doc: Updated devel/py-cparser to 2.22

(wiz)

py-cparser: update to 2.22.

What's Changed

    Add missing SCHAR limit defines by @matamegger in #449
    Use proper SPDX identifier by @Shortfinga in #474
    Add Python 3.11 as a supported version by @erlend-aasland in #469
    Fix multi-pragma/single statement blocks (#479) by @ldore in #480
    Add an encoding parameter to parse_file by @jordr in #486
    Feature/add pragma support by @jordr in #487
    Set up permissions to ci.yml by @joycebrum in #492
    _build_tables: Invalidate cache before importing generated modules by @mgorny in #494
    Upgrade GitHub Actions by @cclauss in #500
    Create a Security Policy by @joycebrum in #499
    New example to generate AST from scratch by @Andree37 in #507
    Add support for Python 3.12 by @hugovk in #515
    ply: Make generated lextab.py deterministic by @jackrosenthal in #531

(wiz)

doc: Updated mail/neomutt to 20240329

(wiz)

neomutt: update to 20240329.

2024-03-29  Richard Russon  \<rich@flatcap.org\>
* Bug Fixes
  - #4185 c441f5957 Fix memory leak in trash_append()
  - #4189 Fix off-by-one error in %b with notmuch
  - #4190 Zero-out mailbox counters on delete
  - #4204 colour: honour the normal colour
  - #4205 match folder-hook also against mailbox name (fixes #4201)
  - wrap colour in <show-log-messages>
  - history: fix saving file
  - history: improve error message format
* Docs
  - #4182 docs: -C: Fix some accidents
  - #4188 Update oauth2 README
  - #4193 Update oauth2 README
  - fix typos, lots of tidying
  - tidy license info
* Build
  - #4196 use FreeBSD 14.0 in Cirrus CI
  - actions: update cpu count
  - actions: use codeql v3
* Code
  - #4186 Buffer refactoring: make_entry()
  - address: tidy config handling
  - coverage: buf, slist
  - graphviz: link labels
  - tidy buf_strcpy() calls
  - tidy char buffers
  - test: default timezone to UTC

2024-03-23  Richard Russon  \<rich@flatcap.org\>
* Do NOT use this release

(wiz)

doc: Updated math/ltm to 1.3.0

(wiz)

ltm: update to 1.3.0.

This release is done in preparation for libtommath 2.0.0 which will
deprecate multiple public parts of the API, both functions and
macros.

Additionally we窶况e included CMake as build system and use GitHub
Actions to verify that everything works as expected.

All to-be-deprecated parts are marked as either MP_DEPRECATED()
for functions or MP_DEPRECATED_PRAGMA() for macros. Your compiler
should complain if you use those to-be-deprecated parts, if not
it窶冱 most likely a pretty old version of the compiler or not
correctly configured.

(wiz)

doc: Updated multimedia/libva to 2.21.0

(wiz)

libva: update to 2.21.0.

version 2.21.0 - 12.Mar.2024
* va: Add allow_content_tools and force_intger_mv to AV1 enc
* va: add VASurfaceAttribAlignmentSize
* va: Re-add drm_state and fd checks to VA_DRM_GetDriverNames
* va: export symbol vaGetLibFunc for Windows
* va: Add PRIME3 defination and correct the value
* va: add driver name map for new intel KMD xe
* va: export symbol vaMapBuffer2 for Windows
* va: add new interface vaMapBuffer2 for map operation optimization
* va: Add VAConfigAttribEncMaxTileRows and VAConfigAttribEncMaxTileCols
* va: fix handling when all wayland backends fail
* va_trace:add return value trace for vaPutSurfaces
* ci: harden permissions for all github workflows
* ci: update to vmactions/freebsd-vm from v0 to v1
* ci: windows.yml: Add windows-msvc-debug
* meson: create dist archives suitable for building with configure, too
* autogen.sh: successfully detect if the autoreconf program is installed
* build(deps): bump actions/upload-pages-artifact from 2 to 3
* build(deps): bump actions/deploy-pages from 3 to 4
* build(deps): bump actions/setup-python from 4 to 5
* build(deps): bump actions/deploy-pages from 2 to 3
* win32: Fix debug build break

(wiz)

doc: Updated devel/libdeflate to 1.20

(wiz)

libdeflate: update to 1.20.

## Version 1.20

* Improved CRC-32 performance on recent x86 CPUs by adding
  VPCLMULQDQ-accelerated implementations using 256-bit and 512-bit vectors.

* Improved Adler-32 performance on recent x86 CPUs by adding
  VNNI-accelerated implementations using 256-bit and 512-bit vectors.

* Improved CRC-32 and Adler-32 performance on short inputs.

* Optimized the portable implementation of Adler-32.

* Added some basic optimizations for RISC-V.

* Dropped support for gcc versions older than v4.9 (released in 2014)
  and clang versions older than v3.9 (released in 2016).

* Dropped support for CRC-32 acceleration on 32-bit ARM using the ARMv8 pmull or
  crc32 instructions.  This code only worked on CPUs that also have a 64-bit
  mode, and it was already disabled on many compiler versions due to compiler
  limitations.  CRC-32 acceleration remains fully supported on 64-bit ARM.

(wiz)

doc: Updated audio/fluidsynth to 2.3.5

(wiz)

fluidsynth: update to 2.3.5.

Fix setting synth.chorus.speed to its minimum value being reported as out of range (#1284)
Fix a regression causing libinstpatch and libsndfile not to be discovered on Windows (#1299)
Fix Pipewire audio driver not cleanly being destroy (#1305, thanks to @mawe42)
Fix selection logic for XG drum banks (#1307)
Add cmake flag FLUID_HOST_COMPILER to allow overriding default host compiler required during compilation (#1301)
LASH support has been deprecated (#1285)

(wiz)

doc: Updated textproc/enchant2 to 2.6.9

(wiz)

enchant2: update to 2.6.9.

