NetBSD/pkgsrc QtGoNLEdoc CHANGES-2026

   Note update of devel/userspace-rcu to 0.15.3nb1.
VersionDeltaFile
1.1834.2.1+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc FJIHThGdevel/userspace-rcu Makefile distinfo, devel/userspace-rcu/patches patch-src_urcu-call-rcu-impl.h

   devel/userspace-rcu: close memory leak.

   This was found by others (ISC + FreeBSD developers) during resolution of
   https://gitlab.isc.org/isc-projects/bind9/-/work_items/5528

   Bump PKGREVISION.
VersionDeltaFile
1.1+33-0devel/userspace-rcu/patches/patch-src_urcu-call-rcu-impl.h
1.20+2-8devel/userspace-rcu/Makefile
1.16+2-1devel/userspace-rcu/distinfo
+37-93 files

NetBSD/pkgsrc-wip a2f5703ed Makefile

ed: whitespace cleanup
DeltaFile
+0-2ed/Makefile
+0-21 files

NetBSD/pkgsrc-wip 5d09df9emacs-git Makefile

emacs-git: currently not make-jobs-safe
DeltaFile
+3-0emacs-git/Makefile
+3-01 files

NetBSD/pkgsrc wao8yH8doc CHANGES-2026

   doc: Updated www/p5-Mojolicious to 9.48
VersionDeltaFile
1.4473+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc elok5kswww/p5-Mojolicious distinfo Makefile

   p5-Mojolicious: update to 9.48.

   9.48  2026-07-14
     - Fixed a security issue where CSRF tokens were vulnerable to BREACH attacks. Tokens are now masked with a fresh
       random value on every request, instead of being reused for the whole lifetime of a session.

   9.47  2026-07-05
     - Added support for the QUERY HTTP request method from RFC 10008.
     - Added query and query_p methods to Mojo::UserAgent.
     - Added query method to Mojolicious::Routes::Route.
     - Added query method to Mojolicious::Lite.
     - Added query_ok method to Test::Mojo.
     - Fixed a security issue where the pure-Perl implementation of Mojo::JSON could exhaust all available memory when
       decoding deeply nested data. Decoding is now limited to 512 levels of nesting, to match the default of
       Cpanel::JSON::XS.
     - Fixed a memory leak in Morbo. (heikojansen)
     - Fixed Mojo::File::list_tree to no longer follow symbolic links to directories.

   9.46  2026-06-04

    [16 lines not shown]
VersionDeltaFile
1.144+4-4www/p5-Mojolicious/distinfo
1.160+3-3www/p5-Mojolicious/Makefile
+7-72 files

NetBSD/pkgsrc Xi3awOfdoc CHANGES-2026

   doc: Updated databases/p5-DBI to 1.651
VersionDeltaFile
1.4472+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc TNXY7prdatabases/p5-DBI distinfo Makefile

   p5-DBI: update to 1.651.

   1.651 - 2026-07-14, H.Merijn Brand & Robert Rothenberg
       * Fix inverted comparisons for strings in DBI::SQL::Nano  (CVE-2026-15043)
       * Document that IS NULL matches empty strings in DBI::SQL::Nano
       * Fix DBD::File to ensure that the table is not a symlink outside of f_dir (CVE-2026-15392)
       * Fix an out-of-bounds error when a statement handle has no fields but the source row is not empty (CVE-2026-60082)
       * Add an overridable upper bound $MAX_PATH_DEPTH for DBI::ProfileData (CVE-2026-60081)
       * *** WARNING: Next release will require perl-5.12 ***
VersionDeltaFile
1.63+4-4databases/p5-DBI/distinfo
1.99+2-2databases/p5-DBI/Makefile
+6-62 files

NetBSD/pkgsrc XPlI4tXdoc CHANGES-2026

   doc: Updated chat/toxic to 0.16.3
VersionDeltaFile
1.4471+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc beKrLoHchat/toxic distinfo Makefile

   toxic: update to 0.16.3

   ## Features
   - Added a run option (`-N`) that allows the use of custom DHT
     bootstrap lists
   - The Python API now supports groupchat commands

