security/ruby-vault: update to 0.17.0

0.17.0 (2022-05-11)

IMPROVEMENTS

* Added MissingRequiredStateErr error type to refer to 412s returned by
  Vault 1.10 when the WAL index on the node does not match the index in the
  Server-Side Consistent Token.  This error type can be passed as a
  parameter to #with_retries, and will also be retried automatically when
  #with_retries is used with no parameters.

(taca)

doc: Updated security/ruby-rex-text to 0.2.39

(taca)

security/ruby-rex-text: update to 0.2.39

0.2.37 (2021-09-16)

* Land #42, Update Ubuntu version & Ruby setup

0.2.38 (2022-06-29)

* Land #44, Fix rex-text split string crash

0.2.39 (2022-08-08)

* Land #47, Run ubuntu 22.04 in test matrix

(taca)

doc: Updated security/ruby-rex-socket to 0.1.41

(taca)

security/ruby-rex-socket: update to 0.1.41

0.1.35 (2022-04-05)

* Land #42, Add ruby 3.1.1 to test matrix

0.1.36 (2022-05-03)

* Land #45, Allow explicitly setting peer hostname

0.1.37 (2022-05-03)

* Land #46, fixes a bug caused by a missing require statement

0.1.38 (2022-05-03)

* Land #44, Ignore trailing commas in range walker

0.1.39 (2022-05-09)

* Land #48, Fix typo in ssl_tcp.rb Fixes #47

0.1.40 (2022-06-13)

* Fix typo in README.md

0.1.41 (2022-08-02)

* Land #50, Run ubuntu 22.04 in test matrix

(taca)

doc: Updated security/ruby-rex-powershell to 0.1.96

(taca)

security/ruby-rex-powershell: update to 0.1.96

0.1.95 (2022-02-14)

* Land #39, Fix upgrading sessions on Windows

0.1.96 (2022-04-07)

* Land #40, Add ruby 3.1.1 to test matrix

(taca)

doc: Updated security/ruby-rex-mime to 0.1.7

(taca)

security/ruby-rex-mime: update to 0.1.7

0.1.7 (2022-03-07)

* Land #2, Fix Multipart Boundary Fingerprint Issue

(taca)

doc: Updated security/ruby-rex-exploitation to 0.1.35

(taca)

security/ruby-rex-exploitation: update to 0.1.35

0.1.29 (2022-03-07)

* Land #30, Add 'no_proto' option to wget/curl/lwp-request command stagers

0.1.30 (2022-04-05)

* Land #30, Add 'no_proto' option to wget/curl/lwp-request command stagers

0.1.31 (2022-07-01)

* Land #32, Add ruby 3.1.1 to test matrix

* Land #34, CmdStagerTFTP: Set payload filename; raise if tftphost is not
  set

0.1.32 (2022-07-11)

* Land #35, add cmdstager tests

0.1.33 (2022-07-14)

* Land #33, add FtpHttp cmdstager

0.1.34 (2022-07-18)

* Land #37, Update spec tests

0.1.35 (2022-7-18)

* Land #38, Add missing Rex::Exploitation::ObfuscateJS tests

(taca)

doc: Updated security/ruby-rex-core to 0.1.28

(taca)

security/ruby-rex-core: update to 0.1.28

0.1.21 (2022-01-25)

* Land #21, Apply rubocop changes to socket_abstraction

0.1.22 (2022-01-26)

* Land #23, GitHub actions for running tests

0.1.23 (2022-01-26)

* Land #24, move verify.yml to workflows folder

0.1.24 (2022-01-26)

* Land #24, move verify.yml to workflows folder

0.1.25 (2022-01-26)

* Land #22, cherry pick of stream_server cleanup

0.1.26 (2022-02-15)

* Land #20, Fix metasploit-framework#15968 (Multiple Socket Abstraction
  Bugs)

0.1.27 (2022-03-24)

* Land #25, Stop refs being cloned or duped

0.1.28 (2022-04-05)

* Land #26, Rex::Compat: open_browser: Prepend 'file://' to file URLs for
  Android

(taca)

doc: Updated devel/hs-primitive-extras to 0.10.1.5

(mef)

(devel/hs-primitive-extras) Updated to 0.10.1.5, ChangeLog unknown

(mef)

pullups #6664 #6669

(spz)

Pullup tickets #6664 #6669 - requested by taca
net/samba4: security update
databases/ldb: dependency update

Update net/samba4 to 4.15.9 from samba-4.15.6 by patch,
since HEAD is on a later minor.
Update databases/ldb to 2.4.4 from 2.4.2 because samba-4.15.9 requires it.

(spz)

doc: Updated security/ruby-chef-vault to 4.1.10

(taca)

security/ruby-chef-vault: update to 4.1.10

4.1.6 (2022-01-07)

* To add a workflow for Simplecov Report

4.1.7 (2022-01-17)

* Add workstation team as code-owner
* Avoid loading all of chef-vault unless we're running the plugin (#385)

4.1.8 (2022-04-10)

* updated the HTTPServerException to HTTPClientException
* Merge pull request #391 from chef/nikhil/updating-ruby-3.0/3.1

4.1.9 (2022-04-12)

* Update chef-utils requirement from = 16.6.14 to 17.10.0 #394
  (dependabot[bot])
* Update pry-stack_explorer requirement from ~> 0.4.0 to ~> 0.6.1 #395
  (dependabot[bot])

4.1.10 (2022-04-18)

Merged Pull Requests

* To integrate test coverage % report in PR creation or merge #387
  (snehaldwivedi)

(taca)

doc: Updated security/ruby-oauth to 1.0.0

(taca)

security/ruby-oauth: update to 1.0.0

1.0.0 (2022-08-23)

The first "Stable Release" in terms of Semantic Versioning.

The oldest supported Ruby, currently 2.7, will be dropped no later than
April 2025, and a new major version of this gem will be released to drop
Ruby 2.7 support (and possibly other stuff).

(taca)

doc: Updated security/ruby-openssl-cmac to 2.0.2

(taca)

security/ruby-openssl-cmac: update to 2.0.2

2.0.2 (2022-07-29)

* Fix calculation with openss3

(taca)

doc: Updated security/ruby-openssl-ccm to 1.2.3

(taca)

security/ruby-openssl-ccm: update to 1.2.3

1.2.3 (2022-07-29)

* Fix calculation with openssl3

(taca)

doc: Updated security/ruby-metasploit-payloads to 2.0.94

(taca)

security/ruby-metasploit-payloads: really update to 2.0.94

Reallu update to 2.0.94 not 2.0.93.

(taca)

security/ruby-metasploit-payloads: update to 2.0.94

2.0.75 (2022-02-23)

* Fix race condition when reading subprocess results
* Fail on invalid impersonation levels

2.0.76 (2022-03-01)

*  Land #537, Fix race condition in pymet

2.0.77 (2022-03-01)

* Update mimikatz to 61cd1b9168

2.0.78 (2022-03-25)

* Build and ship debug builds for windows meterpreter
* Don't modify strings you don't own
* add AMD64 in get_system_arch
* add case insensivity
* Land #555, add AMD64 arch in get_system_arch()

2.0.79 (2022-04-01)

* Fix PHP Meterpreter crashing when trying to close a resource
* Land #553, Build and ship debug builds for windows meterpreter

2.0.80 (2022-04-01)

*  Land #560, add build debug version to r7_all

2.0.81 (2022-04-05)

* Land #558, PHP Meterpreter v8.x Support - ensure already closed channels
  are not reclosed

2.0.82 (2022-04-12)

* Fix AF_INET constants in PHP Meterpreter
*  Land #557, Add debug logfile to Python Meterpreter

2.0.83 (2022-04-12)

*  Land #559, Add logging prerequisites to PHP Meterpreter

2.0.84 (2022-04-26)

* Update the kiwi extension
* Various changes required for cross compilation
* Land #564, Remove unused extension network pug

2.0.85 (2022-04-29)

* Add REQUEST_IGNORE_BATTERY_OPTIMIZATIONS android permission
* Land #563, Add logging to file capabilities to windows Meterpreter

2.0.86 (2022-05-03)

*  Land #566, Add REQUEST_IGNORE_BATTERY_OPTIMIZATIONS android permission

2.0.87 (2022-05-03)

* Land #565, update mimikatz (the kiwi extension)

2.0.88 (2022-05-04)

* Fix order of closing channels
* Update to include ReflectiveDllInjection#12
* Land #562, Fix AF_INET constants in PHP Meterpreter

2.0.89 (2022-05-05)

* Land #572, Fix argument order for array join

2.0.90 (2022-05-06)

* Land #570, Fix order of closing channels

2.0.91 (2022-05-11)

* Land #574, Remove logging artifacts that made their way into the release
  build

2.0.92 (2022-05-16)

* Land #575, fix android meterpreter > play audio command

2.0.93 (2022-05-17)

* Land #571, Update ReflectiveDLLInjection to include #12 and remove a few
  RWX memory sections.

