| Commits from the 2025Q4 branch |
|
FreshPorts has everything you want to know about FreeBSD software, ports, packages,
applications, whatever term you want to use.
Yesterday's Commits | Main Branch
|
|
Monday, 1 Dec 2025
|
02:16 Vladimir Druzenko (vvd)  Author: Christos Chatzaras 2025Q4
www/fcgi: Update 2.4.6 => 2.4.7 (fixes CVE-2025-23016)
Commit log:
https://github.com/FastCGI-Archives/fcgi2/compare/2.4.6...2.4.7
Changelog:
https://github.com/FastCGI-Archives/fcgi2/releases/tag/2.4.7
PR: 291307
Approved by: John von Essen <john@essenz.com> (maintainer, implicit - last
activity 2019)
Security: CVE-2025-23016
MFH: 2025Q4
(cherry picked from commit 1a30da80670973368b399f2b01fe9c04b91a1273)
    02853b7 |
00:11 Santhosh Raju (fox) 2025Q4
security/wolfssl: Update to 5.8.4
Changes since 5.8.2:
To download the release bundle of wolfSSL visit the download page at
www.wolfssl.com/download/
PR stands for Pull Request, and PR references a GitHub pull request number
where the code change was added.
Vulnerabilities
* [Low CVE-2025-12888] Vulnerability in X25519 constant-time cryptographic
implementations due to timing side channels introduced by compiler
optimizations and CPU architecture limitations, specifically with the
Xtensa-based ESP32 chips. If targeting Xtensa it is recommended to use the
low memory implementations of X25519, which is now turned on as the default
for Xtensa. Thanks to Adrian Cinal for the report. Fixed in PR 9275.
* [Med. CVE-2025-11936] Potential DoS vulnerability due to a memory leak
through multiple KeyShareEntry with the same group in malicious TLS 1.3
ClientHello messages. This affects users who are running wolfSSL on the
server side with TLS 1.3. Thanks to Jaehun Lee and Kyungmin Bae, Pohang
University of Science and Technology (POSTECH) for the report. Fixed in PR
9117.
* [Low CVE-2025-11935] PSK with PFS (Perfect Forward Secrecy) downgrades to
PSK without PFS during TLS 1.3 handshake. If the client sends a ClientHello
that has a key share extension and the server responds with a ServerHello
that does not have a key share extension the connection would previously
continue on without using PFS. Thanks to Jaehun Lee from Pohang University
of Science and Technology (POSTECH) for the report. Fixed in PR 9112.
* [Low CVE-2025-11934] Signature Algorithm downgrade from ECDSA P521 to P256
during TLS 1.3 handshake. When a client sends ECDSA P521 as the supported
signature algorithm the server previously could respond as ECDSA P256 being
the accepted signature algorithm and the connection would continue with
using ECDSA P256. Thanks to Jaehun Lee from Pohang University of Science and
Technology (POSTECH) for the report. Fixed in PR 9113.
* [Low CVE-2025-11933] DoS Vulnerability in wolfSSL TLS 1.3 CKS extension
parsing. Previously duplicate CKS extensions were not rejected leading to a
potential memory leak when processing a ClientHello. Thanks to Jaehun Lee
from Pohang University of Science and Technology (POSTECH) for the report.
Fixed in PR 9132.
* [Low CVE-2025-11931] Integer Underflow Leads to Out-of-Bounds Access in
XChaCha20-Poly1305 Decrypt. This issue is hit specifically with a call to
the function wc_XChaCha20Poly1305_Decrypt() which is not used with TLS
connections, only from direct calls from an application. Thanks to Luigino
Camastra from Aisle Research for the report. Fixed in PR 9223.
* [Low CVE-2025-11932] Timing Side-Channel in PSK Binder Verification. The
server previously verified the TLS 1.3 PSK binder using a non-constant time
method which could potentially leak information about the PSK binder. Thanks
to Luigino Camastra from Aisle Research for the report. Fixed in PR 9223.
* [Low CVE-2025-12889] With TLS 1.2 connections a client can use any digest,
specifically a weaker digest, rather than those in the CertificateRequest.
