Updated net/xfr to 0.6.0
v0.6.0
What's New
Congestion Control Selection (--congestion)
Choose your TCP congestion control algorithm per-test:
xfr <host> --congestion bbr - # Compare BBR vs default CUBIC
xfr <host> --congestion reno - # Classic Reno
Works on both client and server sockets. Invalid algorithms are caught early with a helpful error listing what's available on your kernel.
Live TCP_INFO Polling
RTT and cwnd are now reported every interval during tests, not just in the final result. This enables:
- Real-time TCP metrics in the TUI
- Per-interval rtt_us and cwnd in --json-stream and --csv output
[61 lines not shown]
py-pikepdf: updated to 10.3.0
v10.3.0
- Fixed UnicodeDecodeError when listing keys of a dictionary containing invalid
UTF-8. Thanks @qooxzuub. :issue:`696`
- Fixed an issue where opening a PDF with duplicate form field names would cause a
crash. Accessing a duplicate field by name now returns a proxy list of all matching
fields. Thanks @qooxzuub. :issue:`697`
- Added `.values()` accessor to `Object` for iterating over dictionary values. Thanks @qooxzuub.:issue:`699,697`
- Added `.copy()` and `.update()` methods to `Dictionary`. Thanks @qooxzuub.:issue:`700`
- Improved `Object.copy` implementation and added type stubs. Thanks @qooxzuub.:issue:`702`
- Fixed missing return in `SimpleFont._encode_diffmap()`. Thanks @lachlan.charlick :issue:`706`
- Improved error messages for invalid dictionary access. Thanks @qooxzuub.:issue:`701`
- Lazy load lxml and Pillow to improve import time. Thanks @qooxzuub. :issue:`704`
- Improved `atomic_overwrite` robustness for restricted directories and special files. :issue:`695`
py-debugpy: updated to 1.8.20
1.8.20
Fixes for:
annotate in 3.14 causing exceptions:
Enhancements:
Use remote_exec if available: c7e86a1
Support more architectures: 1bbecdf
py-dnsdiag: updated to 2.9.3
2.9.3
This release focuses on bug fixes for traceroute functionality and improved
user experience with better DNSSEC information display and command-line
parameter validation.
gnutls: updated to 3.8.12
Version 3.8.12 (released 2026-02-09)
** libgnutls: Fix NULL pointer dereference in PSK binder verification
A TLS 1.3 resumption attempt with an invalid PSK binder value in ClientHello
could lead to a denial of service attack via crashing the server.
The updated code guards against the problematic dereference.
Reported by Jaehun Lee.
[Fixes: GNUTLS-SA-2026-02-09-1, CVSS: high] [CVE-2026-1584]
** libgnutls: Fix name constraint processing performance issue
Verifying certificates with pathological amounts of name constraints
could lead to a denial of service attack via resource exhaustion.
Reworked processing algorithms exhibit better performance characteristics.
Reported by Tim Scheckenbach.
[Fixes: GNUTLS-SA-2026-02-09-2, CVSS: medium] [CVE-2025-14831]
** libgnutls: Fix multiple unexploitable overflows
[16 lines not shown]
py-fakefs: updated to 6.1.0
Version 6.1.0
Changes back-link references to weak references.
Changes
* added more support for PyPy 3
* _Caution:_ many back-link references have been replaced by weak references;
this may have unwanted consequences (crashes) for some untested workflows
Infrastructure
* added PyPy 3.11 to CI, added PyPy builds for all OSes
* use only `pyproject.toml` for dependencies, moved `tox` configuration into `pyproject.toml`
Fixes
* fixed a problem accessing `size` from a `FakeFileWrapper` object
* fixed a problem with `readable` raising an error on a file object.
* avoid memory accumulation in consecutive tests by using weak references
math/volk: Rewrite patch comment (NFCI)
The problem being worked around is an upstream bug, not a NetBSD
headers problem. Note that it is has been reported upstream, who have
said they're working on a fix.
www/firefox: Update to 147.0.3
Changelog:
147.0.3:
New
* Interoperability improvements for the CSS anchor positioning and Navigation
web APIs.
Fixed
* Fixed a regression where position: sticky elements on some webpages could
appear stuck or fail to update while mousewheel-scrolling after certain
:hover interactions. (Bug 2010481)
* Fixed an issue where the Firefox Developer Tools could fail to re-open
after using the Inspector??s node picker and reloading a page containing
cross-origin iframes. (Bug 2003810)
[7 lines not shown]