security/tailscale: Refactor rc.d script Refactor rc.d script so various rc.conf variables such as ${name}_nice and ${name}_oomprotect can be used PR: 292220 MFH: 2026Q1

security/tailscale: Update to 1.94.1 MFH: 2026Q1

www/py-flatnotes: New port: Self-hosted, database-less note taking web app Flatnotes is a self-hosted, database-less note-taking web app that utilises a flat folder of markdown files for storage. WWW: https://github.com/dullage/flatnotes/

lang/rust-nightly: update 1.95.0.20260118 → 1.95.0.20260126 Approved by: rust (implicit)

net-im/linux-discord: Update to 0.0.122

x11/xapp: update to 3.2.2 add new xapp-symbolic-icons as run dependency PR: 292764

mail/thunderbird: update to 147.0.1 (rc2) Release Notes: https://www.thunderbird.net/en-US/thunderbird/147.0.1/releasenotes/

mail/nextcloud-mail: Update to 5.6.9

www/nextcloud-contacts: Update to 8.3.1

security/openssl: Security update to 3.0.19 Security: 4b824428-fb93-11f0-b194-8447094a420f MFH: 2026Q1

security/fakeroot: Update to 1.37.2 Changelog: https://salsa.debian.org/clint/fakeroot/-/blob/debian/1.37.2-1/debian/changelog?ref_type=tags

net/asterisk22: Update 22.7.0 => 22.8.0 Changelog: https://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-22.8.0.html This update incorporates an important fix for FreeBSD users: - rtp/rtcp: Configure dual-stack behavior via IPV6_V6ONLY PR: 262386 292712 Approved by: Oleksandr Kryvulia <o.kryvulia@flex-it.com.ua> (maintainer) Sponsored by: PANS Jarosław MFH: 2026Q1

net/amneziawg-go: Update 0.2.12 => 0.2.16 Commit log: https://github.com/amnezia-vpn/amneziawg-go/compare/v0.2.12...v0.2.16 While here replace PORTVERSION with DISTVERSION. PR: 292743

security/netbird: Update 0.64.1 => 0.64.2 Changelog: https://github.com/netbirdio/netbird/releases/tag/v0.64.2 Commit log: https://github.com/netbirdio/netbird/compare/v0.64.1...v0.64.2 PR: 292762

science/packmol: Update to 21.2.1 ChangeLog: https://github.com/m3g/packmol/releases/tag/v21.2.1

security/uacme: Update to 1.8.0 ChangeLog: https://github.com/ndilieto/uacme/blob/master/ChangeLog

games/genact: Update to 1.5.1 ChangeLog: https://github.com/svenstaro/genact/releases/tag/v1.5.1

games/cdogs-sdl: Update to 2.4.0 ChangeLog: https://github.com/cxong/cdogs-sdl/releases/tag/2.4.0

graphics/oxipng: Update to 10.1.0 ChangeLog: https://github.com/oxipng/oxipng/releases/tag/v10.1.0

www/element-web: Update to 1.12.9 Approved by: maintainer (implicit, version bump, as per PR 258262)

mail/msmtp: fix the TLS option Part of commit 61d57c2657e1178dd763c8dd63503a9338525f47 was converting from *_CONFIGURE_ON to *_CONFIGURE_WITH for the TLS option. As it is a radio option, it means that one of the options will be always disabled, resulting in adding `--without-tls` to the CONFIGURE_ARGS, and no TLS support. Fix by switching back to CONFIGURE_ON and bump PORTREVISION to regenerate the package. Reported by: Scott Robbins

x11-themes/xapp-symbolic-icons: new requirement for xapp-related apps PR: 292763

emulators/open-vm-*: Update to 13.0.10 Sponsored by: Rubicon Communications, LLC ("Netgate")

