databases/postgresql*-*: Update to latest version
The PostgreSQL Global Development Group has released an update to all
supported versions of PostgreSQL, including 18.2, 17.8, 16.12, 15.16,
and 14.21. This release fixes 5 security vulnerabilities and over 65
bugs reported over the last several months.
Release notes:
https://www.postgresql.org/about/news/postgresql-182-178-1612-1516-and-1421-released-3235/https://www.postgresql.org/docs/release/
Security:
CVE-2026-2003: PostgreSQL oidvector discloses a few bytes of memory
CVE-2026-2004: PostgreSQL intarray missing validation of type of input to selectivity estimator executes arbitrary code
CVE-2026-2005: PostgreSQL pgcrypto heap buffer overflow executes arbitrary code
CVE-2026-2006: PostgreSQL missing validation of multibyte character length executes arbitrary code
CVE-2026-2007: PostgreSQL pg_trgm heap buffer overflow writes pattern onto server memory
Remove postgresql13* since it is now EoL.
[2 lines not shown]
sysutils/rubygem-bundler-audit: Add new port
bundler-audit provides patch-level verification for Bundled Ruby
applications by auditing Gemfile.lock against a database of known
vulnerabilities.
Also add rubygem-bundle-audit as a wrapper gem that depends on
rubygem-bundler-audit, for developers who reference "bundle-audit"
instead of "bundler-audit".
devel/rubygem-uniform_notifier: Add version 1.18.0
uniform_notifier provides a unified notification interface supporting
Rails logger, JavaScript alert/console, XMPP, Slack, and more.
devel/rubygem-bullet: Add rubygem-bullet 8.1.0
Bullet is a development tool that helps increase application performance
by reducing the number of queries it makes. It detects N+1 queries,
unused eager loading, and suggests counter cache usage.
Also add rubygem-bullet-rails72 slave port for Rails 7.2 compatibility.
security/rubygem-doorkeeper-i18n{,-rails72}: Add new port.
Internationalization files for Doorkeeper OAuth2 provider
While I'm there, also add a variant of rubygem-doorkeeper for use
with rails72.
tzcode: Update to 2026a
Many thanks to Paul Eggert for adopting most of our adaptations as
optional features upstream in the previous release (2025c).
MFC after: 1 week
Reviewed by: philip
Differential Revision: https://reviews.freebsd.org/D55741
devel/patch: update GNU patch to the latest version 2.8
- GC previous Debian patches, backport new upstream fixes:
add missing filename quoting, enable merge, skip read-only
check when output file specified, reject empty filenames
- On i386, apply the same fix as Debian for Hurd/i386
- The port now seemingly builds fine with BSD make(1)
- Install some standard documentation files
PR: 285796
net-p2p/bazarr: Fix build with python version other than 3.11
PR: 293708
Approved by: Michiel van Baak Jansen <michiel at vanbaak.eu> (maintainer)
MFH: 2026Q1
(cherry picked from commit d000c5fe82e03452f035761e9ea217f61d0645f1)
graphics/egl-wayland2: New port
Introduce graphics/egl-wayland2, Wayland EGL External Platform library
Version 2 that works with NVIDIA drivers 560 and later.
This is a new implementation of the EGL External Platform Library
for Wayland (EGL_KHR_platform_wayland), using the NVIDIA driver's
new platform surface interface (Dma-buf-based), which simplifies
a lot of the library and improves window resizing.
This library can be installed alongside the previous egl-wayland
implementation (graphics/egl-wayland).
The new library has a higher selection priority by default,
so if both are present, then a 560 or later driver will select
the new library, and an older driver will fall back to the old
library.
PR: 293719
[2 lines not shown]
net-p2p/bazarr: Fix build with python version other than 3.11
PR: 293708
Approved by: Michiel van Baak Jansen <michiel at vanbaak.eu> (maintainer)
MFH: 2026Q1
build: Stop testing LINKER_FEATURES for ifunc and build-id
These features are available in all supported linkers, and we can expect
that they'll be supported by any GNU-compatible linker that we'd use to
link FreeBSD.
Reviewed by: imp, kib
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D55676
libpmc: Explicitly whitelist json fields
Adds all missing Intel fields and turns jevents.c into an explicit white
list mechanism so that we no longer ignore important fields that often
invalidate the counter. The json event parser must now parse every
field on each architecture that we support. This has been tested by
running tinderbox and manually running jevent against our current json
repository. As a bonus I fixed spelling errors in the AMD JSON
definitions.
Sponsored by: Netflix
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/2055
