BSD Commit Log Search

   update py-superqt to 0.8.1

   update ipython to 9.12.0

   Include crypto_assembly.h instead of manually ensuring _CET_ENDBR exists.

   ok kenjiro@ tb@

   Provide a crypto_assembly.h internal header.

   This will contain defines and macros that we need for assembly code,
   without polluting other headers that are primarily used for C code.

   For now, this just unconditionally provides _CET_ENDBR on amd64.

   ok kenjiro@ tb@

   Update to p5-Test-Unit-0.30.

   Update to p5-Locale-Codes-3.88.

   Update to duckdb-1.5.1.

   backport upstream fixes from 1.16.2

   update to freetds-1.5.15

   update to libiconv-1.19, from Brad (maintainer)

   libtls: const workarounds for X509_NAME in OCSP for OpenSSL 4

   The API to look up a cert by subject or issuer name clearly only needs to
   do name comparisons in a collection of certs so should by all means take a
   const X509_NAME * as an argument. However, this isn't all that easy to do
   and hence it's only in OpenSSL 4 that this obvious step was reached.

   This means that there is no way around casting for older code. One could
   cast the return value of X509_get_issuer_name() or the argument passed to
   the two lookups by subject. jsing slightly prefers the second approach,
   so this is what we do here.

   ok djm jsing kenjiro

   update to icingadb-1.5.1, from Alvar Penning (maintainer)

   libtls: simple cases of const for X509_NAME *

   After the const sprinkling in OpenSSL 1.1, X509_get_{issuer,subject}_name()
   still returned a non-const pointer for unclear reasons. In OpenSSL 4,
   the return value also grew a const qualifier, so move the two "name" in
   tls_conninfo.c and the "subject_name" in tls_verify.c to const. They are
   only used for further processing by already const correct functions (at
   least as far as X509_NAME is concerned).

   ok djm jsing kenjiro

   devel/codex: update to 0.117.0

   archivers/zpaqfranz: update to 64.7

   From maintainer tux0r

   Update to webkitgtk{41,60}-2.52.1.

   Update to awscli-1.44.68.

   Update to py3-boto3-1.42.78.

   Update to py3-botocore-1.42.78.

   Test that __pledge_open can bypass unveil.

   Update to amazon-ssm-agent-3.3.4121.0.

   Update to libspectrum-1.6.0.

   Unbreak p5-IO-Tty compilation on GCC, spotted by kmos@, thanks !

   ensure c->local_window doesn't underflow during updates;
   similar to checks performed elsewhere. From Renaud Allard

   fix base16 parsing; currently unused. From Renaud Allard

   mention that RevokedKeys is read by the server at each
   authentication time and should only ever be replaced
   atomically.

   fix potential hang if /etc/moduli doesn't contain the requested
   DH group values; from 77c9ca, ok dtucker@, markus@

   improve explanation of when it __pledge_open works

   Update to Ruby 3.3.11

   Fixes CVE-2026-27820: Buffer overflow vulnerability in Zlib::GzipReader

   One patch merged upstream.

   Drop maintainership.