aboutsummaryrefslogtreecommitdiff
path: root/security
Commit message (Collapse)AuthorAgeFilesLines
* security/bitwarden-cli: Update to 2025.12.0HEADmainHiroki Tagato33 min.8-1254/+1169
| | | | | | Changelog: https://github.com/bitwarden/clients/releases/tag/cli-v2025.12.0 Reported by: GitHub (watch releases)
* security/enc: Update to 1.1.5Jesús Daniel Colmenares Oviedo3 hours2-7/+6
| | | | ChangeLog: https://github.com/life4/enc/releases/tag/1.1.5
* security/wazuh-server: Fix stage phase when BUILD_AS_NON_ROOT=yesJesús Daniel Colmenares Oviedo3 hours1-1/+1
| | | | Approved by: acm@
* security/krb5*: Add CRYPTO radio buttonCy Schubert3 hours3-6/+21
| | | | | | | | | | Base MIT KRB5 is linked against OpenSSL to supply its crypto. This was done to avoid symbol conflicts within ssh (i.e. a buildworld failure). This now causes the port and base inconsistencies. Add a crypto option to allow the user to select either builtin or openssl crypto. PR: 291695
* security/snowflake-tor: Update to 2.11.0Carlo Strub7 hours5-409/+521
| | | | | | PR: 291387 Reported by: Benjamin Takacs <nimaje+fbz@bureaucracy.de> Approved by: maintainer timeout
* security/wazuh-manager: Fix pkg-plistTrond Endrestøl8 hours1-9/+9
| | | | | PR: 291769 Reported by: Trond.Endrestol at ximalas.info
* security/step-cli: Update to 0.29.0Dan Langille12 hours2-6/+6
| | | | | | re: https://github.com/smallstep/cli/releases/tag/v0.29.0 PR: 291741
* security/step-certificates: Update to 0.29.0Dan Langille12 hours2-6/+6
| | | | | | | | | re: https://github.com/smallstep/certificates/security/advisories/GHSA-h8cp-697h-8c8p PR: 291741 Security: eca46635-db51-11f0-9b8d-40a6b7c3b3b8 Approved by: portmgr (blanket)
* security/vuxml: Correct the step-cli vulnDan Langille12 hours1-2/+2
| | | | It's not the client, it's only the server: step-certificates
* security/lego: update to 4.31.0Philippe Audeoud20 hours2-6/+6
| | | | PR: 291758
* security/wazuh-manager: Fix extractJose Alonso Cardenas Marquez20 hours1-1/+1
|
* security/wazuh-manager: Fix distinfoJose Alonso Cardenas Marquez21 hours1-2/+2
|
* security/wazuh-manager: Fix distinfoJose Alonso Cardenas Marquez21 hours1-12/+12
| | | | Reported by: pkg-fallout
* security/openfortivpn: Update 1.23.1 => 1.24.0Atanu Biswas27 hours2-4/+4
| | | | | | | | Changelog: https://github.com/adrienverge/openfortivpn/blob/v1.24.0/CHANGELOG.md PR: 291750 MFH: 2025Q4
* security/certspotter: Update to 0.23Florian Smeets30 hours2-6/+6
| | | | Newer version works with current versions of go so remove DEPRECATED
* security/certificate_maker: Update version 1.8.3=>1.8.4Muhammad Moinur Rahman32 hours2-6/+6
| | | | Changelog: https://github.com/sigstore/fulcio/releases/tag/v1.8.4
* security/vuxml: add security/step-cli vulnDan Langille37 hours1-0/+28
| | | | | | re: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=291741 PR: 291741
