(devel/p5-Alien-Base-ModuleBuild) Updated to 1.14

1.14      2020-02-05 19:08:06 -0700
  - Add use strict and warnings to generated Install/Files.pm
      modules (gh#17)

1.12      2020-02-02 06:00:12 -0700
  - Add List::Util and Text::ParseWords prereqs back.
      They were accidentally removed from prereqs in 1.10.
          (gh#16)

1.11      2020-01-31 13:52:17 -0700
  - Remove test dependency on Acme::Alien::DontPanic
      (it should be optional) introduced in 1.10.

1.10      2020-01-30 07:57:09 -0700
  - Production release identical to 1.09_01

1.09_01  2020-01-29 20:10:24 -0700
  - internal refactor, Dist::Zilla, perlcritic, etc. (gh#15)

(mef)

fix reboot on pinebook-pro.

pull in https://github.com/ARM-software/arm-trusted-firmware/commit/b4899041e5f0b8e8b388c6511b5233516b8785ec
from upstream, and also force this code path to be used.

bump version of both the rk3399 ATF and the pbp u-boot, and adjust
the buildlink version to require the updated ATF.

fix MESSAGE for u-boot-pinebook-pro to not refer to rockpro64.

(mrg)

optimize a tail-call in previous

(tnn)

(devel/R-testthat) Fix build, two DEPENDS+ were missing

(mef)

MesaLib: port x86_64 tls dispatch changes to i386 also

(tnn)

Updated security/py-cryptodome, databases/py-multidict, www/py-django-filer, www/py-djangocms-text-ckeditor

(adam)

py-djangocms-text-ckeditor: updated to 3.9.0

3.9.0:
Added support for Django 3.0
Added support for Python 3.8
Removed Aldryn Boilerplate support

(adam)

py-django-filer: updated to 1.7.0

1.7.0:
Added Django 3.0 support
Added support for Python 3.8
Add attribute download to the download link in order to offer the file under its original name.

(adam)

py-multidict: updated to 4.7.5

4.7.5:

Bugfixes
- Fixed creating and updating of MultiDict from a sequence of pairs and keyword arguments. Previously passing a list argument modified it inplace, and other sequences caused an error.
- Fixed comparing with mapping: an exception raised in the `__len__` method caused raising a SyntaxError.
- Fixed comparing with mapping: all exceptions raised in the `__getitem__` method were silenced.

(adam)

py-cryptodome: updated to 3.9.7

3.9.7:
* Make notarization possible again on OS X when using wheels.

(adam)

MesaLib: assorted fixes

- must use march=i586 on i386 for 64-bit atomic CAS
- call through @plt from position independent code
- put back the stock STUB_ASM_CODE for non-NetBSD

(tnn)

alacconvert: Use COMPILER_RPATH_FLAG instead of hardcoding

(ryoon)

rust: Add comment to patch

(ryoon)

Updated archivers/unrar

(adam)

unrar: updated to 5.9.1

5.9.1:
Unknown changes

(adam)

doc: Updated graphics/blender to 2.82

(nia)

blender: Update to 2.82

Release notes:
https://www.blender.org/download/releases/2-82/

TBB being optional is broken with this release

(nia)

gcpio: fix packaging failure

Add missing PLIST entry. (No PKGREVISION, since this was universally
failing to build since the last update.)

(gutteridge)

Fix building with external LLVM; allow any Python

(adam)

doc: Updated www/firefox-l10n to 73.0.1

(ryoon)

firefox-l10n: Update to 73.0.1

* Sync with www/firefox-73.0.1.

(ryoon)

doc: Updated www/firefox to 73.0.1

(ryoon)

firefox: Update to 73.0.1

* Do not define USE_LANGUAGES+=gnu++17. Passing -std=gnu++17 to all clang
  invocations causes build failure.

Changelog:
Fixed
    Fixed crashes on Windows systems running third-party security software such as 0patch or G DATA (bug 1610790)

    Fixed loss of browser functionality in certain circumstances such as running in Windows compatibility mode or having custom anti-exploit settings (bug 1614885)

    Resolved problems connecting to the RBC Royal Bank website (bug 1613943)

    Fixed Firefox unexpectedly exiting when leaving Print Preview mode (bug 1611133)

    Fixed crashes when playing encrypted content on some Linux systems (bug 1614535)

(ryoon)

Updated textproc/py-sphinx, misc/py-tqdm

(adam)

py-tqdm: updated to 4.43.0

tqdm v4.43.0 stable

fix notebook exceptions
set_description() when disable=True
contrib.concurrent: avoid unnecessary len(iterable)
update documentation
clarify etymology
fix minor typo
update contributors and years
update tests
fix CI tests for PRs

(adam)

py-sphinx: updated to 2.4.2

Release 2.4.2:

Bugs fixed
* autodoc: ``autodoc.typehints`` crashed when variable has unbound object
  as a value
* autodoc: separator for keyword only arguments is not shown
* autodoc: IndexError is raised on suppressed type_comment found
* autodoc: typehints extension does not support parallel build
* autodoc: TypeError is raised on fetching type annotations
* crashed when extension assigns a value to ``env.indexentries``
* text: Remove debug print
* viewcode: Avoid to crash when non-python code given

(adam)

mikutter-plugins-mikutter: use ${RUBY_PKGPREFIX} for proper dependencies.

