security/ruby-metasploit-payloads: update to 2.0.12

Update ruby-metasploit-payloads package to 2.0.12.

No release note is available.  Please refer commit log in details:
<https://github.com/rapid7/metasploit-payloads/compare/v2.0.5...v2.0.12>.

(taca)

doc: Updated security/ruby-bcrypt to 3.1.16

(taca)

security/ruby-bcrypt: update to 3.1.16

Update ruby-bcrypt package to 3.1.16.

3.1.16 Sep 3 2020
  - Fix compilation on FreeBSD. [GH #234]

3.1.15 July 21 2020
  - Remove GVL optimization.  Apparently it breaks things [GH #230]

3.1.14 July 21 2020
  - Start calibration from the minimum cost supported by the algorithm
    [GH #206 by @sergey-alekseev]

(taca)

doc: Updated print/ruby-prawn to 2.3.0

(taca)

print/ruby-prawn: update to 2.3.0

Update ruby-prawn to 2.3.0.

2.3.0 (2020-08-01)

This is release includes one new exiting feature: OTF fonts support.  You
can use them exactly as you'd use TTF fonts.  Thanks for this to @camertron.

Another notable change is the list of supported Rubies.  Since last release
a few new versions came out and a few reached their EOL.

Other than that a number of bugs have been fixed.  See Changelog for the
details.

(taca)

doc: Updated print/ruby-pdf-core to 0.8.1

(taca)

print/ruby-pdf-core: update to 0.8.1

Update ruby-pdf-core pacakge to 0.8.1.

0.8.1 - 2018-04-28

Fixed

* Make sure stamp streams are fritable Alexander Mankuta
* Handle text rendering from forzen strings Alexander Mankuta

0.8.0 - 2018-04-27

Changed

* Minimum Ruby version is 2.3 Alexander Mankuta
* Trailing fraction zeroes are removed from numbers Alexander Mankuta

(taca)

doc: Updated net/ruby-winrm-fs to 1.3.5

(taca)

net/ruby-winrm-fs: update to 1.3.5

Update ruby-winrm-fs package to 1.3.5.

1.3.5 (2020-09-10)

* Optimize requires
* Ensure connections are closed
* Include dot files

(taca)

doc: Updated net/ruby-ruby_smb to 2.0.4

(taca)

net/ruby-ruby_smb: update to 2.0.4

Update ruby-ruby_smb package to 2.0.4.

No release note is available.  Please refer:
<https://github.com/rapid7/ruby_smb/compare/v2.0.1...v2.0.4>.

(taca)

doc: Updated net/ruby-recog to 2.3.14

(taca)

net/ruby-recog: update to 2.3.14

Update ruby-recog package to 2.3.14.

2.3.14 - 2020.08.07

Highlights:

* HTTP: Improved coverage of VNC related web services (#282)
* HTTP: Improved coverage and CPEs of SonicWall and Cisco Expressway (#283)

2.3.13 - 2020.08.03

Highlights:

* Improving coverage of Moxa devices (#280)
* Adding fingerprints for certain high volume services as observed by
  Project Sonar (#280, #281)
* CPE: Improving the number of fingerprints and Project Sonar matches that
  returned CPEs (#281)

2.3.12 - 2020.07.23

Highlights:

* HTTP: Additional SAP NetWeaver and Glassfish coverage and fixes (#279)
* FTP: Serv-U and Filezilla improvements (#279)
* CPE: Tweaks to vendor, service, and cpe-remap.yaml which resulted in much
  better coverage for services frequently seen on the Internet. See PR for
  stats. (#279)

2.3.11 - 2020.07.16

Highlights:

* HTTP: Adjust banner for $ProjectRevision (Treck TCP/IP) by Anderson Luan
  (#272)
* HTTP: SAP Internet Graphics Server and Message Server fingerprints (#275)
* DNS: Windows Server 2008 SP2, performance and other coverage tweaks (#276)
* DNS: Avoid spoofed Microsoft DNS Server, add Debian Buster (#277)
* CPE: Correct CPE generating automation (#278)

2.3.10 - 2020.07.14

Highlights:

* SAP NetWeaver: Telnet and HTTP tweaks (#274)

2.3.9 - 2020.07.14

Highlights:

* Upgrade lxml, improve fingerprint readability (#268)
* New fingerprints and completed normalization by HD Moore (#269)
* New Database: favicons.xml (MD5 fingerprints for favicon.ico files) by HD
  Moore (#270)
* HTTP: Project Sonar HTTP updates (including SAP Netweaver / Oracle) (#273)

(taca)

doc: Updated net/ruby-public_suffix to 4.0.6

(taca)

net/ruby-public_suffix: update to 4.0.6

Update ruby-public_suffix package to 4.0.6.

## 4.0.6

### Changed

- Updated definitions.

(taca)

doc: Updated net/ruby-nio4r to 2.5.3

(taca)

net/ruby-nio4r: update to 2.5.3

Update ruby-nio4r package to 2.5.3.

2.5.3 (2020-09-07)

* #241 Possible bug with Ruby >= 2.7.0 and GC.compact. (@boazsegev)

(taca)

doc: Updated net/ruby-net-ldap to 0.16.3

(taca)

net/ruby-net-ldap: update to 0.16.3

Update ruby-net-ldap package to 0.16.3.

0.16.3 (2020-08-18)

* Add Net::LDAP::InvalidDNError #371
* Use require_relative instead of require #360
* Address some warnings and fix JRuby test omissions #365
* Bump rake dev dependency to 12.3 #359
* Enable rubocop in ci #251
* Enhance rubocop configuration and test syntax #344
* CI: Drop rbx-2, uninstallable #364
* Fix RuboCop warnings #312
* Fix wrong error class #305
* CONTRIBUTING.md: Repair link to Issues #309
* Make the generate() method more idiomatic... #326
* Make encode_sort_controls() more idiomatic... #327
* Make the instrument() method more idiomatic... #328
* Fix uninitialised Net::LDAP::LdapPduError #338
* README.rdoc: Use SVG build badge #310
* Update TravisCI config to inclue Ruby 2.7 #346
* add explicit ** to silence Ruby 2.7 warning #342
* Support parsing filters with attribute tags #345
* Bump rubocop development dependency version #336
* Add link to generated and hosted documentation on rubydoc #319
* Fix 'uninitialized constant Net::LDAP::PDU::LdapPduError' error #317
* simplify encoding logic: no more chomping required #362

(taca)

doc: Updated net/ruby-dnsruby to 1.61.4

(taca)

net/ruby-dnsruby: update to 1.61.4

Update ruby-dnsruby package to 1.61.4.

## v1.61.4

* Dnsruby::Name : document .punycode
* gemspec enhancement
* add yard build file
* fix create name include url special characters
* Fix uninitialized constant error when using via Rails
* Implement ECDSAP256SHA256 (13) / ECDSAP384SHA384 (14) algorithms for DNSKEY
* Reinitialize all IANA TAR keys with Dnssec.reset

(taca)

doc: Updated net/ruby-amq-protocol to 2.3.2

(taca)

net/ruby-amq-protocol: update to 2.3.2

Update ruby-amq-protocol package to 2.3.2.

## Changes between 2.3.1 and 2.3.2 (July 10th, 2020)

### Safer Encoding Handling When Serialising Message Properties and Headers

Contributed by @bbascarevic-tti.

(taca)

doc: Updated misc/ruby-sprockets-rails to 3.2.2

(taca)

misc/ruby-sprockets-rails: update to 3.2.2

Update ruby-sprockets-rails package to 3.2.2.

3.2.2 (2020-09-12)

* Fix extending ActionView::Base instances with Sprockets::Rails::Helper on
  Rails 6.1
* Fix deprecation warning on Ruby 2.7 [#454]
* action_view/base is no longer required when rake tasks are loaded [#455]
* Asset not precompiled error exception renamed to AssetNotPrecompiledError
  [#414]

(taca)

doc: Updated misc/ruby-slop to 4.8.2

(taca)

misc/ruby-slop: update to 4.8.2

Update ruby-slop package to 4.8.2.