* sysutils/tailscale: Update to 1.92.3Ashish SHUKLA40 hours2-6/+6
| | | | MFH: 2025Q4
* security/trivy: update to 0.68.2Matthias Fechner44 hours2-6/+6
| | | | Changes: https://github.com/aquasecurity/trivy/releases/tag/v0.68.2
* security/vuxml: add FreeBSD SAs issued on 2025-12-17Philip Paeps2 days1-0/+70
| | | | | FreeBSD-SA-25:11.ipfw affects FreeBSD 13.5 and FreeBSD 14.3 FreeBSD-SA-25:12.rtsold affects all supported versions of FreeBSD
* security/py-python-pkcs11: Update to 0.9.3Po-Chuan Hsieh2 days2-4/+4
| | | | Changes: https://github.com/pyauth/python-pkcs11/releases
* security/wazuh: Update to 4.14.1Jose Alonso Cardenas Marquez2 days30-2241/+1750
| | | | | | | | | | | | - Python bundle update to 3.11.4 - wazuh-agent and wazuh-manager : Add support for 15-RELEASE and 16-CURRENT - wazuh-agent and wazuh-manager : Improve FreeBSD system information functions - wazuh-dashboards : Update version of opensearch to 2.19.3 - wazuh-manager: Update pkg-message with entries about vulnerability detector and indexer connector configuration ChangeLog at: https://documentation.wazuh.com/current/release-notes/release-4-14-1.html PR: 290771 290782 291040
* KDE: Update KDE Frameworks 6 to 6.21.0Max Brazhnikov2 days1-3/+3
| | | | | | | | | | | | | | | | Announcement: https://kde.org/announcements/frameworks/6/6.21.0/ Ports changes: devel/kf6-extra-cmake-modules: - Fix FindInotify.cmake module - Remove stale patch x11-toolkits/kf6-kirigami: - Backport upstream patch PR: 291637 Exp-run by: antoine
* security/nettle: Remove USES=pathfixPo-Chuan Hsieh2 days1-1/+1
|
* security/libssh: Remove USES=pathfixPo-Chuan Hsieh2 days1-1/+1
|
* security/libntlm: Remove USES=pathfixPo-Chuan Hsieh2 days1-1/+2
|
* security/libgsasl: Remove USES=pathfixPo-Chuan Hsieh2 days1-1/+1
|
* security/libfido2: Remove USES=pathfixPo-Chuan Hsieh2 days1-1/+1
|
* security/gsasl: Remove USES=pathfixPo-Chuan Hsieh2 days1-1/+1
|
* security/aws-lc: Remove USES=pathfixPo-Chuan Hsieh2 days1-1/+1
|
* lang/rust: Bump revisions after 1.92.0Mikael Urankar3 days30-26/+30
| | | | PR: 291582
* security/cowrie: update 2.9.0 → 2.9.1Yuri Victorovich3 days2-4/+4
| | | | Reported by: portscout
* security/fizz: update 2025.12.01.00 → 2025.12.15.00Yuri Victorovich3 days3-5/+5
|
* security/zaproxy: Update to 2.17.0Jose Alonso Cardenas Marquez3 days4-92/+70
| | | | ChangeLog at: https://www.zaproxy.org/docs/desktop/releases/2.17.0/
* many: Unpin Go portsDag-Erling Smørgrav3 days18-30/+18
| | | | | | | | | | | | * Ports that were pinned to a deprecated version of Go (1.23 or older) have been unpinned. * Ports that were pinned to a still-supported version of Go (1.24 or newer) have been converted to requesting that as their minimum Go version. * Ports that had been forcibly deprecated for pinning an expired Go version have been undeprecated.
