Update json-glib to 0.10.2.

Overview of changes for 0.10.2
==============================
* Documentation fixes for GBoxed transformation functions
* Zero all fields of JsonObject on creation

(obache)

Note /etc/mailer.conf (pkg/42580).

(martti)

Added games/hex-a-hop version 1.1.0

(wiz)

+ hex-a-hop.

(wiz)

Initial import of hex-a-hop-1.1.0:

Hex-a-Hop is a hexagonal tile-based puzzle game with one simple
goal: destroy all green tiles! There are infinite undos and no time
limits -- you just have to find a way to destroy all the green
tiles and step on a safe tile at the end.

Status:

Vendor Tag: TNF
Release Tags: pkgsrc-20100301

(wiz)

like python import.

(is)

OMG! It's like Python, but like, you know, casual!

Status:

Vendor Tag: TNF
Release Tags: pkgsrc-base

(is)

Note sylpheed update

(tnn)

Update to sylpheed-3.0.0.
Many bugfixes. New features include:
* multi-threading was introduced
* add new recipients to address book automatically on sending was added.
* The new filter match type 'is in addressbook' was added.
* Address book is now sortable by each column.
* Address book search feature was added.
* The setup dialog on the first run became user-friendly.
* The new account setup dialog was implemented. Easy Gmail setup.
* SHA1/MD5 fingerprint and validity period of certificate is now displayed
* menu item to request disposition notification was added
* The feature to customize the color label text was added.
* The option to set only mail address of recipients when replying was added.

(tnn)

Note update of security/openssl package to 0.9.8mnb1.

(taca)

Fix broken PLIST.
(I wonder why "make print-PLIST" generated wrong result before...")

Bump PKGREVISION.

(taca)

    Update to Asterisk 1.6.1.17.  This fixes AST-2010-001 and
AST-2010-003.  AST-2010-002 was just a warning about dialplan
scripting errors that could lead to security issues.

Asterisk 1.6.1.13: general bug fixes
Asterisk 1.6.1.14: fix AST-2010-001
Asterisk 1.6.1.15: not released, skipped for security releases
Asterisk 1.6.1.16: fix AST-2010-002
Asterisk 1.6.1.17: fix AST-2010-003

Note that the only change in Asterisk 1.6.1.16 was the addtion of
a README file.  However, the package doesn't install random docs.
That is planned for a future update seperate from the upstream
updates.

-----

Asterisk 1.6.1.13:

The release of Asterisk 1.6.1.13 resolved several issues reported
by the community, and would have not been possible without your
participation. Thank you!

* Restarts busydetector (if enabled) when DTMF is received after
  call is bridged
  (Closes issue #16389. Reported, Tested, Patched by alecdavis.)

* Send parking lot announcement to the channel which parked the
  call, not the park-ee.
  (Closes issue #16234. Reported, Tested by yeshuawatso.  Patched
    by tilghman.)

* When the field is blank, don't warn about the field being unable
  to be coerced just skip the column.
  (Closes
    http://lists.digium.com/pipermail/asterisk-dev/2009-December/041362.html)
    Reported by Nic Colledge on the -dev list.)

* Don't queue frames to channels that have no means to process
  them.
  (Closes issue #15609. Reported, Tested by aragon. Patched by
    tilghman.)

* Fixes holdtime playback issue in app_queue.
  (Closes issue #16168. Reported, Patched by nickilo. Tested by
  wonderg, nickilo.)

A summary of changes in this release can be found in the release
summary:
http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-1.6.1.13-summary.t
xt

For a full list of changes in this releases, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.1.13

-----

Asterisk 1.6.1.14:

The releases of Asterisk 1.6.0.22, 1.6.1.14, and 1.6.2.2 include
the fix described in security advisory AST-2010-001.

The issue is that an attacker attempting to negotiate T.38 over
SIP can remotely crash Asterisk by modifying the FaxMaxDatagram
field of the SDP to contain either a negative or exceptionally
large value.  The same crash will occur when the FaxMaxDatagram
field is omitted from the SDP, as well.

For more information about the details of this vulnerability, please
read the security advisory AST-2009-009, which was released at the
same time as this announcement.

For a full list of changes in the current releases, please see the
ChangeLog:

http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.1.14

Security advisory AST-2010-001 is available at:

http://downloads.asterisk.org/pub/security/AST-2010-001.pdf

-----

Asterisk 1.6.1.16:

The releases of Asterisk 1.2.40, 1.4.29.1, 1.6.0.24, 1.6.1.16, and
1.6.2.4 include documention describing a possible dialplan string
injection with common usage of the ${EXTEN} (and other expansion
variables). The issue and resolution are described in the AST-2010-002
security advisory.

If you have a channel technology which can accept characters other
than numbers and letters (such as SIP) it may be possible to craft
an INVITE which sends data such as 300&Zap/g1/4165551212 which
would create an additional outgoing channel leg that was not
originally intended by the dialplan programmer.

Please note that this is not limited to an specific protocol or
the Dial() application.

The expansion of variables into programmatically-interpreted strings
is a common behavior in many script or script-like languages,
Asterisk included. The ability for a variable to directly replace
components of a command is a feature, not a bug - that is the entire
point of string expansion.

However, it is often the case due to expediency or design
misunderstanding that a developer will not examine and filter string
data from external sources before passing it into potentially
harmful areas of their dialplan.

With the flexibility of the design of Asterisk come these risks if
the dialplan designer is not suitably cautious as to how foreign
data is allowed to enter the system unchecked.

This security release is intended to raise awareness of how it is
possible to insert malicious strings into dialplans, and to advise
developers to read the best practices documents so that they may
easily avoid these dangers.

For more information about the details of this vulnerability, please
read the security advisory AST-2010-002, which was released at the
same time as this announcement.

For a full list of changes in the current releases, please see the
ChangeLog:

http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.1.16

Security advisory AST-2010-002 is available at:

http://downloads.asterisk.org/pub/security/AST-2010-002.pdf

The README-SERIOUSLY.bestpractices.txt document is available in
the top-level directory of your Asterisk sources, or available in
all Asterisk branches from 1.2 and up.

http://svn.asterisk.org/svn/asterisk/trunk/README-SERIOUSLY.bestpractices.txt

-----

Asterisk 1.6.1.17:

The releases of Asterisk 1.6.0.25, 1.6.1.17, and 1.6.2.5 resolve
an issue with invalid parsing of ACL (Access Control List) rules
leading to a possible compromise in security. The issue and resolution
are described in the AST-2010-003 security advisory.

