HardenedBSD/ports 33456b7devel/ispc distinfo, devel/libev/files patch-ev.c

Merge branch 'freebsd/main' into hardenedbsd/main
DeltaFile
+123-0security/vuxml/vuln/2025.xml
+17-12textproc/xmlto/Makefile
+11-2devel/libev/files/patch-ev.c
+3-3net/traefik/distinfo
+3-3devel/ispc/distinfo
+3-3science/packmol/distinfo
+160-238 files not shown
+174-3314 files

HardenedBSD/ports 8416467net/traefik distinfo Makefile

net/traefik: Update to upstream release 3.4.4

Details:
- Bugfixes, see
  https://github.com/traefik/traefik/releases/tag/v3.4.4

MFH:            2025Q3
DeltaFile
+3-3net/traefik/distinfo
+2-2net/traefik/Makefile
+5-52 files

HardenedBSD/ports f426885science/packmol distinfo Makefile

science/packmol: Update to 21.0.4

ChangeLog: https://github.com/m3g/packmol/releases/tag/v21.0.4
DeltaFile
+3-3science/packmol/distinfo
+1-1science/packmol/Makefile
+4-42 files

HardenedBSD/ports cf7638cdevel/libev/files patch-ev.c patch-configure

devel/libev: Unbreak current after inotify add

After inotify was added to main, if condition bellow leads to build error
related to missing (linux) statfs.h header.

Fix it by adjusting correct headers:

 #if EV_USE_INOTIFY
-# include <sys/statfs.h>
+# include <sys/mount.h>
 # include <sys/inotify.h>

While here, refresh patches.

Approved by:    portmgr (blanket, build fix)
Sugested by:    markj
See also;       https://lists.freebsd.org/archives/dev-commits-src-all/2025-July/057269.html
DeltaFile
+11-2devel/libev/files/patch-ev.c
+2-2devel/libev/files/patch-configure
+2-2devel/libev/files/patch-Makefile.in
+15-63 files

HardenedBSD/ports fa129aesecurity/vuxml/vuln 2025.xml

security/vuxml: extend libxml2/libxslt vuln to linux-* ports
DeltaFile
+16-0security/vuxml/vuln/2025.xml
+16-01 files

HardenedBSD/ports dceb46fsecurity/vuxml/vuln 2025.xml, textproc/libxslt Makefile

textproc/libxml2, textproc/libxslt: vulnerable

Note that libxslt is vulnerable, unfixed, and without maintainer.
Two of four vulnerabilities have been fixed.

Note that libxml2 in our ports is vulnerable and there is no upstream
release fixing these bugs, they need cherry-picks.

Deprecate textproc/xmlto and textproc/minixmlto,
which both depend on the unmaintained and vulnerable libxslt.
I have filed https://pagure.io/xmlto/issue/15 to ask the xmlto
upstream to switch to different XML/XSLT libraries.

Two issues are undisclosed and do not seem to have a CVE assigned yet.

Security:       CVE-2025-6021
Security:       CVE-2025-6170
Security:       CVE-2025-7424
Security:       CVE-2025-7425

    [16 lines not shown]
DeltaFile
+107-0security/vuxml/vuln/2025.xml
+17-12textproc/xmlto/Makefile
+3-0textproc/minixmlto/Makefile
+3-0textproc/libxslt/Makefile
+130-124 files

HardenedBSD/ports 217e2efnet/usockets Makefile

net/usockets: Enable riscv64 build

Differential Revision:  https://reviews.freebsd.org/D51271
DeltaFile
+0-2net/usockets/Makefile
+0-21 files

HardenedBSD/ports c30c7b6devel/ispc distinfo Makefile

devel/ispc: update 1.26.0 → 1.27.0
DeltaFile
+3-3devel/ispc/distinfo
+1-1devel/ispc/Makefile
+4-42 files

HardenedBSD/ports ba053f2multimedia/video-trimmer distinfo Makefile.crates, www/angie Makefile distinfo

Merge branch 'freebsd/main' into hardenedbsd/main
DeltaFile
+197-367multimedia/video-trimmer/distinfo
+62-147multimedia/video-trimmer/Makefile.crates
+28-17www/angie/Makefile
+7-7www/nginx-devel/distinfo
+7-7www/angie/distinfo
+6-5multimedia/video-trimmer/Makefile
+307-55025 files not shown
+371-59731 files

HardenedBSD/ports 749716bnet-p2p/jackett Makefile distinfo

net-p2p/jackett: update to 0.22.2140

While here, add USES=ssl.

PR:             288130
Reported by:    Ralf van der Enden <tremere at cainites.net> (maintainer)
DeltaFile
+4-4net-p2p/jackett/Makefile
+3-3net-p2p/jackett/distinfo
+2-0net-p2p/jackett/pkg-plist
+9-73 files

HardenedBSD/ports be0c90cmultimedia/video-trimmer distinfo Makefile.crates

multimedia/video-trimmer: update to 25.03

While here:
- Added 'gnome' to DIST_SUBDIR and to second CATEGORIES.
- Updated COMMENT to hopefully a better COMMENT.
- Added 'pango' to USE_GNOME.

