FreeBSD/ports 7db1410audio/songrec distinfo Makefile

audio/songrec: update 0.7.1 → 0.7.3
DeltaFile
+15-13audio/songrec/distinfo
+9-8audio/songrec/Makefile
+24-212 files

FreeBSD/ports e15745eshells/agsh distinfo Makefile

shells/agsh: update 0.23.1 → 0.24.1
DeltaFile
+3-3shells/agsh/distinfo
+1-1shells/agsh/Makefile
+4-42 files

FreeBSD/ports 00796b6misc/lean-ctx distinfo Makefile

misc/lean-ctx: update 3.6.8 → 3.6.9
DeltaFile
+11-3misc/lean-ctx/distinfo
+5-1misc/lean-ctx/Makefile
+16-42 files

FreeBSD/src b79facalib/libcasper/services/cap_net cap_net.c

cap_net: do not allow new limits to drop keys from the old ones

If the old limit had family/hosts/sockaddr set, the new limit must
have them too. Before, a missing key in the new limit was treated as
"allow any", which let a caller silently extend their limits.

Reported by:    Joshua Rogers of AISLE Research Team
Reviewed by:    markj
MFC after:      1 day
Differential Revision:  https://reviews.freebsd.org/D56991

(cherry picked from commit d705a519525f2acae3c1efba11436ec6ee8aea0a)
DeltaFile
+31-0lib/libcasper/services/cap_net/cap_net.c
+31-01 files

FreeBSD/src 7eb3fd6lib/libcasper/services/cap_net cap_net.c

cap_net: do not allow new limits to drop keys from the old ones

If the old limit had family/hosts/sockaddr set, the new limit must
have them too. Before, a missing key in the new limit was treated as
"allow any", which let a caller silently extend their limits.

Reported by:    Joshua Rogers of AISLE Research Team
Reviewed by:    markj
MFC after:      1 day
Differential Revision:  https://reviews.freebsd.org/D56991

(cherry picked from commit d705a519525f2acae3c1efba11436ec6ee8aea0a)
DeltaFile
+31-0lib/libcasper/services/cap_net/cap_net.c
+31-01 files

FreeBSD/ports 798bd35net-mgmt/thanos Makefile

net-mgmt/thanos: Fix BUILD_DATE syntax to fix build

* Change the syntax of BUILD_DATE after switching to GO_LDFLAGS as
port was using double quotes but Uses/go.mk has single quotes where it
interpolates GO_LDFLAGS, which requires use of different syntax.
* Also switch date format of BUILD_DATE to classic ISO 8601.

PR:             295384
Reported by:    Chad Jacob Milios <milios at ccsys.com>
Approved by:    db@, yuri@ (Mentors, implicit)
Fixes:          2af7cdf6fd59 * net-mgmt/thanos: improve port
DeltaFile
+1-1net-mgmt/thanos/Makefile
+1-11 files

FreeBSD/ports 901bda9sysutils Makefile, sysutils/boxrun Makefile pkg-descr

sysutils/boxrun: New port: sandboxed execution of programs

* Initial commit (version 0.3.0)

MFH:            2026Q2
(cherry picked from commit 097d516cae1fe1baccaacc25e4d2ebe45f831f4d)
DeltaFile
+33-0sysutils/boxrun/Makefile
+11-0sysutils/boxrun/pkg-descr
+3-0sysutils/boxrun/distinfo
+1-0sysutils/Makefile
+48-04 files

FreeBSD/ports 097d516sysutils Makefile, sysutils/boxrun Makefile pkg-descr

sysutils/boxrun: New port: sandboxed execution of programs

* Initial commit (version 0.3.0)

MFH:            2026Q2
DeltaFile
+33-0sysutils/boxrun/Makefile
+11-0sysutils/boxrun/pkg-descr
+3-0sysutils/boxrun/distinfo
+1-0sysutils/Makefile
+48-04 files

FreeBSD/ports 7944f0cmultimedia/supersonic distinfo Makefile

multimedia/supersonic: Update to 0.21.1

ChangeLogs:

- https://github.com/dweymouth/supersonic/releases/tag/v0.21.0
- https://github.com/dweymouth/supersonic/releases/tag/v0.21.1
DeltaFile
+5-5multimedia/supersonic/distinfo
+1-2multimedia/supersonic/Makefile
+6-72 files

FreeBSD/ports 75bf0f9www/py-dj60-django-stubs-ext distinfo Makefile

www/py-dj60-django-stubs-ext: Update to 6.0.4

ChangeLog: https://github.com/typeddjango/django-stubs/releases/tag/6.0.4
DeltaFile
+3-3www/py-dj60-django-stubs-ext/distinfo
+1-1www/py-dj60-django-stubs-ext/Makefile
+4-42 files