For more information about the details of this vulnerability, please
read the security advisory AST-2010-003, which was released at the
same time as this announcement.

For a full list of changes in the current releases, please see the
ChangeLog:

http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.1.17

Security advisory AST-2010-003 is available at:

http://downloads.asterisk.org/pub/security/AST-2010-003.pdf

-----

(jnemeth)

Change one of the two cmus update entries into one for the cmus-unofficial
removal. Fix two dates.

(wiz)

Updated textproc/p5-Data-FormValidator to 4.66

(sno)

Updating textproc/p5-Data-FormValidator from 4.65 to 4.66

Upstream changes:
4.66 Wed Feb 24 09:30:17 EST 2010
    [DOCUMENTATION]
    - Typo fixes (Jonathan Yu)

    [INTERNALS]
    - Test suite fix for 5.11.1 and newer.

(sno)

Updated audio/cmus to 2.3.0rc1

(ahoka)

Update to the 2.3.0 RC1 version.

(ahoka)

Retire cmus-unofficial, its the official branch now. \o/

(ahoka)

note update of net/filezilla to 3.3.2

(zafer)

Pullup ticket #3026.

(tron)

Pullup ticket #3026 - requested by spz
curl: security update

Revisions pulled up:
- www/curl/Makefile 1.96
- www/curl/distinfo 1.64
- www/curl/patches/patch-ab delete
---
Module Name:    pkgsrc
Committed By:  wiz
Date:          Tue Feb 16 12:51:44 UTC 2010

Modified Files:
        pkgsrc/www/curl: Makefile distinfo
Removed Files:
        pkgsrc/www/curl/patches: patch-ab

Log Message:
Update to 7.20.0:

Version 7.20.0 (9 February 2010)

Daniel Stenberg (9 Feb 2010)
- When downloading compressed content over HTTP and the app asked libcurl to
  automatically uncompress it with the CURLOPT_ENCODING option, libcurl could
  wrongly provide the callback with more data than the maximum documented
  amount. An application could thus get tricked into badness if the maximum
  limit was trusted to be enforced by libcurl itself (as it is documented).

  This is further detailed and explained in the libcurl security advisory
  20100209 at

    http://curl.haxx.se/docs/adv_20100209.html

Daniel Fandrich (3 Feb 2010)
- Changed the Watcom makefiles to make them easier to keep in sync with
  Makefile.inc since that can't be included directly.

Yang Tse (2 Feb 2010)
- Symbol CURL_FORMAT_OFF_T now obsoleted, will be removed in a future release,
  symbol will not be available when building with CURL_NO_OLDIES defined. Use
  of CURL_FORMAT_CURL_OFF_T is preferred since 7.19.0

Daniel Stenberg (1 Feb 2010)
- Using the multi_socket API, it turns out at times it seemed to "forget"
  connections (which caused a hang). It turned out to be an existing (7.19.7)
  bug in libcurl (that's been around for a long time) and it happened like
  this:

  The app calls curl_multi_add_handle() to add a new easy handle, libcurl will
  then set it to timeout in 1 millisecond so libcurl will tell the app about
  it.

  The app's timeout fires off that there's a timeout, the app calls libcurl as
  we so often document it:

  do {
  res = curl_multi_socket_action(... TIMEOUT ...);
  } while(CURLM_CALL_MULTI_PERFORM == res);

  And this is the problem number one:

  When curl_multi_socket_action() is called with no specific handle, but only
  a timeout-action, it will *only* perform actions within libcurl that are
  marked to run at this time. In this case, the request would go from INIT to
  CONNECT and return CURLM_CALL_MULTI_PERFORM. When the app then calls libcurl
  again, there's no timer set for this handle so it remains in the CONNECT
  state. The CONNECT state is a transitional state in libcurl so it reports no
  sockets there, and thus libcurl never tells the app anything more about that
  easy handle/connection.

  libcurl _does_ set a 1ms timeout for the handle at the end of
  multi_runsingle() if it returns CURLM_CALL_MULTI_PERFORM, but since the loop
  is instant the new job is not ready to run at that point (and there's no
  code that makes libcurl call the app to update the timout for this new
  timeout). It will simply rely on that some other timeout will trigger later
  on or that something else will update the timeout callback. This makes the
  bug fairly hard to repeat.

  The fix made to adress this issue:

  We introduce a loop in lib/multi.c around all calls to multi_runsingle() and
  simply check for CURLM_CALL_MULTI_PERFORM internally. This has the added
  benefit that this goes in line with my long-term wishes to get rid of the
  CURLM_CALL_MULTI_PERFORM all together from the public API.

  The downside of this fix, is that the counter we return in 'running_handles'
  in several of our public functions then gets a slightly new and possibly
  confusing behavior during times:

  If an app adds a handle that fails to connect (very quickly) it may just
  as well never appear as a 'running_handle' with this fix. Previously it
  would first bump the counter only to get it decreased again at next call.
  Even I have used that change in handle counter to signal "end of a
  transfer". The only *good* way to find the end of a individual transfer
  is calling curl_multi_info_read() to see if it returns one.

  Of course, if the app previously did the looping before it checked the
  counter, it really shouldn't be any new effect.

Yang Tse (26 Jan 2010)
- Constantine Sapuntzakis' and Joshua Kwan's work done in the last four months
  relative to the asynchronous DNS lookups, along with with some integration
  adjustments I have done are finally committed to CVS.

  Currently these enhancements will benefit builds done using c-ares on any
  platform as well as Windows builds using the default threaded resolver.

  This release does not make generally available POSIX threaded DNS lookups
  yet. There is no configure option to enable this feature yet. It is possible
  to experimantally try this feature running configure with compiler flags that
  make simultaneous definition of preprocessor symbols USE_THREADS_POSIX and
  HAVE_PTHREAD_H, as well as whatever reentrancy compiler flags and linker ones
  are required to link and properly use pthread_* functions on each platform.

Daniel Stenberg (26 Jan 2010)
- Mike Crowe made libcurl return CURLE_COULDNT_RESOLVE_PROXY when it is the
  proxy that cannot be resolved when using c-ares. This matches the behaviour
  when not using c-ares.

Bj
- Added a new flag: -J/--remote-header-name. This option tells the
  -O/--remote-name option to use the server-specified Content-Disposition
  filename instead of extracting a filename from the URL.

