FreeBSD/ports 96b7b9bsecurity/modsecurity3-nginx distinfo Makefile, www/nginx distinfo

www/nginx: Update to 1.30.4

Changes:

*) Security: heap buffer overflow when using the map directive with
   regex matching (CVE-2026-42533)
*) Security: uninitialized memory access when using unnamed regex
   captures with the "slice" directive or background cache update
   (CVE-2026-60005)
*) Security: use-after-free when processing a specially crafted
   proxied backend response with the ngx_http_ssi_filter_module
   (CVE-2026-56434)

Release Notes:  https://nginx.org/en/CHANGES-1.30
Security:       56feeac6-8263-11f1-92ba-bc24110523fe
Security:       CVE-2026-42533
Security:       CVE-2026-56434
Security:       CVE-2026-60005


    [3 lines not shown]
DeltaFile
+5-5www/nginx-acme/distinfo
+3-3www/nginx-module-lua/distinfo
+3-3security/modsecurity3-nginx/distinfo
+3-3www/nginx/distinfo
+2-2security/modsecurity3-nginx/Makefile
+2-1www/nginx-module-lua/Makefile
+18-174 files not shown
+22-2110 files

FreeBSD/ports 957241fwww/nginx-devel distinfo Makefile

www/nginx-devel: Update to 1.31.3

Changes:

*) Security: heap buffer overflow when using the map directive with
   regex matching (CVE-2026-42533)
*) Security: uninitialized memory access when using unnamed regex
   captures with the "slice" directive or background cache update
   (CVE-2026-60005)
*) Security: use-after-free when processing a specially crafted
   proxied backend response with the ngx_http_ssi_filter_module
   (CVE-2026-56434)
*) Change: the size of headers and trailers in HTTP/2 responses in
   the ngx_http_proxy_v2_module and ngx_http_grpc_module is now
   limited with "proxy_buffer_size" and "grpc_buffer_size"
*) Feature: the "xml_external_entities" directive in the
   ngx_http_xslt_filter_module; loading of external entities is now
   disabled by default


    [9 lines not shown]
DeltaFile
+3-3www/nginx-devel/distinfo
+1-1www/nginx-devel/Makefile
+1-1www/nginx-devel/version.mk
+5-53 files

NetBSD/pkgsrc-wip 4658039emacs-git distinfo, emacs-git/patches patch-Makefile.in

emacs-git: remove again, seems merged
DeltaFile
+0-61emacs-git/patches/patch-Makefile.in
+0-3emacs-git/distinfo
+0-642 files

FreeBSD/src 506e3e3sys/netinet tcp_input.c

tcp: Align PRR implementation with RFC 9937

- Early return when no new data is delivered
- Switching from PRR-CRB to PRR-SSRB only when both SND.UNA advances and no further loss is indicated.
- Accounting for sequence ranges SACKed before entering recovery in RecoverFS calculation.
- Force a fast retransmit upon entering recovery when prr_out is 0 AND SndCnt is 0.
- Set cwnd to ssthresh post recovery.

Obtained from: mohnishhemanthkumar_gmail.com
Reviewed by: rscheff, tuexen
Differential Revision: https://reviews.freebsd.org/D56535
MFC after: 3 months
DeltaFile
+23-21sys/netinet/tcp_input.c
+23-211 files

NetBSD/pkgsrc-wip 68e8423emacs-git distinfo, emacs-git/patches patch-Makefile.in

emacs-git: restore still needed patch
DeltaFile
+61-0emacs-git/patches/patch-Makefile.in
+3-0emacs-git/distinfo
+64-02 files

NetBSD/pkgsrc cXTQuJudoc CHANGES-2026

   Note PKGREVISION updates of gcc12 and gcc12-libs.
VersionDeltaFile
1.4529+3-1doc/CHANGES-2026
+3-11 files

NetBSD/pkgsrc-wip d00b227emacs-git distinfo, emacs-git/patches patch-lib_getopt1.c patch-lib_getopt-pfx-ext.h

emacs-git: patches have been merged, remove them
DeltaFile
+0-36emacs-git/patches/patch-lib_getopt1.c
+0-14emacs-git/patches/patch-lib_getopt-pfx-ext.h
+0-4emacs-git/distinfo
+0-543 files

NetBSD/pkgsrc CvBXdPslang/gcc12 Makefile distinfo, lang/gcc12-libs Makefile

   lang/gcc12: pull over the changes to rs6000/netbsd.h from our in-tree gcc.

   This is so that this builds and runs on powerpc/11.0*.

   The most important fix is that on powerpc, -msecure-plt is enabled by
   default, so that resulting executables can be run with PAX_MPROTECT active.
   Otherwise, we end up with executables with sections which have both
   "write" and "execute" turned on, which PAX_MPROTECT rejects.

   Fixes PR#60439.

