HardenedBSD/ports 894ef81devel/R-cran-bindrcpp distinfo, net-mgmt/telegraf distinfo

Merge branch 'freebsd/main' into hardenedbsd/main
DeltaFile
+30-0security/vuxml/vuln/2026.xml
+10-9security/boringssl/files/patch-CMakeLists.txt
+5-5textproc/moor/distinfo
+5-5net/seaweedfs/distinfo
+5-5net-mgmt/telegraf/distinfo
+3-3devel/R-cran-bindrcpp/distinfo
+58-2742 files not shown
+141-11048 files

HardenedBSD/ports 0423340lang/mawk distinfo Makefile

lang/mawk: Update to 1.3.4.20260129
DeltaFile
+3-3lang/mawk/distinfo
+1-1lang/mawk/Makefile
+4-42 files

HardenedBSD/ports 0b122ffdevel/py-rich-toolkit distinfo Makefile

devel/py-rich-toolkit: Update to 0.19.3
DeltaFile
+3-3devel/py-rich-toolkit/distinfo
+1-1devel/py-rich-toolkit/Makefile
+4-42 files

HardenedBSD/ports 0f8a308devel/R-cran-bindrcpp distinfo Makefile

devel/R-cran-bindrcpp: Update to 0.2.4
DeltaFile
+3-3devel/R-cran-bindrcpp/distinfo
+1-1devel/R-cran-bindrcpp/Makefile
+4-42 files

HardenedBSD/ports 6361720games/tuxpaint distinfo Makefile

games/tuxpaint: Update to 0.9.35
DeltaFile
+3-3games/tuxpaint/distinfo
+1-2games/tuxpaint/Makefile
+2-0games/tuxpaint/pkg-plist
+6-53 files

HardenedBSD/ports a0ab6b2devel/liblouis distinfo pkg-plist

devel/liblouis: Update to 3.36.0
DeltaFile
+3-3devel/liblouis/distinfo
+4-1devel/liblouis/pkg-plist
+1-1devel/liblouis/Makefile
+8-53 files

HardenedBSD/ports 83e04absecurity/py-scramp distinfo Makefile

security/py-scramp: Update to 1.4.8
DeltaFile
+3-3security/py-scramp/distinfo
+1-1security/py-scramp/Makefile
+4-42 files

HardenedBSD/src 394201clib/libarchive/tests functional_test.sh, usr.bin/bsdcat/tests functional_test.sh

tests: Simplify libarchive tests

The ATF tests work by first running the test program with an invalid
flag, which causes it to print an error message, a summary of options,
and a list of available test cases.  Switch to the new -l option which
simply prints the list, and simplify the awk script used to parse the
output.  No functional change.

MFC after:      1 week
DeltaFile
+2-2usr.bin/tar/tests/functional_test.sh
+1-1usr.bin/unzip/tests/functional_test.sh
+1-1usr.bin/cpio/tests/functional_test.sh
+1-1lib/libarchive/tests/functional_test.sh
+1-1usr.bin/bsdcat/tests/functional_test.sh
+6-65 files

HardenedBSD/src 1e2eea5sys/dev/nvme nvme_private.h nvme_sysctl.c

nvme: Change fail_on_reset to bool

This is safe since sysctl_handle_bool() handles ints transparently.

Sponsored by:   Klara, Inc.
Sponsored by:   NetApp, Inc.
Reviewed by:    imp
Differential Revision:  https://reviews.freebsd.org/D55263
DeltaFile
+1-1sys/dev/nvme/nvme_private.h
+1-1sys/dev/nvme/nvme_sysctl.c
+2-22 files

HardenedBSD/ports a640210net/seaweedfs distinfo Makefile

net/seaweedfs: Update 4.04 => 4.12

Changelogs:
https://github.com/seaweedfs/seaweedfs/releases/tag/4.05
https://github.com/seaweedfs/seaweedfs/releases/tag/4.06
https://github.com/seaweedfs/seaweedfs/releases/tag/4.07
https://github.com/seaweedfs/seaweedfs/releases/tag/4.08
https://github.com/seaweedfs/seaweedfs/releases/tag/4.09
https://github.com/seaweedfs/seaweedfs/releases/tag/4.12

