audio/fasttracker2: Update to 2.13
Changes since 2.12:
Improvements
* Use 2-point cosine interpolation for scopes instead of 4-point cubic
B-spline. This is favorable as it doesn't lower the waveform amplitude for
samples containing very high frequency data. The whole point of
interpolating the scopes is to prevent the staircase effect at very low
pitches, and this does the job.
miniflux: update to 2.2.19.
Security
Remove sensitive values (CSRF tokens, OAuth state, session cookies) from log messages.
Improve OAuth2 security:
Verify OIDC ID token signatures and claims.
Prevent OAuth identity overwrite when already linked.
Clear PKCE verifier and CSRF state after use.
Validate HTTP status from Google userinfo endpoint.
Use HMAC-SHA256 instead of SHA1 for Google Reader API authentication.
Use constant-time comparison for token validation.
Fix potential DoS when truncating large untrusted input in templates.
Reject oversized favicons.
Improvements
Improve configuration validation with cross-field consistency checks.
OAuth2:
[46 lines not shown]
sysutils/py-Glances: Update to 4.5.3
Changes since 4.5.2:
=============
Version 4.5.3
=============
Bug corrected:
* Internal Server Error (Web Server Mode) #3502
* Container plugin crashes with docker.errors.NullResource on Podman pod
infra containers #3498
* [ALERTS] Sometime the top process list is not the good one #3481
Enhancements:
* Support for LXC/LXD containers #3480
* Add export to ClickHouse #3320
[18 lines not shown]
p5-libwww: update to 6.82.
6.82 2026-03-29 17:02:10Z
- Fix env_proxy() warning for unrelated environment variables (GH#501)
(Olaf Alders) with patch provided by @kberry.
- Fix `C<>` usage in doc (GH#500) (Dan Church)
- add an in-repo Makefile.PL for those tools that insist on running one
(GH#497) (Karen Etheridge)
p5-XML-Parser: update to 2.56.
2.56 2026-04-02 (by Todd Rinaldo)
Fixes:
- PR #223 Skip original_string test when expat lacks
XML_CONTEXT_BYTES, fixing false test failures on platforms
where libexpat is compiled without XML_CONTEXT_BYTES (e.g.
DragonFlyBSD system expat)
2.55 2026-04-01 (by Todd Rinaldo)
Fixes:
- PR #221 Fix struct-return ABI mismatch in XML_ExpatVersionInfo()
by parsing the version string instead of using the struct return,
which was corrupted when Perl and libexpat used different struct
return conventions (-fpcc-struct-return vs -freg-struct-return)
- PR #214 GH #211 GH #212 GH #213 Revert defaulthandle char
routing and standalone string changes that broke downstream CPAN
[15 lines not shown]
p5-Crypt-RIPEMD160: update to 0.12.
0.12 2026-04-02
Bug fixes:
- Fix MAC reset() after mac()/hexmac() by preserving the key so the
inner pad can be recomputed. PR #23
- Prevent STRLEN-to-dword truncation for large inputs on 64-bit
platforms in the XS add() method. PR #26
- Croak on read errors in addfile() instead of silently truncating
the hash input. GH #35, PR #35
- Zero sensitive memory (hash state) on destroy and reset to avoid
leaking intermediate digests. PR #39
- Zero MDfinish stack buffer after final compression to prevent
transient data from lingering on the stack. PR #44
Improvements:
- Add clone() method for copying mid-computation state, enabling
efficient digest of data sharing a common prefix. PR #27
[19 lines not shown]
devel/task: update to 3.49.1
v3.49.1
* Reverted #2632 for now, which caused some regressions. That change will
be reworked.
v3.49.0
* Fixed included Taskfiles with watch: true not triggering watch mode when
called from the root Taskfile.
* Fixed Remote Git Taskfiles failing on Windows due to backslashes in URL
paths.
* Fixed Remote Git Taskfiles timing out when resolving includes after
accepting the trust prompt.
* Fixed unclear error message when Taskfile search stops at a directory
ownership boundary.
* Fixed global variables from imported Taskfiles not resolving ref: values
correctly.
[2 lines not shown]
ca-certificates: Update to 20260223
ca-certificates (20260223) unstable; urgency=medium
* Update Mozilla certificate authority bundle to version 2.82
The following certificate authorities were added (+):
+ TrustAsia TLS ECC Root CA
+ TrustAsia TLS RSA Root CA
+ SwissSign RSA TLS Root CA 2022 - 1
+ OISTE Server Root ECC G1
+ OISTE Server Root RSA G1
The following certificate authorities were removed (-):
- GlobalSign Root CA
- Entrust.net Premium 2048 Secure Server CA
- Baltimore CyberTrust Root (closes: #1121936)
- Comodo AAA Services root
- XRamp Global CA Root
- Go Daddy Class 2 CA
- Starfield Class 2 CA
[8 lines not shown]
