NetBSD/pkgsrc kLPpXtYdoc CHANGES-2026

   doc: Updated www/resterm to 0.45.2
VersionDeltaFile
1.4308+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc NqhfOfPwww/resterm distinfo Makefile

   resterm: Update to 0.45.2

   Important fix: multipart/form-data requests
   Multipart requests were effectively unusable in previous releases for typical hand-written requests and requests imported from curl -F via resterm -fc. If you use multipart/form-data, you should upgrade.

   What was broken. Several compounding bugs could corrupt multipart bodies: boundary lines (--...) were dropped during parsing because they were mistaken for -- comments. Part content starting with #, //, > or @... could be misread as resterm syntax and multipart framing was sent with LF line endings instead of the CRLF delimiter/header framing required by RFC 7578/RFC 2046.

   What's fixed. resterm now sends multipart bodies with curl compatible wire framing:
   - CRLF delimiters and part headers, including a trailing CRLF after the closing boundary
   - multipart body lines are preserved as body content instead of being parsed as comments, scripts or variables
   - @file includes inside parts are injected as raw bytes, so binary uploads are not rewritten
   - works the same whether your .http file uses LF or CRLF line endings
   - applies to all multipart subtypes (form-data, mixed, related)
   Directives placed after the closing boundary, such as # @capture, continue to parse as before. Non-multipart requests, GraphQL, gRPC, SSH, and K8s are unaffected.
VersionDeltaFile
1.10+4-4www/resterm/distinfo
1.11+2-2www/resterm/Makefile
+6-62 files

NetBSD/pkgsrc lMiFnwldoc TODO CHANGES-2026

   doc: Updated games/widelands to 1.3.1
VersionDeltaFile
1.27552+1-2doc/TODO
1.4307+2-1doc/CHANGES-2026
+3-32 files

NetBSD/pkgsrc KoPdoWGgames/widelands PLIST Makefile, games/widelands/patches patch-src_base_string.cc patch-xdg_CMakeLists.txt

   Update widelands to 1.3.1

   From Paul Ripke in pkgsrc-wip + ctype() patch.
   Sole consumer of asio. rm:-Wold-style-cast still needed after its update.


   Highlights in release 1.3.1

   This point release fixes a severe multiplayer desync found in Widelands 1.3.
   Note that it is not possible to combine the versions 1.3 and 1.3.1 in a
   network game.


   Highlights in release 1.3

   Since the release of version 1.2, we implemented several hundreds of new
   features and bugfixes; for example, to name just a few of the highlights:

   - Market trading

    [10 lines not shown]
VersionDeltaFile
1.4+2,089-1,698games/widelands/PLIST
1.1+42-0games/widelands/patches/patch-src_base_string.cc
1.52+3-18games/widelands/Makefile
1.3+8-8games/widelands/patches/patch-xdg_CMakeLists.txt
1.10+6-7games/widelands/distinfo
1.2+1-1games/widelands/patches/patch-src_base_i18n.h
+2,149-1,7321 files not shown
+2,150-1,7337 files

NetBSD/pkgsrc PYFT6T3doc CHANGES-2026

   Updated devel/py-types-setuptools, devel/py-test-rerunfailures
VersionDeltaFile
1.4306+3-1doc/CHANGES-2026
+3-11 files

NetBSD/pkgsrc 2zQlVnYdevel/py-test-rerunfailures distinfo Makefile

   py-test-rerunfailures: updated to 16.4

   16.4 (2026-07-01)

   Breaking changes

   - Drop support for pytest 8.1. Minimum pytest version is now 8.2.

   Features

   - Add support for pytest 9.1.

   - Rerun tests with failed subtests. This feature is only available on pytest 9.0
     and later. The pytest-subtests plugin is *not* supported.

   - Add ``--reruns-delay-backoff-factor`` option (and the matching
     ``reruns_delay_backoff_factor`` marker kwarg / ini setting) to grow the rerun
     delay after each attempt for an exponential backoff. The delay before the
     *n*-th re-run is ``reruns_delay * reruns_delay_backoff_factor ** (n - 1)``.