4.8.2 (2020-07-10)

Bug fixes:

* Fix bug where separator position was messed up if using help: false #253

(taca)

doc: Updated graphics/ruby-image_size to 2.1.0

(taca)

graphics/ruby-image_size: update to 2.1.0

Update ruby-image_sizepackage to 2.1.0.

2.1.0 (2020-08-09)

* Add handling of JPEG 2000: part 1 (jp2), part 2 (jpx) and codestream (j2c)
  #13 @toy
* Correct handling of pam images and cleanup handling of Netpbm images (pbm,
  pgm, pnm) @toy

(taca)

doc: Updated graphics/ruby-chunky_png to 1.3.12

(taca)

graphics/ruby-chunky_png: update to 1.13.2

Update ruby-chunky_png package to 1.13.2.

1.13.2 (2020-08-03)

* Implemented ChunkyPNG::Dimension#hash to fix some specs after a behavior
  change in RSpec.

(taca)

doc: Updated devel/ruby-zeitwerk to 2.4.0

(taca)

devel/ruby-zeitwerk: update to 2.4.0

Update ruby-zeitwerk to 2.4.0.

2.4.0 (15 July 2020)

* Zeitwerk::Loader#push_dir supports an optional namespace keyword argument.
  Pass a class or module object if you want the given root directory to be
  associated with it instead of Object.  Said class or module object cannot
  be reloadable.

* The default inflector is even more performant.

(taca)

doc: Updated devel/ruby-uuidtools to 2.2.0

(taca)

devel/ruby-uuidtools: update to 2.2.0

Update ruby-uuidtools to 2.2.0.

== UUIDTools 2.2.0
* drop support for ruby < 2.3
* use Integer vs Fixnum
* performance improvements

(taca)

doc: Updated devel/ruby-stomp to 1.4.10

(taca)

devel/ruby-stomp: update to 1.4.10

Update ruby-stomp to ruby-stomp.

## 1.4.10 (2020-08-19)

* Fix issue #165
* Reinstate autoflush behavior
* Correct _receive method signature
* Update version

* More debugging messages in netio.rb.

(taca)

doc: Updated devel/ruby-simplecov to 0.19.0

(taca)

devel/ruby-simplecov: update to 0.19.0

Update ruby-simplecov to 0.19.0.

0.19.0 (2020-08-16)
==========

## Breaking Changes
* Dropped support for Ruby 2.4, it reached EOL

## Enhancements

* observe forked processes (enable with SimpleCov.enable_for_subprocesses).
  See [#881](https://github.com/simplecov-ruby/simplecov/pull/881), thanks
  to [@robotdana](https://github.com/robotdana)

* SimpleCov distinguishes better that it stopped processing because of a
  previous error vs. SimpleCov is the originator of said error due to
  coverage requirements.

## Bugfixes

* Changing the `SimpleCov.root` combined with the root filtering didn't
  work.  Now they do! Thanks to
  [@deivid-rodriguez](https://github.com/deivid-rodriguez) and see
  [#894](https://github.com/simplecov-ruby/simplecov/pull/894)

* in parallel test execution it could happen that the last coverage result
  was written to disk when it didn't complete yet, changed to only write it
  once it's the final result

* if you run parallel tests only the final process will report violations of
  the configured test coverage, not all previous processes

* changed the parallel_tests merging mechanisms to do the waiting always in
  the last process, should reduce race conditions

## Noteworthy

* The repo has moved to https://github.com/simplecov-ruby/simplecov -
  everything stays the same, redirects should work but you might wanna
  update anyhow

* The primary development branch is now `main`, not `master` anymore.  If
  you get simplecov directly from github change your reference.  For a while
  `master` will still be occasionally updated but that's no long term
  solion.

(taca)

doc: Updated devel/ruby-sexp-processor to 4.15.1

(taca)

devel/ruby-sexp-processor: update to 4.15.1

Update ruby-sexp-processor to 4.15.1.

=== 4.15.1 / 2020-08-31

* 1 bug fix:

  * Bumped ruby version to include 3.0 (trunk).

(taca)

doc: Updated devel/ruby-tty-prompt to 0.22.0

(taca)

devel/ruby-tty-prompt: update to 0.22.0

Update ruby-tty-prompt to 0.22.0.

## [v0.22.0] - 2020-07-20

### Added
* Add #slider format customization with a proc by Sven Pchnit(@2called-chaos)
* Add convert message customization
* Add conversion of input into Array, Hash or URI object
* Add callable objects as possible values in :active_color and :help_color
* Add shortcuts to select of all/reverse choices in #multi_select prompt
* Add :help option to #slider prompt
* Add :quiet option to remove final prompt output by Katelyn Schiesser (@slowbro)
* Add :show_help option to control help display in #select, #multi_select, #enum_select
  and #slider prompts

### Changed
* Changed question :validation option to :validate by Sven Pachnit(@2called-chaos)
* Change ConverterRegistry to store only proc values and simplify interface
* Change Converters to stop raising errors and print console error messages instead
* Change :range conversion to handle float numbers
* Change yes?/no? prompt to infer default value from words and raise when
  no boolean can be deduced
* Change Prompt#new to use keyword arguments
* Change #select/#multi_select prompts default help text
* Change #multi_select to preserve original ordering in returned answers
* Change to remove necromancer dependency
* Change TTY::TestPrompt to TTY::Prompt::Test
* Change #select,#multi_select & #enum_select to allow mix of options and block parameters configuration
* Change to allow filtering through symbol choice names
* Change all errors to inherit from common Error class

### Fixed
* Fix multiline prompt to return default value when no input provided
* Fix color option overriding in say, ok, error and warn prompts
* Fix Prompt#inspect format to display all public attributes

(taca)

doc: Updated devel/ruby-tty-reader to 0.8.0

(taca)

devel/ruby-tty-reader: update to 0.8.0

Update ruby-tty-reader to 0.8.0.

## [v0.8.0] - 2020-06-28

### Changed
* Change gemspec to load version directly and remove test artefacts
* Change to update tty-screen dependency
* Change to remove bundler dev dependency and relax wisper version

(taca)

doc: Updated devel/ruby-tty-screen to 0.8.1

(taca)

devel/ruby-tty-screen: update to 0.8.1

Update ruby-tty-screen to 0.8.1.

## [v0.8.1] - 2020-07-17

### Fixed
* Fix name resolution with TTY::File by Alexey Nikitin (@tank-bohr)

(taca)

doc: Updated devel/ruby-tty-box to 0.6.0

(taca)

devel/ruby-tty-box: update to 0.6.0

Update ruby-tty-box to 0.6.0.

## [v0.6.0] - 2020-08-11

### Changed
* Change to preserve newline characters when wrapping content
* Change gemspec to include metadata and remove test files
* Change to update pastel & strings dependencies

(taca)

doc: Updated devel/ruby-tty-color to 0.5.2

(taca)

devel/ruby-tty-color: update to 0.5.2

Update ruby-tty-color to 0.5.2

## [v0.5.2] - 2020-08-09

### Changed
* Change gemspec and remove bundler as dev dependency
* Change TTY::Color::Support to define verbose as keyword argument

(taca)

doc: Updated textproc/ruby-strings to 0.2.0

(taca)

textproc/ruby-strings: update to 0.2.0

Update ruby-strings to 0.2.0.

## [v0.2.0] - 2020-08-11

### Changed
* Change String#wrap to preserve newline character breaks
* Change gemspec to remove test artefacts and bundler dev dependency
* Change gemspec to require Ruby >= 2.0.0

(taca)

doc: Updated lang/ruby-cucumber-gherkin to 15.0.2

(taca)

lang/ruby-cucumber-gherkin: update to 15.0.2

Update ruby-cucumber-gherkin to 15.0.2.

