11:35 Gleb Popov (arrowd) 

• x11/plasma6-layer-shell-qt 6.4.3_1 Qt component to allow applications to make use of the Wayland wl-layer-shell protocol

x11/plasma6-layer-shell-qt: Fix crash when right-clicking the desktop

Tested by:	makc, Kenneth Raplee <kenrap@kennethraplee.com>
Pull Request:	https://github.com/freebsd/freebsd-ports/pull/431

(cherry picked from commit 4b46b47d31da8d6b6d87bd27903b2d8056a53b22)

    abf927d

11:35 Gleb Popov (arrowd) 

• graphics/qt6-wayland 6.9.1_1 Qt6 wrapper for Wayland

graphics/qt6-wayland: Add patch to fix crashes of Plasma-on-Wayland when
right-clicking the desktop

Tested by:	makc, Kenneth Raplee <kenrap@kennethraplee.com>
Pull Request:	https://github.com/freebsd/freebsd-ports/pull/431

(cherry picked from commit 6298df5c8c1fcc6db0e93613a86c579d63f6273c)

    71a45c9

10:51 Vladimir Druzenko (vvd)  Author: Martin Filla

• www/librewolf 141.0 Custom version of Firefox, focused on privacy, security and freedom

www/librewolf: Update 140.0.4-1 => 141.0-1

Changelog:
https://www.mozilla.org/en-US/firefox/141.0/releasenotes/

A lot of CVEs fixed:
https://www.mozilla.org/en-US/security/advisories/mfsa2025-56/

PR:	288504
MFH:	2025Q3
(cherry picked from commit ac4d58b5a2f7202e974b07c9d8c1e0f5ebc24d3c)

    f261600

10:43 Vladimir Druzenko (vvd) 

• mail/simscan 1.4.6.2 Fast Content/Anti-virus Scanner for qmail Written in C

mail/simscan: Update 1.4.0 => 1.4.6.2, set maintainer

Upstream changed:
https://notes.sagredo.eu/en/qmail-notes-185/installing-and-configuring-simscan-38.html

Changelogs:
https://github.com/sagredo-dev/simscan/blob/v1.4.6.2/ChangeLog

Improve port:
- Fix USERS/GROUPS.
- Fix dirs permissions in pkg-plist.
- Fix warnings from portclippy.
- Remove upstreamed patch.

PR:		287915
Co-authored-by:	Bedreddin Sahbaz <bedreddinsahbaz@gmail.com> (new maintainer)
MFH:		2025Q3
(cherry picked from commit 785d62cc22d10205d1a8ff4830b1cd39d2ce2ad5)

    a688127

10:40 Yasuhiro Kimura (yasu) 

• lang/ruby33 3.3.9,1 Object-oriented interpreted scripting language
• Mk/Uses/ruby.mk

lang/ruby33: Update to 3.3.9

ReleaseNotes:	https://www.ruby-lang.org/en/news/2025/07/24/ruby-3-3-9-released/
PR:		288445
Exp-run by:	antoine
MFH:		2025Q3
Security:	eed1a411-699b-11f0-91fe-000c295725e4

(cherry picked from commit 83c84158924477237b13a917a6dba541286cee63)

    cfb6e72

02:55 Adam Weinberger (adamw) 

• editors/vim 9.1.1401_1 Improved version of the vi editor (console flavor)

editors/vim: Bump PORTREVISION for previous commit

PR:		288515
(cherry picked from commit f120a943d61f224c245cba661af216aa89a7142a)

    4dffd36

02:49 Adam Weinberger (adamw)  Author: Yusuf Yaman

• editors/vim 9.1.1401 Improved version of the vi editor (console flavor)

editors/vim: Pull in gnome.mk's gdkpixhufextra to fix runtime warnings

Non-fatal console warnings were generated when running vim-gtk3 and 2.
This is due to certain loadable modules moving from gdk-pixhuf to
gdk-pixbuf-extras.

See
https://forums.freebsd.org/threads/gvim-messages-gdkpixbuf-warning-and-glib-gobject-critical.98679/
PR:		Yusuf Yaman
Reported by:	thierry, in the above FreeBSD Forums post
MFH:		2025Q3

(cherry picked from commit 4ff220b80cf4286245553213313790f14d3220a2)

    1cc47ae

01:00 Jan Beich (jbeich) 

• net/neatvnc 0.9.5 Liberally licensed VNC server library

net/neatvnc: update to 0.9.5

Changes:	https://github.com/any1/neatvnc/releases/tag/v0.9.5
Reported by:	GitHub (watch releases)

(cherry picked from commit 5dd962c3245dd5ad4a86843ff426893673db7d71)

    d77ee19

20:22 Zsolt Udvari (uzsolt) 

• x11/workrave 1.10.50_4 RSI prevention tool (default flavor)

x11/workrave: Fix license file

Add libxml2 gnome component.

