NetBSD/pkgsrc dHoelIDdoc CHANGES-2026

   Updated security/libgcrypt, security/libfido2
VersionDeltaFile
1.2400+3-1doc/CHANGES-2026
+3-11 files

NetBSD/pkgsrc LpDqfdvsecurity/libfido2 PLIST distinfo, security/libfido2/patches patch-CMakeLists.txt

   libfido2: updated to 1.17.0

   1.17.0 (2026-04-15)
    ** Added CTAP 2.3 support.
    ** Restrict webauthn.dll search paths; YSA-2026-01.
    ** Support application-managed PIN/UV Auth tokens.
    ** Support 64-byte hmac-secret salts when using windows://hello.
    ** Fixed a U2F transaction handling bug when a timeout had been set.
    ** Fixed a bug where stdin was closed on fido_nl_new failure.
    ** fido2-token: new -G -t mode to to retrieve a PPUAT.
    ** fido2-token: new -I -t mode for deciphering encrypted fields.
    ** fido2-cred -M: support the -t toggle argument
    ** Improved documentation and examples.
    ** Removed tools from SDK packaging on Windows.
    ** New API calls:
     - fido_cbor_info_attfmts_len;
     - fido_cbor_info_attfmts_ptr;
     - fido_cbor_info_cfgcmds_len;
     - fido_cbor_info_cfgcmds_ptr;

    [27 lines not shown]
VersionDeltaFile
1.9+61-1security/libfido2/PLIST
1.4+7-8security/libfido2/patches/patch-CMakeLists.txt
1.15+5-5security/libfido2/distinfo
1.18+2-2security/libfido2/Makefile
+75-164 files

NetBSD/pkgsrc 6puWFJjsecurity/libgcrypt distinfo Makefile

   libgcrypt: updated to 1.12.2

   Noteworthy changes in version 1.12.2 (2026-04-15)

    * Bug fixes:

      - Fix possible ECDH buffer overwrite with zeroes.
      - Add a missing bounds check to the Dilithium context handling.
      - Add point validation when using the new KEM interface.

    * Other:
      - Fix the dead-code of stronger_key_check for RSA.
VersionDeltaFile
1.107+4-4security/libgcrypt/distinfo
1.124+2-2security/libgcrypt/Makefile
+6-62 files

NetBSD/pkgsrc 8uf3bE8doc CHANGES-2026

   Updated security/py-authlib, security/adguardhome
VersionDeltaFile
1.2399+3-1doc/CHANGES-2026
+3-11 files

NetBSD/pkgsrc lwt9rqTsecurity/adguardhome distinfo go-modules.mk

   adguardhome: updated to 0.107.74

   0.107.74

   Security

   Frontend libraries has been updated to prevent the possibility of exploiting the vulnerability described in CVE-2026-40175.
   Go version has been updated to prevent the possibility of exploiting the Go vulnerabilities fixed in 1.26.2.

   Changed

   Configuration changes

   Fixed

   Incorrect forwarding of root domain requests when domain-specific upstreams are configured
   The strict SNI check setting is not persisted when the TLS configuration is changed
   Status reported by the launchd service implementation in cases of scheduled service restart.
   Fixed clients block/unblock when moving clients between allowed and disallowed lists.
VersionDeltaFile
1.7+241-235security/adguardhome/distinfo
1.5+78-76security/adguardhome/go-modules.mk
1.14+2-3security/adguardhome/Makefile
+321-3143 files

NetBSD/pkgsrc MhP1GGDsecurity/py-authlib distinfo Makefile

   py-authlib: updated to 1.6.11

   1.6.11
   Fix CSRF issue with starlette client
VersionDeltaFile
1.32+4-4security/py-authlib/distinfo
1.34+2-2security/py-authlib/Makefile
+6-62 files

NetBSD/pkgsrc iC09C9ndoc CHANGES-2026

   Updated parallel/opencl-headers, net/ngtcp2
VersionDeltaFile
1.2398+3-1doc/CHANGES-2026
+3-11 files

NetBSD/pkgsrc PaxloHAnet/ngtcp2 distinfo PLIST

   ngtcp2: updated to 1.22.1

   1.22.1
   Fixes CVE-2026-40170
VersionDeltaFile
1.35+4-4net/ngtcp2/distinfo
1.32+2-2net/ngtcp2/PLIST
1.36+2-2net/ngtcp2/Makefile
+8-83 files

NetBSD/pkgsrc 49PbGLogames/vms-empire distinfo, games/vms-empire/patches patch-edit.c patch-game.c

   vms-empire: add upstream bug report URL
VersionDeltaFile
1.15+6-6games/vms-empire/distinfo
1.4+2-1games/vms-empire/patches/patch-edit.c
1.3+2-1games/vms-empire/patches/patch-game.c
1.3+2-1games/vms-empire/patches/patch-object.c
1.3+2-1games/vms-empire/patches/patch-term.c
1.4+2-1games/vms-empire/patches/patch-usermove.c
+16-116 files

NetBSD/pkgsrc EkW0otvparallel/opencl-headers distinfo Makefile

   opencl-headers: updated to 2025.07.22

   2025.07.22

   Synchronize with OpenCL v3.0.19 specification release.

