NetBSD/pkgsrc 16upT9Rdoc CHANGES-2026

   Updated devel/glib2, devel/glib2-tools, devel/gdbus-codegen
VersionDeltaFile
1.2788+4-1doc/CHANGES-2026
+4-11 files

NetBSD/pkgsrc ntlg8X9devel/gdbus-codegen distinfo, devel/glib2 PLIST distinfo

   glib2 glib2-tools gdbus-codegen: updated to 2.88.1

   Overview of changes in GLib 2.88.1, 2026-05-02

   * Fix miscompilation with GCC 16 due to GLib’s use of the wrong function
     attribute (!5145, work by Sam James)

   * Fix flag confusion security issue when using `GRegex` with `G_REGEX_RAW` which
     can result in unbounded out-of-bounds heap reads off the start of a regex
     input string

   * Fix various minor (low severity) security issues, typically one-to-five-byte
     out-of-bounds reads or ones relying on
     very specific (and unlikely) API calls or ones relying on
     discouraged P2P D-Bus configurations (work by linhlhq)

   * Bugs fixed:
     - Buffer Over-read on GLib through glib/gvariant-
       serialiser.c:1253 via gvs_tuple_is_normal() (Philip Withnall)

    [47 lines not shown]
VersionDeltaFile
1.168+9-9devel/glib2/PLIST
1.61+4-4devel/gdbus-codegen/distinfo
1.346+4-4devel/glib2/distinfo
1.130+2-2devel/glib2/Makefile.common
1.315+1-2devel/glib2/Makefile
+20-215 files

NetBSD/pkgsrc azt5VAvdoc CHANGES-2026

   Updated net/wireshark, devel/libgsf
VersionDeltaFile
1.2787+3-1doc/CHANGES-2026
+3-11 files

NetBSD/pkgsrc jxbrIOydevel/libgsf distinfo Makefile

   libgsf: updated to 1.14.58

   1.14.58
   * Fix gsf_infile_msole_child_by_index
VersionDeltaFile
1.64+4-4devel/libgsf/distinfo
1.128+2-2devel/libgsf/Makefile
+6-62 files

NetBSD/pkgsrc jLcg2jOnet/wireshark distinfo PLIST

   wireshark: updated to 4.6.5

   4.6.5

   This release fixes quite a few vulnerabilities. This is due to to a recent trend in AI-assisted vulnerability reports.

   wnpa-sec-2026-08 Monero dissector crash. Issue 21066. CVE-2026-5409.

   wnpa-sec-2026-09 BT-DHT dissector crash. Issue 21067. CVE-2026-5408.

   wnpa-sec-2026-10 FC-SWILS dissector crash. Issue 21070. CVE-2026-5406.

   wnpa-sec-2026-11 SMB2 dissector infinite loop. Issue 21073. CVE-2026-5407.

   wnpa-sec-2026-12 ICMPv6 dissector crash. Issue 21077. CVE-2026-5299.

   wnpa-sec-2026-13 AFP dissector crash. Issue 21088. CVE-2026-5401.

   wnpa-sec-2026-14 TLS dissector crash and possible code execution. Issue 21090. CVE-2026-5402.

    [144 lines not shown]
VersionDeltaFile
1.191+4-4net/wireshark/distinfo
1.109+3-3net/wireshark/PLIST
1.347+2-2net/wireshark/Makefile
+9-93 files

NetBSD/pkgsrc 5VywyNZdoc CHANGES-2026

   Updated net/openvpn, net/haproxy
VersionDeltaFile
1.2786+3-1doc/CHANGES-2026
+3-11 files

NetBSD/pkgsrc 3z14pIVnet/haproxy distinfo Makefile

   haproxy: updated to 3.3.8

   3.3.8
   - BUG/MINOR: tcpcheck: Allow connection reuse without prior traffic
   - BUG/MINOR: ssl: fix memory leaks on realloc failure in ssl_ckch.c
   - BUG/MINOR: ssl: fix memory leaks on realloc failure in ssl_sock.c
   - DOC: config: Fix log-format example with last rule expressions
   - BUG/MINOR: ssl: fix double-free on failed realloc in ssl_sock.c
   - BUG/MINOR: tools: my_memspn/my_memcspn wrong cast causing incorrect byte reading
   - BUG/MINOR: tools: fix memory leak in indent_msg() on out of memory
   - BUG/MINOR: tools: free previously allocated strings on strdup failure in backup_env()
   - BUG/MINOR: sample: fix memory leak in check_when_cond() when ACL is not found
   - BUG/MINOR: sample: fix NULL strm dereference in sample_conv_when
   - BUG/MINOR: peers: fix logical "and" when checking for local in PEER_APP_ST_STARTING
   - BUG/MINOR: peers: fix wrong flag reported twice for dump_flags
   - CLEANUP: peers: fix a few user-visible spelling mistakes
   - BUG/MEDIUM: mux_h1: fix stack buffer overflow in h1_append_chunk_size()
   - BUG/MINOR: http_ana: use scf to report term_evts in http_wait_for_request()
   - BUILD: 51d: fix bool definition on dummy lib v4