PR:		286810
Reported by:	fuz

(cherry picked from commit 81b9d773415a58f47eb7a585e7efb59f62dfc095)

    caf251e

19:53 Christoph Moench-Tegeder (cmt) 

• Mk/bsd.gecko.mk

bsd.gecko.mk: fix merge error

from resolving conflicts in b76ea50e4f when merging 6a939a7aab.
direct commit as only branch is affected

    e55e46b

16:29 Vladimir Druzenko (vvd)  Author: Martin Filla

• www/librewolf 140.0.4_1 Custom version of Firefox, focused on privacy, security and freedom
• www/tor-browser 14.5.5_1 Tor Browser for FreeBSD
• www/waterfox 6.6.0.b.3_1,1 Distilled fork of Firefox

www/{librewolf,tor-browser,waterfox}: Fix runtime on arm64 (gecko-based ports)

Reports of crashes on arm64 with aslr enabled.

PR:	271081 288512 288516 288504
MFH:	2025Q3
(cherry picked from commit 9add38eb0b0e4972b3316966c46a6666dd0d36c8)

    f8dec8a

11:41 Renato Botelho (garga) 

• security/sudo 1.9.17p2 Allow others to run commands as root

security/sudo: Update to 1.9.17p2

Sponsored by:	Rubicon Communications, LLC ("Netgate")

(cherry picked from commit 42e309b939913a585ecbe4b360bb76fbf8dfb208)

    f6f6527

22:02 Vladimir Druzenko (vvd) 

• net/freerdp 2.11.7_4 Free implementation of Remote Desktop Protocol
• net/freerdp3 3.16.0_1 Free implementation of Remote Desktop Protocol

net/freerdp{,3}: Bump after update multimedia/openh264 in dc94e017da77: SONAME
changed

MFH:	2025Q3
(cherry picked from commit e447cd0c37d71bd5b55ee01650ffa27c86eed3eb)

    17f4047

21:43 Christoph Moench-Tegeder (cmt) 

• Mk/bsd.gecko.mk

bsd.gecko.mk: fix style

this fixes an oversight in the last commit

(cherry picked from commit c38ba1af858b8bf16c39c3773aabf5913efcd9d0)

    cd95cdc

21:41 Christoph Moench-Tegeder (cmt) 

• Mk/bsd.gecko.mk

www/firefox{,-esr} mail/thunderbird{-esr}: try to build on i386

the default nodejs port will go spinning and eventually time out
the build, but using a newer nodejs seems to at least finish
the build

(cherry picked from commit 6a939a7aabe3edf25cf125741d72d0f6484aaccd)

    b76ea50

21:36 Christoph Moench-Tegeder (cmt) 

• mail/thunderbird 141.0_3 Mozilla Thunderbird is standalone mail and news that stands above
• mail/thunderbird-esr 140.1.0_1 Mozilla Thunderbird is standalone mail and news that stands above
• www/firefox 141.0_2,2 Web browser based on the browser portion of Mozilla
• www/firefox-esr 140.1.0_1,1 Web browser based on the browser portion of Mozilla

www/firefox{,-esr} mail/thunderbird{-esr}: fix runtime on arm64

reports of crashes on arm64 with aslr enabled.

PR:		271081
Reported by: markj@

(cherry picked from commit c0f77d931c522aac38cef997652826967e451bea)

    f74e339

20:24 Matthias Andree (mandree) 

• multimedia/gmp-api 135 Gecko Media Plugins API extracted from Firefox

multimedia/gmp-api: update to Firefox135 release

This was released on 2023-04-17 and is a requisite for updating
OpenH264.

Changelog: "Updates to enable features in OpenH264 for improved decoding
performance." <https://github.com/mozilla/gmp-api/releases/tag/Firefox135>

PR:		288375
Approved by:	ports-secteam@ (fernape@)
MFH:		2025Q3

(cherry picked from commit 6fd0a862e138027fbadf525d4b28f15955d12d14)

    124a755

20:24 Matthias Andree (mandree) 

• multimedia/openh264 2.6.0,2 Cisco implementation of H.264 codec

multimedia/openh264: security update to v2.6.0

This includes a security fix:
"- Fix potential bug in the codebase (Commit: 63db555e, PR: #3818)"
which the 2.5.1 release described as
"Fix decoder heap overflow vulnerability".
<https://github.com/cisco/openh264/releases>

But due to the other fixes, let's move to 2.6.0 right away.
Requires gmp-api (GeckoMediaPlayer) API update to Firefox 135 to build.

