Updated devel/p5-CPAN-Uploader to 0.103016

(wen)

Update to 0.103016
Update BUILD_DEPENDS

Upstream changes:
Changes for version 0.103016 - 2021-10-30

    update author contact info
    add policy on required versions of perl
    drop prereq on File::HomeDir (thanks, Karen Etheridge)
    document the CPAN_UPLOADER_URI env var (thanks, Marcus Ramberg)
    fix some text and behavior around reaching max retries (thansk, Thibault DUPONCHELLE)

(wen)

Updated devel/p5-CPAN-Perl-Releases to 5.20211120

(wen)

Update to 5.20211120

Upstream changes:
version 5.20211120 at 2021-11-20 21:29:10 +0000
-----------------------------------------------

  Change: 17affe2ac30a52012003bdf1727b9755af5a644f
  Author: Chris 'BinGOs' Williams <chris@bingosnet.co.uk>
  Date : 2021-11-20 21:29:10 +0000

    Updated for v5.35.6

-----------------------------------------------
version 5.20211020 at 2021-10-21 19:14:15 +0000
-----------------------------------------------

  Change: e8b275a9c17bbb6ee9413d0bb908f16d23b7dbac
  Author: Chris 'BinGOs' Williams <chris@bingosnet.co.uk>
  Date : 2021-10-21 20:14:15 +0000

    Updated for v5.35.5

(wen)

Updated devel/p5-CPAN-Checksums to 2.13

(wen)

Update to 2.13

Upstream changes:
2021-11-20  k  <andk@cpan.org>

        * Version 2.13

        * add new key 'cpan_path' to specify the relative path to the well known
        CPAN directory '/authors/id'.

(wen)

Updated devel/xxhash, fonts/harfbuzz, fonts/harfbuzz-icu, net/haproxy

(adam)

haproxy: updated to 2.5.0

2.5.0
- BUILD: SSL: add quictls build to scripts/build-ssl.sh
- BUILD: SSL: add QUICTLS to build matrix
- CLEANUP: sock: Wrap `accept4_broken = 1` into additional parenthesis
- BUILD: cli: clear a maybe-unused  warning on some older compilers
- BUG/MEDIUM: cli: make sure we can report a warning from a bind keyword
- BUG/MINOR: ssl: make SSL counters atomic
- CLEANUP: assorted typo fixes in the code and comments
- BUG/MINOR: ssl: free correctly the sni in the backend SSL cache
- MINOR: version: mention that it's stable now

(adam)

harfbuzz harfbuzz-icu: updated to 3.1.2

3.1.2
hb-shape / hb-view: revert treating text on the commandline as single paragraph (was introduced in 3.0.0); add new --single-par to do that.
Subsetter bug fixes.

(adam)

xxhash: updated to 0.8.1

v0.8.1
- perf : much improved performance for XXH3 streaming variants, notably on gcc and msvc
- perf : improved XXH64 speed and latency on small inputs
- perf : small XXH32 speed and latency improvement on small inputs of random size
- perf : minor stack usage improvement for XXH32 and XXH64
- api  : new experimental variants XXH3_*_withSecretandSeed()
- api  : update XXH3_generateSecret(), can no generate secret of any size (>= XXH3_SECRET_SIZE_MIN)
- cli  : xxhsum can now generate and check XXH3 checksums, using command `-H3`
- build: can build xxhash without XXH3, with new build macro XXH_NO_XXH3
- build: fix xxh_x86dispatch build with MSVC, by @apankrat
- build: XXH_INLINE_ALL can always be used safely, even after XXH_NAMESPACE or a previous XXH_INLINE_ALL
- build: improved PPC64LE vector support, by @mpe
- install: fix pkgconfig, by @ellert
- install: compatibility with Haiku, by @Begasus
- doc  : code comments made compatible with doxygen, by @easyaspi314
- misc : XXH_ACCEPT_NULL_INPUT_POINTER is no longer necessary, all functions can accept NULL input pointers, as long as size == 0
- misc : complete refactor of CI tests on Github Actions, offering much larger coverage, by @t-mat
- misc : xxhsum code base split into multiple specialized units, within directory cli/, by @easyaspi314

(adam)

doc: unmention asciinema

(wiz)

asciinema: remove, it already existed as misc/py-asciinema

(wiz)

doc: Updated misc/py-asciinema to 2.1.0

(wiz)

py-asciinema: update to 2.1.0.

## 2.1.0 (2021-10-02)

* Ability to pause/resume terminal capture with `C-\` key shortcut
* Desktop notifications - only for the above pause feature at the moment
* Removed dependency on tput/ncurses (thanks @arp242 / Martin Tournoij!)
* ASCIINEMA_REC env var is back (thanks @landonb / Landon Bouma!)
* Terminal answerbacks (CSI 6 n) in `asciinema cat` are now hidden (thanks @djpohly / Devin J. Pohly!)
* Codeset detection works on HP-UX now (thanks @michael-o / Michael Osipov!)
* Attempt at recording to existing file suggests use of `--overwrite` option now
* Upload for users with very long `$USER` is fixed
* Added official support for Python 3.8 and 3.9
* Dropped official support for EOL-ed Python 3.4 and 3.5
* Internal refactorings

(wiz)

bootstrap: Remove unused variable.

(jperkin)

doc: Added multimedia/asciinema version 2.1.0

(wiz)

multimedia: + asciinema

(wiz)

multimedia/asciinema: import asciinema-2.1.0

asciinema lets you easily record terminal sessions and replay them
in a terminal as well as in a web browser.

(wiz)

libdaemon: Use OPSYS_VERSION.

(jperkin)

go: Use OPSYS_VERSION.

(jperkin)

perl5: Use OPSYS_VERSION.

(jperkin)

ocaml: Use OPSYS_VERSION.

(jperkin)

lilv: Use OPSYS_VERSION.

