FreeBSD/ports a11e56ewww/varnish7 Makefile, www/varnish7/files patch-bin_varnishd_http2_cache__http2__hpack.c patch-include_vdef.h

www/varnish7: Backport HTTP2 fix, bump PORTREVISION

Approved by:    dbaio@
Obtained from:  upstream
Security:       0f4bb64-52c6-11f1-a1c0-0050569f0b83
DeltaFile
+45-0www/varnish7/files/patch-bin_varnishd_http2_cache__http2__hpack.c
+23-0www/varnish7/files/patch-include_vdef.h
+1-0www/varnish7/Makefile
+69-03 files

FreeBSD/ports a051aa6security/vuxml/vuln 2026.xml

security/vuxml: Update affected packages for varnish vuln
DeltaFile
+1-1security/vuxml/vuln/2026.xml
+1-11 files

FreeBSD/ports ac5bc64www/vinyl09 distinfo Makefile

www/vinyl09: Update to 9.0.1

Approved by:    dbaio@
Security:       f0f4bb64-52c6-11f1-a1c0-0050569f0b83
DeltaFile
+3-3www/vinyl09/distinfo
+3-1www/vinyl09/Makefile
+6-42 files

FreeBSD/ports 7b63db1security/vuxml/vuln 2026.xml

security/vuxml: Document varnish/vinyl vulnerability

A deficiency in HTTP/2 request parsing can be exploited to launch a backend
request desync attack (request smuggling), which in turn can be used for cache
poisoning, authentication bypass or possibly even information disclosure and
manipulation.
DeltaFile
+31-0security/vuxml/vuln/2026.xml
+31-01 files

FreeBSD/ports fd17acadevel/shiboken6 Makefile

devel/shiboken6: Pass BINARY_ALIAS for Sphix only if DOCS enabled

===== env: NO_DEPENDS=yes USER=root UID=0 GID=0
===>  Missing "sphinx-build-3.11" to create a binary alias at "/wrkdirs/usr/ports/devel/shiboken6/work-py311/.bin/sphinx-build"
*** Error code 1
Stop.

Fixes:  2bf3834a197ccf8956332378eda8dd7577965246
DeltaFile
+1-1devel/shiboken6/Makefile
+1-11 files

FreeBSD/ports 5fabd64deskutils/dosage Makefile distinfo, deskutils/dosage/files patch-pyproject.toml

deskutils/dosage: update to 3.2
DeltaFile
+10-0deskutils/dosage/files/patch-pyproject.toml
+4-6deskutils/dosage/Makefile
+3-3deskutils/dosage/distinfo
+17-93 files

FreeBSD/ports 079829dlang/rust-bootstrap Makefile, lang/rust/files/armv7 patch-compiler_rustc__target_src_spec_base_freebsd.rs

lang/rust: fix build on armv7

We have previously (cf. PR 282663) disabled the has_thread_local feature
on armv7 to work around an rtld bug.  The bug was fixed with D42415, but
the workaround remained.  Earlier this year, rust started to fail to
build due to the workaround, as the fallback TLS implementation is
limited to the number of pthread TLS keys (256) and rust has started to
consume more and more of them.  While a temporary workaround reducing
the hunger for TLS keys was implemented in 2026Q2, we can actually just
reenable has_thread_local to go back to how things are supposed to work.

PR:             294545
Approved by:    mikael (rust)
MFH:            no
DeltaFile
+0-11lang/rust/files/armv7/patch-compiler_rustc__target_src_spec_base_freebsd.rs
+1-0lang/rust-bootstrap/Makefile
+1-112 files

FreeBSD/ports 545c41bmail/postfix distinfo Makefile

mail/postfix: Update to 3.11.3
DeltaFile
+3-3mail/postfix/distinfo
+1-1mail/postfix/Makefile
+4-42 files

FreeBSD/ports 6b29a29devel/R-cran-webfakes distinfo Makefile

devel/R-cran-webfakes: Update to 1.5.0

Changelog: https://cran.r-project.org/web/packages/webfakes/news/news.html
DeltaFile
+3-3devel/R-cran-webfakes/distinfo
+1-1devel/R-cran-webfakes/Makefile
+4-42 files

FreeBSD/ports ed772e9cad/openvsp distinfo Makefile, cad/openvsp/files patch-src_external_GeometricTools_GeometricTools_GTE_Mathematics_BSNumber.h

cad/openvsp: Update to 3.50.3

ChangeLog:
https://openvsp.org/blogs/announcements/2026/05/15/openvsp-3-50-3-released

