| Commits from the 2025Q3 branch |
|
FreshPorts has everything you want to know about FreeBSD software, ports, packages,
applications, whatever term you want to use.
Yesterday's Commits | Main Branch
|
|
Sunday, 28 Sep 2025
|
14:31 Vladimir Druzenko (vvd)  Author: mew14930xvi 2025Q3
astro/openuniverse: Fix build on 13
ld: error: undefined symbol: ftime
>>> referenced by ou.cpp
>>> ou.o:(Idle())
>>> did you mean: ctime
>>> defined in: /lib/libc.so.7
PR: 289876
Fixes: c5f57c13a292 (Fix freeglut runtime error)
MFH: 2025Q3
(cherry picked from commit 5b59069e2331755ac47a9a0c7129ea529b46afa9)
    c0b0a6b |
12:58 Gleb Popov (arrowd) Author: Olivier Duchateau 2025Q3
x11-toolkits/pango: update to 1.56.4
Mark as TESTING_UNSAFE because one tests fails in Poudriere, but is reported
to pass outside of it.
PR: 289188
(cherry picked from commit 4d97d771962e7d0cf4e6475a43916aad7e5ed8a0)
15469f3 |
09:32 Robert Clausecker (fuz) 2025Q3
audio/surge-synthesizer-lv2: fix build on aarch64
armv7 should work, but the compiler crashes.
Approved by: portmgr (build fix blanket)
MFH: 2025Q3
Event: EuroBSDcon Devsummit 2025
(cherry picked from commit 8921bf5b397e78af405e28160173a5fe86cadb81)
577a8ee |
09:32 Robert Clausecker (fuz) 2025Q3
- audio/py-soxr 0.5.0
High quality, one-dimensional sample-rate conversion library
audio/py-soxr: fix build on armv7
Add getauxval() polyfill.
Approved by: portmgr (build fix blanket)
MFH: 2025Q3
Event: EuroBSDcon Devsummit 2025
(cherry picked from commit 714047459cb9c5f699ee77e3fae6bf0f855f59ae)
aa6b4d2 |
09:32 Robert Clausecker (fuz) 2025Q3
- graphics/pgplot 5.2.2_30
C/FORTRAN library for drawing graphs on a variety of display devices
graphics/pgplot: fix build on armv7
Same fix as for math/slatec.
Approved by: portmgr (build fix blanket)
MFH: 2025Q3
Event: EuroBSDcon Devsummit 2025
See also: f56f31e07cb64c0b183127733bc6cd6af61efea1
(cherry picked from commit e6c598af85b56623d1cfd1a2f0a340784a263fc7)
bcbf0f5 |
09:32 Robert Clausecker (fuz) 2025Q3
- devel/corrade 2020.06.1783
C++11/C++14 multiplatform utility library
devel/corrade: fix build on armv7
No ifunc support on armv7.
With thanks to jrtc27@ for pointing this out.
Approved by: portmgr (build fix blanket)
MFH: 2025Q3
(cherry picked from commit 0004f70716eb3ef561b8d2f0ba7699ebd77cd7a6)
e92113d |
09:32 Robert Clausecker (fuz) 2025Q3
devel/cpu_features: port to aarch64 and armv7
These platforms works largely the same way as Linux, so adapt the existing
Linux code path.
Approved by: portmgr (build fix blanket)
MFH: 2025Q3
(cherry picked from commit abd848c1c4182e3a1c8e7018565550e401a2cd6b)
7ff863a |
09:32 Robert Clausecker (fuz) 2025Q3
devel/libffcall: fix build on armv7
The port gets confused when compiling for ARM with no eabi to be found
in the target string. Add a FreeBSD special case to keep it happy.
Approved by: portmgr (build fix blanket)
MFH: 2025Q3
(cherry picked from commit c3d2880091d08b6860fe9a4431acb17f43391123)
1c8f5f27 |
08:05 Gleb Popov (arrowd) 2025Q3
net-p2p/cardano-db-sync: Fix distinfo after an upstream reroll
Reported by: pkg-fallout
(cherry picked from commit 5ef73b9965e09ecfd674dbba2e50a23a8a1a370e)
0fda218 |
02:46 Vladimir Druzenko (vvd) Author: Martin Filla 2025Q3
- www/librewolf 143.0.1
Custom version of Firefox, focused on privacy, security and freedom
www/librewolf: Update 143.0-1 => 143.0.1-1
Changelog:
https://www.firefox.com/en-US/firefox/143.0.1/releasenotes/
PR: 289866
MFH: 2025Q3
(cherry picked from commit d2b9f63072f3db86ddf82ccd82ac8b3e52fc74a5)
a6d1e28 |
|
Saturday, 27 Sep 2025
|
20:34 Colin Percival (cperciva) 2025Q3
misc/freebsd-release-manifests: Add 15.0-ALPHA4 MANIFEST files
Approved by: re (implicit)
Sponsored by: https://www.patreon.com/cperciva
(cherry picked from commit 2e90fd7c5085a3c584af85c33cf608f3a01da3c4)
6096ca9 |
15:27 Vladimir Druzenko (vvd) Author: mew14930xvi 2025Q3
astro/openuniverse: Fix freeglut runtime error, take maintainership
$ openuniverse
freeglut (openuniverse): ERROR: No display callback registered for window 1
PR: 289859
MFH: 2025Q3
(cherry picked from commit c5f57c13a2920628b698c5cebfa1685398c9c3ef)
c5453f6 |
|
Friday, 26 Sep 2025
|
15:37 Florian Smeets (flo) 2025Q3
- dns/dnsdist 1.9.11
Highly DNS-, DoS- and abuse-aware loadbalancer
dns/dnsdist: Update to 1.9.11 (fixes CVE-2025-8671)
This is a direct commit to 2025Q3 to not have to merge the 2.0.X major
version upgrade to quarterly.
