| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
I received a fallout complaint from i386 FreeBSD 15-PRERELEASE
builders that, as of now, has no other explanation than a tightened
(if intermediately) SECLEVEL on that machine, and that's due to
Diffie-Hellman 2048 bit parameters, and self-tests are failing
with stereotypical "ee key too small" and "dh key too small".
While it's not clear what the exact cause of the failure is and
if we had a glitch in the OpenSSL 3.5.1 import (Enji updated
the main branch to 3.5.2 shortly after), let's modernize the
setup a bit.
Fallout and Builder logs (I take it the 2nd URL states
that the FreeBSD src branch was at commit c6778f3a442):
https://pkg-status.freebsd.org/beefy17/data/main-i386-default/p98b748365fe6_sc6778f3a442/logs/openvpn-2.6.14.log
https://pkg-status.freebsd.org/beefy17/build.html?mastername=main-i386-default&build=p98b748365fe6_sc6778f3a442
2025-08-20 11:46:39 OpenVPN 2.6.14 i386-portbld-freebsd15.0 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [MH/RECVDA] [AEAD] [DCO]
2025-08-20 11:46:39 Note: dev-type not tun, disabling data channel offload.
2025-08-20 11:46:39 library versions: OpenSSL 3.5.1 1 Jul 2025, LZO 2.10
2025-08-20 11:46:39 OpenVPN 2.6.14 i386-portbld-freebsd15.0 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [MH/RECVDA] [AEAD] [DCO]
2025-08-20 11:46:39 DCO version: FreeBSD 15.0-PRERELEASE 1500061
2025-08-20 11:46:39 library versions: OpenSSL 3.5.1 1 Jul 2025, LZO 2.10
2025-08-20 11:46:39 DCO version: FreeBSD 15.0-PRERELEASE 1500061
2025-08-20 11:46:39 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2025-08-20 11:46:39 GDG: problem writing to routing socket: Invalid argument (errno=22)
2025-08-20 11:46:39 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2025-08-20 11:46:39 OpenSSL: error:030000A8:digital envelope routines::unknown security bits:
2025-08-20 11:46:39 OpenSSL: error:0A00018A:SSL routines::dh key too small:
2025-08-20 11:46:39 SSL_CTX_set0_tmp_dh_pkey
2025-08-20 11:46:39 Exiting due to fatal error
2025-08-20 11:46:39 OpenSSL: error:030000A8:digital envelope routines::unknown security bits:
2025-08-20 11:46:39 OpenSSL: error:0A00018F:SSL routines::ee key too small:
2025-08-20 11:46:39 Cannot load inline certificate file
2025-08-20 11:46:39 Exiting due to fatal error
FAIL: t_cltsrv.sh
That prompted upstream to file a bug and the suggestion to strip
dh2048.pem from installing the demo file and sample configuration should
not affect existing setups, however, if someone would have used
the shipped dh2048.pem file, that would have to be regenerated with
openssl dhparam -out dh2048.pem 2048.
https://github.com/OpenVPN/openvpn/issues/819
https://gerrit.openvpn.net/c/openvpn/+/1145
Upstream changelog, as of v3 of the latter:
| Remove use of 'dh dh2048.pem' from sample configs, remove 'dh2048.pem' file
|
| Since commit bd9aa06feb41 (Jan 2015) OpenVPN has allowed to use
| '--dh none' to disable traditional Diffie Hellman, since more secure
| ECDH algorithms are available that do not use explicit DH parameters.
|
| If configured with a suffiently high securelevel (3+), or if running in
| FIPS mode, OpenSSL 3.5 will refuse 2048 bit DH files, making our tests
| fail.
|
| Thus, remove all the DH2048 stuff from our sample configs.
Obtained from: Gert Doering
While here, delete files/patch-src_plugins_auth-pam_auth-pam.c
because upstream (namely Antonio Quartulli) had fixed that omission
in v2.6-beta1 already (in 2022, as of OpenVPN's commit 0fed64a91d894b46).
Nobody has been able yet to reproduce the test failure other than by
forcing SECLEVEL=3, so let's just push this and see if we receive
pkg-fallout again next time i386 gets its ports built. Upstream
considers the patch necessary anyways, so let's not waste too much
time on testing on a dying system.
|
| |
|
|
|
|
| |
And also address a small nit from [1]
PR: 288660 [1]
|
| |
|
|
|
|
| |
And also address a small nit from [1]
PR: 288660 [1]
|
| | |
|
| |
|
|
| |
On a side note: it's bad that libsox is bundled.
|
| |
|
|
| |
ChangeLog: https://github.com/m3g/packmol/releases/tag/v21.1.0
|
| |
|
|
|
|
|
|
|
|
|
| |
Changelog:
https://hackage.haskell.org/package/cabal-plan-0.7.6.1/changelog
Commit log:
https://github.com/haskell-hvr/cabal-plan/compare/v0.7.5.0...v0.7.6.1
PR: 288930
Approved by: yuri@ (Mentor)
|
| | |
|
| |
|
|
| |
Security: CVE-2025-57736
|
| |
|
|
|
|
|
|
| |
Apply same fix as src/f96110babbe1, also upstream/83cd76b11. This
fixes upstream bug #9181. The result of the bug is the acceptance
of MIC tokens with invalid checksums.
