gentoo auto-resync : 29:01:2025 - 22:43:19

28 files changed, 40 insertions, 1528 deletions

diff --git a/dev-libs/Manifest.gz b/dev-libs/Manifest.gz
index 036d9d084467..128b107efb11 100644
--- a/dev-libs/Manifest.gz
+++ b/dev-libs/Manifest.gz
diff --git a/dev-libs/collada-dom/files/take_snapshot.sh b/dev-libs/collada-dom/files/take_snapshot.sh
index fcf9c75e3423..fcf9c75e3423 100755..100644
--- a/dev-libs/collada-dom/files/take_snapshot.sh
+++ b/dev-libs/collada-dom/files/take_snapshot.sh
diff --git a/dev-libs/efl/Manifest b/dev-libs/efl/Manifest
index 61973d5e8434..13b5cf596406 100644
--- a/dev-libs/efl/Manifest
+++ b/dev-libs/efl/Manifest
@@ -1,6 +1,6 @@
 AUX efl-1.27-eina_string_view.patch 1384 BLAKE2B a2582818ff1a0f0bf5c3ebb70256cf449c1196ef1d409cbd4bcd5f7e5b1d7b51331a3350a0200211204a8743b099e23d8b6b5f349f130046546609d127dd3aad SHA512 9024545ec77be7582862c3b38dc2c718d8df93257f7025a0c4dbc8de3858dd4d9815c570386c9b2327581d757e3e34d527f7499040ea7406917684098ea94cd7
 DIST efl-1.27.0.tar.xz 168543208 BLAKE2B 082f7089f1a017db8e62f36fb2a51e18c7d00b74b8e865a60d066e49921c69720101deb3184a125633a6c646e241b8765cccc038c906c00d4ca16ecb705faf6f SHA512 5dda2f630463a2504d9246be17449579bbc470904e137b02b3b5c44db033dec2688f6c477885de1485944d875ee62619b6e7c5d4d3657225951f6feaf83b4fa4
 DIST efl-1.28.0.tar.xz 168556580 BLAKE2B d40cc99a5512c81931ba6d8459ff3941406a377cf17131300a2681a180e40467526ea71039c5d4bcaf8c4fe192d3b656a168333a75a0d5d3f7bbc7c681ec3c61 SHA512 f88b005f981f09496baac0a1232c26433ad80acc5957a0a972a9b1335dda111d8defbfd7ed0ed6a7ead1528d58fef4f7ed53c60b87f33c625fb22f38683a890d
-EBUILD efl-1.27.0-r1.ebuild 8110 BLAKE2B 1ded95f800d9c459c6e6248c49302146b3d3e79acdc461146a3377eff724abca595b5351d08393efc6a2ff103691e79c639f28f76b0d0b893f1d55b2a4c4e307 SHA512 4dbcfad9f03f59d857b421368b7ae401f0744343935148b4885c6cf718fb7c9ad12bfcba3535fd194a6a13f36e0785cc7b4822cac8e15e880bd2bfb5317c26b4
-EBUILD efl-1.28.0.ebuild 8119 BLAKE2B 8ca969ddbcb0a8547515af9fffe5f11723e07f162dd77ec2cdd13f5fa61410e3902bf0a12f0442e13e2f874be44123ef63515c461d0ee2ccd4a054cb6a905732 SHA512 ec4b35334463a84f11e98183e04b3dbe4f3d8096a5e0d82c48773a315ffab4b89d2d78139cd4dd25eca3570bbf1a7c7fbd9d076ef1c5d991e6911ba28c96d2af
+EBUILD efl-1.27.0-r1.ebuild 8221 BLAKE2B b59d1348fa50769ce12df1eb374a4ab7f80d51b125eff9cec0452625bfaa8483f6de231d9a02d2cfe1522ecd2a53b4fe20f1084d59648afa5122e561dcd99bb1 SHA512 3e2a611d266a378691523b1142be4ed034923c2c71c86256e955fb82f123a9d308a8d5c8f0b5da0b18120519895b5f28182066640373e82f53e62b4f17a6a674
+EBUILD efl-1.28.0.ebuild 8201 BLAKE2B 94393d3b0c1330a011a9ad2dd8f48041e765dd90856434e1567442bdf20b0a4b97be49c1f1b4903e2351ba8f8c6ecdf0a4bb053ecced6faca6f5e7d3da5cfd37 SHA512 390a611ad95105a30f9035f983ab099f1bd6c3f943a9a9aebecb1e5c7633f972eb8bdef874a2a0fd7aea96e2bc8a529a5485e2c2156117e96e5c95625de6dde7
 MISC metadata.xml 1835 BLAKE2B 9057e58727f82d085606315896cca8f37f81fc9642cb3d40fed53f07ae09bedfd6d1d1a23878bca9e7e2713314d83c26dcfbf305557cfdfbeeeb01bfb73b2867 SHA512 ac1d09983c4f6e992dd92cc6aa4770a6a847be3a4f5b4236867d411f5c730e8b743574864b948301782eedd72e78dfdd6e7a4deeffd4a09f2f52f958e9a1e6c7
diff --git a/dev-libs/efl/efl-1.27.0-r1.ebuild b/dev-libs/efl/efl-1.27.0-r1.ebuild
index 06352ba5d97a..649d1780fba0 100644
--- a/dev-libs/efl/efl-1.27.0-r1.ebuild
+++ b/dev-libs/efl/efl-1.27.0-r1.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2024 Gentoo Authors
+# Copyright 1999-2025 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI=8
@@ -8,7 +8,7 @@ LUA_COMPAT=( lua5-{1,2} luajit )
 
 PYTHON_COMPAT=( python3_{10..13} )
 
-inherit lua-single meson python-any-r1 xdg
+inherit flag-o-matic lua-single meson python-any-r1 xdg
 
 DESCRIPTION="Enlightenment Foundation Libraries all-in-one package"
 HOMEPAGE="https://www.enlightenment.org"
@@ -282,6 +282,11 @@ src_configure() {
 		emesonargs+=( -D native-arch-optimization=false )
 	fi
 
+	if use elibc_musl ; then
+		append-cflags -D__USE_MISC
+		append-cflags -D_LARGEFILE64_SOURCE
+	fi
+
 	meson_src_configure
 }
 
diff --git a/dev-libs/efl/efl-1.28.0.ebuild b/dev-libs/efl/efl-1.28.0.ebuild
index 04c679ce28e5..3e837c98f669 100644
--- a/dev-libs/efl/efl-1.28.0.ebuild
+++ b/dev-libs/efl/efl-1.28.0.ebuild
@@ -8,7 +8,7 @@ LUA_COMPAT=( lua5-{1,2} luajit )
 
 PYTHON_COMPAT=( python3_{10..13} )
 
-inherit lua-single meson python-any-r1 xdg
+inherit flag-o-matic lua-single meson python-any-r1 xdg
 
 DESCRIPTION="Enlightenment Foundation Libraries all-in-one package"
 HOMEPAGE="https://www.enlightenment.org"
@@ -285,6 +285,10 @@ src_configure() {
 		emesonargs+=( -D native-arch-optimization=false )
 	fi
 
+	if use elibc_musl ; then
+		append-cflags -D_LARGEFILE64_SOURCE
+	fi
+
 	meson_src_configure
 }
 
diff --git a/dev-libs/intel-compute-runtime/Manifest b/dev-libs/intel-compute-runtime/Manifest
index 6ddf8af764e8..074a2fc9b72e 100644
--- a/dev-libs/intel-compute-runtime/Manifest
+++ b/dev-libs/intel-compute-runtime/Manifest
@@ -1,7 +1,5 @@
-DIST intel-compute-runtime-24.35.30872.25.tar.gz 7375680 BLAKE2B 8aede769b46ecdb2eb49346bc87c1e58fbefa382e80419a301b00197fbdc977f62b001e7670a912a28c736aafc59e60d45a4c4d3e61331d6001307c184d3a4b8 SHA512 4e09f432f1f3a7f8c3b9a7bbd6981f2b26a837fc6f6b4459d21bb51fcce94a3c95726d23fb77be2664c7fbdf4dd270e1ec21af1bc815e718a5df865e8bbdac03
 DIST intel-compute-runtime-24.35.30872.32.tar.gz 7376572 BLAKE2B af924c111d288621ddcb14b9d77ff384c632668705e4858ed27424522b6c96e1e7b54012b202c6ade64da668681f3089d0a35d64ecb97ddec642ace8774b3e47 SHA512 2ac8dbefcc1a86b33afd78b8a1d30a959fb980e47402852514d43503df87ea70ea35f192243b78faedce749b3087f244631080f16ddb099a93ec79698176f6b5
-DIST intel-compute-runtime-24.52.32224.5.tar.gz 7418220 BLAKE2B fa1e165cf20e7c31fff15c19700e3589338edc8255b567131c038fb58086a72243994b08e668ecc43fdbc5668177ab6acb95ff32ac40c7703de90778c876b9db SHA512 548b249aab5a21fd94846a96443fd3f766664ea401ba86803f106b8001d4f4f0224d8581952162c31c12b4aa5bc82fc6b4236929c921c0a93763950a7e221363
-EBUILD intel-compute-runtime-24.35.30872.25-r1.ebuild 2047 BLAKE2B b890ad5021719f3dac0e874c5b1a21a6b063634b33401282f23a7e98b2ecff534a18551fd560e1063327039a725095666eca0355dc6ab22913882cf11f87dd2a SHA512 2fcc67b63a59f7547a085a6ab4296d61b3ae84a79852f3b37706aa60f44c2041c9f88dbd7b4f04eee2faed52456e789cab4577f97ee101347d091a3770b60fb5
-EBUILD intel-compute-runtime-24.35.30872.32.ebuild 2068 BLAKE2B 95cf9aad083d6d1d94d8b597271f756ae2a15f1fd44bb6321444f2ffc185c41074506d65f013cdd1b8afc8f6cf2c0d21ea78b75643d6fbb12e2b8f76b2d08169 SHA512 5b154783acf48065e6474e27277308a60572a98397475db38c7b8ab1945a05991faf828c05fa0b74963ce1c89cd618ac6a0bc79fb5cd4c0e3a8181e4009e1ad9
-EBUILD intel-compute-runtime-24.52.32224.5.ebuild 2061 BLAKE2B a493533c2f592bc8616ae862393e7e29de9bcf642b397550ff43d105fe86e4dc11e6259510dc584ad0003880b3f7588428c39ce6e47b8e67ec0938bfa5187929 SHA512 aae9560ad372cce5e76c5d3537cc2ec3faeb4afd290b16968445d9dcf40194535fadac890007d4a8625f739212731904bb220c2fd0d150f87a9cefd8a08b6abb
+DIST intel-compute-runtime-24.52.32224.8.tar.gz 7418670 BLAKE2B 474ba6ed02fd82110730f3b48b64745a821266f14bccb2487ac4ff25b7624c5b3cd18d04f3c9a505606b18c3467f253ab1bf7a75e5c5a6b98843d7a9bc5d13f0 SHA512 a5b9016646776f918fc29379b2f14ba52fb554c7ee9cb9f5ebd3a8921c5247785f3906fe7df7b20907d0067f6fe1e05501b33ef914a37baf3b0002d44acc56e0
+EBUILD intel-compute-runtime-24.35.30872.32.ebuild 2067 BLAKE2B 41102162ecb453b5ab09eca4e61464c683a9e21626a1a632dfcb8a28c7f9def988c3474ebb5b594dc6adbde7157191ab21700b066317bd515db137790bd9ac44 SHA512 8ad8578411698e8d6c45f502dd84ebde8ad34002d605f5f2e93764a625bd50a6bd88852d932ab6fab1ac5bc26eb10ef43dd85f8c120ec118bae3e522a80588a5
+EBUILD intel-compute-runtime-24.52.32224.8.ebuild 2061 BLAKE2B a493533c2f592bc8616ae862393e7e29de9bcf642b397550ff43d105fe86e4dc11e6259510dc584ad0003880b3f7588428c39ce6e47b8e67ec0938bfa5187929 SHA512 aae9560ad372cce5e76c5d3537cc2ec3faeb4afd290b16968445d9dcf40194535fadac890007d4a8625f739212731904bb220c2fd0d150f87a9cefd8a08b6abb
 MISC metadata.xml 1429 BLAKE2B 6c2fde2fda8cd6b9d707c400c5b4d38e3d74dd73617faa9dd80f84100d499182ea959e695a473d32307914e76a26bae531a92677f0e4bedbdf05fc1cbd3095ff SHA512 ac61568ad36df6f6c8470b43f32d048930e4a569ec86d58ff563a86ae748f6bddb8700de487e4967da4998160f1c01517be0817cccc445a821984aff36617b6d
diff --git a/dev-libs/intel-compute-runtime/intel-compute-runtime-24.35.30872.25-r1.ebuild b/dev-libs/intel-compute-runtime/intel-compute-runtime-24.35.30872.25-r1.ebuild
deleted file mode 100644
index 341100484c5f..000000000000
--- a/dev-libs/intel-compute-runtime/intel-compute-runtime-24.35.30872.25-r1.ebuild
+++ /dev/null
@@ -1,84 +0,0 @@
-# Copyright 1999-2024 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-CMAKE_BUILD_TYPE="Release"
-MY_PN="${PN/intel-/}"
-MY_P="${MY_PN}-${PV}"
-
-inherit cmake flag-o-matic
-
-DESCRIPTION="Intel Graphics Compute Runtime for oneAPI Level Zero and OpenCL Driver"
-HOMEPAGE="https://github.com/intel/compute-runtime"
-SRC_URI="https://github.com/intel/${MY_PN}/archive/${PV}.tar.gz -> ${P}.tar.gz"
-S="${WORKDIR}/${MY_P}"
-
-LICENSE="MIT"
-SLOT="0"
-KEYWORDS="amd64"
-IUSE="+l0 +vaapi"
-
-RDEPEND="
-	>=dev-util/intel-graphics-compiler-1.0.17657.8
-	>=media-libs/gmmlib-22.5.2:=
-"
-
-DEPEND="
-	${RDEPEND}
-	dev-libs/intel-metrics-discovery:=
-	>=dev-libs/intel-metrics-library-1.0.173:=
-	dev-libs/libnl:3
-	dev-libs/libxml2:2
-	>=dev-util/intel-graphics-system-controller-0.9.3:=
-	media-libs/mesa
-	>=virtual/opencl-3
-	l0? ( >=dev-libs/level-zero-1.17.42:= )
-	vaapi? (
-		x11-libs/libdrm[video_cards_intel]
-		media-libs/libva
-	)
-"
-
-BDEPEND="virtual/pkgconfig"
-
-DOCS=( "README.md" "FAQ.md" )
-
-src_prepare() {
-	# Remove '-Werror' from default
-	sed -e '/Werror/d' -i CMakeLists.txt || die
-
-	cmake_src_prepare
-}
-
-src_configure() {
-	# Filtered for two reasons:
-	# 1) https://github.com/intel/compute-runtime/issues/528
-	# 2) bug #930199
-	filter-lto
-
-	local mycmakeargs=(
-		-DCCACHE_ALLOWED="OFF"
-		-DCMAKE_INSTALL_PREFIX="${EPREFIX}/usr"
-		-DCMAKE_INSTALL_LIBDIR="$(get_libdir)"
-		-DBUILD_WITH_L0="$(usex l0)"
-		-DDISABLE_LIBVA="$(usex !vaapi)"
-		-DNEO_ALLOW_LEGACY_PLATFORMS_SUPPORT="ON"
-		-DNEO_DISABLE_LTO="ON"
-		-DNEO__METRICS_LIBRARY_INCLUDE_DIR="${ESYSROOT}/usr/include"
-		-DKHRONOS_GL_HEADERS_DIR="${ESYSROOT}/usr/include"
-		-DOCL_ICD_VENDORDIR="${EPREFIX}/etc/OpenCL/vendors"
-		-DSUPPORT_DG1="ON"
-		-Wno-dev
-
-		# See https://github.com/intel/intel-graphics-compiler/issues/204
-		# -DNEO_DISABLE_BUILTINS_COMPILATION="ON"
-
-		# If enabled, tests are automatically run during
-		# the compile phase and we cannot run them because
-		# they require permissions to access the hardware.
-		-DSKIP_UNIT_TESTS="1"
-	)
-
-	cmake_src_configure
-}
diff --git a/dev-libs/intel-compute-runtime/intel-compute-runtime-24.35.30872.32.ebuild b/dev-libs/intel-compute-runtime/intel-compute-runtime-24.35.30872.32.ebuild
index 50c31549953b..7779047d4124 100644
--- a/dev-libs/intel-compute-runtime/intel-compute-runtime-24.35.30872.32.ebuild
+++ b/dev-libs/intel-compute-runtime/intel-compute-runtime-24.35.30872.32.ebuild
@@ -16,7 +16,7 @@ S="${WORKDIR}/${MY_P}"
 
