023-14/

   Update to zstd-1.5.5

   This release corrects a corruption bug in high compression mode. More
   information can be found at https://github.com/facebook/zstd/pull/3517.
   Overview on other changes can be found at
   https://github.com/facebook/zstd/releases/tag/v1.5.5.

   Minor of SHLIB has been bumped because of addition of new symbols.

   Tor Browser: update to 12.0.4

   OK landry@

   update to tomcat-10.1.7, including regression fix for a change that was
   made in the recent release which also included a security update

   update to tomcat-9.0.73, including regression fix for a change that was
   made in the recent release which also included a security update

   update to tomcat-8.5.87, including regression fix for a change that was
   made in the recent release which also included a security update

   www/nextcloud/24: MFC update to 24.0.11.

   see https://nextcloud.com/changelog/#latest24
   ok gonzalo@ (MAINTAINER)

   MFC: Fix firmware URL in getweb.

   update to py3-tz-2023.3

   update to php-8.1.17

   update to isc-bind-9.18.13

   mail/mozilla-thunderbird: MFC update to 102.9.1.

   see https://www.thunderbird.net/en-US/thunderbird/102.9.1/releasenotes/
   fixes https://www.mozilla.org/en-US/security/advisories/mfsa2023-12/

   net/curl: security update to 8.0.1

   The version jump is due to curl's 25-year anniversary.  Otherwise
   this is an ordinary bug fix release.

   Includes fixes for
   CVE-2023-27533: TELNET option IAC injection
   CVE-2023-27534: SFTP path ~ resolving discrepancy
   CVE-2023-27535: FTP too eager connection reuse
   CVE-2023-27536: GSS delegation too eager connection re-use
   CVE-2023-27537: HSTS double-free
   CVE-2023-27538: SSH connection too eager reuse still

   Some of those affect protocols not enabled in the port.

   SECURITY UPDATE to samba-4.16.9

   Fix for CVE-2022-38023 Samba should refuse RC4 (aka md5) based SChannel on NETLOGON
   Release notes: https://www.samba.org/samba/history/samba-4.16.9.html
   Tests and ok bket@ and Ian McWilliam (co-maintainer)

   mail/mozilla-thunderbird: MFC update to 102.9.0.

   see https://www.thunderbird.net/en-US/thunderbird/102.9.0/releasenotes/
   fixes https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/

   www/firefox-esr: MFC update to 102.9.0

   see https://www.mozilla.org/en-US/firefox/102.9.0/releasenotes/
   fixes https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/

   Backport security fixes from the emacs-28 branch

   Fixes for CVE-2022-45939, CVE-2022-48337, CVE-2022-48338, CVE-2022-48339
   Prevent arbitrary command execution in ctags/etags handling and
   htmlfontify/ruby modes.

   From lux @ shellcodes dot org

   update to 2.4.56
   fixes CVE-2023-27522 and CVE-2023-25690

   update to wireshark-3.6.12

   update to py3-GitPython-3.1.31, CVE-2022-24439

   SECURITY fix for CVE-2022-43634.

   Update for Nextcloud to 24.0.10

   MFC update to uacme-1.7.4

   MFC net/prosody update to 0.12.3

   diff from MAINTAINER, thanks Lucas!

   It features bugfixes for regressions for SQL users, improved HTTP and
   `prosodyctl check dns` reliability. Full release notes can be found at
   <https://blog.prosody.im/prosody-0.12.3-released/>.