Updated devel/boehm-gc to 7.1

(wiz)

Update to 7.1. Extract from ChangeLog:

* doc/gcinterface.html: Improve C++ interface documentation.
* allchblk.c (GC_allochblk): Check for overflow during size
rounding.
* malloc.c: (free replacement) Fix caller address space check.
* finalize.c (GC_grow_table): Dereference table in null-check.
* allchblk.c (add_to_fl): disable assertions with USE_MUNMAP,
and refine assertions to handle huge unmergable blocks.
* allchblk.c (GC_enough_large_bytes_left): No longer take
parameters; return free list index bound.
(GC_merge_unmapped): Don't access nexthdr until after null test.
(Fixes bug in 1/29/08 check-in.)  (GC_allochblk): Calculate
when splitting is allowable only once here, not when considering each
block. (GC_allchblk_nth): Accept new may_split parameter.
Avoid some redundant tests for exact size matches.
* alloc.c (GC_should_collect): Cache min_bytes_allocd.
(GC_maybe_gc): Make locking assertion testable.
* mark_rts.c: Fix indentation.
* pthread_stop_world.c: Replace old GC_err_printf1 reference.
* misc.c (GC_init_inner): Assert !GC_need_to_lock only when
defined.  (GC_call_with_stack_base): Add GC_API.
* os_dep.c (GC_get_stack_base): Add GC_API.
* win32_threads.c: (GC_register_my_thread, GC_unregister_my_thread):
Add GC_API.
* include/gc.h: Add GC_API annotations.
* include/private/gc_locks.h: Define UNCOND_LOCK etc. also for
PCR.
* include/private/gc_priv.h, mark_rts.c, typd_mlc.c:
Add GC_push_typed_structures() to push GC_ext_descriptors.
* allchblk.c (GC_merge_unmapped, GC_freehblk): Refuse to create
blocks large enough that their size, when interpreted as a signed
value, would be negative.
* include/private/gc_priv.h: Update MAX_ROOT_SETS
and LOG_PHT_ENTRIES to handle larger heaps.
* allchblk.c, alloc.c, include/private/gc_priv.h:
Track GC_bytes_dropped and use in GC triggering decisions.
* alloc.c (min_bytes_allocd): Weight atomic blocks less.
* alloc.c (GC_add_to_heap): Call GC_install_header(p) AFTER
adjusting p.
* alloc.c: Define GC_version instead of in version.h.
* version.h: Remove.
* include/gc_version.h: Move most of version.h here.
* include/gc.h, doc/README.macros: Add GC_NO_THREAD_REDIRECTS,
GC_NO_THREAD_DECLS, don't test explicitly for GC_SOLARIS_THREADS.
* alloc.c: Deal correctly with address wrapping for
GC_greatest_plausible_heap_addr and GC_least_plausible_heap_addr.
* finalize.c, include/gc.h (GC_register_disappearing_link,
GC_register_finalizer_inner): Improve out-of-memory handling.
* dyn_load.c (GC_dyld_image_add): Remove ifdef clause and use the macro
GC_GETSECTBYNAME instead.
* include/private/gc_priv.h: Define GC_GETSECTBYNAME according to the
architecture (Darwin).
* thread_local_alloc.c (GC_malloc_atomic, GC_gcj_malloc): Pass
granules, not bytes, to GC_FAST_MALLOC_GRANS.
* include/gc.h: Never include gc_local_alloc.h.
* malloc.c: Update GC_large_allocd_bytes on explicit deallocation.
* allchblk.c: Sanity check GC_max_large_allocd_bytes.
* include/extra/gc.h, include/extra/gc_cpp.h: New.
* include/include.am: Install gc.h and gc_cpp.h in $(prefix)/include
again.
* dbg_mlc.c: Use random() on all glibc systems.
* mach_dep.c (GC_with_callee_saves_pushed): Don't use getcontext() on
HURD.  Add comment.
* pthread_stop_world.c (GC_suspend_handler, GC_stop_init): Accomodate
systems without SA_SIGINFO.
* alloc.c, backgraph.c, headers.c, include/private/gc_priv.h:
Maintain GC_our_memory and GC_n_memory.
* dbg_mlc.c (GC_print_smashed_obj): Improve message.
(GC_print_all_smashed_proc): Pass client object address instead of
base.
* dyn_load.c (sort_heap_sects): New.  (GC_register_map_entries):
Register sections that are contiguous and merged with our heap.
* malloc.c, os_dep.c (GC_text_mapping): Check for just base name
of libraries.
* malloc.c (calloc): Check for special callers even with
USE_PROC_FOR_LIBRARIES. Move assertion.  Add rudimentary
malloc/free tracing.
* misc.c: No longer call GC_init_lib_bounds explicitly.
* thread_local_alloc.c (GC_malloc, GC_malloc_atomic): Always
initialize on demand.
* alloc.c (GC_stopped_mark): Call GC_add_current_malloc_heap()
while world is still running.
* os_dep.c (GC_is_heap_base): Don't call GC_add_current_malloc_heap()
with world stopped.
* include/gc.h (GC_INIT for cygwin): Always call GC_add_roots.
* misc.c (GC_init/GC_init_inner): Perform all work in
GC_init_inner.

