NetBSD/pkgsrc ANt2BHNtextproc/xmlto distinfo, textproc/xmlto/patches patch-format_docbook_epub patch-format_docbook_txt

   xmlto: add missing comments to patch headers
VersionDeltaFile
1.20+6-6textproc/xmlto/distinfo
1.2+3-1textproc/xmlto/patches/patch-format_docbook_epub
1.2+3-1textproc/xmlto/patches/patch-format_docbook_txt
1.2+3-1textproc/xmlto/patches/patch-format_fo_dvi
1.2+3-1textproc/xmlto/patches/patch-format_fo_pdf
1.2+3-1textproc/xmlto/patches/patch-format_xhtml1_txt
+21-116 files

NetBSD/pkgsrc TrHFljFtextproc/xmlto Makefile distinfo, textproc/xmlto/patches patch-xmlto_in

   xmlto: apply two shell-related tweaks

   First, make shell code used in the "-o" option parsing more portable.
   "type -p" hasn't been supported by NetBSD's sh since 8.0 (and also
   isn't universally supported elsewhere by other shells). This addresses
   PR pkg/60388 from Andrew Cagney. (Really here we're suppressing a
   warning rather than a failure, one that happens to show up in build
   logs.)

   (We could substitute "command -v" instead (recommended over bare "type"
   by a NetBSD shell guru), but since both the existing upstream code and
   a bunch of our patches are already using "type" in many places, I kept
   it consistent here.)

   Next, Makefile r. 1.32 removed bash as a runtime dependency, but didn't
   account for REPLACE_BASH still being defined, which results in a broken
   (though effectively harmless) substitution to "#!". (Here perhaps the
   pkgsrc replacement mechanism could be improved so it generates an error
   when the replacement path is empty.) This is only relevant for the test
   target.
VersionDeltaFile
1.2+15-5textproc/xmlto/patches/patch-xmlto_in
1.51+3-3textproc/xmlto/Makefile
1.19+2-2textproc/xmlto/distinfo
+20-103 files

NetBSD/pkgsrc 3i6tvzemisc/getopt distinfo Makefile, misc/getopt/patches patch-aa

   getopt: use ctype.h correctly
VersionDeltaFile
1.4+14-3misc/getopt/patches/patch-aa
1.13+2-2misc/getopt/distinfo
1.19+2-1misc/getopt/Makefile
+18-63 files

NetBSD/pkgsrc Ru7ARzAcross/ppc-morphos-gcc Makefile, cross/ppc-morphos-gcc/files objc-saveds.diff

   cross/ppc-morphos-gcc: Fix objc-saveds.diff

   This fixes leaking saveds into non-ObjC methods as the type was shared.
VersionDeltaFile
1.2+6-6cross/ppc-morphos-gcc/files/objc-saveds.diff
1.7+2-2cross/ppc-morphos-gcc/Makefile
+8-82 files

NetBSD/pkgsrc kkgJ0wVnet/mcast-tools distinfo Makefile, net/mcast-tools/patches patch-configure

   mcast-tools: finish fixing build on -current
VersionDeltaFile
1.1+14-0net/mcast-tools/patches/patch-configure
1.8+2-1net/mcast-tools/distinfo
1.10+2-1net/mcast-tools/Makefile
+18-23 files

NetBSD/pkgsrc uBwMoCfdoc CHANGES-2026

   math/cadical 3.0.0 -> 2.1.3
VersionDeltaFile
1.4151+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc KkaGpnimath/cadical Makefile distinfo

   Downgrade a very recently added math/cadical to 2.1.3.

   Version 3.0.0 isn't supported by cvc5:
     https://github.com/cvc5/cvc5/issues/12611

   Make other changes to help cvc5 find cadical in /usr/pkg:
    - add tracer.hpp
    - move headers to include/cadical
VersionDeltaFile
1.2+5-4math/cadical/Makefile
1.2+4-4math/cadical/distinfo
1.2+2-1math/cadical/PLIST
+11-93 files

NetBSD/pkgsrc 7oynuGMdoc CHANGES-2026

   Updated www/py-curl, textproc/py-xmlschema
VersionDeltaFile
1.4150+3-1doc/CHANGES-2026
+3-11 files

NetBSD/pkgsrc tDT9rYGtextproc/py-xmlschema Makefile distinfo

   py-xmlschema: updated to 4.3.2

   4.3.2 (2026-06-30)
   * Fix for issues
   * Add Georgian language
VersionDeltaFile
1.70+4-8textproc/py-xmlschema/Makefile
1.66+4-4textproc/py-xmlschema/distinfo
1.28+3-1textproc/py-xmlschema/PLIST
+11-133 files