   Bump PKGREVISION for both gcc12 and gcc12-libs, to adhere to rules in comments.
VersionDeltaFile
1.1+100-0lang/gcc12/patches/patch-gcc_config_rs6000_netbsd.h
1.15+2-2lang/gcc12/Makefile
1.13+2-2lang/gcc12-libs/Makefile
1.18+2-1lang/gcc12/distinfo
+106-54 files

NetBSD/src m6xeKvxusr.bin/ftp fetch.c

   base64_encode(): avoid reading off end of clear

   Don't read clear[i+2] without bounds checking,
   which can occur when (len % 3) == 1.

   Issue reported in private email by "Acts1631",
   and confirmed with gcc15 asan and a test harness.
VersionDeltaFile
1.248+12-9usr.bin/ftp/fetch.c
+12-91 files

LLVM/project ccd0e98lldb/source/Plugins/SymbolFile/NativePDB UdtRecordCompleter.cpp, lldb/test/API/lang/cpp/enum-limits TestCPPEnumLimits.py main.cpp

[lldb][NativePDB] Fix width and signedness of enum constants (#210338)

Enumerator values aren't always encoded in the correct bit width and
signedness. This happens with both MSVC and Clang.

On MSVC, unsigned 64bit enumerators can be encoded as signed. For
example `ULONGLONG_MAX` will be encoded as `-1`.
Clang/LLVM will always encode the values as unsigned.

Example: https://godbolt.org/z/96YjGW48W.

I fixed this by setting the expected width and signedness when creating
the enumerator constant. We can't use a shell test like for the other
PDB tests, because no output shows the enum values.
DeltaFile
+91-0lldb/test/API/lang/cpp/enum-limits/TestCPPEnumLimits.py
+48-0lldb/test/API/lang/cpp/enum-limits/main.cpp
+17-1lldb/source/Plugins/SymbolFile/NativePDB/UdtRecordCompleter.cpp
+3-0lldb/test/API/lang/cpp/enum-limits/Makefile
+159-14 files

NetBSD/pkgsrc mJNhJMEdoc CHANGES-2026

   doc: Updated devel/py-lupa to 2.8nb1
VersionDeltaFile
1.4528+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc Y3CxgUwdevel/py-lupa Makefile PLIST

   py-lupa: fix build on NetBSD

   needs gmake for included luajit; add it to PLIST

   Bump PKGREVISION.
VersionDeltaFile
1.23+3-2devel/py-lupa/Makefile
1.6+3-1devel/py-lupa/PLIST
+6-32 files

NetBSD/pkgsrc hPi6jLmdoc CHANGES-2026

   doc: Updated devel/p5-Data-Alias to 1.30
VersionDeltaFile
1.4527+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc Hcb4Q8bdevel/p5-Data-Alias distinfo Makefile

   p5-Data-Alias: update to 1.30.

   1.30  2026-03-11  XMATH
       - Use isGV_with_GP_on when available. (RT 173582)

   1.29  2026-02-02  XMATH
       - Fix compatibility with perl 5.43.8  (contributed by mauke)
VersionDeltaFile
1.16+4-4devel/p5-Data-Alias/distinfo
1.36+3-4devel/p5-Data-Alias/Makefile
+7-82 files

NetBSD/pkgsrc f76y8p8devel Makefile, devel/p5-Compress-PPMd distinfo Makefile

   p5-Compress-PPMd: remove

   Doesn't build with perl 5.44, upstream is gone, no users in pkgsrc
VersionDeltaFile
1.4662+1-2devel/Makefile
1.4526+2-1doc/CHANGES-2026
1.5+1-1devel/p5-Compress-PPMd/distinfo
1.22+1-1devel/p5-Compress-PPMd/Makefile
1.2+0-0devel/p5-Compress-PPMd/DESCR
+5-55 files

NetBSD/pkgsrc icpfi1Ndevel/p5-Data-Serializer Makefile MESSAGE

   p5-Data-Serializer: remove references to p5-Compress-PPMd
VersionDeltaFile
1.28+1-2devel/p5-Data-Serializer/Makefile
1.3+1-2devel/p5-Data-Serializer/MESSAGE
+2-42 files

LLVM/project 2730fc8llvm/lib/Target/SPIRV SPIRVInstructionSelector.cpp, llvm/test/CodeGen/SPIRV/extensions/SPV_KHR_bfloat16 bfloat16.ll

[SPIR-V] Handle bfloat in getZeroFP/getOneFP (#202859)

Related spirv-val change:
https://github.com/KhronosGroup/SPIRV-Tools/pull/6734

---------

Co-authored-by: Juan Manuel Martinez Caamaño <jmartinezcaamao at gmail.com>
DeltaFile
+57-8llvm/test/CodeGen/SPIRV/extensions/SPV_KHR_bfloat16/bfloat16.ll
+4-0llvm/lib/Target/SPIRV/SPIRVInstructionSelector.cpp
+61-82 files

