NetBSD/pkgsrc yngoFUbeditors/qtcreator PLIST distinfo, editors/qtcreator/patches patch-src_app_CMakeLists.txt

   qtcreator: updated to 19.0.1

   Qt Creator version 19.0.1 contains bug fixes.

   General

   Fixed

   * That preferences for newly enabled plugins were only available after restart
   * Various issues with marking the `Preferences` as dirty
   * A possible crash when opening the `About Qt Creator` dialog multiple times
   * That using the keyboard shortcut for `Advanced Find` did not raise the search
     widget
   * Model Context Protocol
       * A crash when using the `quit` action

   Editing

   Fixed

    [16 lines not shown]
VersionDeltaFile
1.10+94-49editors/qtcreator/PLIST
1.16+5-5editors/qtcreator/distinfo
1.4+5-5editors/qtcreator/patches/patch-src_app_CMakeLists.txt
1.48+6-3editors/qtcreator/Makefile
+110-624 files

NetBSD/pkgsrc yGYVz36doc CHANGES-2026

   doc: Updated textproc/gsed to 4.10
VersionDeltaFile
1.3003+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc 0kdrbB3textproc/gsed distinfo Makefile, textproc/gsed/patches patch-Makefile.in patch-gnulib-tests_localename.c

   gsed: update to 4.10.

   * Noteworthy changes in release 4.10 (2026-04-21) [stable]

   ** Bug fixes

     sed 's/a/b/g' (and other global substitutions) now works on input
     lines longer than 2GB. Previously, matches beyond the 2^31 byte offset
     would evoke a "panic" (exit 4).
     [bug present since the beginning]

     'sed --follow-symlinks -i' no longer has a TOCTOU race that could let
     an attacker swap a symlink between resolution and open, causing sed to
     read attacker-chosen content and write it to the original target.
     [bug introduced in sed 4.1e]

     sed no longer falsely matches when back-references are combined with
     optional groups (.?) and the $ anchor.  For example, this no longer
     falsely matches the empty string at beginning of line:

    [49 lines not shown]
VersionDeltaFile
1.37+5-8textproc/gsed/distinfo
1.68+2-11textproc/gsed/Makefile
1.4+5-5textproc/gsed/patches/patch-Makefile.in
1.20+3-1textproc/gsed/PLIST
1.2+1-1textproc/gsed/patches/patch-gnulib-tests_localename.c
1.2+1-1textproc/gsed/patches/patch-gnulib-tests_vma-iter.c
+17-271 files not shown
+18-287 files

NetBSD/src 5XhpedDsys/arch/aarch64/aarch64 pmap.c fault.c, sys/arch/aarch64/include pmap.h

   aarch64: add pmap_test_mod_ref support

   Currently fails for non-ARMV81_HAFDBS kernels
VersionDeltaFile
1.156+188-6sys/arch/aarch64/aarch64/pmap.c
1.28+10-2sys/arch/aarch64/aarch64/fault.c
1.61+5-1sys/arch/aarch64/include/pmap.h
1.233+2-1sys/arch/evbarm/conf/GENERIC64
+205-104 files

NetBSD/pkgsrc c2Iojskdoc CHANGES-2026

   Updated meta-pkgs/qt6
VersionDeltaFile
1.3002+36-1doc/CHANGES-2026
+36-11 files

NetBSD/pkgsrc Wi1M7Akmultimedia/qt6-qtmultimedia distinfo, multimedia/qt6-qtmultimedia/patches patch-src_plugins_multimedia_ffmpeg_CMakeLists.txt

   qt6: updated to 6.11.1

   6.11.1
   Bug fixes
VersionDeltaFile
1.3+10-10www/qt6-qtwebengine/PLIST
1.7+8-8www/qt6-qtwebengine/distinfo
1.2+8-8www/qt6-qtwebengine/patches/patch-src_core_CMakeLists.txt
1.3+7-7www/qt6-qtwebengine/patches/patch-src_3rdparty_chromium_third__party_angle_src_libANGLE_Display.cpp
1.3+6-6multimedia/qt6-qtmultimedia/patches/patch-src_plugins_multimedia_ffmpeg_CMakeLists.txt
1.26+5-5multimedia/qt6-qtmultimedia/distinfo
+44-4436 files not shown
+184-18142 files

NetBSD/src ahDRDpNsys/crypto/nist_hash_drbg nist_hash_drbg.c

   nist_hash_drbg: Fix citation to standard.

