BSD Commit Log Search

   Update for tickets 6950, 6951

   Pullup ticket #6951 - requested by schmonz
   www/ikiwiki: Runtime fix

   Revisions pulled up:
   - www/ikiwiki/Makefile                                          1.185

   ---
      Module Name:      pkgsrc
      Committed By:     schmonz
      Date:             Sun Mar 30 16:49:20 UTC 2025
      Modified Files:
        pkgsrc/www/ikiwiki: Makefile
      Log Message:
      ikiwiki: add missing DEPENDS to fix aggregator error:
          $ ikiwiki --setup ikiwiki.setup --aggregate --refresh --verbose
          Can't locate IO/Socket/SSL.pm in @INC
          Attempt to reload LWPx/Protocol/https_paranoid.pm aborted.
      Bump PKGREVISION.

   Pullup ticket #6950 - requested by schmonz
   sysutils/sandboxctl: Runtime fix for older NetBSD

   Revisions pulled up:
   - sysutils/sandboxctl/Makefile                                  1.6
   - sysutils/sandboxctl/distinfo                                  1.7
   - sysutils/sandboxctl/patches/patch-modules_netbsd__release.subr 1.2

   ---
      Module Name:    pkgsrc
      Committed By:   schmonz
      Date:           Sun Mar 30 16:23:58 UTC 2025

      Modified Files:
              pkgsrc/sysutils/sandboxctl: Makefile distinfo
              pkgsrc/sysutils/sandboxctl/patches: patch-modules_netbsd__release.subr

      Log Message:
      sandboxctl: don't fail when certctl is not present. Bump PKGREVISION.

    [2 lines not shown]

   Update for ticket #6952

   Pullup ticket #6952 - requested by bsiegert
   lang/go123: Security fix
   lang/go124: Security fix

   Revisions pulled up:
   - lang/go/version.mk                                            1.229
   - lang/go123/PLIST                                              1.8
   - lang/go123/distinfo                                           1.10
   - lang/go124/PLIST                                              1.3
   - lang/go124/distinfo                                           1.3

   ---
      Module Name:    pkgsrc
      Committed By:   bsiegert
      Date:           Tue Apr  1 17:44:25 UTC 2025

      Modified Files:
              pkgsrc/lang/go: version.mk
              pkgsrc/lang/go123: PLIST distinfo

    [23 lines not shown]

   www/hiawatha: Update enclosed mbedtls to v3.6.3

   Mbed-TLS 3.6.3 Release Notes

   Default behavior changes

       In TLS clients, if mbedtls_ssl_set_hostname() has not been called,
       mbedtls_ssl_handshake() now fails with
       MBEDTLS_ERR_SSL_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME
       if certificate-based authentication of the server is attempted.
       This is because authenticating a server without knowing what name
       to expect is usually insecure. To restore the old behavior, either
       call mbedtls_ssl_set_hostname() with NULL as the hostname, or
       enable the new compile-time option
       MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME.

   Features

       Added new configuration option MBEDTLS_PSA_STATIC_KEY_SLOTS, which

    [70 lines not shown]

   Remove stray "<" at start of line

   doc: Updated sysutils/node_exporter to 1.9.1

   node_exporter: update to 1.9.1

   1.9.1

   [BUGFIX] pressure: Fix missing IRQ on older kernels
   [BUGFIX] Fix Darwin memory leak

   1.9.0

   [CHANGE] meminfo: Convert linux implementation to use procfs lib
   [CHANGE] Update logging to use Go log/slog
   [FEATURE] filesystem: Add node_filesystem_mount_info metric
   [FEATURE] btrfs: Add metrics for commit statistics
   [FEATURE] interrupts: Add collector include/exclude filtering
   [FEATURE] interrupts: Add "exclude zeros" filtering
   [FEATURE] slabinfo: Add filters for slab name.
   [FEATURE] pressure: add IRQ PSI metrics
   [FEATURE] hwmon: Add include and exclude filter for sensors
   [FEATURE] filesystem: Add NetBSD support

    [19 lines not shown]

   Removed go119 and go121

   go119, go121: remove

   go124 is the current version. go123 is still supported.

   To build go124 from source, the chain is
   go14 - go118 - go120 - go122 - go124

   Thus, nothing needs go119 and go121.

   agreed by maya@ on tech-pkg

   doc: Updated lang/go124 to 1.24.2

   Update go123 to 1.23.8 and go124 to 1.24.2

   These minor releases include 1 security fixes following the security policy:

   -   net/http: request smuggling through invalid chunked data

       The net/http package accepted data in the chunked transfer encoding
       containing an invalid chunk-size line terminated by a bare LF.
       When used in conjunction with a server or proxy which incorrectly
       interprets a bare LF in a chunk extension as part of the extension,
       this could permit request smuggling.