(wiz)

Define __UNCONST if needed.

(joerg)

Pullup ticket #2391.

(tron)

Pullup ticket 2391 - requested by joerg
Security fix for lighttpd

Revisions pulled up:
- www/lighttpd/Makefile 1.21
- www/lighttpd/distinfo 1.14
- www/lighttpd/patches/patch-aa 1.9
- www/lighttpd/patches/patch-ac 1.5

    Module Name: pkgsrc
    Committed By: joerg
    Date: Fri Apr 25 19:58:17 UTC 2008

    Modified Files:
pkgsrc/www/lighttpd: distinfo
    Added Files:
pkgsrc/www/lighttpd/patches: patch-aa patch-ac

    Log Message:
    Fix a potential DOS when using SSL. Bump revision.
---
    Module Name: pkgsrc
    Committed By: joerg
    Date: Tue May 20 14:22:50 UTC 2008

    Modified Files:
pkgsrc/www/lighttpd: Makefile

    Log Message:
    Belatedly bump revision for CVE-2008-1531 fix.

(tron)

Also add malloc.c as required by configure.
Reported in SF.net bug # 1899047

(tnn)

Don't use a macro named __(), because __ has internal use in OSF1 system
headers. Supposedly fixed already in upstream CVS.
This closes PR pkg/38400 from Hans Rosenfeld.

(tnn)

Updated databases/shared-mime-info to 0.30

(wiz)

Update to 0.30:

shared-mime-info 0.30 (2008-05-12)
* Mime-type Changes:
- Add LZMA archive
- Add Eiffel source
- Add TTX font
- Add EXR image
- Add SubViewer subtitle
- Add Windows Registry
- Add SMAF, XMF and iMelogy ringtones
- Add MRML playlists
- Add FLTK Fluid
- Add NFO info
- Add ALZ archive
- Add MS Word template
- Add GNUNet saved searches
- Add MOF
- Add CDRDAO TOC
- Add magic for KDC Kodak
- Add pattern for PCX images
- Add pattern for mbox files
- Add pattern for AWK scripts
- Add more magic for FLAC audio
- Add iptables
- Add Electronic books
- Add Cisco VPN
- Add Pack200 archives
- Add CMake scripts
- Add MS Works document
- Update DjVu types
- Update Flash video type
- Mark RCS files as text/plain
- Add an alias for RPM packages
- Remove application/x-cgi mime-type
- Remove *.exe glob for Unix executables
- Remove audio/x-mp3-playlist and make it an alias for MP3 playlists
- Remove the useless application/x-dbm type
- Remove duplicate *.amr glob from 3GPP files
- Add "<Asx" as a pattern for ASX files
- Lower XML magic priority so text/html is preferred
- Fix magic for application/x-java
- Fix up magic for AVI files
- Add "*.med" glob to MOD music
- Add "*.3gp2" glob for 3GPP audio/video
- Fix multiple XML mime-types
- Remove duplicate StuffIt archive type
- Remove unused text/x-ksysv-log

* Other:
- Update specification
- Add instructions on how to file bugs, and update translations
- Update dependencies to GLib 2.6
- Update DTD, require translated comments, require expanded-acronym if
acronym is present, require a known value for generic-icon
- Small fix to the update-mime-database man page
- Ignore unknown fields in update-mime-database
- Make sure all the comments are marked for translation
- Fix typos in the DTD
- Avoid warnings in update-mime-database for the x-content/ mimetypes

(wiz)

update to 3.2.5
changes:
-SVG driver adds color and pattern filling to arcs
-bugfixes

pkgsrc change: skip interpreter check for fig2ps2tex, in response
to PR pkg/38711 by Aleksey Cheusov. Adding csh as a dependency doesn't
make much sense because the pkg provides an extra script exactly
for that case, as documented in the manpage.

