Pullup ticket #4080 - requested by taca
lang/ruby193-base: security update

Revisions pulled up:
- lang/ruby/rubyversion.mk                                      1.95
- lang/ruby193-base/Makefile                                    1.26
- lang/ruby193-base/distinfo                                    1.18
- lang/ruby193-base/patches/patch-ext_json_lib_json_add_core.rb deleted
- lang/ruby193-base/patches/patch-ext_json_lib_json_common.rb  deleted
- lang/ruby193-base/patches/patch-ext_json_lib_json_version.rb  deleted
- lang/ruby193-base/patches/patch-ext_json_parser_parser.c      deleted
- lang/ruby193-base/patches/patch-ext_json_parser_parser.rl    deleted
- lang/ruby193-base/patches/patch-test_json_test__json.rb      deleted
- lang/ruby193-base/patches/patch-test_json_test__json__addition.rb deleted
- lang/ruby193-base/patches/patch-test_json_test__json__string__matching.rb deleted

---
  Module Name: pkgsrc
  Committed By: taca
  Date: Fri Feb 22 16:20:48 UTC 2013

  Modified Files:
  pkgsrc/lang/ruby: rubyversion.mk
  pkgsrc/lang/ruby193-base: Makefile distinfo
  Removed Files:
  pkgsrc/lang/ruby193-base/patches: patch-ext_json_lib_json_add_core.rb
      patch-ext_json_lib_json_common.rb
      patch-ext_json_lib_json_version.rb patch-ext_json_parser_parser.c
      patch-ext_json_parser_parser.rl patch-test_json_test__json.rb
      patch-test_json_test__json__addition.rb
      patch-test_json_test__json__string__matching.rb

  Log Message:
  Update ruby193-base package (and related) to 1.9.3-p392.
  Security problem of CVE-2013-0269 was already handled but REXML security
  problem is fixed by this package.

  Now Ruby 1.9.3-p392 is released. I apologize for updating too frequently.

  This release includes security fixes about bundled JSON and REXML.

  * Denial of Service and Unsafe Object Creation Vulnerability in JSON
    (CVE-2013-0269)
  * Entity expansion DoS vulnerability in REXML (XML bomb)

  And some small bugfixes are also included.

(tron)

Correct PLIST for building without X11.

(jperkin)

Pullup ticket #4079 - requested by taca
www/geeklog: security update

Revisions pulled up:
- www/geeklog/Makefile                                          1.37
- www/geeklog/distinfo                                          1.21

---
  Module Name: pkgsrc
  Committed By: taca
  Date: Thu Feb 21 13:01:24 UTC 2013

  Modified Files:
  pkgsrc/www/geeklog: Makefile distinfo

  Log Message:
  Update geeklog to 1.8.2.1 (Geeklog 1.8.2sr1).

  Geeklog History/Changes:

  Feb 19, 2013 (1.8.2sr1)
  ------------

  This release addresses the following security issues:
  - High-Tech Bridge Security Research Lab reported an XSS in the calendar_type
    parameter in the Calendar plugin (HTB23143).
  - Trustwave Spiderlabs reported XSS in the install script, the Configuration,
    as well as in the Admin interfaces for the Polls plugin and the Topic editor
    (TWSL2013-001).

  Not security-related:
  - Fixed Twitter OAuth login by switching to version 1.1 of the Twitter API
    (feature request #0001506).

(tron)

Updated lang/icc11 to 11.1.080nb1

(wiz)

Switch to gcc47 instead of gcc34. Works just as well and will be supported
longer. Bump PKGREVISION.

(wiz)

Readd enigmail checksums.

(wiz)

Pullup ticket #4078 - requested by taca
www/drupal7: security update

Revisions pulled up:
- www/drupal7/Makefile                                          1.17
- www/drupal7/distinfo                                          1.11

---
  Module Name: pkgsrc
  Committed By: taca
  Date: Thu Feb 21 12:59:19 UTC 2013

  Modified Files:
  pkgsrc/www/drupal7: Makefile distinfo

  Log Message:
  Update drupal7 to 7.20.

