mail/spamassassin*: Ensure process name is renamed even in debug mode
Some customers run spamassassin in debug mode. This breaks rc's ability
to manage the process because the process name is unexpectedly "perl".
When in debug mode, also set the process name to spamd.
Reported by: Dan Mahoney <danm at prime.gushi.org>
Upstream bug: https://bz.apache.org/SpamAssassin/show_bug.cgi?id=8384
security/vuxml: add FreeBSD SAs issued on 2026-04-21
FreeBSD-SA-26:10.vm affects all supported releases
FreeBSD-SA-26:11.amd64 affects all supported releases
security/strongswan: Enable ML plugin by default to allow Post-Quantum Key Exchange Methods
Currently ML-DSA (used for Digital Signatures) is a draft in strongswan
(ETA Version 6.1.0 or later). So CNSA 2.0 cannot be fully supported yet.
https://linux-ipsec.org/slides/2025/steffen-pqc-auth-for-ikev2.pdf
But most firewalls (Palo Alto / Fortigate) already support ML-KEM Key
Exchange in addition to standard proposals.
E.g. aes128gcm16-ecp256-ke1_mlkem512.
More details:
https://docs.strongswan.org/docs/latest/config/proposals.html
PR: 294305
Approved by: strongswan at Nanoteq.com (maintainer, timeout 2 weeks)
Sponsored by: UNIS Labs
audio/libopenshot-audio: fix build on armv7
The usual interference of the poorly named mb() macro from
<machine/atomic.h> with other symbols.
Approved by: portmgr (build fix blanket)
MFH: 2026Q2
(cherry picked from commit cd6af040992a77756b14d8c038b213bc1f425398)
audio/libopenshot-audio: fix build on armv7
The usual interference of the poorly named mb() macro from
<machine/atomic.h> with other symbols.
Approved by: portmgr (build fix blanket)
MFH: 2026Q2
emulators/ripes: unbundle devel/cereal to fix the armv7 build
The bundled version of cereal is outdated and produces this build error:
In file included from /wrkdirs/usr/ports/emulators/ripes/work/Ripes-2.2.6/external/VSRTL/graphics/vsrtl_componentgraphic.cpp:14:
In file included from /wrkdirs/usr/ports/emulators/ripes/work/Ripes-2.2.6/external/VSRTL/external/cereal/include/cereal/archives/json.hpp:56:
/wrkdirs/usr/ports/emulators/ripes/work/Ripes-2.2.6/external/VSRTL/external/cereal/include/cereal/external/rapidjson/document.h:319:82: error: cannot assign to non-static data member 'length' with const-qualified type 'const SizeType' (aka 'const unsigned int')
319 | GenericStringRef& operator=(const GenericStringRef& rhs) { s = rhs.s; length = rhs.length; }
| ~~~~~~ ^
/wrkdirs/usr/ports/emulators/ripes/work/Ripes-2.2.6/external/VSRTL/external/cereal/include/cereal/external/rapidjson/document.h:325:20: note: non-static data member 'length' declared const here
325 | const SizeType length; //!< length of the string (excluding the trailing NULL terminator)
| ~~~~~~~~~~~~~~~^~~~~~
1 error generated.
Unbundle devel/cereal to get an up to date version which does not
exhibit this issue and to follow our policy on unbundling.
Approved by: portmgr (build fix blanket)
MFH: 2026Q2
[2 lines not shown]
biology/htslib: fix build on armv7 (again)
The patches provided by me in 2023 to fix the build on armv7 were
upstreamed shortly after. In a subsequent update to the port, it
appears that the maintainer had then reversed these patches (?!),
effectively undoing my now upstreamed bug fix.
Remove the bogus patches to fix the build.
Fixes: aafe5d31c5f3afdaad0f6345bee06e7a3e2c5ced
See also: https://github.com/samtools/htscodecs/issues/81
Approved by: portmgr (build fix blanket)
MFH: 2026Q2
(cherry picked from commit 89c7d793da2638cfdc15252825a5548c3eb2f147)