15.0.0 - 2020-08-07

Changed

* Update messages to 13.0.1

14.2.0 - 2020-07-31

Changed

* Update messages to 12.4.0

14.1.0 - 2020-07-29

Changed

* Update messages to 12.3.2

14.0.2 - 2020-06-29

Fixed

* [JavaScript] Actually merge #1094 - it wasn't done in 14.0.1
* [JavaScript] Throw NoSuchLanguageException when language is unknown #1102 (#1102 [mpkorstanje])

14.0.1 - 2020-06-29

Fixed

* [JavaScript] Remove test code from exports (#1094 aslakhellesoy)

14.0.0 - 2020-06-27

Added

* [Java] Enable consumers to find our version at runtime using clazz.getPackage().getImplementationVersion() by upgrading to cucumber-parent:2.1.0 (#976 aslakhellesoy)
* [Java/Ruby/Go/Javascript] Add tests to ensure we do not delete whitespace inside a table cell (#769 [mpkorstanje] [vincent-psarga])

Changed

* Upgrade to messages 12.2.0
* [Ruby] gherkin-query: if a feature file is empty, do not update anything. (cucumber-ruby#1427 [vincent-psarga])
* [JavaScript] Change gherkinQuery API:
* getPickleIds: now takes a URI and an astNodeId to find the pickle ids instead of a line number
* getPickleStepIds: now takes an astNodeId parameter instead of a URL and a line number to locate the pickle step id
* expose parse and parseAndCompile utilities
* Fixed Estonian translation of "Rule" (#973 [ookull])
* Fixed Estonian translation of "Scenario Outline" (#972 [ookull])

Fixed

* [JavaScript] Update gherkin-languages.json, which hadn't been updated for a few versions (not sure for how long!)
* [Ruby] Fix the default constructor of Gherkin::Parser (#1074 aslakhellesoy)
* [Ruby] Use require_relative for internal requires (#1010 [deivid-rodriguez])
* [Javascript] Escape regex characters in table header (#1077 [mpkorstanje])

(taca)

doc: Updated devel/ruby-rugged to 1.0.1

(taca)

devel/ruby-rugged: update to 1.0.1

Update ruby-rugged package to 1.0.1.

No release note nor changes is available.

(taca)

doc: Updated devel/ruby-posix-spawn to 0.3.15

(taca)

devel/ruby-posix-spawn: update to 0.3.15

Update ruby-posix-spawn package to 0.3.15.

0.3.15 (2020-07-14)

* Fix deprecated Object#=~ call.
* Fix ambiguous argument warning.
* Fix circular require warning.

(taca)

doc: Updated devel/ruby-pkg-config to 1.4.2

(taca)

devel/ruby-pkg-config: update to 1.4.2

Update ruby-pkg-config package to 1.4.2.

== 1.4.2 - 2020-08-10

=== Improvements

  * Added support for detecting pkgconfig path on RubyInstaller
    without "ridk exec".

(taca)

doc: Updated devel/ruby-pastel to 0.8.0

(taca)

devel/ruby-pastel: update to 0.8.0

Update ruby-pastel package to 0.8.0.

## [v0.8.0] - 2020-07-04

### Changed
* Change gemspec to require Ruby 2.0 or higher
* Change Pastel#new to use keyword arguments in place of hash options
* Change to freeze all strings
* Remove equatable dependency

### Fixed
* Fix Pastel#strip to recognise no-number reset by DanielVartanov(@DanielVartanov)
* Fix Pastel#undecorate to correctly assign styles for nested colors

(taca)

doc: Updated devel/ruby-parser to 3.15.0

(taca)

devel/ruby-parser: update to 3.15.0

Update ruby-parser package to 3.15.0.

=== 3.15.0 / 2020-08-31

* 1 major enhancement:

  * Added tentative 2.7 support.

* 1 minor enhancement:

  * Improved ruby_parse_extract_error's handling of moving slow files out.

* 22 bug fixes:

  * Bumped ruby version to include 3.0 (trunk).
  * Fix an error related to empty ensure bodies. (presidentbeef)
  * Fix handling of bad magic encoding comment.
  * Fixed SystemStackError when parsing a huoooge hash, caused by a splat arg.
  * Fixed a number of errors parsing do blocks in strange edge cases.
  * Fixed a string backslash lexing bug when the string is an invalid encoding. (nijikon, gmcgibbon)
  * Fixed bug assigning line number to some arg nodes.
  * Fixed bug concatinating string literals with differing encodings.
  * Fixed bug lexing heredoc w/ nasty mix of \r\n and \n.
  * Fixed bug lexing multiple codepoints in \u{0000 1111 2222} forms.
  * Fixed bug setting line numbers in empty xstrings in some contexts.
  * Fixed edge case on call w/ begin + do block as an arg.
  * Fixed handling of UTF BOM.
  * Fixed handling of lexer state across string interpolation braces.
  * Fixed infinite loop when lexing backslash+cr+newline (aka dos-files)
  * Fixed lambda + do block edge case.
  * Fixed lexing of some ?\M... and ?\C... edge cases.
  * Fixed more do/brace block edge case failures.
  * Fixed parsing bug where splat was used in the middle of a list.
  * Fixed parsing of interpolation in heredoc-like strings. (presidentbeef)
  * Fixed parsing some esoteric edge cases in op_asgn.
  * Fixed unicode processing in ident chars so now they better mix.

(taca)

doc: Updated devel/ruby-minitest to 5.14.2

(taca)

devel/ruby-minitest: update to 5.14.2

Update ruby-minitest to 5.14.2.

=== 5.14.2 / 2020-08-31

* 1 bug fix:

  * Bumped ruby version to include 3.0 (trunk).

(taca)

doc: Updated devel/ruby-logging to 2.3.0

(taca)

devel/ruby-logging: update to 2.3.0

Update ruby-logging package to 2.3.0.

== 2.3.0 / 2020-07-04

Enhancements

- all appender output is now synchronized [PR #219]
- renamed the `LogEvent#method` to no longer conflict with `Kernel#method`
  [PR #218]
- @bhuga (not the Fortnite star) added a `raise_errors` method for debugging
  [PR #203]
- thanks to @olleolleolle for keeping on top of Travis and Ruby versions

Bug Fixes
- conosle appenders can be reopened [PR #220]
- fixed a race condition in the rolling file appender [PR #216]
- fixed a race condition when opening log file destinations [PR #208 #217]
- @MikaelSmith fixed a race condition in Logger creation [PR #201]
- documentation bug fixes [PR #184 #185 #188 #194 #209]

(taca)

doc: Updated devel/ruby-i18n to 1.8.5

(taca)

devel/ruby-i18n: update to 1.8.55

Update ruby-i18n package to 1.8.55.

1.8.4 (2020-07-20)

* Fixed issue where fallbacks were not working when I18n.fallbacks was an
  array - #534
* Fixed conditional around deprecating constant of INTERPOLATION_PATTERN -
  #531

1.8.5 (2020-08-04)

* Fixed an issue where users could not use their own custom fallback classes
  - #536

(taca)

doc: Removed devel/ruby-google-protobuf

(taca)

devel/ruby-google-protobuf: remove package

Remove ruby-google-protobuf.

This package was added for ruby-cucumber-messages package but that package
switched to use ruby-protobuf-cucumber some time ago.

(taca)

devel/Makefile: remove ruby-google-protobuf

(taca)

doc: Updated devel/ruby-cucumber-wire to 4.0.1

(taca)

devel/ruby-cucumber-wire: update to 4.0.1

Update ruby-cucumber-wire to 4.0.1.

## [4.0.1](https://github.com/cucumber/cucumber-ruby-wire/compare/v4.0.0...v4.0.1)

### Dependencies

* Updated dependencies (look at the diff for details)

## [4.0.0](https://github.com/cucumber/cucumber-ruby-wire/compare/v3.1.0...v4.0.0)

* Release failed

## [3.1.0](https://github.com/cucumber/cucumber-ruby-wire/compare/v3.0.0...v3.1.0)

### Changed

* Updated gems:
  * `cucumber-core` ~> 7.1.0
  * `cucumber-messages` ~> 12.2.0

(taca)

doc: Updated devel/ruby-cucumber-expressions to 10.3.0

(taca)

devel/ruby-cucumber-expressions: update to 13.0.1

Update ruby-cucumber-expressions to 13.0.1.