FreeBSD/ports 9868431net/dataplaneapi distinfo Makefile

net/dataplaneapi: Update to 3.3.4

ChangeLog: https://github.com/haproxytech/dataplaneapi/releases/tag/v3.3.4
DeltaFile
+5-5net/dataplaneapi/distinfo
+2-3net/dataplaneapi/Makefile
+7-82 files

FreeBSD/ports 3547344textproc/py-typst distinfo Makefile.crates, textproc/py-typst/files patch-Cargo.lock patch-Cargo.toml

textproc/py-typst: Update to 0.14.9

ChangeLog: https://github.com/messense/typst-py/releases/tag/v0.14.9
DeltaFile
+239-219textproc/py-typst/distinfo
+118-108textproc/py-typst/Makefile.crates
+7-7textproc/py-typst/files/patch-Cargo.lock
+6-8textproc/py-typst/files/patch-Cargo.toml
+1-2textproc/py-typst/Makefile
+371-3445 files

FreeBSD/ports dce3decwww/rustypaste distinfo Makefile.crates

www/rustypaste: Update to 0.17.0

ChangeLog: https://github.com/orhun/rustypaste/releases/tag/v0.17.0
DeltaFile
+219-179www/rustypaste/distinfo
+108-88www/rustypaste/Makefile.crates
+1-2www/rustypaste/Makefile
+328-2693 files

FreeBSD/ports 954606fsysutils/bin distinfo Makefile

sysutils/bin: Update to 0.26.0

ChangeLog: https://github.com/marcosnils/bin/releases/tag/v0.26.0
DeltaFile
+5-5sysutils/bin/distinfo
+2-3sysutils/bin/Makefile
+7-82 files

FreeBSD/ports 4555a4fgraphics/asciinema-agg distinfo Makefile.crates

graphics/asciinema-agg: Update 1.8.1

ChangeLogs:

- https://github.com/asciinema/agg/releases/tag/v1.8.0
- https://github.com/asciinema/agg/releases/tag/v1.8.1
DeltaFile
+499-461graphics/asciinema-agg/distinfo
+248-229graphics/asciinema-agg/Makefile.crates
+1-2graphics/asciinema-agg/Makefile
+748-6923 files

FreeBSD/ports 8fd7d30security/py-unicode-show distinfo Makefile

security/py-unicode-show: Update to 51.5-1
DeltaFile
+3-3security/py-unicode-show/distinfo
+1-1security/py-unicode-show/Makefile
+4-42 files

FreeBSD/ports 3023d7adevel/py-odoo-addon-openupgrade-scripts16 pkg-plist distinfo

devel/py-odoo-addon-openupgrade-scripts16: Update to 16.0.1.0.5.14
DeltaFile
+4-4devel/py-odoo-addon-openupgrade-scripts16/pkg-plist
+3-3devel/py-odoo-addon-openupgrade-scripts16/distinfo
+1-1devel/py-odoo-addon-openupgrade-scripts16/Makefile
+8-83 files

FreeBSD/ports 83c1af8devel/py-eliot distinfo Makefile

devel/py-eliot: Update to 0.18.0
DeltaFile
+3-3devel/py-eliot/distinfo
+1-1devel/py-eliot/Makefile
+4-42 files

FreeBSD/ports 04c5f8ddatabases/libvalkey pkg-plist distinfo

databases/libvalkey: Update to 0.5.0

* Use OPTIONS_SUB=yes for TLS.

ChangeLog: https://github.com/valkey-io/libvalkey/releases/tag/0.5.0
DeltaFile
+7-7databases/libvalkey/pkg-plist
+3-3databases/libvalkey/distinfo
+2-1databases/libvalkey/Makefile
+12-113 files

FreeBSD/ports 9c2467bdatabases/mysql80-client Makefile, databases/mysql80-server Makefile

databases/mysql80-{server|client}: Set Deprecate Date

Deprecate Date and set to expire on 2026-12-31

Sponsored by:   Netzkommune GmbH
DeltaFile
+3-0databases/mysql80-client/Makefile
+3-0databases/mysql80-server/Makefile
+6-02 files

FreeBSD/ports 277c8e8devel/tree-sitter distinfo Makefile

devel/tree-sitter: Update to 0.26.9
DeltaFile
+3-3devel/tree-sitter/distinfo
+1-1devel/tree-sitter/Makefile
+4-42 files

FreeBSD/ports bb4a299emulators/fuse pkg-plist Makefile

emulators/fuse: update to 1.8.0

Remove GTK2 option (removed upstream) and split out SDL option into
SDL and SDL2 options.
DeltaFile
+8-9emulators/fuse/pkg-plist
+8-6emulators/fuse/Makefile
+3-3emulators/fuse/distinfo
+19-183 files

FreeBSD/ports 1884acfwww/freenginx distinfo Makefile

www/freenginx: Update to 1.30.0

Changes with freenginx 1.30.0                                    14 Apr
2026

    *) 1.30.x stable branch.