2.0.94 (2022-06-23)

* Land #577, Add 6th getsystem technique EfsPotato

(taca)

doc: Updated security/ruby-metasploit-model to 4.0.6

(taca)

security/ruby-metasploit-model: update to 4.0.6

4.0.4 (20220-4-07)

* Add ruby 3.1.1 to test matrix

4.0.5 (2022-06-17)

* Add login status enum for incorrect public part

4.0.6 (2022-08-02)

* Run ubuntu 22.04 in test matrix

(taca)

doc: Updated security/ruby-metasploit-concern to 4.0.4

(taca)

security/ruby-metasploit-concern: update to 4.0.4

4.0.4 (2022-04-05)

* Add ruby 3.1.1 to test matrix.

(taca)

doc: Updated security/ruby-bcrypt to 3.1.18

(taca)

security/ruby-bcrypt: update to 3.1.18

3.1.17 (2022-05-14)

* Unlock GVL when calculating hashes and salts [GH #260]
* Fix compilation warnings in `ext/mri/bcrypt_ext.c` [GH #261]

3.1.18 (2022-05-16)

* Fix regex in validators to use \A and \z instead of ^ and $ [GH #121]
* Truncate secrets greater than 72 bytes in hash_secret [GH #255]
* Assorted test and doc improvements

(taca)

doc: Updated security/ruby-airbrussh to 1.4.1

(taca)

security/ruby-airbrussh: update to 1.4.1

1.4.1 (2022-07-23)

This is a gem housekeeping release. No user-facing changes.

Housekeeping

* Rename default branch to main (#140) @mattbrictson
* Include link to full diff in generated release notes (#144) @mattbrictson
* Replace Travis with CircleCI and add Ruby 3.0 and 3.1 to CI matrix (#138)
  @mattbrictson
* Upgrade to modern version of coveralls gem (#143) @mattbrictson
* Update appveyor to use a more modern version of Ruby (2.6) (#142)
  @mattbrictson
* Fix build failures on Ruby < 2.5 (#141) @mattbrictson
* Simplify release-drafter config (#139) @mattbrictson

(taca)

doc: Updated print/ruby-pdf-reader to 2.10.0

(taca)

print/ruby-pdf-reader: update to 2.10.0

2.9.2 (2022-02-20)

* Fix PDF::Reader::ObjectHash#page_references to return an Array of
  PDF::Reader::Reference (http://github.com/yob/pdf-reader/pull/444)

2.10.0 (2022-05-12)

* Various bug fixes
* Expanded sorbet type annotations

(taca)

doc: Updated net/ruby-xdr to 3.0.3

(taca)

net/ruby-xdr: update to 3.0.3

pkgsrc change: relax dependency to Rail's version.

3.0.3 (2022-02-18)

Bug Fixes

* make XDR::Option write empty strings as values (#15) (ccab229)

(taca)

doc: Updated net/ruby-train-winrm to 0.2.13

(taca)

net/ruby-train-winrm: update to 0.2.13

0.2.13 (2022-02-25)

Merged Pull Requests

* CFINSPEC-2 Added options to allow SSL connection with certificates #34
  (Nik08)

(taca)

doc: Updated net/ruby-ruby_smb to 3.1.7

(taca)

net/ruby-ruby_smb: update to 3.1.7

No Changes nor release note and there are too many changes from 3.0.3.
Please refer: <https://github.com/rapid7/ruby_smb/compare/v3.0.3...v3.1.7>.

(taca)

doc: Updated net/ruby-recog to 3.0.2

(taca)

net/ruby-recog: update to 3.0.2

For changes before 3.0.0 (2.3.23), please refer
<https://github.com/rapid7/recog/releases/tag/v2.3.23>.

3.0.0 - 2022.06.28

What's Changed

* Repository split - remove recog library by @mkienow-r7 in #437
* Update default branch rename instructions by @mkienow-r7 in #442
* Update to Ruby version 2.7.5 by @mkienow-r7 in #443
* recog_standardize: handle missing files, detect removed identifiers, unify
  device type tracking by @TomSellers in #438
* Add Baxter SIGMA Spectrum Infusion System fingerprint by @mkienow-r7 in #439
* Add FastHTTP fingerprint by @mkienow-r7 in #440
* Add ManageEngine ADSelfService Plus cookie by @mkienow-r7 in #441
* Restore and enhance fingerprint self test spec by @mkienow-r7 in #444
* Add WatchGuard Fireware XTM favicon fingerprint by @mkienow-r7 in #445
* Fix pre-commit hook for updated recog_standardize by @mkienow-r7 in #446
* Add WSO2 product fingerprints by @mkienow-r7 in #450
* Add openHAB fingerprints by @mkienow-r7 in #448
* Add Home Assistant favicon fingerprint by @mkienow-r7 in #449
* Add Ballerina programming language HTTP module fingerprint by @mkienow-r7
  in #451
* Add Alentis Electronics NetPing PDU fingerprints by @mkienow-r7 in #447
* Add dotCMS Content Management Platform fingerprints by @mkienow-r7 in #452
* Add Microsoft Azure Application Gateway fingerprint by @mkienow-r7 in #453
* Add Alibaba Cloud Object Storage Service (OSS) fingerprint by @mkienow-r7
  in #454
* Add assorted ZTE CPE device web server fingerprint by @mkienow-r7 in #455
* Add a favicon for synology DSM by @jvoisin in #457
* Add a x509_issuers fingerprint for proxmox by @jvoisin in #459
* Fix port number portion of an assert nothing HTTP server regex by
  @mkienow-r7 in #461
* Add Hydra web server fingerprint by @mkienow-r7 in #463
* Add Aruba fingerprints via SNMP by @dcollado-r7 in #462

New Contributors

* @dcollado-r7 made their first contribution in #462

3.0.1 - 2022.06.29

What's Changed

* Repository split - remove recog library by @mkienow-r7 in #437
* Update default branch rename instructions by @mkienow-r7 in #442
* Update to Ruby version 2.7.5 by @mkienow-r7 in #443
* recog_standardize: handle missing files, detect removed identifiers, unify
  device type tracking by @TomSellers in #438
* Add Baxter SIGMA Spectrum Infusion System fingerprint by @mkienow-r7 in #439
* Add FastHTTP fingerprint by @mkienow-r7 in #440
* Add ManageEngine ADSelfService Plus cookie by @mkienow-r7 in #441
* Restore and enhance fingerprint self test spec by @mkienow-r7 in #444
* Add WatchGuard Fireware XTM favicon fingerprint by @mkienow-r7 in #445
* Fix pre-commit hook for updated recog_standardize by @mkienow-r7 in #446
* Add WSO2 product fingerprints by @mkienow-r7 in #450
* Add openHAB fingerprints by @mkienow-r7 in #448
* Add Home Assistant favicon fingerprint by @mkienow-r7 in #449
* Add Ballerina programming language HTTP module fingerprint by @mkienow-r7
  in #451
* Add Alentis Electronics NetPing PDU fingerprints by @mkienow-r7 in #447
* Add dotCMS Content Management Platform fingerprints by @mkienow-r7 in #452
* Add Microsoft Azure Application Gateway fingerprint by @mkienow-r7 in #453
* Add Alibaba Cloud Object Storage Service (OSS) fingerprint by @mkienow-r7
  in #454
* Add assorted ZTE CPE device web server fingerprint by @mkienow-r7 in #455
* Add a favicon for synology DSM by @jvoisin in #457
* Add a x509_issuers fingerprint for proxmox by @jvoisin in #459
* Fix port number portion of an assert nothing HTTP server regex by
  @mkienow-r7 in #461
* Add Hydra web server fingerprint by @mkienow-r7 in #463
* Add Aruba fingerprints via SNMP by @dcollado-r7 in #462

New Contributors

* @dcollado-r7 made their first contribution in #462

(taca)

doc: Updated net/ruby-netaddr to 2.0.6

(taca)

net/ruby-netaddr: update to 2.0.6

2.0.6 (2022-07-08)

* Fix support for ipv4-embedded ipv6 networks.