(drochner)

Updated games/singularity to 0.28

(wiz)

Update to 0.28:

v0.28 (release 2008.05.11):

USER-VISIBLE CHANGES:
- Minor text cleanups. (Phil, FM; Cory Hickey and gglouser for some fixes)
- Minor dialog behavior fixes. (FM)
* New non-research task: CPU Pool.  Performs maintenance, construction, jobs.
  Bases with no other task assigned will contribute to the CPU Pool. (FM)
* New non-research task: Sleep.  Bases assigned to Sleep will remain idle and
  be harder to detect.  Note that even a computer can't sleep through
  construction. (FM)
- The CHANGE buttons inside the base dialog now show their hotkeys. (FM)
- The location buttons have had their on-screen positions tweaked. (FM)
- Start location is randomized to any of the 5 available continents. (FM)
* CPU is now used to design constructions, Cash to buy the required items, and
  Labor (time) to assemble the final construction. (FM)
- Location and city names can now be localized. (FM)
- Numbers automatically localize to the correct comma-vs-period usage. (FM)
* Added a new difficulty level: Ultra Hard. (FM, emh for suggestion)
* Build times are now difficulty-dependent. (FM)
* The grace period applied to a new base is now difficulty-dependent. (FM)
* The suspicion gain per discovery is now difficulty-dependent. (FM)
- Bases in a location are now sorted by size, then name. (FM, emh for
  suggestion)
* The global grace period now expires on Normal and above if you build more
  than a certain number of bases, and on Ultra Hard if you build certain types
  of bases. (FM)
- Locations with recently-discovered bases are now more likely to have other
  bases discovered. (FM)
* Base detection chances and overall suspicion are now unknown until certain
  new technologies have been researched. (Phil)
  ...except on low difficulty. (FM)
* Incomplete bases no longer support the AI. (FM)
- It's possible to get lucky when hacking some random computer.  (FM)
* Seconds, minutes, and hours now matter much more than they used to. (FM)
- Major events cause the game to pause, instead of going to real-time. (FM)
- You can use the Enter on the numeric keypad like the regular Enter key.
  (Phil, gare for suggestion)
* Continents are no longer identical. (FM, Phil for suggestion)
* New continent: Australia.  Ocean moved to make room. (FM)
* E:S now has an intro when you start a new game! (FM)
- New item: Warning Signs.  Useful for keeping out curious people. (FM)
- CPU display on Finance screen centered (Jorge Vargas)
- Time capsules can now be built anywhere sufficiently remote, with varying
  degrees of stealth. (FM, emh for suggestion)
- Internet Traffic Manipulation and Hypnosis Field techs have been rebalanced to
  better reflect their effects. (FM)
* de_DE translation (FM, Thomas for native proofing [still in progress])
* sv_SE translation (Anders Andersson)

OTHER CHANGES:
- Massive (~50%) code changes, to improve clarity and reduce duplication. (FM)
- "safety" module should trap most crash bugs and show the pause menu, allowing
  the user to save or attempt to resume play; the errors are written to a log
  for easy submission to the developers. (FM)
- New utility: reorder.py  Workaround for traduko's current order-scrambling
  behavior.  Use with caution. (FM)
- Various code formatting fixes, refactor of part of the technology(/event)
  result system. (Jorge Vargas)
- setup.py updated to support mac .app building and cut filesize of the windows
  .exe by about half. (FM)

(wiz)

this doesn't use PYPKGPREFIX, so "python/application.mk" should
be pulled in first

(drochner)

Updated misc/goffice0.6 to 0.6.4

(wiz)

Update to 0.6.4:
0.6.4 changes undocumented.

goffice 0.6.3:

Hiroyuki Ikezoe:
* Switch from pcre to glib regexp handling.  [#482319]

Jean:
* Don't try to use invalide data in box-plots. [#527249]
* Add EPS export for charts if cairo supports.