    [2 lines not shown]
VersionDeltaFile
1.17+4-4devel/py-test-rerunfailures/distinfo
1.18+2-2devel/py-test-rerunfailures/Makefile
+6-62 files

NetBSD/pkgsrc W42AIrbdevel/py-types-setuptools distinfo Makefile

   py-types-setuptools: updated to 83.0.0.20260706

   83.0.0.20260706
   Bump setuptools to 83.0.*
VersionDeltaFile
1.65+4-4devel/py-types-setuptools/distinfo
1.69+2-2devel/py-types-setuptools/Makefile
+6-62 files

NetBSD/pkgsrc ZcXI1ZXdoc CHANGES-2026

   Updated security/dropbear, sysutils/ansible
VersionDeltaFile
1.4305+3-1doc/CHANGES-2026
+3-11 files

NetBSD/pkgsrc l8xEwVEsysutils/ansible PLIST distinfo

   ansible: updated to 14.1.0

   14.1.0

   Major Changes

   community.clickhouse
   - clickhouse_named_collection - new module to add/modify/delete named collections in database.

   vmware.vmware_rest
   - Update minimum required ansible-core version to 2.16 in meta/runtime.yml
VersionDeltaFile
1.70+498-49sysutils/ansible/PLIST
1.83+4-4sysutils/ansible/distinfo
1.111+3-3sysutils/ansible/Makefile
+505-563 files

NetBSD/pkgsrc 7WLqNWPdoc CHANGES-2026

   doc: Updated www/resterm to 0.45.1
VersionDeltaFile
1.4304+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc tmAwrxKwww/resterm distinfo Makefile

   resterm: Update to 0.45.1

   Vim-Style Command Line
   Added a Vim-like command line to the TUI. Press : from normal-mode panes to run common actions such as :w, :q, :q!, :wq, :x, :e, :help, and :noh.

   Search UX
   Search behavior now more closely follows Vim: opening / starts with an empty prompt while keeping the previous search available for match navigation, and clearing the live search input clears current highlights.

   The search prompt UI was also simplified by removing the extra search icon. This release also includes theming support.
VersionDeltaFile
1.9+4-4www/resterm/distinfo
1.10+2-2www/resterm/Makefile
1.3+0-0www/resterm/go-modules.mk
+6-63 files

NetBSD/pkgsrc B56bwaPsecurity/dropbear distinfo Makefile

   dropbear: updated to 2026.92

   2026.92 - 6 July 2026

   Note >> for compatibility/configuration changes

   - >> server auth plugins have been deprecated, the configure option
     has been renamed to --enable-plugin-deprecated.
     Planned to be removed in future.

   - >> Two factor auth "-t" has been deprecated, it now requires
     a configuration option DEPRECATED_TWO_FACTOR.
     Planned to be removed in future.

   - Security: server: Don't allow -B (accept blank password) with
     -t (two factor auth). If run with -t and -B a user configured with a
     blank password would be allowed to log in without pubkey auth.
     https://github.com/mkj/dropbear/commit/23ec78285639edf068d86bb96f91cba755039740
     Reported by nvidia

    [61 lines not shown]
VersionDeltaFile
1.40+4-4security/dropbear/distinfo
1.48+2-2security/dropbear/Makefile
+6-62 files

NetBSD/pkgsrc 3DALelTdoc CHANGES-2026

   Updated multimedia/mkvtoolnix, devel/patchelf
VersionDeltaFile
1.4303+3-1doc/CHANGES-2026
+3-11 files

NetBSD/pkgsrc q2BnyMKdevel/patchelf distinfo Makefile

   patchelf: updated to 0.19.1

   0.19.1

   A small bug fix release for --build-resolution-cache.

   Bug fixes

   --build-resolution-cache: run-path entries that only resolve at run time are now recorded as search hints in run-path order instead of being dropped or baked in as bogus exact entries, so cached resolution keeps the semantics of a plain run-path walk. This covers empty and relative components, absolute directories absent at patch time (such as /run/opengl-driver/lib on NixOS), trailing empty components, and entries that exist but are not searchable directories when patching.
VersionDeltaFile
1.17+4-4devel/patchelf/distinfo
1.20+2-2devel/patchelf/Makefile
+6-62 files