 LICENSE="MIT"
 SLOT="0/1.5.30872"
-KEYWORDS="~amd64"
+KEYWORDS="amd64"
 IUSE="+l0 +vaapi"
 
 RDEPEND="
diff --git a/dev-libs/intel-compute-runtime/intel-compute-runtime-24.52.32224.5.ebuild b/dev-libs/intel-compute-runtime/intel-compute-runtime-24.52.32224.8.ebuild
index d4291a73bbd6..d4291a73bbd6 100644
--- a/dev-libs/intel-compute-runtime/intel-compute-runtime-24.52.32224.5.ebuild
+++ b/dev-libs/intel-compute-runtime/intel-compute-runtime-24.52.32224.8.ebuild
diff --git a/dev-libs/ivykis/Manifest b/dev-libs/ivykis/Manifest
index f55c6b0f4c58..302d28a747ff 100644
--- a/dev-libs/ivykis/Manifest
+++ b/dev-libs/ivykis/Manifest
@@ -3,5 +3,5 @@ DIST ivykis-0.43.1.tar.gz 669621 BLAKE2B 12ef9aa55f2e07540b265eb2f19eba6436abb5c
 DIST ivykis-0.43.2.tar.gz 669628 BLAKE2B e19a2c1df3751f83858337b72529b72344d74f675fc65012c5c77b5a9dbcb91d58fea43138dd21c3e09aa94ad971404f50986d8064ec968770eda2c517d55e02 SHA512 58aefe38e32f301c38568613439a5177470bdc5b6240ec3de93c35752b34ff4d839d036ee48764e8e1cdc53d8a1138cc69947b8857349601316081c0aee66caa
 EBUILD ivykis-0.42.4.ebuild 672 BLAKE2B 585dc80a992ffd4494252f463bbc46deaef783975bd591753a4aecb46a4c7529e1d2c331d5b26004e9707c42492d503f246084ed2f9c9b96194be22f9a4be22a SHA512 fc712b05118dd5e41dde9066bdfc5f5a1e40706b21680efa4490744632531ee7dfac0e7b27e7a4486b40ca5766a7d751ecbb632ae9953cf01b9cfee613508d54
 EBUILD ivykis-0.43.1.ebuild 672 BLAKE2B 72d361a6650812c72643d2aef3f9973dc52ce6055d14d5a560e1dddcc377bcb558aed64cc57ffd2be96c01d49ed16411d5059fc1853dc92ac61e554b850d76dc SHA512 520d4257cd4edda0773ac3e4fbd617b0c1d128c4c102becfba7047a603ef5db8d8ad2229e60712a66b49af68858e6658d730cc53f496cdf42f277fc81ddfce8e
-EBUILD ivykis-0.43.2.ebuild 675 BLAKE2B 88f12c230f65d06a70fd5d83073fb360c1d7f5256061a61301876e2c4d72d9a0bca7a313819e623326fdfbc0cbf5f10b0a93fb63894187aca0a414162c2dc1d2 SHA512 747f69bf19223b24c7db81d86224f029b181bf365a87e634a96fe2077418abf3b8c4c47c6764157913c792430659f30e7af5c7892fa58744bae69a99988a02ea
+EBUILD ivykis-0.43.2.ebuild 674 BLAKE2B b18c334708081511fbac2cc8e4bd7202e7d21230c9e1d2bcfdfee71f603ace75b91096a63740fed59d920bb8eda7930526b4d8f92d427a026143dbe38ce76f4b SHA512 9c3ba809df11b0f99d4d329d0b2f7c96584327b8e98a99c7a46a8eb550dfb013c202e84291867e13d1c09417bb81a64d0b60692157578dc6792c50c102061d85
 MISC metadata.xml 493 BLAKE2B f3a4be026ff907ab931e8c505b4ec77dc8fe96c9d2dee371ba2cfedf01fcf53dc8b0b85424a97b2920a12acf61f3b1994a9e63f047dbc80f7e46c7d1b8aa0c5b SHA512 cf92824a6e84255663ae6921b9e35641e2e7506972c7e0512cf41e599e62b700c411f3774ceb86a205a600596d80168193a4761473acccb33ce84bbc1ca3ee3f
diff --git a/dev-libs/ivykis/ivykis-0.43.2.ebuild b/dev-libs/ivykis/ivykis-0.43.2.ebuild
index 826af0811220..8d82a08d1948 100644
--- a/dev-libs/ivykis/ivykis-0.43.2.ebuild
+++ b/dev-libs/ivykis/ivykis-0.43.2.ebuild
@@ -11,7 +11,7 @@ SRC_URI="https://github.com/buytenh/ivykis/archive/v${PV}.tar.gz -> ${P}.tar.gz"
 
 LICENSE="LGPL-2.1"
 SLOT="0"
-KEYWORDS="~alpha amd64 ~arm ~arm64 ~hppa ~loong ~mips ppc ppc64 ~riscv ~s390 sparc x86"
+KEYWORDS="~alpha amd64 ~arm ~arm64 hppa ~loong ~mips ppc ppc64 ~riscv ~s390 sparc x86"
 IUSE="static-libs"
 
 src_prepare() {
diff --git a/dev-libs/level-zero/Manifest b/dev-libs/level-zero/Manifest
index 37dd4d7d710a..421cd5d63da0 100644
--- a/dev-libs/level-zero/Manifest
+++ b/dev-libs/level-zero/Manifest
@@ -1,5 +1,3 @@
-DIST level-zero-1.19.2.tar.gz 891887 BLAKE2B 9f7fb43f36e3d67ed43110a7868572fccb3423401257b158f23f38dcbffddecdef1bd4147ac4b59c2b51eaa29f3dd5cac34f1639358806ea70b405923f9f4909 SHA512 45ce777712ed4dad766a4de6808acaf2588345907c6dc039c5c2f56076b6ecbd0cdcddae6c14531f3e8b6b261b7d4f0302f82ff629f98fc62f5b03cfeb633d2d
 DIST level-zero-1.20.2.tar.gz 900836 BLAKE2B 9dd22b518b72a08906f4fa4538b7f6642e5627d7659e5e52e3733bfcd9a85cae89874b4b1caf305ce3e5c03b40292fc97d53923cb0f886a1c2b9c3a9f937a652 SHA512 86bd21b034aaa4e0ce8f554a6563f41e622fcf39895c012dcc79d472e35f878dc759b103e9d2b7daac71e4943344a7afddd1f3c7ab889949b09b4cf8e0947589
-EBUILD level-zero-1.19.2.ebuild 847 BLAKE2B 178c502c126bd22af06daba8f63f7ac2b5c808147017f3e2583d1fe0ff3ac6ed70b1bbc9c6d1e3935007be8304d0b09f125bffe15802272944363d846c4b4ab8 SHA512 6fcf7d58fed14661f1c5600dfe1a19bec1802453cb3b747d94ac8a8288f1b8ad9b4f0d3a470605aa18ee46005dc69dda442191d617d13d82dee62620533ce47a
-EBUILD level-zero-1.20.2.ebuild 848 BLAKE2B 50d777352fc6eaf2d223c91e80635ccb411ec45f8e168a939648f995588dfb321ef762028d802416bc8a45498d84bbaaca47e50348a27c23a07fd4cfb59dceed SHA512 427054bd9546a77f059b5c2e51f556dbc3562568958ba4ec824dac903fccd3dd3bcc8549cefb8121827033a28ec9a63e9f870fbca36bb47b773d1f5e5c3e662f
+EBUILD level-zero-1.20.2.ebuild 847 BLAKE2B ac0df5aabfe7bf9254d7b20d010fe55f8e1ed50c95e82f66686e98f2924a61d67456609ac3de91c625c8e18f8c983d59619dbe8a429dcaf5a8e08d534e022f26 SHA512 638f065118c672bc51d5e8ff47808208fef030a79e8d1a8e6e19653740239a91484dbb7d0627328d1a01bb494bbdb1fcabef335fa402cef63b7074176305740c
 MISC metadata.xml 586 BLAKE2B 44eca05640a9276ea9cbddccc0d199dc8c7297a3fbf5ad6b58693c406961efa2aabf99501faaace47ce6bb97736fe371533e89a5a700949b03db66359222b269 SHA512 da9b222b216ed217842f236eeb1991e31ec4f140d86c0a048e9e401a18018d90d6ad8d4f10edec8b71386687bc9481ebf9154a1190bf6969d4fab04bba20100e
diff --git a/dev-libs/level-zero/level-zero-1.19.2.ebuild b/dev-libs/level-zero/level-zero-1.19.2.ebuild
deleted file mode 100644
index 68249c1101f3..000000000000
--- a/dev-libs/level-zero/level-zero-1.19.2.ebuild
+++ /dev/null
@@ -1,36 +0,0 @@
-# Copyright 1999-2024 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-inherit cmake
-
-DESCRIPTION="oneAPI Level Zero headers, loader and validation layer"
-HOMEPAGE="https://github.com/oneapi-src/level-zero"
-SRC_URI="https://github.com/oneapi-src/${PN}/archive/refs/tags/v${PV}.tar.gz -> ${P}.tar.gz"
-
-LICENSE="MIT"
-SLOT="0/${PV}"
-KEYWORDS="amd64"
-
-RDEPEND="dev-libs/spdlog:="
-DEPEND="${RDEPEND}"
-
-src_prepare() {
-	# Don't hardcore -Werror
-	sed -e 's/-Werror//g' -i CMakeLists.txt || die
-
-	cmake_src_prepare
-
-	# According to upstream, release tarballs should contain this file but at least
-	# some of them do not. Fortunately it is trivial to make one ourselves.
-	echo "$(ver_cut 3)" > "${S}"/VERSION_PATCH || die
-}
-
-src_configure() {
-	local mycmakeargs=(
-		-DSYSTEM_SPDLOG="ON"
-	)
-
-	cmake_src_configure
-}
diff --git a/dev-libs/level-zero/level-zero-1.20.2.ebuild b/dev-libs/level-zero/level-zero-1.20.2.ebuild
index 7855ea438290..3d4bf0c57a6f 100644
--- a/dev-libs/level-zero/level-zero-1.20.2.ebuild
+++ b/dev-libs/level-zero/level-zero-1.20.2.ebuild
@@ -11,7 +11,7 @@ SRC_URI="https://github.com/oneapi-src/${PN}/archive/refs/tags/v${PV}.tar.gz ->
 
 LICENSE="MIT"
 SLOT="0/${PV}"
-KEYWORDS="~amd64"
+KEYWORDS="amd64"
 