  Drupal 7.20, 2013-02-20
  -----------------------
  - Fixed security issues (denial of service). See SA-CORE-2013-002.

(tron)

Added devel/p5-MooX-Types-MooseLike version 0.21

(wen)

Initial import MooX-Types-MooseLike-0.21 as devel/p5-MooX-Types-MooseLike.

MooX::Types::MooseLike provides some Moosish types and a typer builder.

(wen)

Updated www/p5-Dancer to 1.3111

(wen)

Update to 1.3111
Add p5-YAML as DEPENDS

Upstream changes:
1.3111

[ BUG FIXES ]
    * GH #877: fix Dancer Error when so that 'exception' object is not passed
      to serializers, because XML/JSON serializers don't understand objects
      (rikbrown).
    * GH #858: Check for definedness, not truth, when testing if we read
      into the buffer when parsing a request body (florolf).
    * GH #845: Fix uninitialized warning when loading modules (Fabrice Gabolde).
    * GH #851, GH #853: Atomic YAML session writing (Roman Galeev).
    * GH #852: Saner UTF logging (Roman Galeev).
    * GH #849, GH #850: Serve autopages with text/html content type.
      (Philippe Bruhat - BooK)
    * GH #848: Handle If-Modified-Since header in the request for static files.
      (Philippe Bruhat - BooK)
    * GH #848: Send a Last-Modified header for static files.
      (Philippe Bruhat - BooK)
    * GH #856: Don't export non-existing subroutine (mokko).
    * GH #874: Reduce dependence on %ENV for internal code (Kent Fredric).
    * GH #875: Don't expect specific order in cookies (Yanick Champoux).
    * Remove 'exception' object from message being passed to serializers.
        (Rik Brown)
    * Added .travis.yml to MANIFEST.SKIP so t/manifest.t passes (Kaitlyn Parkhurst).
    * GH #887, GH #890: keyword 'global_warnings' added to replace 'import_warnings'
        (Kaitlyn Parkhurst).
    * GH #892: add 'private_key' to the list of potentially sensitive keys (Tom Heady).

    [ DOCUMENTATION ]
    * GH #847: Fix typo (John Wittkoski).
    * GH #865: Correct 'before' hook documentation (David Precious, Maurice).
    * GH #860, GH #844, GH #760: Misleading plack middleware documentation.
      (Paul Fenwick)
    * GH #862: Fix heading level for strict_config entry in Dancer::Config.
      (Stefan Hornburg - Racke)
    * GH #863: Correct example apache config (John Wittkoski).
    * GH #867: correct doc for ModuleLoader::load_with_params (mokko).
    * Document route_cache option (David Precious).
    * Docs for route_cache_size_limit & route_cache_path_limit (David Precious).
    * Remove meaningless 'encoding' to TT config (David Precious).
    * Remove docs for mounting multiple apps (Naveed Massjouni).
    * Update doc URLs (David Precious).
    * Fix inconsistency in Perlbal deployment example (Slaven Rezi., Racke).
    * GH #894: Replace spurious character in Dancer::Session's POD (Racke).
    * GH #880: Add deprecation mention for 'after' (pdl and Yanick Champoux).

(wen)

Pullup tickets #4076 and #4077.

(tron)

Pullup ticket #4077 - requested by markd
net/netatalk: build fix

Revisions pulled up:
- net/netatalk/distinfo                                        1.48
- net/netatalk/patches/patch-etc_uams_uams_gss.c                1.1

---
  Module Name: pkgsrc
  Committed By: markd
  Date: Fri Feb 22 22:41:32 UTC 2013

  Modified Files:
  pkgsrc/net/netatalk: distinfo
  Added Files:
  pkgsrc/net/netatalk/patches: patch-etc_uams_uams_gss.c

  Log Message:
  Dont override the value of GSS_C_NT_HOSTBASED_SERVICE that recent
  Heimdal's set.