Changelog: https://gitlab.gnome.org/YaLTeR/video-trimmer/-/releases/v25.03

PR:             287923
Reported by:    Yusuf Yaman <nxjoseph at protonmail.com> (maintainer)
DeltaFile
+197-367multimedia/video-trimmer/distinfo
+62-147multimedia/video-trimmer/Makefile.crates
+6-5multimedia/video-trimmer/Makefile
+1-0multimedia/video-trimmer/pkg-plist
+266-5194 files

HardenedBSD/ports 2921d7dmail/mailutils distinfo Makefile

mail/mailutils: update the port to version 3.19

Requested by:   maintainer
DeltaFile
+3-3mail/mailutils/distinfo
+1-2mail/mailutils/Makefile
+1-0mail/mailutils/pkg-plist
+5-53 files

HardenedBSD/ports ebd32eax11-wm/labwc Makefile distinfo

x11-wm/labwc: update to 0.9.0

Changes:        https://github.com/labwc/labwc/releases/tag/0.9.0
Reported by:    GitHub (watch releases)
DeltaFile
+5-4x11-wm/labwc/Makefile
+3-3x11-wm/labwc/distinfo
+8-72 files

HardenedBSD/ports ccc0ce0www/nginx-devel distinfo Makefile.extmod, www/nginx-devel/files extra-patch-spnego-http-auth-nginx-module-config

www/nginx-devel: third-party modules management

o) ngx_devel_kit: update to 0.3.4
o) headers_more: update to 0.39
o) spnego-http-auth (aka auth_krb5): update to 1.1.3

Bump PORTREVISION.
DeltaFile
+7-7www/nginx-devel/distinfo
+3-3www/nginx-devel/Makefile.extmod
+2-2www/nginx-devel/files/extra-patch-spnego-http-auth-nginx-module-config
+1-1www/nginx-devel/Makefile
+13-134 files

HardenedBSD/ports 689410femulators/ppsspp Makefile

emulators/{ppsspp,libretro-ppsspp,ppsspp-qt5}: fix build on arm64

Arm64 requires bundled libpng17 module. Removing it from EXCLUDE
unbreaks build on arm64 platform.

PR:             287572
Reported by:    Kevin Reinholz <kreinholz at gmail.com> (maintainer)
MFH:            2025Q3
DeltaFile
+1-1emulators/ppsspp/Makefile
+1-11 files

HardenedBSD/ports 555bfa4math/octave-forge-octave_php_wrapper/files patch-DESCRIPTION

math/octave-forge-octave_php_wrapper: Add forgotten patch.

- Add the patch file that was forgotten in the prior commit.
DeltaFile
+9-0math/octave-forge-octave_php_wrapper/files/patch-DESCRIPTION
+9-01 files

HardenedBSD/ports d374232math/octave-forge-octave_php_wrapper Makefile

math/octave-forge-octave_php_wrapper: Fix DESCRIPTION.

- DESCRIPTION had incorrect version.
- Bump portrevision.
DeltaFile
+2-0math/octave-forge-octave_php_wrapper/Makefile
+2-01 files

HardenedBSD/ports b60e4f7www/angie-module-set-misc Makefile

www/angie-module-set-misc: Update ngx_devel_kit 0.3.3 => 0.3.4

The www/angie-module-set-misc uses ngx_devel_kit in GH_TUPLE.

Changelog for ngx_devel_kit:
https://github.com/vision5/ngx_devel_kit/releases/tag/v0.3.4

PR:             288100
Approved by:    Oleg A. Mamontov <oleg at mamontov.net> (maintainer, implicit - inactive for more than 9 months)
DeltaFile
+1-1www/angie-module-set-misc/Makefile
+1-11 files

HardenedBSD/ports 151d112www/angie distinfo, www/angie-module-ndk Makefile

www/angie-module-ndk: Update 0.3.3 => 0.3.4

Changelog:
https://github.com/vision5/ngx_devel_kit/releases/tag/v0.3.4

PR:             288100
Approved by:    Oleg A. Mamontov <oleg at mamontov.net> (maintainer, implicit - inactive for more than 9 months)
DeltaFile
+2-2www/angie/distinfo
+1-1www/angie-module-ndk/Makefile
+3-32 files

HardenedBSD/ports e4120e4www/angie distinfo, www/angie-module-headers-more Makefile

www/angie-module-headers-more: 0.38 => 0.39

Changelog:
https://github.com/openresty/headers-more-nginx-module/releases/tag/v0.39

PR:             288100
Approved by:    Oleg A. Mamontov <oleg at mamontov.net> (maintainer, implicit - inactive for more than 9 months)
DeltaFile
+2-2www/angie/distinfo
+1-1www/angie-module-headers-more/Makefile
+3-32 files

HardenedBSD/ports 51f7c04www/angie Makefile distinfo

www/angie: Update 1.9.1 => 1.10.0

Changelog:
https://en.angie.software/angie/docs/oss_changes/#angie-1-10-0

Improve port:
- Add the ACME module as a default port option. This module provides
  automated certificate retreival via the ACME protocol:
https://en.angie.software/angie/docs/configuration/modules/http/http_acme/#acme-client
- Replace ${PREFIX}/etc/angie with ${ETCDIR}.
- Reduce the number of times mkdir is run during do-install.
- Align nexted if/for for improving code readability (non-functional
  changes).