PR: 289811
Security: c2253bff-9952-11f0-b6e2-6805ca2fa271
d97b8c7e |
09:02 Gleb Popov (arrowd) 2025Q3
- net-p2p/ogmios 6.13.0
WebSockets API to Cardano Ouroboros' mini-protocols
net-p2p/ogmios: Fix distinfo after an upstream reroll
Reported by: pkg-fallout
(cherry picked from commit ec76b931a9aed2df903ca72383f607f1de50b1a4)
bf0a5f0 |
02:30 Koichiro Iwao (meta) 2025Q3
devel/ruby-build: Update to 20250925
Changes: https://github.com/rbenv/ruby-build/releases/tag/v20250925
(cherry picked from commit 170ab8ed698236d62f32eacf77c6e57251c28a6d)
3abd917 |
00:14 Philip Paeps (philip) Author: Mathias Monnerville 2025Q3
- www/glpi 10.0.20,1
Free IT and asset management software
www/glpi: update to 10.0.20
This is a patch release of www/glpi from 10.0.18 to 10.0.20.
ChangeLogs are:
- https://github.com/glpi-project/glpi/releases/tag/10.0.19
- https://github.com/glpi-project/glpi/releases/tag/10.0.20
New features, bug fixes and security release.
PR: 289828
Security: CVE-2025-27514
Security: CVE-2025-52567
Security: CVE-2025-52897
Security: CVE-2025-53008
Security: CVE-2025-53357
Security: CVE-2025-53113
Security: CVE-2025-53111
Security: CVE-2025-53112
Security: CVE-2025-53105
(cherry picked from commit 20d2041ba1125f4bd64f3549c1782d0ad6745bac)
69cc277 |
|
Thursday, 25 Sep 2025
|
23:52 Matthias Andree (mandree) Author: Gert Doering 2025Q3
security/openvpn-devel: upgrade port to git commit 0fb5a00549 (2.7_beta2,
2025-09-25)
This is a MFH combined (squashed) from four commits from main to 2025Q3
to fix CVE-2025-10680.
Two patches were skipped because they are a change that got reverted in a
later commit. I'll leave Gert as the author of most patches;
my contribution was only the "fix mbedTLS3 bootstrapping" -- Matthias Andree,
mandree@
----------------
security/openvpn-devel: upgrade port to git commit 7b1b283478 (2.7_alpha3,
2025-07-31)
This commit brings the port to "openvpn 2.7_alpha3".
For FreeBSD, the most significant change is that "floating clients with
DCO" are supported, if the kernel has support for it (-current).
Platform-independent the "big new feature" is client side support
for PUSH_UPDATE (send new configuration data while a client-server
connection is established).
(cherry picked from commit cd97894175202e9ca2358cb9be360f286f472bdd)
----------------
security/openvpn-devel: upgrade port to git commit 1e7b9a0fb0 (2.7_beta1,
2025-09-03)
This commit brings the port to "openvpn 2.7_beta1".
New features alpha3 -> beta1 are
- a large number of signed/unsigned related warnings have been fixed
- bugfixes in --dns-updown script for linux systems using resolvconf
- rewrite of the management interface "bytecount" infastructure to better
interact with DCO
- PUSH_UPDATE server support (via management interface)
- introduction of route_redirect_gateway_ipv4 and _ipv6 env variables
- speeding up t_client tests by reducing per-test startup delay 3s -> 1s
The biggest noticeable difference in beta1 is the reformatting using
clang-format, leaving uncrustify as that wasn't stable across versions.
PR: 289315
(cherry picked from commit c31236c680ee48f640b86a94d41838c80153568a)
----------------
security/openvpn-devel: fix mbedTLS3 bootstrapping
and switch to depend on the net/mbedtls3 port,
as we no longer carry mbedtls2 in ports.
Also, mbedTLS 3 supports TLSv1.3, so drop our local MBEDTLS_DESC
and go with the official description instead.
Approved by: Gert Doering (maintainer, via IRC)
Related to:
PR: 289315
(cherry picked from commit 97ca816e6d79034bf936814d19e0a1d27d038bf5)
----------------
security/openvpn-devel: upgrade port to git commit 0fb5a00549 (2.7_beta2,
2025-09-25)
This commit brings the port to "openvpn 2.7_beta2".
Notable changes beta1 -> beta2 (relevant for FreeBSD) are:
- even more of signed/unsigned related warnings have been fixed
- #pragmas have been added to all to-be-fixed source files, so we can
now always enable -Wconversion to see if new code brings new warnings
(and the CI infra builds with -Werror)
- add proper input sanitation to DNS strings to prevent an attack
coming from a trusted-but-malicous OpenVPN server (CVE: 2025-10680,
affects unixoid systems with --dns-updown scripts and windows using
the built-in powershell call)
- Switch test_ssl certificate from RSA 2048 to secp384r1
(so "make check" runs with OpenSSL set to @SECLEVEL=3)
- clean up MI prefix handling
- replace all assert() calls with OpenVPN ASSERT()
PR: 289838
Security: e5cf9f44-9a64-11f0-8241-93c889bb8de1
Security: CVE-2025-10680
MFH: 2025Q3
(cherry picked from commit 5f2c6fc6b90582ad187be6c0387b059f2f0dfefb)
0a38d94 |
18:30 Gleb Popov (arrowd) 2025Q3
sysutils/cardano-cli: Fix distinfo after an upstream reroll
Reported by: pkg-fallout
(cherry picked from commit 627d2ce1b67d8ad554c401ddede453ef061d17c0)
b882b11 |
15:10 Vladimir Druzenko (vvd) 2025Q3
- net/nncp 8.8.3
Utilities for secure store-and-forward files, mail, command exchanging
net/nncp: Update 8.8.1 => 8.8.3
Changelog:
http://www.nncpgo.org/Release-8_005f8_005f2.html
http://www.nncpgo.org/Release-8_005f8_005f3.html
Switch to go 1.21, but build still fails with go 1.22+.
PR: 289697
Approved by: Sergey Matveev <stargrave@stargrave.org> (maintainer)
MFH: 2025Q3
(cherry picked from commit 653ba68748bd8a77da6b1d184a1a3999d024c69e)
7c5fc9e |
|
Wednesday, 24 Sep 2025
|
21:04 Robert Nagy (rnagy) 2025Q3
www/chromium: update to 140.0.7339.207
Security: https://vuxml.freebsd.org/freebsd/57b54de1-85a5-439a-899e-75d19cbdff54.html
(cherry picked from commit ccaf5d74daaa9d5936b560d1894f9373b530eb03)
91c398e |
12:37 Lars Engels (lme) Author: Emanuel Haupt 2025Q3
security/lynis: Update to 3.1.5
PR: 289677
(cherry picked from commit dc32631ecfcfa821b1163dd5bdd17eb96e050d52)
8b3533a |
11:44 Robert Clausecker (fuz) Author: Baptiste Daroussin 2025Q3
devel/catch2: remove wrong USES=pathfix
USES=path is moving the .pc files into libdata/pkgconfig while it
concerns platform independant package.
