FreeBSD/ports 94a6dafdevel/ruby-build distinfo Makefile

by Koichiro Iwao (meta) on ⎇
devel/ruby-build: Update to 20260326

Changes:        https://github.com/rbenv/ruby-build/releases/tag/v20260326
(cherry picked from commit 7745f7e822a14eea00be302c1420148db2e1a7ea)
DeltaFile
+3-3devel/ruby-build/distinfo
+1-1devel/ruby-build/Makefile
+4-42 files

FreeBSD/ports af4b7f1math/scalapack Makefile distinfo, math/scalapack/files patch-gridmap patch-BLACS_SRC_Bdef.h

by Gleb Popov (arrowd) on ⎇
math/scalapack: Update to 2.2.3

PR:             294051
Approved by:    thierry (fortran)
DeltaFile
+0-120math/scalapack/files/patch-gridmap
+0-18math/scalapack/files/patch-BLACS_SRC_Bdef.h
+0-15math/scalapack/files/patch-BLACS_SRC_blacs__init__.c
+0-10math/scalapack/files/patch-CMakeLists.txt
+3-4math/scalapack/Makefile
+3-3math/scalapack/distinfo
+6-1706 files

FreeBSD/ports 7745f7edevel/ruby-build distinfo Makefile

by Koichiro Iwao (meta) on ⎇
devel/ruby-build: Update to 20260326

Changes:        https://github.com/rbenv/ruby-build/releases/tag/v20260326
DeltaFile
+3-3devel/ruby-build/distinfo
+1-1devel/ruby-build/Makefile
+4-42 files

FreeBSD/src 981cd08sys/vm vm_mmap.c

by Kirk McKusick (mckusick) on ⎇
Provide more precise error explanations for mmap(2) EINVAL errors.

Reviewed by:  kib
Differential Revision: https://reviews.freebsd.org/D55888
Sponsored by: Netflix

(cherry picked from commit dad6e6fc1ea4b737e9f1661ebd30da5d551e3d4a)
DeltaFile
+23-13sys/vm/vm_mmap.c
+23-131 files

FreeBSD/src b0ef93asys/vm vm_mmap.c

by Kirk McKusick (mckusick) on ⎇
Delete error-check code that can never happen.

Near the top of kern_mmap() that implements the mmap(2) system call,
it sets

        prot = PROT_EXTRACT(prot);

with

So prot can only be the three PROT_ flags.

The following test of the user's mmap(2) parameters (near line 275
in vm/vm_mmap.c):

        if (prot != PROT_NONE &&
            (prot & ~(PROT_READ | PROT_WRITE | PROT_EXEC)) != 0) {
                return (EXTERROR(EINVAL, "invalid prot %#jx", prot));
        }


    [8 lines not shown]
DeltaFile
+0-4sys/vm/vm_mmap.c
+0-41 files

FreeBSD/ports 1546840security/vuxml/vuln 2026.xml

by Philip Paeps (philip) on ⎇
security/vuxml: add FreeBSD SAs issued on 2026-03-25

FreeBSD-SA-26:06.tcp affects FreeBSD 14.3R, 14.4R and 15.0R
FreeBSD-SA-26:07.nvmf affects FreeBSD 15.0R
FreeBSD-SA-26:08.rpcsec_gss affects all supported releases
FreeBSD-SA-26:09.pf affects FreeBSD 14.3R, 14.4R and 15.0R
DeltaFile
+151-0security/vuxml/vuln/2026.xml
+151-01 files

FreeBSD/doc 9ab94ecwebsite/content/en/releases/13.5R errata.adoc, website/content/en/releases/14.3R errata.adoc

by Philip Paeps (philip) on ⎇
Add security advisories affecting 13.5R, 14.3R, 14.4R and 15.0R

