revert commit wrongly ons stable branch

(gdt)

LICENSE=, RESTRICTED=, set NO_*_ON_*.

The license is only available as a pdf, and I decline to extract and
check in text.

This license is clearly non-Free, and no permission is granted to
distribute source or binaries, so set NO_*_ON_*.

Fixes PR pkg/43210.

(gdt)

Revert commit wrongly on stable branch

(gdt)

Add LICENSE=, set NO_*_ON_*.

The licensing for this package is unclear.  In particular, it appears
to contain an embedded copy of pdflib.  Mark it non-redistributable
until someone analyzes and addresses the issues.

(gdt)

LICENSE=, RESTRICTED=, set NO_*_ON_*.

The license is only available as a pdf, and I decline to extract and
check in text.

This license is clearly non-Free, and no permission is granted to
distribute source or binaries, so set NO_*_ON_*.

Fixes PR pkg/43210.

(gdt)

Improve previous change so it honors BACULA_DB. From Petar Bogdanovic.

(dholland)

Add missing pkg-config dependency.

(wiz)

Pullup ticket #3999.

(tron)

Pullup ticket #3999 - requested by jnemeth
comms/asterisk: security update

Revisions pulled up:
- comms/asterisk/Makefile                                      1.79
- comms/asterisk/distinfo                                      1.52

---
  Module Name:    pkgsrc
  Committed By:  jnemeth
  Date:          Fri Jan  4 03:09:56 UTC 2013

  Modified Files:
          pkgsrc/comms/asterisk: Makefile distinfo

  Log Message:
  Update to Asterisk 11.1.2:  this is a security update for AST-2012-014
  and AST-2012-015.  Apparently the last update didn't completely
  fix the issues.

  The Asterisk Development Team has announced a security release for
  Asterisk 11, Asterisk 11.1.2. This release addresses the security
  vulnerabilities reported in AST-2012-014 and AST-2012-015, and
  replaces the previous version of Asterisk 11 released for these
  security vulnerabilities. The prior release left open a vulnerability
  in res_xmpp that exists only in Asterisk 11; as such, other versions
  of Asterisk were resolved correctly by the previous releases.

  The release of these versions resolve the following two issues:

  * Stack overflows that occur in some portions of Asterisk that manage a TCP
    connection. In SIP, this is exploitable via a remote unauthenticated session;
    in XMPP and HTTP connections, this is exploitable via remote authenticated
    sessions. The vulnerabilities in SIP and HTTP were corrected in a prior
    release of Asterisk; the vulnerability in XMPP is resolved in this release.

  * A denial of service vulnerability through exploitation of the device state
    cache. Anonymous calls had the capability to create devices in Asterisk that
    would never be disposed of. Handling the cachability of device states
    aggregated via XMPP is handled in this release.

  These issues and their resolutions are described in the security advisories.

  For more information about the details of these vulnerabilities, please read
  security advisories AST-2012-014 and AST-2012-015.

  For a full list of changes in the current release, please see the ChangeLog:

  http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.1.2

  The security advisories are available at:

    * http://downloads.asterisk.org/pub/security/AST-2012-014.pdf
    * http://downloads.asterisk.org/pub/security/AST-2012-015.pdf

  Thank you for your continued support of Asterisk - and we apologize for having
  to do this twice!

(tron)

Bump PKGREVISION for previous commit.

(ryoon)

Fix build on recent NetBSD 6.99.16.
See http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/sys/sysctl.h.diff?r1=1.204&r2=1.205&f=h&only_with_tag=MAIN&f=u

Tested on NetBSD/i386 5.2 and NetBSD/amd64 current.

Patch is provided from nonaka@. Thank you.

(ryoon)

- drupal-6.27.

It was updated 20th Dec. 2012.

(taca)

Clean up out-of-srcdir build handling.

(jperkin)

Don't print the /bin/sh warning on SunOS-5.11, where /bin/sh is ksh93.

