FreeBSD/ports 310ddc0irc/weechat distinfo Makefile, irc/weechat/files patch-CMakeLists.txt patch-src_core_CMakeLists.txt

irc/weechat: Update to 4.9.0
DeltaFile
+33-7irc/weechat/files/patch-CMakeLists.txt
+0-23irc/weechat/files/patch-src_core_CMakeLists.txt
+3-3irc/weechat/distinfo
+1-1irc/weechat/Makefile
+37-344 files

FreeBSD/ports 1c5e093security/vuxml/vuln 2026.xml

security/vuxml: Document Roundcube vulnerability
DeltaFile
+28-0security/vuxml/vuln/2026.xml
+28-01 files

OPNSense/core 4fac6cdsrc/opnsense/mvc/app/controllers/OPNsense/Dnsmasq/Api LeasesController.php, src/opnsense/mvc/app/views/OPNsense/Dnsmasq leases.volt

dnsmasq: Prevent * from being collected as client_id to prevent it being matched as static reservation (#10055)
DeltaFile
+2-1src/opnsense/mvc/app/controllers/OPNsense/Dnsmasq/Api/LeasesController.php
+1-1src/opnsense/mvc/app/views/OPNsense/Dnsmasq/leases.volt
+3-22 files

FreeBSD/ports 3d519bascience/tblite pkg-plist distinfo

science/tblite: update 0.5.0 → 0.5.0.10
DeltaFile
+0-9science/tblite/pkg-plist
+3-3science/tblite/distinfo
+2-2science/tblite/Makefile
+5-143 files

FreeBSD/ports 62485ebscience/dftd4 distinfo pkg-plist, science/py-dftd4 distinfo Makefile

science/{,py-}dftd4: update 3.7.0 → 4.1.0
DeltaFile
+3-3science/py-dftd4/distinfo
+3-3science/dftd4/distinfo
+2-3science/dftd4/pkg-plist
+3-2science/dftd4/Makefile
+2-1science/py-dftd4/Makefile
+1-1science/py-qcengine/Makefile
+14-136 files

FreeBSD/ports 2c2f8c2devel/amber distinfo Makefile

devel/amber: update 0.6.0 → 0.6.1
DeltaFile
+211-167devel/amber/distinfo
+105-84devel/amber/Makefile
+316-2512 files

FreeBSD/ports f24524cscience/multicharge Makefile pkg-plist

science/multicharge: update 0.4.0 → 0.5.0
DeltaFile
+8-2science/multicharge/Makefile
+7-2science/multicharge/pkg-plist
+5-3science/multicharge/distinfo
+20-73 files

FreeBSD/ports 2992112devel/cocogitto distinfo Makefile

devel/cocogitto: update 6.5.0 → 7.0.0
DeltaFile
+235-215devel/cocogitto/distinfo
+123-108devel/cocogitto/Makefile
+358-3232 files

FreeBSD/ports d22842fdatabases/powa-web distinfo Makefile

databases/powa-web: Update to 5.1.4

Release notes:  https://github.com/powa-team/powa-web/releases/tag/5.1.4
DeltaFile
+3-3databases/powa-web/distinfo
+1-1databases/powa-web/Makefile
+4-42 files

OpenBSD/src 3iM0BWisys/tmpfs tmpfs_subr.c

   sys/tmpfs: use getnanotime() like FFS and MFS

   Editing files on tmpfs uses nanotime() to update mtime, and touch uses
   utimensat(UTIME_NOW) which uses getnanotime() which is cached and which
   can be smaller.

   So, sed ... A && touch B leads to mtime(A) > mtime(B) which isn't excted.

   "Yep" deraadt@
VersionDeltaFile
1.28+2-2sys/tmpfs/tmpfs_subr.c
+2-21 files

NetBSD/src OlVywEdsys/arch/mvme68k/conf majors.mvme68k, sys/arch/sun3/conf majors.sun3

   join the party and fix similar typos in few more comments.
VersionDeltaFile
1.275+3-3sys/net/if_spppsubr.c
1.24+2-2sys/arch/mvme68k/conf/majors.mvme68k
1.24+2-2sys/arch/sun3/conf/majors.sun3
+7-73 files

NetBSD/pkgsrc UNHLIS0doc CHANGES-2026

   doc: Updated textproc/p5-XML-Parser to 2.54
VersionDeltaFile
1.1945+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc LZbPUmztextproc/p5-XML-Parser distinfo Makefile

   p5-XML-Parser: update to 2.54.

