BSD Commit Log Search

dns/dnsmasq: Update 2.92 => 2.92rel2 (6 CVEs)

Including privilege escalation, cache poisoning/rediction, information
leak, and denial of service.

See https://www.kb.cert.org/vuls/id/471747
See https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2026q2/018471.html

PR:             295204
Security:       eeb4d69a-4d74-11f1-9a9c-994b98c88011
Security:       CVE-2026-2291
Security:       CVE-2026-4890
Security:       CVE-2026-4891
Security:       CVE-2026-4892
Security:       CVE-2026-4893
Security:       CVE-2026-5172
Sponsored by:   UNIS Labs
MFH:            2026Q2

(cherry picked from commit b8a4de5ca6ca9d2607d14894dacc9e24852bac50)

dns/dnsmasq: Update 2.92 => 2.92rel2 (6 CVEs)

Including privilege escalation, cache poisoning/rediction, information
leak, and denial of service.

See https://www.kb.cert.org/vuls/id/471747
See https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2026q2/018471.html

PR:             295204
Security:       eeb4d69a-4d74-11f1-9a9c-994b98c88011
Security:       CVE-2026-2291
Security:       CVE-2026-4890
Security:       CVE-2026-4891
Security:       CVE-2026-4892
Security:       CVE-2026-4893
Security:       CVE-2026-5172
Sponsored by:   UNIS Labs
MFH:            2026Q2

devel/protobuf-java: Update 4.33.5 => 4.34.1

Changelogs:
https://github.com/protocolbuffers/protobuf/releases/tag/v34.0
https://github.com/protocolbuffers/protobuf/releases/tag/v34.1

PR:             295203
Sponsored by:   UNIS Labs

multimedia/ffmpeg: Update to 8.1.1

Changelog: https://git.ffmpeg.org/gitweb/ffmpeg.git/shortlog/n8.1.1

PR:             295041
Exp-run by:     antoine

Mk/Uses/go.mk: Introduce GO_LDFLAGS

Introduce GO_LDFLAGS so consumers can easily add variables to LDFLAGS
to the `go build` command without needing to redefine GO_BUILDFLAGS

PR:             285251
Reviewed by:    adamw

devel/gettext-runtime: Strip libintl.so

PR:             290873

devel/libclc: Update llvm19 flavor and add 20, 21, and 22 flavors

Rename plist variables LLVMnn to LLVM_GEnn (>=nn) and introduce
LLVM_LTnn (<nn).

Convert patch to REINPLACE_CMD because it fails to apply to the
LLVM 22 version.

PR:             290873
Approved by:    arrowd

databases/mongodb-tools: 100.16.1

Changelog:
https://github.com/mongodb/mongo-tools/blob/master/CHANGELOG.md#100161

astro/kstars: Update to 3.8.2

(cherry picked from commit 6c4e64dc67fefd8e2b85c77990a907ec15063904)

www/nginx-full: disable google-perftools on aarch64 to fix build

devel/google-perftools has been broken on aarch64 for a long time

PR:     294841
Approved-by:    maintainer timeout (joneum@)

devel/okteta: Update to 0.26.27

(cherry picked from commit 684361a41e36c16ec56e4c944de8ff7467d7fbff)

KDE: Update KDE Gear to 26.04.1

Announcement: https://kde.org/announcements/gear/26.04.1/

Ports changes:

databases/akonadi:
 - Remove unused dependencies

deskutils/kdepim-runtime:
 - Remove unused KWallet

graphics/okular:
 - Remove unused dependency

net/pimcommon:
 - Remove unused dependency

net-im/neochat:

    [3 lines not shown]

graphics/drawy: Add new port

Infinite whiteboard application for KDE.

WWW: https://apps.kde.org/drawy/
(cherry picked from commit 959b4d288528ab69ebf1c7c95ac30867f3fe5e45)

KDE: Update KDE Frameworks 6 to 6.26.0

Announcement: https://kde.org/announcements/frameworks/6/6.26.0/

Ports changes:

net/kf6-kcalendarcore:
 - Explicitly disable Python bindings

databases/redis_exporter: Update 1.81.0 => 1.83.0

While here, refactor GO_BUILDFLAGS build metadata.

Changelogs:
- https://github.com/oliver006/redis_exporter/releases/tag/v1.82.0
- https://github.com/oliver006/redis_exporter/releases/tag/v1.83.0

Commit log:
https://github.com/oliver006/redis_exporter/compare/v1.81.0...v1.83.0

PR:             293931
Reported by:    Volodymyr Kostyrko <arcade at b1t.name> (maintainer)
Approved by:    vvd (co-mentor, implicit)

lang/Makefile: unbreak INDEX

PR:             295202
Reported by:    Yasuhito FUTATSUKI
Approved by:    vvd (co-mentor, implicit)

math/givaro: Add DOXYGEN option

- Sort PLIST
- Bump PORTREVISION for package change

Documentation built with Doxygen should be added to DOXYGEN option
rather than DOCS option.

PR:     295149

math/R-cran-terra: Update to 1.9-27

ChangeLog: https://cran.r-project.org/web/packages/terra/news/news.html

shells/xonsh: Update to 0.23.6

ChangeLog: https://github.com/xonsh/xonsh/releases/tag/0.23.6

graphics/feh: Update to 3.12.2

Upstream changes:
- Treat audio/mpeg files as images and display their cover image, if present
- Fix menu-related focusing issues under Xwayland
- Support reproducible builds for feh(1) manual

Sponsored by:   The FreeBSD Foundation

biology/hyphy: Update to 2.5.98

Release notes:  https://github.com/veg/hyphy/releases/tag/2.5.98
Sponsored by:   The FreeBSD Foundation

biology/iqtree: Update to 3.1.2

Release notes:  https://github.com/iqtree/iqtree3/releases/tag/v3.1.2
Sponsored by:   The FreeBSD Foundation

biology/diamond: Update to 2.1.25

Release notes:  https://github.com/bbuchfink/diamond/releases/tag/v2.1.25
Sponsored by:   The FreeBSD Foundation

textproc/moor: Update 2.13.0 => 2.13.1

Changelog:
https://github.com/walles/moor/releases/tag/v2.13.1

Reviewed by:    osa, vvd (mentors)
Approved by:    vvd (co-mentor)
Differential Revision: https://reviews.freebsd.org/D56929

security/pam_u2f: Update to 1.4.0

security/pam_rssh: Update to 1.2.0

math/saga: Update to 9.12.3

Changelog:      https://sourceforge.net/p/saga-gis/wiki/Changelog%209.12.3/attachment/changelog_saga_9.12.3.txt

www/tomcat9: Update 9.0.117 => 9.0.118

Changelog:
https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.118_(remm)

Sponsored by:   UNIS Labs
MFH:            2026Q2

(cherry picked from commit 28d2f72739353e258e4b02f6b4061d9b0821a3d7)

www/tomcat9: Update 9.0.117 => 9.0.118

Changelog:
https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.118_(remm)

Sponsored by:   UNIS Labs
MFH:            2026Q2

www/freenginx-devel: bump PORTSCOUT's value