PR:             288100
Approved by:    Oleg A. Mamontov <oleg at mamontov.net> (maintainer, implicit - inactive for more than 9 months)
Co-authored-by: vvd
DeltaFile
+28-17www/angie/Makefile
+3-3www/angie/distinfo
+1-0www/angie/pkg-plist
+32-203 files

HardenedBSD/ports ff79bdcgames/minecraft-server distinfo Makefile

games/minecraft-server: Update 1.21.5 => 1.21.7

Changelogs:
https://www.minecraft.net/en-us/article/minecraft-java-edition-1-21-6
https://www.minecraft.net/en-us/article/minecraft-java-edition-1-21-7

PR:             287644
Approved by:    Jonathan Price <freebsd at jonathanprice.org> (maintainer, timeout 3 weeks)
MFH:            2025Q3
DeltaFile
+3-3games/minecraft-server/distinfo
+2-2games/minecraft-server/Makefile
+5-52 files

HardenedBSD/ports 4e80981graphics/mesa-devel distinfo Makefile

graphics/mesa-devel: update to 25.1.b.4146

Changes:        https://gitlab.freedesktop.org/mesa/mesa/-/compare/ace49d9e52a...a3a53b7cee4
DeltaFile
+3-3graphics/mesa-devel/distinfo
+2-2graphics/mesa-devel/Makefile
+5-52 files

HardenedBSD/ports 811c744x11/grim distinfo Makefile

x11/grim: update to 1.5.0

Changes:        https://gitlab.freedesktop.org/emersion/grim/-/tags/v1.5.0
Reported by:    Repology, openbsd-ports@
DeltaFile
+3-3x11/grim/distinfo
+2-3x11/grim/Makefile
+5-62 files

HardenedBSD/ports abec8bbx11/grim Makefile distinfo

x11/grim: chase to the new home

https://git.sr.ht/~emersion/grim/commit/d2af4cb99e9e
DeltaFile
+4-2x11/grim/Makefile
+2-2x11/grim/distinfo
+6-42 files

HardenedBSD/ports 8310022games/anki distinfo Makefile.crates, mail/postfix/files extra-patch-blacklistd

Merge branch 'freebsd/main' into hardenedbsd/main
DeltaFile
+845-751games/anki/distinfo
+418-371games/anki/Makefile.crates
+97-69mail/postfix/files/extra-patch-blacklistd
+71-0security/vuxml/vuln/2025.xml
+31-31net-im/ejabberd/distinfo
+0-47games/anki/pkg-plist
+1,462-1,26940 files not shown
+1,745-1,41546 files

HardenedBSD/ports 4f742fegames/sdl_jewels Makefile

games/sdl_jewels: Improve port, take maintainership

- Replace PORTVERSION with DISTVERSION.
- Update MASTER_SITES and WWW.
- Add LICENSE.
- Fix dependency - prevent silent grab libgl.
- Sort USE_SDL.
- Fix warnings from portclippy.
- Format DESKTOP_ENTRIES.

PR:     288143
MFH:    2025Q3
DeltaFile
+21-11games/sdl_jewels/Makefile
+21-111 files

HardenedBSD/ports 02fd993mail/postfix distinfo Makefile, mail/postfix/files extra-patch-blacklistd

mail/postfix: Update to 3.10.3

And while here, also address some blacklistd-related improvements,
namely in postscreen and relay check.

PR:             287463
Co-authored-by: bc979 at lafn.org
DeltaFile
+97-69mail/postfix/files/extra-patch-blacklistd
+3-3mail/postfix/distinfo
+2-2mail/postfix/Makefile
+102-743 files

HardenedBSD/ports fcc80f8net-im/ejabberd distinfo Makefile

net-im/ejabberd: Update to 25.07
DeltaFile
+31-31net-im/ejabberd/distinfo
+15-15net-im/ejabberd/Makefile
+11-0net-im/ejabberd/pkg-plist
+57-463 files

HardenedBSD/ports 1131d30devel/aws-sdk-cpp distinfo Makefile

devel/aws-sdk-cpp: Update to 1.11.603

ChangeLog: https://github.com/aws/aws-sdk-cpp/compare/1.11.592...1.11.603
DeltaFile
+3-3devel/aws-sdk-cpp/distinfo
+1-1devel/aws-sdk-cpp/Makefile
+4-42 files