Daniel Stenberg (21 Jan 2010)
- Chris Conroy brought support for RTSP transfers, and with it comes 8(!) new
  libcurl options for controlling what to get and how to receive posssibly
  interleaved RTP data.

Daniel Stenberg (20 Jan 2010)
- As was pointed out on the http-state mailing list, the order of cookies in a
  HTTP Cookie: header _needs_ to be sorted on the path length in the cases
  where two cookies using the same name are set more than once using
  (overlapping) paths. Realizing this, identically named cookies must be
  sorted correctly. But detecting only identically named cookies and take care
  of them individually is harder than just to blindly and unconditionally sort
  all cookies based on their path lengths. All major browsers also already do
  this, so this makes our behavior one step closer to them in the cookie area.

  Test case 8 was the only one that broke due to this change and I updated it
  accordingly.

Daniel Stenberg (19 Jan 2010)
- David McCreedy brought a fix and a new test case (129) to make libcurl work
  again when downloading files over FTP using ASCII and it turns out that the
  final size of the file is not the same as the initial size the server
  reported. This is very common since servers don't take the newline
  conversions into account.

Kamil Dudka (14 Jan 2010)
- Suppressed side effect of OpenSSL configure checks, which prevented NSS from
  being properly detected under certain circumstances. It had been caused by
  strange behavior of pkg-config when handling PKG_CONFIG_LIBDIR. pkg-config
  distinguishes among empty and non-existent environment variable in that case.

Daniel Stenberg (12 Jan 2010)
- Gil Weber reported a peculiar flaw with the multi interface when doing SFTP
  transfers: curl_multi_fdset() would return -1 and not set and file
  descriptors several times during a transfer of a single file. It turned out
  to be due to two different flaws now fixed. Gil's excellent recipe helped me
  nail this.

Daniel Stenberg (11 Jan 2010)
- Made sure that the progress callback is repeatedly called at a regular
  interval even during very slow connects.

- The tests/runtests.pl script now checks to see if the test case that runs is
  present in the tests/data/Makefile.am and outputs a notice message on the
  screen if not. Each test file has to be included in that Makefile.am to get
  included in release archives and forgetting to add files there is a common
  mistake. This is an attempt to make it harder to forget.

Daniel Stenberg (9 Jan 2010)
- Johan van Selst found and fixed a OpenSSL session ref count leak:

  ossl_connect_step3() increments an SSL session handle reference counter on
  each call. When sessions are re-used this reference counter may be
  incremented many times, but it will be decremented only once when done (by
  Curl_ossl_session_free()); and the internal OpenSSL data will not be freed
  if this reference count remains positive. When a session is re-used the
  reference counter should be corrected by explicitly calling
  SSL_SESSION_free() after each consecutive SSL_get1_session() to avoid
  introducing a memory leak.

  (http://curl.haxx.se/bug/view.cgi?id=2926284)

Daniel Stenberg (7 Jan 2010)
- Make sure the progress callback is called repeatedly even during very slow
  name resolves when c-ares is used for resolving.

Claes Jakobsson (6 Jan 2010)
- Julien Chaffraix fixed so that the fragment part in an URL is not sent
  to the server anymore.

Kamil Dudka (3 Jan 2010)
- Julien Chaffraix eliminated a duplicated initialization in singlesocket().

Daniel Stenberg (2 Jan 2010)
- Make curl support --ssl and --ssl-reqd instead of the previous FTP-specific
  versions --ftp-ssl and --ftp-ssl-reqd as these options are now used to
  control SSL/TLS for IMAP, POP3 and SMTP as well in addition to FTP. The old
  option names are still working but the new ones are the ones listed and
  documented.

Daniel Stenberg (1 Jan 2010)
- Ingmar Runge enhanced libcurl's FTP engine to support the PRET command. This
  command is a special "hack" used by the drftpd server, but even though it is
  a custom extension I've deemed it fine to add to libcurl since this server
  seems to survive and people keep using it and want libcurl to support
  it. The new libcurl option is named CURLOPT_FTP_USE_PRET, and it is also
  usable from the curl tool with --ftp-pret. Using this option on a server
  that doesn't support this command will make libcurl fail.

  I added test cases 1107 and 1108 to verify the functionality.

  The PRET command is documented at
  http://www.drftpd.org/index.php/Distributed_PASV

Yang Tse (30 Dec 2009)
- Steven M. Schweda improved VMS build system, and Craig A. Berry helped
  with the patch and testing.

Daniel Stenberg (26 Dec 2009)
- Renato Botelho and Peter Pentchev brought a patch that makes the libcurl
  headers work correctly even on FreeBSD systems before v8.

  (http://curl.haxx.se/bug/view.cgi?id=2916915)

Daniel Stenberg (17 Dec 2009)
- David Byron fixed Curl_ossl_cleanup to actually call ENGINE_cleanup when
  available.

- Follow-up fix for the proxy fix I did for Jon Nelson's bug. It turned out I
  was a bit too quick and broke test case 1101 with that change. The order of
  some of the setups is sensitive. I now changed it slightly again to make
  sure we do them in this order:

  1 - parse URL and figure out what protocol is used in the URL
  2 - prepend protocol:// to URL if missing
  3 - parse name+password off URL, which needs to know what protocol is used
      (since only some allows for name+password in the URL)
  4 - figure out if a proxy should be used set by an option
  5 - if no proxy option, check proxy environment variables
  6 - run the protocol-specific setup function, which needs to have the proxy
      already set

Daniel Stenberg (15 Dec 2009)
- Jon Nelson found a regression that turned out to be a flaw in how libcurl
  detects and uses proxies based on the environment variables. If the proxy
  was given as an explicit option it worked, but due to the setup order
  mistake proxies would not be used fine for a few protocols when picked up
  from '[protocol]_proxy'. Obviously this broke after 7.19.4. I now also added
  test case 1106 that verifies this functionality.

  (http://curl.haxx.se/bug/view.cgi?id=2913886)

Daniel Stenberg (12 Dec 2009)
- IMAP, POP3 and SMTP support and their TLS versions (including IMAPS, POP3S
  and SMTPS) are now supported. The current state may not yet be solid, but
  the foundation is in place and the test suite has some initial support for
  these protocols. Work will now persue to make them nice libcurl citizens
  until release.

  The work with supporting these new protocols was sponsored by
  networking4all.com - thanks!

Daniel Stenberg (10 Dec 2009)
- Siegfried Gyuricsko found out that the curl manual said --retry would retry
  on FTP errors in the transient 5xx range. Transient FTP errors are in the
  4xx range. The code itself only tried on 5xx errors that occured _at login_.
  Now the retry code retries on all FTP transfer failures that ended with a
  4xx response.