(jperkin)

pine: Use OPSYS_VERSION.

OS_VERSION does not support arithmetic expressions.

(jperkin)

imap-uw: Use OPSYS_VERSION.

OS_VERSION does not support arithmetic expressions.

(jperkin)

pico: Use OPSYS_VERSION.

OS_VERSION does not support arithmetic expressions.

(jperkin)

mk: Use OPSYS_VERSION where appropriate.

Should improve readability and in some cases avoid potential failure due to
string comparisons being used.  No other functional change intended.

(jperkin)

mk: Introduce OPSYS_VERSION variable.

This provides a single integer that can be used in arithmetic expressions
when comparing the current operating system version in make(1).

The two existing variables that are currently used for such tests are
MACHINE_PLATFORM and OS_VERSION.  The former usually results in complicated
and hard to read empty() strings, and the latter is often used incorrectly in
version comparisons where developers are unaware that a string comparison is
being performed (for example ".if 5.9 >= 5.10" evaluates to true).

The default based on uname -r should be correct for most systems, and can be
overridden as it is on Darwin where the product version provides a more
useful number than the kernel version.

(jperkin)

doc: Updated misc/libreoffice to 7.2.3.2

(ryoon)

libreoffice: Update to 7.2.3.2

Changelog
7.2.3.2
Bugs fixed compared to 7.2.3 RC1

1. tdf#121546 CRASH undoing table paste [Michael Stahl]
2. tdf#142420 Filter By Color: Hangs after apply a color filter and then
    deselect the filter [Caol??n McNamara]
3. tdf#142986 In "Data - Statistics - Sampling" options, not possible to use a
    sampling size greater than 100 [Justin Luth]
4. tdf#144247 Row height in Calc was 0,45 cm now it's 0,4516. Set rowheight to
    10 it will be 9,9995 cm (since 7.2) [Heiko Tietze]
5. tdf#144989 Exported PDF of master document with hidden sections in chapters
    loses pagination [Michael Stahl]
6. tdf#145158 character format dialog doesn't show the current character size
    any more [Mike Kaganski]
7. tdf#145323 [BASE] [REPORTBUILDER] [REGRESSION] [7.2.x] Moving a field to a
    different section corrupts the field [Noel Grandin]
8. tdf#145584 Writer crashes on exporting as PDF with its Range in PDF Options
    set to 'Selection' [Julien Nabet]
9. tdf#145645 calc: pivot table popdown don't dismiss when menu item selected
    [Caol??n McNamara]

