HardenedBSD/ports 23a1f31deskutils/growl-for-linux Makefile

by Shawn Webb on ⎇
HBSD: Resolve merge conflict

Signed-off-by:  Shawn Webb <shawn.webb at hardenedbsd.org>
DeltaFile
+1-3deskutils/growl-for-linux/Makefile
+1-31 files

HardenedBSD/ports ed93bacmisc/mcp-inspector pkg-plist, misc/mcp-inspector/files package-lock.json

by Shawn Webb on ⎇
Merge remote-tracking branch 'internal/freebsd/main' into hardenedbsd/main

Conflicts:
        deskutils/growl-for-linux/Makefile (unresolved)
DeltaFile
+12,910-0misc/mcp-inspector/pkg-plist
+3,618-0misc/mcp-inspector/files/package-lock.json
+856-840sysutils/awslim/files/go.sum
+464-420sysutils/awslim/files/modules.txt
+428-420sysutils/awslim/files/go.mod
+3-701science/votca/pkg-plist
+18,279-2,381160 files not shown
+19,527-2,924166 files

HardenedBSD/src 39c2e99share/man/man9 hashalloc.9, sys/kern subr_hash.c

by HardenedBSD Sync Services on ⎇
Merge remote-tracking branch 'origin/hardened/current/master' into hardened/current/cross-dso-cfi
DeltaFile
+350-54sys/kern/subr_hash.c
+314-0share/man/man9/hashalloc.9
+54-92sys/netpfil/pf/pf.c
+30-22sys/netinet/in_pcb.c
+26-15sys/netinet/ip_input.c
+37-0sys/sys/hash.h
+811-18311 files not shown
+887-23217 files

HardenedBSD/src 6ee0e50share/man/man9 hashalloc.9, sys/kern subr_hash.c

by HardenedBSD Sync Services on ⎇
Merge branch 'freebsd/current/main' into hardened/current/master
DeltaFile
+350-54sys/kern/subr_hash.c
+314-0share/man/man9/hashalloc.9
+54-92sys/netpfil/pf/pf.c
+30-22sys/netinet/in_pcb.c
+26-15sys/netinet/ip_input.c
+37-0sys/sys/hash.h
+811-18311 files not shown
+887-23217 files

HardenedBSD/ports 2eb75c6security/vuxml/vuln 2026.xml

by Matthias Andree (mandree) via Daniel Engberg (diizzy) on ⎇
security/vuxml: Update entry for Python CVE-2026-4519

Fixed in 3.14.4

PR:             294324
Security:       9fdad262-2e0f-11f1-88c7-00a098b42aeb
                / CVE-2026-4519
DeltaFile
+1-1security/vuxml/vuln/2026.xml
+1-11 files

HardenedBSD/ports 955268blang/python314 pkg-plist Makefile, lang/python314/files patch-gh-146211-reject-CR_LF-in-HTTP-tunnel-request-headers patch-gh-146333-Fix-quadratic-regex-backtracking-in-configparser

by Matthias Andree (mandree) via Daniel Engberg (diizzy) on ⎇
lang/python314: Security update to 3.14.4

Add a -flto=full option, which can speed up the port build
in terms of wallclock time at the expense of overall more
CPU time.

Issue a warning that test_ssl will fail from pre-test
if DEBUG is enabled.

Changelog:      https://docs.python.org/release/3.14.4/whatsnew/changelog.html

PR:             294324

Which contains these security fixes:

pyexpat.c: Unbounded C recursion in conv_content_model causes crash
Security:       https://github.com/python/cpython/issues/145986
                / CVE-2026-4224


    [32 lines not shown]
DeltaFile
+108-0lang/python314/files/patch-gh-146211-reject-CR_LF-in-HTTP-tunnel-request-headers
+83-0lang/python314/files/patch-gh-146333-Fix-quadratic-regex-backtracking-in-configparser
+17-5lang/python314/pkg-plist
+12-6lang/python314/Makefile
+3-3lang/python314/distinfo
+1-1lang/python314/Makefile.version
+224-156 files

HardenedBSD/src cd5ff4esys/net pfvar.h, sys/netpfil/pf pf.c

by Gleb Smirnoff (glebius) on ⎇
pf: use hashalloc(9) for key, id, src-node and udp-endpoint hashes

Reviewed by:            kp
Differential Revision:  https://reviews.freebsd.org/D56113
DeltaFile
+54-92sys/netpfil/pf/pf.c
+1-2sys/net/pfvar.h
+55-942 files

HardenedBSD/src 87ef306sys/netinet tcp_lro.c

by Gleb Smirnoff (glebius) on ⎇
tcp lro: use hashalloc(9)

Reviewed by:            tuexen, rrs
Differential Revision:  https://reviews.freebsd.org/D56177
DeltaFile
+20-6sys/netinet/tcp_lro.c
+20-61 files

HardenedBSD/src 9992eb4sys/net if_gif.c if_gif.h, sys/netinet in_gif.c

by Gleb Smirnoff (glebius) on ⎇
gif: use hashalloc(9)

Functional change is that on destruction INVARIANTS checks will run.  Also
the mask is no longer hardcoded, so makes it easier to make hash size a
tunable.

