pysolfc: force use of python 3.7

workaround until PR pkg/56069 can be fixed properly

(nia)

xmlcatmgr: drop MESSAGE

the pkgsrc guide now comments that MESSAGE should not be used for:

"anything that should be explained in the
installation/configuration documentation that should
come with the package"

xmlcatmgr is commonly installed as a dependency and the MESSAGE file
simply explains what is essentially unix/pkgsrc conventions (share/
is where the static data is, etc/ is where the user-specified data
is), so this is mostly line noise.

(nia)

ltfs-ltotape: fix autoconf fallout

(nia)

jrep: force openjdk8 until someone can fix this with 11

(nia)

fcitx5-chinese-addons: needs pkg-config

(nia)

(inputmethod/fcitx5-table-other) +.include boost-libs/buildlink3.mk

(mef)

(inputmethod/fcitx5-table-extra) +.include boost-libs/buildlink3.mk

(mef)

databases/php-redis: fix for php80

php-json is bundled in lang/php80 pacakge.

(taca)

(inputmethod/fcitx5-configtool) fix typo, thanks leot@

(mef)

(inputmethod/fcitx5-configtool) +BUILD_DEPENDS+=  extra-cmake-modueles-[0-9]*

(mef)

doc: Updated net/youtube-dl to 20210325

(leot)

youtube-dl: Update to 20210325

Changes:
version 2021.03.25

Extractors
+ [zoom] Add support for zoom.us (#16597, #27002, #28531)
* [bbc] Fix BBC IPlayer Episodes/Group extraction (#28360)
* [youtube] Fix default value for youtube_include_dash_manifest (#28523)
* [zingmp3] Fix extraction (#11589, #16409, #16968, #27205)
+ [vgtv] Add support for new tv.aftonbladet.se URL schema (#28514)
+ [tiktok] Detect private videos (#28453)
* [vimeo:album] Fix extraction for albums with number of videos multiple
  to page size (#28486)
* [vvvvid] Fix kenc format extraction (#28473)
* [mlb] Fix video extraction (#21241)
* [svtplay] Improve extraction (#28448)
* [applepodcasts] Fix extraction (#28445)
* [rtve] Improve extraction
    + Extract all formats
    * Fix RTVE Infantil extraction (#24851)
    + Extract is_live and series

(leot)

doc/TODO: add some

+ Sigil-1.5.1, dbus-glib-0.112, emacs27-27.2, git-base-2.31.0,
  gnucash-4.5, libcdr-0.1.7, libgpg-error-1.42, libvpx-1.10.0,
  libwildmidi-0.4.4, py-borgbackup-1.1.16, py-hypothesis-6.8.3,
  re2c-2.1.1, spdlog-1.8.5, ugrep-3.1.10, webkit-gtk-2.32.0.

(wiz)

doc: Updated x11/alacritty to 0.7.2

(pin)

x11/alacritty: update to 0.7.2

Packaging:
-Updated shell completions

Fixed:
-Crash due to assertion failure on 32-bit architectures
-Segmentation fault on shutdown with Wayland
-Incorrect estimated DPR with Wayland
-Consecutive clipboard stores dropped on Wayland until the application is
refocused

(pin)

doc: Updated x11/xterm to 367

(pin)

x11/xterm: update to 367

Patch #367 - 2021/03/26
-add OSC 22 to allow programs to select different pointer cursor at runtime.
-change configuration for no-return functions to use _Noreturn when it is
available, because clang --analyze does not properly handle the gcc noreturn
attribute.
-add cursorTheme resource to provide a way to enable or disable the cursor
theme feature.
-modified CopyWait event retries to use shorter sleeps, to improve
responsiveness (tmux #2556).
-improve quoting/escaping in demo-scripts per shellcheck.
-add resizeByPixel resource, to permit disabling window manager resizing-hints
(patch by Tim Oehl).
-corrected printOptsImmediate handling of alternate-screen (report by Abhijit
Dasgupta).
-update sample terminfo to more closely match ncurses.
-add/improve limit-checks for Xlib calls (report by Roman Fiedler).
-fix a typo in the help-message (report by Tomas Korbar).

