From 39645c19bc297ee235cda7ece17ee89be601a8dd Mon Sep 17 00:00:00 2001 From: bsiegert Date: Sat, 20 Sep 2025 13:43:17 +0000 Subject: [PATCH 01/49] I hereby declare this branch open :) --- doc/CHANGES-pkgsrc-2025Q3 | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 doc/CHANGES-pkgsrc-2025Q3 diff --git a/doc/CHANGES-pkgsrc-2025Q3 b/doc/CHANGES-pkgsrc-2025Q3 new file mode 100644 index 000000000000..7c46d2fae5d5 --- /dev/null +++ b/doc/CHANGES-pkgsrc-2025Q3 @@ -0,0 +1,4 @@ +$NetBSD: CHANGES-pkgsrc-2025Q3,v 1.1.2.1 2025/09/20 13:43:17 bsiegert Exp $ + +Changes to packages iand infrastructiure on the pkgsrc-2-025Q3 branch: + From 2ae7014ba353e66c360898ebed5c55a0c04a7bd8 Mon Sep 17 00:00:00 2001 From: bsiegert Date: Sat, 20 Sep 2025 13:55:16 +0000 Subject: [PATCH 02/49] Fix embedded backspace characters Thanks gdt@ for notifying me. --- doc/CHANGES-pkgsrc-2025Q3 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/CHANGES-pkgsrc-2025Q3 b/doc/CHANGES-pkgsrc-2025Q3 index 7c46d2fae5d5..e0d0b41927d7 100644 --- a/doc/CHANGES-pkgsrc-2025Q3 +++ b/doc/CHANGES-pkgsrc-2025Q3 @@ -1,4 +1,4 @@ -$NetBSD: CHANGES-pkgsrc-2025Q3,v 1.1.2.1 2025/09/20 13:43:17 bsiegert Exp $ +$NetBSD: CHANGES-pkgsrc-2025Q3,v 1.1.2.2 2025/09/20 13:55:16 bsiegert Exp $ -Changes to packages iand infrastructiure on the pkgsrc-2-025Q3 branch: +Changes to packages and infrastructure on the pkgsrc-2025Q3 branch: From 46d46aeedc236d5d1b7eefa6b3be2e48cf9c101c Mon Sep 17 00:00:00 2001 From: maya Date: Thu, 25 Sep 2025 01:40:58 +0000 Subject: [PATCH 03/49] Pullup ticket #7005 - requested by gutteridge x11/xfce4-desktop: Functionality fix meta-pkgs/xfce4: Functionality fix Revisions pulled up: - meta-pkgs/xfce4/Makefile 1.161 - x11/xfce4-desktop/Makefile 1.115 --- Module Name: pkgsrc Committed By: gutteridge Date: Mon Sep 22 20:02:34 UTC 2025 Modified Files: pkgsrc/x11/xfce4-desktop: Makefile Log Message: xfce4-desktop: restore support for file/launcher icons When this package was updated to 4.20.0 (Makefile r. 1.108), it wasn't noticed that some of the file/launcher icon support now required libyaml as a dependency, otherwise, it simply is disabled at build time (without any differences in build artifacts that would cause notice at that stage). Addresses PR pkg/59660 from Ramiro Aceves. --- Module Name: pkgsrc Committed By: gutteridge Date: Mon Sep 22 20:05:33 UTC 2025 Modified Files: pkgsrc/meta-pkgs/xfce4: Makefile Log Message: xfce4: bump for xfce4-desktop-4.20.1nb5 --- meta-pkgs/xfce4/Makefile | 6 +++--- x11/xfce4-desktop/Makefile | 6 ++++-- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/meta-pkgs/xfce4/Makefile b/meta-pkgs/xfce4/Makefile index 98b2622e60b8..fb9046dd6df4 100644 --- a/meta-pkgs/xfce4/Makefile +++ b/meta-pkgs/xfce4/Makefile @@ -1,17 +1,17 @@ -# $NetBSD: Makefile,v 1.160 2025/08/30 22:45:52 wiz Exp $ +# $NetBSD: Makefile,v 1.160.2.1 2025/09/25 01:40:58 maya Exp $ META_PACKAGE= yes .include "Makefile.common" DISTNAME= xfce4-${XFCE4_VERSION} -PKGREVISION= 9 +PKGREVISION= 10 CATEGORIES= meta-pkgs COMMENT= Meta-package for the Xfce desktop environment DEPENDS+= xfce4-tumbler>=4.20.0:../../x11/xfce4-tumbler DEPENDS+= xfce4-appfinder>=4.20.0:../../sysutils/xfce4-appfinder -DEPENDS+= xfce4-desktop>=4.20.1nb2:../../x11/xfce4-desktop +DEPENDS+= xfce4-desktop>=4.20.1nb5:../../x11/xfce4-desktop DEPENDS+= xfce4-mousepad>=0.6.5:../../editors/xfce4-mousepad DEPENDS+= xfce4-panel>=4.20.4:../../x11/xfce4-panel DEPENDS+= xfce4-power-manager>=4.20.0nb4:../../sysutils/xfce4-power-manager diff --git a/x11/xfce4-desktop/Makefile b/x11/xfce4-desktop/Makefile index 7d6c2b044d2f..354a9f1b4b8b 100644 --- a/x11/xfce4-desktop/Makefile +++ b/x11/xfce4-desktop/Makefile @@ -1,9 +1,9 @@ -# $NetBSD: Makefile,v 1.114 2025/08/30 22:46:48 wiz Exp $ +# $NetBSD: Makefile,v 1.114.2.1 2025/09/25 01:40:58 maya Exp $ .include "../../meta-pkgs/xfce4/Makefile.common" VERSION= 4.20.1 -PKGREVISION= 4 +PKGREVISION= 5 DISTNAME= xfdesktop-${VERSION} PKGNAME= xfce4-desktop-${VERSION} CATEGORIES= x11 @@ -24,6 +24,8 @@ CONFIGURE_ARGS+= --sysconfdir=${PKG_SYSCONFBASE} .include "../../sysutils/desktop-file-utils/desktopdb.mk" .include "../../sysutils/libnotify/buildlink3.mk" .include "../../sysutils/xfce4-thunar/buildlink3.mk" +BUILDLINK_API_DEPENDS.libyaml+= libyaml>=0.2.5 +.include "../../textproc/libyaml/buildlink3.mk" .include "../../x11/libxfce4windowing/buildlink3.mk" .include "../../x11/xfce4-garcon/buildlink3.mk" .include "../../mk/bsd.pkg.mk" From 87e173d16b34e265f37b570c4d9b79aa81d2961d Mon Sep 17 00:00:00 2001 From: maya Date: Thu, 25 Sep 2025 01:42:29 +0000 Subject: [PATCH 04/49] Pullup ticket #7006 - requested by spz time/php-framadate: Disable for bulk builds due to hangs Revisions pulled up: - time/php-framadate/Makefile 1.5 --- Module Name: pkgsrc Committed By: spz Date: Wed Sep 24 15:16:42 UTC 2025 Modified Files: pkgsrc/time/php-framadate: Makefile Log Message: add NOT_FOR_BULK_PLATFORM for causing hangs --- time/php-framadate/Makefile | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/time/php-framadate/Makefile b/time/php-framadate/Makefile index 3968cdaf50b9..5d7711344f07 100644 --- a/time/php-framadate/Makefile +++ b/time/php-framadate/Makefile @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.4 2025/05/21 15:00:55 taca Exp $ +# $NetBSD: Makefile,v 1.4.4.1 2025/09/25 01:42:29 maya Exp $ DISTNAME= framadate-1.1.19 PKGNAME= ${PHP_PKG_PREFIX}-${DISTNAME} @@ -46,6 +46,14 @@ INSTALLATION_DIRS+= ${DOCDIR} ${WWWDIR} REPLACE_SH+= vendor/smarty/smarty/run-tests-for-all-php-versions.sh +# The composer run in post-extract updates from git and has a tendency +# to hang indefinitely. Also, the generated packages contain whatever was +# in git and aren't vetted by a a pkgsrc developer, which is a security +# issue for binary packages. And last not least the list of installed +# files changes, making the install phase fail. +# +NOT_FOR_BULK_PLATFORM= *-*-* + post-extract: cd ${WRKSRC} && ${SETENV} COMPOSER_HOME=${WRKDIR}/composer composer${PHP_VER} update < /dev/null From 6a87ffba475d9c60ce52391b60f26ca21e9648fd Mon Sep 17 00:00:00 2001 From: maya Date: Sat, 27 Sep 2025 23:22:25 +0000 Subject: [PATCH 05/49] Pullup ticket #7007 - requested by bsiegert security/libb2: Bug fix Revisions pulled up: - security/libb2/Makefile 1.4 --- Module Name: pkgsrc Committed By: bsiegert Date: Sat Sep 27 15:20:51 UTC 2025 Modified Files: pkgsrc/security/libb2: Makefile Log Message: libb2: disable arch-native code In the default configuration, libb2 will compile with "-march=native" compiler flags. This means that the compiled package might not work when used on a different machine of the same architecture, e.g. one without AVX512. Fixes PR pkg/58855 by Simon Burge, sorry for taking so long :) --- security/libb2/Makefile | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/security/libb2/Makefile b/security/libb2/Makefile index faa59531f169..27abbb728dde 100644 --- a/security/libb2/Makefile +++ b/security/libb2/Makefile @@ -1,6 +1,7 @@ -# $NetBSD: Makefile,v 1.3 2025/07/08 14:09:46 jperkin Exp $ +# $NetBSD: Makefile,v 1.3.2.1 2025/09/27 23:22:25 maya Exp $ DISTNAME= libb2-0.98.1 +PKGREVISION= 1 CATEGORIES= security MASTER_SITES= ${MASTER_SITE_GITHUB:=BLAKE2/} GITHUB_RELEASE= v0.98.1 @@ -13,6 +14,8 @@ LICENSE= cc0-1.0-universal GNU_CONFIGURE= yes USE_LIBTOOL= yes +CONFIGURE_ARGS+= --disable-native + CPPFLAGS.SunOS+= -D__STDC_WANT_LIB_EXT1__=1 # memset_s PKGCONFIG_OVERRIDE+= libb2.pc.in From 35d576a7620723de8e023e4391e2a69e3a4ef10f Mon Sep 17 00:00:00 2001 From: maya Date: Sat, 27 Sep 2025 23:24:14 +0000 Subject: [PATCH 06/49] doc: update for tickets 7005-7007 --- doc/CHANGES-pkgsrc-2025Q3 | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/doc/CHANGES-pkgsrc-2025Q3 b/doc/CHANGES-pkgsrc-2025Q3 index e0d0b41927d7..f9b497497bd5 100644 --- a/doc/CHANGES-pkgsrc-2025Q3 +++ b/doc/CHANGES-pkgsrc-2025Q3 @@ -1,4 +1,14 @@ -$NetBSD: CHANGES-pkgsrc-2025Q3,v 1.1.2.2 2025/09/20 13:55:16 bsiegert Exp $ +$NetBSD: CHANGES-pkgsrc-2025Q3,v 1.1.2.3 2025/09/27 23:24:14 maya Exp $ Changes to packages and infrastructure on the pkgsrc-2025Q3 branch: +Pullup ticket #7005 - requested by gutteridge +x11/xfce4-desktop: Functionality fix +meta-pkgs/xfce4: Functionality fix + +Pullup ticket #7006 - requested by spz +time/php-framadate: Disable for bulk builds due to hangs + +Pullup ticket #7007 - requested by bsiegert +security/libb2: Bug fix + From 98f77e274db63f31bb8591a2e5e39ca40ae4bf3f Mon Sep 17 00:00:00 2001 From: maya Date: Wed, 15 Oct 2025 17:14:57 +0000 Subject: [PATCH 07/49] Pullup ticket #7009 - requested by bsiegert lang/go: Security fix lang/go124: Security fix lang/go125: Security fix Revisions pulled up: - lang/go/version.mk 1.238 - lang/go124/PLIST 1.7 - lang/go124/distinfo 1.9 - lang/go125/PLIST 1.2 - lang/go125/distinfo 1.3 --- Module Name: pkgsrc Committed By: bsiegert Date: Tue Oct 7 20:26:56 UTC 2025 Modified Files: pkgsrc/lang/go: version.mk pkgsrc/lang/go124: PLIST distinfo pkgsrc/lang/go125: PLIST distinfo Log Message: go: update to 1.24.8 and 1.25.2 (security) These minor releases include 10 security fixes following the security policy: - net/mail: excessive CPU consumption in ParseAddress The ParseAddress function constructed domain-literal address components through repeated string concatenation. When parsing large domain-literal components, this could cause excessive CPU consumption. Thanks to Philippe Antoine (Catena cyber) for reporting this issue. This is CVE-2025-61725 and Go issue https://go.dev/issue/75680. - crypto/x509: quadratic complexity when checking name constraints Due to the design of the name constraint checking algorithm, the processing time of some inputs scales non-linearly with respect to the size of the certificate. This affects programs which validate arbitrary certificate chains. Thanks to Jakub Ciolek for reporting this issue. This is CVE-2025-58187 and Go issue https://go.dev/issue/75681. - crypto/tls: ALPN negotiation errors can contain arbitrary text The crypto/tls conn.Handshake method returns an error on the server-side when ALPN negotation fails which can contain arbitrary attacker controlled information provided by the client-side of the connection which is not escaped. This affects programs which log these errors without any additional form of sanitization, and may allow injection of attacker controlled information into logs. Thanks to National Cyber Security Centre Finland for reporting this issue. This is CVE-2025-58189 and Go issue https://go.dev/issue/75652. - encoding/pem: quadratic complexity when parsing some invalid inputs Due to the design of the PEM parsing function, the processing time for some inputs scales non-linearly with respect to the size of the input. This affects programs which parse untrusted PEM inputs. Thanks to Jakub Ciolek for reporting this issue. This is CVE-2025-61723 and Go issue https://go.dev/issue/75676. - net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to be included within the host component, enclosed within square brackets. For example: "http://[::1]/";. IPv4 addresses and hostnames must not appear within square brackets. Parse did not enforce this requirement. Thanks to Enze Wang, Jingcheng Yang and Zehui Miao of Tsinghua University for reporting this issue. This is CVE-2025-47912 and Go issue https://go.dev/issue/75678. - encoding/asn1: pre-allocating memory when parsing DER payload can cause memory exhaustion When parsing DER payloads, memories were being allocated prior to fully validating the payloads. This permits an attacker to craft a big empty DER payload to cause memory exhaustion in functions such as asn1.Unmarshal, x509.ParseCertificateRequest, and ocsp.ParseResponse. Thanks to Jakub Ciolek for reporting this issue. This is CVE-2025-58185 and Go issue https://go.dev/issue/75671. - net/http: lack of limit when parsing cookies can cause memory exhaustion Despite HTTP headers having a default limit of 1 MB, the number of cookies that can be parsed did not have a limit. By sending a lot of very small cookies such as "a=;", an attacker can make an HTTP server allocate a large amount of structs, causing large memory consumption. net/http now limits the number of cookies accepted to 3000, which can be adjusted using the httpcookiemaxnum GODEBUG option. Thanks to jub0bs for reporting this issue. This is CVE-2025-58186 and Go issue https://go.dev/issue/75672. - crypto/x509: panic when validating certificates with DSA public keys Validating certificate chains which contain DSA public keys can cause programs to panic, due to a interface cast that assumes they implement the Equal method. This affects programs which validate arbitrary certificate chains. Thanks to Jakub Ciolek for reporting this issue. This is CVE-2025-58188 and Go issue https://go.dev/issue/75675. - archive/tar: unbounded allocation when parsing GNU sparse map tar.Reader did not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A maliciously-crafted archive containing a large number of sparse regions could cause a Reader to read an unbounded amount of data from the archive into memory. When reading from a compressed source, a small compressed input could result in large allocations. Thanks to Harshit Gupta (Mr HAX) for reporting this issue. This is CVE-2025-58183 and Go issue https://go.dev/issue/75677. - net/textproto: excessive CPU consumption in Reader.ReadResponse The Reader.ReadResponse function constructed a response string through repeated string concatenation of lines. When the number of lines in a response is large, this could cause excessive CPU consumption. Thanks to Jakub Ciolek for reporting this issue. This is CVE-2025-61724 and Go issue https://go.dev/issue/75716. View the release notes for more information: https://go.dev/doc/devel/release#go1.25.2 --- lang/go/version.mk | 6 +++--- lang/go124/PLIST | 7 +++++-- lang/go124/distinfo | 8 ++++---- lang/go125/PLIST | 8 ++++++-- lang/go125/distinfo | 8 ++++---- 5 files changed, 22 insertions(+), 15 deletions(-) diff --git a/lang/go/version.mk b/lang/go/version.mk index 3852111ecd58..acbedc248f17 100644 --- a/lang/go/version.mk +++ b/lang/go/version.mk @@ -1,4 +1,4 @@ -# $NetBSD: version.mk,v 1.237 2025/09/06 12:54:33 bsiegert Exp $ +# $NetBSD: version.mk,v 1.237.2.1 2025/10/15 17:14:57 maya Exp $ # # If bsd.prefs.mk is included before go-package.mk in a package, then this @@ -6,8 +6,8 @@ # .include "go-vars.mk" -GO125_VERSION= 1.25.1 -GO124_VERSION= 1.24.7 +GO125_VERSION= 1.25.2 +GO124_VERSION= 1.24.8 GO123_VERSION= 1.23.12 GO122_VERSION= 1.22.12 GO120_VERSION= 1.20.14 diff --git a/lang/go124/PLIST b/lang/go124/PLIST index b75dae37a221..0f2053888234 100644 --- a/lang/go124/PLIST +++ b/lang/go124/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.6 2025/07/09 07:41:35 bsiegert Exp $ +@comment $NetBSD: PLIST,v 1.6.2.1 2025/10/15 17:14:57 maya Exp $ bin/go${GOVERSSUFFIX} bin/gofmt${GOVERSSUFFIX} go124/CONTRIBUTING.md @@ -57,7 +57,8 @@ go124/lib/fips140/Makefile go124/lib/fips140/README.md go124/lib/fips140/fips140.sum go124/lib/fips140/inprocess.txt -go124/lib/fips140/v1.0.0.zip +go124/lib/fips140/v1.0.0-c2097c7c.zip +go124/lib/fips140/v1.0.0.txt go124/lib/time/README go124/lib/time/mkzip.go go124/lib/time/update.bash @@ -138,6 +139,7 @@ go124/src/archive/tar/testdata/gnu-nil-sparse-data.tar go124/src/archive/tar/testdata/gnu-nil-sparse-hole.tar go124/src/archive/tar/testdata/gnu-not-utf8.tar go124/src/archive/tar/testdata/gnu-sparse-big.tar +go124/src/archive/tar/testdata/gnu-sparse-many-zeros.tar.bz2 go124/src/archive/tar/testdata/gnu-utf8.tar go124/src/archive/tar/testdata/gnu.tar go124/src/archive/tar/testdata/hardlink.tar @@ -13260,6 +13262,7 @@ go124/test/fixedbugs/issue7538a.go go124/test/fixedbugs/issue7538b.go go124/test/fixedbugs/issue7547.go go124/test/fixedbugs/issue7550.go +go124/test/fixedbugs/issue75569.go go124/test/fixedbugs/issue7590.go go124/test/fixedbugs/issue7648.dir/a.go go124/test/fixedbugs/issue7648.dir/b.go diff --git a/lang/go124/distinfo b/lang/go124/distinfo index 6790e2456772..eb84acfbff9f 100644 --- a/lang/go124/distinfo +++ b/lang/go124/distinfo @@ -1,8 +1,8 @@ -$NetBSD: distinfo,v 1.8 2025/09/06 12:54:33 bsiegert Exp $ +$NetBSD: distinfo,v 1.8.2.1 2025/10/15 17:14:57 maya Exp $ -BLAKE2s (go1.24.7.src.tar.gz) = ce05bb8d4f1c68ad3f35466dd43aacb176c71cab03a355d15b1d3ae9c225851f -SHA512 (go1.24.7.src.tar.gz) = 656bb879244ba888af18b6e609fb2c4bc067b919827b9026c3ee44b3e2d0c7bffde262945de989880066196846b669c215da2e8c5d9adfb8491bb5d52af0d49a -Size (go1.24.7.src.tar.gz) = 30794506 bytes +BLAKE2s (go1.24.8.src.tar.gz) = 0955f60915a81bdb8d4d468d038ad4ebb597355a8b2df5d5737d06dfb41b2f9c +SHA512 (go1.24.8.src.tar.gz) = 3233c75223b310d14ccb1846e192d0d4867e8ecc1091c9853bc536f5051cdfb8682ae2f86b5caec77b1f3cbfaf5864c9231fb3a756471ff77d7a904e79bb3f15 +Size (go1.24.8.src.tar.gz) = 30797581 bytes SHA1 (patch-misc_ios_clangwrap.sh) = 28ea4426336155d6720f7e16b43f0207b47a6dd8 SHA1 (patch-src_cmd_dist_build.go) = cbb9576f832806b0cbef121ea38ba6a54db95bc3 SHA1 (patch-src_crypto_x509_root__bsd.go) = 0b5dead901450967109303f873a2696c65ccac35 diff --git a/lang/go125/PLIST b/lang/go125/PLIST index 768c0f7fa8f7..17d22c77ad81 100644 --- a/lang/go125/PLIST +++ b/lang/go125/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.1 2025/08/16 15:52:03 bsiegert Exp $ +@comment $NetBSD: PLIST,v 1.1.2.1 2025/10/15 17:14:57 maya Exp $ bin/go${GOVERSSUFFIX} bin/gofmt${GOVERSSUFFIX} go125/CONTRIBUTING.md @@ -57,7 +57,8 @@ go125/lib/fips140/Makefile go125/lib/fips140/README.md go125/lib/fips140/fips140.sum go125/lib/fips140/inprocess.txt -go125/lib/fips140/v1.0.0.zip +go125/lib/fips140/v1.0.0-c2097c7c.zip +go125/lib/fips140/v1.0.0.txt go125/lib/time/README go125/lib/time/mkzip.go go125/lib/time/update.bash @@ -124,6 +125,7 @@ go125/src/archive/tar/testdata/gnu-nil-sparse-data.tar go125/src/archive/tar/testdata/gnu-nil-sparse-hole.tar go125/src/archive/tar/testdata/gnu-not-utf8.tar go125/src/archive/tar/testdata/gnu-sparse-big.tar +go125/src/archive/tar/testdata/gnu-sparse-many-zeros.tar.bz2 go125/src/archive/tar/testdata/gnu-utf8.tar go125/src/archive/tar/testdata/gnu.tar go125/src/archive/tar/testdata/hardlink.tar @@ -9412,6 +9414,7 @@ go125/src/runtime/debuglog.go go125/src/runtime/debuglog_off.go go125/src/runtime/debuglog_on.go go125/src/runtime/debuglog_test.go +go125/src/runtime/decoratemappings_test.go go125/src/runtime/defer_test.go go125/src/runtime/defs1_linux.go go125/src/runtime/defs1_netbsd_386.go @@ -13578,6 +13581,7 @@ go125/test/fixedbugs/issue7538a.go go125/test/fixedbugs/issue7538b.go go125/test/fixedbugs/issue7547.go go125/test/fixedbugs/issue7550.go +go125/test/fixedbugs/issue75569.go go125/test/fixedbugs/issue7590.go go125/test/fixedbugs/issue7648.dir/a.go go125/test/fixedbugs/issue7648.dir/b.go diff --git a/lang/go125/distinfo b/lang/go125/distinfo index 2f3c515fb482..bf2837bcdf32 100644 --- a/lang/go125/distinfo +++ b/lang/go125/distinfo @@ -1,8 +1,8 @@ -$NetBSD: distinfo,v 1.2 2025/09/06 12:54:33 bsiegert Exp $ +$NetBSD: distinfo,v 1.2.2.1 2025/10/15 17:14:57 maya Exp $ -BLAKE2s (go1.25.1.src.tar.gz) = 72f1278bbe406337a11fef85da52063ce1fed9c9ae456ddaaf28f908980794ab -SHA512 (go1.25.1.src.tar.gz) = e77ae799a0dcd4ded40a196c3645da5b7e808e417831d2c5441387b0fd0ed5f946b678305294c52fda0a258889225c24c6073bb0973c3531ba4aa107b6afe849 -Size (go1.25.1.src.tar.gz) = 31974863 bytes +BLAKE2s (go1.25.2.src.tar.gz) = 7bb077ae4666f53b7e3203464817ee3a54c016a4b1f59bbce1af46133600c766 +SHA512 (go1.25.2.src.tar.gz) = 2700ceca314bb78b8ff97aa8703442b60eceb3acbad46b7959739bb0399174f27af372c7f72cd1adb83997adacbf43e2e2572e85fa5cf2a18271d0ef1ee0b8b4 +Size (go1.25.2.src.tar.gz) = 31978632 bytes SHA1 (patch-misc_ios_clangwrap.sh) = 28ea4426336155d6720f7e16b43f0207b47a6dd8 SHA1 (patch-src_cmd_dist_build.go) = cbb9576f832806b0cbef121ea38ba6a54db95bc3 SHA1 (patch-src_crypto_x509_root__bsd.go) = 0b5dead901450967109303f873a2696c65ccac35 From 78f613b791b0d3743a1af71804910d036f72a4ad Mon Sep 17 00:00:00 2001 From: maya Date: Wed, 15 Oct 2025 17:17:48 +0000 Subject: [PATCH 08/49] Pullup ticket #7008 - requested by wiz devel/readline: Bug fix Revisions pulled up: - devel/readline/Makefile 1.78 - devel/readline/distinfo 1.41 - devel/readline/patches/patch-input.c 1.3 --- Module Name: pkgsrc Committed By: wiz Date: Tue Oct 7 18:20:19 UTC 2025 Modified Files: pkgsrc/devel/readline: Makefile distinfo Added Files: pkgsrc/devel/readline/patches: patch-input.c Log Message: readline: fix event hook using upstream patch from mailing list Should fix octave problems reported in PR 59688 Bump PKGREVISION. --- devel/readline/Makefile | 3 ++- devel/readline/distinfo | 3 ++- devel/readline/patches/patch-input.c | 34 ++++++++++++++++++++++++++++ 3 files changed, 38 insertions(+), 2 deletions(-) create mode 100644 devel/readline/patches/patch-input.c diff --git a/devel/readline/Makefile b/devel/readline/Makefile index 1482e37e2023..601faf287f83 100644 --- a/devel/readline/Makefile +++ b/devel/readline/Makefile @@ -1,6 +1,7 @@ -# $NetBSD: Makefile,v 1.77 2025/08/02 06:57:22 wiz Exp $ +# $NetBSD: Makefile,v 1.77.2.1 2025/10/15 17:17:48 maya Exp $ DISTNAME= readline-8.3 +PKGREVISION= 1 CATEGORIES= devel MASTER_SITES= ${MASTER_SITE_GNU:=readline/} diff --git a/devel/readline/distinfo b/devel/readline/distinfo index c77addf4b46d..00324f142710 100644 --- a/devel/readline/distinfo +++ b/devel/readline/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.40 2025/08/02 06:56:14 wiz Exp $ +$NetBSD: distinfo,v 1.40.2.1 2025/10/15 17:17:48 maya Exp $ BLAKE2s (readline-8.3.tar.gz) = 9138ef5b41fb1a5cf758b99281c915cc6b09bd640c7ddc3460db8c6a116feccc SHA512 (readline-8.3.tar.gz) = 513002753dcf5db9213dbbb61d51217245f6a40d33b1dd45238e8062dfa8eef0c890b87a5548e11db959e842724fb572c4d3d7fb433773762a63c30efe808344 @@ -7,5 +7,6 @@ SHA1 (patch-ae) = c917e0f4cc2e502bab2b695bb042216b7a21b822 SHA1 (patch-ag) = 3114e6959dfff3e2aae74c3df3ba4b0f692b79bb SHA1 (patch-ah) = d812ea068415939beb42c72dd9bed8d210db57d1 SHA1 (patch-examples_Makefile.in) = 12bdbc3a0d1a116bed96c66ef4d25273b071fd3c +SHA1 (patch-input.c) = 968d3f637d7e99370ef5f7c3a98dbd7622c24f4d SHA1 (patch-readline.pc.in) = b953a4ca1636b30eee0e90d76484b9ecb73f84f5 SHA1 (patch-rlprivate.h) = b04503026cb4fd5bfeb9cd884bb6a35b6014f058 diff --git a/devel/readline/patches/patch-input.c b/devel/readline/patches/patch-input.c new file mode 100644 index 000000000000..a960f29640a4 --- /dev/null +++ b/devel/readline/patches/patch-input.c @@ -0,0 +1,34 @@ +$NetBSD: patch-input.c,v 1.3.2.2 2025/10/15 17:17:48 maya Exp $ + +Fix broken event_hook. +https://lists.gnu.org/archive/html/bug-readline/2025-07/msg00012.html +https://lists.gnu.org/archive/html/bug-readline/2025-07/txtTYu28QVKRX.txt + +--- input.c.orig 2025-05-02 13:29:05.000000000 +0000 ++++ input.c +@@ -261,13 +261,16 @@ rl_gather_tyi (void) + input = 0; + tty = fileno (rl_instream); + +- /* Move this up here to give it first shot, but it can't set chars_avail */ ++ /* Move this up here to give it first shot, but it can't set chars_avail, ++ so we assume a single character is available. */ + /* XXX - need rl_chars_available_hook? */ + if (rl_input_available_hook) + { + result = (*rl_input_available_hook) (); + if (result == 0) + result = -1; ++ else ++ chars_avail = 1; + } + + #if defined (HAVE_PSELECT) || defined (HAVE_SELECT) +@@ -285,6 +288,7 @@ rl_gather_tyi (void) + #endif + if (result <= 0) + return 0; /* Nothing to read. */ ++ result = -1; /* there is something, so check how many chars below */ + } + #endif + From 810a7ad95c0ffee8b0c60af5465352bc2e8bf8d1 Mon Sep 17 00:00:00 2001 From: maya Date: Wed, 15 Oct 2025 17:18:24 +0000 Subject: [PATCH 09/49] doc: Update for tickets 7008, 7009 --- doc/CHANGES-pkgsrc-2025Q3 | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/doc/CHANGES-pkgsrc-2025Q3 b/doc/CHANGES-pkgsrc-2025Q3 index f9b497497bd5..dee2cbef7f22 100644 --- a/doc/CHANGES-pkgsrc-2025Q3 +++ b/doc/CHANGES-pkgsrc-2025Q3 @@ -1,4 +1,4 @@ -$NetBSD: CHANGES-pkgsrc-2025Q3,v 1.1.2.3 2025/09/27 23:24:14 maya Exp $ +$NetBSD: CHANGES-pkgsrc-2025Q3,v 1.1.2.4 2025/10/15 17:18:24 maya Exp $ Changes to packages and infrastructure on the pkgsrc-2025Q3 branch: @@ -12,3 +12,10 @@ time/php-framadate: Disable for bulk builds due to hangs Pullup ticket #7007 - requested by bsiegert security/libb2: Bug fix +Pullup ticket #7008 - requested by wiz +devel/readline: Bug fix + +Pullup ticket #7009 - requested by bsiegert +lang/go: Security fix +lang/go124: Security fix +lang/go125: Security fix From 59b47cfa4e99bfff64e5e8b94f67f9f56af15fa1 Mon Sep 17 00:00:00 2001 From: maya Date: Fri, 17 Oct 2025 23:34:26 +0000 Subject: [PATCH 10/49] Pullup ticket #7012 - requested by sborrill databases/mysql80-client: Build fix databases/mysql80-server: Build fix Revisions pulled up: - databases/mysql80-client/distinfo 1.17 - databases/mysql80-client/patches/patch-plugin_x_client_xprotocol__impl.cc 1.1 - databases/mysql80-client/patches/patch-plugin_x_protocol_plugin_encoder__file__output.h 1.1 - databases/mysql80-client/patches/patch-plugin_x_protocol_plugin_message__field__chain.cc 1.1 - databases/mysql80-client/patches/patch-plugin_x_protocol_plugin_messages__used__by__server.cc 1.1 - databases/mysql80-client/patches/patch-plugin_x_protocol_stream_decompression__input__stream.h 1.1 - databases/mysql80-client/patches/patch-plugin_x_src_io_vio__input__stream.h 1.1 - databases/mysql80-client/patches/patch-plugin_x_src_prepare__param__handler.cc 1.1 - databases/mysql80-client/patches/patch-plugin_x_tests_driver_connector_session__holder.cc 1.1 - databases/mysql80-client/patches/patch-plugin_x_tests_driver_formatters_message__formatter.cc 1.1 - databases/mysql80-client/patches/patch-plugin_x_tests_driver_processor_send__message__block__processor.cc 1.1 - databases/mysql80-server/Makefile 1.39 - databases/mysql80-server/PLIST 1.6 --- Module Name: pkgsrc Committed By: jnemeth Date: Wed Oct 15 03:52:38 UTC 2025 Modified Files: pkgsrc/databases/mysql80-client: distinfo Added Files: pkgsrc/databases/mysql80-client/patches: patch-plugin_x_client_xprotocol__impl.cc patch-plugin_x_protocol_plugin_encoder__file__output.h patch-plugin_x_protocol_plugin_message__field__chain.cc patch-plugin_x_protocol_plugin_messages__used__by__server.cc patch-plugin_x_protocol_stream_decompression__input__stream.h patch-plugin_x_src_io_vio__input__stream.h patch-plugin_x_src_prepare__param__handler.cc patch-plugin_x_tests_driver_connector_session__holder.cc patch-plugin_x_tests_driver_formatters_message__formatter.cc patch-plugin_x_tests_driver_processor_send__message__block__processor.cc Log Message: PR/59670 -- patches from joerg@ to work with modern external abseil/protobuf --- Module Name: pkgsrc Committed By: jnemeth Date: Wed Oct 15 04:02:19 UTC 2025 Modified Files: pkgsrc/databases/mysql80-server: Makefile Log Message: PR/59670 -- revert switch to included protobuf which didn't work --- Module Name: pkgsrc Committed By: jnemeth Date: Wed Oct 15 22:06:10 UTC 2025 Modified Files: pkgsrc/databases/mysql80-server: PLIST Log Message: PR/59670 -- missed reverting PLIST --- databases/mysql80-client/distinfo | 13 ++++- .../patch-plugin_x_client_xprotocol__impl.cc | 31 ++++++++++ ..._x_protocol_plugin_encoder__file__output.h | 31 ++++++++++ ...x_protocol_plugin_message__field__chain.cc | 30 ++++++++++ ...tocol_plugin_messages__used__by__server.cc | 21 +++++++ ...ocol_stream_decompression__input__stream.h | 13 +++++ ...patch-plugin_x_src_io_vio__input__stream.h | 13 +++++ ...ch-plugin_x_src_prepare__param__handler.cc | 15 +++++ ..._tests_driver_connector_session__holder.cc | 30 ++++++++++ ...ts_driver_formatters_message__formatter.cc | 58 +++++++++++++++++++ ...ocessor_send__message__block__processor.cc | 13 +++++ databases/mysql80-server/Makefile | 4 +- 12 files changed, 269 insertions(+), 3 deletions(-) create mode 100644 databases/mysql80-client/patches/patch-plugin_x_client_xprotocol__impl.cc create mode 100644 databases/mysql80-client/patches/patch-plugin_x_protocol_plugin_encoder__file__output.h create mode 100644 databases/mysql80-client/patches/patch-plugin_x_protocol_plugin_message__field__chain.cc create mode 100644 databases/mysql80-client/patches/patch-plugin_x_protocol_plugin_messages__used__by__server.cc create mode 100644 databases/mysql80-client/patches/patch-plugin_x_protocol_stream_decompression__input__stream.h create mode 100644 databases/mysql80-client/patches/patch-plugin_x_src_io_vio__input__stream.h create mode 100644 databases/mysql80-client/patches/patch-plugin_x_src_prepare__param__handler.cc create mode 100644 databases/mysql80-client/patches/patch-plugin_x_tests_driver_connector_session__holder.cc create mode 100644 databases/mysql80-client/patches/patch-plugin_x_tests_driver_formatters_message__formatter.cc create mode 100644 databases/mysql80-client/patches/patch-plugin_x_tests_driver_processor_send__message__block__processor.cc diff --git a/databases/mysql80-client/distinfo b/databases/mysql80-client/distinfo index 28fe1c4b9922..f7c67d1dcc8e 100644 --- a/databases/mysql80-client/distinfo +++ b/databases/mysql80-client/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.15 2024/12/24 18:52:22 adam Exp $ +$NetBSD: distinfo,v 1.15.6.1 2025/10/17 23:34:26 maya Exp $ BLAKE2s (mysql-boost-8.0.40.tar.gz) = 4fba24ee573376052daa912a055c62341c88dc5f8e6e769487dde4ebf49e6bb8 SHA512 (mysql-boost-8.0.40.tar.gz) = fcece6e3c09dc4733767effb5c22a55e4add1c9f6b6b911e1eccdd0444f08dc5714b3c8b2a40c85a75a63ff117b6c9881904b6b4732b5ca9bef96de1cb2e284a @@ -22,6 +22,17 @@ SHA1 (patch-libmysql_CMakeLists.txt) = 7b83faf1751ad40f20bca1ebcdac0cebb1370443 SHA1 (patch-mysys_kqueue__timers.cc) = 837474b779c24dd0af67444c2adbcf07b73e0d36 SHA1 (patch-mysys_stacktrace.cc) = 6792ceaae3c3b0d70bd8b6c848a128d50397e6f4 SHA1 (patch-packaging_solaris_CMakeLists.txt) = 135c4aa07d9b20a9b56b8f1616821abfedb52ecb +SHA1 (patch-plugin_x_client_xprotocol__impl.cc) = 70d00b692b76d730758b72e3d3b6add16358543a +SHA1 (patch-plugin_x_protocol_plugin_encoder__file__output.h) = 76355089db19408860bcf8fe64c2e5c11d4aa0a6 +SHA1 (patch-plugin_x_protocol_plugin_message__field__chain.cc) = 997b361b668b1fb8a1001422615c0cc8faadf9d2 +SHA1 (patch-plugin_x_protocol_plugin_messages__used__by__server.cc) = f43c64c4479fde3db0024e8d92c0ffd2e097b26b +SHA1 (patch-plugin_x_protocol_stream_decompression__input__stream.h) = eaf27412d366b9862fe834ebc6ec579891d03f6b +SHA1 (patch-plugin_x_src_io_vio__input__stream.h) = cee7b855eadffe4036ced2b44f7bbbc400ca5ec7 +SHA1 (patch-plugin_x_src_prepare__param__handler.cc) = 19371a41e8627568094faa7b7a4f75f415321511 +SHA1 (patch-plugin_x_tests_driver_connector_session__holder.cc) = 371ad64e391ac3a2e6ff08948e190eb85f44aa81 +SHA1 (patch-plugin_x_tests_driver_connector_warning.h) = 80d4cbe93b853348f98c54d96892648063e1f9f5 +SHA1 (patch-plugin_x_tests_driver_formatters_message__formatter.cc) = d9ebd6238844f291de7208a372e9bf6c91b359b3 +SHA1 (patch-plugin_x_tests_driver_processor_send__message__block__processor.cc) = 410f6a14e1a2320f14985f3ea99533e0cbcb3a92 SHA1 (patch-router_CMakeLists.txt) = 9bfd1278c42070ada0606dfff34a66b8b95d0413 SHA1 (patch-router_src_harness_include_mysql_harness_net_ts_impl_netif.h) = ade643148787438d6d6f1f7b2636bbd0af87d70f SHA1 (patch-router_src_harness_include_mysql_harness_net_ts_internet.h) = 29e019236423aaa77b71b273d009404e4fbafe73 diff --git a/databases/mysql80-client/patches/patch-plugin_x_client_xprotocol__impl.cc b/databases/mysql80-client/patches/patch-plugin_x_client_xprotocol__impl.cc new file mode 100644 index 000000000000..aa81c04304ae --- /dev/null +++ b/databases/mysql80-client/patches/patch-plugin_x_client_xprotocol__impl.cc @@ -0,0 +1,31 @@ +$NetBSD: patch-plugin_x_client_xprotocol__impl.cc,v 1.1.2.2 2025/10/17 23:34:26 maya Exp $ + +--- plugin/x/client/xprotocol_impl.cc.orig 2025-09-26 13:01:59.742201211 +0000 ++++ plugin/x/client/xprotocol_impl.cc +@@ -782,7 +782,7 @@ std::unique_ptr Prot + DBUG_LOG("debug", "Deserialize message: " << ret_val->GetTypeName()); + if (!ret_val->ParseFromCodedStream(input_stream)) { + std::string error_message(ERR_MSG_MESSAGE_NOT_INITIALIZED); +- error_message += "Name:" + ret_val->GetTypeName() + ", "; ++ error_message += "Name:" + std::string(ret_val->GetTypeName()) + ", "; + error_message += ret_val->InitializationErrorString(); + *out_error = XError(CR_MALFORMED_PACKET, error_message); + +@@ -816,7 +816,7 @@ std::unique_ptr Prot + + if (!ret_val->IsInitialized()) { + std::string err(ERR_MSG_MESSAGE_NOT_INITIALIZED); +- err += "Name:" + ret_val->GetTypeName() + ", "; ++ err += "Name:" + std::string(ret_val->GetTypeName()) + ", "; + err += ret_val->InitializationErrorString(); + *out_error = XError(CR_MALFORMED_PACKET, err); + +@@ -1122,7 +1122,7 @@ XProtocol::Message *Protocol_impl::recv_ + + if (!m_compressed.ParseFromCodedStream(&cis)) { + std::string error_message(ERR_MSG_MESSAGE_NOT_INITIALIZED); +- error_message += "Name:" + m_compressed.GetTypeName() + ", "; ++ error_message += "Name:" + std::string(m_compressed.GetTypeName()) + ", "; + error_message += m_compressed.InitializationErrorString(); + *out_error = XError(CR_MALFORMED_PACKET, error_message); + return nullptr; diff --git a/databases/mysql80-client/patches/patch-plugin_x_protocol_plugin_encoder__file__output.h b/databases/mysql80-client/patches/patch-plugin_x_protocol_plugin_encoder__file__output.h new file mode 100644 index 000000000000..be119d0dd706 --- /dev/null +++ b/databases/mysql80-client/patches/patch-plugin_x_protocol_plugin_encoder__file__output.h @@ -0,0 +1,31 @@ +$NetBSD: patch-plugin_x_protocol_plugin_encoder__file__output.h,v 1.1.2.2 2025/10/17 23:34:26 maya Exp $ + +--- plugin/x/protocol/plugin/encoder_file_output.h.orig 2025-09-26 12:35:32.501446532 +0000 ++++ plugin/x/protocol/plugin/encoder_file_output.h +@@ -79,7 +79,7 @@ class Encoder_file_output : public File_ + return; + + write_to_context(context, ""); +- write_to_context(context, "struct ", message->name(), " {"); ++ write_to_context(context, "struct ", std::string(message->name()), " {"); + + if (message->options().HasExtension(Mysqlx::server_message_id)) { + const auto server_id_numeric = static_cast( +@@ -97,7 +97,7 @@ class Encoder_file_output : public File_ + bool is_reserved = false; + const auto field = message->field(i); + const auto field_tag = std::to_string(field->number()); +- const auto field_name = get_cpp_field_name(field->name(), &is_reserved); ++ const auto field_name = get_cpp_field_name(std::string(field->name()), &is_reserved); + + if (is_reserved) { + write_to_context(context, +@@ -129,7 +129,7 @@ class Encoder_file_output : public File_ + + // Check if we there is a message containing Server message ID + if (0 == m_used_message_ids.count(enum_value->number())) { +- std::string value = " " + enum_value->name() + " = " + ++ std::string value = std::string(" ") + std::string(enum_value->name()) + " = " + + std::to_string(enum_value->number()); + + values.push_back(value); diff --git a/databases/mysql80-client/patches/patch-plugin_x_protocol_plugin_message__field__chain.cc b/databases/mysql80-client/patches/patch-plugin_x_protocol_plugin_message__field__chain.cc new file mode 100644 index 000000000000..e988d9e896ac --- /dev/null +++ b/databases/mysql80-client/patches/patch-plugin_x_protocol_plugin_message__field__chain.cc @@ -0,0 +1,30 @@ +$NetBSD: patch-plugin_x_protocol_plugin_message__field__chain.cc,v 1.1.2.2 2025/10/17 23:34:26 maya Exp $ + +--- plugin/x/protocol/plugin/message_field_chain.cc.orig 2025-09-26 12:32:21.347349594 +0000 ++++ plugin/x/protocol/plugin/message_field_chain.cc +@@ -26,6 +26,7 @@ + #include "plugin/x/protocol/plugin/message_field_chain.h" + + #include ++#include + + #include "my_compiler.h" + MY_COMPILER_DIAGNOSTIC_PUSH() +@@ -58,7 +59,7 @@ bool Message_field_chain::begin_validate + + // Check against cycles in Message dependencies graph + const bool was_node_visited = +- message && 0 != m_types_done.count(message->full_name()); ++ message && 0 != m_types_done.count(std::string(message->full_name())); + + if (nullptr == message || was_node_visited || 0 == message->field_count()) { + m_output_file->append_chain(m_context, chain); +@@ -74,7 +75,7 @@ bool Message_field_chain::begin_validate + + void Message_field_chain::end_validate_field(const FieldDescriptor *field, + const Descriptor *message) { +- m_types_done.erase(message->full_name()); ++ m_types_done.erase(std::string(message->full_name())); + const auto position = m_chain.find_last_of("."); + + if (std::string::npos != position) m_chain.resize(position); diff --git a/databases/mysql80-client/patches/patch-plugin_x_protocol_plugin_messages__used__by__server.cc b/databases/mysql80-client/patches/patch-plugin_x_protocol_plugin_messages__used__by__server.cc new file mode 100644 index 000000000000..c17af2c5e3ae --- /dev/null +++ b/databases/mysql80-client/patches/patch-plugin_x_protocol_plugin_messages__used__by__server.cc @@ -0,0 +1,21 @@ +$NetBSD: patch-plugin_x_protocol_plugin_messages__used__by__server.cc,v 1.1.2.2 2025/10/17 23:34:26 maya Exp $ + +--- plugin/x/protocol/plugin/messages_used_by_server.cc.orig 2025-09-26 12:39:53.077862873 +0000 ++++ plugin/x/protocol/plugin/messages_used_by_server.cc +@@ -49,14 +49,14 @@ bool Messages_used_by_server::begin_vali + const auto &message_options = message->options(); + + if (!message_options.HasExtension(Mysqlx::server_message_id)) { +- if (0 == m_forced_packages.count(message->file()->package())) ++ if (0 == m_forced_packages.count(std::string(message->file()->package()))) + return false; + } + } + + // Check against cycles in Message dependencies graph + const bool was_node_visited = +- message && 0 != m_types_done.count(message->full_name()); ++ message && 0 != m_types_done.count(std::string(message->full_name())); + + if (nullptr == message || was_node_visited) { + return false; diff --git a/databases/mysql80-client/patches/patch-plugin_x_protocol_stream_decompression__input__stream.h b/databases/mysql80-client/patches/patch-plugin_x_protocol_stream_decompression__input__stream.h new file mode 100644 index 000000000000..3ae5440ade80 --- /dev/null +++ b/databases/mysql80-client/patches/patch-plugin_x_protocol_stream_decompression__input__stream.h @@ -0,0 +1,13 @@ +$NetBSD: patch-plugin_x_protocol_stream_decompression__input__stream.h,v 1.1.2.2 2025/10/17 23:34:26 maya Exp $ + +--- plugin/x/protocol/stream/decompression_input_stream.h.orig 2025-09-26 12:57:48.907982837 +0000 ++++ plugin/x/protocol/stream/decompression_input_stream.h +@@ -93,7 +93,7 @@ class Decompression_input_stream + return Skip(count - left); + } + +- google::protobuf::int64 ByteCount() const override { ++ int64_t ByteCount() const override { + return m_all + m_output_buffer_offset; + } + diff --git a/databases/mysql80-client/patches/patch-plugin_x_src_io_vio__input__stream.h b/databases/mysql80-client/patches/patch-plugin_x_src_io_vio__input__stream.h new file mode 100644 index 000000000000..70464214d5c1 --- /dev/null +++ b/databases/mysql80-client/patches/patch-plugin_x_src_io_vio__input__stream.h @@ -0,0 +1,13 @@ +$NetBSD: patch-plugin_x_src_io_vio__input__stream.h,v 1.1.2.2 2025/10/17 23:34:26 maya Exp $ + +--- plugin/x/src/io/vio_input_stream.h.orig 2025-09-26 12:55:15.014925544 +0000 ++++ plugin/x/src/io/vio_input_stream.h +@@ -36,7 +36,7 @@ namespace xpl { + + class Vio_input_stream : public google::protobuf::io::ZeroCopyInputStream { + public: +- using gint64 = google::protobuf::int64; ++ using gint64 = int64_t; + + public: + explicit Vio_input_stream(const std::shared_ptr &connection); diff --git a/databases/mysql80-client/patches/patch-plugin_x_src_prepare__param__handler.cc b/databases/mysql80-client/patches/patch-plugin_x_src_prepare__param__handler.cc new file mode 100644 index 000000000000..f5b78510d215 --- /dev/null +++ b/databases/mysql80-client/patches/patch-plugin_x_src_prepare__param__handler.cc @@ -0,0 +1,15 @@ +$NetBSD: patch-plugin_x_src_prepare__param__handler.cc,v 1.1.2.2 2025/10/17 23:34:26 maya Exp $ + +--- plugin/x/src/prepare_param_handler.cc.orig 2025-09-26 12:59:25.775536085 +0000 ++++ plugin/x/src/prepare_param_handler.cc +@@ -147,8 +147,8 @@ ngs::Error_code Prepare_param_handler::p + "' and of type '%s' is not supported for binding" + " to prepared statement", + ph.m_id, +- arg.has_scalar() ? arg.scalar().GetTypeName().c_str() +- : arg.GetTypeName().c_str()); ++ arg.has_scalar() ? std::string(arg.scalar().GetTypeName()).c_str() ++ : std::string(arg.GetTypeName()).c_str()); + } + } + return ngs::Success(); diff --git a/databases/mysql80-client/patches/patch-plugin_x_tests_driver_connector_session__holder.cc b/databases/mysql80-client/patches/patch-plugin_x_tests_driver_connector_session__holder.cc new file mode 100644 index 000000000000..500abb9b53ee --- /dev/null +++ b/databases/mysql80-client/patches/patch-plugin_x_tests_driver_connector_session__holder.cc @@ -0,0 +1,30 @@ +$NetBSD: patch-plugin_x_tests_driver_connector_session__holder.cc,v 1.1.2.2 2025/10/17 23:34:26 maya Exp $ + +--- plugin/x/tests/driver/connector/session_holder.cc.orig 2025-09-26 15:16:29.800399712 +0000 ++++ plugin/x/tests/driver/connector/session_holder.cc +@@ -358,7 +358,7 @@ xcl::Handler_result Session_holder::coun + Mysqlx::ServerMessages::descriptor()->full_name(); + const bool is_empty_message = (protobuf_message_name == server_message_name); + const std::string &msg_name = !is_empty_message +- ? msg.GetDescriptor()->full_name() ++ ? std::string(msg.GetDescriptor()->full_name()) + : server_msgs_by_id[msg_id].second; + + ++m_received_msg_counters[msg_name]; +@@ -367,11 +367,11 @@ xcl::Handler_result Session_holder::coun + return xcl::Handler_result::Continue; + + static const std::array k_notice_type_id = { +- Mysqlx::Notice::Warning::descriptor()->full_name(), +- Mysqlx::Notice::SessionVariableChanged::descriptor()->full_name(), +- Mysqlx::Notice::SessionStateChanged::descriptor()->full_name(), +- Mysqlx::Notice::GroupReplicationStateChanged::descriptor()->full_name(), +- Mysqlx::Notice::ServerHello::descriptor()->full_name(), ++ std::string(Mysqlx::Notice::Warning::descriptor()->full_name()), ++ std::string(Mysqlx::Notice::SessionVariableChanged::descriptor()->full_name()), ++ std::string(Mysqlx::Notice::SessionStateChanged::descriptor()->full_name()), ++ std::string(Mysqlx::Notice::GroupReplicationStateChanged::descriptor()->full_name()), ++ std::string(Mysqlx::Notice::ServerHello::descriptor()->full_name()), + }; + + const auto notice_type = diff --git a/databases/mysql80-client/patches/patch-plugin_x_tests_driver_formatters_message__formatter.cc b/databases/mysql80-client/patches/patch-plugin_x_tests_driver_formatters_message__formatter.cc new file mode 100644 index 000000000000..6b81c3eb2a22 --- /dev/null +++ b/databases/mysql80-client/patches/patch-plugin_x_tests_driver_formatters_message__formatter.cc @@ -0,0 +1,58 @@ +$NetBSD: patch-plugin_x_tests_driver_formatters_message__formatter.cc,v 1.1.2.2 2025/10/17 23:34:27 maya Exp $ + +--- plugin/x/tests/driver/formatters/message_formatter.cc.orig 2025-09-26 15:19:35.788614740 +0000 ++++ plugin/x/tests/driver/formatters/message_formatter.cc +@@ -176,7 +176,7 @@ static std::string message_to_text(const + message.ParseFromString(binary_message); + google::protobuf::TextFormat::PrintToString(message, &result); + +- return message.GetDescriptor()->full_name() + " { " + result + " }"; ++ return std::string(message.GetDescriptor()->full_name()) + " { " + result + " }"; + } + + static std::string messages_field_to_text(const Message &message, +@@ -206,7 +206,7 @@ static std::string messages_field_to_tex + return xpl::to_string(reflection->GetBool(message, fd)); + + case FieldDescriptor::CPPTYPE_ENUM: +- return reflection->GetEnum(message, fd)->name(); ++ return std::string(reflection->GetEnum(message, fd)->name()); + + case FieldDescriptor::CPPTYPE_STRING: + return reflection->GetString(message, fd); +@@ -247,7 +247,7 @@ static std::string messages_repeated_fie + return xpl::to_string(reflection->GetRepeatedBool(message, fd, index)); + + case FieldDescriptor::CPPTYPE_ENUM: +- return reflection->GetRepeatedEnum(message, fd, index)->name(); ++ return std::string(reflection->GetRepeatedEnum(message, fd, index)->name()); + + case FieldDescriptor::CPPTYPE_STRING: + return reflection->GetRepeatedString(message, fd, index); +@@ -313,7 +313,7 @@ std::string message_to_text(const Messag + printer.PrintToString(message, &output); + } + +- return message.GetDescriptor()->full_name() + " {\n" + output + "}\n"; ++ return std::string(message.GetDescriptor()->full_name()) + " {\n" + output + "}\n"; + } + + /** +@@ -348,7 +348,7 @@ std::string message_to_text(const Messag + std::find_if(output.begin(), output.end(), expected_field); + + if (output.end() == i) { +- throw std::logic_error("Message '" + msg->GetDescriptor()->full_name() + ++ throw std::logic_error("Message '" + std::string(msg->GetDescriptor()->full_name()) + + "' doesn't contains field '" + + expected_field.m_name + + "'" +@@ -405,7 +405,7 @@ std::string message_to_text(const Messag + std::string prefix = ""; + + if (show_message_name) +- prefix = message.GetDescriptor()->full_name() + "(" + field_path + ") = "; ++ prefix = std::string(message.GetDescriptor()->full_name()) + "(" + field_path + ") = "; + + if (!field_descriptor->is_repeated()) + return prefix + messages_field_to_text(*msg, field_descriptor); diff --git a/databases/mysql80-client/patches/patch-plugin_x_tests_driver_processor_send__message__block__processor.cc b/databases/mysql80-client/patches/patch-plugin_x_tests_driver_processor_send__message__block__processor.cc new file mode 100644 index 000000000000..49937d2fa69d --- /dev/null +++ b/databases/mysql80-client/patches/patch-plugin_x_tests_driver_processor_send__message__block__processor.cc @@ -0,0 +1,13 @@ +$NetBSD: patch-plugin_x_tests_driver_processor_send__message__block__processor.cc,v 1.1.2.2 2025/10/17 23:34:27 maya Exp $ + +--- plugin/x/tests/driver/processor/send_message_block_processor.cc.orig 2025-09-26 15:25:21.172316733 +0000 ++++ plugin/x/tests/driver/processor/send_message_block_processor.cc +@@ -160,7 +160,7 @@ std::string Send_message_block_processor + #endif + + res[4] = client_msgs_by_name +- [client_msgs_by_full_name[message.GetDescriptor()->full_name()]] ++ [client_msgs_by_full_name[std::string(message.GetDescriptor()->full_name())]] + .second; + res.append(out); + diff --git a/databases/mysql80-server/Makefile b/databases/mysql80-server/Makefile index 6624e56edd35..6c6b58fade26 100644 --- a/databases/mysql80-server/Makefile +++ b/databases/mysql80-server/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.36 2025/08/24 16:36:15 wiz Exp $ +# $NetBSD: Makefile,v 1.36.2.1 2025/10/17 23:34:27 maya Exp $ PKGNAME= ${DISTNAME:S/-/-server-/} -PKGREVISION= 6 +PKGREVISION= 9 COMMENT= MySQL 8, a free SQL database (server) CONFLICTS= mysql3-server-[0-9]* From 0ed235d8942bf452148aa92be00cba194b79b297 Mon Sep 17 00:00:00 2001 From: maya Date: Fri, 17 Oct 2025 23:35:25 +0000 Subject: [PATCH 11/49] doc: Update for ticket 7012 --- doc/CHANGES-pkgsrc-2025Q3 | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/doc/CHANGES-pkgsrc-2025Q3 b/doc/CHANGES-pkgsrc-2025Q3 index dee2cbef7f22..6d3ed2b9a9e4 100644 --- a/doc/CHANGES-pkgsrc-2025Q3 +++ b/doc/CHANGES-pkgsrc-2025Q3 @@ -1,4 +1,4 @@ -$NetBSD: CHANGES-pkgsrc-2025Q3,v 1.1.2.4 2025/10/15 17:18:24 maya Exp $ +$NetBSD: CHANGES-pkgsrc-2025Q3,v 1.1.2.5 2025/10/17 23:35:25 maya Exp $ Changes to packages and infrastructure on the pkgsrc-2025Q3 branch: @@ -19,3 +19,7 @@ Pullup ticket #7009 - requested by bsiegert lang/go: Security fix lang/go124: Security fix lang/go125: Security fix + +Pullup ticket #7012 - requested by sborrill +databases/mysql80-client: Build fix +databases/mysql80-server: Build fix From 5d3b3e8ff15ebc1649a205c352ac1825893a61b2 Mon Sep 17 00:00:00 2001 From: bsiegert Date: Sat, 18 Oct 2025 12:38:43 +0000 Subject: [PATCH 12/49] Pullup ticket #7010 - requested by maya fonts/fontconfig: build fix Revisions pulled up: - fonts/fontconfig/Makefile 1.137 --- Module Name: pkgsrc Committed By: maya Date: Thu Oct 16 02:43:56 UTC 2025 Modified Files: pkgsrc/fonts/fontconfig: Makefile Log Message: fontconfig: find X11_TYPE=native fonts too fixes firefox segfault at startup for me. PKGREVISION++ --- fonts/fontconfig/Makefile | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/fonts/fontconfig/Makefile b/fonts/fontconfig/Makefile index d23959e8b371..fc69d0fbd434 100644 --- a/fonts/fontconfig/Makefile +++ b/fonts/fontconfig/Makefile @@ -1,6 +1,7 @@ -# $NetBSD: Makefile,v 1.136 2025/08/27 10:35:30 jperkin Exp $ +# $NetBSD: Makefile,v 1.136.2.1 2025/10/18 12:38:43 bsiegert Exp $ DISTNAME= fontconfig-2.17.1 +PKGREVISION= 1 CATEGORIES= fonts MASTER_SITES= https://gitlab.freedesktop.org/api/v4/projects/890/packages/generic/fontconfig/${PKGVERSION_NOREV}/ EXTRACT_SUFX= .tar.xz @@ -48,6 +49,11 @@ ADDFONTS:= ${X11BASE}/lib/X11/fonts,${ADDFONTS} ADDFONTS:= ${LOCALBASE}/share/fonts/X11,${ADDFONTS} .endif +.if ${OPSYS} == "Darwin" +ADDFONTS:= ~/Library/Fonts,/Library/Fonts,/System/Library/Fonts,${ADDFONTS} +.endif +MESON_ARGS+= -Dadditional-fonts-dirs=${ADDFONTS} + SUBST_CLASSES+= prefix SUBST_STAGE.prefix= pre-configure SUBST_FILES.prefix= meson.build From 004b633add354a22d84e48213c8e941c4cd2001f Mon Sep 17 00:00:00 2001 From: bsiegert Date: Sat, 18 Oct 2025 12:40:14 +0000 Subject: [PATCH 13/49] Note ticket #7010 --- doc/CHANGES-pkgsrc-2025Q3 | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/doc/CHANGES-pkgsrc-2025Q3 b/doc/CHANGES-pkgsrc-2025Q3 index 6d3ed2b9a9e4..ecb69525ae75 100644 --- a/doc/CHANGES-pkgsrc-2025Q3 +++ b/doc/CHANGES-pkgsrc-2025Q3 @@ -1,4 +1,4 @@ -$NetBSD: CHANGES-pkgsrc-2025Q3,v 1.1.2.5 2025/10/17 23:35:25 maya Exp $ +$NetBSD: CHANGES-pkgsrc-2025Q3,v 1.1.2.6 2025/10/18 12:40:14 bsiegert Exp $ Changes to packages and infrastructure on the pkgsrc-2025Q3 branch: @@ -23,3 +23,7 @@ lang/go125: Security fix Pullup ticket #7012 - requested by sborrill databases/mysql80-client: Build