sysutils/graffer: Update 1.1 => 1.5.1 News: http://chaosophia.net/graffer/#news Commit log: https://github.com/koue/graffer/compare/1.1...1.5.1 PR: 292730 Co-authored-by: Vladimir Druzenko <vvd@FreeBSD.org>

security/openssl36: Security update to 3.6.1 Security: 4b824428-fb93-11f0-b194-8447094a420f MFH: 2026Q1

mail/abook: Update WWW/MASTER_SITES address

security/openssl35: Security update to 3.5.5 Security: 4b824428-fb93-11f0-b194-8447094a420f MFH: 2026Q1

security/vuxml: Document OpenSSL vulnerabilities

sysutils/py-ansible-core220: Add new port Ansible-core 2.20.1 brings in new features and bugfixes. It will not work with our default python311. Until Python 3.12 becomes default, to build this port add DEFAULT_VERSIONS+=python=3.12 to make.conf and rebuild all python packages needed to build this port prior to building and installing this port.

games/flightgear-aircraft: Update to 20260126

games/flightgear: Update to 2024.1.4

multimedia/v4l-utils: Fix build on CURRENT/STABLE In file included from dvbv5-daemon.c:43: /usr/include/search.h:80:7: error: expected identifier or '(' 80 | void tdestroy(void *, void (*)(void *)); | ^ dvbv5-daemon.c:24:23: note: expanded from macro 'tdestroy' 24 | #define tdestroy(...) do {} while (0) | ^ In file included from dvbv5-daemon.c:43: /usr/include/search.h:80:7: error: while loop outside of a function dvbv5-daemon.c:24:29: note: expanded from macro 'tdestroy' 24 | #define tdestroy(...) do {} while (0) | ^ Use native tdestroy(3) on 16-CURRENT and 15-STABLE after [1] and [2], respectively. [1] https://cgit.freebsd.org/src/commit/?id=b8c99e7d912f0dad84cec80f8c4331646b87a3ec [2] https://cgit.freebsd.org/src/commit/?h=stable/15&id=6197518ee90541a5e04d03dffda760b888d3a3e7 Reported by: pkg-fallout MFH: 2026Q1

net/xmlrpc-c: Update to 1.64.03 Sponsored by: Rubicon Communications, LLC ("Netgate")

mail/abook: Update to 0.6.2 - Pet port(clippy|fmt) - Take maintainership - Update license ChangeLog: https://sourceforge.net/p/abook/git/ci/master/tree/ChangeLog Reported by: portscout!

emulators/open-vm-tools: Fix build after 1600010 After ac5a19ec6989675c8ec6c3ca245dba243d1a6416, xdrproc_t was changed to always take 2 parameters. Removing 3rd parameter keeps it working on older versions. PR: 292755 MFH: 2026Q1 Sponsored by: Rubicon Communications, LLC ("Netgate")

graphics/gimp3-app: update to 3.0.8 release (+) Micro releases like 3.0.8 are focused on fixing bugs and regressions. Release notes: https://www.gimp.org/news/2026/01/24/gimp-3-0-8-released/ Changelog: https://gitlab.gnome.org/GNOME/gimp/-/blob/01df768b6756a04ecfaa410156f23ee95b3085e9/NEWS

graphics/gegl: update to 0.4.66 release (+) Changelog: https://gitlab.gnome.org/GNOME/gegl/-/blob/GEGL_0_4_66/docs/NEWS.adoc?ref_type=tags#user-content-gegl-0-4-66-2025-12-11

x11/babl: update to 0.1.120 release (+) Changelog: https://gitlab.gnome.org/GNOME/babl/-/blob/master/NEWS?ref_type=heads#L6-10

www/py-django-filer: Update to 3.4.3 Changelog since 3.4.1: https://github.com/django-cms/django-filer/blob/3.4.3/CHANGELOG.rst

textproc/py-zensical: Update to 0.0.19 Changelogs since 0.0.16: https://github.com/zensical/zensical/releases/tag/v0.0.19 https://github.com/zensical/zensical/releases/tag/v0.0.18 https://github.com/zensical/zensical/releases/tag/v0.0.17

