FreeBSD/ports c66d0fdmultimedia/mediamtx distinfo Makefile

multimedia/mediamtx: Update to 1.16.1

https://github.com/bluenviron/mediamtx/releases/tag/v1.16.1
DeltaFile
+7-7multimedia/mediamtx/distinfo
+1-2multimedia/mediamtx/Makefile
+8-92 files

FreeBSD/src 7c81bf5sys/netgraph ng_ksocket.c

ng_ksocket: use new macros to lock socket buffers

PR:             292885
Reported by:    Walker R. Thompson <walker.thompson at urz.uni-heidelberg.de>

(cherry picked from commit 1a3d1be4965afddded0b2582b9c4969c1e6a4129)
(cherry picked from commit 4dc38e71ccd522bc5460f3ded3977baa35dad4b9)
DeltaFile
+8-8sys/netgraph/ng_ksocket.c
+8-81 files

FreeBSD/ports 79e861edevel/jansson distinfo Makefile

devel/jansson: Update to 2.15.0

Changelog: https://github.com/akheron/jansson/releases/tag/v2.15.0

PR:             292855
Reviewed by:    vanilla
DeltaFile
+3-3devel/jansson/distinfo
+1-1devel/jansson/Makefile
+1-1devel/jansson/pkg-plist
+5-53 files

FreeBSD/ports 665617egraphics/librsvg2-rust distinfo Makefile.crates

graphics/librsvg2-rust: Update to 2.61.4

Changelog: https://gitlab.gnome.org/GNOME/librsvg/-/releases/2.61.4

PR:             293170
Reviewed by:    desktop (arrowd)
Exp-run by:     antoine
DeltaFile
+11-11graphics/librsvg2-rust/distinfo
+4-4graphics/librsvg2-rust/Makefile.crates
+1-2graphics/librsvg2-rust/Makefile
+1-1graphics/librsvg2-rust/pkg-plist
+17-184 files

FreeBSD/ports 3a694edgraphics/png distinfo Makefile

graphics/png: Update to 1.6.55

Fixes CVE-2026-25646

Changelog: https://github.com/pnggroup/libpng/blob/v1.6.55/ANNOUNCE

PR:             293173
Reviewed by:    desktop (arrowd)
Exp-run by:     antoine
DeltaFile
+5-5graphics/png/distinfo
+1-1graphics/png/Makefile
+1-1graphics/png/pkg-plist
+7-73 files

FreeBSD/src 10d5404usr.sbin/bhyve usb_mouse.c

bhyve: fix USB mouse requests

USB HCI requests may not include HCI transfer block structures (i.e.,
xfer->data[] == NULL), but in several places, the USB mouse emulation
code assumes one will exist. This can lead to a NULL pointer dereference
and a SEGV in the bhyve process as observed via experiments with an
Ubuntu guest and PyUSB code. Note that many of the cases processing
other request types already checked for data == NULL.

While in the neighborhood, fix a typo in the loop iterating over the
usb_data_xfer_block array which used the wrong variable to check for
valid data (idx vs. i).

Reported by: danmcd at edgecast.io
Obtained from: SmartOS
MFC after: 1 week
Relnotes: yes

Reviewed by:    imp
Differential Revision:  https://reviews.freebsd.org/D54661
DeltaFile
+17-9usr.sbin/bhyve/usb_mouse.c
+17-91 files

FreeBSD/src e334b70sys/x86/include x86_var.h, sys/x86/x86 cpu_machdep.c

x86: provide extended description for x86_msr_op(9)

(cherry picked from commit cb81a9c18db93a2046c47b0c7dc0bd6adcdd2495)
DeltaFile
+43-0sys/x86/x86/cpu_machdep.c
+2-4sys/x86/include/x86_var.h
+45-42 files

FreeBSD/src 0558fa8sys/x86/include x86_var.h, sys/x86/x86 cpu_machdep.c

x86: add a safe variant of MSR_OP_SCHED* operations for x86_msr_op(9)

(cherry picked from commit af99e40af1dd4e8b39ca986240ee8b9aea722958)
DeltaFile
+68-7sys/x86/x86/cpu_machdep.c
+2-1sys/x86/include/x86_var.h
+70-82 files

FreeBSD/src b0bc769sys/x86/x86 cpu_machdep.c

x86_msr_op(9): consistently return the value read from MSR

(cherry picked from commit 36ceb5509d01ff2e6482a78ca809c344574e9a25)
DeltaFile
+15-4sys/x86/x86/cpu_machdep.c
+15-41 files

FreeBSD/src c721ceeusr.sbin/syslogd/tests syslogd_format_test_common.sh

syslogd/tests: use kern.features to detect INET support

This fixes INET feature detection with kernel configs
that do not include the kern.conftxt sysctl, such as
riscv64 currently[0].

