ChangeLog for: 2026-04-05 00:32:32

l/SDL3-3.4.4-x86_64-1.txz:  Upgraded.
l/harfbuzz-14.1.0-x86_64-1.txz:  Upgraded.
l/openexr-3.4.9-x86_64-1.txz:  Upgraded.
  This release addresses several security vulnerabilities:
  DWA Lossy Decoder Heap Out-of-Bounds Write.
  Signed 32-bit Overflow in PIZ Decoder Leads to OOB Read/Write.
  Signed integer overflow (undefined behavior) in undo_pxr24_impl may allow
  bounds-check bypass in PXR24 decompression.
  Misaligned write in LossyDctDecoder_execute leading to undefined behavior
  (DWA/DWAB decompression).
  Signed integer overflow in generic_unpack() when parsing EXR files with
  crafted negative dataWindow.min.x.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34589
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34588
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34380
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34379
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34378
  (* Security fix *)
l/python-charset-normalizer-3.4.7-x86_64-1.txz:  Upgraded.
n/postfix-3.11.1-x86_64-2.txz:  Rebuilt.
  Added support for LMDB.
  Thanks to Thom1b.
x/gtk-layer-shell-0.10.1-x86_64-1.txz:  Upgraded.