770,130 commits found in 60 milliseconds
FreeBSD /ports cd17247 — ports-mgmt/rc-subr-jail Makefile, ports-mgmt/rc-subr-jail/files rc.subr.jail ports-mgmt/rc-subr-jail: Update to 6
Changes:
- Wait for jail PIDs
- Force unmount devfs in jail_kill()
x11/hyprpaper: Update to 0.8.4
Changelog: https://github.com/hyprwm/hyprpaper/releases/tag/v0.8.4
Reported by: GitHub (watch releases)
FreeBSD /ports 1b59ecb — lang/python314 Makefile, lang/python314/files patch-gh-148169-fix-webbrowser-_action_substitution-bypass-of-dash-prefix-check lang/python314: Fix incomplete mitigation of webbrowser.open()
Cherry-pick fix to resolve
Incomplete mitigation of CVE-2026-4519 ,
%action expansion for command injection to webbrowser.open()
Obtained from: GitHub repo
https://github.com/python/cpython/pull/148516
Security: CVE-2026-4786
cf75f572 -378a-11f1-a119-e36228bfe7d4
Pull Request: https://github.com/freebsd/freebsd-ports/pull/511
(cherry picked from commit 965c6f73bbe0a9361fdd92952e3ac622736ebbb3 )
FreeBSD /ports 0d3bd53 — lang/python314 pkg-plist Makefile, lang/python314/files patch-gh-148395-fix-possible-uaf-in-decompressors lang/python314: Security update + other fixes
Fix critical use-after-free bug in LZMA/BZ2/ZLib decompressor routines
when reusing decompressor instances after a MemoryError was raised from
one.
While here:
- fix DEBUG build/package (several %%ABI%% were in the wrong place
in pkg-plist that caused failed installs)
- switch to using system textproc/expat2 library
- issue warnings in pre-test that IPV6, PYMALLOC are required and
DEBUG also breaks one self-test
- bump PORTREVISION
- drop LTOFULL again and make LTO use =full
References:
https://mail.python.org/archives/list/security-announce@python.org/thread/HTWB2Z6KT5QQX4RYEZAFININDHNOSIF3
https://www.cve.org/CVERecord?id=CVE-2026-6100
[9 lines not shown ] FreeBSD /ports 41076da — graphics/openexr distinfo Makefile, graphics/openexr-website-docs distinfo Makefile graphics/openexr*: Security update to 3.4.11
Changelog:
https://github.com/AcademySoftwareFoundation/openexr/releases/tag/v3.4.11
PR: 294882
Security: 787cde46 -4424-11f1-943f-05b19d100dca
CVE-2026-42217
CVE-2026-42216
CVE-2026-41142
MFH: 2026Q2
Pull Request: https://github.com/freebsd/freebsd-ports/pull/511
(cherry picked from commit 782fe1731d04b9842442b7e06b28c43884dcd542 )
FreeBSD /ports 9e8abf3 — graphics/openexr distinfo Makefile, graphics/openexr-website-docs distinfo Makefile graphics/openexr*: Security update to 3.4.10
Addresses security vulnerabilities
Changelog:
https://github.com/AcademySoftwareFoundation/openexr/releases/tag/v3.4.10
Obtained from: GitHub repo
Security: CVE-2026-39886
CVE-2026-40244
CVE-2026-40250
Pull Request: https://github.com/freebsd/freebsd-ports/pull/511
(cherry picked from commit a096d170b8b4eaa6b2f8f9b54ecb616d14346a19 )
FreeBSD /ports 8625e76 — security/openvpn distinfo Makefile, security/openvpn/files patch-inotify security/openvpn: security update to 2.6.20
Changelog: https://github.com/OpenVPN/openvpn/releases/tag/v2.6.20
Security: 549313db -3e93-11f1-8d38-7fbbe0285610
Security: CVE-2026-35058
Security: CVE-2026-40215
PR: 294714
Pull Request: https://github.com/freebsd/freebsd-ports/pull/511
(direct commit to quarterly, branches have diverged)
*: Bump PORTREVISION on Poppler's consumers
FreeBSD /ports 157bebc — graphics/inkscape/files patch-src_extension_internal_pdfinput_pdf-parser.cpp patch-src_extension_internal_pdfinput_poppler-utils.cpp graphics/inkscape: Fix build against newest Poppler
Differential Revision: https://reviews.freebsd.org/D56472
FreeBSD /ports a905fc4 — editors/libreoffice/files patch-sdext_source_pdfimport_xpdfwrapper_pdfioutdev__gpl.cxx patch-sdext_source_pdfimport_xpdfwrapper_pdfioutdev__gpl.hxx editors/libreoffice: Fix build against newest Poppler
Differential Revision: https://reviews.freebsd.org/D56472