Reviewed by:            ae
Differential Revision:  https://reviews.freebsd.org/D56176
DeltaFile
+21-6sys/netinet/in_gif.c
+21-6sys/netinet6/in6_gif.c
+0-21sys/net/if_gif.c
+0-4sys/net/if_gif.h
+42-374 files

HardenedBSD/src adba114sys/netinet ip_input.c

by Gleb Smirnoff (glebius) on ⎇
netinet: use hashalloc(9) for IP address hash

While here, slightly restyle ip_vnet_init() and use sparse initializer for
pfil_head_args.  There is no functional change wrt to pfil(9) hook
registration.

Differential Revision:  https://reviews.freebsd.org/D56175
DeltaFile
+26-15sys/netinet/ip_input.c
+26-151 files

HardenedBSD/src 8e1513dsys/netinet in_pcb.c in_pcb.h, sys/netinet6 in6_pcb.c

by Gleb Smirnoff (glebius) on ⎇
inpcb: use hashalloc(9)

While here remove ipi_lbgrouphashmask, as it is always has the same value
as ipi_porthashmask.

Differential Revision:  https://reviews.freebsd.org/D56174
DeltaFile
+30-22sys/netinet/in_pcb.c
+1-2sys/netinet/in_pcb.h
+1-1sys/netinet6/in6_pcb.c
+32-253 files

HardenedBSD/src abf68d1share/man/man9 hashalloc.9 hashinit.9, sys/kern subr_hash.c

by Gleb Smirnoff (glebius) on ⎇
hash(9): introduce hashalloc()/hashfree() KPI

This is a more extendable version than traditional hashinit(9).  It allows
different kinds of slot headers with optional locks.

Implement traditional hashinit()/hashdestroy() on top of it.

Reviewed by:            pouria, gallatin
Differential Revision:  https://reviews.freebsd.org/D55904
DeltaFile
+350-54sys/kern/subr_hash.c
+314-0share/man/man9/hashalloc.9
+37-0sys/sys/hash.h
+8-1share/man/man9/hashinit.9
+2-0share/man/man9/Makefile
+711-555 files

HardenedBSD/ports e800745devel/git-flow-next distinfo Makefile

by Miroslav Lachman via Juraj Lutter (otis) on ⎇
devel/git-flow-next: Update to 1.1.0

- Added:
    - Push-option support for publish command (--push-option / -o)
    - Support for configurable hooks directory via gitflow.path.hooks
      and core.hooksPath

- Fixed
    - Validate remote exists before any state-changing delete operations
    - Validate remote before remote operations (publish, track, finish
      sync)
    - Check if remote exists before attempting to delete remote branch
    - Skip fetch when no remote is configured
    - Use empty commit instead of README.md when initializing empty
      repositories
    - Default to empty version tag prefix during init
    - Thread config correctly into tag creation step during finish

PR:             294446
DeltaFile
+5-5devel/git-flow-next/distinfo
+1-2devel/git-flow-next/Makefile
+6-72 files

HardenedBSD/ports 102d61egames/prismlauncher distinfo Makefile

by Alexander Vereeken via Yusuf Yaman (nxjoseph) on ⎇
games/prismlauncher: Update to 11.0.1

Changelogs:
* https://prismlauncher.org/news/release-11
* https://prismlauncher.org/news/release-11.0.1

Port changes:
* Track changes to USES Java, prioritizing default Java and
  setting LWJGL version strictly to the latest game release only.
* Add new build dependency graphics/vulkan-headers.

PR:             293576
Reported by:    Alexander Vereeken <Alexander88207 at protonmail.com> (maintainer)
Approved by:    vvd (co-mentor)
DeltaFile
+3-7games/prismlauncher/distinfo
+2-6games/prismlauncher/Makefile
+4-0games/prismlauncher/pkg-message
+1-1games/prismlauncher/pkg-plist
+10-144 files

HardenedBSD/ports 2f009a8sysutils/containers-common distinfo Makefile

by Sergey A. Osokin (osa) on ⎇
sysutils/containers-common: update skopeo to 1.22.1

Bump PORTREVISION.

