FreeBSD/ports 2fb62f7security/zeek/files patch-src_file__analysis_analyzer_x509_OCSP.cc patch-src_file__analysis_analyzer_x509_functions.bif

security/zeek: Update to 8.0.9

    https://github.com/zeek/zeek/releases/tag/v8.0.9

This release fixes the following potential DoS vulnerabilities:

 - The NVT, Rlogin, and RSH analyzers have received fixes to avoid
   unbounded state growth. Due to the fact that these packets can
   be received from remote hosts, these are considered DoS risks.

 - A specially crafted WebSocket payload can cause the Spicy WebSocket
   analyzer to use excessive memory when processing close, ping,
   and pong frames. Due to the fact that these packets can be
   received from remote hosts, these are considered a DoS risk.

 - A specially crafted series of Finger packets can cause the Spicy
   Finger analyzer to use excessive amounts of memory and potentially
   crash Zeek. Due to the fact that these packets can be received
   from remote hosts, this is considered a DoS risk.

    [100 lines not shown]
DeltaFile
+0-84security/zeek/files/patch-src_file__analysis_analyzer_x509_OCSP.cc
+0-38security/zeek/files/patch-src_file__analysis_analyzer_x509_functions.bif
+0-20security/zeek/files/patch-auxil_spicy_hilti_toolchain_src_compiler_driver.cc
+0-20security/zeek/files/patch-src_file__analysis_analyzer_x509_X509.h
+0-20security/zeek/files/patch-auxil_spicy_hilti_runtime_include_types_stream.h
+0-12security/zeek/files/patch-src_digest.cc
+0-19412 files not shown
+10-30018 files

FreeBSD/ports 76913ffsecurity/vuxml/vuln 2026.xml

security/vuxml: Mark security/zeek < 8.0.9 as vulnerable as per:

    https://github.com/zeek/zeek/releases/tag/v8.0.9

This release fixes the following potential DoS vulnerabilities:

 - The NVT, Rlogin, and RSH analyzers have received fixes to avoid
   unbounded state growth. Due to the fact that these packets can
   be received from remote hosts, these are considered DoS risks.

 - A specially crafted WebSocket payload can cause the Spicy WebSocket
   analyzer to use excessive memory when processing close, ping,
   and pong frames. Due to the fact that these packets can be
   received from remote hosts, these are considered a DoS risk.

 - A specially crafted series of Finger packets can cause the Spicy
   Finger analyzer to use excessive amounts of memory and potentially
   crash Zeek. Due to the fact that these packets can be received
   from remote hosts, this is considered a DoS risk.

    [52 lines not shown]
DeltaFile
+86-0security/vuxml/vuln/2026.xml
+86-01 files

FreeBSD/ports d471570devel/aws-crt-cpp distinfo Makefile

devel/aws-crt-cpp: Update to 0.41.0

ChangeLog: https://github.com/awslabs/aws-crt-cpp/releases/tag/v0.41.0
DeltaFile
+3-3devel/aws-crt-cpp/distinfo
+1-1devel/aws-crt-cpp/Makefile
+4-42 files

FreeBSD/ports 1f9c3acsecurity/qt-sudo distinfo Makefile

security/qt-sudo: Update to 2.4.1

ChangeLog: https://github.com/aarnt/qt-sudo/releases/tag/v2.4.1
DeltaFile
+3-3security/qt-sudo/distinfo
+1-1security/qt-sudo/Makefile
+4-42 files