[0] https://ci.freebsd.org/view/Test/job/FreeBSD-main-riscv64-test/16514/testReport/usr.sbin.syslogd/syslogd_forwarded_format_test/O_flag_bsd_forwarded_legacy/

Reviewed by:    markj
Approved by:    emaste (mentor)
MFC after:      3 days
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D55383
DeltaFile
+1-2usr.sbin/syslogd/tests/syslogd_format_test_common.sh
+1-21 files

FreeBSD/src 1e64949sys/riscv/conf GENERIC

riscv: GENERIC: enable KERN_TLS

This unskips 585 sys/kern/ktls_test testcases[0] in CI. All 585 tests currently pass.

[0] https://ci.freebsd.org/view/Test/job/FreeBSD-main-riscv64-test/16514/testReport/sys.kern/

Approved by:            emaste (mentor)
MFC after:              3 days
Sponsored by:           The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D55376
DeltaFile
+1-0sys/riscv/conf/GENERIC
+1-01 files

FreeBSD/ports ef3d992mail/mu Makefile distinfo

mail/mu: Update 1.12.13 => 1.12.15

Changelog:
https://github.com/djcb/mu/releases/tag/v1.12.14
https://github.com/djcb/mu/releases/tag/v1.12.15

Improve port:
- Fix build with emacs installed.
- Fix warning from portclippy.

PR:     293277 292576
MFH:    2026Q1
(cherry picked from commit 863e7d211cb9ec53bda42218f2bd9f9b704efa33)
DeltaFile
+3-6mail/mu/Makefile
+3-5mail/mu/distinfo
+2-0mail/mu/pkg-plist
+8-113 files

FreeBSD/ports 863e7d2mail/mu Makefile distinfo

mail/mu: Update 1.12.13 => 1.12.15

Changelog:
https://github.com/djcb/mu/releases/tag/v1.12.14
https://github.com/djcb/mu/releases/tag/v1.12.15

Improve port:
- Fix build with emacs installed.
- Fix warning from portclippy.

PR:     293277 292576
MFH:    2026Q1
DeltaFile
+3-6mail/mu/Makefile
+3-5mail/mu/distinfo
+2-0mail/mu/pkg-plist
+8-113 files

FreeBSD/src 818971cusr.sbin/bhyve rfb.c

bhyve: Fix unchecked stream I/O in RFB handler

Convert rfb_send_* helpers to return status codes and check their
results. Add missing checks for stream_read() and stream_write() returns
during the handshake in rfb_handle() to avoid acting on failed I/O.

Signed-off-by:  Hayzam Sherif <hayzam at gmail.com>

Reviewed by:    markj
MFC after:      2 weeks
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D55343
DeltaFile
+54-22usr.sbin/bhyve/rfb.c
+54-221 files

FreeBSD/src 0213827share/misc usb_vendors

usb_vendors: update to 2025.12.13

(cherry picked from commit 8d4c1043bb0630710cbea9f744cdaef499c0ed79)
(cherry picked from commit 2f866e0547bd85e4fc66cf5468e8349931e365be)
DeltaFile
+3-2share/misc/usb_vendors
+3-21 files

FreeBSD/src 7805899share/misc pci_vendors

pci_vendors: update to 2026-02-10

(cherry picked from commit 1acfc913e6b936dec3effc7d1e902a50e5432406)
(cherry picked from commit b28b6c6d33ac7a015c55184b162e060cedeed4f6)
DeltaFile
+358-108share/misc/pci_vendors
+358-1081 files

FreeBSD/src 65338ffusr.bin/tr tr.c

tr: fix class handling in unicode world

toupper/tolower logic was only handled for CCLASS_TOUPPER and
CCLASS_TOLOWER, add support for CCLASS ([:alpha:])

PR:             219900
MFC After:      1 week

(cherry picked from commit 625dc44832cd760be3d7242d8e21a530c7e32bfc)
(cherry picked from commit 45d84c2f06fa72e405f09e2468b10bdf10b806cf)
DeltaFile
+34-0usr.bin/tr/tr.c
+34-01 files

FreeBSD/src 28b5b65sys/netinet6 icmp6.c

icmp6: clear csum_flags on mbuf reuse

When icmp6 sends an ICMPv6 message, it reuses the mbuf of the packet
that triggered the ICMPv6 message and prepends an IPv6 and ICMPv6
header. For a locally generated packet with checksum offloading, the
mbuf still has csum_flags set indicating that a SCTP/TCP/UDP checksum
has to be computed and inserted. Since this not the case anymore,
csum_flags need to be cleared.