7.2.3.1
Bugs fixed compared to 7.2.2 RC2

1. ofz#40008 check if column exists before EndListening attempt [Caol??n
    McNamara]
2. tdf#39828 Writer table not calculating correctly if Tracked Changes shown
    [L??szl?? N??meth]
3. tdf#45525 TABLES, Problem on adjust selected Row or Column to equal space
    [Justin Luth]
4. tdf#50421 UI: "Check for Updates" menu leads to an unusable dialog (shows
    "%PERCENT%") [Julien Nabet]
5. tdf#64242 TABLE: correct UX handling of "Distribute" and "Equally Space"
    table Columns and Rows [Justin Luth]
6. tdf#73139 PRINTING: Content of Tablecontrols isn't printed, when the whole
    Fonts are default (black) text color [Caol??n McNamara]
7. tdf#76258 Filter by colors in Calc [Samuel Mehrbrodt]
8. tdf#77051 FILESAVE: '\f' field flag of Index is not getting preserved in
    LibreOffice [L??szl?? N??meth]
9. tdf#79717 EDITING: Overwriting selected text doesn't always maintain
    formatting [Justin Luth]
10. tdf#96499 FILEOPEN: HTML format .xls file shows NUMERIC cell value while
    TEXT type is expected (because orcus does not accept un-quoted non-ASCII
    characters as css property values) (see comment 17) [Kevin Suo]
11. tdf#117895 "Edit document properties before saving" option leaves
    just-saved document modified; changes are not saved [Caol??n McNamara]
12. tdf#119206 Freeze if Option ??Edit document properties before saving?? is
    Enabled [Caol??n McNamara]
13. tdf#120343 Export to PDF opens PDF before the properties have been edited
    and the PDF is created [Caol??n McNamara]
14. tdf#125582 FILEOPEN PPTX follow path text transformation is different in LO
    and PowerPoint [Regina Henschel]
15. tdf#125637 names ending in underscore characters are allowed, but
    incorrectly handled at the end of a command line [Andreas Heinisch]
16. tdf#126926 Extra filter icon appears on deleting sheet columns [Eike
    Rathke]
17. tdf#127900 Frame language set in master ignored in slides created from that
    master [Attila Bakos (NISZ)]
18. tdf#130104 FILESAVE XLSX: cell indent ("stylesheet -> cellXfs -> xf ->
    alignment: indent") is increased each time when re-save as xlsx document
    (see comment 17) [Kevin Suo]
19. tdf#131025 Writer document with tables lost data in cells (apparently)
    replacing with 0 [Justin Luth]
20. tdf#131563 Cannot set cell font color from VBA macro [Andreas Heinisch]
21. tdf#134426 Changing Paragraph format, editing Text and changing back leaves
    edited text's format unchanged [Justin Luth]
22. tdf#136498 In PDF options "%PRODUCTNAME" is displayed in tooltip [Caol??n
    McNamara]
23. tdf#136715 Undo doesn't undo bold in table style [Balazs Santha]
24. tdf#136945 Custom Slide Show drag-and-drop not reordering slides as desired
    [Caol??n McNamara]
25. tdf#138475 Asian and Complex font-size / font weight / font posture in Calc
    default styles are not the same as Western fonts [Kevin Suo]
26. tdf#138531 Dynamic Data Exchange is not operable [Bjoern Michaelsen]
27. tdf#138698 Assertion when switching back to format tab in Field format
    during Table edition [Caol??n McNamara]
28. tdf#138873 Selection sticks and doesn't disappear [Justin Luth]
29. tdf#140022 FILEOPEN PPTX: one column becomes two within one text frame (two
    occurrences) [Miklos Vajna]
30. tdf#140798 Image order not respected when copy/pasting images (if not saved
    before) [Bjoern Michaelsen]
31. tdf#140901 EDITING Crash when deleting rows that are referenced by a chart
    [Lubo? Lu????k]
32. tdf#141220 Moving shape off-page makes it to be displayed on top [Daniel
    Arato (NISZ)]
33. tdf#141301 extrusion-skew angle value -135 is not written to file, although
    it is not the default value [Julien Nabet]
34. tdf#141633 VIEWING: Font Display in tableviews distorted, abnormal size of
    selected fields [Caol??n McNamara]
35. tdf#141659 FILESAVE: DOC: Shape disappears after RT [Bjoern Michaelsen]
36. tdf#141957 "Characters per line" in the Text Grid is calculated without the
    header and footer [Mark Hung]
37. tdf#141978 [IMPRESS] New slide layout after Title, 6 Content [Pierre Marty]
38. tdf#142010 Inserting a column in a sheet causes erroneus rewriting of the
    formulas in a old Excel 97-2003 xls formatted file [L??szl?? N??meth]
39. tdf#142407 The vertical writing docx start position is wrong. [Mark Hung]
40. tdf#142578 FILESAVE XLSX Filter by color overwrites conditional format
    background setting [Vasily Melenchuk]
41. tdf#142579 FILEOPEN XLSX Conditional format background colors not
    considered by color filter [Samuel Mehrbrodt]
42. tdf#142580 FILEOPEN XLSX Conditional text format colors not considered by
    color filter [Samuel Mehrbrodt]
43. tdf#142704 %PRODUCTNAME shown in extended tips [Caol??n McNamara]
44. tdf#143104 Color filter by text color lost (XLSX) [Vasily Melenchuk]
45. tdf#143391 Styles Preview scrollbar not working [Caol??n McNamara]
46. tdf#143392 Title on Base-Window doesn't show the name of the database.
    [Noel Grandin]
47. tdf#143443 Size of a comment box increasing after cut/paste action [Caol??n
    McNamara]
48. tdf#143487 UI: Comment note box has a visual inner border box [Caol??n
    McNamara]
49. tdf#143575 Strings are not converted correctly to their nearest double
    representation [Andreas Heinisch]
50. tdf#143686 Text is cut off in window during installation, when a program
    like Firefox is still running [Roman Kuznetsov]
51. tdf#143722 FILEOPEN DOCX Imported TOC Heading style replaced with Writers
    own on update [Gabor Kelemen]
52. tdf#143815 EDITING: images duplicated after undo [Bjoern Michaelsen]
53. tdf#143974 Basic function CStr is failing to properly convert integers
    after 41 steps in a for loop [Andreas Heinisch]
54. tdf#143978 Calc: shrink to fit makes font size unnecessary small compared
    to cell width [Lubo? Lu????k]
55. tdf#144091 FILEOPEN PPTX: shadow effect for tables partly incorrect [Miklos
    Vajna]
56. tdf#144139 LO crashes when trying to print a form [Caol??n McNamara]
57. tdf#144222 Vertical Japanese character strings are misaligned when
    exporting PDF. [Mark Hung]
58. tdf#144317 minimize column width dont work on tables exceeding page limits
    in normal view [Justin Luth]
59. tdf#144437 rtf export: bookmark is moved to paragraph begin [Vasily
    Melenchuk]
60. tdf#144439 Writer: Multilevel numbering displaying incorrect sublevels
    [Vasily Melenchuk]
61. tdf#144532 Closing Mail merge wizard removes its data source from
    Registered databases [Caol??n McNamara]
62. tdf#144578 The outline numbering is showing all levels even though the
    "Show sublevels" is set as "1" [Vasily Melenchuk]
63. tdf#144609 Numbering is unseen with prefix text [Vasily Melenchuk]
64. tdf#144624 LibreOffice with "gen" UI backend crashes on Linux of SVG icon
    theme is default [Aleksei Nikiforov]
65. tdf#144631 Inconsistent LibreOffice Base Query Design Run Sql Command
    Directly Toolbar Button Tick Colour across icon themes [Rizal Muttaqin]
66. tdf#144650 LO crashes after opening of read-only file (attempt to increment
    a singular iterator) [Noel Grandin]
67. tdf#144674 Base has No Context-Sensitive SQL Query Menu [Caol??n McNamara]
68. tdf#144686 UI: comment box oversized on file open until click in document
    (triggering a resize) [Caol??n McNamara]
69. tdf#144691 Applying complext text layout resets selected language [Caol??n
    McNamara]
70. tdf#144693 Tip of the Day sticks on tip 24 [Heiko Tietze]
71. tdf#144694 SQLite: Base Direct SQL Not Running Properly [Julien Nabet]
72. tdf#144732 [FILEOPEN] Missing content from bare BIFF8 XLS Files [Mike
    Kaganski]
73. tdf#144757 In Options - LibreOffice - Fonts - Font Settings for HTML, Basic
    and SQL Sources - font list not-displayed in dropdown menu unless tickbox
    "Non-proportional fonts only" is unticked. [Chris Sherlock]
74. tdf#144758 Sort dialog activates left-to-right direction when opening ODS
    [Mike Kaganski]
75. tdf#144793 EDITING: LO Base Absence of scrollbar in the SQL query
    modification window [Caol??n McNamara]
76. tdf#144798 FILEOPEN DOCX Z-order of shape and chart incorrectly imported
    [Miklos Vajna]
77. tdf#144843 Selecting the whole table and then clicking background in the
    toolbar causes the LibreOffice app to crash. [Armin Le Grand (Allotropia)]
78. tdf#144846 Opening File menu a second time in Impress doesn't work [Caol??n
    McNamara]
79. tdf#144907 sw ui: can't close "Fields" dialog [Vasily Melenchuk]
80. tdf#144924 Split Basic function return Array Type String, not Variant/
    String like the oldest version [Andreas Heinisch]
81. tdf#144970 Adding chart with XTableCharts::addNewByName() fails if
    document's address syntax is Excel A1 or R1C1 [Eike Rathke]
82. tdf#144988 Fontwork has wrong size text, if it has more than one paragraph
    and font size is too large [Regina Henschel]
83. tdf#145004 WordArt kind "Follow Path" are rendered with additional space
    [Regina Henschel]
84. tdf#145033 Assertion when reselecting entry in a form property [Caol??n
    McNamara]
85. tdf#145066 EDITING ODT Moving a list item in Record Changes + Show Changes
    mode will delete the other items [L??szl?? N??meth]
86. tdf#145077 Highlighting a named range with relative references does not
    work correctly [Eike Rathke]
87. tdf#145079 hyperlink don't work anymore in version Calc 7.2.1.2 (x64) [T??
    nde T??th]
88. tdf#145085 HYPERLINK() inserts inactive link info in second cell when part
    of array formula [Eike Rathke]
89. tdf#145093 EDITING ODT LO crashes moving a list item in tracking change
    over a tracked paragraph insertion [L??szl?? N??meth]
90. tdf#145111 Text block anchor top/left and bottom/left do not work for
    Fontwork shapes of scale "shape" [Regina Henschel]
91. tdf#145169 Remote Save: uses "seen in directory" filename instead of
    existing filename [Caol??n McNamara]
92. tdf#145173 i18n: add locale data for en_IL; Ensure a known supported system
    locale and default document locale if no matching locale [Eike Rathke]
93. tdf#145216 remote open/save dialog: icon view shows nothing [Caol??n
    McNamara]
94. tdf#145235 TEXTJOIN Function gives incorrect results for referenced empty
    cells [Eike Rathke]
95. tdf#145245 A relative position other than zero of extrusion of custom
    shapes is wrongly rendered [Regina Henschel]
96. tdf#145296 Label in toolbar drop-down list can no longer be clicked [Caol??
    n McNamara]
97. tdf#145297 Assert fails in debug build when click on icon to open the "3D
    Effects" dialog [Caol??n McNamara]
98. tdf#145326 Break link doesn't work with DDE links [Bjoern Michaelsen]
99. tdf#145361 Cannot convert to XHTML document containing list with line break
    [Noel Grandin]
100. tdf#145371 Global Array of defined user type : values lost [Andreas
    Heinisch]
101. tdf#145377 Crash in: SvxScriptErrorDialog::ShowDialog(SvxScriptErrorDialog
    *,void *) [Caol??n McNamara]
102. tdf#145391 Segfault importing Basic macros [Caol??n McNamara]
103. tdf#145464 Crash when opening Digital signatures dialog from infobar
    (GTK3) [Caol??n McNamara]

