NetBSD/pkgsrc k3RZwJddoc pkg-vulnerabilities

   CVE-2025-49809: not relevant on pkgsrc

   We install mtr-packet setuid root (as opposed to providing sudo rules like Homebrew).

   Ref: https://github.com/traviscross/mtr/commit/5226f105f087c29d3cfad9f28000e7536af91ac6
VersionDeltaFile
1.464+2-2doc/pkg-vulnerabilities
+2-21 files

NetBSD/pkgsrc MiaRf6Ndoc CHANGES-2025

   doc: Updated net/py-cares to 4.9.0
VersionDeltaFile
1.4246+2-1doc/CHANGES-2025
+2-11 files

NetBSD/pkgsrc 6GzMxPenet/py-cares distinfo Makefile

   py-cares: Update to 4.9.0

   What's Changed (4.9.0)

   - Create dependabot configuration by @bdraco in #226
   - build(deps): bump pypa/cibuildwheel from 2.22.0 to 2.23.3 by @dependabot in #227
   - Pin Python version to 3.13.3 to avoid Windows build error by @saghul in #235
   - Fix shutdown race by @bdraco in #236
   - Add support for windows arm64 by @finnagin in #233

   What's Changed (4.8.0)

   - Cancel previous CI jobs on pull request update by @bdraco in #222
   - Update bundled c-ares to v1.34.5 by @bdraco in #221
   - Add ARES_FLAG_NO_DFLT_SVR and ARES_FLAG_EDNS to API by @bdraco in #224

   What's Changed (4.7.0)

   - Update c-ares to 1.29.0 to add reinit support to Channel by @bdraco in #219

    [12 lines not shown]
VersionDeltaFile
1.11+4-4net/py-cares/distinfo
1.15+2-3net/py-cares/Makefile
1.7+2-1net/py-cares/PLIST
+8-83 files

NetBSD/pkgsrc 9t4yrQIdoc CHANGES-2025

   doc: Updated security/liboqs to 0.14.0
VersionDeltaFile
1.4245+2-1doc/CHANGES-2025
+2-11 files

NetBSD/pkgsrc 1WUL6ussecurity/liboqs distinfo Makefile

   liboqs: Update to 0.14.0

   Release notes

      This is version 0.14.0 of liboqs. It was released on July 10, 2025.

      This release contains a security fix for secret-dependent branching in
      HQC. It introduces support for SNOVA, a NIST Additional Signatures
      Round 2 candidate, and a new optimized implementation of SHA3 using
      AVX-512VL instructions. Additionally, this is the first liboqs release
      to include the stable 1.0.0 version of PQ Code Package's
      mlkem-native.

      This release also introduces a number of improvements to testing and
      infrastructure. The OQS project is now publishing benchmarking data on
      https://openquantumsafe.org/benchmarking and code coverage data on
      https://coveralls.io/github/open-quantum-safe/liboqs.

   Deprecation notice

    [36 lines not shown]
VersionDeltaFile
1.5+4-4security/liboqs/distinfo
1.7+2-2security/liboqs/Makefile
1.5+2-1security/liboqs/PLIST
+8-73 files

NetBSD/pkgsrc NjRObEddoc pkg-vulnerabilities

   pkg-vulnerabilities: add recent CVEs

   + guacamole-server, hdf5 (reported and triaged upstream, no fixes),
     liboqs, libsoup (not fixed, being analyzed upstream), libssh,
     LuaJIT2, mbedtls, mediawiki, mongodb, mtr, pandoc,
     plan9port, qt6-qtbase, redis
VersionDeltaFile
1.463+32-1doc/pkg-vulnerabilities
+32-11 files

NetBSD/pkgsrc 9a6V5W4doc pkg-vulnerabilities

   pkg-vulnerabilities: add recent CVEs

   + ap-modsecurity, apache, chromium, cpp-httplib, djvulibre, dpkg,
     gdk-pixbuf2 (fixed upstream, no stable release with fix),
     git-base, gnutls, gstreamer,
     gtar (unclear if reported and fixed upstream)
VersionDeltaFile
1.462+20-1doc/pkg-vulnerabilities
+20-11 files

NetBSD/pkgsrc HQ9Y6rYdoc CHANGES-2025

   doc: Updated geography/gdal-lib to 3.11.3
VersionDeltaFile
1.4244+3-1doc/CHANGES-2025
+3-11 files

NetBSD/pkgsrc 29fUBDMgeography/gdal-lib distinfo Makefile.common

   geography/gdal*: Update to 3.11.3

   Upstream NEWS: 1 bugfix for regression in 3.11.1
VersionDeltaFile
1.75+4-4geography/gdal-lib/distinfo
1.38+2-2geography/gdal-lib/Makefile.common
+6-62 files