Thanks to Jaehun Lee from Pohang University of Science and Technology
(POSTECH) for the report. Fixed in PR 9395
New Features
* New ML-KEM / ML-DSA APIs and seed/import PKCS8 support; added _new/_delete
APIs for ML-KEM/ML-DSA. (PR 9039, 9000, 9049)
* Initial wolfCrypt FreeBSD kernel module support (PR 9392)
* Expanded PKCS7/CMS capabilities: decode SymmetricKeyPackage /
OneSymmetricKey, add wc_PKCS7_GetEnvelopedDataKariRid, and allow PKCS7
builds with AES keywrap unset. (PR 9018, 9029, 9032)
* Add custom AES key wrap/unwrap callbacks and crypto callback copy/free
operations. (PR 9002, 9309)
* Add support for certificate_authorities extension in ClientHello and
certificate manager CA-type selection/unloading. (PR 9209, 9046)
* Large expansion of Rust wrapper modules: random, aes, rsa, ecc, dh, sha,
hmac, cmac, ed25519/ed448, pbkdf2/PKCS#12, kdf/prf, SRTP KDFs, and
conditional compilation options. (PR 9191, 9212, 9273, 9306, 9320, 9328,
9368, 9389, 9357, 9433)
* Rust: support optional heap and dev_id parameters and enable conditional
compilation based on C build options. (PR 9407, 9433)
* STM32 fixes (benchmarking and platform fixes) and PSoC6 hardware
acceleration additions. (PR 9228, 9256, 9185)
* STM32U5 added support for SAES and DHUK. (PR 9087)
* Add --enable-curl=tiny option for a smaller build when used with cURL. (PR
9174)
Improvements / Optimizations
* Regression test fixes and expansion: TLS 1.3/1.2 tests, ARDUINO examples,
libssh2 tests, hostap workflows, and nightly test improvements. (PR 9096,
9141, 9091, 9122, 9388)
* Improved test ordering and CI test stability (random tests run order
changes, FIPS test fixes). (PR 9204, 9257)
* Docs and readme fixes, docstring updates, AsconAEAD comment placement, and
example certificate renewals. (PR 9131, 9293, 9262, 9429)
* Updated GPL exception lists (GPLv2 and GPLv3 exception updates: add
Fetchmail and OpenVPN). (PR 9398, 9413)
* Introduced WOLFSSL_DEBUG_CERTS and additional debug/logging refinements.
(PR 8902, 9055)
* Expanded crypto-callback support (SHA family, HKDF, SHA-224, sha512_family
digest selection) and improved crypto-only build cases. (PR 9070, 9252,
9271, 9100, 9194)
* AES & HW offload improvements including AES-CTR support in PKCS11 driver
and AES ECB offload sizing fix. (PR 9277, 9364)
* ESP32: PSRAM allocator support and SHA HW fixes for ESP-IDF v6/v5. (PR
8987, 9225, 9264)
* Renesas FSP / RA examples updated and security-module TLS context
improvements. (PR 9047, 9010, 9158, 9150)
* Broad configure/CMake/Autotools workflow improvements (Apple options
tracking, Watcom pinning, Debian packaging, ESP-IDF pinning). (PR 9037,
9167, 9161, 9264)
* New assembly introspection / performance helpers for RISC-V and PPC32;
benchmarking enhancements (cycle counts). (PR 9101, 9317)
* Update to SGX build for using assembly optimizations. (PR 8463, 9138)
* Testing with Fil-C compiler version to 0.674 (PR 9396)
* Refactors and compressing of small stack code (PR 9153)
Bug Fixes
* Removed the test feature using popen when defining the macro
WOLFSSL_USE_POPEN_HOST and not having HAVE_GETADDRINFO defined, along with
having the macro HAVE_HTTP_CLIENT set. There was the potential for
vulnerable behavior with the use of popen when the API
wolfSSL_BIO_new_connect() was called with this specific build. This exact
build configuration is only intended for testing with QEMU and is not
enabled with any autoconf/cmake flags. Thanks to linraymond2006 for the
report. (PR 9038)
* Fix for C# wrapper Ed25519 potential crash and heap overwrite with raw
public key import when using the API Ed25519ImportPublic.This was a broken
API with the C# wrapper that would crash on use. Thanks to Luigino Camastra
from Aisle Research for the bug report. (PR 9291)
* Coverity, cppcheck, MISRA, clang-tidy, ZeroPath and other static-analysis
driven fixes across the codebase. (PR 9006, 9078, 9068, 9265, 9324)
* TLS 1.2/DTLS improvements: client message order checks, DTLS
cookie/exchange and replay protections, better DTLS early-data handling. (PR
9387, 9253, 9205, 9367)
* Improved X.509 & cert handling: allow larger pathLen in Basic Constraints,
restore inner server name for ECH, retrying cert candidate chains. (PR 8890,
