BSD Commit Log Search

   Two more configure scripts that need proper main functions.
   ports-gcc use -Wimplicit-int by default and so those basic test fail.
   OK tb@

   Support up to three CPU clusters.

   ok patrick@

   Update to check-jsonschema 0.36.1

   mail/mozilla-thunderbird: MFC update to 140.7.1.

   see https://www.thunderbird.net/en-US/thunderbird/140.7.1esr/releasenotes/

   mail/mozilla-thunderbird: update to 140.7.1.

   see https://www.thunderbird.net/en-US/thunderbird/140.7.1esr/releasenotes/

   Drop base-gcc from COMPILER and use a common CXXFLAGS for -std=c++14.
   OK tb@

   Update oxipng to 10.1.0.

   Update p5-Image-ExifTool to 13.46.

   This needs ports-gcc to build.
   OK rsadowski@ tb@

   ports-gcc is modern enough to compile this now, so switch back to it.
   OK rsadowski@ tb@

   Add CXXFLAGS_ports-gcc = -fdelete-null-pointer-checks to these ports which
   needs it. qtgrpc needs it because it uses protobuf and abseil-cpp.
   qtdeclarative is yet another C++ monster that needs it because of traits.
   OK rsadowski@ tb@

   update to py3-yamllint-1.38.0

   postfix-stable, sslscan, borgbackup/2.0: bump after openssl update
   (static link)

   postfix-stable, sslscan, borgbackup/2.0: bump after openssl update
   (static link)

   MFC: Update to openssl 3.5.5

   Update to openssl 3.6.1

   This fixes a gazillion of CVEs. Far too many to name and list and most of
   which can be safely ignored by everyone except those who make their living
   off CVE busywork. Unless you use CMS AuthEnvelopedData you're good. If you
   don't use PKCS#12 either you're in excellent position to ignore all this.

   Update to openssl 3.5.5

   This fixes a gazillion of CVEs. Far too many to name and list and most of
   which can be safely ignored by everyone except those who make their living
   off CVE busywork. Unless you use CMS AuthEnvelopedData you're good. If you
   don't use PKCS#12 either you're in excellent position to ignore all this.

   www/mozilla-firefox: MFC update to 147.0.2.

   see https://www.firefox.com/en-US/firefox/147.0.2/releasenotes/
   fixes https://www.mozilla.org/fr/security/advisories/mfsa2026-06/

   www/mozilla-firefox: update to 147.0.2.

   see https://www.firefox.com/en-US/firefox/147.0.2/releasenotes/
   fixes https://www.mozilla.org/fr/security/advisories/mfsa2026-06/

   Avoid type confusion in the timestamp response parsing

   A malformed v2 signing cert can lead to a type confusion, and the result
   is a read from an invalid memory address or NULL, so a crash. Unlike for
   OpenSSL, v1 signing certs aren't affected since miod fixed this in '14.

   Reported by Luigino Camastra, fix by Bob Beck, via OpenSSL, CVE 2025-69420.

   ok jsing

   Avoid type confusion in PKCS#12 parsing

   A type confusion can lead to a 1-byte read at address 0x00-0xff, so a
   crash.

   Reported by Luigino Camastra, fix by Bob Beck, via OpenSSL, CVE 2025-22795

   ok jsing

   Use ${SETENV} ${MAKE_ENV} in do-configure to get the right path setup.
   With this lumina builds on sparc64. Bump REVISION to be sure.
   OK tb@

   This needs CXXFLAGS_ports-gcc = -fdelete-null-pointer-checks because
   this is a C++ monster.
   OK aja

   This needs CXXFLAGS_ports-gcc = -fdelete-null-pointer-checks because of
   abseil-cpp.
   OK aja tb

   Add NULL pointer check to PKCS12_item_decrypt_d2i()

   Avoids a NULL pointer dereference triggerable by a malformed PCKS#12 file.

   From Luigino Camastra via OpenSSL (CVE-2025-69421)

   ok jsing

   sysutils/just: update to version 1.46.0

   fix path for args/pid in slapd.ldif, from Chaz Kettleson
   fix paths in manual as well

   Build with SWIG < 4.40 and SWIG >= 4.40.


   ok sthen@

   Update qt-creator to 18.0.2

   Update tellico to 4.1.5