(cherry picked from commit 21b12cb7e2dcc2d891b8827de9c78673741ead29)
0de884c |
10:00 Robert Nagy (rnagy) 2025Q3
www/iridium: update to 2025.09.140.3
(cherry picked from commit 1c560583fde552fd568964677605c2b94f3e49e2)
0cd889f |
06:40 Robert Nagy (rnagy) 2025Q3
- www/chromium 140.0.7339.207
Google web browser based on WebKit
www/chromium: update to 140.0.7339.127
Security: https://vuxml.freebsd.org/freebsd/57b54de1-85a5-439a-899e-75d19cbdff54.html
(cherry picked from commit 297fe22dde3146bc2980a847c700dbac445637da)
ba96a31 |
|
Tuesday, 23 Sep 2025
|
19:14 Christoph Moench-Tegeder (cmt) 2025Q3
- mail/thunderbird 143.0.1
Mozilla Thunderbird is standalone mail and news that stands above
mail/thunderbird: update to 143.0.1
Release Notes:
https://www.thunderbird.net/en-US/thunderbird/143.0.1/releasenotes/
(cherry picked from commit 7b105e1f0e2391777667bb27ed56820d89196fe3)
561da09 |
17:13 Olivier Cochard (olivier) 2025Q3
- net/bird3 3.1.4
Dynamic multithreaded IP routing daemon
net/bird3: Update to 3.1.4
Fixed several crashes in BGP, including one which was remotely exploitable.
MFH: 2025Q3
Security: CVE-2025-59688
Sponsored by: Netflix
(cherry picked from commit b209da7a624a0c90a83ff5bd6da7f6de245594e4)
7db7e00 |
17:13 Olivier Cochard (olivier) 2025Q3
- net/bird3 3.1.3_2
Dynamic multithreaded IP routing daemon
net/bird3: Fix typo in RC script preventing to start
PR: 289483
Reported by: Marek Zarychta <zarychtam@plan-b.pwste.edu.pl>
(cherry picked from commit 420d05b7005df9206c579502f440aa96fafb87dc)
91fed1c |
17:13 Olivier Cochard (olivier) 2025Q3
- net/bird3 3.1.3_1
Dynamic multithreaded IP routing daemon
net/bird3: Update rc script
Address some fixes:
- Modify rcorder to start sooner, enabling other daemons that rely on network
access to start correctly.
- Introduce gracefulrestart as an additional rc command.
PR: 282565
PR: 240732
Sponsored by: Netflix
(cherry picked from commit 1372a98ed6e303763de9f4a6bd6c6011fb3b66bd)
c33d2e6 |
17:13 Olivier Cochard (olivier) 2025Q3
- net/bird3 3.1.3
Dynamic multithreaded IP routing daemon
net/bird3: Update to 3.1.3
Sponsored by: Netflix
(cherry picked from commit b23c6523a65c2678f333db2ed71a5839f54262ab)
48a2909 |
16:48 Robert Nagy (rnagy) 2025Q3
www/ungoogled-chromium: unbreak build after bad patch merging
PR: 289781
(cherry picked from commit 41cf3ff4a86ac6979ca54ee94ae81d20cbb1af64)
1f225f2 |
11:42 Vladimir Druzenko (vvd) Author: Mintsuki 2025Q3
- sysutils/limine 10.0.1
Modern, advanced, portable, multiprotocol bootloader and boot manager
sysutils/limine: Update 10.0.0 => 10.0.1
Changelog:
Bug fixes:
- Fix a potential use-after-free issue when flushing interrupts on x86
UEFI systems.
- Prefer using the 32-bit Linux protocol unless it is strictly
necessary to use the 64-bit protocol due to allocation constraints.
This is due to reports of the 32-bit protocol being more reliable
on certain rare systems where the 64-bit protocol crashes or hangs.
https://codeberg.org/Limine/Limine/src/tag/v10.0.1/ChangeLog
PR: 289777
MFH: 2025Q3
(cherry picked from commit 16112c11954cd3766234dd7468d0324a08e046f6)
5bdfdef |
11:42 Vladimir Druzenko (vvd) Author: Mintsuki 2025Q3
- sysutils/limine 10.0.0
Modern, advanced, portable, multiprotocol bootloader and boot manager
sysutils/limine: Update 9.6.5 => 10.0.0
Changelog:
https://codeberg.org/Limine/Limine/src/tag/v10.0.0/ChangeLog
While here unite REINPLACE_CMD - run 1 time instead of 2.
PR: 289637
(cherry picked from commit 674fdba86a3d6ed107090eb5256cbd3632128c50)
0c3f7d5 |
11:41 Vladimir Druzenko (vvd) Author: Mintsuki 2025Q3
- sysutils/limine 9.6.5
Modern, advanced, portable, multiprotocol bootloader and boot manager
sysutils/limine: Update 9.6.1 => 9.6.5
Changelog:
https://codeberg.org/Limine/Limine/src/tag/v9.6.5/ChangeLog
Upstream moved from GitHub to Codeberg.