textproc/py-mkdocstrings: Update to 1.0.2 Changelog since 1.0.0: https://github.com/mkdocstrings/mkdocstrings/blob/1.0.2/CHANGELOG.md

net-mgmt/py-netutils: Update to 1.16.0 Changelog: https://github.com/networktocode/netutils/releases/tag/v1.16.0

textproc/moor: Update 2.10.2 => 2.10.3 Changelog: https://github.com/walles/moor/releases/tag/v2.10.3 PR: 292756

devel/pear: update to 1.10.18 release (+) Release notes: https://github.com/pear/pear-core/releases/tag/v1.10.18

ports-mgmt/pkg_replace: Update 20260126 => 20260127 Changelog: - Cleanup man page pkg_replace.1. - Changed the behavior of get_pkgname_from_portdir() to detect updated ports. https://github.com/kdeguchi/pkg_replace/releases/tag/20260127 Add upgrade and remove to pkg-message. PR: 292754

net-p2p/sonarr: Add dynamic object dependency mapping for sqlite3 Added the libmap.d file. Same was already done for net-p2p/prowlarr and net-p2p/lidarr. This will make sonarr work with sqlite3 again (postgresql was/is not affected). PR: 292745

net-p2p/radarr: Add dynamic object dependency mapping for sqlite3 Added the libmap.d file. The same patch was already added to net-p2p/prowlarr and net-p2p/lidarr and there it works good. PR: 292640

graphics/p5-Image-ExifTool-devel: Update 13.45 => 13.46 ChangeLog: https://exiftool.org/history.html PR: 292741

net/fb303: update 2026.01.19.00 → 2026.01.26.00

devel/fatal: update 2026.01.19.00 → 2026.01.26.00

www/proxygen: update 2026.01.19.00 → 2026.01.26.00

net/mvfst: update 2026.01.19.00 → 2026.01.26.00

devel/fbthrift: update 2026.01.19.00 → 2026.01.26.00

net/wangle: update 2026.01.19.00 → 2026.01.26.00

security/fizz: update 2026.01.19.00 → 2026.01.26.00

devel/folly: update 2026.01.19.00 → 2026.01.26.00

devel/py-pathspec: update to 1.0.4 Changes: https://github.com/cpburnz/python-pathspec/blob/v1.0.4/CHANGES_1.in.rst Reported by: repology

mail/mutt: Update 2.2.16 => 2.3.0 Release Notes: http://www.mutt.org/relnotes/2.3/ - Cleanup with CATEGORIES. - Use correct install location (PREFIX) post-stage. PR: 292719

emulators/wine-devel: Update 11.0 => 11.1 Changelog: - Various changes that were deferred during code freeze. - More pixel format conversions in WindowsCodecs. - More work on ActiveX Data Objects (MSADO). - Various bug fixes. https://gitlab.winehq.org/wine/wine/-/releases/wine-11.1 Make the port flavors for the audio backends: - default -> ALSA and OSS options are enabled by default; - allaudio -> ALSA, OSS and PULSEAUDIO options are enabled by default. PR: 292744

multimedia/avidemux: Fix build after b57d881bb6e9 Similar to f98927e2db26, mark NVDEC option BROKEN. I'm fighting all of my urges to not relegate this to the pile since there is still upstream activity [1] with promises of newer FFMpeg and Qt6 support, but with no release since 2022, this is a *really* slow burn. [1] https://github.com/mean00/avidemux2 Reported by: pkg-fallout MFH: 2026Q1

cad/librecad: Update to 2.2.1.3 Add repo URL to WWW for maintainer convenience. https://github.com/LibreCAD/LibreCAD/releases/tag/v2.2.1.3

