BSD Commit Log Search

   create_priority_list: fix the priority_len bounds check
   OK job@

   Use pre-allocated extent region descriptors to prevent bus_dmamap_load(9)
   failures on a dmamap that was created with the BUS_DMA_ALLOCNOW flag.

   ok chris@, hshoexer@

   Cache scrollbar options in window to avoid a slow lookup when working
   out visible ranges.

   Allow :. in names again, forbidding them is overly pernickety. Only
   forbid invalid UTF-8 and #(.

   Add link=/nolink to styles to specific a hyperlink. GitHub issue 4280
   from Moritz Angermann.

   Limit hyperlink URIs to 1024 bytes which seems enough and allows us not
   to have to worry about gigantic URIs in styles, part of a change from
   Moritz Angermann.

   Allow empty window and session names.

   Declare immutable `msginfo' structure as const. Also, `msginfo' is local
   to kern/sysv_msg.c, so remove declaration from sys/msg.h. This
   declaration is not exposed to the userland. usr.bin/ipcs/ipcs.c has
   "#define _KERNEL" before include SysV headers, but doesn't touch
   `msginfo'.

   ok deraadt

   fix ineffective max file size check when loading blobs/keys from
   files and add another one on a patch that was not covered by the
   existing ones. From Tess Gauthier via bz3969 and bz3970

   check strdup() return to avoid NULL deref on failure.
   bz3948 from RuiHe-MO

   s/calloc/xcalloc/ to reduce noise from AI bug detectors that
   don't understand context

   fix "ls -n", which was still displaying user/group names rather
   than numeric uids/gids. Based on patch from Tamilan in bz3953

   move documentation of the Include directive to near the start of
   the options list, alongside that for Match and Host which are similar
   insofar as they all affect configuration parsing rather than altering
   the configuration directly. from xspielinbox via bz3968

   mention RefuseConnection, VersionAddendum and WarnWeakCrypto
   along with other options. from xspielinbox via bz3968

   update currency exchange rates;

   correct directive name (s/Host/Match) in error message
   from xspielinbox via bz3968

   report errors in fill_default_options() properly, based on
   GHPR649 by Zoltán Fridrich

   don't use deprecated ERR_load_crypto_strings()

   GHPR650 from Mike Frysinger

   Make pane scrollbars able to auto-hide after a short timeout. This
   replaces the previous "modal" behaviour where the pane would be resized,
   which tended to make a mess. Instead, the scrollbar appears when
   scrolling or when hovered over with the mouse and disappears a
   (configurable) short period later. From Michael Grant.

   don't print an error message when trying to load a host private key
   when PKCS#11 keys are in use, as these don't need the private half
   on the filesystem. GHPR664 from Ingo Franzki

   make ssh-add open it's connection to the agent after it has
   finished getopt() processing and not before. This allows the -v
   flag to work properly.

   ok jca@

   Fix bounds checking when signing messages of length greater than will
   fit in a size_t.
   In OpenSSH, messages sizes are bounded by SSHBUF_SIZE_MAX so this was
   unreachable.
   From Swival scanner.

   fix ECDSA order check for curves with cofactor != 1.
   All supported EC curves have cofactor 1, so this is a nop.
   From Swival scanner

   avoid situation where sftp_download() could get stuck in a loop if
   a broken server repeatedly returned zero length while reading a file.
   Identified by Swival scanner

   avoid download to server-controlled path when performing download
   on the commandline. From Swival scanner

   resist that return ".." via remote glob during remote/remote copies,
   similar to fixes for bz3871 for remote/local copies.
   From Swival scanner

   avoid possible NULL deref; from Swival scanner

   cal: trim whitespace

   Update link to ISO week calculation

   From Biarder (I used the more specific #calcweekno anchor)

   Only forbid #( in names and titles (styles are #[ and are useful).