 RDEPEND="dev-libs/spdlog:="
 DEPEND="${RDEPEND}"
diff --git a/dev-libs/libgcrypt/Manifest b/dev-libs/libgcrypt/Manifest
index 5952c3e51b85..7a98d81a93b2 100644
--- a/dev-libs/libgcrypt/Manifest
+++ b/dev-libs/libgcrypt/Manifest
@@ -18,5 +18,5 @@ EBUILD libgcrypt-1.10.2.ebuild 6465 BLAKE2B a4d4e5e5ba8f9cfcb727b3d354b8753d459e
 EBUILD libgcrypt-1.10.3-r1.ebuild 6220 BLAKE2B 723a343c0fed0f8674f840772600949a783d802a6bc764d65d9acdc68bdbb61daf355276970c1ca03f62e103a69762125adbc013b525e354ffd2a36035456f4e SHA512 2e934458637b6a54b699a9e25c2cf7d691b679aef16e0004f13af923836c2426313e987dec5b0008782918848df1d70a208bc4db551bca25ec28c2de8459b1a8
 EBUILD libgcrypt-1.10.3-r2.ebuild 6455 BLAKE2B 3bac74b1de4e2c768d101a238ba07f7e48f2f5ec0fb1fd3842b13c647102f523487e22564412d4706de73f2ce5216e673149444e3983dcc858fd358fb9f3f6d6 SHA512 b8df25a71cc5717c4bf2a1892ab92ceb06ec877cf446dd53ef5046f334edbf821412f93c3153e290b1de47de65d29ae91511a0431bd122f80adfc140a53bf0a0
 EBUILD libgcrypt-1.11.0-r1.ebuild 6163 BLAKE2B 4f49e38ccc559a9a5a0eb0b0f8c12897462a4362b95d45e20cf32af03de209ebd49820307e7a84cdb5c978c1d4a29bf15a6521123689e12a24e7cd1f1237ecb8 SHA512 e8d94a54794640062309146cc32a454085cb017c6df6c02846cae559f27af7c587d5b6b0830d4270f1e3065b8387988b9b95ced74e2f3bee5a28cacc39961731
-EBUILD libgcrypt-1.11.0-r2.ebuild 6400 BLAKE2B ee610cebe98ded2d7f5432530a3dd8b388536d1549fe1fe5d53012d6c12ac047fa1af2304f35ce38f2f891c3c0d907bb229d9d6e5a7fbd39d334ab85d044fe5d SHA512 29b332016d4225e99170e90ffd1f187a086e648d10fdbafa1a412929d22ab013614b98dcb5495dc310a674daf4c54f90281b6620e8494f8aad6ffcd5ada246fd
+EBUILD libgcrypt-1.11.0-r2.ebuild 6396 BLAKE2B 9af9625f3fb51dc3fe4feac9efcac076a9e33550526d488ac6454a6db71a59f13b6d82b69d379518efb157d4e8c27b91797a52be98ff276b59b659486ec9e9c0 SHA512 bcbc6fea5665cdd6acf2aa8efaaaf1871c3706d6e6af632285f3112a0de00762dc9ac50ba4ffaa838aa614c502e6dbaac24c59144a7822e501d02f1fa281ab9f
 MISC metadata.xml 451 BLAKE2B 3be914b8449db0938d868c7cf2df7fbcf29d7f2e9b91320dfb97f0c1bf6c22326f3a1c3f3b695eaacbe4d74bb3a0b733a7afc1f88e04a37d06a9d9ed25358efb SHA512 add260d64091e3aa1de6fb802f4cfd076c1520622ebe93ddf7a0312f8d46232bd330d9bd380e2bdef6aec15563b6d27f2733b5ebe624ad9d0965ed9c6456939d
diff --git a/dev-libs/libgcrypt/libgcrypt-1.11.0-r2.ebuild b/dev-libs/libgcrypt/libgcrypt-1.11.0-r2.ebuild
index f1ad04917853..7364d6a2845f 100644
--- a/dev-libs/libgcrypt/libgcrypt-1.11.0-r2.ebuild
+++ b/dev-libs/libgcrypt/libgcrypt-1.11.0-r2.ebuild
@@ -13,7 +13,7 @@ SRC_URI+=" verify-sig? ( mirror://gnupg/${PN}/${P}.tar.bz2.sig )"
 
