aboutsummaryrefslogtreecommitdiff
path: root/security
Commit message (Collapse)AuthorAgeFilesLines
* security/vuxml: add www/*chromium < 145.0.7632.109Robert Nagy5 hours1-0/+37
| | | | Obtained from: https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_18.html
* security/boringssl: fix build on arm64 by applying a vendor's fixSergey A. Osokin14 hours2-1/+7
| | | | | | | | | Bump PORTREVISION. Reported by: pkg-fallout Tested by: fluffy Sponsored by: tipi.work
* security/stunnel: Update to 5.77Ryan Steinmetz16 hours2-4/+4
|
* security/aws-c-auth: Update to 0.9.6Nuno Teixeira22 hours2-4/+4
| | | | ChangeLog: https://github.com/awslabs/aws-c-auth/releases/tag/v0.9.6
* security/shibboleth-idp: Update to 5.2.1Ryan Steinmetz23 hours2-7/+7
|
* security/hidden-lake: Actualize pkg-descrÄlven28 hours1-19/+8
| | | | Approved by: db@, yuri@ (Mentors, implicit)
* security/hidden-lake: Update 1.9.1 => 1.10.3Älven28 hours3-10/+7
| | | | | | | | | | | Changelogs: * https://github.com/number571/hidden-lake/blob/v1.10.3/CHANGELOG.md#v1103 * https://github.com/number571/hidden-lake/compare/v1.9.1...v1.10.0 * https://github.com/number571/hidden-lake/compare/v1.10.0...v1.10.1 * https://github.com/number571/hidden-lake/compare/v1.10.1...v1.10.2 * https://github.com/number571/hidden-lake/compare/v1.10.2...v1.10.3 Approved by: db@, yuri@ (Mentors, implicit)
* security/py-python-pkcs11: Update version requirement of BUILD_DEPENDSPo-Chuan Hsieh46 hours2-3/+3
|
* security/sssd2: Update to 2.12.0Gleb Popov47 hours72-2276/+707
| | | | | | PR: 291397 Approved by: jhixson (maintainer timeout) Tested by: Maxim Filimonov <che@bein.link>
* security/vuxml: fix chromium version number in latest entryRobert Nagy2 days1-2/+2
|
* security/libp11: update to 0.4.18 releaseAlex Dupre2 days3-5/+5
|
* security/sudo-rs: Update 0.2.11 => 0.2.12Valdemar Erk3 days3-8/+7
| | | | | PR: 293077 Approved by: Marc Schoolderman (maintainer)
* security/nss: update to 3.120.1Christoph Moench-Tegeder3 days2-4/+4
| | | | | Release Notes: https://hg-edge.mozilla.org/projects/nss/file/NSS_3_120_BRANCH/doc/rst/releases/nss_3_120_1.rst
* security/vuxml: Document vulnerability in dns/powerdns-recursorRyan Steinmetz3 days1-0/+37
|
* security/vuxml: Add png vulnerabilityFernando Apesteguía3 days1-0/+37
| | | | * CVE-2026-25646
* security/py-trezor: Update to 0.20.0Emanuel Haupt3 days2-10/+16
|
* security/Makefile: Connect security/py-shamir-mnemonic, security/py-slip10Emanuel Haupt3 days1-0/+2
|
* security/py-slip10: Add new portEmanuel Haupt3 days3-0/+35
| | | | | | | | | | | slip10 is a reference implementation of the SLIP-0010 specification, which generalizes BIP-0032 hierarchical deterministic key derivation for multiple curves, including secp256k1, NIST P-256, ed25519, and curve25519. It supports deriving extended private and public keys along standard paths and can operate from either seed material or serialized extended keys.