Jody:
* Enable the use of dolt.
* Fix formats on win32.

Morten:
* Add go_format_is_invalid.
* Improve date convention framework.
* Fix problem with [Enter] causing infinite recursion.

(wiz)

Updated devel/ruby-rcsparse to 0.0.0.42

(wiz)

Update to 0.0.0.42:
Don't segfault on invalid RCS files.

(wiz)

Updated devel/fromcvs to 0.0.0.122

(wiz)

Fix broken URL and correct incorrect patch checksum.

(tron)

Update to 0.0.0.122:
Remove now unneeded comment.
Make tohg work with current mercurial.
Only handle repocopy if we have data.
Implement complete repo file list, approximated by branch file lists.
Fix filelist for nonexisting branches.

(wiz)

Updated textproc/enchant to 1.4.2

(wiz)

Update to 1.4.2:
Bug fixes.

(wiz)

Update MESA_PATCHFILES, too; without this, the update isn't of much use. ;)

Thanks to dsainty@ for pointing it out.  Obviously I did update this while
testing it, but I did a cvs up -dPAC at some point and lost it.

(bjs)

Add comment about not using -ffast-math pending further testing.
It seems to cause instability, at least for me on NetBSD/amd64 (4.99.63).

(bjs)

+ Updated graphics/MesaLib to 7.0.3.3 [bjs 2008-05-21]

(bjs)

Add new round of distribution patches (update code to head of Mesa_7_0_branch).
While here, ensure that all instances of pthread_getspecific are
replaced with __libc_thr_getspecific on NetBSD (fixes linking issues
with compiz, at least).

(bjs)

Use gamin instead of fam on OSF1. Closes PR pkg/31489.

(tnn)

Also disable fam on OSF1

(tnn)

Drop -Werror, it doesn't appear to be warns safe:
scsi.c:1047: warning: pointer type mismatch in conditional expression

(tnn)

Sprinkle some CHECK_INTERPRETER_SKIP

(tnn)

Set NO_BUILD=yes
(did this package even install? Well, it does now.)

(tnn)

Honour PKGMANDIR

(tnn)

Honour PKGMANDIR

(tnn)

Honour PKGMANDIR

(tnn)

Honour PKGMANDIR

(tnn)

Honour PKGMANDIR

(tnn)

Note update of devel/generate to 2.5.

(darcy)

Honour PKGMANDIR

(tnn)

Update to 2.5.
Uses internal version of strdup (my_strdup) rather than depending on
availability in all systems.  Fixes Linux bulk build.

(darcy)

Honour PKGMANDIR

(tnn)

Honour PKGMANDIR

(tnn)

Fix PLIST breakage with native X11 introduced in rev 1.48.

(tnn)

Add missing translation to PLIST

(tnn)

Updated archivers/lzo to 2.03

(wiz)

Update to 2.03:

Changes in 2.03 (30 Apr 2008)
  * Updated the ELF assembler sources to mark the stack as non-executable.
  * Fixed a HP-UX 11 build issue with Itanium in ILP32 mode.
  * Updated the configure system.

(wiz)

Restore older (and somewhat bogus) behaviour of modifying the +CONTENTS
file when -p is given to pkg_add.

(joerg)

Updated textproc/iso-codes to 2.1

(wiz)

Update to 2.1:

iso-codes 2.1
-------------
Tobias Toedter <toddy@debian.org>
Sun, 4 May 2008

  [ ISO-3166 ]
  * Changes from ISO-3166 MA Newsletter VI-2:
    - MD shortname to "Moldova"
    - ME full name to "Montenegro"

  [ ISO-3166-2 ]
  * Removed extraneous blanks from Malta (MT) entries; unfuzzied
    the resulting .po deltas. Closes: alioth#310645

  [ ISO-639 translations ]
  * Vietnamese by Clytie Siddall (TP)
  * Dutch by Freek de Kruijf (TP)
  * Esperanto by Edmund GRIMLEY EVANS (TP)