9234, 8692)
* Sniffer robustness: fix infinite recursion, better handling of OOO appData
and partial overlaps, and improved retransmission detection. (PR 9051, 9106,
9140, 9094)
* Numerous linuxkm (kernel-mode) fixes, relocation/PIE normalization, and
FIPS-related build tweaks across many iterations. (PR 9025, 9035, 9067,
9111, 9121)
* ML-KEM/Kyber and ML-DSA fixes for out-of-bounds and seed-import
correctness; multiple ML-related safety fixes. (PR 9142, 9105, 9439)
* Avoid uninitialized-variable and GCC warnings; several fixes for
undefined-shift/overflow issues. (PR 9020, 9372, 9195)
* Memory & leak fixes in X509 verification and various struct sizing fixes
for WOLFSSL_NO_MALLOC usage. (PR 9258, 9036 )
* Fixed RSA / signing / verify-only warnings allowing WOLFSSL_NO_CT_OPS when
WOLFSSL_RSA_VERIFY_ONLY is used and API cleanups for using const. (PR 9031,
9263)
(cherry picked from commit bc229e671a4c797dc247918453bd92421cae8555)
022d232 |
|
Saturday, 29 Nov 2025
|
22:31 Vladimir Druzenko (vvd) Author: Martin Filla 2025Q4
- www/librewolf 145.0.2
Custom version of Firefox, focused on privacy, security and freedom
www/librewolf: Update 145.0.1-2 => 145.0.2-1
Changelog:
https://www.firefox.com/en-US/firefox/145.0.2/releasenotes/
PR: 291284
MFH: 2025Q4
(cherry picked from commit eb3895d89744907b2c590b820c10d129abe529c6)
9360981 |
21:52 Jan Beich (jbeich) 2025Q4
x11-wm/cosmic-comp: update to 1.0.0.b.8
Changes: https://github.com/pop-os/cosmic-comp/compare/epoch-1.0.0-beta.7...epoch-1.0.0-beta.8
Reported by: Repology
(cherry picked from commit 96be2886b3f4044488a32f9d534ead235655e880)
5b20a51 |
13:32 Tijl Coosemans (tijl) 2025Q4
print/cups: Update to 2.4.15
(cherry picked from commit 2c6ce5b2d17378eb03ad07ae1f70310b59a5aada)
8aabe49 |
|
Friday, 28 Nov 2025
|
22:17 Jan Beich (jbeich) 2025Q4
games/veloren-weekly: update to s20251126
Changes: https://gitlab.com/veloren/veloren/-/compare/d449aa2168...4c69005613
(cherry picked from commit d131803c879bfc99639ba6000ac0ca29de008e2b)
b0cd6f4 |
03:04 Bryan Drewery (bdrewery) 2025Q4
ports-mgmt/poudriere-devel: Remove DEBUG for now.
This isn't activating properly and the name is confused with WITH_DEBUG
which is different.
(cherry picked from commit 60d18bc315249ee2d94e080296fe0b08fcbbc0f5)
cc3728b |
02:48 Bryan Drewery (bdrewery) 2025Q4
ports-mgmt/poudriere-devel: Update to 3.3.0-2467-g1e1cd81b9
Changes:
- Fix dev asserts causing error when DEBUG option not enabled.
- jail -c -m pkgbase: Use pkg.freebsd.org for pkgbase now that it has
redirects setup.
(cherry picked from commit 5d111deb32554d79a0280ca76c04da25548909d9)
4561880 |
02:20 Bryan Drewery (bdrewery) 2025Q4
ports-mgmt/poudriere-devel: Mark BROKEN for now due to a bulk error.
(cherry picked from commit 9b7c03a8d79c2b9b1883d097e1afa9b25e6b4b4c)
8f50346 |
|
Thursday, 27 Nov 2025
|
22:58 Bryan Drewery (bdrewery) 2025Q4
ports-mgmt/poudriere-devel: Clarify what DEBUG is
(cherry picked from commit f0742d338b31f3ee84b37f3ed57c63a9b16168c7)
38e348d |
22:28 Bryan Drewery (bdrewery) 2025Q4
ports-mgmt/poudriere-devel: Update to 3.3.0-2465-g5b7655549
Changes:
New features:
- bulk -t / testport: Enable errors for undeclared shared library
dependencies (PROXYDEPS_FATAL).
- Add poudriere-repo(8) to rebuild repo.
- Add a 'pkgrepo publish' hook.
See https://github.com/freebsd/poudriere/wiki/hooks
Called from bulk, testport, pkgclean, repo.
- bulk build log: Record times(1) at start and end.
- gather_distfiles: symlink to existing files rather than copy.
This saves IO and space during the build.
- poudriere -s var[=value]: Inherit from env or set var default.
- Allow MAX_(MEMORY|FILES)_pkgname="" to override global value.
- bulk log: Also show jail name.
- bulk -v: Show logfile location for failed builds.
- bulk PKG_NO_VERSION_FOR_DEPS: Add a ORPHAN_SHLIB_REBUILD_IGNORELIST
to list packages to not rebuild on missed shlibs. These ports likely
are failing stage-qa.
Fixes:
- Revert IMMUTABLE_BASE default to "no".
- bulk: Fix ancient queue race resulting in crashed builder during
'starting'.
- jail: pkgbase creation fixes for 15.0
- bulk: Fix ref jail sticking around after detecting a crashed
builder.
