NetBSD/pkgsrc-wip e09f6d1R PLIST distinfo, R/patches patch-configure.ac

(math/R) updated 4.5.3 to 4.6.0
DeltaFile
+29-6R/PLIST
+16-7R/patches/patch-configure.ac
+4-4R/distinfo
+2-1R/Makefile
+51-184 files

NetBSD/pkgsrc ykSodgvdoc CHANGES-2026

   doc: Updated math/R to 4.5.3
VersionDeltaFile
1.3007+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc 9PDztGJmath/R distinfo Makefile

   (math/R) Updated 4.5.2 to 4.5.3, another update may follow,:

   CHANGES IN R 4.5.3:

     UTILITIES:

       * tools/fetch-recommended can be used instead of
         tools/rsync-recommended to fetch recommended packages into R
         sources using curl on systems without rsync or behind firewalls.

     PACKAGE INSTALLATION:

       * C++ standard specifications (CXX_STD = in src/Makevars* and in
         the SystemRequirements field of the DESCRIPTION file) are now
         checked more thoroughly.  Invalid values are still ignored but
         now give a warning, as do contradictory specifications.

       * (Preliminary) support for C++26 has been extended to Windows.


    [51 lines not shown]
VersionDeltaFile
1.117+4-4math/R/distinfo
1.283+4-3math/R/Makefile
1.46+2-1math/R/PLIST
+10-83 files

NetBSD/pkgsrc-wip 64568ccspirv-tools PLIST Makefile, spirv-tools/patches patch-source_opt_decoration__manager.cpp

Import parallel/spirv-tools
DeltaFile
+46-0spirv-tools/PLIST
+32-0spirv-tools/Makefile
+24-0spirv-tools/buildlink3.mk
+17-0spirv-tools/patches/patch-source_opt_decoration__manager.cpp
+9-0spirv-tools/DESCR
+6-0spirv-tools/distinfo
+134-01 files not shown
+135-07 files

NetBSD/pkgsrc-wip 13e01fb. Makefile, spirv-headers PLIST Makefile

Import parallel/spirv-headers
DeltaFile
+81-0spirv-headers/PLIST
+22-0spirv-headers/Makefile
+13-0spirv-headers/buildlink3.mk
+8-0spirv-headers/DESCR
+5-0spirv-headers/distinfo
+1-0Makefile
+130-06 files

NetBSD/pkgsrc-wip 19b4b30vulkan-tools Makefile distinfo, vulkan-tools/patches patch-cube_cube.cpp patch-cube_cube.c

Import graphics/vulkan-tools
DeltaFile
+53-0vulkan-tools/patches/patch-cube_cube.cpp
+53-0vulkan-tools/patches/patch-cube_cube.c
+22-0vulkan-tools/Makefile
+7-0vulkan-tools/distinfo
+4-0vulkan-tools/PLIST
+2-0vulkan-tools/DESCR
+141-01 files not shown
+142-07 files

NetBSD/pkgsrc-wip fae6673. Makefile, vulkan-loader Makefile buildlink3.mk

Import graphics/vulkan-loader
DeltaFile
+38-0vulkan-loader/Makefile
+16-0vulkan-loader/buildlink3.mk
+8-0vulkan-loader/PLIST
+5-0vulkan-loader/distinfo
+1-0vulkan-loader/DESCR
+1-0Makefile
+69-06 files

NetBSD/pkgsrc-wip cc007ffvulkan-headers PLIST Makefile

Import graphics/vulkan-headers
DeltaFile
+67-0vulkan-headers/PLIST
+29-0vulkan-headers/Makefile
+22-0vulkan-headers/buildlink3.mk
+14-0vulkan-headers/Makefile.common
+5-0vulkan-headers/distinfo
+1-0vulkan-headers/DESCR
+138-01 files not shown
+139-07 files

NetBSD/pkgsrc-wip 4402580. Makefile, glslang PLIST Makefile

Import graphics/glslang
DeltaFile
+27-0glslang/PLIST
+20-0glslang/Makefile
+13-0glslang/buildlink3.mk
+12-0glslang/DESCR
+5-0glslang/distinfo
+1-0Makefile
+78-06 files

NetBSD/pkgsrc Y1NX9GCmail/mu distinfo, mail/mu/patches patch-lib_utils_mu-sexp.cc patch-lib_utils_mu-html-to-text.cc

   mu: found another ctype(3) issue...
VersionDeltaFile
1.1+32-0mail/mu/patches/patch-lib_utils_mu-sexp.cc
1.2+11-2mail/mu/patches/patch-lib_utils_mu-html-to-text.cc
1.18+3-2mail/mu/distinfo
+46-43 files

NetBSD/pkgsrc mnYNtU3sysutils/gvfs hacks.mk distinfo

   sysutils/gvfs: fix broken gvfs binary (missing shared object)
VersionDeltaFile
1.2+6-1sysutils/gvfs/hacks.mk
1.29+2-2sysutils/gvfs/distinfo
1.144+2-1sysutils/gvfs/Makefile
+10-43 files