(pin)

(inputmethod/libime) PKGREVISION++ for the safety

(mef)

(inputmethod/libime) convert dict.utf8-20200715 to utf8-20210203

(mef)

(devel/ocaml-fpath) +.include devel/ocaml-result/buildlink3.mk

(mef)

doc: Updated math/sc-im to 0.8.0

(sjmulder)

math/sc-im: Update to 0.8.0

Packaging changes:
- Some patches got upstreamed
- Upstream now defaults to name=sc-im so it no longer needs to be set

Changes, (reformatted) from the official changelog:

New features:
- New motions in edit mode: df cf F dF cF d0 d$ c0 c$ t T dt dT ct cT ^
  g_ d^ dg_ c^ cg_
- Simple mouse support. Can handle selection of single cells and scroll.
- Added markdown export.
- Add custom colors with RGB definitions.
- Add support for italic attribute to be appled to cells.
- Added digraphs.
- Added EXECUTE command.
- Added --export_csv --export_tab --export_txt parameters.
- New input_bar_bottom config variable.
- New underline_grid config variable.
- Added filename in status bar (filename_with_mode config variable).
- Added option to truncate cells.
- Added xlsx sheet parameter.
- New @fact function.

Other:
- modified config and history file locations
- renamed winch to sig_winch.
- current fg and bg colors are kept if they are not specified in
:cellcolor.
- OpenBSD support (mostly wordexp() workaround)
- Correct lua api function names in doc
- always generate backup file when opening file
- renamed scim to sc-im in Makefile
- Document trigger return value convention

Issues fixed:
- fix bug when deleting an ent that for instance has a @sum()... it
  used to remove its vertex and THE ENTS LINKED to THEM!
- fix error messages when using "scim --version" and color definitions
  are intented to be applied from .scimrc.
- fix in waiting for valid command to complete after pressing ESC key.
- fix in parse_str so a word with white space can be stored in
  dictionary value
- fix when setting default_paste_from_clipboard_cmd
- Don't clobber startup message w/ err opening file
- Allow for lua scripts in local .sc directory #259
- Send informational messages to stderr rather than the output when
  used in non-interactive mode  #263
- fixed cell_negative color      #271
- fixed locked cells when saving #261
- fixed DEL key in insert mode  #272
- fix when resizing column      #266
- "Autobackup - case insensitive QER options when backup exists"
- fixed segfault when fcopy'ing with no selection while on first column
- Call write triggers on value clear
- Use sc_info to report trigger exit code
- fixed #277
- Grow table up to MAXROWS exactly
- Remove redundant if clause (God only knows where that was).
- fix in getVertex that prevented rebuild_graph to work properly.
- fix annoying bug because of not resetting inputline_pos to 0 when
  confirming a command in COMMAND_MODE
- fix in let and slet. existing vertexs should not be removed.
- added "eval_visited" in vertex struct for not to collide with
  current "visited", since:
    EvalAll uses EvalBottomUp
    EvalBottomUp uses EvalJustOneVertex
    EvalJustOneVertex uses eval
    eval uses GraphAddEdge
    GraphAddEdge uses GraphIsReachable
    GraphIsReachable uses visited
    and EvalBottomUp also uses uses visited!
- Also changed markAllVerticesNotVisited and
  All_vertexs_of_edges_visited functions.
- Some other issues fixed: #228, #234, #239, #240, #244, #246, #260,
  #295, #308
- .. and many other fixes and improvements!

Pending:
  The most significative issue is regarding circular references.
  This have to be deeply analyzed and with the collaboration of the
  community
  it would be hopefully fixed by v0.9.

(sjmulder)

doc: Updated sysutils/nnn to 3.6

(sjmulder)

sysutils/nnn: Update to 3.6

Changes:
- REPL command prompt (Esc or Enter to exit)
- invert selection with A
- option -u removed (always prefer selection to hovered)
- visit start dir on @ when start path is a file
- exit filter mode and redraw on ^L if no last filter
- plugin `fzcd` now selects the chosen file (#876)
- `ueberzug` support in plugin `preview-tui`
- new plugin `preview-tui-ext` with extra preview support
- clear selection after successful plugin invocation
- add method to sync subshell `$PWD` in WIki
- clear selection on single file deletion (#812)
- copy between instances not working (#864)
- plugin `togglex` to toggle exe mode of a selection (#813)
- fix `memccpy()` buffer overlap fault on macOS (#786)
- show `0 selected` msg on cp/mv with empty selection (#855)
- fix frozen terminal caused by opener (#858)
- migrate macOS CI to GitHub workflows, retire Travis

(sjmulder)

Use gtar instead of the base tar(1) in the xemacs* top-level Makefile
because of a problem with NetBSD-current libarchive-as-tar, see bin/56080.

Note this depencency is not a burden, since xemacs-packages requires
gtar, anyway.

