sysutils/uutils-coreutils: import package
uutils coreutils is a cross-platform reimplementation of the GNU coreutils in
Rust. While all programs have been implemented, some options might be missing
or different behavior might be experienced.
This project aims to be a drop-in replacement for the GNU utils. Differences
with GNU are treated as bugs.
uutils aims to work on as many platforms as possible, to be able to use the
same utils on Linux, Mac, Windows and other platforms. This ensures, for
example, that scripts can be easily transferred between platforms.
openssl: update to 3.6.2.
OpenSSL 3.6.2 is a security patch release. The most severe CVE fixed in this
release is Medium.
This release incorporates the following bug fixes and mitigations:
* Fixed incorrect failure handling in RSA KEM RSASVE encapsulation.
([CVE-2026-31790])
* Fixed loss of key agreement group tuple structure when the `DEFAULT` keyword
is used in the server-side configuration of the key-agreement group list.
([CVE-2026-2673])
* Fixed out-of-bounds read in AES-CFB-128 on x86-64 CPUs with AVX-512 support.
([CVE-2026-28386])
* Fixed potential use-after-free in DANE client code.
([CVE-2026-28387])
[13 lines not shown]
editors/kibi: update to 0.3.3
0.3.3 - 2026-01-01
Added
Ctrl + / to comment / uncomment lines (#416)
Strong stack protection in release binaries (#535)
Removed
Build scripts are excluded from published crates (#538)
0.3.2 - 2025-11-23
Added
Support for NO_COLOR standard: all color output will be disabled if the NO_COLOR environment variable is set (#499)
Ctrl + R can now remove the very last line (#498)
Changed
[9 lines not shown]
x11/alacritty: update to 0.17.0
Packaging
- Fixed invalid logo SVG attributes
- New alacritty-escapes(7) manpage
- Removed broken flash capability from terminfo
Added
- Ability to bind WheelUp and WheelDown in mouse.bindings
- Support TOML 1.1 syntax
- window.resize_increments support on Wayland
Changed
- Don't highlight hints on hover when the mouse cursor is hidden
- IME is disabled in Vi mode on X11
- Require explicit tap to enable IME with touch input
[9 lines not shown]
boost-libs: add provisions to conditionally build w/ cobalt
... but then force it off unconditionally. Presumably nothing in
pkgsrc currently needs it. The library requires C++20 and we are
not ready to bump boost's USE_CXX_FEATURES from C++14 yet.
(Without this we get PLIST errors with GCC 16.)
multimedia/dav1d: Update to 1.5.3
Changelog:
Changes for 1.5.3 'Sonic':
--------------------------
1.5.3 is a minor release of dav1d, focused on RISC-V and maintenance:
- Misc small optimizations
- RISC-V assembly optimizations for ipred, emu_edge and w_mask,
and VLEN 512 for blend functions
- Fix issue with ivf files with 0 frames in tools
Changes for 1.5.2 'Sonic':
--------------------------
1.5.2 is a minor release of dav1d, focused on maintenance:
- minor speed improvement in recon
- improvements on loongarch symboles visibility and asm
[4 lines not shown]
mit-krb5: update to 1.22.2
Major changes in 1.22.2 (2026-01-29)
------------------------------------
* Fix a SPNEGO packet parsing bug which could cause GSS mechanism
negotiation failure.
Major changes in 1.22.1 (2025-08-20)
------------------------------------
* Fix a vulnerability in GSS MIC verification [CVE-2025-57736].
Major changes in 1.22 (2025-08-05)
----------------------------------
User experience:
* The libdefaults configuration variable "request_timeout" can be set
to limit the total timeout for KDC requests. When making a KDC
request, the client will now wait indefinitely (or until the request
timeout has elapsed) on a KDC which accepts a TCP connection,
without contacting any additional KDCs. Clients will make fewer DNS
[27 lines not shown]
m4: update to 1.4.21.
* Noteworthy changes in release 1.4.21 (2026-02-06) [stable]
** Fix the `eval' builtin to reject input like `0x' that C does not
accept as an integer literal, rather than silently treating it as zero
(present since "the beginning").
** Fix the `define' and `pushdef' builtins to always warn when attempting
to concatenate the result of using the `defn' macro on a builtin macro
with anything else. This is a counterpart to the change in m4 1.4.11
that issues a warning when `defn' with multiple arguments attempts to
perform concatenation. Attempting to use the output of `defn' anywhere
other than a lone argument during macro definition has never been
portable, but now the outcome is always the remaining text, rather
than being dependent on whether `defn' was used before or after the
other text (present since "the beginning").
** Port to glibc 2.43, which implements functions like strchr as macros
[38 lines not shown]
neomutt: update to 20260406.
2026-04-06 Richard Russon \<rich at flatcap.org\>
* Features
- #4799 Add IMAP connection monitoring, timeouts, and reconnection backoff
* Bug Fixes
- #4755 Fix off-by-one in ARRAY_RESERVE()
- #4819 Fix IMAP crash when changing folders
- Fix freeze in IMAP with OpenSSL
- Fix blocking IMAP pipeline drain with many mailboxes
- Fix crash on threaded index update
- Fix crash on NULL thread in display subject
- Fix menu half-down when data fits in one page
- Fix alias search prompt
- Fix index tag colours
- Protect hooks against unhook during execution
- Fix leak in pattern alias search
- Consistently convert headers to LF EOL convention
* Changed Config
[12 lines not shown]
update to version 9.2.0315.
Changes:
- patch 9.2.0315: missing bound-checks
- patch 9.2.0314: channel: can bind to all network interfaces
- patch 9.2.0313: Callback channel not registered in GUI
- patch 9.2.0312: C-type names are marked as translatable
- patch 9.2.0311: redrawing logic with text properties can be improved
- patch 9.2.0310: unnecessary work in vim_strchr() and find_term_bykeys()
- patch 9.2.0309: Missing out-of-memory check to may_get_cmd_block()
- runtime(log): clean up and modernize log syntax
- patch 9.2.0308: Error message E1547 is wrong
- patch 9.2.0307: more mismatches between return types and documentation
- patch 9.2.0306: runtime(tar): some issues with lz4 support
- runtime(vim9): Fix dist#vim9#Open() spaced paths and SIGPIPE crashes
- patch 9.2.0305: mismatch between return types and documentation
- patch 9.2.0304: tests: test for 9.2.0285 doesn't always fail without the fix
- patch 9.2.0303: tests: zip plugin tests don't check for warning message properly
- patch 9.2.0302: runtime(netrw): RFC2396 decoding double escaping spaces
[117 lines not shown]