(tron)

Pullup ticket #4076 - requested by obache
print/acroread9: security update

Revisions pulled up:
- print/acroread9/Makefile                                      1.9
- print/acroread9/distinfo                                      1.8

---
  Module Name: pkgsrc
  Committed By: obache
  Date: Sat Feb 23 12:56:16 UTC 2013

  Modified Files:
  pkgsrc/print/acroread9: Makefile distinfo

  Log Message:
  Update acroread9 to 9.5.4 for APSA13-02.

(tron)

Restore DragonFly change, lost in Friday's update. PR 47586

(dholland)

Fix xft handling, from schmonz.

(wiz)

fix sum for i386

(christos)

update to .15 (x86_64)

(christos)

Updated multimedia/deforaos-player to 0.1.5

(khorben)

Added sysutils/terminal version 0.0.0

(khorben)

Added sysutils/deforaos-terminal

(khorben)

deforaos-terminal currently has a run-time dependency on x11/xterm

(khorben)

Seems to conflict with xfce4-terminal at the moment unfortunately

(khorben)

On OS X 10.6.8, configure finds the native xft and builds against
it; judging by the PLIST, that's unintended. Tell configure to stop.

(schmonz)

Added sysutils/deforaos-terminal, version 0.0.0

DeforaOS Terminal is a terminal emulator, embedding xterm within a Gtk+ interface. It supports multiple tabs and windows.

(khorben)

+ mlterm-3.1.8.

(taca)

+ Mesa-9.1, MesaLib-9.1, Transmission-gui-2.77, apache24-2.4.4,
  dbus-1.7.0, ffmpeg-20130222.1.1.3, file-5.13, fluxbox-1.3.5,
  gssdp-0.14.1, libnice-0.1.4, mdds-0.7.0, mono-3.0.4, orc-0.4.17,
  parallel-20130222, patch-2.7.1, podofo-0.9.2, py-simplejson-3.1.0,
  rudiments-0.41, stella-3.8, x264-devel-20130223.

(wiz)

Updated net/aria2 to 1.16.3

(ryoon)

Update to 1.16.3

Changelog:
aria2 1.16.3
============

Release Note
------------

This release fixes the bug which causes random crash. It also fixes
socket option setting failure on Windows platform.

Changes
-------

* Fix failure to set TCP_NODELAY on Windows

  On Windows setting TCP_NODELAY after non-blocking connect fails at
  least on Windows 7.

* Fix invalid iterator handling when deleting RequestGroup

aria2 1.16.2
============

Release Note
------------

This release fixes the bug which causes long running BitTorrent
download to stall. The several new options have been added.

Changes
-------

* Check SSL_OP_NO_COMPRESSION is available before using it

* Fix bug returnPeer is not called if sequence_ == INITIATOR_SEND_KEY

  In InitiatorMSEHandshakeCommand, when aborting connection, we must
  return peer to the PeerStorage. But it is not done if sequence_ is
  INITIATOR_SEND_KEY. This causes stale Peer objects whose usedBy()
  returns true eventually occupies peer list and aria2 cannot make any
  connections.

* Accept k and m as well as K and M in util::getRealSize()

* mingw32: Make NTFS sparse file on --file-allocation=trunc

* Added --save-session-interval option

  --save-session-interval option saves error/unfinished downloads to a
  file specified by --save-session option every SEC seconds. If 0 is
  given, file will be saved only when aria2 exits.

* Use request URI as referer if --referer="*" is given

* Log warn if unknown option is found in config file or -i file

* Added --console-log-level option

  --console-log-level option sets log level to output to console.

(ryoon)

Note Remove of www/ruby-sass-rails31 package.

(taca)

Remove ruby-sass-rails31 which was for Ruby on Rails 3.1.

(taca)

Remove ruby-sass-rails31.