(ryoon)

Add a hack for NetBSD to make it start without crashing

(pho)

mk: Explicitly set arm64 flags on Darwin/aarch64.

It's currently impossible to run system binaries inside an arm64 chroot, even
with SIP turned off, so the only way to build is to use an x86_64 chroot and
effectively cross-compile to arm64.

(jperkin)

mk: Tidy and expand macOS platform list.

(jperkin)

Updated devel/py-more-itertools, archivers/py-lz4

(adam)

py-lz4: updated to 3.1.10

v3.1.10
Add skip existing when publishing to PyPi

v3.1.9
Revert to using created release events

v3.1.8
Update github actions trigger to use published release

v3.1.7
Update github actions trigger

v3.1.6
Trigger github actions on a release being made.

v3.1.5
Remove the push requirement for triggering PyPi pushes of artifacts.

v3.1.4
Shift wheel building to github actions
Disable Travis and Appveyor building
Disable Windows wheel builds which are failing with memory allocation problems with 64 bit on the github actions runners
Disable Aarch64 builds which are failing somewhere in the stream bindings tests
LZ4FrameFile.write()/LZ4FrameDecompressor.decompress() handle buffer protocol correctly
Pass source_size kwarg through from frame.open to LZ4FrameFile instance
Add readall to LZ4FrameFile and use it on python 3.10

(adam)

py-more-itertools: updated to 8.12.0

8.12.0
------

* Bug fixes
    * Some documentation issues were fixed
    * Python 3.5 support was temporarily restored

8.11.0
------

* New functions
    * The :func:`before_and_after`, :func:`sliding_window`, and :func:`triplewise` recipes from the Python 3.10 docs were added
    * :func:`duplicates_everseen` and :func:`duplicates_justseen`
    * :func:`minmax`
    * :func:`strictly_n`
    * :func:`unique_in_window`

* Changes to existing functions
    * :func:`groupby_transform` had its type stub improved
    * :func:`is_sorted` now accepts a ``strict`` parameter
    * :func:`zip_broadcast` was updated to fix a bug

(adam)

doc: Updated devel/R-diffobj to 0.3.5

(mef)

(devel/R-diffob) Updated 0.3.4 to 0.3.5, make test ERROR1, WARNING 1

# diffobj
## v0.3.5

* Options automatically fallback to factory defaults if they are unset (h/t
  @gadenbui).
* [#158](https://github.com/brodieG/diffobj/issues/158): Calling `diff*` with
  `do.call` now works without warnings.
* [#117](https://github.com/brodieG/diffobj/issues/117): Fix guide detection
  with very wide wrapped data.frames (h/t @bastician, @overvolting).