(hauke)

ruby-ronn: Bump PKGREVISION for previous PLIST change

(nia)

ruby-ronn: Avoid self-conflict; added ALTERNATIVES support.

(nia)

(inputmethod/libime) +BUILD_DEPENDS+= extra-cmake-modules-[0-9]* (for ECM)

(mef)

(print/py-reportlab) regen PLIST (+${PLIST.py2x} hyphen.mashed)

(mef)

(print/sile) regen PLIST (+complex-spaces.lua)

(mef)

(devel/libthrift_c_glib) regen PLIST (+thrift_configuration.h)

(mef)

(devel/go-thrift) regen PLIST

(mef)

(devel/pointfree) +.include hs-haskell-src-exts/buildlink3.mk

(mef)

(databases/sqlrelay-nodejs) +DEPENDS+= http-parser-[0-9], not packaged yet

(mef)

Updated time/p5-DateTime-Format-Strptime to 1.78

(wen)

Update to 1.78
Update DEPENDS

Upstream changes:
1.78    2020-12-15

* Fix tests for new failure caused by locale data changes in DateTime::Locale
  1.29. Reported by cthulhu8zombie. GH #28.

* Added a warning about using locale-specific patterns. Some of these patterns
  can change quite a bit as the locale data is updated, so using them for
  parsing does not produce stable results across time. This is what caused the
  test failures that this release fixes.

(wen)

Updated time/p5-DateTime-Locale to 1.31

(wen)

Update to 1.31

Upstream changes:
1.31    2020-12-22

- The docs for each locale now show examples of its strftime patterns as well.

1.30    2020-12-15

- The previous release included some locale data for locales that had been
  deleted from CLDR 38.0.0.

1.29    2020-12-14

- Rebuilt all locale data with the data from CLDR 38.0.0 and glibc 2.32.

(wen)

(databases/php-redis) +.include php-json/buildlink3.mk

(mef)

Updated time/p5-DateTime-Format-Pg to 0.16014

(wen)

Update to 0.16014

Upstream changes:
0.16014 2021-03-15T13:37:16Z
    - Fix handling for fractional seconds (#17)
    - Accept concatenated dates (#18)

(wen)

Updated time/p5-DateTime-Format-Natural to 1.12

(wen)

Update to 1.12

Upstream changes:
1.12  2021-03-19  <schubiger@cpan.org>

- Merged development version to stable.

1.11_03  2021-03-13  <schubiger@cpan.org>

- Refactor extracting duration.

- Don't try to trim the extract string twice.

- Amend documentation of ::Utils.

1.11_02  2020-10-16  <schubiger@cpan.org>

- Introduce utility function trim().

1.11_01  2020-10-03  <schubiger@cpan.org>

- Assert that error() returns '' on success.

(wen)

(geography/viking) +BUILD_DEPENDS+= itstool-[0-9]*, (DEPENDS+= ?)

(mef)

Updated time/p5-DateTime-Calendar-Julian to 0.104

(wen)

Update to 0.104

Upstream changes:
0.104          2021-03-15      T. R. Wyant
    Add rt.cpan.org back to bug reporting methods. Long live RT!

    Correct GitHub ticket link.

    Get prerequisites up to snuff and add xt/author/prereq.t to ensure
    they stay that way.

(wen)

Updated textproc/p5-PDF-Table to 1.002

(wen)

Update to 1.002

Upstream changes:
=== Version 1.002 (2020-12-27)

README.md, lib/PDF/Table.pm, Makefile.PL
  Miscellaneous updates to clean up support URLs, emails, etc.

util/pod2cpanhtml.pl
  Remove use of search.cpan.org CSS reference, as that site no longer exists.
  Looking for a good replacement, possibly Bootstrap, that doesn't require
  that a phone be turned to landscape orientation in order to read text at
  a decent size.

lib/PDF/Table.pm
  Cells spanning columns only had the first part (cell) of the bottom
  horizontal rule drawn. Reported by "stefanalt". Fixed to draw full spanned
  width.

t/PDF-Table.t
  One calculated value was considerably different between standard Perl (uses
  doubles for floats), long-double Perl, and quad-math Perl. Round the
  calculated value to 6 decimal digits so that it works on any system.

(wen)

Updated textproc/p5-PDF-API2 to 2.039

(wen)

Update to 2.039

Upstream changes:
2.039    2021-03-04

    - PDF::API2->open($filename) no longer reads the entire file into memory
      before working on it, instead reading from the file as needed.  This
      results in a substantial reduction in memory usage and start-up time for
      large PDF files, particularly in cases where the calling script doesn't
      need to access all of the contents of the PDF.