PR: 289194
(cherry picked from commit 669e1740edd1426fb8194914cc0af68ce8ba78be)
b803722 |
11:41 Vladimir Druzenko (vvd) Author: Mintsuki 2025Q3
- sysutils/limine 9.6.1
Modern, advanced, portable, multiprotocol bootloader and boot manager
sysutils/limine: Update to 9.6.1
Changelog: https://github.com/limine-bootloader/limine/blob/v9.6.1/ChangeLog
PR: 289155
Reported by: Mintsuki <mintsuki@protonmail.com> (maintainer)
(cherry picked from commit 74890411976d6f330bc902309084aae00eb70b8b)
8f875a5 |
11:41 Vladimir Druzenko (vvd) Author: Mintsuki 2025Q3
- sysutils/limine 9.6.0
Modern, advanced, portable, multiprotocol bootloader and boot manager
sysutils/limine: Update 9.5.0 => 9.6.0
Changelogs:
https://github.com/limine-bootloader/limine/blob/v9.6.0/ChangeLog
PR: 288743
(cherry picked from commit 755dd617a155822bd8101ae2568a838c0763eac6)
e71f164 |
11:41 Vladimir Druzenko (vvd) Author: mintsuki 2025Q3
- sysutils/limine 9.5.0
Modern, advanced, portable, multiprotocol bootloader and boot manager
sysutils/limine: Update 9.3.4 => 9.5.0
Changelogs:
https://github.com/limine-bootloader/limine/blob/v9.5.0/ChangeLog
PR: 288264
(cherry picked from commit 1fc8433740b712f9cf212cc18e53f8b1e4ac1fc4)
086c474 |
03:28 Vladimir Druzenko (vvd) Author: Martin Filla 2025Q3
www/tor-browser: Update 15.0a2 => 15.0a3
Changelog:
https://blog.torproject.org/new-alpha-release-tor-browser-150a3/
PR: 289771
MFH: 2025Q3
(cherry picked from commit 7a4368ba43090fcf259ea5ae9ad2a547e668431f)
02031f4 |
|
Monday, 22 Sep 2025
|
21:55 Christoph Moench-Tegeder (cmt) 2025Q3
- www/firefox-esr 140.3.1,1
Web browser based on the browser portion of Mozilla
www/firefox-esr: update to 140.3.1 (rc1)
Release Notes (soon):
https://www.firefox.com/en-US/firefox/140.3.1/releasenotes/
(cherry picked from commit a457b92ec30e84fd67b93ed00227e09a820cd1ce)
e3bd063 |
15:22 Robert Clausecker (fuz) 2025Q3
lang/gcc16-devel: fix build on armv7
Some type confusion issues.
Approved by: portmgr (build fix blanket)
MFH: 2025Q3
(cherry picked from commit a3f86bfa89021696f42a133a98e314b2b6875418)
1e55f2d |
13:15 Robert Nagy (rnagy) 2025Q3
www/iridium: update to 2025.09.140.2
(cherry picked from commit 3c7b09d8fb6b57574f2ba2885cce0d1af9812894)
0b68721 |
12:32 Robert Nagy (rnagy) 2025Q3
- www/chromium 140.0.7339.185
Google web browser based on WebKit
www/*chromium: update to 140.0.7339.185
Security: https://vuxml.freebsd.org/freebsd/6904ba53-22ff-4478-bfae-059dc2eefee1.html
(cherry picked from commit c1eb6b5d114ecc2d016db16a00cece4fd40f53f0)
de83339
10:31 Jan Beich (jbeich) 2025Q3
x11-toolkits/wlroots019: update to 0.19.1
Changes: https://gitlab.freedesktop.org/wlroots/wlroots/-/releases/0.19.1
Reported by: GitLab (notify releases)
(cherry picked from commit bbff1f4c66cdb37083c14c6aafaa05bb5566b7de)
09d95c0 |
05:07 Colin Percival (cperciva) 2025Q3
misc/freebsd-release-manifests: Add 15.0-ALPHA3 MANIFEST files
Approved by: re (implicit)
Sponsored by: https://www.patreon.com/cperciva
(cherry picked from commit 32dd3728acbac87421ea113e9c3555e1774a1353)
511a3a3 | |
Sunday, 21 Sep 2025
|
20:05 Nuno Teixeira (eduardo) 2025Q3
sysutils/restic: Update to 0.18.1
ChangeLog: https://github.com/restic/restic/releases/tag/v0.18.1
MFH: 2025Q3 (bugfix release)
(cherry picked from commit 6bbaf95dbc77ed472e0b0e9bf87a1251d29895c9)
0a693a6 |
06:41 Rainer Hurling (rhurlin) 2025Q3
graphics/qgis-ltr: 3.40.11
Changelog: https://github.com/qgis/QGIS/compare/final-3_40_10%5E...final-3_40_11
Reported by: portscout, Repology
MFH: 2025Q3
(cherry picked from commit e191d88904088aff3cfed893d154cebb977f182e)
2588111 |
06:02 Xin LI (delphij) 2025Q3
- www/redmine60 6.0.6_3
Flexible project management web application
www/redmine60: chase recent rubygems updates.
(cherry picked from commit 7fe23d732a13f21c95a4a80e914654758a9bd158)
958acb1 |
06:02 Xin LI (delphij) 2025Q3
- www/redmine60 6.0.6_2
Flexible project management web application
www/redmine60: chase rubyzip upgrade.
(cherry picked from commit 21d18a6b1e7bfabd13960fc5feab8dbd84c94e48)
3227418 |
06:02 Xin LI (delphij) 2025Q3
- www/redmine60 6.0.6_1
Flexible project management web application
www/redmine60: chase propshaft upgrade.
(cherry picked from commit ecc35105ebf918949d78b033982a512894b4b042)
6ae31bf |
06:02 Xin LI (delphij) 2025Q3
www/redmine60: upgrade to 6.0.6.
(cherry picked from commit 63843cd9ea15b96675fc15e1264a1e9578d77051)
556e998 |
05:00 Philip Paeps (philip) 2025Q3
- net/fort 1.6.7
FORT Validator is an open source RPKI validator
net/fort: Update to 1.6.7
- Update to 1.6.7
- Changelog: https://github.com/NICMx/FORT-validator/releases/tag/1.6.7
While here, take maintainership.
(cherry picked from commit 03f0d4b023e19337a2d0854a1a5616ff0b2f5ab7)
a17472e | |
Saturday, 20 Sep 2025
|
21:11 Kevin Bowling (kbowling) 2025Q3
multimedia/librespot: Update to 0.7.1
PR: 289153
Approved by: maintainer timeout
(cherry picked from commit c215ac6131ca4295184fe91f9ae3b56210f500a4)
4cc654b |
21:11 Kevin Bowling (kbowling) 2025Q3
multimedia/librespot: Update to 0.7.0
Chase Spotify API breakage.