textproc/p5-Spreadsheet-Read: update to 0.95

www/webkit2-gtk: note libsoup 2 support sunsetting and scheduled removal

textproc/libxml2: really update to 2.15.1 Changelog: https://gitlab.gnome.org/GNOME/libxml2/-/blob/2.15/NEWS Notably, all documentation generation requires a circular dependency on textproc/libxslt. While the API documentation, in HTML, lives on the upstream site [0], the man pages are now pre-rendered manually. Also includes an upstream commit addressing unsafe pointer usage in XPath, leading to security bugs in consumers like libxslt (CVE-2025-10911). [1] Mark the -python child port DEPRECATED without expiration date since upstream has not provided a firm one yet, particularly the release schedule for the next major version 2.16. [0] https://gnome.pages.gitlab.gnome.org/libxml2/html/index.html [1] https://gitlab.gnome.org/GNOME/libxml2/-/commit/0e50b31902cdb1eb242eb361c123e9e033b2af87 Event: Snowstorm Special January 2026 With hat: desktop PR: 291316

Revert "textproc/libxml2*: update to 2.15.1, split -core" The design of this update was repeatedly rejected in the linked PR with a prescribed different design. This commit is therefore unauthorised. This reverts commit 099bd713e09ebdd02d73fde770c50706f980404f. With hat: desktop (textproc/libxml2), gnome (USES=gnome) PR: 291316

editors/neovim: Update to 0.11.6

net/amnezia-kmod: [maintainer update] v2.0.10 - fix build on FreeBSD-16-CURRENT >= 1600011 - fix build on FreeBSD-13-stable PR: 292742

sysutils/py-ansible-core*: Update py-wheel dependency as in ports Update the pyproject.toml file to accept the py-wheel provided by ports. PR: 292723

devel/ruby-build: Update to 20260121 Changes: https://github.com/rbenv/ruby-build/releases/tag/v20260121

www/filebrowser-quantum: Mark BROKEN on i386 Cannot use int64(off) (value of type int64) as int32 value in assignment. Reported by: pkg-fallout

www/squid: Update 7.3 => 7.4 Changelog: https://github.com/squid-cache/squid/releases/tag/SQUID_7_4 - Rework GSSAPI option a bit to make them more reliable. - Update files/patch-configure to follow upstream changes. - Split post-install - create post-install-*-on. PR: 292732

sysutils/watchcat: watchcat combines good things about watch and cat Watchcat is a command-line tool that combines the functionalities of the 'watch' and 'cat' commands. It allows users to monitor the output of a command by executing it repeatedly at specified intervals or to watch a file for changes and display its contents when modified. Differential Revision: https://reviews.freebsd.org/D54863

textproc/xxdiff: update to g20251107 Changelog: https://github.com/blais/xxdiff/commits/4013bd5968140dbd82c930edf8744a00b6e9255d

archivers/extract-xiso: Create, modify, and extract XISOs Extract-iso is a command line utility created by in to allow the creation, modification, and extraction of XISOs. Currently being maintained and modernized by the XboxDev organization. WWW: https://github.com/XboxDev/extract-xiso/ Requested by: codytherudeguy@tutamail.com

editors/imhex: fix build on armv7, enable on 32 bit architectures Seems like int128_t is no longer required. Approved by: portmgr (build fix blanket) MFH: 2026Q1

sysutils/nix: fix build on armv7 and powerpc* No libatomic on FreeBSD. Also move manuals to PORTDOCS, the file names seem to be somewhat architecture-dependent. Approved by: portmgr (build fix blanket) MFH: 2026Q1

audio/qmidiarp: fix build on non-x86 The options -msse, -msse2, and -mfpmath=sse only apply to x86 targets. They are the default on amd64, so only set them on i386. Approved by: portmgr (build fix blanket) MFH: 2026Q1

devel/fnc: unbundle sqlite3 PR: 290972 Approved by: ashish (maintainer) MFH: 2026Q1