  [ ISO-3166 translations ]
  * Slovenian by Primo転 Peterlin (TP)
  * Hungarian by Gabor Kelemen (TP)
  * Spanish by Javier Fern叩ndez-Sanguino Pe単a
  * Lithuanian by Kestutis Bili笛nas
  * Vietnamese by Clytie Siddall
  * Bulgarian by Damyan Ivanov
  * Tamil by Tirumurti Vasudevan

  [ ISO-3166-2 translations ]
  * Slovenian by Primo転 Peterlin (TP)
  * Lithuanian by Kestutis Bili笛nas

  [ ISO-4217 translations ]
  * Slovenian by Primo転 Peterlin (TP)
  * Hungarian by Gabor Kelemen (TP)

  [ ISO-15924 translations ]
  * Thai by Theppitak Karoonboonyanan
  * Slovenian by Primo転 Peterlin (TP)

(wiz)

Belatedly bump revision for CVE-2008-1531 fix.

(joerg)

Django CSS fix.

(joerg)

Fix a CSS issue in the login page of the admin module. Bump revision.

(joerg)

Removed graphics/sodipodi successor graphics/inkscape

(tnn)

-sodipodi

(tnn)

Remove sodipodi.
No development has taken place for years, homepage points at domain farm.
Considered abandoned in favour of inkscape (graphics/inkscape), which
started out as a sodipodi fork.

(tnn)

Note update of audio/libid3tag to 0.15.1bnb2:

Check for end-of-string when parsing a stringlist field.

Problem and fix originally reported by Kentaro Oda to the mad-dev
mailing list.

See http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2008-2109
for some more info.

(simonb)

Check for end-of-string when parsing a stringlist field.

Problem and fix originally reported by Kentaro Oda to the mad-dev
mailing list.

See http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2008-2109
for some more info.

(simonb)

Try to fix a bootstrap failure reported on Slackware 12.1. Untested.

(tnn)

Updated graphics/png to 1.2.29

(wiz)

Update to 1.2.29:

version 1.2.27beta04 [April 18, 2008]
  Added AC_LIBTOOL_WIN32_DLL to configure.ac
  Rebuilt Makefile.in, aclocal.m4, and configure with autoconf-2.62

version 1.2.27beta05 [April 19, 2008]
  Added MAINTEINERCLEANFILES variable to Makefile.am

version 1.2.27beta06 [April 21, 2008]
  Avoid changing color_type from GRAY to RGB by
    png_set_expand_gray_1_2_4_to_8().

version 1.2.27rc01 [April 23, 2008]
  Fix broken URL for rfc2083 in png.5 and libpng-*.txt

version 1.0.33 and 1.2.27 [April 30, 2008]
  No changes.

version 1.0.34 and 1.2.28 [April 30, 2008]
  Rebuilt Makefile.in, aclocal.m4, and configure with autoconf-2.61
    due to backward incompatibilities.
  Removed a stray object file from contrib/gregbook

version 1.2.29beta01 [May 1, 2008]
  Removed some stray *.diff and *.orig files

version 1.2.29beta02 [May 1, 2008]
  Reverted Makefile.in, aclocal.m4, and configure to the libpng-1.2.26
    versions.

version 1.2.29beta03 [May 2, 2008]
  Added --force to autogen libtoolize options and --force-missing to
    automake options.
  Changed $(ECHO) to echo in Makefile.am and Makefile.in
  Updated all configure files to autoconf-2.62
  #ifdef out pnggcrd.c code if using MSC_VER

version 1.2.29rc01 [May 4, 2008]
  No changes.

version 1.0.35 and 1.2.29 [May 8, 2008]
  No changes.

(wiz)

Updated mail/thunderbird and mail/thunderbird-gtk1 to 2.0.0.14.

(ghen)

Unbump PKGREVISION for 2.0.0.14 update.

(ghen)

Update thunderbird and thunderbird-gtk1 to 2.0.0.14 (2.0.0.13 was skipped to
stay on par with Firefox version numbering?)