(tsutsui)

Updated textproc/py-xmlschema, devel/py-requests

(adam)

py-requests: updated to 2.23.0

2.23.0:
**Improvements**
- Remove defunct reference to `prefetch` in Session `__attrs__`

**Bugfixes**
- Requests no longer outputs password in basic auth usage warning.

**Dependencies**
- Pinning for `chardet` and `idna` now uses major version instead of minor.
  This hopefully reduces the need for releases everytime a dependency is updated.

(adam)

py-xmlschema: updated to 1.1.1

v1.1.1:
* Change of *skip* validation mode with errors filtering in decode() or encode()
* Extension of location hints by argument to imported/included schemas
* Fixed lazy validation with identity constraints
* Fixed many W3C instance tests (remain ~100 over 15344 tests)

(adam)

doc: Updated net/nanotodon to 0.1.1

(tsutsui)

nanotodon: update to 0.1.1.

No upstream changelog, but main visible ones are memory leak fixes.

(tsutsui)

doc: Added net/mikutter-plugins-twitter version 4.0

(tsutsui)

net/Makefile: + mikutter-plugins-twitter

(tsutsui)

net/mikutter-plugins-twitter: import mikutter-plugins-twitter-4.0.

mikutter-plugins-twitter provides a set of Twitter client plugins
for mikutter version 4.0 and later.

(tsutsui)

doc: Updated net/mikutter to 4.0.4

(tsutsui)

miutter: update to 4.0.4.

pkgsrc changes:

* update DESCR and MESSAGE to reflect twitter plugin removal etc.
* sort DEPENDS by package (i.e. gem) names without categories for
  maintainability
* adjust EXTRACT_DIR per upstream tarball changes
  (probably this will soon be changed again on upstream)
* set DISABLE_BUNDLER_SETUP=1 to disable bundler's auto download on startup

Upstream changes:

mikutter 4.0.4

* crash on adding Mastdon accounts
* thanks Ahiru Iegamo
* error on Mastodon User Profile tab
* thanks Ahiru Iegamo
* delayer 1.0.2

mikutter 4.0.3

* support Ruby 2.7 changes
* clear image loading window by bg color after loading images and
  before drawing Pixbuf
* thanks Shibafu Midorino

mikutter 4.0.2

* support thumbnails of YouTube and Niconico-video
* thanks Shibafu Midorino
* appimage: fix crash/freeze
* thanks Yuto Tokunaga
* adjust selected region including custom emoji cases on strings copy
* thanks Shibafu Midorino
* remove irb from Gemfile

mikutter 4.0.1

* happy new year
* fix appimage
* thanks hinaloe k
* remove unnecessary code executed per MiraclePainter updates
* thanks Shibafu Midorino

mikutter 4.0

Major version up after five and half years after prevous update,
for 10 years aniversary of mikutter, with some incompatible changes.

* make Twitter plugins third party plugins
* Twitter plugins are no longer included
* users can still use Twitter on mikutter by installing Twitter plugins
  https://github.com/mikutter/twitter_bootstrap
* remove Service module
* Abstraction by Service was not sufficient and it has been replaced
  by World plugin
* deprecate boot events
* initialization should be implemented in plugin context or
  Delayer.new {...} should be used if it need to be executed after
  load is conplete
* remove miquire
* miquire was introduce to avoid (no-longer-recallable) problems
  on ruby 1.8 and to switch loaded files by command line options,
  but both of them no longer exist
* use own implementation to handle event loop
* mikutter used Gtk mailloop and Delayer queue but it caused FiberError
  exceptions and the FiberError was hard to fix per specification
* make it possible to change, preserve and restore order of general
  Model viewer tabs
* orders of tabs in Mastdon user prifile tabs are recoreded and
  preserved on the next open even on other similar tabs
* support Ruby 2.5 and later (drop support for 2.4)
* ruby 2.4 will be EOLed on end of March 2020
  https://www.ruby-lang.org/ja/news/2019/10/02/ruby-2-4-9-released/
* drop bundling gems in release tar ball
* nowadays bundler is common enough and plugins with Gemfile made
  things more complicated
* all other things forgotten to be written
* all things I missed

(tsutsui)

Add stream-ssl-preread option to nginx

Allows nginx to be used as a proxy to share a port between https and
ssh/openvpn or similar

Not enabled by default

(abs)

mpv: Add another potential swift library dir.

(jperkin)

doc: Updated x11/xkbcomp to 1.4.3

(wiz)

xkbcomp: update to 1.4.3.

Adam Jackson (1):
    Suppress high-keycode warnings at the default warning level

Alan Coopersmith (1):
    Update configure.ac bug URL for gitlab migration

Andreas Boll (2):
    pkgconfig: Remove unneeded Requires.private
    configure: Remove unused AC_SUBST([REQUIRED_MODULES])

Andreas Wettstein (1):
    xkbcomp Fix missing support for "affect" and incorrect modifier handling for ISOLock

Dimitry Andric (1):
    Don't compare with string literals

Matt Turner (1):
    xkbcomp 1.4.3

Miroslav Ko邸k叩r (1):
    Fix invalid error report on F_Accel field

Peter Hutterer (1):
    Error out if we have no default path

(wiz)

security/heimdal: add back MAKE_JOBS_SAFE=no

(rillig)

Update unbound to version 1.10.0. (This time on the main CVS branch...)

