NetBSD/pkgsrc-wip 162e714py-keras TODO

py-keras: Add reference to CVE-2026-12481
DeltaFile
+1-1py-keras/TODO
+1-11 files

NetBSD/pkgsrc-wip b831440zmap PLIST Makefile, zmap/patches patch-src_CMakeLists.txt patch-src_get__gateway-bsd.h

zmap: update to 4.4.0
DeltaFile
+26-9zmap/patches/patch-src_CMakeLists.txt
+18-0zmap/patches/patch-src_get__gateway-bsd.h
+17-0zmap/patches/patch-lib_logger.h
+10-2zmap/PLIST
+8-3zmap/Makefile
+6-4zmap/distinfo
+85-181 files not shown
+92-187 files

NetBSD/src LBmHHmvsys/net bpfjit.c, tests/lib/libbpfjit t_bpfjit.c

   Increase size of bpfjit interal stack, follow bpf_validate() closely.

   Increase a size of M[] array allocated on the stack by bpfjit.

   When bpf_validate() fails, bpfjit now fails too:
    - Fail to validate/compile BVF_DIV+BPF_K and BPF_MOD+BPF_K with K=0.
    - Fail unless the last instruction is BPF_RET+BPF_A or BPF_RET+BPF_K.

   If a program contains additional BPF_RET instructions, it is accepted
   by bpf_validate() and it compiles fine by bpfjit but both bpf_filter()
   and bpfjit reject it (return 0) at runtime.

   Adjust existing bpfjit test to follow the changes, add new tests.
VersionDeltaFile
1.16+187-35tests/lib/libbpfjit/t_bpfjit.c
1.13+204-18tests/net/bpfjit/t_bpfjit.c
1.49+30-20sys/net/bpfjit.c
+421-733 files

NetBSD/pkgsrc-wip 8536552sftpgo distinfo go-modules.mk

sftpgo: update to 2.7.4
DeltaFile
+291-291sftpgo/distinfo
+96-96sftpgo/go-modules.mk
+1-1sftpgo/Makefile
+388-3883 files

NetBSD/pkgsrc-wip 3b68e16chromium distinfo, chromium/patches patch-net_base_network__change__notifier.h patch-net_base_network__change__notifier.cc

chromium: fix build
DeltaFile
+35-36chromium/distinfo
+0-35chromium/patches/patch-net_base_network__change__notifier.h
+0-18chromium/patches/patch-net_base_network__change__notifier.cc
+0-9chromium/patches/patch-net_base_features.cc
+1-1chromium/patches/patch-build_toolchain_netbsd_BUILD.gn
+1-1chromium/patches/patch-build_toolchain_openbsd_BUILD.gn
+37-10031 files not shown
+68-13137 files

NetBSD/pkgsrc-wip 1e5899atinyssh Makefile PLIST, tinyssh/patches patch-Makefile

tinyssh: update to 20260601, tested with tcpserver
DeltaFile
+27-0tinyssh/patches/patch-Makefile
+3-8tinyssh/Makefile
+4-3tinyssh/PLIST
+4-3tinyssh/distinfo
+38-144 files

NetBSD/src Jnkpwffsys/arch/m68k/conf files.m68k

   defflag M68K_MMU_CUSTOM.  Checks for this were added a while ago, but
   the defflag was missed.  It's not expected to be used directly by
   configus, but is there as something other MMU options can add as a
   dependency.
VersionDeltaFile
1.75+2-1sys/arch/m68k/conf/files.m68k
+2-11 files

NetBSD/pkgsrc 8J8WSJFmail/roundcube-plugin-password distinfo

   mail/roundcube-plugin-password: update distinfo

   Forgot to update distinfo.
VersionDeltaFile
1.47+4-4mail/roundcube-plugin-password/distinfo
+4-41 files

