2,031,863 commits found in 15 milliseconds
Merge remote-tracking branch 'origin/hardened/current/master' into hardened/current/cross-dso-cfi
Merge branch 'freebsd/current/main' into hardened/current/master
Merge branch 'freebsd/main' into hardenedbsd/main
security/vuxml: Document multiple vulnerabilities in traefik
HardenedBSD /ports 24ec212 — devel/py-types-jsonschema Makefile distinfo, devel/py-types-jsonschema/files patch-pyproject.toml devel/py-types-jsonschema: update to 4.26.0.20260325
Following upstream changes, switch to PEP517 build with the default
setuptools. Apply even more workarounds for the elderl version of
setuptools in ports.
Changes: https://github.com/typeshed-internal/stub_uploader/blob/main/data/changelogs/jsonschema.md
Reported by: replogy
HardenedBSD /ports 310ddc0 — irc/weechat distinfo Makefile, irc/weechat/files patch-CMakeLists.txt patch-src_core_CMakeLists.txt irc/weechat: Update to 4.9.0
security/vuxml: Document Roundcube vulnerability
science/tblite: update 0.5.0 → 0.5.0.10
science/{,py-}dftd4: update 3.7.0 → 4.1.0
devel/amber: update 0.6.0 → 0.6.1
devel/cocogitto: update 6.5.0 → 7.0.0
science/multicharge: update 0.4.0 → 0.5.0
databases/powa-web: Update to 5.1.4
Release notes: https://github.com/powa-team/powa-web/releases/tag/5.1.4
amd64 sendsig(): explicitly copy registers from trapframe to ucontext
With the IDT event delivery, previously reserved fields in tf_cs and
tf_ss are guaranteed to be zero. With FRED, these fields are not zero,
which affects the values copied to userspace.
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D56141
www/gitlab: security and patch update to 18.10.1
Changes: https://about.gitlab.com/releases/2026/03/25/patch-release-gitlab-18-10-1-released/
Security: b933083e -2b2e-11f1-b60a-2cf05da270f3
net/traefik: Update to upstream release 3.6.12
Details:
- Bugfix release, see
https://github.com/traefik/traefik/releases/tag/v3.6.12
- Includes security fixes:
- BasicAuth/DigestAuth Identity Spoofing via Non-Canonical headerField
- Update dependency for a previously vulnerable gRPC-go implementation
MFH: 2026Q1
Security: CVE-2026-33433
CVE-2026-33186
HardenedBSD /ports 2b44550 — mail/sendmail-devel Makefile, mail/sendmail-devel/files patch-blacklist_client.h patch-blocklist.c mail/sendmail-devel: Use blocklist
renamed option BLACKLISTD to BLOCKLISTD
PR: 294095
x11-toolkits/gtk30: update to 3.24.52
PR: 294005
mail/sendmail: Use blocklist
renamed option BLACKLISTD to BLOCKLISTD
PR: 294094
x11-wm/mango: Update to 0.12.8
- Fix project name in pkg-descr and pkg-message after it was renamed
upstream ( https://cgit.freebsd.org/ports/commit/?id=f74d5e15 ).
ChangeLog: https://github.com/mangowm/mango/releases/tag/0.12.8
Reported by: DreamMaoMao <notifications at github.com>
audio/py-pyradio: Update to 0.9.3.11.29
ChangeLog: https://github.com/coderholic/pyradio/releases/tag/0.9.3.11.29
Reported by: Spiros Georgaras <notifications at github.com>
Merge remote-tracking branch 'origin/hardened/current/master' into hardened/current/cross-dso-cfi
Merge branch 'freebsd/current/main' into hardened/current/master
Merge branch 'freebsd/main' into hardenedbsd/main
security/vuxml: document gitlab vulnerabilities
science/{,py-}phonopy: update 3.0.1 → 3.4.0
textproc/cpp-peglib: update 1.10.1 → 1.10.2
www/cpp-httplib: update 0.37.2 → 0.40.0
textproc/jsongrep: update 0.7.0 → 0.8.0
deskutils/skim: update 4.0.0 → 4.0.1