FreeBSD/ports 443ea17. MOVED

MOVED: Correct textproc/en-core-web-sm line

Reported by:    antoine at freebsd.org
DeltaFile
+1-1MOVED
+1-11 files

FreeBSD/ports 0c4a771misc/claude-code distinfo Makefile, misc/claude-code/files package-lock.json

misc/claude-code: update 2.1.81 → 2.1.84
DeltaFile
+34-4misc/claude-code/files/package-lock.json
+3-3misc/claude-code/distinfo
+1-1misc/claude-code/Makefile
+38-83 files

FreeBSD/ports 7ab4325mail/addresses-goodies Makefile distinfo

mail/addresses-goodies: Update to 0.5.0

Take maintainership.
Update WWW.
Add LICENSE_FILE.
Remove WRKSRC= and add ALL_TARGET, INSTALL_TARGET.
Switch from post-patch:REINPLACE_CMD to MAKE_ENV+=.
Add STRIP_CMD.

News: https://savannah.nongnu.org/news/?id=10726

PR:             291159
Approved by:    fluffy (mentor)
DeltaFile
+14-20mail/addresses-goodies/Makefile
+3-2mail/addresses-goodies/distinfo
+0-2mail/addresses-goodies/pkg-descr
+17-243 files

FreeBSD/ports 40c3465mail/addresses pkg-plist Makefile

mail/addresses: Update to 0.5.0

Take maintainershp.
Add LICENSE_FILE.
Add STRIP_CMD.
Update pkg-descr.

News: https://savannah.nongnu.org/news/?id=10726

PR:             291121
Approved by:    fluffy (mentor)
DeltaFile
+60-63mail/addresses/pkg-plist
+10-5mail/addresses/Makefile
+5-2mail/addresses/pkg-descr
+3-2mail/addresses/distinfo
+78-724 files

FreeBSD/ports 7e522b0devel/hs-hoogle distinfo Makefile.cabal

devel/hs-hoogle: Update 5.0.18.4 => 5.0.19.0

Approved by:            haskell@ (alven@)
Approved by:            db@, yuri@ (Mentors, implicit)
DeltaFile
+205-165devel/hs-hoogle/distinfo
+173-0devel/hs-hoogle/Makefile.cabal
+1-156devel/hs-hoogle/Makefile
+379-3213 files

FreeBSD/ports 89a8dc5net/seda Makefile

net/seda: does not compile with jdk25 and deprecate

Error with jdk25:
[javac] /wrkdirs/usr/ports/net/seda/work/seda-release-20020712/seda/src/seda/sandStorm/internal/ATTIC/AggTPSThreadManager.java:124: error: cannot find symbol
[javac]     tg.stop();
[javac]       ^
[javac]   symbol:   method stop()
[javac]   location: variable tg of type ThreadGroup

Note that the original author of the SEDA framework already
doubted some parts of it in a blog from 2010.
https://matt-welsh.blogspot.com/2010/07/retrospective-on-seda.html

PR:     293559
Approved-by:    no maintainer
DeltaFile
+5-1net/seda/Makefile
+5-11 files

FreeBSD/ports 275936csysutils/go-ntfy distinfo Makefile

sysutils/go-ntfy: Update to 2.20.0

ChangeLog: https://github.com/binwiederhier/ntfy/releases/tag/v2.20.0
DeltaFile
+7-7sysutils/go-ntfy/distinfo
+2-2sysutils/go-ntfy/Makefile
+9-92 files

FreeBSD/ports d91b427www/pocket-id distinfo Makefile

www/pocket-id: Update to 2.5.0

ChangeLog: https://github.com/pocket-id/pocket-id/releases/tag/v2.5.0
DeltaFile
+7-7www/pocket-id/distinfo
+1-1www/pocket-id/Makefile
+8-82 files

FreeBSD/ports 430be21sysutils/nginx-ui distinfo Makefile

sysutils/nginx-ui: Update to 2.3.5

ChangeLog: https://github.com/0xJacky/nginx-ui/releases/tag/v2.3.5
DeltaFile
+7-7sysutils/nginx-ui/distinfo
+2-3sysutils/nginx-ui/Makefile
+9-102 files

FreeBSD/ports eebfb96www/oauth2-proxy distinfo Makefile

www/oauth2-proxy: Update to 7.15.1

ChangeLog: https://github.com/oauth2-proxy/oauth2-proxy/releases/tag/v7.15.1
DeltaFile
+5-5www/oauth2-proxy/distinfo
+1-2www/oauth2-proxy/Makefile
+6-72 files

FreeBSD/ports 96587b4devel/hs-hpack distinfo Makefile.cabal

devel/hs-hpack: Update 0.39.1 => 0.39.3

Approved by:            haskell@ (alven@)
Approved by:            db@, yuri@ (Mentors, implicit)
DeltaFile
+133-125devel/hs-hpack/distinfo
+109-0devel/hs-hpack/Makefile.cabal
+1-107devel/hs-hpack/Makefile
+243-2323 files

