serf 1.3.6_1 has a new CVE, so I wanted to update it. However: New packages to be INSTALLED: compat9x-amd64: 9.2.902000.201310 mpfr: 3.1.2_2 plexmediaserver-plexpass: 0.9.9.16.555 mpc: 1.0.2 gcc-ecj: 4.5 binutils: 2.24 gcc5: 5.0.s20140824 Installed packages to be UPGRADED: serf: 1.3.6_1 -> 1.3.7 The list of packages to install is absurd. None of those were needed for the last version of serf, and the inclusion of "plexmediaserver-plexpass" shows something has gone terribly wrong.
Adding serf maintainer to CC
It shouldn't be in triage if the maintainer has been CC'd.
It looks like pkg / repo problem. I had such problems earlier on my laptop (not with serf), and it was pkg infrastructure problem, not port problem.
Is this still an issue with the current (latest) package set? Assigning to Lev (maintainer) since www/serf is the affected pkg we have a report for. CC portmgr in case there's a broader issue affecting other packages.