www/nginx-module-lua: Add new port
Add a new port for the OpenResty lua-nginx-module dynamic
module for nginx.
WWW: https://github.com/openresty/lua-nginx-module
Sponsored by: Netzkommune GmbH
security/vuxml: Add www/grafana vulnerabilities
- XSS in Grafana Explore stack trace (CVE-2025-41117)
- Public Dashboards time range restriction on annotations can be bypassed (CVE-2026-21722)
- RCE on Grafana via sqlExpressions (CVE-2026-27876)
- Public dashboards discloses all direct mode datasources (CVE-2026-27877)
- Query resampling can cause unbounded memory allocations (CVE-2026-27879)
- OpenFeature evaluation API reads input data with no bounds (CVE-2026-27880)
- Grafana Testdata datasource can issue unbounded memory allocations (CVE-2026-28375)
- Grafana MSSQL Data Source Plugin: Restriction Bypass Leading to OOM DoS (CVE-2026-33375)
PR: 294105
Reported by: Boris Korzun <drtr0jan at yandex.ru>
security/vuxml: Add PORTEPOCH validation
This adds a check if portepoch has been forgotten
in affected version range specifications, which leads
to pkg audit not reporting a vulnerability.
Usage:
make check-portepoch
This is also invoked when running `make validate`.
Approved by: fernape (ports-secteam)
Differential Revision: https://reviews.freebsd.org/D57193