Pkgsrc changes:
* Adjust line numbers in patch.

Upstream changes:

The 1.10.0 release has RPZ support and serve stale functionality
according to draft draft-ietf-dnsop-serve-stale-10.  And a number of
other, smaller, features, and bug fixes.

The DNS Response Policy Zones (RPZ) functionality makes it possible
to express DNS response policies in a DNS zone. These zones can
be loaded from file or transferred over DNS zone transfers or
HTTP. The RPZ functionality in Unbound is implemented as specified in
draft-vixie-dnsop-dns-rpz-00. Only the QNAME and Response IP Address
triggers are supported. The supported RPZ actions are: NXDOMAIN, NODATA,
PASSTHRU, DROP and Local Data.

Enabling the respip module using `module-config` is required to use
RPZ. Each RPZ zone can be configured using the `rpz` clause. RPZ clauses
are applied in order of configuration.  Unbound can get the data from
zone transfer, a zonefile or https url, and more options are documented
in the man page.  A minimal RPZ configuration that will transfer the
RPZ zone using AXFR and IXFR can look like:

server:
  module-config: "respip validator iterator"

rpz:
  name: "rpz.example.com" # name of the policy zone
  master: 192.0.2.0   # address of the name server to transfer from

The serve-stale functionality as described in
draft-ietf-dnsop-serve-stale-10 is now supported in unbound.
This allows unbound to first try and resolve a domain name before
replying with expired data from cache.  This differs from unbound's
initial serve-expired behavior which attempts to reply with expired
entries from cache without waiting for the actual resolution to finish.
Both behaviors are available and can be configured with the various
serve-expired-* configuration options.  serve-expired-client-timeout is
the option that enables one or the other.

The DSA algorithms have been disabled by default, this is because of
RFC 8624.

There is a crash fix in the parse of text of type WKS, reported by
X41 D-Sec.

In addition, neg and key caches can be shared with multiple
libunbound contexts, a change that assists unwind.  The
contrib/unbound_portable.service provides a systemd start file for a
portable setup.  The configure --with-libbsd option allows the use
of the bsd compatibility library so that it can use the arc4random
from it.  The stats in contrib/unbound_munin_ have num.query.tls and
num.query.tls.resume added to them.  For unbound-control the command
view_local_datas_remove is added that removes data from a view.

Features:
- Merge RPZ support into master. Only QNAME and Response IP triggers are
  supported.
- Added serve-stale functionality as described in
  draft-ietf-dnsop-serve-stale-10. `serve-expired-*` options can be used
  to configure the behavior.
- Updated cachedb to honor `serve-expired-ttl`; Fixes #107.
- Renamed statistic `num.zero_ttl` to `num.expired` as expired replies
  come with a configurable TTL value (`serve-expired-reply-ttl`).
- Merge #135 from Florian Obser: Use passed in neg and key cache
  if non-NULL.
- Fix #153: Disable validation for DSA algorithms.  RFC 8624 compliance.
- Merge PR#151: Fixes for systemd units, by Maryse47, Edmonds
  and Frzk.  Updates the unbound.service systemd file and adds a portable
  systemd service file.
- Merge PR#154; Allow use of libbsd functions with configure option
  --with-libbsd. By Robert Edmonds and Steven Chamberlain.
- Merge PR#148; Add some TLS stats to unbound_munin_. By Fredrik Pettai.
- Merge PR#156 from Alexander Berkes; Added unbound-control
  view_local_datas_remove command.