Changelog:	https://github.com/cisco/openh264/blob/openh264v2.6.0/RELEASES#L4
Security:	03ba1cdd-4faf-11f0-af06-00a098b42aeb
Security:	CVE-2025-27091
PR:		288375
Approved by:	ports-secteam@ (fernape@)
MFH:		2025Q3 (needs gmp-api update)

(cherry picked from commit dc94e017da770b37aeb0463f81dcdcbb64098223)

    b495a31

18:46 Craig Leres (leres) 

• security/zeek 7.0.9 System for detecting network intruders in real-time

security/zeek: Update to 7.0.9

This release fixes the following potential DoS vulnerability:

 - Very large log records can cause Zeek to overflow memory and
   potentially crash.

This release fixes the following bugs:

 - The response to BDAT LAST was never recognized by the SMTP
   analyzer, resulting in the BDAT LAST commands not being logged
   in a timely fashion and receiving the wrong status.

 - The ZeekJS submodule was updated to v0.18.0.

Reported by:    Tim Wojtulewicz

(cherry picked from commit fc9a1d520fccca0072e32e392d1cfff2cb6a3365)

    9ccbc7e

18:46 Craig Leres (leres) 

• security/zeek 7.0.8_1 System for detecting network intruders in real-time

security/zeek: Fix PERFTOOLS_RUN_DEPENDS

Build depends should be executables or shared libraries, not include
files.

Reported by:    Gleb Popov

(cherry picked from commit b3cca781ad7fcc93a528d3d3f78462b8e7bf53fe)

    a37670a

18:46 Craig Leres (leres) 

• security/zeek 7.0.8_1 System for detecting network intruders in real-time

security/zeek: Unbreak PERFTOOLS

Apparently the pprof has been provided by the devel/pprof port for
quite awhile. Since PERFTOOLS is off by default this wasn't noticed
until reported by Andrea Venturoli.

Reported by:    Andrea Venturoli

(cherry picked from commit e0559cfd0cdebe8fb98a1f46b5a183539e9ee569)

    d6e3363

06:34 Thomas Zander (riggs) 

• net/traefik 3.4.5 High availability reverse proxy and load balancer

net/traefik: Update to upstream release 3.4.5

Details:
- Bugfix release, see
  https://github.com/traefik/traefik/releases/tag/v3.4.5

MFH:		2025Q3
(cherry picked from commit b847444f0344f1b611b3ca65b3dcdd93a379610f)

    3f5d50e

23:58 Jan Beich (jbeich) 

• games/veloren-weekly s20250726 Multiplayer voxel RPG written in Rust (weekly snapshot)

games/veloren-weekly: update to s20250726

Changes:	https://gitlab.com/veloren/veloren/-/compare/9d18d62328...8e02bae8f3
(cherry picked from commit 7bd354e8b0b55675eba0da1f13eb4db4e623761b)

    a549283

23:43 Dave Cottlehuber (dch) 

• www/go-anubis 1.21.3 Anti-scraper web proxy using browser-based proof-of-work challenges

www/go-anubis: update to 1.21.3

- https://github.com/TecharoHQ/anubis/releases/tag/v1.21.3

Security:	https://github.com/TecharoHQ/anubis/security/advisories/GHSA-jhjj-2g64-px7c
Reported by:	Xe Iaso <xe.iaso@techaro.lol>
Sponsored by:	SkunkWerks, GmbH

(cherry picked from commit 339675184ad8f9e12f55ff47871b503c7513dcbd)

    d230fb4

23:31 Vladimir Druzenko (vvd)  Author: Martin Filla

• www/waterfox 6.6.0.b.3,1 Distilled fork of Firefox

www/waterfox: Upstream silently replace distfiles

No functional changes - full diff is:
---
waterfox-6.6.0-beta-3.old/testing/web-platform/tests/tools/third_party/attrs/.git_archival.txt
+++
waterfox-6.6.0-beta-3/testing/web-platform/tests/tools/third_party/attrs/.git_archival.txt
@@ -1,4 +1,4 @@
 node: a5bcba70a19f96ddb5e29ee0229f2324dab364ab
 node-date: 2025-07-24T17:43:44+01:00
 describe-name: 6.6.0-beta-3
-ref-names: tag: 6.6.0-beta-3, future
+ref-names: tag: 6.6.0-beta-3

PR:	288470
MFH:	2025Q3
(cherry picked from commit b3542651e0604a142be8407db2e064d992388889)

    6f0005b

16:24 Jan Beich (jbeich) 

• x11/wdisplays 1.1.3 GUI display configurator for wlroots compositors

x11/wdisplays: update to 1.1.3

Changes:	https://github.com/artizirk/wdisplays/releases/tag/1.1.2
Changes:	https://github.com/artizirk/wdisplays/releases/tag/1.1.3
Reported by:	GitHub (watch releases)

(cherry picked from commit 21d8bbe1107f726c565facc2a376c3725919e9dd)

    70fa80b

16:07 Rainer Hurling (rhurlin) 

• databases/postgis-jdbc 2.1.7 PostGIS spatial data structures for JDBC

databases/postgis-jdbc: Fix install data path

Package builders complain about an error in staging:
install  -m 0644 /portdistfilespostgis-jdbc-2.1.7.jar
/wrkdirs/usr/ports/databases/postgis-jdbc/work/stage/usr/local/share/java/classes
install: /portdistfilespostgis-jdbc-2.1.7.jar: No such file or directory

Don't know, why this worked before for such a long time ...