(jperkin)

Updated textproc/icu to 50.1.1

(adam)

Changes 50.1.1:
* 9306 Layout Engine changes for harfbuzz integration
* 9677 Affixes set with e.g. DecimalFormat::setPositivePrefix now ignored for parse
* 9714 OS/400 test failures
* 9728 Fail building icu4c with mingw-w64
* 9737 Locale::GetDefault() in locid.cpp is not thread-safe
* 9771 Updated Currency from/to data (CLDR 5470)
* 9748 Visual Studio 2010/2012 issues
* 9780 UNUM_PARSE_INT_ONLY no longer handles grouping sep
* 9783 New Turkish Lira symbol
* 9789 Date format parsing problem with new CLDR data
* 9793 Currency data integration issue with CLDR 5470 changes
* 9801 UCONFIG_NO_CONVERSION test failure
* 9802 No data test failure

(adam)

Remove PKGREVISION

(adam)

Changes 1.8.1:

UI, Workflows & Features

* Command-line completion scripts for tcsh and zsh have been added.

* "git-prompt" scriptlet (in contrib/completion) can be told to paint
  pieces of the hints in the prompt string in colors.

* Some documentation pages that used to ship only in the plain text
  format are now formatted in HTML as well.

* We used to have a workaround for a bug in ancient "less" that
  causes it to exit without any output when the terminal is resized.
  The bug has been fixed in "less" version 406 (June 2007), and the
  workaround has been removed in this release.

* When "git checkout" checks out a branch, it tells the user how far
  behind (or ahead) the new branch is relative to the remote tracking
  branch it builds upon.  The message now also advises how to sync
  them up by pushing or pulling.  This can be disabled with the
  advice.statusHints configuration variable.

* "git config --get" used to diagnose presence of multiple
  definitions of the same variable in the same configuration file as
  an error, but it now applies the "last one wins" rule used by the
  internal configuration logic.  Strictly speaking, this may be an
  API regression but it is expected that nobody will notice it in
  practice.

* A new configuration variable "diff.context" can be used to
  give the default number of context lines in the patch output, to
  override the hardcoded default of 3 lines.

* "git format-patch" learned the "--notes=<ref>" option to give
  notes for the commit after the three-dash lines in its output.

* "git log -p -S<string>" now looks for the <string> after applying
  the textconv filter (if defined); earlier it inspected the contents
  of the blobs without filtering.

* "git log --grep=<pcre>" learned to honor the "grep.patterntype"
  configuration set to "perl".

* "git replace -d <object>" now interprets <object> as an extended
  SHA-1 (e.g. HEAD~4 is allowed), instead of only accepting full hex
  object name.

* "git rm $submodule" used to punt on removing a submodule working
  tree to avoid losing the repository embedded in it.  Because
  recent git uses a mechanism to separate the submodule repository
  from the submodule working tree, "git rm" learned to detect this
  case and removes the submodule working tree when it is safe to do so.

* "git send-email" used to prompt for the sender address, even when
  the committer identity is well specified (e.g. via user.name and
  user.email configuration variables).  The command no longer gives
  this prompt when not necessary.

more: https://raw.github.com/git/git/master/Documentation/RelNotes/1.8.1.txt

(adam)

Add wish list item for making the use of mktexlsr more efficient.

(apb)

Updated pkgtools/libkver to 0.7.1 [apb 2013-01-04]

(apb)

* commit PLIST changes that I forgot to commit earlier;
* use size_t, not int, for a length passed to sysctl(2);
* bump version to 0.7.1.

(apb)

Note for wine and wine-devel that there are preliminary OSS 4 patches
in kern/46611, and it would be great if someone could look at those.

(dholland)

Updated comms/asterisk to 11.1.2

(jnemeth)

Update to Asterisk 11.1.2:  this is a security update for AST-2012-014
and AST-2012-015.  Apparently the last update didn't completely
fix the issues.

The Asterisk Development Team has announced a security release for
Asterisk 11, Asterisk 11.1.2. This release addresses the security
vulnerabilities reported in AST-2012-014 and AST-2012-015, and
replaces the previous version of Asterisk 11 released for these
security vulnerabilities. The prior release left open a vulnerability
in res_xmpp that exists only in Asterisk 11; as such, other versions
of Asterisk were resolved correctly by the previous releases.

The release of these versions resolve the following two issues:

* Stack overflows that occur in some portions of Asterisk that manage a TCP
  connection. In SIP, this is exploitable via a remote unauthenticated session;
  in XMPP and HTTP connections, this is exploitable via remote authenticated
  sessions. The vulnerabilities in SIP and HTTP were corrected in a prior
  release of Asterisk; the vulnerability in XMPP is resolved in this release.

* A denial of service vulnerability through exploitation of the device state
  cache. Anonymous calls had the capability to create devices in Asterisk that
  would never be disposed of. Handling the cachability of device states
  aggregated via XMPP is handled in this release.