Bug Fixes:
- Fix typo to let serve-expired-ttl work with ub_ctx_set_option(), by
  Florian Obser
- Update mailing list URL.
- Fix #140: Document slave not downloading new zonefile upon update.
- Downgrade compat/getentropy_solaris.c to version 1.4 from OpenBSD.
  The dl_iterate_phdr() function introduced in newer versions raises
  compilation errors on solaris 10.
- Changes to compat/getentropy_solaris.c for,
  ifdef stdint.h inclusion for older systems.  ifdef sha2.h inclusion
  for older systems.
- Fix 'make test' to work for --disable-sha1 configure option.
- Fix out-of-bounds null-byte write in sldns_bget_token_par while
  parsing type WKS, reported by Luis Merino from X41 D-Sec.
- Updated sldns_bget_token_par fix for also space for the zero
  delimiter after the character.  And update for more spare space.
- Fix #138: stop binding pidfile inside chroot dir in systemd service
  file.
- Fix the relationship between serve-expired and prefetch options,
  patch from Saksham Manchanda from Secure64.
- Fix unreachable code in ssl set options code.
- Removed the dnscrypt_queries and dnscrypt_queries_chacha tests,
  because dnscrypt-proxy (2.0.36) does not support the test setup
  any more, and also the config file format does not seem to have the
  appropriate keys to recreate that setup.
- Fix crash after reload where a stats lookup could reference old key
  cache and neg cache structures.
- Fix for memory leak when edns subnet config options are read when
  compiled without edns subnet support.
- Fix auth zone support for NSEC3 records without salt.
- Merge PR#150 from Frzk: Systemd unit without chroot.  It add
  contrib/unbound_nochroot.service.in, a systemd file for use with
  chroot: "", see comments in the file, it uses systemd protections
  instead.  It was superceded by #151, the unbound_portable.service
  file.
- Merge PR#155 from Robert Edmonds: contrib/libunbound.pc.in: Fixes
  to Libs/Requires for crypto library dependencies.
- iana portlist updated.
- Fix to silence the tls handshake errors for broken pipe and reset
  by peer, unless verbosity is set to 2 or higher.
- Merge PR#147; change rfc reference for reserved top level dns names.
- Fix #157: undefined reference to `htobe64'.
- Fix subnet tests for disabled DSA algorithm by default.
- Update contrib/fastrpz.patch for clean diff with current code.
- updated .gitignore for added contrib file.
- Add build rule for ipset to Makefile
- Add getentropy_freebsd.o to Makefile dependencies.
- Fix memory leak in error condition remote.c
- Fix double free in error condition view.c
- Fix memory leak in do_auth_zone_transfer on success
- Stop working on socket when socket() call returns an error.
- Check malloc return values in TLS session ticket code
- Fix fclose on error in TLS session ticket code.
- Add assertion to please static analyzer
- Fixed stats when replying with cached, cname-aliased records.
- Added missing default values for redis cachedb backend.
- Fix num_reply_addr counting in mesh and tcp drop due to size
  after serve_stale commit.
- Fix to create and destroy rpz_lock in auth_zones structure.
- Fix to lock zone before adding rpz qname trigger.
- Fix to lock and release once in mesh_serve_expired_lookup.
- Fix to put braces around empty if body when threading is disabled.
- Fix num_reply_states and num_detached_states counting with
  serve_expired_callback.
- Cleaner code in mesh_serve_expired_lookup.
- Document in unbound.conf manpage that configuration clauses can be
  repeated in the configuration file.
- Document 'ub_result.was_ratelimited' in libunbound.
- Fix use after free on log-identity after a reload; Fixes #163.
- Fix with libnettle make test with dsa disabled.
- Fix contrib/fastrpz.patch to apply cleanly.  Fix for serve-stale
  fixes, but it does not compile, conflicts with new rpz code.
- Fix to clean memory leak of respip_addr.lock when ip_tree deleted.
- Fix compile warning when threads disabled.

(he)

wesnoth: Update to 1.14.11

## Version 1.14.11
### Language and i18n
  * Updated translations: Czech, German.
### Packaging
  * Fixed data/dist information not being found on many platforms other than Windows (only
    with the installer-created shortcut), as well as only the very first word being read instead
    of the whole line.
  * Added support for systemctl reload.
### Miscellaneous and bug fixes
  * Silenced spurious warning about conflicting l10n-track files (issue #4716).

(nia)

doc: Updated editors/xournalpp to 1.0.17

(nia)

xournalpp: Update to 1.0.17

## 1.0.17

* Fixed arrow tip scaling: now scales with thickness instead of length (#967,
  thanks to @redweasel)
* Changed coordinate draw direction (thanks to @redweasel)
* Fixed audio playback failures not showing error messages to the user (#1573)
* Fixed text tool bold shortcut not working when capslock is enabled (#1583,
  thanks to @matepak)
* Fixed sidebar preview context menu "Move Page Up" and "Move Page Down" buttons
  not being disabled on the first and last page, respectively (#1637)
* Fixed Enter keypress on the "Goto Page" (Ctrl-G) dialog not changing the page
  (#975, thanks to @MrMallIronmaker)
* Fixed missing Xournal++ icon errors on most of the dialog windows (#1667)
* (Windows) Fixed missing libssl/libcrypto errors in the official installation
  (#1660).

## 1.0.16

* Fixed currently editing textboxes not exporting to PDF.
* Fixed line tool breaking when snap-to-grid is disabled.

(nia)

doc/TODO: add bind-9.16.0

+ bind-9.16.0.

(taca)

doc: Updated net/bind911 to 9.11.16

(taca)

net/bind911: update to 9.11.16

Update bind911 to 9.11.16 (BIND 9.11.16).

--- 9.11.16 released ---

5353. [doc] Document port and dscp parameters in forwarders
configuration option. [GL #914]

5352. [bug] Correctly handle catalog zone entries containing
characters that aren't legal in filenames. [GL #1592]

5351. [bug] CDS / CDNSKEY consistency checks failed to handle
removal records. [GL #1554]

5350. [bug] When a view was configured with class CHAOS,
dns_view_findzonecut() could incorrectly return
success for non-existent records. [GL #1540]

5348. [bug] dnssec-settime -Psync was not being honoured.
[GL !2925]

(taca)

doc: Updated net/bind914 to 9.14.11

(taca)

net/bind914: update to 9.14.11

Update bind914 to 9.14.11 (BIND 9.14.11).

--- 9.14.11 released ---

5353. [doc] Document port and dscp parameters in forwarders
configuration option. [GL #914]

5352. [bug] Correctly handle catalog zone entries containing
characters that aren't legal in filenames. [GL #1592]

5351. [bug] CDS / CDNSKEY consistency checks failed to handle
removal records. [GL #1554]

5350. [bug] When a view was configured with class CHAOS, the
server could crash while processing a query for a
non-existent record. [GL #1540]

5348. [bug] dnssec-settime -Psync was not being honoured.
[GL !2925]

(taca)

doc: Updated games/supertux to 0.6.1.1

(nia)

supertux: Update to 0.6.1.1

SuperTux 0.6.1.1 (2019-12-19)
---------------------------
This small bugfix release fixes an issue that caused right-to-left fonts, such as Arabic, to not be displayed properly in the AppImage builds on Linux. Apart from that, it's identical to 0.6.1.