  (http://curl.haxx.se/bug/view.cgi?id=2911279)

- Constantine Sapuntzakis figured out a case which would lead to libcurl
  accessing alredy freed memory and thus crash when using HTTPS (with
  OpenSSL), multi interface and the CURLOPT_DEBUGFUNCTION and a certain order
  of cleaning things up. I fixed it.

  (http://curl.haxx.se/bug/view.cgi?id=2905220)

Daniel Stenberg (7 Dec 2009)
- Martin Storsjo made libcurl use the Expect: 100-continue header for posts
  with unknown size. Previously it was only used for posts with a known size
  larger than 1024 bytes.

Daniel Stenberg (1 Dec 2009)
- If the Expect: 100-continue header has been set by the application through
  curl_easy_setopt with CURLOPT_HTTPHEADER, the library should set
  data->state.expect100header accordingly - the current code (in 7.19.7 at
  least) doesn't handle this properly. Martin Storsjo provided the fix!

Yang Tse (28 Nov 2009)
- Added Diffie-Hellman parameters to several test harness certificate files in
  PEM format. Required by several stunnel versions used by our test harness.

Daniel Stenberg (28 Nov 2009)
- Markus Koetter provided a polished and updated version of Chad Monroe's TFTP
  rework patch that now integrates TFTP properly into libcurl so that it can
  be used non-blocking with the multi interface and more. BLKSIZE also works.

  The --tftp-blksize option was added to allow setting the TFTP BLKSIZE from
  the command line.

Daniel Stenberg (26 Nov 2009)
- Extended and fixed the change I did on Dec 11 for the the progress
  meter/callback during FTP command/response sequences. It turned out it was
  really lame before and now the progress meter SHOULD get called at least
  once per second.

Daniel Stenberg (23 Nov 2009)
- Bjorn Augustsson reported a bug which made curl not report any problems even
  though it failed to write a very small download to disk (done in a single
  fwrite call). It turned out to be because fwrite() returned success, but
  there was insufficient error-checking for the fclose() call which tricked
  curl to believe things were fine.

Yang Tse (23 Nov 2009)
- David Byron modified Makefile.dist vc8 and vc9 targets in order to allow
  finer granularity control when generating src and lib makefiles.

Yang Tse (22 Nov 2009)
- I modified configure to force removal of the curlbuild.h file included in
  distribution tarballs for use by non-configure systems. As intended, this
  would get overwriten when doing in-tree builds. But VPATH builds would end
  having two curlbuild.h files, one in the source tree and another in the
  build tree. With the modification I introduced 5 Nov 2009 this could become
  an issue when running libcurl's test suite.

Daniel Stenberg (20 Nov 2009)
- Constantine Sapuntzakis identified a write after close, as the sockets were
  closed by libcurl before the SSL lib were shutdown and they may write to its
  socket. Detected to at least happen with OpenSSL builds.

- Jad Chamcham pointed out a bug with connection re-use. If a connection had
  CURLOPT_HTTPPROXYTUNNEL enabled over a proxy, a subsequent request using the
  same proxy with the tunnel option disabled would still wrongly re-use that
  previous connection and the outcome would only be badness.

Yang Tse (18 Nov 2009)
- I modified the memory tracking system to make it intolerant with zero sized
  malloc(), calloc() and realloc() function calls.

Daniel Stenberg (17 Nov 2009)
- Constantine Sapuntzakis provided another fix for the DNS cache that could
  end up with entries that wouldn't time-out:

  1. Set up a first web server that redirects (307) to a http://server:port
    that's down
  2. Have curl connect to the first web server using curl multi

  After the curl_easy_cleanup call, there will be curl dns entries hanging
  around with in_use != 0.

  (http://curl.haxx.se/bug/view.cgi?id=2891591)

- Marc Kleine-Budde fixed: curl saved the LDFLAGS set during configure into
  its pkg-config file.  So -Wl stuff ended up in the .pc file, which is really
  bad, and breaks if there are multiple -Wl in our LDFLAGS (which are in
  PTXdist). bug #2893592 (http://curl.haxx.se/bug/view.cgi?id=2893592)

Kamil Dudka (15 Nov 2009)
- David Byron improved the configure script to use pkg-config to find OpenSSL
  (and in particular the list of required libraries) even if a path is given
  as argument to --with-ssl

Yang Tse (15 Nov 2009)
- I removed enable-thread / disable-thread configure option. These were only
  placebo options. The library is always built as thread safe as possible on
  every system.

Claes Jakobsson (14 Nov 2009)
- curl-config now accepts '--configure' to see what arguments was
  passed to the configure script when building curl.

Daniel Stenberg (14 Nov 2009)
- Claes Jakobsson restored the configure functionality to detect NSS when
  --with-nss is set but not "yes".

  I think we can still improve that to check for pkg-config in that path etc,
  but at least this patch brings back the same functionality we had before.

- Camille Moncelier added support for the file type SSL_FILETYPE_ENGINE for
  the client certificate. It also disable the key name test as some engines
  can select a private key/cert automatically (When there is only one key
  and/or certificate on the hardware device used by the engine)

Yang Tse (14 Nov 2009)
- Constantine Sapuntzakis provided the fix that ensures that an SSL connection
  won't be reused unless protection level for peer and host verification match.

  I refactored how preprocessor symbol _THREAD_SAFE definition is done.

Kamil Dudka (12 Nov 2009)
- Kevin Baughman provided a fix preventing libcurl-NSS from crash on doubly
  closed NSPR descriptor. The issue was hard to find, reported several times
  before and always closed unresolved. More info at the RH bug:
  https://bugzilla.redhat.com/534176

- libcurl-NSS now tries to reconnect with TLS disabled in case it detects
  a broken TLS server. However it does not happen if SSL version is selected
  manually. The approach was originally taken from PSM. Kaspar Brand helped me
  to complete the patch. Original bug reports:
  https://bugzilla.redhat.com/525496
  https://bugzilla.redhat.com/527771

Yang Tse (12 Nov 2009)
- I modified configure script to make the getaddrinfo function check also
  verify if the function is thread safe.

Yang Tse (11 Nov 2009)
- Marco Maggi reported that compilation failed when configured --with-gssapi
  and GNU GSS installed due to a missing mutual exclusion of header files in
  the Kerberos 5 code path. He also verified that my patch worked for him.

