security/openvpn-devel: upgrade to commit 64fae9d829
this brings in the upstream development work that has happened over
the last two months, plus two CVE fixes:
- fix race condition in TLS handshake that could lead to leaking of
packet data from a previous handshake under specific circumstances
(CVE-2026-40215)
(Bug found by XlabAI Team of Tencent Xuanwu Lab (xlabai at tencent.com))
- fix server ASSERT() on receiving a suitably malformed packet with
a valid tls-crypt-v2 key (CVE-2026-35058)
(Bug found by XlabAI Team of Tencent Xuanwu Lab (xlabai at tencent.com)
and independently by Emma Reuter of Cisco ASIG (TALOS-2026-2381))
besides this, most of the commits are code maintenance - modernizing
code, adjusting OpenSSL APIs used to be 4.0 compatible, adding more
[7 lines not shown]
lib/msun: Added fmaximum_mag and fmaximum_num families
Added support for the f{maximum,minimum}_{mag,num} families, the new
C23 standard functions for maximum magnitude and number-preferring
maximum. This includes modifying fmax.3, on top of D56230, to
recommend the use of fmaximum_num and fminimum_num.
Reviewed by: fuz, kargl
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D56236
(cherry picked from commit 4e30c12973c73539bef01be3870a90b6346141e8)
lib/msun: Added fmaximum and fminimum family. Tests and man page
Starting from the existing fmax{,f,l} functions I've added the fmaximum
family, which handles NaN according to the newest standard (propagating
it).
This commit is a PoC for GSoC 2026.
Reviewed by: fuz, kargl
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D55834
(cherry picked from commit e55db843ef45a8788f69e110d97210fb3968b92f)
devel/vectorscan: disable FAT_RUNTIME on FreeBSD 14
The "fat" runtime build uses build_wrapper.sh to rename symbols via nm(1)
with the -f posix flag, which is not supported on FreeBSD 14.
Reported by: pkg-fallout
chinese/fcitx: Fix options GTK2 and GTK3, improve port
GTK2 and GTK3 options aren't working properly: even if disable GTK2, it
gets re-enabled GTK2.
Improve port:
- Replace PORTVERSION with DISTVERSION.
- Fix warnings from portclippy.
- Set dependency from ecm as build.
- Convert CMAKE_ARGS to CMAKE_ON and CMAKE_OFF.
- Replace ".if ${PORT_OPTIONS:M***}" with new style options.
- Remove unnecessary KDE_MAN_PREFIX - it have default value.
- Remove description of Qt4 module from pkg-message.
- Use DESKTOPDIR in pkg-message.
PR: 294883
Approved by: lichray at gmail.com (maintainer)
Sponsored by: UNIS Labs
Co-authored-by: Ken DEGUCHI <kdeguchi at sz.tokoha-u.ac.jp>
[3 lines not shown]
chinese/fcitx: Fix options GTK2 and GTK3, improve port
GTK2 and GTK3 options aren't working properly: even if disable GTK2, it
gets re-enabled GTK2.
Improve port:
- Replace PORTVERSION with DISTVERSION.
- Fix warnings from portclippy.
- Set dependency from ecm as build.
- Convert CMAKE_ARGS to CMAKE_ON and CMAKE_OFF.
- Replace ".if ${PORT_OPTIONS:M***}" with new style options.
- Remove unnecessary KDE_MAN_PREFIX - it have default value.
- Remove description of Qt4 module from pkg-message.
- Use DESKTOPDIR in pkg-message.
PR: 294883
Approved by: lichray at gmail.com (maintainer)
Sponsored by: UNIS Labs
Co-authored-by: Ken DEGUCHI <kdeguchi at sz.tokoha-u.ac.jp>
MFH: 2026Q2