No release notes available.

(taca)

doc: Updated devel/ruby-cucumber-core to 8.0.1

(taca)

devel/ruby-cucumber-core: update to 8.0.1

Update ruby-cucumber-core to 8.0.1.

No release notes available.

(taca)

doc: Updated devel/ruby-cucumber-messages to 13.0.1

(taca)

devel/ruby-cucumber-messages: update to 13.0.1

No release notes available.

(taca)

doc: Updated devel/ruby-concurrent-ruby to 1.1.7

(taca)

devel/ruby-concurrent-ruby: update to 1.1.7

Update ruby-concurrent-ruby to 1.1.7.

## Release v1.1.7 (6 August 2020)

concurrent-ruby:

* (#879) Consider falsy value on
  `Concurrent::Map#compute_if_absent` for fast non-blocking path
* (#876) Reset Async queue on forking, makes Async fork-safe
* (#856) Avoid running problematic code in RubyThreadLocalVar on
  MRI that occasionally results in segfault
* (#853) Introduce ThreadPoolExecutor without a Queue

(taca)

doc: Updated devel/ruby-ffi-yajl to 2.3.4

(taca)

devel/ruby-ffi-yajl: update to 2.3.4

Update ruby-ffi-yajl to 2.3.4.

2.3.4 (2020-08-17)

* Optimize our requires #109 (tas50)

(taca)

doc: Updated devel/ruby-backports to 3.18.2

(taca)

devel/ruby-backports: update to 3.18.2

Update ruby-backports to 3.18.2.

3.18.2 - 2020-08-26

* Require per ruby version now properly requiring 2.3.0 backports for
  String [#152]

3.18.1 - 2020-06-23

* Fixed Changelog URI in gem manifest

(taca)

doc: Updated devel/hoe to 3.22.2

(taca)

devel/hoe: update to 3.22.2

Update hoe to 3.22.2.

=== 3.22.2 / 2020-08-31

* 1 bug fix:

  * Bumped ruby version to include 3.0 (trunk).

(taca)

doc: Updated databases/ruby-sequel to 5.36.0

(taca)

databases/ruby-sequel: update to 5.36.0

Update ruby-sequel to 5.36.0.

=== 5.36.0 (2020-09-01)

* Handle passing keyword arguments through class methods defined via
  Plugins.def_dataset_method on Ruby 2.7+ (jeremyevans)

* Handle passing keyword arguments through when loading plugins on Ruby 2.7+
  (jeremyevans)

* Handle passing keyword arguments through migrations when defining custom
  Database methods that accept keywords on Ruby 2.7+ (jeremyevans)

* Handle passing keyword arguments through Dataset#query when using the
  query extension on Ruby 2.7+ (jeremyevans)

* Handle passing keyword arguments through the association proxy when using
  the association_proxies plugin on Ruby 2.7+ (jeremyevans)

* Handle passing keyword arguments through the class method to a method
  defined in dataset_module on Ruby 2.7+ (adam12) (#1713)

* Stream result sets in the odbc adapter for better performance and lower
  memory usage (sparrovv) (#1711)

* Add Postgres::JSONBOp#set_lax and #path_*_tz methods to the pg_json_ops
  extension for new jsonb functions added in PostgreSQL 13 (jeremyevans)

* Add Dataset#with_ties on PostgreSQL 13+ and Microsoft SQL Server to
  include rows with same order as final row (jeremyevans)

* Add a :current_schema option to Database#view_exists? (only defined on
  Oracle) to look in the current schema instead of non-system schemas
  (jeremyevans) (#1710)

* Recognize another disconnect error in the mysql and mysql2 adapters
  (jeremyevans) (#1706)

(taca)

doc: Updated databases/ruby-ldap to 0.9.20

(taca)

databases/ruby-ldap: update to 0.9.20

Update ruby-ldap to 0.9.20.

pkgsrc change: remove redundant "ruby" in CATEGORIES.

Wed Jul 11 21:58:38 UTC 2018 Alexey Chebotar <alexey.chebotar@gmail.com>
  * Version 0.9.20
  * Added support of LDAP_OPT_X_TLS_NEWCTX. Thanks to Kouhei Sutou.

Mon Jun 20 14:30:52 UTC 2016 Alexey Chebotar <alexey.chebotar@gmail.com>
  * Version 0.9.19
  * Fixed parsing of LDIF with CR LF line separators (GH-38).
    Thanks to doppelreim.

Fri Mar  4 11:17:21 UTC 2016 Alexey Chebotar <alexey.chebotar@gmail.com>
  * Version 0.9.18
  * backout issue32 to compile for ruby-1.8.x.
    Thanks to SUENAGA Hiroki.

Fri Feb  6 08:51:09 UTC 2015 Alexey Chebotar <alexey.chebotar@gmail.com>
  * Version 0.9.17
  * Use ruby object to keep LDAP search result instead of libldap's data structure.
  * Use macro Check_LDAPENTRY for assertion inside native extension codes.
  * Remove assertion code from macro GET_LDAPENTRY_DATA.
    Thanks to SUENAGA Hiroki.

(taca)

doc: Updated databases/ruby-moneta to 1.4.0

(taca)

databases/ruby-moneta: update to 1.4.0

Update ruby-moneta to 1.4.0.

1.4.0 (2020-08-23)

* Adapters::Mongo - drop support for moped gem (#182)
* Adapters::Redis - use #exists? where available (#189)
* Some reorganisation of code into more separate files (#177)

(taca)

doc: Updated databases/ruby-activeldap to 6.0.3

(taca)

databases/ruby-activeldap: update to 6.0.3

Update ruby-activeldap to 6.0.3.

## 6.0.3: 2020-08-17 {#release-6-0-3}

### Improvements

  * Added support for `save(validate: false)`.
    [GitHub#180][Reported by Kevin McCormack]

  * jndi: Added support for follow referrals.
    [GitHub#182][Patch by Kevin McCormack]

### Fixes

  * Fixed a bug that sub base is ignored in DN specified by `new`.
    [GitHub#185][Reported by Kevin McCormack]

### Thanks

  * Kevin McCormack

(taca)

doc: Updated archivers/ruby-mixlib-archive to 1.0.7

(taca)

archivers/ruby-mixlib-archive: update to 1.0.7

Update ruby-mixlib-archive to 1.0.7.

1.0.7 (2020-08-21)

* Optimize our requires #53 (tas50)

1.0.6 (2020-08-13)

* Optimize requires for non-omnibus installs #52 (tas50)

(taca)

doc: Updated archivers/ruby-ffi-libarchive to 1.0.4

(taca)

archivers/ruby-ffi-libarchive: update to 1.0.4

Update ruby-ffi-libarchive to 1.0.4.

v1.0.4 (2020-08-13)

* Optimize requires for non-omnibus installs #34 (tas50)

(taca)

doc: Updated misc/ruby-bundler1 to 1.17.3nb2

(taca)

misc/ruby-bundler1: apply security fix

Apply patch for CVE-2019-3881.

Bump PKGREVISION.

(taca)

doc: Updated www/ruby-rails60 to 6.0.3.3nb1

(taca)

www/ruby-rails60: fix dependency

* There is no need to stay on misc/ruby-bundler1 and switch to
  depends on misc/ruby-bundler.

Bump PKGREVISION

(taca)

doc: Updated www/ruby-rails52 to 5.2.4.4nb1

(taca)

www/ruby-rails52: fix dependency

* Fix dependency to to ruby-bundler, "RUBY_VER < 26" instead of
  "RUBY_VER != 26".
* There is no need to stay on misc/ruby-bundler1 and switch to
  depends on misc/ruby-bundler.

Bump PKGREVISION

(taca)

doc: Removed databases/ruby-arel80

(taca)

databases/ruby-arel80: remove package

Remove one more package which is kept for rails51.