While here, pet portlint for PLIST_FILES.

Reported by:	pkg-fallout
MFH:		2025Q3

(cherry picked from commit 5bb197ad1bbe48584d8b7c0971e8284425447ef7)

    3a65cda

13:17 Ashish SHUKLA (ashish) 

• security/tailscale 1.86.0 Mesh VPN that makes it easy to connect your devices

security/tailscale: Update to 1.86.0

MFH:		2025Q3
(cherry picked from commit 855d1cd34f85625936ff12c32b5608be7fa6651c)

    a08c6c2

09:39 Kai Knoblich (kai) 

• security/py-social-auth-core 4.7.0 Social authentication/registration mechanism for several frameworks

security/py-social-auth-core: Update to 4.7.0

Changelog:

https://github.com/python-social-auth/social-core/releases/tag/4.7.0

PR:		288347
Approved by:	ultima (maintainer)
MFH:		2025Q3

(cherry picked from commit 00a71ae5deb3fd6b9457005e9e46dd671e556a55)

    0bd5216

22:03 Yasuhiro Kimura (yasu) 

• lang/ruby32 3.2.9,1 Object-oriented interpreted scripting language
• Mk/Uses/ruby.mk

lang/ruby32: Update to 3.2.9

ReleaseNotes:	https://www.ruby-lang.org/en/news/2025/07/24/ruby-3-2-9-released/
MFH:		2025Q3
Security:	eed1a411-699b-11f0-91fe-000c295725e4
(cherry picked from commit b578eb6c9288ddb05281275602487c4f01ab4e61)

    084ba03

22:02 Yasuhiro Kimura (yasu) 

• lang/ruby34 3.4.5,1 Object-oriented interpreted scripting language
• Mk/Uses/ruby.mk

lang/ruby34: Update to 3.4.5

ReleaseNotes:	https://www.ruby-lang.org/en/news/2025/07/15/ruby-3-4-5-released/
(cherry picked from commit c1ddbe3840f457c8e628a022cf2defde3be5b4d5)

    54fc751

15:23 Vladimir Druzenko (vvd)  Author: Oleksandr Kryvulia

• net/asterisk20 20.15.0 Open Source PBX and telephony toolkit

net/asterisk20: Update 20.14.1 → 20.15.0 (security fix)

GHSA-c7p6-7mvq-8jq2: cli_permissions.conf: deny option does not work
for disallowing shell commands

Change Log:
https://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-20.15.0.html

PR:		288429
Security:	GHSA-c7p6-7mvq-8jq2
Sponsored by:	FLEX-IT LLC
MFH:		2025Q3

(cherry picked from commit 95ebee717d8fdb0db2ac28b8e65d713f81a75052)

    612a048

15:23 Vladimir Druzenko (vvd)  Author: Oleksandr Kryvulia

• net/asterisk22 22.5.0 Open Source PBX and telephony toolkit

net/asterisk22: Update 22.4.1 → 22.5.0 (security fix)

GHSA-c7p6-7mvq-8jq2: cli_permissions.conf: deny option does not work
for disallowing shell commands

Change Log:
https://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-22.5.0.html

PR:		288430
Security:	GHSA-c7p6-7mvq-8jq2
Sponsored by:	FLEX-IT LLC
MFH:		2025Q3

(cherry picked from commit 0d8134c5e637f11f9c66fdef69a40f74af445cad)

    7bc0581

14:11 Vladimir Druzenko (vvd)  Author: Mamadou Babaei

• www/nift 3.0.3_2 Cross-platform open source website generator

www/nift: Fix build

- Fix build:
In file included from Expr.cpp:1:
In file included from ./Expr.h:8:
./exprtk/exprtk.h:6343:49: error: a template argument list is expected after a
name prefixed by the template keyword
[-Wmissing-template-arg-list-after-template-kw]
 6343 |             expression_node<T>::ndb_t::template collect(branch_,
node_delete_list);
      |                                                 ^
Upstream pull request: https://github.com/nifty-site-manager/nsm/pull/38

- Fix bug:
nsm.cpp:1455:20: warning: overlapping comparisons always evaluate to false
[-Wtautological-overlap-compare]
 1455 |                         if(noParams < 2 && noParams > 5)
      |                            ~~~~~~~~~~~~~^~~~~~~~~~~~~~~
1 warning generated.
Upstream pull request: https://github.com/nifty-site-manager/nsm/pull/39

- Make the choice of Lua implementation more intuitive.
- Run the strip command once for all binaries.