(taca)

Note remove packages which were required by Ruby on Rails 3.1.

databases/ruby-arel22
www/ruby-rack13

(taca)

Remove ruby-rack13 which was only required by www/ruby-actionpack31.

(taca)

Remove ruby-rack13.

(taca)

Remove ruby-sprockets20 which was required only by www/ruby-actionpack31.

(taca)

Remove ruby-sprockets20.

(taca)

Remove ruby-arel22 which was required only by databases/ruby-activerecord31.

(taca)

Remove ruby-arel22.

(taca)

Updated www/firefox17-l10n to 17.0.3

(ryoon)

Note remove of mail/ruby-mail23 package.

(taca)

Remove ruby-mail23 package which was only required by ruby-actionmailer31.

(taca)

Update to 17.0.3

Sync with firefox-17.0.3.

(ryoon)

Remove ruby-mail23.

(taca)

Remove support for Ruby on Rails 3.1.

(taca)

Remove Ruby on Rails 3.1 component packages:

www/ruby-rails31
mail/ruby-actionmailer31
databases/ruby-activerecord31
devel/ruby-railties31
www/ruby-actionpack31
www/ruby-activeresource31
devel/ruby-activemodel31
devel/ruby-activesupport31

(taca)

Remove ruby-activesupport31 package which is part of Ruby on Rails 3.1.

(taca)

Remove ruby-activemodel31 package which is part of Ruby on Rails 3.1.

(taca)

Remove ruby-activemodel31.

(taca)

ruby-activeresource31 package which is part of Ruby on Rails 3.1.

(taca)

Remove ruby-activeresource31.

(taca)

Remove ruby-actionpack31 package which is part of Ruby on Rails 3.1.

(taca)

Remove ruby-actionpack31.

(taca)

Update to 17.0.3

Sync with thunderbird-17.0.3.

(ryoon)

Remove Remove ruby-railties31 package which is part of Ruby on Rails 3.1.

(taca)

Remove ruby-railties31.

(taca)

Remove ruby-activerecord31 package which is part of Ruby on Rails 3.1.

(taca)

Remove ruby-activerecord31.

(taca)

Updated devel/xulrunner17 to 17.0.3
Updated www/firefox17 to 17.0.3

(ryoon)

Remove ruby-actionmailer31 package which is part of Ruby on Rails 3.1.

(taca)

Remove ruby-actionmailer31.

(taca)

Update to 17.0.3

Changelog:
FIXED
Security fixes can be found here
FIXED
Improvements to the Click-to-Play vulnerable plugin blocklisting feature

Fixed in Firefox ESR 17.0.3
MFSA 2013-28 Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer
MFSA 2013-27 Phishing on HTTPS connection through malicious proxy
MFSA 2013-26 Use-after-free in nsImageLoadingContent
MFSA 2013-25 Privacy leak in JavaScript Workers
MFSA 2013-24 Web content bypass of COW and SOW security wrappers
MFSA 2013-21 Miscellaneous memory safety hazards (rv:19.0 / rv:17.0.3)

(ryoon)

Remove ruby-rails31 package which is part of Ruby on Rails 3.1.

(taca)

Remove ruby-rails31.

(taca)

Updated mail/thunderbird to 17.0.3

(ryoon)

Note remove of packages only for Ruby on Rails 3.1.

www/ruby-coffee-rails31
devel/ruby-uglifier10
devel/ruby-turn08

(taca)

Update to 17.0.3

Changelog:
    FIXED
    Security fixes can be found here
    FIXED
    Attachments sometimes could not be removed from the composition window using the keyboard, this is now fixed (799451)

Fixed in Thunderbird 17.0.3
MFSA 2013-28 Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer
MFSA 2013-27 Phishing on HTTPS connection through malicious proxy
MFSA 2013-26 Use-after-free in nsImageLoadingContent
MFSA 2013-25 Privacy leak in JavaScript Workers
MFSA 2013-24 Web content bypass of COW and SOW security wrappers
MFSA 2013-21 Miscellaneous memory safety hazards (rv:19.0 / rv:17.0.3)

(ryoon)

Remove ruby-turn08 package only for Ruby on Rails 3.1.