(taca)

databases/Makefile: remove ruby-arel80

(taca)

lang/ruby: drop support for Ruby on Rails 5.1

* Drop support for Ruby on Rails 5.1.
* Remove useless conditional (i.e. always true after remove of Rails 4.2).

(taca)

doc: Removed devel/ruby-activesupport51

(taca)

devel/ruby-activesupport51: remove package

Remove ruby-activesupport51 (Ruby on Rails 5.1.*) package which is EOL.

(taca)

devel/Makefile: remove ruby-activesupport51

(taca)

textproc/ruby-rails-dom-testing: drop support rails51

Drop support for rails51.

(taca)

doc: Removed devel/ruby-activemodel51

(taca)

devel/ruby-activemodel51: remove package

Remove ruby-activemodel51 (Ruby on Rails 5.1.*) package which is EOL.

(taca)

devel/Makefile: remove ruby-activemodel51

(taca)

doc: Removed devel/ruby-activejob51

(taca)

devel/ruby-activejob51: remove package

Remove ruby-activejob51 (Ruby on Rails 5.1.*) package which is EOL.

(taca)

devel/Makefile: remove ruby-activejob51

(taca)

doc: Removed www/ruby-actionview51

(taca)

www/ruby-actionview51: remove package

Remove ruby-actionview51 (Ruby on Rails 5.1.*) package which is EOL.

(taca)

www/Makefile: remove ruby-actionview51

(taca)

doc: Removed www/ruby-actionpack51

(taca)

www/ruby-actionpack51: remove pacakge

Remove ruby-actionpack51 (Ruby on Rails 5.1.*) package which is EOL.

(taca)

www/Makefile: remove ruby-actionpack51

(taca)

doc: Removed www/ruby-actioncable51

(taca)

www/ruby-actioncable51: remove package

Remove ruby-actioncable51 (Ruby on Rails 5.1.*) package which is EOL.

(taca)

doc: Removed databases/ruby-activerecord51

(taca)

databases/ruby-activerecord51: remove package

Remove ruby-activerecord51 (Ruby on Rails 5.1.*) package which is EOL.

(taca)

databases/Makefile: remove ruby-activerecord51

(taca)

doc: Removed mail/ruby-actionmailer51

(taca)

mail/ruby-actionmailer51: remove package

Remove ruby-actionmailer51 (Ruby on Rails 5.1.x) package which is EOL.

(taca)

mail/Makefile: remove ruby-actionmailer51

(taca)

doc: Removed devel/ruby-railties51

(taca)

devel/ruby-railties51: remove package

Remove ruby-railties51 (Ruby on Rails 5.1.*) package which is EOL.

(taca)

devel/Makefile: remove ruby-railties51

(taca)

doc: Removed www/ruby-coffee-rails4

(taca)

www/ruby-coffee-rails4: remove package

Remove ruby-coffee-rails4 pacakge which was kept for rails51 (Ruby on Rails
5.1.*) packages.

(taca)

www/Makefile: remove ruby-coffee-rails4

(taca)

doc: Removed www/ruby-rails51

(taca)

www/ruby-rails51: remove rails51 package

Remove rail51 (Ruby on Rails 5.1.x) package which is EOL.

(taca)

www/Makefile: remove ruby-rails51

(taca)

doc: Updated meta-pkgs/bulk-large to 20200911

(taca)

meta-pkgs/bulk-large: -ruby-rails51

* Drop www/ruby-rails51.

(taca)

doc: Updated devel/transifex-client to 0.13.11

(taca)

devel/transifex-client: update to 0.13.11

Update transifex-client to 0.13.11.

0.13.8 (2020-03-13)

* Tx-client is now able to follow any symbolic links while pushing content
  to Transifex.

0.13.9 (2020-04-07)

* Fixing a symlink issue.

0.13.10 (2020-06-12)

* New flag to compare file timestamp through git and slugify update.

0.3.11 (2020-07-09)

* New flag to compare file timestamp through git and slugify update.

(taca)

doc: Added devel/py-gitpython version 3.1.8

(taca)

devel/Makefile: add and enable py-gitpython

(taca)

devel/py-gitpython: add package version 3.1.8

Add py-gitpython package version 3.1.8.  It is required by new version of
transifex-client.

GitPython is a python library used to interact with Git repositories.

(taca)

doc: Added devel/py-gitdb version 4.0.5

(taca)

devel/Makefile: add and enable py-gitdb

(taca)

devel/py-gitdb: add package version 4.0.5

Add py-gitdb package version 4.0.5 from wip.  It is required by
py-gitpython.

GitDB allows you to access bare git repositories for reading and
writing. It aims at allowing full access to loose objects as well
as packs with performance and scalability in mind. It operates
exclusively on streams, allowing to handle large objects with a
small memory footprint.

(taca)

doc: Added devel/py-smmap version 3.0.4

(taca)

devel/Makefile: add and enable py-smmap

(taca)

devel/py-smmap: add package version 3.0.4

Add py-smmap package version 3.0.4 from wip.  It is required by py-gitdb.

Git implementation of a sliding window memory map manager.

(taca)

doc: note update of Ruby on Rails packagets to 6.0.3.3

devel/ruby-activesupport60
devel/ruby-activemodel60
devel/ruby-activejob60
www/ruby-actionview60
www/ruby-actionpack60
databases/ruby-activerecord60
mail/ruby-actionmailer60
mail/ruby-actionmailbox60
www/ruby-actioncable60
devel/ruby-railties60
devel/ruby-activestorage60
textproc/ruby-actiontext60
www/ruby-rails60

(taca)

www/ruby-rails60: update to 6.0.3.3

Update Ruby on Rails 60 to 6.0.3.3.

Security fix in ruby-actionview60.

## Rails 6.0.3.3 (September 09, 2020) ##

*  [CVE-2020-8185] Fix potential XSS vulnerability in the `translate`/`t` helper.

    *Jonathan Hefner*

(taca)

doc: note update of Ruby on rails pacakges to 5.2.4.4

devel/ruby-activesupport52
devel/ruby-activemodel52
devel/ruby-activejob52
www/ruby-actionview52
www/ruby-actionpack52
www/ruby-actioncable52
databases/ruby-activerecord52
devel/ruby-activestorage52
mail/ruby-actionmailer52
devel/ruby-railties52
www/ruby-rails52

(taca)

www/ruby-rails52: update to  5.2.4.4

Update Ruby on Rails 52 to 5.2.4.4.

Security fix in ruby-actionview52.

## Rails 5.2.4.4 (September 09, 2020) ##

*  [CVE-2020-15169] Fix potential XSS vulnerability in the `translate`/`t` helper

    *Jonathan Hefner*

(taca)

doc: Updated lang/php74 to 7.4.10

(taca)

lang/php74: udpate to 7.4.10

Update php74 to 7.4.10.

03 Sep 2020, PHP 7.4.10

- Core:
  . Fixed bug #79884 (PHP_CONFIG_FILE_PATH is meaningless). (cmb)
  . Fixed bug #77932 (File extensions are case-sensitive). (cmb)
  . Fixed bug #79806 (realpath() erroneously resolves link to link). (cmb)
  . Fixed bug #79895 (PHP_CHECK_GCC_ARG does not allow flags with equal sign).
    (Santiago M. Mola)
  . Fixed bug #79919 (Stack use-after-scope in define()). (cmb)
  . Fixed bug #79934 (CRLF-only line in heredoc causes parsing error).
    (Pieter van den Ham)
  . Fixed bug #79947 (Memory leak on invalid offset type in compound
    assignment). (Nikita)

- COM:
  . Fixed bug #48585 (com_load_typelib holds reference, fails on second call).
    (cmb)

- Exif:
  . Fixed bug #75785 (Many errors from exif_read_data).
    (N鱈ckolas Daniel da Silva)

- Gettext:
  . Fixed bug #70574 (Tests fail due to relying on Linux fallback behavior for
    gettext()). (Florian Engelhardt)

- LDAP:
  . Fixed memory leaks. (ptomulik)

- OPcache:
  . Fixed bug #73060 (php failed with error after temp folder cleaned up).
    (cmb)
  . Fixed bug #79917 (File cache segfault with a static variable in inherited
    method). (Nikita)

- PDO:
  . Fixed bug #64705 (errorInfo property of PDOException is null when
    PDO::__construct() fails). (Ahmed Abdou)

- Session:
  . Fixed bug #79724 (Return type does not match in ext/session/mod_mm.c).
    (Nikita)

- Standard:
  . Fixed bug #79930 (array_merge_recursive() crashes when called with array
    with single reference). (Nikita)
  . Fixed bug #79944 (getmxrr always returns true on Alpine linux). (Nikita)
  . Fixed bug #79951 (Memory leak in str_replace of empty string). (Nikita)

- XML:
  . Fixed bug #79922 (Crash after multiple calls to xml_parser_free()). (cmb)

(taca)

doc: Updated lang/php73 to 7.3.22

(taca)

lang/php73: update to 7.3.22

Update php73 to 7.3.22.