    - PDF files containing cross-reference streams can now be modified and saved
      normally.  Previously, they were read-only.

    - $text->paragraph(...) and $text->paragraphs(...) (formerly "section") are
      no longer undocumented and experimental.  If you were previously using
      them at your own risk, note that "-spillover" is no longer an option (text
      will always wrap inside the specified width if possible).  In addition,
      paragraphs(...) no longer collapses consecutive newlines.

    - [RT #98546] There is now an -align-last option for justified text to
      specify how the final line should be justified.  Left is still the
      default.

    - Code in the PDF::API2::Basic::PDF namespace was originally licensed under
      the Perl Artistic License, which has been determined to not be
      (L)GPL-compatible.  Martin Hosken has graciously granted an MIT license
      for use of his code contained in PDF::API2, so the distribution may now be
      used solely under the terms of the LGPL rather than requiring both
      licenses simultaneously.  Many thanks to Petr Pisar for his help in
      working through the licensing issues.

    - Renamed $text->lead(...) to $text->leading(...).  The old name is
      deprecated but will continue to work.  If you're modifying PDF::API2
      objects by editing their hash values instead of using these accessors,
      you'll need to update your code.

    - Added a -compress option (on by default) to PDF::API2->new(), open(), and
      open_scalar().  If disabled, most streams won't be compressed, which can
      simplify debugging.

(wen)

(www/nsm) regen distinfo

(mef)

(emulators/PC6001VX) update MASTER_SITES

(mef)

(security/volatility) regen distinfo, correct ?

(mef)

textproc/bk: add update warning

Newer versions require rust-1.51, I will update the package
when rust-1.51 is default.

(pin)

doc: Updated print/foliate to 2.6.2

(fox)

print/foliate: Updates to 2.6.2

Changes since 2.5.0:

2.6.2

Changes:

  * Fix UI when running with libhandy 1.x

2.6.1

Changes:

  * Fixed automatic layout

2.6.0

Changes:

  * Added support for opening HTML files (#641)
  * Consistent inner and outer margins (#255)
  * The automatic layout no longer supports 4 columns (58d5e50)
  * Fixed long words overflowing (#654)
  * Fixed custom themes not saved across sessions (#660)
  * Fixed shortcuts for key pads (#677)
  * Fixed opening non-UTF-8 zipped FB2 files (#629)
  * Fixed books not opening on GNOME 40 (#689)

(fox)

doc: Updated math/py-numpy to 1.19.5nb2

(thor)

math/py-numpy: hotfix for building py-scipy

The downstream configure code freaked out when info['define_macros'] was not set.
It is now defined and empty.

I hope it's fine to just push this without further notice.

Build was confirmed by oster on NetBSD-9.1/amd64 and tested by me
on Linux/amd64.

(thor)

guide: Note that "make regen" will commit the new versions

It seemed obvious to me that regen would create the files, so they
could be reviewed, and that one would then commit them manually.  Warn
the next person...

(gdt)

guide: Modernize MESSAGE section

Based on tech-pkg traffic over the last few years that appears to have
rough consensus, adjust MESSAGE section to explain that it should only
be used for exceptional circumstances, and specifically not to
substitute for documentation that belongs in the package's docdir.

(gdt)

doc/pkgsrc.*: regen

(gdt)

doc: LLVM 11.1.0 is available

(ryoon)

doc/TODO: + expat-2.3.0.

(wiz)

doc: Updated emulators/cannonball to 0.32

(fox)

emulators/cannonball: Updates to 0.32

Changes since 0.31:

Controller Improvements & Rumble Support

This release focuses on Controller Support & Improvements.

Please replace your old config.xml file when upgrading to this release.

  * [Controllers] Basic rumble support can now be enabled from the CONTROLS
    menu. The strength can be adjusted. The code that controls the rumble is
    identical to that of the upright arcade machine motor shaker. The option
    will only show in the menu if your controller is supported.
  * [Controllers] Auto-detection and assignment of controller buttons and axis
    should be much improved. I will update the manual to call out the default
    controls in due course. (Right trigger = accelerate, Left trigger = brake,
    Start = Start, Back = Menu, A = Gear Change, X = Change View, Y = Coin).
    These can be redefined as desired.
  * [Controllers] D-Pad can be used in menus.
  * [Menus] Gamepad/Joystick settings has its own menu.
  * [Menus] Ensure that 'A' button on controllers can be used to select items.
    Analog accelerate is now only used when run via original arcade cabs as
    it's not optimal.
  * [Rom Loader] Sped up CRC32 based loading by using a Hashmap. It was
    reportedly slow when used over a network.
  * [Rom Loader] It is possible to switch back to the old filename loading
    system via a setting in config.xml
  * [Config] It is now possible to change and configure the location of the
    'res' directory.