    [12 lines not shown]
VersionDeltaFile
1.147+4-4net/haproxy/distinfo
1.155+2-2net/haproxy/Makefile
+6-62 files

NetBSD/pkgsrc tDyTENFnet/openvpn distinfo Makefile.common, net/openvpn-acct-wtmpx distinfo

   openvpn: updated to 2.7.4

   2.7.4

   configure: Remove --enable-strict
   GHA: Maintenance Update April 2026
   GHA: Add caching for vcpkg builds
   dns-scripts: Fix dnssec values in comments and Copyright statement format
   Fix pkgcs11 vcpkg port installing debug files on release builds
   Mbed TLS: Error out if we have no valid tls-groups
   dns: minimalist fix for dnssec setting
VersionDeltaFile
1.55+4-4net/openvpn-acct-wtmpx/distinfo
1.52+4-4net/openvpn-nagios/distinfo
1.80+4-4net/openvpn/distinfo
1.49+2-2net/openvpn/Makefile.common
+14-144 files

NetBSD/src 4cc06t5sys/uvm/pmap pmap.c

   Avoid NULL pointer de-ref in pmap_enter, and mark mdpp as
   VM_PAGEMD_REFERENCED as intended in the __HAVE_PMAP_PV_TRACK
   case.
VersionDeltaFile
1.91+3-3sys/uvm/pmap/pmap.c
+3-31 files

NetBSD/pkgsrc G9IlBp4misc/py-tmuxp Makefile

   ipy-tmupx: fix test target, add test status
VersionDeltaFile
1.4+6-1misc/py-tmuxp/Makefile
+6-11 files

NetBSD/pkgsrc FtVpQt0misc/py-tmuxp Makefile

   py-tmuxp: py-setuptools is not needed, remove

   Add some more test dependencies.
VersionDeltaFile
1.3+4-2misc/py-tmuxp/Makefile
+4-21 files

NetBSD/pkgsrc uESyXUKtextproc/ruby-actionpack-xml_parser Makefile

   Drop support for rails61.
VersionDeltaFile
1.6+2-2textproc/ruby-actionpack-xml_parser/Makefile
+2-21 files

NetBSD/pkgsrc Gq0UZzCmisc/py-tmuxp Makefile

   py-tmuxp: Add missed PyYAML dependency.  Bump PKGREVISION.
VersionDeltaFile
1.2+8-1misc/py-tmuxp/Makefile
+8-11 files

NetBSD/pkgsrc SLGqjAVdoc CHANGES-2026

   doc: Removed www/ruby-coffee-rails
VersionDeltaFile
1.2785+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc afjfyFVwww Makefile, www/ruby-coffee-rails Makefile PLIST

   www/ruby-coffee-rails: remove package

   Remove package towards coffee-script and rails61 retirement.
VersionDeltaFile
1.1916+1-2www/Makefile
1.6+1-1www/ruby-coffee-rails/Makefile
1.2+1-1www/ruby-coffee-rails/PLIST
1.5+1-1www/ruby-coffee-rails/distinfo
1.2+0-0www/ruby-coffee-rails/DESCR
+4-55 files

NetBSD/pkgsrc vZNLSQ9doc CHANGES-2026

   doc: Removed www/ruby-jekyll-coffeescript
VersionDeltaFile
1.2784+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc 5fqytNAwww Makefile, www/ruby-jekyll-coffeescript Makefile PLIST

   www/ruby-jekyll-coffeescript: remove package

   Remove package towards coffee-script retirement.
VersionDeltaFile
1.1915+1-2www/Makefile
1.5+1-1www/ruby-jekyll-coffeescript/Makefile
1.2+1-1www/ruby-jekyll-coffeescript/PLIST
1.8+1-1www/ruby-jekyll-coffeescript/distinfo
1.2+0-0www/ruby-jekyll-coffeescript/DESCR
+4-55 files

NetBSD/pkgsrc 6kxK1j8misc/sesh DESCR

   sesh: remove leading empty line
VersionDeltaFile
1.2+0-1misc/sesh/DESCR
+0-11 files