NetBSD/pkgsrc OiQlCkIwww/py-curl PLIST distinfo, www/py-curl/patches patch-setup.py

   py-curl: updated to 7.47.0

   PycURL 7.47.0 - 2026-06-29

   This release adds AsyncCurlMulti (initial async pycurl support), implements a
   curl multi notify API, and adds initial free-threaded CPython support.  This
   release also fixes numerous minor issues and makes tests more reliable.
VersionDeltaFile
1.6+7-7www/py-curl/patches/patch-setup.py
1.24+10-3www/py-curl/PLIST
1.40+5-5www/py-curl/distinfo
1.107+2-3www/py-curl/Makefile
+24-184 files

NetBSD/pkgsrc 2gl3bLhdevel/git-base options.mk Makefile

   git-base: disable Rust; rewrite options
VersionDeltaFile
1.8+11-11devel/git-base/options.mk
1.137+2-1devel/git-base/Makefile
+13-122 files

NetBSD/pkgsrc y1vDvZKdoc CHANGES-2026

   Updated graphics/libjpeg-turbo, archivers/minizip-ng
VersionDeltaFile
1.4149+3-1doc/CHANGES-2026
+3-11 files

NetBSD/pkgsrc 0t0V7dsarchivers/minizip-ng distinfo Makefile

   minizip-ng: updated to 4.2.2

   4.2.2

   build(deps): bump actions/download-artifact from 7 to 8
   build(deps): bump actions/upload-artifact from 6 to 7
   fix: warning: '=': narrowing conversion, possible loss of data
   docs: update memory stream test link
   fix: mz_crypt_aes_set_*_key for GCM on OpenSSL
   test: improve: validate cipher bytes after encryption
   fix: reject symlink targets that escape extraction dir
VersionDeltaFile
1.10+4-4archivers/minizip-ng/distinfo
1.13+2-2archivers/minizip-ng/Makefile
+6-62 files

NetBSD/pkgsrc 9cKu7Ykgraphics/libjpeg-turbo distinfo PLIST, graphics/libjpeg-turbo/patches patch-simd_arm__aarch32_jsimdcpu.c patch-simd_CMakeLists.txt

   libjpeg-turbo: updated to 3.2.0

   3.2.0

   Fixed a regression introduced by 3.2 beta1[9] that broke Arm64EC Windows builds.

   Hardened the PNG writer (which is used by djpeg and tj3SaveImage*()) against applications that may erroneously attempt to write sample values that are out of range for the specified output data precision. This could have caused a buffer overrun in the PNG writer's rescale array if the output data precision was not 8 or 16 bits. The buffer overrun did not likely pose a security risk, since tj3SaveImage*() is not exposed to arbitrary external input data and since a caller that abused the API in the aforementioned manner could never work properly.

   Hardened the libjpeg API against hypothetical applications that may erroneously call jpeg_crop_scanline() with buffered-image mode and raw data output enabled.  jpeg_crop_scanline() does not work with raw data output, but due to an oversight, it did not throw an error if both buffered-image mode and raw data output were enabled. If a hypothetical application aborted a normal decompression operation without reading any scanlines, started a new decompression operation using the same libjpeg instance with buffered-image mode and raw data output enabled, then called jpeg_crop_scanline() with arguments that would have caused any of the component planes to be cropped to a width of 1 sample, jpeg_crop_scanline() would have used freed memory. However, this did not likely pose a security risk, since an application that abused the API in the aforementioned manner could never work properly.

   Fixed a buffer overrun and subsequent segfault in jpegtran that occurred when attempting to use the -crop and -trim options to expand the width of an image narrower than one iMCU, discard partial iMCUs, and fill each block in the expanded region with the DC coefficient of the nearest block in the input image ("flatten.") Similarly, fixed an infinite loop that occurred when attempting to use the -crop and -trim options to expand the width of an image narrower than one iMCU, discard partial iMCUs, and fill the expanded region with repeated reflections of the input image ("reflect.") When the only iMCU column in the input image is partial and partial iMCUs are trimmed, the flatten and reflect extensions cannot work properly, so jpegtran now throws an error if that is the case. These issues were confined to the jpegtran application and thus did not pose a security risk.
VersionDeltaFile
1.1+37-0graphics/libjpeg-turbo/patches/patch-simd_arm__aarch32_jsimdcpu.c
1.39+5-7graphics/libjpeg-turbo/distinfo
1.10+2-2graphics/libjpeg-turbo/PLIST
1.45+2-2graphics/libjpeg-turbo/Makefile
1.2+1-1graphics/libjpeg-turbo/patches/patch-simd_CMakeLists.txt
1.5+1-1graphics/libjpeg-turbo/patches/patch-simd_arm__aarch32_jsimd.c
+48-131 files not shown
+49-147 files