   ## Bug Fixes
   - The Python API /run command no longer segfaults and can now only be
     invoked on .py files
   - Fixed out of bounds pointer arithmetic in Python API
   - Python API registered scripts no longer segfault
   - Fixed some memory/file descriptor leaks in Python API

   ## Maintenance
   - Python API now builds with newer versions of Python3
   - Various improvements to Python API docs
VersionDeltaFile
1.3+4-4chat/toxic/distinfo
1.12+2-2chat/toxic/Makefile
+6-62 files

NetBSD/pkgsrc BrcZLvndoc CHANGES-2026

   doc: Updated audio/kew to 4.2.2
VersionDeltaFile
1.4470+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc apa5cg8audio/kew distinfo Makefile

   kew: update to 4.2.2

   - Clickable songs/folders.
     - Current not supported in pkgsrc
   - Scrollbar on lists.
   - Faster seek on long files.
   - Switched mp4 lib from minimp4 to libmp4 because Fedora doesn't accept the minimp4 license.
   - .Mp4 file support.
   - Always logs errors to ~/.local/state/kew/logs/error.log.
   - Fixed two bugs on windows, small images and resize crash.
   - Non-square covers are now correctly displayed.
   - Fixed regression bug that affected gapless playback introduced in 4.1.8.
   - Starts playing directories faster for people with big folders with unsorted files.
VersionDeltaFile
1.24+4-4audio/kew/distinfo
1.27+2-2audio/kew/Makefile
+6-62 files

NetBSD/src kTyeuSKsys/arch/virt68k/virt68k machdep.c

   Garbage-collect a few more includes, and remove a no-longer-true comment.
VersionDeltaFile
1.45+2-17sys/arch/virt68k/virt68k/machdep.c
+2-171 files

NetBSD/src tcnhGNesys/arch/arm/arm disksubr.c, sys/arch/evbmips/evbmips disksubr.c

   Now that bad144 handling is isolated to the places that care about it,
   garbage-collect it from all of the various machine-dependent files that
   have been cargo-culting it around needlessly for 20+ years.

   Version bump to 11.99.7 because this changes the size of struct cpu_disklabel
   on some platforms, and that structure is exposed in the module ABI.
VersionDeltaFile
1.20+4-44sys/arch/evbmips/evbmips/disksubr.c
1.40+4-42sys/arch/x68k/x68k/disksubr.c
1.20+2-44sys/arch/evbppc/evbppc/disksubr.c
1.5+2-43sys/arch/evbmips/sbmips/disksubr.c
1.23+2-43sys/arch/playstation2/playstation2/disksubr.c
1.28+2-43sys/arch/arm/arm/disksubr.c
+16-25932 files not shown
+66-66338 files

NetBSD/pkgsrc Tz8ikWYdoc CHANGES-2026

   Updated graphics/py-svglib, devel/py-urwid
VersionDeltaFile
1.4469+3-1doc/CHANGES-2026
+3-11 files

NetBSD/pkgsrc LJ7mQz7devel/py-urwid distinfo Makefile

   py-urwid: updated to 4.0.4

   Urwid 4.0.4

   New features

   * urwid.Colmns: re-calculate column_widths only if pack widgets changed

   Bug fixes

   * Fix IndexError in decompose_tagmarkup when a nested sublist is empty

   Documentation

   * Typing: partially annotate examples and fix annotations
   * urwid.WidgetContainerMixin: return use protocol base class
VersionDeltaFile
1.53+4-4devel/py-urwid/distinfo
1.65+2-2devel/py-urwid/Makefile
+6-62 files

NetBSD/pkgsrc jlSYXzbgraphics/py-svglib Makefile distinfo

   py-svglib: updated to 2.0.2

   2.0.2 (2026-06-18)

   Supply-chain hygiene release — no code changes.

   The 2.0.1 PyPI attestation was generated by a manual `workflow_dispatch` run
   from `refs/heads/main` that raced ahead of the release event. As a result the
   Sigstore certificate embedded in the PEP 740 attestation identified
   `refs/heads/main` as the source rather than `refs/tags/v2.0.1`, making it
   impossible to verify the package against the tagged commit. This release is
   published exclusively via the `release: [published]` trigger so the attestation
   identity is `refs/tags/v2.0.2`.