FreeBSD/ports 2ea67f5devel/hs-hspec-discover distinfo Makefile

devel/hs-hspec-discover: Update 2.11.16 => 2.11.17

Approved by:            haskell@ (alven@)
Approved by:            db@, yuri@ (Mentors, implicit)
DeltaFile
+3-3devel/hs-hspec-discover/distinfo
+1-1devel/hs-hspec-discover/Makefile
+4-42 files

FreeBSD/ports ab1ac51sysutils/terraform distinfo Makefile

sysutils/terraform: Update to 1.14.7

Bump Go version to 1.25.8 to suppress security scanner false positives.
DeltaFile
+27-27sysutils/terraform/distinfo
+1-2sysutils/terraform/Makefile
+28-292 files

FreeBSD/ports f657cf7www/nginx-acme distinfo Makefile, www/nginx-devel distinfo Makefile

www/nginx-devel: Update to 1.29.7

Changes with nginx 1.29.7                                        24 Mar
2026

    *) Security: a buffer overflow might occur while handling a COPY or
MOVE
       request in a location with "alias", allowing an attacker to
modify
       the source or destination path outside of the document root
       (CVE-2026-27654).
       Thanks to Calif.io in collaboration with Claude and Anthropic
       Research.

    *) Security: processing of a specially crafted mp4 file by the
       ngx_http_mp4_module on 32-bit platforms might cause a worker
process
       crash, or might have potential other impact (CVE-2026-27784).
       Thanks to Prabhav Srinath (sprabhav7).

    [80 lines not shown]
DeltaFile
+3-3www/nginx-acme/distinfo
+3-3www/nginx-devel/distinfo
+1-1www/nginx-acme/Makefile
+1-1www/nginx-devel/Makefile
+1-1www/nginx-devel/version.mk
+9-95 files

FreeBSD/ports 0eba64bmisc/github-copilot-cli Makefile pkg-plist.binary, misc/github-copilot-cli/files launcher.c

misc/github-copilot-cli: Add script and binary flavors

script flavor (default): existing behavior with all npm dependencies
binary flavor (-bin): C launcher binary with all JS and Node.js
embedded in the binary, requires only node at runtime
(no Node.js, no npm packages, no native modules)

Node.js SEA (Single Executable Application) cannot be used because
postject_find_resource() has no FreeBSD code path. The binary flavor
instead uses a C launcher that embeds all copilot JS files as a gzip-
compressed tar archive, extracts to ~/.cache/github-copilot-cli/v<ver>/
on first run, and executes them with the system node.
DeltaFile
+187-0misc/github-copilot-cli/files/launcher.c
+117-38misc/github-copilot-cli/Makefile
+1-0misc/github-copilot-cli/pkg-plist.binary
+305-383 files

FreeBSD/ports 0e67d46math/py-libpoly distinfo Makefile

math/py-libpoly: Fix fetch: Release was re-rolled
DeltaFile
+2-4math/py-libpoly/distinfo
+1-0math/py-libpoly/Makefile
+3-42 files

FreeBSD/ports 95dcb5amisc/pytorch Makefile

misc/pytorch: Broken on aarch64

Reported by:    fallout
DeltaFile
+1-0misc/pytorch/Makefile
+1-01 files

FreeBSD/ports 2ce2108security/modsecurity3-nginx distinfo Makefile, www/nginx distinfo Makefile

www/nginx: Update to 1.28.3

Changes with nginx 1.28.3                                        24 Mar
2026

    *) Security: a buffer overflow might occur while handling a COPY or
MOVE
       request in a location with "alias", allowing an attacker to
modify
       the source or destination path outside of the document root
       (CVE-2026-27654).
       Thanks to Calif.io in collaboration with Claude and Anthropic
       Research.

    *) Security: processing of a specially crafted mp4 file by the
       ngx_http_mp4_module on 32-bit platforms might cause a worker
process
       crash, or might have potential other impact (CVE-2026-27784).
       Thanks to Prabhav Srinath (sprabhav7).

    [40 lines not shown]
DeltaFile
+3-3security/modsecurity3-nginx/distinfo
+3-3www/nginx/distinfo
+3-3www/nginx-acme/distinfo
+2-2security/modsecurity3-nginx/Makefile
+1-1www/nginx/Makefile
+1-1www/nginx-acme/Makefile
+13-132 files not shown
+15-158 files

FreeBSD/ports 6481257emulators/fuse Makefile distinfo

emulators/fuse: update to 1.7.0

Drop SVGALIB support, it has been removed upstream.
DeltaFile
+4-8emulators/fuse/Makefile
+3-3emulators/fuse/distinfo
+2-3emulators/fuse/pkg-plist
+9-143 files

FreeBSD/ports d3f147femulators/fuse-utils distinfo pkg-plist

emulators/fuse-utils: update to 1.4.4
DeltaFile
+3-3emulators/fuse-utils/distinfo
+3-3emulators/fuse-utils/pkg-plist
+1-2emulators/fuse-utils/Makefile
+7-83 files

