BSD Commit Log Search

   Updated www/py-django-polymorphic, www/py-django-modelcluster

   py-django-modelcluster: updated to 6.4.1

   6.4.1 (04.12.2025)
   * Handle `get_prefetch_queryset` deprecation, for Django 6.0 support (Sage Abdullah)

   py-django-polymorphic: updated to 4.3.0

   4.3.0

   Support Q expressions that contain subquery expressions
   Make related polymorphic object manager selection more robust to multiple inheritance scenarios.
   Caching in inheritance accessor functions
   update changelog
   Multi-database support in inheritance accessors.
   Include get_child_inlines() hook in stacked inline admin forms.
   upgrade uv lockfile
   fix docs errors
   Resolve primary key name correctly.
   Misc test fixes
   remove dead code
   bump version

   doc: Updated devel/jj-docs to 0.36.0

   jj-docs: update to 0.36.0.

   Sync with jj.

   Updated www/py-httpx-socks, graphics/py-exifread

   py-exifread: updated to 3.5.1

   3.5.1 — 2025-08-23
   * Don't raise exception from decode_maker_note() if strict==False

   3.5.0 — 2025-08-23
   * Add support for JPEG XL
   * Add Image SubIFDs decoding and Nikon Z 9 sample
   * Make it easier to add new file types to testing

   py-httpx-socks: updated to 0.11.0

   0.11.0
   Unknown changes

   Update shells/bash to 5.3.9

   One new (upstream) patch added.   Fixes a SIGSEGV if a SIGINT is received
   during a reverse i-search (readline issue - to the embedded readline).

   Updated security/py-acme, security/py-certbot*

   py-acme py-certbot*: updated to 5.2.2

   5.2.2

   Fixed a regression that caused certbot to crash if multiple --webroot-path
   values were set on the command line.

   doc: Updated www/chromium to 143.0.7499.40

   Updated graphics/libjpeg-turbo, graphics/py-matplotlib

   py-matplotlib: updated to 3.10.8

   3.10.8

   This is a bugfix release in the 3.10.x series.

   The primary highlights of this release are:

   Properly allow freethreaded mode in the MacOS backend
   Better error handling for MacOS backend

   libjpeg-turbo: updated to 3.1.3

   3.1.3

   Significant changes relative to 3.1.2:

   1. Hardened the TurboJPEG API against hypothetical applications that may
   erroneously call `tj*Compress*()` or `tj*Transform()` with a reused JPEG
   destination buffer pointer while specifying a destination buffer size of 0.

   2. Hardened the TurboJPEG API against hypothetical applications that may
   erroneously set `TJPARAM_LOSSLESS` or `TJPARAM_COLORSPACE` prior to calling
   `tj3EncodeYUV*8()` or `tj3CompressFromYUV*8()`.  `tj3EncodeYUV*8()` and
   `tj3CompressFromYUV*8()` now ignore `TJPARAM_LOSSLESS` and
   `TJPARAM_COLORSPACE`.

   3. Hardened the TurboJPEG Java API against hypothetical applications that may
   erroneously pass huge X or Y offsets to one of the compression, YUV encoding,
   decompression, or YUV decoding methods, leading to signed integer overflow in

    [11 lines not shown]

   fl_logbook: switch to https

   fio: update HOMEPAGE

   fileobj: update HOMEPAGE

   figlet-fonts: switch to https

   figlet: switch to https

   ffproxy: comment out dead site

   festvox-ked8: switch to https

   festvox-ked16: switch to https

   festvox-kal8: switch to https

   festvox-el11: switch to https

   fd: remove dead sites

   fastdep: comment out dead sites

   fann: switch to github

   www/chromium: update to 143.0.7499.40

   * 143.0.7499.40
   This update includes 13 security fixes. Below, we highlight fixes
   that were contributed by external researchers. Please see the
   Chrome Security Page for more information.
   [$11000][456547591] High CVE-2025-13630: Type Confusion in V8.
   Reported by Shreyas Penkar (@streypaws) on 2025-10-31
   [$3000][448113221] High CVE-2025-13631: Inappropriate implementation
   in Google Updater. Reported by Jota Domingos on 2025-09-29
   [TBD][439058242] High CVE-2025-13632: Inappropriate implementation
   in DevTools. Reported by Leandro Teles on 2025-08-16
   [N/A][458082926] High CVE-2025-13633: Use after free in Digital
   Credentials. Reported by Chrome on 2025-11-05
   [TBD][429140219] Medium CVE-2025-13634: Inappropriate implementation
   in Downloads. Reported by Eric Lawrence of Microsoft on 2025-07-02
   [N/A][457818670] Medium CVE-2025-13720: Bad cast in Loader.
   Reported by Chrome on 2025-11-04

    [14 lines not shown]

   sort