HardenedBSD/src f8b8171sys/net bpf.c bpfdesc.h

Merge remote-tracking branch 'origin/hardened/current/master' into hardened/current/cross-dso-cfi
DeltaFile
+35-34sys/net/bpf.c
+7-7sys/net/bpfdesc.h
+42-412 files

HardenedBSD/src 73fa941sys/net bpf.c bpfdesc.h

Merge branch 'freebsd/current/main' into hardened/current/master
DeltaFile
+35-34sys/net/bpf.c
+7-7sys/net/bpfdesc.h
+42-412 files

HardenedBSD/ports c80130dcad/meshlab pkg-plist Makefile, java/eclipse distinfo

Merge branch 'freebsd/main' into hardenedbsd/main
DeltaFile
+0-187cad/meshlab/pkg-plist
+46-46www/ungoogled-chromium/files/patch-chrome_browser_about__flags.cc
+29-29java/eclipse/distinfo
+0-50cad/meshlab/Makefile
+13-13www/ungoogled-chromium/files/patch-chrome_browser_chrome__content__browser__client.cc
+7-7www/ungoogled-chromium/distinfo
+95-33228 files not shown
+136-46234 files

HardenedBSD/ports f0beb1emath/octave-forge-datatypes distinfo Makefile

math/octave-forge-datatypes: Update to 1.1.3.
DeltaFile
+3-3math/octave-forge-datatypes/distinfo
+1-1math/octave-forge-datatypes/Makefile
+4-42 files

HardenedBSD/src c42bce2sys/net bpf.c bpfdesc.h

bpf: convert several boolean natured fields of bpf_d to flags

This shrinks the structure a bit.  Should be no functional change.

Differential Revision:  https://reviews.freebsd.org/D53870
DeltaFile
+35-34sys/net/bpf.c
+7-7sys/net/bpfdesc.h
+42-412 files

HardenedBSD/ports 66d185ejava/dbvis distinfo Makefile

java/dbvis: Update 25.2.5 => 25.3

Release Notes:
https://www.dbvis.com/releasenotes/25.2/
https://www.dbvis.com/releasenotes/25.3/

MFH:    2025Q4
DeltaFile
+3-3java/dbvis/distinfo
+1-1java/dbvis/Makefile
+4-42 files

HardenedBSD/ports 65b0494sysutils/grub2-bhyve/files patch-grub-core_gnulib_argp-parse.c

Merge branch 'hardenedbsd/fix-grub2-bhyve' into 'hardenedbsd/main'

HBSD: Fix grub2-bhyve build error

See merge request hardenedbsd/ports!232
DeltaFile
+11-0sysutils/grub2-bhyve/files/patch-grub-core_gnulib_argp-parse.c
+11-01 files

HardenedBSD/ports d9a5b84www/ungoogled-chromium distinfo, www/ungoogled-chromium/files patch-chrome_browser_about__flags.cc patch-chrome_browser_chrome__content__browser__client.cc

www/ungoogled-chromium: update to 143.0.7499.109

Security:       https://vuxml.freebsd.org/freebsd/ff25a369-d730-11f0-a15a-a8a1599412c6.html
DeltaFile
+46-46www/ungoogled-chromium/files/patch-chrome_browser_about__flags.cc
+13-13www/ungoogled-chromium/files/patch-chrome_browser_chrome__content__browser__client.cc
+7-7www/ungoogled-chromium/distinfo
+0-10www/ungoogled-chromium/files/patch-components_contextual__tasks_internal_BUILD.gn
+3-3www/ungoogled-chromium/files/patch-chrome_browser_ui_views_frame_browser__view.cc
+3-3www/ungoogled-chromium/files/patch-chrome_common_chrome__features.cc
+72-823 files not shown
+78-899 files

HardenedBSD/ports 11044cadevel/R-cran-sparsevctrs distinfo Makefile

devel/R-cran-sparsevctrs: Update to 0.3.5

ChangeLog: https://cran.r-project.org/web/packages/sparsevctrs/news/news.html
DeltaFile
+3-3devel/R-cran-sparsevctrs/distinfo
+3-2devel/R-cran-sparsevctrs/Makefile
+6-52 files

HardenedBSD/ports cecdc9adevel/R-cran-future.apply distinfo Makefile

devel/R-cran-future.apply: Update to 1.20.1

ChangeLog: https://cran.r-project.org/web/packages/future.apply/news/news.html
DeltaFile
+3-3devel/R-cran-future.apply/distinfo
+1-1devel/R-cran-future.apply/Makefile
+4-42 files