NetBSD/pkgsrc OiAeduPdoc CHANGES-2026

   doc: Update mail/roundcube and related pacakges to 1.6.17

        mail/roundcube
        mail/roundcube-plugin-enigma
        mail/roundcube-plugin-password
        mail/roundcube-plugin-zipdownload
VersionDeltaFile
1.4254+5-1doc/CHANGES-2026
+5-11 files

NetBSD/pkgsrc JblHvqbmail/roundcube PLIST distinfo, mail/roundcube-plugin-enigma PLIST

   mail/roundcube: update to 1.6.17

   1.6.17 (2026-07-05)

   * Enigma: Support automatic public key lookup (import) using HKP v1 protocol
     (#5314)

   * Enigma: Kolab WOAT Support (#8626)

   * Security: Fix an infinite loop in TNEF (winmail.dat) decoder (#10193)

   * Security: Fix various vulnerabilities in the password plugin using
     session-injected username

   * Security: Fix stored XSS via unescaped attachment MIME type on the
     attachment-validation warning page [CVE-2026-54432]

   * Security: Fix SSRF bypass via specific local address URLs - two new cases


    [5 lines not shown]
VersionDeltaFile
1.61+18-1mail/roundcube/PLIST
1.102+4-4mail/roundcube/distinfo
1.45+2-2mail/roundcube/Makefile.common
1.7+2-1mail/roundcube-plugin-enigma/PLIST
+26-84 files

NetBSD/pkgsrc-wip cdbfcf7ap-modsecurity2 COMMIT_MSG TODO

ap-modsecurity2: Final cleaning, old patches are not needed, already incorporate into upstream source
DeltaFile
+1-1ap-modsecurity2/COMMIT_MSG
+0-2ap-modsecurity2/TODO
+1-32 files

NetBSD/src 6qAFEjEsys/opencrypto cryptodev.c cryptosoft.c

   opencrypto(9): Sprinkle SET_ERROR dtrace probes.
VersionDeltaFile
1.135+80-79sys/opencrypto/cryptodev.c
1.69+39-38sys/opencrypto/cryptosoft.c
1.135+16-15sys/opencrypto/crypto.c
1.32+16-15sys/opencrypto/cryptosoft_xform.c
1.21+7-6sys/opencrypto/ocryptodev.c
1.4+5-4sys/opencrypto/compat_crypto_50.c
+163-1576 files

NetBSD/src WDN8Es6sys/opencrypto cryptodev.c ocryptodev.c

   opencrypto(9): Sort includes and nix trailing whitespace.

   No functional change intended.
VersionDeltaFile
1.134+44-43sys/opencrypto/cryptodev.c
1.20+17-16sys/opencrypto/ocryptodev.c
1.134+14-13sys/opencrypto/crypto.c
1.7+13-10sys/opencrypto/ocryptodev.h
1.68+8-7sys/opencrypto/cryptosoft.c
1.54+7-8sys/opencrypto/cryptodev.h
+103-978 files not shown
+142-11814 files

NetBSD/pkgsrc hQSCnP5geography/R-raster/files Makevars

   (graphics/R-rasters) Add missing files/Makevars
VersionDeltaFile
1.1+1-0geography/R-raster/files/Makevars
+1-01 files

NetBSD/pkgsrc MQQaqY3graphics/R-interp Makefile

   (graphics/R-interp) Fix build on Darwin, hopefully
VersionDeltaFile
1.4+2-2graphics/R-interp/Makefile
+2-21 files

NetBSD/pkgsrc aOp5YsJwww/R-httpuv Makefile

   (www/R-httpuv) Fix build on Darwin,Linux, hopefully
VersionDeltaFile
1.14+2-2www/R-httpuv/Makefile
+2-21 files

NetBSD/pkgsrc H6u5uWMnet/bftpd distinfo, net/bftpd/patches patch-login.c

   net/bftpd: Add patch from upstream for Darwin/Apple
VersionDeltaFile
1.1+15-0net/bftpd/patches/patch-login.c
1.22+2-1net/bftpd/distinfo
+17-12 files