FreeBSD/ports e9034acgames/CWR-CE/files patch-engine_Poseidon_AI_AIGroupImpl.cpp patch-engine_Poseidon_World_Entities_Vehicles_TransportCore.cpp

games/CWR-CE: roll upstream fork forward and fix aarch64 build
DeltaFile
+0-118games/CWR-CE/files/patch-engine_Poseidon_AI_AIGroupImpl.cpp
+0-39games/CWR-CE/files/patch-engine_Poseidon_World_Entities_Vehicles_TransportCore.cpp
+18-0games/CWR-CE/files/patch-engine_Poseidon_Foundation_Math_V3QuadsP3.cpp
+17-0games/CWR-CE/files/patch-engine_Poseidon_Foundation_Math_Quatrix.hpp
+0-16games/CWR-CE/files/patch-engine_Poseidon_World_Entities_Vehicles_Transport.cpp
+0-15games/CWR-CE/files/patch-engine_Poseidon_World_Entities_Infantry_SoldierOldMove.cpp
+35-1884 files not shown
+72-19410 files

FreeBSD/ports 4766551devel/moon distinfo Makefile.crates, devel/moon/files patch-cargo-crates_wasmtime-41.0.4_src_runtime_vm_sys_unix_signals.rs patch-cargo-crates_wasmtime-43.0.2_src_runtime_vm_sys_unix_signals.rs

devel/moon: update to 2.4.1
DeltaFile
+385-405devel/moon/distinfo
+191-201devel/moon/Makefile.crates
+0-16devel/moon/files/patch-cargo-crates_wasmtime-41.0.4_src_runtime_vm_sys_unix_signals.rs
+16-0devel/moon/files/patch-cargo-crates_wasmtime-43.0.2_src_runtime_vm_sys_unix_signals.rs
+1-1devel/moon/Makefile
+593-6235 files

FreeBSD/ports 80c2db1mail/postfix distinfo Makefile

mail/postfix: Update to 3.11.5
DeltaFile
+3-3mail/postfix/distinfo
+2-2mail/postfix/Makefile
+5-52 files

FreeBSD/ports e3c08besysutils/cpdup-FreeBSD distinfo Makefile

sysutils/cpdup-FreeBSD: update to 1.1.0

Approved by:    Gianmarco Giovannelli <gmarco at giovannelli.it> (maintainer, via email)
DeltaFile
+3-3sysutils/cpdup-FreeBSD/distinfo
+1-1sysutils/cpdup-FreeBSD/Makefile
+4-42 files

FreeBSD/ports 7a7dea4dns/knot3 Makefile, net/samba416 Makefile

*: Fix dependency on lmdb0
DeltaFile
+1-1net/samba423/Makefile
+1-1net/samba422/Makefile
+1-1net/samba420/Makefile
+1-1net/samba419/Makefile
+1-1net/samba416/Makefile
+1-1dns/knot3/Makefile
+6-63 files not shown
+9-99 files

FreeBSD/ports 4cbac2cdevel/cpp2py Makefile

devel/cpp2py: Fix build broken by python-3.12 transition

Reported by:    fallout
DeltaFile
+4-2devel/cpp2py/Makefile
+4-21 files

FreeBSD/ports c3f806dscience/gpaw-setups Makefile

science/gpaw-setups: Improve install target
DeltaFile
+2-1science/gpaw-setups/Makefile
+2-11 files

FreeBSD/ports b5eb1f6devel/tree-sitter-cli Makefile

devel/tree-sitter-cli: use llvm:lib to solve rquickjs-sys build failure

PR:          296016
Approved by: Artur Manuel <amadaluzia at disroot.org> (maintainer)
Approved by: dch (mentor)
Approved by: portmgr (build fix blanket)
Fixes:       9f53adf51b02
DeltaFile
+1-1devel/tree-sitter-cli/Makefile
+1-11 files

FreeBSD/ports 205c8a2devel/appstream Makefile

devel/appstream: Fix dependency on lmdb0

PR:             296530 296560
DeltaFile
+1-1devel/appstream/Makefile
+1-11 files

FreeBSD/ports fd4f4e6www/ot-recorder Makefile

www/ot-recorder: Fix dependency on lmdb0

PR:             296530
DeltaFile
+1-1www/ot-recorder/Makefile
+1-11 files

FreeBSD/ports c66ca7alang/luajit distinfo Makefile

lang/luajit: update to the recent snapshot

Sponsored by:   tipi.work
DeltaFile
+3-3lang/luajit/distinfo
+1-1lang/luajit/Makefile
+4-42 files