PR: 289153
Approved by: maintainer timeout
Co-authored-by: Alexandre Biancalana <ale@biancalanas.net>
(cherry picked from commit 7b71e02182cf8b8fa9bab28091a80a9adabe1d9c)
114bc9c |
06:26 Rainer Hurling (rhurlin) 2025Q3
- graphics/qgis 3.44.3
Free and Open Source Geographic Information System
graphics/qgis: Update to 3.44.3
https://github.com/qgis/QGIS/compare/final-3_44_2%5E...final-3_44_3
Reported by: portscout, Repology
MFH: 2025Q3
(cherry picked from commit 8b7603518eec44ea47249fad138591c5aaf16f53)
a8271cc |
01:24 Vladimir Druzenko (vvd) 2025Q3
java/dbvis: Update 25.2.3 => 25.2.4
Release notes:
https://www.dbvis.com/releasenotes/25.2/
Reported by: pkg-fallout (fetch failed)
MFH: 2025Q3
(cherry picked from commit 1881ab85f78f8cdbc86630271a518eb5163e51fe)
4d9794d |
00:24 Vladimir Druzenko (vvd) Author: Paavo-Einari Kaipila 2025Q3
- databases/adminer 5.3.0_2
Full-featured database management tool in a single PHP file
databases/adminer: Fix CVE-2023-45197, CVE-2023-45196, CVE-2023-45195
Remove affected plugin.
PR: 289262
Security: CVE-2023-45197
Security: CVE-2023-45196
Security: CVE-2023-45195
MFH: 2025Q3
(cherry picked from commit 1cb6e93322e9c45676ea266e8beb179506015e32)
35c2339 |
00:24 Vladimir Druzenko (vvd) Author: Paavo-Einari Kaipila 2025Q3
- databases/adminer 5.3.0_1
Full-featured database management tool in a single PHP file
databases/adminer: Ship plugins within the package
Adminer's plugins are now part of the same file and they're autoloaded
if used.
Add build-time options for database drivers and remove mentions about
drivers that aren't in the tree anymore.
MySQL and SQLite on by default due to their rather light dependency
chains.
PR: 288750
(cherry picked from commit 7e1d58ce98678ae2beefeb0806b1d02e7d164156)
e28d7db |
00:23 Vladimir Druzenko (vvd) Author: Paavo-Einari Kaipila 2025Q3
- databases/adminer 5.3.0
Full-featured database management tool in a single PHP file
databases/adminer: Introduce flavors and adopt the port
Signed-off-by: Paavo-Einari Kaipila <pave@freebsd.org>
PR: 288648
Approved by: yuri@ (Mentor)
(cherry picked from commit 7c7071826a28c5174eb98e9530c9431946a3d478)
8ad7359|
Friday, 19 Sep 2025
|
21:07 Vladimir Druzenko (vvd) Author: ek 2025Q3
archivers/urbackup-client: Fix build on 15+
Restore an accidentally deleted patch.
While here update pkg-message.
PR: 289652
Fixes: d70c8a415dd3 (Update 2.5.25.0 => 2.5.26.0)
MFH: 2025Q3
(cherry picked from commit c2bedb478220e73b955f850b040f981a5845199d)
9c90de5 |
17:00 Christoph Moench-Tegeder (cmt) 2025Q3
- www/firefox 143.0.1,2
Web browser based on the browser portion of Mozilla
www/firefox: update to 143.0.1
Release Notes:
https://www.firefox.com/en-US/firefox/143.0.1/releasenotes/
(cherry picked from commit 47f9e8bed3d94962aa743f8688a4026212de2851)
1b76eef |
10:21 Kai Knoblich (kai) 2025Q3
security/py-netbox-secrets: Update to 2.3.4
Changelog since 2.3.2:
https://github.com/Onemind-Services-LLC/netbox-secrets/compare/v2.3.2...v2.3.4
MFH: 2025Q3
(cherry picked from commit 969c01753b42de339bd3d787e05f1bba02d57cab)
33653cb |
08:33 Robert Clausecker (fuz) 2025Q3
sysutils/bareos23-server: fix build on armv7
Add some missing casts.
Approved by: portmgr (build fix blanket)
MFH: 2025Q3
(cherry picked from commit cf96806bf2048dbb353b091e9b1ac33373337ad1)
d632f5c |
08:33 Robert Clausecker (fuz) 2025Q3
devel/ocaml-lacaml: remove -march=native
An existing site patch tried to remove -march=native, but this failed
to be effective. Rework the patch so -march=native is never passed.
Approved by: portmgr (build fix blanket)
MFH: 2025Q3
(cherry picked from commit 25bfd8147fec94070189e30b8a2ec71227d99974)
3a2d206 |
08:33 Robert Clausecker (fuz) 2025Q3
multimedia/gstreamer1-plugins-mplex: builds fine on armv7
Approved by: portmgr (build fix blanket)
MFH: 2025Q3
(cherry picked from commit 9213749da78eab7401bdaaf4c39f526df5dc7f97)
99f41ab |
08:33 Robert Clausecker (fuz) 2025Q3
multimedia/gstreamer1-plugins-mpeg2enc: builds fine on armv7
Approved by: portmgr (build fix blanket)
MFH: 2025Q3
(cherry picked from commit 3f14d81c40f3d09492eab5ee0aaa5c100c716230)
70d0289 |
08:33 Robert Clausecker (fuz) 2025Q3
audio/gstreamer1-plugins-taglib: builds fine on armv7
Approved by: portmgr (build fix blanket)
MFH: 2025Q3
(cherry picked from commit b503858a7905571d64384ff195efd06128a99126)
7c6031b |
08:33 Robert Clausecker (fuz) 2025Q3
- databases/proxysql 2.6.6_1
High performance, high availability, protocol-aware proxy for MySQL
databases/proxysql: fix build on armv7
size_t vs. unsigned long type confusion.
Approved by: portmgr (build fix blanket)
MFH: 2025Q3
(cherry picked from commit 0586757c29f879c3375f7a782d1d4824851d360a)
ca1563e |
08:33 Robert Clausecker (fuz) 2025Q3
graphics/mapnik: fix build on armv7, prepare for boost 1.89
Add a missing cast from uint64_t to size_t.
Remove LIB_DEPENDS on libboost_system, which no longer exists
on boost 1.89 (it has been a shim before).