* security/git-credential-gopass: Update to 1.16.1Emanuel Haupt4 days2-9/+8
|
* devel/libtextstyle, devel/gettext*: Update to 0.26Tijl Coosemans4 days2-6/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Recent versions of gettext no longer install m4 files in PREFIX/share/aclocal. They have to be installed in the work directory by autopoint for aclocal to find them. Patch devel/autoconf so autoreconf runs autopoint when gettext related macros are used in configure.ac (e.g. AM_ICONV). Previously it only ran autopoint when AM_GNU_GETTEXT_(REQUIRE_)VERSION was used. The following ports now require autopoint (i.e. USES=gettext-tools): benchmarks/sysbench, devel/libhtp, editors/fxite, filesystems/rar2fs, graphics/gd, net/ucarp, news/fidogate, sysutils/cdrdao Other fixes: emulators/mednafen, misc/lifelines: Use older version of gettext macros. ftp/axel: Patch Makefile.am and configure.ac to get gettext working and add NLS option. ftp/wzdftpd: Use autoreconf 2.72. mail/sympa: Remove hack from configure.ac. multimedia/dvdauthor: Use ports autoreconf. net/asterisk-chan_sccp: Drop autoreconf and gettext-tools dependencies. security/pam_pkcs11: Patch configure.ac so autoreconf can find the custom directory with m4 files. sysutils/grub2-efi, sysutils/grub2-pcbsd: Add patch to run autoreconf with -f flag so it updates all files. www/wget2: Patch configure.ac to what autopoint expects. PR: 287167 Exp-run by: antoine
* security/tailscale: Update to 1.92.2Ashish SHUKLA4 days2-6/+6
| | | | MFH: 2025Q4
* security/vuxml: Document Roundcube vulnerabilitieBernard Spil5 days1-0/+26
|
* security/kanidm: Update to 1.8.5Jesús Daniel Colmenares Oviedo5 days3-46/+46
| | | | | | ChangeLog: https://github.com/kanidm/kanidm/releases/tag/v1.8.5 Approved by: bofh@ (implicit)
* security/gopass: Update to 1.16.1Nuno Teixeira5 days2-9/+8
| | | | | ChangeLog: https://github.com/gopasspw/gopass/releases/tag/v1.16.17 MFH: 2025Q4
* security/vuxml: Add www/github-release-monitor < 1.4.1Jesús Daniel Colmenares Oviedo5 days1-0/+39
|
* security/xray-core: Update 25.7.26 => 25.12.8, geodata and sitedata update ↵Kirill Lebedev5 days2-16/+15
| | | | | | | | | | | | | | | to latests Changelogs: https://github.com/XTLS/Xray-core/releases/tag/v25.8.3 https://github.com/XTLS/Xray-core/releases/tag/v25.9.5 https://github.com/XTLS/Xray-core/releases/tag/v25.9.11 https://github.com/XTLS/Xray-core/releases/tag/v25.10.15 https://github.com/XTLS/Xray-core/releases/tag/v25.12.8 While here reduce number of MKDIR call. PR: 291480
* security/qt-sudo: Update to 2.3.0Nuno Teixeira6 days2-4/+4
| | | | ChangeLog: https://github.com/aarnt/qt-sudo/releases/tag/v2.3.0
* security/libgpg-error: update to 1.58Roman Bogorodskiy6 days3-5/+5
|
* java/autofirma: [new port]. Digital signature applicationFernando Apesteguía6 days9-0/+94
| | | | | | | | | Autofirma is a java application used to sign digital documents. It is the official application of the Spanish Government and as such it is required to perform many online tasks with the Administration. Reviewed by: michaelo@ Differential Revision: https://reviews.freebsd.org/D53807
* security/vuxml: Document vulnerability in www/varnish-libvmod-digestRyan Steinmetz6 days1-0/+32
|
* security/vuxml: Document Jenkins Security Advisory 2025-12-10Li-Wen Hsu6 days1-0/+42
| | | | | PR: 291580 Sponsored by: The FreeBSD Foundation
* KDE: Update KDE Gear to 25.12.0Max Brazhnikov7 days8-18/+29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Announcement: https://kde.org/announcements/gear/25.12.0/ Ports changes: deskutils/itinerary: - Require QCoro6 deskutils/kdeconnect-kde: - Regenerate patches devel/kpublictransport: - Require QtLocation editors/kate: - Fix shebang math/rocs: - Switch to Qt6/KF6 multimedia/kamoso: - Require KF6KirigamiAddons multimedia/kdenlive: - Require KDDockWidgets science/step: - Remove stale patch
* security/vuxml: Add c-ares vulnerabilityFernando Apesteguía7 days1-0/+30
| | | | | | | * CVE-2025-62408 PR: 291503 Reported by: polarian@polarian.dev
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-19 03:11:59 +0000