openssh: update to 10.4p1.
Changes since OpenSSH 10.3
==========================
This release contains a number of security fixes as well as general
bugfixes and a couple of new features.
Security
========
* sftp(1): when downloading files on the command-line using
"sftp host:/path .", a malicious server could cause the file to
be downloaded to an unexpected location. This issue was identified
by the Swival Security Scanner.
* scp(1): when copying files between two remote destinations, do
not allow a malicious server to write files to the parent
directory of the intended target directory. This issue was
[180 lines not shown]
xournalpp: updated to 1.3.5
1.3.5
This is a new minor version of Xournal++ with bug fixes and improvements from the community.
Fixed crash when exiting after playing sound
Fixed some button-to-tools configuration issues
Fixed crash involving page background selection
Added multidevice support for X11 palm rejection
Reduced PDF cache retention for off-screen pages
Fixed moving display when selecting "Fit to Screen"
Fixed disabled "Merge layer" menu entry
Fixed a concurrency crash when using layers
Improved setting up environment on MacOS
Fixed typos in some displayed strings
Fixed "Missing background" display when missing PDF page
Bumped dependency versions on MacOS and Windows
Added Georgian translations
Updated translations
protobuf: fix build with pkgsrc gcc-10
Removing #define _POSIX_C_SOURCE 202405L is sufficient to fix the build
with pkgsrc gcc10.
This is for this bit of code:
int robust_close(int fd) {
#if defined(POSIX_CLOSE_RESTART)
return posix_close(fd, 0);
#else
return close(fd);
#endif
}
On most operating systems, posix_close doesn't exist anyway, so this code
is all irrelevant:
https://www.gnu.org/software/gnulib/manual/html_node/posix_005fclose.html
gtk-doc: updated to 1.36.1
GTK-Doc 1.36.1, 2026-04-10
- scangobj: fix compilation warnings.
- Some documentation updates.
- Translation updates.
GTK-Doc 1.36.0, 2026-03-10
GTK-Doc can no longer be built with the Autotools:
- You need to use Meson in order to build GTK-Doc.
- Note that buildsystems/autotools/ is still there for GTK-Doc integration in
projects using the Autotools.
Meson:
- Fix test-gobject-mkhtml unit test.
- A few improvements.
[5 lines not shown]
librsvg: updated to 2.62.3
Version 2.62.3
librsvg crate version 2.62.3
librsvg-rebind crate version 0.3.0
- Remove loading limits from image-rs. This means that raster
images, when embedded in SVG documents, have no limits for their
size or memory consumption. The idea, for now, is that
security-sensitive applications that use librsvg should do their own
sandboxing if they want to impose memory limits.
- Fix the logic for whether gdk-pixbuf-query-loaders should be run
during cross-compilation. Native builds can of course use it; cross
builds can use it if they can run host binaries *and* an executable
wrapper has been set *and* the target sysroot contains the
corresponding gdk-pixbuf-query-loaders executable (Ross Burton).
www/php-nextcloud: Update to 32.0.12
Tested on netbsd-10 amd64. As in recent past versions, the
click-to-update on the web fails, and the "php occ" command-line path
works. I do not believe this is a packaging issue.
Upstream NEWS content: micro update
resterm: Update to 0.44.7
Fixed
Fixed NetBSD support by updating the SQLite dependency to modernc.org/sqlite v1.53.0.
The previous SQLite dependency chain was broken on NetBSD, which could prevent Resterm from building or running correctly.
Upstream issue: https://gitlab.com/cznic/sqlite/-/work_items/246
Improved
Reworked and added back a small startup animation to the latency sparkline.
py-tibs: updated to 0.12.0
0.12.0
This is effectively the first beta before a 1.0 release. I don't plan to change
the API or add new features before the 1.0 release.
Backwardly incompatible changes
* Minimum Python version now 3.10 instead of 3.8
* Renamed the `Endianness` enum to `ByteOrder` as it's more consistent.
Added
* Added `Tibs.split_at()` and `Mutibs.split_at()` for partitioning a bit
sequence at one or more bit positions.
Fixed
* Fix LSB0 view value ordering.
dblatex: updated to 0.3.12
Release 0.3.12:
All the fixes have been provided by Petter Reinholdtsen. Thank you, Petter.
- Fix SF bug 118: fix 'nb' and 'nn' locales.
- Fix SF bug 119: use locale quotes in glossary.
- Fix SF bug 120: use locale quotes in bibliography.
- Fix SF bug 123: add 'se' locale.
- Fix SF bug 124: set default qandaset title markup in english.
geography/proj-doc: Update to 9.8.1
Upstream's pdf download is unstable (email bug report sent). There
are two problems:
- The download URL is major.minor, not major.minor.micro like
releases. The pdf is changed e.g. from 9.8.0 to 9.8.1.
- The pdf for a given version is sometimes replaced (e.g. 9.8.1
revisions of April 28 and July 3).
To work around this, the package is named for the proj version (9.8.1)
and the download URL is major.minor (9.8). If the pdf is replaced,
we'll consider that a docs revision and logically being 9.8.1.1. This
is cleaner than DISTDIR since we're making up downloaded version
numbers anyway.
yq: updated to 4.1.1
Changes for v4.1.1 (2026-07-03)
- xq: support –xml-short-empty-elements to emit self-closing elements
instead of the long form
Changes for v4.1.0 (2026-07-03)
- Implement YAML comment roundtripping
Changes for v4.0.0 (2026-07-02)
- Implement TOML comment roundtripping (tomlq -T)
- Add –width=0 for no-wrap option; –null-input as -n alias
- Force quote strings that can be parsed as integers in YAML 1.2
- Implement YAML 1.2 octals
- Prevent exception thrown when sys.stdin is None.