BSD Commit Log Search

Merge remote-tracking branch 'origin/hardened/current/master' into hardened/current/cross-dso-cfi

Merge branch 'freebsd/current/main' into hardened/current/master

Merge branch 'freebsd/main' into hardenedbsd/main

security/vuxml: Document multiple vulnerabilities in traefik

devel/py-types-jsonschema: update to 4.26.0.20260325

Following upstream changes, switch to PEP517 build with the default
setuptools.  Apply even more workarounds for the elderl version of
setuptools in ports.

Changes:        https://github.com/typeshed-internal/stub_uploader/blob/main/data/changelogs/jsonschema.md
Reported by:    replogy

irc/weechat: Update to 4.9.0

security/vuxml: Document Roundcube vulnerability

science/tblite: update 0.5.0 → 0.5.0.10

science/{,py-}dftd4: update 3.7.0 → 4.1.0

devel/amber: update 0.6.0 → 0.6.1

devel/cocogitto: update 6.5.0 → 7.0.0

science/multicharge: update 0.4.0 → 0.5.0

databases/powa-web: Update to 5.1.4

Release notes:  https://github.com/powa-team/powa-web/releases/tag/5.1.4

amd64 sendsig(): explicitly copy registers from trapframe to ucontext

With the IDT event delivery, previously reserved fields in tf_cs and
tf_ss are guaranteed to be zero. With FRED, these fields are not zero,
which affects the values copied to userspace.

Reviewed by:    markj
Sponsored by:   The FreeBSD Foundation
MFC after:      1 week
Differential revision:  https://reviews.freebsd.org/D56141

www/gitlab: security and patch update to 18.10.1

Changes:        https://about.gitlab.com/releases/2026/03/25/patch-release-gitlab-18-10-1-released/
Security:       b933083e-2b2e-11f1-b60a-2cf05da270f3

net/traefik: Update to upstream release 3.6.12

Details:
- Bugfix release, see
  https://github.com/traefik/traefik/releases/tag/v3.6.12
- Includes security fixes:
  - BasicAuth/DigestAuth Identity Spoofing via Non-Canonical headerField
  - Update dependency for a previously vulnerable gRPC-go implementation

MFH:            2026Q1
Security:       CVE-2026-33433
                CVE-2026-33186

mail/sendmail-devel: Use blocklist

renamed option BLACKLISTD to BLOCKLISTD
PR: 294095

x11-toolkits/gtk30: update to 3.24.52

PR:             294005

mail/sendmail: Use blocklist

renamed option BLACKLISTD to BLOCKLISTD
PR: 294094

x11-wm/mango: Update to 0.12.8

- Fix project name in pkg-descr and pkg-message  after it was renamed
  upstream ( https://cgit.freebsd.org/ports/commit/?id=f74d5e15 ).

ChangeLog:      https://github.com/mangowm/mango/releases/tag/0.12.8
Reported by:    DreamMaoMao <notifications at github.com>

audio/py-pyradio: Update to 0.9.3.11.29

ChangeLog:      https://github.com/coderholic/pyradio/releases/tag/0.9.3.11.29
Reported by:    Spiros Georgaras <notifications at github.com>

Merge remote-tracking branch 'origin/hardened/current/master' into hardened/current/cross-dso-cfi

Merge branch 'freebsd/current/main' into hardened/current/master

Merge branch 'freebsd/main' into hardenedbsd/main

security/vuxml: document gitlab vulnerabilities

science/{,py-}phonopy: update 3.0.1 → 3.4.0

textproc/cpp-peglib: update 1.10.1 → 1.10.2

www/cpp-httplib: update 0.37.2 → 0.40.0

textproc/jsongrep: update 0.7.0 → 0.8.0

deskutils/skim: update 4.0.0 → 4.0.1