Release v2.6.9

This release implements user dictionaries for Nuspell, Voikko and Hspell.

Release v2.6.8

This release better documents the limited capabilities Enchant currently has for user-specified dictionaries.

(wiz)

news/tin: Switch to gzip compressed source archive

(micha)

Updated multimedia/x265, www/apache24

(adam)

apache24: updated to 2.4.59

Changes with Apache 2.4.59

*) SECURITY: CVE-2024-27316: Apache HTTP Server: HTTP/2 DoS by
  memory exhaustion on endless continuation frames (cve.mitre.org)
  HTTP/2 incoming headers exceeding the limit are temporarily
  buffered in nghttp2 in order to generate an informative HTTP 413
  response. If a client does not stop sending headers, this leads
  to memory exhaustion.
  Credits: Bartek Nowotarski (https://nowotarski.info/)

*) SECURITY: CVE-2024-24795: Apache HTTP Server: HTTP Response
  Splitting in multiple modules (cve.mitre.org)
  HTTP Response splitting in multiple modules in Apache HTTP
  Server allows an attacker that can inject malicious response
  headers into backend applications to cause an HTTP
  desynchronization attack.
  Users are recommended to upgrade to version 2.4.59, which fixes
  this issue.
  Credits: Keran Mu, Tsinghua University and Zhongguancun
  Laboratory.

*) SECURITY: CVE-2023-38709: Apache HTTP Server: HTTP response
  splitting (cve.mitre.org)
  Faulty input validation in the core of Apache allows malicious
  or exploitable backend/content generators to split HTTP
  responses.
  This issue affects Apache HTTP Server: through 2.4.58.
  Credits: Orange Tsai (@orange_8361) from DEVCORE

*) mod_deflate: Fixes and better logging for handling various
  error and edge cases. [Eric Covener, Yann Ylavic, Joe Orton,
  Eric Norris <enorris etsy.com>]

*) Add CGIScriptTimeout to mod_cgi. [Eric Covener]

*) mod_xml2enc: Tolerate libxml2 2.12.0 and later.
  [ttachi <tachihara AT hotmail.com>]

*) mod_slotmem_shm: Use ap_os_is_path_absolute() to make it portable.
  [Jean-Frederic Clere]

*) mod_ssl: Use OpenSSL-standard functions to assemble CA
  name lists for SSLCACertificatePath/SSLCADNRequestPath.
  Names will now be consistently sorted.
  [Joe Orton]

*) mod_xml2enc: Update check to accept any text/ media type
  or any XML media type per RFC 7303, avoiding
  corruption of Microsoft OOXML formats.
  [Joseph Heenan <joseph.heenan fintechlabs.io>, Joe Orton]

*) mod_http2: v2.0.26 with the following fixes:
  - Fixed `Date` header on requests upgraded from HTTP/1.1 (h2c). Fixes
    <https://github.com/icing/mod_h2/issues/272>.
  - Fixed small memory leak in h2 header bucket free. Thanks to
    Michael Kaufmann for finding this and providing the fix.

*) htcacheclean: In -a/-A mode, list all files per subdirectory
  rather than only one.
  [Artem Egorenkov <aegorenkov.91 gmail.com>]

*) mod_ssl: SSLProxyMachineCertificateFile/Path may reference files
  which include CA certificates; those CA certs are treated as if
  configured with SSLProxyMachineCertificateChainFile.  [Joe Orton]

*) htpasswd, htdbm, dbmmanage: Update help&docs to refer to
  "hashing", rather than "encrypting" passwords.
  [Michele Preziuso <mpreziuso kaosdynamics.com>]

*) mod_ssl: Fix build with LibreSSL 2.0.7+.
  [Giovanni Bechis, Yann Ylavic]

*) htpasswd: Add support for passwords using SHA-2.  [Joe Orton,
  Yann Ylavic]

*) core: Allow mod_env to override system environment vars. [Joe Orton]

*) Allow mod_dav_fs to tolerate race conditions between PROPFIND and an
  operation which removes a directory/file between apr_dir_read() and
  apr_stat(). Current behaviour is to abort the connection which seems
  inferior to tolerating (and logging) the error. [Joe Orton]

*) mod_ldap: HTML-escape data in the ldap-status handler.
  [Eric Covener, Chamal De Silva]

*) mod_ssl: Disable the OpenSSL ENGINE API when OPENSSL_NO_ENGINE is set.
  Allow for "SSLCryptoDevice builtin" if the ENGINE API is not available,
  notably with OpenSSL >= 3.  [Yann Ylavic, Joe Orton]

*) mod_ssl: Improve compatibility with OpenSSL 3, fix build warnings about
  deprecated ENGINE_ API, honor OPENSSL_API_COMPAT setting while defaulting
  to compatibitily with version 1.1.1 (including ENGINEs / SSLCryptoDevice).
  [Yann Ylavic]

*) mod_ssl: release memory to the OS when needed. [Giovanni Bechis]

*) mod_proxy: Ignore (and warn about) enablereuse=on for ProxyPassMatch when
  some dollar substitution (backreference) happens in the hostname or port
  part of the URL.  [Yann Ylavic]

*) mod_proxy: Allow to set a TTL for how long DNS resolutions to backend
  systems are cached. [Yann Ylavic]

*) mod_proxy: Add optional third argument for ProxyRemote, which
  configures Basic authentication credentials to pass to the remote
  proxy.

