HardenedBSD/src 3a5f9b9sys/x86/cpufreq hwpstate_amd.c

Merge remote-tracking branch 'origin/hardened/current/master' into hardened/current/cross-dso-cfi
DeltaFile
+7-1sys/x86/cpufreq/hwpstate_amd.c
+7-11 files

HardenedBSD/src 17d9ae7sys/x86/cpufreq hwpstate_amd.c

Merge branch 'freebsd/current/main' into hardened/current/master
DeltaFile
+7-1sys/x86/cpufreq/hwpstate_amd.c
+7-11 files

HardenedBSD/ports cbfab0emisc/gitlogue distinfo, net-im/flare distinfo

Merge branch 'freebsd/main' into hardenedbsd/main
DeltaFile
+543-365net/s3m/distinfo
+321-333net/krill/distinfo
+271-182net/s3m/Makefile.crates
+177-171net-im/flare/distinfo
+159-165net/krill/Makefile.crates
+187-73misc/gitlogue/distinfo
+1,658-1,28910 files not shown
+1,850-1,42416 files

HardenedBSD/ports 721bd75audio/cava distinfo Makefile

audio/cava: Update to 0.10.6

Changelog: https://github.com/karlstav/cava/releases/tag/0.10.6

PR:             292068
Reported by:    Raphael O. <raphael.ob at protonmail.com>
Approved by:    Adam Jimerson <vendion at gmail.com> (maintainer, timeout 3 weeks)
DeltaFile
+3-3audio/cava/distinfo
+1-1audio/cava/Makefile
+4-42 files

HardenedBSD/ports 9d69d38net/s3m distinfo Makefile.crates

net/s3m: Update to 0.14.5

Changelog: https://github.com/s3m/s3m/blob/0.14.5/CHANGELOG.md

PR:             292460
Reported by:    Nicolas Embriz <nbari at tequila.io> (maintainer)
DeltaFile
+543-365net/s3m/distinfo
+271-182net/s3m/Makefile.crates
+1-2net/s3m/Makefile
+815-5493 files

HardenedBSD/ports 3de96b4net-im/flare distinfo Makefile.crates

net-im/flare: Update 0.17.5 => 0.18.0

Changelog:
https://gitlab.com/schmiddi-on-mobile/flare/-/releases/0.18.0

PR:             292481
Reported by:    Yusuf Yaman <nxjoseph at protonmail.com> (maintainer)
DeltaFile
+177-171net-im/flare/distinfo
+87-84net-im/flare/Makefile.crates
+1-2net-im/flare/Makefile
+265-2573 files

HardenedBSD/src ad99329sys/x86/cpufreq hwpstate_amd.c

hwpstate: Add CPPC enable tunable

The Framework 13 runs very hot the maximum frequency is possible. By
disabling CPPC (reverting to Cool`n'Quiet 2.0) we can use powerd to
limit the CPU frequency to 2200, thereby reducing the CPU temperature.

Some systems may run slower with CPPC enabled. See PR/292615 for that
bug.

Those experiencing either of these issues may add the following to
their loader.conf or device.hints to disable CPPC:

machdep.hwpstate_amd_cppc_enable="0"

PR:                     292615
Reviewed by:            lwhsu, olce
Differential revision:  https://reviews.freebsd.org/D54803
DeltaFile
+7-1sys/x86/cpufreq/hwpstate_amd.c
+7-11 files

HardenedBSD/ports 84e27e0misc/gitlogue distinfo Makefile.crates

misc/gitlogue: Update to 0.7.0

Add noto-emoji font as runtime dependency.

Changelog: https://github.com/unhappychoice/gitlogue/releases/tag/v0.7.0

PR:             292506
Approved by:    submitter is maintainer
DeltaFile
+187-73misc/gitlogue/distinfo
+92-35misc/gitlogue/Makefile.crates
+2-2misc/gitlogue/Makefile
+281-1103 files

HardenedBSD/ports 2831cbdchinese/librime distinfo Makefile

chinese/librime: update to 1.16.1.