NetBSD/pkgsrc E0Bl6Qnmail/mu distinfo, mail/mu/patches patch-lib_message_mu-labels.cc patch-lib_message_mu-message-part.cc

   mu: found more ctype bugs
VersionDeltaFile
1.1+20-0mail/mu/patches/patch-lib_message_mu-labels.cc
1.1+15-0mail/mu/patches/patch-lib_message_mu-message-part.cc
1.1+15-0mail/mu/patches/patch-lib_mu-query-processor.cc
1.1+15-0mail/mu/patches/patch-lib_utils_mu-utils.cc
1.17+5-1mail/mu/distinfo
+70-15 files

NetBSD/pkgsrc VqNbhmwmail/mu distinfo, mail/mu/patches patch-lib_utils_mu-html-to-text.cc

   mu: fixed ctype(3) issue
VersionDeltaFile
1.1+24-0mail/mu/patches/patch-lib_utils_mu-html-to-text.cc
1.16+2-1mail/mu/distinfo
+26-12 files

NetBSD/src wXg55Ofexternal/public-domain/tz tzdata2netbsd

   Restore line whose content vanished in previous

   Somehow in the previous version, the content of one line was
   removed, leaving just the indentation tabs... restore that line.

   While here, and inspired by that line remnant, check for trailing
   whitespace, and obliterate all of it that is unintentional (there
   is one space in an EDIT_ME in a here-doc which is intended).

   Also, in the rarely used "zones added"/"zones removed" commit message,
   for the set lists, add some vertical white space before the listings
   of any zones added or removed (happens so rarely, I'm not sure that
   code has ever been used).
VersionDeltaFile
1.19+8-8external/public-domain/tz/tzdata2netbsd
+8-81 files

NetBSD/pkgsrc-wip b4cddd5unifi8 PLIST Makefile, unifi8/patches patch-snappy-java-1.0.5.4_Makefile

Remove unif{8,9}

They both have serious CVEs and are no longer supported.

unifi10 is supported, wip & pkgsrc has been updated to a version with the
(known) security issues fixed, and it should be supported on any platform
which can run unifi8 or 9
DeltaFile
+0-6,635unifi8/PLIST
+0-5,675unifi9/PLIST
+0-119unifi8/Makefile
+0-118unifi9/Makefile
+0-28unifi8/patches/patch-snappy-java-1.0.5.4_Makefile
+0-28unifi9/patches/patch-snappy-java-1.0.5.4_Makefile
+0-12,60320 files not shown
+0-12,80326 files

NetBSD/pkgsrc-wip 23e1681unifi10 distinfo Makefile

unfi: Adjust NetBSD keywords to pkgsrc - no other change
DeltaFile
+1-1unifi10/distinfo
+1-1unifi10/Makefile
+1-1unifi10/PLIST
+3-33 files

NetBSD/src CiLfgUNshare/misc acronyms.comp

   +CWE  common weakness enumeration
VersionDeltaFile
1.424+2-1share/misc/acronyms.comp
+2-11 files

NetBSD/src 5IxpPHwsys/arch/m68k/m68k pmap_68k.c

   Update comments to reflect that mac68k now uses this pmap as the default.
VersionDeltaFile
1.71+7-6sys/arch/m68k/m68k/pmap_68k.c
+7-61 files

NetBSD/src K03pIIbsys/arch/mac68k/conf std.mac68k

   Switch mac68k to the new pmap as the default.
VersionDeltaFile
1.33+2-2sys/arch/mac68k/conf/std.mac68k
+2-21 files

NetBSD/src gVjhlXMsys/arch/m68k/m68k pmap_68k.c

   Update comments based on testing report from nat@ (rigorous small-memory
   config testing on 68030).
VersionDeltaFile
1.70+3-5sys/arch/m68k/m68k/pmap_68k.c
+3-51 files

NetBSD/pkgsrc-wip 02990e6chromium distinfo Makefile

chromium: update to 148.0.7778.167
DeltaFile
+6-6chromium/distinfo
+5-2chromium/Makefile
+1-1chromium/options.mk
+12-93 files

NetBSD/src igaWiftdoc CHANGES-11.0

   Tickets #284 and #285
VersionDeltaFile
1.1.2.91+12-1doc/CHANGES-11.0
+12-11 files

NetBSD/src pFDGyTIexternal/ibm-public/postfix/dist/conf main.cf

   Pull up following revision(s) (requested by christos in ticket #285):

        external/ibm-public/postfix/dist/conf/main.cf: revision 1.13

   fix so that it works out of the box (from RVP)
VersionDeltaFile
1.11.2.2+3-3external/ibm-public/postfix/dist/conf/main.cf
+3-31 files

NetBSD/src N6eqwBMsys/arch/riscv/include vmparam.h

   Pull up following revision(s) (requested by skrll in ticket #284):

        sys/arch/riscv/include/vmparam.h: revision 1.16

   risc-v: bump some parameter values on riscv64

   Match all other 64bit platforms for
      - PAGER_MAP_DEFAULT_SIZE
      - UBC_WINSHIFT
      - UBC_NWINS

   Spotted by thorpej
VersionDeltaFile
1.14.8.1+20-1sys/arch/riscv/include/vmparam.h
+20-11 files

NetBSD/src nYQ991Ausr.bin/nc nc.1

   PR misc/60253 (conditionally) remove CRYPTO using example

   This completes the previous (2026-03-03) change, by removing an
   example from the EXAMPLES section, which would only work if nc
   was built with the CRYPTO option.