(taca)

doc: Added net/ruby-net-smtp version 0.3.1

(taca)

net/Makefile: add and enable ruby-net-smtp

(taca)

net/ruby-net-smtp: add package version 0.3.1

It is required for forthcoming redmine50 package on Ruby 2.7 or 3.0.

Simple Mail Transfer Protocol client library for Ruby.

(taca)

doc: Updated net/ruby-net-ldap to 0.17.1

(taca)

net/ruby-net-ldap: update to 0.17.1

0.17.1 (2022-06-07)

* Fixed shebang of bash #385
* Omit some tests for now until we update our CA cert #386
* Add Ruby 3.0 support #388
* Add TruffleRuby 21.0.0 to CI #389
* Correct a typo in an error message #391
* Enable bundler caching for travis #390
* Fix circular require while loading lib/net/ldap/entry.rb and
  lib/net/ldap/dataset.rb #392
* Handle nil value in GetbyteForSSLSocket::getbyte #306

(taca)

doc: Added net/ruby-net-imap version 0.2.3

(taca)

net/Makefile: add and enable ruby-net-imap

(taca)

net/ruby-net-imap: add package versio 0.2.3

It is required for forthcoming redmine50 package on Ruby 2.7 or 3.0.

Ruby client api for Internet Message Access Protocol.

(taca)

doc: Updated misc/ruby-windows_error to 0.1.4

(taca)

misc/ruby-windows_error: update to 0.1.4

0.1.4 (2022-03-30)

* Sort constants so the order is deterministic.

(taca)

doc: Updated misc/ruby-sprockets to 4.1.1

(taca)

misc/ruby-sprockets: update to 4.1.1

pkgsrc change: add misc  to CATEGORIES at first

4.1.0 (2022-06-24)

* Allow age to be altered in asset:clean rake task.
* Fix Sprockets::Server to return lower-cased response headers to comply
  with Rack::Lint 3.0. #744
* Adding new directive depend_on_directory #668
* Fix application/js-sourcemap+json charset #669
* Fix CachedEnvironment caching nil values #723
* Process *.jst.ejs.erb files with ERBProcessor #674
* Fix cache key for coffee script processor to be dependent on the filename
  #670

4.1.1 (2022-06-27)

* Fix Sprockets::Server to return response headers to compatible with with
  Rack::Lint 2.0.

(taca)

doc: Updated misc/ruby-slop to 4.9.2

(taca)

misc/ruby-slop: updateo to 4.9.2

4.9.2 (2022-03-26)

Bug fixes:

* Handle flag arguments that contain equals character #275 (ConnorWGarvey)

(taca)

doc: Updated misc/ruby-bundler to 2.3.21

(taca)

misc/ruby-bundler: update to 2.3.21

For changes before 2.3.18, please refer:
<https://github.com/rubygems/rubygems/releases>.

2.3.20 (2022-08-10)

Enhancements:
* Consistently ignore patchlevel when reporting bundle platform --ruby #5793
* Make --standalone play nice with --local #5762
* Implement bundle install --prefer-local #5761

Bug fixes:

* Fix regression where yanked gems are now unintentionally updated when
  other gems are unlocked #5812
* Automatically remove "ruby" from lockfile if incomplete #5807
* Fix bundle outdated --strict showing too many outdated gems #5798
* Don't discard candidates matching Ruby metadata #5784
* Fix bundle outdated crash in debug mode #5796
* Fix ruby DSL requirement matching for head and prerelease rubies #5766

Documentation:
* Update Bundler support policies to match what we do these days #5813
* Fix arguments for bundle-config(1) docs #5804
* Improve bundle platform man page #5788
* Remove bundle cache from deprecated commands list, and consistently link
  to bundle cache in man pages #5783
* Add package/pack aliases to man pages for cache #5785
* Add deprecation notice of bundle console #5775

2.3.21 (2022-08-24)

Enhancements:
* Backport non gnu libc linux support from RubyGems #4488
* Improve Bundler.rm_rf error message #5861
* Disallow both --branch and --ref at the same time in bundle-plugin #5855
* Restore previous performance of private RubyGems servers #5826

Bug fixes:
* Fix conservative update downgrading top level gems #5847
* Fix edge case where bundler/inline unintentionally skips install #5848
* Fix bundle platform crash when there's a lockfile with no Ruby locked
  #5850
* Fix crash when incomplete locked specifications are found in transitive
  dependencies #5840
* Fix Ruby platform incorrectly removed on bundle update #5832

Documentation:
* Explain cancelled CLI deprecations clearly #5864
* Improve bundle config command synopsis #5854
* Introduce bundle-plugin(1) man #5853

2.3.19 (2022-07-27)

Enhancements:
* Add Bundler.settings[:only] to install gems of the specified groups #5759
* Add ignore_funding_requests config flag #5767
* Prevent random crash when autoloading Pathname #5769
* Don't corrupt lockfile when user moves a gem that's already in the
  lockfile to an incorrect source by mistake #5070
* Reconcile error/warning message for multiple global sources with
  documentation #5741
* Improve error message when gems cannot be found to include the source for
  each gem #5729

Bug fixes:
* Fix yet another TruffleRuby platform selection regression #5746
* Show a proper error if extension dir is not writable #5726

Performance:
* Lazily check incomplete lockfile to improve performance #5546

Documentation:
* Add deprecation notice of bundle inject #5776
* Add deprecation notice of bundle viz to man pages #5765
* Update command example in bundle exec man page #5754
* Remove bundle show from obsolete commands #5753
* Improve global source(s) documentation #5732
* Use https protocol for URLs for config mirror in bundler man #5722

2.3.18 (2022-07-14)

Enhancements:
* Extend gem DSL with a force_ruby_platform option #4049

Bug fixes:
* Fix misleading error if compact index cannot be copied #5709
* Fix TruffleRuby no longer able to install lockfiles generated with other
  implementations #5711
* Fix TruffleRuby no longer installing lockfiles using "ruby" platform
  correctly #5694
* Fix crash when updating vendor cache of default gems #5679

Performance:
* Speed up bundler/setup by using the raw Gemfile.lock information without
  extra processing whenever possible #5695

Documentation:
* Use modern style hashes in Gemfile DSL docs #5674

(taca)

doc: Updated math/ruby-roo to 2.9.0

(taca)

math/ruby-roo: update to 2.9.0

2.9.0 (2022-03-19)

Changed/Added

* Ruby 3.x Support 555
* Ignore all richdata at 'xl/richData' of XSLX 552
* Only copy if cell is present when expand_merged_ranges: true 557
* Fixes issue where the contents of hidden sheet was returned when parsing
  visible sheets only. 536
* Add formats 525
* Fix warnings caused by Ruby 2.7 update 530
* Add formats 525

Removed

* Support for ruby 2.4, 2.5, 2.6 (excluded jRuby)

(taca)

doc: Updated emulators/nono to 0.4.3

(jun)

nono: update to 0.4.3.

0.4.3 (2022-08-27)

m68k(Fix): "Implement case level 0 and level 7 of PTESTR/PTESTW instructions."
m68k(Fix): "Fix match behavior when R/W bit are set on TT0/1 registers."
m68k(Fix): "Fix that an application becomes inoperable on double bus fault in VM
."
m88k(Fix): "Improve pseudo STOP behaviors."
vm(Update): "Implement GETC/PUTC routines on LUNA-88K's internal PROM."
vm(New): "Support NWS-1750. It's just a joke."
  https://twitter.com/ebijun/status/1563633415915970561

(jun)

pullups #6660 #6661 #6662 #6663 #6665 #6666 #6667

(spz)

doc: Updated x11/gtk4 to 4.6.6nb2

(wiz)

gtk4: add upstream bug fix for 'save' dialogs

Bump PKGREVISION.

