Build date: 1778104803 - Wed May  6 22:00:03 UTC 2026
Build cvs date: 1778086290 - Wed May  6 16:51:30 UTC 2026
Build id: 2026-05-07.1
Build tags: amd64-regress ports sysupgrade

Applied the following diff(s):
/home/anton/tmp/robsd/src-sys-em.diff
/home/anton/tmp/robsd/src-sys-uhidev-sispm.diff
/home/anton/tmp/robsd/src-sysupgrade.diff

P bin/chmod/chmod.c
P distrib/sets/lists/man/mi
P lib/libc/stdio/open_wmemstream.c
P lib/libssl/d1_both.c
P lib/libssl/dtls_local.h
P lib/libssl/tls_key_share.c
P libexec/ld.so/library.c
P libexec/ld.so/library_mquery.c
P libexec/ld.so/arm/rtld_machine.c
P libexec/ld.so/sparc64/rtld_machine.c
M sys/dev/usb/uhidev.c
P sys/netinet/ip_output.c
P usr.bin/mandoc/main.c
P usr.bin/pkgconf/libpkgconf/config.h
P usr.bin/rsync/sender.c
P usr.bin/tmux/format.c
M usr.sbin/bgpd/session.c

commit nlGH1CM7sWGqJolW
Author: sthen
Date: 2026/05/06 16:51:30

  sync

  distrib/sets/lists/man/mi

commit 7L2cYZGg7KISz68k
Author: jsing
Date: 2026/05/06 15:06:35

  Get rid of struct dtls1_retransmit_state.

  In order to retransmit DTLS messages we potentially need to use the
  record protection from a previous epoch. However, DTLS currently also
  saves and restores the session, which is unnecessary - all of the
  record protection and keys are handled in the TLS record layer.

  Remove the rather useless dtls1_retransmit_state struct and just
  keep the epoch - keeping pointers hanging around to sessions is pretty
  nasty and unnecessary.

  ok kenjiro@ tb@

  lib/libssl/d1_both.c
  lib/libssl/dtls_local.h

commit 1jXOor1sS3DH59oD
Author: jsing
Date: 2026/05/06 15:02:51

  Avoid use of uninitialised decode_error variable.

  Pull initialisation of decode_error and invalid_key up to
  tls_key_share_{client,server}_peer_public(), which are the entry points
  for the key share code. The entry point was previously
  tls_key_share_peer_public(), however with the introduction of MLKEM this
  was split into separate client and server functions, without the
  initialisation being included. Also initialise decode_error and
  invalid_params on entry to tls_key_share_peer_params().

  Code that reaches tls_key_share_client_peer_public_mlkem768x25519() could
  previously result in code branching based on decode_error, which is
  uninitialised stack based memory.

  Thanks to Guido Vranken of Aisle Research for reporting this issue.

  With and ok tb@

  lib/libssl/tls_key_share.c

commit E1NdyitQBaAnnSzj
Author: nicm
Date: 2026/05/06 13:43:38

  Add time limit to a couple of other loops.

  usr.bin/tmux/format.c

commit 36IcmrKFZrUWOkF8
Author: jsg
Date: 2026/05/06 13:30:26

  Add missing bounds check for the relocation flags table.
  ok kettenis@

  libexec/ld.so/arm/rtld_machine.c

commit 5zs84CN26nCXtztd
Author: deraadt
Date: 2026/05/06 12:54:27

  High Severity end-of-line whitespace found by GrepTechnologies AI
  ok guenther mlarkin

  bin/chmod/chmod.c

commit fdmy5XZkNRbk3ivd
Author: tb
Date: 2026/05/06 12:07:19

  callloc -> calloc

  from Jan Schreiber

  usr.bin/rsync/sender.c

commit i0lEocbwRKl1K3lU
Author: jsg
Date: 2026/05/06 11:36:13

  fix build with ENCDEBUG defined, broken by rev 1.409
  from Jan Schreiber

  sys/netinet/ip_output.c

commit xdddKE3c8V7wCl7r
Author: kettenis
Date: 2026/05/06 09:05:48

  Add checks to make sure that the ELF header and program header fit into
  the data we read from the on-disk shared library.  These checks should
  only fail for malformed shared libraries, but failing to load a shared
  library is better than crashing the program because of an out-of-bounds
  access.

  Issue found by Frank Denis using the Swival Security Scanner.

  ok guenther@

  libexec/ld.so/library.c
  libexec/ld.so/library_mquery.c

commit 00OMrrlrBvgH9GVo
Author: schwarze
Date: 2026/05/06 08:26:16

  Fix a regression in rev. 1.269 reported by anton@.

  Due to unveil(2), mansearch() can no longer change back to the initial
  working directory.  But check_xr() calls mansearch(), so the main program
  needs to change back if -T lint or -W style is requested, such that these
  work even when multiple relative file names are given on the command line.

  usr.bin/mandoc/main.c

commit eb0zU1wqFpDiTkpK
Author: kettenis
Date: 2026/05/06 08:07:05

  Add missing bounds check for the relocation flags table.
  Found by Frank Denis using the Swival Security Scanner.

  ok guenther@, jsg@

  libexec/ld.so/sparc64/rtld_machine.c

commit oCvmj7bWGheZEv2e
Author: millert
Date: 2026/05/06 02:54:35

  Size is the number of wide characters, not the number of bytes.
  The correct amount of memory was allocated but the stored size did
  not match the allocation due to being multiplied by sizeof(wchar_t).

  Spotted by Frank Denis using the Swival Security Scanner
  OK deraadt@

  lib/libc/stdio/open_wmemstream.c

commit 1WVtI9NKi29FX6gu
Author: jsg
Date: 2026/05/06 00:07:46

  define HAVE_DECL_REALLOCARRAY to use libc reallocarray()
  ok millert@ tb@

  usr.bin/pkgconf/libpkgconf/config.h