FreeBSD-SA-26:06.tcp affects FreeBSD 14.3R, 14.4R and 15.0R
FreeBSD-SA-26:07.nvmf affects FreeBSD 15.0R
FreeBSD-SA-26:08.rpcsec_gss affects all supported releases
FreeBSD-SA-26:09.pf affects FreeBSD 14.3R, 14.4R and 15.0R
DeltaFile
+3-3website/content/en/releases/14.4R/errata.adoc
+4-0website/content/en/releases/15.0R/errata.adoc
+3-0website/content/en/releases/14.3R/errata.adoc
+1-0website/content/en/releases/13.5R/errata.adoc
+11-34 files

FreeBSD/doc 59523d3website/content/en administration.adoc

by Philip Paeps (philip) on ⎇
administration: welcome khorben to the security-officer team

Approved by:    so
DeltaFile
+1-0website/content/en/administration.adoc
+1-01 files

FreeBSD/ports de44925editors/gram distinfo Makefile.crates, editors/gram/files patch-cargo-crates_crash-handler-0.7.0_src_linux_state.rs patch-cargo-crates_minidumper-0.8.3_src_ipc_server.rs

by Yuri Victorovich (yuri) on ⎇
editors/gram: New port: Fork of the Zed code editor without AI or telemetry
DeltaFile
+2,187-0editors/gram/distinfo
+1,092-0editors/gram/Makefile.crates
+136-0editors/gram/files/patch-cargo-crates_crash-handler-0.7.0_src_linux_state.rs
+69-0editors/gram/files/patch-cargo-crates_minidumper-0.8.3_src_ipc_server.rs
+59-0editors/gram/files/patch-cargo-crates_crash-context-0.6.3_src_freebsd.rs
+42-0editors/gram/files/patch-cargo-crates_crash-handler-0.7.0_src_linux.rs
+3,585-022 files not shown
+3,909-028 files

FreeBSD/ports 2f60394net/freeipa-client distinfo Makefile

by Xavier Beaudouin (kiwi) on ⎇
net/freeipa-client: update to 4.13.1

Reported by:    portscout
Sponsored by:   Klara, Inc.
DeltaFile
+3-3net/freeipa-client/distinfo
+1-2net/freeipa-client/Makefile
+4-52 files

FreeBSD/doc 10ecd56website/static/security/advisories FreeBSD-SA-26:06.tcp.asc FreeBSD-SA-26:09.pf.asc, website/static/security/patches/SA-26:09 pf-15.patch pf-14.patch

by Gordon Tetlow (gordon) on ⎇
Add SA-26:06 through SA-26:09.

Approved by:    so
DeltaFile
+224-0website/static/security/patches/SA-26:09/pf-15.patch
+212-0website/static/security/patches/SA-26:09/pf-14.patch
+180-0website/static/security/advisories/FreeBSD-SA-26:06.tcp.asc
+168-0website/static/security/advisories/FreeBSD-SA-26:09.pf.asc
+163-0website/static/security/advisories/FreeBSD-SA-26:08.rpcsec_gss.asc
+140-0website/static/security/advisories/FreeBSD-SA-26:07.nvmf.asc
+1,087-09 files not shown
+1,257-015 files

FreeBSD/ports 44e94f4devel/etcd35 distinfo Makefile

by Xavier Beaudouin (kiwi) on ⎇
devel/etcd35: update to 3.5.38

Reported by:    portscout
Sponsored by:   Entersekt (previously Modirum MDpay)
Sponsored by:   Klara, Inc.
DeltaFile
+25-25devel/etcd35/distinfo
+1-2devel/etcd35/Makefile
+26-272 files

FreeBSD/ports 3fc3abbsysutils/lsblk Makefile

by Xavier Beaudouin (kiwi) on ⎇
sysutils/lsblk: bump PORTREVISION

PR:     293887
DeltaFile
+1-1sysutils/lsblk/Makefile
+1-11 files

FreeBSD/ports 3a1985cbiology/sra-tools distinfo

by Jason W. Bacon (jwb) on ⎇
biology/sra-tools: Unbreak distfile

Corruption caused by failed fetch during previous commit.
DeltaFile
+3-3biology/sra-tools/distinfo
+3-31 files