PR:             292637
DeltaFile
+3-3chinese/librime/distinfo
+1-1chinese/librime/Makefile
+4-42 files

HardenedBSD/ports 1482995net/krill distinfo Makefile.crates

net/krill: Update to 0.15.1

Version 0.15.1 'Contains Adult Language'

Bug fixes

* Fixed a bug introduced in 0.15.0 where CAs do to not clear fulfilled
  certification requests causing them to re-request a certificate every
  time they contact their parent. ([#1345])

Other changes

* Updated dependencies.

Release Announcement: https://nlnetlabs.nl/news/2026/Jan/19/krill-0.15.1-released/
Changelog: https://github.com/NLnetLabs/krill/releases/tag/v0.15.1

PR:             292605
Reported by:    Jaap Akkerhuis <jaap at NLnetLabs.nl> (maintainer)
DeltaFile
+321-333net/krill/distinfo
+159-165net/krill/Makefile.crates
+1-2net/krill/Makefile
+481-5003 files

HardenedBSD/src fafed4asys/contrib/dev/athk/ath10k testmode.c core.c, sys/contrib/dev/rtw88 bf.c

Merge remote-tracking branch 'origin/hardened/current/master' into hardened/current/cross-dso-cfi
DeltaFile
+234-41sys/contrib/dev/athk/ath10k/testmode.c
+48-0usr.bin/truncate/tests/truncate_test.sh
+11-17sys/contrib/dev/athk/ath10k/core.c
+18-1sys/contrib/dev/athk/ath10k/wmi.h
+15-0sys/contrib/dev/athk/ath10k/testmode_i.h
+7-1sys/contrib/dev/rtw88/bf.c
+333-6010 files not shown
+358-6616 files

HardenedBSD/src dfa4e28sys/contrib/dev/athk/ath10k testmode.c core.c, sys/contrib/dev/rtw88 bf.c

Merge branch 'freebsd/current/main' into hardened/current/master
DeltaFile
+234-41sys/contrib/dev/athk/ath10k/testmode.c
+48-0usr.bin/truncate/tests/truncate_test.sh
+11-17sys/contrib/dev/athk/ath10k/core.c
+18-1sys/contrib/dev/athk/ath10k/wmi.h
+15-0sys/contrib/dev/athk/ath10k/testmode_i.h
+7-1sys/contrib/dev/rtw88/bf.c
+333-6010 files not shown
+358-6616 files

HardenedBSD/ports d0b6658archivers/zip/files patch-zip.c

HBSD: Resolve merge conflict

This port was updated upstream. We no longer need to carry a patch
downstream to support our HARDCFLAGS option.

Signed-off-by:  Shawn Webb <shawn.webb at hardenedbsd.org>
DeltaFile
+0-23archivers/zip/files/patch-zip.c
+0-231 files

HardenedBSD/ports 1b29103devel/electron39/files/packagejsons yarn.lock, graphics/sdl2_gpu pkg-plist

Merge remote-tracking branch 'internal/freebsd/main' into hardenedbsd/main

Conflicts:
        archivers/zip/files/patch-zip.c (unresolved)
DeltaFile
+578-0multimedia/ccextractor/files/patch-src_rust_Cargo.lock
+268-268graphics/sdl2_gpu/pkg-plist
+377-85multimedia/ccextractor/distinfo
+180-34multimedia/ccextractor/Makefile.crates
+35-116multimedia/ccextractor/files/patch-linux_Makefile.am
+64-77devel/electron39/files/packagejsons/yarn.lock
+1,502-58060 files not shown
+1,982-88666 files

HardenedBSD/ports 648a61dgames/veloren-weekly distinfo Makefile

games/veloren-weekly: update to s20260121

Changes:        https://gitlab.com/veloren/veloren/-/compare/5378d5cf29...547fc9f725
DeltaFile
+3-3games/veloren-weekly/distinfo
+2-2games/veloren-weekly/Makefile
+5-52 files

