Bring the mbedtls replacement mechanism up to date, just in case it
is needed.
Upstream has fiddled with the git release tags, update the
distribution tarball hashes.
gtk-gnutella: updated to 1.3.1
1.3.1
Bug Fixes
[GTK2] Removed "clock" icon in status bar, a left-over of the 1.3.0 edits.
Was sometimes crashing at startup due to a bug in logfilter.
Forgot an include of "mempcpy.h", causing compilation error on MacOs.
Fixed compilation error on arm64.
1.3.0
Improvements
Removed expiration date: this version will now run forever.
Under the Hood
[2 lines not shown]
www/chromium: update to 146.0.7680.75
* 146.0.7680.75
This update includes 2 security fixes. Please see the
Chrome Security Page for more information.
[N/A][491421267] High CVE-2026-3909: Out of bounds write in Skia.
Reported by Google on 2026-03-10
[N/A][491410818] High CVE-2026-3910: Inappropriate implementation
in V8. Reported by Google on 2026-03-10
Google is aware that exploits for both CVE-2026-3909 & CVE-2026-3910
exist in the wild.
* 146.0.7680.71
This update includes 29 security fixes. Please see the
Chrome Security Page for more information.
[$33000][483445078] Critical CVE-2026-3913: Heap buffer overflow
[62 lines not shown]
audio/fasttracker2: Update to 2.11
Changes since 2.10
v2.11 - 09.03.2026
- Fixed: When loading stereo AIFF/WAV samples, the last sample point would not
be read correctly when either reading the right channel or downmixing to mono.
Update version of external mbedtls to v4
Build option does not currently work, because the security/mbedtls4
package does not enable MBEDTLS_THREADING_PTHREAD and
MBEDTLS_THREADING_C.
www/hiawatha -- update to v12.0
From upstream's changelog:
hiawatha (12.0) stable; urgency=low
mbed TLS updated to 4.0.0. Thanks to Heiko Zimmermann.
Replaced strcpy() with strlcpy() and sprintf() with snprintf().
Thanks to Heiko Zimmermann.
Added OS sandbox. Credits to Heiko Zimmermann.
Removed DHsize option.
Known bug: mbed TLS v4.0.0 doesn't compile in Cygwin, so
building a Windows package is not possible.
ruby-addressable: update to 2.8.9
Upstream changes:
https://github.com/sporkmonger/addressable/blob/addressable-2.8.9/CHANGELOG.md
Addressable 2.8.9
* Reduce gem size by excluding test files (#569)
* No need for bundler as development dependency (#571, 5fc1d93)
* idna/pure: stop building the useless COMPOSITION_TABLE (removes the
Addressable::IDNA::COMPOSITION_TABLE constant) (#564)
Update sysutils/intel-microcode-netbsd to 20260210-rev1
### Purpose
- Updated security updates for INTEL-SA-01083 originally published on
Aug 13, 2024
- Security updates for INTEL-SA-01396
- Update for functional issues. Refer to 10th Gen Intel Core Processor Families
Specification Update for details.
- Update for functional issues. Refer to 11th Gen Intel Core Processor
Specification Update for details.
- Update for functional issues. Refer to 12th Generation Intel Core Processor
Family for details.
- Update for functional issues. Refer to 13th Generation Intel Core Processor
Specification Update for details.
- Update for functional issues. Refer to 13th/14th Gen Intel Core Processor
Specification Update for details.
- Update for functional issues. Refer to 3rd Generation Intel Xeon Processor
Scalable Family Specification Update for details.
- Update for functional issues. Refer to 4th Gen Intel Xeon Scalable Processors
[59 lines not shown]
py-nose2: updated to 0.16.0
0.16.0 (2026-03-01)
Added
* Added official support for Python 3.14.
Changed
* ``nose2`` now explicitly uses a multiprocessing context for the ``mp`` plugin,
which ensures that it is isolated from any multiprocessing settings used by
applications under test. This ensures that the ``fork`` start method is always
used on POSIX systems. ``spawn`` is used on Windows. Thanks
:user:`JimmyDurandWesolowski` and :user:`airtower-luna`!
Deprecated
* The ``coverage`` plugin is now deprecated, and is no longer tested on newer
[5 lines not shown]
py-simpleeval: updated to 1.0.5
1.0.5
Fixes Security issues with "dangerous" modules & functions leaking through as attributes of other names, see:
GHSA-44vg-5wv2-h2hg