(taca)

Remove ruby-turn08.

(taca)

Remove ruby-uglifier10 package only for Ruby on Rails 3.1.

(taca)

Remove ruby-uglifier10.

(taca)

Remove ruby-coffee-rails31 package for Ruby on Rails 3.1.

(taca)

Remove ruby-coffee-rails31.

(taca)

Updated www/ruby-httpclient to 2.3.3

(obache)

Update ruby-httpclient to 2.3.3.

= Changes in 2.3.3 =

  February 24, 2013 - version 2.3.3

  * Changes

    * #144 Add User-Agent field by default. You can remove the header by
      setting nil to HTTPClient#agent_name.

(obache)

Updated DESCR with more recent figures.

(imil)

Updated DESCR with more recent figures.

(imil)

Note minimal hints for Cygwin.

(obache)

GNUmake is expected for Cygwin.

(obache)

On Cygwin, shared libraries will be installed in `bin', and symbolic links
will not be created.

(obache)

No special linux files in latest py-twisted.

(markd)

Fix missing '$' in regex in sh in bmake.
noticed by gson@.

(obache)

recent stuff

(dholland)

Remove some more wrong CONFLICTS.

(dholland)

Updated parallel/openmpi to 1.6.4

(asau)

Update to OpenMPI 1.6.4

Here is a list of changes in v1.6.4 as compared to v1.6.3:

- Fix Cygwin shared memory and debugger plugin support.  Thanks to
  Marco Atzeri for reporting the issue and providing initial patches.
- Fix to obtaining the correct available nodes when a rankfile is
  providing the allocation.  Thanks to Siegmar Gross for reporting the
  problem.
- Fix process binding issue on Solaris.  Thanks to Siegmar Gross for
  reporting the problem.
- Updates for MXM 2.0.
- Major VT update to 5.14.2.3.
- Fixed F77 constants for Cygwin/Cmake build.
- Fix a linker error when configuring --without-hwloc.
- Automatically provide compiler flags that compile properly on some
  types of ARM systems.
- Fix slot_list behavior when multiple sockets are specified.  Thanks
  to Siegmar Gross for reporting the problem.
- Fixed memory leak in one-sided operations.  Thanks to Victor
  Vysotskiy for letting us know about this one.
- Added performance improvements to the OpenIB (OpenFabrics) BTL.
- Improved error message when process affinity fails.
- Fixed MPI_MINLOC on man pages for MPI_REDUCE(_LOCAL).  Thanks to Jed
  Brown for noticing the problem and supplying a fix.
- Made malloc hooks more friendly to IO interprosers.  Thanks to the
  bug report and suggested fix from Darshan maintainer Phil Carns.
- Restored ability to direct launch under SLURM without PMI support.
- Fixed MPI datatype issues on OpenBSD.
- Major VT update to 5.14.2.3.
- Support FCA v3.0+.
- Fixed header file problems on OpenBSD.
- Fixed issue with MPI_TYPE_CREATE_F90_REAL.
- Fix an issue with using external libltdl installations.  Thanks to
  opolawski for identifying the problem.
- Fixed MPI_IN_PLACE case for MPI_ALLGATHER for FCA.
- Allow SLURM PMI support to look in lib64 directories.  Thanks to
  Guillaume Papaure for the patch.
- Restore "use mpi" ABI compatibility with the rest of the 1.5/1.6
  series (except for v1.6.3, where it was accidentally broken).
- Fix a very old error in opal_path_access(). Thanks to Marco Atzeri
  for chasing it down.

(asau)

Updated www/seamonkey-l10n to 2.16

(ryoon)

Update to 2.16

Sync with seamonkey-2.16.