03 Sep 2020, PHP 7.3.22

- Core:
  . Fixed bug #79884 (PHP_CONFIG_FILE_PATH is meaningless). (cmb)
  . Fixed bug #77932 (File extensions are case-sensitive). (cmb)
  . Fixed bug #79806 (realpath() erroneously resolves link to link). (cmb)
  . Fixed bug #79895 (PHP_CHECK_GCC_ARG does not allow flags with equal sign).
    (Santiago M. Mola)
  . Fixed bug #79919 (Stack use-after-scope in define()). (cmb)
  . Fixed bug #79934 (CRLF-only line in heredoc causes parsing error).
    (Pieter van den Ham)

- COM:
  . Fixed bug #48585 (com_load_typelib holds reference, fails on second call).
    (cmb)

- Exif:
  . Fixed bug #75785 (Many errors from exif_read_data).
    (N鱈ckolas Daniel da Silva)

- Gettext:
  . Fixed bug #70574 (Tests fail due to relying on Linux fallback behavior for
    gettext()). (Florian Engelhardt)

- LDAP:
  . Fixed memory leaks. (ptomulik)

- OPcache:
  . Fixed bug #73060 (php failed with error after temp folder cleaned up).
    (cmb)

- PDO:
  . Fixed bug #64705 (errorInfo property of PDOException is null when
    PDO::__construct() fails). (Ahmed Abdou)

- Standard:
  . Fixed bug #79930 (array_merge_recursive() crashes when called with array
    with single reference). (Nikita)
  . Fixed bug #79944 (getmxrr always returns true on Alpine linux). (Nikita)
  . Fixed bug #79951 (Memory leak in str_replace of empty string). (Nikita)

- XML:
  . Fixed bug #79922 (Crash after multiple calls to xml_parser_free()). (cmb)

(taca)

doc: Removed net/bind941

(taca)

net/bind914: remove package

Remove bind914 package since it is EOL, May, 2020.

(taca)

net/Makefile: remove bind914

(taca)

doc: Updated meta-pkgs/bulk-medium to 20200901

(taca)

meta-pkgs/bulk-medium: update to 20200901

Replace bind914 to bind916.

(taca)

doc/TODO: -zkt + freetds

+ freetds-1.2.3
- zkt-1.1.3

(taca)

doc: Updated security/zkt to 1.1.4

(taca)

security/zkt: update to 1.1.4

* pkgsrc change: switch dependency from net/bind914 to net/bind916.

zkt 1.1.4 -- 9. May 2016

* misc Hint to mailinglist removed from README file

* bug pathname wasn't initialized in any case (dist_and_reload() in nscomm.c
Thanks Jeremy C. Reed

* bug move $(LIBS) at the end of the ggc link line in Makefile.in

* misc Exitcode of external command is now visible in log messages
stderr of each external command is redirected to stdin

* bug Fixed some potential memory leaks in ncparse.c dki.c zfparse.c
and zkt-soaserial.c (mostly a missing fclose() on error conditions).
Thanks to Jeremy C. Reed

* misc README file changed to Markdown syntax

* bug running zkt-keyman -3 didn't change anything on the key database
so a zkt-signer run afterwards didn't see anything to do.
Now the timestamp of the dnskey.db will be reset to a value less
than the timestamp of the (new) key signing key.
Thanks to Sven Strickroth for finding this.

* func New binary zkt-delegate added
Because it depends on the ldns library, it is located in
a separate directory and use a different Makefile

* func New Compile time option "--enable-ds-tracking" added.
Now dig is used on KSK rollover to check if the DS record
is announced in the parent zone.
Thanks to Sven Strickroth providing the patch.

zkt 1.1.3 -- 21. Nov 2014

* func New Config Parameter DependFiles added.
Contains a (comma separated) list of files which are
included into the ZoneFile. The timestamps of this files
are checked additional to the timestamp of the ZoneFile.
Based on a suggestion from Sven Strickroth

* misc Makefile changed to build tar file out of git repository

* misc Minimum supported BIND version is now 9.8

* bug Fixed bug in BIND version parsing (9.10.1 was parsed as 910
which is similar to 9.1.0)
Version 9.10.1 is parsed now as 091001

* misc Remove flag to request large exponent when creating keys
(BIND always creates keys with large exponents since BIND 9.5.0)

* misc Project moved to github
Thanks to Jakob Schlyter for doing the initial stuff

(taca)

doc: Updated benchmarks/dnsperf to 2.3.4

(taca)

benchmarks/dnsperf: update to 2.3.4

Update dnsperf to 2.3.4.

pkgsrc change: switch dependency from net/bind914 to net/bind916

2020-05-15 Jerry Lundstr旦m

    Release 2.3.4

    This release adds a workaround, thanks to patch from Petr Men邸鱈k, for
    building on systems with BIND 9.16. Also improves error handling by
    using thread-safe `strerror_r()` instead of `strerror()`.

    88c3ef4 strerror
    1917f67 openSUSE Tumbleweed
    fd39641 AS_VAR_APPEND
    aeeef74 bind 9.16
    07732cd BIND, libcrypto, clang format
    08146e3 Add crypto library to checks
    e4307c2 Add checks to pass with BIND 9.16
    3f9aed3 Prepare check for bind 9.11/9.16 return types

2020-05-06 Jerry Lundstr旦m

    Release 2.3.3

    This release changes the behavior of `dnsperf` and `resperf` when it
    comes to TCP and TLS connections, and updates package building using
    COPR (thanks to patch from Petr Men邸鱈k (Red Hat)).

    Connection reset or close are now treated as "try again" so that the
    run is finished and not aborted. As SIGPIPE might be received on usage
    of closed connections it's now blocked in `dnsperf` and handled as
    a fatal action in `resperf`.

    62885ad SIGPIPE
    106c50e connection
    3ef0899 README
    61a3b1c COPR
    35efa27 COPR
    46b37a1 COPR
    5c126ae COPR
    1c51b76 Provide full URL in spec
    2a4dd0e Allow recreation of source archive
    931d6cc Do not require root for archive creation

(taca)

doc: Updated net/bind916 to 9.16.6

(taca)

net/bind916: update to 9.16.5

Update bind916 to 9.16.5 (BIND 9.16.5).

