BSD Commit Log Search

Merge remote-tracking branch 'origin/hardened/current/master' into hardened/current/cross-dso-cfi

Merge branch 'freebsd/current/main' into hardened/current/master

Merge branch 'freebsd/main' into hardenedbsd/main

net/traefik: Update to upstream release 3.4.4

Details:
- Bugfixes, see
  https://github.com/traefik/traefik/releases/tag/v3.4.4

MFH:            2025Q3

science/packmol: Update to 21.0.4

ChangeLog: https://github.com/m3g/packmol/releases/tag/v21.0.4

devel/libev: Unbreak current after inotify add

After inotify was added to main, if condition bellow leads to build error
related to missing (linux) statfs.h header.

Fix it by adjusting correct headers:

 #if EV_USE_INOTIFY
-# include <sys/statfs.h>
+# include <sys/mount.h>
 # include <sys/inotify.h>

While here, refresh patches.

Approved by:    portmgr (blanket, build fix)
Sugested by:    markj
See also;       https://lists.freebsd.org/archives/dev-commits-src-all/2025-July/057269.html

tracing.7: Pet linters

Event:          Berlin 2025 Hackathon

security/vuxml: extend libxml2/libxslt vuln to linux-* ports

dtrace.1: Reference dwatch(1) and tracing(7)

Reviewed by:    bcr
Event:          Berlin 2025 Hackathon

textproc/libxml2, textproc/libxslt: vulnerable

Note that libxslt is vulnerable, unfixed, and without maintainer.
Two of four vulnerabilities have been fixed.

Note that libxml2 in our ports is vulnerable and there is no upstream
release fixing these bugs, they need cherry-picks.

Deprecate textproc/xmlto and textproc/minixmlto,
which both depend on the unmaintained and vulnerable libxslt.
I have filed https://pagure.io/xmlto/issue/15 to ask the xmlto
upstream to switch to different XML/XSLT libraries.

Two issues are undisclosed and do not seem to have a CVE assigned yet.

Security:       CVE-2025-6021
Security:       CVE-2025-6170
Security:       CVE-2025-7424
Security:       CVE-2025-7425

    [16 lines not shown]

net/usockets: Enable riscv64 build

Differential Revision:  https://reviews.freebsd.org/D51271

devel/ispc: update 1.26.0 → 1.27.0

Merge branch 'freebsd/main' into hardenedbsd/main

net-p2p/jackett: update to 0.22.2140

While here, add USES=ssl.

PR:             288130
Reported by:    Ralf van der Enden <tremere at cainites.net> (maintainer)

multimedia/video-trimmer: update to 25.03

While here:
- Added 'gnome' to DIST_SUBDIR and to second CATEGORIES.
- Updated COMMENT to hopefully a better COMMENT.
- Added 'pango' to USE_GNOME.

Changelog: https://gitlab.gnome.org/YaLTeR/video-trimmer/-/releases/v25.03

PR:             287923
Reported by:    Yusuf Yaman <nxjoseph at protonmail.com> (maintainer)

mail/mailutils: update the port to version 3.19

Requested by:   maintainer

x11-wm/labwc: update to 0.9.0

Changes:        https://github.com/labwc/labwc/releases/tag/0.9.0
Reported by:    GitHub (watch releases)

www/nginx-devel: third-party modules management

o) ngx_devel_kit: update to 0.3.4
o) headers_more: update to 0.39
o) spnego-http-auth (aka auth_krb5): update to 1.1.3

Bump PORTREVISION.

emulators/{ppsspp,libretro-ppsspp,ppsspp-qt5}: fix build on arm64

Arm64 requires bundled libpng17 module. Removing it from EXCLUDE
unbreaks build on arm64 platform.

PR:             287572
Reported by:    Kevin Reinholz <kreinholz at gmail.com> (maintainer)
MFH:            2025Q3

math/octave-forge-octave_php_wrapper: Add forgotten patch.

- Add the patch file that was forgotten in the prior commit.

math/octave-forge-octave_php_wrapper: Fix DESCRIPTION.

- DESCRIPTION had incorrect version.
- Bump portrevision.

kern: add kern_nosys() and use it instead of type-punning the sys_nosys() arg

(cherry picked from commit 26061e4e542d220c577fb3437a9a9f108dc27698)

sys/sysent.h: use two nibbles for flags, and remove unused SY_THR_FLAGMASK

(cherry picked from commit baa15beed7f1f51c213ae434d3655c6664da8786)

aio: if there is at least one aio thread, hide an error from aio_init_aioinfo()

(cherry picked from commit 0c38e3dbbf6eaa2755d34189149c9140cacd4bb1)

amd64 pmap: do not panic on inability to insert ptp into trie

(cherry picked from commit 476d2d8f290f60cbbe6b546272a3485ef0316356)

aio: handle errors from fork

(cherry picked from commit 4685fa8e4bef169e6a1ceaf07f149232326de805)

aio: make aio_init_aioinfo() and aio_aqueue() static

(cherry picked from commit c44439942cdb56cad8c7630444ff84447ca3866a)

amd64 pmap: update comment in pmap_demote_DMAP() explaining the len<NBPDP check

(cherry picked from commit ee502c8531833d7a0d4bc4c72cc05227f4a3715a)

dev/mem: use sx instead of rw lock

(cherry picked from commit ca554a7dea3f90f39fc2b7d25813d0be944e12e2)

www/angie-module-set-misc: Update ngx_devel_kit 0.3.3 => 0.3.4

The www/angie-module-set-misc uses ngx_devel_kit in GH_TUPLE.

Changelog for ngx_devel_kit:
https://github.com/vision5/ngx_devel_kit/releases/tag/v0.3.4

PR:             288100
Approved by:    Oleg A. Mamontov <oleg at mamontov.net> (maintainer, implicit - inactive for more than 9 months)