(ryoon)

Updated www/seamonkey to 2.16

(ryoon)

Update to 2.16

* enigmail is broken

Changelog:
SeaMonkey-specific changes
    Reply to List is now supported.
    SSL-related warning prompts (leaving or entering a secure site, viewing mixed content) have been replaced by less intrusive, non-modal notification bars.
    See the changes page for minor changes.

Mozilla platform changes
    Image quality has been improved through a new HTML scaling algorithm.
    Canvas elements can export their content as an image blob using canvas.toBlob() now.
    CSS @page is now supported.
    CSS viewport-percentage length units have been implemented (vh, vw, vmin and vmax).
    CSS text-transform now supports full-width.
    Fixed several stability issues.

Fixed in SeaMonkey 2.16
MFSA 2013-28 Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer
MFSA 2013-27 Phishing on HTTPS connection through malicious proxy
MFSA 2013-26 Use-after-free in nsImageLoadingContent
MFSA 2013-25 Privacy leak in JavaScript Workers
MFSA 2013-24 Web content bypass of COW and SOW security wrappers
MFSA 2013-23 Wrapped WebIDL objects can be wrapped again
MFSA 2013-22 Out-of-bounds read in image rendering
MFSA 2013-21 Miscellaneous memory safety hazards (rv:19.0 / rv:17.0.3)

(ryoon)

argh this has apparently been wrong all week
(it is creating an "emacs" package instead of an "emacs22" package)

(dholland)

Help people using mk files outside pkgsrc, provide saner default values.

(asau)

Remove wrong DEPENDS (in Makefile.common, just committed) and bump
PKGREVISION.

(dholland)

Remove wrong CONFLICTS, bump PKGREVISION.

(dholland)

Forget previous, try again.

(dholland)

Fix fatal problem with the emacs-nox11 meta-package, which I guess I
didn't notice because I didn't build enough combinations, or something.

(dholland)

Updated textproc/rarian to 0.8.1nb3

(jperkin)

Don't use -export-symbols-regex, it breaks non-GNU linkers and results in the
wrong SONAME being set, in this case to '../librarian/.libs/librarian.so'.

Fixes a number of packages and PR#37842.

Bump PKGREVISION, binary package needs to be updated.

(jperkin)

Note addition of security/netpgpverify-20120928

(agc)

Add ane enable netpgpverify

(agc)

Initial import of netpgpverify-20120928 into the Packages Collection

netpgpverify is a standalone program to verify a PGP signature
on a file or document. Both RSA and DSA signatures are supported,
as are binary and document signatures.

netpgpverify is compliant with RFC 4880.

netpgpverify is a small frontend for libnetpgpverify, to allow PGP digital
signatures to be verified from the command line.

Status:

Vendor Tag: TNF
Release Tags: pkgsrc-base

(agc)

Note the addition of libnetpgpverify-20120928

(agc)

Add and enable libnetpgpverify

(agc)

Initial import of libnetpgpverify-20120928, a library to verify PGP
signatures.

This library has no pre-requisites other than -lz and -lbz2.

This is libnetpgpverify, a standalone library to verify PGP
signatures.

It uses its own internal MPI/BIGNUM functions, which are a vastly
cut-down version of libtommath.  For this reason, utilities and other
libraries can embed PGP signature verification, using a BSD-licensed
library.


Status:

Vendor Tag: TNF
Release Tags: pkgsrc-base

(agc)

Packaged DeforaOS Player 0.1.5, with:
- improved user interface (progress bar, seeking, displaying errors)
- additional tool for remote controlling the playback;
- manual pages for both binaries.

(khorben)

Updated www/py-django to 1.4.5

(adam)

Changes 1.4.5:
Security-fix release. Here's a brief summary of each issue and its resolution:

Issue: Host header poisoning: an attacker could cause Django to generate and display URLs that link to arbitrary domains. This could be used as part of a phishing attack. These releases fix this problem by introducing a new setting, ALLOWED_HOSTS, which specifies a whitelist of domains your site is known to respond to.

Important: by default Django 1.3.6 and 1.4.4 set ALLOWED_HOSTS to allow all hosts. This means that to actually fix the security vulnerability you should define this setting yourself immediately after upgrading.