PR:             294444
Approved by:    dfr (maintainer)

Sponsored by:   tipi.work
DeltaFile
+3-3sysutils/containers-common/distinfo
+2-2sysutils/containers-common/Makefile
+5-52 files

HardenedBSD/ports 304feb3sysutils/skopeo distinfo Makefile

by Sergey A. Osokin (osa) on ⎇
sysutils/skopeo: update: 1.22.0 -> 1.22.1

PR:             294444
Approved by:    dfr (maintainer)

Sponsored by:   tipi.work
DeltaFile
+3-3sysutils/skopeo/distinfo
+1-2sysutils/skopeo/Makefile
+4-52 files

HardenedBSD/ports 4c42001graphics/vulkan-caps-viewer Makefile, graphics/vulkan-headers Makefile

by Atanu Biswas via Yusuf Yaman (nxjoseph) on ⎇
graphics/vulkan-{headers,loader}: Drop maintainership

PR:             294344
Reported by:    Atanu Biswas <atanubiswas484 at gmail.com> (maintainer)
Approved by:    osa (mentor)
DeltaFile
+1-1graphics/vulkan-headers/Makefile
+1-1graphics/vulkan-loader/Makefile
+1-1graphics/vulkan-utility-libraries/Makefile
+1-1graphics/vulkan-validation-layers/Makefile
+1-1graphics/vulkan-tools/Makefile
+1-1graphics/vulkan-caps-viewer/Makefile
+6-61 files not shown
+7-77 files

HardenedBSD/ports 778bf1awww/py-webob Makefile distinfo, www/py-webob/files patch-docs_conf.py pyproject.toml.in

by Xin LI (delphij) on ⎇
www/py-webob: upgrade to 1.8.9 and use PEP517.

PR:             ports/293851
Approved by:    maintainer (nivit@)
DeltaFile
+20-7www/py-webob/Makefile
+14-2www/py-webob/files/patch-docs_conf.py
+7-0www/py-webob/files/pyproject.toml.in
+3-3www/py-webob/distinfo
+44-124 files

HardenedBSD/ports 03b0241multimedia/plexmediaserver-plexpass distinfo Makefile

by Ben Shertenlieb via Vladimir Druzenko (vvd) on ⎇
multimedia/plexmediaserver-plexpass: Update 1.43.0.10389 => 1.43.1.10611

Changelog:
https://forums.plex.tv/t/plex-media-server/30447/703

PR:             294419
Sponsored by:   UNIS Labs
DeltaFile
+3-3multimedia/plexmediaserver-plexpass/distinfo
+2-2multimedia/plexmediaserver-plexpass/Makefile
+5-52 files

HardenedBSD/ports 1b02c41multimedia/plexmediaserver distinfo Makefile

by Ben Shertenlieb via Vladimir Druzenko (vvd) on ⎇
multimedia/plexmediaserver: Update 1.43.0.10492 => 1.43.1.10611

Changelog:
https://forums.plex.tv/t/plex-media-server/30447/705

PR:             294418
Sponsored by:   UNIS Labs
DeltaFile
+3-3multimedia/plexmediaserver/distinfo
+2-2multimedia/plexmediaserver/Makefile
+5-52 files

HardenedBSD/ports a1cbb77sysutils/awslim distinfo Makefile, sysutils/awslim/files go.sum modules.txt

by Norikatsu Shigemura (nork) on ⎇
sysutils/awslim: Update to 0.6.13

ChangeLog:      https://github.com/fujiwara/awslim/releases/tag/v0.6.13
Approved by:    hrs (mentor, blanket)
DeltaFile
+856-840sysutils/awslim/files/go.sum
+464-420sysutils/awslim/files/modules.txt
+428-420sysutils/awslim/files/go.mod
+42-0sysutils/awslim/files/patch-all-services.yaml
+5-5sysutils/awslim/distinfo
+4-4sysutils/awslim/Makefile
+1,799-1,6896 files

HardenedBSD/ports 7834604net/asterisk22 distinfo Makefile, net/asterisk22/files patch-build__tools_make__xml__documentation

by Oleksandr Kryvulia via Vladimir Druzenko (vvd) on ⎇
net/asterisk22: Update 22.8.2 → 22.9.0

Changelog:
https://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-22.9.0.html