x11-servers/xlibre-server: fix build on armv7 This ensures USE_DEV_IO=1 is set on armv7. See also: b632464b29fc330113280495ef76d0f825058ae8 Approved by: portmgr (build fix blanket) MFH: 2026Q1

science/ttk: chase Paraview 6.0.1 Patch taken from upstream: see https://github.com/topology-tool-kit/ttk/pull/1113

science/paraview: upgrade to 6.0.1 Releases notes at https://www.kitware.com/paraview-6-0-0-release-notes/ and https://www.kitware.com/paraview-6-0-1-release-notes/ Also switch from MPICH to OpenMPI, to be consistent with VTK.

devel/py-loguru: drop maintainership

www/py-flask-restx: update to 1.3.2 Changes: https://github.com/python-restx/flask-restx/releases/tag/1.3.2 Reported by: GitHub (watch releases)

x11-fonts/fcft: update to 3.3.3 Changes: https://codeberg.org/dnkl/fcft/releases/tag/3.3.3 Reported by: Repology

textproc/meld: fix LICENSE License is GPLv2+. PR: 260552 Reported by: Olivier Duchateau <duchateau.olivier@gmail.com>

accessibility/accerciser: update to 3.48.0 Update accerciser to version 3.48.0. Trim USE_GNOME=. (truckman) PR: 290511

archivers/file-roller: update to 44.6 Update file-roller to version 44.6. Trim LIB_DEPENDS. (truckman) PR: 290387

x11-fm/nautilus-python: update to 4.1.0 Update nautilus-python to version to 4.1.0. PR: 290017

x11-fm/nautilus: Update to 47.6 Update to nautilus to 47.6. PR: 289644

x11-wm/metacity: Update to 3.58.1 PR: 289883

x11/slurp: update to 1.6.0 Changes: https://github.com/emersion/slurp/releases/tag/v1.6.0 Reported by: GitHub (watch releases)

x11/swaylock-plugin: update to 1.8.5 Changes: https://github.com/mstoeckl/swaylock-plugin/releases/tag/v1.8.5 Reported by: GitHub (watch releases)

textproc/libxml2*: update to 2.15.1, split -core libxml2 now requires xsltproc from libxslt to build, yet libxslt depends on libxml2, so we need to break a dependency cycle. documentation needed to be split out to a separate port. libxml2 has therefore been split into two ports, * libxml2 builds the documentation (unless disabled), * library and executables in libxml2-core. Pull in one contributor patch suggested by the former libxml2 maintainer to address one downstream security issue in recent libxslt versions. This should address arrowd@'s hint that installing libxml2 should provide a full-featured package. While here, deprecate libxml2-python according to upstream plans, we have very few users in the ports tree, and expire end of 2026Q1. PR: 291316

textproc/libxslt: security update to 1.1.45 PR: 289213

net-mgmt/bgpuma: Bump after update net/libbgpdump, improve port - Replace PORTVERSION with DISTVERSION. - Improve LICENSE section. - Use USES=localbase instead of CFLAGS and LDFLAGS. - Remove GNU_CONFIGURE_MANPREFIX - this is default value. PR: 272484 Approved by: pi (maintainer)

net/libbgpdump: Update 1.6.0 => 1.6.2, improve port Changelog: https://github.com/RIPE-NCC/bgpdump/blob/v1.6.2/ChangeLog - Replace PORTVERSION with DISTVERSION. - Switch upstream to GitHub. - Add LICENSE_FILE. - Fix warnings from portclippy. - Add soname. - Use INSTALL_LIB instead of INSTALL_DATA+STRIP_CMD for libs. - Optimize includes installation. - Install include/bgpdump_mstream.h. - Move docs and examples installation to do-install-DOCS-on and do-install-EXAMPLES-on. - Parametrize libbgpdump with PORTNAME. PR: 272484 Approved by: mjl@luckie.org.nz (maintainer)