 LICENSE="LGPL-2.1+ GPL-2+ MIT"
 SLOT="0/20" # subslot = soname major version
-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris"
+KEYWORDS="~alpha ~amd64 arm arm64 ~hppa ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris"
 IUSE="+asm doc +getentropy static-libs"
 IUSE+=" cpu_flags_arm_neon cpu_flags_arm_aes cpu_flags_arm_sha1 cpu_flags_arm_sha2 cpu_flags_arm_sve"
 IUSE+=" cpu_flags_ppc_altivec cpu_flags_ppc_vsx2 cpu_flags_ppc_vsx3"
diff --git a/dev-libs/openssl/Manifest b/dev-libs/openssl/Manifest
index 51643750cd88..176c3e37710b 100644
--- a/dev-libs/openssl/Manifest
+++ b/dev-libs/openssl/Manifest
@@ -2,8 +2,6 @@ AUX gentoo.config-1.0.2 5302 BLAKE2B b699533ed86c48c0d033092b4d901de837a6a495113
 AUX gentoo.config-1.0.4 6038 BLAKE2B e2fd6b073cc6be3fa312a73cf031140e3f91eafe432212f8b24795297fdd0a4090d605fcfcbc59df6cc9f659a3dcd0e56df8eb734aa117d5e1f4fe78b4063f8c SHA512 df7c9944b993536df7ff8cd5159ba1534b122fb1db946890e7b25b10596c9259e569e0e3a5fe854726ac8302eb9804edb7af344386b146146d862596175d5ca2
 AUX openssl-1.1.0j-parallel_install_fix.patch 515 BLAKE2B a1bcffce4dc9e0566e21e753cf1a18ee6eac92aca5880c50b33966d8ecb391f7430e1db6ea5a30ee4e3a9d77fb9e5542e864508b01c325011e368165e079a96c SHA512 0badd29ec8cffd95b2b69a4b8f8eecfc9ea0c00a812b298a650ee353e3965147fd2da1f9058d2d51744838f38168257b89aaf317287c55a7b76f16a69c781828
 AUX openssl-1.1.1i-riscv32.patch 2557 BLAKE2B 97e51303706ee96d3fae46959b91d1021dcbb3efa421866f6e09bbee6287aae95c6f5d9498bd9d8974b0de747ef696242691cfebec90b31dc9e2cc31b41b81ec SHA512 f75ae1034bb9dda7f4959e8a5d6d0dae21200723d82aebfbea58bd1d7775ef4042e49fdf49d5738771d79d764e44a1b6e0da341d210ea51d21516bb3874b626a
-AUX openssl-3.0.13-CVE-2024-2511.patch 5256 BLAKE2B 6e07983af20fe00c448deb45777e67d18ff844309edb2a2130f9e916c0c7167c7f64c64abc3c8082121a96e7a13e6b1b3bfb4de25674ab9db71a8dbb3ce61d2a SHA512 9c762f2c5916b2e2c49bee56cf92d695b106eb535badb5818b77cd72f3ad6554ef24d58c0a161843821984c1d5d697757f72919f2d7903f8e15d8a541534b32f
-AUX openssl-3.0.13-p11-segfault.patch 2275 BLAKE2B 842cc10d6a81b2859729b0024dd82e538782defb2e3fa341986df6ed65c9e5b3be39647a7d95670356cd0f7bc2a5e0b27eb48d00078308922a32d2053a6c1756 SHA512 4575da2d5acfef90c7d28e096d541a812f74b4ff77887a7a251554d35ca5b9de1ac4117b9f8228ab240e8f64770d648dfadc7003a496d2b051728afab1ec779e
 AUX openssl-3.0.15-CVE-2024-9143.patch 7034 BLAKE2B 79963b250e9faa0a9764945d05f0598c0eda64ac87b12e545698d86c299c769b1ff8300f3289e620fe58183db0d1767834d6d146ce6cdacdeb58c137e88d79fa SHA512 6196f8c963c776ae3412ca76da51060d95e4f50cf1a1e4edb89edf9d32a7dd032a7f650445872a68a6f03dab4b75b601cae4c89e2fda9cf414c7ff26961433c2
 AUX openssl-3.1.7-CVE-2024-9143.patch 7033 BLAKE2B 1e2d8ea24fd68e2781808477d60773a3cca5bf122ba3c2a0efba12470126a5768a2f2fa0239a73965bf046644e93d6deecda17e4282243206095c42f3149fb5e SHA512 44185ace09adb75f8124f8a564d1f806fb6fd29e232a6c1f40b1508f510c8b481f86f06d03e169ed6dd2df1e535b723a2f9978199b20225a1e27f499054b7bc7
 AUX openssl-3.2.3-CVE-2024-9143.patch 7034 BLAKE2B 7f438bb531b09154368072f66e03fa4fa1c0f1d461ce8e89e942567e9cf60ce0d1986334cbd9c4d8e9b5ea5dc7c2ca0fa5dc111c965d99ebf6800afdd56820ab SHA512 7699ea05a139a7ddcbf68538cfb4329026d99ffa8eb3622b3f0faca92b287f571c6b76c24acd537a3406f209bf90a48704d11ed70d0e49c118d1591b9bae39d2
@@ -14,10 +12,6 @@ DIST openssl-1.0.2t-bindist-1.0.tar.xz 13872 BLAKE2B b2aade96a6e0ca6209a39e205b1
 DIST openssl-1.0.2u.tar.gz 5355412 BLAKE2B b2ff2a10e5851af5aca4093422a9a072c794e87b997263826c1c35910c040f695fac63decac5856cb49399ed03d410f97701d9fd4e1ebfbcacd8f3a74ce8bf57 SHA512 c455bb309e20e2c2d47fdc5619c734d107d5c8c38c1409903ce979acc120b0d5fa0312917c0aa0d630e402d092a703d4249643f36078e8528a3cafc9dac6ab32
 DIST openssl-1.1.1w.tar.gz 9893384 BLAKE2B 2fdba6ca0188928ab2f74e606136afca66cfa0467170fa6298ef160b64ac6fdcad1e81e5dd14013ce0e9921d0f7417edec531cd0beaf1196fec704c2c6d48395 SHA512 b4c625fe56a4e690b57b6a011a225ad0cb3af54bd8fb67af77b5eceac55cc7191291d96a660c5b568a08a2fbf62b4612818e7cca1bb95b2b6b4fc649b0552b6d
 DIST openssl-1.1.1w.tar.gz.asc 833 BLAKE2B d990be69ed913509d52b78e7473668429d4485adb29ef03e4612dd0cadbac4f04c7289d8e5baf6f397bcedeaac9f802f18fc719964d882ae0514ed1ca16ae277 SHA512 0f3d7aa48b1cabf8dd43e8108aeed10a4dffb4f5a244d4da9c86ea358b0c8b90c46da561d21e01c567c2f5035d824ed82ec104aad1776b7f33a1be85990e98ef
-DIST openssl-3.0.13.tar.gz 15294843 BLAKE2B 869aa5f70a8c1d0cac6027e9261530df70ab5a8b448c785f5f8ff3f206e742c5364424132d0e109a6449af9b4082c4c179c7103dccb16a4539f776ca834c8ccc SHA512 22f4096781f0b075f5bf81bd39a0f97e111760dfa73b6f858f6bb54968a7847944d74969ae10f9a51cc21a2f4af20d9a4c463649dc824f5e439e196d6764c4f9
-DIST openssl-3.0.13.tar.gz.asc 833 BLAKE2B 519515b6faa505d68ff9acc30db9515fac494145086fa5ad9561c39385a6fabb39ad9de10fedd49c8fc716ec59ea1b13ec5e6b466e549ea9f29b8d0bb74ba7b3 SHA512 c52d97c93d16f3ca2a7026fb25890482b6d86c37b5ab686c56b0e08522743ec4ea3f84afa4deb64b0df0d9a16b557430c4d4139ab42ffcf97d769b61d1e6197c
-DIST openssl-3.0.14.tar.gz 15305497 BLAKE2B 7426aea63d5495775c4a0440658cc9c46c4aa31c31473cd5519c2b1ca158e122634e0bbc275237d3eb124fc8bed3d58808d8ac1d228f24f7281d2630ff7813e0 SHA512 1c59c01e60da902a20780d71f1fa5055d4037f38c4bc3fb27ed5b91f211b36a6018055409441ad4df58b5e9232b2528240d02067272c3c9ccb8c221449ca9ac0
-DIST openssl-3.0.14.tar.gz.asc 833 BLAKE2B 8a700452f6f698fbfa206469888fd72706f1798be212e712fd8a4c1ae87f0d98d54820974c64a3db3b5ac69d7beda665f462e83182337391212c0e72e1feb72e SHA512 003d17a2b71176517f5bfba6699c18b271111e5fec3effc275b965286140d1281fa6f5f5e6bcf63feca89dfa035ab776bda8d2af4b71ae921ca9e7a936581fb4
 DIST openssl-3.0.15.tar.gz 15318633 BLAKE2B f2900d0894b97e86c709079ca4336d5dc508d69e91d3a4de4420c8d9344cb54dada6ea2cdd408166e53db0c652b06654e670701166b67a0a40578676e1cea535 SHA512 acd80f2f7924d90c1416946a5c61eff461926ad60f4821bb6b08845ea18f8452fd5e88a2c2c5bd0d7590a792cb8341a3f3be042fd0a5b6c9c1b84a497c347bbf
 DIST openssl-3.0.15.tar.gz.asc 833 BLAKE2B 43088d6ae9e95aec8cfa08c0d338d76c2299ee89a1719a39c497b25c83a4c0c2d155fa00a62b47e15a7f2889680197741390c850d62a84ec5ce27ed1bbddcd28 SHA512 8b9471074130fd26b511820a1c2586792fd0105421515734c213ae18de27b5b026261e64d4cb8f5e7b568d1f4193484ebe0e99eda9d99df72474310a568ca3bf
 DIST openssl-3.1.7.tar.gz 15684836 BLAKE2B 1332f4b2454b6c9bf3ff2099aa343d6202bec98c6e44fba6377d5bb8efd9bf337df3a95549d874a2908f376056f6f333e6f65cbec7e27377d1ab8cbefddaa241 SHA512 bb4743c1a95148901d2d2bc51460c14cea3387c7dda9323524adbdb11334562f72aa3a873913c51ea1ffce606e675e22a74f78b3119b6a956da3f75c942cd0e2
@@ -28,18 +22,14 @@ DIST openssl-3.3.2.tar.gz 18076531 BLAKE2B cc53d45418673bc2a406d6697b8bd17ff6c72
 DIST openssl-3.3.2.tar.gz.asc 833 BLAKE2B c318e2dcef085b83ced77048dc136d9bc8438d49a7985f3c6ebd4ffd0e5e290ece47e8fd1074c6cc056e87b2bae2101dd58b8d70dbc0eb99aa134d776125439c SHA512 981f8438bbd541b97e745aca1bb77cde68900ce4b5ffefc9eccc2f18c675292203f6b4c7bffefde2256a442b7310d8438279b52fb21aac65921e9a529bc00067
 EBUILD openssl-1.0.2u-r1.ebuild 9768 BLAKE2B 46d26e3dd92c898c6fe715e5d07b4e2e9c3e3a66d3566798774d1d30ca267c8815beb1a777c75d555060934761c43f7b92d89fca73617262ea33a7cab96d44e6 SHA512 3888a1bc9a604bbbd04dd4bc843ba79dbadc85d8a396dde3d657bc05423478f225896c5274b883c309a9b79da42738342a83bba9f7157cda16e46c6a8b7ba84b
 EBUILD openssl-1.1.1w.ebuild 8230 BLAKE2B 6f6b6e79512141bac0507e76e61d341ccc4088c6f86a7979c48401d78dec8d6e90b54a73af63a956d1704fdda8ffc9c83f4a06254f6be51b8569f2856dfae2b3 SHA512 81087aa984e4b385da11d8c533a31ddb39c49c96b1e9e281ae57c6901c148cc8e226475b650ea58db8cb629f344c2449cd581aae548f7c30829ceb8b55897fa4
-EBUILD openssl-3.0.13-r2.ebuild 8576 BLAKE2B 088d34e456b6b5f9eb4238a1bb9f2b16b3feb42799fbc11436cd91bacc72f84c4ad49e25fcb1a12a8fda83abb071f7f1705eb90f5df6519e24b47ea966c03ca8 SHA512 f3a46b8ac9e9cf9f20466f2544a93eb7c9950eb128b524e78a42305b7b70663dfc7f7384553ae66a832f17643da35b6a4ec7d35c5ae86437c6bcd87cd7673088
-EBUILD openssl-3.0.14.ebuild 8486 BLAKE2B 27b4cae37a13133a70b9cc4c724d93ab7ac03f14e4fe200c7739fac82d37ae55f860aa9a90576a6fac8683e0dbcb7308ea4e1a36b9006506dffeb0240fead10f SHA512 6d9ed1a0dc7d7f9b18000958fef23e22dd9774d5f3275e107693a399bc491d7ce5f0389a9bc375a3c1b52399e3ef982758d414d306fbd123f57034b2aaff853d
-EBUILD openssl-3.0.15-r1.ebuild 8616 BLAKE2B 84d772df58242053b7639b9c822261ab064ac16c534dc6b38d778d246c97ef5961d541c9a7878122c246d32d3134bf3b838a294fdcf4d3dd9df3124d4d384548 SHA512 f266010ace51125985ab15bc159ad77e732bf8f1c114fb328b926ec36e48db7bedac7c2e15df9652f7fe5a53c1a5c8756ade225006747f51664a300d4228e1da
-EBUILD openssl-3.0.15.ebuild 8560 BLAKE2B 037351a0c38c0f9718d7d14504b30dfffb7b9c4c68247700bc76016518f038a90cb42ed42dcdcc7158610b1a763409e10ae9eb5d78384561f5a54831873357bf SHA512 ca5140f12ed72840385febe08735079b4100728d7007e38c9bedb8c94bfca21e4a786de1c0db8df4d6204b9227f6ccb7346167b42055583fe0c89c82be7fefcb
+EBUILD openssl-3.0.15-r1.ebuild 8611 BLAKE2B f2aa72c039df90bac1c866ea9830c99ad87dbc5db279b17977580363a347c8fb739062f170fac50f82e5dd3d8ca113c40386395f09567f4861135a2c8b8970ec SHA512 7822b6a91cc77feb6bf63b12d0ec277076c668924fa48220fe31c39291b75a8d9a634306f51fc4e1c846231262e96f89dac394bf3d2478c63fe355d83f9f5462
 EBUILD openssl-3.0.9999.ebuild 8700 BLAKE2B fcbca7c445b385f2ea38f17c312e44d4f6220352ae70d8405fef454fb06a6b69c23b70cfcefee89164edf21f74691fd5d1e9fba15b7a72c28cafae103d74243b SHA512 a0b84f694000e14d7f7ef018ce780622735641929a489232aca45224606dac1f0805f893090810e09120ba162bc505c1426fd61e8aaa207ec2413cf1598f8c05
-EBUILD openssl-3.1.7-r1.ebuild 8653 BLAKE2B 8e5bd338024de4eb8f21ebf954855acea0f4bb35295d636ca0609dd42d21083553cee4a9db4201b6c498addb010191cc769feb618114289c64964d1eaff9e80d SHA512 5a3390c3bdf197f5a6d910d10dbedb1ccca0e03b6783a84bc108c6523744e2d0c989a83fffe7f0d4e3f2b611d480bdd4df12b51cde35aaea286da1aa363bb2ad
+EBUILD openssl-3.1.7-r1.ebuild 8646 BLAKE2B b6083db1d29ee53751936273331b87cc69839722e0f89291c57f19ef2c10cd5468742468ba0a06a0fa0782eb758652a0f4103b60781056721028daade46f45c8 SHA512 2a8f99c7398738b46bffcae122a52d25033bd25a7411cb8e4a735a4e54fe8afd1e9d26933036c787d62d4b93b7aa604b2ffd2c0e302b6c4e6ed89aee03e80366
 EBUILD openssl-3.1.9999.ebuild 8734 BLAKE2B 3d468e940fd13eaddc14cf9758b144d34d781b60cb17a49439d48ce4b444f318d4dc6f6ff02b5124529b20d55bbf3d77b4c18acab48efe9a7b8767c7216557e9 SHA512 6b3d94f0d04c62aa868380dda7bb72dc610ddd81152ec9168ce638a277933b8f2cc45da598eb6a637befbcc84c6de0d48ddce6e27811cea01fa6ff258d44fa62
-EBUILD openssl-3.2.3-r1.ebuild 9297 BLAKE2B 615433d9a0b42433b821768e3227928e4d6bbdd2f96b73189b01df41d4968c989f0f96105fca850ed528e47c9e8ba95559d26d0148109414d109dc2c26081830 SHA512 e49fdce217dd78e3a024ffdbed753b349717ce31c2d21dc006d8d88e6b8600260fd81be3cb5d37a87016925717242aa2391316ab18a685cc2a32ccd2436ee4c4
+EBUILD openssl-3.2.3-r1.ebuild 9289 BLAKE2B 3bb6d1e09f10633340acc1c8eb75b9669f6e1d25c552aecfca8f1d595b77be5727f659ea3d5348d5104e5e12d16deb598c3ddd1dd5c2489964b04be28a1f1d8e SHA512 6e25cbaa45b4a6052700fb06cdc68dac5f4a02b63101877e2570db5d943208f3169423846ddd49996f9aca6c2c43fd5759160f17bf4771346f7b787a56fc8841
 EBUILD openssl-3.2.9999.ebuild 9079 BLAKE2B 711a1c456e161580e5ceaabb68585ba2f7c6ef7b1d6afb2435647bbbe25d0905019981f0d9517a7078284141f6c15e93d8f2a6077816da9bba57f02e52d8f3e5 SHA512 a444ed5d89f926fc1930621817bfc8c7b445b272dd65551a51b62c46ebd9b374cc686330b87002279f53cd3ffe03e127a2c1833f338ed82334217ca294c4d3d7
-EBUILD openssl-3.3.2-r1.ebuild 9329 BLAKE2B 75e907c49f10d237e00d65cdb21e9151875f43c32b2657363ce68b5359868d72178685edfd19c3ad2f1cb17d6679562f872d6f49bde12fc96b2be3c0cb1407e0 SHA512 91cc0c0ed68c0c0d448ef70c0f601c8001f5bf143641e0dd71babe8fecb33f280d9bd838f5aaade2fb91eb069ac75fd33962c77d78cfd03c1d1dfb572aa38a47
-EBUILD openssl-3.3.2-r2.ebuild 9384 BLAKE2B a976a5f3a48475dd1ad3d0ab8a0ee3eb409678bc5045684683072ab100a45df04d47735484b13b21aa6462347f64e02a70f23089c448f9dda27965f9aaa11615 SHA512 a196b31f46dca8699aca35d9866779eb55072624634975fa66c11b92668523ab0ffcad71706b023604e1ee8c01184cd1c2b9627cb7acdbbe317412fc5c9dac75
-EBUILD openssl-3.3.2.ebuild 9274 BLAKE2B 510de2a09c086e94813d5f623dbb59a6df2fc0e7f11c4c691b5198606b934f59e7ac2ddf6a0171a06435fee820a2d4d4795996a2fec2cad15fc378557f947223 SHA512 be42e686822beab6937cd6350925c4071c85f26682feb55fc88435479fd1706f1d01cbda3618b41c1a7822ea4a83c1593e9ff7ad7db9e2fb52da84058ff355b0
+EBUILD openssl-3.3.2-r1.ebuild 9327 BLAKE2B 7fc2ce5c4ecf37f2d0de5e41bae4ad021c1c0f9f8b24fcab20457ee69505b6946e38bd5359414fff38cb9331897e4325923747bc052e38fb5e2423ea2e1554a6 SHA512 1bd1876eadca7aaa521b70cd6b2323dc2114c1de9d1edd86f9434b80d2e36b45ce8aabcdbab00aa610e2116aecc72f142b36fc6e883e4ee2612efa5e848dd186
+EBUILD openssl-3.3.2-r2.ebuild 9381 BLAKE2B 239dffe0fee9ff26e733442d674f99c0040cb910aa4084c165dd01e95ce3da68605c178b61a43ef2971321f75766805f151d079d44840efe1298e9b993094134 SHA512 b79f6dcd83a526019dbb64d06d4f7f6f3197c1bda314a5bab5e897930e75f32825acdffa0c72e24216073e4712bf67a4fbfedb8400f14dd9294232ac0416cdea
 EBUILD openssl-3.3.9999.ebuild 9117 BLAKE2B 0ea48090d34a85fd8002dd3a36c533199c3f145ef0d7784468d8ca1aa81b531ac55a63cf9e55a035f2cb15f03baeccfcf96c7de94e45f0d2e35567a35c00e50e SHA512 f09b49a4615f615d0ed4c93b4f84e37ad543764dab9ef9ff20f4561507a3da3b90a0aeb1511fc6773e42b3ff574d1da276b5776bbc924453562e6ce5fa1b6822
 EBUILD openssl-3.4.9999.ebuild 9117 BLAKE2B 0ea48090d34a85fd8002dd3a36c533199c3f145ef0d7784468d8ca1aa81b531ac55a63cf9e55a035f2cb15f03baeccfcf96c7de94e45f0d2e35567a35c00e50e SHA512 f09b49a4615f615d0ed4c93b4f84e37ad543764dab9ef9ff20f4561507a3da3b90a0aeb1511fc6773e42b3ff574d1da276b5776bbc924453562e6ce5fa1b6822