FreeBSD/ports 82543fbdeskutils/taskwarrior-tui distinfo Makefile.crates

by Adam Weinberger (adamw) on ⎇
deskutils/taskwarrior-tui: Update to 0.26.7
DeltaFile
+357-171deskutils/taskwarrior-tui/distinfo
+177-84deskutils/taskwarrior-tui/Makefile.crates
+1-2deskutils/taskwarrior-tui/Makefile
+535-2573 files

FreeBSD/doc 7ccdaf4website/content/en/releases/15.0R/ec2-ami-ids latest.adoc

by Colin Percival (cperciva) on ⎇
15.0: Update "latest" AMIs

We now have 15.0-RELEASE-p5 AMIs.

Note that, due to ongoing issues impacting hardware in the region, AMIs for
the me-south-1 region have not been updated.

Approved by:    re (implicit)
Sponsored by:   Amazon
DeltaFile
+464-464website/content/en/releases/15.0R/ec2-ami-ids/latest.adoc
+464-4641 files

FreeBSD/ports 34ccb57sysutils/nut-devel pkg-plist distinfo

by Cy Schubert (cy) on ⎇
sysutils/nut-devel: Update to the latest networkupstools/nut github commit
DeltaFile
+38-1sysutils/nut-devel/pkg-plist
+3-3sysutils/nut-devel/distinfo
+2-2sysutils/nut-devel/Makefile
+43-63 files

FreeBSD/ports a2b1a68net/kea-devel pkg-plist distinfo

by Cy Schubert (cy) on ⎇
net/kea-devel: Update to 3.1.7
DeltaFile
+40-32net/kea-devel/pkg-plist
+3-3net/kea-devel/distinfo
+1-2net/kea-devel/Makefile
+44-373 files

FreeBSD/ports a41eed0mail/spamassassin-devel pkg-plist distinfo

by Cy Schubert (cy) on ⎇
mail/spamassassin-devel: update to latest github commit
DeltaFile
+7-0mail/spamassassin-devel/pkg-plist
+3-3mail/spamassassin-devel/distinfo
+3-2mail/spamassassin-devel/Makefile
+13-53 files

FreeBSD/ports 481298dsysutils/nut-devel pkg-plist

by Cy Schubert (cy) on ⎇
sysutils/nut-devel: Sort MANPAGES in pkg-plist
DeltaFile
+53-53sysutils/nut-devel/pkg-plist
+53-531 files

FreeBSD/ports e338121security/krb5-devel distinfo Makefile

by Cy Schubert (cy) on ⎇
security/krb5-devel: update to the latest MIT/KRB5 github commit
DeltaFile
+3-3security/krb5-devel/distinfo
+2-2security/krb5-devel/Makefile
+5-52 files

FreeBSD/ports b807219security/nmap-devel distinfo Makefile, security/nmap-devel/files patch-libdnet-stripped_configure patch-libdnet-stripped_src_intf.c

by Cy Schubert (cy) on ⎇
security/nmap-devel: Update to the latest GH commit
DeltaFile
+0-26security/nmap-devel/files/patch-libdnet-stripped_configure
+0-11security/nmap-devel/files/patch-libdnet-stripped_src_intf.c
+3-3security/nmap-devel/distinfo
+2-2security/nmap-devel/Makefile
+5-424 files

FreeBSD/ports ea7d843sysutils/cfengine-masterfiles-devel distinfo Makefile

by Cy Schubert (cy) on ⎇
sysutils/cfengine-masterfiles-devel: Update to latest GH commit
DeltaFile
+3-3sysutils/cfengine-masterfiles-devel/distinfo
+2-2sysutils/cfengine-masterfiles-devel/Makefile
+5-52 files

