Piotr Kubaj
1d4b5836a9
Changelog: - Security: Don't allow dbclient hostname arguments to be interpreted by the shell. dbclient hostname arguments with a comma (for multihop) would be passed to the shell which could result in running arbitrary shell commands locally. That could be a security issue in situations where dbclient is passed untrusted hostname arguments. Now the multihop command is executed directly, no shell is involved. Thanks to Marcin Nowak for the report, tracked as CVE-2025-47203 - Fix compatibility for htole64 and htole32, regression in 2025.87 Patch from Peter Fichtner to work with old GCC versions, and patch from Matt Robinson to check different header files. - Fix building on older compilers or libc that don't support static_assert(). Regression in 2025.87 - Support ~R in the client to force a key re-exchange. - Improve strict KEX handling. Dropbear previously would allow other packets at the end of key exchange prior to receiving the remote peer's NEWKEYS message, which should be forbidden by strict KEX. Reported by Fabian Bäumer.
This is the FreeBSD Ports Collection. For an easy to use WEB-based interface to it, please see: https://ports.FreeBSD.org For general information on the Ports Collection, please see the FreeBSD Handbook ports section which is available from: https://docs.freebsd.org/en/books/handbook/ports/ for the latest official version or: The ports(7) manual page (man ports). These will explain how to use ports and packages. If you would like to search for a port, you can do so easily by saying (in /usr/ports): make search name="<name>" or: make search key="<keyword>" which will generate a list of all ports matching <name> or <keyword>. make search also supports wildcards, such as: make search name="gtk*" For information about contributing to FreeBSD ports, please see the Porter's Handbook, available at: https://docs.freebsd.org/en/books/porters-handbook/ NOTE: This tree will GROW significantly in size during normal usage! The distribution tar files can and do accumulate in /usr/ports/distfiles, and the individual ports will also use up lots of space in their work subdirectories unless you remember to "make clean" after you're done building a given port. /usr/ports/distfiles can also be periodically cleaned without ill-effect.