FreeBSD /ports b9ae6cf — editors/calligra/files patch-filters_karbon_pdf_SvgOutputDev.cpp patch-filters_karbon_pdf_SvgOutputDev.h editors/calligra: Fix build against newest Poppler
Differential Revision: https://reviews.freebsd.org/D56472
FreeBSD /ports b0f92c5 — graphics/poppler Makefile distinfo, graphics/poppler-qt5 Makefile pkg-plist graphics/poppler{,-glib,-qt5,-qt6,-utils}: Update to 26.04.0
Differential Revision: https://reviews.freebsd.org/D56472
textproc/rubygem-nokogiri: Update to 1.19.3
Changes: https://github.com/sparklemotion/nokogiri/releases
https://nokogiri.org/CHANGELOG.html
(cherry picked from commit 1dfa57e9b7cc65796adc5c841d744567ed5f550d )
FreeBSD /ports d524220 — textproc/rubygem-nokogiri distinfo Makefile, textproc/rubygem-nokogiri/files patch-gemspec textproc/rubygem-nokogiri: Update to 1.18.10
Changes: https://github.com/sparklemotion/nokogiri/releases
https://nokogiri.org/CHANGELOG.html
(cherry picked from commit a6699af8ba44f228c08a091966bd2ec3240d3080 )
www/rubygem-railties72: Update to 7.2.3.1
Changes: https://github.com/rails/rails/releases
(cherry picked from commit 9942324f0c594d965d1d84a82850fe3912659616 )
www/rubygem-actionpack72: Update to 7.2.3.1
Changes: https://github.com/rails/rails/releases
(cherry picked from commit 42786db4a89667e7458d5ce234b8cc2b57481330 )
www/rubygem-rails72: Update to 7.2.3.1
Changes: https://github.com/rails/rails/releases
(cherry picked from commit 1b84dc7c29bc6fb2313dc3ce0fa6e7e353218a11 )
www/rubygem-actioncable72: Update to 7.2.3.1
Changes: https://github.com/rails/rails/releases
(cherry picked from commit 6acbdf31f023c596484af9a315cff5f300ae3001 )
net/rubygem-activestorage72: Update to 7.2.3.1
Changes: https://github.com/rails/rails/releases
(cherry picked from commit e0297d5f647878efa52064da2e471ae998be4255 )
textproc/rubygem-actiontext72: Update to 7.2.3.1
Changes: https://github.com/rails/rails/releases
(cherry picked from commit 448ea384f9859201474dbd6d8bb3317dd6a8b9df )
mail/rubygem-actionmailer72: Update to 7.2.3.1
Changes: https://github.com/rails/rails/releases
(cherry picked from commit fec1ecfb687f1b8c4391ef196bac20b3173d2389 )
mail/rubygem-actionmailbox72: Update to 7.2.3.1
Changes: https://github.com/rails/rails/releases
(cherry picked from commit b36cf77db4090ed7db49fcbf92b7a1df34e61b81 )
devel/rubygem-activesupport72: Update to 7.2.3.1
Changes: https://github.com/rails/rails/releases
(cherry picked from commit 985609b2dace7d8b905a6a70669388c415628392 )
devel/rubygem-activejob72: Update to 7.2.3.1
Changes: https://github.com/rails/rails/releases
(cherry picked from commit e09c7e9aa572bd2b014887f82fb59a9737443462 )
devel/rubygem-actionview72: Update to 7.2.3.1
Changes: https://github.com/rails/rails/releases
(cherry picked from commit f6f13f567967d7d93bec202016294344e8c2a29c )
databases/rubygem-activerecord72: Update to 7.2.3.1
Changes: https://github.com/rails/rails/releases
(cherry picked from commit 15c97ee36880668515b6c54d98859c8ef1c560b3 )
databases/rubygem-activemodel72: Update to 7.2.3.1
Changes: https://github.com/rails/rails/releases
(cherry picked from commit 4c002606a4840433a323bce96463f9345d81aad8 )
ftp/curl: Update to 8.20.0
Changes: https://curl.se/changes.html
Security: CVE-2026-4873 , CVE-2026-5545 , CVE-2026-5773 , CVE-2026-6253 , CVE-2026-6276 , CVE-2026-6429 , CVE-2026-7009 , CVE-2026-7168
(cherry picked from commit a7c6b2255cf43aeb71e7203fdb79d9c71734f69a )
astro/cfitsio: Update to 4.6.4
Changes: https://heasarc.gsfc.nasa.gov/FTP/software/fitsio/c/docs/changes.txt
(cherry picked from commit cb13705d5da086e54891678c363f639e4719e8f8 )
net/rustconn: Update to 0.12.9
ChangeLog:
- https://github.com/totoshko88/RustConn/releases/tag/v0.12.8
- https://github.com/totoshko88/RustConn/releases/tag/v0.12.9
Reported by: "github-actions[bot]" <notifications at github.com>