--- 9.16.5 released ---

5458. [bug] Prevent a theoretically possible NULL dereference caused
by a data race between zone_maintenance() and
dns_zone_setview_helper(). [GL #1627]

5455. [bug] named could crash when cleaning dead nodes in
lib/dns/rbtdb.c that were being reused. [GL #1968]

5454. [bug] Address a startup crash that occurred when the server
was under load and the root zone had not yet been
loaded. [GL #1862]

5453. [bug] named crashed on shutdown when a new rndc connection was
received during shutdown. [GL #1747]

5452. [bug] The "blackhole" ACL was accidentally disabled for client
queries. [GL #1936]

5451. [func] Add 'rndc dnssec -status' command. [GL #1612]

5449. [bug] Fix a socket shutdown race in netmgr udp. [GL #1938]

5448. [bug] Fix a race condition in isc__nm_tcpdns_send().
[GL #1937]

5447. [bug] IPv6 addresses ending in "::" could break YAML
parsing. A "0" is now appended to such addresses
in YAML output from dig, mdig, delv, and dnstap-read.
[GL #1952]

5446. [bug] The validator could fail to accept a properly signed
RRset if an unsupported algorithm appeared earlier in
the DNSKEY RRset than a supported algorithm. It could
also stop if it detected a malformed public key.
[GL #1689]

5444. [bug] 'rndc dnstap -roll <value>' did not limit the number of
saved files to <value>. [GL !3728]

5443. [bug] The "primary" and "secondary" keywords, when used
as parameters for "check-names", were not
processed correctly and were being ignored. [GL #1949]

5441. [bug] ${LMDB_CFLAGS} was missing from make/includes.in.
[GL #1955]

5440. [test] Properly handle missing kyua. [GL #1950]

5439. [bug] The DS RRset returned by dns_keynode_dsset() was used in
a non-thread-safe manner. [GL #1926]

(taca)

doc: Updated www/squid4 to 4.13

(taca)

www/squid4: update to 4.13

Update squid4 to 4.13 (Squid 4.13).

Here is release announce:

The Squid HTTP Proxy team is very pleased to announce the availability
of the Squid-4.13 release!

This release is a security release resolving several issues found in
the prior Squid releases.

The major changes to be aware of:

* SQUID-2020:8 HTTP(S) Request Splitting
  (CVE-2020-15811)

This problem is serious because it allows any client, including
browser scripts, to bypass local security and poison the browser
cache and any downstream caches with content from an arbitrary
source.

See the advisory for patches:
<https://github.com/squid-cache/squid/security/advisories/GHSA-c7p8-xqhm-49wv>

* SQUID-2020:9 Denial of Service processing Cache Digest Response
  (CVE pending allocation)

This problem allows a trusted peer to deliver to perform Denial
of Service by consuming all available CPU cycles on the machine
running Squid when handling a crafted Cache Digest response
message.

This attack is limited to Squid using cache_peer with cache
digests feature.

See the advisory for patches:
<https://github.com/squid-cache/squid/security/advisories/GHSA-vvj7-xjgq-g2jg>

* SQUID-2020:10 HTTP(S) Request Smuggling
  (CVE-2020-15810)

This problem is serious because it allows any client, including
browser scripts, to bypass local security and poison the proxy
cache and any downstream caches with content from an arbitrary
source.

See the advisory for patches:
<https://github.com/squid-cache/squid/security/advisories/GHSA-3365-q9qx-f98m>

* Bug 5051: Some collapsed revalidation responses never expire

This bug appears as a 4xx or 5xx status response becoming the only
response delivered by Squid to a URL when Collapsed Forwarding
feature is used.

It primarily affects Squid which are caching the 4xx/5xx status
object since Bug 5030 fix in Squid-4.11. But may have been
occurring for short times on any proxy with Collapsed Forwarding.

* SSL-Bump: Support parsing GREASEd (and future) TLS handshakes

Chrome Browser intentionally sends random garbage values in the
TLS handshake to force TLS implementations to cope with future TLS
extensions cleanly. The changes in Squid-4.12 to disable TLS/1.3
caused our parser to be extra strict and reject this TLS garbage.

This release adds explicit support for Chrome, or any other TLS
agent performing these "GREASE" behaviours.

* Honor on_unsupported_protocol for intercepted https_port

This behaviour was one of the intended use-cases for unsupported
protocol handling, but somehow was not enabled earlier.

Squid should now be able to perform the on_unsupported_protocol
selected action for any traffic handled by SSL-Bump.

  All users of Squid are urged to upgrade as soon as possible.

See the ChangeLog for the full list of changes in this and earlier
releases.

Please refer to the release notes at
http://www.squid-cache.org/Versions/v4/RELEASENOTES.html
when you are ready to make the switch to Squid-4

(taca)

doc: Updated net/bind911 to 9.11.22

(taca)

net/bind911: update to 9.11.22

Update bind911 to 9.11.22 (BIND 9.11.22).

--- 9.11.22 released ---

5481. [security] "update-policy" rules of type "subdomain" were
incorrectly treated as "zonesub" rules, which allowed
keys used in "subdomain" rules to update names outside
of the specified subdomains. The problem was fixed by
making sure "subdomain" rules are again processed as
described in the ARM. (CVE-2020-8624) [GL #2055]

5480. [security] When BIND 9 was compiled with native PKCS#11 support, it
was possible to trigger an assertion failure in code
determining the number of bits in the PKCS#11 RSA public
key with a specially crafted packet. (CVE-2020-8623)
[GL #2037]

5476. [security] It was possible to trigger an assertion failure when
verifying the response to a TSIG-signed request.
(CVE-2020-8622) [GL #2028]

5475. [bug] Wildcard RPZ passthru rules could incorrectly be
overridden by other rules that were loaded from RPZ
zones which appeared later in the "response-policy"
statement. This has been fixed. [GL #1619]

5474. [bug] dns_rdata_hip_next() failed to return ISC_R_NOMORE
when it should have. [GL !3880]

5465. [func] Added fallback to built-in trust-anchors, managed-keys,
or trusted-keys if the bindkeys-file (bind.keys) cannot
be parsed. [GL #1235]

5463. [bug] Address a potential NULL pointer dereference when out of
memory in dnstap.c. [GL #2010]

5462. [bug] Move LMDB locking from LMDB itself to named. [GL #1976]

(taca)

doc: Updated net/pear-Net_SMTP to 1.9.2

(taca)

net/pear-Net_SMTP: update to 1.9.2

Update pear-Net_SMTP to 1.9.2

1.9.2 (2020-08-12 21:27 UTC)

Changelog:

* Repackage documentation

(taca)

doc/TODO: two updates

- bind-9.16.3
+ sudo-1.9.2

(taca)

doc: Updated mail/dovecot2-pigeonhole to 0.5.11nb1

(taca)

mail/dovecot2-pigeonhole: distfile changes

Distfile changes.

1. Official annoucne says "The only change here is that the configure.ac
  file has correctly formatted version number."

2. Name of distfile is changed to match previous file naming scheme.
  Old distfile is still available.

3. automake 1.15.1 is used instead of previous 1.15.  So, generated files
  by it are changed.

4. Other files are not changed, so there is no functional change.

Bump PKGREVISION.

(taca)

doc: Updated mail/dovecot2-pigeonhole to 0.5.11

(taca)

mail/dovecot2-pigeonhole: update to 0.5.11

Update dovecot2-pigeonhole to 0.5.11.

v0.5.11 2020-08-12  Aki Tuomi <aki.tuomi@open-xchange.com>

* managesieve: managesieve_max_line_length setting is now a "size" type
  instead of just number of bytes. This allows using e.g. "64k" as the
  value.
- lib-sieve: When folding white space is used in the Message-ID header,
  it is not stripped away correctly before the message ID value is used,
  causing e.g. garbled log lines at delivery.