PR:                     293227
Reviewed by:            kp, zlei, tuexen
MFC after:              3 days
Differential Revision:  https://reviews.freebsd.org/D55367

(cherry picked from commit ada4dc77577f7162353e8c2916ba5c258b6210f0)
(cherry picked from commit 0a87ae18331d5c52dde1e5a4f13ee577e8e5e188)
DeltaFile
+1-0sys/netinet6/icmp6.c
+1-01 files

FreeBSD/src 0d08a24sys/contrib/openzfs/include/os/freebsd/spl/sys time.h

Merge commit bfb276e55c76 from upstream OpenZFS (by Jessica Clarke)

  Once upon a time, 32-bit PowerPC did indeed have a 32-bit time_t, but
  FreeBSD 12.0 switched to a 64-bit time_t for PowerPC as an ABI break,
  which predates the addition of FreeBSD support to OpenZFS. Moreover,
  64-bit PowerPC has existed since FreeBSD 9.0, where __powerpc__ is also
  defined (alongside __powerpc64__ to disambiguate), which has always had
  a 64-bit time_t. This code has therefore always been wrong for all
  PowerPC variants. Fix this by limiting the 32-bit case to just i386,
  which is the only architecture in FreeBSD to have a 32-bit time_t and
  not have broken ABI, due to its special legacy compatibility status.

  Reviewed-by: Brian Behlendorf <behlendorf1 at llnl.gov>
  Reviewed-by: Alexander Motin <alexander.motin at TrueNAS.com>
  Signed-off-by: Jessica Clarke <jrtc27 at jrtc27.com>
  Closes #18217
  Closes #18218

Reported by:    fuz

    [4 lines not shown]
DeltaFile
+1-1sys/contrib/openzfs/include/os/freebsd/spl/sys/time.h
+1-11 files

FreeBSD/src 8755b5flib/libfetch common.c

libfetch: Restore timeout functionality

PR:             293124
MFC after:      1 week
Fixes:          792ef1ae7b94 ("Refactor fetch_connect() and fetch_bind() to improve readability and avoid repeating the same DNS lookups.")
Reverts:        8f8a7f6fffd7 ("libfetch: apply timeout to SSL_read()")
Reviewed by:    eugen, imp
Differential Revision:  https://reviews.freebsd.org/D55293

(cherry picked from commit 73b82d1b0a2f09224e6d0f7a13dd73c66d740207)
(insta-mfc requested by re@)
(cherry picked from commit d97c824f5b4c9e7e3a1400699022cba146e450fa)
DeltaFile
+3-8lib/libfetch/common.c
+3-81 files

FreeBSD/ports 8fe0721sysutils/stackit distinfo Makefile

sysutils/stackit: Update 0.53.1 => 0.54.1

Changelogs:
https://github.com/stackitcloud/stackit-cli/releases/tag/v0.54.0
https://github.com/stackitcloud/stackit-cli/releases/tag/v0.54.1

PR:     293281
DeltaFile
+5-5sysutils/stackit/distinfo
+1-2sysutils/stackit/Makefile
+6-72 files

FreeBSD/src c8191c3tools/build/mk OptionalObsoleteFiles.inc

OptionalObsoleteFiles: Don't mark /usr/lib/debug/boot directory obsolete

The intent of the currect code is to ignore anything under
/usr/lib/debug/boot/*.  But we also should make sure that
/usr/lib/debug/boot directory is also ignored and is not marked
obsolete.  If we don't do that, `make DBATCH_DELETE_OLD_FILES
delete-old` will try to rmdir(1) this directory, which will cause an
error, since /usr/lib/debug/boot may have nested directories like
kernel/ and modules/.