       The net/http package now rejects chunk-size lines containing a bare LF.

       Thanks to Jeppe Bonde Weikop for reporting this issue.

       This is CVE-2025-22871 and Go issue https://go.dev/issue/71988.

   View the release notes for more information.

   wireguard-go: Fix HOMEPAGE

   Use the about page of this software implementation, rather than the
   generic wireguard homepage.

   Add p5-Data-ULID 1.3

   This is an implementation in Perl of the ULID identifier type
   introduced by Alizain Feerasta. The original implementation (in
   Javascript) can be found at https://github.com/alizain/ulid.

   ULIDs have several advantages over UUIDs in many contexts. The
   advantages include:

   - Lexicographically sortable
   - The canonical representation is shorter than UUID (26 vs 36
     characters)
   - Case insensitve and safely chunkable.
   - URL-safe
   - Timestamp can always be easily extracted if so desired.
   - Limited compatibility with UUIDs, since both are 128-bit formats.
     Some conversion back and forth is possible.

   Add security/p5-Bytes-Random-Secure-Tiny 1.011

   Bytes::Random::Secure::Tiny provides random bytes from a
   cryptographically secure random number generator (ISAAC), seeded
   from strong entropy sources on a wide variety of platforms. It does
   so without external dependencies (except on Windows), and has a
   minimal but useful user interface patterned after the module
   Bytes::Random::Secure.

   Updated security/cargo-audit, devel/protobuf-language-server

   protobuf-language-server: updated to 0.1.1

   0.1.1
   go mod tidy

   cargo-audit: updated to 0.21.2

   0.21.2 (2025-02-28)

   Fixed
   - Upgraded to `rustsec` v0.30.2 to fix an incompatibility with Rust v1.85 and later

   Updated devel/SDL2, audio/fluidsynth

   fluidsynth: updated to 2.4.4

   2.4.4

   Support for SDL3 has been added, support for SDL2 has been deprecated
   Soundfonts that are not respecting the 46 zero-sample padding-space previously sounded incorrect when
   synth.dynamic-sample-loading was active
   Allow drum channels to profit from Soundfont Bank Offsets by no longer ignoring MSB Bank changes
   Revise the preset fallback logic for drum channels
   A regression introduced in 2.4.1 may have caused interrupted real-time playback when voices were using the lowpass filter
   Improve multi-user experience when running fluidsynth as systemd service
   Fix ordering and dependencies of fluidsynth's systemd service
   Revise fluidsynth's man page

   SDL2: updated to 2.32.4

   2.32.4

   This is a stable bugfix release, with the following changes:

   Fixed controller GUIDs changing randomly on Windows
   Fixed detecting PlayStation controller sensors on Linux when HIDAPI isn't being used
   Fixed a crash enumerating some input devices

   Updated devel/py-rpds-py, misc/py-platformdirs

   py-platformdirs: updated to 4.3.7

   4.3.7
   Chunk dependabot updates into a single PR
   Drop support for EOL Python 3.8

   py-rpds-py: updated to 0.24.0

   0.24.0
   replace quansight-labs/setup-python with actions/setup-python
   noxfile: mark pypy 3.11 as supported

   Updated devel/py-typing-extensions, net/py-unearth

   py-unearth: updated to 0.17.3

   0.17.3

   Bug Fixes

   Update contributing guidelines for rebase branch
   Best match should be a pre-release if that's all the index has
   Use stdlib Path <-> URL conversions

   py-typing-extensions: updated to 4.13.0

   Release 4.13.0 (March 25, 2025)

   No user-facing changes since 4.13.0rc1.

   Release 4.13.0rc1 (March 18, 2025)

   New features:

   - Add `typing_extensions.TypeForm` from PEP 747. Patch by
     Jelle Zijlstra.
   - Add `typing_extensions.get_annotations`, a backport of
     `inspect.get_annotations` that adds features specified
     by PEP 649. Patches by Jelle Zijlstra and Alex Waygood.
   - Backport `evaluate_forward_ref` from CPython PR

   Bugfixes and changed features:


    [35 lines not shown]

   Updated textproc/py-orjson, devel/py-cattrs

   py-cattrs: updated to 24.1.3

   24.1.3 (2025-03-25)
   - Fix structuring of keyword-only dataclass fields when not using detailed validation.