HardenedBSD/ports 4e744e4emulators/rpcs3 distinfo Makefile

emulators/rpcs3: update to 0.0.39.18708

Changes:        https://github.com/RPCS3/rpcs3/compare/d7b723cd7c...3e49c32c9c
DeltaFile
+3-3emulators/rpcs3/distinfo
+2-2emulators/rpcs3/Makefile
+5-52 files

HardenedBSD/ports b95e493graphics/mesa-devel distinfo Makefile

graphics/mesa-devel: update to 26.0.b.44

Changes:        https://gitlab.freedesktop.org/mesa/mesa/-/compare/6f076cdfda3...481df222095
DeltaFile
+3-3graphics/mesa-devel/distinfo
+2-2graphics/mesa-devel/Makefile
+5-52 files

HardenedBSD/ports 023fa28x11/wvkbd distinfo Makefile

x11/wvkbd: update to 0.19

Changes:        https://git.sr.ht/~proycon/wvkbd/log/v0.19
Reported by:    GitHub (watch releases)
DeltaFile
+3-3x11/wvkbd/distinfo
+1-1x11/wvkbd/Makefile
+4-42 files

HardenedBSD/ports 91a52fcnet-im/ejabberd pkg-plist distinfo

net-im/ejabberd: Update to 26.01
DeltaFile
+35-1net-im/ejabberd/pkg-plist
+13-11net-im/ejabberd/distinfo
+10-8net-im/ejabberd/Makefile
+58-203 files

HardenedBSD/ports d36f41beditors/vscode Makefile, net-im/deltachat-desktop Makefile

*/*: Bump port revision after electron39 update (af09aa198c34)
DeltaFile
+1-1net-im/deltachat-desktop/Makefile
+1-0editors/vscode/Makefile
+2-12 files

HardenedBSD/ports af09aa1devel/electron39 distinfo Makefile, devel/electron39/files patch-electron_shell_browser_api_electron__api__web__contents.cc patch-electron_spec_version-bump-spec.ts

devel/electron39: Update to 39.3.0

Changelog: https://github.com/electron/electron/releases/tag/v39.3.0

Reported by:    GitHub (watch releases)
DeltaFile
+64-77devel/electron39/files/packagejsons/yarn.lock
+11-11devel/electron39/distinfo
+4-4devel/electron39/files/patch-electron_shell_browser_api_electron__api__web__contents.cc
+1-5devel/electron39/files/packagejsons/package.json
+2-2devel/electron39/Makefile
+2-2devel/electron39/files/patch-electron_spec_version-bump-spec.ts
+84-1011 files not shown
+85-1027 files

HardenedBSD/ports 8a7d9cdsecurity/himitsu pkg-plist Makefile, security/himitsu/files patch-Makefile

security/himitsu: create new port

Himitsu is a secure secret storage system for Unix-like systems. It provides an
arbitrary key/value store (where values may be secret) and a query language for
manipulating the key store.

WWW: https://himitsustore.org

PR:             292475
DeltaFile
+22-0security/himitsu/pkg-plist
+19-0security/himitsu/Makefile
+15-0security/himitsu/pkg-message
+11-0security/himitsu/files/patch-Makefile
+3-0security/himitsu/pkg-descr
+3-0security/himitsu/distinfo
+73-01 files not shown
+74-07 files

HardenedBSD/ports 9711d61multimedia/ccextractor distinfo Makefile.crates, multimedia/ccextractor/files patch-src_rust_Cargo.lock patch-linux_Makefile.am

multimedia/ccextractor: update to 0.96.5

 - rust now mandatory
 - GUI rewritten in flutter, which we do not support unfortunately
 - hard subtitle extraction works now