NetBSD/pkgsrc 62k0CQ4multimedia/mkvtoolnix PLIST distinfo

   mkvtoolnix: updated to 100.0

   Version 100.0 "Do Hot Girls Like Chords" 2026-07-05

   New features and enhancements

   * all: added new scalable (SVG) application icons for all applications,
     replacing the existing pixmap (PNG, ICO) icons. Icons from Sarreq
     Teryx.
   * mkvmerge: MP4 reader: track names are now read from the track's user-data
     atoms (`trak` → `udta` → `name`) if present.
   * MKVToolNix GUI: executing actions configuration, type "play audio file":
     added a slider to make configuration more intuitive.
   * MKVToolNix GUI: executing actions: macOS only: the GUI will now use bundled
     audio files for "play audio file" actions that Qt can play instead of using
     macOS's system sounds.
   * MKVToolNix GUI: executing actions: Windows only: added a new type: executing
     a PowerShell script. Either an existing script file can be selected or
     custom PowerShell script code entered in a small editor. The executed script

    [44 lines not shown]
VersionDeltaFile
1.23+9-44multimedia/mkvtoolnix/PLIST
1.138+4-4multimedia/mkvtoolnix/distinfo
1.12+6-1multimedia/mkvtoolnix/options.mk
1.266+2-2multimedia/mkvtoolnix/Makefile
+21-514 files

NetBSD/pkgsrc teqjjZAdoc CHANGES-2026

   doc: Updated devel/asio to 1.36.0
VersionDeltaFile
1.4302+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc N6cYko9devel/asio PLIST Makefile

   Update asio to 1.36.0

   Gymnastics due to:
   x asio-1.36.0/doc/proactor.png: Cannot restore extended attributes: com.apple.quarantine com.apple.quarantine com.apple.lastuseddate#PS com.apple.lastuseddate#PS: Unknown error: -1

   No real highlights

   Full release notes at:
   https://think-async.com/Asio/asio-1.36.0/doc/asio/history.html#asio.history.asio_1_36_0
VersionDeltaFile
1.5+38-70devel/asio/PLIST
1.9+8-5devel/asio/Makefile
1.9+4-4devel/asio/distinfo
+50-793 files

NetBSD/pkgsrc E8du8b9doc CHANGES-2026

   doc: Updated shells/oh-my-posh to 29.21.0
VersionDeltaFile
1.4301+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc 82glSTOshells/oh-my-posh distinfo Makefile

   shells/oh-my-posh: update to 29.21.0

   Features

    - shell: support vimode segment in PowerShell (fd0e688)
    - use native millis by default (6cbd1b6)
VersionDeltaFile
1.310+10-10shells/oh-my-posh/distinfo
1.341+2-2shells/oh-my-posh/Makefile
1.134+2-2shells/oh-my-posh/go-modules.mk
+14-143 files

NetBSD/pkgsrc m9OnIe7doc CHANGES-2026

   doc: Updated finance/rex to 0.2.9
VersionDeltaFile
1.4300+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc ZM0SLF5finance/rex distinfo cargo-depends.mk

   finance/rex: update to 0.2.9

   v0.2.9
   Updates

    - New popup field for renaming a tag
    - Removed unused in-memory cache

   Changes

    - Rename tag by @TheRustyPickle in #133
    - Update versions by @TheRustyPickle in #134

   v0.2.8
   Updates

    - Prevent unnecessary animation on home table on certain changes

   Changes

    [2 lines not shown]
VersionDeltaFile
1.18+79-61finance/rex/distinfo
1.18+25-19finance/rex/cargo-depends.mk
1.32+4-4finance/rex/Makefile
+108-843 files

NetBSD/pkgsrc jWrXO2Ydoc CHANGES-2026 TODO

   doc: Updated editors/tp-note to 1.26.5
VersionDeltaFile
1.4299+2-1doc/CHANGES-2026
1.27551+1-2doc/TODO
+3-32 files

NetBSD/pkgsrc W56ks4ueditors/tp-note distinfo cargo-depends.mk

   editors/tp-note: update to 1.26.5

   v1.26.5

   This is a maintenance and infrastructure release focused on improving the build system and distribution process.