PR:		288379
MFH:		2025Q3
Co-authored-by:	Vladimir Druzenko <vvd@FreeBSD.org>
(cherry picked from commit dbade9f054efe783b74f6de1052da4f6964e984a)

    ca4e07a

12:14 Vladimir Druzenko (vvd)  Author: Martin Filla

• www/waterfox 6.6.0.b.3,1 Distilled fork of Firefox

www/waterfox: 6.6.0-beta-2 => 6.6.0-beta-3

Changes:
https://www.waterfox.net/docs/releases/6.6.0-beta-3/

PR:	288427
MFH:	2025Q3
(cherry picked from commit bda9abe973d4bbf2175a60ca92443103d1a202c4)

    0007889

07:16 Xin LI (delphij) 

• net/openldap25-server 2.5.20 Open source LDAP server implementation
• net/openldap26-server 2.6.10 Open source LDAP server implementation

net/openldap2[56]-server: Do not build SMBPWD overlay on FreeBSD 15.

The overlay is contributed code and requires Heimdal Kerberos 5.

PR:		ports/288368
(cherry picked from commit d4c65d595d624f3e183fb550f3a7c2ebe5b32b22)

    dbf946a

01:18 Koichiro Iwao (meta) 

• devel/ruby-build 20250724 Compile and install different ruby versions

devel/ruby-build: Update to 20250724

Changes:	https://github.com/rbenv/ruby-build/releases/tag/v20250724
(cherry picked from commit 3fc7ea7cb2f754baa51e7c57a935b708d1cb439f)

    cdf1542

20:39 Li-Wen Hsu (lwhsu)  Author: Koichiro Iwao

• Mk/bsd.sites.mk

Mk/bsd.sites.mk: Retire KDDI Research public FTP server

The annoucement page [1] will be available until August 15, 2025. See
also the article "History of KDDI Research's Public FTP Server" [2] for
the history and behind-the-scenes.

[1] https://ftp.kddilabs.jp/
[2] https://tech-note.kddi.com/n/n9a93ac6d5051

PR:		288399
(cherry picked from commit 5a115df579ac7d1a9f9d607d876da29a3e1d397d)

    4b97ff7

17:46 Bryan Drewery (bdrewery) 

• ports-mgmt/poudriere 3.4.3 Port build and test system

ports-mgmt/poudriere: Update to 3.4.3

Changes: https://github.com/freebsd/poudriere/wiki/release_notes_343

PR:	247448
PR:	279911
(cherry picked from commit dab9b37f2940c0abc10569d79396c7958931d1e8)

    233076f4

17:46 Bryan Drewery (bdrewery) 

• ports-mgmt/poudriere-devel 3.4.99.20250724 Port build and test system

ports-mgmt/poudriere-devel: Update to 3.3.0-1975-g544d112e9

Changes:
- Fixes build with bmake-20250630

(cherry picked from commit d6d6c4bd81c57d9c6c083c9bedd3c181158e090e)

    2730445

15:59 Po-Chuan Hsieh (sunpoet) 

• www/node24 24.4.1 V8 JavaScript for client and server

www/node24: Update to 24.4.1

Changes:	https://github.com/nodejs/node/releases
		https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V24.md
Security:	CVE-2025-27210
(cherry picked from commit f81b613d48ae6465f1aca9dfef1279072cc2ec27)

    1e902c6

15:59 Po-Chuan Hsieh (sunpoet) 

• www/node24 24.4.0 V8 JavaScript for client and server

www/node24: Update to 24.4.0

Changes:	https://github.com/nodejs/node/releases
		https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V24.md
(cherry picked from commit 1baad650558f06580cdb804804b8e5795249a4f2)

    1d7be69

15:59 Po-Chuan Hsieh (sunpoet) 

• www/node22 22.17.1 V8 JavaScript for client and server

www/node22: Update to 22.17.1

Changes:	https://github.com/nodejs/node/releases
		https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V22.md
Security:	CVE-2025-27210
(cherry picked from commit 138a99532964cc3b8fb699cac1d8d700a4a92c62)

    5404033

15:59 Po-Chuan Hsieh (sunpoet) 

• www/node20 20.19.4 V8 JavaScript for client and server

www/node20: Update to 20.19.4

Changes:	https://github.com/nodejs/node/releases
		https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V20.md
Security:	CVE-2025-27210
(cherry picked from commit 449e6063e6f7028e041aa662636b9eb9a7ec7784)