 MISC metadata.xml 1674 BLAKE2B 2195a6538e1b4ec953c707460988f153e40abe7495fd761403c9a54b44ecb7cb5c69ac37ac7d4d18bc0086cf9b4accaaac19926fe5b2ac4b2c547ce1c9e08a6d SHA512 d4eda999c1027f9d8102c59275665f5b01d234c4a7636755a6d3c64b9aad2a657d14256b1527d9b7067cb653458b058db7f5bb20873e48927291092d9ccdd1c6
diff --git a/dev-libs/openssl/files/openssl-3.0.13-CVE-2024-2511.patch b/dev-libs/openssl/files/openssl-3.0.13-CVE-2024-2511.patch
deleted file mode 100644
index fff4fb72837b..000000000000
--- a/dev-libs/openssl/files/openssl-3.0.13-CVE-2024-2511.patch
+++ /dev/null
@@ -1,141 +0,0 @@
-https://www.openssl.org/news/secadv/20240408.txt
-https://bugs.gentoo.org/930047
-https://github.com/openssl/openssl/commit/b52867a9f618bb955bed2a3ce3db4d4f97ed8e5d
-https://github.com/openssl/openssl/commit/cc9ece9118eeacccc3571c2ee852f8ba067d0607
-
-From b52867a9f618bb955bed2a3ce3db4d4f97ed8e5d Mon Sep 17 00:00:00 2001
-From: Matt Caswell <matt@openssl.org>
-Date: Tue, 5 Mar 2024 15:43:53 +0000
-Subject: [PATCH] Fix unconstrained session cache growth in TLSv1.3
-
-In TLSv1.3 we create a new session object for each ticket that we send.
-We do this by duplicating the original session. If SSL_OP_NO_TICKET is in
-use then the new session will be added to the session cache. However, if
-early data is not in use (and therefore anti-replay protection is being
-used), then multiple threads could be resuming from the same session
-simultaneously. If this happens and a problem occurs on one of the threads,
-then the original session object could be marked as not_resumable. When we
-duplicate the session object this not_resumable status gets copied into the
-new session object. The new session object is then added to the session
-cache even though it is not_resumable.
-
-Subsequently, another bug means that the session_id_length is set to 0 for
-sessions that are marked as not_resumable - even though that session is
-still in the cache. Once this happens the session can never be removed from
-the cache. When that object gets to be the session cache tail object the
-cache never shrinks again and grows indefinitely.
-
-CVE-2024-2511
-
-Reviewed-by: Neil Horman <nhorman@openssl.org>
-Reviewed-by: Tomas Mraz <tomas@openssl.org>
-(Merged from https://github.com/openssl/openssl/pull/24044)
-
-(cherry picked from commit 7e4d731b1c07201ad9374c1cd9ac5263bdf35bce)
---- a/ssl/ssl_lib.c
-+++ b/ssl/ssl_lib.c
-@@ -3736,9 +3736,10 @@ void ssl_update_cache(SSL *s, int mode)
- 
-     /*
-      * If the session_id_length is 0, we are not supposed to cache it, and it
--     * would be rather hard to do anyway :-)
-+     * would be rather hard to do anyway :-). Also if the session has already
-+     * been marked as not_resumable we should not cache it for later reuse.
-      */
--    if (s->session->session_id_length == 0)
-+    if (s->session->session_id_length == 0 || s->session->not_resumable)
-         return;
- 
-     /*
---- a/ssl/ssl_sess.c
-+++ b/ssl/ssl_sess.c
-@@ -152,16 +152,11 @@ SSL_SESSION *SSL_SESSION_new(void)
-     return ss;
- }
- 
--SSL_SESSION *SSL_SESSION_dup(const SSL_SESSION *src)
--{
--    return ssl_session_dup(src, 1);
--}
--
- /*
-  * Create a new SSL_SESSION and duplicate the contents of |src| into it. If
-  * ticket == 0 then no ticket information is duplicated, otherwise it is.
-  */
--SSL_SESSION *ssl_session_dup(const SSL_SESSION *src, int ticket)
-+static SSL_SESSION *ssl_session_dup_intern(const SSL_SESSION *src, int ticket)
- {
-     SSL_SESSION *dest;
- 
-@@ -285,6 +280,27 @@ SSL_SESSION *ssl_session_dup(const SSL_SESSION *src, int ticket)
-     return NULL;
- }
- 
-+SSL_SESSION *SSL_SESSION_dup(const SSL_SESSION *src)
-+{
-+    return ssl_session_dup_intern(src, 1);
-+}
-+
-+/*
-+ * Used internally when duplicating a session which might be already shared.
-+ * We will have resumed the original session. Subsequently we might have marked
-+ * it as non-resumable (e.g. in another thread) - but this copy should be ok to
-+ * resume from.
-+ */
-+SSL_SESSION *ssl_session_dup(const SSL_SESSION *src, int ticket)
-+{
-+    SSL_SESSION *sess = ssl_session_dup_intern(src, ticket);
-+
-+    if (sess != NULL)
-+        sess->not_resumable = 0;
-+
-+    return sess;
-+}
-+
- const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s, unsigned int *len)
- {
-     if (len)
---- a/ssl/statem/statem_srvr.c
-+++ b/ssl/statem/statem_srvr.c
-@@ -2338,9 +2338,8 @@ int tls_construct_server_hello(SSL *s, WPACKET *pkt)
-      * so the following won't overwrite an ID that we're supposed
-      * to send back.
-      */
--    if (s->session->not_resumable ||
--        (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_SERVER)
--         && !s->hit))
-+    if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_SERVER)
-+            && !s->hit)
-         s->session->session_id_length = 0;
- 
-     if (usetls13) {
-
-From cc9ece9118eeacccc3571c2ee852f8ba067d0607 Mon Sep 17 00:00:00 2001
-From: Matt Caswell <matt@openssl.org>
-Date: Fri, 15 Mar 2024 17:58:42 +0000
-Subject: [PATCH] Hardening around not_resumable sessions
-
-Make sure we can't inadvertently use a not_resumable session
-
-Related to CVE-2024-2511
-
-Reviewed-by: Neil Horman <nhorman@openssl.org>
-Reviewed-by: Tomas Mraz <tomas@openssl.org>
-(Merged from https://github.com/openssl/openssl/pull/24044)
-
-(cherry picked from commit c342f4b8bd2d0b375b0e22337057c2eab47d9b96)
---- a/ssl/ssl_sess.c
-+++ b/ssl/ssl_sess.c
-@@ -531,6 +531,12 @@ SSL_SESSION *lookup_sess_in_cache(SSL *s, const unsigned char *sess_id,
-         ret = s->session_ctx->get_session_cb(s, sess_id, sess_id_len, &copy);
- 
-         if (ret != NULL) {
-+            if (ret->not_resumable) {
-+                /* If its not resumable then ignore this session */
-+                if (!copy)
-+                    SSL_SESSION_free(ret);
-+                return NULL;
-+            }
-             ssl_tsan_counter(s->session_ctx,
-                              &s->session_ctx->stats.sess_cb_hit);
- 
diff --git a/dev-libs/openssl/files/openssl-3.0.13-p11-segfault.patch b/dev-libs/openssl/files/openssl-3.0.13-p11-segfault.patch
deleted file mode 100644
index 73b131ab7928..000000000000
--- a/dev-libs/openssl/files/openssl-3.0.13-p11-segfault.patch
+++ /dev/null
@@ -1,79 +0,0 @@
-https://bugs.gentoo.org/916328
-https://github.com/opendnssec/SoftHSMv2/issues/729
-https://github.com/openssl/openssl/issues/22508
-https://github.com/openssl/openssl/commit/ad6cbe4b7f57a783a66a7ae883ea0d35ef5f82b6
-
-From ad6cbe4b7f57a783a66a7ae883ea0d35ef5f82b6 Mon Sep 17 00:00:00 2001
-From: Tomas Mraz <tomas@openssl.org>
-Date: Fri, 15 Dec 2023 13:45:50 +0100
-Subject: [PATCH] Revert "Improved detection of engine-provided private
- "classic" keys"
-
-This reverts commit 2b74e75331a27fc89cad9c8ea6a26c70019300b5.
-
-The commit was wrong. With 3.x versions the engines must be themselves
-responsible for creating their EVP_PKEYs in a way that they are treated
-as legacy - either by using the respective set1 calls or by setting
-non-default EVP_PKEY_METHOD.
-
-The workaround has caused more problems than it solved.
-
-Fixes #22945
-
-Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
-Reviewed-by: Neil Horman <nhorman@openssl.org>
-(Merged from https://github.com/openssl/openssl/pull/23063)
-
-(cherry picked from commit 39ea78379826fa98e8dc8c0d2b07e2c17cd68380)
---- a/crypto/engine/eng_pkey.c
-+++ b/crypto/engine/eng_pkey.c
-@@ -79,48 +79,6 @@ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
-         ERR_raise(ERR_LIB_ENGINE, ENGINE_R_FAILED_LOADING_PRIVATE_KEY);
-         return NULL;
-     }
--    /* We enforce check for legacy key */
--    switch (EVP_PKEY_get_id(pkey)) {
--    case EVP_PKEY_RSA:
--        {
--        RSA *rsa = EVP_PKEY_get1_RSA(pkey);
--        EVP_PKEY_set1_RSA(pkey, rsa);
--        RSA_free(rsa);
--        }
--        break;
--#  ifndef OPENSSL_NO_EC
--    case EVP_PKEY_SM2:
--    case EVP_PKEY_EC:
--        {
--        EC_KEY *ec = EVP_PKEY_get1_EC_KEY(pkey);
--        EVP_PKEY_set1_EC_KEY(pkey, ec);
--        EC_KEY_free(ec);
--        }
--        break;
--#  endif
--#  ifndef OPENSSL_NO_DSA
--    case EVP_PKEY_DSA:
--        {
--        DSA *dsa = EVP_PKEY_get1_DSA(pkey);
--        EVP_PKEY_set1_DSA(pkey, dsa);
--        DSA_free(dsa);
--        }
--        break;
--#endif
--#  ifndef OPENSSL_NO_DH
--    case EVP_PKEY_DH:
--        {
--        DH *dh = EVP_PKEY_get1_DH(pkey);
--        EVP_PKEY_set1_DH(pkey, dh);
--        DH_free(dh);
--        }
--        break;
--#endif
--    default:
--        /*Do nothing */
--        break;
--    }
--
-     return pkey;
- }
- 
-
diff --git a/dev-libs/openssl/openssl-3.0.13-r2.ebuild b/dev-libs/openssl/openssl-3.0.13-r2.ebuild
deleted file mode 100644
index a7de73075899..000000000000
--- a/dev-libs/openssl/openssl-3.0.13-r2.ebuild
+++ /dev/null
@@ -1,283 +0,0 @@
-# Copyright 1999-2024 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/openssl.org.asc
-inherit edo flag-o-matic linux-info toolchain-funcs
-inherit multilib multilib-minimal multiprocessing preserve-libs verify-sig
-
-DESCRIPTION="Robust, full-featured Open Source Toolkit for the Transport Layer Security (TLS)"
-HOMEPAGE="https://openssl-library.org/"
-
-MY_P=${P/_/-}
-
-if [[ ${PV} == 9999 ]] ; then
-	EGIT_REPO_URI="https://github.com/openssl/openssl.git"
-
-	inherit git-r3
-else
-	SRC_URI="mirror://openssl/source/${MY_P}.tar.gz
-		verify-sig? ( mirror://openssl/source/${MY_P}.tar.gz.asc )"
-	KEYWORDS="~alpha amd64 arm arm64 hppa ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris"
-fi
-
-S="${WORKDIR}"/${MY_P}
-
-LICENSE="Apache-2.0"
-SLOT="0/3" # .so version of libssl/libcrypto
-IUSE="+asm cpu_flags_x86_sse2 fips ktls rfc3779 sctp static-libs test tls-compression vanilla verify-sig weak-ssl-ciphers"
-RESTRICT="!test? ( test )"
-
-COMMON_DEPEND="
-	tls-compression? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] )
-"
-BDEPEND="
-	>=dev-lang/perl-5
-	sctp? ( >=net-misc/lksctp-tools-1.0.12 )
-	test? (
-		sys-apps/diffutils
-		app-alternatives/bc
-		sys-process/procps
-	)
-	verify-sig? ( <sec-keys/openpgp-keys-openssl-20240920 )"
-
-DEPEND="${COMMON_DEPEND}"
-RDEPEND="${COMMON_DEPEND}"
-PDEPEND="app-misc/ca-certificates"
-
-MULTILIB_WRAPPED_HEADERS=(
-	/usr/include/openssl/configuration.h
-)
-
-PATCHES=(
-	"${FILESDIR}"/${P}-CVE-2024-2511.patch
-	"${FILESDIR}"/${P}-p11-segfault.patch
-)
-
-pkg_setup() {
-	if use ktls ; then
-		if kernel_is -lt 4 18 ; then
-			ewarn "Kernel implementation of TLS (USE=ktls) requires kernel >=4.18!"
-		else
-			CONFIG_CHECK="~TLS ~TLS_DEVICE"
-			ERROR_TLS="You will be unable to offload TLS to kernel because CONFIG_TLS is not set!"
-			ERROR_TLS_DEVICE="You will be unable to offload TLS to kernel because CONFIG_TLS_DEVICE is not set!"
-			use test && CONFIG_CHECK+=" ~CRYPTO_USER_API_SKCIPHER"
-
-			linux-info_pkg_setup
-		fi
-	fi
-
-	[[ ${MERGE_TYPE} == binary ]] && return
-
-	# must check in pkg_setup; sysctl doesn't work with userpriv!
-	if use test && use sctp ; then
-		# test_ssl_new will fail with "Ensure SCTP AUTH chunks are enabled in kernel"
-		# if sctp.auth_enable is not enabled.
-		local sctp_auth_status=$(sysctl -n net.sctp.auth_enable 2>/dev/null)
-		if [[ -z "${sctp_auth_status}" ]] || [[ ${sctp_auth_status} != 1 ]] ; then
-			die "FEATURES=test with USE=sctp requires net.sctp.auth_enable=1!"
-		fi
-	fi
-}
-
-src_prepare() {
-	# Make sure we only ever touch Makefile.org and avoid patching a file
-	# that gets blown away anyways by the Configure script in src_configure
-	rm -f Makefile || die
-
-	if ! use vanilla ; then
-		PATCHES+=(
-			# Add patches which are Gentoo-specific customisations here
-		)
-	fi
-
-	default
-
-	if use test && use sctp && has network-sandbox ${FEATURES} ; then
-		einfo "Disabling test '80-test_ssl_new.t' which is known to fail with FEATURES=network-sandbox ..."
-		rm test/recipes/80-test_ssl_new.t || die
-	fi
-
-	# Test fails depending on kernel configuration, bug #699134
-	rm test/recipes/30-test_afalg.t || die
-}
-
-src_configure() {
-	# Keep this in sync with app-misc/c_rehash
-	SSL_CNF_DIR="/etc/ssl"
-
-	# Quiet out unknown driver argument warnings since openssl
-	# doesn't have well-split CFLAGS and we're making it even worse
-	# and 'make depend' uses -Werror for added fun (bug #417795 again)
-	tc-is-clang && append-flags -Qunused-arguments
-
-	# We really, really need to build OpenSSL w/ strict aliasing disabled.
-	# It's filled with violations and it *will* result in miscompiled
-	# code. This has been in the ebuild for > 10 years but even in 2022,
-	# it's still relevant:
-	# - https://github.com/llvm/llvm-project/issues/55255
-	# - https://github.com/openssl/openssl/issues/12247
-	# - https://github.com/openssl/openssl/issues/18225
-	# - https://github.com/openssl/openssl/issues/18663#issuecomment-1181478057
-	# Don't remove the no strict aliasing bits below!
-	filter-flags -fstrict-aliasing
-	append-flags -fno-strict-aliasing
-	# The OpenSSL developers don't test with LTO right now, it leads to various
-	# warnings/errors (which may or may not be false positives), it's considered
-	# unsupported, and it's not tested in CI: https://github.com/openssl/openssl/issues/18663.
-	filter-lto
-
-	append-flags $(test-flags-CC -Wa,--noexecstack)
-
-	# bug #895308
-	append-atomic-flags
-	# Configure doesn't respect LIBS
-	export LDLIBS="${LIBS}"
-
-	# bug #197996
-	unset APPS
-	# bug #312551
-	unset SCRIPTS
-	# bug #311473
-	unset CROSS_COMPILE
-
-	tc-export AR CC CXX RANLIB RC
-
-	multilib-minimal_src_configure
-}
-
-multilib_src_configure() {
-	use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; }
