- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Feed Advanced Search
Advanced Search
Advanced Search
Fri, Nov 28
Fri, Nov 28
Add missing comma in Credits line.
Wed, Nov 26
Wed, Nov 26
Add SA-25:10 and related patches.
Add UPDATING entries and bump version.
gordon committed rG9b0808259a8a: Add a fix to scrub unsolicited NS RRSets to prevent cache poisoning. (authored by gordon).
Add a fix to scrub unsolicited NS RRSets to prevent cache poisoning.
Add UPDATING entries and bump version.
gordon committed rG18c4eb2cc642: Add a fix to scrub unsolicited NS RRSets to prevent cache poisoning. (authored by gordon).
Add a fix to scrub unsolicited NS RRSets to prevent cache poisoning.
Add UPDATING entry and bump version number.
gordon committed rGdabd406d99a9: Mitigate YXDOMAIN and nodata non-referral answer poisoning. (authored by gordon).
Mitigate YXDOMAIN and nodata non-referral answer poisoning.
gordon committed rG2aed524b2329: Mitigate YXDOMAIN and nodata non-referral answer poisoning. (authored by gordon).
Mitigate YXDOMAIN and nodata non-referral answer poisoning.
gordon committed rGcd40a23fb249: Mitigate YXDOMAIN and nodata non-referral answer poisoning. (authored by gordon).
Mitigate YXDOMAIN and nodata non-referral answer poisoning.
gordon committed rGb01f35a4e19d: Mitigate YXDOMAIN and nodata non-referral answer poisoning. (authored by gordon).
Mitigate YXDOMAIN and nodata non-referral answer poisoning.
gordon committed rG2a3a6a177114: Mitigate YXDOMAIN and nodata non-referral answer poisoning. (authored by gordon).
Mitigate YXDOMAIN and nodata non-referral answer poisoning.
Sat, Nov 22
Sat, Nov 22
gordon committed rG696b0e2209ee: Add backup pkgbase signing key held by security-officer. (authored by gordon).
Add backup pkgbase signing key held by security-officer.
gordon committed rG12ec49d8fac2: Add backup pkgbase signing key held by security-officer. (authored by gordon).
Add backup pkgbase signing key held by security-officer.
gordon retitled D53879: Add backup pkgbase signing key held by security-officer from Add security-officer pkgbase keys to build to Add backup pkgbase signing key held by security-officer.
Oct 22 2025
Oct 22 2025
libc: Add "Z" as TZ designator for strptime.
libc: Add "Z" as TZ designator for strptime.
libc: Add "Z" as TZ designator for strptime.
Add SA-25:09.
Oct 15 2025
Oct 15 2025
libc: Add "Z" as TZ designator for strptime.
gordon committed R9:a3c08199268b: website: Move 14.2 to unsupported on security page. (authored by gordon).
website: Move 14.2 to unsupported on security page.
Oct 14 2025
Oct 14 2025
Sep 30 2025
Sep 30 2025
Add EN-25:18 and SA-25:08.
freebsd-update: Library ordering
freebsd-update: Library ordering
Add UPDATING entries and bump version.
Fix issue from OpenSSL.
Add UPDATING entries and bump version.
freebsd-update: Library ordering
Fix multiple security issues in OpenSSL.
Add UPDATING entries and bump version.
Fix multiple security issues in OpenSSL.
Fix issue from OpenSSL.
Fix multiple security issues in OpenSSL.
Fix multiple security issues in OpenSSL.
Fix multiple security issues in OpenSSL.
Sep 18 2025
Sep 18 2025
Seems fine to me. I haven't tested at all, just reviewed the change on Phab. Everything here makes as much sense as I can make out of it (take that for what you will :-)
Sep 17 2025
Sep 17 2025
Looking at what should be in the legacy provider, I fell down this rabbit hole by looking at a completely stock build of 3.5.4-dev on my Mac (I should probably check on a FreeBSD system and see if it is any different, but that would require a small amount of effort and I'm about to go to a dinner) and see this list as the primary objects that end up in the legacy provider:
Sep 16 2025
Sep 16 2025
How did you come up with these changes? What was the methodology that got this changeset?
Correct release patch information.
Add EN-25:15 through EN-25:17.
gordon committed rG751971e55454: arm64: prevent panic when using syscall mux + large arg call (mmap) (authored by jmg).
arm64: prevent panic when using syscall mux + large arg call (mmap)
gordon committed rG722746b39e6e: arm64: prevent panic when using syscall mux + large arg call (mmap) (authored by jmg).
arm64: prevent panic when using syscall mux + large arg call (mmap)
Add UPDATING entries and bump version.
gordon committed rGd1e981cbf3bd: vfs_syscalls.c: Fix handling of offset args for copy_file_range (authored by rmacklem).
vfs_syscalls.c: Fix handling of offset args for copy_file_range
gordon committed rG99012995b4c6: arm64: prevent panic when using syscall mux + large arg call (mmap) (authored by jmg).
arm64: prevent panic when using syscall mux + large arg call (mmap)
Add UPDATING entries and bump version.
Add UPDATING entries and bump version.
gordon committed rGc07b1838f9c9: bnxt: Fix BASE-T, 40G AOC, 1G-CX, autoneg and unknown media lists (authored by Kevin Bowling <kbowling@FreeBSD.org>).
bnxt: Fix BASE-T, 40G AOC, 1G-CX, autoneg and unknown media lists
Aug 8 2025
Aug 8 2025
Add EN-25:12 through EN-25:14 and SA-25:07.
libarchive: merge from vendor branch
gordon committed rGa3bd81ddfe29: net80211: fix TKIP trailer trimming w/ no rx parameters given (authored by adrian).
net80211: fix TKIP trailer trimming w/ no rx parameters given
gordon committed rGce4fe4c4bfcd: Add a new sysctl in order to diffrentiate UEFI architectures (authored by vexeduxr).
