mail/fetchmail: Revert "update to 6.6.1"
This reverts commit 685e0668a312ae1fbc44aa1635b182c0659718c6,
which does not yet have maintainer approval and escaped - sorry.
security/openvpn-devel: upgrade port to git commit d6ee27b4ff (2.7_rc2, 2025-11-17)
This commit brings the port to "openvpn 2.7_rc2"
Changes of interest for FreeBSD:
- IPv6 address parsing: fix buffer overread on invalid input
(CVE-2025-12106)
- HMAC verification check: fix incorrect memcmp() call
(CVE-2025-13086)
- even more type conversion related warnings have been fixed
- DCO FreeBSD improvements:
improving debug messages (verb 6)
implement client-side counter handling
repair --inactive (and document shortcomings)
repair handling of DCO disconnection notifications in --client mode
- improve cmocka unit test assert() handling
- PUSH_UPDATE server: fix reporting of client IPs in ``status`` output
after pushing a new IPv4/IPv6 address to client
[13 lines not shown]
archivers/zstd: remove lz4, fix manpages
This shortens the requisite path for lang/python314,
and we have a separate archivers/lz4 port.
This also updates the manual pages to v1.5.7, the
release tarball missed updating them, see
<https://github.com/facebook/zstd/releases/tag/v1.5.7>
PR: 290739
Approved by: maintainer timeout (sunpoet@, 15 days)
security/openvpn-devel: upgrade port to git commit d6ee27b4ff (2.7_rc2, 2025-11-17)
This commit brings the port to "openvpn 2.7_rc2"
Changes of interest for FreeBSD:
- IPv6 address parsing: fix buffer overread on invalid input
(CVE-2025-12106)
- HMAC verification check: fix incorrect memcmp() call
(CVE-2025-13086)
- even more type conversion related warnings have been fixed
- DCO FreeBSD improvements:
improving debug messages (verb 6)
implement client-side counter handling
repair --inactive (and document shortcomings)
repair handling of DCO disconnection notifications in --client mode
- improve cmocka unit test assert() handling
- PUSH_UPDATE server: fix reporting of client IPs in ``status`` output
after pushing a new IPv4/IPv6 address to client
[11 lines not shown]
if_ovpn: use IFT_TUNNEL
IFT_ENC has special behaviour in pf we don't desire, and this also ensures that
for all interface types there is N:1:1 correspondence between if_type:dlt:header len.
Requested by: glebius
MFC after: 1 week
bhyve: Report SVM as disabled on AMD
bhyve with a Windows 2025 guest will hang/freeze with the message
rdmsr to register 0xc0010114
on a system with an AMD Ryzen 5. Evidently, recent versions of Windows
ignore the CPUID bits and still read this MSR.
Fix is to report Secure Virtual Machine (SVM) mode as disabled in the VM CR.
PR: 288308
(cherry picked from commit 92dfc3fbcd79422a4586590edabe483f361b7e0e)
