net/tigervnc-server: Explicitly disable Wayland (w0vncserver)
The default is AUTO, which attempts to build with Wayland if it is
installed in the build environment. This may result in
non-reproducible builds depending on the build environment.
In addition, w0vncserver currently fails to build. This is on my TODO
list but disabled for the time being.
While here, explicitly enable pwquality and declare a dependency on
security/libpwquality.
PR: 292938
Reported by: Paul Boehmer
security/vuxml: update lang/python311 entry
Upstream are still reviewing and reworking the following:
- lang/python312: CVE-2024-6923
- lang/python310: gh-143935
Updated version ranges to be provided after those commits land there.
While here, remove nonexistent and EOL lang/python39
lang/python314: SECURITY update to v3.14.3
ChangeLog: https://docs.python.org/release/3.14.3/whatsnew/changelog.html
MFH: 2026Q1 (immediately)
Security fixes:
* gh-144125: BytesGenerator will now refuse to serialize (write) headers
that are unsafely folded or delimited; see verify_generated_headers.
(Contributed by Bas Bloemsaat and Petr Viktorin in gh-121650).
* gh-143935: Fixed a bug in the folding of comments when flattening an
email message using a modern email policy. Comments consisting of a
very long sequence of non-foldable characters could trigger a forced
line wrap that omitted the required leading space on the continuation
line, causing the remainder of the comment to be interpreted as a new
header field. This enabled header injection with carefully crafted
inputs.
[12 lines not shown]
lang/python314: SECURITY update to v3.14.3
ChangeLog: https://docs.python.org/release/3.14.3/whatsnew/changelog.html
MFH: 2026Q1 (immediately)
Security fixes:
* gh-144125: BytesGenerator will now refuse to serialize (write) headers
that are unsafely folded or delimited; see verify_generated_headers.
(Contributed by Bas Bloemsaat and Petr Viktorin in gh-121650).
* gh-143935: Fixed a bug in the folding of comments when flattening an
email message using a modern email policy. Comments consisting of a
very long sequence of non-foldable characters could trigger a forced
line wrap that omitted the required leading space on the continuation
line, causing the remainder of the comment to be interpreted as a new
header field. This enabled header injection with carefully crafted
inputs.
[11 lines not shown]
net/tcpkali: forbid port
A possible backdoor issue was discovered.
Forbid this port until this can be investigated in detail.
Reported by: danilo
MFH: 2026Q1
(cherry picked from commit 4aa7c5150bbaf755db66981cbb1cc3135597f091)
net/tcpkali: forbid port
A possible backdoor issue was discovered.
Forbid this port until this can be investigated in detail.
Reported by: danilo
MFH: 2026Q1
devel/hs-ghcup: New Port: Main installer Haskell
GHCup is the primary installer and version manager for the Haskell
toolchain. It provides a unified interface to install and switch
between different versions of GHC, Cabal, Stack, and the
Haskell Language Server.
WWW: https://www.haskell.org/ghcup/
PR: 292940
Approved by: eduardo (mentor)