-
-	local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
-
-	# See if our toolchain supports __uint128_t.  If so, it's 64bit
-	# friendly and can use the nicely optimized code paths, bug #460790.
-	#local ec_nistp_64_gcc_128
-	#
-	# Disable it for now though (bug #469976)
-	# Do NOT re-enable without substantial discussion first!
-	#
-	#echo "__uint128_t i;" > "${T}"/128.c
-	#if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then
-	#       ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128"
-	#fi
-
-	local sslout=$(bash "${FILESDIR}/gentoo.config-1.0.4")
-	einfo "Using configuration: ${sslout:-(openssl knows best)}"
-
-	# https://github.com/openssl/openssl/blob/master/INSTALL.md#enable-and-disable-features
-	local myeconfargs=(
-		${sslout}
-
-		$(use cpu_flags_x86_sse2 || echo "no-sse2")
-		enable-camellia
-		enable-ec
-		enable-ec2m
-		enable-sm2
-		enable-srp
-		$(use elibc_musl && echo "no-async")
-		enable-idea
-		enable-mdc2
-		enable-rc5
-		$(use fips && echo "enable-fips")
-		$(use_ssl asm)
-		$(use_ssl ktls)
-		$(use_ssl rfc3779)
-		$(use_ssl sctp)
-		$(use test || echo "no-tests")
-		$(use_ssl tls-compression zlib)
-		$(use_ssl weak-ssl-ciphers)
-
-		--prefix="${EPREFIX}"/usr
-		--openssldir="${EPREFIX}"${SSL_CNF_DIR}
-		--libdir=$(get_libdir)
-
-		shared
-		threads
-	)
-
-	edo perl "${S}/Configure" "${myeconfargs[@]}"
-}
-
-multilib_src_compile() {
-	emake build_sw
-
-	if multilib_is_native_abi; then
-		emake build_docs
-	fi
-}
-
-multilib_src_test() {
-	# VFP = show subtests verbosely and show failed tests verbosely
-	# Normal V=1 would show everything verbosely but this slows things down.
-	emake HARNESS_JOBS="$(makeopts_jobs)" -Onone VFP=1 test
-}
-
-multilib_src_install() {
-	# Only -j1 is supported for the install targets:
-	# https://github.com/openssl/openssl/issues/21999#issuecomment-1771150305
-	emake DESTDIR="${D}" -j1 install_sw
-	if use fips; then
-		emake DESTDIR="${D}" -j1 install_fips
-		# Regen this in pkg_preinst, bug 900625
-		rm "${ED}${SSL_CNF_DIR}"/fipsmodule.cnf || die
-	fi
-
-	if multilib_is_native_abi; then
-		emake DESTDIR="${D}" -j1 install_ssldirs
-		emake DESTDIR="${D}" DOCDIR='$(INSTALLTOP)'/share/doc/${PF} -j1 install_docs
-	fi
-
-	# This is crappy in that the static archives are still built even
-	# when USE=static-libs. But this is due to a failing in the openssl
-	# build system: the static archives are built as PIC all the time.
-	# Only way around this would be to manually configure+compile openssl
-	# twice; once with shared lib support enabled and once without.
-	if ! use static-libs ; then
-		rm "${ED}"/usr/$(get_libdir)/lib{crypto,ssl}.a || die
-	fi
-}
-
-multilib_src_install_all() {
-	# openssl installs perl version of c_rehash by default, but
-	# we provide a shell version via app-misc/c_rehash
-	rm "${ED}"/usr/bin/c_rehash || die
-
-	dodoc {AUTHORS,CHANGES,NEWS,README,README-PROVIDERS}.md doc/*.txt doc/${PN}-c-indent.el
-
-	# Create the certs directory
-	keepdir ${SSL_CNF_DIR}/certs
-
-	# bug #254521
-	dodir /etc/sandbox.d
-	echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl
-
-	diropts -m0700
-	keepdir ${SSL_CNF_DIR}/private
-}
-
-pkg_preinst() {
-	if use fips; then
-		# Regen fipsmodule.cnf, bug 900625
-		ebegin "Running openssl fipsinstall"
-		"${ED}/usr/bin/openssl" fipsinstall -quiet \
-			-out "${ED}${SSL_CNF_DIR}/fipsmodule.cnf" \
-			-module "${ED}/usr/$(get_libdir)/ossl-modules/fips.so"
-		eend $?
-	fi
-
-	preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \
-		/usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1.1)
-}
-
-pkg_postinst() {
-	ebegin "Running 'openssl rehash ${EROOT}${SSL_CNF_DIR}/certs' to rebuild hashes (bug #333069)"
-	openssl rehash "${EROOT}${SSL_CNF_DIR}/certs"
-	eend $?
-
-	preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \
-		/usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1.1)
-}
diff --git a/dev-libs/openssl/openssl-3.0.14.ebuild b/dev-libs/openssl/openssl-3.0.14.ebuild
deleted file mode 100644
index 24e53cd2ac74..000000000000
--- a/dev-libs/openssl/openssl-3.0.14.ebuild
+++ /dev/null
@@ -1,278 +0,0 @@
-# Copyright 1999-2024 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/openssl.org.asc
-inherit edo flag-o-matic linux-info toolchain-funcs
-inherit multilib multilib-minimal multiprocessing preserve-libs verify-sig
-
-DESCRIPTION="Robust, full-featured Open Source Toolkit for the Transport Layer Security (TLS)"
-HOMEPAGE="https://openssl-library.org/"
-
-MY_P=${P/_/-}
-
-if [[ ${PV} == 9999 ]] ; then
-	EGIT_REPO_URI="https://github.com/openssl/openssl.git"
-
-	inherit git-r3
-else
-	SRC_URI="mirror://openssl/source/${MY_P}.tar.gz
-		verify-sig? ( mirror://openssl/source/${MY_P}.tar.gz.asc )"
-	KEYWORDS="~alpha amd64 arm arm64 ~hppa ~loong ~m68k ~mips ~ppc ppc64 ~riscv ~s390 sparc x86 ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris"
-fi
-
-S="${WORKDIR}"/${MY_P}
-
-LICENSE="Apache-2.0"
-SLOT="0/3" # .so version of libssl/libcrypto
-IUSE="+asm cpu_flags_x86_sse2 fips ktls rfc3779 sctp static-libs test tls-compression vanilla verify-sig weak-ssl-ciphers"
-RESTRICT="!test? ( test )"
-
-COMMON_DEPEND="
-	tls-compression? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] )
-"
-BDEPEND="
-	>=dev-lang/perl-5
-	sctp? ( >=net-misc/lksctp-tools-1.0.12 )
-	test? (
-		sys-apps/diffutils
-		app-alternatives/bc
-		sys-process/procps
-	)
-	verify-sig? ( <sec-keys/openpgp-keys-openssl-20240920 )"
-
-DEPEND="${COMMON_DEPEND}"
-RDEPEND="${COMMON_DEPEND}"
-PDEPEND="app-misc/ca-certificates"
-
-MULTILIB_WRAPPED_HEADERS=(
-	/usr/include/openssl/configuration.h
-)
-
-pkg_setup() {
-	if use ktls ; then
-		if kernel_is -lt 4 18 ; then
-			ewarn "Kernel implementation of TLS (USE=ktls) requires kernel >=4.18!"
-		else
-			CONFIG_CHECK="~TLS ~TLS_DEVICE"
-			ERROR_TLS="You will be unable to offload TLS to kernel because CONFIG_TLS is not set!"
-			ERROR_TLS_DEVICE="You will be unable to offload TLS to kernel because CONFIG_TLS_DEVICE is not set!"
-			use test && CONFIG_CHECK+=" ~CRYPTO_USER_API_SKCIPHER"
-
-			linux-info_pkg_setup
-		fi
-	fi
-
-	[[ ${MERGE_TYPE} == binary ]] && return
-
-	# must check in pkg_setup; sysctl doesn't work with userpriv!
-	if use test && use sctp ; then
-		# test_ssl_new will fail with "Ensure SCTP AUTH chunks are enabled in kernel"
-		# if sctp.auth_enable is not enabled.
-		local sctp_auth_status=$(sysctl -n net.sctp.auth_enable 2>/dev/null)
-		if [[ -z "${sctp_auth_status}" ]] || [[ ${sctp_auth_status} != 1 ]] ; then
-			die "FEATURES=test with USE=sctp requires net.sctp.auth_enable=1!"
-		fi
-	fi
-}
-
-src_prepare() {
-	# Make sure we only ever touch Makefile.org and avoid patching a file
-	# that gets blown away anyways by the Configure script in src_configure
-	rm -f Makefile || die
-
-	if ! use vanilla ; then
-		PATCHES+=(
-			# Add patches which are Gentoo-specific customisations here
-		)
-	fi
-
-	default
-
-	if use test && use sctp && has network-sandbox ${FEATURES} ; then
-		einfo "Disabling test '80-test_ssl_new.t' which is known to fail with FEATURES=network-sandbox ..."
-		rm test/recipes/80-test_ssl_new.t || die
-	fi
-
-	# Test fails depending on kernel configuration, bug #699134
-	rm test/recipes/30-test_afalg.t || die
-}
-
-src_configure() {
-	# Keep this in sync with app-misc/c_rehash
-	SSL_CNF_DIR="/etc/ssl"
-
-	# Quiet out unknown driver argument warnings since openssl
-	# doesn't have well-split CFLAGS and we're making it even worse
-	# and 'make depend' uses -Werror for added fun (bug #417795 again)
-	tc-is-clang && append-flags -Qunused-arguments
-
-	# We really, really need to build OpenSSL w/ strict aliasing disabled.
-	# It's filled with violations and it *will* result in miscompiled
-	# code. This has been in the ebuild for > 10 years but even in 2022,
-	# it's still relevant:
-	# - https://github.com/llvm/llvm-project/issues/55255
-	# - https://github.com/openssl/openssl/issues/12247
-	# - https://github.com/openssl/openssl/issues/18225
-	# - https://github.com/openssl/openssl/issues/18663#issuecomment-1181478057
-	# Don't remove the no strict aliasing bits below!
-	filter-flags -fstrict-aliasing
-	append-flags -fno-strict-aliasing
-	# The OpenSSL developers don't test with LTO right now, it leads to various
-	# warnings/errors (which may or may not be false positives), it's considered
-	# unsupported, and it's not tested in CI: https://github.com/openssl/openssl/issues/18663.
-	filter-lto
-
-	append-flags $(test-flags-CC -Wa,--noexecstack)
-
-	# bug #895308
-	append-atomic-flags
-	# Configure doesn't respect LIBS
-	export LDLIBS="${LIBS}"
-
-	# bug #197996
-	unset APPS
-	# bug #312551
-	unset SCRIPTS
-	# bug #311473
-	unset CROSS_COMPILE
-
-	tc-export AR CC CXX RANLIB RC
-
-	multilib-minimal_src_configure
-}
-
-multilib_src_configure() {
-	use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; }
-
-	local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
-
-	# See if our toolchain supports __uint128_t.  If so, it's 64bit
-	# friendly and can use the nicely optimized code paths, bug #460790.
-	#local ec_nistp_64_gcc_128
-	#
-	# Disable it for now though (bug #469976)
-	# Do NOT re-enable without substantial discussion first!
-	#
-	#echo "__uint128_t i;" > "${T}"/128.c
-	#if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then
-	#       ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128"
-	#fi
-
-	local sslout=$(bash "${FILESDIR}/gentoo.config-1.0.4")
-	einfo "Using configuration: ${sslout:-(openssl knows best)}"
-
-	# https://github.com/openssl/openssl/blob/master/INSTALL.md#enable-and-disable-features
-	local myeconfargs=(
-		${sslout}
-
-		$(use cpu_flags_x86_sse2 || echo "no-sse2")
-		enable-camellia
-		enable-ec
-		enable-ec2m
-		enable-sm2
-		enable-srp
-		$(use elibc_musl && echo "no-async")
-		enable-idea
-		enable-mdc2
-		enable-rc5
-		$(use fips && echo "enable-fips")
-		$(use_ssl asm)
-		$(use_ssl ktls)
-		$(use_ssl rfc3779)
-		$(use_ssl sctp)
-		$(use test || echo "no-tests")
-		$(use_ssl tls-compression zlib)
-		$(use_ssl weak-ssl-ciphers)
-
-		--prefix="${EPREFIX}"/usr
-		--openssldir="${EPREFIX}"${SSL_CNF_DIR}
-		--libdir=$(get_libdir)
-
-		shared
-		threads
-	)
-
-	edo perl "${S}/Configure" "${myeconfargs[@]}"
-}
-
-multilib_src_compile() {
-	emake build_sw
-
-	if multilib_is_native_abi; then
-		emake build_docs
-	fi
-}
-
-multilib_src_test() {
-	# VFP = show subtests verbosely and show failed tests verbosely
-	# Normal V=1 would show everything verbosely but this slows things down.
-	emake HARNESS_JOBS="$(makeopts_jobs)" -Onone VFP=1 test
-}
-
-multilib_src_install() {
-	# Only -j1 is supported for the install targets:
-	# https://github.com/openssl/openssl/issues/21999#issuecomment-1771150305
-	emake DESTDIR="${D}" -j1 install_sw
-	if use fips; then
-		emake DESTDIR="${D}" -j1 install_fips
-		# Regen this in pkg_preinst, bug 900625
-		rm "${ED}${SSL_CNF_DIR}"/fipsmodule.cnf || die
-	fi
-
-	if multilib_is_native_abi; then
-		emake DESTDIR="${D}" -j1 install_ssldirs
-		emake DESTDIR="${D}" DOCDIR='$(INSTALLTOP)'/share/doc/${PF} -j1 install_docs
-	fi
-
-	# This is crappy in that the static archives are still built even
-	# when USE=static-libs. But this is due to a failing in the openssl
-	# build system: the static archives are built as PIC all the time.
-	# Only way around this would be to manually configure+compile openssl
-	# twice; once with shared lib support enabled and once without.
-	if ! use static-libs ; then
-		rm "${ED}"/usr/$(get_libdir)/lib{crypto,ssl}.a || die
-	fi
-}
-
-multilib_src_install_all() {
-	# openssl installs perl version of c_rehash by default, but
-	# we provide a shell version via app-misc/c_rehash
-	rm "${ED}"/usr/bin/c_rehash || die
-
-	dodoc {AUTHORS,CHANGES,NEWS,README,README-PROVIDERS}.md doc/*.txt doc/${PN}-c-indent.el
-
-	# Create the certs directory
-	keepdir ${SSL_CNF_DIR}/certs
-
-	# bug #254521
-	dodir /etc/sandbox.d
-	echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl
-
-	diropts -m0700
-	keepdir ${SSL_CNF_DIR}/private
-}
-
-pkg_preinst() {
-	if use fips; then
-		# Regen fipsmodule.cnf, bug 900625
-		ebegin "Running openssl fipsinstall"
-		"${ED}/usr/bin/openssl" fipsinstall -quiet \
-			-out "${ED}${SSL_CNF_DIR}/fipsmodule.cnf" \
-			-module "${ED}/usr/$(get_libdir)/ossl-modules/fips.so"
-		eend $?
-	fi
-
-	preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \
-		/usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1.1)
-}
-
-pkg_postinst() {
-	ebegin "Running 'openssl rehash ${EROOT}${SSL_CNF_DIR}/certs' to rebuild hashes (bug #333069)"
-	openssl rehash "${EROOT}${SSL_CNF_DIR}/certs"
-	eend $?
-
-	preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \
-		/usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1.1)
-}
diff --git a/dev-libs/openssl/openssl-3.0.15-r1.ebuild b/dev-libs/openssl/openssl-3.0.15-r1.ebuild
index 210e8a87c016..2d404c45bcfe 100644
--- a/dev-libs/openssl/openssl-3.0.15-r1.ebuild
+++ b/dev-libs/openssl/openssl-3.0.15-r1.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2024 Gentoo Authors
+# Copyright 1999-2025 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI=8
@@ -23,7 +23,7 @@ else
 			https://github.com/openssl/openssl/releases/download/${P}/${P}.tar.gz.asc
 		)
 	"
-	KEYWORDS="~alpha amd64 ~arm ~arm64 ~hppa ~loong ~m68k ~mips ~ppc ppc64 ~riscv ~s390 ~sparc x86 ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris"
+	KEYWORDS="~alpha amd64 arm arm64 hppa ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris"
 fi
 
