From nobody Thu Jun 11 08:27:45 2026
X-Original-To: dev-commits-ports-all@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gbbPJ1LJxz6gwRh;
	Thu, 11 Jun 2026 08:27:48 +0000 (UTC)
	(envelope-from brnrd@freebsd.org)
Received: from smtp-out08.qsp.nl (smtp-out08.qsp.nl [193.254.214.172])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "*.qsp.nl", Issuer "Sectigo Public Server Authentication CA DV R36" (not verified))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4gbbPH3jpZz3gw9;
	Thu, 11 Jun 2026 08:27:47 +0000 (UTC)
	(envelope-from brnrd@freebsd.org)
Authentication-Results: mx1.freebsd.org;
	none
Received: from 5921114a.static.cust.trined.nl (5921114a.static.cust.trined.nl [89.33.17.74])
	by smtp02.qsp.nl (Postfix) with ESMTPSA id 7E9CA1E8C0;
	Thu, 11 Jun 2026 10:27:46 +0200 (CEST)
Received: from mail.bachfreund.nl (php.brnrd.eu [127.12.7.10])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519MLKEM768 server-signature ECDSA (secp384r1) server-digest SHA384)
	(No client certificate requested)
	by 5921114a.static.cust.trined.nl (Postfix) with ESMTPSA id 4gbbPF3ksnzDk5;
	Thu, 11 Jun 2026 08:27:45 +0000 (UTC)
List-Id: Commit messages for all branches of the ports repository <dev-commits-ports-all.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-all
List-Help: <mailto:dev-commits-ports-all+help@freebsd.org>
List-Post: <mailto:dev-commits-ports-all@freebsd.org>
List-Subscribe: <mailto:dev-commits-ports-all+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-ports-all+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-ports-all@freebsd.org
Sender: owner-dev-commits-ports-all@FreeBSD.org
List-Id: <dev-commits-ports-all.FreeBSD.org>
List-Post: <mailto:dev-commits-ports-all@FreeBSD.org>
List-Help: <mailto:dev-commits-ports-all+help@FreeBSD.org>
List-Subscribe: <mailto:dev-commits-ports-all+subscribe@FreeBSD.org>
List-Unsubscribe: <mailto:dev-commits-ports-all+unsubscribe@FreeBSD.org>
List-Owner: <mailto:postmaster@FreeBSD.org>
Precedence: list
MIME-Version: 1.0
Date: Thu, 11 Jun 2026 08:27:45 +0000
From: Bernard Spil <brnrd@freebsd.org>
To: Bryan Drewery <bdrewery@freebsd.org>
Cc: ports-committers@freebsd.org, dev-commits-ports-all@freebsd.org,
 dev-commits-ports-branches@freebsd.org
Subject: Re: git: 782a4f0191e6 - 2026Q2 - security/openssl35: Security update
 to 3.5.7
In-Reply-To: <f953b783-bb33-4cc2-b323-f3a610a91e23@FreeBSD.org>
References: <6a29489a.36fad.5c3fc8b3@gitrepo.freebsd.org>
 <f953b783-bb33-4cc2-b323-f3a610a91e23@FreeBSD.org>
Message-ID: <07e943fa39f19f8b941a7c8931201e49@freebsd.org>
X-Sender: brnrd@freebsd.org
Content-Type: text/plain; charset=UTF-8;
 format=flowed
Content-Transfer-Encoding: 8bit
X-Spamd-Result: default: False [-4.00 / 15.00];
	REPLY(-4.00)[];
	ASN(0.00)[asn:12315, ipnet:193.254.214.0/23, country:NL]
X-Rspamd-Queue-Id: 4gbbPH3jpZz3gw9
X-Spamd-Bar: ----
X-Rspamd-Pre-Result: action=no action;
	module=replies;
	Message is reply to one we originated

Hi Bryan,

Looks like some left-over file from an earlier patch? The 
patch-CVE-2026-2673 file is no longer in the ports tree.

https://cgit.freebsd.org/ports/tree/security/openssl35/files

security/openssl35/files/extra-patch-ktls
security/openssl35/files/extra-patch-util_find-doc-nits
security/openssl35/files/patch-Configurations_10-main.conf
security/openssl35/files/patch-crypto_threads__pthread.c