    045f91b

15:53 Po-Chuan Hsieh (sunpoet) 

• graphics/qb3 1.3.2_1 Extremely Fast Lossless Image Compression

graphics/qb3: Fix build on i386

- Bump PORTREVISION for package change

Reference:	https://pkg-status.freebsd.org/beefy21/data/142i386-default/8b06c03ce600/logs/qb3-1.3.2.log
(cherry picked from commit 33d606993423e1965128059a153a088a4f45b04c)

    9122886

15:53 Po-Chuan Hsieh (sunpoet) 

• sysutils/ncdu2 2.8.2 NCurses Disk Usage (stable version written in Zig)

sysutils/ncdu2: Update to 2.8.2

Changes:	https://dev.yorhel.nl/ncdu/changes2
		https://code.blicky.net/yorhel/ncdu/src/branch/zig/ChangeLog
(cherry picked from commit 197270bfa9c4c9fb4e5c6d987dab53d4ccd5e646)

    48a65d0

15:43 Sergey A. Osokin (osa) 

• graphics/gdk-pixbuf2 2.42.12_2 Graphic library for GTK

graphics/gdk-pixbuf2: fix security issue (+)

jpeg: Be more careful with chunked icc data

Bump PORTREVISION.

PR:		288419
Approved by:	gleb (desktop team, maintainer)
Security:	CVE-2025-7345

(cherry picked from commit b0b2fe95b75a94d225b0b919ad03c9fece6eab29)

    c97bf63

13:45 Matthias Fechner (mfechner)  Author: John Hein

• sysutils/vagrant 2.4.1 Vagrant Virtual Machine Manager

sysutils/vagrant: update to 2.4.1

unbreak build with default ruby 3.3.

Changes:	https://github.com/hashicorp/vagrant/blob/v2.4.1/CHANGELOG.md

PR:		288335
(cherry picked from commit a3257029a75010ef60657888bcff20974223e72d)

    1213025

13:45 Matthias Fechner (mfechner) 

• devel/rubygem-childprocess-gitlab 5.1.0 External background process controller
• devel/rubygem-excon1-gitlab 1.2.7 Extended http(s) Connections Library
• sysutils/rubygem-vagrant_cloud-gitlab 3.1.3 Ruby library for the HashiCorp Vagrant Cloud API
• devel/Makefile
• sysutils/Makefile

www/gitlab: new ports for compatibility with vagrant

PR:		287926
(cherry picked from commit 69bffd72c2037b86195994015323ad52abb3a7fe)

    8126266

13:45 Matthias Fechner (mfechner) 

• devel/gitaly 18.2.1 Smart reverse proxy for GitLab
• net/gitlab-agent 18.2.1 GitLab kubernetes agent
• net/rubygem-gitaly 18.2.1 Auto-generated gRPC client for gitaly
• net/rubygem-gitlab-kas-grpc 18.2.1 Auto-generated gRPC client for KAS
• www/gitlab 18.2.1 Web GUI for managing git repositories
• www/gitlab-pages 18.2.1 Official GitLab Pages daemon
• www/gitlab-workhorse 18.2.1 Smart reverse proxy for GitLab

www/gitlab: security and patch update to 18.2.1

Changes:	https://about.gitlab.com/releases/2025/07/23/patch-release-gitlab-18-2-1-released/
Security:	5683b3a7-683d-11f0-966e-2cf05da270f3
(cherry picked from commit 30b34b77af0a3e6af8d0ba302c68605f425f3ae7)

    08a090a

13:31 Hiroki Tagato (tagattie)  Author: Ralf van der Enden

• dns/powerdns-recursor 5.2.4 Advanced DNS recursor

dns/powerdns-recursor: update to 5.2.4 - fixes CVE-2025-30192

Changelog: https://doc.powerdns.com/recursor/changelog/5.2.html#change-5.2.4

PR:		288384
Reported by:	Ralf van der Enden <tremere@cainites.net> (maintainer)
MFH:		2025Q3
Security:	b3948bf3-685e-11f0-bff5-6805ca2fa271

(cherry picked from commit 21e7b53e21d0eae0d8c8e1d63ccc64c1e58a22fa)

    9b1ada6

11:18 Vladimir Druzenko (vvd)  Author: Martin Filla

• www/tor-browser 14.5.5 Tor Browser for FreeBSD

www/tor-browser: Update 14.5.4 => 14.5.5

Changelog:
https://blog.torproject.org/new-release-tor-browser-1455/

PR:	288410
MFH:	2025Q3
(cherry picked from commit d863f7471b04fa235aea955653bdc891c1317264)

    50d3d75

00:59 Jan Beich (jbeich) 