Security fixes in this version:

MFSA 2008-15  Crashes with evidence of memory corruption (rv:1.8.1.13)
MFSA 2008-14 JavaScript privilege escalation and arbitrary code execution

For more info, see http://www.mozilla.com/en-US/thunderbird/2.0.0.14/releasenotes/

(ghen)

+ asterisk-1.4.19.2, cgicc-3.2.6, cmake-2.6.0, doxygen-1.5.6,
  dvipng-1.11, eric3-4.1.4 [now called eric4], freesci-0.6.4,
  gmime-2.2.20, goffice0.6-0.6.4, gsasl-0.2.26 [pkg/38692],
  kdevelop-3.5.2, kdevelop-base-3.5.2, links-gui-2.1.0.36,
  multitail-5.2.2, nspr-4.7.1, p5-Apache-DBI-1.07,
  p5-Compress-Raw-Zlib-2.011, p5-Compress-Zlib-2.011, p5-DBD-mysql-4.007,
  p5-IO-Compress-Base-2.011, p5-IO-Compress-Zlib-2.011,
  py-html2text-2.292, rox-2.8, ruby-rcsparse-0.0.0.42,
  shared-mime-info-0.30, stella-2.6, stunnel-4.24, tcpreplay-3.3.1,
  uim-1.5.1, x264-devel-20080517, yasm-0.7.1.

(wiz)

Updated games/wesnoth to 1.4.2

(wiz)

Update to 1.4.2:

Version 1.4.2:
* language and i18n:
  * updated translations: Chinese, Chinese (Traditional), Croatian, Czech,
    Dutch, Finnish, French, German, Hungarian, Italian, Japanese, Lithuanian,
    Polish, Russian, Serbian, Slovak, Spanish, Turkish
* various minor bug fixes

(wiz)

Updated mail/spamassassin to 3.2.4nb2.

(ghen)

Update sa-update PGP key to fix GnuGP 1.4.9 "cross-certified" error (see
http://wiki.apache.org/spamassassin/SaUpdateKeyNotCrossCertified).  Bump
PKGREVISION.  Ok with pkgsrc-security.

(ghen)

Note addtion of x11/xfd package version 1.0.1.

(taca)

Add and enable xfd.

(taca)

Importing xfd 1.0.1 which was missing moduler xorg packages.


The xfd utility creates a window containing the name of the font being
displayed, a row of command buttons, several lines of text for display-
ing character metrics, and a grid containing one glyph per cell.
The characters are shown in increasing order from left to right, top to
bottom.

This is the version of xfd maintained by Xorg.


Status:

Vendor Tag: TNF
Release Tags: pkgsrc-base

(taca)

+ ikiwiki-2.46

(schmonz)

Updated multimedia/gmplayer to 1.0rc10nb5

(tonnerre)

Add patches for CVE-2008-1558 for gmplayer

(tonnerre)

Yet another IRIX build fix.

(tnn)

Fix most of the IRIX fam fallout mentioned in PR pkg/38639.
The gio/tests issue remains, but I couldn't reproduce it with GCC.

(tnn)

Pullup ticket #2386.

(tron)

Pullup ticket 2386 - requested by tonnerre
security update for blender

Revisions pulled up:
- graphics/blender/Makefile 1.61
- graphics/blender/patches/patch-ae 1.7
- graphics/blender/distinfo 1.24
- graphics/blender/patches/patch-af 1.6
- graphics/blender/patches/patch-ag 1.6

    Module Name: pkgsrc
    Committed By: tonnerre
    Date: Sat May 17 10:33:15 UTC 2008

    Modified Files:
    pkgsrc/graphics/blender: Makefile distinfo
    Added Files:
    pkgsrc/graphics/blender/patches: patch-ae patch-af patch-ag

    Log Message:
    Fix CVEs CVE-2008-1102 and CVE-2008-1102 for blender:
    - Fix arbitrary code execution vulnerability in .bend files which
    contain a crafted RGBE file (CVE-2008-1102).
    - Create various temporary files in safer paths (CVE-2008-1103).

(tron)

Add support for a new PLIST block, INCLUDE-SDK, used for installing
SDK headers shipped with Firefox 3.x.

(tnn)

Remove pkglint warning as suggested by joerg@.

(darcy)

Bring pkg_add man page somewhat in sync with reality.

(joerg)

Specify languages used.

(darcy)

Fix build on IRIX

(tnn)

libnbcompat-20080519:
Many of the hash function headers are incompatible with the OpenSSL
headers, so don't include them by default and require the caller to
include them on demand.

(joerg)

add a CONFLICTS line for ffmpeg-[0-9]*

(abs)

Fix assorted pkglint complaints and warns.