(fox)

doc: Updated net/yaydl to 0.4.0

(pin)

net/yaydl: update to 0.4.0

-Add a couple of sites, update dependencies

(pin)

doc: Updated textproc/ispell-en_GB to 3.4.02nb1

(gutteridge)

ispell-en_GB: generate usable dictionary files

Addresses PR pkg/55972, report and patch provided by Greg A. Woods,
additional adjustments by me. (Several people have noted that there
really should be a Makefile.common used here, but I'm not going to
touch more than this leaf package right now, since we're in a freeze.)

(gutteridge)

doc: Updated comms/asterisk16 to 16.17.0

(gdt)

comms/asterisk16: Update to 16.17.0

This is a micro update that is mostly security fixes and bug fixes
with very small improvements.  In addition to this being a security
fix, asterisk16 is a leaf package.

Upstream changes:

Security bugs fixed in this release:
-----------------------------------
* ASTERISK-29305 - ASTERISK-29203 / AST-2021-002 -- Another
      scenario is causing a crash
      (Reported by Gregory Massel)
* ASTERISK-29260 - sRTP Replay Protection ignored; even tears
      down long calls
      (Reported by Alexander Traud)
* ASTERISK-29227 - res_pjsip_diversion: sending multiple 181
      responses causes memory corruption and crash
      (Reported by
      Ivan Poddubny)

Bugs fixed in this release:
-----------------------------------
* ASTERISK-29215 - res_pjsip_session: NULL active_media_state
      topology caused asterisk crash
      (Reported by sungtae kim)
* ASTERISK-29035 - chan_local: Multistream support breaks T.38
      faxing
      (Reported by Matthias Hensler)
* ASTERISK-29071 - app_confbridge: Memory rises when
      jitterbuffer enabled and muting over AMI occurs
      (Reported
      by Stefan Ruf)
* ASTERISK-29329 - app_dial: DTMF to 'D' option gets duplicated
      if there are multiple progress events
      (Reported by N A)
* ASTERISK-24434 - Fix differing usage of assignment operators
      in modules.conf
      (Reported by Rusty Newton)
* ASTERISK-29306 - strings: Incorrect use of
      __attribute__((pure)) in ast_str_to_lower definition

      (Reported by Vitezslav Novy)
* ASTERISK-29300 - res_rtp_asterisk: When native local bridging
      the remote SSRC becomes permanent
      (Reported by Sebastian
      Damm)
* ASTERISK-29235 - res_pjsip_nat: Contact is rewritten on
      REGISTER responses with external_signaling_address

      (Reported by Brian Paboojian)
* ASTERISK-29266 - ICE Role conflict with an unauthorized
      session
      (Reported by Salah Ahmed)
* ASTERISK-29105 - chan_pjsip: 180 Ringing with SDP not changed
      into progress
      (Reported by Sebastian Damm)
* ASTERISK-29297 - say: Y2021 problem – Asterisk cannot say
      year 2021 in Dutch
      (Reported by Jacek Konieczny)
* ASTERISK-29315 - res_pjsip: re-registration gets stuck if
      setting initial auth credentials fails
      (Reported by Nick
      French)
* ASTERISK-29312 - res_fax: asterisk fails to publish the
      Stasis and ReceiveFax status messages if the remote Station ID
      contains invalid UTF-8 characters
      (Reported by Alexei
      Gradinari)
* ASTERISK-16799 - Callee declined when 'beep' audio file does
      not exist
      (Reported by IAMJames_)
* ASTERISK-29313 - res_pjsip_refer:  Segfault in progress
      notify
      (Reported by George Joseph)
* ASTERISK-29293 - res_config_pgsql: Limit realtime_pgsql() to
      return one (no more) record
      (Reported by Boris P. Korzun)
* ASTERISK-29303 - pjsip: Re-invite occurs when it shouldn't

      (Reported by Benjamin Keith Ford)
* ASTERISK-29311 - res_odbc_transaction sets forcecommit
      default value based on isolation level instead of forcecommit

      (Reported by Jaco Kroon)
* ASTERISK-28452 - pjsip: <sess-version> of SDP is not
      incremented though SDP may be changed on reinvite without SDP
      offer
      (Reported by Michael Maier)
* ASTERISK-29287 - app.h: C++ compatibility broken