Changelog: https://github.com/CCExtractor/ccextractor/releases/tag/v0.96.5
Changelog: https://github.com/CCExtractor/ccextractor/releases/tag/v0.96.4
Changelog: https://github.com/CCExtractor/ccextractor/releases/tag/v0.96.3
Changelog: https://github.com/CCExtractor/ccextractor/releases/tag/v0.96.2
Changelog: https://github.com/CCExtractor/ccextractor/releases/tag/v0.96.1
Changelog: https://github.com/CCExtractor/ccextractor/releases/tag/v0.96
DeltaFile
+578-0multimedia/ccextractor/files/patch-src_rust_Cargo.lock
+377-85multimedia/ccextractor/distinfo
+180-34multimedia/ccextractor/Makefile.crates
+35-116multimedia/ccextractor/files/patch-linux_Makefile.am
+55-17multimedia/ccextractor/Makefile
+0-54multimedia/ccextractor/Makefile.master
+1,225-3068 files not shown
+1,308-37914 files

HardenedBSD/ports e13864d. MOVED, multimedia Makefile

multimedia/ccextractor-gui: remove port

The ccextractor GUI has been rewritten in flutter, which requires Dart.
We do not support Dart, so that means no GUI for us for now.
DeltaFile
+0-20multimedia/ccextractor-gui/Makefile
+1-0MOVED
+0-1multimedia/Makefile
+1-213 files

HardenedBSD/ports e83a9b0multimedia/gpac Makefile

multimedia/gpac: enable pic everywhere

This fixes the build on arm64 for example.

Approved by:    portmgr (build fix blanket)
DeltaFile
+2-3multimedia/gpac/Makefile
+2-31 files

HardenedBSD/ports 93bb4e4net-im/gurk-rs Makefile

net-im/gurk-rs: fix build on armv7

Same fix as for shells/nushell.

Approved by:    portmgr (build fix blanket)
MFH:            2026Q1
DeltaFile
+1-0net-im/gurk-rs/Makefile
+1-01 files

HardenedBSD/ports bd7e3e8net-mgmt/nagios-pf-plugin Makefile

net-mgmt/nagios-pf-plugin: broken on FreeBSD 15, deprecate

This port requires the obsolete ioctl(DIOCGETSTATUS), which is no
longer supported on FreeBSD 15.  Upstream is dead, so deprecate.
It also has some questionable warnings.

See also:       D41651
MFH:            2026Q1
DeltaFile
+7-1net-mgmt/nagios-pf-plugin/Makefile
+7-11 files

HardenedBSD/ports e730129shells/nushell Makefile

shells/nushell: fix build on armv7

PR:             286368
MFH:            2026Q1
Tested by:      fuz
Approved by:    yuri (maintainer timeout)
DeltaFile
+1-2shells/nushell/Makefile
+1-21 files

HardenedBSD/ports e0e704barchivers/zip Makefile, archivers/zip/files patch-zip.c patch-fileio.c

archivers/zip: apply Debian patches

These patches fix some security and other issues:

 - ( 7) zipnote.c: Close in_file instead of undefined file x
 - ( 8) Use format specifier %s to print strings, not the string itself
 - (14) Fix buffer overflow when filename contains unicode characters
 - (15) Fix buffer overflow when using '-T -TT'
 - (16) Fix symlink update detection

Obtained from:  https://salsa.debian.org/sanvila/zip
Reported by:    diizzy
Reviewed by:    diizzy
Security:       CVE-2018-13410
MFH:            2026Q1
DeltaFile
+43-0archivers/zip/files/patch-zip.c
+19-0archivers/zip/files/patch-fileio.c
+16-0archivers/zip/files/patch-zipnote.c
+15-0archivers/zip/files/patch-unix_unix.c
+1-1archivers/zip/Makefile
+94-15 files

HardenedBSD/ports f41b42dsecurity/snortsam Makefile

security/snortsam: broken on FreeBSD 15, deprecate

This port requires the obsolete ioctl(DIOCGETSTATUS), which is no
longer supported on FreeBSD 15.  Upstream is dead, so deprecate.
It also has some questionable warnings.

See also:       D41651
MFH:            2026Q1
DeltaFile
+7-1security/snortsam/Makefile
+7-11 files