v8d was released on 2012-01-15 while v9d (current) was released on 2020-01-12. The version in ports is vulnerable to at least CVE-2020-14152 and CVE-2020-14153. If you plan to update also add USES=cpe with CPE_VENDOR=ijg CPE_PRODUCT=libjpeg. Alternatively, there's no reason to keep this port after ports r397084 with review D18724 partially confirimng lack of interest. https://www.ijg.org/files/ https://repology.org/project/jpeg/versions https://nvd.nist.gov/vuln/search/results?form_type=Advanced&results_type=overview&seach_type=all&query=cpe:2.3:a:ijg:libjpeg:8d
A commit references this bug: Author: antoine Date: Mon Oct 26 20:21:06 UTC 2020 New revision: 553383 URL: https://svnweb.freebsd.org/changeset/ports/553383 Log: Deprecate graphics/jpeg PR: 250616 Changes: head/graphics/jpeg/Makefile
graphics/jpeg was deprecated.