Daniel Stenberg (11 Nov 2009)
- Constantine Sapuntzakis posted bug #2891595
  (http://curl.haxx.se/bug/view.cgi?id=2891595) which identified how an entry
  in the DNS cache would linger too long if the request that added it was in
  use that long. He also provided the patch that now makes libcurl capable of
  still doing a request while the DNS hash entry may get timed out.

- Christian Schmitz noticed that the progress meter/callback was not properly
  used during the FTP connection phase (after the actual TCP connect), while
  it of course should be. I also made the speed check get called correctly so
  that really slow servers will trigger that properly too.

Kamil Dudka (5 Nov 2009)
- Dropped misleading timeouts in libcurl-NSS and made sure the SSL socket works
  in non-blocking mode.

Yang Tse (5 Nov 2009)
- I removed leading 'curl' path on the 'curlbuild.h' include statement in
  curl.h, adjusting auto-makefiles include path, to enhance portability to
  OS's without an orthogonal directory tree structure such as OS/400.

Daniel Stenberg (4 Nov 2009)
- I fixed several problems with the transfer progress meter. It showed the
  wrong percentage for small files, most notable for <1000 bytes and could
  easily end up showing more than 100% at the end. It also didn't show any
  percentage, transfer size or estimated transfer times when transferring
  less than 100 bytes.

(tron)

+ aria2-1.8.3, asterisk16-1.6.2.5, auctex-11.86, calibre-0.6.43,
  confuse-2.7, darcs-2.4, doxygen-1.8.3, etm-554, fbreader-0.12.5.1,
  fotoxx-9.6, gdal-lib-1.7.1 [pkg/42891], highlight-2.15, hylafax-5.4.1,
  john-1.7.5, jpeg-8a, json-glib-0.10.2, lame-3.98.3, libgdata-0.6.2,
  libproxy-0.4.0, libspectre-0.2.4, midori-0.2.3, mimedefang-2.68,
  mined-2000.16, mksh-39c, monit-5.1.1, mpg123-1.10.1, png-1.4.1,
  puzzles-8887, py-bsddb3-4.8.3, py-dbus-0.83.1, py-gdata-2.0.8
  [pkg/42892], py-lxml-2.2.5, py-pyrex-0.9.8.6, rhythmbox-0.12.7,
  samba-3.4.6, samba33-3.3.11, tea-27.0.0, tor-0.2.1.24,
  x264-devel-20100227, xdelta3-3.0y, xf86-video-vmware-11.0.0,
  xine-lib-1.1.18.

(wiz)

Add a gnome option, enabled by default.
Fix PR pkg/42854, applying a similar patch.

Remove the dependency on gtk-doc, it wasn't used.

(tonio)

Update filezilla to 3.3.2

Changelog:

* *nix: Add support for forward and backward mouse buttons
* Speed limits can be re-enabled on SFTP connections
* Changed settings did not come into effect unless FileZilla was restarted
* Small performance improvements
* Spelling fixes
* Rebuilt due to timer problems
* Speed limits can be quickly set using the menu and a new indicator in the status bar
* Display number of bytes transferred and duration of transfer in log
* MSW: React to back button of mouse in file lists
* Updated blukis icon set
* Refactored large parts of the toolbar and menubar code
* A race condition in the socket code could lead to crashes
* Fix connecting to addresses longer than 15 characters if using SOCKS proxy
* Get add to queue in local directory tree context menu working again
* Do not open request dialogs if user is holding a mouse button
* Forward all Ctrl+Tab key events to tab bar
* Do not report SFTP exitcodes that do not originate from the server

(zafer)

override GAMEMODE as well

(tnn)

Fix GAMES_USER handling in unprivileged mode.
ok joerg

(tnn)

Update to version 20.

----------------
Release 20
----------------
    * Fixes: model names starting with a number (1n4001) are now correctly parsed. The .global
      command has been reinstated (it was previously disabled) and error messages now display
      the corresponding line numberin the input deck.
    * New Features: .measure command for transient, ac and dc analyses (still not complete, e.g.
      DERIV is missing).
    * Devices: Updated BISM4 model to revision 4.6.5. Added PWL (PieceWise Linear) functionality
      for B (arbitrary generator) sources.

----------------
Release 19
----------------
Reveals an important work in compile scripts, many bug fixes in memory management, interface, and
work in device models.

    * Compile scripts: tclspice and ADMS compiling fixes. Architecture compiling fixes for SunOS,
      MS Visual Studio, MINGW, Cygwin.
    * Memory management: fixed memory leaks, modifies memory management for MS Windos, integration of
      espice bugfixes and enhancements, bug fixes in plots and cli interface.
    * Rework of BSim models, integration of EPFL-EKV model V2.63, ADMS models mextram, hicum0, hicum2.

----------------
Release 18
----------------
Rework-18 is introduces several new features into ngspice. This is a major
release that comes after more than three years. During the silent years
ngspice developers worked in CVS to stabilize and introduce new features
into the simulator.

- Tclspice simulator library has been merged with ngspice. Now you can
  compile ngapice or tclspice by asserting a configure switch. See README.tcl
- New options have been introduced: brief, listing, autostop and scale
- Support for .lib file has been introduced. This allows the use of
  third party model libraries in ngspice.
- .measure statements: avg, integ, rms, max, min, delay, param
- .global statements t support for global nodes whose name is not expanded
  when flattening the netlist.
- .func macros for inlining functions into netlists.
- Improved the numparam library to support fully parametrized netlists.
- BSIM model binning.
- new multi-input gate VCVS using XSPICE extensions.

(dmcmahill)

Updated cad/geda to 1.6.1

(dmcmahill)

Update to version 1.6.1

Release notes for the gEDA/gaf 1.6.1-20100214 stable release

  Summary
    __________________________________________________________________

  This is the second stable release of the 1.6.x series. The purpose of
      this release is bug fixing.
      Major highlights of this snapshot include (in mostly random order):
      General:

    * Added and updated lots of language translations in libgeda, gschem,
      and gattrib. (Courtesy of language translators and Launchpad)
    * The updated or new language translations are: af, ar, bg, de,
      en_GB, es, fa, fr, he, hu, it, ja, ml, nl, pl, pt_BR, pt, ru, tr,
      zh_CN, and zh_TW

  libgeda/gschem:
    * Added accelerator mnemonics for root menus in gschem

  gnetlist:
    * none

  gsymcheck:
    * none

  gattrib:
    * none

  utilities:
    * none

  symbols:
    * none

  documentation:
    * Updated the shipped documentation from the online wiki

  examples:
    * none

  Bugs fixed:
    * [1]2876373: Fix rendering with zoomed out dashed lines
    * [2]2901183: Fix for some manpage issues
    * [3]2904715: Don't update page connectivity from o_place_rotate()
    * [4]2949232: Fix slot editing routines to not edit inherited
      attributes
    * Cherry picked some other bug fixes from master that really should
      be in this bug fixing release

  The above is only a summary of the changes in this release. You can
  view all the commits/changes/authors for this [5]release (v1.6.1).