These issues and their resolutions are described in the security advisories.

For more information about the details of these vulnerabilities, please read
security advisories AST-2012-014 and AST-2012-015.

For a full list of changes in the current release, please see the ChangeLog:

http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.1.2

The security advisories are available at:

* http://downloads.asterisk.org/pub/security/AST-2012-014.pdf
* http://downloads.asterisk.org/pub/security/AST-2012-015.pdf

Thank you for your continued support of Asterisk - and we apologize for having
to do this twice!

(jnemeth)

+ arping-2.13, cdialog-1.2.20121230, cvsps-3.4, drupal-6.27,
  efax-gtk-3.2.11, eric5-5.2.7, file-5.12, fluxbox-1.3.3, giflib-5.0.3,
  gnutls-3.1.6 [needs nettle-2.5], gwaei-3.6.2, libXTrap-1.0.1,
  libXcomposite-0.4.4, libXdamage-1.1.4, libdvbpsi-1.0.0, mypaint-1.1.0,
  pango-1.32.5, parallel-20121222, puzzles-9733, py-docutils-0.10
  [pkg/47372], py-moin-1.9.6, rudiments-0.40, scmgit-1.8.1,
  xmlstarlet-1.4.2.

(wiz)

Updated databases/sqlite3 to 3.7.15.1; mysql55 to 5.5.29

(adam)

Changes 5.5.29:
* The SHOW AUTHORS and SHOW CONTRIBUTORS statements are now deprecated in MySQL 5.5 and have been removed in MySQL 5.6.
* Bugs Fixed

(adam)

Insert rpath for BUILDLINK_PREFIX.libidn as well as using the one that
comes from Perl, so this will still build if libidn and Perl are
installed in different trees. Belt-and-suspenders fix for PR 47187 on
NetBSD, may also fix the problem seen on Dragonfly.

(dholland)

Changes 3.7.15.1:
Fix a bug, introduced in version 3.7.15, that causes a segfault if the AS name of a result column of a SELECT statement is used as a logical term in the WHERE clause.

(adam)

...and the patch itself. Thank you, wizd(8).

(adam)

Updated www/py-moin to 1.9.6

(gls)

Pkgsrc changes:
---------------

- /usr/bin/env police

Upstream Changes:
-----------------

Version 1.9.6:

  SECURITY HINT: make sure you have allow_xslt = False (or just do not use
  allow_xslt at all in your wiki configs, False is the internal default).
  Allowing XSLT/4suite is very dangerous, see HelpOnConfiguration wiki page.

  HINT: Python >= 2.5 is maybe required! See docs/REQUIREMENTS for details.

  Fixes:
  * fix remote code execution vulnerability in twikidraw/anywikidraw action
  * fix path traversal vulnerability in AttachFile action
  * fix XSS issue, escape page name in rss link
  * escape user- or admin-defined css url
  * make taintfilename more secure
  * use a constant time str comparison function to prevent timing attacks
  * Attachment handler: catch all Zip-related errors

Version 1.9.5:

  Fixes:
  * Security fix: fix virtual group bug in ACL evaluation.
  * Avoid crash if #refresh processing instruction is used without arguments.
  * Fix issue with non-ASCII textchas.
  * Xapian indexing: remove copy.copy() that crashed on Windows/IIS/isapi-wsgi
    after page save.
  * Fix dictionary file reading crash under Windows.
  * Work around crash of AdvancedSearch macro rendering caused by non-ascii
    mimetypes.types_map entries.
  * Added migration script for moin 1.8.9.
  * rss_rc: Fix diffs added in RSS with diffs=1 (now they correspond to item
    listed in feed and not just last page diffs). Links generated with ddiffs=1
    also fixed.
  * rss_rc: fix double escaping issue.
  * rss_rc: respect show_names configuration option.
  * rss_rc: proper support of rename, revert, page creation.
  * modern/modernized theme: fix padding/width for editor preview
  * group/pagelinks formatters: avoid to create unnecessary output, redirect
    output of send_page call with the groups formatter, it must not be written
    to the output stream
  * rst parser: fix include and macro directives
  * wikisync: fix unicode pagename sending for python 2.7 httplib