Security: CVE-2025-57736
|
| |
|
|
| |
Regenerate patches using makepatch.
|
| | |
|
| | |
|
| |
|
|
|
| |
... because it installs shared libraries into the Python module path
that users later link with.
|
| |
|
|
| |
PR: 286820
|
| |
|
|
| |
PR: 286820
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
While here:
- switch to use upstream release tarball
- split PLIST_FILES into pkg-plist
- move post-patch target to patch file since the change is about
static content
- sort variable order to make portclippy happy
Changelog: https://github.com/jtheoof/swappy/blob/v1.7.1/CHANGELOG.md
Reported by: GitHub (watch releases)
|
| |
|
|
|
| |
Changes: https://sourceforge.net/p/ruamel-yaml/code/ci/0.18.15/tree/CHANGES
Reported by: portscout, repology
|
| |
|
|
|
|
| |
Changelog: https://github.com/hyprwm/aquamarine/releases/tag/v0.9.3
Reported by: GitHub (watch releases)
|
| |
|
|
|
|
|
|
|
|
| |
While some users want the upstream sshd filters to have the
contents the BSD sshd filters, others use them as is. Revert
this change. Let users decide which to use.
PR: 288849
This reverts commit d906503fb22992a7a92d46365b9f2af31454dee6.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Changelog: https://github.com/hyprwm/hyprutils/releases/tag/v0.8.3
Reported by: GitHub (watch releases)
|
| |
|
|
| |
Reported by: portscout
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
Changelog: https://github.com/Jackett/Jackett/releases
PR: 288948
Reported by: Ralf van der Enden <tremere@cainites.net> (maintainer)
|
| |
|
|
|
|
|
|
|
| |
This will make it easy to maintain a custom configuration by importing
the current Anubis rules/policies.
Approved by: dch (maintainer)
Differential Revision: https://reviews.freebsd.org/D51750
|
| |
|
|
|
|
|
|
|
|
|
| |
While here, update license from GPLv3+ to LGPL21.
Changelog:
- https://github.com/whoozle/android-file-transfer-linux/releases/tag/v4.4
- https://github.com/whoozle/android-file-transfer-linux/releases/tag/v4.5
PR: 288925
Reported by: Tiago Gasiba <tiago.gasiba@gmail.com> (maintainer)
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Changelog: https://github.com/huggingface/xet-core/releases/tag/v1.1.8
Reported by: portscout
|
| |
|
|
|
|
|
|
| |
While here, add DOCS option.
Changelog: https://github.com/astral-sh/ty/blob/0.0.1-alpha.19/CHANGELOG.md
Reported by: portscout
|
| |
|
|
|
|
|
|
|
| |
ChangeLogs:
- https://github.com/haproxytech/dataplaneapi/releases/tag/v3.2.2
- https://github.com/haproxytech/dataplaneapi/releases/tag/v3.2.3
Approved by: acm (mentor)
|
| | |
|
| |
|
|
|
| |
Release Notes:
https://www.thunderbird.net/en-US/thunderbird/140.2.0esr/releasenotes/
|
| |
|
|
|
|
| |
ChangeLog: https://github.com/searxng/searxng/compare/d57433...25647c
Approved by: acm (mentor)
|
| |
|
|
|
|
| |
ChangeLog: https://github.com/valkey-io/valkey-py/releases/tag/v6.1.1
Approved by: acm (mentor)
|
| |
|
|
|
|
|
| |
ChangeLog:
https://github.com/valkey-io/libvalkey/compare/0.1.0...0.2.0
Approved by: acm (mentor)
|
| |
|
|
|
|
|
|
|
| |
ChangeLogs:
- https://github.com/filebrowser/filebrowser/releases/tag/v2.42.4
- https://github.com/filebrowser/filebrowser/releases/tag/v2.42.5
Approved by: acm (mentor)
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
Also add more upstream bugfixes. Upstream commit c3d2f07399da
contains bits that look like PDF headers that cause github.com to
return Forbidden. Put it as a patch in the ports tree.
PR: 288928
|
| |
|
|
|
|
| |
ChangeLog: https://sourceforge.net/p/maxima/code/ci/master/tree/changelogs/ChangeLog-5.48.md
Reported by: portscout
|
| |
|
|
|
|
| |
ChangeLog: https://gitlab.com/Remmina/Remmina/-/tags/v1.4.41
Update translation files
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ChangeLog:
https://openvsp.org/blogs/announcements/2025/08/12/openvsp-3-45-1-released
Features:
* Camber decomposition scaling for file and interpolated airfoils
* Advanced Link code section now has line numbers
* Advanced Link code error messages reflect displayed line numbers
* Geometry Analysis Online Help
* Error handling for Geometry Analysis
* Adjust Main Screen sizing
VSPAERO Updates:
* Cleaned up vspaero_opt
* Optimization support for non-geometric inputs as design variables
* Optimization based trim mode
* Preliminary support for VSPAERO API wrapper
* Various bug fixes
Bug Fixes:
* Fix holes in NGon mesh with co-planar surfaces
* Fix control surface tag file name problem on Windows
* Fix vspviewer temp directory problem on Linux
* Fix writing Mref to VSPAERO input file
* Add omitted support for VSPAERO CLMax2D parameter
* Expose AuxGeom XSec Attributes
* Fix bug with tessellation of EngineGeom
* Fix CFDMesh crash tied to model scale.
* Fix reading STL files on Windows with non-native line endings.
* Fix Bogie containers not appearing in search
* Fix CG envelope calculations & visualization
* Clean up GearScreen
* Improve matrix attribute format string
|
| | |
|
| |
|
|
| |
PyTorch and TensorFlow
|