      (Reported by Jean Aunis - Prescom)
* ASTERISK-28369 - app_queue: Member device state "invalid"
      when second call is ringing and hint is used
      (Reported by
      Boolah )
* ASTERISK-29203 - res_pjsip_t38: Crash when changing state

      (Reported by Gregory Massel)
* ASTERISK-29205 - res_rtp_asterisk: Asterisk crashes when
      making hold/unhold from webrtc client
      (Reported by Edvin
      Vidmar)
* ASTERISK-29196 - res_pjsip: Segmentation fault

      (Reported by Mauri de Souza Meneguzzo (3CPlus))
* ASTERISK-29280 - chan_sip: Allow peers without audio
      (text+video).
      (Reported by Alexander Traud)
* ASTERISK-29265 - chan_sip: Allow text+video media streams,
      again.
      (Reported by Alexander Traud)
* ASTERISK-29261 - res_pjsip: user=phone validation fail for
      isup numbers containing *#
      (Reported by Mark Petersen)
* ASTERISK-29259 - channel: Allow text+video media streams,
      again.
      (Reported by Alexander Traud)
* ASTERISK-29258 - chan_sip: Audio stream rejected, Other
      stream present: Invalid SDP.
      (Reported by Alexander Traud)
* ASTERISK-29220 - After T38 reinvite response of 488 a
      subsequent G711 reinvite is not processed correctly. Instead the
      previous T38 session media is used
      (Reported by Robert
      Cripps)
* ASTERISK-29248 - res_pjsip_session: res sometimes
      uninitialized reported by compiler Clang.
      (Reported by
      Alexander Traud)

Improvements made in this release:
-----------------------------------
* ASTERISK-29321 - sorcery: Add support for more intelligent
      reloading.
      (Reported by Joshua C. Colp)
* ASTERISK-29325 - res_pjsip_registrar: Include source IP
      address and port in log messages
      (Reported by Joshua C.
      Colp)
* ASTERISK-29326 - asterisk: Update copyright/company

      (Reported by Joshua C. Colp)
* ASTERISK-29244 - Add MixMonitorStart / Stop / Mute AMI
      events
      (Reported by Sébastien Duthil)
* ASTERISK-29275 - Support of MIME-type for wav16

      (Reported by Boris P. Korzun)
* ASTERISK-29252 - TRANSFERSTATUSPROTOCOL variable to report
      Transfer (REFER) failure SIP code
      (Reported by Dan Cropp)
* ASTERISK-29262 - Support of various URL-schemes by MoH

      (Reported by Boris P. Korzun)

(gdt)

doc: Updated audio/mpg123 to 1.26.5

(thor)

mpg123: update to 1.26.5 and use default optimization

This approaches a serious performance issue with 1.26.x when
resampling is used on certain platforms (observed on SPARC).
Floating point denormals crop up. This change approaches that
two-fold

1. Do not disable default optimization flags for GCC.
2. Update to 1.26.5 that contains code to avoid denormals.

The default flags are about code optimization (like -ffast-math),
not the target architecture, so should not affect portability.
They are also rather safe and tested as development of mpg123
always has them in place. This is how it is meant to be played;-)

Approved during freeze by wiz.

(thor)

doc: Updated math/openblas to 0.3.10

(thor)

openblas: update to 0.3.10, fixing build with gcc 10

Fix openblas build issues, mainly by updating to 0.3.10.

This pulls in these commits from WIP (newest first):

commit 3c6284cba90280bc367cf4d1d8252ae4d6e92e76
Author: Jason Bacon <bacon@NetBSD.org>
Date:  Thu Feb 25 11:56:13 2021 -0600

    openblas: Update ONLY_FOR_PLATFORMS documentation

commit 8071bf28f3ffc95af046ff3eaaac6983f4f70035
Author: Jason Bacon <bacon@NetBSD.org>
Date:  Thu Feb 25 11:51:32 2021 -0600

    openblas*: Successful build on NetBSD

commit 056e3d5c972a4b286e8755dbee323a9951855165
Author: Dr. Thomas Orgis <thomas.orgis@uni-hamburg.de>
Date:  Wed Feb 24 18:40:17 2021 +0100

    openblas: flags from environment again to un-break PICy build

    The bug that prompted us to force the compiler flags in the
    make arguments is fixed. Now we got a different one: The logic
    that decides to add -fPIC where needed is overridden when doing
    this, resulting in relocation errors (strangely, not with every
    toolchain).