  New features:
  * add a comment_required config option (default: False) to require a
    non-empty comment when saving a page
  * when a save error happens, show the editor again and highlight the error
  * rss_rc: several new options added: lines parameter gives ability to set
    maximum size of diffs showed in RSS. show_att parameter gives ability
    to show information aboout attachment-related items in RSS. page parameter
    gives ability to specify set of pages for which changes RSS feed should be
    generated. Configuration of defaults and limits can now be done via wiki
    configuration mechanism.
  * As soon as it is now possible to provide RSS for page change history,
    appropriate alternate link is now added for every page (controlled by
    rss_show_page_history_link configuration parameter).
  * Search: "no_highlight:" search query option provided for suppressing
    highlighting search results.
  * Search macros: new options for FullSearch, FullSearchCached and PageList
    available:
    * highlight_titles option controls highlighting of matches in search
      results provided by these macros. Default value is set in
      search_macro_highlight_titles configuration option)
    * highlight_pages option controls adding of highlight URL parameter to
      page links (so search term is highlighted when user goes to one of
      these pages via provided link) in search results. Default value is set
      in search_macro_highlight_pages configuration option.
    Usage of these options is disabled (via search_macro_parse_args
    configuration option) by default due to behavioural changes introduced
    in macro parameter parsing mechanism to support them. Related to
    http://moinmo.in/FeatureRequests/FullSearchResultsWithoutHighlight .

  Other changes:
  * Remove 4suite dependency for docbook formatter, use minidom (included in
    Python).
  * Upgraded FCKeditor to 2.6.8.

(gls)

Note the addition of open-vcdiff-0.8.3

(agc)

add and enable open-vcdiff

(agc)

Import open-vcdiff-0.8.3, an RFC 3284 encoder/decoder for VCDIFF
Differencing and Compression, into the packages collection:

An encoder and decoder for the format described in RFC 3284:  "The
VCDIFF Generic Differencing and Compression Data Format." The encoding
strategy is largely based on Bentley-McIlroy 99:  "Data Compression
Using Long Common Strings." A library with a simple API is included,
as well as a command-line executable that can apply the encoder and
decoder to source, target, and delta files.  A slight variation from
the draft standard is defined to allow chunk-by-chunk decoding when
only a partial delta file window is available.

Status:

Vendor Tag: TNF
Release Tags: pkgsrc-base

(agc)

Fix hard coded PLIST entries.  Thanks Ryo ONODERA.

(darcy)

Added net/py-smb version 1.1.2

(ryoon)

Add py-smb

(ryoon)

Import py27-smb-1.1.2 as net/py-smb.

pysmb is an experimental SMB/CIFS library written in Python. It
implements the client-side SMB/CIFS protocol (SMB1 and SMB2) which
allows your Python application to access and transfer files to/from
SMB/CIFS shared folders like your Windows file sharing and Samba
folders.

(ryoon)

Updated misc/vym to 2.2.4

(ryoon)

Update to 2.2.4

* Add some dependencies
* Update HOMEPAGE

Changelog:
no changelog

(ryoon)

Updated shells/zsh to 5.0.2

(ryoon)

Update to 5.0.2

Changelog:
Changes since 5.0.0
-------------------

Numeric constants encountered in mathematical expressions (but not other
contexts) can contain underscores as separators that will be ignored on
evaluation, as allowed in other scripting languages.  For example,
0xFFFF_FFFF, or 3.141_592_654.

"functions -T" turns on tracing for the specified function(s) only,
similar to "functions -t" except that tracing is turned off for any
functions called from the specified one(s) that don't also have the -t
or -T flag.

In file completion, the recursive-files style can be set to an array of
patterns to match against "$PWD/".  In any matched location, it is
possibly to complete files in arbitrarily deep subdirectories without
needing to type the directory prefix.  See example in the zshcompsys
manual.

The _user_expand completer now allows expansion functions in the
user-expand files to return a string in REPLY that will be used to name
the set of expansions returned.

(ryoon)

Removed patch-projects_sample_autoconf_config.sub

(adam)

Added www/py-django-appconf version 0.5

(ryoon)

Add py-django-appconf

(ryoon)

Import py27-django-appconf-0.5 as www/py-django-appconf.

A helper class for handling configuration defaults of packaged
Django apps gracefully.

(ryoon)

* Fix MESSAGE
* Add missing dependency

(ryoon)

Updated lang/clang to 3.2

(adam)

Changes 3.2:
* Improvements to Clang's diagnostics
* Support for tls_model attribute
* Type safety attributes
* Documentation comment support
More...

