gstreamer: update to 1.28.0
Highlights
AMD HIP plugin and integration helper library
Vulkan Video AV1 and VP9 decoding, H.264 encoding, and 10-bit support for H.265 decoder
waylandsink: Parse and set the HDR10 metadata and other color management improvements
Audio source separation element based on demucs in Rust
Analytics combiner and splitter elements plus batch meta to batch buffers from one or more streams
LiteRT inference element; move modelinfo to analytics lib; add script to help with modelinfo generation and upgrade
Add general classifier tensor-decoder, facedetector, and more analytics convenience API
New tensordecodebin element to auto-plug compatible tensor decoders based on their caps and many other additions and improvements
Add a burn-based YOLOX inference element and a YOLOX tensor decoder in Rust
applemedia: VideoToolbox VP9 and AV1 hardware-accelerated decoding support, and 10-bit HEVC encoding
Add new GIF decoder element in Rust with looping support
input-selector: implements a two-phase sinkpad switch now to avoid races when switching input pads
The inter wormhole sink and source elements gained a way to forward upstream events to the producer as well as new fine-tuning properties
webrtcsink: add renegotiation support and support for va hardware encoders
webrtc WHEP client and server signaller
[33 lines not shown]
elkulator: Initial import.
Elkulator is a freeware Acorn Electron emulator.
This package has been verified to build on SunOS, FreeBSD, NetBSD,
and Linux.
py-pdf: updated to 6.7.0
Version 6.7.0, 2026-02-08
Deprecations (DEP)
- Deprecate support for abbreviations in decode_stream_data
New Features (ENH)
- Add ability to add font resources for 14 Adobe Core fonts in text widget annotations
Bug Fixes (BUG)
- Avoid invalid load for ICCBased FlateDecode images in mode 1
Robustness (ROB)
- Fix AESV2 decryption when /Length missing in encrypt dict
- Fix merging when annotations point to NullObject
- Check for `self._info` being None in `compress_identical_objects`
py-pebble: updated to 5.2.0
5.2.0
Features:
- issue 158: set pending futures to BrokenProcessPool error
when ProcessPool internal errors occur.
Fixes:
- Cleanup resources when terminating pool's processes via SIGTERM.
postgresql-timescaledb: updated to 2.25.0
2.25.0
This release contains performance improvements and bug fixes since the 2.24.0 release. We recommend that you upgrade at the next available opportunity.
Highlighted features in TimescaleDB v2.25.0
This release features multiple improvements for continuous aggregates on the columnstore:
Faster refreshes: You can now utilize direct compress during materialized view refreshes, resulting in higher throughput and reduced I/O usage.
Efficiency: The enablement of delete optimizations significantly lowers system resource requirements.
Smaller transactions: Adjusted defaults for buckets_per_batch to 10 reduces transaction sizes, requiring less WAL holding time.
Faster queries: Smarter defaults for segmentby and orderby yield improved query performance and better compression ratio on the columnstore.
postgresql1[4-8]*: updated to 18.2, 17.8, 16.12, 15.16, and 14.21
PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21
Security Issues
CVE-2026-2003: PostgreSQL oidvector discloses a few bytes of memory
CVSS v3.1 Base Score: 4.3
Supported, Vulnerable Versions: 14 - 18.
Improper validation of type oidvector in PostgreSQL allows a database user to disclose a few bytes of server memory. We have not ruled out viability of attacks that arrange for presence of confidential information in disclosed bytes, but they seem unlikely. Versions before PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are affected.
The PostgreSQL project thanks Altan Birler for reporting this problem.
CVE-2026-2004: PostgreSQL intarray missing validation of type of input to selectivity estimator executes arbitrary code
CVSS v3.1 Base Score: 8.8
[61 lines not shown]