(wiz)

Pullup ticket #6663 - requested by taca
www/drupal9: security update

Revisions pulled up:
- www/drupal9/Makefile                                          1.5
- www/drupal9/PLIST                                            1.3
- www/drupal9/distinfo                                          1.3

-------------------------------------------------------------------
  Module Name: pkgsrc
  Committed By: taca
  Date: Sun Jul 31 14:26:59 UTC 2022

  Modified Files:
  pkgsrc/www/drupal9: Makefile PLIST distinfo

  Log Message:
  www/drupal9: update to 9.3.20

  9.3.20 (2022-07-28)

  This is a patch (bugfix) release of Drupal 9 and is ready for use on
  production sites.  Learn more about Drupal 9.

  * Drupal core uses the third-party Diactoros library as its PSR-7
    implementation. Diactoros has issued a security advisory:

  * CVE-2022-31109: Diactoros before 2.11.1 vulnerable to HTTP Host Header
    Attack

  Drupal core is unlikely to be vulnerable.  This bugfix release updates the
  version of Diactoros used in drupal/core-recommended to a secure version as
  a precaution.

  9.3.19 (2022-07-20)

  This is a security release of the Drupal 9 series.

  This release fixes security vulnerabilities.  Sites are urged to update
  immediately after reading the notes below and the security announcement:

  * Drupal core - Moderately critical - Information Disclosure -
    SA-CORE-2022-012

  * Drupal core - Moderately critical - Access Bypass - SA-CORE-2022-013

  * Drupal core - Critical - Arbitrary PHP code execution - SA-CORE-2022-014

  * Drupal core - Moderately critical - Multiple vulnerabilities -
    SA-CORE-2022-015

  No other changes are included.

  To generate a diff of this commit:
  cvs rdiff -u -r1.4 -r1.5 pkgsrc/www/drupal9/Makefile
  cvs rdiff -u -r1.2 -r1.3 pkgsrc/www/drupal9/PLIST pkgsrc/www/drupal9/distinfo

(spz)

Pullup ticket #6662 - requested by taca
www/drupal7: security update

Revisions pulled up:
- www/drupal7/Makefile                                          1.77
- www/drupal7/PLIST                                            1.31
- www/drupal7/distinfo                                          1.61

-------------------------------------------------------------------
  Module Name: pkgsrc
  Committed By: taca
  Date: Sun Jul 31 14:23:22 UTC 2022

  Modified Files:
  pkgsrc/www/drupal7: Makefile PLIST distinfo

  Log Message:
  www/drupal7: update to 7.91

  7.91 (2022-07-20)

  Maintenance and security release of the Drupal 7 series.

  This release fixes security vulnerabilities.  Sites are urged to update
  immediately after reading the notes below and the security announcement:

  * Drupal core - Moderately critical - Information Disclosure - SA-CORE-2022-012

  No other changes are included.

  To generate a diff of this commit:
  cvs rdiff -u -r1.76 -r1.77 pkgsrc/www/drupal7/Makefile
  cvs rdiff -u -r1.30 -r1.31 pkgsrc/www/drupal7/PLIST
  cvs rdiff -u -r1.60 -r1.61 pkgsrc/www/drupal7/distinfo

(spz)

Pullup ticket #6661 - requested by taca
time/ruby-tzinfo1: security update

Revisions pulled up:
- time/ruby-tzinfo1/Makefile                                    1.6
- time/ruby-tzinfo1/PLIST                                      1.3
- time/ruby-tzinfo1/distinfo                                    1.8

-------------------------------------------------------------------
  Module Name: pkgsrc
  Committed By: taca
  Date: Sat Jul 30 14:20:42 UTC 2022

  Modified Files:
  pkgsrc/time/ruby-tzinfo1: Makefile PLIST distinfo

  Log Message:
  time/ruby-tzinfo1: update to 1.2.10

  1.2.10 (2022-07-19)

  * Fixed a relative path traversal bug that could cause arbitrary files to be
    loaded with require when used with RubyDataSource.  Please refer to
    GHSA-5cm2-9h8c-rvfx for details. CVE-2022-31163.

  * Ignore the SECURITY file from Arch Linux's tzdata package. #134.

  To generate a diff of this commit:
  cvs rdiff -u -r1.5 -r1.6 pkgsrc/time/ruby-tzinfo1/Makefile
  cvs rdiff -u -r1.2 -r1.3 pkgsrc/time/ruby-tzinfo1/PLIST
  cvs rdiff -u -r1.7 -r1.8 pkgsrc/time/ruby-tzinfo1/distinfo

(spz)

Pullup ticket #6667 - requested by khorben
security/openssl: security update

Revisions pulled up:
- security/openssl/Makefile                                    1.283
- security/openssl/distinfo                                    1.161

-------------------------------------------------------------------
  Module Name:    pkgsrc
  Committed By:  wiz
  Date:          Mon Jul 11 23:03:51 UTC 2022

  Modified Files:
          pkgsrc/security/openssl: Makefile distinfo

  Log Message:
  openssl: update to 1.1.1q.

    Major changes between OpenSSL 1.1.1p and OpenSSL 1.1.1q [5 Jul 2022]

        o Fixed AES OCB failure to encrypt some bytes on 32-bit x86 platforms
          (CVE-2022-2097)

  To generate a diff of this commit:
  cvs rdiff -u -r1.282 -r1.283 pkgsrc/security/openssl/Makefile
  cvs rdiff -u -r1.160 -r1.161 pkgsrc/security/openssl/distinfo

(spz)

Pullup ticket #6666 - requested by khorben
net/unbound: security update

Revisions pulled up:
- net/unbound/Makefile                                          1.93,1.92
- net/unbound/distinfo                                          1.71,1.70

-------------------------------------------------------------------
  Module Name:    pkgsrc
  Committed By:  he
  Date:          Mon Aug  1 12:38:46 UTC 2022

  Modified Files:
          pkgsrc/net/unbound: Makefile distinfo

  Log Message:
  Update net/unbound to version 1.16.2.

  Pkgsrc changes:
    * none, other than checksums.

  Upstream changes:

  Features
  - Merge #718: Introduce infra-cache-max-rtt option to config max
    retransmit timeout.

  Bug Fixes
  - Fix the novel ghost domain issues CVE-2022-30698 and CVE-2022-30699.
  - Fix bug introduced in 'improve val_sigcrypt.c::algo_needs_missing for
    one loop pass'.
  - Merge PR #668 from Cristian Rodr�guez: Set IP_BIND_ADDRESS_NO_PORT on
    outbound tcp sockets.
  - Fix verbose EDE error printout.
  - Fix dname count in sldns parse type descriptor for SVCB and HTTPS.
  - For windows crosscompile, fix setting the IPV6_MTU socket option
    equivalent (IPV6_USER_MTU); allows cross compiling with latest
    cross-compiler versions.
  - Merge PR 714: Avoid treat normal hosts as unresponsive servers.
    And fixup the lock code.
  - iana portlist update.
  - Update documentation for 'outbound-msg-retry:'.
  - Tests for ghost domain fixes.

  To generate a diff of this commit:
  cvs rdiff -u -r1.92 -r1.93 pkgsrc/net/unbound/Makefile
  cvs rdiff -u -r1.70 -r1.71 pkgsrc/net/unbound/distinfo

-------------------------------------------------------------------
  Module Name:    pkgsrc
  Committed By:  he
  Date:          Mon Jul 11 15:02:05 UTC 2022

  Modified Files:
          pkgsrc/net/unbound: Makefile distinfo

  Log Message:
  Update net/unbound to version 1.16.1.

  Pkgsrc changes:
    * none, other than checksums.

  Upstream changes:

  Features
  - Fix #704: [FR] Statistics counter for number of outgoing UDP queries
    sent; introduces 'num.query.udpout' to the 'unbound-control stats'
    command.