(adam)

Added www/py-mezzanine version 1.2.4

(ryoon)

Add py-mezzanine

(ryoon)

Import py27-mezzanine-1.2.4 as www/py-mezzanine.

Mezzanine is a powerful, consistent, and flexible content management
platform. Built using the Django framework.

(ryoon)

Added devel/py-pep8 version 1.3.4

(ryoon)

Add php-pep8

(ryoon)

Import py27-pep8-1.3.4 as devel/py-pep8 from wip/py-pep8

pep8 is a tool to check your Python code against some of
the style conventions in PEP 8

(ryoon)

Added devel/py-flakes version 0.5.0nb1

(ryoon)

Add py-flakes

(ryoon)

Import py27-flakes-0.5.0nb1 as devel/py-flakes from wip/py-flakes

Pyflakes is similar to PyChecker in scope, but differs in that it does
not execute the modules to check them. This is both safer and faster,
although it does not perform as many checks. Unlike PyLint, Pyflakes
checks only for logical errors in programs; it does not perform any
checks on style

(ryoon)

Added www/py-django-mezzanine-filebrowser version 0.2.13

(ryoon)

Add py-django-mezzanine-filebrowser

(ryoon)

Import py27-django-mezzanine-filebrowser-0.2.13 as www/py-django-mezzanine-filebrowser.

grappelli_safe was created to provide a snapshot of the Grappelli
admin skin for Django, to be referenced as a dependency for the
Mezzanine CMS for Django.

(ryoon)

Added www/py-django-mezzanine-grappelli version 0.2.11

(ryoon)

py-django-mezzanine-grappelli

(ryoon)

Import py27-django-mezzanine-grappelli-0.2.11 as www/py-django-mezzanine-grappelli.

Snapshot of the Grappelli admin skin for Django.

(ryoon)

Added www/py-bleach version 1.1.5

(ryoon)

Add py-bleach

(ryoon)

Import py27-bleach-1.1.5 as www/py-bleach.

Bleach is an HTML sanitizing library that escapes or strips markup
and attributes based on a white list. Bleach can also linkify text
safely, applying filters that Django's ``urlize`` filter cannot,
and optionally setting ``rel`` attributes, even on links already
in the text.

(ryoon)

Added www/php-tt-rss version 1.6.2

(ryoon)

Add php-tt-rss

(ryoon)

Updated databases/py-postgresql to 4.1

(darcy)

Import php54-tt-rss-1.6.2 as www/php-tt-rss.

Tiny Tiny RSS is an open source web-based news feed (RSS/Atom)
reader and aggregator, designed to allow you to read news from any
location, while feeling as close to a real desktop application as
possible.

(ryoon)

Upgrade to version 4.1.

Changes since 4.0:
- Dropped support for Python below 2.5 and PostgreSQL below 8.3.
- Added support for Python up to 2.7 and PostgreSQL up to 9.2.
- Particularly, support PQescapeLiteral() and PQescapeIdentifier().
- The query method of the classic API now supports positional parameters.
  This an effective way to pass arbitrary or unknown data without worrying
  about SQL injection or syntax errors (contribution by Patrick TJ McPhee).
- The classic API now supports a method namedresult() in addition to
  getresult() and dictresult(), which returns the rows of the result
  as named tuples if these are supported (Python 2.6 or higher).
- The classic API has got the new methods begin(), commit(), rollback(),
  savepoint() and release() for handling transactions.
- Both classic and DBAPI 2 connections can now be used as context
  managers for encapsulating transactions.
- The execute() and executemany() methods now return the cursor object,
  so you can now write statements like "for row in cursor.execute(...)"
  (as suggested by Adam Frederick).
- Binary objects are now automatically escaped and unescaped.
- Bug in money quoting fixed.  Amounts of $0.00 handled correctly.
- Proper handling of date and time objects as input.
- Proper handling of floats with 'nan' or 'inf' values as input.
- Fixed the set_decimal() function.
- All DatabaseError instances now have a sqlstate attribute.
- The getnotify() method can now also return payload strings (#15).
- Better support for notice processing with the new methods
  set_notice_receiver() and get_notice_receiver()
  (as suggested by Michael Filonenko, see #12 and #37).
- Open transactions are rolled back when pgdb connections are closed
  (as suggested by Peter Harris, see #46).
- Connections and cursors can now be used with the "with" statement
  (as suggested by Peter Harris, see #46).
- New method use_regtypes() that can be called to let getattnames()
  return regular type names instead of the simplified classic types (#44).