- bulk jail: /distfiles is now properly kept read-only.
- Fix qemu error executing `service qemu_user_static onestart` rather than
advising it.
- Fix parallel builds stomping on shared TMPFS_BLACKLIST_TMPDIR.
- read*(): Fix some issues with recent timeout support.
- siginfo_handler: Protect against arith error.
- bulk: Fix priority boosting after job queue added run type.
- dirwatch: Fix startup race when used for queue watching.
- html: Avoid numeric error during SIGTERM.
- PKG_NO_VERSION_FOR_DEPS=yes: Ensure delete_pkg() is called on
shlib-rebuilt package. This fixes using PKG_HASH=yes resulting in
pkg-upgrade(8) SQL constraint errors.
- Fix PKG_HASH not using proper timestamp for build cache.
- pkgclean -f: Fix not installing pkg into jail after recent change.
- bulk: Hide bmake read-only /usr/obj warning during ports env setup.
- dev show_build_summary: Don't recursive error.
- bulk: urlencode '+' in link to web.
- Fix some inconsistent SIGINT cleanup races.
Misc:
- A lot of tweaks to builtins.
- A lot of various optimizations.
- A lot of new tests and test stability improvements.
- More use of vfork(2).
- Factor/optimize some common code for removing files which reduces
some fork(2)/execve(2).
- Factor common code for whitelist/blacklist/list handling.
- package git note now contains unabbreviated commit hash.
- bulk: For shlib rebuild show specific reason.
- write_atomic: Avoid unneeded unlink(2) when creating tmpfile.
- Tweaks to bulk package copying from jail .npkg dir.
- testport/bulk -i: If suing to nobody don't land in /root.
- crashed_build: Ensure telling about queue failures.
- bulk parallel jobs: tweak process reaping frequency.
- bulk build_port: Avoid regathering PREFIX/NEED_ROOT/DISTFILES vars.
- bulk: Always save the datadir listing to logdir even on success.
- completions: Add poudriere-audit.
- zsh completions: Document testport/bulk -NN.
- lockf is always bundled to simplify compat for tests.
- jails: Check for mlock support now.
- timestamp: Forward signals TERM,ALRM,INT,HUP.
- timestamp: Support sub-second resolution/units.
- bulk/testport: check_leftovers: Remove backwards-compat for pre-2014
ports/Mk/Scripts/check_leftovers.sh.
- Add fallback-compat for `nproc` and `date -I`.
- build_repo: Remove old {data,packagesite}.txz files if found.
- jail: commands using make will use `make -s` if not running in
verbose mode.
(cherry picked from commit a3a657318f57672259a28356f38cb29a1672e8ce)
24e46aa |
22:28 Bryan Drewery (bdrewery) 2025Q4
ports-mgmt/poudriere-devel: Update to 3.3.0-2210-ge92c28b8d
Changes:
- testport: Fix fetching the port-to-test (which could cause a -1 stats error)
(cherry picked from commit 401e02acf7df7d6a7c8756142dba7ea562808e19)
376e0db |
22:27 Bryan Drewery (bdrewery) 2025Q4
ports-mgmt/poudriere-devel: Support DEBUG option
(cherry picked from commit 43ef4c5faf2e19f06c9f790e38b02295727e7e65)
c26a67c |
18:59 Matthias Fechner (mfechner) 2025Q4
devel/gitlab-runner: update to 18.6.2
Include in addition a hotfix for:
Fix bash shell cleanup to support variable expansion in paths
https://gitlab.com/gitlab-org/gitlab-runner/-/merge_requests/5966
Changes: https://gitlab.com/gitlab-org/gitlab-runner/-/releases
(cherry picked from commit 2e4d871e7a2074deb41dd8f7e041ec0925d5a8bb)
736df34 |
12:13 Matthias Fechner (mfechner) Author: Po-Chuan Hsieh 2025Q4
devel/rubygem-parser: Update to 3.3.10.0
Changes: https://github.com/whitequark/parser/blob/master/CHANGELOG.md
(cherry picked from commit 8e11be6c6a05abb8b00ecb5fbeaa72cdb2c0c420)
3f888f6 |
|
11:55 Matthias Fechner (mfechner) 2025Q4 |
11:55 Matthias Fechner (mfechner) 2025Q4
- devel/glab 1.78.3
GitLab CLI tool bringing GitLab to your command line
devel/glab: update to 1.78.3
Changes: https://gitlab.com/gitlab-org/cli/-/releases
(cherry picked from commit e2d9861c03784af26b5e322828eb6f7cea1881f1)
294f957 |
11:55 Matthias Fechner (mfechner) 2025Q4
devel/gitlab-runner: fix pipeline errors
Running pipelines with shell executor stops with error:
fatal: unable to get password from user
See also here:
https://gitlab.com/gitlab-org/gitlab-runner/-/issues/39130
https://gitlab.com/gitlab-org/gitlab-runner/-/merge_requests/5961
(cherry picked from commit 548798bd62843b70db2268085eba959fffcf64d6)
ab233f1 |
11:54 Matthias Fechner (mfechner) 2025Q4
devel/gitlab-runner: update to 18.6.1
This release includes the patch, so removed it.