SuperTux 0.6.1 (2019-12-15)
---------------------------
The SuperTux Team is excited to announce the availability of SuperTux 0.6.1. This is first and foremost a bugfix release that fixes reported issues after the release of 0.6.0 a year ago, however, we also introduced a lot of other changes, such as new graphics, levels and other game content.

Changes:
* Rework of the first 3 Bonus Worlds
* Added 3 new bonus worlds to the core game
* Improvements to the story mode
* Addition of Ghost Forest to the Story Mode
* New Backgrounds and Music by BlasterMaster
* Tiles and Sprites Improvements by Alzter, weluvgoatz and RustyBox
* New enemy: The Ghoul
* Fixes and optimizations (Fixing buggy controls, game speed, etc.)
* Level Editor Improvements, Fixes and Optimisations
* Revamp of the Credits Menu
* Blocks (and other objects behaving like blocks, such as lanterns) no longer jitter when stacked on top of one another
* Trampolines as bonus block contents no longer hurt Tux
* An issue causing music not to get saved in the level editor was fixed

(nia)

doc: Updated audio/vamp-plugin-sdk to 2.9.0

(nia)

vamp-plugin-sdk: Update to 2.9.0

Version 2.9, 2019-11-13 (maintenance release)

  * Fix non-thread-safe behaviour in PluginAdapter. Plugins built
    using the adapter classes in version 2.8 or earlier cannot safely
    be used simultaneously across threads with other instances of
    themselves or of other plugins in the same library (i.e. shared
    object). Hosts have been required to provide synchronisation for
    such cases. Version 2.9 introduces synchronisation in the plugin,
    making this usage safe. Unfortunately this does not make host code
    safe when using older plugin builds, as the problem and its fix
    are in the plugin side of the SDK. Caution is still required, but
    this fix does allow updated plugin builds to avoid problems with
    some existing hosts
  * Change required C++ language standard from C++98 to C++11. This
    is because of the use of std::mutex in the above fix

(nia)

doc: Updated chat/unrealircd to 5.0.3.1

(nia)

unrealircd: Update to 5.0.3.1

UnrealIRCd 5.0.3.1
-------------------
This fixes a crash issue after REHASH in 5.0.3.

UnrealIRCd 5.0.3
-----------------
Fixes:
* Fix serious flood issue in labeled-response implementation.
* An IRCOp SQUIT'ing a far remote server may cause a broken link topology
* In channels that are +D (delayed join), PARTs were not shown correctly to
  channel operators.

Enhancements:
* A new HISTORY command for history playback (```HISTORY #channel number-of-lines```)
  which allows you to fetch more lines than the on-join history playback.
  Of course, taking into account the set limits in the +H channel mode.
  This command is one of the [two interfaces](https://www.unrealircd.org/docs/Channel_history#Ways_to_retrieve_history)
  to [Channel history](https://www.unrealircd.org/docs/Channel_history).
* Two new [message tags](https://www.unrealircd.org/docs/Message_tags),
  ```unrealircd.org/userip``` and ```unrealircd.org/userhost```
  which communicate the user@ip and real user@host to IRCOps.

Changes:
* Drop the draft/ prefix now that the IRCv3
  [labeled-response](https://ircv3.net/specs/extensions/labeled-response.html)
  specification is out of draft.
* The operclass permission ```immune:target-limit``` is now called
  ```immune:max-concurrent-conversations```, since it bypasses
  [set::anti-flood::max-concurrent-conversations](https://www.unrealircd.org/docs/Set_block#set::anti-flood::max-concurrent-conversations).
  For 99% of the users this change is not important, but it may be
  if you use highly customized [operclass blocks](https://www.unrealircd.org/docs/Operclass_block)

Are you upgrading from UnrealIRCd 4.x to UnrealIRCd 5? If so,
then check out the *UnrealIRCd 5* release notes [further down](#unrealircd-5). At the
very least, check out [Upgrading from 4.x](https://www.unrealircd.org/docs/Upgrading_from_4.x).

(nia)

Sorry, the 1.10.0 update was mistakenly committed to pkgsrc-2019Q4
branch, reverted.
Thanks to leot@ for alerting me.

(he)

doc: Updated textproc/uncrustify to 0.70.1

(nia)

uncrustify: Update to 0.70.1

No longer require Python 2 to build.

Change highlights in uncrustify-0.70.1 (November 2019)
-------------------------------------------------------------------------------

  5114ea856acd79cbf52fd4261b83d423fafd98da
    Added  : nl_before_member                    Nov 17 2019
    Added  : nl_after_member                      Nov 17 2019
  1e911250996a7138e33006af1b664362b255f4b5
    Added  : nl_template_end_multi_line          Nov 17 2019
    Added  : nl_template_start_multi_line        Nov 17 2019
    Added  : nl_template_args_multi_line          Nov 17 2019
  948bc227c46f89207346ad596e6199acb12d162f
    Added  : sp_before_vardef_square              Nov 18 2019
  1ff6fc2da0b1cdef35089a2d6ac3364fbba304be
    Added  : nl_template_start                    Nov 21 2019
    Added  : nl_template_args                    Nov 21 2019
    Added  : nl_template_end                      Nov 21 2019
    Removed : nl_template_end_multi_line          Nov 21 2019
    Removed : nl_template_start_multi_line        Nov 21 2019
    Removed : nl_template_args_multi_line          Nov 21 2019
  2df82073bb1e3bc85f75c2165a541ba906f76b8d
    Added  : indent_macro_brace                  Nov 18 2019
  8cb5f1be52bcbcca4148cf0514b103dec5313c55
    Added  : indent_switch_break_with_case        Nov 25 2019

