p5-Mojo-JWT: update to 1.02.
1.02 2026-06-03
- This release contains fixes for security issues, everybody should upgrade!
- Improved security of decode to prevent timing side-channel attacks in symmetric signatures
1.01 2024-10-15
- Fix non-portable test
1.00 2024-10-15
- Use CryptX (libtomcrypt) for all cryptographic functions
- Crypt::OpenSSL input is still accepted but converted in-use
gstreamer1: updated to 1.28.5
1.28.5
Highlighted bugfixes:
Various security fixes and playback fixes
Fix subtitles cause green flickering with VA decoders on AMD GPUs
core: Fix sticky event raciness when pads are linked mid-push
appsrc: Uniformly handle EOS events being pushed
audio-resampler-neon fails to build for targets with neon but without thumb
avtp: Correct ptime generation from avtp timestamp
fmp4mux: Various fixes for splitting at fragment boundaries
gldownload: fix wrong DRM format negotiation causing R/B channel swap
gdkpixbufdec: Drop rank to NONE and handle resolution/format changes
gopbuffer: add support for H.266/VVC
h265decoder: Fix HEVC with alpha decoding
mp4mux: fix AC-3 template caps so muxer can accept input from ac3parse
mpegtsmux: Always assign PTS to output buffers in CBR mode
[8 lines not shown]
py-acme py-certbot*: updated to 5.7.0
5.7.0 - 2026-07-07
Fixed
- Fixed nginx configuration parsing when comments appear between tokens of a multi-line directive.
libtorrent rtorrent: updated to 0.16.18
0.16.18
Encryption settings have changed to be easier to use, and changing listen or DHT ports can be done while rtorrent is running.
nsis: updated to 3.12
3.12
Security
Don't use the Low IL temp directory when elevated
This stops a possible privilege escalation for installers running as SYSTEM.
Minor Changes
Added StartsWith[S], EndsWith[S], Contains[S], IsLowerCase and IsUpperCase LogicLib operators.
Build System
Support Python older than 3.6 again
Preliminary ARM64 support in makensis.nsi
ansible: updated to 14.2.0
14.2.0
Major Changes
splunk.es
- ci - integration tests now run against both Splunk Server 9.4 and 10.4 with Enterprise Security (ES), providing full coverage across supported major versions and catching regressions against real Splunk ES instances.
roundup: updated to 2.6.0
2.6.0
Fix for missing CSRF protection for PATCH method
Filter history entries where permissions are handled by check function
Modern CSRF prevention method without CSRF tokens available
Require reauthentication when making changes to sensitive fields
Classic UI interface modernization.
py-dulwich: updated to 1.2.11
1.2.11 2026-07-16
* Let porcelain functions that consult the environment take an ``env``
argument overriding ``os.environ``. As a side effect ``tag_create`` now
honours ``GIT_COMMITTER_NAME``/``GIT_COMMITTER_EMAIL`` for the tagger line
and ``merge``/``revert`` honour ``GIT_AUTHOR_NAME``/``GIT_AUTHOR_EMAIL``,
matching git. (Jelmer Vernooij)
* Honour the ``core.worktree`` configuration option, so the working tree can
live somewhere other than the parent of the control directory. Relative
paths are resolved against the control directory, and ``core.bare`` and
``core.worktree`` are now rejected as incompatible. (Jelmer Vernooij)
* Clear ``core.bare`` when setting up a submodule's working tree.
``submodule_update`` cloned the submodule bare and then set
``core.worktree`` on it, leaving a configuration git considers invalid.
(Jelmer Vernooij)
[61 lines not shown]
py-ruff: updated to 0.15.22
0.15.22
Preview features
[pycodestyle] Add an autofix for E402
[refurb] Allow subclassing builtins in stub files (FURB189)
[ruff] Add rule to replace noqa comments with ruff:ignore (RUF105)
[ruff] Add rule to use human-readable names in ruff:ignore comments (RUF106)
[ruff] Add rule to use human-readable names in configuration selectors (RUF201)
Bug fixes
[flake8-pyi] Fix false positive in __all__ (PYI053)
Rule changes
[pylint] Ignore mutable type updates in redefined-loop-name (PLW2901)
[14 lines not shown]