FreeBSD/ports f9d9699emulators/libspectrum pkg-plist distinfo

emulators/libspectrum: update to 1.6.0
DeltaFile
+3-3emulators/libspectrum/pkg-plist
+3-3emulators/libspectrum/distinfo
+1-2emulators/libspectrum/Makefile
+7-83 files

FreeBSD/ports cf8f1actextproc/diff-so-fancy Makefile pkg-plist

textproc/diff-so-fancy: Update 1.4.4 => 1.4.6, take maintainership

* Add DOCS option
* Add support for testing
* Simplify do-install targets
* Pet portclippy(1) and portfmt(1)

Approved by:            db@, yuri@ (Mentors, implicit)
DeltaFile
+21-10textproc/diff-so-fancy/Makefile
+5-3textproc/diff-so-fancy/pkg-plist
+3-3textproc/diff-so-fancy/distinfo
+29-163 files

FreeBSD/ports 577ac74ftp/curl Makefile

ftp/curl: Fix build on FreeBSD 13

- Update OPTIONS_DEFAULT:
  - Change from OPENSSL to OPENSSL
  - Remove LIBSSH2 and TLS_SRP (depends on OPENSSL)

ftp/curl uses OpenSSL by default. However, curl 8.18.0 drops OpenSSL 1.x support
which is used in FreeBSD 13 base system. Therefore, we change the defaults to
wolfSSL instead. This commit can be reverted after FreeBSD 13 EoL (expected Apr
30, 2026).
DeltaFile
+6-1ftp/curl/Makefile
+6-11 files

FreeBSD/ports b889b19ftp/curl Makefile pkg-plist

ftp/curl: Update to 8.19.0

- Remove CURL_DEBUG option

Changes:        https://curl.se/changes.html
Security:       CVE-2025-13034, CVE-2025-14017, CVE-2025-14524, CVE-2025-14819, CVE-2025-15079, CVE-2025-15224, CVE-2026-1965, CVE-2026-3783, CVE-2026-3784, CVE-2026-3805
DeltaFile
+8-5ftp/curl/Makefile
+7-6ftp/curl/pkg-plist
+5-3ftp/curl/distinfo
+20-143 files

FreeBSD/ports f9ce1e4ftp/curl pkg-plist Makefile, ftp/curl/files patch-configure patch-tests_CMakeLists.txt

ftp/curl: Revert daabb39144929a8e8498b5f33c157e5173857fee
DeltaFile
+530-535ftp/curl/pkg-plist
+106-180ftp/curl/Makefile
+154-0ftp/curl/files/patch-configure
+0-11ftp/curl/files/patch-tests_CMakeLists.txt
+3-5ftp/curl/distinfo
+793-7315 files

FreeBSD/ports 62f0a08security/vuxml/vuln 2026.xml

security/vuxml: Add Mozilla vulnerabilities
DeltaFile
+191-24security/vuxml/vuln/2026.xml
+191-241 files

FreeBSD/ports 122cc80devel/py-absl Makefile

devel/py-absl: expire this year, next week
DeltaFile
+1-1devel/py-absl/Makefile
+1-11 files

FreeBSD/ports daabb39ftp/curl pkg-plist Makefile, ftp/curl/files patch-configure patch-tests_CMakeLists.txt

ftp/curl: update 8.17.0 -> 8.19.0, fix some security bugs

- build moved from GNU autoconf to CMake
- No MFH as it is a big change/update and new quarterly is coming soon

PR:             293734
Changes:        https://curl.se/changes.html
Security:       CVE-2026-3805
                CVE-2026-3784
                CVE-2026-3783
                CVE-2026-1965
                CVE-2025-15224
                CVE-2025-15079
                CVE-2025-14819
                CVE-2025-14524
                CVE-2025-14017
                CVE-2025-13034
                See https://curl.se/docs/security.html for details
Tested by:      ulassayginim at gmail.com, george at m5p.com,

    [4 lines not shown]
DeltaFile
+535-530ftp/curl/pkg-plist
+180-106ftp/curl/Makefile
+0-154ftp/curl/files/patch-configure
+11-0ftp/curl/files/patch-tests_CMakeLists.txt
+5-3ftp/curl/distinfo
+731-7935 files

FreeBSD/ports 20d7900mail/thunderbird distinfo Makefile

mail/thunderbird: update to 149.0.1

Release Notes:
  https://www.thunderbird.net/en-US/thunderbird/149.0.1/releasenotes/

(cherry picked from commit f8074a69c5765c4811cb45aabf05b47a9d075e36)
DeltaFile
+3-3mail/thunderbird/distinfo
+1-1mail/thunderbird/Makefile
+4-42 files

FreeBSD/ports f8074a6mail/thunderbird distinfo Makefile

mail/thunderbird: update to 149.0.1

Release Notes:
  https://www.thunderbird.net/en-US/thunderbird/149.0.1/releasenotes/
DeltaFile
+3-3mail/thunderbird/distinfo
+1-2mail/thunderbird/Makefile
+4-52 files