Sponsored by:   Netzkommune GmbH
DeltaFile
+3-3www/freenginx/distinfo
+2-2www/freenginx/Makefile
+5-52 files

FreeBSD/ports 152cdefdatabases/rocksdb Makefile

databases/rocksdb: Fix build with PIE

RocksDB's build_detect_platform sets PROFILING_FLAGS=-pg when the compiler
supports it. The two benchmark targets table_reader_bench and log_write_bench
are then linked with -pg, which causes the linker to pull in FreeBSD's gcrt1.o
(the profiling CRT). gcrt1.o contains R_X86_64_64 absolute relocations that are
incompatible with -pie, resulting in a link failure when WITH_PIE=yes is set.

PR:             295260
Approved by:    sunpoet (maintainer)
Sponsored by:   Netflix
DeltaFile
+2-1databases/rocksdb/Makefile
+2-11 files

FreeBSD/src d84a691sys/powerpc/conf MPC85XX

powerpc: Remove stale include line from MPC85XX

The stale include line caused config -m to fail with an error trying
to parse the config file during make universe/tinderbox which in turn
caused universe/tinderbox to abort without building any powerpc
kernels (or subsequent architectures such as riscv64) with the error:

make[2]: freebsd/main/Makefile:767: Target architecture for powerpc/conf/MPC85XX unknown.  config(8) likely too old.
        in .for loop from freebsd/main/Makefile:761 with kernel = MPC85XX
        in make[2] in directory "freebsd/main"

make[2]: stopped making "universe_kernels" in freebsd/main
*** Error code 1

Reported by:    npn, many others
Fixes:          fd8d34ce272b ("dpaa: Migrate from NCSW base to a home-grown driver")
DeltaFile
+0-1sys/powerpc/conf/MPC85XX
+0-11 files

FreeBSD/ports 8b69d71security/vuxml/vuln 2026.xml

security/vuxml: Document Nginx vulnerabilities

add entry for www/nginx-devel

Sponsored by:   Netzkommune GmbH
DeltaFile
+35-0security/vuxml/vuln/2026.xml
+35-01 files

FreeBSD/ports 0555670sysutils/osquery Makefile, sysutils/osquery/files extra-osquery_events_CMakeLists.txt

sysutils/osquery: Fix build on FreeBSD < 15

Reported by:    pkg-fallout
DeltaFile
+20-0sysutils/osquery/files/extra-osquery_events_CMakeLists.txt
+6-0sysutils/osquery/Makefile
+26-02 files

FreeBSD/ports c70717cscience/v_sim Makefile pkg-plist

science/v_sim: fix plist

It seems that Python files are not always installed at the same location
depending on the platform.

Since I’m there register missing dependencies with minor improvements.

PR:             295393
Reported by:    D. Engberg
DeltaFile
+7-1science/v_sim/Makefile
+0-4science/v_sim/pkg-plist
+7-52 files

FreeBSD/ports 59f5418www/nginx-acme distinfo Makefile, www/nginx-devel distinfo version.mk

www/nginx-devel: Update to 1.31.0

Changes with nginx 1.31.0                                        13 May
2026

    *) Security: when using the "proxy_set_body" directive, an attacker
       might inject data in the proxied request to an HTTP/2 backend
       (CVE-2026-42926).
       Thanks to Mufeed VH of Winfunc Research.

    *) Security: a heap memory buffer overflow might occur in a worker
       process while handling a specially crafted request by
       ngx_http_rewrite_module, potentially resulting in arbitrary code
       execution (CVE-2026-42945).
       Thanks to Leo Lin.

    *) Security: a heap memory buffer overread might occur in a worker
       process while handling a specially crafted response by
       ngx_http_scgi_module or ngx_http_uwsgi_module, allowing an

    [69 lines not shown]
DeltaFile
+3-3www/nginx-acme/distinfo
+3-3www/nginx-devel/distinfo
+1-1www/nginx-acme/Makefile
+1-1www/nginx-devel/version.mk
+8-84 files

FreeBSD/doc 966a1a9documentation/config/_default hugo.toml, documentation/config/offline config.toml

docs: fix broken cross-references by using numeric values for isOnline

Reviewed by: carlavilla
Approved by: carlavilla
Differential Revision: https://reviews.freebsd.org/D57098
PR: 295112
DeltaFile
+1-1documentation/config/offline/config.toml
+1-1documentation/config/_default/hugo.toml
+2-22 files