PR:     292951
MFH:    2026Q1
DeltaFile
+5-5net/seaweedfs/distinfo
+2-3net/seaweedfs/Makefile
+7-82 files

HardenedBSD/ports ec37531www/freenginx-acme distinfo Makefile

www/freenginx-acme: bump PORTREVISION with new freenginx-devel release
DeltaFile
+3-3www/freenginx-acme/distinfo
+1-1www/freenginx-acme/Makefile
+4-42 files

HardenedBSD/ports a813459www/freenginx-devel distinfo version.mk

www/freenginx-devel: update to 1.29.5

<ChangeLog>

*) Feature: optimized SSL_sendfile() usage on FreeBSD.
   Thanks to Gleb Smirnoff.

*) Bugfix: upstream servers were not marked as failed after a response
   with status code 500, 502, 503, 504, or 429 if the code was listed in
   the "proxy_next_upstream" directive, but switching to the next server
   was not possible.

*) Bugfix: the "stale-if-error" cache control extension was not applied
   if a backend returned a response with status code 500, 502, 503, 504,
   or 429 and the code was listed in the "proxy_next_upstream"
   directive.

*) Bugfix: in handling of premature backend responses.


    [3 lines not shown]
DeltaFile
+3-3www/freenginx-devel/distinfo
+1-1www/freenginx-devel/version.mk
+0-1www/freenginx-devel/Makefile
+4-53 files

HardenedBSD/ports 66cf5b7security/boringssl Makefile distinfo, security/boringssl/files patch-CMakeLists.txt

security/boringssl: update to the recent snapshot release
DeltaFile
+10-9security/boringssl/files/patch-CMakeLists.txt
+2-4security/boringssl/Makefile
+3-3security/boringssl/distinfo
+15-163 files

HardenedBSD/ports 8813eectextproc/moor distinfo Makefile

textproc/moor: Update 2.10.3 => 2.10.4

Changelog:
https://github.com/walles/moor/releases/tag/v2.10.4

PR:     293144
DeltaFile
+5-5textproc/moor/distinfo
+1-2textproc/moor/Makefile
+6-72 files

HardenedBSD/ports b74a1b8www/googler Makefile

www/googler: Deprecate and set to expire on 2026-04-13

- Upstream repository was archived on 2022-03-05; as alternative you can
  install www/ddgr.

PR:             292163
DeltaFile
+3-0www/googler/Makefile
+3-01 files

HardenedBSD/ports 1868b37comms/ebusd distinfo Makefile

comms/ebusd: update to 26.1
DeltaFile
+3-3comms/ebusd/distinfo
+1-1comms/ebusd/Makefile
+4-42 files

HardenedBSD/ports 7ff6e08comms/py-meshcore distinfo Makefile

comms/py-meshcore: update to 2.2.9
DeltaFile
+3-3comms/py-meshcore/distinfo
+1-1comms/py-meshcore/Makefile
+4-42 files

HardenedBSD/ports c3ca688x11-wm/mangowc distinfo Makefile

x11-wm/mangowc: Update to 0.12.2

ChangeLog:      https://github.com/DreamMaoMao/mangowc/releases/tag/0.12.2
Reported by:    DreamMaoMao <notifications at github.com>
DeltaFile
+3-3x11-wm/mangowc/distinfo
+1-1x11-wm/mangowc/Makefile
+4-42 files

HardenedBSD/ports a716321net/socat distinfo Makefile

net/socat: Update to 1.8.1.1

Changelog:      http://www.dest-unreach.org/socat/CHANGES
DeltaFile
+3-3net/socat/distinfo
+1-1net/socat/Makefile
+4-42 files

HardenedBSD/ports d6d47cenet-mgmt/telegraf distinfo Makefile

net-mgmt/telegraf: Update to 1.37.2

Release notes:  https://github.com/influxdata/telegraf/releases/tag/v1.37.2
DeltaFile
+5-5net-mgmt/telegraf/distinfo
+1-2net-mgmt/telegraf/Makefile
+6-72 files

HardenedBSD/src 8d442cfusr.bin/diff3 diff3.c

diff3: fix diff3 -A

for cases where file2 differs but file1 and file3 agrees, the code
stored the file2 and file3 line numbers in the de[] editing script
entries but used them as if they were file1 line numbers.