  Bug Fixes
  - makedist.sh picks up 32bit libssp-0.dll when 32bit compile.
  - Fix for edns client subnet to respect not looking in its cache when
    instructed to do so (e.g., prefetch).
  - Merge PR #688: Rpz url notify issue.
  - Note in the unbound.conf text that NOTIFY is allowed from the url:
    addresses for auth and rpz zones.
  - Remove unused LDNS function check for GOST Engine unloading.
  - Fix for loading locally stored zones that have lines with blanks or
    blanks and comments.
  - Fix #663: use after free issue with edns options.
  - Clarify -v flag manpage entry (#705)
  - Fix test program dohclient close to use portability routine.
  - Show the output of the exact .rpl run that failed with 'make test'.
  - Fix for cached 0 TTL records to not trigger prefetching when
    serve-expired-client-timeout is set.
  - Add debug option to the mini_tdir.sh test code.
  - Fix to not count cached NXDOMAIN for MAX_TARGET_NX.
  - Allow fallback to the parent side when MAX_TARGET_NX is reached.
    This will also allow MAX_TARGET_NX more NXDOMAINs.
  - iana portlist update.
  - Fix detection of libz on windows compile with static option.
  - Fix compile warning for windows compile.
  - Merge PR #706: NXNS fallback.
  - From #706: Cached NXDOMAIN does not increase the target nx
    responses.
  - From #706: Don't generate parent side queries if we already
    have the lame records in cache.
  - From #706: When a lame address is the best choice, don't try to
    generate target queries when the missing targets are all lame.
  - Merge PR #671 from Petr Men\u0161�k: Disable ED25519 and ED448 in FIPS
    mode on openssl3.
  - Merge PR #660 from Petr Men\u0161�k: Sha1 runtime insecure.
  - For #660: formatting, less verbose logging, add EDE information.
  - Fix for correct openssl error when adding windows CA certificates to
    the openssl trust store.
  - Improve val_sigcrypt.c::algo_needs_missing for one loop pass.
  - Reintroduce documentation and more EDE support for
    val_sigcrypt.c::dnskeyset_verify_rrset_sig.
  - Fix bug introduced in 'improve val_sigcrypt.c::algo_needs_missing for
    one loop pass'.
  - Merge PR #668 from Cristian Rodr�guez: Set IP_BIND_ADDRESS_NO_PORT on
    outbound tcp sockets.

  To generate a diff of this commit:
  cvs rdiff -u -r1.91 -r1.92 pkgsrc/net/unbound/Makefile
  cvs rdiff -u -r1.69 -r1.70 pkgsrc/net/unbound/distinfo

(spz)

Pullup ticket #6665 - requested by khorben
net/rsync: security update

Revisions pulled up:
- net/rsync/Makefile                                            1.122,1.121
- net/rsync/distinfo                                            1.56

-------------------------------------------------------------------
  Module Name:    pkgsrc
  Committed By:  wiz
  Date:          Mon Aug 22 11:11:49 UTC 2022

  Modified Files:
          pkgsrc/net/rsync: Makefile distinfo

  Log Message:
  rsync: update to 3.2.5.

  # NEWS for rsync 3.2.5 (14 Aug 2022)

  ## Changes in this version:

  ### SECURITY FIXES:

  - Added some file-list safety checking that helps to ensure that a rogue
    sending rsync can't add unrequested top-level names and/or include recursive
    names that should have been excluded by the sender.  These extra safety
    checks only require the receiver rsync to be updated.  When dealing with an
    untrusted sending host, it is safest to copy into a dedicated destination
    directory for the remote content (i.e. don't copy into a destination
    directory that contains files that aren't from the remote host unless you
    trust the remote host). Fixes CVE-2022-29154.

    - A fix for CVE-2022-37434 in the bundled zlib (buffer overflow issue).

  ### BUG FIXES:

  - Fixed the handling of filenames specified with backslash-quoted wildcards
    when the default remote-arg-escaping is enabled.

  - Fixed the configure check for signed char that was causing a host that
    defaults to unsigned characters to generate bogus rolling checksums. This
    made rsync send mostly literal data for a copy instead of finding matching
    data in the receiver's basis file (for a file that contains high-bit
    characters).

  - Lots of manpage improvements, including an attempt to better describe how
    include/exclude filters work.

  - If rsync is compiled with an xxhash 0.8 library and then moved to a system
    with a dynamically linked xxhash 0.7 library, we now detect this and disable
    the XX3 hashes (since these routines didn't stabilize until 0.8).

  ### ENHANCEMENTS:

  - The [`--trust-sender`](rsync.1#opt) option was added as a way to bypass the
    extra file-list safety checking (should that be required).

  ### PACKAGING RELATED:

  - A note to those wanting to patch older rsync versions: the changes in this
    release requires the quoted argument change from 3.2.4. Then, you'll want
    every single code change from 3.2.5 since there is no fluff in this release.

  - The build date that goes into the manpages is now based on the developer's
    release date, not on the build's local-timezone interpretation of the date.

  ### DEVELOPER RELATED:

  - Configure now defaults GETGROUPS_T to gid_t when cross compiling.

  - Configure now looks for the bsd/string.h include file in order to fix the
    build on a host that has strlcpy() in the main libc but not defined in the
    main string.h file.

  To generate a diff of this commit:
  cvs rdiff -u -r1.121 -r1.122 pkgsrc/net/rsync/Makefile
  cvs rdiff -u -r1.55 -r1.56 pkgsrc/net/rsync/distinfo

-------------------------------------------------------------------
  Module Name:    pkgsrc
  Committed By:  wiz
  Date:          Sat Jul 23 06:55:30 UTC 2022

  Modified Files:
          pkgsrc/net/rsync: Makefile

  Log Message:
  rsync: remove reference to non-existent file

  To generate a diff of this commit:
  cvs rdiff -u -r1.120 -r1.121 pkgsrc/net/rsync/Makefile

(spz)

Pullup ticket #6660 - requested by khorben
editors/vim-gtk2: security update
editors/vim-gtk3: security update
editors/vim-motif: security update
editors/vim-share: security update
editors/vim-xaw: security update

Revisions pulled up:
- editors/vim-gtk2/Makefile                                    1.97
- editors/vim-gtk3/Makefile                                    1.24
- editors/vim-motif/Makefile                                    1.42
- editors/vim-share/PLIST                                      1.61
- editors/vim-share/distinfo                                    1.199
- editors/vim-share/version.mk                                  1.138
- editors/vim-xaw/Makefile                                      1.65

-------------------------------------------------------------------
  Module Name:    pkgsrc
  Committed By:  khorben
  Date:          Wed Jul 27 15:13:11 UTC 2022

  Modified Files:
          pkgsrc/editors/vim-gtk2: Makefile
          pkgsrc/editors/vim-gtk3: Makefile
          pkgsrc/editors/vim-motif: Makefile
          pkgsrc/editors/vim-share: PLIST distinfo version.mk
          pkgsrc/editors/vim-xaw: Makefile

  Log Message:
  vim: update to 8.2.5172

  On behalf of morr@ "please go ahead"

  This includes security fixes. (more pending)

  Tested on NetBSD/amd64.