   2.0.1 (2026-06-17)

   Supply-chain hygiene release — no code changes.

   This release replaces 2.0.0, which was published directly with `uv publish`

    [26 lines not shown]
VersionDeltaFile
1.3+7-7graphics/py-svglib/Makefile
1.2+4-4graphics/py-svglib/distinfo
+11-112 files

NetBSD/pkgsrc Np7V604doc CHANGES-2026

   doc: Updated textproc/rumdl to 0.2.33
VersionDeltaFile
1.4468+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc HS4sinztextproc/rumdl distinfo Makefile

   rumdl: update to 0.2.33.

   0.2.33

   Fixed

       md044: stop flagging proper names inside bare URLs (5e9b51a)
       md040: recognize file-extension fence labels as known languages (686ba20)
       cli: replace unhelpful panic message with an actionable one (#717) (37ac880)
       reflow: re-search cached inline-math after a dollar sign (a30a4f9)
       reflow: support multiple backticks and optimize code span parsing (81944c5)
       md013: stop reflow from starting lines with block markers (eebd18b)

   Performance

       reflow: implement cached match lookups to prevent quadratic suffix scanning (1cc8d2b)

   0.2.32


    [11 lines not shown]
VersionDeltaFile
1.40+4-4textproc/rumdl/distinfo
1.42+2-2textproc/rumdl/Makefile
+6-62 files

NetBSD/pkgsrc ov0Xp6Olang/R-RcppTOML Makefile distinfo, lang/R-RcppTOML/patches patch-src_Makevars

   (lang/R-RcppTOML) Fix build on Darwin and hopefully on Linux
VersionDeltaFile
1.3+12-3lang/R-RcppTOML/Makefile
1.2+3-10lang/R-RcppTOML/patches/patch-src_Makevars
1.3+2-2lang/R-RcppTOML/distinfo
+17-153 files

NetBSD/pkgsrc 6XrtjbJdoc CHANGES-2026

   doc: Updated textproc/xan to 0.60.0
VersionDeltaFile
1.4467+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc 5kU64xhtextproc/xan PLIST distinfo

   textproc/xan: update to 0.60.0

   Breaking

       Renaming xan from --path to --root.
       Renaming xan separate -T/--txt to -L/--lines.

   Features

       Adding xan count -c/--check-alignment & -H/--human-readable.
       Adding xan sort -e -z/--compress.
       Adding xan sample -g -S/--sorted.
       Adding xan from -f=(json|ndjson) --model.
       Adding xan cat rows -I/--intersection & -U/--union.
       Adding xan top -g -S/--sorted.
       Adding the sort, dedup, flatten & flat_map moonblade function.
       Adding support for list & map columns when using xan from -f=parquet.

   Fixes

    [16 lines not shown]
VersionDeltaFile
1.9+13-0textproc/xan/PLIST
1.12+4-4textproc/xan/distinfo
1.12+2-2textproc/xan/Makefile
1.12+0-0textproc/xan/cargo-depends.mk
+19-64 files

NetBSD/pkgsrc quQEr3Qdoc CHANGES-2026

   doc: Updated misc/tui-journal to 0.17.0
VersionDeltaFile
1.4466+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc JpQvPj7misc/tui-journal distinfo cargo-depends.mk

   misc/tui-journal: update to 0.17.0

   Added

       Provide Linux ARM64 release binaries

   Changed

       Return focus to the entries list when pressing Escape in the editor's normal mode
       Improve JSON backend performance when assigning entry IDs and priorities
       Rename misspelled theme cursor keys while retaining compatibility with existing themes
       Use unique temporary files when opening entries in an external editor
       Add operation and path context to backend I/O errors
       Increase the minimum supported Rust version to 1.92.0
       Switch release automation to tag-based releases and remove Aeruginous changelog tooling
       Stop publishing Intel macOS release binaries

   Fixed

       Preserve an entry's original ID when undoing its deletion
VersionDeltaFile
1.33+610-634misc/tui-journal/distinfo
1.33+202-210misc/tui-journal/cargo-depends.mk
1.37+3-3misc/tui-journal/Makefile
+815-8473 files

