p5-Module-Build-Tiny: update to 0.053.
0.053 2026-03-03 20:42:07+01:00 Europe/Brussels
- Always set dynamic_config=0 in MYMETA
- Set PERL_DL_NONLAZY=1 during testing
p5-DateTime-TimeZone: update to 2.67.
2.67 2026-03-05
- This release is based on version 206a of the Olson database. This release includes contemporary
changes for Moldova.
p5-Clone: update to 0.48.
0.48 2026-03-02 16:02:00 atoomic
- perf: optimize hot paths in Clone.xs
- fix: replace subtest with SKIP/bare blocks to avoid Test2 warnings
- fix: don't require MGf_DUP flag for ext magic duplication
- fix: lower MAX_DEPTH to 4000 to prevent SEGV on CPAN smokers
- fix: use platform-adaptive depth in t/10-deep_recursion.t for Windows
- Fix t/10-deep_recursion.t for Windows
- Fix C89 declaration-after-statement violations in Clone.xs
- Fix deep recursion stack overflow on Windows
- Fix cloning of Math::BigInt::GMP objects (fixes #16)
- Fix cloning of threads::shared data structures (fixes #18)
- Add thread safety test for Class::DBI-like patterns (fixes #14)
- Add comprehensive documentation with examples and limitations
- Improve README.md structure and installation instructions
- Add DBI + DBD::SQLite as recommended test dependencies
- Fix weakened reference cloning via deferred weakening (fixes #15)
- Fix memory leak when cloning non-existent hash values (fixes #42)
[8 lines not shown]
Update to version 9.2.0167.
Changes:
- patch 9.2.0167: terminal: setting buftype=terminal may cause a crash
- patch 9.2.0166: Coverity warning for potential NULL dereference
- patch 9.2.0165: tests: perleval fails in the sandbox
- patch 9.2.0164: build error when XCLIPBOARD is not defined
- patch 9.2.0163: MS-Windows: Compile warning for unused variable
- patch 9.2.0162: tests: unnecessary CheckRunVimInTerminal in test_quickfix
- patch 9.2.0161: intro message disappears on startup in some terminals
- patch 9.2.0160: terminal DEC mode handling is overly complex
- patch 9.2.0159: Crash when reading quickfix line
- patch 9.2.0158: Visual highlighting might be incorrect
- patch 9.2.0157: Vim9: concatenation can be improved
- patch 9.2.0156: perleval() and rubyeval() ignore security settings
- patch 9.2.0155: filetype: ObjectScript are not recognized
- patch 9.2.0154: if_lua: runtime error with lua 5.5
- patch 9.2.0153: No support to act as a channel server
- patch 9.2.0152: concatenating strings is slow
[100 lines not shown]
libpciaccess: update to 0.19.
This release adds a new pci_device_is_boot_display() API, with support
currently implemented only for Linux systems using sysfs.
It also adds a -Dinstall-scanpci option to the meson configuration for
those who want to install this version of scanpci.
In addition, it corrects build issues on FreeBSD 15 and DragonFly, and
fixes a long-standing bug if there were multiple users of libpciaccess
in the same process and one called pci_system_cleanup before the others
were done using pciaccess.
www/chromium: update to 146.0.7680.80
* 146.0.7680.80
This update includes 1 security fixes. Please see the
Chrome Security Page for more information.
[N/A][491421267] High CVE-2026-3909: Out of bounds write in Skia.
Reported by Google Threat Analysis Group on 2026-03-10
Google is aware that an exploit for CVE-2026-3909 exists in the wild.
Bring the mbedtls replacement mechanism up to date, just in case it
is needed.
Upstream has fiddled with the git release tags, update the
distribution tarball hashes.
gtk-gnutella: updated to 1.3.1
1.3.1
Bug Fixes
[GTK2] Removed "clock" icon in status bar, a left-over of the 1.3.0 edits.
Was sometimes crashing at startup due to a bug in logfilter.
Forgot an include of "mempcpy.h", causing compilation error on MacOs.
Fixed compilation error on arm64.
1.3.0
Improvements
Removed expiration date: this version will now run forever.
Under the Hood
[2 lines not shown]
www/chromium: update to 146.0.7680.75
* 146.0.7680.75
This update includes 2 security fixes. Please see the
Chrome Security Page for more information.
[N/A][491421267] High CVE-2026-3909: Out of bounds write in Skia.
Reported by Google on 2026-03-10
[N/A][491410818] High CVE-2026-3910: Inappropriate implementation
in V8. Reported by Google on 2026-03-10
Google is aware that exploits for both CVE-2026-3909 & CVE-2026-3910
exist in the wild.
* 146.0.7680.71
This update includes 29 security fixes. Please see the
Chrome Security Page for more information.
[$33000][483445078] Critical CVE-2026-3913: Heap buffer overflow
[62 lines not shown]
audio/fasttracker2: Update to 2.11
Changes since 2.10
v2.11 - 09.03.2026
- Fixed: When loading stereo AIFF/WAV samples, the last sample point would not
be read correctly when either reading the right channel or downmixing to mono.
Update version of external mbedtls to v4
Build option does not currently work, because the security/mbedtls4
package does not enable MBEDTLS_THREADING_PTHREAD and
MBEDTLS_THREADING_C.
www/hiawatha -- update to v12.0
From upstream's changelog:
hiawatha (12.0) stable; urgency=low
mbed TLS updated to 4.0.0. Thanks to Heiko Zimmermann.
Replaced strcpy() with strlcpy() and sprintf() with snprintf().
Thanks to Heiko Zimmermann.
Added OS sandbox. Credits to Heiko Zimmermann.
Removed DHsize option.
Known bug: mbed TLS v4.0.0 doesn't compile in Cygwin, so
building a Windows package is not possible.