NetBSD/pkgsrc YZp2NMadoc CHANGES-2025

   Updated textproc/po4a, devel/mold
VersionDeltaFile
1.4243+3-1doc/CHANGES-2025
+3-11 files

NetBSD/pkgsrc GK9QAEndevel/mold distinfo Makefile

   mold: updated to 2.40.2

   2.40.2

   Bug Fixes and Compatibility Improvements

   Fixed an issue where mold failed with a "too many open files" error when linking a very large program with LTO using Clang. (1956ae6)
   [RISC-V] Fixed an issue in which mold failed to report a relocation overflow error. (52c698d)
   [ARM64] mold can now create range extension thunks with displacements greater than 2^32 bytes.
VersionDeltaFile
1.42+4-4devel/mold/distinfo
1.49+2-2devel/mold/Makefile
+6-62 files

NetBSD/pkgsrc jgQIIlmtextproc/po4a distinfo Makefile, textproc/po4a/patches patch-Po4aBuilder.pm

   po4a: updated to 0.74

   0.74

   General:
    * Fix a failure with Perl 5.40.
    * Add --target-lang option to po4a
    * Include bash_completion files
      Copy the share/bash-completion/completions/ files under /usr to use them.
VersionDeltaFile
1.13+22-22textproc/po4a/patches/patch-Po4aBuilder.pm
1.37+5-5textproc/po4a/distinfo
1.76+2-3textproc/po4a/Makefile
+29-303 files

NetBSD/pkgsrc OwXOYNgdoc CHANGES-2025

   doc: Updated net/mosquitto to 2.0.22
VersionDeltaFile
1.4242+2-1doc/CHANGES-2025
+2-11 files

NetBSD/pkgsrc ikyTls5net/mosquitto distinfo Makefile, net/mosquitto/patches patch-lib_CMakeLists.txt

   net/mosquitto: Update to 2.0.22

   Upstream NEWS: bugfixes
VersionDeltaFile
1.39+5-5net/mosquitto/distinfo
1.4+4-4net/mosquitto/patches/patch-lib_CMakeLists.txt
1.43+2-3net/mosquitto/Makefile
+11-123 files

NetBSD/pkgsrc Im5azuRdoc pkg-vulnerabilities

   doc: separate out two of the libxslt vulnerabilities

   those got their own CVEs now
VersionDeltaFile
1.461+3-1doc/pkg-vulnerabilities
+3-11 files

NetBSD/pkgsrc d5CGUw4doc pkg-vulnerabilities

   doc: add poppler vulnerability
VersionDeltaFile
1.460+2-1doc/pkg-vulnerabilities
+2-11 files

NetBSD/pkgsrc apulixCdoc CHANGES-2025

   doc: Updated net/s6-networking to 2.7.1.0nb2
VersionDeltaFile
1.4241+2-1doc/CHANGES-2025
+2-11 files

NetBSD/pkgsrc JMNxSbVnet/s6-networking options.mk Makefile, net/s6-networking/files s6-pkgsrc-cadir.sh

   s6-networking: change default options. Bump PKGREVISION.

   Instead of BearSSL, link with OpenSSL by default. The 'bearssl' option
   is still present and 'libressl' is now available too.

   Remove the transitional 'tls' option mapping.

   While here, remove s6-pkgsrc-cadir. pkgsrc doesn't have a clear
   library-independent notion of its "SSL cert directory", so we can't
   helpfully tell clients (or servers that want to validate client certs)
   where to find it.
VersionDeltaFile
1.10+14-21net/s6-networking/options.mk
1.26+2-2net/s6-networking/Makefile
1.14+1-2net/s6-networking/PLIST
1.5+1-1net/s6-networking/hacks.mk
1.3+0-0net/s6-networking/files/s6-pkgsrc-cadir.sh
+18-265 files

NetBSD/pkgsrc nt5dTPDdoc CHANGES-2025

   doc: Updated audio/kew to 3.4.0
VersionDeltaFile
1.4240+2-1doc/CHANGES-2025
+2-11 files

NetBSD/pkgsrc QYPyvOmaudio/kew distinfo Makefile

   kew: update to 3.4.0

   - Landscape View (horizontal layout)
   - Added ability to switch views by using the mouse
   - Added ability to drag the progress bar using the mouse
   - Faster loading of library cache from file
   - Show the actual keys bound to different views on the last row on
     macOS and show Shift+key instead of Sh+key for clarity
   - Added an indicator when the library is being updated
   - Now (optionally) sets the currently playing track as the window
     title
   - Added back the special playlist, but renamed as the kew favorites
     playlist
   - Don't strip numbers from titles when presenting the actual title
     taken from metadata
   - Reset clock when resuming playback when stopped
   - Better way of checking for embedded opus covers, some covers
     weren't detected
   - Better way of extracting ogg vorbis covers