FreeBSD/ports bce0c99games/battletanks Makefile pkg-plist, games/battletanks/files patch-engine_luaxx_state.cpp

games/battletanks: allow to build against any supported Lua version

Drop CXXFLAGS+=-fpermissive while here which seems no longer needed
and sort the `pkg-plist' after commit 2d8f9fb62e9e.
DeltaFile
+24-0games/battletanks/files/patch-engine_luaxx_state.cpp
+1-2games/battletanks/Makefile
+1-1games/battletanks/pkg-plist
+26-33 files

FreeBSD/ports 8c0a069math/saga distinfo Makefile

math/saga: Update to 9.12.6

Changelog:      https://sourceforge.net/p/saga-gis/wiki/Changelog%209.12.6/attachment/changelog_saga_9.12.6.txt

Reported by:    portscout
DeltaFile
+3-3math/saga/distinfo
+2-2math/saga/Makefile
+5-52 files

FreeBSD/ports a04426dwww/firefox distinfo Makefile

www/firefox: update to 152.0.5 (rc1)

Release Notes (soon):
  https://www.firefox.com/en-US/firefox/152.0.5/releasenotes/

(cherry picked from commit 124c3980c657fc690613f84dd8a9417aa949f677)
DeltaFile
+3-3www/firefox/distinfo
+1-1www/firefox/Makefile
+4-42 files

FreeBSD/ports 124c398www/firefox distinfo Makefile

www/firefox: update to 152.0.5 (rc1)

Release Notes (soon):
  https://www.firefox.com/en-US/firefox/152.0.5/releasenotes/
DeltaFile
+3-3www/firefox/distinfo
+1-1www/firefox/Makefile
+4-42 files

FreeBSD/ports 7b5b449x11-toolkits/py-kivy Makefile distinfo, x11-toolkits/py-kivy/files patch-git-5a1b27d

x11-toolkits/py-kivy: update the port to version 2.3.1

Reported by:    portscout
DeltaFile
+43-0x11-toolkits/py-kivy/files/patch-git-5a1b27d
+6-19x11-toolkits/py-kivy/Makefile
+3-3x11-toolkits/py-kivy/distinfo
+52-223 files

FreeBSD/ports 0d449c4sysutils/py-ansible-core220 Makefile, sysutils/py-ansible-core221 Makefile

sysutils/py-ansible-core22?: Remove stale comment

Now that python312 is default the comment telling users to set the
default is no longer required.
DeltaFile
+0-5sysutils/py-ansible-core220/Makefile
+0-5sysutils/py-ansible-core221/Makefile
+0-102 files

FreeBSD/ports 9856c96sysutils/py-ansible-core Makefile

sysutils/py-ansible-core: Set default to py-ansible-core221

Now that python312 is default we can set py-ansible-core221 as default.
DeltaFile
+2-2sysutils/py-ansible-core/Makefile
+2-21 files

FreeBSD/ports aae3e08comms/inspectrum distinfo Makefile

comms/inspectrum: Update to 0.4.0
DeltaFile
+3-3comms/inspectrum/distinfo
+1-1comms/inspectrum/Makefile
+4-42 files

FreeBSD/ports 7bd9babcad/kicad-devel distinfo Makefile.git_rev, cad/kicad-library-footprints-devel distinfo pkg-plist

cad/kicad-*devel*: Update

Update to 2026.07.06
DeltaFile
+3-3cad/kicad-library-symbols-devel/distinfo
+3-3cad/kicad-library-footprints-devel/distinfo
+3-3cad/kicad-devel/distinfo
+3-3cad/kicad-devel/Makefile.git_rev
+1-4cad/kicad-library-footprints-devel/pkg-plist
+2-2cad/kicad-library-symbols-devel/Makefile.git_rev
+15-182 files not shown
+19-218 files