Change highlights in uncrustify-0.70.0 (is not released)
-------------------------------------------------------------------------------

  710b9b90d063e1fac853b77ad9509bed37ff31ee
    Added  : mod_sort_case_sensitive              May 12 2019
  40c028454904f4fc87bd93b9703eaeb58fa57dd0
    Added  : sp_before_square_asm_block          Jul 29 2019
  b9b7f2fffb2c73925906ca7e5c8536d03c93c4bc
    Added  : nl_multi_line_sparen_open            Aug  3 2019
    Added  : nl_multi_line_sparen_close          Aug  3 2019
  83a014197001ea815f92d977fc30aa36dec39e1b
    Added  : sp_cpp_lambda_square_paren          Aug 20 2019
    Added  : sp_cpp_lambda_square_brace          Aug 20 2019
    Added  : sp_cpp_lambda_paren_brace            Aug 20 2019
    Removed : sp_cpp_lambda_paren                  Aug 20 2019
  8b6455c08c4f70b04b03b48c32fa14b9014354b4
    Added  : use_sp_after_angle_always            Sep 13 2019
  264ec3c988b5667c971b0d6508b17d0c9337c82c
    Added  : sp_cpp_lambda_fparen                Sep 13 2019
  883ccefc3bf8c8cdf6b159f280e22c2d72ce83f5
    Added  : sp_func_type_paren                  Oct 11 2019
  8284db41edbb777829f26d247470c75d3d317641
    Added  : nl_before_namespace                  Oct  8 2019
    Added  : nl_after_namespace                  Oct  8 2019
  3af190ceda3f8025028b5f8aae7541d35bda39c7
    Added  : nl_template_class_def                Oct  2 2019
    Added  : nl_template_func_def_special        Oct  2 2019
    Added  : nl_template_using                    Oct  2 2019
    Added  : nl_template_func_def                Oct  2 2019
    Added  : nl_template_class_decl              Oct  2 2019
    Added  : nl_template_var                      Oct  2 2019
    Added  : nl_template_class_decl_special      Oct  2 2019
    Added  : nl_template_func                    Oct  2 2019
    Added  : nl_template_func_decl_special        Oct  2 2019
    Added  : nl_template_func_decl                Oct  2 2019
    Added  : nl_template_class_def_special        Oct  2 2019
  e9bc08c3baa3b7545a592b5e1d0d23e530c58b7f
    Added  : sp_trailing_return                  Oct 23 2019
  d783ecfe7f08b525eb882ff3a7c6525d8866d54b
    Added  : nl_oc_before_interface              Oct 28 2019
    Added  : nl_oc_before_implementation          Oct 28 2019
    Added  : nl_oc_before_end                    Oct 28 2019
  3741e59342c5741020b84eba147b0c1dfde0154b
    Added  : indent_func_def_param_paren_pos_threshold Nov  6 2019
  829b4124c02e36156489d06a8b33e3552e58d30b
    Added  : sp_brace_close_while                Nov  8 2019
    Added  : sp_while_paren_open                  Nov  8 2019
    Added  : sp_do_brace_open                    Nov  8 2019
  ea6f4ac515c0ad5651be020a3295dcae01c3baf9
    Added  : nl_create_list_one_liner            Nov 11 2019

(nia)

libexif: Update HOMEPAGE

(nia)

doc: Updated security/mbedtls to 2.16.4

(nia)

mbedtls: Update to 2.16.4

Security
  * Fix side channel vulnerability in ECDSA. Our bignum implementation is not
    constant time/constant trace, so side channel attacks can retrieve the
    blinded value, factor it (as it is smaller than RSA keys and not guaranteed
    to have only large prime factors), and then, by brute force, recover the
    key. Reported by Alejandro Cabrera Aldaya and Billy Brumley.
  * Zeroize local variables in mbedtls_internal_aes_encrypt() and
    mbedtls_internal_aes_decrypt() before exiting the function. The value of
    these variables can be used to recover the last round key. To follow best
    practice and to limit the impact of buffer overread vulnerabilities (like
    Heartbleed) we need to zeroize them before exiting the function.
    Issue reported by Tuba Yavuz, Farhaan Fowze, Ken (Yihang) Bai,
    Grant Hernandez, and Kevin Butler (University of Florida) and
    Dave Tian (Purdue University).
  * Fix side channel vulnerability in ECDSA key generation. Obtaining precise
    timings on the comparison in the key generation enabled the attacker to
    learn leading bits of the ephemeral key used during ECDSA signatures and to
    recover the private key. Reported by Jeremy Dubeuf.
  * Catch failure of AES functions in mbedtls_ctr_drbg_random(). Uncaught
    failures could happen with alternative implementations of AES. Bug
    reported and fix proposed by Johan Uppman Bruce and Christoffer Lauri,
    Sectra.