• games/veloren-weekly s20250723 Multiplayer voxel RPG written in Rust (weekly snapshot)

games/veloren-weekly: update to s20250723

Changes:	https://gitlab.com/veloren/veloren/-/compare/058a217934...9d18d62328
(cherry picked from commit 0cd2c078c1e4ff6c5d3fd0a944327cd649a85c94)

    740b0c2

08:50 Matthias Andree (mandree) 

• filesystems/e2fsprogs 1.47.3 Wrapper to install e2fsprogs into /sbin
• filesystems/e2fsprogs-core 1.47.3 Utilities & library to manipulate ext2/3/4 filesystems

filesystems/e2fsprogs*: update to v1.47.3 release

ChangeLog:	https://e2fsprogs.sourceforge.net/e2fsprogs-release.html#1.47.3

Note that the metadata (extattr and API) copying on FreeBSD does not
work as on Linux because our APIs for POSIX extended attributes is
different and e2fsprogs uses it to also copy ACLs, so we do not have
those mkfs parts in place.

MFH:		2025Q3 (after 14 days)
(cherry picked from commit e7dbea9695a77b637f6ab9ef22f72dfaa6f278c8)

    ef85dcb

07:55 Mikael Urankar (mikael)  Author: Matt Kempe

• www/onlyoffice-documentserver 9.0.3.31 Secure office and productivity apps

www/onlyoffice-documentserver: Update to 9.0.3.31

Upgrade port version to 9.0.3.31
Upgrade port to use yao-pkg 6.6.0
Upgrade port to use node 20.19.4
Fix Apple iwork file conversion error
Minor bugfixes

PR:		288374,287122

Signed-off-by: Matt Kempe <fsbruva@yahoo.com>
(cherry picked from commit 623860bda325bdeb50ce8c6af56ea007d51973b3)

    850fed3

00:14 Dan Langille (dvl) 

• devel/viewvc-devel 1.3.0.20250316_1 Web-based Version Control Repository Browsing

devel/viewvc-devel: Patch to vix known vuln

Cherry pick that one commit:

https://github.com/viewvc/viewvc/commit/beef140e4102c143185bce31b9a50f5a35d1c75c

PR:		288388
(cherry picked from commit aa6dff4fc5a2af00e680a4158040f475efbb58df)

    a2d4397

21:02 Vladimir Druzenko (vvd)  Author: yzrh

• multimedia/kodi 21.2_1 Award winning media center application

multimedia/kodi: Limit Java version - fix build if installed too new Java
version

Caught: BUG! exception in phase 'semantic analysis' in source unit
'/tmp/ports/usr/ports/multimedia/kodi/work/xbmc-21.2-Omega/tools/codegenerator/Generator.groovy'
Unsupported class file major version 68
BUG! exception in phase 'semantic analysis' in source unit
'/tmp/ports/usr/ports/multimedia/kodi/work/xbmc-21.2-Omega/tools/codegenerator/Generator.groovy'
Unsupported class file major version 68
Caused by: java.lang.IllegalArgumentException: Unsupported class file major
version 68

It is likely about Apache Groovy, which requires Java version 8-16.

PR:	287946
MFH:	2025Q3
(cherry picked from commit ea48face9fdddbe8adfe967524433685214444f9)

    a521054

18:10 Max Brazhnikov (makc) 

• audio/elisa 25.04.3_2 Audio player with QML and KDE Plasma integration

audio/elisa: add more GStreamer bits

PR:		288269
Submitted by:	Tilde Joy

(cherry picked from commit 8ee02689ee0c04ad87ea85192f37e575ca4af87d)

    97025610

16:57 Max Brazhnikov (makc) 

• devel/libphonenumber 9.0.10 Library for parsing, formatting, and validating phone numbers

devel/libphonenumber: Update to 9.0.10

(cherry picked from commit c3f7f1c9671700e6d1146e113147a86a201fa9cf)

    1e0354f

16:57 Max Brazhnikov (makc) 

• games/gcompris-qt 25.1.1 Educational games and activities for kids ages 2 to 10

games/gcompris-qt: Update to 25.1.1

(cherry picked from commit b073113aae9f90f3fb0a1b82b00c48c8b066eff4)

    5a89c66

16:57 Max Brazhnikov (makc) 

• net-im/qxmpp 1.10.4 XMPP client library based on Qt and C++

net-im/qxmpp: Update to 1.10.4

(cherry picked from commit d765e3474eae86315d2a309a868e7dec4ea7ba62)

    040c8d5

10:29 Yuri Victorovich (yuri) 

• math/vtk8 8.2.0_6 Visualization toolkit

math/vtk8: Broken on 13

Reported by:	fallout

(cherry picked from commit 99ba982d6eebae8947dfdd0a3850d37c89e2a534)

    92a737c

10:25 Yuri Victorovich (yuri) 

• cad/hs-verismith 1.1.0_1 Verilog fuzzer

cad/hs-verismith: Update USE_CABAL

This should unbreak it.