FreeBSD/ports 49f5627shells/ksh-devel distinfo Makefile

by Cy Schubert (cy) on ⎇
shells/ksh-devel: update to the latest ksh93/ksh github commit
DeltaFile
+3-3shells/ksh-devel/distinfo
+2-2shells/ksh-devel/Makefile
+5-52 files

FreeBSD/ports 4374ce3sysutils/cfengine-devel distinfo Makefile

by Cy Schubert (cy) on ⎇
sysutils/cfengine-devel: Update to latest GH commit
DeltaFile
+5-5sysutils/cfengine-devel/distinfo
+3-3sysutils/cfengine-devel/Makefile
+8-82 files

FreeBSD/ports dde09ffnet/hostapd-devel distinfo Makefile

by Cy Schubert (cy) on ⎇
net/hostapd-devel: Update to the latest GH commit

Update to the latest w1.fi commit, proxied through my GH account
DeltaFile
+3-3net/hostapd-devel/distinfo
+2-2net/hostapd-devel/Makefile
+5-52 files

FreeBSD/ports bb914easecurity/wpa_supplicant-devel distinfo Makefile

by Cy Schubert (cy) on ⎇
security/wpa_supplicant-devel: Update to latest GH commit

Update to the latest w1.fi commit, proxied through my GH account.
DeltaFile
+3-3security/wpa_supplicant-devel/distinfo
+2-2security/wpa_supplicant-devel/Makefile
+5-52 files

FreeBSD/src 5c4e558. UPDATING, sys/conf newvers.sh

by Mark Johnston (markj) via Philip Paeps (philip) on ⎇
Add UPDATING entries and bump version

Approved by:    so
DeltaFile
+5-0UPDATING
+1-1sys/conf/newvers.sh
+6-12 files

FreeBSD/src c4f53a1lib/librpcsec_gss svc_rpcsec_gss.c, sys/rpc/rpcsec_gss svc_rpcsec_gss.c

by Mark Johnston (markj) via Philip Paeps (philip) on ⎇
rpcsec_gss: Fix a stack overflow in svc_rpc_gss_validate()

svc_rpc_gss_validate() copies the input message into a stack buffer
without ensuring that the buffer is large enough.  Sure enough,
oa_length may be up to 400 bytes, much larger than the provided space.
This enables an unauthenticated user to trigger an overflow and obtain
remote code execution.

Add a runtime check which verifies that the copy won't overflow.

Approved by:    so
Security:       FreeBSD-SA-26:08.rpcsec_gss
Security:       CVE-2026-4747
Reported by:    Nicholas Carlini <npc at anthropic.com>
Reviewed by:    rmacklem
Fixes:          a9148abd9da5d
DeltaFile
+9-1sys/rpc/rpcsec_gss/svc_rpcsec_gss.c
+8-1lib/librpcsec_gss/svc_rpcsec_gss.c
+17-22 files

FreeBSD/src 99ec7f9lib/librpcsec_gss svc_rpcsec_gss.c, sys/rpc/rpcsec_gss svc_rpcsec_gss.c

by Mark Johnston (markj) via Gordon Tetlow (gordon) on ⎇
rpcsec_gss: Fix a stack overflow in svc_rpc_gss_validate()

svc_rpc_gss_validate() copies the input message into a stack buffer
without ensuring that the buffer is large enough.  Sure enough,
oa_length may be up to 400 bytes, much larger than the provided space.
This enables an unauthenticated user to trigger an overflow and obtain
remote code execution.

Add a runtime check which verifies that the copy won't overflow.

Approved by:    so
Security:       FreeBSD-SA-26:08.rpcsec_gss
Security:       CVE-2026-4747
Reported by:    Nicholas Carlini <npc at anthropic.com>
Reviewed by:    rmacklem
Fixes:          a9148abd9da5d

(cherry picked from commit 143293c14f8de00c6d3de88cd23fc224e7014206)
DeltaFile
+9-1sys/rpc/rpcsec_gss/svc_rpcsec_gss.c
+8-1lib/librpcsec_gss/svc_rpcsec_gss.c
+17-22 files