   Like the previous, changing the definition of the number register C
   in the man page source from 0 to 1 will reinstate the example, along
   with all of the CRYPTO options, but makes no sense unless someone
   does the required work to be able to build nc with CRYPTO defined.

   No pullups required, the previous changes weren't pulled up either.
VersionDeltaFile
1.7+3-1usr.bin/nc/nc.1
+3-11 files

NetBSD/pkgsrc bDF3szzdoc CHANGES-2026

   Updated www/py-django[5]
VersionDeltaFile
1.3006+3-1doc/CHANGES-2026
+3-11 files

NetBSD/pkgsrc xb698ABwww/py-django5 distinfo Makefile

   py-django5: updated to 5.2.14

   Django 5.2.14 fixes three security issues with severity “low” in 5.2.13.

   CVE-2026-5766: Potential denial-of-service vulnerability in ASGI requests via file upload limit bypass¶

   ASGI requests with a missing or understated Content-Length header could bypass the FILE_UPLOAD_MAX_MEMORY_SIZE limit, potentially loading large files into memory and causing service degradation.

   As a reminder, Django expects a limit to be configured at the web server level rather than solely relying on FILE_UPLOAD_MAX_MEMORY_SIZE.

   This issue has severity “low” according to the Django security policy.

   CVE-2026-35192: Session fixation via public cached pages and SESSION_SAVE_EVERY_REQUEST¶

   Response headers did not vary on cookies if a session was not modified, but SESSION_SAVE_EVERY_REQUEST was True. A remote attacker could steal a user’s session after that user visits a cached public page.

   This issue has severity “low” according to the Django security policy.

   CVE-2026-6907: Potential exposure of private data due to incorrect handling of Vary: * in UpdateCacheMiddleware¶

    [2 lines not shown]
VersionDeltaFile
1.2+4-4www/py-django5/distinfo
1.2+2-2www/py-django5/Makefile
+6-62 files

NetBSD/pkgsrc G2SDHLwwww/py-django distinfo Makefile

   py-django: updated to 6.0.5

   6.0.5

   Django 6.0.5 fixes three security issues with severity “low” and several bugs in 6.0.4.

   CVE-2026-5766: Potential denial-of-service vulnerability in ASGI requests via file upload limit bypass

   ASGI requests with a missing or understated Content-Length header could bypass the FILE_UPLOAD_MAX_MEMORY_SIZE limit, potentially loading large files into memory and causing service degradation.

   As a reminder, Django expects a limit to be configured at the web server level rather than solely relying on FILE_UPLOAD_MAX_MEMORY_SIZE.

   This issue has severity “low” according to the Django security policy.

   CVE-2026-35192: Session fixation via public cached pages and SESSION_SAVE_EVERY_REQUEST

   Response headers did not vary on cookies if a session was not modified, but SESSION_SAVE_EVERY_REQUEST was True. A remote attacker could steal a user’s session after that user visits a cached public page.

   This issue has severity “low” according to the Django security policy.

    [12 lines not shown]
VersionDeltaFile
1.127+4-4www/py-django/distinfo
1.155+2-2www/py-django/Makefile
+6-62 files

NetBSD/pkgsrc d4kx5jidoc CHANGES-2026

   Updated net/samba4, net/freeradius
VersionDeltaFile
1.3005+3-1doc/CHANGES-2026
+3-11 files

NetBSD/pkgsrc 0yFuwCfnet/freeradius PLIST Makefile, net/freeradius-freetds Makefile

   freeradius: updated to 3.2.8

   FreeRADIUS 3.2.8 Wed 20 Aug 2025 12:00:00 UTC urgency=low
   Configuration changes
   * Replace dictionary.infinera with the correct one.
   * Update dictionary.alteon

   Feature improvements
   * Add support for automated fuzzing.  This doesn't affect
     normal operations, but it does allow for testing of the
     RADIUS decoder.
   * Allow tagged attributes to use ":V" as a tag in some cases.
     The tag is then read from the value which is being assigned
     to the attribute.  This functionality is allowed in 'update'
     sections, including 'update' in module configurations.
     See mods-available/ldap for an example.
   * Add kafka module.  See mods-available/kafka.
   * Allow &control:Packet-SRC-IP-Address to be used when
     proxying needs a given source address.

    [47 lines not shown]
VersionDeltaFile
1.42+100-2net/freeradius/PLIST
1.132+2-9net/freeradius/Makefile
1.51+4-5net/freeradius/distinfo
1.17+3-3net/freeradius/Makefile.common
1.32+1-2net/freeradius-sqlite3/Makefile
1.35+1-2net/freeradius-freetds/Makefile
+111-234 files not shown
+115-3010 files