  XXX pull-up to pkgsrc-2022Q2

  Changes:
  8.2.4722  ending recording with mapping records too much
  8.2.4723  the ModeChanged autocmd event is inefficient
  8.2.4724  current instance of last search pattern not easily spotted
  8.2.4725  unused variable in tiny build
  8.2.4726  cannot use expand() to get the script name
  8.2.4727  unused code
  8.2.4728  no test that v:event cannot be modified
  8.2.4729  HEEx and Surface templates do not need a separate filetype
  8.2.4730  MS-Windows GUI: cannot use CTRL-/
  8.2.4731  the changelist index is not remembered per buffer
  8.2.4732  duplicate code to free fuzzy matches
  8.2.4733  HEEx and Surface do need a separate filetype
  8.2.4734  getcharpos() may change a mark position
  8.2.4735  quickfix tests can be a bit hard to read
  8.2.4736  build problem for Cygwin with Motif
  8.2.4737  // in JavaScript string recognized as comment
  8.2.4738  Esc on commandline executes command instead of abandoning it
  8.2.4739  accessing freed memory after WinScrolled autocmd event
  8.2.4740  when expand() fails there is no error message
  8.2.4741  startup test fails
  8.2.4742  there is no way to start logging very early in startup
  8.2.4743  clang 14 is available on CI
  8.2.4744  a terminal window can't use the bell
  8.2.4745  using wrong flag for using bell in the terminal
  8.2.4746  supercollider filetype not recognized
  8.2.4747  no filetype override for .sys files
  8.2.4748  cannot use an imported function in a mapping
  8.2.4749  &lt;script&gt; is not expanded in autocmd context
  8.2.4750  small pieces of dead code
  8.2.4751  mapping &lt;SID&gt;name.Func does not work for autoload script
  8.2.4752  wrong 'statusline' value can cause illegal memory access
  8.2.4753  error from setting an option is silently ignored
  8.2.4754  using cached values after unsetting some environment variables
  8.2.4755  cannot use &lt;SID&gt;FuncRef in completion spec
  8.2.4756  build error without the +eval feature
  8.2.4757  list of libraries to suppress lsan errors is outdated
  8.2.4758  when using an LSP channel want to get the message ID
  8.2.4759  CurSearch highlight does not work for multi-line match
  8.2.4760  using matchfuzzy() on a long list can take a while
  8.2.4761  documentation for using LSP messages is incomplete
  8.2.4762  using freed memory using synstack() and synID() in WinEnter
  8.2.4763  using invalid pointer with "V:" in Ex mode
  8.2.4764  CI uses an older gcc version
  8.2.4765  function matchfuzzy() sorts too many items
  8.2.4766  KRL files using "deffct" not recognized
  8.2.4767  openscad files are not recognized
  8.2.4768  CI: codecov upload sometimes does not work
  8.2.4769  build warning with UCRT
  8.2.4770  cannot easily mix expression and heredoc
  8.2.4771  Coverity warns for not checking return value
  8.2.4772  old Coverity warning for not checking ftell() return value
  8.2.4773  build failure without the +eval feature
  8.2.4774  crash when using a number for lambda name
  8.2.4775  SpellBad highlighting does not work in Konsole
  8.2.4776  GTK: 'lines' and 'columns' may change during startup
  8.2.4777  screendump tests fail because of a redraw
  8.2.4778  pacman files use dosini filetype
  8.2.4779  lsan suppression is too version specific
  8.2.4780  parsing an LSP message fails when it is split
  8.2.4781  Maxima files are not recognized
  8.2.4782  accessing freed memory
  8.2.4783  Coverity warns for leaking memory
  8.2.4784  lamba test with timer is flaky
  8.2.4785  Visual mode not stopped if win_gotoid() goes to other buffer
  8.2.4786  test for win_gotoid() in Visual mode fails on Mac
  8.2.4787  prop_find() does not find the right property
  8.2.4788  large payload for LSP message not tested
  8.2.4789  cursor pos wrong when using :redraw while editing the cmdline
  8.2.4790  lilypond filetype not recognized
  8.2.4791  events triggered in different order when reusing buffer
  8.2.4792  indent operator creates an undo entry for every line
  8.2.4793  recognizing Maxima filetype even though it might be another
  8.2.4794  compiler warning for not initialized variable
  8.2.4795  'cursorbind' scrolling depends on whether 'cursorline' is set
  8.2.4796  file left behind after running cursorline tests
  8.2.4797  getwininfo() may get oudated values
  8.2.4798  t_8u option was reset even when set by the user
  8.2.4799  popup does not use correct topline
  8.2.4800  missing test update for adjusted t_8u behavior
  8.2.4801  fix for cursorbind fix not fully tested
  8.2.4802  test is not cleaned up
  8.2.4803  WinScrolled not always triggered when scrolling with mouse
  8.2.4804  expression in heredoc doesn't work for compiled function
  8.2.4805  CurSearch used for all matches in current line
  8.2.4806  a mapping using &lt;LeftDrag&gt; does not start Select mode
  8.2.4807  processing key eveints in Win32 GUI is not ideal
  8.2.4808  unused item in engine struct
  8.2.4809  various things not properly tested
  8.2.4810  missing changes in one file
  8.2.4811  Win32 GUI: caps lock doesn't work
  8.2.4812  unused struct item
  8.2.4813  pasting text while indent folding may mess up folds
  8.2.4814  possible to leave a popup window with win_gotoid()
  8.2.4815  cannot build with older GTK version
  8.2.4816  still using older codecov app in some places of CI
  8.2.4817  Win32 GUI: modifiers are not always used
  8.2.4818  no test for what 8.2.4806 fixes
  8.2.4819  unmapping simplified keys also deletes other mapping
  8.2.4820  not simple programmatic way to find a specific mapping
  8.2.4821  crash when imported autoload script was deleted
  8.2.4822  setting ufunc to NULL twice
  8.2.4823  concat more than 2 strings in :def function is inefficient
  8.2.4824  expression is evaluated multiple times
  8.2.4825  can only get a list of mappings
  8.2.4826  .cshtml files are not recognized
  8.2.4827  typo in variable name
  8.2.4828  fix for unmapping simplified key not fully tested
  8.2.4829  a key may be simplified to NUL
  8.2.4830  possible endless loop if there is unused typahead
  8.2.4831  crash when using maparg() and unmapping simplified keys
  8.2.4832  passing zero instead of NULL to a pointer argument
  8.2.4833  failure of mapping not checked for
  8.2.4834  Vim9: some lines not covered by tests
  8.2.4835  Vim9: some lines not covered by tests
  8.2.4836  Vim9: some lines not covered by tests
  8.2.4837  modifiers not simplified when timed out
  8.2.4838  checking for absolute path is not trivial
  8.2.4839  compiler warning for unused argument
  8.2.4840  heredoc expression evaluated even when skipping
  8.2.4841  empty string considered an error for expand()
  8.2.4842  expand("%:p") is not empty when there is no buffer name
  8.2.4843  treating CTRL + ALT as AltGr is not backwards compatible
  8.2.4844  &lt;C-S-I&gt; is simplified to &lt;S-Tab&gt;
  8.2.4845  duplicate code
  8.2.4846  termcodes test fails
  8.2.4847  crash when using uninitialized function pointer
  8.2.4848  local completion with mappings and simplification not working
  8.2.4849  Gleam filetype not detected
  8.2.4850  mksession mixes up "tabpages" and "curdir" arguments
  8.2.4851  compiler warning for uninitialized variable
  8.2.4852  ANSI color index to RGB value not correct
  8.2.4853  CI with FreeBSD is a bit outdated
  8.2.4854  array size does not match usage
  8.2.4855  robot files are not recognized
  8.2.4856  MinGW compiler complains about unknown escape sequence
  8.2.4857  Yaml indent for multiline is wrong
  8.2.4858  K_SPECIAL may be escaped twice
  8.2.4859  wget2 files are not recognized
  8.2.4860  MS-Windows: always uses current directory for executables
  8.2.4861  it is not easy to restore saved mappings
  8.2.4862  Vim9: test may fail when run with valgrind
  8.2.4863  accessing freed memory in test without the +channel feature
  8.2.4864  Vim9: script test fails
  8.2.4865  :startinsert right after :stopinsert may not work
  8.2.4866  duplicate code in "get" functions
  8.2.4867  listing of mapping with K_SPECIAL is wrong
  8.2.4868  when closing help window autocmds triggered for wrong window
  8.2.4869  expression in command block does not look after NL
  8.2.4870  Vim9: expression in :substitute is not compiled
  8.2.4871  Vim9: in :def function no error for misplaced range
  8.2.4872  Vim9: no error for using an expression only
  8.2.4873  Vim9: using "else" differs from using "endif/if !cond"
  8.2.4874  Win32 GUI: horizontal scroll wheel not handled properly
  8.2.4875  MS-Windows: some .exe files are not recognized
  8.2.4876  MS-Windows: Shift-BS results in strange char in powershell
  8.2.4877  MS-Windows: Wrongly using Normal colors for termguicolors