HardenedBSD/ports 035395dcad/meshlab pkg-plist Makefile, cad/meshlab/files patch-src_meshlab_meshlab.pro patch-src_meshlabserver_meshlabserver.pro

cad/Makefile: remove broken port cad/meshlab
DeltaFile
+0-187cad/meshlab/pkg-plist
+0-50cad/meshlab/Makefile
+0-14cad/meshlab/files/patch-src_meshlab_meshlab.pro
+0-13cad/meshlab/files/patch-src_meshlabserver_meshlabserver.pro
+0-11cad/meshlab/files/patch-src_shared.pri
+0-11cad/meshlab/files/patch-src_general.pri
+0-2865 files not shown
+0-31511 files

HardenedBSD/ports 9214aeegraphics/py-pygeoapi distinfo Makefile

graphics/py-pygeoapi: Update to 0.22.0
DeltaFile
+3-3graphics/py-pygeoapi/distinfo
+1-1graphics/py-pygeoapi/Makefile
+4-42 files

HardenedBSD/ports c8a897dmath/py-kiwisolver Makefile distinfo

math/py-kiwisolver: Update to 1.4.9 and release maintainership

- remove useless compiler USES
DeltaFile
+3-3math/py-kiwisolver/Makefile
+3-3math/py-kiwisolver/distinfo
+6-62 files

HardenedBSD/ports b7477e4java/eclipse distinfo Makefile

java/eclipse: Update 4.37 => 4.38

News:
https://eclipse.dev/eclipse/markdown/?f=news/4.38/index.md

Release Notes:
https://eclipse.dev/eclipse/development/readme_eclipse_4.38.html

PR:     291606
DeltaFile
+29-29java/eclipse/distinfo
+1-2java/eclipse/Makefile
+30-312 files

HardenedBSD/src 267759f. RELNOTES, etc/mtree BSD.include.dist

Merge remote-tracking branch 'origin/hardened/current/master' into hardened/current/cross-dso-cfi
DeltaFile
+1,079-233share/misc/pci_vendors
+1-461RELNOTES
+0-42sys/netinet/tcp_timewait.c
+0-6sys/dev/xilinx/if_xae.c
+1-1etc/mtree/BSD.include.dist
+1,081-7435 files

HardenedBSD/src 915e089. RELNOTES, etc/mtree BSD.include.dist

Merge branch 'freebsd/current/main' into hardened/current/master
DeltaFile
+1,079-233share/misc/pci_vendors
+1-461RELNOTES
+0-42sys/netinet/tcp_timewait.c
+0-6sys/dev/xilinx/if_xae.c
+1-1etc/mtree/BSD.include.dist
+1,081-7435 files

HardenedBSD/src e7d294fsys/dev/vt vt_core.c

Merge branch 'freebsd/14-stable/main' into hardened/14-stable/master
DeltaFile
+3-3sys/dev/vt/vt_core.c
+3-31 files

HardenedBSD/ports 9426c70devel/kdesdk-thumbnailers pkg-plist, devel/kio-extras pkg-plist

Merge branch 'freebsd/main' into hardenedbsd/main
DeltaFile
+343-211sysutils/gstat-rs/distinfo
+170-104sysutils/gstat-rs/Makefile.crates
+4-90devel/kio-extras/pkg-plist
+74-0security/vuxml/vuln/2025.xml
+0-51devel/kdesdk-thumbnailers/pkg-plist
+47-0security/autofirma/Makefile
+638-456320 files not shown
+1,659-1,390326 files

HardenedBSD/ports 824fde6net-mgmt/net-snmp Makefile

net-mgmt/net-snmp: Respect LDFLAGS.

No functional change intended.

Sponsored by:   Dell
Reviewed by:    zi, vangyzen
Differential Revision: https://reviews.freebsd.org/D54183
DeltaFile
+3-2net-mgmt/net-snmp/Makefile
+3-21 files

HardenedBSD/ports 548c97asecurity/autofirma Makefile pkg-plist, security/autofirma/files afirma.desktop.in pkg-message.in

java/autofirma: [new port]. Digital signature application

Autofirma is a java application used to sign digital documents.
It is the official application of the Spanish Government and as such it is
required to perform many online tasks with the Administration.