(adam)

x265: updated to 3.6

Version 3.6
===========

Release date - 4th April, 2024.

New feature
-----------
1. Segment based Ratecontrol (SBRC) feature
2. Motion-Compensated Spatio-Temporal Filtering
3. Scene-cut aware qp - BBAQ (Bidirectional Boundary Aware Quantization)
4. Histogram-Based Scene Change Detection
5. Film-Grain characteristics as a SEI message to support Film Grain Synthesis(FGS)
6. Add temporal layer implementation(Hierarchical B-frame implementation)

Enhancements to existing features
---------------------------------
1. Added Dolby Vision 8.4 Profile Support

API changes
-----------
1. Add Segment based Ratecontrol(SBRC) feature: "--[no-]sbrc".
2. Add command line parameter for mcstf feature: "--[no-]mctf".
3. Add command line parameters for the scene cut aware qp feature: "--scenecut-aware-qp" and "--masking-strength".
4. Add command line parameters for Histogram-Based Scene Change Detection: "--hist-scenecut".
5. Add film grain characteristics as a SEI message to the bitstream: "--film-grain <filename>"
6. cli: add new option --cra-nal (Force nal type to CRA to all frames expect for the first frame, works only with keyint 1)

Optimizations
---------------------
ARM64 NEON optimizations:- Several time-consuming C functions have been optimized for the targeted platform - aarch64. The overall performance increased by around 20%.
SVE/SVE2 optimizations

Bug fixes
---------
1. Linux bug to utilize all the cores
2. Crash with hist-scenecut build when source resolution is not multiple of minCuSize
3. 32bit and 64bit builds generation for ARM
4. bugs in zonefile feature (Reflect Zonefile Parameters inside Lookahead, extra IDR issue, Avg I Slice QP value issue etc..)
5. Add x86 ASM implementation for subsampling luma
6. Fix for abrladder segfault with load reuse level 1
7. Reorder miniGOP based on temporal layer hierarchy and add support for more B frame
8. Add MacOS aarch64 build support
9. Fix boundary condition issue for Gaussian filter

(adam)

Updated devel/cmake, security/gnutls, devel/blosc2, devel/SDL2

(adam)

SDL2: updated to 2.30.2

2.30.2

This is a stable bugfix release, with the following changes:

Fixed performance regression initializing controllers on Linux
Added support for the 6-button SEGA Mega Drive Control Pad for Nintendo Online
Added support for the MadCatz Saitek Side Panel Control Deck
Added support for the Hori Fighting Stick EX2
Added support for the Yawman Arrow flightstick
Added a gamepad mapping for the Defender Joystick Cobra R4
Fixed the gamepad mapping for the Sanwa Supply JY-P76USV controller
Poll for the initial controller state when using DirectInput
Allow using SDL_RWFromFile() with named pipes

(adam)

blosc2: updated to 2.14.1

Changes from 2.14.0 to 2.14.1

* When loading plugins, first try with `python` and then `python3`.
  This is because many linux distros do not have `python` as a
  symlink to `python3` anymore.

(adam)

gnutls: updated to 3.8.5

Version 3.8.5 (released 2024-04-04)

** libgnutls: Due to majority of usages and implementations of
  RSA decryption with PKCS#1 v1.5 padding being incorrect,
  leaving them vulnerable to Marvin attack, the RSAES-PKCS1-v1_5
  is being deprecated (encryption and decryption) and will be
  disabled in the future. A new option `allow-rsa-pkcs1-encrypt`
  has been added into the system-wide library configuration which
  allows to enable/disable the RSAES-PKCS1-v1_5. Currently, the
  RSAES-PKCS1-v1_5 is enabled by default.

** libgnutls: Added support for RIPEMD160 and PBES1-DES-SHA1 for
  backward compatibility with GCR.

** libgnutls: A couple of memory related issues have been fixed in RSA PKCS#1
  v1.5 decryption error handling and deterministic ECDSA with earlier
  versions of GMP.  These were a regression introduced in the 3.8.4
  release.

** build: Fixed a bug where building gnutls statically failed due
  to a duplicate definition of nettle_rsa_compute_root_tr().

** API and ABI modifications:
GNUTLS_PKCS_PBES1_DES_SHA1: New enum member of gnutls_pkcs_encrypt_flags_t

(adam)

cmake: updated to 3.29.1

CMake 3.29.1
* ExternalProject: add an example of `LIST_SEPARATOR` usage
* ExternalProject: reword `LIST_SEPARATOR` to indicate what it *does*
* IntelLLVM: Revert accidental use of -external:I with Fortran compilers
* libuv: Avoid posix_spawn on macOS < 10.8
* FindPkgConfig: Avoid finding Strawberry Perl's pkg-config
* libuv: process: de-duplicate conditions for using kqueue
* libuv: darwin: group kqueue-specific definitions together
* libuv: macos: use posix poll instead of kqueue
* FindMPI: Fix finding IntelLLVM wrappers on Windows
* ctest: Restore enforcement of RESOURCE_LOCK test property
* ARTOS: Add support for finding library files named with 'lib' prefix
* IntelLLVM: Fix link flags with Visual Studio generators
* cmSystemTools: Fix compilation on DragonFly BSD
* Help: Remove stray formatting for try_compile() LINKER_LANGUAGE keyword
* try_compile(): Include languages with _ or - when passing linker vars
* Help: Grammar, typos and wording improvements for linker variables
* Help: Add custom linker example for CMAKE_<LANG>_USING_LINKER_<TYPE>
* Help: CMAKE_<LANG>_USING_LINKER_<TYPE> can be a list of flags
* Help: Restructure and improve LINKER_TYPE docs
* CMakePackageConfigHelpers: Remove unused variable
* CMakePackageConfigHelpers: Use unique variable name for pkg prefix
* Swift: Add CMAKE_LINKER_TYPE support
* Help: Fix location of install() note about superseded commands
* FindMatlab: R2024a version map
* Help: emphasize need for VS Integrations with oneAPI Fortran