Approved by: portmgr (build fix blanket)
MFH: 2025Q3
(cherry picked from commit dd0ccaf9dd47b0738b9ca84ced8265d8e837cbd4)
80bd4d9 |
08:33 Robert Clausecker (fuz) 2025Q3
devel/libunicode-contour: fix build on armv7
Same solution as on some other platforms.
Change file for devel/catch2 build dependency to one that is not also
provided by devel/catch.
Approved by: portmgr (build fix blanket)
MFH: 2025Q3
(cherry picked from commit 4f186b7071db773f9b6b9aa7bc12d85bed7fb78a)
9a1181f |
08:32 Robert Clausecker (fuz) Author: Piotr Kubaj 2025Q3
devel/libunicode-contour: fix build on powerpc64
Same as powerpc64le.
(cherry picked from commit d37d6119226a9e473616e78a3e8a773a005b20ac)
fc8e960 |
08:32 Robert Clausecker (fuz) Author: Piotr Kubaj 2025Q3
devel/libunicode-contour: fix build on powerpc64le
Use clang's SSE translation, libunicode has intrinsics implemented
only for amd64 and arm64:
/wrkdirs/usr/ports/devel/libunicode-contour/work/libunicode-0.6.0/src/libunicode/scan.cpp:110:5:
error: use of undeclared identifier 'intrinsics'
110 | intrinsics::m128i const ControlCodeMax =
intrinsics::set1_epi8(0x20); // 0..0x1F
| ^
(cherry picked from commit b4adf0f2dd79607d012ab9c15503f3390f9fbc38)
2ebf737 |
08:32 Robert Clausecker (fuz) 2025Q3
devel/rubygem-oj: fix build on armv7
Port uses NEON intrinsics only available on Aarch64.
Disable use of NEON on armv7 to fix the build.
Approved by: portmgr (build fix blanket)
MFH: 2025Q3
(cherry picked from commit bf27db51bb874e9f440eb430abef228dab412198)
2139eadd |
08:32 Robert Clausecker (fuz) 2025Q3
www/qt6-webengine: fix build on armv7
Known node issue that has already been fixed before.
Obtained from: www/node20/files/patch-deps_v8_src_codegen_arm_cpu-arm.c
Approved by: portmgr (build fix blanket)
MFH: 2025Q3
(cherry picked from commit c210e668c1a99f97016a635f2584f9521749e848)
c21341e |
08:32 Robert Clausecker (fuz) 2025Q3
textproc/htmldoc: update to 1.9.21
Changelog: https://github.com/michaelrsweet/htmldoc/releases/tag/v1.9.21
MFH: 2025Q3
(cherry picked from commit 0bc2a4990a45797e37a9974e7e63a06687d6ce1b)
f7a7691 | |
Thursday, 18 Sep 2025
|
19:24 Vladimir Druzenko (vvd) Author: Martin Filla 2025Q3
- www/librewolf 143.0
Custom version of Firefox, focused on privacy, security and freedom
www/librewolf: Update 142.0.1-1 => 143.0-1
Changelog:
https://www.firefox.com/en-US/firefox/143.0/releasenotes/
PR: 289676
MFH: 2025Q3
(cherry picked from commit 942b4853ed2e9531a349fc56db1b154e24eca0af)
60b4e44 | |
Wednesday, 17 Sep 2025
|
22:08 Vladimir Druzenko (vvd) 2025Q3
net-im/py-matrix-synapse: Update 1.135.0 => 1.138.0 (security)
Changelogs:
https://github.com/element-hq/synapse/blob/v1.138.0/CHANGES.md
This release includes support for room version 12 which fixes a number
of security vulnerabilities, including CVE-2025-49090.
While here fix warnings from portclippy, sort DOCS, improve indents.
PR: 289253
Approved by: Sascha Biberhofer <ports@skyforge.at> (maintainer, timeout 2 weeks)
Security: CVE-2025-49090
MFH: 2025Q3
(cherry picked from commit c460176f75937d72b18ef3b65b329b5301e85a84)
06e3b5f |
22:06 Vladimir Druzenko (vvd) Author: Sascha Biberhofer 2025Q3
net-im/py-matrix-synapse: Update to 1.135.0
PR: 288639
Approved by: yuri@ (Mentor)
(cherry picked from commit 874e6cd6cca81fa99ac779e5d0459582fa73bf1a)
65138f5 |
18:53 Li-Wen Hsu (lwhsu) 2025Q3
devel/jenkins-lts: Update to 2.516.3
MFH: 2025Q3
Security: b9b668f0-96ec-4568-b618-2edea45d6933
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 4b66112e57c179989671a42e068129ab8f7088dc)
92b4e88 |
18:52 Li-Wen Hsu (lwhsu) 2025Q3
devel/jenkins: Update to 2.528
MFH: 2025Q3
Security: b9b668f0-96ec-4568-b618-2edea45d6933
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 7a292ef71a099a4aab81b34270a8aed269e7ff3a)
6a4d6f9 |
10:56 Koichiro Iwao (meta) 2025Q3
devel/ruby-build: Update to 20250916.1
Changes: https://github.com/rbenv/ruby-build/releases/tag/v20250916.1
(cherry picked from commit da355efe541048928bc0be0dfdb152f1f99f42da)
f479fdc |
10:56 Koichiro Iwao (meta) 2025Q3
devel/ruby-build: Update to 20250916
Changes: https://github.com/rbenv/ruby-build/releases/tag/v20250916
(cherry picked from commit 43b057a0a958f6961b4fecba8175c9a243cecc01)
355d6e7 |
09:35 Juraj Lutter (otis) Author: Nick Hilliard 2025Q3
- devel/apr1 1.7.5.1.6.3_5
Apache Portability Library
devel/apr1: Unbreak with MySQL > 8.0.2 < 10.0.0
my_init() was removed from mysql 8.0.2, but dbd/apr_dbd_mysql.c calls
my_init() if MYSQL_VERSION_ID < 100000. This patch fixes this problem,
allowing Apache mod_authn_dbd.so to work properly on mysql >= 8.0.2.
There is an open bug upstream, but it has not been patched yet.