   2.54 2026-03-27 (by Todd Rinaldo)

     Fixes:
       - PR #196 Plug XS memory leaks on error paths in Expat.xs
         (externalEntityRef, parse_stream, ParserCreate)
       - PR #204 Add defensive NULL checks in Expat.xs to prevent crashes
         on memory exhaustion and undefined behavior on short input lines
       - PR #203 Add explicit package main after inline package declarations
         in test files to clarify scope

     Improvements:
       - PR #207 GH #205 Add GitHub Actions workflow to auto-create GitHub
         Releases on tag push, enabling downstream notification via
         GitHub's release watch
       - PR #209 Update AUTHORS POD in Parser.pm and Expat.pm to reflect
         full maintainer history
       - PR #210 Add CI badge to POD via =for markdown directive so it

    [42 lines not shown]
VersionDeltaFile
1.21+4-4textproc/p5-XML-Parser/distinfo
1.63+2-2textproc/p5-XML-Parser/Makefile
+6-62 files

NetBSD/pkgsrc SZWJE4hdoc CHANGES-2026

   doc: Updated converters/p5-JSON to 4.11
VersionDeltaFile
1.1944+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc oGGwC4jconverters/p5-JSON distinfo Makefile

   p5-JSON: update to 4.11.

   4.11 2026-03-22
       - updated backportPP with JSON::PP 4.18
VersionDeltaFile
1.33+4-4converters/p5-JSON/distinfo
1.50+3-4converters/p5-JSON/Makefile
+7-82 files

NetBSD/pkgsrc 1gPQMxqdoc TODO CHANGES-2026

   doc: Updated devel/p5-Clone to 0.50
VersionDeltaFile
1.26996+2-2doc/TODO
1.1943+2-1doc/CHANGES-2026
+4-32 files

NetBSD/pkgsrc yqboJjadevel/p5-Clone Makefile distinfo

   p5-Clone: update to 0.50.

   0.50 2026-03-28 atoomic
     - fix: deep-copy HVs past MAX_DEPTH instead of aliasing (GH #93)
     - fix: strip macOS xattrs from dist directory before packaging
     - cleanup: remove unreachable break and empty magic_ref if-body in Clone.xs
     - docs: update MAX_DEPTH limits to reflect actual platform values
     - docs: add SECURITY.md policy for vulnerability reporting
     - Prefer using gtar in Makefile.PL
VersionDeltaFile
1.50+2-6devel/p5-Clone/Makefile
1.25+4-4devel/p5-Clone/distinfo
+6-102 files

NetBSD/pkgsrc unn2ovLx11/wezterm distinfo cargo-depends.mk, x11/wezterm/patches patch-Cargo.lock patch-Cargo.toml

   wezterm: switch to a newer crate version to fix build with rust 1.94
VersionDeltaFile
1.1+16-0x11/wezterm/patches/patch-Cargo.lock
1.2+12-3x11/wezterm/patches/patch-Cargo.toml
1.5+6-5x11/wezterm/distinfo
1.3+1-1x11/wezterm/cargo-depends.mk
+35-94 files

FreeBSD/src 7d1285esys/amd64/amd64 exec_machdep.c

amd64 sendsig(): explicitly copy registers from trapframe to ucontext

With the IDT event delivery, previously reserved fields in tf_cs and
tf_ss are guaranteed to be zero. With FRED, these fields are not zero,
which affects the values copied to userspace.

Reviewed by:    markj
Sponsored by:   The FreeBSD Foundation
MFC after:      1 week
Differential revision:  https://reviews.freebsd.org/D56141
DeltaFile
+28-1sys/amd64/amd64/exec_machdep.c
+28-11 files

FreeBSD/ports 934b671devel/gitaly distinfo, net/gitlab-agent distinfo

www/gitlab: security and patch update to 18.10.1

Changes:        https://about.gitlab.com/releases/2026/03/25/patch-release-gitlab-18-10-1-released/
Security:       b933083e-2b2e-11f1-b60a-2cf05da270f3
DeltaFile
+13-13devel/gitaly/distinfo
+6-6www/gitlab/distinfo
+5-5www/gitlab-pages/distinfo
+5-5www/gitlab-workhorse/distinfo
+5-5net/gitlab-agent/distinfo
+1-1www/gitlab/Makefile.common
+35-356 files

FreeBSD/ports 7b92e8fnet/traefik distinfo Makefile

net/traefik: Update to upstream release 3.6.12

Details:
- Bugfix release, see
  https://github.com/traefik/traefik/releases/tag/v3.6.12
- Includes security fixes:
  - BasicAuth/DigestAuth Identity Spoofing via Non-Canonical headerField
  - Update dependency for a previously vulnerable gRPC-go implementation

MFH:            2026Q1
Security:       CVE-2026-33433
                CVE-2026-33186
(cherry picked from commit 3c1a911846043a4d046d8a985393fa04273f52ce)
DeltaFile
+3-3net/traefik/distinfo
+1-1net/traefik/Makefile
+4-42 files