(darcy)

Updated www/jetty7 to 7.6.8.20121106

(ryoon)

Update to 7.6.8.20121106

* Many bugfixes
* Many improvements

(ryoon)

Added www/php-piwigo version 2.4.6

(ryoon)

Add php-piwigo

(ryoon)

Import php54-piwigo-2.4.6 as www/php-piwigo.

Piwigo is photo gallery software for the web, built by an active
community of users and developers.

(ryoon)

Updated graphics/fotoxx to 13.01

(ryoon)

Update to 13.01

Changelog:
2013.01.01  v.13.01
+ The French, Catalan and Netherlands translations were updated.
+ Vertical menu/toolbar option for better utilization of wide monitors.
+ Gallery view: image size and date were added to the view.
+ Gallery view: mouse hover on thumbnail shows a popup metadata report.
+ Manage Collections: the UI has been reworked to make it easier to use.
+ Icons for all edit functions were added for use in the Favorites menu.
+ Gallery file selection: multiple images can be selected, inserted and
  deleted, making re-arrangement of the sequence faster and easier.
+ Favorites menu: ignore small inadvertent drags from flying mouse
  clicks which can cause accidental displacement of the menu entries.
+ Brightness histogram: add "overall" graph to existing R/G/B graphs.
+ Missing popup mini-explanations (tips) for some menus were added.
+ Bugfix: some metadata functions crashed if index file sync disabled.

2012.12.20  v.12.12.2
+ Bugfix: geotag latitude/longitude fractions were being truncated for
  locales using a comma decimal point.

(ryoon)

Added print/qpdfview version 0.3.7

(ryoon)

Add qpdfview

(ryoon)

Import qpdfview-0.3.7 as print/qpdfview.

qpdfview uses the Poppler library for rendering and CUPS for
printing. It provides a clear and simple graphical user interface
using the Qt framework.

Current features include:
* Outline, properties and thumbnail panes
* Scale, rotate and fit
* Fullscreen and presentation views
* Continuous and multiple-page layouts
* Search for text
* Configurable tool bars
* Persistent per-file settings
* SyncTeX support
* Rudimentary annotation support (with Poppler version 0.20.1 or higher)
* Rudimentary form support

(ryoon)

Added print/electrix version 0.2.0

(ryoon)

Add electrix

(ryoon)

Import electrix-0.2.0 as print/electrix.

eLectrix is an application to view Portable Document Format (PDF)
files. It also has optional support for the PostScript (PS) format.

(ryoon)

perl and digest.

(dholland)

Regen.

(dholland)

Remove configure test for vprintf, which wasn't even being used, and
configure tests for memset/memcpy, which are standard and haven't
needed checking in a long time. This makes the configure script
tolerate injection of -Werror.

Fix signed/unsigned mismatches in the sha2 and whirlpool code. This
package now passes -Wall with gcc45.

Bump the package version to 20121220, which is when I made these
changes.

(dholland)

Don't hardwire /usr/pkg; use $PREFIX instead. This fixes various
problems with linking and rpaths, such as the NetBSD manifestation of
PR 47187, and probably others; I haven't tried yet but I suspect at
least my manifestation of PR 44985 will be fixed too.

(dholland)

Updated www/py-django-mptt to 0.5.5

(adam)

Changes 0.5.5:
Bug fixes.

(adam)

Note update of the "milter-greylist" package to version 4.4.1.

(tron)

Update "milter-greylist" package to version 4.4.1.
Major changes since 4.2.7:
- Allow comparison of msgsize, rcptcount & spamd, against values from LDAP
- localaddr option so that Postifix user can use spf self
- Allow filtering header and body against LDAP or CURL gathered properties
- Add format string to report last matching LDAP or CURL propery
- Add a addfooter action clause in ACL, to add mail a footer
- Allow per-dacl maxpeek setting, set by maxpeer action clause in racl
- Add LDAP or CURL gathered property substitution in format strings
- Add continue type ACL
- p0f v3 support
- Fix spamd hang if message contains NULL (Enrico Scholz)
- Send the queueid to spamd (Petar Bogdanovic)
- Ratelimit on SMTP sessions and data size
- New tarpit feature (Kouhei Sutou)
- Make SpamAssassin headers Sendmail-like (Petar Bogdanovic)
- Merge autowhite and greylist databases (Rudy Eschauzier)
- Make LDAP querries timeout configurable
- Make MX sync timeout peer-configurable (Attila Bruncsak)

This update is largely based on a patch submitted by Richard Palo
in PR pkg/47369.