NetBSD/src HFpU31zsys/uvm uvm_pmap.h

   Revery previous -- mid-air collision.
VersionDeltaFile
1.48+3-3sys/uvm/uvm_pmap.h
+3-31 files

NetBSD/src Amy32hZsys/rump/librump/rumpkern vm.c, sys/uvm uvm_glue.c uvm_extern.h

   Hide pmap internals -- specifically, a call to pmap_resident_count() -- behind
   a proper functional API: uvm_resident_count().
VersionDeltaFile
1.183+13-2sys/uvm/uvm_glue.c
1.199+8-2sys/rump/librump/rumpkern/vm.c
1.238+3-3sys/uvm/uvm_extern.h
+24-73 files

NetBSD/src monQMI6sys/uvm uvm_pmap.h

   expose pmap_resident_count() same as pmap_update(), as rump tty needs it.
VersionDeltaFile
1.47+4-4sys/uvm/uvm_pmap.h
+4-41 files

NetBSD/src Ryq3jM6sys/uvm uvm_pmap.h

   Undo previous and instead fix it by ensuring that API surface is exposed
   for _RUMPKERNEL.
VersionDeltaFile
1.46+1-9sys/uvm/uvm_pmap.h
+1-91 files

NetBSD/src LDU8GrTsys/uvm uvm_pmap.h

   Partially revert previous to fix the builds.

   The UVM stats functions are used (apparently) by the RUMP
   "kernel", and need to be exposed as they were before, so
   for now, do that.

   Feel free to undo this, and fix the problem some other way.
VersionDeltaFile
1.45+9-1sys/uvm/uvm_pmap.h
+9-11 files

NetBSD/src ZD300Xrcommon/dist/zlib zutil.h

   No #include <userland.header> in KERNEL or STANDALONE

   This is another step towards fixing the builds.
VersionDeltaFile
1.10+5-3common/dist/zlib/zutil.h
+5-31 files

NetBSD/src 2THRpUtsys/uvm uvm_pmap.h

   Reduce the pmap API surface exposed to modules.  Of the ones that remain,
   you could argue that those shouldn't be exposed either, but our file
   system <-> pager interface is not that great, among other things, so
   they have to remain for now.
VersionDeltaFile
1.44+57-48sys/uvm/uvm_pmap.h
+57-481 files

NetBSD/src ifWbAVosys/dev/arcbios arcbios_calls.S

   arcbios: enable FPU around ARCS calls

   This seems required for the SGI O2 for PROM graphics console IO to work
   when it scrolls.  See PR port-sgimips/60204 for more details.

   The issue was introduced in v1.214 of sys/arch/mips/mips/locore.S .

   Notably maya@ disabled the FPU early in boot, expecting the rest of
   boot to run with the FPU disabled. The FPU is being explicitly
   enabled/disabled here to keep to the spirit of maya@'s above commit.

   A "better" solution would be to use the pcu API and mark the thread
   as needing the FPU for the duration of the arcbios call, however:

    * The current MIPS pcu FPU code in sys/arch/mips/mips/mips_fpu.c
      doesn't support FPU use in kernel yet; and
    * this stuff is called super early during boot and once the OS starts
      the ARCBIOS API is no longer supposed to be used.
VersionDeltaFile
1.7+31-2sys/dev/arcbios/arcbios_calls.S
+31-21 files

NetBSD/src IURZUtmexternal/cddl/osnet/dist/uts/common/fs/zfs arc.c zfs_vnops.c

   Adapt to thorpej@'s uvm_lwp_is_pagedaemon() change

   This is one step towards fixing the builds.
VersionDeltaFile
1.23+2-3external/cddl/osnet/dist/uts/common/fs/zfs/arc.c
1.100+2-2external/cddl/osnet/dist/uts/common/fs/zfs/zfs_vnops.c
+4-52 files

NetBSD/src s5LF160common/lib/libc/atomic atomic_cas_8_cas.c

   Fix include.
VersionDeltaFile
1.5+2-2common/lib/libc/atomic/atomic_cas_8_cas.c
+2-21 files

NetBSD/pkgsrc UKsdn4Adoc CHANGES-2026

   doc: Added misc/sesh version 2.26.1
VersionDeltaFile
1.2783+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc n5E4Xofmisc Makefile, misc/sesh distinfo go-modules.mk

   Add sesh
VersionDeltaFile
1.1+242-0misc/sesh/distinfo
1.1+81-0misc/sesh/go-modules.mk
1.1+25-0misc/sesh/Makefile
1.1+5-0misc/sesh/DESCR
1.678+2-1misc/Makefile
1.1+3-0misc/sesh/PLIST
+358-16 files