NetBSD/pkgsrc oZrt7B9net/mcast-tools Makefile distinfo, net/mcast-tools/patches patch-pim6dd_pimdd.h

   mcast-tools: let build on NetBSD progress further

   still doesn't build

   Based on patch by kre@
VersionDeltaFile
1.1+15-0net/mcast-tools/patches/patch-pim6dd_pimdd.h
1.9+3-1net/mcast-tools/Makefile
1.7+2-1net/mcast-tools/distinfo
+20-23 files

NetBSD/pkgsrc bWQTPG7net/pim6dd Makefile distinfo, net/pim6dd/patches patch-pimdd.h

   pim6dd: fix build on NetBSD-current

   Based on a patch by kre@
VersionDeltaFile
1.20+8-7net/pim6dd/Makefile
1.1+15-0net/pim6dd/patches/patch-pimdd.h
1.13+2-1net/pim6dd/distinfo
+25-83 files

NetBSD/pkgsrc nCo7xetdoc CHANGES-2026

   doc: Updated devel/p5-Devel-NYTProf to 6.14nb4
VersionDeltaFile
1.4148+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc YmK8ymddevel/p5-Devel-NYTProf Makefile

   p5-Devel-NYTProf: add missing (test) dependencies

   Bump PKGREVISION.
VersionDeltaFile
1.48+5-3devel/p5-Devel-NYTProf/Makefile
+5-31 files

NetBSD/pkgsrc 4gecm1Harchivers/libaec Makefile

   libaec: follow redirect
VersionDeltaFile
1.5+3-3archivers/libaec/Makefile
+3-31 files

NetBSD/pkgsrc BLdbz2cdoc CHANGES-2026

   doc: Updated devel/py-dunamai to 1.26.1nb1
VersionDeltaFile
1.4147+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc BCdfTgqdevel/py-dunamai Makefile

   py-dunamai: git is just a test dependency

   Fix tests by setting up environment; reported upstream.
VersionDeltaFile
1.4+11-4devel/py-dunamai/Makefile
+11-41 files

NetBSD/pkgsrc IsI2Vy8doc CHANGES-2026

   Updated audio/SDL2_mixer, audio/SDL3_mixer, games/rocksndiamonds, audio/libxmp, audio/xmp
VersionDeltaFile
1.4146+6-1doc/CHANGES-2026
+6-11 files

NetBSD/pkgsrc sVr8242audio/xmp distinfo Makefile, audio/xmp/patches patch-src_options.c

   xmp: updated to 4.3.0

   4.3.0 (20260508):
        Changes by Alice Rowan:
        - Support 24-bit and 32-bit output (requires libxmp 4.7.0+):
          AHI, ALSA, BeOS/Haiku, CoreAudio, NetBSD, OSS, PulseAudio,
          sndio, WinMM, AIFF, file, WAV.
        - Use XMP_MAX_SRATE as the limit for -f instead of 48000
          (requires libxmp 4.7.0+).
        - Amiga: automatically expand stack via stack cookie (OS 4),
          NewStackSwap (AROS), NewPPCStackSwap (MorphOS), or StackSwap
          (Workbench 2.04+). This feature can be disabled by defining
          XMP_NO_STACKSWAP at compile time.
        - Report pan value "---" for instruments/samples without
          a default panning value (sub->pan < 0).
        - Don't unmute muted IT channels unless explicitly unmuted by
          the -S/--solo option.
        - Haiku: Fix configure C++ compiler detection if CXX variable
          contains additional options.

    [10 lines not shown]
VersionDeltaFile
1.23+4-5audio/xmp/distinfo
1.71+2-2audio/xmp/Makefile
1.3+1-1audio/xmp/patches/patch-src_options.c
+7-83 files

NetBSD/pkgsrc kTszc4Vaudio/libxmp distinfo Makefile, audio/libxmp/patches patch-include_xmp.h

   libxmp: updated to 4.7.0

   4.7.0 (20260225):
        Changes by Alice Rowan:
        - Increase maximum sampling rate (XMP_MAX_SRATE) to 768000.
          This increases XMP_MAX_FRAMESIZE to 384000. The tick buffers are now
          allocated using the player-provided rate instead of XMP_MAX_FRAMESIZE:
          the frame info buffer may also be much smaller than XMP_MAX_FRAMESIZE.
          In case of existing software misusing the old XMP_MAX_FRAMESIZE, the
          minimum value for mixer_data->total_size is the old XMP_MAX_FRAMESIZE
          for now.
        - xmp_seek_time now always seeks (even if the position is the same
          as the current position) and uses the start row detected by the scan.
        - New function: xmp_seek_time_frame, which attempts to seek to the time
          requested by the caller within frame precision. This is achieved by
          using xmp_seek_time then repeatedly calling xmp_play_frame until the
          *next* frame contains the caller-requested time. The caller can then
          use xmp_play_frame/xmp_play_buffer to render the requested frame.
          WARNING: this is more computationally expensive than xmp_seek_time.