   This release includes several changes that may affect backward compatibility:

   Introduction of the CL_ENABLE_BETA_EXTENSIONS to guard beta features or extensions that can be modified with backward incompatible changes. Previously unguarded extensions are now guarded.
   Introduction of anonymous unions in the struct _cl_icd_dispatch structure. This may cause warnings or errors during static initialization.
VersionDeltaFile
1.7+4-4parallel/opencl-headers/distinfo
1.6+2-2parallel/opencl-headers/Makefile
+6-62 files

NetBSD/pkgsrc 4slFHYDdoc CHANGES-2026

   doc: Updated games/vms-empire to 1.20
VersionDeltaFile
1.2397+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc Y3Tn0fVgames/vms-empire distinfo Makefile, games/vms-empire/patches patch-usermove.c patch-aa

   vms-empire: update to 1.20.

   1.20: 2026-04-16::
          More code hardening.
          Fix for ancient bug: enemy satellites no longer awaken your pieces.
VersionDeltaFile
1.3+14-14games/vms-empire/patches/patch-usermove.c
1.14+6-6games/vms-empire/distinfo
1.8+5-3games/vms-empire/patches/patch-aa
1.20+2-2games/vms-empire/Makefile
+27-254 files

NetBSD/pkgsrc lXDzy7edoc CHANGES-2026

   doc: Updated textproc/xan to 0.57.1
VersionDeltaFile
1.2396+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc sPeZDg2textproc/xan distinfo Makefile

   textproc/xan: update to 0.57.1

   Fixes

       Fixing xan sort --check -n & xan dedup --check -n printed report.
       Fixing xan parallel cat -nS.
       Fixing CSV parsing rare edge case panics.
       Fixing commands relying on zero-copy CSV parsing for performance.

   Performance

       Improving performance of xan flatten, xan view, xan to & xan network.
       Faster xan network -f nodelist in some cases.
VersionDeltaFile
1.9+7-7textproc/xan/distinfo
1.9+2-2textproc/xan/Makefile
1.9+1-1textproc/xan/cargo-depends.mk
+10-103 files

NetBSD/pkgsrc wktUBg6doc CHANGES-2026

   doc: Updated textproc/rumdl to 0.1.72
VersionDeltaFile
1.2395+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc UA0gYratextproc/rumdl distinfo Makefile

   textproc/rumdl: update to 0.1.72

   Added

       config: resolve rule aliases in config get command (69058cd)
       import: support JSONC comments in markdownlint config files (26ae457)
       cli: introduce FmtArgs with formatter-appropriate interface (dce2b40)

   Fixed

       md034: detect code spans inside MDX JSX component bodies (d881713)
       md025: cascade level adjustment to subordinate headings when demoting duplicate title (2399dca)
       formatter: inline format args to satisfy clippy (250a194)
       commands: resolve rule aliases in explain and rule commands (5d04351)
       use verified fix counts in summaries and correct dry-run label (cd55dc1)
VersionDeltaFile
1.20+4-4textproc/rumdl/distinfo
1.22+2-2textproc/rumdl/Makefile
1.9+0-0textproc/rumdl/cargo-depends.mk
+6-63 files

NetBSD/pkgsrc ON3hJR2doc CHANGES-2026

   doc: Updated devel/mise to 2026.4.14
VersionDeltaFile
1.2394+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc 4UkYy4Rdevel/mise distinfo cargo-depends.mk, devel/mise/patches patch-.._vendor_rattler__pty-0.2.9_src_unix_pty__process.rs

   devel/mise: update to 2026.4.14

   ## [2026.4.14](https://github.com/jdx/mise/compare/v2026.4.13..v2026.4.14) - 2026-04-15

   ### Chore

   - bump sigstore-verification by @jdx in [#9128](https://github.com/jdx/mise/pull/9128)

   ## [2026.4.13](https://github.com/jdx/mise/compare/v2026.4.12..v2026.4.13) - 2026-04-15

   ### 🐛 Bug Fixes

   - **(go)** honor install_before for module versions by @mariusvniekerk in [#9097](https://github.com/jdx/mise/pull/9097)
   - **(vfox-plugin)** support Git URL with commit hash for mise.toml by @Oyami-Srk in [#9099](https://github.com/jdx/mise/pull/9099)
   - `MISE_FETCH_REMOTE_VERSIONS_CACHE` not respected by @mcncl in [#9096](https://github.com/jdx/mise/pull/9096)

   ### 📦️ Dependency Updates

   - unblock cargo-deny advisories check by @jdx in [#9112](https://github.com/jdx/mise/pull/9112)

    [27 lines not shown]
VersionDeltaFile
1.104+80-83devel/mise/distinfo
1.103+25-26devel/mise/cargo-depends.mk
1.2+5-4devel/mise/patches/patch-.._vendor_rattler__pty-0.2.9_src_unix_pty__process.rs
1.109+2-2devel/mise/Makefile
+112-1154 files