Changes: https://gitlab.com/gitlab-org/gitlab-runner/-/compare/v18.6.0...v18.6.1?from_project_id=250833
(cherry picked from commit d335d58e247a5829f8a7896e3fdc2a3bc5ed9178)
400202c |
11:54 Matthias Fechner (mfechner) 2025Q4
- devel/glab 1.78.2
GitLab CLI tool bringing GitLab to your command line
devel/glab: update to 1.78.2
Changes: https://gitlab.com/gitlab-org/cli/-/releases
(cherry picked from commit fb4bac22c219c1e20d0dcaf3f48d822f48caf552)
e833968 |
|
11:54 Matthias Fechner (mfechner) 2025Q4 |
11:53 Matthias Fechner (mfechner) 2025Q4
www/rubygem-rack-attack: update to 6.8.0
Required for gitlab 18.6
Changes: https://github.com/rack/rack-attack/blob/main/CHANGELOG.md
(cherry picked from commit 5f16e4d2cc5b5b8937110da4cd82b3abf3a01706)
b582f3e |
11:53 Matthias Fechner (mfechner) 2025Q4
textproc/gitlab-zoekt-indexer: udpate to 1.7.6
Required for gitlab 18.6
Changes: https://gitlab.com/gitlab-org/gitlab-zoekt-indexer/-/releases
(cherry picked from commit 81da34c645d0c3d858334626d060b0be76630e46)
a80417f |
11:53 Matthias Fechner (mfechner) 2025Q4
textproc/gitlab-elasticsearch-indexer: udpate to 5.10.1
Required for gitlab 18.6
Changes: https://gitlab.com/gitlab-org/gitlab-elasticsearch-indexer/-/blob/main/CHANGELOG.md
(cherry picked from commit 158eebbb6fa58acf05680685b8cfa0b78b39f899)
a8ababb |
11:52 Matthias Fechner (mfechner) 2025Q4
textproc/gitlab-code-parser: update to 0.20.2
Required for gitlab 18.6
Changes: https://gitlab.com/gitlab-org/rust/gitlab-code-parser/-/blob/main/CHANGELOG.md
(cherry picked from commit 2a7e674c4f6d76b7d56dca8cc3f01894cae15c01)
99396c4 |
11:52 Matthias Fechner (mfechner) 2025Q4
security/rubygem-gitlab-cloud-connector: update to 1.36.0
Required for gitlab 18.6
Changes: https://gitlab.com/gitlab-org/cloud-connector/gitlab-cloud-connector/-/releases
(cherry picked from commit b0a660af2e4b13b25454ec94349fd77e8ccf9915)
a0b8064 |
11:52 Matthias Fechner (mfechner) 2025Q4
net/rubygem-uri-gitlab: update to 0.13.3
Required for gitlab 18.6
Changes: https://github.com/ruby/uri/releases
(cherry picked from commit cbaaad4f1c95b88da309266feac05ec3a8045d62)
d2990fc |
11:51 Matthias Fechner (mfechner) 2025Q4
net/rubygem-omniauth-google-oauth2-gitlab: update to 1.2.1
Required for gitlab 18.6
Changes: https://github.com/zquestz/omniauth-google-oauth2/releases
(cherry picked from commit 391e4cc0525ba20b36e3f642ae6b6316b6d14868)
b7fe0d9 |
11:51 Matthias Fechner (mfechner) 2025Q4
net/rubygem-grpc-gitlab: update to 1.76.0
Required for gitlab 18.6
Changes: https://github.com/grpc/grpc/releases
(cherry picked from commit 8bd9ab190a81cb3f696df1243ce665bc1fb82a82)
6a93e45 |
|
11:51 Matthias Fechner (mfechner) 2025Q4 |
11:51 Matthias Fechner (mfechner) 2025Q4
devel/rubygem-google-apis-iam_v1-gitlab: update to 0.79.0
Required for gitlab 18.6
Changes: https://github.com/googleapis/google-api-ruby-client/blob/main/generated/google-apis-iam_v1/CHANGELOG.md
(cherry picked from commit 20b73160d6c019de5713c6310c0bc6dcfe4856ca)
ca2389e |
11:51 Matthias Fechner (mfechner) 2025Q4
devel/rubygem-gitlab-labkit: update to 0.42.2
Required for gitlab 18.6
Changes: https://gitlab.com/gitlab-org/ruby/gems/labkit-ruby/-/releases
(cherry picked from commit 86a9128b82f88e818577678889175354f2d5c130)
993bdb5 |
11:51 Matthias Fechner (mfechner) 2025Q4
devel/gitlab-runner: update to 18.6.0
Fixes error in pipeline:
fatal: unable to get password from user
More info:
https://gitlab.com/gitlab-org/gitlab/-/issues/581563
https://gitlab.com/gitlab-org/gitlab-runner/-/issues/39123
https://gitlab.com/gitlab-org/gitlab-runner/-/merge_requests/5958
Changes: https://gitlab.com/gitlab-org/gitlab-runner/blob/v18.6.0/CHANGELOG.md
(cherry picked from commit e79904f596481ac401dad3f65689ddcdc70fc242)
78f8481 |
