databases/db[45] -- Add mutex support for SPARC v[78] machines.
Thanks go to John D. Baker for submitting an updated patch to the PR,
and to Andrew Randrianasulu for bringing up the issue again and then
testing the patches.
Fixes PR pkg/43444.
ImageMagick: Update to 7.1.2.11
upstream changes:
-----------------
7.1.2-11 - 2025-12-14
Commits
* beta release e97f8c1
* Only allow setting the data_precision to values other then 16 and 12 when quality is lossless (>= 100). 4d7581a
* Switch to macos-15-intel for the x64 MacOS build. 3f47b60
* Removed old debug statements. 281adfc
* Added extra checks to prevent overflows on 32-bit systems and do an earlier exit. 1dc1fc9
* release 578d60d
uriparser: update to 1.0.0.
Security fix release.
2025-12-15 -- 1.0.0
>>>>>>>>>>>>> SECURITY >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
* Fixed: [CVE-2025-67899]
Protect from stack overflow during parsing by dissolving all 13 cases
of recursion, both direct and indirect. The attack vector was long
(or crafted) URI input. The known impact is denial of service or more.
Thanks for the report to Sergey Svistunov!
Thanks for in-depth review to Tim Düsterhus! (sponsored by Tideways GmbH)
Thanks for C callgraph tool "egypt" (https://www.gson.org/egypt/)
to Andreas Gustafsson and for "dot_find_cycles.py" to Jason Antman!
(GitHub #282, GitHub #284)
>>>>>>>>>>>>> SECURITY >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
* Changed: Start requiring a C99 compiler (GitHub #264, GitHub #273)
* Changed: Require CMake >=3.15.0 (GitHub #270)
[53 lines not shown]
pngcheck: update to 4.0.1.
4.0.1
This release builds on version 4.0.0 with the following improvements:
New Features
Added support for Content Credentials caBX chunk from PNG Fourth Edition
Added support for Apple iDOT chunk (now registered)
Added cICP autodetect for BT.601 PAL, SECAM and NTSC
Added validation that cICP chunk must accompany the use of mDCV
Build System Improvements
Added GitHub Actions CI for CMake and Make builds on Ubuntu, macOS, and Windows
Required zlib library as a non-optional dependency
Auto-detect Windows platform without requiring the WIN32 macro
Imported the wildargs library for automatic wildcard argument expansion on Windows
[23 lines not shown]
shells/fish: fix build
Disable dynamic linking against pkgsrc pcre2, otherwise fish fails the
runtime library search path check.
This will be reported upstream.
doc: Note update of mail/roundcube and related pacakges to 1.6.12
mail/roundcube
mail/roundcube-plugin-enigma
mail/roundcube-plugin-password
mail/roundcube-plugin-zipdownload
mail/roundcube: update to 1.6.12
This release contains security related fixes, last two items.
Roundcube 1.6.12 (2025-12-14)
* Support IPv6 in database DSN (#9937)
* Don't force specific error_reporting setting
* Fix compatibility with PHP 8.5 regarding array_first()
* Remove X-XSS-Protection example from .htaccess file (#9875)
* Fix "Assign to group" action state after creation of a first group (#9889)
* Fix bug where contacts search would fail if `contactlist_fields` contained
vcard fields (#9850)
* Fix bug where an mbox export file could include inconsistent message
delimiters (#9879)
* Fix parsing of inline styles that aren't well-formatted (#9948)
* Fix Cross-Site-Scripting vulnerability via SVG's animate tag
* Fix Information Disclosure vulnerability in the HTML style sanitizer