fix databases/mysql80-server: Build fix + +Pullup ticket #7010 - requested by maya +fonts/fontconfig: Build fix + From 51f2e54a7ea02abe9dc2088d209af8cf1d3ceb94 Mon Sep 17 00:00:00 2001 From: maya Date: Tue, 21 Oct 2025 01:43:30 +0000 Subject: [PATCH 14/49] Pullup ticket #7013 - requested by bsiegert sysutils/py-borgbackup: Functionality fix Revisions pulled up: - sysutils/py-borgbackup/Makefile 1.59 - sysutils/py-borgbackup/distinfo 1.39 - sysutils/py-borgbackup/patches/patch-pyproject.toml 1.1 - sysutils/py-borgbackup/patches/patch-src_borg_helpers_msgpack.py 1.5 --- Module Name: pkgsrc Committed By: he Date: Thu Oct 16 21:30:21 UTC 2025 Modified Files: pkgsrc/sysutils/py-borgbackup: Makefile distinfo Added Files: pkgsrc/sysutils/py-borgbackup/patches: patch-pyproject.toml patch-src_borg_helpers_msgpack.py Log Message: sysutils/py-borgbackup: add patches to accept py-msgpack up to 1.1.2. This evidently got lost in the previous update... This replicates what upstream has already done in 1.4.2rc*. --- sysutils/py-borgbackup/Makefile | 3 ++- sysutils/py-borgbackup/distinfo | 4 +++- .../py-borgbackup/patches/patch-pyproject.toml | 15 +++++++++++++++ .../patches/patch-src_borg_helpers_msgpack.py | 16 ++++++++++++++++ 4 files changed, 36 insertions(+), 2 deletions(-) create mode 100644 sysutils/py-borgbackup/patches/patch-pyproject.toml create mode 100644 sysutils/py-borgbackup/patches/patch-src_borg_helpers_msgpack.py diff --git a/sysutils/py-borgbackup/Makefile b/sysutils/py-borgbackup/Makefile index 5c1998cb2cfb..838098887960 100644 --- a/sysutils/py-borgbackup/Makefile +++ b/sysutils/py-borgbackup/Makefile @@ -1,7 +1,8 @@ -# $NetBSD: Makefile,v 1.57 2025/07/04 09:08:38 wiz Exp $ +# $NetBSD: Makefile,v 1.57.2.1 2025/10/21 01:43:30 maya Exp $ DISTNAME= borgbackup-1.4.1 PKGNAME= ${PYPKGPREFIX}-${DISTNAME} +PKGREVISION= 1 CATEGORIES= sysutils python MASTER_SITES= ${MASTER_SITE_PYPI:=b/borgbackup/} diff --git a/sysutils/py-borgbackup/distinfo b/sysutils/py-borgbackup/distinfo index 91a06504d610..48b8a9066517 100644 --- a/sysutils/py-borgbackup/distinfo +++ b/sysutils/py-borgbackup/distinfo @@ -1,5 +1,7 @@ -$NetBSD: distinfo,v 1.38 2025/04/28 19:34:53 adam Exp $ +$NetBSD: distinfo,v 1.38.4.1 2025/10/21 01:43:30 maya Exp $ BLAKE2s (borgbackup-1.4.1.tar.gz) = 83b9dc79715247e3547b6f654b647aeab01da4d8f4ba6dd888584c1c215eefad SHA512 (borgbackup-1.4.1.tar.gz) = 83ce8fcefa4e4099922e1f3894aba41d8d83ccff3e554b4b5ee0f0b9b8b18b18bcbf7f566e36aea4214e0d9d427cb66d63d2e1933b773e3338fd5814fd80e3a4 Size (borgbackup-1.4.1.tar.gz) = 3817197 bytes +SHA1 (patch-pyproject.toml) = d8f7336b8cce3b31fd26e69bb9972032df7e27da +SHA1 (patch-src_borg_helpers_msgpack.py) = fdb65b06c37a5ccfa59de12173814b4fe4bd45ea diff --git a/sysutils/py-borgbackup/patches/patch-pyproject.toml b/sysutils/py-borgbackup/patches/patch-pyproject.toml new file mode 100644 index 000000000000..455b134f46c8 --- /dev/null +++ b/sysutils/py-borgbackup/patches/patch-pyproject.toml @@ -0,0 +1,15 @@ +$NetBSD: patch-pyproject.toml,v 1.1.2.2 2025/10/21 01:43:30 maya Exp $ + +Bump allowable msgpack version. + +--- pyproject.toml.orig 2025-10-13 08:29:03.525998785 +0000 ++++ pyproject.toml +@@ -35,7 +35,7 @@ dependencies = [ + # Please note: + # using any other msgpack version is not supported by borg development and + # any feedback related to issues caused by this will be ignored. +- "msgpack >=1.0.3, <=1.1.0", ++ "msgpack >=1.0.3, <=1.1.2", + "packaging", + ] + diff --git a/sysutils/py-borgbackup/patches/patch-src_borg_helpers_msgpack.py b/sysutils/py-borgbackup/patches/patch-src_borg_helpers_msgpack.py new file mode 100644 index 000000000000..c227ad779d39 --- /dev/null +++ b/sysutils/py-borgbackup/patches/patch-src_borg_helpers_msgpack.py @@ -0,0 +1,16 @@ +$NetBSD: patch-src_borg_helpers_msgpack.py,v 1.5.2.2 2025/10/21 01:43:30 maya Exp $ + +Permit newer versions of msgpack than what's originally +declared by upstream. + +--- src/borg/helpers/msgpack.py.orig 2024-03-12 09:32:37.673913724 +0000 ++++ src/borg/helpers/msgpack.py +@@ -137,7 +137,7 @@ def is_slow_msgpack(): + def is_supported_msgpack(): + # DO NOT CHANGE OR REMOVE! See also requirements and comments in pyproject.toml. + import msgpack +- return (1, 0, 3) <= msgpack.version <= (1, 1, 0) and \ ++ return (1, 0, 3) <= msgpack.version <= (1, 1, 2) and \ + msgpack.version not in [] # < add bad releases here to deny list + + From 9e2f99fdee05cbf5212bf85223c6d886011ee24a Mon Sep 17 00:00:00 2001 From: maya Date: Tue, 21 Oct 2025 01:52:26 +0000 Subject: [PATCH 15/49] Pullup ticket #7014 - requested by bsiegert devel/libatomic: Build fix Revisions pulled up: - devel/libatomic/distinfo 1.12 - devel/libatomic/patches/patch-libatomic_configure.tgt 1.1 --- Module Name: pkgsrc Committed By: wiz Date: Thu Oct 2 06:09:36 UTC 2025 Modified Files: pkgsrc/devel/libatomic: distinfo Added Files: pkgsrc/devel/libatomic/patches: patch-libatomic_configure.tgt Log Message: libatomic: fix build on sparc Older models don't support -mcpu=v9. From John D. Baker in PR 58716. --- devel/libatomic/distinfo | 3 ++- .../patches/patch-libatomic_configure.tgt | 16 ++++++++++++++++ 2 files changed, 18 insertions(+), 1 deletion(-) create mode 100644 devel/libatomic/patches/patch-libatomic_configure.tgt diff --git a/devel/libatomic/distinfo b/devel/libatomic/distinfo index ea33ab655aee..99b76b205535 100644 --- a/devel/libatomic/distinfo +++ b/devel/libatomic/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.11 2023/10/17 02:16:50 gutteridge Exp $ +$NetBSD: distinfo,v 1.11.16.1 2025/10/21 01:52:26 maya Exp $ BLAKE2s (gcc-13.2.0.tar.xz) = 89847ac474d00cde32fbcae20154f8aedff9c66158faf95ad7a78cc9a190d4c4 SHA512 (gcc-13.2.0.tar.xz) = d99e4826a70db04504467e349e9fbaedaa5870766cda7c5cab50cdebedc4be755ebca5b789e1232a34a20be1a0b60097de9280efe47bdb71c73251e30b0862a2 @@ -6,3 +6,4 @@ Size (gcc-13.2.0.tar.xz) = 87858592 bytes SHA1 (patch-gcc_config_nvptx_gen-opt.sh) = 194d39d95354dd83d2182bbca0ad77b94902faac SHA1 (patch-gcc_configure) = 5519993521040b70d3e7c33d4f7a5d2a15436410 SHA1 (patch-libatomic_configure) = 9ca952bc6e48dc37dd79d3fb050194de460f0898 +SHA1 (patch-libatomic_configure.tgt) = 813cea1aa1006af78db27e9f33b780eaa9482647 diff --git a/devel/libatomic/patches/patch-libatomic_configure.tgt b/devel/libatomic/patches/patch-libatomic_configure.tgt new file mode 100644 index 000000000000..c0a7e6f235dc --- /dev/null +++ b/devel/libatomic/patches/patch-libatomic_configure.tgt @@ -0,0 +1,16 @@ +$NetBSD: patch-libatomic_configure.tgt,v 1.1.2.2 2025/10/21 01:52:26 maya Exp $ + +Do not assume v9 architecture for sparc builds. +Fixes build for older sparc models. + +--- libatomic/configure.tgt.orig 2025-10-02 06:07:31.951017486 +0000 ++++ libatomic/configure.tgt +@@ -68,7 +68,7 @@ case "${target_cpu}" in + ;; + *) + if test -z "$with_cpu"; then +- XCFLAGS="${XCFLAGS} -mcpu=v9" ++ : #XCFLAGS="${XCFLAGS} -mcpu=v9" + fi + esac + ARCH=sparc From 7c0d2fa3afda7d021d78e996f95e4b9d5e3ddef3 Mon Sep 17 00:00:00 2001 From: maya Date: Tue, 21 Oct 2025 02:25:02 +0000 Subject: [PATCH 16/49] Pullup ticket #7015 - requested by bsiegert devel/SDL2: build fix Revisions pulled up: - devel/SDL2/Makefile 1.110 - devel/SDL2/distinfo 1.86 - devel/SDL2/patches/patch-src_audio_alsa_SDL__alsa__audio.c 1.1 --- Module Name: pkgsrc Committed By: ryoon Date: Tue Oct 7 15:46:59 UTC 2025 Modified Files: pkgsrc/devel/SDL2: Makefile distinfo Added Files: pkgsrc/devel/SDL2/patches: patch-src_audio_alsa_SDL__alsa__audio.c Log Message: devel/SDL2: Fix build with GCC 14 when alsa option is enabled --- devel/SDL2/Makefile | 6 +++++- devel/SDL2/distinfo | 3 ++- .../patch-src_audio_alsa_SDL__alsa__audio.c | 15 +++++++++++++++ 3 files changed, 22 insertions(+), 2 deletions(-) create mode 100644 devel/SDL2/patches/patch-src_audio_alsa_SDL__alsa__audio.c diff --git a/devel/SDL2/Makefile b/devel/SDL2/Makefile index 546ac104782a..31a5904d9f19 100644 --- a/devel/SDL2/Makefile +++ b/devel/SDL2/Makefile @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.109 2025/09/02 05:19:09 adam Exp $ +# $NetBSD: Makefile,v 1.109.2.1 2025/10/21 02:25:02 maya Exp $ DISTNAME= SDL2-2.32.10 CATEGORIES= devel @@ -11,6 +11,10 @@ HOMEPAGE= https://www.libsdl.org/ COMMENT= Simple DirectMedia Layer - cross-platform multimedia library LICENSE= zlib +# For GNU sort. This package requires -V option of GNU sort. +TOOL_DEPENDS+= coreutils-[0-9]*:../../sysutils/coreutils +TOOLS_PLATFORM.sort= # empty + USE_LANGUAGES= c c++ USE_LIBTOOL= yes USE_TOOLS+= gmake pkg-config diff --git a/devel/SDL2/distinfo b/devel/SDL2/distinfo index f00c3564c7f0..f0940b690a73 100644 --- a/devel/SDL2/distinfo +++ b/devel/SDL2/distinfo @@ -1,6 +1,7 @@ -$NetBSD: distinfo,v 1.85 2025/09/02 05:19:09 adam Exp $ +$NetBSD: distinfo,v 1.85.2.1 2025/10/21 02:25:02 maya Exp $ BLAKE2s (SDL2-2.32.10.tar.gz) = 7815147745deb41a62fbc33361fde19fd4f6cf386d1fa6f01f343b62b317c200 SHA512 (SDL2-2.32.10.tar.gz) = b67ebdb46bc3b41c974113937e15445e47a6e115692761e2812c3965e85b9ca4d804633de6369fa3dd36cc77f5d08655570c1707245b2c46f88114aa3238fd1b Size (SDL2-2.32.10.tar.gz) = 7630262 bytes SHA1 (patch-sdl2-config.in) = 963486e3cf6cb437f43197885e9f519ace4497c1 +SHA1 (patch-src_audio_alsa_SDL__alsa__audio.c) = c1426efb8df16328f9546aa7578edd7bbdcf8bad diff --git a/devel/SDL2/patches/patch-src_audio_alsa_SDL__alsa__audio.c b/devel/SDL2/patches/patch-src_audio_alsa_SDL__alsa__audio.c new file mode 100644 index 000000000000..3ab98fd6bc63 --- /dev/null +++ b/devel/SDL2/patches/patch-src_audio_alsa_SDL__alsa__audio.c @@ -0,0 +1,15 @@ +$NetBSD: patch-src_audio_alsa_SDL__alsa__audio.c,v 1.1.2.2 2025/10/21 02:25:03 maya Exp $ + +* Make compatible with alsa-lib-1.2.14 to fix alsa option build with GCC 14. + +--- src/audio/alsa/SDL_alsa_audio.c.orig 2025-10-07 15:41:55.292495535 +0000 ++++ src/audio/alsa/SDL_alsa_audio.c +@@ -88,7 +88,7 @@ static const char *(*ALSA_snd_pcm_info_g + static int (*ALSA_snd_pcm_info_get_card)(const snd_pcm_info_t *); + static int (*ALSA_snd_card_get_name)(int, char **); + static int (*ALSA_snd_pcm_info_malloc)(snd_pcm_info_t **); +-static int (*ALSA_snd_pcm_info_free)(snd_pcm_info_t *); ++static void (*ALSA_snd_pcm_info_free)(snd_pcm_info_t *); + #ifdef SND_CHMAP_API_VERSION + static snd_pcm_chmap_t *(*ALSA_snd_pcm_get_chmap)(snd_pcm_t *); + static int (*ALSA_snd_pcm_chmap_print)(const snd_pcm_chmap_t *map, size_t maxlen, char *buf); From 06d69f901f59cbfbbdd7ff2b06b97fc97ca0d68a Mon Sep 17 00:00:00 2001 From: maya Date: Tue, 21 Oct 2025 02:25:53 +0000 Subject: [PATCH 17/49] doc: update for tickets 7013-7015 --- doc/CHANGES-pkgsrc-2025Q3 | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/doc/CHANGES-pkgsrc-2025Q3 b/doc/CHANGES-pkgsrc-2025Q3 index ecb69525ae75..b1f6a544ad5e 100644 --- a/doc/CHANGES-pkgsrc-2025Q3 +++ b/doc/CHANGES-pkgsrc-2025Q3 @@ -1,4 +1,4 @@ -$NetBSD: CHANGES-pkgsrc-2025Q3,v 1.1.2.6 2025/10/18 12:40:14 bsiegert Exp $ +$NetBSD: CHANGES-pkgsrc-2025Q3,v 1.1.2.7 2025/10/21 02:25:53 maya Exp $ Changes to packages and infrastructure on the pkgsrc-2025Q3 branch: @@ -27,3 +27,11 @@ databases/mysql80-server: Build fix Pullup ticket #7010 - requested by maya fonts/fontconfig: Build fix +Pullup ticket #7013 - requested by bsiegert +sysutils/py-borgbackup: Functionality fix + +Pullup ticket #7014 - requested by bsiegert +devel/libatomic: Build fix + +Pullup ticket #7015 - requested by bsiegert +devel/SDL2: build fix From f2227c9c2b9b96209712a209aaf94a16009e0b6f Mon Sep 17 00:00:00 2001 From: maya Date: Tue, 21 Oct 2025 14:57:53 +0000 Subject: [PATCH 18/49] Pullup ticket #7016 - requested by bouyer sysutils/xenkernel418: Security fix sysutils/xenkernel420: Security fix Revisions pulled up: - sysutils/xenkernel418/Makefile 1.6 - sysutils/xenkernel418/distinfo 1.9 - sysutils/xenkernel418/patches/patch-xsa475-1 1.1 - sysutils/xenkernel418/patches/patch-xsa475-2 1.1 - sysutils/xenkernel420/Makefile 1.2 - sysutils/xenkernel420/distinfo 1.2 - sysutils/xenkernel420/patches/patch-xsa475-1 1.1 - sysutils/xenkernel420/patches/patch-xsa475-2 1.1 --- Module Name: pkgsrc Committed By: bouyer Date: Tue Oct 21 13:14:33 UTC 2025 Modified Files: pkgsrc/sysutils/xenkernel418: Makefile distinfo pkgsrc/sysutils/xenkernel420: Makefile distinfo Added Files: pkgsrc/sysutils/xenkernel418/patches: patch-xsa475-1 patch-xsa475-2 pkgsrc/sysutils/xenkernel420/patches: patch-xsa475-1 patch-xsa475-2 Log Message: xenkernel418, xenkernel420: add upstream patches fixing xsa475. Bump PKGREVISION --- sysutils/xenkernel418/Makefile | 5 +- sysutils/xenkernel418/distinfo | 4 +- sysutils/xenkernel418/patches/patch-xsa475-1 | 28 ++++++++++ sysutils/xenkernel418/patches/patch-xsa475-2 | 54 ++++++++++++++++++++ sysutils/xenkernel420/Makefile | 5 +- sysutils/xenkernel420/distinfo | 4 +- sysutils/xenkernel420/patches/patch-xsa475-1 | 28 ++++++++++ sysutils/xenkernel420/patches/patch-xsa475-2 | 54 ++++++++++++++++++++ 8 files changed, 176 insertions(+), 6 deletions(-) create mode 100644 sysutils/xenkernel418/patches/patch-xsa475-1 create mode 100644 sysutils/xenkernel418/patches/patch-xsa475-2 create mode 100644 sysutils/xenkernel420/patches/patch-xsa475-1 create mode 100644 sysutils/xenkernel420/patches/patch-xsa475-2 diff --git a/sysutils/xenkernel418/Makefile b/sysutils/xenkernel418/Makefile index a8cef616b1e0..4963f50ce954 100644 --- a/sysutils/xenkernel418/Makefile +++ b/sysutils/xenkernel418/Makefile @@ -1,6 +1,7 @@ -# $NetBSD: Makefile,v 1.5 2025/07/01 16:55:06 bouyer Exp $ +# $NetBSD: Makefile,v 1.5.2.1 2025/10/21 14:57:53 maya Exp $ # VERSION is set in version.mk as it is shared with other packages -#PKGREVISION= 1 + +PKGREVISION= 1 XENKERNEL:= .include "../../sysutils/xentools418/version.mk" diff --git a/sysutils/xenkernel418/distinfo b/sysutils/xenkernel418/distinfo index 4eae09cc2aa3..ef8c230c8a06 100644 --- a/sysutils/xenkernel418/distinfo +++ b/sysutils/xenkernel418/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.8 2025/07/01 16:55:06 bouyer Exp $ +$NetBSD: distinfo,v 1.8.2.1 2025/10/21 14:57:53 maya Exp $ BLAKE2s (xen418/xen-438bb1285f470e2f385c0ea917ac9787d56aa8d3.tar.gz) = 8855fa3b76ab86c24949a2862231fba25c9c6877ef6f9628ee6dff96be8c7094 SHA512 (xen418/xen-438bb1285f470e2f385c0ea917ac9787d56aa8d3.tar.gz) = 3147bec66da25757885b8561f578d1267801c04c5b0d85493c2856aa17f01b4bd29d924e611b3aabd39a5b3c51f6374474d5768c13d54f0fb3e98f6b053f9aeb @@ -12,3 +12,5 @@ SHA1 (patch-xen_arch_x86_extable.c) = f64b956be1167901a60bf9be1abd98dbfaffb100 SHA1 (patch-xen_arch_x86_mm_p2m.c) = 6e9b84dc8448eca9677f184e720bbfcb3c6d314e SHA1 (patch-xen_arch_x86_traps.c) = 9548d6476e2fb5898d2958c10eaf2fd1e424d9c5 SHA1 (patch-xen_tools_check-endbr.sh) = a7268ee5ff11f21fdc5b0bc213498a1923b693be +SHA1 (patch-xsa475-1) = 7211ad0099e1c1554aed49169ef0949d0304073e +SHA1 (patch-xsa475-2) = 9d0bd2fbf9ff446df229bc47d54951098278577c diff --git a/sysutils/xenkernel418/patches/patch-xsa475-1 b/sysutils/xenkernel418/patches/patch-xsa475-1 new file mode 100644 index 000000000000..d8fd1d6c41dc --- /dev/null +++ b/sysutils/xenkernel418/patches/patch-xsa475-1 @@ -0,0 +1,28 @@ +$NetBSD: patch-xsa475-1,v 1.1.2.2 2025/10/21 14:57:54 maya Exp $ + +From: Teddy Astie +Subject: x86/viridian: Enforce bounds check in vpmask_set() + +Callers can pass vp/mask values which exceed the size of vpmask->mask. Ensure +we only set bits which are within bounds. + +This is XSA-475 / CVE-2025-58147. + +Fixes: b4124682db6e ("viridian: add ExProcessorMasks variants of the flush hypercalls") +Signed-off-by: Teddy Astie +Reviewed-by: Andrew Cooper + +diff --git a/xen/arch/x86/hvm/viridian/viridian.c b/xen/arch/x86/hvm/viridian/viridian.c +index a41a70e37a29..41e93ef20fb2 100644 +--- xen/arch/x86/hvm/viridian/viridian.c.orig ++++ xen/arch/x86/hvm/viridian/viridian.c +@@ -562,7 +562,8 @@ static void vpmask_set(struct hypercall_vpmask *vpmask, unsigned int vp, + + if ( mask & 1 ) + { +- ASSERT(vp < HVM_MAX_VCPUS); ++ if ( vp >= HVM_MAX_VCPUS ) ++ break; + __set_bit(vp, vpmask->mask); + } + diff --git a/sysutils/xenkernel418/patches/patch-xsa475-2 b/sysutils/xenkernel418/patches/patch-xsa475-2 new file mode 100644 index 000000000000..707cc1084412 --- /dev/null +++ b/sysutils/xenkernel418/patches/patch-xsa475-2 @@ -0,0 +1,54 @@ +$NetBSD: patch-xsa475-2,v 1.1.2.2 2025/10/21 14:57:54 maya Exp $ + +From: Teddy Astie +Subject: x86/viridian: Enforce bounds check in send_ipi() + +Callers can pass in a vpmask which exceeds d->max_vcpus. Prevent out-of-bound +reads of d->vcpu[]. + +This is XSA-475 / CVE-2025-58148. + +Fixes: 728acba1ba4a ("viridian: use hypercall_vpmask in hvcall_ipi()") +Signed-off-by: Teddy Astie +Reviewed-by: Andrew Cooper + +diff --git a/xen/arch/x86/hvm/viridian/viridian.c b/xen/arch/x86/hvm/viridian/viridian.c +index 41e93ef20fb2..d45751365fde 100644 +--- xen/arch/x86/hvm/viridian/viridian.c.orig ++++ xen/arch/x86/hvm/viridian/viridian.c +@@ -577,26 +577,6 @@ static void vpmask_fill(struct hypercall_vpmask *vpmask) + bitmap_fill(vpmask->mask, HVM_MAX_VCPUS); + } + +-static unsigned int vpmask_first(const struct hypercall_vpmask *vpmask) +-{ +- return find_first_bit(vpmask->mask, HVM_MAX_VCPUS); +-} +- +-static unsigned int vpmask_next(const struct hypercall_vpmask *vpmask, +- unsigned int vp) +-{ +- /* +- * If vp + 1 > HVM_MAX_VCPUS then find_next_bit() will return +- * HVM_MAX_VCPUS, ensuring the for_each_vp ( ... ) loop terminates. +- */ +- return find_next_bit(vpmask->mask, HVM_MAX_VCPUS, vp + 1); +-} +- +-#define for_each_vp(vpmask, vp) \ +- for ( (vp) = vpmask_first(vpmask); \ +- (vp) < HVM_MAX_VCPUS; \ +- (vp) = vpmask_next(vpmask, vp) ) +- + static unsigned int vpmask_nr(const struct hypercall_vpmask *vpmask) + { + return bitmap_weight(vpmask->mask, HVM_MAX_VCPUS); +@@ -813,7 +793,7 @@ static void send_ipi(struct hypercall_vpmask *vpmask, uint8_t vector) + if ( nr > 1 ) + cpu_raise_softirq_batch_begin(); + +- for_each_vp ( vpmask, vp ) ++ for_each_set_bit ( vp, vpmask->mask, currd->max_vcpus ) + { + struct vlapic *vlapic = vcpu_vlapic(currd->vcpu[vp]); + diff --git a/sysutils/xenkernel420/Makefile b/sysutils/xenkernel420/Makefile index d20925300012..1551facab113 100644 --- a/sysutils/xenkernel420/Makefile +++ b/sysutils/xenkernel420/Makefile @@ -1,6 +1,7 @@ -# $NetBSD: Makefile,v 1.1 2025/08/22 09:00:11 bouyer Exp $ +# $NetBSD: Makefile,v 1.1.2.1 2025/10/21 14:57:54 maya Exp $ # VERSION is set in version.mk as it is shared with other packages -#PKGREVISION= 1 + +PKGREVISION= 1 XENKERNEL:= .include "../../sysutils/xentools420/version.mk" diff --git a/sysutils/xenkernel420/distinfo b/sysutils/xenkernel420/distinfo index 28bf63e4ed0f..e53deb59ee93 100644 --- a/sysutils/xenkernel420/distinfo +++ b/sysutils/xenkernel420/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.1 2025/08/22 09:00:11 bouyer Exp $ +$NetBSD: distinfo,v 1.1.2.1 2025/10/21 14:57:54 maya Exp $ BLAKE2s (xen420/xen-ea5025554e982bd377f85b899b6d151e5ef33d1e.tar.gz) = 6732d2e90841860347e6b7a86b0ebd6cc6073aa8140ce0f61a8fbe6c7d7f4ad0 SHA512 (xen420/xen-ea5025554e982bd377f85b899b6d151e5ef33d1e.tar.gz) = b02e57832885b45f7795ef47b5f518d2da2f649fa5f019da73b2846dd1546fedbe61c5c4c91404fe851449ad9b4e8df0336b26a9a2363620648e13658d07afa3 @@ -11,3 +11,5 @@ SHA1 (patch-xen_arch_x86_boot_build32.lds.S) = 0386a08a9e17b3ac9793df2542e877232 SHA1 (patch-xen_arch_x86_extable.c) = f64b956be1167901a60bf9be1abd98dbfaffb100 SHA1 (patch-xen_arch_x86_mm_p2m.c) = 6e9b84dc8448eca9677f184e720bbfcb3c6d314e SHA1 (patch-xen_tools_check-endbr.sh) = a7268ee5ff11f21fdc5b0bc213498a1923b693be +SHA1 (patch-xsa475-1) = db692de22f07d86de8b4a692f45a646927af3fdf +SHA1 (patch-xsa475-2) = 38adcfb0f0ea809dab99b919788a45a0b5a5c779 diff --git a/sysutils/xenkernel420/patches/patch-xsa475-1 b/sysutils/xenkernel420/patches/patch-xsa475-1 new file mode 100644 index 000000000000..ab3f69754667 --- /dev/null +++ b/sysutils/xenkernel420/patches/patch-xsa475-1 @@ -0,0 +1,28 @@ +$NetBSD: patch-xsa475-1,v 1.1.2.2 2025/10/21 14:57:54 maya Exp $ + +From: Teddy Astie +Subject: x86/viridian: Enforce bounds check in vpmask_set() + +Callers can pass vp/mask values which exceed the size of vpmask->mask. Ensure +we only set bits which are within bounds. + +This is XSA-475 / CVE-2025-58147. + +Fixes: b4124682db6e ("viridian: add ExProcessorMasks variants of the flush hypercalls") +Signed-off-by: Teddy Astie +Reviewed-by: Andrew Cooper + +diff --git a/xen/arch/x86/hvm/viridian/viridian.c b/xen/arch/x86/hvm/viridian/viridian.c +index c0be24bd2210..703f9ac8bcc1 100644 +--- xen/arch/x86/hvm/viridian/viridian.c.orig ++++ xen/arch/x86/hvm/viridian/viridian.c +@@ -562,7 +562,8 @@ static void vpmask_set(struct hypercall_vpmask *vpmask, unsigned int vp, + + if ( mask & 1 ) + { +- ASSERT(vp < HVM_MAX_VCPUS); ++ if ( vp >= HVM_MAX_VCPUS ) ++ break; + __set_bit(vp, vpmask->mask); + } + diff --git a/sysutils/xenkernel420/patches/patch-xsa475-2 b/sysutils/xenkernel420/patches/patch-xsa475-2 new file mode 100644 index 000000000000..2b09926a6eec --- /dev/null +++ b/sysutils/xenkernel420/patches/patch-xsa475-2 @@ -0,0 +1,54 @@ +$NetBSD: patch-xsa475-2,v 1.1.2.2 2025/10/21 14:57:54 maya Exp $ + +From: Teddy Astie +Subject: x86/viridian: Enforce bounds check in send_ipi() + +Callers can pass in a vpmask which exceeds d->max_vcpus. Prevent out-of-bound +reads of d->vcpu[]. + +This is XSA-475 / CVE-2025-58148. + +Fixes: 728acba1ba4a ("viridian: use hypercall_vpmask in hvcall_ipi()") +Signed-off-by: Teddy Astie +Reviewed-by: Andrew Cooper + +diff --git a/xen/arch/x86/hvm/viridian/viridian.c b/xen/arch/x86/hvm/viridian/viridian.c +index 703f9ac8bcc1..f79cffcb3767 100644 +--- xen/arch/x86/hvm/viridian/viridian.c.orig ++++ xen/arch/x86/hvm/viridian/viridian.c +@@ -577,26 +577,6 @@ static void vpmask_fill(struct hypercall_vpmask *vpmask) + bitmap_fill(vpmask->mask, HVM_MAX_VCPUS); + } + +-static unsigned int vpmask_first(const struct hypercall_vpmask *vpmask) +-{ +- return find_first_bit(vpmask->mask, HVM_MAX_VCPUS); +-} +- +-static unsigned int vpmask_next(const struct hypercall_vpmask *vpmask, +- unsigned int vp) +-{ +- /* +- * If vp + 1 > HVM_MAX_VCPUS then find_next_bit() will return +- * HVM_MAX_VCPUS, ensuring the for_each_vp ( ... ) loop terminates. +- */ +- return find_next_bit(vpmask->mask, HVM_MAX_VCPUS, vp + 1); +-} +- +-#define for_each_vp(vpmask, vp) \ +- for ( (vp) = vpmask_first(vpmask); \ +- (vp) < HVM_MAX_VCPUS; \ +- (vp) = vpmask_next(vpmask, vp) ) +- + static unsigned int vpmask_nr(const struct hypercall_vpmask *vpmask) + { + return bitmap_weight(vpmask->mask, HVM_MAX_VCPUS); +@@ -813,7 +793,7 @@ static void send_ipi(struct hypercall_vpmask *vpmask, uint8_t vector) + if ( nr > 1 ) + cpu_raise_softirq_batch_begin(); + +- for_each_vp ( vpmask, vp ) ++ bitmap_for_each ( vp, vpmask->mask, currd->max_vcpus ) + { + struct vlapic *vlapic = vcpu_vlapic(currd->vcpu[vp]); + From 67461292866e02267e6def0548b032484b1db7fd Mon Sep 17 00:00:00 2001 From: maya Date: Tue, 21 Oct 2025 14:58:29 +0000 Subject: [PATCH 19/49] doc: update for 7016 --- doc/CHANGES-pkgsrc-2025Q3 | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/doc/CHANGES-pkgsrc-2025Q3 b/doc/CHANGES-pkgsrc-2025Q3 index b1f6a544ad5e..9fab754f01c7 100644 --- a/doc/CHANGES-pkgsrc-2025Q3 +++ b/doc/CHANGES-pkgsrc-2025Q3 @@ -1,4 +1,4 @@ -$NetBSD: CHANGES-pkgsrc-2025Q3,v 1.1.2.7 2025/10/21 02:25:53 maya Exp $ +$NetBSD: CHANGES-pkgsrc-2025Q3,v 1.1.2.8 2025/10/21 14:58:29 maya Exp $ Changes to packages and infrastructure on the pkgsrc-2025Q3 branch: @@ -35,3 +35,7 @@ devel/libatomic: Build fix Pullup ticket #7015 - requested by bsiegert devel/SDL2: build fix + +Pullup ticket #7016 - requested by bouyer +sysutils/xenkernel418: Security fix +sysutils/xenkernel420: Security fix From 7b8819a794a0f3efaef4607bdb24abfe2a08b483 Mon Sep 17 00:00:00 2001 From: maya Date: Thu, 23 Oct 2025 01:25:55 +0000 Subject: [PATCH 20/49] Pullup ticket #7018 - requested by taca textproc/expat: Security fix Revisions pulled up: - textproc/expat/Makefile 1.61 - textproc/expat/builtin.mk 1.24 - textproc/expat/distinfo 1.55 --- Module Name: pkgsrc Committed By: adam Date: Thu Sep 25 07:03:33 UTC 2025 Modified Files: pkgsrc/textproc/expat: Makefile builtin.mk distinfo Log Message: expat: updated to 2.7.3 Release 2.7.3 Wed September 24 2025 Security fixes: Fix alignment of internal allocations for some non-amd64 architectures (e.g. sparc32); fixes up on the fix to CVE-2025-59375 from 1034 (of Expat 2.7.2 and related backports) Fix a class of false positives where input should have been rejected with error XML_ERROR_ASYNC_ENTITY; regression from CVE-2024-8176 fix pull request 973 (of Expat 2.7.0 and related backports). Please check the added unit tests for example documents. Other changes: Prove and regression-proof absence of integer overflow from function expat_realloc Remove "harmless" cast that truncated a size_t to unsigned Autotools: Remove "ln -s" discovery docs: Be consistent with use of floating point around XML_SetAllocTrackerMaximumAmplification docs: Make it explicit that XML_GetCurrentColumnNumber starts at 0 docs: Better integrate the effect of the activation