11:51 Matthias Fechner (mfechner) 2025Q4
databases/rubygem-redis-gitlab: update to 5.4.1
Required for gitlab 18.6
Changes: https://github.com/redis/redis-rb/blob/master/CHANGELOG.md
(cherry picked from commit 670057d58cafc7e1944c58dcdfe2a83eadc745c5)
baf116a |
11:51 Matthias Fechner (mfechner) 2025Q4
databases/rubygem-redis-clustering-gitlab: update to 5.4.1
Required for gitlab 18.6
Changes: https://github.com/redis/redis-rb/blob/master/CHANGELOG.md
(cherry picked from commit af35d26f6fc5ec598c52ff8d7e1a7425df4ff476)
3b91358 |
11:50 Matthias Fechner (mfechner) 2025Q4
databases/rubygem-click_house-client: update to 0.8.2
Required for gitlab 18.6
Changes: https://gitlab.com/gitlab-org/ruby/gems/clickhouse-client/-/releases
(cherry picked from commit 991450b9a2c56bd4df2dbffa929e06c7aa533b10)
e5545b8 |
11:50 Matthias Fechner (mfechner) 2025Q4
security/rubygem-webauthn: udpate to 3.4.3
Changes: https://github.com/cedarcode/webauthn-ruby/blob/master/CHANGELOG.md
(cherry picked from commit f0b12d348a2cba407f33e66da97af2a30e753d78)
738bb96 |
11:50 Matthias Fechner (mfechner) 2025Q4
security/rubygem-safety_net_attestation: update to 0.5.0
Changes: https://github.com/cedarcode/safety_net_attestation/blob/master/CHANGELOG.md
(cherry picked from commit ea71d0e636f15269b8096cef5ece8dc8599b6d90)
ddbbab9 |
11:50 Matthias Fechner (mfechner) 2025Q4
devel/gitlab-runner: install the gitlab secrets scanner
This makes it now possible to have a gitlab-runner with shell
and in the pipeline of the repository the default
gitlab pipeline can be used now, like:
include:
- template: Jobs/Secret-Detection.gitlab-ci.yml
(cherry picked from commit 00d8e612f47c363bd383b66d782e0a3605f34453)
06769fc |
11:50 Matthias Fechner (mfechner) 2025Q4
- www/gitlab 18.5.2_1
Web GUI for managing git repositories
www/gitlab: enable the gitlab secrets scanner in the standard pipeline
This makes it now possible to have a gitlab-runner with shell
and in the pipeline of the repository the default
gitlab pipeline can be used now, like:
include:
- template: Jobs/Secret-Detection.gitlab-ci.yml
(cherry picked from commit 6d9b7f145a6e9638039d91fc03fb79045b3b4dda)
36ded07 |
|
11:50 Matthias Fechner (mfechner) 2025Q4 |
11:50 Matthias Fechner (mfechner) 2025Q4
security/rubygem-gitlab-secret_detection: update to 0.38.1
Changes: https://gitlab.com/gitlab-org/security-products/secret-detection/secret-detection-service/-/blob/main/CHANGELOG.md
(cherry picked from commit f801fca82f648d5e50422537a5573755a70d151a)
14f7659 |
11:50 Matthias Fechner (mfechner) 2025Q4
devel/rubygem-opentelemetry-helpers-sql-processor: update to 0.3.1
Changes: https://github.com/open-telemetry/opentelemetry-ruby-contrib/blob/main/helpers/sql-processor/CHANGELOG.md
(cherry picked from commit 1d0c724869dd504b4e3c70b4ab42e1bc60c638d4)
f4d1636 |
11:49 Matthias Fechner (mfechner) 2025Q4
devel/rubygem-CFPropertyList-gitlab: update to 3.0.8
Changes: https://github.com/ckruse/CFPropertyList/tags
(cherry picked from commit 3d87d044f94ee25a343b6460a20087faa4b8dd16)
38962db |
|
Wednesday, 26 Nov 2025
|
21:06 Christoph Moench-Tegeder (cmt) 2025Q4
devel/rust-cbindgen: update to 0.29.2
Changelog:
https://github.com/mozilla/cbindgen/blob/v0.29.2/CHANGES
(cherry picked from commit d044b575fd3316234369fb191d72873862f4d04e)
88084f9 |
17:30 Vladimir Druzenko (vvd) Author: Martin Filla 2025Q4
www/waterfox: Update 6.6.5 => 6.6.5.1
Changelog:
https://www.waterfox.net/docs/releases/6.6.5.1/
PR: 291226
MFH: 2025Q4
(cherry picked from commit 030b6f54603a75d9fe599a16ee97abc44e790da1)
a128d15 |
14:22 Li-Wen Hsu (lwhsu) Author: Jaap Akkerhuis 2025Q4
- dns/unbound 1.24.2
Validating, recursive, and caching DNS resolver
dns/unbound: Update to 1.24.2
This security release has additional fixes for CVE-2025-11411.