  8.2.4878  valgrind warning for using uninitialized variable
  8.2.4879  screendump test may fail when using valgrind
  8.2.4880  Vim9: misplaced elseif causes invalid memory access
  8.2.4881  "P" in Visual mode still changes some registers
  8.2.4882  cannot make 'breakindent' use a specific column
  8.2.4883  string interpolation only works in heredoc
  8.2.4884  test fails without the job/channel feature
  8.2.4885  test fails with the job/channel feature
  8.2.4886  Vim9: redir in skipped block seen as assignment
  8.2.4887  channel log does not show invoking a timer callback
  8.2.4888  line number of lambda ignores line continuation
  8.2.4889  CI only tests with FreeBSD 12
  8.2.4890  inconsistent capitalization in error messages
  8.2.4891  Vim help presentation could be better
  8.2.4892  test failures because of changed error messages
  8.2.4893  distributed import files are not installed
  8.2.4894  MS-Windows: not using italics
  8.2.4895  buffer overflow with invalid command with composing chars
  8.2.4896  expression in command block does not look after NL
  8.2.4897  comment inside an expression in lambda ignores the rest
  8.2.4898  Coverity complains about pointer usage
  8.2.4899  with latin1 encoding CTRL-W might go before the cmdline
  8.2.4900  Vim9 expression test fails without the job feature
  8.2.4901  NULL pointer access when using invalid pattern
  8.2.4902  mouse wheel scrolling is inconsistent
  8.2.4903  cannot get the current cmdline completion type and position
  8.2.4904  codecov includes MS-Windows install files
  8.2.4905  codecov includes MS-Windows install header file
  8.2.4906  MS-Windows: cannot use transparent background
  8.2.4907  some users do not want a line comment always inserted
  8.2.4908  no text formatting for // comment after a statement
  8.2.4909  MODE_ enum entries names are too generic
  8.2.4910  imperfect coding
  8.2.4911  the mode #defines are not clearly named
  8.2.4912  using execute() to define a lambda doesn't work
  8.2.4913  popup_hide() does not always have effect
  8.2.4914  string interpolation in :def function may fail
  8.2.4915  sometimes the cursor is in the wrong position
  8.2.4916  mouse in Insert mode test fails
  8.2.4917  fuzzy expansion of option names is not right
  8.2.4918  conceal character from matchadd() displayed too many times
  8.2.4919  can add invalid bytes with :spellgood
  8.2.4920  MS-Windows GUI: unused variables
  8.2.4921  spell test fails because of new illegal byte check
  8.2.4922  mouse test fails on MS-Windows
  8.2.4923  test checks for terminal feature unnecessarily
  8.2.4924  maparg() may return a string that cannot be reused
  8.2.4925  trailing backslash may cause reading past end of line
  8.2.4926  #ifdef for crypt feature around too many lines
  8.2.4927  return type of remove() incorrect when using three arguments
  8.2.4928  various white space and cosmetic mistakes
  8.2.4929  off-by-one error in in statusline item
  8.2.4930  interpolated string expression requires escaping
  8.2.4931  Crash with sequence of Perl commands
  8.2.4932  not easy to filter the output of maplist()
  8.2.4933  a few more capitalization mistakes in error messages
  8.2.4934  string interpolation fails when not evaluating
  8.2.4935  with 'foldmethod' "indent" some lines not included in fold
  8.2.4936  MS-Windows: mouse coordinates for scroll event are wrong
  8.2.4937  no test for what 8.2.4931 fixes
  8.2.4938  crash when matching buffer with invalid pattern
  8.2.4939  matchfuzzypos() with "matchseq" does not have all positions
  8.2.4940  some code is never used
  8.2.4941  '[ and '] marks may be wrong after undo
  8.2.4942  error when setting 'filetype' in help file again
  8.2.4943  changing 'switchbuf' may have no effect
  8.2.4944  text properties are wrong after "cc"
  8.2.4945  inconsistent use of white space
  8.2.4946  Vim9: some code not covered by tests
  8.2.4947  text properties not adjusted when accepting spell suggestion
  8.2.4948  cannot use Perl heredoc in nested :def function
  8.2.4949  Vim9: some code not covered by tests
  8.2.4950  text properties position wrong after shifting text
  8.2.4951  smart indenting done when not enabled
  8.2.4952  GUI test will fail if color scheme changes
  8.2.4953  with 'si' inserting '}' after completion goes wrong
  8.2.4954  inserting line breaks text property spanning two lines
  8.2.4955  text property in wrong position after auto-indent
  8.2.4956  reading past end of line with "gf" in Visual block mode
  8.2.4957  text properties in a wrong position after a block change
  8.2.4958  a couple conditions are always true
  8.2.4959  using NULL regexp program
  8.2.4960  text properties that cross lines not updated for deleted line
  8.2.4961  build error with a certain combination of features
  8.2.4962  files show up in git status
  8.2.4963  expanding path with "/**" may overrun end of buffer
  8.2.4964  MS-Windows GUI: mouse event test is flaky
  8.2.4965  GUI: testing mouse move event depends on screen cell size
  8.2.4966  MS-Windows GUI: mouse event test gets extra event
  8.2.4967  MS-Windows GUI: mouse event test sometimes fails
  8.2.4968  reading past end of the line when C-indenting
  8.2.4969  changing text in Visual mode may cause invalid memory access
  8.2.4970  "eval 123" gives an error, "eval 'abc'" does not
  8.2.4971  Vim9: interpolated string seen as range
  8.2.4972  Vim9: compilation fails when using dict member when skipping
  8.2.4973  Vim9: type error for list unpack mentions argument
  8.2.4974  ":so" command may read after end of buffer
  8.2.4975  recursive command line loop may cause a crash
  8.2.4976  Coverity complains about not restoring a saved value
  8.2.4977  memory access error when substitute expression changes window
  8.2.4978  no error if engine selection atom is not at the start
  8.2.4979  accessing freed memory when line is flushed
  8.2.4980  when 'shortmess' contains 'A' loading session may still warn
  8.2.4981  it is not possible to manipulate autocommands
  8.2.4982  colors in terminal window are not 100% correct
  8.2.4983  colors test fails in the GUI
  8.2.4984  dragging statusline fails for window with winbar
  8.2.4985  PVS warns for possible array underrun
  8.2.4986  some github actions are outdated
  8.2.4987  after deletion a small fold may be closable
  8.2.4988  textprop in wrong position when replacing multi-byte chars
  8.2.4989  cannot specify a function name for :defcompile
  8.2.4990  memory leak when :defcompile fails
  8.2.4991  no test for hwat patch 8.1.0535 fixes
  8.2.4992  compiler warning for possibly uninitialized variable
  8.2.4993  smart/C/lisp indenting is optional
  8.2.4994  tests are using legacy functions
  8.2.4995  still a compiler warning for possibly uninitialized variable
  8.2.4996  setbufline() may change Visual selection
  8.2.4997  Python: changing hidden buffer can cause display mess up
  8.2.4998  Vim9: crash when using multiple funcref()
  8.2.4999  filetype test table is not properly sorted
  8.2.5000  no patch for documentation updates
  8.2.5001  checking translations affects the search pattern history
  8.2.5002  deletebufline() may change Visual selection
  8.2.5003  cannot do bitwise shifts
  8.2.5004  right shift on negative number does not work as documented
  8.2.5005  compiler warning for uninitialized variable
  8.2.5006  asan warns for undefined behavior
  8.2.5007  spell suggestion may use uninitialized memory
  8.2.5008  when 'formatoptions' contains "/" wrongly wrapping comment
  8.2.5009  fold may not be closeable after appending
  8.2.5010  the terminal debugger uses various global variables
  8.2.5011  Replacing an autocommand requires several lines
  8.2.5012  cannot select one character inside ()
  8.2.5013  after text formatting cursor may be in an invalid position
  8.2.5014  byte offsets are wrong when using text properties
  8.2.5015  Hoon and Moonscript files are not recognized
  8.2.5016  access before start of text with a put command
  8.2.5017  gcc 12.1 warns for uninitialized variable
  8.2.5018  Vim9: some code is not covered by tests
  8.2.5019  cannot get the first screen column of a character
  8.2.5020  using 'imstatusfunc' and 'imactivatefunc' breaks 'foldopen'
  8.2.5021  build fails with normal features and +terminal
  8.2.5022  'completefunc'/'omnifunc' error does not end completion
  8.2.5023  substitute overwrites allocated buffer
  8.2.5024  using freed memory with "]d"
  8.2.5025  Vim9: a few lines not covered by tests
  8.2.5026  Vim9: a few lines not covered by tests
  8.2.5027  error for missing :endif when an exception was thrown
  8.2.5028  syntax regexp matching can be slow
