BSD Commit Log Search

   doc: Updated www/chromium to 145.0.7632.116

   www/chromium: update to 145.0.7632.116

   * 145.0.7632.116
   This update includes 3 security fixes. Please see the
   Chrome Security Page for more information.
   [TBD][482862710] High CVE-2026-3061: Out of bounds read in Media.
   Reported by Luke Francis on 2026-02-09
   [TBD][483751167] High CVE-2026-3062: Out of bounds read and write
   in Tint. Reported by cinzinga on 2026-02-11
   [TBD][485287859] High CVE-2026-3063: Inappropriate implementation
   in DevTools. Reported by M. Fauzan Wijaya (Gh05t666nero) on 2026-02-17

   doc: Updated www/esbuild to 0.27.3

   www/esbuild: update to 0.27.3

   * 0.27.3
   Preserve URL fragments in data URLs
   Parse and print CSS @scope rules
   Fix a minification bug with lowering of for await
   Update the Go compiler from v1.25.5 to v1.25.7

   * 0.27.2
   Allow import path specifiers starting with #/
   Automatically add the -webkit-mask prefix
   Additional minification of switch statements
   Forbid using declarations inside switch clauses

   * 0.27.1
   Fix bundler bug with var nested inside if
   Fix minifier bug with for inside try inside label
   Inline IIFEs containing a single expression
   The minifier now strips empty finally clauses

    [23 lines not shown]

   Updated www/py-jupyterlab, www/py-notebook, print/py-octoprint

   py-octoprint: updated to 1.11.7

   1.11.7

   Bug fixes

   Core

   * Add custom parser for User Agent under Prusa Slicer's webview, fixing an UI loading error
   * Use the right capability for registering active position autoreporting
   * Fix checkboxes not showing for unrendered timelapses
   * Fix response behaviour on missing subgroups on access management API
   * Don't send session cookies if login mechanism is apikey
   * Correctly convert timezone in Last-Modified

   CLI

   * Fix help & generated output for octoprint user {activate|deactivate}


    [3 lines not shown]

   py-notebook: updated to 7.5.4

   7.5.4
   Bug fixes

   py-jupyterlab: updated to 4.5.5

   4.5.5

   Bugs fixed

   Fix theme settings broken in non-English locales
   Fix comms subshell resource management on disposal and when changing settings
   Upgrade @codemirror/view, fixing slow selection when line wrapping is enabled
   Only turn off overflow anchor when windowing is active
   Fix table of contents navigation for Markdown files

   Updated www/py-django-polymorphic, www/py-django-treebeard, www/py-django-cms

   py-django-cms: updated to 5.0.6

   5.0.6

   Copying failures when target placeholders were missing
   Fallback handling when scanning includes for placeholders
   ApphookReloadMiddleware not correctly handling new language variants
   UX inconsistencies for external placeholders (such as static aliases)
   GET parameters not being preserved when switching between preview and edit mode
   get_permissions errors when global permissions were missing
   Migration failures with django-treebeard >= 5.0.3
   Issues in the make-changelog script

   py-django-treebeard: updated to 5.0.5

   5.0.5
   Reverted change to lock root nodes when adding a new root, which had unwanted performance implications.

   5.0.4
   Fixed TypeError when adding root nodes for MP and LT trees with node_order_by set.

   5.0.3
   Added row locks to prevent potential race conditions when concurrently calling add_child() on the same node, or when concurrently adding root nodes.

   py-django-polymorphic: updated to 4.11.1

   4.11.1

   better release version parsing
   fix CI on oracle dj5.2
   Bump cryptography from 46.0.4 to 46.0.5
   Fix database routing bug on save()
   fix validate_version recipe

   boost*: add upstream bug report link

   doc: Updated devel/boost-headers to 1.90.0nb2

   boost-headers: fix MSG_NOSIGNAL handling on NetBSD

   From RVP on current-users.

   Bump PKGREVISION.

   pkg-vulnerabilities: re-add last week CVEs

   Redo commit 1.737 properly without deleting comments.

   + KeePass,
     SOGo (no upstream and/or further details, assume not fixed),
     admesh (not fixed),
     apache-tomcat, caddy, calibre, chromium,
     clamav (no upstream information, assume not fixed),
     coturn, curl, dropbear, erlang, ffmpeg, gimp, grafana,
     gsoap (no upstream information, assume not fixed),
     hdf5, janet, jenkins,
     libde265 (fixed upstream, latest stable release 1.0.16 affected),
     libjxl,
     libsixel (fixed upstream, latest stable release 1.8.7 affected),
     libsoup,
     libvips (fixed upstream, latest stable release 8.18.0 affected),
     metabase,
     minisat (not fixed),

    [13 lines not shown]

   pkg-vulnerabilities: revert to 1.736

   1.737 accidentally added most comments.

   Thanks to <wiz>!

   py-peewee: remove patch that was removed from distinfo during update

   doc: Updated editors/abiword-plugins to 3.0.8

   abiword-plugins: update to 3.0.8

   3.0.8 - 2026/02/17

   - Fix memory leaks with a collab Telepathy error.
   - Fix paste of images from Firefox.
   - Fix memory leaks in styles dialog, Gtk text input.
   - Fix use after free and memory leak with list numbering.
   - Fix memory leak with text drag and drop.
   - Fix memory leak in OpenXML importer/exporter.
   - Remove babelfish and freetranslation plugins.
   - Fix appstream for newer flathub requirements.
   - Properly remember the recent files even if AbiWord crashes.
   - wordperfect: Use the more recent version of libwpd libwpg and
     libwps. This upgrade the dependencies:
     - libwpd-0.10
     - libwps-0.4
     - libwpg-0.3

   doc: Updated editors/abiword to 3.0.8

   abiword: update to 3.0.8

   3.0.8 - 2026/02/17

   - Fix memory leaks with a collab Telepathy error.
   - Fix paste of images from Firefox.
   - Fix memory leaks in styles dialog, Gtk text input.
   - Fix use after free and memory leak with list numbering.
   - Fix memory leak with text drag and drop.
   - Fix memory leak in OpenXML importer/exporter.
   - Remove babelfish and freetranslation plugins.
   - Fix appstream for newer flathub requirements.
   - Properly remember the recent files even if AbiWord crashes.
   - wordperfect: Use the more recent version of libwpd libwpg and
     libwps. This upgrade the dependencies:
     - libwpd-0.10
     - libwps-0.4
     - libwpg-0.3

   ots: fix builds with newer GCC

   pkg-vulnerabilities: add last week CVEs

   + KeePass,
     SOGo (no upstream and/or further details, assume not fixed),
     admesh (not fixed),
     apache-tomcat, caddy, calibre, chromium,
     clamav (no upstream information, assume not fixed),
     coturn, curl, dropbear, erlang, ffmpeg, gimp, grafana,
     gsoap (no upstream information, assume not fixed),
     hdf5, janet, jenkins,
     libde265 (fixed upstream, latest stable release 1.0.16 affected),
     libjxl,
     libsixel (fixed upstream, latest stable release 1.8.7 affected),
     libsoup,
     libvips (fixed upstream, latest stable release 8.18.0 affected),
     metabase,
     minisat (not fixed),
     moodle, nats-server,
     openbabel (not fixed),

    [9 lines not shown]

   nss: try fixing Solaris build using upstream suggestion

   nss: regen patch

   pkg-vulnerabilities: add recent ImageMagick CVEs

   + ImageMagick{,6}

   Updated math/py-lap

   py-lap: updated to 0.5.13

   0.5.13
   Add badge for full test workflow in README.md

   Updated devel/py-dulwich, net/py-geventhttpclient