NetBSD/pkgsrc CYSdp3jdoc CHANGES-2026

   doc: Updated net/xfr to 0.9.21
VersionDeltaFile
1.4465+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc yXLaMvinet/xfr distinfo cargo-depends.mk

   net/xfr: update to 0.9.21

   What's Changed

       fix(tcp): resume partial regular writes and zero-copy sends from correct offset by @lance0 in #113
       fix(server): clean up active test entry and metrics on abort/cancel/error by @lance0 in #114
       fix(server,stats,diff): aggregate final TCP info, round RTT averages, flag zero-baseline regressions by @lance0 in #115
       fix(output,ci,install): harden output and release paths by @lance0 in #116
       fix(auth,serve,cli): LAN-158 + LAN-171 security hardening by @lance0 in #117
       fix(protocol,probe,net): LAN-167 + LAN-168 protocol/probe validation by @lance0 in #118
       fix(tui,config,main): LAN-163 + LAN-173 TUI/preset polish by @lance0 in #119
       fix(misc): LAN-172 low-risk cleanups batch by @lance0 in #120
       fix(protocol,tcp): harden version and receive teardown by @lance0 in #121
       chore(tests): clean stale rate-limit timeout comment by @lance0 in #122
       Bump actions/checkout from 6 to 7 by @dependabot[bot] in #109
       Bump actions/cache from 5 to 6 by @dependabot[bot] in #111
       Bump the rust-dependencies group across 1 directory with 6 updates by @dependabot[bot] in #112
       fix: address post-release review regressions by @lance0 in #123
       fix: LAN-161 pause channel closure busy-loop and unawaited QUIC tasks by @lance0 in #124

    [7 lines not shown]
VersionDeltaFile
1.16+100-64net/xfr/distinfo
1.16+32-20net/xfr/cargo-depends.mk
1.16+2-2net/xfr/Makefile
+134-863 files

NetBSD/pkgsrc FLxzG8sdoc CHANGES-2026

   doc: Updated net/ttl to 0.21.0
VersionDeltaFile
1.4464+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc CNueg6Wnet/ttl distinfo cargo-depends.mk

   net/ttl: update to 0.21.0

   v0.21.0
   What's Changed

       ci: harden workflow coverage and automation by @lance0 in #120
       feat(update): allow disabling the update check (#110) by @lance0 in #122

   v0.20.2
   What's Changed

       Bump docker/setup-buildx-action from 3 to 4 by @dependabot[bot] in #86
       Bump docker/metadata-action from 5 to 6 by @dependabot[bot] in #87
       Bump docker/setup-qemu-action from 3 to 4 by @dependabot[bot] in #88
       Bump docker/login-action from 3 to 4 by @dependabot[bot] in #89
       Bump docker/build-push-action from 6 to 7 by @dependabot[bot] in #90
       fix: PMTUD correlation, lock ordering, and enrichment dedup by @lance0 in #104
       fix: harden unsafe socket code against alignment UB and bad cmsg by @lance0 in #102
       fix: harden CLI validation against panics and port overflow by @lance0 in #99

    [17 lines not shown]
VersionDeltaFile
1.6+16-16net/ttl/distinfo
1.6+4-4net/ttl/cargo-depends.mk
1.6+2-2net/ttl/Makefile
+22-223 files

NetBSD/pkgsrc YxmffkKdoc CHANGES-2026

   doc: Updated net/piratebay to 0.4.1
VersionDeltaFile
1.4463+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc qmWIOJ2net/piratebay distinfo cargo-depends.mk, net/piratebay/patches patch-.._vendor_mio-0.8.11_src_sys_unix_selector_kqueue.rs

   net/piratebay: update to 0.4.1

   v0.4.1

   No Changelog provided.

   v0.4.0
   What's Changed

       feat: add ratatui TUI with search, categories, download and magnet copy by @tsirysndr in #21

   v0.3.0
   What's Changed

       feat: add pure-rust torrent download with streaming by @tsirysndr in #18
VersionDeltaFile
1.10+664-182net/piratebay/distinfo
1.9+220-59net/piratebay/cargo-depends.mk
1.13+2-2net/piratebay/Makefile
1.2+1-1net/piratebay/patches/patch-.._vendor_mio-0.8.11_src_sys_unix_selector_kqueue.rs
+887-2444 files