   - Note that it's Rev. 1.
   - Provide a URL.
   - Link also to the test vectors.
   - And link to an archive of the test vectors, just in case.
VersionDeltaFile
1.4+8-3sys/crypto/nist_hash_drbg/nist_hash_drbg.c
+8-31 files

NetBSD/src cegA51Dsys/dev/pci virtio_pci.c

   virtio(4): Allow virtio 0.9 BAR0 type to be memory rather than I/O.

   This matches virtio>=1.0, and can't break working `hardware': any
   existing virtio devices that worked must have reported I/O-type BAR0,
   so they will continue to work; this will only enable previously
   unusable virtio devices, reporting memory-type BAR0, to work.

   Patch from Petri Koistinen.

   PR kern/60247: virtio(4): legacy attach fails when BAR0 is MMIO
VersionDeltaFile
1.56+8-5sys/dev/pci/virtio_pci.c
+8-51 files

NetBSD/src qUgIeaLcrypto/external/apache2/openssl/dist/crypto threads_win.c threads_none.c, crypto/external/apache2/openssl/dist/include/internal cryptlib.h

   openssl: Disentangle thread-local initialization logic.

   https://github.com/openssl/openssl/issues/31166
   https://github.com/openssl/openssl/pull/31167
   PR lib/60244: openssl 3.5.6 pullup can emit pthread warnings on init
VersionDeltaFile
1.2+70-75crypto/external/apache2/openssl/dist/crypto/threads_win.c
1.2+68-68crypto/external/apache2/openssl/dist/include/internal/cryptlib.h
1.2+23-21crypto/external/apache2/openssl/dist/crypto/threads_none.c
1.4+11-19crypto/external/apache2/openssl/dist/crypto/initthread.c
1.6+1-6crypto/external/apache2/openssl/dist/crypto/threads_pthread.c
+173-1895 files

NetBSD/pkgsrc Wf22WL2math/py-numpy distinfo

   math/py-numpy: Undo unintentional part of previous commit.

   PR pkg/60256: devel/py-numpy: log1pl workaround no longer works around
VersionDeltaFile
1.113+2-2math/py-numpy/distinfo
+2-21 files

NetBSD/pkgsrc rj6yIHSmath/py-numpy distinfo Makefile, math/py-numpy/patches patch-numpy___core_src_npymath_npy__math.c patch-numpy___core_src_common_mem__overlap.c

   math/py-numpy: Tweak workaround for missing log2l/log1pl/expm1l.

   1. Put it in npy_math.c as needed by _umath_linalg.so.

   2. Limit it to NetBSD<10, since NetBSD>=10 has at least stubs (just
      like this workaround implements, in terms of double functions) if
      not proper long double implementations (NetBSD>=11).

   Fixes:

   >>> import numpy
   ...
   ImportError: /home/riastradh/pkgsrc/current/pkg/lib/python3.11/site-packages/numpy/linalg/_umath_linalg.so: Undefined PLT symbol "log1pl" (symnum = 20)

   PR pkg/60256: devel/py-numpy: log1pl workaround no longer works around
VersionDeltaFile
1.1+28-0math/py-numpy/patches/patch-numpy___core_src_npymath_npy__math.c
1.112+3-3math/py-numpy/distinfo
1.150+2-1math/py-numpy/Makefile
1.2+1-1math/py-numpy/patches/patch-numpy___core_src_common_mem__overlap.c
+34-54 files

NetBSD/pkgsrc LaHDGKssecurity/py-cryptography Makefile

   py-cryptography reqires openssl3, make it so

   PR 60255 by riastradh
VersionDeltaFile
1.145+2-1security/py-cryptography/Makefile
+2-11 files

NetBSD/pkgsrc yNxjwiSdoc CHANGES-2026 TODO

   doc: Updated sysutils/lima to 2.1.1
VersionDeltaFile
1.3001+2-1doc/CHANGES-2026
1.27253+1-2doc/TODO
+3-32 files

NetBSD/pkgsrc pUWWdf0sysutils/lima distinfo go-modules.mk

   sysutils/lima: update to version 2.1.1

   The default docker template still does not boot on my NetBSD host, but
   the docker.lima wrapper worked for me just fine when using debian-13
   instead, and installing docker.io there.

   Tested on NetBSD/amd64.

