devel/cmocka: Don't use newfangled attribute access on gcc < 12
The usage is guarded on __has_attribute(access), but that apparently
doesn't distinguish having access none. Fix inspired by an upstream
bug report (which has a huge hex string intstead of a number in the
brave new world of gitlab), avoid attribute access on gcc <= 12.
Upstream has not acted on or commented on the bug report, file on
April 10.
Resolves failure to build on NetBSD 10, probably resolves problems on
other gcc 10 hosts, and shouldn't affect systems with gcc >= 12.
(math/R-forecast) Updated 8.23.0 to 9.0.2, Fix build against R 4.6.0
# forecast 9.0.2
* `checkresiduals()` correctly handles the `test` argument again (#1100)
* `mstl()` now correctly accesses the `lambda` attribute on mstl matrix objects (#1097)
# forecast 9.0.1
* Performance improvements for ARFIMA model search
* `forecast.mlm()` now finds `newdata` when passed as an argument from another function (#880)
* `residuals.tslm()` now allows `type = "working"` as per CRAN request
* Code modernization and performance improvements
# forecast 9.0.0
* `ets()` now allows missing values in the time series (#952)
* Added `mean_model()` and `forecast.mean_model()`
* Added `rw_model()` and `forecast.rw_model()` (m-muecke, #969)
* Added `spline_model()` and `forecast.spline_model()` (#1013)
[12 lines not shown]
(math/R-igraph) Updated 2.1.4 to 2.3.2, Fix Build against R-4.6.0
# igraph 2.3.2
--------------
## Bug fixes
- Fix obsolete Fortran syntax (#2644).
# igraph 2.3.1
--------------
## Bug fixes
- Fix mismatches between C function signatures and function
calls. This only affects private functions that are defined but not
yet used (#2620).
# igraph 2.3.0
[321 lines not shown]
p5-Crypt-DSA: update to 1.21.
Security update. Please note that this package is deprecated.
1.21 -- Sun Jun 14 16:52:15 ADT 2026
- This module is now makred as deprecated. Crypt-DSA-GMP is a possible replacement.
- Fixed CVE-2026-12205 key material reuse for multiple signing events
- SECURITY (CWE-323): sign() reused the DSA nonce k across signatures
(r and k^-1 were cached on the key and not regenerated), allowing
private-key recovery from two signatures over different messages. Now
generates a fresh nonce per signature. Keys used to sign more than
once with an affected version should be considered compromised.
liba52: Build fixes for GCC 15.
Update configure test for return type of signal(2).
Restrict to C99. Uses "old-style function definitions", but also
restrict keyword.
lighttpd: update to 1.4.83. Changes:
Highlights
- add PQC hybrid KEM X25519MLKEM768 to default TLS groups
- mod_sockproxy can now route connections based on TLS SNI
- mod_proxy proxy.header enhanced config for url-path mapping of response headers
- HTTP Incremental header support
- portability/compatibility with library updates (lighttpd dependencies)
BEHAVIOR CHANGES
- add PQC hybrid KEM X25519MLKEM768 to default TLS groups
- HTTP/1.1 Upgrade: h2c has been deprecated; set default to disabled
in lighttpd, but can still be enabled in config, and http2 prior
knowledge is still enabled
* [systemd] add RestrictAddressFamilies AF_NETLINK
* [TLS] skip cert_is_active warnings for unset clock
[102 lines not shown]
filesystems/py-fuse-bindings: Change back to egg.mk to accomodate unmaintained fuse filesystems
wheel.mk does not allow 2.7 and there are 3 2.7-only filesystems
still. While they are probably ripe for removal, I don't want to
couple that.
Tested with python 3.13 and bup.
netpbm: Various build fixes.
Firstly, this fails to build with a compiler that defaults to C23,
due to "old-style function definitions" in getopt.c. So force it to
build with the gnu89 standard.
Secondly, we want to force all function definitions to be visible.
They hardcore XOPEN_SOURCE all over the codebase, so we need to
override their decision. This eliminates the need to compile with
-Wno-implicit-function-declaration.
Why do we want to avoid doing that? Because older GCC versions error
when they encounter a warning flag that they don't support, and that
is one of them that GCC 4.x does not support.
