py-pdf: updated to 6.7.0
Version 6.7.0, 2026-02-08
Deprecations (DEP)
- Deprecate support for abbreviations in decode_stream_data
New Features (ENH)
- Add ability to add font resources for 14 Adobe Core fonts in text widget annotations
Bug Fixes (BUG)
- Avoid invalid load for ICCBased FlateDecode images in mode 1
Robustness (ROB)
- Fix AESV2 decryption when /Length missing in encrypt dict
- Fix merging when annotations point to NullObject
- Check for `self._info` being None in `compress_identical_objects`
py-pebble: updated to 5.2.0
5.2.0
Features:
- issue 158: set pending futures to BrokenProcessPool error
when ProcessPool internal errors occur.
Fixes:
- Cleanup resources when terminating pool's processes via SIGTERM.
postgresql-timescaledb: updated to 2.25.0
2.25.0
This release contains performance improvements and bug fixes since the 2.24.0 release. We recommend that you upgrade at the next available opportunity.
Highlighted features in TimescaleDB v2.25.0
This release features multiple improvements for continuous aggregates on the columnstore:
Faster refreshes: You can now utilize direct compress during materialized view refreshes, resulting in higher throughput and reduced I/O usage.
Efficiency: The enablement of delete optimizations significantly lowers system resource requirements.
Smaller transactions: Adjusted defaults for buckets_per_batch to 10 reduces transaction sizes, requiring less WAL holding time.
Faster queries: Smarter defaults for segmentby and orderby yield improved query performance and better compression ratio on the columnstore.
postgresql1[4-8]*: updated to 18.2, 17.8, 16.12, 15.16, and 14.21
PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21
Security Issues
CVE-2026-2003: PostgreSQL oidvector discloses a few bytes of memory
CVSS v3.1 Base Score: 4.3
Supported, Vulnerable Versions: 14 - 18.
Improper validation of type oidvector in PostgreSQL allows a database user to disclose a few bytes of server memory. We have not ruled out viability of attacks that arrange for presence of confidential information in disclosed bytes, but they seem unlikely. Versions before PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are affected.
The PostgreSQL project thanks Altan Birler for reporting this problem.
CVE-2026-2004: PostgreSQL intarray missing validation of type of input to selectivity estimator executes arbitrary code
CVSS v3.1 Base Score: 8.8
[61 lines not shown]
powerdns-recursor: update to 5.3.5.
Provided by Marcin Gondek in wip.
5.3.5
Released: 9th of February 2026
Bug Fixes
Fix PowerDNS Security Advisory 2026-01: Crafted zones can lead to increased resource usage in Recursor.
haproxy: updated to 3.3.3
3.3.3
- MEDIUM: h1: strictly verify quoting in chunk extensions
- DOC: internals: cleanup few typos in master-worker documentation
- BUG/MEDIUM: applet: Fix test on shut flags for legacy applets
- BUG/MEDIUM: threads: Atomically set TH_FL_SLEEPING and clr FL_NOTIFIED
- CLEANUP: haproxy: fix bad line wrapping in run_poll_loop()
- BUG/MINOR: cpu-topo: count cores not cpus to distinguish core types
- CLEANUP: lb-chash: free lb_nodes from chash's deinit(), not global
- BUG/MEDIUM: lb-chash: always properly initialize lb_nodes with dynamic servers
- DOC: config: mention the limitation on server id range for consistent hash
- MEDIUM: backend: make "balance random" consider req rate when loads are equal
- BUG/MINOR: config: Fix setting of alt_proto
- BUG/MINOR: startup: fix allocation error message of progname string
- BUG/MINOR: startup: handle a possible strdup() failure
- MINOR: activity: support setting/clearing lock/memory watching for task profiling
- MEDIUM: activity: apply and use new finegrained task profiling settings
- MINOR: activity: allow to switch per-task lock/memory profiling at runtime
[5 lines not shown]
py-cssselect2: updated to 0.9.0
Version 0.9.0
* Drop support of Python 3.9, support 3.14
* Support :host
Version 0.8.0
* Drop support of Python 3.8 and 3.9, support 3.12 and 3.13
* Handle case-sensitive and case-insensitive attribute selectors
py-platformdirs: updated to 4.7.0
4.7.0
docs: restructure and fix cross-references
feat(windows): use SHGetKnownFolderPath API
fix(unix): fall back to tempdir when runtime dir is not writable
build(release): adopt filelock-style automated workflow
devel/php-memcached: update to 3.4.0
3.4.0 (2025-10-14)
* Use Zend/zend_smart_string.h for PHP 8.5 compatibility (#574)
* Use zen_ce_exception for PHP 8.5 compatibility (#573)