   Changes since version 2.1.0:

   * Binary release:
     - Add Windows artifacts (#4789)
   * macOS guest:
     - Allow unusual range of UID (#4171, thanks to @balajiv113)
   * vz:
     - Honor audio.device=none (#4762, thanks to @BizerNotNull)
   * nerdctl:
     - Update from v2.2.1 to v2.2.2 (#4787)
       . This release of the nerdctl distribution updates BuildKit

    [59 lines not shown]
VersionDeltaFile
1.6+292-496sysutils/lima/distinfo
1.6+97-165sysutils/lima/go-modules.mk
1.4+38-4sysutils/lima/PLIST
1.12+2-3sysutils/lima/Makefile
+429-6684 files

NetBSD/src lzyPljQexternal/ibm-public/postfix/dist/conf main.cf

   fix so that it works out of the box (from RVP)
VersionDeltaFile
1.13+3-3external/ibm-public/postfix/dist/conf/main.cf
+3-31 files

NetBSD/pkgsrc cmzNGWOdoc CHANGES-pkgsrc-2026Q1

   Add a missing empty line
VersionDeltaFile
1.1.2.20+2-1doc/CHANGES-pkgsrc-2026Q1
+2-11 files

NetBSD/pkgsrc Wth0eDIdoc CHANGES-pkgsrc-2026Q1

   Pullup tickets #7110 and #7111
VersionDeltaFile
1.1.2.19+7-1doc/CHANGES-pkgsrc-2026Q1
+7-11 files

NetBSD/pkgsrc VSjc1gAeditors/vim-share distinfo version.mk, editors/vim-share/patches patch-popupwin.c patch-feature.h

   Pullup ticket #7111 - requested by morr
   editors/vim: security fix

   Revisions pulled up:
   - editors/vim-share/PLIST                                       1.88
   - editors/vim-share/distinfo                                    1.232-1.233
   - editors/vim-share/patches/patch-feature.h                     1.9
   - editors/vim-share/patches/patch-popupwin.c                    1.4
   - editors/vim-share/patches/patch-vim.h                         1.4
   - editors/vim-share/version.mk                                  1.168-1.169

   ---
      Module Name:    pkgsrc
      Committed By:   morr
      Date:           Wed May  6 20:26:50 UTC 2026

      Modified Files:
              pkgsrc/editors/vim-share: PLIST distinfo version.mk
              pkgsrc/editors/vim-share/patches: patch-feature.h patch-popupwin.c

    [124 lines not shown]
VersionDeltaFile
1.227.2.5+7-7editors/vim-share/distinfo
1.3.4.1+5-5editors/vim-share/patches/patch-popupwin.c
1.8.4.1+3-3editors/vim-share/patches/patch-feature.h
1.163.2.5+2-2editors/vim-share/version.mk
1.85.2.3+3-1editors/vim-share/PLIST
1.3.4.1+2-2editors/vim-share/patches/patch-vim.h
+22-206 files

NetBSD/pkgsrc EX2DuDMgraphics/lcms2 distinfo Makefile

   Pullup ticket #7110 - requested by taca
   graphics/lcms2: security fix

   Revisions pulled up:
   - graphics/lcms2/Makefile                                       1.24
   - graphics/lcms2/distinfo                                       1.17

   ---
      Module Name:      pkgsrc
      Committed By:     wiz
      Date:             Thu Apr 30 05:13:08 UTC 2026

      Modified Files:
        pkgsrc/graphics/lcms2: Makefile distinfo

      Log Message:
      lcms2: update to 2.19.

      All tests pass.

    [67 lines not shown]
VersionDeltaFile
1.16.20.1+4-4graphics/lcms2/distinfo
1.23.6.1+2-3graphics/lcms2/Makefile
+6-72 files

NetBSD/pkgsrc qQIbkRJdoc CHANGES-pkgsrc-2026Q1

   Pullup tickets up to #7109
VersionDeltaFile
1.1.2.18+22-1doc/CHANGES-pkgsrc-2026Q1
+22-11 files

NetBSD/pkgsrc bEPkTQIlang/ruby rubyversion.mk

   Pullup ticket #7104 - requested by taca
   lang/ruby34: security fix

   Revisions pulled up:
   - lang/ruby/rubyversion.mk                                      1.321
   - lang/ruby34/Makefile                                          1.8
   - lang/ruby34/distinfo                                          1.14
   - lang/ruby34/patches/patch-lib_erb.rb                          1.1
   - lang/ruby34/patches/patch-lib_erb_version.rb                  1.1
   - lang/ruby34/patches/patch-test_erb_test__erb.rb               1.1