(mef)

cmark: Fix building dependencies with strict function prototypes

(cirnatdan)

doc: Updated devel/R-desc to 1.4.0

(mef)

(devel/R-desc) Updated 1.3.0 to 1.4.0, make test fails (1)

# desc 1.4.0

* DESCRIPTION objects created with the `!new` command now omit `LazyData: true`
  to match new CRAN checks (#105, @malcolmbarrett)

* `description$write()` now writes out the file in the correct encoding
  (#109).

* `Authors@R` fields are now formatted differently when normalizing a
  DESCRIPTION file (#78).

* New `description$get_list()`, `description$set_list()` and
  corresponding `desc_get_list()` and `desc_set_list()` values to query
  and create comma separated fields (#86).

## Breaking change

* `desc_get_field()` gains a boolean `squish_ws` parameter to normalize
  whitespace within the retrieved value. It defaults to the value of `trim_ws`
  (`TRUE` by default). Example with desc's current DESCRIPTION:

  Old behaviour:

  ```r
  > desc::desc_get_field("Description")
  [1] "... DESCRIPTION files.\n    It is intended for packages ..."
  ```

  New behaviour:

  ```r
  > desc::desc_get_field("Description")
  [1] "... DESCRIPTION files. It is intended for packages ..."
  ```

  If you want the old behaviour, just set `squish_ws = FALSE`.

(mef)

(devel/R-pkgKitten) Add TEST_DEPENDS+= R-whoami, passes

(mef)

(devel/R-whoami) Added  version 1.3.0

(mef)

(devel/R-whoami) import R-whoami-1.3.0

Look up the username and full name of the current user, the current
user's email address and 'GitHub' username, using various sources of
system and configuration information.

(mef)

Updated devel/py-setuptools, security/py-paramiko

(adam)

py-paramiko: updated to 2.8.1

2.8.1 2021-11-28
[Bug]: (also 908) Update PKey and subclasses to compare (__eq__) via direct field/attribute comparison instead of hashing (while retaining the existing behavior of __hash__ via a slight refactor). Big thanks to Josh Snyder and Jun Omae for the reports, and to Josh Snyder for reproduction details & patch.

Warning
This fixes a security flaw! If you are running Paramiko on 32-bit systems with low entropy (such as any 32-bit Python 2, or a 32-bit Python 3 which is running with PYTHONHASHSEED=0) it is possible for an attacker to craft a new keypair from an exfiltrated public key, which Paramiko would consider equal to the original key.

This could enable attacks such as, but not limited to, the following:

Paramiko server processes would incorrectly authenticate the attacker (using their generated private key) as if they were the victim. We see this as the most plausible attack using this flaw.
Paramiko client processes would incorrectly validate a connected server (when host key verification is enabled) while subjected to a man-in-the-middle attack. This impacts more users than the server-side version, but also carries higher requirements for the attacker, namely successful DNS poisoning or other MITM techniques.
[Bug] 1257: (also 1266) Update RSA and ECDSA key decoding subroutines to correctly catch exception types thrown by modern versions of Cryptography (specifically TypeError and its internal UnsupportedAlgorithm). These exception classes will now become SSHException instances instead of bubbling up. Thanks to Ignat Semenov for the report and @tylergarcianet for an early patch.
[Bug] 1024: Deleting items from HostKeys would incorrectly raise KeyError even for valid keys, due to a logic bug. This has been fixed. Report & patch credit: Jia Zhang.
[Bug] 985: (via 992) Fix listdir failure when server uses a locale. Now on Python 2.7 SFTPAttributes will decode abbreviated month names correctly rather than raise UnicodeDecodeError`. Patch courtesy of Martin Packman.

(adam)

py-setuptools: updated to 59.4.0

v59.4.0
-------
Changes
* Restore deprecated support for newlines in the Summary field.

(adam)

www/badwolf: shift back to official repo

(pin)

php80: restrict to versions < 8.1

(wiz)

doc: Updated x11/xauth to 1.1.1

(wiz)

xauth: update to 1.1.1.

This is a minor bugfix release, including fixes for reported crashes.

Alan Coopersmith (5):
      Avoid memory leak when realloc() fails in split_into_words()
      Use reallocarray() when adding members to array in split_into_words()
      Avoid memory leaks in error paths in do_generate
      Fix spelling/wording issues
      xauth 1.1.1

Alex Gendin (1):
      Fix segfault when X starts

Dr. Tilmann Bubeck (1):
      Additionally check socket file with S_ISSOCK

Karol Herbst (1):
      Check malloc calls in process.c

Tobias Stoeckmann (2):
      Fix segmentation fault on invalid add argument.
      Prevent OOB write with long file names.

(wiz)

Updated databases/sqlite3*, devel/lemon

(adam)

sqlite3: updated to 3.37.0

SQLite Release 3.37.0 On 2021-11-27

STRICT tables provide a prescriptive style of data type management, for developers who prefer that kind of thing.
When adding columns that contain a CHECK constraint or a generated column containing a NOT NULL constraint, the ALTER TABLE ADD COLUMN now checks new constraints against preexisting rows in the database and will only proceed if no constraints are violated.
Added the PRAGMA table_list statement.
CLI enhancements:
Add the .connection command, allowing the CLI to keep multiple database connections open at the same time.
Add the --safe command-line option that disables dot-commands and SQL statements that might cause side-effects that extend beyond the single database file named on the command-line.
Performance improvements when reading SQL statements that span many lines.
Added the sqlite3_autovacuum_pages() interface.
The sqlite3_deserialize() does not and has never worked for the TEMP database. That limitation is now noted in the documentation.
The query planner now omits ORDER BY clauses on subqueries and views if removing those clauses does not change the semantics of the query.
The generate_series table-valued function extension is modified so that the first parameter ("START") is now required. This is done as a way to demonstrate how to write table-valued functions with required parameters. The legacy behavior is available using the -DZERO_ARGUMENT_GENERATE_SERIES compile-time option.
Added new sqlite3_changes64() and sqlite3_total_changes64() interfaces.
Added the SQLITE_OPEN_EXRESCODE flag option to sqlite3_open_v2().
Use less memory to hold the database schema.