PR:             294412
Sponsored by:   FLEX-IT LLC
Sponsored by:   UNIS Labs
DeltaFile
+39-5net/asterisk22/files/patch-build__tools_make__xml__documentation
+5-5net/asterisk22/distinfo
+2-3net/asterisk22/Makefile
+1-0net/asterisk22/pkg-plist
+47-134 files

HardenedBSD/ports a02bd2enet/asterisk20 distinfo Makefile, net/asterisk20/files patch-build__tools_make__xml__documentation

by Oleksandr Kryvulia via Vladimir Druzenko (vvd) on ⎇
net/asterisk20: Update 20.18.2 → 20.19.0

Changelog:
https://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-20.19.0.html

PR:             294411
Sponsored by:   FLEX-IT LLC
Sponsored by:   UNIS Labs
DeltaFile
+39-5net/asterisk20/files/patch-build__tools_make__xml__documentation
+5-5net/asterisk20/distinfo
+2-3net/asterisk20/Makefile
+1-0net/asterisk20/pkg-plist
+47-134 files

HardenedBSD/src e9a6994usr.sbin/daemon daemon.c

by Andre Albsmeier via Michael Osipov (michaelo) on ⎇
daemon(8): Add "--output-file -o" to list of options enabling supervision mode

This is the small internal doc fix from https://reviews.freebsd.org/D46313

Reviewed by:    michaelo
Approved by:    (blanket; comment fix)
MFC after:      3 days
Differential Revision:  https://reviews.freebsd.org/D55325
DeltaFile
+1-0usr.sbin/daemon/daemon.c
+1-01 files

HardenedBSD/ports e21586enet/rustconn distinfo Makefile.crates

by Nicola Vitale (nivit) on ⎇
net/rustconn: Update to 0.10.16

ChangeLog:

  - https://github.com/totoshko88/RustConn/releases/tag/v0.10.14
  - https://github.com/totoshko88/RustConn/releases/tag/v0.10.15
  - https://github.com/totoshko88/RustConn/releases/tag/v0.10.16

Reported by:    "github-actions[bot]" <notifications at github.com>
DeltaFile
+33-33net/rustconn/distinfo
+15-15net/rustconn/Makefile.crates
+1-1net/rustconn/Makefile
+49-493 files

HardenedBSD/ports 85f60ealang/quickjs-ng distinfo Makefile

by Sergey A. Osokin (osa) on ⎇
lang/quickjs-ng: update: 0.13.0 -> 0.14.0

ChangeLog:      https://github.com/quickjs-ng/quickjs/compare/v0.13.0...v0.14.0

Sponsored by:   tipi.work
DeltaFile
+3-3lang/quickjs-ng/distinfo
+1-1lang/quickjs-ng/Makefile
+4-42 files

HardenedBSD/ports 9d67155sysutils/buildah distinfo Makefile

by Sergey A. Osokin (osa) on ⎇
sysutils/buildah: update: 1.43.0 -> 1.43.1

PR:             294362
Approved by:    dfr (maintainer)

Sponsored by:   tipi.work
DeltaFile
+3-3sysutils/buildah/distinfo
+1-2sysutils/buildah/Makefile
+4-52 files

HardenedBSD/ports c4a6caagraphics/gphoto2 distinfo Makefile, graphics/gphoto2/files patch-configure patch-gphoto2_main.c

by Alexey Dokuchaev (danfe) on ⎇
graphics/gphoto2: update the port to version 2.5.32

Reported by:    portscout
DeltaFile
+0-17graphics/gphoto2/files/patch-configure
+4-4graphics/gphoto2/files/patch-gphoto2_main.c
+3-3graphics/gphoto2/distinfo
+1-1graphics/gphoto2/Makefile
+8-254 files

HardenedBSD/ports aae42b2math/octave-forge-fxp distinfo Makefile, math/octave-forge-fxp/files patch-DESCRIPTION

by Stephen Montgomery-Smith (stephen) on ⎇
math/octave-forge-fxp: Update to 3.0.1.
DeltaFile
+0-9math/octave-forge-fxp/files/patch-DESCRIPTION
+3-3math/octave-forge-fxp/distinfo
+1-1math/octave-forge-fxp/Makefile
+4-133 files

HardenedBSD/ports 5884507devel/websvn distinfo Makefile

by Michael Osipov (michaelo) on ⎇
devel/websvn: Update to 2.8.7

MFH:            2026Q2
Changelog:      https://github.com/websvnphp/websvn/releases/tag/2.8.7
DeltaFile
+3-3devel/websvn/distinfo
+1-1devel/websvn/Makefile
+4-42 files