Issue: Formset denial-of-service: an attacker can abuse Django's tracking of the number of forms in a formset to cause a denial-of-service attack. This has been fixed by adding a default maximum number of forms of 1,000. You can still manually specify a bigger max_num, if you wish, but 1,000 should be enough for anyone.

Issue: XML attacks: Django's serialization framework was vulnerable to attacks via XML entity expansion and external references; this is now fixed. However, if you're parsing arbitrary XML in other parts of your application, we recommend you look into the defusedxml Python packages which remedy this anywhere you parse XML, not just via Django's serialization framework.

Issue: Data leakage via admin history log: Django's admin interface could expose supposedly-hidden information via its history log. This has been fixed.

(adam)

Updated pkgtools/x11-links to 0.73

(obache)

Update x11-links to 0.73.

Let to expand libtool archive (.la) automatically, so no need to mainain X11
file list manually anymore (every OS update may include shlib version change),
if the OS provide .la file (and no need to mind shlib type).

(obache)

Updated math/octave to 3.6.4

(asau)

Update to Octave 3.6.4
This version is a minor bug fixing release.

(asau)

Updated print/acroread9 to 9.5.4

(obache)

Update acroread9 to 9.5.4 for APSA13-02.

(obache)

prevent to expand if dlname is empty.

(obache)

SunOS needs -fpermissive too.

(jperkin)

normalize OS_VERSION for Cygwin, same as in mk/bsd.prefe.mk.

(obache)

prefer native X11 on Cygwin.

(obache)

Update kyua-cli to 0.6.

(jmmv)

Update to 0.6:

Experimental version released on February 22nd, 2013.

* Issue 36: Changed 'kyua help' to not fail when the configuration file
  is bogus.  Help should always work.

* Issue 37: Simplified the syntax() calls in configuration and Kyuafile
  files to only specify the requested version instead of also the format
  name.  The format name is implied by the file being loaded, so there
  is no use in the caller having to specify it.  The version number of
  these file formats has been bumped to 2.

* Issue 39: Added per-test-case metadata values to the HTML reports.

* Issue 40: Rewrote the documentation as manual pages and removed the
  previous GNU Info document.

* Issue 47: Started using the independent testers in the kyua-testers
  package to run the test cases.  Kyua does not implement the logic to
  invoke test cases any more, which provides for better modularity,
  extensibility and robustness.

* Issue 57: Added support to specify arbitrary metadata properties for
  test programs right from the Kyuafile.  This is to make plain test
  programs more versatile, by allowing them to specify any of the
  requirements (allowed architectures, required files, etc.) supported
  by Kyua.

* Reduced automatic screen line wrapping of messages to the 'help'
  command and the output of tables by 'db-exec'.  Wrapping any other
  messages (specially anything going to stderr) was very annoying
  because it prevented natural copy/pasting of text.

* Increased the granularity of the error codes returned by kyua(1) to
  denote different error conditions.  This avoids the overload of '1' to
  indicate both "expected" errors from specific subcommands and
  unexpected errors caused by the internals of the code.  The manual now
  correctly explain how the exit codes behave on a command basis.

* Optimized the database schema to make report generation almost
  instantaneous.

* Bumped the database schema to 2.  The database now records the
  metadata of both test programs and test cases generically, without
  knowledge of their interface.

* Added the 'db-migrate' command to provide a mechanism to upgrade a
  database with an old schema to the current schema.

* Removed the GDB build-time configuration variable.  This is now part
  of the kyua-testers package.

* Rewrote the Kyuafile parsing code in C++, which results in a much
  simpler implementation.  As a side-effect, this gets rid of the
  external Lua files required by 'kyua', which in turn make the tool
  self-contained.

* Added caching of various configure test results (particularly in those
  tests that need to execute a test program) so that cross-compilers can
  predefine the results of the tests without having to run the
  executables.

(jmmv)