(adam)

Updated textproc/ugrep, devel/py-hatchling

(adam)

py-hatchling: updated to 1.22.5

1.22.5 - 2024-04-04

Fixed:

Fix reading metadata from source distributions when fields are dynamic but not part of core metadata like entry points

(adam)

ugrep: updated to 5.1.3

ugrep v5.1.3

revert some of the third-party suggested configure scrip changes, this should make Homebrew ugrep include compression libraries again

ugrep v5.1.2

updated configure and makefiles to improve SIMD (SSE2/AVX2/AVX512BW/NEON/AArch64) detection and cross-compilation
removed unused m4/ax_check scripts, adding corresponding PKG_CHECK_MODULES to configure.ac instead
update some of the ctype function calls to avoid potential signedness pitfalls
AIX build
use statfs() with options --include-fs and --exclude-fs when the preferred statvfs() is not available
suppress --filter utility stderr messages when ugrep options -s (--no-messages) and -q (--quiet) are used
fix Cygwin --filter utility hanging after fork when worker threads are active, by forcing single-threaded search (a bit crude, but Cygwin fork isn't identical to Unix fork)
support the NO_COLOR environment variable to suppress color output
fix TUI scroll glitch (cursor down to scroll screen content up) in non-split screen (glitch appeared when adding the split screen feature)
TUI line selection mode top row number indicator added, for consistency
TUI quit & output after line selection mode now behaves the same as non-TUI search output, for consistency
faster -q (--quiet) search

(adam)

notmuch: Fix PYTHON_VERSIONS_INCOMPATIBLE.

(jperkin)

py-lieer: Fix PYTHON_VERSIONS_INCOMPATIBLE.

(jperkin)

doc: Updated shells/nushell to 0.92.1

(pin)

shells/nushell: update to 0.92.1

This is the 0.92.1 patch release of Nushell.

This patch addresses several bugs and regressions present with 0.92.0:

- The configured hooks should again properly affect the scope (e.g. virtualenv
  integrations using a hook to activate as an overlay) (#12383)
- mkdir/touch did not correctly resolve relative paths after using cd.
  This is now fixed. (#12394)
- The default config file created by 0.92.0 assumed that you built with the
  default feature set including the system-clipboard. This is not working on
  platforms like Android/Termux (termux builds with default-no-clipboard).
  Now we only create keybindings in config.nu that are supported on all
  platforms and provide suggestions as comments. You may want to recreate
  config.nu with 0.92.1 if you run into this issue. (#12385)
- The timing of drop notifications sent to plugins has been corrected. (#12341)

(pin)

doc: Updated shells/tcsh to 6.24.12

(kim)

{,standalone-,static-}tcsh: Update to 6.24.12:

Changes since 6.24.11:

33. V6.24.12 - 2024-04-05
32. Fix history merge and add a test for it (Werner Fink, Kimmo Suominen)

(kim)

doc: Updated x11/xdm to 1.1.16

(wiz)

doc/TODO: + cups-filters-2.0.0, qtcreator-13.0.

(wiz)

xdm: update to 1.1.16.

This release fixes a failure to build with the recent libXaw 1.0.16 release
due to a change introduced in xdm 1.1.15 to address gcc 14 build issues.

Alan Coopersmith (2):
      Define _CONST_X_STRING when including Xaw & Xt headers
      xdm 1.1.16

(wiz)

doc: add some upper bounds for vulns

(wiz)

Updated lang/nodejs, lang/nodejs20, lang/nodejs18

(adam)

nodejs18: updated to 18.20.1

Version 18.20.1 'Hydrogen' (LTS)

Notable Changes
CVE-2024-27983 - Assertion failed in node::http2::Http2Session::~Http2Session() leads to HTTP/2 server crash- (High)
CVE-2024-27982 - HTTP Request Smuggling via Content Length Obfuscation - (Medium)
llhttp version 9.2.1
undici version 5.28.4

(adam)

nodejs20: updated to 20.12.1

Version 20.12.1 'Iron' (LTS)

Notable Changes
CVE-2024-27983 - Assertion failed in node::http2::Http2Session::~Http2Session() leads to HTTP/2 server crash- (High)
CVE-2024-27982 - HTTP Request Smuggling via Content Length Obfuscation - (Medium)
llhttp version 9.2.1
undici version 5.28.4

(adam)

nodejs: updated to 21.7.2

Version 21.7.2 (Current)

Notable changes
CVE-2024-27983 - Assertion failed in node::http2::Http2Session::~Http2Session() leads to HTTP/2 server crash- (High)
CVE-2024-27982 - HTTP Request Smuggling via Content Length Obfuscation- (Medium)
llhttp version 9.2.1
undici version 6.11.1

