lang/python314: Security update + other fixes
Fix critical use-after-free bug in LZMA/BZ2/ZLib decompressor routines
when reusing decompressor instances after a MemoryError was raised from
one.
While here:
- fix DEBUG build/package (several %%ABI%% were in the wrong place
in pkg-plist that caused failed installs)
- switch to using system textproc/expat2 library
- issue warnings in pre-test that IPV6, PYMALLOC are required and
DEBUG also breaks one self-test
- bump PORTREVISION
- drop LTOFULL again and make LTO use =full
References:
https://mail.python.org/archives/list/security-announce@python.org/thread/HTWB2Z6KT5QQX4RYEZAFININDHNOSIF3https://www.cve.org/CVERecord?id=CVE-2026-6100
[6 lines not shown]
www/sogo: Update to 5.12.7
5.12.7 is a major release as it fixes 2 major vulnerabilities, 5.12.6
addresses another vulnerability.
While at it:
o pet portlint,
o make the installed configuration file for sysutils/logrotate useable
out of the box by replacing sogo:sogo with sogod:sogod,
o make the installed sogo-backup.sh useable out of the box by:
- correcting the path to sogo-tool,
- changing the function definitions to match sh(1) syntax, saving a
dependency on shells/bash, and
- installing it as executable.
Approved by: acm (maintainer)
Security: https://www.sogo.nu/news/2026/sogo-v5126-released.html
Security: https://www.sogo.nu/news/2026/sogo-v5127-released.html
Differential Revision: https://reviews.freebsd.org/D56426
devel/sope: Update to 5.12.7
This is a minor update, fixing contact searches containing 2 dots.
While at it, pet portlint.
Approved by: acm (maintainer)
Differential Revision: https://reviews.freebsd.org/D56425
audio/soundtouch: Update to 4.0.1
* Add USES= pathfix to fix install location of pkgconfig file and
make build logs consistent
* Change CFLAGS to CXXFLAGS for i386
PR: 294149
Approved by: maintainer timeout, 2+ weeks
net-im/vesktop: Improve port
* Don't extract into WRKDIR
* Extract the files we want by using pipe instead of writing tarball
to disk and then extracting it
PR: 294489
Reviewed by: Céleste Ornato <celeste at ornato.com>
KDE: Update KDE Gear to 26.04.0
Announcement: https://kde.org/announcements/gear/26.04.0/
Ports changes:
audio/libkcompactdisc:
- Remove port, no longer shipped with KDE Gear
deskutils/kdeconnect-kde:
- Add dependency on libei
misc/minuet:
- Add missing dependencies
- Add patch to restore parity with Linux
net/krdc:
- Update dependencies
[2 lines not shown]