    [114 lines not shown]
VersionDeltaFile
1.15+4-5audio/libxmp/distinfo
1.18+2-2audio/libxmp/Makefile
1.3+1-1audio/libxmp/patches/patch-include_xmp.h
+7-83 files

NetBSD/pkgsrc 0TxCy2kgames/rocksndiamonds distinfo Makefile

   rocksndiamonds: updated to 4.4.2.3

   4.4.2.3

   This patch release fixes some bugs and improves some Diamond Caves related stuff:

   added checkbox to use optional EM/DC style player explosions
   changed killing player not before, but after digging land mine
   fixed highlighting player name after editing on names screen
   fixed a few potential string buffer overflow problems
VersionDeltaFile
1.49+4-4games/rocksndiamonds/distinfo
1.83+2-2games/rocksndiamonds/Makefile
+6-62 files

NetBSD/pkgsrc SfZuvnbaudio/SDL3_mixer distinfo Makefile

   SDL3_mixer: updated to 3.2.4

   3.2.4

   This is a stable bugfix release, with the following changes:

   Added MIX_PROP_AUDIO_LOAD_IGNORE_LOOPS_BOOLEAN, to ignore looping information in an audio file's metadata
   Fixed crash bug in MIX_SetTrackGroup()
   Fixed crash in MIX_StopTrack(t, 0) if its MIX_TrackStoppedCallback destroys the track
   Fixed crash when MIX_PROP_PLAY_MAX_* is less than the track's start position
   Fixed unexpected decoding failures when using MIX_AudioDecoder
   Fixed .OXM files being treated as Ogg Vorbis (they're actually mod files with embedded Vorbis samples)
   Apps can set custom FluidSynth string settings (previously only ints and floats worked)
   Various other small bugs and memory leaks fixed
VersionDeltaFile
1.2+4-4audio/SDL3_mixer/distinfo
1.2+3-3audio/SDL3_mixer/Makefile
1.3+2-2audio/SDL3_mixer/PLIST
+9-93 files

NetBSD/pkgsrc LCpEA27audio/SDL2_mixer Makefile distinfo

   SDL2_mixer: updated to 2.8.2

   2.8.2

   This is a stable bugfix release, with the following changes:

   Improved OGG decoding speed when using stb_vorbis
   Updated to newer versions of decoding libraries
VersionDeltaFile
1.30+7-6audio/SDL2_mixer/Makefile
1.12+4-4audio/SDL2_mixer/distinfo
1.19+2-2audio/SDL2_mixer/buildlink3.mk
+13-123 files

NetBSD/pkgsrc w3AVpoRnet/dnsdist distinfo Makefile

   Pullup ticket #7152 - requested by taca
   net/dnsdist: security fix

   Revisions pulled up:
   - net/dnsdist/Makefile                                          1.52
   - net/dnsdist/distinfo                                          1.28

   ---
      Module Name:      pkgsrc
      Committed By:     drixter
      Date:             Thu Jun 25 15:56:28 UTC 2026

      Modified Files:
        pkgsrc/net/dnsdist: Makefile distinfo

      Log Message:
      dnsdist: Update to 2.0.7

      Released: 25th of June 2026

    [27 lines not shown]
VersionDeltaFile
1.27.2.1+4-4net/dnsdist/distinfo
1.50.2.1+2-2net/dnsdist/Makefile
+6-62 files

NetBSD/pkgsrc jUrTF5awww/chromium Makefile options.mk

   Pullup ticket #7150 - requested by scole
   www/chromium: NetBSD 10 build fix

   Revisions pulled up:
   - www/chromium/Makefile                                         1.63
   - www/chromium/options.mk                                       1.5

   ---
      Module Name:    pkgsrc
      Committed By:   kikadf
      Date:           Fri Jun 26 21:28:57 UTC 2026

      Modified Files:
              pkgsrc/www/chromium: Makefile options.mk

      Log Message:
      chromium: fix build on NetBSD-10

      Reported by Sean Cole
VersionDeltaFile
1.62.2.1+3-1www/chromium/Makefile
1.4.2.1+1-2www/chromium/options.mk
+4-32 files

NetBSD/pkgsrc ZKKgBfIdoc CHANGES-2026

   Updated lang/rust, databases/postgresql-timescaledb
VersionDeltaFile
1.4145+3-1doc/CHANGES-2026
+3-11 files