(adam)

doc: Updated www/netsurf to 3.11nb18

(ktnb)

netsurf: update to 3.11

- Fixed failure to reflow SVGs if fetched and ready before layout.
- Support for `display: flex` layout.
- Improved minimum/maximum sizes in box layout.
- Improved handling of percentages.
- Minor cleaning up of layout code.
- Use new LibCSS API for unit conversion.
- Improved ordered list handling.
- Updated selection callbacks to latest LibDOM API.
- Added core option to disable CSS.
- Added core option to prefer dark mode.
- Improved user choices file processing.
- Opaque testing now implemented in core.
- Added core support for premultiplied-alpha.
- Format logged on startup.
- Added support for pixel colour component order configuration.
- Added colour component order conversion functions.
- Generally more optimal on all platforms for all image formats.
- JPEGXL image handler.
- Compatibility with latest rSVG version.
- Improved handling for broken GIF images.
- Updated to new LibNSGIF API.
- Updated all image format handlers to use new core bitmap capabilities.
- Updated to new libcurl API.
- Disabled TLS1.0 and TLS1.1.
- Improved handling of bad SSL connections.
- Change to libcurl to optimise HTTPS connections (upstreamed).
- History: More robust rendering.
- Updated certificate bundle.
- Minor updates to DOM bindings.
- Updated to Duktape 2.7.0 release.
- Console: Don't log through closed window.
- Cleaned up UTF8 handling.
- Improved recursive directory removal.
- Add support for xx_YY format language codes.
- Various improvements to build automation and testing.
- Various warning fixes.
- Aligned UserAgent with compatibility spec.
- Text areas: Clear selection on word left/right.
- Buildsystem: Fixed handling of removed header files.
- Disc cache: Minor fixes.
- Debug: Added generated charts to image cache stats page.
- Debug: Added descendant bounding boxes to HTML box tree dumps.
- Built in: Cleaned up generated `about:` pages.

https://download.netsurf-browser.org/netsurf/releases/ChangeLog.txt

(ktnb)

py-scipy: fix previous: use 1 if not job limit defined

(wiz)

py-numpy: fix previous - fall back to one if no job limit set

(wiz)

emacs29: gnutls option needs pkg-config

(wiz)

Updated www/nghttp2

(adam)

nghttp2: updated to 1.61.0

Nghttp2 v1.61.0

Security Advisory

CVE-2024-28182: Reading unbounded number of HTTP/2 CONTINUATION frames to cause excessive CPU usage

(adam)

doc: Updated editors/zile to 2.6.2

(ktnb)

zile: update to 2.6.2

2.6.1 -> 2.6.2:
- fixed opening a file that contained no line endings would cause a
  null pointer dereference.

2.6.0 -> 2.6.1
- Many bugs fixed due to the Vala rewrite.

2.4.15 -> 2.6.0
- Zile has been rewritten in Vala
- Writing files has been made more robust
- Fixed a bug where `save-buffers-kill-emacs' would not cause Zile to
  exit immediately if it was executed as part of a macro or Lisp
  expression.
- Fixed bug where `universal-argument' without an explicit numeric
  argument would cause Zile to quit immediately.
- Fix a space leak on unterminated string and a crash on unclosed paren when
  parsing Lisp expressions.
- In the minibuffer, C-k now adds the cut text to the kill ring, and `yank'
  (C-y) is added.
- Fix processing of key bindings. This affects where-is and
  describe-bindings.

(ktnb)

doc/TODO: +apache

+ apache-2.4.59.

(taca)

py-retry_decorator: remove

Development upstream has stopped, no users in pkgsrc any more.

(wiz)

py-monotonic: remove

Dead upstream, was a library providing backwards compatibility for
time.monotonic() (which is now in the standard library); unused
in pkgsrc.

(wiz)

py-google-reauth: remove

Dead upstream, only marketed as dependency for other Google tools,
unused in pkgsrc.

(wiz)

py-google-apitools: remove

Deprecated upstream, replaced by other Google Cloud tools.

(wiz)

duplicity: remove duplicate dependency (listed twice)

(wiz)

py-gcs-oauth2-boto-plugin: remove

Deprecated upstream, unused in pkgsrc.

(wiz)

py-gsutil: remove

Deprecated upstream.

Ok bsiegert@ (MAINTAINER)

(wiz)

doc: Updated security/dropbear to 2024.84

(wiz)

dropbear: update to 2024.84.

2024.84 - 4 April 2024

Features and Changes:
  Note >> for compatibility/configuration changes

- >> Only use /etc/shadow when a user has :x: as the crypt in /etc/passwd.
  This is the documented behaviour of passwd(5) so should be consistent with
  other programs. Thanks to Paulo Cabral for the report.
  Note that any users without x as the crypt will not be able
  to log in with /etc/shadow, in cases were the existing configuration
  differs.

- Support -o StrictHostKeyChecking, patch from Sergey Ponomarev

- Support -o BatchMode, from Sergey Ponomarev and Hans Harder

- Support various other -o options compatible with OpenSSH, from
  Sergey Ponomarev. Includes -o PasswordAuthentication

- Add dbclient config file support, ~/.ssh/dropbear_config
  Thanks to tjkolev
  Disabled by default, set #define DROPBEAR_USE_SSH_CONFIG 1

- Add support for unix socket forwarding (destination) on
  the server, thanks to WangYi for the implementation

- Add option to bind to interface, from Diederik De Coninck

- Ignore unsupported arguments in dropbearkey, allow running
  binary as 'ssh-key'. From Sergey Ponomarev

- Save a public key file on generation with dropbearkey.
  -C can be used for a comment, and choose a default key
  type (ed25519 first preference).
  Thanks to Sergey Ponomarev

- Allow inetd to run in non-syslog modes. Thanks to Laurent Bercot
  for the report

- Allow user's own gid in PTY permissions, lets Dropbear work as non-root
  even if /dev/pts isn't mounted with gid=5

- src/distrooptions.h can now be used as another config file.
  This can be used by distributions for customisations (separate
  to the build directory's localoptions.h)

Fixes:

- "dbclient host >> output" would previously overwrite "output", instead of
  appending. Thanks for the report from eSotoIoT

- Add "Strict KEX" support. This mitigates a SSH protocol flaw which lets
  a MITM attacker silently remove packets immediately after the
  first key exchange. At present the flaw does not seem to reduce Dropbear's
  security (the only packet affected would be a server-sig-algs extension,
  which is used for compatibility not security).
  For Dropbear, chacha20-poly1305 is the only affected cipher.
  Both sides of the connection must support Strict KEX for it to be used.