thresholds docs: Fix an in-comment typo in expat.h docs: Fix a typo in README.md docs: Improve change log of release 2.7.2 xmlwf: Resolve use of functions XML_GetErrorLineNumber and XML_GetErrorColumnNumber Windows: Normalize .bat files to CRLF line endings Version info bumped from 12:0:11 (libexpat*.so.1.11.0) to 12:1:11 (libexpat*.so.1.11.1); see https://verbump.de/ for what these numbers do --- textproc/expat/Makefile | 5 ++--- textproc/expat/builtin.mk | 6 +++--- textproc/expat/distinfo | 8 ++++---- 3 files changed, 9 insertions(+), 10 deletions(-) diff --git a/textproc/expat/Makefile b/textproc/expat/Makefile index fc741b603618..8743f5267ef9 100644 --- a/textproc/expat/Makefile +++ b/textproc/expat/Makefile @@ -1,6 +1,6 @@ -# $NetBSD: Makefile,v 1.60 2025/09/16 21:33:17 wiz Exp $ +# $NetBSD: Makefile,v 1.60.2.1 2025/10/23 01:25:55 maya Exp $ -DISTNAME= expat-2.7.2 +DISTNAME= expat-2.7.3 CATEGORIES= textproc MASTER_SITES= ${MASTER_SITE_GITHUB:=libexpat/} GITHUB_PROJECT= libexpat @@ -25,7 +25,6 @@ TEST_TARGET= check REPLACE_BASH= test-driver-wrapper.sh # we can't use cmake due to a cyclic dependency #USE_CMAKE= yes -#TEST_ENV+= LD_LIBRARY_PATH=${WRKSRC} PKGCONFIG_OVERRIDE+= expat.pc.in diff --git a/textproc/expat/builtin.mk b/textproc/expat/builtin.mk index 68da10df043b..eb9eaa673478 100644 --- a/textproc/expat/builtin.mk +++ b/textproc/expat/builtin.mk @@ -1,4 +1,4 @@ -# $NetBSD: builtin.mk,v 1.23 2024/02/07 13:19:26 adam Exp $ +# $NetBSD: builtin.mk,v 1.23.14.1 2025/10/23 01:25:55 maya Exp $ BUILTIN_PKG:= expat @@ -102,7 +102,7 @@ override-expat-pkgconfig: ${RUN} \ ${MKDIR} ${BLKDIR_PKGCFG}; \ { \ - ${ECHO} "prefix=${BUILDLINK_PREFIX.expat}"; \ + ${ECHO} "prefix=${BUILDLINK_PREFIX.expat}"; \ ${ECHO} "exec_prefix=\$${prefix}"; \ ${ECHO} "libdir=\$${exec_prefix}/lib"; \ ${ECHO} "includedir=\$${prefix}/include"; \ @@ -112,6 +112,6 @@ override-expat-pkgconfig: ${ECHO} "Version: ${BUILTIN_VERSION.expat}"; \ ${ECHO} "Libs: ${COMPILER_RPATH_FLAG}\$${libdir} -L\$${libdir} -lexpat"; \ ${ECHO} "Cflags: -I\$${includedir}"; \ - } >> ${BLKDIR_PKGCFG}/${EXPAT_PKGCFGF}; + } >> ${BLKDIR_PKGCFG}/${EXPAT_PKGCFGF} . endif .endif diff --git a/textproc/expat/distinfo b/textproc/expat/distinfo index cfabcba56a40..1ed37914ba9f 100644 --- a/textproc/expat/distinfo +++ b/textproc/expat/distinfo @@ -1,5 +1,5 @@ -$NetBSD: distinfo,v 1.54 2025/09/16 21:33:17 wiz Exp $ +$NetBSD: distinfo,v 1.54.2.1 2025/10/23 01:25:55 maya Exp $ -BLAKE2s (expat-2.7.2.tar.gz) = da5db4ce4d4ad9fb9b1c1c60a938047c7dd4448d0ffba17221e7aa07aa858d61 -SHA512 (expat-2.7.2.tar.gz) = 34a1601d2164809bf7db186b1608afb450025ebb2e802a3ae202979c5d76074526c731b5bb9a0c87db43da0a68ac986a1a346e27cf2abb0d3e2ee45ac6a24857 -Size (expat-2.7.2.tar.gz) = 798712 bytes +BLAKE2s (expat-2.7.3.tar.gz) = c92c4f8433c201577399c1b3151bbcf2c10e7ff790544f1890e1303ab52f78d0 +SHA512 (expat-2.7.3.tar.gz) = 274546c0755a7ad5db43a3b723274ba213482d68677ba3ff0f5ea1de63cdd66032214f6e8e167cc8482f7d056a31f3871c26329545d6565fee8661647e9877ce +Size (expat-2.7.3.tar.gz) = 800387 bytes From 7b23da5b2cbbb2ec7289740f8ab80da01d230267 Mon Sep 17 00:00:00 2001 From: maya Date: Thu, 23 Oct 2025 01:30:21 +0000 Subject: [PATCH 21/49] Pullup ticket #7019 - requested by taca security/openssh: Security fix Revisions pulled up: - security/openssh/Makefile 1.290-1.291 - security/openssh/distinfo 1.128-1.129 --- Module Name: pkgsrc Committed By: wiz Date: Mon Oct 6 12:21:31 UTC 2025 Modified Files: pkgsrc/security/openssh: Makefile distinfo Log Message: openssh: update to 10.1p1. Changes since OpenSSH 10.0 ========================== This release contains a minor security fix as well as a number of feature improvements and bugfixes. Security ======== * ssh(1): disallow control characters in usernames passed via the commandline or expanded using %-sequences from the configuration file, and disallow \0 characters in ssh:// URIs. If an ssh(1) commandline was constructed using usernames or URIs obtained from an untrusted source, and if a ProxyCommand that uses the %u expansion was configured, then it may be possible for an attacker to inject shell expressions that may be executed when the proxy command is started. We strongly recommend against using untrusted inputs to construct ssh(1) commandlines. This change also relaxes the validity checks in one small way: usernames supplied via the configuration file as literals (i.e. that have no % expansion characters) are not subject to these validity checks. This allows usernames that contain arbitrary characters to be used, but only via configuration files. This is done on the basis that ssh's configuration is trusted. This issue was reported by David Leadbeater. New features ------------ * ssh(1), sshd(8): add SIGINFO handlers to log active channel and session information. * sshd(8): when refusing a certificate for user authentication, log enough information to identify the certificate in addition to the reason why it was being denied. Makes debugging certificate authorisation problems a bit easier. * ssh(1), ssh-agent(1): support ed25519 keys hosted on PKCS#11 tokens. * ssh(1): add an ssh_config(5) RefuseConnection option that, when encountered while processing an active section in a configuration, terminates ssh(1) with an error message that contains the argument to the option. This may be useful for expressing reminders or warnings in config files, for example: Match host foo RefuseConnection "foo is deprecated, use splork instead" * sshd(8): make the X11 display number check relative to X11DisplayOffset. This will allow people to use X11DisplayOffset to configure much higher port ranges if they really want, while not changing the default behaviour. * unit tests: the unit test framework now includes some basic benchmarking capabilities. Run with "make UNITTEST_BENCHMARK=yes" on OpenBSD or "make unit-bench" on Portable OpenSSH. Bugfixes -------- * sshd(8): fix mistracking of MaxStartups process exits in some situations. At worst, this could cause all MaxStartups slots to fill and sshd to refuse new connections. * ssh(1): fix delay on X client startup when ObscureKeystrokeTiming is enabled. bz#3820 * sshd(8): increase the maximum size of the supported configuration from 256KB to 4MB, which ought to be enough for anybody. Fail early and visibly when this limit is breached. bz3808 * sftp(1): during sftp uploads, avoid a condition where a failed write could be ignored if a subsequent write succeeded. This is unlikely but technically possible because sftp servers are allowed to reorder requests. * sshd(8): avoid a race condition when the sshd-auth process exits that could cause a spurious error message to be logged. * sshd(8): log at level INFO when PerSourcePenalties actually blocks access to a source address range. Previously this was logged at level VERBOSE, which hid enforcement actions under default config settings. * sshd(8): GssStrictAcceptor was missing from sshd -T output; fix * sshd(8): Make the MaxStartups and PerSourceNetBlockSize options first-match-wins as advertised. bz3859 * ssh(1): fix an incorrect return value check in the local forward cancellation path that would cause failed cancellations not to be logged. * sshd(8): make "Match !final" not trigger a second parsing pass of ssh_config (unless hostname canonicalisation or a separate "Match final" does). bz3843 * ssh(1): better debug diagnostics when loading keys. Will now list key fingerprint and algorithm (not just algorithm number) as well as making it explicit which keys didn't load. * All: fix a number of memory leaks found by LeakSanitizer, Coverity and manual inspection. * sshd(8): Output the current name for PermitRootLogin's "prohibit-password" in sshd -T instead of its deprecated alias "without-password". bz#3788 * ssh(1): make writing known_hosts lines more atomic by writing the entire line in one operation and using unbuffered stdio. Usually writes to this file are serialised on the "Are you sure you want to continue connecting?" prompt, but if host key checking is disabled and connections were being made with high concurrency then interleaved writes might have been possible. Portability ----------- * sshd(8): check the username didn't change during the PAM transactions. PAM modules can change the user during their execution, but this is not supported by sshd(8). If such a case was incorrectly configured by the system administrator, then sshd(8) could end up using a different username to the one authorised by PAM. * sshd(8): don't log audit messages with UNKNOWN hostname to avoid slow DNS lookups in the audit subsystem. * All: when making a copy of struct passwd, ensure struct fields are non-NULL. Android libc can return NULL pw_gecos, for example. * All: Remove status bits from OpenSSL >=3 version check. * sshd(8), ssh(1): Use SSH_TUN_COMPAT_AF on FreeBSD. Otherwise tun forwarding from other OSes fails as soon as the first IPv6 message is sent by the other side (which is usually a Router Solicitation ICMPv6 message which is sent as soon as the interface is up). * ssh(1), ssh-agent(8): check for nlist function presence before attempting to use it instead of relying on the presence of the nlist.h header. Mac OS X, for example, has the header but not the function in the 64bit libraries. * All: fill in missing system header files. Create replacement header files inside openbsd-compat for common headers that are missing on a given platform. Usually these are just empty, but in some cases they'll include the equivalent file. This avoids having to wrap those includes in '#ifdef HAVE_FOO_H' and reduces the diff between Portable OpenSSH and OpenBSD. * sshd(8): handle futex_time64 properly in seccomp sandbox Previously we only allowed __NR_futex, but some 32-bit systems apparently support __NR_futex_time64. We had support for this in the sandbox, but because of a macro error only __NR_futex was allowlisted. * Add contrib/gnome-ssh-askpass4 for GNOME 40+ using the GCR API. * sshd(8): let ga_init() fail gracefully if getgrouplist does. Apparently getgrouplist() can fail on OSX when passed a non-existent group name. Other platforms seem to return a group list consisting of the numeric gid passed to the function. bz3848 * ssh-agent(1): exit 0 from SIGTERM under systemd socket-activation, preventing a graceful shutdown of an agent via systemd from incorrectly marking the service as "failed". * build: wrap some autoconf macros in AC_CACHE_CHECK. This allows skipping/overriding the OSSH_CHECK_CFLAG_COMPILE and OSSH_CHECK_CFLAG_LINK macros used to discover supported compiler or linker flags. E.g. $ ./configure ossh_cv_cflag__fzero_call_used_regs_used=no [...] checking if cc supports compile flag -fzero-call-used-regs=used and linking succeeds... (cached) no --- Module Name: pkgsrc Committed By: wiz Date: Fri Oct 10 08:46:51 UTC 2025 Modified Files: pkgsrc/security/openssh: Makefile distinfo Log Message: openssh: update to 10.2p1. This is a bugfix release, primarily to fix a problem that rendered ssh(1) unusable when ControlPersist was enabled. --- security/openssh/Makefile | 4 ++-- security/openssh/distinfo | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/security/openssh/Makefile b/security/openssh/Makefile index f953e224c4b5..de4712213ec5 100644 --- a/security/openssh/Makefile +++ b/security/openssh/Makefile @@ -1,6 +1,6 @@ -# $NetBSD: Makefile,v 1.289 2025/04/20 19:15:42 wiz Exp $ +# $NetBSD: Makefile,v 1.289.4.1 2025/10/23 01:30:21 maya Exp $ -DISTNAME= openssh-10.0p1 +DISTNAME= openssh-10.2p1 CATEGORIES= security MASTER_SITES= ${MASTER_SITE_OPENBSD:=OpenSSH/portable/} diff --git a/security/openssh/distinfo b/security/openssh/distinfo index fe7832e5879b..e92e0603556a 100644 --- a/security/openssh/distinfo +++ b/security/openssh/distinfo @@ -1,8 +1,8 @@ -$NetBSD: distinfo,v 1.127 2025/04/20 19:15:42 wiz Exp $ +$NetBSD: distinfo,v 1.127.4.1 2025/10/23 01:30:21 maya Exp $ -BLAKE2s (openssh-10.0p1.tar.gz) = a004afb1db82689d6d20ff70d046ae26512c8a1c5a6a990e4634bcb6744f528e -SHA512 (openssh-10.0p1.tar.gz) = 2daa1fcf95793b23810142077e68ddfabdf3732b207ef4f033a027f72d733d0e9bcdb6f757e7f3a5934b972de05bfaae3baae381cfc7a400cd8ab4d4e277a0ed -Size (openssh-10.0p1.tar.gz) = 1972675 bytes +BLAKE2s (openssh-10.2p1.tar.gz) = 26c6966429db9e1c5de503f8b6cfcc2b1f850c162bcdff986b34fdef5c7f8ae6 +SHA512 (openssh-10.2p1.tar.gz) = 66f3dd646179e71aaf41c33b6f14a207dc873d71d24f11c130a89dee317ee45398b818e5b94887b5913240964a38630d7bca3e481e0f1eff2e41d9e1cfdbdfc5 +Size (openssh-10.2p1.tar.gz) = 1974519 bytes SHA1 (patch-Makefile.in) = d58adac52e169f25f0b0c3a321f154b44b0475e6 SHA1 (patch-configure.ac) = 10894c1b98298a1672ec151a223f6180bf841fa4 SHA1 (patch-defines.h) = c1dbb18076b4fa399b0f791bb543ef1e5cb0408e From 0d0aee6ae4df4c41befa6b0a63324f69b8313033 Mon Sep 17 00:00:00 2001 From: maya Date: Thu, 23 Oct 2025 02:15:17 +0000 Subject: [PATCH 22/49] Pullup ticket #7023 - requested by taca net/bind918: Security fix Revisions pulled up: - net/bind918/Makefile 1.58 - net/bind918/distinfo 1.32 - net/bind918/patches/patch-config.h.in 1.2 --- Module Name: pkgsrc Committed By: wiz Date: Sun Sep 21 21:37:07 UTC 2025 Modified Files: pkgsrc/mail/getmail6: Makefile pkgsrc/net/bind918: Makefile pkgsrc/net/kea: Makefile Log Message: *: reset maintainer --- Module Name: pkgsrc Committed By: taca Date: Wed Oct 22 14:32:26 UTC 2025 Modified Files: pkgsrc/net/bind918: Makefile distinfo pkgsrc/net/bind918/patches: patch-config.h.in Log Message: net/bind918: update to 9.18.41 BIND 9.18.41 (2025-10-22) Security Fixes * DNSSEC validation fails if matching but invalid DNSKEY is found. (CVE-2025-8677) Previously, if a matching but cryptographically invalid key was encountered during DNSSEC validation, the key was skipped and not counted towards validation failures. named now treats such DNSSEC keys as hard failures and the DNSSEC validation fails immediately, instead of continuing with the next DNSKEYs in the RRset. ISC would like to thank Zuyao Xu and Xiang Li from the All-in-One Security and Privacy Laboratory at Nankai University for bringing this vulnerability to our attention. [GL #5343] * Address various spoofing attacks. (CVE-2025-40778) Previously, several issues could be exploited to poison a DNS cache with spoofed records for zones which were not DNSSEC-signed or if the resolver was configured to not do DNSSEC validation. These issues were assigned CVE-2025-40778 and have now been fixed. As an additional layer of protection, named no longer accepts DNAME records or extraneous NS records in the AUTHORITY section unless these are received via spoofing-resistant transport (TCP, UDP with DNS cookies, TSIG, or SIG(0)). ISC would like to thank Yuxiao Wu, Yunyi Zhang, Baojun Liu, and Haixin Duan from Tsinghua University for bringing this vulnerability to our attention. [GL #5414] * Cache-poisoning due to weak pseudo-random number generator. (CVE-2025-40780) It was discovered during research for an upcoming academic paper that a xoshiro128** internal state can be recovered by an external 3rd party, allowing the prediction of UDP ports and DNS IDs in outgoing queries. This could lead to an attacker spoofing the DNS answers with great efficiency and poisoning the DNS cache. The internal random generator has been changed to a cryptographically secure pseudo-random generator. ISC would like to thank Prof. Amit Klein and Omer Ben Simhon from Hebrew University of Jerusalem for bringing this vulnerability to our attention. [GL #5484] New Features * Support for parsing HHIT and BRID records has been added. [GL #5444] Removed Features * Deprecate the "tkey-domain" statement. Mark the tkey-domain statement as deprecated since it is only used by code implementing TKEY Mode 2 (Diffie-Hellman), which was removed from newer BIND 9 branches. [GL #4204] * Deprecate the "tkey-gssapi-credential" statement. The tkey-gssapi-keytab statement allows GSS-TSIG to be set up in a simpler and more reliable way than using the tkey-gssapi-credential statement and setting environment variables (e.g. KRB5_KTNAME). Therefore, the tkey-gssapi-credential statement has been deprecated; tkey-gssapi-keytab should be used instead. For configurations currently using a combination of both tkey-gssapi-keytab and tkey-gssapi-credential, the latter should be dropped and the keytab pointed to by tkey-gssapi-keytab should now only contain the credential previously specified by tkey-gssapi-credential. [GL #4204] Bug Fixes * Prevent spurious SERVFAILs for certain 0-TTL resource records. Under certain circumstances, BIND 9 can return SERVFAIL when updating existing entries in the cache with new NS, A, AAAA, or DS records that have a TTL of zero. [GL #5294] * Missing DNSSEC information when CD bit is set in query. The RRSIGs for glue records were not being cached correctly for CD=1 queries. This has been fixed. [GL #5502] --- net/bind918/Makefile | 7 +++---- net/bind918/distinfo | 10 +++++----- net/bind918/patches/patch-config.h.in | 8 ++++---- 3 files changed, 12 insertions(+), 13 deletions(-) diff --git a/net/bind918/Makefile b/net/bind918/Makefile index 9f1665129628..1c162b64e79c 100644 --- a/net/bind918/Makefile +++ b/net/bind918/Makefile @@ -1,13 +1,12 @@ -# $NetBSD: Makefile,v 1.56 2025/08/24 16:36:18 wiz Exp $ +# $NetBSD: Makefile,v 1.56.2.1 2025/10/23 02:15:17 maya Exp $ DISTNAME= bind-${BIND_VERSION} PKGNAME= ${DISTNAME:S/-P/pl/} -PKGREVISION= 1 CATEGORIES= net MASTER_SITES= https://downloads.isc.org/isc/bind9/${BIND_VERSION}/ EXTRACT_SUFX= .tar.xz -MAINTAINER= sekiya@NetBSD.org +MAINTAINER= pkgsrc-users@NetBSD.org HOMEPAGE= https://www.isc.org/bind/ COMMENT= Berkeley Internet Name Daemon implementation of DNS, version 9.18 LICENSE= mpl-2.0 @@ -16,7 +15,7 @@ CONFLICTS+= host-[0-9]* MAKE_JOBS_SAFE= no -BIND_VERSION= 9.18.39 +BIND_VERSION= 9.18.41 BUILD_DEFS+= BIND_DIR VARBASE diff --git a/net/bind918/distinfo b/net/bind918/distinfo index aa09a3c820ac..1767e0507cf7 100644 --- a/net/bind918/distinfo +++ b/net/bind918/distinfo @@ -1,12 +1,12 @@ -$NetBSD: distinfo,v 1.31 2025/08/24 08:56:59 taca Exp $ +$NetBSD: distinfo,v 1.31.2.1 2025/10/23 02:15:17 maya Exp $ -BLAKE2s (bind-9.18.39.tar.xz) = 6a342d34718f49cde2c296c099f70ee7f5d4e79ee0ae75d896bf7fb0315d3797 -SHA512 (bind-9.18.39.tar.xz) = fd6d45c9cb9c599d8770c18801fad2f177faf3a8af82948800d186ae6dc9eb2c894b61802def0841eb722c615c93c077b55368204f0cf2737a3c50d949efca07 -Size (bind-9.18.39.tar.xz) = 5383056 bytes +BLAKE2s (bind-9.18.41.tar.xz) = 8171c1d2b407f6474d47ff54169ddaebf029cdb6253dd5be1091290a3ce283b1 +SHA512 (bind-9.18.41.tar.xz) = aba4a0add07f1feb2825852faeed14bc946628b818adac93401890cd67ead17c2fd8d820bca70ba7f8c2788dc65195baccc93f87249fb7e47077354341ff0839 +Size (bind-9.18.41.tar.xz) = 5427116 bytes SHA1 (patch-bin_named_main.c) = 4e4a763c478f1fcecb7e65968cf6ca20dacf01f1 SHA1 (patch-bin_named_os.c) = 5ecb0883076575d8ac5fcad68f9daad6c9be0d0b SHA1 (patch-bin_named_server.c) = 52190897c4c4b141d98ca5bca7cc3eb4c83ac584 -SHA1 (patch-config.h.in) = 6072793048cdf590863046355eeffa1d93524c36 +SHA1 (patch-config.h.in) = e3fe4028524e8d236017cb4da43114206839201f SHA1 (patch-configure.ac) = 65f4255300a0ab3b6b663fe59412570fd7b08675 SHA1 (patch-lib_dns_byaddr.c) = 647ddaaaf040233e18d1a87d83bc2bd63d2a20e3 SHA1 (patch-lib_dns_gssapi__link.c) = 72296598b0bdd2a57d0f38ecf1775e2898a041c6 diff --git a/net/bind918/patches/patch-config.h.in b/net/bind918/patches/patch-config.h.in index a672f9d937d4..8883c9ba05a1 100644 --- a/net/bind918/patches/patch-config.h.in +++ b/net/bind918/patches/patch-config.h.in @@ -1,11 +1,11 @@ -$NetBSD: patch-config.h.in,v 1.1 2022/12/11 01:57:55 sekiya Exp $ +$NetBSD: patch-config.h.in,v 1.1.24.1 2025/10/23 02:15:17 maya Exp $ * Based on NetBSD, add support for blocklist(blacklist). ---- config.h.in.orig 2022-03-07 08:48:03.000000000 +0000 +--- config.h.in.orig 2025-10-18 10:21:42.458286762 +0000 +++ config.h.in -@@ -54,6 +54,12 @@ - /* Define to 1 if you have the `BN_GENCB_new' function. */ +@@ -33,6 +33,12 @@ + /* Define to 1 if you have the 'BN_GENCB_new' function. */ #undef HAVE_BN_GENCB_NEW +/* Define to 1 if blacklist is supported. */ From 97d78d6d8ff9452ae20f2216158bf1aeab14953d Mon Sep 17 00:00:00 2001 From: maya Date: Thu, 23 Oct 2025 02:19:39 +0000 Subject: [PATCH 23/49] Pullup ticket #7020 - requested by taca devel/ruby-redmine51: Security fix Revisions pulled up: - devel/ruby-redmine51/Makefile 1.17 - devel/ruby-redmine51/distinfo 1.12 --- Module Name: pkgsrc Committed By: taca Date: Wed Oct 8 14:07:44 UTC 2025 Modified Files: pkgsrc/devel/ruby-redmine51: Makefile distinfo Log Message: devel/ruby-redmine51: update to 5.1.10 5.1.10 (2025-09-21) [Importers] * Defect #42957: Incorrect "for" attribute in labels of issue relations import [Security] * Defect #42998: Username and password stored in login form * Defect #43083: Information disclosure in Two-Factor Authentication * Defect #43161: When copying issues, all existing custom values are set to the new issue without sufficient validation [SCM] * Defect #43002: RepositoriesSubversionControllerTest fails in 5.1-stable due to missing foo.js in test repository [UI] * Defect #43175: Fix some issues with missing or misplaced html tags --- devel/ruby-redmine51/Makefile | 4 ++-- devel/ruby-redmine51/distinfo | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/devel/ruby-redmine51/Makefile b/devel/ruby-redmine51/Makefile index 6b6e92e1294a..fd2b01c24040 100644 --- a/devel/ruby-redmine51/Makefile +++ b/devel/ruby-redmine51/Makefile @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.16 2025/08/11 08:41:05 taca Exp $ +# $NetBSD: Makefile,v 1.16.2.1 2025/10/23 02:19:39 maya Exp $ DISTNAME= redmine-${RM_VERSION} PKGNAME= ${RUBY_PKGPREFIX}-${DISTNAME:S/redmine/redmine${RM_VER}/} @@ -10,7 +10,7 @@ HOMEPAGE= https://www.redmine.org/ COMMENT= Flexible project management web application LICENSE= gnu-gpl-v2 # and so on. -RM_VERSION= 5.1.9 +RM_VERSION= 5.1.10 NO_BUILD= yes diff --git a/devel/ruby-redmine51/distinfo b/devel/ruby-redmine51/distinfo index f406aa8a1e50..015af7da844c 100644 --- a/devel/ruby-redmine51/distinfo +++ b/devel/ruby-redmine51/distinfo @@ -1,8 +1,8 @@ -$NetBSD: distinfo,v 1.11 2025/08/11 08:41:05 taca Exp $ +$NetBSD: distinfo,v 1.11.2.1 2025/10/23 02:19:39 maya Exp $ -BLAKE2s (redmine-5.1.9.tar.gz) = c1a0bd319ed2def97897ba23c8ec9fc9ed544f7b7c49834fa1ba3cff1b22fa5e -SHA512 (redmine-5.1.9.tar.gz) = 40c3781ad1f4053eefa0fd6f3e9ab4db362018afb9d4d52d2dac6a2009adac6b284558e07f6d6cd2449448ea7ae6f7a1ad0d27277a87f01f97212678e1171b12 -Size (redmine-5.1.9.tar.gz) = 3257644 bytes +BLAKE2s (redmine-5.1.10.tar.gz) = 3b2ca1bd35b1be8bddcfae04d9d69a56e0c58c37e95ff3c288492dc25a7a079e +SHA512 (redmine-5.1.10.tar.gz) = a4f22d71119e4787c6b3e324a549d68b96f414ba8176af3933aedc568f8167391be346b6539696aa77f49d77bcff89270dfcb0100ee504059f29225157b83e29 +Size (redmine-5.1.10.tar.gz) = 3259266 bytes SHA1 (patch-Gemfile) = e73bce697b8fba4a2ab4ca5aaf8fed7185da961e SHA1 (patch-config_additional__environment.rb.example) = 7ad913800c5f31fdd9b71aa92294bdbeea7b77fe SHA1 (patch-lib_redmine_scm_adapters_mercurial_redminehelper.py) = 87db1005896b2a962b8b93ec5b5b7d313ae6f691 From 363ec900f529b957700d52f0d8e17fb9aca86819 Mon Sep 17 00:00:00 2001 From: maya Date: Thu, 23 Oct 2025 02:28:51 +0000 Subject: [PATCH 24/49] Pullup ticket #7021 - requested by taca devel/ruby-redmine60: Security fix Revisions pulled up: - devel/ruby-redmine60/Makefile 1.9 - devel/ruby-redmine60/distinfo 1.6 - devel/ruby-redmine60/patches/patch-Gemfile 1.4 --- Module Name: pkgsrc Committed By: taca Date: Wed Oct 8 14:09:48 UTC 2025 Modified Files: pkgsrc/devel/ruby-redmine60: Makefile distinfo pkgsrc/devel/ruby-redmine60/patches: patch-Gemfile Log Message: devel/ruby-redmine60: update to 6.0.7 6.0.7 (2025-09-21) [Administration] * Defect #43174: CookieOverflow error when deleting a tracker used by many projects [Code cleanup/refactoring] * Patch #43035: Remove empty rubyonrails.yml on 6.0-stable branch [Documentation] * Defect #43204: Adds missing documentation for issue macro to fr and ru languages [Gantt] * Defect #43014: Content in selected columns overflows to the right in Gantt chart [Importers] * Defect #42957: Incorrect "for" attribute in labels of issue relations import [Issues] * Defect #43192: Done ratio interval in issue context menu does not respect Done Ratio Interval setting [Rails support] * Patch #43141: Update Rails to 7.2.2.2 [Security] * Defect #42998: Username and password stored in login form * Defect #43083: Information disclosure in Two-Factor Authentication * Defect #43161: When copying issues, all existing custom values are set to the new issue without sufficient validation [SCM] * Defect #43002: RepositoriesSubversionControllerTest fails in 5.1-stable due to missing foo.js in test repository [Translations] * Patch #42971: Italian translation update for 6.0-stable [UI] * Defect #43004: Watchers list is not properly displayed in Gantt table * Defect #43175: Fix some issues with missing or misplaced html tags * Patch #43008: Display icon-actions