    [2 lines not shown]
VersionDeltaFile
1.10+4-4audio/kew/distinfo
1.12+2-2audio/kew/Makefile
+6-62 files

NetBSD/pkgsrc noGSpsEsysutils/restic Makefile distinfo, sysutils/restic/patches patch-internal_fs_node__xattr.go

   sysutils/restic: Apply an upstream patch to fix errors on filesystems that doesn't support xattrs on NetBSD
VersionDeltaFile
1.1+21-0sysutils/restic/patches/patch-internal_fs_node__xattr.go
1.63+2-2sysutils/restic/Makefile
1.18+2-1sysutils/restic/distinfo
+25-33 files

NetBSD/pkgsrc h7GraWFdevel/gprbuild buildlink3.mk

   fix lint warn, remove unnecessary var setting
VersionDeltaFile
1.6+2-6devel/gprbuild/buildlink3.mk
+2-61 files

NetBSD/pkgsrc rRP7Wu5doc CHANGES-2025

   doc: Added databases/ada-gnatcoll-db-25 version 25.0.0
VersionDeltaFile
1.4239+2-1doc/CHANGES-2025
+2-11 files

NetBSD/pkgsrc iPoEXDVdoc CHANGES-2025

   doc: Removed fonts/lanna-io
   doc: Added fonts/thai-font-collection version 1.02
VersionDeltaFile
1.4238+3-1doc/CHANGES-2025
+3-11 files

NetBSD/pkgsrc 6wfpNuedatabases/ada-gnatcoll-db-25 PLIST Makefile, databases/ada-gnatcoll-db-25/patches patch-Makefile patch-postgres_Makefile

   databases/ada-gnatcoll-db-25: Add new package 25.0.0

   The GNAT Components Collection (GNATcoll) - Database packages, release 25
VersionDeltaFile
1.1+152-0databases/ada-gnatcoll-db-25/PLIST
1.1+111-0databases/ada-gnatcoll-db-25/patches/patch-Makefile
1.1+68-0databases/ada-gnatcoll-db-25/Makefile
1.1+63-0databases/ada-gnatcoll-db-25/options.mk
1.1+31-0databases/ada-gnatcoll-db-25/patches/patch-postgres_Makefile
1.1+31-0databases/ada-gnatcoll-db-25/patches/patch-xref_Makefile
+456-016 files not shown
+762-122 files

NetBSD/pkgsrc XGk9916fonts Makefile, fonts/lanna-io distinfo

   - Move fonts/lanna-io (20220607) to fonts/thai-font-collection (1.02).
     These are actually equivalent versions.
   - Update homepage and repository from github to codeberg
   - Install fonts to own directory (not shared TTF/) to avoid collisions
     with other font packages (e.g. noto-ttf)
VersionDeltaFile
1.1+425-0fonts/thai-font-collection/PLIST
1.1+33-0fonts/thai-font-collection/Makefile
1.1+8-0fonts/thai-font-collection/DESCR
1.1+5-0fonts/thai-font-collection/distinfo
1.444+2-2fonts/Makefile
1.6+1-1fonts/lanna-io/distinfo
+474-33 files not shown
+476-59 files

NetBSD/pkgsrc TWRxeshdoc CHANGES-2025

   doc: Updated geography/py-gdal to 3.11.2
VersionDeltaFile
1.4237+3-1doc/CHANGES-2025
+3-11 files

NetBSD/pkgsrc bPDR2yfgeography/gdal-lib Makefile.common distinfo, geography/py-gdal Makefile

   geography/gdal*: Update to 3.11.2

   packaging changes: make PLIST more resilient to testing RCs by using
   variables that match what is produced.  (These changes are not
   important for releases and do not affect the resulting package.)

   Upstream NEWS: GDAL 3.11.2 is a bugfix release.
   [there are 87 lines of descriptions of bugfixes!]
VersionDeltaFile
1.37+5-3geography/gdal-lib/Makefile.common
1.74+4-4geography/gdal-lib/distinfo
1.30+2-2geography/gdal-lib/PLIST
1.89+2-1geography/py-gdal/Makefile
+13-104 files

NetBSD/pkgsrc ef4KZHudevel/ada-gnatcoll-core-25 Makefile

   fix incorrect dependency package id
VersionDeltaFile
1.2+2-2devel/ada-gnatcoll-core-25/Makefile
+2-21 files

NetBSD/pkgsrc JM4mCEwdoc CHANGES-2025

   doc: Added devel/ada-gnatcoll-bindings-25 version 25.0.0
VersionDeltaFile
1.4236+2-1doc/CHANGES-2025
+2-11 files