  The protocol flaw is tracked as CVE-2023-48795, details
  at https://terrapin-attack.com . Thanks to the researchers Fabian B辰umer,
  Marcus Brinkmann, and J旦rg Schwenk. Thanks to OpenSSH for specifying
  strict KEX mode.

- Fix blocking while closing forwarded TCP sessions. Noticable
  when many connections are being forwarded. Reported and
  tested by GektorUA. Github #230

- Don't offer RSA (then fail) if there is no RSA key. Regression in 2020.79
  Github #219

- Fix missing response to remote TCP requests when it is disabled.
  Patch from Justin Chen. Github #254

- Fix building with DROPBEAR_RSA disabled

- /proc/timer_list is no longer used for entropy, it was a bottleneck.
  Thanks to Aleksei Plotnikov for the report.

- Don't unconditionally enable DROPBEAR_DSS

- Make banner reading failure non-fatal

- Fix DROPBEAR_SVR_MULTIUSER. This appears to have been broken since when it
  was added in 2019. If you're using this let me know (it might be removed
  if I don't hear otherwise). Thanks to davidatrsp

- Fix Y2038 issues

Infrastructure:

- Move source files to src/ subdirectory. Thanks to tjkolev

- Remove more files with "make distclean"

- Add tests for disabled options

(wiz)

doc: Updated devel/pango to 1.52.2

(pin)

devel/pango: update to 1.52.2

verview of changes in 1.52.2, 31-03-2024
=========================================
- coretext: Implement reload_font
- coretext: Use Menlo instead of Courier for monospace
- win32: Avoid a double free
- Update to Unicode 15.1
- Simplify hexbox drawing

(pin)

doc: Added mail/py-lieer version 1.6

(wiz)

mail/Makefile: + py-lieer

(wiz)

mail/py-lieer: import py-lieer-1.6

Packaged by Malte Dehling in wip.

This program can pull, and send, email and labels (and changes to
labels) from your GMail account and store them locally in a maildir with
the labels synchronized with a notmuch database. The changes to tags in
the notmuch database may be pushed back remotely to your GMail account.

(wiz)

notmuch: mention py-notmuch2

(wiz)

doc: Added mail/py-notmuch2 version 0.38.3

(wiz)

mail/Makefile: + py-notmuch2

(wiz)

mail/py-notmuch2: import py-notmuch2-0.38.3

Packaged by Malte Dehling in pkgsrc-wip.

Notmuch is a system for indexing, searching, reading, and tagging
large collections of email messages in maildir or mh format. It uses
the Xapian library to provide fast, full-text search with a convenient
search syntax.

This package provides Pythonic bindings using CFFI.

(wiz)

notmuch: allow overriding python dependency type

for py-notmuch2

(wiz)

x11/Makefile: sort

(wiz)

doc: Updated devel/libgnt to 2.14.0nb9

(wiz)

libgnt: extend screen(1) hack for tmux(1)

Makes cursor keys work in finch.

Bump PKGREVISION.

(wiz)

doc: Updated x11/xorgproto to 2024.1

(wiz)

xorgproto: update to 2024.1.

I am pleased to announce xorgproto version 2024.1 which includes updates for
the DRI3 and Present protocol definitions to support explicit synchronization
and other keysyms/keydefs fixes and improvements.

Erik Kurzinger (2):
      DRI3: add DRI3ImportSyncobj and DRI3FreeSyncobj
      Present: add PresentPixmapSynced

Jos辿 Exp坦sito (1):
      meson: add header paths to declare_dependency

Mohamed Akram (1):
      keysymdef.h: add dead_hamza symbol

Olivier Fourdan (1):
      xorgproto 2024.1

Pierre Le Marre (14):
      keysymdef.h: Fix typo for Mode_switch aliases
      keysymdef.h: Improve doc on deprecated keysyms
      keysymdef.h: Improve comment of two keysyms
      keysyms headers: Normalize keysyms value format & padding
      keysymdef.h: Normalize Unicode mappings
      keysyms headers: Make some aliases explicit
      Keysyms: Update XF86Keysyms.h
      keysyms: Revert removals and postpone effective deprecation
      keysyms: Add warning about removals & canonical names changes
      keysyms: Add regex for keysyms with Unicode annotation in angle brackets
      keysyms: Fix typo in XK_guillemotright comment
      keysyms: Make some comments more standard
      keysyms: Note that some canonical names may be deprecated
      keysyms: Improve doc & comments for non-deprecated aliases

(wiz)

doc: Updated x11/libXmu to 1.2.0

(wiz)

libXmu: update to 1.2.0.

This release raises the minimum version of libXt required to 1.1.0
(released in 2011), and for those builders who need to regenerate
the autoconf files, raises the minimum version of autoconf required
to 2.70 (released in 2020).