 * Fix corrupt XML file output with vectors of vec3d’s
 * Fix crash when changing XSec type when CEdit screen still open
 * Fix problem reading VSPAERO results that caused ghost results
 * Write full precision in files sent to VSPAERO
DeltaFile
+0-12cad/openvsp/files/patch-src_external_GeometricTools_GeometricTools_GTE_Mathematics_BSNumber.h
+3-3cad/openvsp/distinfo
+1-2cad/openvsp/Makefile
+4-173 files

FreeBSD/ports e39255bnet-im/openfire pkg-plist distinfo

net-im/openfire: Update to 5.0.5

ChangeLog:
https://download.igniterealtime.org/openfire/docs/5.0.5/changelog.html

Improvement

 * Display newlines in details of logged SecurityAuditManager events
 * Do not show 'max users' count for a MUC when it is 0 (unlimited)
 * Bump BouncyCastle.version from 1.78.1 to 1.84
 * LDAP context-close failures are logged without their exception stack trace
 * Upgrade MySQL Connector/J driver to 8.4.0 release
 * Upgrade Jetty webserver library to 12.0.35 release
 * Update org.glassfish.jaxb:jaxb-runtime to the latest of the 2.3.x line

Task

 * Disabled performance benchmark in IQEntityTimeHandlerTest should be removed
   or converted

    [15 lines not shown]
DeltaFile
+39-39net-im/openfire/pkg-plist
+5-5net-im/openfire/distinfo
+2-3net-im/openfire/Makefile
+46-473 files

FreeBSD/ports 10b1ea3security/vuls distinfo Makefile

security/vuls: Update to 0.39.1

Release notes:  https://github.com/future-architect/vuls/releases/tag/v0.39.1
DeltaFile
+5-5security/vuls/distinfo
+1-1security/vuls/Makefile
+6-62 files

FreeBSD/ports bc54f2anet-mgmt/driftnet Makefile, net-mgmt/driftnet/files patch-src_http__display_httpd.c

net-mgmt/driftnet: Unbreak build
DeltaFile
+38-0net-mgmt/driftnet/files/patch-src_http__display_httpd.c
+0-2net-mgmt/driftnet/Makefile
+38-22 files

FreeBSD/ports e6070a9finance/ledger pkg-plist Makefile, finance/ledger/files patch-src_utils.h patch-src_filters.cc

finance/ledger: Update 3.3.2 => 3.4.1

Changelogs:
https://github.com/ledger/ledger/releases/tag/v3.4.0
https://github.com/ledger/ledger/releases/tag/v3.4.1

PR:             294963
Approved by:    Woody Carey <woodycarey at hotmail.com> (maintainer, timeout 2 weeks)
Sponsored by:   UNIS Labs
Co-authored-by: Ewen Crawford <eacrawford02 at gmail.com>
MFH:            2026Q2

(cherry picked from commit 1bae9d3c271039681f9e78e4cbd70bc0af8cb89a)
DeltaFile
+0-57finance/ledger/files/patch-src_utils.h
+53-1finance/ledger/pkg-plist
+0-48finance/ledger/files/patch-src_filters.cc
+28-5finance/ledger/Makefile
+0-19finance/ledger/files/patch-src_system.hh.in
+12-0finance/ledger/files/patch-CMakeLists.txt
+93-1302 files not shown
+104-1338 files

FreeBSD/ports 1bae9d3finance/ledger pkg-plist Makefile, finance/ledger/files patch-src_utils.h patch-src_filters.cc

finance/ledger: Update 3.3.2 => 3.4.1

Changelogs:
https://github.com/ledger/ledger/releases/tag/v3.4.0
https://github.com/ledger/ledger/releases/tag/v3.4.1

PR:             294963
Approved by:    Woody Carey <woodycarey at hotmail.com> (maintainer, timeout 2 weeks)
Sponsored by:   UNIS Labs
Co-authored-by: Ewen Crawford <eacrawford02 at gmail.com>
MFH:            2026Q2
DeltaFile
+0-57finance/ledger/files/patch-src_utils.h
+53-1finance/ledger/pkg-plist
+0-48finance/ledger/files/patch-src_filters.cc
+28-5finance/ledger/Makefile
+0-19finance/ledger/files/patch-src_system.hh.in
+12-0finance/ledger/files/patch-CMakeLists.txt
+93-1302 files not shown
+104-1338 files

FreeBSD/ports 9ed2e41net-p2p/btcheck Makefile

net-p2p/btcheck: reinstate mbedTLS/PolarSSL support

This port is compatible with 3.x series, builds and
works just fine.