Reviewed by:            thj
Differential Revision:  https://reviews.freebsd.org/D55276
DeltaFile
+24-7usr.bin/diff3/diff3.c
+24-71 files

HardenedBSD/ports 6aa4736graphics/R-cran-ggplot2 distinfo Makefile

graphics/R-cran-ggplot2: Update to 4.0.2
DeltaFile
+3-3graphics/R-cran-ggplot2/distinfo
+1-1graphics/R-cran-ggplot2/Makefile
+4-42 files

HardenedBSD/ports 3120d78ftp/py-parfive distinfo Makefile

ftp/py-parfive: Update to 2.3.1
DeltaFile
+3-3ftp/py-parfive/distinfo
+1-1ftp/py-parfive/Makefile
+4-42 files

HardenedBSD/ports 9d79310finance/R-cran-tseries distinfo Makefile

finance/R-cran-tseries: Update to 0.10.59
DeltaFile
+3-3finance/R-cran-tseries/distinfo
+1-1finance/R-cran-tseries/Makefile
+4-42 files

HardenedBSD/ports 5cd584edevel/py-traits distinfo Makefile

devel/py-traits: Update to 7.1.0
DeltaFile
+3-3devel/py-traits/distinfo
+1-2devel/py-traits/Makefile
+4-52 files

HardenedBSD/ports a5cc652security/vuxml/vuln 2026.xml

security/vuxml: document expat vulnerabilities

 * CVE-2026-24515
 * CVE-2026-25210

PR:             293078
DeltaFile
+30-0security/vuxml/vuln/2026.xml
+30-01 files

HardenedBSD/ports 0341277sysutils/vm-bhyve-zcomp distinfo Makefile

sysutils/vm-bhyve-zcomp: Update to 20260213.1
DeltaFile
+3-3sysutils/vm-bhyve-zcomp/distinfo
+1-1sysutils/vm-bhyve-zcomp/Makefile
+4-42 files

HardenedBSD/src cb81a9csys/x86/include x86_var.h, sys/x86/x86 cpu_machdep.c

x86: provide extended description for x86_msr_op(9)

Reviewed by:    markj, olce
Sponsored by:   The FreeBSD Foundation
MFC after:      1 week
Differential revision: https://reviews.freebsd.org/D55045
DeltaFile
+43-0sys/x86/x86/cpu_machdep.c
+2-4sys/x86/include/x86_var.h
+45-42 files

HardenedBSD/src 36ceb55sys/x86/x86 cpu_machdep.c

x86_msr_op(9): consistently return the value read from MSR

If the operation is executed on more than one CPU, a random instance of
the read value is returned.

Reviewed by:    markj, olce
Sponsored by:   The FreeBSD Foundation
MFC after:      1 week
Differential revision:  https://reviews.freebsd.org/D55045
DeltaFile
+15-4sys/x86/x86/cpu_machdep.c
+15-41 files

HardenedBSD/src af99e40sys/x86/include x86_var.h, sys/x86/x86 cpu_machdep.c

x86: add a safe variant of MSR_OP_SCHED* operations for x86_msr_op(9)

The modifier executes the operation using msr{read,write}_safe()
functions instead of plain msr reads and writes.  Returns EFAULT if any
MSR access caused #GP.

Reviewed by:    markj, olce
Sponsored by:   The FreeBSD Foundation
MFC after:      1 week
Differential revision:  https://reviews.freebsd.org/D55045
DeltaFile
+68-7sys/x86/x86/cpu_machdep.c
+2-1sys/x86/include/x86_var.h
+70-82 files