BSD Commit Log Search

graphics/openexr*: Security update to v3.4.5 and i386 fix

"Patch release that fixes an incorrect size check in
istream_nonparallel_read that could lead to a buffer overflow on invalid
input data."

Also fix i386 self-tests by adding -msse2: i386 builds require SSE2, but
the upstream cmake stuff does not enable this, so use CFLAGS_i386.

To prevent people seeing SIGILL crashes down late at run-time,
check if the CPU is sse2-capable by querying the clang compiler from
the pre-install script (pkg-plist's @preexec). Suggested by diizzy@.
  Other than that we could use the cpuid or the lscpu port instead, but
let's for now assume everything that wants to run OpenEXR also has a
working cc that is clang and has -march=native and gives us CPU details).
(GCC also gives us this but will use a different output format.)

While here, make failed tests verbose through ctest's environment so we
can see what's up from the build log already. (We need to go through

    [6 lines not shown]

www/restinio: Fix detection of llhttp's shared library

Upstream refers to it as llhttp_shared not llhttp_dynamic

Reference:
https://github.com/nodejs/llhttp/blob/release/v9.3.0/CMakeLists.txt#L96

Approved by:    blanket (just fix it)

net/cloud-init-devel: Deprecate and set expiration date to 2026-03-31

Currently unmaintained and years behind net/cloud-init

Reference: https://reviews.freebsd.org/D48959

security/vuxml: Add openexr < 3.4.5

Security:       716d25a6-0fdc-11f1-bfdf-ff9355aecb00

multimedia/mediamtx: Update to 1.16.2

Changelog: https://github.com/bluenviron/mediamtx/releases/tag/v1.16.2

[libclc][CMake] Add COMPONENT ${ARG_PARENT_TARGET} to install (#182716)

Toolchain can specify the component to selectively install libclc to a
deploy folder. E.g. our downstream SYCL toolchain deploy:
https://github.com/intel/llvm/blob/e7b423fd517d/sycl/CMakeLists.txt#L531

Also check ARG_PARENT_TARGET is defined and non-empty.

Co-authored-by: Jinsong Ji <jinsong.ji at intel.com>

databases/sqlcipher: Bump PORTREVISION after fix consumers

PR:     292688

[Polly] Update isl to isl-0.27-82-g38cf72a4 (#182786)

Update isl to include
https://repo.or.cz/isl.git/commit/38cf72a41b708475fc22dc9fc62c7caae1ac29f6
which fixes #179993. This changes some string representations of ISL
objects in tests which are updated.

Fixes #179993

Thanks @skimo-openhub for the fix and @thapgua for the bugreport.

databases/sqlcipher: Fix consumers

Rename installed files from *sqlite3* back to *sqlcipher*.
Unbreak consumers:
- finance/kmymoney
- finance/skrooge
- net-im/gurk-rs
- net-im/qTox
- net-p2p/retroshare
- databases/py-sqlcipher3

While here improve port:
- Use USES=localbase instead of CFLAGS+=-I${LOCALBASE}/include and
  LDFLAGS+=-L${LOCALBASE}/lib.
- Split long lines.
- Fix warnings from portclippy.
- Sort CONFIGURE_ARGS and CPPFLAGS.

PR:             292688

    [2 lines not shown]

Add gbi shortcut and settings pkg (#264)

net-im/nchat: update: 5.12.21 ->  5.13.17

ChangeLog:      https://github.com/d99kris/nchat/compare/v5.12.21...v5.13.17

Sponsored by:   tipi.work

Move cronjob namespace to be typesafe

Move cronjob namespace to be typesafe

Reapply "[mlir][linalg] Make conv dim inference return pairing (outputImage, filterLoop)" (#182740)

The original method sorts all the dimensions which loses the information
about pairing. It makes other transformation that works on generic op
form harder. The revision ensures the pairing, so callers have more
useful information when they work on transformations.

The revision was reverted because of memory leak. The fix is using
OwningOpRef to wrap ModuleOp, so the nested operations are destroyed at
the end, which is similar to other MLIR unittests.

---------

Signed-off-by: hanhanW <hanhan0912 at gmail.com>

emulators/virtualbox-ose{,-70,-71,-72,-legacy}: Improve port (non-functional)

- Replace ${PREFIX}/share/applications with ${DESKTOPDIR}.
- Replace "*" with . in COPYTREE_SHARE.

emulators/virtualbox-ose*: Add support of "Unattended Installation of Guest OS" feature

Install files required by Unattended Installation of Guest OS feature.
These files were already prepared during the ports' build, so just add
them to the installation.

