git: 31900fbe281f - releng/14.3 - Add UPDATING entries and bump version

The branch releng/14.3 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=31900fbe281f595718d20c0aa26b10ab2efa138d

commit 31900fbe281f595718d20c0aa26b10ab2efa138d
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2026-04-28 20:29:58 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2026-04-28 20:33:05 +0000

    Add UPDATING entries and bump version
    
    Approved by:    so
---
 UPDATING            | 26 ++++++++++++++++++++++++++
 sys/conf/newvers.sh |  2 +-
 2 files changed, 27 insertions(+), 1 deletion(-)

diff --git a/UPDATING b/UPDATING
index 2481d0187180..ae6ab355ce23 100644
--- a/UPDATING
+++ b/UPDATING
@@ -12,6 +12,32 @@ Items affecting the ports and packages system can be found in
 /usr/ports/UPDATING.  Please read that file before updating system packages
 and/or ports.
 
+20260429:
+	14.3-RELEASE-p12 SA-26:12.dhclient
+			SA-26:13.exec
+			SA-26:14.pf
+			SA-26:15.dhclient
+			SA-26:16.libnv
+			SA-26:17.libnv
+			EN-26:09.tzdata
+			EN-26:10.amd64
+
+	Remote code execution via malicious DHCP options. [SA-26:12.dhclient]
+
+	Local privilege escalation via execve(). [SA-26:13.exec]
+
+	pf can overflow the stack parsing crafted SCTP packets. [SA-26:14.pf]
+
+	Remotely triggerable out-of-bounds heap write in dhclient. [SA-26:15.dhclient]
+
+	Stack overflow via select() file descriptor set overflow. [SA-26:16.libnv]
+
+	Heap overflow in libnv. [SA-26:17.libnv]
+
+	Timezone database information update. [EN-26:09.tzdata]
+
+	TLB invalidation bug on AMD systems with INVLPGB. [EN-26:10.amd64]
+
 20260421:
 	14.3-RELEASE-p11 SA-26:10.tty
 			SA-26:11.amd64
diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh
index e4d9bf1b464b..95f605916ed3 100644
--- a/sys/conf/newvers.sh
+++ b/sys/conf/newvers.sh
@@ -53,7 +53,7 @@
 
 TYPE="FreeBSD"
 REVISION="14.3"
-BRANCH="RELEASE-p11"
+BRANCH="RELEASE-p12"
 if [ -n "${BRANCH_OVERRIDE}" ]; then
 	BRANCH=${BRANCH_OVERRIDE}
 fi