chat/libomemo-c: Add support for choosing cmake
Add an if for build system, that one can easily flip in the Makefile.
The purpose is only making it easier to file upstream bug reports
about the cmake build system.
This commit changes only comments and moves meson into an enabled if,
so there is no change to the build and hence no PKGREVISION++.
geography/py-gnssutils: Update to 1.2.4
Upstream NEWS:
## What's Changed
1. Further enhancements and bug fixes to RINEX conversion routines.
1. Add support for GLONASS L1OF.
(textproc/R-readxl) Updated 1.3.1 to 1.5.0
# readxl 1.5.0
* readxl should once again compile on Alpine Linux (#775).
* `read_excel()` and friends should no longer emit a spurious "Access
is denied" warning when reading a file on a network drive and the
user doesn't have access to a parent directory (#730).
* Minimum version of cpp11 has been bumped to v0.5.5, because cpp11
v0.5.4 (and only that exact version of cpp11) causes readxl to
segfault when warning about coercion issues (#784).
# readxl 1.4.5
This release contains no user-facing changes.
It eliminates a warning seen with gcc UBSAN.
[98 lines not shown]
ap2-oauth2: actuall add version 4.2.0
A module for Apache HTTP Server 2.x that makes the Apache web server operate
as a OAuth 2.0 Resource Server, validating OAuth 2.0 access tokens and setting
headers/environment variables based on the validation results.
cyrus-sasl-oauth2-oidc: add version 1.0.2
A comprehensive SASL plugin for OAuth2 and OpenID Connect authentication,
built with liboauth2 for native OIDC support.
ap-oauth2: add version 4.2.0
A module for Apache HTTP Server 2.x that makes the Apache web server operate
as a OAuth 2.0 Resource Server, validating OAuth 2.0 access tokens and setting
headers/environment variables based on the validation results.
ap-auth-openidc: update to version 2.4.19.3
== 2.4.19.3
The 2.4.19.x versions use a backwards incompatible session format so existing sessions
(created by versions <=2.4.18.x) are invalid.
Security
* code: fix >25 cases of potential string/URL matching attacks, XSS attacks,
buffer overload etc.
* config: fix low-risk - insider admin attack based- security vulnerabilities
* log: do not log refresh tokens at warn/error levels
== 2.4.19
Features
* cookie: support individual SameSite cookie settings on the session cookie, state
cookie and Discovery CSRF cookie by adding 2 more arguments to OIDCCookieSameSite
* id_token: add off option to OIDCPassIDTokenAs so no claims from the ID token will
[96 lines not shown]
cjose: update to 0.6.2.6
0.6.2.6
* **Security fix**: AES-CBC-HMAC JWE encryption used an all-zero content-encryption key.
`_cjose_jwe_set_cek_aes_cbc` inverted the "random" flag and zero-filled the CEK instead
of generating it from `RAND_bytes`. Every JWE produced with an AES-CBC-HMAC `enc`
(A128CBC-HS256 / A192CBC-HS384 / A256CBC-HS512) combined with a non-`dir` key-management
`alg` (A128/192/256KW, RSA-OAEP, RSA1_5) was encrypted and authenticated under an
all-zero key, breaking confidentiality and integrity for those ciphertexts. The `dir`
algorithm and all AES-GCM `enc` values were not affected. Adds a regression test.
* Additional hardening from a security audit of `jwe.c` / `jwk.c` / `jws.c`:
* Fix EVP_CIPHER_CTX leak in AES-CBC content encryption on authentication-tag failure
* Avoid NULL dereference of the optional `cjose_err` in ECDH-ES key decryption
* Use a constant-time comparison for the multi-recipient CEK consistency check
* Cleanse private key material (RSA/EC/oct) on JWK import and export, and fix a leak of
the base64url buffer in EC private-key export
* Check the ephemeral-key allocation in ECDH key derivation
* Use integer arithmetic (instead of floating-point) for the base64url length check on
imported JWK fields
[32 lines not shown]
lyx: update to 2.5.1
version 2.5.1?
--------------
This release fixes a number of mostly minor bugs in 2.5.0. One important fix
concerns crashes when exiting LyX on OSX, specifically when documents are still
open. We have also fixed a handful of bugs with the new input method support.
version 2.5.0?
--------------
The new features in LyX 2.5 are detailed in
https://wiki.lyx.org/LyX/NewInLyX25
The major changes include:
* Update the cross-referencing framework to allow additional backends
(e.g., zref and cleverref) and to allow range references (e.g., sections
[69 lines not shown]
texstudio: update to 4.9.5
TeXstudio 4.9.5
* fix crash when setting explicit root doc
* improve handling collaboration with teamtype
* workaround win11 style, invisible red background when text not found in searchpanel
* keep folder structure of imported macros if more than one macro is imported
* highlight more tex symbol as keyword
* fix addresource bibfile when using citation-style-language
TeXstudio 4.9.4
* disable AI wizard by default
* enable LLM to use tool functions to access the current document. This allows LLM
to manipulate the document directly. This can be disabled.
* fix losing cursor position when view width changes (soft wrap)
* fix file detection in TOC when creating new file from include/input
* improve loading speed with large projects
* add find definitions on multiple defined labels
* improve information when loading log is rejected because of size
[294 lines not shown]
texworks: update to 0.6.11
Release 0.6.11 (TL'26) [February 2026]
* Add additional cleanup patterns for LaTeXmk, biblatex, minitoc
* List dictionary folders in the "Settings & Resources" dialog
* Include prefix in selection if at the beginning of a line
* Properly report version info in Windows installer
* Make spell checker backend accept multiple languages
* Update translations
* Switch to build with Qt6 by default
* Refactor and modernize parts of the code
* Update URLs
* Enlarge drawing rect to avoid artifacts in the PDF preview
* Fix magnifier shadow position when ruler is shown
* Correctly detect PDF 2.x
* Fix Scripts menu for nested folders
* Fix error handling of QSaveFile::commit
[23 lines not shown]
www/chromium: update to 149.0.7827.114
* 149.0.7827.114
This update includes 28 security fixes. Below, we highlight fixes
that were contributed by external researchers.
Please see the Chrome Security Page for more information.
* 149.0.7827.102
This update includes 74 security fixes. Below, we highlight fixes
that were contributed by external researchers.
Please see the Chrome Security Page for more information.
esbuild: update to 0.28.1
- Disallow \ in local development server HTTP requests (GHSA-g7r4-m6w7-qqqr)
- Add integrity checks to the Deno API (GHSA-gv7w-rqvm-qjhr)
- Avoid inlining using and await using declarations (#4482)
- Fix module evaluation when an error is thrown (#4461, #4467)
- Fix some edge cases around the new operator (#4477)
- Fix renaming of nested var declarations (#4471)
- Emit var instead of const for certain TypeScript-only constructs for ES5 (#4448)
py-python-discovery: updated to 1.4.2
Bug fixes - 1.4.2
- Stop executable symlink resolution once the stdlib landmark is reachable and keep macOS framework builds untouched,
matching ``getpath`` - Homebrew interpreters no longer get version-pinned ``Cellar`` paths recorded and stable
aliases such as Debian's ``/usr/bin/python3`` are preserved
Bug fixes - 1.4.1
- Resolve executable-only symlinks when computing ``system_executable``, mirroring CPython's ``getpath.realpath``
(python/cpython115237): a symlink to the interpreter binary now resolves to the real interpreter, while a fully
symlinked interpreter tree is kept as-is