libcares: update to 1.34.6.
This is a security release.
Security:
* CVE-2025-62408. A use-after-free bug has been uncovered in read_answers() that
was introduced in v1.32.3. Please see https://github.com/c-ares/c-ares/security/advisories/GHSA-jq53-42q6-pqr5
Changes:
* Ignore Windows IDN Search Domains until proper IDN support is added.
Bugfixes:
* Event Thread could stall when not notified of new queries on existing
connections that are in a bad state
* fix conversion of invalid service to port number in ares_getaddrinfo()
* fix memory leak in ares_uri
* Ignore ares_event_configchg_init failures
* Use XOR for random seed generation on fallback logic.
* Fix clang build on windows.
[2 lines not shown]
wii: Add support for GameCube controller sockets.
A new driver is introduced for the Serial Interface that exposes the four
GameCube controller sockets as uhid(4) devices. The report format and HID
usages of these devices attempts to mimic the official USB GameCube
controller adapter.
wii$ usbhidctl -f /dev/uhid0 -r
Report descriptor:
Collection page=Generic_Desktop usage=Game_Pad
Input size=1 count=1 page=Button usage=Button_3, logical range 0..1
Input size=1 count=1 page=Button usage=Button_1, logical range 0..1
Input size=1 count=1 page=Button usage=Button_2, logical range 0..1
Input size=1 count=1 page=Button usage=Button_4, logical range 0..1
Input size=1 count=1 page=Button usage=Button_11, logical range 0..1
Input size=1 count=1 page=Button usage=Button_12, logical range 0..1
Input size=1 count=1 page=Button usage=Button_10, logical range 0..1
Input size=1 count=1 page=Button usage=Button_9, logical range 0..1
Input size=1 count=1 page=Button usage=Button_8, logical range 0..1
[16 lines not shown]
py-orjson: updated to 3.11.5
3.11.5 - 2025-12-06
Changed
- Show simple error message instead of traceback when attempting to
build on unsupported Python versions.
adguardhome: updated to 0.107.71
0.107.71
As it turns out, our changes to optimistic DNS cache in the previous update
were a little too optimistic, and we’ve broken it a little bit in the process.
This hotfix brings everything back to normal, and, as a bonus, we’re adding new
settings for users to manually set the upper age limit and TTL for optimistic
cache’s stale answers.
Changed
Stale records in optimistic DNS cache now have an upper age limit controlled by
dns.cache_optimistic_max_age. The default value is 12 hours.
TTL for stale answers from optimistic DNS cache is now controlled by
dns.cache_optimistic_answer_ttl. The default value is 30 seconds.
py-modulegraph: updated to 0.19.7
Version 0.19.7
* Add support for Python 3.13 and 3.14
* Don't use ``pkg_resources`` unless ``importlib`` is not available
Note that this requires using Python 3.8 or later, on older
version please ensure that a version of *setuptools* older than
November 2025.
librsvg: updated to 2.60.1
Version 2.60.1
==============
librsvg crate version 2.60.1
librsvg-rebind crate version 0.1.0
This is a security release for RUSTSEC-2024-0421, RUSTSEC-2024-0404,
and GHSA-c827-hfw6-qwvm (CVE-2024-43806).
Note that even in unpatched releases, librsvg disallows references to
external URLs that do not have a file:// method, so http/https URLs
are rejected.
The Minimum Supported Rust Version has unfortunately had to be raised
to Rust 1.85.0, to accomodate the updated chains of dependencies.
[7 lines not shown]
Update distinfo and PLIST
With this it builds and runs on NetBSD 10, amd64:
```
/usr/pkgsrc/wip/ledger * master $ ledger
Ledger 3.4.1-20251025, the command-line accounting tool
without support for gpg encrypted journals and with Python support
Copyright (c) 2003-2025, John Wiegley. All rights reserved.
This program is made available under the terms of the BSD Public License.
See LICENSE file included with the distribution for details and disclaimer.
Error: No journal file was specified (please use -f)
```