on hover with the same color as links * Patch #43196: Improve spacing of checkboxes in CSV export options dialog --- devel/ruby-redmine60/Makefile | 4 ++-- devel/ruby-redmine60/distinfo | 10 +++++----- devel/ruby-redmine60/patches/patch-Gemfile | 6 +++--- 3 files changed, 10 insertions(+), 10 deletions(-) diff --git a/devel/ruby-redmine60/Makefile b/devel/ruby-redmine60/Makefile index 5ab574ac0761..b669cda345cf 100644 --- a/devel/ruby-redmine60/Makefile +++ b/devel/ruby-redmine60/Makefile @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.8 2025/08/11 08:38:44 taca Exp $ +# $NetBSD: Makefile,v 1.8.2.1 2025/10/23 02:28:51 maya Exp $ DISTNAME= redmine-${RM_VERSION} PKGNAME= ${RUBY_PKGPREFIX}-${DISTNAME:S/redmine/redmine${RM_VER}/} @@ -10,7 +10,7 @@ HOMEPAGE= https://www.redmine.org/ COMMENT= Flexible project management web application LICENSE= gnu-gpl-v2 # and so on. -RM_VERSION= 6.0.6 +RM_VERSION= 6.0.7 NO_BUILD= yes diff --git a/devel/ruby-redmine60/distinfo b/devel/ruby-redmine60/distinfo index 24a99eac7eeb..24de83f47478 100644 --- a/devel/ruby-redmine60/distinfo +++ b/devel/ruby-redmine60/distinfo @@ -1,9 +1,9 @@ -$NetBSD: distinfo,v 1.5 2025/08/11 08:38:44 taca Exp $ +$NetBSD: distinfo,v 1.5.2.1 2025/10/23 02:28:51 maya Exp $ -BLAKE2s (redmine-6.0.6.tar.gz) = 6dc2629c2e1246656c5f70a259be0c108ceee544999e9d16a88d968e2ee89d03 -SHA512 (redmine-6.0.6.tar.gz) = 08b56b59ca15a154a9f57b93f147872214cad281a7c61fd997745c23c343d92f3627fec894fe95f33f6e252ed8103be35a0a55d42d20b8a3e04696491a31d9a9 -Size (redmine-6.0.6.tar.gz) = 4068009 bytes -SHA1 (patch-Gemfile) = d2cce8bf015232e878702703cf5a51b85d5fe750 +BLAKE2s (redmine-6.0.7.tar.gz) = c89da9bee5005430d5a17a4f9a2e49a0408634fd4df6f7ff2217cbfa172fa3fd +SHA512 (redmine-6.0.7.tar.gz) = a623b9029200b96fc14dc83fb1fad3f0ee86cafde761b69ed22ed4ce111b0f2d719b1961a10ceeac41aa5d18744a783af38abf8f345ecd4ea9e6f431684430df +Size (redmine-6.0.7.tar.gz) = 4070327 bytes +SHA1 (patch-Gemfile) = 6b6806545cdb54222597987b0d390f17bb2509e3 SHA1 (patch-config_additional__environment.rb.example) = 7ad913800c5f31fdd9b71aa92294bdbeea7b77fe SHA1 (patch-lib_redmine_scm_adapters_mercurial_redminehelper.py) = 87db1005896b2a962b8b93ec5b5b7d313ae6f691 SHA1 (patch-lib_tasks_initializers.rake) = d5ccb73cff6baedee9dfbe7563e25925f1ff9d85 diff --git a/devel/ruby-redmine60/patches/patch-Gemfile b/devel/ruby-redmine60/patches/patch-Gemfile index 49bf81adf036..1aadcfd0a675 100644 --- a/devel/ruby-redmine60/patches/patch-Gemfile +++ b/devel/ruby-redmine60/patches/patch-Gemfile @@ -1,15 +1,15 @@ -$NetBSD: patch-Gemfile,v 1.3 2025/03/16 12:29:40 taca Exp $ +$NetBSD: patch-Gemfile,v 1.3.6.1 2025/10/23 02:28:51 maya Exp $ * Relax dependency. * Do not load gem for developemt and test. ---- Gemfile.orig 2025-03-10 23:30:05.000000000 +0000 +--- Gemfile.orig 2025-09-21 10:15:05.000000000 +0000 +++ Gemfile @@ -2,7 +2,7 @@ source 'https://rubygems.org' ruby '>= 3.1.0', '< 3.4.0' --gem 'rails', '7.2.2.1' +-gem 'rails', '7.2.2.2' +gem 'rails', '~>7.2.2' gem 'rouge', '~> 4.5' gem 'mini_mime', '~> 1.1.0' From 4d887f4caec67752ea64465e8142a2bf8af20e54 Mon Sep 17 00:00:00 2001 From: maya Date: Thu, 23 Oct 2025 03:25:09 +0000 Subject: [PATCH 25/49] Pullup ticket #7022 - requested by taca net/smaba4: Security fix Revisions pulled up: - net/samba4/Makefile 1.207 - net/samba4/distinfo 1.117-1.120 - net/samba4/patches/patch-lib_util_access.c 1.1-1.3 - net/samba4/patches/patch-source3_auth_user__util.c 1.1-1.3 --- Module Name: pkgsrc Committed By: wiz Date: Tue Oct 7 19:06:24 UTC 2025 Modified Files: pkgsrc/net/samba4: distinfo Added Files: pkgsrc/net/samba4/patches: patch-lib_util_access.c patch-source3_auth_user__util.c Log Message: samba4: add missing headers to fix build with gcc 14 --- Module Name: pkgsrc Committed By: wiz Date: Wed Oct 8 14:28:53 UTC 2025 Modified Files: pkgsrc/net/samba4: distinfo pkgsrc/net/samba4/patches: patch-lib_util_access.c patch-source3_auth_user__util.c Log Message: samba4: add upstream bug report URL --- Module Name: pkgsrc Committed By: wiz Date: Thu Oct 9 07:45:50 UTC 2025 Modified Files: pkgsrc/net/samba4: distinfo pkgsrc/net/samba4/patches: patch-lib_util_access.c patch-source3_auth_user__util.c Log Message: samba4: update patch after upstream feedback --- Module Name: pkgsrc Committed By: taca Date: Thu Oct 16 04:25:21 UTC 2025 Modified Files: pkgsrc/net/samba4: Makefile distinfo Log Message: net/samba4: update to 4.21.9 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D Release Notes for Samba 4.21.9 October 15, 2025 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D This is a security release in order to address the following defects: o CVE-2025-9640: Uninitialized memory disclosure via vfs_streams_xattr= .= https://www.samba.org/samba/security/CVE-2025-9640.ht= ml o CVE-2025-10230: Command injection via WINS server hook script. https://www.samba.org/samba/security/CVE-2025-10230.h= tml Changes since 4.21.8 -------------------- o Douglas Bagnall * BUG 15903: CVE-2025-10230. o Andrew Walker * BUG 15885: CVE-2025-9640. ---------------------------------------- =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D Release Notes for Samba 4.21.8 September 09, 2025 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D This is the latest stable release of the Samba 4.21 release series. Changes since 4.21.7 -------------------- o Ralph Boehme * BUG 14981: netr_LogonSamLogonEx returns NR_STATUS_ACCESS_DENIED wi= th SysvolReady=3D0. * BUG 15844: getpwuid does not shift to new DC when current DC is do= wn. * BUG 15876: Windows security hardening locks out schannel'ed netlog= on dc calls like netr_DsRGetDCName. o G=FCnther Deschner * BUG 15840: kinit command is failing with Missing cache Error. o Pavel Filipensk=FD * BUG 15891: Figuring out the DC name from IP address fails and brea= ks fork_domain_child(). o Volker Lendecke * BUG 15892: Delayed leader broadcast can block ctdb forever. o Stefan Metzmacher * BUG 14981: netr_LogonSamLogonEx returns NR_STATUS_ACCESS_DENIED wi= th SysvolReady=3D0. o MikeLiu * BUG 15900: 'net ads group' failed to list domain groups. o Rabinarayan Panigrahi * BUG 15663: Apparently there is a conflict between shadow_copy2 mod= ule and virusfilter (action quarantine). o Aleksandr Sharov * BUG 15877: Fix handling of empty GPO link. o Srinivas Rao V * BUG 15880: SMB ACL inheritance doesn't work for files created. --- net/samba4/Makefile | 5 ++--- net/samba4/distinfo | 10 ++++++---- net/samba4/patches/patch-lib_util_access.c | 18 ++++++++++++++++++ .../patches/patch-source3_auth_user__util.c | 18 ++++++++++++++++++ 4 files changed, 44 insertions(+), 7 deletions(-) create mode 100644 net/samba4/patches/patch-lib_util_access.c create mode 100644 net/samba4/patches/patch-source3_auth_user__util.c diff --git a/net/samba4/Makefile b/net/samba4/Makefile index d0e44eb443db..c2444f6e6eeb 100644 --- a/net/samba4/Makefile +++ b/net/samba4/Makefile @@ -1,7 +1,6 @@ -# $NetBSD: Makefile,v 1.206 2025/08/30 22:46:05 wiz Exp $ +# $NetBSD: Makefile,v 1.206.2.1 2025/10/23 03:25:09 maya Exp $ -DISTNAME= samba-4.21.7 -PKGREVISION= 2 +DISTNAME= samba-4.21.9 CATEGORIES= net MASTER_SITES= https://download.samba.org/pub/samba/stable/ diff --git a/net/samba4/distinfo b/net/samba4/distinfo index bfee5fba6c98..44a627914455 100644 --- a/net/samba4/distinfo +++ b/net/samba4/distinfo @@ -1,8 +1,8 @@ -$NetBSD: distinfo,v 1.116 2025/07/24 15:12:51 tsutsui Exp $ +$NetBSD: distinfo,v 1.116.2.1 2025/10/23 03:25:09 maya Exp $ -BLAKE2s (samba-4.21.7.tar.gz) = 4cee4b3035ff21c547049e348ca7dac48cadfb5a653277bf06f4f9d8595a4fa9 -SHA512 (samba-4.21.7.tar.gz) = f44a0dc880b2a5694f9c46ff11c808ae263f68c91cc9b0e32869bb44f84c1fdcc49370a396f38e0f452133c29357d8ad80a689af67bd85f648b2121e7792b555 -Size (samba-4.21.7.tar.gz) = 42689509 bytes +BLAKE2s (samba-4.21.9.tar.gz) = baeb524bb0b8fa706a07af46d2818778bf8290a08a673a56e4cefc7174be0d19 +SHA512 (samba-4.21.9.tar.gz) = 465ccb912c443e3b187d9662f605141011626b12ebc979558e3c710487382cae8fe110e0bc5232f04c839cb5d13313f8f68f2edd2511ead31cefb9096ecdcf08 +Size (samba-4.21.9.tar.gz) = 42695134 bytes SHA1 (patch-buildtools_wafsamba_samba__conftests.py) = d927db17124d2bb5b382885e70a41f84c3929926 SHA1 (patch-buildtools_wafsamba_samba__install.py) = d801340617da325e3bb70a90350e45cc8e383c2d SHA1 (patch-buildtools_wafsamba_samba__pidl.py) = b9015694b80c0e6382d75c806fd6e0eb92e5f998 @@ -17,6 +17,7 @@ SHA1 (patch-lib_tdb_common_mutex.c) = 74162bf9dfd440fc0b9782982e83776c9671a983 SHA1 (patch-lib_tevent_tevent.c) = 109e7a516dc291372e982b9f21c6ce8c0e5d3ca4 SHA1 (patch-lib_tevent_tevent__threads.c) = e5e82db82cff4d550451cd9290b3a351b25d4de4 SHA1 (patch-lib_tsocket_tsocket__bsd.c) = 0ac414e02ee3a326d3dd34515bfffce6e8da5e46 +SHA1 (patch-lib_util_access.c) = e629aac8b4b36514fc73cf0d31a07b4a912f87c6 SHA1 (patch-lib_util_charset_charset__macosxfs.c) = 9772fc52fff48aec2a7e279223f73bb791217c26 SHA1 (patch-lib_util_smb__threads.h) = 817591a2b69f31ac29497a2006fe21f0b4b0aaea SHA1 (patch-lib_util_tfork.c) = a9acb5561c5bba76450c48904a22019c8b14cbec @@ -27,6 +28,7 @@ SHA1 (patch-nsswitch_stress-nss-libwbclient.c) = c546f00184b0d22b6c150e210962cdf SHA1 (patch-nsswitch_winbind__nss__netbsd.c) = 1214bfbd7714b64f3ff3eb97b6f24e3d2629370f SHA1 (patch-nsswitch_wscript__build) = 5be3e07f8a34ae3e2f68126eb6f05f8b65f5be2f SHA1 (patch-python_pyglue.c) = ba8b0f7d471f16e603a050f735d4a92a95e0b886 +SHA1 (patch-source3_auth_user__util.c) = c7c1c48974ba9d484ddda657996741e0e5b2a9c4 SHA1 (patch-source3_lib_sysquotas__4A.c) = da4e557485b95dbd780b3345613c506ef18d7923 SHA1 (patch-source3_libsmb_pylibsmb.c) = 962bb35b140ec11c0035ffa7fb83c9143fa5615f SHA1 (patch-source3_modules_vfs__cap.c) = 7299d9b83c3ec08a22f317bbbdbed9721defd086 diff --git a/net/samba4/patches/patch-lib_util_access.c b/net/samba4/patches/patch-lib_util_access.c new file mode 100644 index 000000000000..b2a461459110 --- /dev/null +++ b/net/samba4/patches/patch-lib_util_access.c @@ -0,0 +1,18 @@ +$NetBSD$ + +Add missing header. +https://bugzilla.samba.org/show_bug.cgi?id=15932 + +--- lib/util/access.c.orig 2024-07-29 09:03:15.058628300 +0000 ++++ lib/util/access.c +@@ -23,6 +23,10 @@ + #include "lib/util/unix_match.h" + #include "lib/util/smb_strtox.h" + ++#ifdef HAVE_NETGROUP_H ++#include ++#endif ++ + #define NAME_INDEX 0 + #define ADDR_INDEX 1 + diff --git a/net/samba4/patches/patch-source3_auth_user__util.c b/net/samba4/patches/patch-source3_auth_user__util.c new file mode 100644 index 000000000000..790bc59f097d --- /dev/null +++ b/net/samba4/patches/patch-source3_auth_user__util.c @@ -0,0 +1,18 @@ +$NetBSD$ + +Add missing header. +https://bugzilla.samba.org/show_bug.cgi?id=15932 + +--- source3/auth/user_util.c.orig 2024-07-29 09:03:15.302630200 +0000 ++++ source3/auth/user_util.c +@@ -25,6 +25,10 @@ + #include "auth.h" + #include "lib/gencache.h" + ++#ifdef HAVE_NETGROUP_H ++#include ++#endif ++ + /******************************************************************* + Map a username from a dos name to a unix name by looking in the username + map. Note that this modifies the name in place. From 5c91155a645fe9c8636de73c8ba63bf715ea8019 Mon Sep 17 00:00:00 2001 From: maya Date: Thu, 23 Oct 2025 03:25:18 +0000 Subject: [PATCH 26/49] Pullup ticket #7024 - requested by taca www/squid7: Security fix Revisions pulled up: - www/squid7/Makefile 1.2 - www/squid7/distinfo 1.2 --- Module Name: pkgsrc Committed By: taca Date: Wed Oct 22 14:38:28 UTC 2025 Modified Files: pkgsrc/www/squid7: Makefile distinfo Log Message: www/squid7: update to 7.2 Squid 7.2 (2025-10-15) - Bug 3390: Proxy auth data visible to scripts - Bug 5504: Document that Squid discards invalid rewrite-url - Bug 5407: Support at least 1000 groups per Kerberos user - Fix parsing of malformed quoted squid.conf strings - Fix off-by-one in helper args count assertion - Fix UDP log module opening and closing code - Fix BodyPipe debugging in handleChunkedRequestBody() - Fix debugging of Eui48::lookup() problems - Fix memory leak when parsing deprecated %rG logformat code - Fix SQUID_YESNO 'syntax error near unexpected token' - DNS: fix RRPack memcpy - DNS: Do not leak RR data upon RR data unpacking errors - FTP: Avoid null dereferences when handling ftp_port traffic - FTP: fix response parsing and error handling memory leaks - HTCP: Check for too-small packed and too-large unpacked fields - HTTP: fix purging of entries by relative [Content-]Location URLs - SNMP: Improve parsing of malformed ASN.1 object identifiers - SNMP: Check for objid memory allocation failures - SNMP: Fix ASN.1 encoding of long OIDs - SNMP: Do not assert when debugging requests with long OIDs - SNMP: Match Var allocation/deallocation methods - digest_edirectory_auth: null-terminate NMAS values array - digest_edirectory_auth: safely return password - ext_ad_group_acl: Fix domain lookup error handling - ext_edirectory_userip_acl: Redact password from stdout - ext_file_userip_acl: harden lookups and memory handling - ext_kerberos_ldap_group_acl: avoid freeing getenv() pointer - ext_kerberos_ldap_group_acl: Improve LDAPMessage freeing - ext_ldap_group_acl: avoid infinite loop on login containing '%s' - negotiate_kerberos_auth: Properly align NDR data - negotiate_sspi_auth: Do not exit on the first request - ntlm_sspi_auth: memcmp not memcpy, send newline, no uninit mem - text_backend: avoid memory leaks when reload/clearing - Reduce UDS/segment name clashes across same-service instances - Reject eui64 ACL addresses with trailing garbage - Validate raw-IPv4 when parsing hostnames - Avoid memory leaks when logging to MS Windows syslog - Flip configure --enable-arch-native default - Support no-digest X509 certificate keys like ML-DSA/EdDSA - Do not allow client_ip_max_connections+1 connections - Remove bundled smblib and librfcnb - ... and several code cleanups - ... and some documentation improvements --- www/squid7/Makefile | 4 ++-- www/squid7/distinfo | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/www/squid7/Makefile b/www/squid7/Makefile index c91e172d7214..2d4302be316d 100644 --- a/www/squid7/Makefile +++ b/www/squid7/Makefile @@ -1,6 +1,6 @@ -# $NetBSD: Makefile,v 1.1 2025/07/16 10:58:02 sborrill Exp $ +# $NetBSD: Makefile,v 1.1.2.1 2025/10/23 03:25:18 maya Exp $ -VERSION= 7.1 +VERSION= 7.2 DISTNAME= squid-${VERSION} CATEGORIES= www diff --git a/www/squid7/distinfo b/www/squid7/distinfo index ebfd2d8f1d60..3d98f4a7cacc 100644 --- a/www/squid7/distinfo +++ b/www/squid7/distinfo @@ -1,8 +1,8 @@ -$NetBSD: distinfo,v 1.1 2025/07/16 10:58:02 sborrill Exp $ +$NetBSD: distinfo,v 1.1.2.1 2025/10/23 03:25:18 maya Exp $ -BLAKE2s (squid-7.1.tar.xz) = db71558bc6e6b465aa2b514f5ec90f3748d56536abb87c400ba69e20271b65ec -SHA512 (squid-7.1.tar.xz) = f12d4cac78576eecf19193cbb88f374b2d1bf3f480e684008a562bdda55eedae643b1a5766846c04673030ad1e89a608a62f52078312a80a3664fdccfc5f44df -Size (squid-7.1.tar.xz) = 2466656 bytes +BLAKE2s (squid-7.2.tar.xz) = 89e0413f9a6e2b5904a8ce3b64990096f9e37869acfadb365b42d42433056da3 +SHA512 (squid-7.2.tar.xz) = 424c425dde7b399531c9ed5a700ef84bf8e828b1896f0bd037da121e9b4c8ad0fb0c2b8daad1a0a5308269cc5ffbda42e4c1815421c0bdd6a4046d92dcb56fa7 +Size (squid-7.2.tar.xz) = 2442224 bytes SHA1 (patch-compat_compat.h) = 839381a5e1f46e7d9b822bbb53d82a53c996ddc0 SHA1 (patch-configure) = 6d33a33d05b343a052674b5b2a427f17d5e65435 SHA1 (patch-errors_Makefile.in) = e7ba371bb24e40eeb9dd10dc6fe12d208e681d72 From cf9cbd0fdc33eccb637eadee6bdd99bce1f997e4 Mon Sep 17 00:00:00 2001 From: maya Date: Thu, 23 Oct 2025 03:26:11 +0000 Subject: [PATCH 27/49] doc: update for tickets 7018-7024 --- doc/CHANGES-pkgsrc-2025Q3 | 23 ++++++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-) diff --git a/doc/CHANGES-pkgsrc-2025Q3 b/doc/CHANGES-pkgsrc-2025Q3 index 9fab754f01c7..af700c905052 100644 --- a/doc/CHANGES-pkgsrc-2025Q3 +++ b/doc/CHANGES-pkgsrc-2025Q3 @@ -1,4 +1,4 @@ -$NetBSD: CHANGES-pkgsrc-2025Q3,v 1.1.2.8 2025/10/21 14:58:29 maya Exp $ +$NetBSD: CHANGES-pkgsrc-2025Q3,v 1.1.2.9 2025/10/23 03:26:11 maya Exp $ Changes to packages and infrastructure on the pkgsrc-2025Q3 branch: @@ -39,3 +39,24 @@ devel/SDL2: build fix Pullup ticket #7016 - requested by bouyer sysutils/xenkernel418: Security fix sysutils/xenkernel420: Security fix + +Pullup ticket #7018 - requested by taca +textproc/expat: Security fix + +Pullup ticket #7019 - requested by taca +security/openssh: Security fix + +Pullup ticket #7020 - requested by taca +devel/ruby-redmine51: Security fix + +Pullup ticket #7021 - requested by taca +devel/ruby-redmine60: Security fix + +Pullup ticket #7022 - requested by taca +net/samba4: Security fix + +Pullup ticket #7023 - requested by taca +net/bind918: Security fix + +Pullup ticket #7024 - requested by taca +www/squid7: Security fix From c76c2e5707150367aa19b4eb89c3c135370fc2df Mon Sep 17 00:00:00 2001 From: maya Date: Thu, 23 Oct 2025 12:46:58 +0000 Subject: [PATCH 28/49] Pullup ticket #7017 - requested by bsiegert x11/qt5-qtwebkit: Build fix Revisions pulled up: - x11/qt5-qtwebkit/Makefile 1.137 - x11/qt5-qtwebkit/distinfo 1.38 - x11/qt5-qtwebkit/patches/patch-Source_WTF_wtf_Platform.h 1.8 --- Module Name: pkgsrc Committed By: hauke Date: Mon Oct 20 11:43:38 UTC 2025 Modified Files: pkgsrc/x11/qt5-qtwebkit: Makefile distinfo pkgsrc/x11/qt5-qtwebkit/patches: patch-Source_WTF_wtf_Platform.h Log Message: Unbreak x11/qt5-qtwebkit build by applying a patch from to disable ICU C++ header-only APIs introduced in ICU 76. At this point, the c++17 requirement is not just unnecessary, but breaks the build unless removed. Relevant to PR pkg/59028 --- x11/qt5-qtwebkit/Makefile | 8 ++------ x11/qt5-qtwebkit/distinfo | 4 ++-- x11/qt5-qtwebkit/patches/patch-Source_WTF_wtf_Platform.h | 9 ++++++--- 3 files changed, 10 insertions(+), 11 deletions(-) diff --git a/x11/qt5-qtwebkit/Makefile b/x11/qt5-qtwebkit/Makefile index 4d7685a6b36e..137a907bb3de 100644 --- a/x11/qt5-qtwebkit/Makefile +++ b/x11/qt5-qtwebkit/Makefile @@ -1,9 +1,9 @@ -# $NetBSD: Makefile,v 1.136 2025/08/20 11:35:14 wiz Exp $ +# $NetBSD: Makefile,v 1.136.2.1 2025/10/23 12:46:58 maya Exp $ QTWKVERSION= 5.212.0-alpha4 DISTNAME= qtwebkit-${QTWKVERSION} PKGNAME= qt5-qtwebkit-${QTWKVERSION:S/-/./} -PKGREVISION= 32 +PKGREVISION= 33 CATEGORIES= x11 www MASTER_SITES= ${MASTER_SITE_GITHUB:=qtwebkit/} GITHUB_PROJECT= qtwebkit @@ -19,20 +19,16 @@ TOOL_DEPENDS+= gperf-[0-9]*:../../devel/gperf TOOL_DEPENDS+= libxml2-[0-9]*:../../textproc/libxml2 TOOL_DEPENDS+= libxslt-[0-9]*:../../textproc/libxslt -USE_CXX_FEATURES= c++17 USE_LANGUAGES= c c++ USE_TOOLS+= bison perl:build pkg-config CMAKE_INSTALL_PREFIX= ${QTDIR} CMAKE_INSTALL_NAME_DIR= ${QTDIR}/lib TEST_TARGET= test -FORCE_CXX_STD= c++17 # XXX Workaround for icu-76 whose header files require C++17 unless you # define U_HIDE_DRAFT_API. pkg/59028: qt5-qtwebkit doesn't build CXXFLAGS+= -DU_HIDE_DRAFT_API -BROKEN= "Does not support icu 77" - CMAKE_CONFIGURE_ARGS+= -DPORT=Qt CMAKE_CONFIGURE_ARGS+= -DCMAKE_BUILD_TYPE=Release CMAKE_CONFIGURE_ARGS+= -DENABLE_API_TESTS=OFF diff --git a/x11/qt5-qtwebkit/distinfo b/x11/qt5-qtwebkit/distinfo index 860d6f4c46bb..a8e81d9ba145 100644 --- a/x11/qt5-qtwebkit/distinfo +++ b/x11/qt5-qtwebkit/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.37 2025/05/21 16:47:21 taca Exp $ +$NetBSD: distinfo,v 1.37.4.1 2025/10/23 12:46:58 maya Exp $ BLAKE2s (qtwebkit-5.212.0-alpha4.tar.xz) = 20858db08c7d297037d3ced34e441d4b657325c406b475e4e76dd367dc9c500c SHA512 (qtwebkit-5.212.0-alpha4.tar.xz) = 33f11270bd030599beff9c1983a6c5ff2d61f407cc8a6825f7f405d46f9184c720fc7f60c7359f08f828db96a2170092875066a0d5c0a21ff09bc48a2603fbf6 @@ -21,7 +21,7 @@ SHA1 (patch-Source_ThirdParty_gtest_include_gtest_internal_gtest-port.h) = 1e4b8 SHA1 (patch-Source_WTF_wtf_Assertions.cpp) = 15b8ac40e49cfec78d46de634fd6a1edde2d2a96 SHA1 (patch-Source_WTF_wtf_InlineASM.h) = 7ffc086a21f645112ad10296571464a1e15b8b44 SHA1 (patch-Source_WTF_wtf_MathExtras.h) = 7dac41bf3e50944e49c3e3c29d482d2c3300665d -SHA1 (patch-Source_WTF_wtf_Platform.h) = b1efac1a3c326033eb52b1eed456f84265b172f8 +SHA1 (patch-Source_WTF_wtf_Platform.h) = e3e71933e8aabab0753fde0867649b849b7bee1b SHA1 (patch-Source_WTF_wtf_ThreadIdentifierDataPthreads.cpp) = bfa570aa20e3508c77bbaebed051821a33f36209 SHA1 (patch-Source_WebCore_css_makegrammar.pl) = 2f1977c925069243d76379ae6d065e850143b2e3 SHA1 (patch-Source_WebCore_page_NavigatorBase.cpp) = e8972f4b703a9ff45ce313609d2540f89064b4ff diff --git a/x11/qt5-qtwebkit/patches/patch-Source_WTF_wtf_Platform.h b/x11/qt5-qtwebkit/patches/patch-Source_WTF_wtf_Platform.h index f4678f6fa27a..d1795526b3a3 100644 --- a/x11/qt5-qtwebkit/patches/patch-Source_WTF_wtf_Platform.h +++ b/x11/qt5-qtwebkit/patches/patch-Source_WTF_wtf_Platform.h @@ -1,4 +1,4 @@ -$NetBSD: patch-Source_WTF_wtf_Platform.h,v 1.7 2025/01/24 11:54:37 wiz Exp $ +$NetBSD: patch-Source_WTF_wtf_Platform.h,v 1.7.6.1 2025/10/23 12:46:58 maya Exp $ * Use system's malloc for NetBSD, do not use fastmalloc from qt5, fix segfault of qtwebkit consumers @@ -8,8 +8,9 @@ * Fix build with ICU 75. From: https://github.com/qtwebkit/qtwebkit/commit/756e1c8f23dc2720471298281c421c0076d02df8.patch + with addition from: https://github.com/qtwebkit/qtwebkit/pull/1107 ---- Source/WTF/wtf/Platform.h.orig 2024-06-02 11:06:38.219855486 +0000 +--- Source/WTF/wtf/Platform.h.orig 2020-03-04 17:16:37.000000000 +0000 +++ Source/WTF/wtf/Platform.h @@ -686,6 +686,12 @@ #define USE_SYSTEM_MALLOC 1 @@ -35,13 +36,15 @@ #if !defined(ENABLE_DISASSEMBLER) && USE(UDIS86) #define ENABLE_DISASSEMBLER 1 #endif -@@ -1125,6 +1135,13 @@ +@@ -1125,6 +1135,15 @@ #define ENABLE_PLATFORM_FONT_LOOKUP 1 #endif +/* FIXME: This does not belong in Platform.h and should instead be included in another mechanism (compiler option, prefix header, config.h, etc) */ +/* ICU configuration. Some of these match ICU defaults on some platforms, but we would like them consistently set everywhere we build WebKit. */ +#define U_SHOW_CPLUSPLUS_API 0 ++/* From */ ++#define U_SHOW_CPLUSPLUS_HEADER_API 0 +#ifdef __cplusplus +#define UCHAR_TYPE char16_t +#endif From 075d91f235e4454fe778fa5754980eefdc5f6c10 Mon Sep 17 00:00:00 2001 From: maya Date: Thu, 23 Oct 2025 12:50:41 +0000 Subject: [PATCH 29/49] Pullup ticket #7025 - requested by taca databases/redis: Security fix MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Revisions pulled up: - databases/redis/Makefile 1.98 - databases/redis/distinfo 1.88 --- Module Name: pkgsrc Committed By: adam Date: Sun Oct 5 15:43:34 UTC 2025 Modified Files: pkgsrc/databases/redis: Makefile distinfo Log Message: redis: updated to 8.2.2 Redis 8.2.2 Update urgency: `SECURITY`: There are security fixes in the release Security fixes - (CVE-2025-49844) A Lua script may lead to remote code execution - (CVE-2025-46817) A Lua script may lead to integer overflow and potential RCE - (CVE-2025-46818) A Lua script can be executed in the context of another user - (CVE-2025-46819) LUA out-of-bound read New Features - `VSIM`: new `EPSILON` argument to specify maximum distance - `SVS-VAMANA`: allow use of `BUILD_INTEL_SVS_OPT` flag for Intel optimisations (MOD-10920) Bug fixes - Potential crash on Lua script defrag - Potential crash on streams and HFE defrag - Potential use-after-free after pubsub and Lua defrag - `MEMORY USAGE`: fix reported value - `XGROUP CREATE`, `XGROUP SETID`: limit `ENTRIESREAD` value to the number of entries added to the stream - `JSON.DEL` doesn’t delete all matching object members / array elements (MOD-11032, MOD-11067) - `TDIGEST.CREATE` crashes (OOM) on huge initialization values (MOD-10840) - Potential shard restart while reindexing vectors on RDB loading (MOD-11011) - Potential crash when using small `CONSTRUCTION_WINDOW_SIZE` on `SVS-VAMANA` (MOD-10771) - Potential crash (OOM) in heavy updates due a file descriptor leak (MOD-10975) - Potential crash when using ACL rules (MOD-10748) - `INFO SEARCH`: `search_used_memory_indexes` vector index memory value incorrect - `FT.PROFILE`: more accurate execution duration measurements (MOD-10622) Performance and resource utilization - Improve RESP3 serialization performance (MOD-9687) Metrics - `INFO SEARCH`: new `SVS-VAMANA` metrics --- databases/redis/Makefile | 4 ++-- databases/redis/distinfo | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/databases/redis/Makefile b/databases/redis/Makefile index 060cbd122baf..a73cbc139052 100644 --- a/databases/redis/Makefile +++ b/databases/redis/Makefile @@ -1,6 +1,6 @@ -# $NetBSD: Makefile,v 1.97 2025/08/19 12:17:15 adam Exp $ +# $NetBSD: Makefile,v 1.97.2.1 2025/10/23 12:50:41 maya Exp $ -DISTNAME= redis-8.2.1 +DISTNAME= redis-8.2.2 CATEGORIES= databases MASTER_SITES= http://download.redis.io/releases/ diff --git a/databases/redis/distinfo b/databases/redis/distinfo index 52b093c93ae2..cf09a5db9a40 100644 --- a/databases/redis/distinfo +++ b/databases/redis/distinfo @@ -1,8 +1,8 @@ -$NetBSD: distinfo,v 1.87 2025/08/19 12:17:15 adam Exp $ +$NetBSD: distinfo,v 1.87.2.1 2025/10/23 12:50:41 maya Exp $ -BLAKE2s (redis-8.2.1.tar.gz) = bedfaa3874f325b10abb35c813794cac5c1a64fa7f924e8b357b02aac2e9ae48 -SHA512 (redis-8.2.1.tar.gz) = f67156c43a5907ce451408256049a9d523a89f7f7eda8ce6c97ee915acfc40c36b02645dce174a048c9d23e5b6fd0c5b20d369fc7544bbd920cc8b86ab3f42cd -Size (redis-8.2.1.tar.gz) = 3897326 bytes +BLAKE2s (redis-8.2.2.tar.gz) = 17dea0977a62906764b1da67f33db01c3cf517f7f044fcee604164c754d3669f +SHA512 (redis-8.2.2.tar.gz) = aa106835889b3a3b7394119d9342c73a1763d73d72849100a636cddeef388fec8ecfac40ab96e0ef7203b188d97bddf0b478e0deb74a8730fb13c0809375c2b0 +Size (redis-8.2.2.tar.gz) = 3901854 bytes SHA1 (patch-redis.conf) = a16fd0c559c9fbe0237b719d92a59259ae19c41a SHA1 (patch-src_Makefile) = 2408fc02e294f16db8ec2e339f0025164695cfcf SHA1 (patch-src_config.h) = 46d434465269977b7897c025c2d6f72b3b736de1 From 8cedbf78818b62f07c23974aaabd0aef61f4801c Mon Sep 17 00:00:00 2001 From: maya Date: Thu, 23 Oct 2025 12:51:23 +0000 Subject: [PATCH 30/49] doc: update for tickets 7017, 7025 --- doc/CHANGES-pkgsrc-2025Q3 | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/doc/CHANGES-pkgsrc-2025Q3 b/doc/CHANGES-pkgsrc-2025Q3 index af700c905052..7a7955c0f0d5 100644 --- a/doc/CHANGES-pkgsrc-2025Q3 +++ b/doc/CHANGES-pkgsrc-2025Q3 @@ -1,4 +1,4 @@ -$NetBSD: CHANGES-pkgsrc-2025Q3,v 1.1.2.9 2025/10/23 03:26:11 maya Exp $ +$NetBSD: CHANGES-pkgsrc-2025Q3,v 1.1.2.10 2025/10/23 12:51:23 maya Exp $ Changes to packages and infrastructure on the pkgsrc-2025Q3 branch: @@ -60,3 +60,9 @@ net/bind918: Security fix Pullup ticket #7024 - requested by taca www/squid7: Security fix + +Pullup ticket #7017 - requested by bsiegert +x11/qt5-qtwebkit: Build fix + +Pullup ticket #7025 - requested by taca +databases/redis: Security fix From 56cea1e5abedcabe94684388c783f47606b3bdb4 Mon Sep 17 00:00:00 2001 From: maya Date: Fri, 24 Oct 2025 23:53:01 +0000 Subject: [PATCH 31/49] Pullup ticket #7027 - requested by bsiegert www/curl: Bug fix www/libcurl-gnutls: Bug fix Revisions pulled up: - www/curl/Makefile 1.301 - www/curl/distinfo 1.220 - www/curl/patches/patch-lib_curl__threads.c 1.1 - www/libcurl-gnutls/Makefile 1.19 --- Module Name: pkgsrc Committed By: riastradh Date: Fri Oct 24 04:01:11 UTC 2025 Modified Files: pkgsrc/www/curl: Makefile distinfo pkgsrc/www/libcurl-gnutls: Makefile Added Files: pkgsrc/www/curl/patches: patch-lib_curl__threads.c Log Message: www/curl, www/libcurl-gnutls: Disable pthread_cancel. This upstream change is broken on just about every platform because getaddrinfo is not really cancel-safe, even though it's kinda sorta supposed to be in POSIX (https://pubs.opengroup.org/onlinepubs/9799919799/functions/V2_chap02.html#tag_16_09_05_02). The mistake has been backed out upstream for the next release, but that won't come until November and we need to pull up the fix now because it's already biting users. https://eissing.org/icing/posts/pthread_cancel/ https://eissing.org/icing/posts/rip_pthread_cancel/ https://github.com/curl/curl/issues/18532 https://github.com/curl/curl/pull/18540/files PR pkg/59720: curl hangs or crashes with pthread_cancel enabled --- www/curl/Makefile | 4 +++- www/curl/distinfo | 3 ++- www/curl/patches/patch-lib_curl__threads.c | 18 ++++++++++++++++++ www/libcurl-gnutls/Makefile | 3 ++- 4 files changed, 25 insertions(+), 3 deletions(-) create mode 100644 www/curl/patches/patch-lib_curl__threads.c diff --git a/www/curl/Makefile b/www/curl/Makefile index b481ce8579fa..eedb79d06cc2 100644 --- a/www/curl/Makefile +++ b/www/curl/Makefile @@ -1,7 +1,9 @@ -# $NetBSD: Makefile,v 1.298 2025/05/31 19:27:42 wiz Exp $ +# $NetBSD: Makefile,v 1.298.4.1 2025/10/24 23:53:01 maya Exp $ .include "Makefile.common" +PKGREVISION= 2 + CONFIGURE_ARGS+= --with-ssl=${BUILDLINK_PREFIX.openssl} SUBST_CLASSES+= rpath diff --git a/www/curl/distinfo b/www/curl/distinfo index 8fbd7685c30f..7fee60567289 100644 --- a/www/curl/distinfo +++ b/www/curl/distinfo @@ -1,5 +1,6 @@ -$NetBSD: distinfo,v 1.219 2025/09/12 07:32:12 wiz Exp $ +$NetBSD: distinfo,v 1.219.2.1 2025/10/24 23:53:01 maya Exp $ BLAKE2s (curl-8.16.0.tar.xz) = 3545a2b271d3b7d25be23f17ae61d947433e6d55c00136baae05eb787919d8a8 SHA512 (curl-8.16.0.tar.xz) = 8262c3dc113cfd5744ef1b82dbccaa69448a9395ad5c094c22df5cf537a047a927d3332db2cb3be12a31a68a60d8d0fa8485b916e975eda36a4ebd860da4f621 Size (curl-8.16.0.tar.xz) = 2788632 bytes +SHA1 (patch-lib_curl__threads.c) = 248bd91dff74b64e6aaca98e9cfd5003aae697fe diff --git a/www/curl/patches/patch-lib_curl__threads.c b/www/curl/patches/patch-lib_curl__threads.c new file mode 100644 index 000000000000..4af62a3d9da6 --- /dev/null +++ b/www/curl/patches/patch-lib_curl__threads.c @@ -0,0 +1,18 @@ +$NetBSD: patch-lib_curl__threads.c,v 1.1.2.2 2025/10/24 23:53:01 maya Exp $ + +Disable pthread_cancel. +https://github.com/curl/curl/issues/18532 +https://eissing.org/icing/posts/rip_pthread_cancel/ +https://gnats.NetBSD.org/59720 + +--- lib/curl_threads.c.orig 2025-09-10 05:43:43.000000000 +0000 ++++ lib/curl_threads.c +@@ -106,7 +106,7 @@ int Curl_thread_join(curl_thread_t *hnd) + * - this is a -fsanitize=thread build + * (clang sanitizer reports false positive when functions to not return) + */ +-#if defined(PTHREAD_CANCEL_ENABLE) && !defined(__FreeBSD__) ++#if 0 && defined(PTHREAD_CANCEL_ENABLE) && !defined(__FreeBSD__) + #if defined(__has_feature) + # if !__has_feature(thread_sanitizer) + #define USE_PTHREAD_CANCEL diff --git a/www/libcurl-gnutls/Makefile b/www/libcurl-gnutls/Makefile index d2cbdefd49f1..ceab6bb228d2 100644 --- a/www/libcurl-gnutls/Makefile +++ b/www/libcurl-gnutls/Makefile @@ -1,8 +1,9 @@ -# $NetBSD: Makefile,v 1.17 2025/05/28 09:43:53 wiz Exp $ +# $NetBSD: Makefile,v 1.17.4.1 2025/10/24 23:53:01 maya Exp $ .include "../../www/curl/Makefile.common" PKGNAME= ${DISTNAME:S/curl/libcurl-gnutls/} +PKGREVISION= 2 TOOL_DEPENDS+= patchelf-[0-9]*:../../devel/patchelf From de2336af7b3ff0e9ed58bfb434d93e66fb94bb45 Mon Sep 17 00:00:00 2001 From: maya Date: Sat, 1 Nov 2025 01:19:34 +0000 Subject: [PATCH 32/49] Pullup ticket #7029 - requested by bsiegert databases/p5-BerkeleyDB: Bug fix Revisions pulled up: - databases/p5-BerkeleyDB/Makefile 1.62 - databases/p5-BerkeleyDB/distinfo 1.26 --- Module Name: pkgsrc Committed By: bsiegert Date: Fri Oct 24 20:04:40 UTC 2025 Modified Files: pkgsrc/databases/p5-BerkeleyDB: Makefile distinfo Log Message: p5-BerkeleyDB: update to 0.66 Fixes an issue reported by Dave Tyson on pkgsrc-users. 0.66 14 October 2024 * Bundled Test::More fails with perl 5.41.x https://github.com/pmqs/BerkeleyDB/issues/12 * Possible precedence problem between ! and string eq https://github.com/pmqs/BerkeleyDB/issues/13 * Silence clang warnings https://github.com/pmqs/BerkeleyDB/issues/10 --- databases/p5-BerkeleyDB/Makefile | 5 ++--- databases/p5-BerkeleyDB/distinfo | 8 ++++---- 2 files changed, 6 insertions(+), 7 deletions(-) diff --git a/databases/p5-BerkeleyDB/Makefile b/databases/p5-BerkeleyDB/Makefile index c7ef0a007fe2..31f5a2919c06 100644 --- a/databases/p5-BerkeleyDB/Makefile +++ b/databases/p5-BerkeleyDB/Makefile @@ -1,8 +1,7 @@ -# $NetBSD: Makefile,v 1.61 2025/07/04 08:44:54 wiz Exp $ +# $NetBSD: Makefile,v 1.61.2.1 2025/11/01 01:19:34 maya Exp $ -DISTNAME= BerkeleyDB-0.65 +DISTNAME= BerkeleyDB-0.66 PKGNAME= p5-${DISTNAME} -PKGREVISION= 3 CATEGORIES= databases perl5 MASTER_SITES= ${MASTER_SITE_PERL_CPAN:=BerkeleyDB/} diff --git a/databases/p5-BerkeleyDB/distinfo b/databases/p5-BerkeleyDB/distinfo index 03c5068286a5..3df81e6da7db 100644 --- a/databases/p5-BerkeleyDB/distinfo +++ b/databases/p5-BerkeleyDB/distinfo @@ -1,5 +1,5 @@ -$NetBSD: distinfo,v 1.25 2022/08/18 11:14:33 wiz Exp $ +$NetBSD: distinfo,v 1.25.26.1 2025/11/01 01:19:34 maya Exp $ -BLAKE2s (BerkeleyDB-0.65.tar.gz) = 0c7efcd4fe9f3898f39799e6a2c70ea8e838b02e6d31668ef5c8ce251bae1a2d -SHA512 (BerkeleyDB-0.65.tar.gz) = 896d1388df35ff0c22ff6ad0cea93bf57be6e09a9176d05b88f34455dcd32e4549d19b11cad2322ae8f323adbe8a8ee6054fe611bdcb1490d26f6bec67686763 -Size (BerkeleyDB-0.65.tar.gz) = 258814 bytes +BLAKE2s (BerkeleyDB-0.66.tar.gz) = 801634de91e6b652cdb0189d7f3b08d97af97c70a04ed1099d690b87906cad00 +SHA512 (BerkeleyDB-0.66.tar.gz) = 2074e766f818015c6857c8bd45231100cc7e38d7532f60fc49cba14ccd59be1cd97daa1e704a06c21b8be014dc48f8072a56fcf90776ae8bf6be38f6b7e170ca +Size (BerkeleyDB-0.66.tar.gz) = 297586 bytes From 622ce985e179a1a85012731ded7cce8978af527f Mon Sep 17 00:00:00 2001 From: maya Date: Sat, 1 Nov 2025 03:12:05 +0000 Subject: [PATCH 33/49] Pullup ticket #7030 - requested by taca www/squid7: Bug fix Revisions pulled up: - www/squid7/DESCR 1.2 - www/squid7/Makefile 1.3-1.4 - www/squid7/distinfo 1.3-1.4 - www/squid7/options.mk 1.2 - www/squid7/patches/patch-src_anyp_Uri.cc deleted --- Module Name: pkgsrc Committed By: taca Date: Tue Oct 28 15:46:38 UTC 2025 Modified Files: pkgsrc/www/squid7: DESCR Makefile distinfo options.mk Added Files: pkgsrc/www/squid7/patches: patch-src_anyp_Uri.cc Log Message: www/squid7: Apply fix for Squid Bug 5520 * Add patch for fix Squid bug 5520. * Reduce pkglint warnings. * There is no scripts/tcp-banger.pl any more. * Use PKG_OPTIONS.squid7 instead of PKG_OPTIONS.squid5. Bump PKGREVISION. --- Module Name: pkgsrc Committed By: taca Date: Wed Oct 29 00:27:09 UTC 2025 Modified Files: pkgsrc/www/squid7: Makefile distinfo Removed Files: pkgsrc/www/squid7/patches: patch-src_anyp_Uri.cc Log Message: www/squid7: update to 7.3 Squid 7.3 (2025-10-28) * Regression Bug 5520: ERR_INVALID_URL for CONNECT host with leading digit * Quit NTLM authenticate() on missing NTLM authorization header * Fix Auth::User::absorb() IP list transfer logic * Fix type mismatch in new/delete of addrinfo::ai_addr * Fix libntlmauth string parsing on big-endian machines * ... and some code cleanups * ... and some CI improvements --- www/squid7/DESCR | 9 ++++++--- www/squid7/Makefile | 8 ++++---- www/squid7/distinfo | 8 ++++---- www/squid7/options.mk | 4 ++-- 4 files changed, 16 insertions(+), 13 deletions(-) diff --git a/www/squid7/DESCR b/www/squid7/DESCR index 1a70482f9eec..f01cfef891f4 100644 --- a/www/squid7/DESCR +++ b/www/squid7/DESCR @@ -10,9 +10,12 @@ new features are: Since version 6, some previously deprecated features have been removed: * Edge Side Includes (ESI) - * access to the cache manager using the cache_object:// scheme - use http instead - * the squidclient tool - use curl http:///squid-internal-mgr/menu instead + * access to the cache manager using the cache_object:// + scheme - use http instead + * the squidclient tool - use curl + http:///squid-internal-mgr/menu instead * the cachemgr.cgi tool * the purge tool - use the http PURGE method instead * Ident protocol support - * basic_smb_lm_auth and ntlm_smb_lm_auth helpers - use Samba's ntlm_auth instead + * basic_smb_lm_auth and ntlm_smb_lm_auth helpers - use + Samba's ntlm_auth instead diff --git a/www/squid7/Makefile b/www/squid7/Makefile index 2d4302be316d..1b2adc765e82 100644 --- a/www/squid7/Makefile +++ b/www/squid7/Makefile @@ -1,8 +1,6 @@ -# $NetBSD: Makefile,v 1.1.2.1 2025/10/23 03:25:18 maya Exp $ +# $NetBSD: Makefile,v 1.1.2.2 2025/11/01 03:12:05 maya Exp $ -VERSION= 7.2 DISTNAME= squid-${VERSION} - CATEGORIES= www MASTER_SITES= ${MASTER_SITE_GITHUB:=squid-cache/}squid/releases/download/SQUID_${VERSION:S/./_/g}/ EXTRACT_SUFX= .tar.xz @@ -12,6 +10,8 @@ HOMEPAGE= http://www.squid-cache.org/ COMMENT= Post-Harvest_cached WWW proxy cache and accelerator LICENSE= gnu-gpl-v2 +VERSION= 7.3 + # GCC 7 fails even with c++17 # src/ipc/TypedMsgHdr.h fails with # static_assert(std::is_trivially_copyable::value, "getPod() used for a POD") @@ -53,7 +53,7 @@ REPLACE_PERL+= contrib/url-normalizer.pl contrib/user-agents.pl \ scripts/calc-must-ids.pl scripts/check_cache.pl \ scripts/fileno-to-pathname.pl scripts/find-alive.pl \ scripts/flag_truncs.pl scripts/icp-test.pl \ - scripts/icpserver.pl scripts/tcp-banger.pl \ + scripts/icpserver.pl \ scripts/trace-job.pl scripts/trace-master.pl \ scripts/udp-banger.pl scripts/upgrade-1.0-store.pl \ tools/helper-ok-dying.pl tools/helper-ok.pl diff --git a/www/squid7/distinfo b/www/squid7/distinfo index 3d98f4a7cacc..262d9e7285ba 100644 --- a/www/squid7/distinfo +++ b/www/squid7/distinfo @@ -1,8 +1,8 @@ -$NetBSD: distinfo,v 1.1.2.1 2025/10/23 03:25:18 maya Exp $ +$NetBSD: distinfo,v 1.1.2.2 2025/11/01 03:12:05 maya Exp $ -BLAKE2s (squid-7.2.tar.xz) = 89e0413f9a6e2b5904a8ce3b64990096f9e37869acfadb365b42d42433056da3 -SHA512 (squid-7.2.tar.xz) = 424c425dde7b399531c9ed5a700ef84bf8e828b1896f0bd037da121e9b4c8ad0fb0c2b8daad1a0a5308269cc5ffbda42e4c1815421c0bdd6a4046d92dcb56fa7 -Size (squid-7.2.tar.xz) = 2442224 bytes +BLAKE2s (squid-7.3.tar.xz) = 89246ad2be89fd114df29840d00e4318c0594bcbad025b2d6ee052c8cc6392ee +SHA512 (squid-7.3.tar.xz) = ad6bbe518d79d079f7fe5d1ee9ae7a3f49b28ba75afdb1f0db16675e1e4127be2bc30dd246b00576f29e987c08c41dbff50c8227166ae3955c460ff837a89e2b +Size (squid-7.3.tar.xz) = 2441828 bytes SHA1 (patch-compat_compat.h) = 839381a5e1f46e7d9b822bbb53d82a53c996ddc0 SHA1 (patch-configure) = 6d33a33d05b343a052674b5b2a427f17d5e65435 SHA1 (patch-errors_Makefile.in) = e7ba371bb24e40eeb9dd10dc6fe12d208e681d72 diff --git a/www/squid7/options.mk b/www/squid7/options.mk index d08221ebd842..eaa2c3e4cbac 100644 --- a/www/squid7/options.mk +++ b/www/squid7/options.mk @@ -1,6 +1,6 @@ -# $NetBSD: options.mk,v 1.1 2025/07/16 10:58:02 sborrill Exp $ +# $NetBSD: options.mk,v 1.1.2.1 2025/11/01 03:12:05 maya Exp $ -PKG_OPTIONS_VAR= PKG_OPTIONS.squid5 +PKG_OPTIONS_VAR= PKG_OPTIONS.squid7 PKG_SUPPORTED_OPTIONS= inet6 snmp squid-backend-aufs \ squid-backend-diskd squid-backend-rock \ squid-backend-ufs squid-ecap squid-esi \ From 12c623b1df59ce2b12ec02587d222093ea811321 Mon Sep 17 00:00:00 2001 From: maya Date: Sat, 1 Nov 2025 03:15:12 +0000 Subject: [PATCH 34/49] doc: update for tickets 7027, 7029, 7030 --- doc/CHANGES-pkgsrc-2025Q3 | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/doc/CHANGES-pkgsrc-2025Q3 b/doc/CHANGES-pkgsrc-2025Q3 index 7a7955c0f0d5..3a103608aa79 100644 --- a/doc/CHANGES-pkgsrc-2025Q3 +++ b/doc/CHANGES-pkgsrc-2025Q3 @@ -1,4 +1,4 @@ -$NetBSD: CHANGES-pkgsrc-2025Q3,v 1.1.2.10 2025/10/23 12:51:23 maya Exp $ +$NetBSD: CHANGES-pkgsrc-2025Q3,v 1.1.2.11 2025/11/01 03:15:12 maya Exp $ Changes to packages and infrastructure on the pkgsrc-2025Q3 branch: @@ -66,3 +66,13 @@ x11/qt5-qtwebkit: Build fix Pullup ticket #7025 - requested by taca databases/redis: Security fix + +Pullup ticket #7027 - requested by bsiegert +www/curl: Bug fix +www/libcurl-gnutls: Bug fix + +Pullup ticket #7029 - requested by bsiegert +databases/p5-BerkeleyDB: Bug fix + +Pullup ticket #7030 - requested by taca +www/squid7: Bug fix From 877293c300ab50b15e510b40b88f1c2eb8d9d51d Mon Sep 17 00:00:00 2001 From: maya Date: Mon, 3 Nov 2025 15:45:50 +0000 Subject: [PATCH 35/49] Pullup ticket #7031 - requested by taca databases/redis: Security fix Revisions pulled up: - databases/redis/Makefile 1.99 - databases/redis/distinfo 1.89 --- Module Name: pkgsrc Committed By: adam Date: Sun Nov 2 20:02:45 UTC 2025 Modified Files: pkgsrc/databases/redis: Makefile distinfo Log Message: redis: updated to 8.2.3 Redis 8.2.3 Released Sun 2 Nov 2025 16:00:00 IST Update urgency: `SECURITY`: There is a security fix in the release. Security fixes - (CVE-2025-62507) Bug in `XACKDEL` may lead to stack overflow and potential RCE Bug fixes - `HGETEX`: A missing `numfields` argument when `FIELDS` is used can lead to Redis crash - an overflow in `HyperLogLog` with 2GB+ entries may result in a Redis crash - Cuckoo filter - Division by zero in Cuckoo filter insertion - Cuckoo filter - Counter overflow - Bloom filter - Arbitrary memory read/write with invalid filter - Bloom filter - Out-of-bounds access with empty chain - Top-k - Out-of-bounds access - Bloom filter - Restore invalid filter [We thank AWS security for responsibly disclosing the security bug] --- databases/redis/Makefile | 4 ++-- databases/redis/distinfo | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/databases/redis/Makefile b/databases/redis/Makefile index a73cbc139052..1c5c0cf247aa 100644 --- a/databases/redis/Makefile +++ b/databases/redis/Makefile @@ -1,6 +1,6 @@ -# $NetBSD: Makefile,v 1.97.2.1 2025/10/23 12:50:41 maya Exp $ +# $NetBSD: Makefile,v 1.97.2.2 2025/11/03 15:45:50 maya Exp $ -DISTNAME= redis-8.2.2 +DISTNAME= redis-8.2.3 CATEGORIES= databases MASTER_SITES= http://download.redis.io/releases/ diff --git a/databases/redis/distinfo b/databases/redis/distinfo index cf09a5db9a40..eccc75e88f7d 100644 --- a/databases/redis/distinfo +++ b/databases/redis/distinfo @@ -1,8 +1,8 @@ -$NetBSD: distinfo,v 1.87.2.1 2025/10/23 12:50:41 maya Exp $ +$NetBSD: distinfo,v 1.87.2.2 2025/11/03 15:45:50 maya Exp $ -BLAKE2s (redis-8.2.2.tar.gz) = 17dea0977a62906764b1da67f33db01c3cf517f7f044fcee604164c754d3669f -SHA512 (redis-8.2.2.tar.gz) = aa106835889b3a3b7394119d9342c73a1763d73d72849100a636cddeef388fec8ecfac40ab96e0ef7203b188d97bddf0b478e0deb74a8730fb13c0809375c2b0 -Size (redis-8.2.2.tar.gz) = 3901854 bytes +BLAKE2s (redis-8.2.3.tar.gz) = b5ecf1c738c3f0b6611bd6d1a2dc93071205a6c0f7ff8232ee27403026c9ca3d +SHA512 (redis-8.2.3.tar.gz) = aa098747a8cc9934f3d93d69198e32fabad64021b4431ec483a875894fd4cf385c60f2c88816d95dbc59cb2c62efe66799747ba89c112e9dfda943782b51c340 +Size (redis-8.2.3.tar.gz) = 3902358 bytes SHA1 (patch-redis.conf) = a16fd0c559c9fbe0237b719d92a59259ae19c41a SHA1 (patch-src_Makefile) = 2408fc02e294f16db8ec2e339f0025164695cfcf SHA1 (patch-src_config.h) = 46d434465269977b7897c025c2d6f72b3b736de1 From e23c79095cc6c08e72cc813ec3278113b2d2ed2d Mon Sep 17 00:00:00 2001 From: bsiegert Date: Fri, 21 Nov 2025 08:43:43 +0000 Subject: [PATCH 36/49] Pullup ticket #7032 - requested by nia security/pkcs11-helper: security fix Revisions pulled up: - security/pkcs11-helper/Makefile 1.46 - security/pkcs11-helper/distinfo 1.9 - security/pkcs11-helper/patches/patch-lib_pkcs11h-util.c 1.1 --- Module Name: pkgsrc Committed By: nia Date: Wed Nov 19 08:47:26 UTC 2025 Modified Files: pkgsrc/security/pkcs11-helper: Makefile distinfo Added Files: pkgsrc/security/pkcs11-helper/patches: patch-lib_pkcs11h-util.c Log Message: pkcs11-helper: Update to 1.31.0 2025-11-10 - Version 1.31.0 * threading: fix mutex handling for cond_wait, thanks to Gleb Popov. * mbed: initialize certificate early using mbedtls_x509_crt_init. * util: fix deserialize buffer overflow. thanks to Aarnav Bos. Builds on at least macOS, Linux, FreeBSD, NetBSD, OpenBSD. --- security/pkcs11-helper/Makefile | 7 +++---- security/pkcs11-helper/distinfo | 9 +++++---- .../patches/patch-lib_pkcs11h-util.c | 15 +++++++++++++++ 3 files changed, 23 insertions(+), 8 deletions(-) create mode 100644 security/pkcs11-helper/patches/patch-lib_pkcs11h-util.c diff --git a/security/pkcs11-helper/Makefile b/security/pkcs11-helper/Makefile index 16a891eef5c2..69dd46670482 100644 --- a/security/pkcs11-helper/Makefile +++ b/security/pkcs11-helper/Makefile @@ -1,7 +1,6 @@ -# $NetBSD: Makefile,v 1.45 2025/04/17 21:52:18 wiz Exp $ +# $NetBSD: Makefile,v 1.45.4.1 2025/11/21 08:43:43 bsiegert Exp $ -DISTNAME= pkcs11-helper-1.30.0 -PKGREVISION= 6 +DISTNAME= pkcs11-helper-1.31.0 CATEGORIES= security MASTER_SITES= ${MASTER_SITE_GITHUB:=OpenSC/} GITHUB_RELEASE= ${DISTNAME} @@ -13,7 +12,7 @@ COMMENT= Library that simplifies the interaction with PKCS11 LICENSE= modified-bsd OR gnu-gpl-v2 # Not documented, but relatively clear from warnings. -USE_LANGUAGES= c99 +FORCE_C_STD= gnu99 USE_LIBTOOL= yes USE_TOOLS+= gmake pkg-config GNU_CONFIGURE= yes diff --git a/security/pkcs11-helper/distinfo b/security/pkcs11-helper/distinfo index a3253184160b..562e7d7e249d 100644 --- a/security/pkcs11-helper/distinfo +++ b/security/pkcs11-helper/distinfo @@ -1,5 +1,6 @@ -$NetBSD: distinfo,v 1.8 2024/04/14 12:52:09 gdt Exp $ +$NetBSD: distinfo,v 1.8.12.1 2025/11/21 08:43:43 bsiegert Exp $ -BLAKE2s (pkcs11-helper-1.30.0.tar.bz2) = 5b9bda47fa65eb9a280d569cde20a8cf0ae60c417d9e394cf757d22c1a407f66 -SHA512 (pkcs11-helper-1.30.0.tar.bz2) = 19fba76e41210cc17f9efa4501d0214d4a5c777ab7b2671888fd280b150bae4a6b190c7f47fb783015f9aa40d409fd6087264e531d6f28d0bed4293dcbf8bdd5 -Size (pkcs11-helper-1.30.0.tar.bz2) = 423196 bytes +BLAKE2s (pkcs11-helper-1.31.0.tar.bz2) = 9080bc6cb27f6d35ee1b90ab36f0a39c52647b997b5eea41efc5c3c2d60ecd60 +SHA512 (pkcs11-helper-1.31.0.tar.bz2) = 0833efc59e9093dd398a54640d858b01a830ef7adfb40321c1e0ed0afa004500fc1259cc66bc49c5263935adeda0a3bfe658de538eefd66888685a71f731c484 +Size (pkcs11-helper-1.31.0.tar.bz2) = 424487 bytes +SHA1 (patch-lib_pkcs11h-util.c) = 7efcde2ad5d8c7d53a802c4d7928cb9b5057109c diff --git a/security/pkcs11-helper/patches/patch-lib_pkcs11h-util.c b/security/pkcs11-helper/patches/patch-lib_pkcs11h-util.c new file mode 100644 index 000000000000..e071abb62be4 --- /dev/null +++ b/security/pkcs11-helper/patches/patch-lib_pkcs11h-util.c @@ -0,0 +1,15 @@ +$NetBSD: patch-lib_pkcs11h-util.c,v 1.1.2.2 2025/11/21 08:43:43 bsiegert Exp $ + +Fix ctype usage. + +--- lib/pkcs11h-util.c.orig 2025-11-19 08:30:09.777808327 +0000 ++++ lib/pkcs11h-util.c +@@ -179,7 +179,7 @@ _pkcs11h_util_escapeString ( + + while (*s != '\x0') { + +- if (*s == '\\' || strchr (invalid_chars, (unsigned char)*s) || !isgraph (*s)) { ++ if (*s == '\\' || strchr (invalid_chars, (unsigned char)*s) || !isgraph ((unsigned char)*s)) { + if (t != NULL) { + if (n+4 > *max) { + rv = CKR_ATTRIBUTE_VALUE_INVALID; From f8752e86a97ef5377cbaf6509d765c4bad8c1582 Mon Sep 17 00:00:00 2001 From: bsiegert Date: Fri, 21 Nov 2025 08:44:23 +0000 Subject: [PATCH 37/49] Note pullup ticket #7032 --- doc/CHANGES-pkgsrc-2025Q3 | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/doc/CHANGES-pkgsrc-2025Q3 b/doc/CHANGES-pkgsrc-2025Q3 index 3a103608aa79..8b977fb8eb84 100644 --- a/doc/CHANGES-pkgsrc-2025Q3 +++ b/doc/CHANGES-pkgsrc-2025Q3 @@ -1,4 +1,4 @@ -$NetBSD: CHANGES-pkgsrc-2025Q3,v 1.1.2.11 2025/11/01 03:15:12 maya Exp $ +$NetBSD: CHANGES-pkgsrc-2025Q3,v 1.1.2.12 2025/11/21 08:44:23 bsiegert Exp $ Changes to packages and infrastructure on the pkgsrc-2025Q3 branch: @@ -76,3 +76,7 @@ databases/p5-BerkeleyDB: Bug fix Pullup ticket #7030 - requested by taca www/squid7: Bug fix + +Pullup ticket #7032 - requested by nia +security/pkcs11-helper: security fix + From 1679a9f03388a783e7c887b73021919efa441876 Mon Sep 17 00:00:00 2001 From: bsiegert Date: Tue, 25 Nov 2025 06:33:07 +0000 Subject: [PATCH 38/49] Pullup ticket #7033 - requested by wiz misc/libreoffice: build fix Revisions pulled up: - misc/libreoffice/PLIST 1.65 --- Module Name: pkgsrc Committed By: wiz Date: Mon Sep 29 08:48:26 UTC 2025 Modified Files: pkgsrc/misc/libreoffice: PLIST Log Message: libreoffice: restore ${PLIST.gtk3} and ${PLIST.ldap}, lost in previous --- misc/libreoffice/PLIST | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/misc/libreoffice/PLIST b/misc/libreoffice/PLIST index 9b058844e2f9..16b5086b848b 100644 --- a/misc/libreoffice/PLIST +++ b/misc/libreoffice/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.64 2025/08/30 06:44:05 ryoon Exp $ +@comment $NetBSD: PLIST,v 1.64.2.1 2025/11/25 06:33:07 bsiegert Exp $ bin/libreoffice bin/lobase bin/localc @@ -133,8 +133,8 @@ ${PKGNAME}/lib/libreoffice/program/libintrospectionlo.so ${PKGNAME}/lib/libreoffice/program/libinvocadaptlo.so ${PKGNAME}/lib/libreoffice/program/libinvocationlo.so ${PKGNAME}/lib/libreoffice/program/libiolo.so -${PKGNAME}/lib/libreoffice/program/libldapbe2lo.so -${PKGNAME}/lib/libreoffice/program/liblibreofficekitgtk.so +${PLIST.ldap}${PKGNAME}/lib/libreoffice/program/libldapbe2lo.so +${PLIST.gtk3}${PKGNAME}/lib/libreoffice/program/liblibreofficekitgtk.so ${PKGNAME}/lib/libreoffice/program/liblnglo.so ${PKGNAME}/lib/libreoffice/program/liblnthlo.so ${PKGNAME}/lib/libreoffice/program/liblocalebe1lo.so @@ -256,7 +256,7 @@ ${PKGNAME}/lib/libreoffice/program/libvbaswobjlo.so ${PKGNAME}/lib/libreoffice/program/libvclcanvaslo.so ${PKGNAME}/lib/libreoffice/program/libvcllo.so ${PKGNAME}/lib/libreoffice/program/libvclplug_genlo.so -${PKGNAME}/lib/libreoffice/program/libvclplug_gtk3lo.so +${PLIST.gtk3}${PKGNAME}/lib/libreoffice/program/libvclplug_gtk3lo.so ${PKGNAME}/lib/libreoffice/program/libwpftcalclo.so ${PKGNAME}/lib/libreoffice/program/libwpftdrawlo.so ${PKGNAME}/lib/libreoffice/program/libwpftimpresslo.so From 6bb5cee629cacc11eb398c35e6f36570e77f8e83 Mon Sep 17 00:00:00 2001 From: bsiegert Date: Tue, 25 Nov 2025 08:38:37 +0000 Subject: [PATCH 39/49] Pullup ticket #7034 - requested by nia www/palemoon: sparc64 build fix Revisions pulled up: - www/palemoon/distinfo 1.31 - www/palemoon/patches/patch-platform_media_ffvpx_config.h 1.1 - www/palemoon/patches/patch-platform_media_ffvpx_config__unix__sparc64.h 1.1 --- Module Name: pkgsrc Committed By: nia Date: Sun Nov 23 10:59:29 UTC 2025 Modified Files: pkgsrc/www/palemoon: distinfo Added Files: pkgsrc/www/palemoon/patches: patch-platform_media_ffvpx_config.h patch-platform_media_ffvpx_config__unix__sparc64.h Log Message: palemoon: Fix sparc64 support in ffvpx. This patch has already been upstreamed. --- www/palemoon/distinfo | 4 +- .../patch-platform_media_ffvpx_config.h | 16 + ...atform_media_ffvpx_config__unix__sparc64.h | 793 ++++++++++++++++++ 3 files changed, 812 insertions(+), 1 deletion(-) create mode 100644 www/palemoon/patches/patch-platform_media_ffvpx_config.h create mode 100644 www/palemoon/patches/patch-platform_media_ffvpx_config__unix__sparc64.h diff --git a/www/palemoon/distinfo b/www/palemoon/distinfo index 74eeac8fc3f4..368f000cb2f3 100644 --- a/www/palemoon/distinfo +++ b/www/palemoon/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.28 2025/09/05 07:42:01 nia Exp $ +$NetBSD: distinfo,v 1.28.2.1 2025/11/25 08:38:37 bsiegert Exp $ BLAKE2s (palemoon-33.8.2/icudt63b.dat.gz) = 609cc504b54df324a891aa9531ab069b3699591bf49b989e792479df33262a92 SHA512 (palemoon-33.8.2/icudt63b.dat.gz) = 514b8bfe28fb54e1e26b9140d4b3065504a0b0284fded121f26c4e0f13697154a54da4a7c85a0fa0b9dae2e5b452aff4df138228c28ed80969ec0ac33b0ad0b2 @@ -18,6 +18,8 @@ SHA1 (patch-platform_gfx_angle_src_libANGLE_renderer_gl_glx_FunctionsGLX.cpp) = SHA1 (patch-platform_intl_icu_source_configure) = 87d19e9212b4340d9b052b5a89be84432ad1cff2 SHA1 (patch-platform_ipc_chromium_src_base_atomicops.h) = ab4b489e9f9c22a861a275924ef34a909d210828 SHA1 (patch-platform_ipc_chromium_src_base_atomicops__internals__arm__gcc.h) = f33b6c391689c52d0a6855e29ff25d863a7f15e5 +SHA1 (patch-platform_media_ffvpx_config.h) = 7d42a3cbcb10818b2d2d890a6fcc9ec7b6b05ec1 +SHA1 (patch-platform_media_ffvpx_config__unix__sparc64.h) = 04526fe267652e6159ecd131d8d9504da17fe861 SHA1 (patch-platform_media_libaom_config_linux_arm_config_aom__config.h) = 69ef22fe9892c2288accb6eb00b4533d8cee0299 SHA1 (patch-platform_media_libcubeb_src_cubeb__sun.c) = ce27774d772d65fa60b6be5bee82fbe4f787f3d1 SHA1 (patch-platform_media_libtheora_moz.build) = a7bad662dabb87c6a85542a4a50f8ed693064bc6 diff --git a/www/palemoon/patches/patch-platform_media_ffvpx_config.h b/www/palemoon/patches/patch-platform_media_ffvpx_config.h new file mode 100644 index 000000000000..75a4c72f0053 --- /dev/null +++ b/www/palemoon/patches/patch-platform_media_ffvpx_config.h @@ -0,0 +1,16 @@ +$NetBSD: patch-platform_media_ffvpx_config.h,v 1.1.2.2 2025/11/25 08:38:37 bsiegert Exp $ + +Add pregenerated config for sparc64. +This has been accepted upstream. + +--- platform/media/ffvpx/config.h.orig 2025-10-15 17:46:52.000000000 +0000 ++++ platform/media/ffvpx/config.h +@@ -41,6 +41,8 @@ + #include "config_unix_aarch64.h" + #elif defined(__powerpc__) + #include "config_unix_ppc.h" ++#elif defined(__sparcv9) || defined(__sparcv9__) ++#include "config_unix_sparc64.h" + #else + #if defined(HAVE_64BIT_BUILD) + #include "config_unix64.h" diff --git a/www/palemoon/patches/patch-platform_media_ffvpx_config__unix__sparc64.h b/www/palemoon/patches/patch-platform_media_ffvpx_config__unix__sparc64.h new file mode 100644 index 000000000000..fc2e40ff3c27 --- /dev/null +++ b/www/palemoon/patches/patch-platform_media_ffvpx_config__unix__sparc64.h @@ -0,0 +1,793 @@ +$NetBSD: patch-platform_media_ffvpx_config__unix__sparc64.h,v 1.1.2.2 2025/11/25 08:38:37 bsiegert Exp $ + +Add pregenerated config for sparc64. +This has been accepted upstream. + +--- platform/media/ffvpx/config_unix_sparc64.h.orig 2025-11-23 10:49:11.451664185 +0000 ++++ platform/media/ffvpx/config_unix_sparc64.h +@@ -0,0 +1,785 @@ ++/* Automatically generated by configure - do not modify! */ ++#ifndef FFMPEG_CONFIG_H ++#define FFMPEG_CONFIG_H ++#define FFMPEG_CONFIGURATION "--disable-all --enable-avcodec --enable-decoder='vp8,vp9,mp3,flac,av1' --enable-parser='vp8,vp9' --disable-static --enable-shared --disable-autodetect --disable-iconv" ++#define FFMPEG_LICENSE "LGPL version 2.1 or later" ++#define CONFIG_THIS_YEAR 2024 ++#define FFMPEG_DATADIR "/usr/local/share/ffmpeg" ++#define AVCONV_DATADIR "/usr/local/share/ffmpeg" ++#define CC_IDENT "gcc 12.5.0 (nb1 20250721)" ++#define OS_NAME netbsd ++#define av_restrict restrict ++#define EXTERN_PREFIX "" ++#define EXTERN_ASM ++#define BUILDSUF "" ++#define SLIBSUF ".so" ++#define SWS_MAX_FILTER_SIZE 256 ++#define ARCH_AARCH64 0 ++#define ARCH_ARM 0 ++#define ARCH_IA64 0 ++#define ARCH_LOONGARCH 0 ++#define ARCH_LOONGARCH32 0 ++#define ARCH_LOONGARCH64 0 ++#define ARCH_M68K 0 ++#define ARCH_MIPS 0 ++#define ARCH_MIPS64 0 ++#define ARCH_PARISC 0 ++#define ARCH_PPC 0 ++#define ARCH_PPC64 0 ++#define ARCH_RISCV 0 ++#define ARCH_S390 0 ++#define ARCH_SPARC 1 ++#define ARCH_SPARC64 1 ++#define ARCH_TILEGX 0 ++#define ARCH_TILEPRO 0 ++#define ARCH_X86 0 ++#define ARCH_X86_32 0 ++#define ARCH_X86_64 0 ++#define HAVE_ARMV5TE 0 ++#define HAVE_ARMV6 0 ++#define HAVE_ARMV6T2 0 ++#define HAVE_ARMV8 0 ++#define HAVE_DOTPROD 0 ++#define HAVE_I8MM 0 ++#define HAVE_NEON 0 ++#define HAVE_VFP 0 ++#define HAVE_VFPV3 0 ++#define HAVE_SETEND 0 ++#define HAVE_ALTIVEC 0 ++#define HAVE_DCBZL 0 ++#define HAVE_LDBRX 0 ++#define HAVE_POWER8 0 ++#define HAVE_PPC4XX 0 ++#define HAVE_VSX 0 ++#define HAVE_RV 0 ++#define HAVE_RVV 0 ++#define HAVE_RV_ZICBOP 1 ++#define HAVE_RV_ZVBB 0 ++#define HAVE_AESNI 0 ++#define HAVE_AMD3DNOW 0 ++#define HAVE_AMD3DNOWEXT 0 ++#define HAVE_AVX 0 ++#define HAVE_AVX2 0 ++#define HAVE_AVX512 0 ++#define HAVE_AVX512ICL 0 ++#define HAVE_FMA3 0 ++#define HAVE_FMA4 0 ++#define HAVE_MMX 0 ++#define HAVE_MMXEXT 0 ++#define HAVE_SSE 0 ++#define HAVE_SSE2 0 ++#define HAVE_SSE3 0 ++#define HAVE_SSE4 0 ++#define HAVE_SSE42 0 ++#define HAVE_SSSE3 0 ++#define HAVE_XOP 0 ++#define HAVE_I686 0 ++#define HAVE_MIPSFPU 0 ++#define HAVE_MIPS32R2 0 ++#define HAVE_MIPS32R5 0 ++#define HAVE_MIPS64R2 0 ++#define HAVE_MIPS32R6 0 ++#define HAVE_MIPS64R6 0 ++#define HAVE_MIPSDSP 0 ++#define HAVE_MIPSDSPR2 0 ++#define HAVE_MSA 0 ++#define HAVE_LOONGSON2 0 ++#define HAVE_LOONGSON3 0 ++#define HAVE_MMI 0 ++#define HAVE_LSX 0 ++#define HAVE_LASX 0 ++#define HAVE_ARMV5TE_EXTERNAL 0 ++#define HAVE_ARMV6_EXTERNAL 0 ++#define HAVE_ARMV6T2_EXTERNAL 0 ++#define HAVE_ARMV8_EXTERNAL 0 ++#define HAVE_DOTPROD_EXTERNAL 0 ++#define HAVE_I8MM_EXTERNAL 0 ++#define HAVE_NEON_EXTERNAL 0 ++#define HAVE_VFP_EXTERNAL 0 ++#define HAVE_VFPV3_EXTERNAL 0 ++#define HAVE_SETEND_EXTERNAL 0 ++#define HAVE_ALTIVEC_EXTERNAL 0 ++#define HAVE_DCBZL_EXTERNAL 0 ++#define HAVE_LDBRX_EXTERNAL 0 ++#define HAVE_POWER8_EXTERNAL 0 ++#define HAVE_PPC4XX_EXTERNAL 0 ++#define HAVE_VSX_EXTERNAL 0 ++#define HAVE_RV_EXTERNAL 0 ++#define HAVE_RVV_EXTERNAL 0 ++#define HAVE_RV_ZICBOP_EXTERNAL 0 ++#define HAVE_RV_ZVBB_EXTERNAL 0 ++#define HAVE_AESNI_EXTERNAL 0 ++#define HAVE_AMD3DNOW_EXTERNAL 0 ++#define HAVE_AMD3DNOWEXT_EXTERNAL 0 ++#define HAVE_AVX_EXTERNAL 0 ++#define HAVE_AVX2_EXTERNAL 0 ++#define HAVE_AVX512_EXTERNAL 0 ++#define HAVE_AVX512ICL_EXTERNAL 0 ++#define HAVE_FMA3_EXTERNAL 0 ++#define HAVE_FMA4_EXTERNAL 0 ++#define HAVE_MMX_EXTERNAL 0 ++#define HAVE_MMXEXT_EXTERNAL 0 ++#define HAVE_SSE_EXTERNAL 0 ++#define HAVE_SSE2_EXTERNAL 0 ++#define HAVE_SSE3_EXTERNAL 0 ++#define HAVE_SSE4_EXTERNAL 0 ++#define HAVE_SSE42_EXTERNAL 0 ++#define HAVE_SSSE3_EXTERNAL 0 ++#define HAVE_XOP_EXTERNAL 0 ++#define HAVE_I686_EXTERNAL 0 ++#define HAVE_MIPSFPU_EXTERNAL 0 ++#define HAVE_MIPS32R2_EXTERNAL 0 ++#define HAVE_MIPS32R5_EXTERNAL 0 ++#define HAVE_MIPS64R2_EXTERNAL 0 ++#define HAVE_MIPS32R6_EXTERNAL 0 ++#define HAVE_MIPS64R6_EXTERNAL 0 ++#define HAVE_MIPSDSP_EXTERNAL 0 ++#define HAVE_MIPSDSPR2_EXTERNAL 0 ++#define HAVE_MSA_EXTERNAL 0 ++#define HAVE_LOONGSON2_EXTERNAL 0 ++#define HAVE_LOONGSON3_EXTERNAL 0 ++#define HAVE_MMI_EXTERNAL 0 ++#define HAVE_LSX_EXTERNAL 0 ++#define HAVE_LASX_EXTERNAL 0 ++#define HAVE_ARMV5TE_INLINE 0 ++#define HAVE_ARMV6_INLINE 0 ++#define HAVE_ARMV6T2_INLINE 0 ++#define HAVE_ARMV8_INLINE 0 ++#define HAVE_DOTPROD_INLINE 0 ++#define HAVE_I8MM_INLINE 0 ++#define HAVE_NEON_INLINE 0 ++#define HAVE_VFP_INLINE 0 ++#define HAVE_VFPV3_INLINE 0 ++#define HAVE_SETEND_INLINE 0 ++#define HAVE_ALTIVEC_INLINE 0 ++#define HAVE_DCBZL_INLINE 0 ++#define HAVE_LDBRX_INLINE 0 ++#define HAVE_POWER8_INLINE 0 ++#define HAVE_PPC4XX_INLINE 0 ++#define HAVE_VSX_INLINE 0 ++#define HAVE_RV_INLINE 0 ++#define HAVE_RVV_INLINE 0 ++#define HAVE_RV_ZICBOP_INLINE 0 ++#define HAVE_RV_ZVBB_INLINE 0 ++#define HAVE_AESNI_INLINE 0 ++#define HAVE_AMD3DNOW_INLINE 0 ++#define HAVE_AMD3DNOWEXT_INLINE 0 ++#define HAVE_AVX_INLINE 0 ++#define HAVE_AVX2_INLINE 0 ++#define HAVE_AVX512_INLINE 0 ++#define HAVE_AVX512ICL_INLINE 0 ++#define HAVE_FMA3_INLINE 0 ++#define HAVE_FMA4_INLINE 0 ++#define HAVE_MMX_INLINE 0 ++#define HAVE_MMXEXT_INLINE 0 ++#define HAVE_SSE_INLINE 0 ++#define HAVE_SSE2_INLINE 0 ++#define HAVE_SSE3_INLINE 0 ++#define HAVE_SSE4_INLINE 0 ++#define HAVE_SSE42_INLINE 0 ++#define HAVE_SSSE3_INLINE 0 ++#define HAVE_XOP_INLINE 0 ++#define HAVE_I686_INLINE 0 ++#define HAVE_MIPSFPU_INLINE 0 ++#define HAVE_MIPS32R2_INLINE 0 ++#define HAVE_MIPS32R5_INLINE 0 ++#define HAVE_MIPS64R2_INLINE 0 ++#define HAVE_MIPS32R6_INLINE 0 ++#define HAVE_MIPS64R6_INLINE 0 ++#define HAVE_MIPSDSP_INLINE 0 ++#define HAVE_MIPSDSPR2_INLINE 0 ++#define HAVE_MSA_INLINE 0 ++#define HAVE_LOONGSON2_INLINE 0 ++#define HAVE_LOONGSON3_INLINE 0 ++#define HAVE_MMI_INLINE 0 ++#define HAVE_LSX_INLINE 0 ++#define HAVE_LASX_INLINE 0 ++#define HAVE_ALIGNED_STACK 0 ++#define HAVE_FAST_64BIT 1 ++#define HAVE_FAST_CLZ 0 ++#define HAVE_FAST_CMOV 0 ++#define HAVE_FAST_FLOAT16 0 ++#define HAVE_LOCAL_ALIGNED 0 ++#define HAVE_SIMD_ALIGN_16 0 ++#define HAVE_SIMD_ALIGN_32 0 ++#define HAVE_SIMD_ALIGN_64 0 ++#define HAVE_MEMORYBARRIER 0 ++#define HAVE_MM_EMPTY 0 ++#define HAVE_RDTSC 0 ++#define HAVE_SEM_TIMEDWAIT 1 ++#define HAVE_INLINE_ASM 1 ++#define HAVE_SYMVER 0 ++#define HAVE_X86ASM 0 ++#define HAVE_BIGENDIAN 1 ++#define HAVE_FAST_UNALIGNED 0 ++#define HAVE_ARPA_INET_H 1 ++#define HAVE_ASM_HWPROBE_H 0 ++#define HAVE_ASM_TYPES_H 0 ++#define HAVE_CDIO_PARANOIA_H 0 ++#define HAVE_CDIO_PARANOIA_PARANOIA_H 0 ++#define HAVE_CUDA_H 0 ++#define HAVE_DISPATCH_DISPATCH_H 0 ++#define HAVE_DEV_BKTR_IOCTL_BT848_H 0 ++#define HAVE_DEV_BKTR_IOCTL_METEOR_H 0 ++#define HAVE_DEV_IC_BT8XX_H 1 ++#define HAVE_DEV_VIDEO_BKTR_IOCTL_BT848_H 0 ++#define HAVE_DEV_VIDEO_METEOR_IOCTL_METEOR_H 0 ++#define HAVE_DIRECT_H 0 ++#define HAVE_DIRENT_H 1 ++#define HAVE_DXGIDEBUG_H 0 ++#define HAVE_DXVA_H 0 ++#define HAVE_ES2_GL_H 0 ++#define HAVE_GSM_H 0 ++#define HAVE_IO_H 0 ++#define HAVE_LINUX_DMA_BUF_H 0 ++#define HAVE_LINUX_PERF_EVENT_H 0 ++#define HAVE_MACHINE_IOCTL_BT848_H 0 ++#define HAVE_MACHINE_IOCTL_METEOR_H 0 ++#define HAVE_MALLOC_H 1 ++#define HAVE_OPENCV2_CORE_CORE_C_H 0 ++#define HAVE_OPENGL_GL3_H 0 ++#define HAVE_POLL_H 1 ++#define HAVE_PTHREAD_NP_H 0 ++#define HAVE_SYS_HWPROBE_H 0 ++#define HAVE_SYS_PARAM_H 1 ++#define HAVE_SYS_RESOURCE_H 1 ++#define HAVE_SYS_SELECT_H 1 ++#define HAVE_SYS_SOUNDCARD_H 1 ++#define HAVE_SYS_AUDIOIO_H 1 ++#define HAVE_SYS_TIME_H 1 ++#define HAVE_SYS_UN_H 1 ++#define HAVE_SYS_VIDEOIO_H 1 ++#define HAVE_TERMIOS_H 1 ++#define HAVE_UDPLITE_H 0 ++#define HAVE_UNISTD_H 1 ++#define HAVE_VALGRIND_VALGRIND_H 0 ++#define HAVE_WINDOWS_H 0 ++#define HAVE_WINSOCK2_H 0 ++#define HAVE_INTRINSICS_NEON 0 ++#define HAVE_INTRINSICS_SSE2 0 ++#define HAVE_ATANF 1 ++#define HAVE_ATAN2F 1 ++#define HAVE_CBRT 1 ++#define HAVE_CBRTF 1 ++#define HAVE_COPYSIGN 1 ++#define HAVE_COSF 1 ++#define HAVE_ERF 1 ++#define HAVE_EXP2 1 ++#define HAVE_EXP2F 1 ++#define HAVE_EXPF 1 ++#define HAVE_HYPOT 1 ++#define HAVE_ISFINITE 1 ++#define HAVE_ISINF 1 ++#define HAVE_ISNAN 1 ++#define HAVE_LDEXPF 1 ++#define HAVE_LLRINT 1 ++#define HAVE_LLRINTF 1 ++#define HAVE_LOG2 1 ++#define HAVE_LOG2F 1 ++#define HAVE_LOG10F 1 ++#define HAVE_LRINT 1 ++#define HAVE_LRINTF 1 ++#define HAVE_POWF 1 ++#define HAVE_RINT 1 ++#define HAVE_ROUND 1 ++#define HAVE_ROUNDF 1 ++#define HAVE_SINF 1 ++#define HAVE_TRUNC 1 ++#define HAVE_TRUNCF 1 ++#define HAVE_DOS_PATHS 0 ++#define HAVE_LIBC_MSVCRT 0 ++#define HAVE_MMAL_PARAMETER_VIDEO_MAX_NUM_CALLBACKS 0 ++#define HAVE_SECTION_DATA_REL_RO 1 ++#define HAVE_THREADS 1 ++#define HAVE_UWP 0 ++#define HAVE_WINRT 0 ++#define HAVE_ACCESS 1 ++#define HAVE_ALIGNED_MALLOC 0 ++#define HAVE_ARC4RANDOM_BUF 1 ++#define HAVE_CLOCK_GETTIME 1 ++#define HAVE_CLOSESOCKET 0 ++#define HAVE_COMMANDLINETOARGVW 0 ++#define HAVE_ELF_AUX_INFO 0 ++#define HAVE_FCNTL 1 ++#define HAVE_GETADDRINFO 1 ++#define HAVE_GETAUXVAL 0 ++#define HAVE_GETENV 1 ++#define HAVE_GETHRTIME 0 ++#define HAVE_GETOPT 1 ++#define HAVE_GETMODULEHANDLE 0 ++#define HAVE_GETPROCESSAFFINITYMASK 0 ++#define HAVE_GETPROCESSMEMORYINFO 0 ++#define HAVE_GETPROCESSTIMES 0 ++#define HAVE_GETRUSAGE 1 ++#define HAVE_GETSTDHANDLE 0 ++#define HAVE_GETSYSTEMTIMEASFILETIME 0 ++#define HAVE_GETTIMEOFDAY 1 ++#define HAVE_GLOB 1 ++#define HAVE_GLXGETPROCADDRESS 0 ++#define HAVE_GMTIME_R 1 ++#define HAVE_INET_ATON 1 ++#define HAVE_ISATTY 1 ++#define HAVE_KBHIT 0 ++#define HAVE_LOCALTIME_R 1 ++#define HAVE_LSTAT 1 ++#define HAVE_LZO1X_999_COMPRESS 0 ++#define HAVE_MACH_ABSOLUTE_TIME 0 ++#define HAVE_MAPVIEWOFFILE 0 ++#define HAVE_MEMALIGN 0 ++#define HAVE_MKSTEMP 1 ++#define HAVE_MMAP 1 ++#define HAVE_MPROTECT 1 ++#define HAVE_NANOSLEEP 1 ++#define HAVE_PEEKNAMEDPIPE 0 ++#define HAVE_POSIX_MEMALIGN 1 ++#define HAVE_PRCTL 0 ++#define HAVE_PTHREAD_CANCEL 1 ++#define HAVE_PTHREAD_SET_NAME_NP 0 ++#define HAVE_PTHREAD_SETNAME_NP 1 ++#define HAVE_SCHED_GETAFFINITY 0 ++#define HAVE_SECITEMIMPORT 0 ++#define HAVE_SETCONSOLETEXTATTRIBUTE 0 ++#define HAVE_SETCONSOLECTRLHANDLER 0 ++#define HAVE_SETDLLDIRECTORY 0 ++#define HAVE_SETMODE 0 ++#define HAVE_SETRLIMIT 1 ++#define HAVE_SLEEP 0 ++#define HAVE_STRERROR_R 1 ++#define HAVE_SYSCONF 1 ++#define HAVE_SYSCTL 1 ++#define HAVE_SYSCTLBYNAME 1 ++#define HAVE_TEMPNAM 1 ++#define HAVE_USLEEP 1 ++#define HAVE_UTGETOSTYPEFROMSTRING 0 ++#define HAVE_VIRTUALALLOC 0 ++#define HAVE_WGLGETPROCADDRESS 0 ++#define HAVE_BCRYPT 0 ++#define HAVE_VAAPI_DRM 0 ++#define HAVE_VAAPI_X11 0 ++#define HAVE_VAAPI_WIN32 0 ++#define HAVE_VDPAU_X11 0 ++#define HAVE_PTHREADS 1 ++#define HAVE_OS2THREADS 0 ++#define HAVE_W32THREADS 0 ++#define HAVE_AS_ARCH_DIRECTIVE 0 ++#define HAVE_AS_ARCHEXT_DOTPROD_DIRECTIVE 0 ++#define HAVE_AS_ARCHEXT_I8MM_DIRECTIVE 0 ++#define HAVE_AS_DN_DIRECTIVE 0 ++#define HAVE_AS_FPU_DIRECTIVE 0 ++#define HAVE_AS_FUNC 0 ++#define HAVE_AS_OBJECT_ARCH 0 ++#define HAVE_ASM_MOD_Q 0 ++#define HAVE_BLOCKS_EXTENSION 0 ++#define HAVE_EBP_AVAILABLE 0 ++#define HAVE_EBX_AVAILABLE 0 ++#define HAVE_GNU_AS 0 ++#define HAVE_GNU_WINDRES 0 ++#define HAVE_IBM_ASM 0 ++#define HAVE_INLINE_ASM_DIRECT_SYMBOL_REFS 0 ++#define HAVE_INLINE_ASM_LABELS 1 ++#define HAVE_INLINE_ASM_NONLOCAL_LABELS 1 ++#define HAVE_PRAGMA_DEPRECATED 1 ++#define HAVE_SYMVER_ASM_LABEL 0 ++#define HAVE_SYMVER_GNU_ASM 1 ++#define HAVE_VFP_ARGS 0 ++#define HAVE_XFORM_ASM 0 ++#define HAVE_XMM_CLOBBERS 0 ++#define HAVE_DPI_AWARENESS_CONTEXT 0 ++#define HAVE_IDXGIOUTPUT5 0 ++#define HAVE_KCMVIDEOCODECTYPE_HEVC 0 ++#define HAVE_KCMVIDEOCODECTYPE_HEVCWITHALPHA 0 ++#define HAVE_KCMVIDEOCODECTYPE_VP9 0 ++#define HAVE_KCVPIXELFORMATTYPE_420YPCBCR10BIPLANARVIDEORANGE 0 ++#define HAVE_KCVPIXELFORMATTYPE_422YPCBCR8BIPLANARVIDEORANGE 0 ++#define HAVE_KCVPIXELFORMATTYPE_422YPCBCR10BIPLANARVIDEORANGE 0 ++#define HAVE_KCVPIXELFORMATTYPE_422YPCBCR16BIPLANARVIDEORANGE 0 ++#define HAVE_KCVPIXELFORMATTYPE_444YPCBCR8BIPLANARVIDEORANGE 0 ++#define HAVE_KCVPIXELFORMATTYPE_444YPCBCR10BIPLANARVIDEORANGE 0 ++#define HAVE_KCVPIXELFORMATTYPE_444YPCBCR16BIPLANARVIDEORANGE 0 ++#define HAVE_KCVIMAGEBUFFERTRANSFERFUNCTION_SMPTE_ST_2084_PQ 0 ++#define HAVE_KCVIMAGEBUFFERTRANSFERFUNCTION_ITU_R_2100_HLG 0 ++#define HAVE_KCVIMAGEBUFFERTRANSFERFUNCTION_LINEAR 0 ++#define HAVE_KCVIMAGEBUFFERYCBCRMATRIX_ITU_R_2020 0 ++#define HAVE_KCVIMAGEBUFFERCOLORPRIMARIES_ITU_R_2020 0 ++#define HAVE_KCVIMAGEBUFFERTRANSFERFUNCTION_ITU_R_2020 0 ++#define HAVE_KCVIMAGEBUFFERTRANSFERFUNCTION_SMPTE_ST_428_1 0 ++#define HAVE_SOCKLEN_T 1 ++#define HAVE_STRUCT_ADDRINFO 1 ++#define HAVE_STRUCT_GROUP_SOURCE_REQ 0 ++#define HAVE_STRUCT_IP_MREQ_SOURCE 0 ++#define HAVE_STRUCT_IPV6_MREQ 1 ++#define HAVE_STRUCT_MSGHDR_MSG_FLAGS 1 ++#define HAVE_STRUCT_POLLFD 1 ++#define HAVE_STRUCT_RUSAGE_RU_MAXRSS 1 ++#define HAVE_STRUCT_SCTP_EVENT_SUBSCRIBE 1 ++#define HAVE_STRUCT_SOCKADDR_IN6 1 ++#define HAVE_STRUCT_SOCKADDR_SA_LEN 1 ++#define HAVE_STRUCT_SOCKADDR_STORAGE 1 ++#define HAVE_STRUCT_STAT_ST_MTIM_TV_NSEC 1 ++#define HAVE_STRUCT_V4L2_FRMIVALENUM_DISCRETE 1 ++#define HAVE_STRUCT_MFXCONFIGINTERFACE 0 ++#define HAVE_GZIP 1 ++#define HAVE_LIBDRM_GETFB2 0 ++#define HAVE_MAKEINFO 1 ++#define HAVE_MAKEINFO_HTML 0 ++#define HAVE_OPENCL_D3D11 0 ++#define HAVE_OPENCL_DRM_ARM 0 ++#define HAVE_OPENCL_DRM_BEIGNET 0 ++#define HAVE_OPENCL_DXVA2 0 ++#define HAVE_OPENCL_VAAPI_BEIGNET 0 ++#define HAVE_OPENCL_VAAPI_INTEL_MEDIA 0 ++#define HAVE_OPENCL_VIDEOTOOLBOX 0 ++#define HAVE_PERL 1 ++#define HAVE_POD2MAN 1 ++#define HAVE_POSIX_IOCTL 0 ++#define HAVE_TEXI2HTML 1 ++#define HAVE_XMLLINT 1 ++#define HAVE_ZLIB_GZIP 0 ++#define HAVE_OPENVINO2 0 ++#define CONFIG_DOC 0 ++#define CONFIG_HTMLPAGES 1 ++#define CONFIG_MANPAGES 1 ++#define CONFIG_PODPAGES 1 ++#define CONFIG_TXTPAGES 1 ++#define CONFIG_AVIO_HTTP_SERVE_FILES_EXAMPLE 1 ++#define CONFIG_AVIO_LIST_DIR_EXAMPLE 1 ++#define CONFIG_AVIO_READ_CALLBACK_EXAMPLE 1 ++#define CONFIG_DECODE_AUDIO_EXAMPLE 1 ++#define CONFIG_DECODE_FILTER_AUDIO_EXAMPLE 0 ++#define CONFIG_DECODE_FILTER_VIDEO_EXAMPLE 0 ++#define CONFIG_DECODE_VIDEO_EXAMPLE 1 ++#define CONFIG_DEMUX_DECODE_EXAMPLE 0 ++#define CONFIG_ENCODE_AUDIO_EXAMPLE 1 ++#define CONFIG_ENCODE_VIDEO_EXAMPLE 1 ++#define CONFIG_EXTRACT_MVS_EXAMPLE 0 ++#define CONFIG_FILTER_AUDIO_EXAMPLE 0 ++#define CONFIG_HW_DECODE_EXAMPLE 0 ++#define CONFIG_MUX_EXAMPLE 0 ++#define CONFIG_QSV_DECODE_EXAMPLE 0 ++#define CONFIG_REMUX_EXAMPLE 0 ++#define CONFIG_RESAMPLE_AUDIO_EXAMPLE 0 ++#define CONFIG_SCALE_VIDEO_EXAMPLE 0 ++#define CONFIG_SHOW_METADATA_EXAMPLE 0 ++#define CONFIG_TRANSCODE_AAC_EXAMPLE 0 ++#define CONFIG_TRANSCODE_EXAMPLE 0 ++#define CONFIG_VAAPI_ENCODE_EXAMPLE 0 ++#define CONFIG_VAAPI_TRANSCODE_EXAMPLE 0 ++#define CONFIG_QSV_TRANSCODE_EXAMPLE 0 ++#define CONFIG_AVISYNTH 0 ++#define CONFIG_FREI0R 0 ++#define CONFIG_LIBCDIO 0 ++#define CONFIG_LIBDAVS2 0 ++#define CONFIG_LIBDVDNAV 0 ++#define CONFIG_LIBDVDREAD 0 ++#define CONFIG_LIBRUBBERBAND 0 ++#define CONFIG_LIBVIDSTAB 0 ++#define CONFIG_LIBX264 0 ++#define CONFIG_LIBX265 0 ++#define CONFIG_LIBXAVS 0 ++#define CONFIG_LIBXAVS2 0 ++#define CONFIG_LIBXVID 0 ++#define CONFIG_DECKLINK 0 ++#define CONFIG_LIBFDK_AAC 0 ++#define CONFIG_LIBTLS 0 ++#define CONFIG_GMP 0 ++#define CONFIG_LIBARIBB24 0 ++#define CONFIG_LIBLENSFUN 0 ++#define CONFIG_LIBOPENCORE_AMRNB 0 ++#define CONFIG_LIBOPENCORE_AMRWB 0 ++#define CONFIG_LIBVO_AMRWBENC 0 ++#define CONFIG_MBEDTLS 0 ++#define CONFIG_RKMPP 0 ++#define CONFIG_LIBSMBCLIENT 0 ++#define CONFIG_CHROMAPRINT 0 ++#define CONFIG_GCRYPT 0 ++#define CONFIG_GNUTLS 0 ++#define CONFIG_JNI 0 ++#define CONFIG_LADSPA 0 ++#define CONFIG_LCMS2 0 ++#define CONFIG_LIBAOM 0 ++#define CONFIG_LIBARIBCAPTION 0 ++#define CONFIG_LIBASS 0 ++#define CONFIG_LIBBLURAY 0 ++#define CONFIG_LIBBS2B 0 ++#define CONFIG_LIBCACA 0 ++#define CONFIG_LIBCELT 0 ++#define CONFIG_LIBCODEC2 0 ++#define CONFIG_LIBDAV1D 0 ++#define CONFIG_LIBDC1394 0 ++#define CONFIG_LIBFLITE 0 ++#define CONFIG_LIBFONTCONFIG 0 ++#define CONFIG_LIBFREETYPE 0 ++#define CONFIG_LIBFRIBIDI 0 ++#define CONFIG_LIBHARFBUZZ 0 ++#define CONFIG_LIBGLSLANG 0 ++#define CONFIG_LIBGME 0 ++#define CONFIG_LIBGSM 0 ++#define CONFIG_LIBIEC61883 0 ++#define CONFIG_LIBILBC 0 ++#define CONFIG_LIBJACK 0 ++#define CONFIG_LIBJXL 0 ++#define CONFIG_LIBKLVANC 0 ++#define CONFIG_LIBKVAZAAR 0 ++#define CONFIG_LIBLC3 0 ++#define CONFIG_LIBLCEVC_DEC 0 ++#define CONFIG_LIBMODPLUG 0 ++#define CONFIG_LIBMP3LAME 0 ++#define CONFIG_LIBMYSOFA 0 ++#define CONFIG_LIBOPENCV 0 ++#define CONFIG_LIBOPENH264 0 ++#define CONFIG_LIBOPENJPEG 0 ++#define CONFIG_LIBOPENMPT 0 ++#define CONFIG_LIBOPENVINO 0 ++#define CONFIG_LIBOPUS 0 ++#define CONFIG_LIBPLACEBO 0 ++#define CONFIG_LIBPULSE 0 ++#define CONFIG_LIBQRENCODE 0 ++#define CONFIG_LIBQUIRC 0 ++#define CONFIG_LIBRABBITMQ 0 ++#define CONFIG_LIBRAV1E 0 ++#define CONFIG_LIBRIST 0 ++#define CONFIG_LIBRSVG 0 ++#define CONFIG_LIBRTMP 0 ++#define CONFIG_LIBSHADERC 0 ++#define CONFIG_LIBSHINE 0 ++#define CONFIG_LIBSMBCLIENT 0 ++#define CONFIG_LIBSNAPPY 0 ++#define CONFIG_LIBSOXR 0 ++#define CONFIG_LIBSPEEX 0 ++#define CONFIG_LIBSRT 0 ++#define CONFIG_LIBSSH 0 ++#define CONFIG_LIBSVTAV1 0 ++#define CONFIG_LIBTENSORFLOW 0 ++#define CONFIG_LIBTESSERACT 0 ++#define CONFIG_LIBTHEORA 0 ++#define CONFIG_LIBTORCH 0 ++#define CONFIG_LIBTWOLAME 0 ++#define CONFIG_LIBUAVS3D 0 ++#define CONFIG_LIBV4L2 0 ++#define CONFIG_LIBVMAF 0 ++#define CONFIG_LIBVORBIS 0 ++#define CONFIG_LIBVPX 0 ++#define CONFIG_LIBVVENC 0 ++#define CONFIG_LIBWEBP 0 ++#define CONFIG_LIBXEVD 0 ++#define CONFIG_LIBXEVE 0 ++#define CONFIG_LIBXML2 0 ++#define CONFIG_LIBZIMG 0 ++#define CONFIG_LIBZMQ 0 ++#define CONFIG_LIBZVBI 0 ++#define CONFIG_LV2 0 ++#define CONFIG_MEDIACODEC 0 ++#define CONFIG_OPENAL 0 ++#define CONFIG_OPENGL 0 ++#define CONFIG_OPENSSL 0 ++#define CONFIG_POCKETSPHINX 0 ++#define CONFIG_VAPOURSYNTH 0 ++#define CONFIG_ALSA 0 ++#define CONFIG_APPKIT 0 ++#define CONFIG_AVFOUNDATION 0 ++#define CONFIG_BZLIB 0 ++#define CONFIG_COREIMAGE 0 ++#define CONFIG_ICONV 0 ++#define CONFIG_LIBXCB 0 ++#define CONFIG_LIBXCB_SHM 0 ++#define CONFIG_LIBXCB_SHAPE 0 ++#define CONFIG_LIBXCB_XFIXES 0 ++#define CONFIG_LZMA 0 ++#define CONFIG_MEDIAFOUNDATION 0 ++#define CONFIG_METAL 0 ++#define CONFIG_SCHANNEL 0 ++#define CONFIG_SDL2 0 ++#define CONFIG_SECURETRANSPORT 0 ++#define CONFIG_SNDIO 0 ++#define CONFIG_XLIB 0 ++#define CONFIG_ZLIB 0 ++#define CONFIG_CUDA_NVCC 0 ++#define CONFIG_CUDA_SDK 0 ++#define CONFIG_LIBNPP 0 ++#define CONFIG_LIBMFX 0 ++#define CONFIG_LIBVPL 0 ++#define CONFIG_MMAL 0 ++#define CONFIG_OMX 0 ++#define CONFIG_OPENCL 0 ++#define CONFIG_AMF 0 ++#define CONFIG_AUDIOTOOLBOX 0 ++#define CONFIG_CUDA 0 ++#define CONFIG_CUDA_LLVM 0 ++#define CONFIG_CUVID 0 ++#define CONFIG_D3D11VA 0 ++#define CONFIG_D3D12VA 0 ++#define CONFIG_DXVA2 0 ++#define CONFIG_FFNVCODEC 0 ++#define CONFIG_LIBDRM 0 ++#define CONFIG_NVDEC 0 ++#define CONFIG_NVENC 0 ++#define CONFIG_VAAPI 0 ++#define CONFIG_VDPAU 0 ++#define CONFIG_VIDEOTOOLBOX 0 ++#define CONFIG_VULKAN 0 ++#define CONFIG_V4L2_M2M 0 ++#define CONFIG_FTRAPV 0 ++#define CONFIG_GRAY 0 ++#define CONFIG_HARDCODED_TABLES 0 ++#define CONFIG_OMX_RPI 0 ++#define CONFIG_RUNTIME_CPUDETECT 1 ++#define CONFIG_SAFE_BITSTREAM_READER 1 ++#define CONFIG_SHARED 1 ++#define CONFIG_SMALL 0 ++#define CONFIG_STATIC 0 ++#define CONFIG_SWSCALE_ALPHA 1 ++#define CONFIG_GPL 0 ++#define CONFIG_NONFREE 0 ++#define CONFIG_VERSION3 0 ++#define CONFIG_AVDEVICE 0 ++#define CONFIG_AVFILTER 0 ++#define CONFIG_SWSCALE 0 ++#define CONFIG_POSTPROC 0 ++#define CONFIG_AVFORMAT 0 ++#define CONFIG_AVCODEC 1 ++#define CONFIG_SWRESAMPLE 0 ++#define CONFIG_AVUTIL 1 ++#define CONFIG_FFPLAY 0 ++#define CONFIG_FFPROBE 0 ++#define CONFIG_FFMPEG 0 ++#define CONFIG_DWT 0 ++#define CONFIG_ERROR_RESILIENCE 0 ++#define CONFIG_FAAN 1 ++#define CONFIG_FAST_UNALIGNED 0 ++#define CONFIG_IAMF 1 ++#define CONFIG_LSP 0 ++#define CONFIG_PIXELUTILS 0 ++#define CONFIG_NETWORK 0 ++#define CONFIG_AUTODETECT 0 ++#define CONFIG_FONTCONFIG 0 ++#define CONFIG_LARGE_TESTS 1 ++#define CONFIG_LINUX_PERF 0 ++#define CONFIG_MACOS_KPERF 0 ++#define CONFIG_MEMORY_POISONING 0 ++#define CONFIG_NEON_CLOBBER_TEST 0 ++#define CONFIG_OSSFUZZ 0 ++#define CONFIG_PIC 1 ++#define CONFIG_PTX_COMPRESSION 0 ++#define CONFIG_THUMB 0 ++#define CONFIG_VALGRIND_BACKTRACE 0 ++#define CONFIG_XMM_CLOBBER_TEST 0 ++#define CONFIG_BSFS 0 ++#define CONFIG_DECODERS 1 ++#define CONFIG_ENCODERS 0 ++#define CONFIG_HWACCELS 0 ++#define CONFIG_PARSERS 1 ++#define CONFIG_INDEVS 0 ++#define CONFIG_OUTDEVS 0 ++#define CONFIG_FILTERS 0 ++#define CONFIG_DEMUXERS 0 ++#define CONFIG_MUXERS 0 ++#define CONFIG_PROTOCOLS 0 ++#define CONFIG_AANDCTTABLES 0 ++#define CONFIG_AC3DSP 0 ++#define CONFIG_ADTS_HEADER 0 ++#define CONFIG_ATSC_A53 1 ++#define CONFIG_AUDIO_FRAME_QUEUE 0 ++#define CONFIG_AUDIODSP 0 ++#define CONFIG_BLOCKDSP 0 ++#define CONFIG_BSWAPDSP 0 ++#define CONFIG_CABAC 0 ++#define CONFIG_CBS 1 ++#define CONFIG_CBS_AV1 1 ++#define CONFIG_CBS_H264 0 ++#define CONFIG_CBS_H265 0 ++#define CONFIG_CBS_H266 0 ++#define CONFIG_CBS_JPEG 0 ++#define CONFIG_CBS_MPEG2 0 ++#define CONFIG_CBS_VP8 0 ++#define CONFIG_CBS_VP9 0 ++#define CONFIG_D3D12VA_ENCODE 0 ++#define CONFIG_DEFLATE_WRAPPER 0 ++#define CONFIG_DIRAC_PARSE 0 ++#define CONFIG_DNN 0 ++#define CONFIG_DOVI_RPUDEC 1 ++#define CONFIG_DOVI_RPUENC 0 ++#define CONFIG_DVPROFILE 0 ++#define CONFIG_EVCPARSE 0 ++#define CONFIG_EXIF 0 ++#define CONFIG_FAANDCT 1 ++#define CONFIG_FAANIDCT 1 ++#define CONFIG_FDCTDSP 1 ++#define CONFIG_FMTCONVERT 0 ++#define CONFIG_FRAME_THREAD_ENCODER 0 ++#define CONFIG_G722DSP 0 ++#define CONFIG_GOLOMB 1 ++#define CONFIG_GPLV3 0 ++#define CONFIG_H263DSP 0 ++#define CONFIG_H264CHROMA 0 ++#define CONFIG_H264DSP 0 ++#define CONFIG_H264PARSE 0 ++#define CONFIG_H264PRED 1 ++#define CONFIG_H264QPEL 0 ++#define CONFIG_H264_SEI 0 ++#define CONFIG_HEVCPARSE 0 ++#define CONFIG_HEVC_SEI 0 ++#define CONFIG_HPELDSP 0 ++#define CONFIG_HUFFMAN 0 ++#define CONFIG_HUFFYUVDSP 0 ++#define CONFIG_HUFFYUVENCDSP 0 ++#define CONFIG_IAMFDEC 0 ++#define CONFIG_IAMFENC 0 ++#define CONFIG_IDCTDSP 1 ++#define CONFIG_IIRFILTER 0 ++#define CONFIG_INFLATE_WRAPPER 0 ++#define CONFIG_INTRAX8 0 ++#define CONFIG_ISO_MEDIA 0 ++#define CONFIG_ISO_WRITER 0 ++#define CONFIG_IVIDSP 0 ++#define CONFIG_JPEGTABLES 0 ++#define CONFIG_LGPLV3 0 ++#define CONFIG_LIBX262 0 ++#define CONFIG_LIBX264_HDR10 0 ++#define CONFIG_LLAUDDSP 0 ++#define CONFIG_LLVIDDSP 0 ++#define CONFIG_LLVIDENCDSP 0 ++#define CONFIG_LPC 0 ++#define CONFIG_LZF 0 ++#define CONFIG_ME_CMP 0 ++#define CONFIG_MPEG_ER 0 ++#define CONFIG_MPEGAUDIO 1 ++#define CONFIG_MPEGAUDIODSP 1 ++#define CONFIG_MPEGAUDIOHEADER 1 ++#define CONFIG_MPEG4AUDIO 0 ++#define CONFIG_MPEGVIDEO 0 ++#define CONFIG_MPEGVIDEODEC 0 ++#define CONFIG_MPEGVIDEOENC 0 ++#define CONFIG_MSMPEG4DEC 0 ++#define CONFIG_MSMPEG4ENC 0 ++#define CONFIG_MSS34DSP 0 ++#define CONFIG_PIXBLOCKDSP 0 ++#define CONFIG_QPELDSP 0 ++#define CONFIG_QSV 0 ++#define CONFIG_QSVDEC 0 ++#define CONFIG_QSVENC 0 ++#define CONFIG_QSVVPP 0 ++#define CONFIG_RANGECODER 0 ++#define CONFIG_RIFFDEC 0 ++#define CONFIG_RIFFENC 0 ++#define CONFIG_RTPDEC 0 ++#define CONFIG_RTPENC_CHAIN 0 ++#define CONFIG_RV34DSP 0 ++#define CONFIG_SCENE_SAD 0 ++#define CONFIG_SINEWIN 0 ++#define CONFIG_SNAPPY 0 ++#define CONFIG_SRTP 0 ++#define CONFIG_STARTCODE 0 ++#define CONFIG_TEXTUREDSP 0 ++#define CONFIG_TEXTUREDSPENC 0 ++#define CONFIG_TPELDSP 0 ++#define CONFIG_VAAPI_1 0 ++#define CONFIG_VAAPI_ENCODE 0 ++#define CONFIG_VC1DSP 0 ++#define CONFIG_VIDEODSP 1 ++#define CONFIG_VP3DSP 0 ++#define CONFIG_VP56DSP 0 ++#define CONFIG_VP8DSP 1 ++#define CONFIG_VULKAN_ENCODE 0 ++#define CONFIG_WMA_FREQS 0 ++#define CONFIG_WMV2DSP 0 ++#endif /* FFMPEG_CONFIG_H */ From f0bcab791c032fd57ca67ee13519844435d4b4c0 Mon Sep 17 00:00:00 2001 From: bsiegert Date: Tue, 25 Nov 2025 08:38:58 +0000 Subject: [PATCH 40/49] Pullup tickets #7033 and #7034 --- doc/CHANGES-pkgsrc-2025Q3 | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/doc/CHANGES-pkgsrc-2025Q3 b/doc/CHANGES-pkgsrc-2025Q3 index 8b977fb8eb84..d3393cf9281f 100644 --- a/doc/CHANGES-pkgsrc-2025Q3 +++ b/doc/CHANGES-pkgsrc-2025Q3 @@ -1,4 +1,4 @@ -$NetBSD: CHANGES-pkgsrc-2025Q3,v 1.1.2.12 2025/11/21 08:44:23 bsiegert Exp $ +$NetBSD: CHANGES-pkgsrc-2025Q3,v 1.1.2.13 2025/11/25 08:38:58 bsiegert Exp $ Changes to packages and infrastructure on the pkgsrc-2025Q3 branch: @@ -80,3 +80,9 @@ www/squid7: Bug fix Pullup ticket #7032 - requested by nia security/pkcs11-helper: security fix +Pullup ticket #7033 - requested by wiz +misc/libreoffice: build fix + +Pullup ticket #7034 - requested by nia +www/palemoon: sparc64 build fix + From 4fb0375f891eefe3383f22399eecfa7da7dc7a8a Mon Sep 17 00:00:00 2001 From: maya Date: Sat, 6 Dec 2025 21:36:04 +0000 Subject: [PATCH 41/49] Pullup ticket #7035 - requested by bsiegert graphics/png: Security fix Revisions pulled up: - graphics/png/Makefile 1.215-1.216 - graphics/png/distinfo 1.160-1.161 --- Module Name: pkgsrc Committed By: wiz Date: Sat Nov 22 07:06:11 UTC 2025 Modified Files: pkgsrc/graphics/png: Makefile distinfo Log Message: png: update to 1.6.51. Version 1.6.51 [November 21, 2025] Fixed CVE-2025-64505 (moderate severity): Heap buffer overflow in `png_do_quantize` via malformed palette index. (Reported by Samsung; analyzed by Fabio Gritti.) Fixed CVE-2025-64506 (moderate severity): Heap buffer over-read in `png_write_image_8bit` with 8-bit input and `convert_to_8bit` enabled. (Reported by Samsung and ; analyzed by Fabio Gritti.) Fixed CVE-2025-64720 (high severity): Buffer overflow in `png_image_read_composite` via incorrect palette premultiplication. (Reported by Samsung; analyzed by John Bowler.) Fixed CVE-2025-65018 (high severity): Heap buffer overflow in `png_combine_row` triggered via `png_image_finish_read`. (Reported by .) Fixed a memory leak in `png_set_quantize`. (Reported by Samsung; analyzed by Fabio Gritti.) Removed the experimental and incomplete ERROR_NUMBERS code. (Contributed by Tobias Stoeckmann.) Improved the RISC-V vector extension support; required RVV 1.0 or newer. (Contributed by Filip Wasil.) Added GitHub Actions workflows for automated testing. Performed various refactorings and cleanups. --- Module Name: pkgsrc Committed By: wiz Date: Wed Dec 3 23:11:32 UTC 2025 Modified Files: pkgsrc/graphics/png: Makefile distinfo Log Message: png: update to 1.6.52. Security fix release. Version 1.6.52 [December 3, 2025] Fixed CVE-2025-66293 (high severity): Out-of-bounds read in `png_image_read_composite`. (Reported by flyfish101 .) Fixed the Paeth filter handling in the RISC-V RVV implementation. (Reported by Filip Wasil; fixed by Liang Junzhao.) Improved the performance of the RISC-V RVV implementation. (Contributed by Liang Junzhao.) Added allocation failure fuzzing to oss-fuzz. (Contributed by Philippe Antoine.) --- graphics/png/Makefile | 4 ++-- graphics/png/distinfo | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/graphics/png/Makefile b/graphics/png/Makefile index 53a7b8560c80..a49426016d85 100644 --- a/graphics/png/Makefile +++ b/graphics/png/Makefile @@ -1,6 +1,6 @@ -# $NetBSD: Makefile,v 1.214 2025/07/03 13:15:49 wiz Exp $ +# $NetBSD: Makefile,v 1.214.2.1 2025/12/06 21:36:04 maya Exp $ -DISTNAME= libpng-1.6.50 +DISTNAME= libpng-1.6.52 PKGNAME= ${DISTNAME:S/lib//} CATEGORIES= graphics MASTER_SITES+= ${MASTER_SITE_SOURCEFORGE:=libpng/} diff --git a/graphics/png/distinfo b/graphics/png/distinfo index fe070601bd4d..07920770a281 100644 --- a/graphics/png/distinfo +++ b/graphics/png/distinfo @@ -1,10 +1,10 @@ -$NetBSD: distinfo,v 1.159 2025/07/03 13:15:49 wiz Exp $ +$NetBSD: distinfo,v 1.159.2.1 2025/12/06 21:36:04 maya Exp $ BLAKE2s (apng-20250220.patch) = 456a8fcead8bb3fd29936de9a6288bef6769026ff2c955371db0c2098548d68b SHA512 (apng-20250220.patch) = 120ac618b60d5e1ff2406d241e4ddc2c1893978653adcf462ce394ce3b6b2e5847545e04b0fcb20aab563a1546017ce622d1d2dd14f89d1d594130d626f1e6eb Size (apng-20250220.patch) = 49281 bytes -BLAKE2s (libpng-1.6.50.tar.xz) = bebe99204ef8ba7b90b8f9961c0a788ffaa11a8ff3344afd9d2de85ab700cfed -SHA512 (libpng-1.6.50.tar.xz) = 05adc94ef532bbddaae46e087088a23236e6528fd3fc705c8edfb5ff293983b790d4361d6b20c20df73632a9fbe55d2f394296385cd8efd646f58393ff21257d -Size (libpng-1.6.50.tar.xz) = 1060992 bytes +BLAKE2s (libpng-1.6.52.tar.xz) = 972ef470292507fcc7df75720624d86a66360b1d3751ebf8e5750cbcdcfd60ca +SHA512 (libpng-1.6.52.tar.xz) = 2bb1318f36712fc007613373a44a3276b4ed129b51b908464d9577ea9704d3caa469ec5bc7ebfb8b1de57ba3998c0b3375cd105054011ec54c21e9f208ec3c8b +Size (libpng-1.6.52.tar.xz) = 1063580 bytes SHA1 (patch-libpng-config.in) = 04f8d6af31114017ce9d1280e62f1768c35c289d SHA1 (patch-pngpriv.h) = 16f80df18a2f58eec784e2d821e8bb93c3e81747 From 946a42b919462cbd18f1ad8cc260431582860b7b Mon Sep 17 00:00:00 2001 From: maya Date: Sat, 6 Dec 2025 21:36:38 +0000 Subject: [PATCH 42/49] doc: update for ticket 7035 --- doc/CHANGES-pkgsrc-2025Q3 | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/doc/CHANGES-pkgsrc-2025Q3 b/doc/CHANGES-pkgsrc-2025Q3 index d3393cf9281f..fee312640dee 100644 --- a/doc/CHANGES-pkgsrc-2025Q3 +++ b/doc/CHANGES-pkgsrc-2025Q3 @@ -1,4 +1,4 @@ -$NetBSD: CHANGES-pkgsrc-2025Q3,v 1.1.2.13 2025/11/25 08:38:58 bsiegert Exp $ +$NetBSD: CHANGES-pkgsrc-2025Q3,v 1.1.2.14 2025/12/06 21:36:38 maya Exp $ Changes to packages and infrastructure on the pkgsrc-2025Q3 branch: @@ -86,3 +86,5 @@ misc/libreoffice: build fix Pullup ticket #7034 - requested by nia www/palemoon: sparc64 build fix +Pullup ticket #7035 - requested by bsiegert +graphics/png: Security fix From c9d0ae44575c3d94fe0f54c0d46fc4e95675ff4b Mon Sep 17 00:00:00 2001 From: maya Date: Fri, 12 Dec 2025 15:50:22 +0000 Subject: [PATCH 43/49] Pullup ticket #7036 - requested by roy net/openresolv: Security fix Revisions pulled up: - net/openresolv/Makefile 1.40 - net/openresolv/distinfo 1.34 --- Module Name: pkgsrc Committed By: roy Date: Wed Dec 10 22:11:47 UTC 2025 Modified Files: pkgsrc/net/openresolv: Makefile distinfo Log Message: Import openresolv-3.17.1 with the following changes: resolvconf: Single quote parsed values from resolv.conf When parsing resolv.conf entries we build up shell variables. Because this is done via a pipe, we need to echo the variables to stdout and eval the result to get them into the main resolvconf. We have no idea what the values are, so we build up the output ensuring the parsed value is single quoted so eval will always interpret it as a string and nothing more. This avoids an attack like so: `echo 'search $(touch /tmp/foo)' | resolvconf -a bar` --- net/openresolv/Makefile | 4 ++-- net/openresolv/distinfo | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/net/openresolv/Makefile b/net/openresolv/Makefile index fda498102232..6ea7d01f4af5 100644 --- a/net/openresolv/Makefile +++ b/net/openresolv/Makefile @@ -1,6 +1,6 @@ -# $NetBSD: Makefile,v 1.39 2025/05/15 12:51:38 roy Exp $ +# $NetBSD: Makefile,v 1.39.4.1 2025/12/12 15:50:22 maya Exp $ -DISTNAME= openresolv-3.16.5 +DISTNAME= openresolv-3.17.1 CATEGORIES= net MASTER_SITES= ${MASTER_SITE_GITHUB:=NetworkConfiguration/} GITHUB_PROJECT= openresolv diff --git a/net/openresolv/distinfo b/net/openresolv/distinfo index f2245584b8f5..7c793affe660 100644 --- a/net/openresolv/distinfo +++ b/net/openresolv/distinfo @@ -1,5 +1,5 @@ -$NetBSD: distinfo,v 1.33 2025/05/15 12:51:38 roy Exp $ +$NetBSD: distinfo,v 1.33.4.1 2025/12/12 15:50:22 maya Exp $ -BLAKE2s (openresolv-3.16.5.tar.xz) = 17cbf1b60373b2664f5c7ccc3752b94121bcf14efd2185763743665c94c73262 -SHA512 (openresolv-3.16.5.tar.xz) = cebf5a7bb6aa22a96293ad0cf8273b2da6564f9a72cfe0d9cc0d09c6a8c3b60e7a8e8ee7876dcc7c66bb4a1606bdf5c3c73b3ed89bb0500598c3738b177948d0 -Size (openresolv-3.16.5.tar.xz) = 25436 bytes +BLAKE2s (openresolv-3.17.1.tar.xz) = c04e8c343e51fb65ab01d1d4498deff5c23b1a4afb5fc946767f370684fc52eb +SHA512 (openresolv-3.17.1.tar.xz) = b9870448a1dc2096fdccba0525471272157cf315db7497e3ab617678b4e7fc58fff212005179c3ade03982c8581c4b0144a7289f3b0309619d666fed9d885608 +Size (openresolv-3.17.1.tar.xz) = 25452 bytes From 4a7f32123297503fd2cab65425b44a97c14f3e4c Mon Sep 17 00:00:00 2001 From: maya Date: Fri, 12 Dec 2025 15:50:54 +0000 Subject: [PATCH 44/49] doc: update for ticket 7036 --- doc/CHANGES-pkgsrc-2025Q3 | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/doc/CHANGES-pkgsrc-2025Q3 b/doc/CHANGES-pkgsrc-2025Q3 index fee312640dee..197d9efac81c 100644 --- a/doc/CHANGES-pkgsrc-2025Q3 +++ b/doc/CHANGES-pkgsrc-2025Q3 @@ -1,4 +1,4 @@ -$NetBSD: CHANGES-pkgsrc-2025Q3,v 1.1.2.14 2025/12/06 21:36:38 maya Exp $ +$NetBSD: CHANGES-pkgsrc-2025Q3,v 1.1.2.15 2025/12/12 15:50:54 maya Exp $ Changes to packages and infrastructure on the pkgsrc-2025Q3 branch: @@ -88,3 +88,6 @@ www/palemoon: sparc64 build fix Pullup ticket #7035 - requested by bsiegert graphics/png: Security fix + +Pullup ticket #7036 - requested by roy +net/openresolv: Security fix From 0ac6153c5bb40d34a8be9c765f0a4e80b248fa47 Mon Sep 17 00:00:00 2001 From: maya Date: Sun, 14 Dec 2025 20:03:58 +0000 Subject: [PATCH 45/49] Pullup ticket #7037 - requested by bsiegert mail/opensmtpd: Security fix Revisions pulled up: - mail/opensmtpd/Makefile 1.36 - mail/opensmtpd/distinfo 1.15 - mail/opensmtpd/patches/patch-openbsd-compat_libtls_tls.c 1.1 - mail/opensmtpd/patches/patch-usr.sbin_smtpd_smtp__session.c 1.2 --- Module Name: pkgsrc Committed By: vins Date: Sun Nov 2 20:13:39 UTC 2025 Modified Files: pkgsrc/mail/opensmtpd: Makefile distinfo pkgsrc/mail/opensmtpd/patches: patch-usr.sbin_smtpd_smtp__session.c Added Files: pkgsrc/mail/opensmtpd/patches: patch-openbsd-compat_libtls_tls.c Log Message: mail/opensmtpd: update to 7.8.0p0 # pkgsrc changes * Depend on openssl instead of libretls, since apparently OpenSMTPD forces built-in libtls since 7.7.0. # upstream changes - Don't reject single character AUTH PLAIN passwords. - Fix address family typo (PF_INET->PF_INET6). - Various documentation improvements. - Removed support for world-writable mail spools. - Updated contrib mail.local and lockspool. - Don't die if garbage is being sent on the local socket. This release includes the OpenBSD errata 005 which fixes CVE-2025-62875. --- mail/opensmtpd/Makefile | 11 +++--- mail/opensmtpd/distinfo | 11 +++--- .../patches/patch-openbsd-compat_libtls_tls.c | 20 +++++++++++ .../patch-usr.sbin_smtpd_smtp__session.c | 34 +++++++------------ 4 files changed, 43 insertions(+), 33 deletions(-) create mode 100644 mail/opensmtpd/patches/patch-openbsd-compat_libtls_tls.c diff --git a/mail/opensmtpd/Makefile b/mail/opensmtpd/Makefile index ab4cb876558f..9feaf1f2b774 100644 --- a/mail/opensmtpd/Makefile +++ b/mail/opensmtpd/Makefile @@ -1,8 +1,7 @@ -# $NetBSD: Makefile,v 1.35 2025/09/13 16:26:01 vins Exp $ +# $NetBSD: Makefile,v 1.35.2.1 2025/12/14 20:03:58 maya Exp $ -VERSION= 7.7.0p0 +VERSION= 7.8.0p0 DISTNAME= opensmtpd-${VERSION} -PKGREVISION= 2 CATEGORIES= mail net MASTER_SITES= https://www.opensmtpd.org/archives/ @@ -18,7 +17,7 @@ SMTPD_QUEUE= _smtpq GNU_CONFIGURE= yes USE_DB185= yes USE_LIBTOOL= yes -USE_TOOLS+= awk pkg-config yacc +USE_TOOLS+= awk groff pkg-config yacc USE_TOOLS+= automake aclocal autoheader autoconf pkg-config CHECK_BUILTIN.openssl:= yes @@ -87,7 +86,7 @@ SUBST_MESSAGE.pkgsrc= Replacing pkgsrc placeholders. SUBST_CLASSES+= paths SUBST_STAGE.paths= pre-configure SUBST_MESSAGE.paths= Fixing hard-coded paths. -SUBST_FILES.paths+= configure mk/smtpd/Makefile.am usr.sbin/smtpd/smtpd.conf \ +SUBST_FILES.paths+= mk/smtpd/Makefile.am usr.sbin/smtpd/smtpd.conf \ usr.sbin/smtpd/smtpd.h usr.sbin/smtpd/smtpd.8 \ usr.sbin/smtpd/smtpd.conf.5 usr.sbin/smtpd/aliases.5 \ usr.sbin/smtpd/makemap.8 usr.sbin/smtpd/newaliases.8 @@ -125,6 +124,6 @@ doc-install: .include "../../devel/libevent/buildlink3.mk" .include "../../devel/zlib/buildlink3.mk" .include "../../net/libasr/buildlink3.mk" -.include "../../security/libretls/buildlink3.mk" +.include "../../security/openssl/buildlink3.mk" .include "../../mk/dlopen.buildlink3.mk" .include "../../mk/bsd.pkg.mk" diff --git a/mail/opensmtpd/distinfo b/mail/opensmtpd/distinfo index 7326d351b921..9aa08e996c97 100644 --- a/mail/opensmtpd/distinfo +++ b/mail/opensmtpd/distinfo @@ -1,14 +1,15 @@ -$NetBSD: distinfo,v 1.14 2025/09/13 16:26:01 vins Exp $ +$NetBSD: distinfo,v 1.14.2.1 2025/12/14 20:03:58 maya Exp $ -BLAKE2s (opensmtpd-7.7.0p0.tar.gz) = a51ecac58934e880c4d006d536ae4adb011b1121cbd55f53420362fac61740a7 -SHA512 (opensmtpd-7.7.0p0.tar.gz) = 6a46a93bc0689603250376e414fc481fd5997c2bc7fc4e12d1522a9f4a2cad610f1c9452e9501b077e3ba2219a253e693160540fcfba595da8f68349bf795b92 -Size (opensmtpd-7.7.0p0.tar.gz) = 978481 bytes +BLAKE2s (opensmtpd-7.8.0p0.tar.gz) = 81e58867f8b5685ae8b4d8abb0e4b152fca68b6dfd82387390cd10cde9b134c9 +SHA512 (opensmtpd-7.8.0p0.tar.gz) = ef4233909497c604c5c3de18c5ff50ee1e04f417d6ef0e6def3ebef214acee3a63306b27f5c7eab00992e24f3a7f2b2f2748fee2e535b3b291e194f1b8bd8652 +Size (opensmtpd-7.8.0p0.tar.gz) = 744995 bytes SHA1 (patch-configure.ac) = ff6534e28ecba1de479660a00340600feefd5d7e SHA1 (patch-contrib_libexec_mail.local_mail.local.c) = bec19540fa52c7c6596ab5923f3a67b334ddf168 SHA1 (patch-mk_smtpd_Makefile.am) = cc3f82922e3e56bc0205085f7e311f2beeda7fc4 SHA1 (patch-openbsd-compat_getpeereid.c) = 8d60140bffcabb6accf9b7bbe0f419c2c25d352d SHA1 (patch-openbsd-compat_imsg-buffer.c) = 4b6861eec3461a192e20aa2daba4d74bd2659339 SHA1 (patch-openbsd-compat_imsg.c) = 762b2ae2362716947ea007fa229e9e31fa6d08f3 +SHA1 (patch-openbsd-compat_libtls_tls.c) = 09b9ab78709e8989b86843a5ddc24a0a7231c604 SHA1 (patch-usr.sbin_smtpd_proxy.c) = 895d3e9532bf53dcdb7a52825043acacac51b378 SHA1 (patch-usr.sbin_smtpd_queue__fs.c) = f40d5be4c05d8d54f7368af8d20f4ee007860dc7 -SHA1 (patch-usr.sbin_smtpd_smtp__session.c) = 565b1df1a6d4d3c5ee786f4501c1cd73992f2d3e +SHA1 (patch-usr.sbin_smtpd_smtp__session.c) = d153c13e56b1bae8a6e07ca62ed2f5428a3be2fc diff --git a/mail/opensmtpd/patches/patch-openbsd-compat_libtls_tls.c b/mail/opensmtpd/patches/patch-openbsd-compat_libtls_tls.c new file mode 100644 index 000000000000..f79cdcb39be0 --- /dev/null +++ b/mail/opensmtpd/patches/patch-openbsd-compat_libtls_tls.c @@ -0,0 +1,20 @@ +$NetBSD: patch-openbsd-compat_libtls_tls.c,v 1.1.2.2 2025/12/14 20:03:58 maya Exp $ + +Use the correct OpenSSL idiom to load the trust store. + +--- openbsd-compat/libtls/tls.c.orig 2025-07-30 20:26:49.614399725 +0000 ++++ openbsd-compat/libtls/tls.c +@@ -635,10 +635,10 @@ tls_configure_ssl_verify(struct tls *ctx + + /* If no CA has been specified, attempt to load the default. */ + if (ctx->config->ca_mem == NULL && ctx->config->ca_path == NULL) { +- if (tls_config_load_file(&ctx->error, "CA", tls_default_ca_cert_file(), +- &ca_mem, &ca_len) != 0) ++ if (!SSL_CTX_set_default_verify_paths(ssl_ctx)) { ++ tls_set_error(ctx, TLS_ERROR_UNKNOWN, "failed to load default trust store"); + goto err; +- ca_free = ca_mem; ++ } + } + + if (ca_mem != NULL) { diff --git a/mail/opensmtpd/patches/patch-usr.sbin_smtpd_smtp__session.c b/mail/opensmtpd/patches/patch-usr.sbin_smtpd_smtp__session.c index 7b92cd5c228d..6351a3558b02 100644 --- a/mail/opensmtpd/patches/patch-usr.sbin_smtpd_smtp__session.c +++ b/mail/opensmtpd/patches/patch-usr.sbin_smtpd_smtp__session.c @@ -1,20 +1,10 @@ -$NetBSD: patch-usr.sbin_smtpd_smtp__session.c,v 1.1 2023/08/24 15:26:40 vins Exp $ +$NetBSD: patch-usr.sbin_smtpd_smtp__session.c,v 1.1.18.1 2025/12/14 20:03:58 maya Exp $ -Add a patch to handle long usernames during SMTP authentication, -e.g. often username exceeds the limit when it contains @host.name -part. +Add a patch to handle long usernames during SMTP authentication. -From FreeBSD's ports. - -cf.http://svnweb.freebsd.org/ports?view=revision&revision=394424 - -For update 6.7.1p1: -Removed hunk to increase buffersize to LOGIN_NAME_MAX+HOST_NAME_MAX+1, -this was already increased upstream to SMTPD_MAXMAILADDRSIZE. - ---- usr.sbin/smtpd/smtp_session.c.orig 2020-05-21 19:06:04.000000000 +0000 +--- usr.sbin/smtpd/smtp_session.c.orig 2025-07-30 20:26:49.764391744 +0000 +++ usr.sbin/smtpd/smtp_session.c -@@ -84,6 +84,7 @@ enum { +@@ -80,6 +80,7 @@ enum { TX_ERROR_ENVELOPE, TX_ERROR_SIZE, TX_ERROR_IO, @@ -22,7 +12,7 @@ this was already increased upstream to SMTPD_MAXMAILADDRSIZE. TX_ERROR_LOOP, TX_ERROR_MALFORMED, TX_ERROR_RESOURCES, -@@ -970,6 +971,15 @@ smtp_session_imsg(struct mproc *p, struc +@@ -962,6 +963,15 @@ smtp_session_imsg(struct mproc *p, struc s = tree_xpop(&wait_parent_auth, reqid); strnvis(user, s->username, sizeof user, VIS_WHITE | VIS_SAFE); @@ -38,16 +28,16 @@ this was already increased upstream to SMTPD_MAXMAILADDRSIZE. if (success == LKA_OK) { log_info("%016"PRIx64" smtp " "authentication user=%s " -@@ -1967,7 +1977,7 @@ smtp_rfc4954_auth_plain(struct smtp_sess - user++; /* skip NUL */ - if (strlcpy(s->username, user, sizeof(s->username)) - >= sizeof(s->username)) +@@ -1964,7 +1974,7 @@ smtp_rfc4954_auth_plain(struct smtp_sess + /* String is not NUL terminated, leave room. */ + if ((len = base64_decode(arg, (unsigned char *)buf, + sizeof(buf) - 1)) == -1) - goto abort; + s->flags |= SF_USERTOOLONG; + /* buf is a byte string, NUL terminate. */ + buf[len] = '\0'; - pass = memchr(user, '\0', len - (user - buf)); - if (pass == NULL || pass >= buf + len - 2) -@@ -2011,9 +2021,12 @@ smtp_rfc4954_auth_login(struct smtp_sess +@@ -2021,9 +2031,12 @@ smtp_rfc4954_auth_login(struct smtp_sess case STATE_AUTH_USERNAME: memset(s->username, 0, sizeof(s->username)); From ac56618f6131f925f37bf9eb06359c3b6a8ae277 Mon Sep 17 00:00:00 2001 From: maya Date: Sun, 14 Dec 2025 20:04:52 +0000 Subject: [PATCH 46/49] doc: update for ticket 7037 --- doc/CHANGES-pkgsrc-2025Q3 | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/doc/CHANGES-pkgsrc-2025Q3 b/doc/CHANGES-pkgsrc-2025Q3 index 197d9efac81c..4ee131a93999 100644 --- a/doc/CHANGES-pkgsrc-2025Q3 +++ b/doc/CHANGES-pkgsrc-2025Q3 @@ -1,4 +1,4 @@ -$NetBSD: CHANGES-pkgsrc-2025Q3,v 1.1.2.15 2025/12/12 15:50:54 maya Exp $ +$NetBSD: CHANGES-pkgsrc-2025Q3,v 1.1.2.16 2025/12/14 20:04:52 maya Exp $ Changes to packages and infrastructure on the pkgsrc-2025Q3 branch: @@ -91,3 +91,6 @@ graphics/png: Security fix Pullup ticket #7036 - requested by roy net/openresolv: Security fix + +Pullup ticket #7037 - requested by bsiegert +mail/opensmtpd: Security fix From ba8aba00128cf9411c93cb859ea8d8e9f4e1f690 Mon Sep 17 00:00:00 2001 From: buhrow Date: Mon, 2 Mar 2026 23:00:24 +0000 Subject: [PATCH 47/49] Teach window(1) how to deal with ANSI terminal escape sequences. Specifically: escape sequences begining with [ and which contain ? or numeric values. This allows window(1) to work better with those terminal programs, especially those which use readline(3) calls, which insist on emitting these extended escape sequences even if those definitions are not in the termcap or terminfo spec for the terminal in use. this new support is incomplete in the sense that we don't do anything with the numeric values, but we do honor the functions of the actions requested as long as they were actions this program already supported. Preliminary testing shows a vast improvement with programs like gdb and the interactive python shells. --- misc/window/Makefile | 4 ++-- misc/window/distinfo | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/misc/window/Makefile b/misc/window/Makefile index fdd25ea76347..5227e3d0d08f 100644 --- a/misc/window/Makefile +++ b/misc/window/Makefile @@ -1,6 +1,6 @@ -# $NetBSD: Makefile,v 1.6 2017/09/10 01:00:01 dholland Exp $ +# $NetBSD: Makefile,v 1.6.66.1 2026/03/02 23:00:24 buhrow Exp $ -DISTNAME= window-20120215 +DISTNAME= window-20260302 PKGREVISION= 2 CATEGORIES= misc MASTER_SITES= ${MASTER_SITE_LOCAL} diff --git a/misc/window/distinfo b/misc/window/distinfo index 284a1020c10f..9991549ce14e 100644 --- a/misc/window/distinfo +++ b/misc/window/distinfo @@ -1,8 +1,8 @@ -$NetBSD: distinfo,v 1.6 2021/10/26 10:59:37 nia Exp $ +$NetBSD: distinfo,v 1.6.32.1 2026/03/02 23:00:24 buhrow Exp $ -BLAKE2s (window-20120215.tar.gz) = 695dd03d540300c272ab3c4987b749021bca2601c23edab7ddbe24b86ff63a2c -SHA512 (window-20120215.tar.gz) = 95e67c3d16b54f936f018b9a80c1007da90b97445784c51c436ae38f3edde4eaa37f6fc49bcb0b15601f4c2663fa01592b7208f737632e11e0c4abbf88f318ba -Size (window-20120215.tar.gz) = 84798 bytes +BLAKE2s (window-20260302.tar.gz) = d8721bd9b20e691c402cb469b655099347a99f8aeae9e2f5f356ee0027646c8d +SHA512 (window-20260302.tar.gz) = 0449b6ede0d3a5ba9c3502a72bc864f1a611d5bfef50a79cdd19ef7a8212ce2ecdbec5a5ec245e9479e7904c72eb111f6ff44c8bc19244cba288e6cd2810ec3f +Size (window-20260302.tar.gz) = 83933 bytes SHA1 (patch-ww.h) = 19281574830d256c7e2f80b12a176f07c56beb8e SHA1 (patch-wwframe.c) = 81fe73d55e81e0b5f8f7803068688994d71fe714 SHA1 (patch-wwlabel.c) = a7a72a85720822d1388f31b107432a074b1a260e From 8b451f8786cf2ceac4d8508212a95c11d9e05dff Mon Sep 17 00:00:00 2001 From: buhrow Date: Mon, 2 Mar 2026 23:45:56 +0000 Subject: [PATCH 48/49] Backing out the previous change to the branch as I committed in error. My apologies. -Brian --- misc/window/distinfo | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/misc/window/distinfo b/misc/window/distinfo index 9991549ce14e..45197915bc27 100644 --- a/misc/window/distinfo +++ b/misc/window/distinfo @@ -1,8 +1,8 @@ -$NetBSD: distinfo,v 1.6.32.1 2026/03/02 23:00:24 buhrow Exp $ +$NetBSD: distinfo,v 1.6.32.2 2026/03/02 23:45:56 buhrow Exp $ -BLAKE2s (window-20260302.tar.gz) = d8721bd9b20e691c402cb469b655099347a99f8aeae9e2f5f356ee0027646c8d -SHA512 (window-20260302.tar.gz) = 0449b6ede0d3a5ba9c3502a72bc864f1a611d5bfef50a79cdd19ef7a8212ce2ecdbec5a5ec245e9479e7904c72eb111f6ff44c8bc19244cba288e6cd2810ec3f -Size (window-20260302.tar.gz) = 83933 bytes +BLAKE2s (window-20120215.tar.gz) = 695dd03d540300c272ab3c4987b749021bca2601c23edab7ddbe24b86ff63a2c +SHA512 (window-20120215.tar.gz) = 95e67c3d16b54f936f018b9a80c1007da90b97445784c51c436ae38f3edde4eaa37f6fc49bcb0b15601f4c2663fa01592b7208f737632e11e0c4abbf88f318ba +Size (window-20120215.tar.gz) = 84798 bytes SHA1 (patch-ww.h) = 19281574830d256c7e2f80b12a176f07c56beb8e SHA1 (patch-wwframe.c) = 81fe73d55e81e0b5f8f7803068688994d71fe714 SHA1 (patch-wwlabel.c) = a7a72a85720822d1388f31b107432a074b1a260e From 3c3dc515b485827632cc0382c6635bad14053e51 Mon Sep 17 00:00:00 2001 From: buhrow Date: Mon, 2 Mar 2026 23:47:52 +0000 Subject: [PATCH 49/49] Backing out the previous change to the branch as I committed in error. My apologies. -Brian --- misc/window/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/misc/window/Makefile b/misc/window/Makefile index 5227e3d0d08f..4f59e53ed9bd 100644 --- a/misc/window/Makefile +++ b/misc/window/Makefile @@ -1,6 +1,6 @@ -# $NetBSD: Makefile,v 1.6.66.1 2026/03/02 23:00:24 buhrow Exp $ +# $NetBSD: Makefile,v 1.6.66.2 2026/03/02 23:47:52 buhrow Exp $ -DISTNAME= window-20260302 +DISTNAME= window-20120215 PKGREVISION= 2 CATEGORIES= misc MASTER_SITES= ${MASTER_SITE_LOCAL}