(tron)

Note the end of the freeze, and the new pkgsrc-2012Q4 branch creation.

(agc)

Note the end of the freeze in pkgsrc now that we have the new pkgsrc-2012Q4 branch.

(agc)

Add changes file on our newly-created pkgsrc-2012Q4 branch.

(agc)

update comms/asterisk10 to 10.11.1
update comms/asterisk18 to 1.8.19.1

(jnemeth)

de to Asterisk 1.8.19.1;  this is a security fix to fix AST-2012-14
and AST-2012-015.

Approved for commit during freeze by: agc

The Asterisk Development Team has announced security releases for Certified
Asterisk 1.8.11 and Asterisk 1.8, 10, and 11. The available security releases
are released as versions 1.8.11-cert10, 1.8.19.1, 10.11.1, 10.11.1-digiumphones,
and 11.1.1.

The release of these versions resolve the following two issues:

* Stack overflows that occur in some portions of Asterisk that manage a TCP
  connection. In SIP, this is exploitable via a remote unauthenticated session;
  in XMPP and HTTP connections, this is exploitable via remote authenticated
  sessions.

* A denial of service vulnerability through exploitation of the device state
  cache. Anonymous calls had the capability to create devices in Asterisk that
  would never be disposed of.

These issues and their resolutions are described in the security advisories.

For more information about the details of these vulnerabilities, please read
security advisories AST-2012-014 and AST-2012-015, which were released at the
same time as this announcement.

For a full list of changes in the current releases, please see the ChangeLogs:

http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.1.1

The security advisories are available at:

* http://downloads.asterisk.org/pub/security/AST-2012-014.pdf
* http://downloads.asterisk.org/pub/security/AST-2012-015.pdf

Thank you for your continued support of Asterisk!

(jnemeth)

Upgrade to Asterisk 10.11.1;  this is a security fix to fix AST-2012-14
and AST-2012-015.

Approved for commit during freeze by: agc

The Asterisk Development Team has announced security releases for Certified
Asterisk 1.8.11 and Asterisk 1.8, 10, and 11. The available security releases
are released as versions 1.8.11-cert10, 1.8.19.1, 10.11.1, 10.11.1-digiumphones,
and 11.1.1.

The release of these versions resolve the following two issues:

* Stack overflows that occur in some portions of Asterisk that manage a TCP
  connection. In SIP, this is exploitable via a remote unauthenticated session;
  in XMPP and HTTP connections, this is exploitable via remote authenticated
  sessions.

* A denial of service vulnerability through exploitation of the device state
  cache. Anonymous calls had the capability to create devices in Asterisk that
  would never be disposed of.

These issues and their resolutions are described in the security advisories.

For more information about the details of these vulnerabilities, please read
security advisories AST-2012-014 and AST-2012-015, which were released at the
same time as this announcement.

For a full list of changes in the current releases, please see the ChangeLogs:

http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.1.1

The security advisories are available at:

* http://downloads.asterisk.org/pub/security/AST-2012-014.pdf
* http://downloads.asterisk.org/pub/security/AST-2012-015.pdf

Thank you for your continued support of Asterisk!

(jnemeth)

Updated comms/asterisk to 11.1.1

(jnemeth)

Upgrade to Asterisk 11.1.1;  this is a security fix to fix AST-2012-14
and AST-2012-015.

Approved for commit during freeze by: agc

The Asterisk Development Team has announced security releases for Certified
Asterisk 1.8.11 and Asterisk 1.8, 10, and 11. The available security releases
are released as versions 1.8.11-cert10, 1.8.19.1, 10.11.1, 10.11.1-digiumphones,
and 11.1.1.

The release of these versions resolve the following two issues:

* Stack overflows that occur in some portions of Asterisk that manage a TCP
  connection. In SIP, this is exploitable via a remote unauthenticated session;
  in XMPP and HTTP connections, this is exploitable via remote authenticated
  sessions.

* A denial of service vulnerability through exploitation of the device state
  cache. Anonymous calls had the capability to create devices in Asterisk that
  would never be disposed of.

These issues and their resolutions are described in the security advisories.

For more information about the details of these vulnerabilities, please read
security advisories AST-2012-014 and AST-2012-015, which were released at the
same time as this announcement.