   ---
      Module Name:      pkgsrc
      Committed By:     taca
      Date:             Wed May  6 05:15:35 UTC 2026

      Modified Files:
        pkgsrc/lang/ruby: rubyversion.mk
        pkgsrc/lang/ruby34: Makefile distinfo

    [10 lines not shown]
VersionDeltaFile
1.314.2.7+2-2lang/ruby/rubyversion.mk
+2-21 files

NetBSD/pkgsrc lapbVcNdoc CHANGES-2026

   doc: Updated textproc/p5-YAML-Syck to 1.45
VersionDeltaFile
1.3000+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc u0VMq9xtextproc/p5-YAML-Syck Makefile distinfo

   p5-YAML-Syck: update to 1.45.

   1.45 Apr 23 2026

     [Bug Fixes]
     - Fix: use syck_base64_free() to fix Windows "Free to wrong pool" crash
       in base64 encode/decode buffers; also plugs a memory leak (PR #189)
     - Fix: clear type tag on blessed scalar alias early-return so the stale
       tag no longer leaks onto the next emitted item (GH #193, PR #194)
     - Fix: negative float#base60 values produce wrong results; strip sign
       before accumulating and avoid negative zero for portable
       stringification (PR #191)
     - Fix: prevent memory leaks when Load/LoadJSON croak on parse errors
       (PR #192)

     [Maintenance]
     - Test: add coverage for SortKeys and JSON MaxDepth (PR #188)
     - Test: add error handling coverage for LoadFile/DumpFile (PR #190)
     - Update README

    [149 lines not shown]
VersionDeltaFile
1.41+4-5textproc/p5-YAML-Syck/Makefile
1.23+4-4textproc/p5-YAML-Syck/distinfo
+8-92 files

NetBSD/pkgsrc YNUx6fPdoc CHANGES-2026

   doc: Updated www/p5-libwww to 6.83
VersionDeltaFile
1.2999+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc bcv3b1Ewww/p5-libwww distinfo Makefile

   p5-libwww: update to 6.83.

   6.83      2026-05-12 11:41:48Z
       - LWP::UserAgent now strips Authorization and Proxy-Authorization headers
         on cross-origin redirects (a different scheme, host, or port) to prevent
         credential leakage to the redirect target. Same-origin redirects retain
         credentials. Opt out with allow_credentialed_redirects => 1.
         CVE-2026-8368 reported by Kai Zen; PoC and initial patch by Stig
         Palmquist.
       - LWP::UserAgent now refuses https to http redirects by default to prevent
         leaking remaining request headers and bodies over plaintext. Opt in with
         allow_downgrade => 1. Related hardening alongside CVE-2026-8368; PoC by
         Stig Palmquist.
VersionDeltaFile
1.88+4-4www/p5-libwww/distinfo
1.151+2-2www/p5-libwww/Makefile
+6-62 files

NetBSD/pkgsrc DmLwdXndoc CHANGES-2026

   doc: Updated www/cgit to 1.3nb1
VersionDeltaFile
1.2998+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc cA05fhswww/cgit Makefile PLIST

   cgit: install man page

   While here, simplify package.

   Bump PKGREVISION.

   Fixes PR 60252.
VersionDeltaFile
1.15+23-16www/cgit/Makefile
1.3+17-1www/cgit/PLIST
+40-172 files

NetBSD/pkgsrc-wip e5a9a50cgit Makefile distinfo, cgit/patches patch-cgitrc patch-git-Makefile

Update www/cgit: Trying to solve: "pkg/60252: www/cgit: missing cgitrc(5) man page" for learning purposes...
DeltaFile
+72-0cgit/patches/patch-cgitrc
+69-0cgit/Makefile
+26-0cgit/patches/patch-git-Makefile
+15-0cgit/patches/patch-git_ci_run-test-slice.sh
+11-0cgit/distinfo
+9-0cgit/PLIST
+202-02 files not shown
+206-08 files

NetBSD/pkgsrc dar8v4Adoc CHANGES-2026

   doc: Updated games/greed to 5.0
VersionDeltaFile
1.2997+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc fnqtY3Fgames/greed Makefile DESCR

   greed: update to 5.0.

   Ported to Rust.
VersionDeltaFile
1.10+12-15games/greed/Makefile
1.2+6-2games/greed/DESCR
1.14+4-4games/greed/distinfo
1.2+0-0games/greed/PLIST
+22-214 files