(adam)

Updated devel/RE-flex to 3.0.12

(scole)

Updated textproc/py-markups, devel/meson

(adam)

meson: updated to 0.60.2

0.60.2:
Bug fixes

(adam)

Updated to 3.0.12

Sep 20, 2020: 2.1.5 added matcher method lineno(n) to set or change the line number to n; added yyset_lineno(n,s) to flexlexer.h; updated Mini C compiler example.
Oct 12, 2020: 3.0.0 fixed a regression bug since v2.x; redesigned internals to increase IO efficiency and regex pattern search speed.
Oct 24, 2020: 3.0.1 improved handling of UTF-16/32 file encodings on Windows to prevent ^Z eof when files are opened in text mode.
Mar 16, 2021: 3.0.2 minor improvements and additions; fixed MinGW builds.
Apr 29, 2021: 3.0.3 fixed reflex::Input copy constructor; minor improvements.
May 27, 2021: 3.0.4 improvements and fixes for minor issues.
Jun 1, 2021: 3.0.5 minor usability improvements; changed \d to match Unicode when option unicode is enabled.
Jun 4, 2021: 3.0.6 minor improvements.
Jun 6, 2021: 3.0.7 updated examples to fix build problems.
Jul 15, 2021: 3.0.8 minor improvements.
Jul 22, 2021: 3.0.9 SIMD code split into simd_avx2.cpp and simd_avx512bw.cpp to support runtime CPU ID checking when the library is built with ./configure; make, disable AVX with ./configure --disable-avx, disable SSE2 with ./configure --disable-sse2; UTF-16LE BOM detection correction.
Aug 14, 2021: 3.0.10 fixed missing simd.h after installation, added REFLEX_BUFFER_SIZE to customize the initial size and growth of the input buffer.
Sep 14, 2021: 3.0.11 minor change to apply --prefix to the generated REFLEX_code_[PREFIX]STATE code.
Oct 11, 2021: 3.0.12 updated to Unicode 14; fixed a compilation issue with --params when used with --flex.

(scole)

py-markups: updated to 3.1.3

Version 3.1.3
* Fixed logic to load extensions file when PyYAML module is not available
* Made the tests pass with docutils 0.18.

(adam)

Updated math/glpk, devel/py-aiofiles

(adam)

py-aiofiles: updated to 0.8.0

0.8.0

aiofiles is now tested on Python 3.10.
Added aiofiles.os.replace.
Added aiofiles.os.{makedirs, removedirs}.
Added aiofiles.os.path.{exists, isfile, isdir, getsize, getatime, getctime, samefile, sameopenfile}.
Added suffix, prefix, dir args to aiofiles.tempfile.TemporaryDirectory.

(adam)

glpk: updated to 5.0

GLPK 5.0

The copyright was transferred to the Free Software Foundation.

To fix some licensing problems the routines in the following
files were disabled by replacing with dummy ones that print an
error message:

src/api/gridgen.c
src/api/netgen.c
src/api/rmfgen.c
src/misc/qmd.c
src/misc/relax4.c

Note that this change does not affect the main faunctionality
of the package.

Some minor bugs were fixed.

(adam)

+unarchiver

(pho)

doc: Added archivers/unarchiver version 3.10

(pho)

Import unarchiver-3.10

The Unarchiver is an archive unpacker program with support for lots of
archive formats including ZIP, RAR, 7z, tar, gzip, bzip2, LZMA, XZ,
CAB, MSI, NSIS, EXE, ISO, BIN, split file formats, as well as the old
Stuffit, Stuffit X, DiskDouble, Compact Pro, Packit, cpio, compress
(.Z), ARJ, ARC, PAK, ACE, ZOO, LZH, ADF, DMS, LZX, PowerPacker, LBR,
Squeeze, Crunch, and other old/obscure formats.

It can also handle filenames in foreign character sets, created with
non-English versions of some operating systems, and is particularly
useful for processing CJK archives correctly.

This package contains command-line tools for The Unarchiver, namely
lsar and unar.

(pho)

doc: Updated mail/getmail to 5.16

(schmonz)

Update to 5.16. From the changelog:

- add new use_netrc and netrc_file configuration options to support
  reading username/password from a .netrc file. Thanks: Stephen Gildea.
- documentation updates.

(schmonz)

doc: Updated www/badwolf to 1.2.2

(pin)

www/badwolf: update to 1.2.2

Badwolf 1.2.2 release! - 2021-11-21

I just screwed the 1.2.1 release with forgetting to bump the version
(and putting a wrong date in the notes).
Gonna fix it for future releases via writing scripts to avoid another PEBKAC.

(pin)

hunspell: Allow NetBSD curses to count as "wide curses"

(nia)

Work around an issue regarding GNUstep and locale

(pho)

lang/rust-bin: Clarify DESCR

Note that a TNF-built binary is used on NetBSD versions not supported
by upstream.

(gdt)

zenity: msgfmt required for build

(cirnatdan)

Updated devel/git, textproc/py-sphinx

(adam)

py-sphinx: updated to 4.3.1

Release 4.3.1 (released Nov 28, 2021)

Features added
* mathjax: Support chnaging the loading method of MathJax to ���defer��� via mathjax_options
Bugs fixed
* autodoc: AttributeError is raised on building document for functions decorated by functools.lru_cache
* autodoc: AttributeError is raised on building document for an object having invalid __doc__ atribute
* autodoc: Failed to process a function wrapped with functools.partial if autodoc_preserve_defaults enabled
* html: Class namespace collision between autodoc signatures and docutils-0.17
* imgmath: Crashed if the dvisvgm command failed to convert equation
* mathjax: Failed to render equations via MathJax v2. The loading method of MathJax is back to ���async��� method again

(adam)

git: updated to 2.34.1

Git v2.34.1 Release Notes
=========================

This release is primarily to fix a handful of regressions in Git 2.34.