  NOTE: This is an stable release and should be packaged up by
  distribution package maintainers.

(dmcmahill)

remove out of date geda TODO

(dmcmahill)

update cad/verilog-current to 20090923

(dmcmahill)

Update to the 20090923 snapshot.

It has been a long time since the last update to this snapshot package.
Besides the various upstream changes, also

- add LICENSE
- add DESTDIR support (partially enabled by upstream fixes)

Release Notes for Snapshot 20090923

This is the first snapshot after the split from the 0.9
release. Mostly, this snapshot is loaded with 7 months worth of bug
fixes.

(dmcmahill)

pullup #3027, #3028, #3029

(spz)

Pullup ticket 3029 - requested by taca
security patch

Revisions pulled up:
- pkgsrc/x11/wxGTK28/Makefile 1.8
- pkgsrc/x11/wxGTK28/Makefile.common 1.5
- pkgsrc/x11/wxGTK28/distinfo 1.8
- pkgsrc/x11/wxGTK28/patches/patch-ba 1.2
- pkgsrc/x11/wxGTK28/patches/patch-bb 1.2
- pkgsrc/x11/wxGTK28/patches/patch-ca 1.2

Files added:
pkgsrc/x11/wxGTK28/patches/patch-cb

  --------------------------------------------------------------------
  Module Name:    pkgsrc
  Committed By:  taca
  Date:          Tue Feb 16 17:38:14 UTC 2010

  Modified Files:
          pkgsrc/x11/wxGTK28: Makefile Makefile.common distinfo
          pkgsrc/x11/wxGTK28/patches: patch-ba patch-bb patch-ca
  Added Files:
          pkgsrc/x11/wxGTK28/patches: patch-cb

  Log Message:
  * Add patches for CVE-2009-2369 and CVE-2009-2625.
  * Use textproc/expat to fix CVE-2009-3720.

  Bump PKGREVISION.

  To generate a diff of this commit:
  cvs rdiff -u -r1.7 -r1.8 pkgsrc/x11/wxGTK28/Makefile \
      pkgsrc/x11/wxGTK28/distinfo
  cvs rdiff -u -r1.4 -r1.5 pkgsrc/x11/wxGTK28/Makefile.common
  cvs rdiff -u -r1.1 -r1.2 pkgsrc/x11/wxGTK28/patches/patch-ba \
      pkgsrc/x11/wxGTK28/patches/patch-bb pkgsrc/x11/wxGTK28/patches/patch-ca
  cvs rdiff -u -r0 -r1.1 pkgsrc/x11/wxGTK28/patches/patch-cb

(spz)

Pullup ticket 3028 - requested by taca
security patch

Revisions pulled up:
- pkgsrc/x11/wxGTK26/Makefile 1.5
- pkgsrc/x11/wxGTK26/distinfo 1.4

Files added:
pkgsrc/x11/wxGTK26/patches/patch-ae
pkgsrc/x11/wxGTK26/patches/patch-af
pkgsrc/x11/wxGTK26/patches/patch-ag
pkgsrc/x11/wxGTK26/patches/patch-ah

  --------------------------------------------------------------------
  Module Name:    pkgsrc
  Committed By:  taca
  Date:          Tue Feb 16 17:35:34 UTC 2010

  Modified Files:
          pkgsrc/x11/wxGTK26: Makefile distinfo
  Added Files:
          pkgsrc/x11/wxGTK26/patches: patch-ae patch-af patch-ag patch-ah

  Log Message:
  Add patches for CVE-2009-2369 and CVE-2009-2625.

  Bump PKGREVISION.

  To generate a diff of this commit:
  cvs rdiff -u -r1.4 -r1.5 pkgsrc/x11/wxGTK26/Makefile
  cvs rdiff -u -r1.3 -r1.4 pkgsrc/x11/wxGTK26/distinfo
  cvs rdiff -u -r0 -r1.1 pkgsrc/x11/wxGTK26/patches/patch-ae \
      pkgsrc/x11/wxGTK26/patches/patch-af pkgsrc/x11/wxGTK26/patches/patch-ag \
      pkgsrc/x11/wxGTK26/patches/patch-ah

(spz)

Pullup ticket 3027 - requested by taca
security patch

Revisions pulled up:
- pkgsrc/x11/wxGTK24/Makefile 1.11
- pkgsrc/x11/wxGTK24/distinfo 1.10

Files added:
pkgsrc/x11/wxGTK24/patches/patch-am
pkgsrc/x11/wxGTK24/patches/patch-an
pkgsrc/x11/wxGTK24/patches/patch-ao
pkgsrc/x11/wxGTK24/patches/patch-ap

  --------------------------------------------------------------------
  Module Name:    pkgsrc
  Committed By:  taca
  Date:          Tue Feb 16 17:33:39 UTC 2010

  Modified Files:
          pkgsrc/x11/wxGTK24: Makefile distinfo
  Added Files:
          pkgsrc/x11/wxGTK24/patches: patch-am patch-an patch-ao patch-ap

  Log Message:
  Add patches for CVE-2009-2625 and CVE-2009-2369.

  Bump PKGREVISION.

  To generate a diff of this commit:
  cvs rdiff -u -r1.10 -r1.11 pkgsrc/x11/wxGTK24/Makefile
  cvs rdiff -u -r1.9 -r1.10 pkgsrc/x11/wxGTK24/distinfo
  cvs rdiff -u -r0 -r1.1 pkgsrc/x11/wxGTK24/patches/patch-am \
      pkgsrc/x11/wxGTK24/patches/patch-an pkgsrc/x11/wxGTK24/patches/patch-ao \
      pkgsrc/x11/wxGTK24/patches/patch-ap

(spz)

Note update of www/typolight28 package to 2.8.1.

(taca)

Update typolight28 package to 2.8.1.

pkgsrc chage: switch to user-destdir.