    So let's remove that again and take FFLAGS and friends from the
    environment again.

commit 86af17db8526e629c2c02c6af1f1ce7db6f6ba6d
Author: Dr. Thomas Orgis <thomas.orgis@uni-hamburg.de>
Date:  Thu Nov 12 12:44:39 2020 +0100

    openblas: version 0.3.10

    This updated fixes the build with gcc 10 (segfault in cblat1 test).

    I did not go all the way to the current 0.3.12, as that would
    need some hacking of chosen compiler flags. 0.3.13 should be
    the next one.

    This commit also fixes the ARCH → ARCH_ sed to change all
    occurences on a line.

This fulfills pkg/55999 and was approved by wiz during freeze.

(thor)

doc: Updated math/py-numpy to 1.19.5nb1

(thor)

math/py-numpy: Actually use BLAS_LIBS and LAPACK_LIBS.

The previous state included our BLAS choice but the build
did not honour the selected libs. This patches the config
script to not search for LAPACK and BLAS, using our settings
instead. Hopefull we can get that option upstreamed.

Approved during freeze by wiz.

(thor)

doc: Updated pkgtools/pkglint to 21.1.0

(rillig)

pkgtools/pkglint: bump version to 21.1.0

Just to match the upcoming pkgsrc branch 2021Q1.  No functional change.

(rillig)

math/py-numpy: Actually use BLAS_LIBS and LAPACK_LIBS.

The previous state included our BLAS choice but the build
did not honour the selected libs. This patches the config
script to not search for LAPACK and BLAS, using our settings
instead. Hopefull we can get that option upstreamed.

Approved during freeze by wiz.

(thor)

sysutils/macchina: fix broken builds

(pin)

doc: Updated security/openssl to 1.1.1k

(jperkin)

openssl: Update to 1.1.1k.

Approved by @wiz during freeze.

Changes between 1.1.1j and 1.1.1k [25 Mar 2021]

*) Fixed a problem with verifying a certificate chain when using the
    X509_V_FLAG_X509_STRICT flag. This flag enables additional security checks
    of the certificates present in a certificate chain. It is not set by
    default.

    Starting from OpenSSL version 1.1.1h a check to disallow certificates in
    the chain that have explicitly encoded elliptic curve parameters was added
    as an additional strict check.

    An error in the implementation of this check meant that the result of a
    previous check to confirm that certificates in the chain are valid CA
    certificates was overwritten. This effectively bypasses the check
    that non-CA certificates must not be able to issue other certificates.

    If a "purpose" has been configured then there is a subsequent opportunity
    for checks that the certificate is a valid CA.  All of the named "purpose"
    values implemented in libcrypto perform this check.  Therefore, where
    a purpose is set the certificate chain will still be rejected even when the
    strict flag has been used. A purpose is set by default in libssl client and
    server certificate verification routines, but it can be overridden or
    removed by an application.

    In order to be affected, an application must explicitly set the
    X509_V_FLAG_X509_STRICT verification flag and either not set a purpose
    for the certificate verification or, in the case of TLS client or server
    applications, override the default purpose.
    (CVE-2021-3450)
    [Tom叩邸 Mr叩z]

*) Fixed an issue where an OpenSSL TLS server may crash if sent a maliciously
    crafted renegotiation ClientHello message from a client. If a TLSv1.2
    renegotiation ClientHello omits the signature_algorithms extension (where
    it was present in the initial ClientHello), but includes a
    signature_algorithms_cert extension then a NULL pointer dereference will
    result, leading to a crash and a denial of service attack.

    A server is only vulnerable if it has TLSv1.2 and renegotiation enabled
    (which is the default configuration). OpenSSL TLS clients are not impacted
    by this issue.
    (CVE-2021-3449)
    [Peter K辰stle and Samuel Sapalski]

(jperkin)

doc: Updated mail/thunderbird-l10n to 78.9.0

(ryoon)

thunderbird-l10n: Update to 78.9.0

* Sync with mail/thunderbird-78.9.0.

(ryoon)

doc: Updated mail/thunderbird to 78.9.0

(ryoon)

thunderbird: Update to 78.9.0

Changelog:
Fixes
New mail notification displayed old messages that were unread

Spaces following soft line breaks in messages using quoted-printable and format
=flowed were incorrectly encoded; existing messages which were previously
incorrectly encoded may now display with some words not separated by a space

Some fields were unreadable in the Dark theme in the General preferences panel

Sending a message containing an anchor tag with an invalid data URI failed

When switching tabs, input focus was not moved to the new tab

Address Book: Syncing a read-only Google address book via CardDAV failed

Address Book: Importing VCards with non-ascii characters would fail

Address Book: Some values may not have been parsed when syncing from Google
address books.