NetBSD/src kr8WuBZdoc CHANGES-11.0

   Ticket #371
VersionDeltaFile
1.1.2.123+10-1doc/CHANGES-11.0
+10-11 files

NetBSD/src xfzxAK3usr.sbin/sysinst util.c run.c

   Pull up following revision(s) (requested by gson in ticket #371):

        usr.sbin/sysinst/run.c: revision 1.17
        usr.sbin/sysinst/defs.h: revision 1.98
        usr.sbin/sysinst/util.c: revision 1.85
        usr.sbin/sysinst/main.c: revision 1.39

   Make sysinst intercept kernel console messages using TIOCCONS at all
   times, not just when running an external command, and discard those
   that occur when not running an external command so that they don't
   mess up the display when running sysinst on the console.  Fixes
   PR install/54932.
VersionDeltaFile
1.77.4.6+48-1usr.sbin/sysinst/util.c
1.16.2.1+3-16usr.sbin/sysinst/run.c
1.34.2.3+4-1usr.sbin/sysinst/main.c
1.94.2.3+3-1usr.sbin/sysinst/defs.h
+58-194 files

NetBSD/pkgsrc l69V3uNmath/R-minqa Makefile distinfo, math/R-minqa/patches patch-src_Makevars

   (math/R-minqa) Fix build on Darwin,Linux, hopefully
VersionDeltaFile
1.9+12-3math/R-minqa/Makefile
1.2+3-10math/R-minqa/patches/patch-src_Makevars
1.9+2-2math/R-minqa/distinfo
+17-153 files

NetBSD/pkgsrc RHpL7fJmath/R-RcppArmadillo Makefile distinfo, math/R-RcppArmadillo/patches patch-src_Makevars.in

   (math/R-RcppArmadillo) Fix build on Darwin,Linux, hopefully
VersionDeltaFile
1.12+12-3math/R-RcppArmadillo/Makefile
1.2+3-9math/R-RcppArmadillo/patches/patch-src_Makevars.in
1.12+2-2math/R-RcppArmadillo/distinfo
+17-143 files

NetBSD/pkgsrc XkTPjFudoc CHANGES-2026

   doc: Updated geography/qgis to 3.44.12
VersionDeltaFile
1.4253+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc x8O4G2Bgeography/qgis distinfo Makefile

   geography/qgis: Update to 3.44.12

   Upstream NEWS: micro release
VersionDeltaFile
1.93+4-4geography/qgis/distinfo
1.277+2-3geography/qgis/Makefile
+6-72 files

NetBSD/pkgsrc xmS3LW0doc CHANGES-2026

   Updated devel/nasm, audio/suil
VersionDeltaFile
1.4252+3-1doc/CHANGES-2026
+3-11 files

NetBSD/pkgsrc y4FUWIgaudio/suil Makefile PLIST

   suil: updated to 0.10.26

   suil (0.10.26) stable; urgency=medium

     * Add clang nullability annotations
     * Address new warnings in clang and clang-tidy 21
     * Fix documentation build without sphinx_lv2_theme

    -- David Robillard <d at drobilla.net>  Tue, 10 Feb 2026 19:50:45 +0000

   suil (0.10.24) stable; urgency=medium

     * Add header warnings test
     * Avoid over-use of yielding meson options

    -- David Robillard <d at drobilla.net>  Wed, 12 Nov 2025 19:20:37 +0000

   suil (0.10.22) stable; urgency=medium


    [15 lines not shown]
VersionDeltaFile
1.45+15-14audio/suil/Makefile
1.4+21-3audio/suil/PLIST
1.10+4-4audio/suil/distinfo
+40-213 files

NetBSD/pkgsrc LNKCssndevel/nasm distinfo Makefile, devel/nasm/patches patch-include_compiler.h patch-doc_Makefile.in

   nasm: updated to 3.0.2

   3.02

   Fix build problems on C23 compilers using a pre-C23 version of <stdbool.h> which defines bool as a macro in violation of the C23 specification.