* security/py-shamir-mnemonic: Add new portEmanuel Haupt3 days3-0/+37
| | | | | | | | | | | | | | | shamir-mnemonic is a Python implementation of SLIP-0039, a standard for splitting secrets into multiple mnemonic word shares using Shamir's Secret Sharing scheme. It is designed primarily for use with cryptocurrency wallets and hardware devices, enabling secure backup and recovery of sensitive secrets through human-readable word lists. The library provides tools for generating mnemonic shares, combining shares to recover secrets, and validating share sets, while remaining compatible with SLIP-0039 implementations used by Trezor and related ecosystems.
* security/vuls: Update to 0.38.0Palle Girgensohn4 days2-7/+6
| | | | Release notes: https://github.com/future-architect/vuls/releases/tag/v0.38.0
* security/vuxml: Document TCP readTimeout bypass in traefikThomas Zander5 days1-0/+29
|
* security/vuxml: Add munge vulnerabilityFernando Apesteguía5 days1-0/+38
| | | | | | * CVE-2026-25506 Reported by: Chris Dunlap <chris.m.dunlap@gmail.com>
* security/vuxml: make newentry: Fix providers init.Fernando Apesteguía5 days3-8/+11
| | | | | | | | | An init fail shouldn't exit the script. Initialize registered providers only. Use successfully initialized providers only. Keep euvd for now although it's been down for the last few days.
* security/vuxml: add www/*chromium < 144.0.7559.75Robert Nagy5 days1-0/+33
| | | | Obtained from: https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_13.html
* security/openssl-quictls: Remove expired portRene Ladan5 days10-741/+0
| | | | 2025-12-31 security/openssl-quictls: Upstream project has been archived, use security/quictls
* security/openssl33-quictls: Unbreak buildBernard Spil5 days2-2/+32
|
* security/munge: Update version 0.5.17=>0.5.18Muhammad Moinur Rahman5 days2-4/+4
| | | | Changelog: https://github.com/dun/munge/releases/tag/munge-0.5.18
* security/netbird: Update 0.64.3 => 0.65.0NetBird Developers6 days2-10/+7
| | | | | | | | | | | | | | | Changelogs: https://github.com/netbirdio/netbird/releases/tag/v0.64.4 https://github.com/netbirdio/netbird/releases/tag/v0.64.5 https://github.com/netbirdio/netbird/releases/tag/v0.64.6 https://github.com/netbirdio/netbird/releases/tag/v0.65.0 Commit log: https://github.com/netbirdio/netbird/compare/v0.64.3...v0.65.0 PR: 293166 Security: CWE-639 MFH: 2026Q1
* */*: Add more information about instructions for creating assetsJesús Daniel Colmenares Oviedo6 days1-0/+2
| | | | Reported by: bapt@
* security/wazuh-dashboard: Fix distinfoJose Alonso Cardenas Marquez6 days1-3/+3
| | | | Reported by: girgen
* security/libgcrypt: Fix Curve25519 key validationJoseph Mingrone6 days13-0/+678
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Starting with version 1.12.0, libgcrypt was failing to validate Curve25519 secret keys on FreeBSD-main. This resulted in failures such as in the example below. Incorporate the patch from https://dev.gnupg.org/T8094 to fix the problem. % TEMP_GPG=$(mktemp -d) % GNUPGHOME=$TEMP_GPG gpg --batch --import < ./test/openpgp4-secret-key.asc gpg: keybox '/tmp/tmp.gkqFaMAlVu/pubring.kbx' created gpg: /tmp/tmp.gkqFaMAlVu/trustdb.gpg: trustdb created gpg: key 7E6ABE924645CC60: public key "Notmuch Test Suite (INSECURE!) <test_suite@notmuchmail.org>" imported gpg: key 7E6ABE924645CC60: secret key