FreeBSD/ports c29f8e5www/deno Makefile, www/deno/files patch-cargo-crates_v8-149.4.0_build_toolchain_gcc__toolchain.gni

www/deno: Avoid hardcoding llvm version.
DeltaFile
+5-5www/deno/files/patch-cargo-crates_v8-149.4.0_build_toolchain_gcc__toolchain.gni
+1-1www/deno/Makefile
+6-62 files

FreeBSD/ports 5f9d389databases/lmdb0 Makefile pkg-plist, databases/lmdb0/files patch-Makefile lmdb.pc.in

databases/lmdb0: Add port for LMDB 0.9.x legacy ABI

LMDB 1.0 introduced an incompatible on-disk format change and subtle
API breakage: applications that compiled cleanly against 1.0 headers
could fail silently at run time. Known affected ports include dns/knot3,
mail/bogofilter, and mail/postfix; the postfix issue has been confirmed
upstream. Linux distributions such as Arch Linux have observed the same
breakage. Samba can also be affected in certain configurations.

Because the regression is not detectable in an -exp build run -- the
postfix failure only manifests at run time, and bogofilter was caught
only because post-build self-tests happen to exercise this path -- we
cannot rely on package builds to validate the 1.0 upgrade.

This commit introduces databases/lmdb0 as a holding port for the 0.9.35
release, pinned to the 0.x branch with PORTSCOUT=limit:^0. and mutually
conflicting with databases/lmdb, which retains 1.0. The two packages
cannot be installed simultaneously, but having lmdb0 available means:


    [13 lines not shown]
DeltaFile
+80-0databases/lmdb0/files/patch-Makefile
+42-0databases/lmdb0/Makefile
+13-0databases/lmdb0/pkg-plist
+11-0databases/lmdb0/pkg-descr
+11-0databases/lmdb0/files/lmdb.pc.in
+3-3dns/bind9-devel/Makefile
+160-365 files not shown
+293-10571 files

FreeBSD/ports fcddf87www/freenginx-devel distinfo Makefile.extmod, www/freenginx-devel/files extra-patch-passenger-build-nginx.rb extra-patch-passenger-disable-telemetry

www/freenginx-devel: third-party modules management (+)

- update passenger from 6.1.4 to 6.1.6

Bump PORTREVISION.

Sponsored by:   tipi.work
DeltaFile
+11-11www/freenginx-devel/files/extra-patch-passenger-build-nginx.rb
+10-10www/freenginx-devel/files/extra-patch-passenger-disable-telemetry
+3-3www/freenginx-devel/distinfo
+2-2www/freenginx-devel/files/extra-patch-passenger-Configuration.c
+1-1www/freenginx-devel/Makefile.extmod
+1-1www/freenginx-devel/Makefile
+28-286 files

FreeBSD/ports 755b873math/blasfeo pkg-plist distinfo, math/blasfeo/files patch-CMakeLists.txt

math/blasfeo: update 0.1.4.2 → 0.1.4.3
DeltaFile
+0-11math/blasfeo/files/patch-CMakeLists.txt
+4-2math/blasfeo/pkg-plist
+3-3math/blasfeo/distinfo
+1-1math/casadi/Makefile
+1-1math/blasfeo/Makefile
+1-0math/hpipm/Makefile
+10-181 files not shown
+11-187 files

FreeBSD/ports 86960c9math/amgcl distinfo Makefile

math/amgcl: update 1.4.8 → 1.4.9
DeltaFile
+3-3math/amgcl/distinfo
+1-1math/amgcl/Makefile
+2-0math/amgcl/pkg-plist
+6-43 files

FreeBSD/ports 7019d2bmath/lean4/files patch-stage0_src_runtime_object.cpp

math/lean4: Remove patch to fix build

Reported by:    fallout
DeltaFile
+0-15math/lean4/files/patch-stage0_src_runtime_object.cpp
+0-151 files