tex-fontools: update to 2025.77724
- generated style files use "figureversions" instead of (deprecated) "fontaxes".
- when generating math fonts (experimental!), the script and scriptscript fonts
are by default loaded at somewhat bigger size than Latex's standard 70% and
50%, for better readability.
- a few minor bug fixes and documentation updates
gpa: update to 0.11.0.
Pull upstream fix for building with latest gpgme.
Noteworthy changes in version 0.11.0 (2024-12-10)
-------------------------------------------------
* Ported to GTK 3.
* See the ChangeLog or better
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gpa.git for a list of
changes over the last 6 years.
seahorse: update to 47.0.1.
Newer changes than version 42 not documented.
seahorse 42.0
-------------
* pgp: Fix GPG version check [!197]
* desktop: Add pgp,gpg to the description [!196]
* search-provider: Don't escape result description as markup [!194]
* gkr: Network label fixes [!193]
* ssh: Fix CPU Usage Spike When Calling ssh-keygen [!136]
* desktop: Add supported mime types to .desktop file [!189]
* desktop: Mark application as adaptive [!190]
* metainfo: Align app name with .desktop name [!186]
* ui: Opt-in to color scheme user preference [!188]
* Updated translations
seahorse 41.0
-------------
[43 lines not shown]
py-Pillow: update to 12.1.1.
Security
CVE 2021-25289: Fix OOB write with invalid tile extents
Check that tile extents do not use negative x or y offsets when
decoding or encoding, and raise an error if they do, rather than
allowing an OOB write.
An out-of-bounds write may be triggered when opening a specially
crafted PSD image. This only affects Pillow >= 10.3.0. Reported by
Yarden Porat.
Other changes
Patch libavif for svt-av1 4.0 compatibility
A patch has been added to depends/install_libavif.sh, to allow
[2 lines not shown]
mk: fix bug in BUILD_INFO file
Below ${FILESDIR}, checksums were generated for all files, including
files/CVS/*. Skip */CVS/* files (since they might be in subdirs).
Update comment while here.
vaultwarden: updated to 1.35.3
1.35.3
Security Fixes
This release contains security fixes for the following advisory. We strongly advice to update as soon as possible if you believe it could affect you.
GHSA-h265-g7rm-h337 (Publication in process, waiting for CVE assignment)
This vulnerability would allow an authenticated attacker that is part of an organization to access items from collections to which the attacker does not belong.
What's Changed
Fix User API Key login
use email instead of empty name for webauhn
hide password hints via CSS
fix email as 2fa with auth requests
Update crates, web-vault, js, workflows
refactor: improve tooltips in diagnostics page
[5 lines not shown]
abseil: updated to 20260107.1
20260107.1
What's New
absl::StringResizeAndOverwrite(): A new function in absl/strings/resize_and_overwrite.h that acts as a polyfill for C++23's std::basic_string::resize_and_overwrite. This allows for efficient resizing and in-place initialization of strings, avoiding the overhead of default initialization, which is particularly useful when working with C-style APIs that write directly to a buffer.
absl::chunked_queue: A new container in absl/container/chunked_queue.h optimized for use as a FIFO (First-In, First-Out) queue.
absl::linked_hash_map and absl::linked_hash_set: New hash containers that maintain iteration order matching the insertion order. These are available in absl/container/linked_hash_map.h and absl/container/linked_hash_set.h.
absl::down_cast: Added to absl/base/casts.h. This function provides a safer way to perform downcasts in a polymorphic type hierarchy. In debug builds (or when hardened asserts are enabled), it uses dynamic_cast to verify the validity of the cast and terminates the program if the cast is invalid. In optimized builds, it uses static_cast for performance.
Breaking Changes
Mutex Deprecations: Legacy Mutex methods and MutexLock pointer constructors have been marked as deprecated. Users should migrate to the recommended APIs.
The polyfill type absl::string_view is now an alias for std::string_view in all builds. (9ebd93a)
nodejs24: updated o 24.13.1
24.13.1 'Krypton' (LTS)
Notable Changes
- build: add support for Python 3.14 (Christian Clauss)
- cli: mark --heapsnapshot-near-heap-limit as stable (Joyee Cheung)
- crypto: update root certificates to NSS 3.119 (Node.js GitHub Bot)
- doc: mark --build-snapshot and --build-snapshot-config as stable (Joyee Cheung)
- meta: add avivkeller to collaborators (Aviv Keller)
- meta: add gurgunday to collaborators (Gürgün Dayıoğlu)
- meta: add Renegade334 to collaborators (Renegade334)
- url: update ada to v3.4.2 and support unicode 17 (Yagiz Nizipli)
- v8: mark v8.queryObjects() as stable (Joyee Cheung)