(tnn)

Add variable to control how packages are installed.
VERIFIED_INSTALLATION supports:
never (default): print signature, but don't care about it.
always: check for valid signature, abort otherwise
trusted: ask for packages without valid signature
interactive: always ask before installation

(joerg)

document official-mozilla-branding option.
XXX should be renamed to mozilla-official-branding

(tnn)

+ Updated fonts/mkfontscale to 1.0.5 [bjs 2008-05-19]

(bjs)

Update to mkfontscale 1.0.5.  Changes since 1.0.4:

    Fix handling of OpenType/CFF fonts with embedded bitmaps.
    The old workaround would trigger with CFF fonts with embedded bitmaps.
    We now explicitly check for the font format being TrueType.
    Reported by Andrey V. Panov.

    Remove doubly included header.

    Add bdf and pcf to font priority table.
    This mirrors the behaviour of the old mkfontdir, which prefers pcf to
    bdf fonts.

    Fix typo in mkfontscale.c.
    This spurious break statement disabled checking for Apple and ISO Unicode
    CMaps in SFNT fonts.  Thanks to Alan Coopersmith and Stefan Dirsch.

    Compile warning fixes.

    Include headers for proper prototypes and "ansify" makeHashTable.

(bjs)

pullup tickets #2388 and #2389

(spz)

Pullup ticket 2389 - requested by tron
security update for tk

Revisions pulled up:
- pkgsrc/x11/tk/Makefile.version 1.8
- pkgsrc/x11/tk/PLIST 1.10
- pkgsrc/x11/tk/distinfo 1.32

  Module Name: pkgsrc
  Committed By: bjs
  Date: Mon Apr  7 15:14:10 UTC 2008

  Modified Files:
  pkgsrc/x11/tk: Makefile.version PLIST distinfo

  Log Message:
  Update to version 8.4.18.  Way too many changes to list here--please
  see ChangeLog.  Insofar as I can tell, all of the changes are bug fixes
  (and some backports from HEAD for Darwin).

  To generate a diff of this commit:
  cvs rdiff -r1.7 -r1.8 pkgsrc/x11/tk/Makefile.version
  cvs rdiff -r1.9 -r1.10 pkgsrc/x11/tk/PLIST
  cvs rdiff -r1.31 -r1.32 pkgsrc/x11/tk/distinfo

(spz)

Pullup ticket 2388 - requested by tron
security update for tcl

Revisions pulled up:
- pkgsrc/lang/tcl/Makefile.version 1.8
- pkgsrc/lang/tcl/distinfo 1.42

  Module Name: pkgsrc
  Committed By: bjs
  Date: Mon Apr  7 15:16:40 UTC 2008

  Modified Files:
  pkgsrc/lang/tcl: Makefile.version distinfo

  Log Message:
  Update to version 8.4.18.  Distilled list of non-Windows changes:

  * generic/tclInterp.c (Tcl_GetAlias): fix for [Bug 1882373]

  * generic/regguts.h, generic/regc_color.c, generic/regc_nfa.c:
  Fixes for problems created when processing regular expressions that
  generate very large automata. An enormous number of thanks to Will
  Drewry <wad@google.com>, Tavis Ormandy <taviso@google.com>, and Tom
  Lane <tgl@sss.pgh.pa.us> from the Postgresql crowd for their help in
  tracking these problems down. [Bug 1810264]

  * unix/tclUnixCompat.c (TclpGetHostByName): Really applied
  the change noted on 2007-11-13 by dkf below.

  * generic/tclIOUtil.c (TclGetOpenMode): Only set the O_APPEND flag
  * tests/ioUtil.test (ioUtil-4.1): on a channel for the 'a'
  mode and not for 'a+'. [Bug 1773127] (backport from HEAD)

  * generic/tclCmdIL.c (Tcl_LsearchObjCmd): Prevent shimmering crash
  when -exact and -integer/-real are mixed. [Bug 1844789]

  * generic/tclThread.c: Back-port locking changes from Tcl8.5
  in Tcl_Mutex/ConditionFinlize. Now we properly master-lock
  the finalization of sync primitives.

