2,029,905 commits found in 133 milliseconds
Merge remote-tracking branch 'origin/hardened/current/master' into hardened/current/cross-dso-cfi
Merge branch 'freebsd/current/main' into hardened/current/master
Merge branch 'freebsd/main' into hardenedbsd/main
security/kanidm: Update to 1.9.2
ChangeLog: https://github.com/kanidm/kanidm/releases/tag/v1.9.2
Approved by: bofh@ (implicit)
ndp: fix late KASSERT in nd6_queue_timer
Reviewed by: glebius
Fixes: 7f3b46fe54f1 ("ndp: Add support for Gratuitous...")
Differential Revision: https://reviews.freebsd.org/D55844
security/openssl35: Security update for CVE-2026-2673
Security: ee1e6a24 -1eeb-11f1-81da-8447094a420f
devel/nextpnr-devel: Update to 2026-03-12
www/freenginx-acme: fix a group name used for freenginx
While I'm here, make portlint(1) happy.
PR: 293781
Sponsored by: tipi.work
sysutils/logstash8: Update 8.19.9 => 8.19.12
Release Notes:
https://www.elastic.co/guide/en/logstash/8.19/logstash-8-19-10.html
https://www.elastic.co/guide/en/logstash/8.19/logstash-8-19-11.html
https://www.elastic.co/guide/en/logstash/8.19/logstash-8-19-12.html
Improve port:
- Replace PORTVERSION with DISTVERSION.
- Add LOCAL/vvd/elastic to MASTER_SITES for those who can't download due
to the HTTP error "Forbidden 403".
- Sort USES.
- Adjust JAVA_VERSION to supported LTS 25, 21 and 17.
- Parametrize "logstash" with "${PORTNAME}".
- Adjust CONFLICTS.
- Fix warnings from portclippy.
- Add possibility to use custom user/group.
- Replace RM of bundled JDK and *.bat files with
EXTRACT_AFTER_ARGS=--exclude.
[5 lines not shown ] devel/nextpnr: Update to 0.10
Changelog: https://github.com/YosysHQ/nextpnr/releases/tag/nextpnr-0.10
While here, also enable the himbaechel architecture as well as adding
support for the GateMate micro-architecture via prjpeppercorn.
textproc/py-regex: Upgrade to 2026.2.28
PR: 293785
Approved by: fax at nohik.ee (maintainer)
Changelog: https://github.com/mrabarnett/mrab-regex/blob/2026.2.28/changelog.txt
textproc/elasticsearch7: Fix runtime with non-default USERS/GROUPS
Also:
- Respect ETCDIR substitution in rc.d script.
- Replace RM of bundled JDK, jna.jar and modules/x-pack/x-pack-ml files
with EXTRACT_AFTER_ARGS=--exclude.
- Replace ${JAVASHAREDIR} with ${LOCALBASE}/share/java -
JAVASHAREDIR=PREFIX/share/java, but devel/jna installed in LOCALBASE.
Approved by: blanket (fix runtime)
MFH: 2026Q1
sysutils/logstash7: Fix runtime with non-default USERS/GROUPS
Also:
- Respect LOGSTASH_HOME and ETCDIR substitutions in rc.d script.
- Replace RM of bundled JDK and *.bat files with
EXTRACT_AFTER_ARGS=--exclude.
Approved by: blanket (fix runtime)
MFH: 2026Q1
lang/crystal: update to 1.19.1
- https://github.com/crystal-lang/crystal/blob/release/1.19/CHANGELOG.md
Sponsored by: SkunkWerks, GmbH
net/lavinmq: update to 2.6.9
- drop `--error-on-warnings` until LavinMQ next release fully supports
Crystal 1.19.1 without 9 deprecation warnings
- https://github.com/cloudamqp/lavinmq/blob/v2.6.9/CHANGELOG.md
Sponsored by: SkunkWerks, GmbH
devel/shards: update to 0.20.0
- https://github.com/crystal-lang/shards/blob/v0.20.0/CHANGELOG.md
Sponsored by: SkunkWerks, GmbH
sysutils/podman: Allow setting ownership on auto-created socket
The podman_service daemon auto-creates a socket on startup, along with
parent directory, and is always run as root. It is often useful to have
another proxy like haproxy or nginx provide more sophisticed security,
and these daemons do not need root privileges.
Approved by: dfr
Reported by: pat at patmaddox.com
Tested by: arrowd
Differential Revision: https://reviews.freebsd.org/D55455
net/amqpcat: update to 1.1.0
- https://github.com/cloudamqp/amqpcat/releases/tag/v1.1.0
Sponsored by: SkunkWerks, GmbH
filesystems/versitygw: update to 1.3.1
- https://github.com/versity/versitygw/releases/tag/v1.3.1
- https://github.com/versity/versitygw/releases/tag/v1.3.0
devel/R-cran-cyclocomp: Update to 1.1.2
Changelog: https://cran.r-project.org/web/packages/cyclocomp/news/news.html
HBSD: Resolve merge conflict
Signed-off-by: Shawn Webb <shawn.webb at hardenedbsd.org>
Merge remote-tracking branch 'origin/freebsd/main' into hardenedbsd/main
Conflicts:
math/symengine/Makefile (unresolved)
security/vuxml: Document OpenSSL 3.5/3.6 vulnerability
graphics/py-colour: remove deprecated d2to1
d2to1 has been deprecated and archived for years, and its functionality
has been subsumed into plain setuptools.
While here, switch to USE_PYTHON=pep517
PR: 293782
Approved by: Martin Neubauer (maintainer)
readelf: Use the gABI name for a dynamic tag value.
graphics/R-cran-ggrepel: Update to 0.9.7
Add test dependencies.
Change WWW to canonical form.
Changelog: https://cran.r-project.org/web/packages/ggrepel/news/news.html
graphics/ogre3d: add textproc/pugixml as default dep (+)
If textproc/pugixml is insalled on a baremetal system, several files do not get installed.
Add the small texproc/pugixml as a hard dep.
PR: 293780
sysutils/parkverbot: update the port to version 1.6
GC no longer needed GNU_CONFIGURE_MANPREFIX, sort
PLIST_FILES, and install rc script.
PR: 278603
misc/hxtools: update the port to the latest version 20251011
- Increase bgfg contrast in light2.theme
- extract_dxhog: repair wrong seeking to archive entries
- Delete unmaintained xfs_irecover (alternative: xfs_undelete)
- Delete extract_f3pod (alternative: SLADE)
- Add make_qupak, git-logsortbychgsize, selective-preprocess
Reported by: portscout
lang/libhx: update the port to version 5.3
Reported by: portscout