   - Added unified complete-build CI pipeline with flat, standard-named release assets
   - Hardened build scripts with robust artifact copy and documentation cleanup
   - Updated MSI download URL in winget package script to point to GitHub releases

   - Refactored distribution section and consolidated documentation
   - Moved winget distribution guide into script preamble for better maintainability

   Available as installers and standalone binaries for Windows, macOS, Linux, and Debian/Ubuntu at https://github.com/getreu/tp-note/releases/tag/v1.26.5

   v1.26.4
   Clipboard front matter carries over when annotating files

   - New: input YAML header overrides the note header in file-annotation mode — when annotating a non-Tp-Note file (e.g. `tpnote report.pdf`), a YAML header

    [4 lines not shown]
VersionDeltaFile
1.90+19-22editors/tp-note/distinfo
1.88+5-6editors/tp-note/cargo-depends.mk
1.118+5-3editors/tp-note/Makefile
+29-313 files

NetBSD/pkgsrc ESknRVrdoc CHANGES-2026

   doc: Updated net/libcares to 1.34.7nb1
VersionDeltaFile
1.4298+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc rkIKcYtnet/libcares Makefile distinfo

   libcares: switch to newer commit on 1.34 branch

   Fixes API breakage introduced in 1.34 (non-const -> const argument).

   Bump PKGREVISION.
VersionDeltaFile
1.56+10-7net/libcares/Makefile
1.48+4-4net/libcares/distinfo
+14-112 files

NetBSD/pkgsrc TKNoGPVmultimedia/libaom distinfo, multimedia/libaom/patches patch-aom__ports_ppc__cpudetect.c

   multimedia/libaom: restore buildability on NetBSD/macppc.

   Re-apply fix for "So far no dynamic CPU feature detection on NetBSD".
VersionDeltaFile
1.5+5-3multimedia/libaom/patches/patch-aom__ports_ppc__cpudetect.c
1.31+2-2multimedia/libaom/distinfo
+7-52 files

NetBSD/pkgsrc VaVR9qrdoc CHANGES-2026

   doc: Updated net/libcares to 1.34.7
VersionDeltaFile
1.4297+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc fhZZsIinet/libcares distinfo PLIST

   libcares: update to 1.34.7.

   ## c-ares version 1.34.7 - July 6 2026

   This is a security release.

   Security:
   * CVE-2026-33630. Use-after-free / double-free in c-ares' query-completion
     handling, remotely triggerable via ares_getaddrinfo() over TCP. Please see
     https://github.com/c-ares/c-ares/security/advisories/GHSA-6wfj-rwm7-3542
   * CPU-exhaustion denial of service via unbounded DNS name compression pointer
     chains. Please see
     https://github.com/c-ares/c-ares/security/advisories/GHSA-pjmc-gx33-gc76
   * Memory-amplification denial of service via unvalidated DNS header record
     counts. Please see
     https://github.com/c-ares/c-ares/security/advisories/GHSA-jv8r-gqr9-68wj

   Changes:
   * `ares_getaddrinfo()`: handle a NULL node per POSIX and implement

    [55 lines not shown]
VersionDeltaFile
1.47+4-4net/libcares/distinfo
1.36+2-2net/libcares/PLIST
1.55+2-2net/libcares/Makefile
+8-83 files

NetBSD/pkgsrc WqmixqYsecurity/ap-modsecurity2 Makefile distinfo, security/ap-modsecurity2/files README.pkgsrc

   ap-modsecurity2: Update to version 2.9.14

   Last version changes:

   02 Jul 2026 - 2.9.14
   --------------------

    * chore: fix cppcheck issues with v2.21.0
      [Issue #3593 - @airween]
    * fix: ctl:ruleRemoveTargetByTag not removing XML attribute targets
      [Issue #3592 - @fzipi]
    * Remove deprecated REQBODY_PROCESSOR_ERROR and REQBODY_PROCESSOR_ERROR_MSG
      [Issue #3578 - @hnakamur]
    * Re-apply lost fix 4f33f5b: collection_unpack value_len underflow regression
      [Issue #3560 - @g4mm4-VCF]

   28 Apr 2026 - 2.9.13
   --------------------


    [107 lines not shown]
VersionDeltaFile
1.1+26-0security/ap-modsecurity2/files/README.pkgsrc
1.76+13-12security/ap-modsecurity2/Makefile
1.13+4-6security/ap-modsecurity2/distinfo
1.9+2-1security/ap-modsecurity2/PLIST
1.4+1-1security/ap-modsecurity2/MESSAGE
1.2+1-1security/ap-modsecurity2/patches/patch-apache2_msc__crypt.c
+47-211 files not shown
+48-227 files

NetBSD/pkgsrc l2E4seMdoc CHANGES-2026

   doc: Updated security/ap-modsecurity2 to 2.9.14
VersionDeltaFile
1.4296+2-1doc/CHANGES-2026
+2-11 files