Reviewed by:    markj
MFC after:      2 weeks
Differential Revision:  https://reviews.freebsd.org/D55077
DeltaFile
+2-2tools/build/mk/OptionalObsoleteFiles.inc
+2-21 files

FreeBSD/ports 4f4a3c7security/libgpg-error distinfo Makefile

security/libgpg-error: update to 1.59
DeltaFile
+3-3security/libgpg-error/distinfo
+1-1security/libgpg-error/Makefile
+1-1security/libgpg-error/pkg-plist
+5-53 files

FreeBSD/src 0a87ae1sys/netinet6 icmp6.c

icmp6: clear csum_flags on mbuf reuse

When icmp6 sends an ICMPv6 message, it reuses the mbuf of the packet
that triggered the ICMPv6 message and prepends an IPv6 and ICMPv6
header. For a locally generated packet with checksum offloading, the
mbuf still has csum_flags set indicating that a SCTP/TCP/UDP checksum
has to be computed and inserted. Since this not the case anymore,
csum_flags need to be cleared.

PR:                     293227
Reviewed by:            kp, zlei, tuexen
MFC after:              3 days
Differential Revision:  https://reviews.freebsd.org/D55367

(cherry picked from commit ada4dc77577f7162353e8c2916ba5c258b6210f0)
DeltaFile
+1-0sys/netinet6/icmp6.c
+1-01 files

FreeBSD/doc 3bb78f6website/content/en/releases/15.0R/ec2-ami-ids latest.adoc release.adoc

Add AMI IDs for 15.0-RELEASE

In addition to the original AMIs, a separate page lists the IDs of
the latest "patched" AMIs (aka 15.0-RELEASE-pN for the largest
relevant N).

Reviewed by:    carlavilla
Sponsored by:   Amazon
Differential Revision:  https://reviews.freebsd.org/D55292
DeltaFile
+613-0website/content/en/releases/15.0R/ec2-ami-ids/latest.adoc
+611-0website/content/en/releases/15.0R/ec2-ami-ids/release.adoc
+1,224-02 files

FreeBSD/ports 4802819math/vampire Makefile, math/z3 distinfo Makefile

math/z3: Update 4.15.8.0 => 4.16.0.0

Approved by:            arrowd@ (maintainer)
Approved by:            db@, yuri@ (Mentors, implicit)
Differential Revision:  https://reviews.freebsd.org/D55374
DeltaFile
+3-3math/z3/distinfo
+1-1math/vampire/Makefile
+1-1math/z3/Makefile
+1-1math/z3/pkg-plist
+1-1security/py-angr/Makefile
+1-1sysutils/triton/Makefile
+8-83 files not shown
+11-109 files

FreeBSD/src 3a0c63ashare/man/man4 vmm.4

vmm.4: Fix width

Reported by:    ziaee
Fixes:          d26c8ae527bb ("vmm.4: Add information on VM access control")
DeltaFile
+1-1share/man/man4/vmm.4
+1-11 files

FreeBSD/src 83cf9b5. RELNOTES

RELNOTES: Document some recent vmm changes
DeltaFile
+8-0RELNOTES
+8-01 files

FreeBSD/src d4c05edsys/dev/vmm vmm_dev.c, sys/sys priv.h

vmm: Add privilege checks to vmmctl operations

In preparation for supporting creation of VMs by unprivileged users, add
some restrictions:
- Disallow creation of non-transient VMs by unprivileged users.  That
  is, if an unprivileged user creates a VM, the VM must be destroyed
  automatically once the last fd referencing it is gone.
- Disallow destroying VMs created by a different user, unless the caller
  has the PRIV_VMM_DESTROY privilege.

Reviewed by:    bnovkov
MFC after:      2 months
Sponsored by:   The FreeBSD Foundation
Sponsored by:   Klara, Inc.
Differential Revision:  https://reviews.freebsd.org/D54740
DeltaFile
+21-0sys/dev/vmm/vmm_dev.c
+3-1sys/sys/priv.h
+24-12 files

FreeBSD/src af099eaetc group, sys/dev/vmm vmm_dev.c

vmm: Enable unprivileged bhyve

- Add the vmm group.
- Let /dev/vmmctl belong to the vmm group by default, and give group
  write permissions.
- When creating a VM's device files, make them owned by the creating
  process' effective UID.

Reviewed by:    bnovkov
MFC after:      2 months
Sponsored by:   The FreeBSD Foundation
Sponsored by:   Klara, Inc.
Differential Revision:  https://reviews.freebsd.org/D54741
DeltaFile
+5-5sys/dev/vmm/vmm_dev.c
+1-0sys/sys/conf.h
+1-0etc/group
+7-53 files