Reported by:	fallout

(cherry picked from commit 594adf8f857cf5e3619a1e0d0a9a61a016c09609)

    7a4fea4

10:20 Yuri Victorovich (yuri) 

• graphics/py-mayavi 4.8.2_5 Application and library for 3D visualization and plotting in Python

graphics/py-mayavi: Broken on i386

Reported by:	fallout

(cherry picked from commit 5c6604a66b627cbf1f009711813164376cef0d2c)

    af4f2eb

08:44 Hiroki Tagato (tagattie) 

• graphics/swappy 1.5.1_4 Snapshot editing for Wayland (a la Snappy on macOS)
• x11/nwg-bar 0.1.6_13 GTK3-based button bar for sway and other wlroots-based compositors
• x11/nwg-dock 0.4.3_6 GTK3-based dock for sway
• x11/nwg-dock-hyprland 0.4.3_6 GTK3-based dock for Hyprland
• x11/nwg-drawer 0.6.3_6 Application drawer for sway and other wlroots compositors
• x11/nwg-launchers 0.7.1.1_2 GTK-based launchers: application grid, button bar, dmenu for sway and other window managers
• x11/nwg-look 1.0.3_5 GTK settings editor adapted to work in the wlroots environment
• x11/nwg-menu 0.1.7_6 MenuStart plugin to nwg-panel, also capable of working standalone

nwg-shell-related-ports: take maintainership

MFH:		2025Q3
(cherry picked from commit ed3fde4fa4098829306ee08ac84021c88d8ff145)

    8da5e89

05:57 Kai Knoblich (kai) 

• textproc/py-ocrmypdf 16.10.4 Adds an OCR text layer to scanned PDF files

textproc/py-ocrmypdf: Update to 16.10.4

Changelog since 16.10.1:

https://github.com/ocrmypdf/OCRmyPDF/blob/v16.10.4/docs/release_notes.md

MFH:		2025Q3
(cherry picked from commit 91c3f3225792da426fff5229a137c1fb2d726be9)

    b4f22d5

17:20 Christoph Moench-Tegeder (cmt) 

• mail/thunderbird 141.0_2 Mozilla Thunderbird is standalone mail and news that stands above

mail/thunderbird: update to 141.0 (rc3)

Release Notes:
  https://www.thunderbird.net/en-US/thunderbird/141.0/releasenotes/

(cherry picked from commit e51fe05d363c85d3a398c775c1e7b4389d241756)

    964128b5

09:12 Robert Clausecker (fuz) 

• www/node24 24.3.0 V8 JavaScript for client and server

www/node24: fix build on armv7

No -latomic on FreeBSD.

Approved by:	portmgr (build fix blanket)
MFH:		2025Q3

(cherry picked from commit c13c2482f019745ff51bea6708ecf160546abcec)

    e6bd111

09:12 Robert Clausecker (fuz) 

• converters/simdutf 7.3.3 Unicode validation and transcoding with SIMD

converters/simdutf: update to 7.3.3

Changelog: https://github.com/simdutf/simdutf/releases/tag/v7.3.3

MFH:		2025Q3
(cherry picked from commit 507860762441fe76a930795407ae3c902a6d7073)

    0936a37

09:12 Robert Clausecker (fuz) 

• deskutils/remind 05.04.02 Sophisticated calendar and alarm program

deskutils/remind: update to 05.04.02

Changelog:
https://salsa.debian.org/dskoll/remind/-/blob/master/docs/WHATSNEW?ref_type=heads

MFH:		2025Q3
(cherry picked from commit 52faab0bcb9565c6ae0248ef7f979a7fc754e73b)

    e5fb4f1

09:12 Robert Clausecker (fuz) 

• editors/rehex 0.63.2 Hex editor for reverse engineering

editors/rehex: update to 0.63.2

Changelog: https://github.com/solemnwarning/rehex/releases/tag/0.63.2

MFH:		2025Q3
(cherry picked from commit a223b4e6b90d1fafddf4b354257de5ff037f868c)

    beed014

18:13 Dan Langille (dvl) 

• net-mgmt/icingaweb2-module-icingadb 1.1.3,1 Publish, synchronize, and visualize Icinga data

net-mgmt/icingaweb2-module-icingadb: Downgrade to 1.1.3,1 fixing beak

icingaweb2-module-icingadb-1.2.2 was committed just a few hours before
the branch was taken. That release needs icinga-php-library >= 0.16.1
and icinga-php-thirdparty >= 0.13.0 - it would be another two weeks
before those updates arrived. That's my fault for not noticing the
changed requirements.

An update to main will follow shortly which set PORTEPOCH there.

PR:		288298

    1604c70