NetBSD/pkgsrc 3c2XV3pdoc CHANGES-2026

   Updated lang/py-mypy, textproc/py-sphinx-autodoc-typehints
VersionDeltaFile
1.2393+3-1doc/CHANGES-2026
+3-11 files

NetBSD/pkgsrc CzJWhBHtextproc/py-sphinx-autodoc-typehints distinfo Makefile

   py-sphinx-autodoc-typehints: updated to 3.10.2

   3.10.2
   fix(ivar): tolerate malformed :ivar field entries
VersionDeltaFile
1.40+4-4textproc/py-sphinx-autodoc-typehints/distinfo
1.50+2-2textproc/py-sphinx-autodoc-typehints/Makefile
+6-62 files

NetBSD/pkgsrc RDknOmrlang/py-mypy distinfo Makefile

   py-mypy: updated to 1.20.1

   1.20.1

   Always disable sync in SQLite cache
   Temporarily skip few base64 tests
   Revert dict.__or__ typeshed change
   Fix narrowing for match case with variadic tuples
   Avoid narrowing type[T] in type calls
   Fix regression for catching empty tuple in except
   Fix reachability for frozenset and dict view narrowing
   Fix narrowing with chained comparison
   Avoid narrowing to unreachable at module level
   Allow dangerous identity comparisons to Any typed variables
   --warn-unused-config should not be a strict flag
VersionDeltaFile
1.63+4-4lang/py-mypy/distinfo
1.69+2-2lang/py-mypy/Makefile
+6-62 files

NetBSD/pkgsrc ZtO0IWtnet/libfetch/files common.c

   libfetch: remove HALL_POLL code again

   src/ has been fixed to not need it
VersionDeltaFile
1.38+3-43net/libfetch/files/common.c
+3-431 files

NetBSD/pkgsrc Dwi7bQgdoc CHANGES-2026

   Updated lang/nodejs24, security/vaultwarden
VersionDeltaFile
1.2392+3-1doc/CHANGES-2026
+3-11 files

NetBSD/pkgsrc quViGvmsecurity/vaultwarden distinfo Makefile

   vaultwarden: updated to 1.35.7

   1.35.7
   Fix 2FA for Android
VersionDeltaFile
1.16+4-4security/vaultwarden/distinfo
1.23+2-2security/vaultwarden/Makefile
+6-62 files

NetBSD/pkgsrc 8vcwoSSlang/nodejs24 PLIST distinfo

   nodejs24: updated to 24.15.0

   24.15.0 'Krypton' (LTS)

   Notable Changes

   - (SEMVER-MINOR) cli: add --max-heap-size option (tannal)
   - cli: add --require-module/--no-require-module (Joyee Cheung)
   - (SEMVER-MINOR) crypto: add raw key formats support to the KeyObject APIs (Filip Skokan)
   - (SEMVER-MINOR) fs: add throwIfNoEntry option for fs.stat and fs.promises.stat (Juan José)
   - (SEMVER-MINOR) http2: add http1Options for HTTP/1 fallback configuration (Amol Yadav)
   - module: mark require(esm) as stable (Joyee Cheung)
   - module: mark module compile cache as stable (Joyee Cheung)
   - (SEMVER-MINOR) net: add setTOS and getTOS to Socket (Amol Yadav)
   - (SEMVER-MINOR) sqlite: add limits property to DatabaseSync (Mert Can Altin)
   - sqlite: mark as release candidate (Matteo Collina)
   - (SEMVER-MINOR) src: add C++ support for diagnostics channels (RafaelGSS)
   - (SEMVER-MINOR) stream: rename Duplex.toWeb() type option to readableType (René)
   - test_runner: add exports option for module mocks (sangwook)

    [2 lines not shown]
VersionDeltaFile
1.5+3-33lang/nodejs24/PLIST
1.9+4-4lang/nodejs24/distinfo
1.9+2-2lang/nodejs24/Makefile
+9-393 files

NetBSD/pkgsrc NBbHocNdoc CHANGES-2026

   doc: Updated net/libfetch to 2.40nb5
VersionDeltaFile
1.2391+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc RSawSxmnet/libfetch Makefile

   libfetch: bump once more for good measure
VersionDeltaFile
1.70+2-2net/libfetch/Makefile
+2-21 files

NetBSD/pkgsrc qvNlShbnet/libfetch/files ftp.c

   libfetch: sync with src/

   different style of doing the same, less casts
VersionDeltaFile
1.55+11-14net/libfetch/files/ftp.c
+11-141 files

NetBSD/pkgsrc 3yKNJdPnet/libfetch/files http.c

   libfetch: sync with src/

   comments
VersionDeltaFile
1.48+3-3net/libfetch/files/http.c
+3-31 files

NetBSD/pkgsrc cBPLXOndoc CHANGES-2026 TODO

   Updated devel/protobuf, net/grpc, net/py-grpcio, net/py-grpcio-testing, net/py-grpcio-tools
VersionDeltaFile
1.2390+6-1doc/CHANGES-2026
1.27118+1-2doc/TODO
+7-32 files