Fixes since v2.34
-----------------

* "git grep" looking in a blob that has non-UTF8 payload was
  completely broken when linked with certain versions of PCREv2
  library in the latest release.

* "git pull" with any strategy when the other side is behind us
  should succeed as it is a no-op, but doesn't.

* An earlier change in 2.34.0 caused JGit application (that abused
  GIT_EDITOR mechanism when invoking "git config") to get stuck with
  a SIGTTOU signal; it has been reverted.

* An earlier change that broke .gitignore matching has been reverted.

* SubmittingPatches document gained a syntactically incorrect mark-up,
  which has been corrected.

(adam)

Support RELRO

When running cmake it is required to do ${SETENV} ${CONFIGURE_ENV},
otherwise pkgsrc LDFLAGS will not be passed to cmake.

(pho)

zenity: move perl:run from buildlink to USE_TOOLS

(cirnatdan)

zenity: Remove unused(?) build dependency

(cirnatdan)

Add a missing dependency on qt5-qtgraphicaleffects

cool-retro-term can be built without it but aborts on startup.

(pho)

Add a missing newline at EOF

(pho)

doc: Updated security/ruby-oauth to 0.5.8

(taca)

security/ruby-oauth: update to 0.5.8

0.5.8 (2021-11-10)

Added

* Added more documentation files to packaged gem, e.g. SECURITY.md,
  CODE_OF_CONDUCT.md

Fixed

* Removed reference to RUBY_VERSION from gemspec, as it depends on rake
  release, which is problematic on some ruby engines. (by @pboling)

0.5.7 (2021-11-02)

Added

* Setup Rubocop (#205, #208 by @pboling)
* Added CODE_OF_CONDUCT.md (#217, #218 by @pboling)
* Added FUNDING.yml (#217, #218 by @pboling)
* Added Client Certificate Options: :ssl_client_cert and :ssl_client_key
  (#136, #220 by @pboling)
* Handle a nested array of hashes in OAuth::Helper.normalize (#80, #221 by
  @pboling)

Changed

* Switch from TravisCI to Github Actions (#202, #207, #176 by @pboling)
* Upgrade webmock to v3.14.0 (#196 by @pboling)
* Upgrade em-http-request to v1.1.7 (#173 by @pboling)
* Upgrade mocha to v1.13.0 (#193 by @pboling)
* HISTORY renamed to CHANGELOG.md, and follows Keep a Changelog (#214, #215
  by @pboling)
* CHANGELOG, LICENSE, and README now ship with packaged gem (#214, #215 by
  @pboling)
* README.rdoc renamed to README.md (#217, #218 by @pboling)
* Require plaintext signature method by default (#135 by @confiks &
  @pboling)

Fixed

* Fixed Infinite Redirect in v0.5.5, v0.5.6 (#186, #210 by @pboling)
* Fixed NoMethodError on missing leading slash in path (#194, #211 by
  @pboling)
* Fixed NoMethodError on nil request object (#165, #212 by @pboling)
* Fixed Unsafe String Comparison (#156, #209 by @pboling and @drosseau)
* Fixed typos in Gemspec (#204, #203, #208 by @pboling)
* Copyright Notice in LICENSE - added correct years (#217, #218 by @pboling)
* Fixed request proxy Class constant reference scopes - was missing :: in
  many places (#225, #226 by @pboling)

Removed

* Remove direct development dependency on nokogiri (#299 by @pboling)

(taca)

doc: Added lang/rust-analyzer version 0.0.2021.11.22

(wiz)

lang/Makefile: + rust-analyzer

(wiz)

lang/rust-analyzer: import rust-analyzer-0.0.2021.11.22

rust-analyzer is a modular compiler frontend for the Rust language.
It is a part of a larger rls-2.0 effort to create excellent IDE
support for Rust.

(wiz)

doc: Updated security/ruby-metasploit_payloads-mettle to 1.0.16

(taca)

security/ruby-metasploit_payloads-mettle: update to 1.0.16

No release note is available.  Please refer commit log
<https://github.com/rapid7/mettle/compare/v1.0.11...v1.0.16> in detail.

(taca)

doc: Updated security/ruby-metasploit-payloads to 2.0.60

(taca)

security/ruby-metasploit-payloads: update to 2.0.60

No release note is available.  Please refer commit log
<https://github.com/rapid7/metasploit-payloads/compare/v2.0.55...v2.0.60>
in details.

(taca)

Note addition of lang/rust-src version 1.56.1.

(he)

Add rust-src.

(he)

Add rust-std version 1.56.1, copied from pkgsrc-wip.

This package installs the rust-src rust component, which contains
the source code to the rust-std library.

This package may be needed by other packages which depends on the
type definitions for that library.

(he)

Note update of devel/apr to 1.7.0nb2.

(he)

Add a patch to deal with CVE-2021-35940.

An out-of-bounds array read in the apr_time_exp*() functions was
fixed in the Apache Portable Runtime 1.6.3 release (CVE-2017-12613).
The fix for this issue was not carried forward to the APR 1.7.x
branch, and hence version 1.7.0 regressed compared to 1.6.3 and is
vulnerable to the same issue.

https://svn.apache.org/viewvc?view=revision&revision=1891198

Bump PKGREVISION.