  8.2.5029  "textlock" is always zero
  8.2.5030  autocmd_add() can only handle one event and pattern
  8.2.5031  cannot easily run the benchmarks
  8.2.5032  Python 3 test fails without the GUI
  8.2.5033  build error with +eval but without +quickfix
  8.2.5034  there is no way to get the byte index from a virtual column
  8.2.5035  when splitting a window the changelist position moves
  8.2.5036  using two counters for timeout check in NFA engine
  8.2.5037  cursor position may be invalid after "0;" range
  8.2.5038  a finished terminal in a popup window does not show scrollbar
  8.2.5039  confusing error if first argument of popup_create() is wrong
  8.2.5040  scrollbar thumb in scrolled popup not visible
  8.2.5041  cannot close a terminal popup with "NONE" job
  8.2.5042  scrollbar thumb in tall scrolled popup not visible
  8.2.5043  can open a cmdline window from a substitute expression
  8.2.5044  command line test fails
  8.2.5045  can escape a terminal popup window when the job is finished
  8.2.5046  vim_regsub() can overwrite the destination
  8.2.5047  CurSearch highlight is often wrong
  8.2.5048  when using XIM the gui test may fail
  8.2.5049  insufficient tests for autocommands
  8.2.5050  using freed memory when searching for pattern in path
  8.2.5051  check for autocmd_add() event argument is confusing
  8.2.5052  CI checkout step title is a bit cryptic
  8.2.5053  cannot have a comment halfway an expression in a block
  8.2.5054  no good filetype for conf files similar to dosini
  8.2.5055  statusline is not updated when terminal title changes
  8.2.5056  the channel log only contains some of the raw terminal output
  8.2.5057  using gettimeofday() for timeout is very inefficient
  8.2.5058  input() does not handle composing characters properly
  8.2.5059  autoconf 2.71 produces many obsolete warnings
  8.2.5060  running configure fails
  8.2.5061  C89 requires signal handlers to return void
  8.2.5062  Coverity warns for dead code
  8.2.5063  error for a command may go over the end of IObuff
  8.2.5064  no test for what 8.1.0052 fixes
  8.2.5065  wrong return type for main() in tee.c
  8.2.5066  can specify multispace listchars only for whole line
  8.2.5067  timer_create is not available on every Mac system
  8.2.5068  gcc 12.1 warning when building tee
  8.2.5069  various warnings from clang on MS-Windows
  8.2.5070  unnecessary code
  8.2.5071  with some Mac OS version clockid_t is redefined
  8.2.5072  using uninitialized value and freed memory in spell command
  8.2.5073  clang on MS-Windows produces warnings
  8.2.5074  spell test fails on MS-Windows
  8.2.5075  clang gives an out of bounds warning
  8.2.5076  unnecessary code
  8.2.5077  various warnings from clang on MS-Windows
  8.2.5078  substitute test has a one second delay
  8.2.5079  DirChanged autocommand may use freed memory
  8.2.5080  when indenting gets out of hand it is hard to stop
  8.2.5081  autocmd test fails on MS-Windows
  8.2.5082  retab test fails
  8.2.5083  autocmd test still fails on MS-Windows
  8.2.5084  when the GUI shows a dialog tests get stuck
  8.2.5085  gcc gives warning for signed/unsigned difference
  8.2.5086  CI runs on Windows 2019
  8.2.5087  cannot build with clang on MS-Windows
  8.2.5088  value of cmod_verbose is a bit complicated to use
  8.2.5089  some functions return a different value on failure
  8.2.5090  MS-Windows: vim.def is no longer used
  8.2.5091  terminal test fails with some shell commands
  8.2.5092  using "'&lt;,'&gt;" in Ex mode may compare unrelated pointers
  8.2.5093  error message for unknown command may have the command twice
  8.2.5094  MS-Windows GUI: empty command may cause a dialog
  8.2.5095  terminal test still fails with some shell commands
  8.2.5096  terminal test still fails with some shell commands
  8.2.5097  using uninitialized memory when using 'listchars'
  8.2.5098  spelldump test sometimes hangs
  8.2.5099  some terminal tests are not retried
  8.2.5100  memory usage tests are not retried
  8.2.5101  MS-Windows with MinGW: $CC may be "cc" instead of "gcc"
  8.2.5102  interrupt not caught in test
  8.2.5103  build fails with small features
  8.2.5104  test hangs on MS-Windows
  8.2.5105  test still hangs on MS-Windows
  8.2.5106  default cmdwin mappings are re-mappable
  8.2.5107  some callers of rettv_list_alloc() check for not OK
  8.2.5108  retab test disabled because it hangs on MS-Windows
  8.2.5109  mode not updated after CTRL-O CTRL-C in Insert mode
  8.2.5110  icon filetype not recognized from the first line
  8.2.5111  no test for --gui-dialog-file
  8.2.5112  gui test hangs on MS-Windows
  8.2.5113  timer becomes invalid after fork/exec, :gui gives errors
  8.2.5114  time limit on searchpair() does not work properly
  8.2.5115  search timeout is overrun with some patterns
  8.2.5116  "limit" option of matchfuzzy() not always respected
  8.2.5117  crash when calling a Lua callback from a :def function
  8.2.5118  MS-Windows: sending a message to another Vim may hang
  8.2.5119  CI uses cache v2
  8.2.5120  searching for quotes may go over the end of the line
  8.2.5121  interrupt test sometimes fails
  8.2.5122  lisp indenting my run over the end of the line
  8.2.5123  using invalid index when looking for spell suggestions
  8.2.5124  when syntax timeout test fails it does not show the time
  8.2.5125  MS-Windows: warnings from MinGW compiler
  8.2.5126  substitute may overrun destination buffer
  8.2.5127  using assert_true() does not show value on failure
  8.2.5128  syntax disabled when using synID() in searchpair() skip expr
  8.2.5129  timeout handling is not optimal
  8.2.5130  edit test for mode message fails when using valgrind
  8.2.5131  timeout implementation is not optimal
  8.2.5132  :mkview test doesn't test much
  8.2.5133  MacOS: build fails
  8.2.5134  function has confusing name
  8.2.5135  running configure gives warnings for main() return type
  8.2.5136  debugger test fails when run with valgrind
  8.2.5137  cannot build without the +channel feature
  8.2.5138  various small issues
  8.2.5139  TIME_WITH_SYS_TIME is no longer supported by autoconf
  8.2.5140  seachpair timeout test is flaky
  8.2.5141  using "volatile int" in a signal handler might be wrong
  8.2.5142  startup test fails if there is a status bar
  8.2.5143  some tests fail when using valgrind
  8.2.5144  with 'lazyredraw' set completion menu may be wrong
  8.2.5145  exit test causes spurious valgrind reports
  8.2.5146  memory leak when substitute expression nests
  8.2.5147  flaky test always fails on retry
  8.2.5148  invalid memory access when using expression on command line
  8.2.5149  cannot build without the +eval feature
  8.2.5150  read past the end of the first line with ":0;'{"
  8.2.5151  reading beyond the end of the line with lisp indenting
  8.2.5152  search() gets stuck with "c" and skip evaluates to true
  8.2.5153  "make uninstall" does not remove colors/lists
  8.2.5154  still mentioning version8, some cosmetic issues
  8.2.5155  in diff mode windows may get out of sync
  8.2.5156  search timeout test often fails with FreeBSD
  8.2.5157  MS-Windows GUI: CTRL-key combinations do not always work
  8.2.5158  TSTP and INT signal tests are not run with valgrind
  8.2.5159  fix for CTRL-key combinations causes problems
  8.2.5160  accessing invalid memory after changing terminal size
  8.2.5161  might still access invalid memory
  8.2.5162  reading before the start of the line with BS in Replace mode
  8.2.5163  crash when deleting buffers in diff mode
  8.2.5164  invalid memory access after diff buffer manipulations
  8.2.5165  import test fails because 'diffexpr' isn't reset
  8.2.5166  test for DiffUpdated fails
  8.2.5167  get(Fn, 'name') on funcref returns special byte code
  8.2.5168  cannot build with Python 3.11
  8.2.5169  nested :source may use NULL pointer
  8.2.5170  tiny issues
  8.2.5171  dependencies and proto files are outdated
  8.2.5172  "make menu" still uses legacy script

  To generate a diff of this commit:
  cvs rdiff -u -r1.96 -r1.97 pkgsrc/editors/vim-gtk2/Makefile
  cvs rdiff -u -r1.23 -r1.24 pkgsrc/editors/vim-gtk3/Makefile
  cvs rdiff -u -r1.41 -r1.42 pkgsrc/editors/vim-motif/Makefile
  cvs rdiff -u -r1.60 -r1.61 pkgsrc/editors/vim-share/PLIST
  cvs rdiff -u -r1.198 -r1.199 pkgsrc/editors/vim-share/distinfo
  cvs rdiff -u -r1.137 -r1.138 pkgsrc/editors/vim-share/version.mk
  cvs rdiff -u -r1.64 -r1.65 pkgsrc/editors/vim-xaw/Makefile

(spz)

Update note on calibre (needs qt6 etc)

(rhialto)

doc: Updated misc/calibre to 5.44.0

(rhialto)

misc/calibre: update to 5.44.0

which is the last of the 5.x series before version 6.x.
Changes mostly involve small bug fixes and new recepies.

(rhialto)