www/hiawatha: Update enclosed mbedtls to v3.6.3
Mbed-TLS 3.6.3 Release Notes
Default behavior changes
In TLS clients, if mbedtls_ssl_set_hostname() has not been called,
mbedtls_ssl_handshake() now fails with
MBEDTLS_ERR_SSL_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME
if certificate-based authentication of the server is attempted.
This is because authenticating a server without knowing what name
to expect is usually insecure. To restore the old behavior, either
call mbedtls_ssl_set_hostname() with NULL as the hostname, or
enable the new compile-time option
MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME.
Features
Added new configuration option MBEDTLS_PSA_STATIC_KEY_SLOTS, which
[70 lines not shown]
go119, go121: remove
go124 is the current version. go123 is still supported.
To build go124 from source, the chain is
go14 - go118 - go120 - go122 - go124
Thus, nothing needs go119 and go121.
agreed by maya@ on tech-pkg
Update go123 to 1.23.8 and go124 to 1.24.2
These minor releases include 1 security fixes following the security policy:
- net/http: request smuggling through invalid chunked data
The net/http package accepted data in the chunked transfer encoding
containing an invalid chunk-size line terminated by a bare LF.
When used in conjunction with a server or proxy which incorrectly
interprets a bare LF in a chunk extension as part of the extension,
this could permit request smuggling.
The net/http package now rejects chunk-size lines containing a bare LF.
Thanks to Jeppe Bonde Weikop for reporting this issue.
This is CVE-2025-22871 and Go issue https://go.dev/issue/71988.
View the release notes for more information.
Add p5-Data-ULID 1.3
This is an implementation in Perl of the ULID identifier type
introduced by Alizain Feerasta. The original implementation (in
Javascript) can be found at https://github.com/alizain/ulid.
ULIDs have several advantages over UUIDs in many contexts. The
advantages include:
- Lexicographically sortable
- The canonical representation is shorter than UUID (26 vs 36
characters)
- Case insensitve and safely chunkable.
- URL-safe
- Timestamp can always be easily extracted if so desired.
- Limited compatibility with UUIDs, since both are 128-bit formats.
Some conversion back and forth is possible.
Add security/p5-Bytes-Random-Secure-Tiny 1.011
Bytes::Random::Secure::Tiny provides random bytes from a
cryptographically secure random number generator (ISAAC), seeded
from strong entropy sources on a wide variety of platforms. It does
so without external dependencies (except on Windows), and has a
minimal but useful user interface patterned after the module
Bytes::Random::Secure.
fluidsynth: updated to 2.4.4
2.4.4
Support for SDL3 has been added, support for SDL2 has been deprecated
Soundfonts that are not respecting the 46 zero-sample padding-space previously sounded incorrect when
synth.dynamic-sample-loading was active
Allow drum channels to profit from Soundfont Bank Offsets by no longer ignoring MSB Bank changes
Revise the preset fallback logic for drum channels
A regression introduced in 2.4.1 may have caused interrupted real-time playback when voices were using the lowpass filter
Improve multi-user experience when running fluidsynth as systemd service
Fix ordering and dependencies of fluidsynth's systemd service
Revise fluidsynth's man page
SDL2: updated to 2.32.4
2.32.4
This is a stable bugfix release, with the following changes:
Fixed controller GUIDs changing randomly on Windows
Fixed detecting PlayStation controller sensors on Linux when HIDAPI isn't being used
Fixed a crash enumerating some input devices
py-unearth: updated to 0.17.3
0.17.3
Bug Fixes
Update contributing guidelines for rebase branch
Best match should be a pre-release if that's all the index has
Use stdlib Path <-> URL conversions
py-typing-extensions: updated to 4.13.0
Release 4.13.0 (March 25, 2025)
No user-facing changes since 4.13.0rc1.
Release 4.13.0rc1 (March 18, 2025)
New features:
- Add `typing_extensions.TypeForm` from PEP 747. Patch by
Jelle Zijlstra.
- Add `typing_extensions.get_annotations`, a backport of
`inspect.get_annotations` that adds features specified
by PEP 649. Patches by Jelle Zijlstra and Alex Waygood.
- Backport `evaluate_forward_ref` from CPython PR
Bugfixes and changed features:
[35 lines not shown]