tex-overpic: update to 2.2
The new version offers the macros \width, \height and \depth
as well as the dimension register \totalheight within the
environments “overpic” and “Overpic”.
tex-ntgclass{,-doc}: update to 2.1h
A small update to make the copyright notice current.
The command \afsluiting in the "brief" class now has an optional argument to
specify the width of the signature boxes, the default width is 0.3\textwidth
security/wolfssl: Update to 5.9.0
Changes since 5.8.4:
To download the release bundle of wolfSSL visit the download page at
www.wolfssl.com/download/
PR stands for Pull Request, and PR references a GitHub pull request number
where the code change was added.
Vulnerabilities
* [High CVE-2026-3548] Two buffer overflow vulnerabilities existed in the
wolfSSL CRL parser when parsing CRL numbers - both heap-based and
stack-based. Only affects builds with CRL support enabled when loading
untrusted CRLs. Fixed in PR 9628 and PR 9873.
* [High CVE-2026-3549] Heap Overflow in TLS 1.3 ECH parsing. An integer
underflow existed in ECH extension parsing logic causing out-of-bounds
writes. ECH is disabled by default; still evolving as a standard. Fixed in
[190 lines not shown]
audio/fasttracker2: Update to 2.12
Changes since 2.11:
Improvements
* Removed the quadratic spline interpolation option. It didn't make much
sense anyway in comparison to cubic spline.
* Reduced the number of pre-computed interpolation phases from 8192 to 4096
for less pressure on the CPU cache. The audible difference is minimal.
* Mixer code is no longer unrolled. The speed difference was minimal, and it
would cause a ton of extra code bytes for almost no performance gain.
perl: update to 5.42.2.
Perl 5.42.2 represents approximately 3 weeks of development since Perl
5.42.1 and contains approximately 2,900 lines of changes across 57 files
from 6 authors.
tex-musixtex{,-doc}: update to 1.41
1.40
Fixed incompatibility between latest LaTeX and font-supporting
extension packages.
1.39
Added support for EBGaramond and URWClassico text fonts.
Added support for appoggiaturas and grace notes in tiny-notesize staffs.
py-poetry: updated to 2.3.3
2.3.3 - 2026-03-29
Fixed
Fix a path traversal vulnerability in the wheel installer that could allow malicious wheel files to write files outside the intended installation directory
Fix an issue where git dependencies from annotated tags could not be updated
Fix an issue where empty VIRTUAL_ENV or CONDA_PREFIX environment variables (e.g., after conda deactivate) would cause Poetry to incorrectly detect an active virtualenv
Fix an issue where an incomprehensible error message was printed when .venv was a file instead of a directory
Fix an issue where HTTP Basic Authentication credentials could be corrupted during request preparation, causing authentication failures with long tokens
Fix an issue where poetry publish --no-interaction --build requested user interaction
Fix an issue where poetry init and poetry new created a deprecated project.license format
Docs
Clarify the differences between poetry install and poetry update
Clarify the section of fields in the pyproject.toml examples
Add a note about the different installation location when Python from the Microsoft Store is used
[3 lines not shown]
py-poetry-core: updated to 2.3.2
poetry-core (2.3.2)
Fix an issue where platform_release could not be parsed on Debian Trixie
Fix an issue where using project.readme.text in the pyproject.toml file resulted in broken metadata
Fix an issue where dependency groups were considered equal when their resolved dependencies were equal, even if the groups themselves were not
Fix an issue where removing a dependency from a group that included another group resulted in other dependencies being added to the included group
Fix an issue where PEP 735 include-group entries were lost when [tool.poetry.group] also defined include-groups for the same group
Fix an issue where the union of <value> not in <marker> constraints was wrongly treated as always satisfied
Fix an issue where a post release with a local version identifier was wrongly allowed by a > version constraint
Fix an issue where a version with the local version identifier 0 was treated as equal to the corresponding public version
Fix an issue where a != <version> constraint wrongly disallowed pre releases and post releases of the specified version
Fix an issue where in and not in constraints were wrongly not allowed by specific compound constraints
tex-moderncv{,-doc}: update to 2.5.1
- stability around photo frame and layout in "contemporary style"
- better MikTeX compatibility
- improved formatting and styling around the name
- better symbol support for "old style"
- all colors are now available for all styles
- added simplex and threema socials
- improve compatibility of French and TikZ
tex-memoir{,-doc}: update to 3.8.4b
3.8.4
-- bumped required kernel to 2023/06/01
-- general cleanup
-- When creating \immediateaddtocontents we copy and patch
\addtocontents, with 2025 kernel the second patch failed due to
updated kernel code, now back in line whenever the new macro used
exists
-- removed reference to obsolete subfigure package, replaced with
reference to subcaption.
-- remembered to redefine \addtopsmarks as it was using a macro now
deprecated
3.8.4b
[2 lines not shown]