Alan Coopersmith (21):
      configure: raise minimum autoconf requirement to 2.70
      src/Makefile.am: Remove hardcoded -D_BSD_SOURCE
      configure: Use LT_INIT from libtool 2 instead of deprecated AC_PROG_LIBTOOL
      test: Convert test code to use glib test helpers
      test: Add simple test cases for functions in src/RdBitF.c
      test: Add simple test cases for functions in src/CursorName.c
      test: Add simple test cases for functions in src/Lower.c
      test: Add simple test cases for functions in src/StrToBS.c
      test: Add simple test cases for functions in src/StrToGrav.c
      test: Add simple test cases for functions in src/StrToJust.c
      test: Add simple test cases for functions in src/StrToLong.c
      test: Add simple test cases for functions in src/StrToOrnt.c
      test: Add simple test cases for functions in src/StrToShap.c
      test: Add simple test cases for functions in src/reallocarray.c
      XmuReadBitmapDataFromFile: set close-on-exec when opening files
      unifdef hpux
      unifdef Lynx
      Remove "#ifndef notdef" checks
      unifdef SYSV
      Use XtAsprintf to simplify os_name string generation
      libXmu 1.2.0

(wiz)

doc: Updated x11/xf86-video-vboxvideo to 1.0.1

(wiz)

xf86-video-vboxvideo: update to 1.0.1.

This release fixes a failure to build with C23 compilers, and
cleans up some compiler warnings.

Alan Coopersmith (16):
      Update README for gitlab migration
      Update configure.ac bug URL for gitlab migration
      Build xz tarballs instead of bzip2
      Fix spelling/wording issues
      gitlab CI: add a basic build test
      gitlab CI: stop requiring Signed-off-by in commits
      gitlab CI: ensure libtool is installed in build container
      configure: Use LT_INIT from libtool 2 instead of deprecated AC_PROG_LIBTOOL
      Add X.Org's standard C warning flags to AM_CFLAGS
      Silence some standard X.Org warnings that cause too much noise
      Quiet -Wredundant-decls from xorg/os.h fallbacks for new libc functions
      Fix 142 instances of -Wredundant-decls warning for RTASSERTVAR
      Stop building helpers.c
      COPYING: include all three MIT/X11 license variants from source files
      Fix builds with C23 compilers
      xf86-video-vboxvideo 1.0.1

(wiz)

doc: Updated x11/xf86-video-savage to 2.4.1

(wiz)

xf86-video-savage: update to 2.4.1.

This release fixes a failure to build with gcc 14 and cleans up several
other compiler warnings.

Alan Coopersmith (12):
      gitlab CI: ensure libtool is installed in build container
      Don't call xf86DisableRandR in ABI_VIDEODRV_VERSION 24 & later
      Don't build unused code for HorizScaleFactor != 1
      configure: Use LT_INIT from libtool 2 instead of deprecated AC_PROG_LIBTOOL
      Add X.Org's standard C warning flags to AM_CFLAGS
      Revert "exa: Use exaGetPixmapFirstPixel() instead of devPrivate.ptr"
      Fix warning: no previous prototype for ���SavageGetCopyROP���
      Fix -Wdeclaration-after-statement warning in SavagePreInit()
      Use C99 named initializers for XF86ModReqInfo in SavagePreInit()
      Fix 5 -Wshadow warnings
      Quiet -Wredundant-decls from xorg/os.h fallbacks for new libc functions
      xf86-video-savage 2.4.1

(wiz)

doc: Updated x11/xf86-video-nv to 2.1.23

(wiz)

xf86-video-nv: update to 2.1.23.

Alan Coopersmith (13):
      gitlab CI: stop requiring Signed-off-by in commits
      Remove "All rights reserved" from Oracle copyright notices
      gitlab CI: ensure libtool is installed in build container
      Don't call xf86DisableRandR in ABI_VIDEODRV_VERSION 24 & later
      configure: Use LT_INIT from libtool 2 instead of deprecated AC_PROG_LIBTOOL
      Add X.Org's standard C warning flags to AM_CFLAGS
      Fix 4 -Wdiscarded-qualifiers warnings
      Fix warning: ���NVDMAKickoffCallback��� defined but not used [-Wunused-function]
      Fix warning: ���NVPatternROP��� defined but not used [-Wunused-const-variable=]
      Fix -Wdiscarded-qualifiers warning in G80PreInit
      Fix warning: no previous prototype for ���G80ExaInit��� [-Wmissing-prototypes]
      riva_hw.c: Ensure ABS macro expands correctly
      xf86-video-nv 2.1.23

Yusuf Khan (2):
      fix nv on powerpc
      treewide: #if -> #ifdef

(wiz)

doc: Updated x11/xf86-video-chips to 1.5.0

(wiz)

xf86-video-chips: update to 1.5.0.

Alan Coopersmith (18):
      Build xz tarballs instead of bzip2
      Fix spelling/wording issues
      gitlab CI: add a basic build test
      gitlab CI: stop requiring Signed-off-by in commits
      gitlab CI: ensure libtool is installed in build container
      configure: Use LT_INIT from libtool 2 instead of deprecated AC_PROG_LIBTOOL
      configure: quote call to AC_LANG_SOURCE in AC_LINK_IFELSE
      Add X.Org's standard C warning flags to AM_CFLAGS
      Fix -Wmisleading-indentation warning in chipsPreInitHiQV()
      Handle 4 -Wmissing-prototypes warnings
      AsmMacros.h: convert function definitions from K&R to C89
      unifdef NCR
      unifdef Lynx
      unifdef __SCO__
      unifdef __USLC__
      Remove ifdef checks for non-Solaris SVR4 systems
      Quiet -Wredundant-decls from xorg/os.h fallbacks for new libc functions
      xf86-video-chips 1.5.0

(wiz)

doc: Updated misc/xorg-docs to 1.7.3

(wiz)

xorg-docs: update to 1.7.3.