FreeBSD/ports 3c1a911net/traefik distinfo Makefile

net/traefik: Update to upstream release 3.6.12

Details:
- Bugfix release, see
  https://github.com/traefik/traefik/releases/tag/v3.6.12
- Includes security fixes:
  - BasicAuth/DigestAuth Identity Spoofing via Non-Canonical headerField
  - Update dependency for a previously vulnerable gRPC-go implementation

MFH:            2026Q1
Security:       CVE-2026-33433
                CVE-2026-33186
DeltaFile
+3-3net/traefik/distinfo
+1-1net/traefik/Makefile
+4-42 files

OPNSense/plugins d1ebcc4security/q-feeds-connector/src/opnsense/scripts/qfeeds/lib log.py

security/q-feeds-connector - ignore "pass" log lines for `qfeedsctl.py logs`, closes https://github.com/opnsense/plugins/issues/5349
DeltaFile
+6-2security/q-feeds-connector/src/opnsense/scripts/qfeeds/lib/log.py
+6-21 files

FreeNAS/freenas cf4cf19src/middlewared/middlewared/alembic/versions/26.0 2026-03-27_16-24_container_name.py, src/middlewared/middlewared/migration 0019_container_name.py

Improve container name validation
DeltaFile
+58-0src/middlewared/middlewared/alembic/versions/26.0/2026-03-27_16-24_container_name.py
+45-0src/middlewared/middlewared/migration/0019_container_name.py
+12-2src/middlewared/middlewared/plugins/container/container.py
+1-1tests/api2/test_container.py
+116-34 files

OpenBSD/ports d50EXYkwww/webkitgtk4/patches patch-Source_WebCore_page_UserMessageHandler_cpp patch-Source_WebCore_page_UserMessageHandler_h

   Unbreak build.
   Not sure how I was able to build this in the first place...
VersionDeltaFile
1.1+43-0www/webkitgtk4/patches/patch-Source_WebCore_page_UserMessageHandler_cpp
1.1+17-0www/webkitgtk4/patches/patch-Source_WebCore_page_UserMessageHandler_h
+60-02 files

NetBSD/src mZME8pMsys/kern kern_lock.c

   Fix another tyop ... in the same comment line
VersionDeltaFile
1.195+3-3sys/kern/kern_lock.c
+3-31 files

OpenBSD/ports Vpc1Orbgraphics/py-matplotlib Makefile

   py-matplotlib: disable link-time optimization for ports-gcc, ok daniel

   The combination of a modern compiler with antique binutils isn't expected
   in the ecosystem. On sparc64, LTO is enabled because the ports-gcc supports
   it which then emits "e" sections which are to be excluded from executables
   and shared objects by the link editor, such as

   .section        .gnu.lto_.profile.5712db33fb59d8ee,"e",@progbits

   As reported by kmos, Fred Flintstone's gas trips over these with

   Fatal error: unrecognized .section attribute: want a,w,x,M,S,G,T
VersionDeltaFile
1.110+6-0graphics/py-matplotlib/Makefile
+6-01 files

FreeBSD/ports 2b44550mail/sendmail-devel Makefile, mail/sendmail-devel/files patch-blacklist_client.h patch-blocklist.c

mail/sendmail-devel: Use blocklist

renamed option BLACKLISTD to BLOCKLISTD
PR: 294095
DeltaFile
+0-60mail/sendmail-devel/files/patch-blacklist_client.h
+60-0mail/sendmail-devel/files/patch-blocklist.c
+60-0mail/sendmail-devel/files/patch-blocklist_client.h
+0-60mail/sendmail-devel/files/patch-blacklist.c
+25-6mail/sendmail-devel/Makefile
+13-13mail/sendmail-devel/files/patch-srvrsmtp.c
+158-1399 files not shown
+191-15915 files

FreeBSD/ports ff6c9f9x11-toolkits/gtk30 distinfo Makefile

x11-toolkits/gtk30: update to 3.24.52

PR:             294005
DeltaFile
+3-3x11-toolkits/gtk30/distinfo
+2-2x11-toolkits/gtk30/Makefile
+5-52 files

OPNSense/core 7397ce0src/opnsense/mvc/app/controllers/OPNsense/Base ApiMutableModelControllerBase.php

mvc: a bit of spring cleaning for setActionHook(), result is never used and throwing a UserException is preferred in cases where can't pin a message to a field. closes https://github.com/opnsense/core/pull/10046
DeltaFile
+9-13src/opnsense/mvc/app/controllers/OPNsense/Base/ApiMutableModelControllerBase.php
+9-131 files