imported gpg: Total number processed: 1 gpg: imported: 1 gpg: secret keys read: 1 gpg: secret keys imported: 1 % GNUPGHOME=$TEMP_GPG gpg --decrypt ./test/corpora/crypto/basic-encrypted.eml gpg: encrypted with cv25519 key, ID 1D71CFF38F6B48AF, created 2022-09-07 "Notmuch Test Suite (INSECURE!) <test_suite@notmuchmail.org>" gpg: public key decryption failed: Bad secret key gpg: decryption failed: Bad secret key Approved by: cy (maintainer) Obtained from: https://dev.gnupg.org/T8094 Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D55280
* security/osslsigncode: Update version 2.12=>2.13Muhammad Moinur Rahman6 days2-4/+4
| | | | Changelog: https://github.com/mtrojnar/osslsigncode/releases/tag/2.13
* security/voa: update to 0.7.2Charlie Li6 days4-86/+88
| | | | Changelog: https://voa.archlinux.page/voa/CHANGELOG.html#072---2026-01-09
* security/vuxml: update lang/python312 entryCharlie Li6 days1-1/+2
| | | | CVE-2024-6923 fix has been committed upstream
* */*: force rebuild after devel/kf6-kio updateMax Brazhnikov6 days1-0/+1
|
* KDE: Update KDE Gear to 25.12.2Max Brazhnikov6 days6-18/+18
| | | | Announcement: https://kde.org/announcements/gear/25.12.2/
* KDE: Update KDE Frameworks 6 to 6.23.0Max Brazhnikov6 days1-3/+3
| | | | Announcement: https://kde.org/announcements/frameworks/6/6.23.0/
* security/py-scramp: Update to 1.4.8Wen Heping6 days2-4/+4
|
* security/boringssl: update to the recent snapshot releaseSergey A. Osokin6 days3-16/+15
|
* security/vuxml: document expat vulnerabilitiesTomáš Čiernik6 days1-0/+30
| | | | | | | * CVE-2026-24515 * CVE-2026-25210 PR: 293078
* security/hockeypuck: update to 2.3.2Siva Mahadevan7 days2-5/+4
| | | | | Approved by: lwhsu (mentor, implicitly) Sponsored by: The FreeBSD Foundation
* security/cyberchef: Update to 10.22.1Dan Langille7 days2-4/+4
| | | | re: https://github.com/gchq/CyberChef/releases/tag/v10.22.1
* security/testssl.sh: Update to 3.2.3Adam Weinberger7 days2-4/+4
|
* security/openvpn-auth-oauth2: Update to 1.27.0Juraj Lutter7 days2-7/+6
| | | | | | Release notes: https://github.com/jkroepke/openvpn-auth-oauth2/releases/tag/v1.27.0 PR: 293139
* security/vuxml: add info about PostgreSQL vulnerabilitiesPalle Girgensohn7 days1-0/+82
|
* security/vuxml: Add mongodb[78] vulnerabilitiesFernando Apesteguía7 days1-0/+101
| | | | | | | | * CVE-2026-1847 * CVE-2026-1849 * CVE-2026-1850 * CVE-2026-25610 * CVE-2026-25613
* security/wazuh-manager: Comment CCACHE entriesJose Alonso Cardenas Marquez7 days1-2/+2
|
* security/wazuh-*: Update to 4.14.3Jose Alonso Cardenas Marquez7 days14-287/+324
| | | | | | | | | | | - Fallback to 0 when elapsed-times is a non-numeric value - Fix getPorts function issues on all versions of FreeBSD - Update entry about java version into wazuh-indexer/pkg-message file - Use a modified version of Python async inotify module to work on FreeBSD (https://github.com/alonsobsd/asyncinotify) - Define USE=inotify when INOTIFY option is selected ChangeLog at: https://documentation.wazuh.com/current/release-notes/release-4-14-3.html
* security/kanidm: Update to 1.8.6Jesús Daniel Colmenares Oviedo7 days3-425/+481
| | | | ChangeLog: https://github.com/kanidm/kanidm/releases/tag/v1.8.6
* various: Bump ports for Go default 1.24->1.25Adam Weinberger8 days77-75/+77
|
generated by cgit v1.2.3 (git 2.25.1) at 2026-02-19 15:05:08 +0000