 S="${WORKDIR}"/${MY_P}
diff --git a/dev-libs/openssl/openssl-3.0.15.ebuild b/dev-libs/openssl/openssl-3.0.15.ebuild
deleted file mode 100644
index cc6072743d00..000000000000
--- a/dev-libs/openssl/openssl-3.0.15.ebuild
+++ /dev/null
@@ -1,283 +0,0 @@
-# Copyright 1999-2024 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/openssl.org.asc
-inherit edo flag-o-matic linux-info toolchain-funcs
-inherit multilib multilib-minimal multiprocessing preserve-libs verify-sig
-
-DESCRIPTION="Robust, full-featured Open Source Toolkit for the Transport Layer Security (TLS)"
-HOMEPAGE="https://openssl-library.org/"
-
-MY_P=${P/_/-}
-
-if [[ ${PV} == 9999 ]] ; then
-	EGIT_REPO_URI="https://github.com/openssl/openssl.git"
-
-	inherit git-r3
-else
-	SRC_URI="
-		https://github.com/openssl/openssl/releases/download/${P}/${P}.tar.gz
-		verify-sig? (
-			https://github.com/openssl/openssl/releases/download/${P}/${P}.tar.gz.asc
-		)
-	"
-	KEYWORDS="~alpha amd64 arm arm64 ~hppa ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 ~sparc x86 ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris"
-fi
-
-S="${WORKDIR}"/${MY_P}
-
-LICENSE="Apache-2.0"
-SLOT="0/3" # .so version of libssl/libcrypto
-IUSE="+asm cpu_flags_x86_sse2 fips ktls rfc3779 sctp static-libs test tls-compression vanilla verify-sig weak-ssl-ciphers"
-RESTRICT="!test? ( test )"
-
-COMMON_DEPEND="
-	tls-compression? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] )
-"
-BDEPEND="
-	>=dev-lang/perl-5
-	sctp? ( >=net-misc/lksctp-tools-1.0.12 )
-	test? (
-		sys-apps/diffutils
-		app-alternatives/bc
-		sys-process/procps
-	)
-	verify-sig? ( >=sec-keys/openpgp-keys-openssl-20240920 )
-"
-
-DEPEND="${COMMON_DEPEND}"
-RDEPEND="${COMMON_DEPEND}"
-PDEPEND="app-misc/ca-certificates"
-
-MULTILIB_WRAPPED_HEADERS=(
-	/usr/include/openssl/configuration.h
-)
-
-pkg_setup() {
-	if use ktls ; then
-		if kernel_is -lt 4 18 ; then
-			ewarn "Kernel implementation of TLS (USE=ktls) requires kernel >=4.18!"
-		else
-			CONFIG_CHECK="~TLS ~TLS_DEVICE"
-			ERROR_TLS="You will be unable to offload TLS to kernel because CONFIG_TLS is not set!"
-			ERROR_TLS_DEVICE="You will be unable to offload TLS to kernel because CONFIG_TLS_DEVICE is not set!"
-			use test && CONFIG_CHECK+=" ~CRYPTO_USER_API_SKCIPHER"
-
-			linux-info_pkg_setup
-		fi
-	fi
-
-	[[ ${MERGE_TYPE} == binary ]] && return
-
-	# must check in pkg_setup; sysctl doesn't work with userpriv!
-	if use test && use sctp ; then
-		# test_ssl_new will fail with "Ensure SCTP AUTH chunks are enabled in kernel"
-		# if sctp.auth_enable is not enabled.
-		local sctp_auth_status=$(sysctl -n net.sctp.auth_enable 2>/dev/null)
-		if [[ -z "${sctp_auth_status}" ]] || [[ ${sctp_auth_status} != 1 ]] ; then
-			die "FEATURES=test with USE=sctp requires net.sctp.auth_enable=1!"
-		fi
-	fi
-}
-
-src_prepare() {
-	# Make sure we only ever touch Makefile.org and avoid patching a file
-	# that gets blown away anyways by the Configure script in src_configure
-	rm -f Makefile || die
-
-	if ! use vanilla ; then
-		PATCHES+=(
-			# Add patches which are Gentoo-specific customisations here
-		)
-	fi
-
-	default
-
-	if use test && use sctp && has network-sandbox ${FEATURES} ; then
-		einfo "Disabling test '80-test_ssl_new.t' which is known to fail with FEATURES=network-sandbox ..."
-		rm test/recipes/80-test_ssl_new.t || die
-	fi
-
-	# Test fails depending on kernel configuration, bug #699134
-	rm test/recipes/30-test_afalg.t || die
-}
-
-src_configure() {
-	# Keep this in sync with app-misc/c_rehash
-	SSL_CNF_DIR="/etc/ssl"
-
-	# Quiet out unknown driver argument warnings since openssl
-	# doesn't have well-split CFLAGS and we're making it even worse
-	# and 'make depend' uses -Werror for added fun (bug #417795 again)
-	tc-is-clang && append-flags -Qunused-arguments
-
-	# We really, really need to build OpenSSL w/ strict aliasing disabled.
-	# It's filled with violations and it *will* result in miscompiled
-	# code. This has been in the ebuild for > 10 years but even in 2022,
-	# it's still relevant:
-	# - https://github.com/llvm/llvm-project/issues/55255
-	# - https://github.com/openssl/openssl/issues/12247
-	# - https://github.com/openssl/openssl/issues/18225
-	# - https://github.com/openssl/openssl/issues/18663#issuecomment-1181478057
-	# Don't remove the no strict aliasing bits below!
-	filter-flags -fstrict-aliasing
-	append-flags -fno-strict-aliasing
-	# The OpenSSL developers don't test with LTO right now, it leads to various
-	# warnings/errors (which may or may not be false positives), it's considered
-	# unsupported, and it's not tested in CI: https://github.com/openssl/openssl/issues/18663.
-	filter-lto
-
-	append-flags $(test-flags-CC -Wa,--noexecstack)
-
-	# bug #895308
-	append-atomic-flags
-	# Configure doesn't respect LIBS
-	export LDLIBS="${LIBS}"
-
-	# bug #197996
-	unset APPS
-	# bug #312551
-	unset SCRIPTS
-	# bug #311473
-	unset CROSS_COMPILE
-
-	tc-export AR CC CXX RANLIB RC
-
-	multilib-minimal_src_configure
-}
-
-multilib_src_configure() {
-	use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; }
-
-	local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
-
-	# See if our toolchain supports __uint128_t.  If so, it's 64bit
-	# friendly and can use the nicely optimized code paths, bug #460790.
-	#local ec_nistp_64_gcc_128
-	#
-	# Disable it for now though (bug #469976)
-	# Do NOT re-enable without substantial discussion first!
-	#
-	#echo "__uint128_t i;" > "${T}"/128.c
-	#if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then
-	#       ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128"
-	#fi
-
-	local sslout=$(bash "${FILESDIR}/gentoo.config-1.0.4")
-	einfo "Using configuration: ${sslout:-(openssl knows best)}"
-
-	# https://github.com/openssl/openssl/blob/master/INSTALL.md#enable-and-disable-features
-	local myeconfargs=(
-		${sslout}
-
-		$(use cpu_flags_x86_sse2 || echo "no-sse2")
-		enable-camellia
-		enable-ec
-		enable-ec2m
-		enable-sm2
-		enable-srp
-		$(use elibc_musl && echo "no-async")
-		enable-idea
-		enable-mdc2
-		enable-rc5
-		$(use fips && echo "enable-fips")
-		$(use_ssl asm)
-		$(use_ssl ktls)
-		$(use_ssl rfc3779)
-		$(use_ssl sctp)
-		$(use test || echo "no-tests")
-		$(use_ssl tls-compression zlib)
-		$(use_ssl weak-ssl-ciphers)
-
-		--prefix="${EPREFIX}"/usr
-		--openssldir="${EPREFIX}"${SSL_CNF_DIR}
-		--libdir=$(get_libdir)
-
-		shared
-		threads
-	)
-
-	edo perl "${S}/Configure" "${myeconfargs[@]}"
-}
-
-multilib_src_compile() {
-	emake build_sw
-
-	if multilib_is_native_abi; then
-		emake build_docs
-	fi
-}
-
-multilib_src_test() {
-	# VFP = show subtests verbosely and show failed tests verbosely
-	# Normal V=1 would show everything verbosely but this slows things down.
-	emake HARNESS_JOBS="$(makeopts_jobs)" -Onone VFP=1 test
-}
-
-multilib_src_install() {
-	# Only -j1 is supported for the install targets:
-	# https://github.com/openssl/openssl/issues/21999#issuecomment-1771150305
-	emake DESTDIR="${D}" -j1 install_sw
-	if use fips; then
-		emake DESTDIR="${D}" -j1 install_fips
-		# Regen this in pkg_preinst, bug 900625
-		rm "${ED}${SSL_CNF_DIR}"/fipsmodule.cnf || die
-	fi
-
-	if multilib_is_native_abi; then
-		emake DESTDIR="${D}" -j1 install_ssldirs
-		emake DESTDIR="${D}" DOCDIR='$(INSTALLTOP)'/share/doc/${PF} -j1 install_docs
-	fi
-
-	# This is crappy in that the static archives are still built even
-	# when USE=static-libs. But this is due to a failing in the openssl
-	# build system: the static archives are built as PIC all the time.
-	# Only way around this would be to manually configure+compile openssl
-	# twice; once with shared lib support enabled and once without.
-	if ! use static-libs ; then
-		rm "${ED}"/usr/$(get_libdir)/lib{crypto,ssl}.a || die
-	fi
-}
-
-multilib_src_install_all() {
-	# openssl installs perl version of c_rehash by default, but
-	# we provide a shell version via app-misc/c_rehash
-	rm "${ED}"/usr/bin/c_rehash || die
-
-	dodoc {AUTHORS,CHANGES,NEWS,README,README-PROVIDERS}.md doc/*.txt doc/${PN}-c-indent.el
-
-	# Create the certs directory
-	keepdir ${SSL_CNF_DIR}/certs
-
-	# bug #254521
-	dodir /etc/sandbox.d
-	echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl
-
-	diropts -m0700
-	keepdir ${SSL_CNF_DIR}/private
-}
-
-pkg_preinst() {
-	if use fips; then
-		# Regen fipsmodule.cnf, bug 900625
-		ebegin "Running openssl fipsinstall"
-		"${ED}/usr/bin/openssl" fipsinstall -quiet \
-			-out "${ED}${SSL_CNF_DIR}/fipsmodule.cnf" \
-			-module "${ED}/usr/$(get_libdir)/ossl-modules/fips.so"
-		eend $?
-	fi
-
-	preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \
-		/usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1.1)
-}
-
-pkg_postinst() {
-	ebegin "Running 'openssl rehash ${EROOT}${SSL_CNF_DIR}/certs' to rebuild hashes (bug #333069)"
-	openssl rehash "${EROOT}${SSL_CNF_DIR}/certs"
-	eend $?
-
-	preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \
-		/usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1.1)
-}
diff --git a/dev-libs/openssl/openssl-3.1.7-r1.ebuild b/dev-libs/openssl/openssl-3.1.7-r1.ebuild
index 5ca73111c8f3..aeaa611d6f60 100644
--- a/dev-libs/openssl/openssl-3.1.7-r1.ebuild
+++ b/dev-libs/openssl/openssl-3.1.7-r1.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2024 Gentoo Authors
+# Copyright 1999-2025 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI=8
@@ -23,7 +23,8 @@ else
 			https://github.com/openssl/openssl/releases/download/${P}/${P}.tar.gz.asc
 		)
 	"
-	KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris"
+
+	KEYWORDS="~alpha amd64 arm arm64 hppa ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris"
 fi
 