   The immediate form of the JMPE instruction (opcode 0F B8) has been changed to an absolute address, as in the Itanium Architecture Software Developer's Manual, version 2.3, Volume 4, page 4:249. Hopefully this won't break whatever virtual environments use JMPE, but it is the closest thing there is to an official specification for this opcode.

   Being an absolute address, treat it equivalent to a FAR jump and do not default to 64 bits in 64-bit mode.

   That JMPE has apparently been wrong all these years is probably as good of a hint as any how much it has been actually used, but it does have the possibility of breaking virtual environments. In that case, please file a bug report to https://bugs.nasm.us with details about the virtual environment, and we will figure out a suitable solution.

   Various build fixes. Fix the documentation not building on MacOS because of the cp utility lacking -u there. Also fix not building generally due to wrong link formatting. Another fix was a typo in compiler.h related to a C++ check.

   Corrections to assembling encodings:

   Fix CMP allowing LOCK which is illegal.

   Correct multiple AVX512 instructions such as VCVTSD2SI, VCVTSD2USI, VCVTSS2SI, VCVTSS2USI, VCVTTSD2SI, VCVTTSD2USI, VCVTTSS2SI, VCVTTSS2USI, VGETEXPSH, VGETMANTSH, MOVDDUP, VMOVDDUP.

    [56 lines not shown]
VersionDeltaFile
1.4+3-25devel/nasm/patches/patch-include_compiler.h
1.6+2-11devel/nasm/patches/patch-doc_Makefile.in
1.41+6-6devel/nasm/distinfo
1.74+4-6devel/nasm/Makefile
+15-484 files

NetBSD/pkgsrc qMBxpWkdoc CHANGES-2026 TODO

   doc: Updated textproc/enchant2 to 2.8.18
VersionDeltaFile
1.4251+2-1doc/CHANGES-2026
1.27529+1-2doc/TODO
+3-32 files

NetBSD/pkgsrc LFCrTu3textproc/enchant2 distinfo Makefile

   enchant2: update to 2.8.18.

   2.8.18 (July 4, 2026)
   ---------------------

   This release fixes compatibility with the latest Vala compiler, version
   0.56.19. The problem was Enchant’s fault; the change in behaviour by valac,
   of returning different values for some return types when a method
   precondition failed, was fine. The Enchant code was allowing these checks to
   fail rather than validating arguments. Manual validation has been added for
   most arguments, except the “self” argument for “method calls”, which is
   usually the argument in first position, e.g. the EnchantBroker pointer
   argument to all enchant_broker_* APIs. Applications can call
   `g_log_set_always_fatal(G_LOG_LEVEL_CRITICAL)` or equivalent to make these
   tests cause an assertion failure; otherwise, critical errors will be logged,
   and in some cases a different value will be returned by the API from that
   previously returned. I have not changed the major version of the library,
   since the return code in such cases was always undocumented: the APIs
   require non-NULL pointers.

    [24 lines not shown]
VersionDeltaFile
1.42+4-4textproc/enchant2/distinfo
1.58+3-4textproc/enchant2/Makefile
+7-82 files

NetBSD/pkgsrc 41zd6dNdoc CHANGES-2026 TODO

   doc: Updated sysutils/hwdata to 0.409
VersionDeltaFile
1.4250+2-1doc/CHANGES-2026
1.27528+1-2doc/TODO
+3-32 files

NetBSD/pkgsrc na4XZVDsysutils/hwdata distinfo Makefile

   hwdata: update to 0.409.

   Hardware updates.
VersionDeltaFile
1.17+4-4sysutils/hwdata/distinfo
1.19+2-2sysutils/hwdata/Makefile
+6-62 files