BSD Commit Log Search

sysutils/mdfried: Update to 0.22.1

- Remove the DOCS option, because all documentation is now present
  within the program via the ":help" and ":help configuration" commands.

ChangeLog:      https://github.com/benjajaja/mdfried/blob/master/assets/docs/CHANGELOG.md
Reported by:    portscout!

devel/sem: Update to 0.9.0

get/setpriority: Add capability mode checks

Reviewed by: oshogbo
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D57345

(cherry picked from commit 72e34b3e3907d5fd63abf7b2246cae80641769b3)

math/octave-forge-datatypes: Update to 1.2.4.

tty: Add sysctl knob to globally disable TIOCSTI

Reviewed by:    markj
Sponsored by:   The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D57233

ports-mgmt/pkg-provides: update v0.7.4 -> v0.8.0

Changelog: https://github.com/rosorio/pkg-provides/releases/tag/v0.8.0

Major changes:
    - Migrates from libfetch to libcurl
    - Reduce network calls on first or forced update

nuageinit: validate set-name to prevent shell injection in variable names

Shell variable names cannot be safely quoted with shell_escape() —
only alphanumeric characters are valid. Add validation that set-name
only matches [a-zA-Z0-9]+; invalid values are rejected with a
warning and the rename is skipped entirely.

nuageinit: fix shell injection in power_state_change delay and add test

nuageinit: use single-quote shell escaping for hostname in rc.conf.d

The hostname value was written inside double quotes in
/etc/rc.conf.d/hostname. POSIX shell performs command substitution
inside double quotes, so a hostname containing $() or backticks would
be executed when the file is sourced (e.g., by rc(8)).

Switch to using the existing shell_escape() helper, which wraps values
in single quotes. In POSIX shell, single-quoted strings are completely
literal — no expansion or substitution of any kind is performed.

While the hostname is already validated to contain only
[a-zA-Z0-9.-], this change provides defense-in-depth so the output
format is safe regardless of future validation changes.

Reported by:    Yazdan Soltani <yazdan.soltani at gmail.com>

nuageinit: fix shell command injection in multiple rc.conf.d writes

lang/gnat14: refresh previous assets

Remark: the asset for 14.2.0 on FreeBSD-13 / aarch64 is missing.

devel/R-cran-pak: Update to 0.10.0

Changelog: https://cloud.r-project.org/web/packages/pak/news/news.html

devd/snd.conf: Handle absent control device properly

If virtual_oss is not enabled when these rules run on startup, dmesg
will show the following messages:

Starting devd.
virtual_oss_cmd: Could not open control device: /dev/vdsp.ctl: No such file or directory
virtual_oss_cmd: Could not open control device: /dev/vdsp.ctl: No such file or directory

Reported by:    olce, Mark Millard <marklmi at yahoo.com>
Sponsored by:   The FreeBSD Foundation
MFC after:      1 week

website/copyright/daemon: Remove stale FreeBSD Mall links

PR:             293468
Reported by:    wosch
Reviewed by:    mhorne
Differential Revision:  https://reviews.freebsd.org/D57506

UPDATING: Add a note about x11-wm/mango (v. 0.14.0)

x11-wm/mango: Update to 0.14.2

- Add DOCS option
- Add an update message for users, because mango has some breaing
  changes starting with version 0.14.0

ChangeLog:

- https://github.com/mangowm/mango/releases/tag/0.14.0
- https://github.com/mangowm/mango/releases/tag/0.14.1
- https://github.com/mangowm/mango/releases/tag/0.14.2

Reported by:    portscout!

biology/linux-foldingathome: Update license

Folding at home Client is GPLv3+ as of version 8.

We can now distribute this package freely.

biology/linux-foldingathome: Add manual page fahclient(8) and clean up

Move all documentation to fahclient.8.

Reference the new manual page from pkg-message and the rc script.

Remove outdated --chdir handling. The flag is gone from fah-client and
rc(8) handles that automatically.

Remove an incorrect description of what fahclient_flags does.

Allow fahclient_team and fahclient_donor to be empty. This way we avoid
warnings when the configuration file overrides the command-line flags,
e.g.:

    14:25:24:W :Option 'user' already set to 'Anonymous' reseting to '0mp'.
    14:25:24:W :Option 'team' already set to '11743' reseting to '11743'.

Pass --log-to-screen=true to showconfig's flags. This way we can

    [7 lines not shown]

bsdinstall: Add SPDX-License-Identifier tags

Reviewed by:    emaste
Sponsored by:   The FreeBSD Foundation

(cherry picked from commit 80c73c89dc6a156a119350d7c28c6db1f3b741df)

smsc: Add missing newline to PHY timeout error printf

(cherry picked from commit 0979bfb0ec804590a782ea33b787ec0989c1f1a4)

netlink: Check permissions for interface flag changes

Reviewed by:    pouria, melifaro
Sponsored by:   The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D57332

(cherry picked from commit 96dbc9a8de105065b6b1e55702aa648319176587)

netlink: Avoid potential undefined behaviour

Taking the address of an OOB array element is UB, even if not
dereferenced.

Reviewed by: des, bz
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D57172

(cherry picked from commit 4d125ed6e7d445d574c11dc35c40ec3013559806)

netlink: Check for NULL return from npt_alloc()

Reviewed by: glebius, pouria
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D57171

(cherry picked from commit 1dbc104148845434575d1931d47876ae0ca1542f)

netlink: Fix RTM_GETROUTE loop for RT_TABLE_UNSPEC

Reviewed by: bz, pouria
Fixes: 7e5bf68495cc ("netlink: add netlink support")
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D57234

(cherry picked from commit 33acf0f26b490ea4887d820a3f45c56e3913a17d)

netlink: Use early exit pattern in _nl_modify_ifp_generic

No functional change.

Reviewed by:    pouria, melifaro
Sponsored by:   The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D57349

(cherry picked from commit 9ddb6064f815ebdd0cfea4b2e0d3b6f0c98ea072)

netlink: Fix interface type match

Reviewed by: bz, glebius, pouria
Fixes: 7e5bf68495cc ("netlink: add netlink support")
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D57167

(cherry picked from commit eff5f220c379d4173fdc0e5ec00380888bf7649a)

elfdump: Decode SHT_LLVM_ADDRSIG section header type

Reported by:    bz
Sponsored by:   The FreeBSD Foundation

(cherry picked from commit 3c07cfb25283d93f03cdac51158289853d0e17a8)

netlink: Avoid undefined behaviour

Even though it is not dereferenced, it is UB to take the address of an
out of bounds array element.

Reviewed by: pouria, bz, des, adrian
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D57158

(cherry picked from commit 1a4ad649cb135501f0bee56a4214e8c904ca402e)

route: Fix `flush` w/o specified address family

PR:             291867
Reported by:    gavin
Reviewed by:    pouria, melifaro
Sponsored by:   The FreeBSD Foundation
Fixes: c597432e2297 ("route(8): convert to netlink")
Differential Revision: https://reviews.freebsd.org/D57336

(cherry picked from commit 32a7ba251acbfb442665eed40fb4f48c8f2bd710)

sysutils/plasma6-ksystemstats: Fix memory leak

PR:             295310
Submitted by:   avg

(cherry picked from commit b6754dfb149895f492fa43de28e1608d79f1675f)