Build date: 1772924402 - Sat Mar 7 23:00:02 UTC 2026 Build cvs date: 1772908543 - Sat Mar 7 18:35:43 UTC 2026 Build id: 2026-03-08.1 Build tags: amd64-regress ports sysupgrade Applied the following diff(s): /home/anton/tmp/robsd/src-sys-em.diff /home/anton/tmp/robsd/src-sys-uhidev-sispm.diff /home/anton/tmp/robsd/src-sysupgrade.diff P lib/libz/deflate.c P lib/libz/deflate.h P lib/libz/inflate.c M sys/dev/usb/uhidev.c P sys/lib/libz/deflate.c P sys/lib/libz/deflate.h P usr.bin/chpass/Makefile U usr.bin/chpass/getpwent.c P usr.bin/passwd/Makefile P usr.bin/ssh/ssh-agent.c P usr.bin/ssh/ssh-sk-client.c M usr.sbin/bgpd/session.c commit OYlDXPbNKTgx4G4y Author: deraadt Date: 2026/03/07 18:35:43 With it's own daemonization / fd cleaning code, ssh-agent opens /dev/null O_RDWR after a pledge without "wpath". This is allowed in current pledge because "/dev/null" is implicitly allowed to be opened even with the most restrictive pledges or unveils. This is a design decision in pledge made at the very beginning, to satisfy libc requirements. We've finally had enough experience and know how to fix that in the near-future, but need to review and fix all code which opens these implicit paths. The fix is to add "wpath", so that "/dev/null" can be opened O_RDWR. But that is uncomfortable, so we add unveil() allowing "/" with "r", 4 unveil "x" for the potential askpass and helpers to be execve'd, and "/dev/null" with "wr". As a result filesystem access is substantially more restricted than before, and ssh-agent is ready for the future pledge change. ok djm dtucker usr.bin/ssh/ssh-agent.c commit 84KZmIKYiq9c8Y0Y Author: deraadt Date: 2026/03/07 18:27:52 Stop doing access() before execve(). It is a TOCTOU, but also it forces use of unveil "rx" instead of "x". This is done by using a pipe() through the fork+execve attempt to expose execve failure and create the same error return as the access() used to do. ok djm dtucker usr.bin/ssh/ssh-sk-client.c commit nXXbcRxLxcqKas07 Author: deraadt Date: 2026/03/07 18:20:26 Use the (no YP, non-threaded) cleaned up copy of getpwent.c placed into usr.bin/chpass instead of reaching around into libc and using crazy cpp options. In the near future the libc version will have more substantial changes (intersecting with pledge and unveil) which are much more difficult to manage using cpp features, so we stop this reacharound into libc subtree. usr.bin/chpass/Makefile usr.bin/passwd/Makefile commit Hlb67a0rKEzXTzl8 Author: deraadt Date: 2026/03/07 18:15:49 Remove #ifdef's relating to YP and threading, and directives for symbol visibility when compiled inside the libc environment. usr.bin/chpass/getpwent.c commit xLqS7T8eZmjn9ALC Author: deraadt Date: 2026/03/07 18:14:48 Verbatim copy of /usr/src/lib/libc/gen/getpwent.c to here, which will be cleaned up for local purposes in the next steps. usr.bin/chpass/getpwent.c commit 7SecoNTU3JiemjkX Author: tb Date: 2026/03/07 09:50:29 zlib: add missing cast to reduce diff between userland and kernel lib/libz/inflate.c commit 4FgysZZ2FOfRnQLS Author: tb Date: 2026/03/07 08:21:25 zlib: avoid double assignment to strm->msg harmless merge error from commit 4480ad49db70b6d2b90da94cc0d4755aace8a632 Author: tb Date: Sun Jun 30 05:16:17 2024 +0000 cast string literals with z_const char * from upstream 2ba25b2ddab9aa939c321d087fcfca573a9cca55 lib/libz/inflate.c commit 0uuKtla73TLTGYie Author: tb Date: 2026/03/07 07:28:22 zlib: sync with userland sys/lib/libz/deflate.c sys/lib/libz/deflate.h commit xeDtTw9d487qeWHE Author: tb Date: 2026/03/07 07:27:51 zlib: fix heap info leak in deflateCopy (ZLB-01-005) commit 84045903ee415efbfaf6d3d443224c2f3a1daea0 Author: Mark Adler Date: Sat Jan 10 21:34:20 2026 -0800 Copy only the initialized deflate state in deflateCopy. To avoid the propagation and possible disclosure of uninitialized memory contents. lib/libz/deflate.c lib/libz/deflate.h P share/mk/bsd.xorg.mk commit tR8z0Xu7o1dkUcKP Author: matthieu Date: 2026/03/07 12:22:06 Fix variable substitution in target install-headers-subdirs. There may be more than one subdir level. Note this target is currently unused in xenocara. share/mk/bsd.xorg.mk