Reviewed by:            michaelo@
Differential Revision:  https://reviews.freebsd.org/D53807
DeltaFile
+47-0security/autofirma/Makefile
+16-0security/autofirma/files/afirma.desktop.in
+9-0security/autofirma/files/pkg-message.in
+5-0security/autofirma/files/autofirma.in
+5-0security/autofirma/pkg-plist
+4-0security/autofirma/pkg-descr
+86-03 files not shown
+94-09 files

HardenedBSD/ports 0716e1cwww/gallery-dl distinfo Makefile

www/gallery-dl: update to 1.31.0

Changes:        https://github.com/mikf/gallery-dl/releases/tag/v1.31.0
Reported by:    GitHub (watch releases)
DeltaFile
+3-3www/gallery-dl/distinfo
+1-2www/gallery-dl/Makefile
+4-52 files

HardenedBSD/ports c9fcf86www/varnish-libvmod-digest distinfo Makefile

www/varnish-libvmod-digest: Update to 1.0.3

- Fix Base64 decoding vulnerability

Approved by:    implicit/security
Security:       64bec4c7-d785-11f0-a1c0-0050569f0b83
DeltaFile
+3-3www/varnish-libvmod-digest/distinfo
+2-3www/varnish-libvmod-digest/Makefile
+5-62 files

HardenedBSD/ports 229c32esecurity/vuxml/vuln 2025.xml

security/vuxml: Document vulnerability in www/varnish-libvmod-digest
DeltaFile
+32-0security/vuxml/vuln/2025.xml
+32-01 files

HardenedBSD/src e1c985csys/dev/vt vt_core.c

vt: Allow VT_SETMODE with frsig=0

Linux does not check that any of the signals in vt_mode VT_SETMODE ioctl
(relsig, acqsig, frsig) are valid, but FreeBSD required that all three
are valid.  frsig is unusued in both Linux and FreeBSD, and software
typically leaves it unset.  To improve portability, allow frsig to be
set to zero.

PR:             289812
Reported by:    Dušan Gvozdenović
Sponsored by:   The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D52835

(cherry picked from commit 5198c32210039d8dc92554647384eee75688848c)
(cherry picked from commit 224d65015465d085f2e07edccef1f23a8c217b88)
DeltaFile
+3-3sys/dev/vt/vt_core.c
+3-31 files

HardenedBSD/src a16fdef. RELNOTES

RELNOTES: Truncate for 16.0

Differential Revision:  https://reviews.freebsd.org/D54195
DeltaFile
+1-461RELNOTES
+1-4611 files

HardenedBSD/src 929338dsys/netinet tcp_timewait.c

tpc: retire net.inet.tcp.nolocaltimewait

See c3fc0db3bc50df18a724e6e6b12ea4e060fd9255 for details.
DeltaFile
+0-42sys/netinet/tcp_timewait.c
+0-421 files

HardenedBSD/ports 294e82esysutils/gstat-rs distinfo Makefile.crates

sysutils/gstat-rs: 0.1.7

The main change is to fix a math error in the kb/r and kb/w columns

https://github.com/asomers/gstat-rs/blob/master/gstat/CHANGELOG.md#017---2025-12-11

Sponsored by:   ConnectWise
DeltaFile
+343-211sysutils/gstat-rs/distinfo
+170-104sysutils/gstat-rs/Makefile.crates
+1-2sysutils/gstat-rs/Makefile
+514-3173 files

HardenedBSD/ports 2823eb8devel/jenkins-lts distinfo Makefile

devel/jenkins-lts: Update to 2.528.3

Fixes CVE-2025-67635, CVE-2025-67636, CVE-2025-67637, CVE-2025-67638,
CVE-2025-67639

PR:             291580
Security:       2956aba3-1fcb-4c39-9cea-d88a46a3bf93
MFH:            2025Q4
Sponsored by:   The FreeBSD Foundation
DeltaFile
+3-3devel/jenkins-lts/distinfo
+1-1devel/jenkins-lts/Makefile
+4-42 files

HardenedBSD/ports 09b4c73devel/jenkins distinfo Makefile

devel/jenkins: Update to 2.541

Fixes CVE-2025-67635, CVE-2025-67636, CVE-2025-67637, CVE-2025-67638,
CVE-2025-67639

PR:             291580
Security:       2956aba3-1fcb-4c39-9cea-d88a46a3bf93
MFH:            2025Q4
Sponsored by:   The FreeBSD Foundation
DeltaFile
+3-3devel/jenkins/distinfo
+1-1devel/jenkins/Makefile
+4-42 files

HardenedBSD/ports 381fdeasecurity/vuxml/vuln 2025.xml

security/vuxml: Document Jenkins Security Advisory 2025-12-10

PR:             291580
Sponsored by:   The FreeBSD Foundation
DeltaFile
+42-0security/vuxml/vuln/2025.xml
+42-01 files