(he)

doc: Updated emulators/sameboy to 0.14.7

(nia)

sameboy: update to 0.14.7

                                    Changes

Version 0.14.7

  This version is backwards compatible with save states from SameBoy 0.11.x
  and newer, as well as save states from any BESS compliant emulator

  Accuracy Improvements/Fixes

    * Fixed incorrect emulation of the SVBK register
          * This fixed BESS compatibility issues between SameBoy and other
            emulators when importing save states of non-Color games on a Game
            Boy Color and using the original boot ROMs
          * This also fixes RAM not being properly randomized in DMG games
            running on a Game Boy Color when using the original boot ROMs

  Bug Fixes

    * Improvements to stability and security when loading save states

Version 0.14.6

  This version is backwards compatible with save states from SameBoy 0.11.x
  and newer, as well as save states from any BESS compliant emulator

  New/Improved Features

    * Scrolling is now smooth when running the SDL port on macOS
    * The SDL port窶冱 debugger now has a readline-like interface; featuring
      history, search, auto-complete, text formatting, and improved
      asynchronous input

  Accuracy Improvements/Fixes

    * Fixed a bug where NR32 was treated as the wrong value after an APU
      reset
    * Writes to wave RAM are now blocked, as expected, when emulating a Game
      Boy Advance
    * Fixed the Game Boy Color and Advance boot ROM not properly
      initializing wave RAM
    * Improved accuracy of mid-line SCX writes, fixes Infinity
    * ld sp, hl now triggers an OAM corruption on affected models
    * Improved emulation of Super Game Boy multiplayer, fixes several games
      that were not responding to inputs
    * Fixed the Super Game Boy ATTR_SET command not working correctly,
      fixing several mis-colored SGB games
    * Fixed inaccurate Super Game Boy border fade timing, which caused some
      games to have corrupt borders
    * Fixed inaccurate Super Game Boy graphic transfers, which caused some
      games to have corrupt borders
    * Fixed Super Game Boy rendering of unused tiles, which caused some
      games to obscure the Game Boy viewport entirely
    * Fixed a bug that caused 7-part Super Game Boy commands to lock SGB
      features, effectively freezing some games on blank screens
    * Several timing improvements to the Super Game Boy
    * Fixed a mistyped condition that caused a timer glitch to be
      incorrectly emulated
    * Accurate emulation of how the wave channel behaves on restart
    * Mostly complete emulation of an APU glitch where channel 3 could read
      from wave RAM while inactive using the CPU窶冱 main address bus on
      models prior to the Game Boy Advance
    * The Game Boy Color and Advance boot ROM animation had its timings
      slightly altered to better match the original boot ROMs

  Bug Fixes

    * A typo was fixed in the debugger mbc command
    * Fixed a crash in the SDL port that could happen when swapping ROMs
    * Handling of tiny (Less than 32KB) ROMs is now more consistent
    * Fixed a bug in the SDL port that flipped the controller left and right
      keys in the menu

  Misc Internal Changes

    * Fixed an internal struct issue that could have lead to future
      compatibility issues
    * The automatic tester now supports Super Game Boy

(nia)

doc: Updated emulators/mgba to 0.9.2

(nia)

mgba: update to 0.9.2

0.9.2: (2021-07-10)
Emulation fixes:
- GB Video: Clear VRAM on reset (fixes mgba.io/i/2152)
- GBA SIO: Add missing NORMAL8 implementation bits (fixes mgba.io/i/2172)
- GBA SIO: Fix missing interrupt on an unattached NORMAL transfer
- GBA Memory: Fix prefetch mask when swapping modes within a region
- GBA Serialize: Fix loading audio enable bit late (fixes mgba.io/i/2230)
- GBA Video: Revert scanline latching changes (fixes mgba.io/i/2153, mgba.io/i/2149)
Other fixes:
- ARM Debugger: Fix disassembly alignment (fixes mgba.io/i/2204)
- Core: Fix memory leak in opening games from the library
- Core: Fix memory searches for relative values (fixes mgba.io/i/2135)
- Core: Fix portable mode on macOS
- GB Audio: Fix audio channel 4 being slow to deserialize
- GB Core: Fix GBC colors setting breaking default model overrides (fixes mgba.io/i/2161)
- mGUI: Cache save state screenshot validity in state menu (fixes mgba.io/i/2005)
- Qt: Fix eventual deadlock when using sync to video
- Qt: Fix applying savetype-only overrides
- Qt: Fix crash in sprite view for partially out-of-bounds sprites (fixes mgba.io/i/2165)
- Qt: Fix having to press controller buttons twice for menu items (fixes mgba.io/i/2143)
- Qt: Redo sensor binding to be less fragile
- Qt: Reuse timer when rescheduling missing frames (fixes mgba.io/i/2236)
- Qt: Fix bounded fast forward with enhancement OpenGL renderer
- Util: Fix loading UPS patches that affect the last byte of the file
Misc:
- Util: Improve speed of UPS patch loading

(nia)

doc: Updated graphics/ImageMagick to 7.1.0.16

(wiz)

ImageMagick: update to 7.1.0.16.

2021-11-21  7.1.0-16  <quetzlzacatenango@image...>
  * Release ImageMagick version 7.1.0-16 GIT revision 19398:7dc99d829:20211121

2021-11-21  7.1.0-16  Dirk Lemstra <dirk@lem.....org>
  * Fixed an OpenCL build problem.

(wiz)

doc: Updated audio/fasttracker2 to 1.48

(nia)

fasttracker2: Update to 1.48

This fixes a crash and a quantization bug.

(nia)

doc: Updated audio/fluidsynth to 2.2.4

(wiz)

fluidsynth: update to 2.2.4.

    Per-channel ALL_SOUND_OFF when seeking/stopping player (#980, thanks to @albedozero)
    Fix windows related encoding problems (#984, thanks to @tsingakbar)
    Rewind playlist when calling fluid_player_play after all loops are complete (#994, thanks to @albedozero)
    Fix MinGW related static linking issues (#990, thanks to @realnc)

(wiz)