PR: 291236
(cherry picked from commit f4188ecfbeb4e406838684c46178a9b4fc32d4c2)
ff79a1f |
00:06 Colin Percival (cperciva) 2025Q4
misc/freebsd-release-manifests: Add 15.0-RC4 MANIFEST files
Approved by: re (implicit)
Sponsored by: https://www.patreon.com/cperciva
(cherry picked from commit 053f765139e3012e4a9141ce0651cc7861103f61)
861c687 |
|
Tuesday, 25 Nov 2025
|
|
20:53 Bryan Drewery (bdrewery) 2025Q4 |
18:41 Rene Ladan (rene) Author: Yuri Victorovich 2025Q4
security/tor: update 0.4.8.20 → 0.4.8.21
(cherry picked from commit 409f91664b2e02836a3a4047dcdc1d4bc49935c6)
8b1301d |
18:41 Cy Schubert (cy) 2025Q4
security/tripwire: Add twtest back
9282b881947e removed twtest as though it was built, it was not installed
by default. We now install it out-of-bounds.
(cherry picked from commit 63f35fc38d3b5d5f1561ca019d2c346ff72a65d8)
28f4c62 |
18:41 Cy Schubert (cy) 2025Q4
security/tripwire: Fix manual build
When building by hand ${PREFIX}/man with no subdirectories is created.
A less invasive fix is to remove the directory after the fact but before
packaging.
(cherry picked from commit 5563ffe84ff5eda3601925f7dfe0eeef3952ab7c)
07e212e |
14:39 Jan Beich (jbeich) 2025Q4
multimedia/ab-av1: update to 0.10.2
Changes: https://github.com/alexheretic/ab-av1/releases/tag/v0.10.2
Reported by: GitHub (watch releases)
(cherry picked from commit 43000141c3d43f79c133c3004768f7962d849b63)
9217f66 |
13:39 Robert Nagy (rnagy) 2025Q4
- www/chromium 142.0.7444.175
Google web browser based on WebKit
|
13:39 Robert Nagy (rnagy) 2025Q4
www/iridium: update to 2025.11.142.3
(cherry picked from commit cc61f3e96e953d13a2a81d6e9bef934e54b1344e)
5e2875b |
|
11:55 Nuno Teixeira (eduardo) 2025Q4 |
07:48 Guido Falsi (madpilot) 2025Q4
net/unison240: Fix packaging
I removed `OPTIONS_DEFINE` in the last update by mistake
Reported by: fallout
Fixes: ba72838fff3e7fa001d247aa5409e889a7c864c3
MFH: 2025Q4
(cherry picked from commit 14befc22a972963c55d1166745c5086744cd1413)
Fixes: 1ba7408e1c2910a6220c399ab906c470ee5edaa3 (2025Q4)
d014f97 |
|
Monday, 24 Nov 2025
|
22:07 Jan Beich (jbeich) 2025Q4
x11-wm/wlmaker: update to 0.6.2
Changes: https://github.com/phkaeser/wlmaker/releases/tag/v0.6.2
Reported by: GitHub (watch releases)
(cherry picked from commit ba82f2cacb86f06dc3950e28a96efc6865fce3a2)
63b58f9 |
22:07 Jan Beich (jbeich) 2025Q4
graphics/wayland-utils: update to 1.3.0
Changes: https://gitlab.freedesktop.org/wayland/wayland-utils/-/compare/1.2.0...1.3.0
Reported by: GitLab (notify releases)
(cherry picked from commit 185d3f045c61ab70b39f3dadc78ea55c25475af5)
(cherry picked from commit bdcb02b9ddda85216b07a56a1326f762b24c6845)
ec894c4 |
19:34 Christoph Moench-Tegeder (cmt) 2025Q4
- www/firefox 145.0.2,2
Web browser based on the browser portion of Mozilla
www/firefox: update to 145.0.2 (rc1)
(cherry picked from commit df3bd1e3c5f65f1b224f77a8433d7249932dbf4a)
4209a59 |
|
Sunday, 23 Nov 2025
|
21:43 Guido Falsi (madpilot) 2025Q4
- net/unison240 2.40.128_8
User-level file synchronization tool
- net/unison248 2.48.15_5
User-level file synchronization tool
net/unison240: Fetch from github, deprecate
The distfiles used by the port are not available anymore, take the one from
github. Adapt the port to build with the slightly different layout of this
distfile. [1]
The new distfile does not provide html, ps and pdf documentation, so remove
those files from the port.