Bugfix
  * Remove redundant line for getting the bitlen of a bignum, since the variable
    holding the returned value is overwritten a line after.
    Found by irwir in #2377.
  * Support mbedtls_hmac_drbg_set_entropy_len() and
    mbedtls_ctr_drbg_set_entropy_len() before the DRBG is seeded. Before,
    the initial seeding always reset the entropy length to the compile-time
    default.

Changes
  * Add unit tests for AES-GCM when called through mbedtls_cipher_auth_xxx()
    from the cipher abstraction layer. Fixes #2198.
  * Clarify how the interface of the CTR_DRBG and HMAC modules relates to
    NIST SP 800-90A. In particular CTR_DRBG requires an explicit nonce
    to achieve a 256-bit strength if MBEDTLS_ENTROPY_FORCE_SHA256 is set.

(nia)

doc: Updated graphics/imlib2 to 1.6.1

(nia)

imlib2: Update to 1.6.1

***
*** Version 1.6.1 ***
***

Kim Woelders (11):
      gz loader: Use FILE, not fd
      gz, bz2 loaders: Fix recent breakage when file name has more than two dots
      Quit on 'q' or 'esc' key press in all imlib2_... test utilities
      Rename imlib2_test_load to imlib2_load
      imlib2_load: Optionally write to stderr instead of stdout
      imlib2_view: Add progress debug options
      Enable specifying loader/filter paths with environment variables
      BMP loader: Remove some bogus conditions
      XPM loader: Minor optimization for cpp > 2
      LBM loader: Fix header-only loading
      1.6.1

Luiz Carlos Ramos (1):
      BMP loader: Fix size calculation when saving files

***
*** Version 1.6.0 ***
***

Alexander Volkov (1):
      Allow to use custom memory management functions for loaded images

Kim Woelders (64):
      Add __imlib_LoadImageWrapper() handling all load() calls
      imlib2_conv: Report error on save failure
      Autofoo cosmetics
      Trivial cleanups in imlib2_... test programs
      Add imlib2_test_load program
      Cleanups in load() functions
      Centralize handling of im->format
      Sort loaders in Makefile.am
      Remove obsolete dmalloc stuff
      Move SWAP.. macro definitions to common.h
      Use common PIXEL_ARGB() macro to compose pixels
      Add new ICO loader
      Spec file simlifications and cleanups
      Fix memory leak in imlib_list_fonts()
      XPM loader: Refactor exit cleanup handling
      XPM loader: Fix potentially uninitialized pixel data
      XPM loader: Fixup after "Refactor exit cleanup handling"
      Revert "XPM loader: Fix potentially uninitialized pixel data"
      XPM loader: Cosmetics (reduce indent level)
      XPM loader: Fix several colormap issues
      XPM loader: Simplify pixel value handling
      XPM loader: Add missing pixels (malformed xpm)
      XPM loader: More simplifications
      JPG loader: Refactor
      JPG loader: Do proper CMYK conversion
      Add new WebP loader
      Remove pointless im->data checks in loaders
      WepP loader: Fix memory leak in error path
      JPG loader: Fix memory leaks in error paths
      Fix ABI break
      ICO loader: Add binary flag to fopen()
      JPG loader: Refactor error handling
      Rename/add byte swap macros
      BMP loader: Major makeover - numerous bug fixes and feature enhancements
      Miscellaneous imlib_test_load tweaks
      GZIP loader: Check filename before uncompress
      imlib2_test_load: Fixup after recent change
      Re-indent everything using indent-2.2.12
      TGA loader: Refactor
      Eliminate WRITE_RGBA()
      Simplify autogen.sh
      Simplify pixel color handling in api.c
      Use pixel instead of r,b,g,a in __imlib_render_str()
      Use macro for pixel color access in savers
      Eliminate READ_RGBA()
      XPM loader: Accept signature not at the very start of the file
      Simplify loader lookup functions
      imlib2_view: Enable selecting next/prev using keys too
      imlib2_view: Fix event processing bug
      imlib2_test_load: Fixup recent breakage for real
      imlib2_test_load: Check progress conditionally
      imlib2_view: Add verbose option, quit on Escape too
      TGA loader - Mostly cosmetic refactoring
      TGA loader: More mostly cosmetic changes
      TGA loader: Support horiontal flip
      TGA loader: Add simple 16 bpp handling
      TGA loader: Tweak error handling
      ICO loader: Fix non-immediate loading
      Remove __imlib_AllocateData() w,h args
      imlib2_view: Fix next/prev selection if last/first image is bad
      ICO loader: Fix memory leak in error path
      XPM loader: Correct signature check (avoid accessing unset data)
      gz, bz2 loaders: Simplify, eliminate unnecessary strdups, cosmetics
      1.6.0.

(nia)

doc: Updated devel/bullet to 2.89

(nia)

bullet: Update to 2.89

Bullet 2.89 includes a new implementation of volumetric deformable objects and cloth based on the Finite Element Method, thanks to Xuchen Han. Two-way coupling between deformables and rigid/multi body is achieved using a unified constraint solver.

(nia)

doc: Updated sysutils/flashrom to 1.2

(nia)

flashrom: Update to 1.2

This release was rushed a bit so that we have a release that includes
numerous build fixes that have been merged since v1.1. Fedora's build
system started to encounter compilation issues that needed to be
addressed for their upcoming release, so that became our canary in the
coal mine this time around.