(taca)

doc: Update mail/dovecot2 and related packages to 2.3.11.3

mail/dovecot2
mail/dovecot2-gssapi
mail/dovecot2-ldap
mail/dovecot2-mysql
mail/dovecot2-pgsql
mail/dovecot2-sqlite

(taca)

mail/dovocot2: update to 2.3.11.3

Update dovecot2 and related packages to 2.3.11.3.

v2.3.11.3 2020-07-29 Aki Tuomi <aki.tuomi@open-xchange.com>

- pop3-login: Login didn't handle commands in multiple IP packets properly.
  This mainly affected large XCLIENT commands or a large SASL initial
  response parameter in the AUTH command.
- pop3: pop3_deleted_flag setting was broken, causing:
  Panic: file seq-range-array.c: line 472 (seq_range_array_invert):
  assertion failed: (range[count-1].seq2 <= max_seq)

v2.3.11.2 2020-07-13 Aki Tuomi <aki.tuomi@open-xchange.com>

- auth: Lua passdb/userdb leaks stack elements per call, eventually
  causing the stack to become too deep and crashing the auth or
  auth-worker process.
- lib-mail: v2.3.11 regression: MIME parts not returned correctly by
  Dovecot MIME parser.
- pop3-login: Login would fail with "Input buffer full" if the initial
  response for SASL was too long.

v2.3.11 2020-06-17  Aki Tuomi <aki.tuomi@open-xchange.com>

* CVE-2020-12100: Parsing mails with a large number of MIME parts could
  have resulted in excessive CPU usage or a crash due to running out of
  stack memory.
* CVE-2020-12673: Dovecot's NTLM implementation does not correctly check
  message buffer size, which leads to reading past allocation which can
  lead to crash.
* CVE-2020-12674: Dovecot's RPA mechanism implementation accepts
  zero-length message, which leads to assert-crash later on.
* Events: Fix inconsistency in events. See event documentation in
  https://doc.dovecot.org.
* imap_command_finished event's cmd_name field now contains "unknown"
  for unknown commands. A new "cmd_input_name" field contains the
  command name exactly as it was sent.
* lib-index: Renamed mail_cache_compress_* settings to mail_cache_purge_*.
  Note that these settings are mainly intended for testing and usually
  shouldn't be changed.
* events: Renamed "index" event category to "mail-index".
* events: service:<name> category is now using the name from
  configuration file.
* dns-client: service dns_client was renamed to dns-client.
* log: Prefixes generally use the service name from configuration file.
  For example dict-async service will now use
  "dict-async(pid): " log prefix instead of "dict(pid): "
* *-login: Changed logging done by proxying to use a consistent prefix
  containing the IP address and port.
* *-login: Changed disconnection log messages to be slightly clearer.
+ dict: Add events for dictionaries.
+ lib-index: Finish logging with events.
+ oauth2: Support local validation of JWT tokens.
+ stats: Add support for dynamic histograms and grouping. See
  https://doc.dovecot.org/configuration_manual/stats/.
+ imap: Implement RFC 8514: IMAP SAVEDATE
+ lib-index: If a long-running transaction (e.g. SORT/FETCH on a huge
  folder) adds a lot of data to dovecot.index.cache file, commit those
  changes periodically to make them visible to other concurrent sessions
  as well.
+ stats: Add OpenMetrics exporter for statistics. See
  https://doc.dovecot.org/configuration_manual/stats/openmetrics/.
+ stats: Support disabling stats-writer socket by setting
  stats_writer_socket_path="".
- auth-worker: Process keeps slowly increasing its memory usage and
  eventually dies with "out of memory" due to reaching vsz_limit.
- auth: Prevent potential timing attacks in authentication secret
  comparisons: OAUTH2 JWT-token HMAC, imap-urlauth token, crypt() result.
- auth: Several auth-mechanisms allowed input to be truncated by NUL
  which can potentially lead to unintentional issues or even successful
  logins which should have failed.
- auth: When auth policy returned a delay, auth_request_finished event
  had policy_result=ok field instead of policy_result=delayed.
- auth: auth process crash when auth_policy_server_url is set to an
  invalid URL.
- dict-ldap: Crash occurs if var_expand template expansion fails.
- dict: If dict client disconnected while iteration was still running,
  dict process could have started using 100% CPU, although it was still
  handling clients.
- doveadm: Running doveadm commands via proxying may hang, especially
  when doveadm is printing a lot of output.
- imap: "MOVE * destfolder" goes to a loop copying the last mail to the
  destination until the imap process dies due to running out of memory.
- imap: Running "UID MOVE 1:* Trash" on an empty folder goes to infinite
  loop.
- imap: SEARCH doesn't support $.
- lib-compress: Buffer over-read in zlib stream read.
- lib-dns: If DNS lookup times out, lib-dns can cause crash in calling
  process.
- lib-index: Fixed several bugs in dovecot.index.cache handling that
  could have caused cached data to be lost.
- lib-index: Writing to >=1 GB dovecot.index.cache files may cause
  assert-crashes:
  Panic: file mail-index-util.c: line 37 (mail_index_uint32_to_offset):
  assertion failed: (offset < 0x40000000)
- lib-ssl-iostream: Fix buggy OpenSSL error handling without
  assert-crashing. If there is no error available, log it as an error
 instead of crashing:
  Panic: file iostream-openssl.c: line 599 (openssl_iostream_handle_error):
  assertion failed: (errno != 0)
- lib-ssl-iostream: ssl_key_password setting did not work.
- submission: A segfault crash may occur when the client or server
  disconnects while a non-transaction command like NOOP or VRFY is still
  being processed.
- virtual: Copying/moving mails with IMAP into a virtual folder assert-crashes:
  Panic: file cmd-copy.c: line 152 (fetch_and_copy): assertion failed:
  (copy_ctx->copy_count == seq_range_count(&copy_ctx->saved_uids))

(taca)

doc: note update of mail/roundcube t 1.4.8

Update roundcube packages to 1.4.8.

mail/roundcube
mail/roundcube-plugin-enigma
mail/roundcube-plugin-password
mail/roundcube-plugin-zipdownload

(taca)

mail/roundcube: update to 1.4.8

Update roundcube to 1.4.8, security release.

RELEASE 1.4.8
-------------
- Security: Fix potential XSS issue in HTML editor of the identity signature input (#7507)
- Managesieve: Fix too-small input field in Elastic when using custom headers (#7498)
- Fix support for an error as a string in message_before_send hook (#7475)
- Elastic: Fix redundant scrollbar in plain text editor on mail reply (#7500)
- Elastic: Fix deleted and replied+forwarded icons on messages list (#7503)
- Managesieve: Allow angle brackets in out-of-office message body (#7518)
- Fix bug in conversion of email addresses to mailto links in plain text messages (#7526)
- Fix format=flowed formatting on plain text part derived from the HTML content (#7504)
- Fix incorrect rewriting of internal links in HTML content (#7512)
- Fix handling links without defined protocol (#7454)
- Fix paging of search results on IMAP servers with no SORT capability (#7462)
- Fix detecting special folders on servers with both SPECIAL-USE and LIST-STATUS (#7525)
- Security: Fix cross-site scripting (XSS) via HTML messages with malicious svg content [CVE-2020-16145]
- Security: Fix cross-site scripting (XSS) via HTML messages with malicious math content

(taca)

net/bind916: fix PLIST

Fix PLIST when lmdb option is not enabled (case of default).

Noted by Marc Baudoin via private e-mail.

(taca)

doc: Updated devel/ruby-gettext to 3.3.6

(taca)

devel/ruby-gettext: update to 3.3.6

Update ruby-gettext to 3.3.6.

## 3.3.6: 2020-08-04 {#version-3-3-6}

### Improvements

  * erb: Added support for `-%>`.
    [GitHub#77][Reported by lremes]

  * Removed ChangeLog.
    [GitHub#76][Reported by Will Stephenson]

  * Don't assume `RbConfig::CONFIG["datadir"]` is available. For
    example, TruffleRuby doesn't provide it.

### Thanks

  * lremes

  * Will Stephenson

(taca)

doc: Added net/bind916 version 9.16.5

(taca)

net/Makefile: add and enable bind916

(taca)

net/bind916: add version 9.16.5 package

Add bind916 version 9.16.5 package (BIND 9.16.5).

BIND, the Berkeley Internet Name Daemon.  This package contains the BIND
9.16 release.

  * New dnssec-policy statement to configure a key and signing policy for
    zones, enabling automatic key regeneration and rollover.
  * New network manager based on libuv.
  * Added support for the new GeoIP2 geolocation API, libmaxminddb.
  * Improved DNSSEC trust anchor configuration using the trust-anchors
    statement, permitting configuration of trust anchors in DS as well as
    DNSKEY format.
  * YAML output for dig, mdig, and delv.

(taca)

doc: Updated devel/ruby-bindata to 2.4.8

(taca)