I'm also deprecating this port, it is an ancient version not really supported
anymore by upstream. set a long expiration time.
While here:
- Refresh Makefiles for other legacy unison ports
- Remove CONFLICTS with no more existing -devel port
PR: 291166 [1]
MFH: 2025Q4
(cherry picked from commit ba72838fff3e7fa001d247aa5409e889a7c864c3)
1ba7408 |
07:04 Rainer Hurling (rhurlin) 2025Q4
graphics/qgis-ltr: 3.40.13
Changelog: https://github.com/qgis/QGIS/compare/final-3_40_12%5E...final-3_40_13
Reported by: portscout, Repology
MFH: 2025Q4
(cherry picked from commit 4cc21720f669b9d2fb469cadb7ab3282594972f6)
5b7071c |
|
Saturday, 22 Nov 2025
|
20:59 Nuno Teixeira (eduardo) 2025Q4
- www/bluefish 2.2.19
HTML editor designed for the experienced web designer
www/bluefish: Update to 2.2.19
ChangeLog:
https://sourceforge.net/p/bluefish/code/HEAD/tree/tags/bluefish_2_2_19/ChangeLog
MFH: 2025Q4 (bugfix release)
(cherry picked from commit 4bc166d534cdca58a92745be4f107ae615e07f9c)
36aec66 |
19:39 Rainer Hurling (rhurlin) 2025Q4
- graphics/qgis 3.44.5
Free and Open Source Geographic Information System
graphics/qgis: Update to 3.44.5
Changelog: https://github.com/qgis/QGIS/compare/final-3_44_4%5E...final-3_44_5
Reported by: portscout, Repology
MFH: 2025Q4
(cherry picked from commit 11b6ad4b3100dd4d4e4b39690e344f914d7a0879)
a223965 |
17:24 Colin Percival (cperciva) 2025Q4
misc/freebsd-release-manifests: Add 15.0-RC3 MANIFEST files
Approved by: re (implicit)
Sponsored by: https://www.patreon.com/cperciva
(cherry picked from commit 47c380336d1a3a44f101e960b044f6d9c950dbc8)
a1403d8 |
16:04 Robert Clausecker (fuz) Author: George Mitchell 2025Q4
x11-servers/xorg-server: update to 21.1.20
This fixes open CVEs CVE-2025-62229, CVE-2025-62230, and CVE-2025-62231.
Reported by: rob2g2-freebsd@bitbert.com
PR: 290655
Security: e99a32c8-b8e2-11f0-8510-b42e991fc52e
MFH: 2025Q4
Approved by: x11 (maintainer timeout)
(cherry picked from commit 34de5acb0688621eca69ddf0e55f9a928525e199)
487013c |
16:04 Robert Clausecker (fuz) Author: bruno 2025Q4
net-p2p/walletd: update to 2.11.0
This update is mandatory to continue participating in the network,
previous versions will cease to work in December 2025!
Changelog: https://github.com/SiaFoundation/walletd/releases/tag/v2.11.0
PR: 291057
MFH: 2025Q4
(cherry picked from commit 0837c81099086e4e4d64fd520bd437c6a2b483d8)
d0560f7 |
16:04 Robert Clausecker (fuz) Author: bruno 2025Q4
net-p2p/renterd: update to 2.7.1
This update is mandatory to continue participating in the network,
previous versions will cease to work in December 2025!
Changelog: https://github.com/SiaFoundation/renterd/releases/tag/v2.7.1
PR: 291057
MFH: 2025Q4
(cherry picked from commit 790a4934ee403bf87db70f719fb7de2da651f942)
ed7d224 |
16:04 Robert Clausecker (fuz) Author: bruno 2025Q4
net-p2p/hostd: update to 2.5.1
This update is mandatory to continue participating in the network,
previous versions will cease to work in December 2025!
Changelog: https://github.com/SiaFoundation/hostd/releases/tag/v2.5.1
PR: 291057
MFH: 2025Q4
(cherry picked from commit 3b412029a4f6188e935b1fe30be66a321c118c45)
5afeb73 |
As an Amazon Associate I earn from qualifying purchases.