LLVM/project 3fc4fcaclang/lib/StaticAnalyzer/Checkers/WebKit RawPtrRefCallArgsChecker.cpp, clang/test/Analysis/Checkers/WebKit call-args.cpp

[alpha.webkit.UncountedCallArgsChecker] Crash in printArgument (#210411)

The crash was caused by missing nullptr check for Decl used to get
printing policy. Fixed the bug by replacing the use of Decl with
BugManager to get the policy.
DeltaFile
+5-6clang/lib/StaticAnalyzer/Checkers/WebKit/RawPtrRefCallArgsChecker.cpp
+10-0clang/test/Analysis/Checkers/WebKit/call-args.cpp
+15-62 files

NetBSD/xsrc GYxRmfpexternal/mit/xterm/dist ptydata.c ptyx.h

   Point fix to repair UTF-8 menu selection (from xterm 407)
   See PR xsrc/60398.
VersionDeltaFile
1.2+757-190external/mit/xterm/dist/ptydata.c
1.23+3-0external/mit/xterm/dist/ptyx.h
+760-1902 files

LLVM/project ea50c8c.github/workflows premerge.yaml

Fix macOS casing in premerge workflow (#210477)
DeltaFile
+1-1.github/workflows/premerge.yaml
+1-11 files

FreeBSD/ports 863f062x11-fm/thunar distinfo Makefile

x11-fm/thunar: Update to 4.20.9
DeltaFile
+3-4x11-fm/thunar/distinfo
+1-1x11-fm/thunar/Makefile
+1-0x11-fm/thunar/pkg-plist
+5-53 files

FreeBSD/ports 6ce9f2bwww/remark42 distinfo Makefile

www/remark42: update to 1.16.4

Switch build toolchain from npm-node22 to npm-node24. The frontend
switched to pnpm workspaces but the app has no intra-repo dependencies,
so npm continues to work with COREPACK_ENABLE_STRICT=0.
DeltaFile
+49-53www/remark42/distinfo
+27-29www/remark42/Makefile
+76-822 files

OpenBSD/ports FU1CHFSsysutils/gemini-cli Makefile distinfo, sysutils/gemini-cli/pkg PLIST

   Update to gemini-cli-0.51.0.
VersionDeltaFile
1.31+48-48sysutils/gemini-cli/pkg/PLIST
1.34+1-3sysutils/gemini-cli/Makefile
1.32+2-2sysutils/gemini-cli/distinfo
+51-533 files

OpenBSD/ports ZthjgJnsysutils/awscli/v1 distinfo Makefile

   Update to awscli-1.45.51.
VersionDeltaFile
1.39+2-2sysutils/awscli/v1/distinfo
1.41+1-1sysutils/awscli/v1/Makefile
+3-32 files

OpenBSD/ports dMAO3tpnet/py-boto3 distinfo Makefile

   Update to py3-boto3-1.43.51.
VersionDeltaFile
1.657+2-2net/py-boto3/distinfo
1.669+1-1net/py-boto3/Makefile
+3-32 files

OpenBSD/ports nRYO2Fwnet/py-botocore distinfo Makefile

   Update to py3-botocore-1.43.51.
VersionDeltaFile
1.874+2-2net/py-botocore/distinfo
1.884+1-1net/py-botocore/Makefile
+3-32 files

FreeBSD/ports 008647eaudio/pipewire-spa-oss-ng distinfo Makefile

audio/pipewire-spa-oss-ng: Update to 0.9.7

Keep the device byte stream frame-aligned across short writes and reads.
DeltaFile
+19-19audio/pipewire-spa-oss-ng/distinfo
+9-9audio/pipewire-spa-oss-ng/Makefile
+28-282 files

LLVM/project acdf320cmake/Modules LLVMVersion.cmake

Fix bumping of version to 23.1.0-rc1.
DeltaFile
+1-1cmake/Modules/LLVMVersion.cmake
+1-11 files

FreeBSD/ports 114a421misc/py-hf-xet distinfo Makefile.crates

misc/py-hf-xet: Update to 1.5.2

Changelog: https://github.com/huggingface/xet-core/releases/tag/v1.5.2

Reported by:    Repology
DeltaFile
+35-71misc/py-hf-xet/distinfo
+16-34misc/py-hf-xet/Makefile.crates
+1-1misc/py-hf-xet/Makefile
+52-1063 files

FreeBSD/ports ad86dd8security/py-google-cloud-kms distinfo Makefile

security/py-google-cloud-kms: Update to 3.16.0

Changelog: https://github.com/googleapis/google-cloud-python/blob/google-cloud-kms-v3.16.0/packages/google-cloud-kms/CHANGELOG.md

Reported by:    portscout
DeltaFile
+3-3security/py-google-cloud-kms/distinfo
+1-1security/py-google-cloud-kms/Makefile
+4-42 files