  * generic/regc_nfa.c: Fixed infinite loop in the regexp compiler
  * generic/regcomp.c: [Bug 1810038].  Corrected looping logic in
  * tests/regexp.test: fixempties() to avoid wasting time walking a
  list of dead states [Bug 1832612].  Convert optst() from expensive
  no-op to a cheap no-op.  Improve newline usage in debug output.

  * unix/tclUnixCompat.c (TclpGetHostByName): The six-argument form of
  getaddressbyname_r() uses the fifth argument to indicate whether the
  lookup succeeded or not on at least one platform. [Bug 1618235]

  * generic/regc_lex.c (lexescape): Ensure that backreference numbers
  can't overflow a signed int in a way that breaks things. [Bug 1810264]

  * generic/tclParse.c (Tcl_ParseBraces): fix for possible read
  after the end of buffer, [Bug 1813528] (Joe Mistachkin).

  * generic/tclObj.c (Tcl_FindCommandFromObj): fix finding a deleted
  command; cannot trigger this from Tcl itself, but crash reported
  on xotcl. This check is new to 8.4 but exists in 8.5, so this is a
  backport or something. Thanks Gustaf Neumann.

  * generic/tcl.h (Tcl_DecrRefCount): Update change from 2006-05-29
  to make macro more warning-robust in unbraced if code.

  To generate a diff of this commit:
  cvs rdiff -r1.7 -r1.8 pkgsrc/lang/tcl/Makefile.version
  cvs rdiff -r1.41 -r1.42 pkgsrc/lang/tcl/distinfo

(spz)

pullup ticket #2387

(spz)

Pullup ticket 2387 - requested by tron
security update for net-snmp

Revisions pulled up:
- pkgsrc/net/net-snmp/Makefile 1.68
- pkgsrc/net/net-snmp/distinfo 1.43
- pkgsrc/net/net-snmp/patches/patch-ad 1.5

  Module Name:    pkgsrc
  Committed By:  tron
  Date:          Sun May 18 11:59:54 UTC 2008

  Modified Files:
          pkgsrc/net/net-snmp: Makefile distinfo
  Added Files:
          pkgsrc/net/net-snmp/patches: patch-ad

  Log Message:
  Add patch from the Net-SNMP SVN repository to fix a buffer overflow in
  the Perl SNMP module reported in SA30187.

  To generate a diff of this commit:
  cvs rdiff -r1.67 -r1.68 pkgsrc/net/net-snmp/Makefile
  cvs rdiff -r1.42 -r1.43 pkgsrc/net/net-snmp/distinfo
  cvs rdiff -r0 -r1.5 pkgsrc/net/net-snmp/patches/patch-ad

  Please note that diffs are not public domain; they are subject to the
  copyright notices on the relevant files.

(spz)

Need msgfmt to build.
Noticed by Hasso Tepper in PR 38686.

(obache)

Fix typo intoroduced by mechanical DESTDIR fix.
noticed by Hasso Tepper in PR 38687.

(obache)

Build with openssl in -current.

(markd)

Note update of the "net-snmp" package to version 5.4.1nb2.

(tron)

Add patch from the Net-SNMP SVN repository to fix a buffer overflow in
the Perl SNMP module reported in SA30187.

(tron)

Updated mail/mutt-devel to 1.5.18

mutt-compressed-mbox option is disabled, untill an updated patch is available.

(tonio)

Update mail/mutt-devel to 1.5.18

>From the announce:
"Mutt 1.5.18 contains 6 months of bug fixes, documentation improvements and
performance enhancements since the release of 1.5.17, but I believe only
one new feature ($time_inc, for controlling the rate at which status updates
are displayed)."

(tonio)

It only makes sense to build the vmware drivers on x86 platforms.

(tnn)

Updated archivers/gtar{,-info,-base} to 1.20

(tnn)

Catch up with gtar-base-1.20.

(tnn)

Update to GNU tar 1.20.
All self-tests pass under NetBSD-current.

Changes: 3.5 years worth of development; too much to list here.

(tnn)

Update homepage.

(tnn)

Note {libpurple,pidgin*,finch} 2.4.2 updates.

(tnn)

Update to finch-2.4.2.

* New default binding ctrl+x to open context menus.
* Menu triggers and other bindings will no longer conflict.
* Middle click pastes the internal clipboard (when mouse support is enabled).

(tnn)

make this work again.

(christos)