2.8.1 (2010-02-28)

* Added: different update modes for overriding multiple group memberships
* Fixed: the install tool does not handle equals sings in passwords (#1338)
* Fixed: articles drop-down menu in news/events is causing a fatal error (#1593)
* Fixed: several issues in the Comments class (BBCode parser)
* Fixed: image link elements do not support the new image resize options (#1585)
* Fixed: table sort script interchanges the classes even and odd (#1589)
* Fixed: inconsistent file tree behavior (#1582)
* Fixed: Date class not supporting negative Unix timestamps (#1591)
* Fixed: apply file permissions to image thumbnails when the Safe Mode
Hack is used (#1398)
* Fixed: several issues with the new calendar/event list navigation (#1584)
* Fixed: Widget class not validating the maximum input length (#1578)
* Fixed: relative URLs in RSS feeds are not converted to absolute URLs (#1596)
* Fixed: the toggleVisibilty() methods do not support save_callbacks
and versioning
* Fixed: access control for comments is missing in the new comments module
* Fixed: no active record available in onsubmit_callbacks in
"override multiple" mode
* Fixed: Swiff does not check whether the Flash plugins is available (#1601)
* Fixed: navigation module start/stop levels fail if there is a reference
page (#1607)
* Fixed: the style sheet module does not show an error if a file is not
writeable (#1598)
* Fixed: FancyUpload does not work in the popup file manager (#1608)
* Fixed: wrong thumbnail size if only height and maximum front end width
are given
* Fixed: file manager does not urlencode filenames (#1616)
* Fixed: not all elements and modules pass the data array to the view (#1604)
* Fixed some minor issues

(taca)

Updated memcached to 1.4.4

(morr)

Note update of www/typolight28-translations package to 20100226.

(taca)

Update typolight28-translation package to 20100226.

Czech and Italian language files are updated.

(taca)

Updated qemu to 0.12.3

(tnn)

Update to qemu-0.12.3.
Changes: assorted bugfixes

(tnn)

Updated x11/py-qt4 to 4.7nb2

(wiz)

drochner noted that patch-ac is wrong (the original is correct for
Python 3) and suggested not installing the .pyc files.

Follow his advice and bump PKGREVISION.

(wiz)

Mention that '_' is the same as '.'.
Noted missing by Aleksey Cheusov in PR 41148.

(wiz)

Updated to release 1.4.4.
Release notes:

http://code.google.com/p/memcached/wiki/ReleaseNotes144

Reviewed by <joerg>

(morr)

zsh-4.3.10.

(snj)

Update to 4.3.10.

Some highlighted changes (for full details, see the ChangeLog):

The command "emulate <mode> -c ..." evaluates an expression in a given
emulation.  The emulation is sticky for functions defined within the
expression.

The variable CORRECT_IGNORE gives a pattern that can be ignored
in spelling correction.  CORRECT_IGNORE='_*' ignores completion functions.

The option POSIX_ALIASES improves compatibility of aliases with other
shells.

The variable ZSH_PATCHLEVEL can be used to test for unreleased versions of
the shell; it is present but less useful in released versions.

The variables ZLE_REMOVE_SUFFIX_CHARS and ZLE_SPACE_SUFFIX_CHARS allow more
control over the way automatically removed suffixes are treated in
completion.

(snj)

BSIZE and BSHIFT are defined by sys/param.h on HP-UX, so undef them
first.

(joerg)

Updated net/dhcpcd to 5.2.1

(roy)

Impport dhcpcd-5.2.1 with a quick build fix.

(roy)

Remove emulators/peace.  It's outdated, and doesn't work on recent NetBSD.

(kent)

Updated net/dhcpcd to 5.2.0

(roy)

Import dhcpcd-5.2.0 with the following changes:
* VendorID is now dhcpcd-$version:$OS-$version:$machine:$platform
* IPv4LL address range can now be used in DHCP requests
* sysctl net.ipv4.conf.$iface.promote_secondaries enabled on Linux
  This resolves a long standing issue of changing ip on the same subnet.
* IPv4LL correctly resets the DHCP timer.

(roy)

delete the summary and cache files in case the dir is writeable, but the
file isn't (as suggested by bouyer@)
fix typo in output message

(spz)

upstream bug tracker says 23331 is fixed.

(tnn)

Updated net/msdl to 1.2.7r1

(obache)

Update msdl to 1.2.7r1.

Version 1.2.7-r1.
-- msdl
* 14th release
* bugfix release to delete MSG_NOSIGNAL and added SIGPIPE,SIG_IGN, for more portability.

(obache)

Note updated of textproc/php-json package to 5.2.13.

This is caused by switching to use json extension bundled with PHP 5.2.13
and not implicit update by lang/php5.

(taca)

Switch to use json extension bundlede with php-5.2.13, fixing PR pkg/42869.

(taca)

Repair this file after the bulk-packge target was broken by DESTDIR support.
The problem is that bulk-package assumed that the package would be installed
as well as built.  When doing DESTDIR builds, make sure we still install
the built packages.

(dmcmahill)

Note update of lang/php5 package to 5.2.13.

(taca)

Reset PKGREVISION.

(taca)

Update php5 package to 5.2.13.

25 Feb 2010, PHP 5.2.13
- Updated timezone database to version 2010.2. (Derick)
- Upgraded bundled PCRE to version 7.9. (Ilia)

- Removed automatic file descriptor unlocking happening on shutdown and/or
  stream close (on all OSes excluding Windows). (Tony, Ilia)

- Changed tidyNode class to disallow manual node creation. (Pierrick)

- Added missing host validation for HTTP urls inside FILTER_VALIDATE_URL.
  (Ilia)

- Improved LCG entropy. (Rasmus, Samy Kamkar)

- Fixed safe_mode validation inside tempnam() when the directory path does
  not end with a /). (Martin Jansen)
- Fixed a possible open_basedir/safe_mode bypass in session extension
  identified by Grzegorz Stachowiak. (Ilia)
- Fixed bug in bundled libgd causing spurious horizontal lines drawn by
  gdImageFilledPolygon (libgd #100). (Takeshi Abe)
- Fixed build of mysqli with MySQL 5.5.0-m2. (Andrey)