For a full list of changes in the current releases, please see the ChangeLogs:

http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.1.1

The security advisories are available at:

* http://downloads.asterisk.org/pub/security/AST-2012-014.pdf
* http://downloads.asterisk.org/pub/security/AST-2012-015.pdf

Thank you for your continued support of Asterisk!

(jnemeth)

Remove ftp.opendylan.org, no ping some time.

(ryoon)

When using USE_PKGSRC_GCC_RUNTIME, ensure the fortran wrapper uses the
custom specs file too, so that the correct runtime is used.

(jperkin)

Updated net/aria2 to 1.16.1

(ryoon)

Update to 16.0.1

Changelog:
aria2 1.16.1
============

Release Note
------------

This release adds the ability to persist GID across sessions. The GID
will be saved with --save-session. There are several restrictions how
GID is persisted. See the manual for details. For this change, now GID
is 64 bits binary data and represented by 16 characters hex string in
RPC query.  The disk cache feature was added, which may reduce disk
activity. The console readout was redesigned. The warning displayed
when --file-allocation=falloc is used on MinGW32 build was removed as
a bug.

Changes
-------

* mingw32: Re-open files with read-only mode enabled on seeding

  On Mingw32 build, if aria2 opens file with GENERIC_WRITE access
  right, some programs cannot open the file aria2 is seeding. To avoid
  this situation, re-open files with read-only enabled when seeding is
  about to begin.

* Save gid option with --save-session option

* Added --gid option

  This option sets GID manually. aria2 identifies each download by the
  ID called GID. The GID must be hex string of 16 characters, thus
  [0-9a-zA-Z] are allowed and leading zeros must not be stripped. The
  GID all 0 is reserved and must not be used. The GID must be unique,
  otherwise error is reported and the download is not added.  This
  option is useful when restoring the sessions saved using
  --save-session option. If this option is not used, new GID is
  generated by aria2.

* Use 64 bits random bytes as GID

  This change replaces the current 64 bit sequential GID with 64 bits
  random bytes GID in an attempt to support persistent
  GID. Internally, the GID is stored as uint64_t. For human
  representation and RPC interface, GID is represented as 16 bytes hex
  string. For console readout, 16 bytes are too long, so it is
  abbreviated to first 6 bytes.  When querying GID in RPC calls, user
  can speicfy the prefix of GID as long as the prefix is shared by
  more than 1 GID entries.

* Fixed BitfieldMan::getOffsetCompletedLength overflow on 32-bit systems

* mingw32: Use HANDLE only for MinGW32 build

* Changed console readout, making it more compact

  "SIZE:" is removed because it is obvious. SEEDING, SEED, SPD and UP
  are now replaced with SEED, SD, DL and UL respectively.

* Compact readout when more than 1 simultaneous downloads are going on

  If more than 1 simultaneous downloads are going on, use more compact
  format in readout. Currently, at most 5 download stats are
  displayed.

  util::abbrevSize() is rewritten to support "Gi" unit and provides
  more compact abbreviation.

* Console color output

  Log level and download result string is now colored.

* Logger: Simplified console output and change level format in log

  The date and time are now removed from console output.  The log
  level is now formatted as "[LEVEL]".

* Start to find faster host before the number of missing segments becomes 1

  The old implementation starts to find faster host when the number of
  missing segment becomes 1. Because of --min-split-size option,
  before the number of missing segment becomes 1, the number of
  connection becomes 1 and it can be slow. In this case, we have to
  wait until the last segment is reached. The new implementation
  starts to find faster host when the remaining length is less than
  --min-split-size * 2, to mitigate the problem stated above.

* Removed warning when --file-allocation=falloc is used in MinGW32 build

  The warning was just a mistake. SetFilePointerEx + SetEndOfFile
  actually allocate disk space.

* Write data in 4K aligned offset in write with disk cache enabled

  This greatly reduces disk activity especially on Win + NTFS.  Not so
  much difference on Linux.

* mingw32: Removed FSCTL_SET_SPARSE set

* Added --disk-cache option

  This option enables disk cache. If SIZE is 0, the disk cache is
  disabled. This feature caches the downloaded data in memory, which
  grows to at most SIZE bytes. The cache storage is created for aria2
  instance and shared by all downloads. The one advantage of the disk
  cache is reduce the disk seek time because the data is written in
  larger unit and it is reordered by the offset of the file. If the
  underlying file is heavily fragmented it is not the case.

(ryoon)