Add a new sysctl in order to diffrentiate UEFI architectures
libarchive: merge from vendor branch
Add UPDATING entries and bump version.
gordon committed rG97f34921d77b: route: fix `route -n monitor` when its output is redirected (authored by Oleg Streejak <oleg@pcbtech.ru>).
route: fix `route -n monitor` when its output is redirected
libarchive: merge from vendor branch
Add UPDATING entries and bump version.
gordon committed rG168703212b61: route: fix `route -n monitor` when its output is redirected (authored by Oleg Streejak <oleg@pcbtech.ru>).
route: fix `route -n monitor` when its output is redirected
Add UPDATING entries and bump version.
Jul 2 2025
Jul 2 2025
Add EN-25:09 through EN-25:11 and SA-25:06.
gordon committed rG575644144d5c: ena: Bump driver version to v2.8.1 (authored by akiyano_amazon.com).
ena: Bump driver version to v2.8.1
gordon committed rG35c2729211d9: ena: Fix misconfiguration when requesting regular LLQ (authored by darinzon_amazon.com).
ena: Fix misconfiguration when requesting regular LLQ
Add UPDATING entries and bump version.
gordon committed rGca1f7650a80d: ena: Bump driver version to v2.8.1 (authored by akiyano_amazon.com).
ena: Bump driver version to v2.8.1
gordon committed rG95e9c54b3961: Fix Use-after-free in multi-threaded xz decoder. (authored by gordon).
Fix Use-after-free in multi-threaded xz decoder.
gordon committed rG89104be0ddae: ena: Fix misconfiguration when requesting regular LLQ (authored by darinzon_amazon.com).
ena: Fix misconfiguration when requesting regular LLQ
gordon committed rG4d9c4ecf6a48: Fix corruption in ZFS replication streams from encrypted datasets. (authored by gordon).
Fix corruption in ZFS replication streams from encrypted datasets.
gordon committed rGf936833911d7: libc: allow __cxa_atexit handlers to be added during __cxa_finalize (authored by Aurélien Croc de Suray <freebsd@ap2c.com>).
libc: allow __cxa_atexit handlers to be added during __cxa_finalize
Add UPDATING entries and bump version.
gordon committed rG49b07b94662b: Fix Use-after-free in multi-threaded xz decoder. (authored by gordon).
Fix Use-after-free in multi-threaded xz decoder.
gordon committed rGc5feebf38389: Fix corruption in ZFS replication streams from encrypted datasets. (authored by gordon).
Fix corruption in ZFS replication streams from encrypted datasets.
gordon committed rG89a2823e17e5: libc: allow __cxa_atexit handlers to be added during __cxa_finalize (authored by Aurélien Croc de Suray <freebsd@ap2c.com>).
libc: allow __cxa_atexit handlers to be added during __cxa_finalize
Add UPDATING entries and bump version.
gordon committed rGcb24a62cd75b: Fix corruption in ZFS replication streams from encrypted datasets. (authored by gordon).
Fix corruption in ZFS replication streams from encrypted datasets.
Jul 1 2025
Jul 1 2025
website: Remove EoL'd 14.1-RELEASE
May 16 2025
May 16 2025
Extend lifetime of my key.
May 12 2025
May 12 2025
I’m not entirely sure what kind of approval from secteam is being sought. If someone in core would like to help me understand what kind of review is expected, I’d be happy to undertake it.
Apr 11 2025
Apr 11 2025
Fix missing dot in URI.
Apr 10 2025
Apr 10 2025
Add EN-25:04 through EN-25:08.
Feb 21 2025
Feb 21 2025
Add SA-25:05.openssh.
ssh: Bump VersionAddendum for CVE fixes
gordon committed rG469f61e89ff7: ssh: Fix cases where error codes were not correctly set (authored by emaste).
ssh: Fix cases where error codes were not correctly set
gordon committed rGc57fcc2d5307: ssh: Don't reply to PING in preauth phase or during KEX (authored by emaste).
ssh: Don't reply to PING in preauth phase or during KEX
ssh: Bump VersionAddendum for CVE fixes
gordon committed rG3053f92a163c: ssh: Fix cases where error codes were not correctly set (authored by emaste).
ssh: Fix cases where error codes were not correctly set
gordon committed rG8d0540600b1e: ssh: Don't reply to PING in preauth phase or during KEX (authored by emaste).
ssh: Don't reply to PING in preauth phase or during KEX
Add updating entries and bump version.
ssh: Bump VersionAddendum for CVE fixes
Add UPDATING entries and bump version.
gordon committed rG1920babc310a: ssh: Fix cases where error codes were not correctly set (authored by emaste).
ssh: Fix cases where error codes were not correctly set
gordon committed rG3ae196925d29: ssh: Don't reply to PING in preauth phase or during KEX (authored by emaste).
ssh: Don't reply to PING in preauth phase or during KEX
Add UPDATING entries and bump version
Jan 30 2025
Jan 30 2025
Jan 29 2025
Jan 29 2025
As long as it doesn't end up as a build product, makes sense to me. Want to update the review with a new patch and we'll go from there?
Move this to the proper name.