- Fixed bug #50940 Custom content-length set incorrectly in Apache sapis.
  (Brian France, Rasmus)
- Fixed bug #50930 (Wrong date by php_date.c patch with ancient gcc/glibc
  versions). (Derick)
- Fixed bug #50859 (build fails with openssl 1.0 due to md2 deprecation).
  (Ilia, hanno at hboeck dot de)
- Fixed bug #50847 (strip_tags() removes all tags greater then 1023 bytes
  long). (Ilia)
- Fixed bug #50832 (HTTP fopen wrapper does not support passwordless HTTP
  authentication). (Jani)
- Fixed bug #50823 (ReflectionFunction::isDeprecated producing "cannot be called
  statically" error). (Jani, Felipe)
- Fixed bug #50791 (Compile failure: Bad logic in defining fopencookie
  emulation). (Jani)
- Fixed bug #50787 (stream_set_write_buffer() has no effect on socket
  streams). (vnegrier at optilian dot com, Ilia)
- Fixed bug #50772 (mysqli constructor without parameters does not return a
  working mysqli object). (Andrey)
- Fixed bug #50761 (system.multiCall crashes in xmlrpc extension). (hiroaki
  dot kawai at gmail dot com, Ilia)
- Fixed bug #50732 (exec() adds single byte twice to $output array). (Ilia)
- Fixed bug #50728 (All PDOExceptions hardcode 'code' property to 0). (Joey,
  Ilia)
- Fixed bug #50727 (Accessing mysqli->affected_rows on no connection causes
  segfault). (Andrey, Johannes)
- Fixed bug #50680 (strtotime() does not support eighth ordinal number).
  (Ilia)
- Fixed bug #50661 (DOMDocument::loadXML does not allow UTF-16). (Rob)
- Fixed bug #50657 (copy() with an empty (zero-byte) HTTP source succeeds but
  returns false). (Ilia)
- Fixed bug #50636 (MySQLi_Result sets values before calling constructor).
  (Pierrick)
- Fixed bug #50632 (filter_input() does not return default value if the
  variable does not exist). (Ilia)
- Fixed bug #50576 (XML_OPTION_SKIP_TAGSTART option has no effect). (Pierrick)
- Fixed bug #50575 (PDO_PGSQL LOBs are not compatible with PostgreSQL 8.5).
  (Matteo)
- Fixed bug #50558 (Broken object model when extending tidy). (Pierrick)
- Fixed bug #50540 (Crash while running ldap_next_reference test cases).
  (Sriram)
- Fixed bug #50508 (compile failure: Conflicting HEADER type declarations).
  (Jani)
- Fixed bug #50394 (Reference argument converted to value in __call). (Stas)
- Fixed bug #49851 (http wrapper breaks on 1024 char long headers). (Ilia)
- Fixed bug #49600 (imageTTFText text shifted right). (Takeshi Abe)
- Fixed bug #49585 (date_format buffer not long enough for >4 digit years).
  (Derick, Adam)
- Fixed bug #49463 (setAttributeNS fails setting default namespace). (Rob)
- Fixed bug #48667 (Implementing Iterator and IteratorAggregate). (Etienne)
- Fixed bug #48590 (SoapClient does not honor max_redirects). (Sriram)
- Fixed bug #48190 (Content-type parameter "boundary" is not case-insensitive
  in HTTP uploads). (Ilia)
- Fixed bug #47601 (defined() requires class to exist when testing for class
  constants). (Ilia)
- Fixed bug #47409 (extract() problem with array containing word "this").
  (Ilia, chrisstocktonaz at gmail dot com)
- Fixed bug #47002 (Field truncation when reading from dbase dbs with more
  then 1024 fields). (Ilia, sjoerd-php at linuxonly dot nl)
- Fixed bug #45599 (strip_tags() truncates rest of string with invalid
  attribute). (Ilia, hradtke)
- Fixed bug #44827 (define() allows :: in constant names). (Ilia)

(taca)

Add destdir support.  There was a custom install-data-local install rule
which was missing $(DESTDIR).

(dmcmahill)

Fix PLIST.  PKGREVISION++

(gdt)

note addition of lua-curl-0.2

(agc)

add and enable lua-curl

(agc)

initial import of lua-curl-0.2 into the packages collection.

Lua support for libcurl.

Connect and communicate to many different types of servers with many
different types of protocols.

This project is not a fork of LuaCURL, which is a direct mapping of
parts of the libcurl-easy interface.

The intent of Lua-cURL is to adapt the

    * Easy Interface
    * Multi Interface
    * Shared Interface

of libcurl to the functionality of Lua (for example by using iterators
instead of callbacks when possible).

Status:

Vendor Tag: TNF
Release Tags: pkgsrc-base

(agc)

LICENSE

(is)

sylpheed-3.0 is out

(tnn)

DESTDIRify.

(is)

thunderbird-3.0.2 done

(tnn)

Update to thunderbird-3.0.2
* Several fixes to improve stability and security.
* Fixes for Thunderbird 2 users upgrading to Thunderbird 3.
* Several fixes to IMAP.

(tnn)

Do not pass down "-I" to the compiler

(joerg)

Do not pass "-I" to the linker.

(joerg)

pbulk-base-0.40:
Don't print all failed/successful jobs at the beginning, just a small
message when it is done.

(joerg)

Updated textproc/p5-Text-vCard to 2.07

(wiz)

Update to 2.07. Set LICENSE.

2.06 Sun 24 Jan 2010 10:02:01 GMT
    - Doc typos (Philip A. Prindeville)
    - Add get_simple_type() and import_data() (Philip A. Prindeville)
    - Doc typos (Philip A. Prindeville)

2.05 Fri  8 Jan 2010 22:28:50 GMT
    - Put back changes which were missed out

2.04 Fri  8 Jan 2010 22:00:20 GMT
    - Improvements to Makefile.PL and require 5.6 - thanks cpanservice
    - Switch to git repo
    - Doc patch

(wiz)

Uppercase first letter of COMMENT.

(wiz)

Updated devel/m4 to 1.4.14

(wiz)

Update to 1.4.14:

* Noteworthy changes in Version 1.4.14 (2010-02-24) [stable]
  Released by Eric Blake, based on git version 1.4.13.*

** Fix regression introduced in 1.4.12 where executing with stdout closed
  could crash m4 on exit on some platforms.

** Fix regressions introduced in 1.4.13 in the `esyscmd' builtin, where
  closed file descriptors could interfere with child execution, and where
  a child status of 127 made m4 print a spurious message to stderr.

** Fix a security hole in 'make dist', present since at least M4 1.4, that
  could affect anybody attempting to redistribute modified sources (see
  Automake CVE-2009-4029).

** A number of portability improvements inherited from gnulib.

(wiz)

Depend on X11 [hi wiz!]

(joerg)