Upstream PR: https://bz.apache.org/bugzilla/show_bug.cgi?id=62631
PR: 274134
Approved by: brnrd (with apache hat)
(cherry picked from commit 1ba5f925f5b1839f3e2b36742ec62cd246ccf764)
a5419f7 | |
Tuesday, 16 Sep 2025
|
19:42 Robert Clausecker (fuz) 2025Q3
- sysutils/gdu 5.30.1
Disk usage analyzer with console interface written in Go
sysutils/gdu: fix DISTVERSION
Approved by: portmgr (build fix blanket)
Fixes: 15732d358bf7c69025a77553728592669b44d5b4
See also: c81d4813dbf89221e83fb786ccfba4ba2afca917
PR: 287577
390c56f |
17:24 Matthias Andree (mandree) 2025Q3
- dns/dnsmasq 2.91_2,1
Lightweight DNS forwarder, DHCP, and TFTP server
dns/dnsmasq*: don't force -O2 into CFLAGS
Reported by: diizzy@
MFH: 2025Q3
(cherry picked from commit a2ed083c8a7d265ad4ffc2acbbc12eb22e19b6a9)
aea71ee
14:40 Matthias Andree (mandree) 2025Q3
security/openvpn: assert()->ASSERT() cleanup
This reverts my prior assert -> if...return(false) change
to Ralf Lici's backport, and replaces all assert() by ASSERT().
Gert Doering writes:
| OpenVPN's ASSERT() macro will do a bit more than the standard-libc
| assert() call, namely print out which function and what expression
| failed, before calling _exit(1). Also, it can not be accidentially
| compiled-away (-DNDEBUG).
|
| Use of ASSERT() generally only advised in cases of "this must not happen,
| but if it does, it's a programming or state corruption error that we
| must know about". Use of assert() is lacking the extra debug info, and as
| such, not advised at all.
This is a backport of OpenVPN master changes...
Obtained from: Gert Doering <gert@greenie.muc.de>
Obtained from: <https://gerrit.openvpn.net/c/openvpn/+/1171>
PR: 289303
MFH: 2025Q3 (suggestion after 10 days)
(cherry picked from commit d92d41ca1ae2cd5005a5b774e64b38ca2f6915c7)
03b8ed1 |
14:40 Matthias Andree (mandree) 2025Q3
security/openvpn: support DCO float notifications
The FreeBSD kernel added "if_ovpn: support floating clients"
on main on 2025-07-28, and merged it to 14/stable on 2025-08-13.
https://reviews.freebsd.org/D51468
https://cgit.freebsd.org/src/commit/?id=9c52600a5a150117b4396df3b868cf2516e1674c&h=main
https://cgit.freebsd.org/src/commit/?h=stable/14&id=fc387ed68f3c7b0b8da9bab13492b7bbafecb5bf
This adds a new notification from the kernel module to user space
named OVPN_NOTIF_FLOAT, which OpenVPN 2.6.14 does not support.
Backport support into OpenVPN 2.6.
Reported by: Marek Zarychta <zarychtam@plan-b.pwste.edu.pl>
Obtained from: Kristof Provost <kp@FreeBSD.org>
Obtained from: Ralf Lici <ralf@mandelbit.com>
- modified to avoid assert() in nvlist_to_sockaddr()
in src/openvpn/dco_freebsd.c
Obtained from: Gert Doering <gert@greenie.muc.de>
Tested by: Marek Zarychta <zarychtam@plan-b.pwste.edu.pl>
PR: 289303
MFH: 2025Q3 (suggestion after 10 days)
(cherry picked from commit 5ecf19f0371f4ca71c5dc89d133442c8dd0e7a00)
40215d3 |
14:40 Matthias Andree (mandree) 2025Q3
security/openvpn: remove 2048-bit legacy Diffie Hellman
I received a fallout complaint from i386 FreeBSD 15-PRERELEASE
builders that, as of now, has no other explanation than a tightened
(if intermediately) SECLEVEL on that machine, and that's due to
Diffie-Hellman 2048 bit parameters, and self-tests are failing
with stereotypical "ee key too small" and "dh key too small".
While it's not clear what the exact cause of the failure is and
if we had a glitch in the OpenSSL 3.5.1 import (Enji updated
the main branch to 3.5.2 shortly after), let's modernize the
setup a bit.
Fallout and Builder logs (I take it the 2nd URL states
that the FreeBSD src branch was at commit c6778f3a442):
https://pkg-status.freebsd.org/beefy17/data/main-i386-default/p98b748365fe6_sc6778f3a442/logs/openvpn-2.6.14.log
https://pkg-status.freebsd.org/beefy17/build.html?mastername=main-i386-default&build=p98b748365fe6_sc6778f3a442
2025-08-20 11:46:39 OpenVPN 2.6.14 i386-portbld-freebsd15.0 [SSL (OpenSSL)]
[LZO] [LZ4] [PKCS11] [MH/RECVDA] [AEAD] [DCO]
2025-08-20 11:46:39 Note: dev-type not tun, disabling data channel offload.
2025-08-20 11:46:39 library versions: OpenSSL 3.5.1 1 Jul 2025, LZO 2.10
2025-08-20 11:46:39 OpenVPN 2.6.14 i386-portbld-freebsd15.0 [SSL (OpenSSL)]
[LZO] [LZ4] [PKCS11] [MH/RECVDA] [AEAD] [DCO]
2025-08-20 11:46:39 DCO version: FreeBSD 15.0-PRERELEASE 1500061
2025-08-20 11:46:39 library versions: OpenSSL 3.5.1 1 Jul 2025, LZO 2.10
2025-08-20 11:46:39 DCO version: FreeBSD 15.0-PRERELEASE 1500061
2025-08-20 11:46:39 NOTE: the current --script-security setting may allow this
configuration to call user-defined scripts
2025-08-20 11:46:39 GDG: problem writing to routing socket: Invalid argument
(errno=22)
2025-08-20 11:46:39 NOTE: the current --script-security setting may allow this
configuration to call user-defined scripts
2025-08-20 11:46:39 OpenSSL: error:030000A8:digital envelope routines::unknown
security bits:
2025-08-20 11:46:39 OpenSSL: error:0A00018A:SSL routines::dh key too small:
2025-08-20 11:46:39 SSL_CTX_set0_tmp_dh_pkey
2025-08-20 11:46:39 Exiting due to fatal error
2025-08-20 11:46:39 OpenSSL: error:030000A8:digital envelope routines::unknown
security bits:
2025-08-20 11:46:39 OpenSSL: error:0A00018F:SSL routines::ee key too small:
2025-08-20 11:46:39 Cannot load inline certificate file
2025-08-20 11:46:39 Exiting due to fatal error
FAIL: t_cltsrv.sh
That prompted upstream to file a bug and the suggestion to strip
dh2048.pem from installing the demo file and sample configuration should
not affect existing setups, however, if someone would have used
the shipped dh2048.pem file, that would have to be regenerated with
openssl dhparam -out dh2048.pem 2048.