Details about this feature are here:
https://www.virtualbox.org/manual/topics/create-vm.html#tk_create-vm-unattended-install

Reported by:    xin3qu via IRC (#freebsd-vbox @ Libera.Chat)

math/octave-forge-linear-algebra: Update to 2.2.4.

   vmd(8): convert virtio scsi device to a subprocess.

   Break the virtio scsi device (used as a cd-rom drive) into a
   subprocess like the virtio block and network devices. This leaves
   only the entropy device (viornd) and vmmci device running in-process
   with the vcpus.

   ok mlarkin@

   Reset the PNVM segment count back to zero after we free the segments.
   Prevents us from calling bus_dmamap_sync(9) on random DMA map pointers
   when reloading the firmware.

   ok stsp@

   doc: update for 7053

   Don't include both <elf.h> and <libelf.h> on NetBSD, fix build on
   NetBSD 11

   Pullup ticket #7053 - requested by nia
   www/palemoon: Bug fix

   Revisions pulled up:
   - www/palemoon/options.mk                                       1.2

   ---
      Module Name:      pkgsrc
      Committed By:     nia
      Date:             Sun Feb 22 11:05:44 UTC 2026

      Modified Files:
        pkgsrc/www/palemoon: options.mk

      Log Message:
      palemoon: dbus option needs dbus-glib

      PR pkg/60028

Revert "[InstCombine] Allow freezing multiple operands (#154336)" (#182769)

This reverts commit f8f6965ceece9e330ddb66db5f402ecfb5e3ad34.

This is causing infinte loops interacting with other transforms. See
discussion on #182647 .

   plug leak in transposeword(); from Han Boetes (hboetes at gmail), thanks!

   extracted from a bigger diff.

*/*: Update maintainer email to xlibre at FreeBSD.org

- Add powerpc64le to x11-drivers/xlibre-xf86-video-ast port

[𝘀𝗽𝗿] initial version

Created using spr 1.3.7

net/asterisk22: Update 20.18.1 => 20.18.2

Security Advisories Resolved: 4
- GHSA-85x7-54wr-vh42: Asterisk xml.c uses unsafe XML_PARSE_NOENT
  leading to potential XXE Injection.
- GHSA-rvch-3jmx-3jf3: ast_coredumper running as root sources
  ast_debug_tools.conf from /etc/asterisk; potentially leading to
  privilege escalation.
- GHSA-v6hp-wh3r-cwxh: The Asterisk embedded web server's /httpstatus
  page echos user supplied values(cookie and query string) without
  sanitization.
- GHSA-xpc6-x892-v83c: ast_coredumper runs as root, and writes gdb init
  file to world writeable folder; leading to potential privilege
  escalation.

Changelog:
https://downloads.asterisk.org/pub/telephony/asterisk/old-releases/ChangeLog-20.18.2.html

PR:             293361

    [8 lines not shown]

net/asterisk22: Update 22.8.1 => 22.8.2

Security Advisories Resolved: 4
- GHSA-85x7-54wr-vh42: Asterisk xml.c uses unsafe XML_PARSE_NOENT
  leading to potential XXE Injection.
- GHSA-rvch-3jmx-3jf3: ast_coredumper running as root sources
  ast_debug_tools.conf from /etc/asterisk; potentially leading to
  privilege escalation.
- GHSA-v6hp-wh3r-cwxh: The Asterisk embedded web server's /httpstatus
  page echos user supplied values(cookie and query string) without
  sanitization.
- GHSA-xpc6-x892-v83c: ast_coredumper runs as root, and writes gdb init
  file to world writeable folder; leading to potential privilege
  escalation.

Changelog:
https://downloads.asterisk.org/pub/telephony/asterisk/old-releases/ChangeLog-22.8.2.html

PR:             293361

    [8 lines not shown]

Make Gershwin ISO use lightdm for now (#263)

* Make gershwin use lightdm for now

* Adding back lightdm for Gershwin

* Remove loginwindow_setup

   If we have a non-zero hint and none of the address selectors managed to
   return a valid address, set the hint to zero and retry.  This fixes
   mmap(2) with a hint (and without MAP_FIXED) when the hint falls outside
   of the userland address space range.

   ok deraadt@