Fixes:  b4df55cb5ecb
DeltaFile
+6-1net-p2p/btcheck/Makefile
+6-11 files

FreeBSD/ports 0c85be9archivers/py-acefile Makefile distinfo

archivers/py-acefile: update to 0.6.14
DeltaFile
+5-3archivers/py-acefile/Makefile
+3-3archivers/py-acefile/distinfo
+8-62 files

FreeBSD/ports e1f39efx11/kde Makefile

x11/kde: Update deprecation note for Phonon

(cherry picked from commit bd881641c8a05bdd777b5a7278d4d3f0a1cc25c9)
DeltaFile
+3-0x11/kde/Makefile
+3-01 files

FreeBSD/ports 6c14b8eaccessibility/kmousetool Makefile, astro/marble Makefile

*/*: drop unused Phonon dependency

(cherry picked from commit b46ba4fc23ad4d9c8d197f26593fcfd54ab50a63)
DeltaFile
+2-1accessibility/kmousetool/Makefile
+2-1astro/marble/Makefile
+2-1audio/audiocd-kio/Makefile
+2-1audio/juk/Makefile
+2-1deskutils/kalarm/Makefile
+2-1deskutils/korganizer/Makefile
+12-618 files not shown
+48-2424 files

FreeBSD/ports bf09f94multimedia/ffmpeg4 Makefile

multimedia/ffmpeg4: clean up after security/mbedtls2 removal

PR:             294612
Reported by:    diizzy

(cherry picked from commit 774dac8bdc61455c482f8ef6773b873eb0e71e80)
DeltaFile
+1-5multimedia/ffmpeg4/Makefile
+1-51 files

FreeBSD/ports 2795d3enet-p2p/btcheck Makefile

net-p2p/btcheck: clean up after security/mbedtls2 removal

(cherry picked from commit b4df55cb5ecbd128ee6bdb3b51cb4d34c4514b58)
DeltaFile
+1-6net-p2p/btcheck/Makefile
+1-61 files

FreeBSD/ports b46ba4faccessibility/kmousetool Makefile, astro/marble Makefile

*/*: drop unused Phonon dependency
DeltaFile
+2-1accessibility/kmousetool/Makefile
+2-1astro/marble/Makefile
+2-1audio/audiocd-kio/Makefile
+2-1audio/juk/Makefile
+2-1deskutils/kalarm/Makefile
+2-1deskutils/korganizer/Makefile
+12-618 files not shown
+48-2424 files

FreeBSD/ports bd88164x11/kde Makefile

x11/kde: Update deprecation note for Phonon
DeltaFile
+3-0x11/kde/Makefile
+3-01 files

FreeBSD/ports 774dac8multimedia/ffmpeg4 Makefile

multimedia/ffmpeg4: clean up after security/mbedtls2 removal

PR:             294612
Reported by:    diizzy
DeltaFile
+1-5multimedia/ffmpeg4/Makefile
+1-51 files

FreeBSD/ports b4df55cnet-p2p/btcheck Makefile

net-p2p/btcheck: clean up after security/mbedtls2 removal
DeltaFile
+1-6net-p2p/btcheck/Makefile
+1-61 files

FreeBSD/ports 91a0cd7textproc/re-flex distinfo Makefile

textproc/re-flex: update to 6.3.0

Release notes: https://github.com/Genivia/RE-flex/releases/tag/v6.3.0
DeltaFile
+3-3textproc/re-flex/distinfo
+1-1textproc/re-flex/Makefile
+4-42 files

FreeBSD/ports 3f4e098sysutils/mise distinfo Makefile

sysutils/mise: update 2026.5.10 → 2026.5.11
DeltaFile
+7-7sysutils/mise/distinfo
+3-3sysutils/mise/Makefile
+10-102 files

FreeBSD/ports 40cc16bdevel/ignition-msgs Makefile pkg-plist

devel/ignition-msgs: update 3.0.0 → 3.2.0
DeltaFile
+11-8devel/ignition-msgs/Makefile
+13-1devel/ignition-msgs/pkg-plist
+3-3devel/ignition-msgs/distinfo
+27-123 files

FreeBSD/ports c019cd6devel/ignition-tools Makefile distinfo

devel/ignition-tools: update 0.1.0 → 1.5.0
DeltaFile
+11-10devel/ignition-tools/Makefile
+3-3devel/ignition-tools/distinfo
+14-132 files

FreeBSD/ports bcc6610misc/lean-ctx distinfo Makefile

misc/lean-ctx: update 3.6.2 → 3.6.6
DeltaFile
+21-3misc/lean-ctx/distinfo
+10-1misc/lean-ctx/Makefile
+31-42 files