 S="${WORKDIR}"/${MY_P}
diff --git a/dev-libs/openssl/openssl-3.2.3-r1.ebuild b/dev-libs/openssl/openssl-3.2.3-r1.ebuild
index 9e0ddd974047..15ae0fec7134 100644
--- a/dev-libs/openssl/openssl-3.2.3-r1.ebuild
+++ b/dev-libs/openssl/openssl-3.2.3-r1.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2024 Gentoo Authors
+# Copyright 1999-2025 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI=8
@@ -25,7 +25,7 @@ else
 	"
 
 	if [[ ${PV} != *_alpha* && ${PV} != *_beta* ]] ; then
-		KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris"
+		KEYWORDS="~alpha amd64 arm arm64 hppa ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris"
 	fi
 fi
 
diff --git a/dev-libs/openssl/openssl-3.3.2-r1.ebuild b/dev-libs/openssl/openssl-3.3.2-r1.ebuild
index f33725cf3165..7ea54de6cf61 100644
--- a/dev-libs/openssl/openssl-3.3.2-r1.ebuild
+++ b/dev-libs/openssl/openssl-3.3.2-r1.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2024 Gentoo Authors
+# Copyright 1999-2025 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI=8
@@ -25,7 +25,7 @@ else
 	"
 
 	if [[ ${PV} != *_alpha* && ${PV} != *_beta* ]] ; then
-		KEYWORDS="~alpha amd64 ~arm arm64 ~hppa ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris"
+		KEYWORDS="~alpha amd64 arm arm64 hppa ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris"
 	fi
 fi
 
diff --git a/dev-libs/openssl/openssl-3.3.2-r2.ebuild b/dev-libs/openssl/openssl-3.3.2-r2.ebuild
index 0299c1afeafd..c5e162532f99 100644
--- a/dev-libs/openssl/openssl-3.3.2-r2.ebuild
+++ b/dev-libs/openssl/openssl-3.3.2-r2.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2024 Gentoo Authors
+# Copyright 1999-2025 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI=8
@@ -25,7 +25,7 @@ else
 	"
 
 	if [[ ${PV} != *_alpha* && ${PV} != *_beta* ]] ; then
-		KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris"
+		KEYWORDS="~alpha ~amd64 ~arm arm64 ~hppa ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 ~sparc ~x86 ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris"
 	fi
 fi
 
diff --git a/dev-libs/openssl/openssl-3.3.2.ebuild b/dev-libs/openssl/openssl-3.3.2.ebuild
deleted file mode 100644
index 7165d21845ee..000000000000
--- a/dev-libs/openssl/openssl-3.3.2.ebuild
+++ /dev/null
@@ -1,300 +0,0 @@
-# Copyright 1999-2024 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/openssl.org.asc
-inherit edo flag-o-matic linux-info toolchain-funcs
-inherit multilib multilib-minimal multiprocessing preserve-libs verify-sig
-
-DESCRIPTION="Robust, full-featured Open Source Toolkit for the Transport Layer Security (TLS)"
-HOMEPAGE="https://openssl-library.org/"
-
-MY_P=${P/_/-}
-
-if [[ ${PV} == 9999 ]] ; then
-	EGIT_REPO_URI="https://github.com/openssl/openssl.git"
-
-	inherit git-r3
-else
-	SRC_URI="
-		https://github.com/openssl/openssl/releases/download/${P}/${P}.tar.gz
-		verify-sig? (
-			https://github.com/openssl/openssl/releases/download/${P}/${P}.tar.gz.asc
-		)
-	"
-
-	if [[ ${PV} != *_alpha* && ${PV} != *_beta* ]] ; then
-		KEYWORDS="~alpha amd64 arm arm64 hppa ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris"
-	fi
-fi
-
-S="${WORKDIR}"/${MY_P}
-
-LICENSE="Apache-2.0"
-SLOT="0/$(ver_cut 1)" # .so version of libssl/libcrypto
-IUSE="+asm cpu_flags_x86_sse2 fips ktls +quic rfc3779 sctp static-libs test tls-compression vanilla verify-sig weak-ssl-ciphers"
-RESTRICT="!test? ( test )"
-
-COMMON_DEPEND="
-	!<net-misc/openssh-9.2_p1-r3
-	tls-compression? ( >=sys-libs/zlib-1.2.8-r1[static-libs(+)?,${MULTILIB_USEDEP}] )
-"
-BDEPEND="
-	>=dev-lang/perl-5
-	sctp? ( >=net-misc/lksctp-tools-1.0.12 )
-	test? (
-		sys-apps/diffutils
-		app-alternatives/bc
-		sys-process/procps
-	)
-	verify-sig? ( >=sec-keys/openpgp-keys-openssl-20240920 )
-"
-DEPEND="${COMMON_DEPEND}"
-RDEPEND="${COMMON_DEPEND}"
-PDEPEND="app-misc/ca-certificates"
-
-MULTILIB_WRAPPED_HEADERS=(
-	/usr/include/openssl/configuration.h
-)
-
-pkg_setup() {
-	if use ktls ; then
-		if kernel_is -lt 4 18 ; then
-			ewarn "Kernel implementation of TLS (USE=ktls) requires kernel >=4.18!"
-		else
-			CONFIG_CHECK="~TLS ~TLS_DEVICE"
-			ERROR_TLS="You will be unable to offload TLS to kernel because CONFIG_TLS is not set!"
-			ERROR_TLS_DEVICE="You will be unable to offload TLS to kernel because CONFIG_TLS_DEVICE is not set!"
-			use test && CONFIG_CHECK+=" ~CRYPTO_USER_API_SKCIPHER"
-
-			linux-info_pkg_setup
-		fi
-	fi
-
-	[[ ${MERGE_TYPE} == binary ]] && return
-
-	# must check in pkg_setup; sysctl doesn't work with userpriv!
-	if use test && use sctp ; then
-		# test_ssl_new will fail with "Ensure SCTP AUTH chunks are enabled in kernel"
-		# if sctp.auth_enable is not enabled.
-		local sctp_auth_status=$(sysctl -n net.sctp.auth_enable 2>/dev/null)
-		if [[ -z "${sctp_auth_status}" ]] || [[ ${sctp_auth_status} != 1 ]] ; then
-			die "FEATURES=test with USE=sctp requires net.sctp.auth_enable=1!"
-		fi
-	fi
-}
-
-src_unpack() {
-	# Can delete this once test fix patch is dropped
-	if use verify-sig ; then
-		# Needed for downloaded patch (which is unsigned, which is fine)
-		verify-sig_verify_detached "${DISTDIR}"/${MY_P}.tar.gz{,.asc}
-	fi
-
-	default
-}
-
-src_prepare() {
-	# Make sure we only ever touch Makefile.org and avoid patching a file
-	# that gets blown away anyways by the Configure script in src_configure
-	rm -f Makefile || die
-
-	if ! use vanilla ; then
-		PATCHES+=(
-			# Add patches which are Gentoo-specific customisations here
-		)
-	fi
-
-	default
-
-	if use test && use sctp && has network-sandbox ${FEATURES} ; then
-		einfo "Disabling test '80-test_ssl_new.t' which is known to fail with FEATURES=network-sandbox ..."
-		rm test/recipes/80-test_ssl_new.t || die
-	fi
-
-	# Test fails depending on kernel configuration, bug #699134
-	rm test/recipes/30-test_afalg.t || die
-}
-
-src_configure() {
-	# Keep this in sync with app-misc/c_rehash
-	SSL_CNF_DIR="/etc/ssl"
-
-	# Quiet out unknown driver argument warnings since openssl
-	# doesn't have well-split CFLAGS and we're making it even worse
-	# and 'make depend' uses -Werror for added fun (bug #417795 again)
-	tc-is-clang && append-flags -Qunused-arguments
-
-	# We really, really need to build OpenSSL w/ strict aliasing disabled.
-	# It's filled with violations and it *will* result in miscompiled
-	# code. This has been in the ebuild for > 10 years but even in 2022,
-	# it's still relevant:
-	# - https://github.com/llvm/llvm-project/issues/55255
-	# - https://github.com/openssl/openssl/issues/12247
-	# - https://github.com/openssl/openssl/issues/18225
-	# - https://github.com/openssl/openssl/issues/18663#issuecomment-1181478057
-	# Don't remove the no strict aliasing bits below!
-	filter-flags -fstrict-aliasing
-	append-flags -fno-strict-aliasing
-	# The OpenSSL developers don't test with LTO right now, it leads to various
-	# warnings/errors (which may or may not be false positives), it's considered
-	# unsupported, and it's not tested in CI: https://github.com/openssl/openssl/issues/18663.
-	filter-lto
-
-	append-flags $(test-flags-CC -Wa,--noexecstack)
-
-	# bug #895308 -- check inserts GNU ld-compatible arguments
-	[[ ${CHOST} == *-darwin* ]] || append-atomic-flags
-	# Configure doesn't respect LIBS
-	export LDLIBS="${LIBS}"
-
-	# bug #197996
-	unset APPS
-	# bug #312551
-	unset SCRIPTS
-	# bug #311473
-	unset CROSS_COMPILE
-
-	tc-export AR CC CXX RANLIB RC
-
-	multilib-minimal_src_configure
-}
-
-multilib_src_configure() {
-	use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; }
-
-	local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
-
-	# See if our toolchain supports __uint128_t.  If so, it's 64bit
-	# friendly and can use the nicely optimized code paths, bug #460790.
-	#local ec_nistp_64_gcc_128
-	#
-	# Disable it for now though (bug #469976)
-	# Do NOT re-enable without substantial discussion first!
-	#
-	#echo "__uint128_t i;" > "${T}"/128.c
-	#if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then
-	#       ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128"
-	#fi
-
-	local sslout=$(bash "${FILESDIR}/gentoo.config-1.0.4")
-	einfo "Using configuration: ${sslout:-(openssl knows best)}"
-
-	# https://github.com/openssl/openssl/blob/master/INSTALL.md#enable-and-disable-features
-	local myeconfargs=(
-		${sslout}
-
-		$(multilib_is_native_abi || echo "no-docs")
-		$(use cpu_flags_x86_sse2 || echo "no-sse2")
-		enable-camellia
-		enable-ec
-		enable-ec2m
-		enable-sm2
-		enable-srp
-		$(use elibc_musl && echo "no-async")
-		enable-idea
-		enable-mdc2
-		enable-rc5
-		$(use fips && echo "enable-fips")
-		$(use quic && echo "enable-quic")
-		$(use_ssl asm)
-		$(use_ssl ktls)
-		$(use_ssl rfc3779)
-		$(use_ssl sctp)
-		$(use test || echo "no-tests")
-		$(use_ssl tls-compression zlib)
-		$(use_ssl weak-ssl-ciphers)
-
-		--prefix="${EPREFIX}"/usr
-		--openssldir="${EPREFIX}"${SSL_CNF_DIR}
-		--libdir=$(get_libdir)
-
-		shared
-		threads
-	)
-
-	edo perl "${S}/Configure" "${myeconfargs[@]}"
-}
-
-multilib_src_compile() {
-	emake build_sw
-}
-
-multilib_src_test() {
-	# See https://github.com/openssl/openssl/blob/master/test/README.md for options.
-	#
-	# VFP = show subtests verbosely and show failed tests verbosely
-	# Normal V=1 would show everything verbosely but this slows things down.
-	#
-	# -j1 here for https://github.com/openssl/openssl/issues/21999, but it
-	# shouldn't matter as tests were already built earlier, and HARNESS_JOBS
-	# controls running the tests.
-	emake -Onone -j1 HARNESS_JOBS="$(makeopts_jobs)" VFP=1 test
-}
-
-multilib_src_install() {
-	# Only -j1 is supported for the install targets:
-	# https://github.com/openssl/openssl/issues/21999#issuecomment-1771150305
-	emake DESTDIR="${D}" -j1 install_sw
-	if use fips; then
-		emake DESTDIR="${D}" -j1 install_fips
-		# Regen this in pkg_preinst, bug 900625
-		rm "${ED}${SSL_CNF_DIR}"/fipsmodule.cnf || die
-	fi
-
-	if multilib_is_native_abi; then
-		emake DESTDIR="${D}" -j1 install_ssldirs
-		emake DESTDIR="${D}" DOCDIR='$(INSTALLTOP)'/share/doc/${PF} -j1 install_docs
-	fi
-
-	# This is crappy in that the static archives are still built even
-	# when USE=static-libs. But this is due to a failing in the openssl
-	# build system: the static archives are built as PIC all the time.
-	# Only way around this would be to manually configure+compile openssl
-	# twice; once with shared lib support enabled and once without.
-	if ! use static-libs ; then
-		rm "${ED}"/usr/$(get_libdir)/lib{crypto,ssl}.a || die
-	fi
-}
-
-multilib_src_install_all() {
-	# openssl installs perl version of c_rehash by default, but
-	# we provide a shell version via app-misc/c_rehash
-	rm "${ED}"/usr/bin/c_rehash || die
-
-	dodoc {AUTHORS,CHANGES,NEWS,README,README-PROVIDERS}.md doc/*.txt doc/${PN}-c-indent.el
-
-	# Create the certs directory
-	keepdir ${SSL_CNF_DIR}/certs
-
-	# bug #254521
-	dodir /etc/sandbox.d
-	echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl
-
-	diropts -m0700
-	keepdir ${SSL_CNF_DIR}/private
-}
-
-pkg_preinst() {
-	if use fips; then
-		# Regen fipsmodule.cnf, bug 900625
-		ebegin "Running openssl fipsinstall"
-		"${ED}/usr/bin/openssl" fipsinstall -quiet \
-			-out "${ED}${SSL_CNF_DIR}/fipsmodule.cnf" \
-			-module "${ED}/usr/$(get_libdir)/ossl-modules/fips.so"
-		eend $?
-	fi
-
-	preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \
-		/usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1.1)
-}
-
-pkg_postinst() {
-	ebegin "Running 'openssl rehash ${EROOT}${SSL_CNF_DIR}/certs' to rebuild hashes (bug #333069)"
-	openssl rehash "${EROOT}${SSL_CNF_DIR}/certs"
-	eend $?
-
-	preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1) \
-		/usr/$(get_libdir)/lib{crypto,ssl}$(get_libname 1.1)
-}