Alan Coopersmith (8):
      Build xz tarballs instead of bzip2
      gitlab CI: add a basic build test
      Switch to XORG_DEFAULT_NOCODE_OPTIONS
      Remove "All rights reserved" from Oracle copyright notices
      MAINTAINERS: update format
      MAINTAINERS: update data
      gitlab CI: Update to latest CI templates & Debian stable release
      xorg-docs 1.7.3

Enrico Weigelt, metux IT consult (1):
      MAINTAINERS: take Xnest maintainership

Peter Hutterer (1):
      MAINTAINERS: add xisxwayland

Thomas E. Dickey (1):
      add maintainer for Xft

(wiz)

doc: Updated x11/xman to 1.2.0

(wiz)

xman: update to 1.2.0.

This release improves the display of the formatted man page when using man-db,
fixes a memory leak when closing a man page, and removes support for a number
of OS'es from the 80's & 90's, along with removing support for using Xprint
to print a man page.

Alan Coopersmith (13):
      unifdef ISC
      unifdef sgi
      unifdef __osf__
      unifdef hpux
      unifdef SCO, __SCO__, and __UNIXWARE__
      unifdef sony
      unifdef defined(SVR4) && !defined(sun)
      unifdef __bsdi__
      unifdef BSD < 199103
      unifdef ATHENA
      unifdef INCLUDE_XPRINT_SUPPORT
      unifdef NO_COMPRESS
      xman 1.2.0

gldrk (2):
      Free buffered file contents when closing man page
      Restore formatting with modern man-db

(wiz)

doc: Updated x11/xload to 1.2.0

(wiz)

xload: update to 1.2.0.

This release adds -help and -version options, and removes support for a
number of older OS'es that predate the common getloadavg() system call.

For those building for 32-bit platforms, it also enables use of the
"large file" APIs in case its necessary to access file whose size or
inode number is outside the range of the original 32-bit API.

Since this release was generated using the new GNU autoconf 2.72, this also
adds a --enable-year2038 configure flag which may allow xload on 32-bit
platforms to work with files whose timestamps are later than January 19, 2038,
but this has not been tested.

Alan Coopersmith (17):
      unifdef -UUSG
      gitlab CI: stop requiring Signed-off-by in commits
      Print which arguments were unknown before giving usage message
      Add -help and -version options
      Use asprintf() if available
      configure: Use AC_SYS_LARGEFILE to enable large file support
      unifdef SYSV
      unifdef __osf__
      unifdef hpux
      unifdef SVR4
      unifdef att
      unifdef QNX4
      Use autoconf to check for <paths.h> instead of ifdef BSD
      Use autoconf to check for <protocols/rwhod.h> instead of OS-specific ifdefs
      unifdef __bsdi__
      Use imdent to realign remaining pre-processer directives
      xload 1.2.0

(wiz)

doc: Updated x11/xedit to 1.2.4

(wiz)

xedit: update to 1.2.4.

This release adds -help and -version options, removes remnants of support
for OS/2 & Interactive Unix, and fixes a crash if there is a call to an
undefined function in lisp.lsp.

Alan Coopersmith (7):
      gitlab CI: stop requiring Signed-off-by in commits
      Add -help and -version options
      unifdef __UNIXOS2__
      Use AC_C_INLINE instead of ifdef __GNUC__ to check for inline keyword
      unifdef ISC
      Fix crash when undefined function called in lisp.lsp
      xedit 1.2.4

(wiz)

doc: Updated sysutils/libpciaccess to 0.18.1

(wiz)

libpciaccess: update to 0.18.1.

This release fixes the meson.build to honor meson's
-Ddefault_library={shared,static,both} flag to control which types of
library are built, instead of always forcing the build of only a shared
library.

Alan Coopersmith (2):
      meson: allow building static library, not just shared
      libpciaccess 0.18.1

(wiz)

doc: Updated x11/xdm to 1.1.15

(wiz)

xdm: update to 1.1.15.

This release fixes a failure to build with the upcoming gcc 14, cleans
up several other compiler warnings, fixes a bug in the generation of the
xdm.service file for systemd, and removes a lot of dead code checks for
platforms & features that have not been supported since the conversion
from Imake to autoconf in 2005.

Alan Coopersmith (26):
      gitlab CI: stop requiring Signed-off-by in commits
      Remove "All rights reserved" from Oracle copyright notices
      gitlab CI: Update to latest CI templates & Debian stable release
      configure: Use LT_INIT from libtool 2 instead of deprecated AC_PROG_LIBTOOL
      Fix -Wincompatible-pointer-types warning from gcc (issue #15)
      greeter: Handle const qualification differences between Solaris & Linux PAM
      greeter: Constify value argument to SetValue()
      unifdef ultrix
      unifdef sony
      unifdef PowerMAX_OS
      unifdef __convex__
      unifdef hpux
      unifdef pegasus
      unifdef __UNIXOS2__
      unifdef QNX4
      unifdef AF_CHAOS
      unifdef AF_DECnet
      unifdef SYSV
      unifdef SIGNALS_RESET_WHEN_CAUGHT
      unifdef UNRELIABLE_SIGNALS
      unifdef FRAGILE_DEV_MEM
      Remove support for SVR4 systems other than Solaris/illumos
      include <shadow.h> on all platforms with HAVE_GETSPNAM set, not just SVR4
      unifdef __osf__
      session.c: clear -Wredundant-decls warnings on Solaris
      xdm 1.1.15

Alisson Bruno (1):
      Fix --with-systemd-daemon option

(wiz)

doc: Updated x11/modular-xorg-xephyr to 21.1.12

(wiz)

doc: Updated x11/modular-xorg-server to 21.1.12

(wiz)