On 2026-06-10 14:44, Bryan Drewery wrote:
> ===>  Patching for openssl35-3.5.7
> ===>  Applying FreeBSD patches for openssl35-3.5.7 from 
> /root/git/ports/quarterly/security/openssl35/files
> 2 out of 2 hunks failed--saving rejects to CHANGES.md.rej
> 1 out of 2 hunks failed--saving rejects to NEWS.md.rej
> Ignoring previously applied (or reversed) patch.
> 3 out of 3 hunks ignored--saving rejects to 
> doc/man3/SSL_CTX_set1_curves.pod.rej
> Ignoring previously applied (or reversed) patch.
> 10 out of 10 hunks ignored--saving rejects to ssl/t1_lib.c.rej
> Ignoring previously applied (or reversed) patch.
> 4 out of 4 hunks ignored--saving rejects to 
> test/tls13groupselection_test.c.rej
> ===>  FAILED Applying FreeBSD patch-CVE-2026-2673
> ===> FAILED to apply cleanly FreeBSD patch(es) patch-CVE-2026-2673
> *** Error code 1
> 
> Stop.
> 
> 
> On 6/10/26 4:20 AM, Bernard Spil wrote:
>> The branch 2026Q2 has been updated by brnrd:
>> 
>> URL: 
>> https://cgit.FreeBSD.org/ports/commit/?id=782a4f0191e61695062e54b07a7bf25be76eef5d
>> 
>> commit 782a4f0191e61695062e54b07a7bf25be76eef5d
>> Author:     Bernard Spil <brnrd@FreeBSD.org>
>> AuthorDate: 2026-06-10 09:41:09 +0000
>> Commit:     Bernard Spil <brnrd@FreeBSD.org>
>> CommitDate: 2026-06-10 11:20:51 +0000
>> 
>>      security/openssl35: Security update to 3.5.7
>>           Security:       259b562f-64ab-11f1-8607-8447094a420f
>>      MFH:            2026Q2
>>      (cherry picked from commit 
>> 29d6a2251c64afc07e6bd9568f86c889c9606008)
>> ---
>>   security/openssl35/Makefile    |  3 +--
>>   security/openssl35/distinfo    |  6 +++---
>>   security/openssl35/pkg-message | 20 ++++++++++++++++++++
>>   3 files changed, 24 insertions(+), 5 deletions(-)
>> 
>> diff --git a/security/openssl35/Makefile b/security/openssl35/Makefile
>> index e4944d1c2052..ee81e449099b 100644
>> --- a/security/openssl35/Makefile
>> +++ b/security/openssl35/Makefile
>> @@ -1,6 +1,5 @@
>>   PORTNAME=	openssl
>> -PORTVERSION=	3.5.5
>> -PORTREVISION=	1
>> +PORTVERSION=	3.5.7
>>   CATEGORIES=	security devel
>>   PKGNAMESUFFIX=	35
>>   
>> MASTER_SITES=	https://github.com/openssl/openssl/releases/download/${DISTNAME}/
>> diff --git a/security/openssl35/distinfo b/security/openssl35/distinfo
>> index 4176d3ac1f44..926afadac784 100644
>> --- a/security/openssl35/distinfo
>> +++ b/security/openssl35/distinfo
>> @@ -1,3 +1,3 @@
>> -TIMESTAMP = 1769522567
>> -SHA256 (openssl-3.5.5.tar.gz) = 
>> b28c91532a8b65a1f983b4c28b7488174e4a01008e29ce8e69bd789f28bc2a89
>> -SIZE (openssl-3.5.5.tar.gz) = 53104821
>> +TIMESTAMP = 1781081653
>> +SHA256 (openssl-3.5.7.tar.gz) = 
>> a8c0d28a529ca480f9f36cf5792e2cd21984552a3c8e4aa11a24aa31aeac98e8
>> +SIZE (openssl-3.5.7.tar.gz) = 53153930
>> diff --git a/security/openssl35/pkg-message 
>> b/security/openssl35/pkg-message
>> new file mode 100644
>> index 000000000000..53d067cec3cd
>> --- /dev/null
>> +++ b/security/openssl35/pkg-message
>> @@ -0,0 +1,20 @@
>> +[
>> +{ type: install
>> +  message: <<EOM
>> +This port (security/openssl35) will be renamed to
>> +security/openssl per 2026-07-01 (2026Q3) in anticipation
>> +of the End-of-Life of OpenSSL 3.0.
>> +See: https://openssl-library.org/roadmap/index.html
>> +EOM
>> +},
>> +{ type: upgrade
>> +  message: <<EOM
>> +This port (security/openssl) will update from 3.0 to 3.5
>> +per 2026-07-01 (2026Q3) in anticipation of the End-of-Life
>> +of OpenSSL 3.0.
>> +A new port (security/openssl30) will be created for the
>> +remainder of the lifespan of OpenSSL 3.0 and FreeBSD 14.
>> +See: https://openssl-library.org/roadmap/index.html
>> +EOM
>> +},
>> +]
>>