Add-ons Manager did not show if an addon used experiment APIs

Calendar: Removing a recurring task was not possible

Various security fixes

Security fixes:
#CVE-2021-23981: Texture upload into an unbound backing buffer resulted in an
out-of-bound read
#MOZ-2021-0002: Angle graphics library out of date
#CVE-2021-23982: Internal network hosts could have been probed by a malicious
webpage
#CVE-2021-23984: Malicious extensions could have spoofed popup information

(ryoon)

Fix autoconf fallout.

(nia)

doc: Updated devel/wabt to 1.0.23

(fcambus)

wabt: update to 1.0.23.

ChangeLog:

- Add _free to exports for building libwabtjs

(fcambus)

doc: Updated math/lapack to 3.9.0nb2

(thor)

math/lapack: remove bad/broken BLAS_LIBS usage, always use netlib BLAS here

(thor)

Allow mkcmake-based packages to override do-configure target

(cheusov)

doc: Updated multimedia/ffmpeg4 to 4.3.2nb1

(maya)

ffmpeg4: bump PKGREVISION for removal of hacks.mk.

(maya)

ffmpeg4: remove hacks.mk for powerpc, not all machines can
run -mvsx code, and it is apparently no longer needed.

(maya)

doc: Updated www/firefox78-l10n to 78.9.0

(ryoon)

firefox78-l10n: Update to 78.9.0

* Sync with www/firefox78-78.9.0.

(ryoon)

doc: Updated www/firefox78 to 78.9.0

(ryoon)

firefox78: Update to 78.9.0

Changelog:
Security fixes:
#CVE-2021-23981: Texture upload into an unbound backing buffer resulted in an
out-of-bound read
#CVE-2021-23982: Internal network hosts could have been probed by a malicious
webpage
#CVE-2021-23984: Malicious extensions could have spoofed popup information
#CVE-2021-23987: Memory safety bugs fixed in Firefox 87 and Firefox ESR 78.9

(ryoon)

biology/Makefile: Add vcf2hap

(bacon)

doc: Added biology/vcf2hap version 0.1.2

(bacon)

biology/vcf2hap: import vcf2hap-0.1.2

vcf2hap is a simple tool for generating a .hap file from a VCF. The .hap file
is required by haplohseq.
vcf2hap is extremely fast and requires a trivial amount of memory regardless of
the size of the VCF file.

(bacon)

biology/Makefile: Add ad2vcf

(bacon)

doc: Added biology/ad2vcf version 0.1.2

(bacon)

biology/ad2vcf: import ad2vcf-0.1.2

ad2vdf extracts allelic depth info from a SAM stream and adds it to a
corresponding single-sample VCF file.

(bacon)

Updated databases/ldb, net/samba4

(adam)

ldb: updated to 2.2.1; samba: updated to 4.13.7

                  ==============================
                  Release Notes for Samba 4.13.7
                          March 24, 2021
                  ==============================

This is a follow-up release to depend on the correct ldb version. This is only
needed when building against a system ldb library.

This is a security release in order to address the following defects:

o CVE-2020-27840: Heap corruption via crafted DN strings.
o CVE-2021-20277: Out of bounds read in AD DC LDAP server.

=======
Details
=======

o  CVE-2020-27840:
  An anonymous attacker can crash the Samba AD DC LDAP server by sending easily
  crafted DNs as part of a bind request. More serious heap corruption is likely
  also possible.

o  CVE-2021-20277:
  User-controlled LDAP filter strings against the AD DC LDAP server may crash
  the LDAP server.

For more details, please refer to the security advisories.

Changes since 4.13.6
--------------------

o  Release with dependency on ldb version 2.2.1.

(adam)

doc: Updated mail/spamassassin to 3.4.5

(gdt)

mail/spamassassin: Update to 3.4.5

This is a micro-update carrying a fix for
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-1946

Upstream changes:

In addition to the CVE which shall be announced separately, this release
includes fixes for the following:

  - Improvements to OLEVBMacro and AskDNS plugins
  - Received and EnvelopeFrom headers matching improvements
  - userpref SQL schema fixes
  - rbl and hashbl evaluation improvements
  - fix for non working TxRep tag names
  - man page fixes

(gdt)

biology/Makefile: Add biolibc, vcf-split

(bacon)

doc: Added biology/vcf-split version 0.1.1

(bacon)