https://github.com/OpenVPN/openvpn/issues/819
https://gerrit.openvpn.net/c/openvpn/+/1145
Upstream changelog, as of v3 of the latter:
| Remove use of 'dh dh2048.pem' from sample configs, remove 'dh2048.pem' file
|
| Since commit bd9aa06feb41 (Jan 2015) OpenVPN has allowed to use
| '--dh none' to disable traditional Diffie Hellman, since more secure
| ECDH algorithms are available that do not use explicit DH parameters.
|
| If configured with a suffiently high securelevel (3+), or if running in
| FIPS mode, OpenSSL 3.5 will refuse 2048 bit DH files, making our tests
| fail.
|
| Thus, remove all the DH2048 stuff from our sample configs.
Obtained from: Gert Doering
While here, delete files/patch-src_plugins_auth-pam_auth-pam.c
because upstream (namely Antonio Quartulli) had fixed that omission
in v2.6-beta1 already (in 2022, as of OpenVPN's commit 0fed64a91d894b46).
Nobody has been able yet to reproduce the test failure other than by
forcing SECLEVEL=3, so let's just push this and see if we receive
pkg-fallout again next time i386 gets its ports built. Upstream
considers the patch necessary anyways, so let's not waste too much
time on testing on a dying system.
(cherry picked from commit acfe37ddd77db77a7858be8d46892fce3151498d)
57aad69 |
09:54 Matthias Andree (mandree) 2025Q3
dns/dnsmasq-devel: harden build
MFH: 2025Q3
(cherry picked from commit f6df9faf351879564d5c94e9c2048269527cedd6)
45ca336 |
09:54 Matthias Andree (mandree) 2025Q3
- dns/dnsmasq 2.91_2,1
Lightweight DNS forwarder, DHCP, and TFTP server
dns/dnsmasq: harden build
MFH: 2025Q3
(cherry picked from commit 421cd1ecf286ff832c18d9c77e220fdad6f8bfb7)
055b4d7 |
07:42 Tijl Coosemans (tijl) 2025Q3
print/cups: Update to 2.4.14
PR: 289626
Security: CVE-2025-58060
Security: CVE-2025-58364
(cherry picked from commit 819e724a081286cff1cb6c9b7d36c316fe8fef56)
b913a0f |
07:42 Tijl Coosemans (tijl) 2025Q3
print/cups: Update to 2.4.12
(cherry picked from commit 7db6b9d37c654d78da5f9161c38d5a24ba0214c5)
1fd1738 |
06:21 Xin LI (delphij) Author: Yasuhiro Kimura 2025Q3
- www/dokuwiki 20250514b
Simple and easy to use wiki, no database required
MFH: www/dokuwiki: Update to 2025-05-14b
Fix XSS vulnerability in search.
ChangeLog: https://www.dokuwiki.org/changes#release_2025-05-14_librarian
PR: ports/289424
(cherry picked from commit 2bf2af33a80ad2326c9ccfc672b9a08389b2fe9f)
9149d25 |
05:30 Hiroki Tagato (tagattie) Author: Fabien Amelinck 2025Q3
databases/mongosh: update to 2.5.5
Changelog: https://github.com/mongodb-js/mongosh/releases
PR: 288152
Reported by: Fabien Amelinck <fabien.amelinck+freebsd@advens.fr> (maintainer)
(cherry picked from commit 625fc0d99b160518f23f2f0455d435a1d9ff36f2)
0dc2baf2 | |
Monday, 15 Sep 2025
|
20:51 Lexi Winter (ivy) 2025Q3
net-mgmt/ping_exporter: Update to 1.1.4
MFH the latest version from main to fix the port, which was broken in
main at the time 2025Q3 was branched.
Upstream release notes:
https://github.com/czerwonk/ping_exporter/releases/tag/1.1.4
(cherry picked from commit d5fd36ca84360fea5c17fcc9e3c34796aa7ed806)
net-mgmt/ping-exporter: update to 1.1.3
Take maintainership (maintainer timeout).
While here, stop hardcoding the commit id in ${GO_MODULE}.
(cherry picked from commit 8db8d7828f8e382561de80e6bb35b47228359ccb)
PR: 289619
Reviewed by: jrm
Approved by: jrm (ports)
Differential Revision: https://reviews.freebsd.org/D52553
813b8ba |
20:39 Vladimir Druzenko (vvd) 2025Q3
- games/retroarch 1.21.0
Cross-platform entertainment system based on libretro API
games/retroarch: Fix build if multimedia/pipewire installed
This does not affect clean builds (as with Poudriere).
PR: 289429
Approved by: Daniel Menelkir <dmenelkir@gmail.com> (maintainer, implicit - fix
build)
MFH: 2025Q3
(cherry picked from commit 8f270dd4b52979124c89a3bacb137c69d93d2255)
6900b55 |
16:59 Vladimir Druzenko (vvd) Author: Pau Amma 2025Q3
sysutils/libudisks: Update 2.10.1 => 2.10.2 (important security fixes)
Changelog:
https://github.com/storaged-project/udisks/releases/tag/udisks-2.10.2
https://github.com/storaged-project/udisks/blob/udisks-2.10.2/NEWS
PR: 289613
Security: GHSA-742q-gggc-473g
MFH: 2025Q3
(cherry picked from commit eea2c3eaf9959f35904e4744e875c6b58ec654a6)
10e870d | |
11:50 Jan Beich (jbeich) 2025Q3 | | | |
As an Amazon Associate I earn from qualifying purchases.