Other highlights:
- Meson support (hello fwupd!)
- Layout improvements/fixes and many, many code cleanups.
- New chips: MX25U25635F, MX25L51245G, GD25Q256D, M95M02-A125,
N25Q/MT25Q variants, W25Q128JW_DTR, AT25SF321, S25FL512S
- New programmers: National Instruments USB-845x, Tin Can Tools
Flyswatter/Flyswatter 2, STLINK V3, more Intel PCHs (Apollo Lake,
Cannon Lake variants, Ice Lake U)
- Reduced dependency on libusb0
- Syntax: Added --flash-name and --flash-size arguments to print
information about the flash chip

Please report issues, and as always thanks to all who have contributed.

(nia)

doc: Updated lang/php72 to 7.2.28

(taca)

lang/php72: update to 7.2.28

Update php72 to 7.2.28 (PHP 7.2.28).

20 Feb 2020, PHP 7.2.28

- DOM:
  . Fixed bug #77569: (Write Access Violation in DomImplementation). (Nikita,
    cmb)

- Phar:
  . Fixed bug #79082 (Files added to tar with Phar::buildFromIterator have
    all-access permissions). (CVE-2020-7063) (stas)

- Session:
  . Fixed bug #79221 (Null Pointer Dereference in PHP Session Upload Progress).
    (CVE-2020-7062) (stas)

(taca)

doc: Updated lang/php74 to 7.4.3

(taca)

lang/php74: update to 7.4.3

Update php74 to 7.4.3 (PHP 7.4.3).

20 Feb 2020, PHP 7.4.3

- Core:
  . Fixed bug #79146 (cscript can fail to run on some systems). (clarodeus)
  . Fixed bug #79155 (Property nullability lost when using multiple property
    definition). (Nikita)
  . Fixed bug #78323 (Code 0 is returned on invalid options). (Ivan Mikheykin)
  . Fixed bug #78989 (Delayed variance check involving trait segfaults).
    (Nikita)
  . Fixed bug #79174 (cookie values with spaces fail to round-trip). (cmb)
  . Fixed bug #76047 (Use-after-free when accessing already destructed
    backtrace arguments). (Nikita)

- COM:
  . Fixed bug #79247 (Garbage collecting variant objects segfaults). (cmb)

- CURL:
  . Fixed bug #79078 (Hypothetical use-after-free in curl_multi_add_handle()).
    (cmb)

- FFI:
  . Fixed bug #79096 (FFI Struct Segfault). (cmb)

- IMAP:
  . Fixed bug #79112 (IMAP extension can't find OpenSSL libraries at configure
    time). (Nikita)

-Intl:
  . Fixed bug #79212 (NumberFormatter::format() may detect wrong type). (cmb)

- Libxml:
  . Fixed bug #79191 (Error in SoapClient ctor disables DOMDocument::save()).
    (Nikita, cmb)

- MBString:
  . Fixed bug #79149 (SEGV in mb_convert_encoding with non-string encodings).
    (cmb)

- MySQLi:
  . Fixed bug #78666 (Properties may emit a warning on var_dump()). (kocsismate)

- MySQLnd:
  . Fixed bug #79084 (mysqlnd may fetch wrong column indexes with MYSQLI_BOTH).
    (cmb)
  . Fixed bug #79011 (MySQL caching_sha2_password Access denied for password
    with more than 20 chars). (Nikita)

- Opcache:
  . Fixed bug #79114 (Eval class during preload causes class to be only half
    available). (Laruence)
  . Fixed bug #79128 (Preloading segfaults if preload_user is used). (Nikita)
  . Fixed bug #79193 (Incorrect type inference for self::$field =& $field).
    (Nikita)

- OpenSSL:
  . Fixed bug #79145 (openssl memory leak). (cmb, Nikita)

- Phar:
  . Fixed bug #79082 (Files added to tar with Phar::buildFromIterator have
    all-access permissions). (CVE-2020-7063) (stas)
  . Fixed bug #79171 (heap-buffer-overflow in phar_extract_file).
    (CVE-2020-7061) (cmb)
  . Fixed bug #76584 (PharFileInfo::decompress not working). (cmb)

- Reflection:
  . Fixed bug #79115 (ReflectionClass::isCloneable call reflected class
    __destruct). (Nikita)

- Session:
  . Fixed bug #79221 (Null Pointer Dereference in PHP Session Upload Progress).
    (CVE-2020-7062) (stas)

- Standard:
  . Fixed bug #78902 (Memory leak when using stream_filter_append). (liudaixiao)
  . Fixed bug #78969 (PASSWORD_DEFAULT should match PASSWORD_BCRYPT instead of being null). (kocsismate)

- Testing:
  . Fixed bug #78090 (bug45161.phpt takes forever to finish). (cmb)

- XSL:
  . Fixed bug #70078 (XSL callbacks with nodes as parameter leak memory). (cmb)

- Zip:
  . Add ZipArchive::CM_LZMA2 and ZipArchive::CM_XZ constants (since libzip 1.6.0). (Remi)
  . Add ZipArchive::RDONLY (since libzip 1.0.0). (Remi)
  . Add ZipArchive::ER_* missing constants. (Remi)
  . Add ZipArchive::LIBZIP_VERSION constant. (Remi)
  . Fixed bug #73119 (Wrong return for ZipArchive::addEmptyDir Method). (Remi)

(taca)

doc: Updated lang/php73 to 7.3.15

(taca)

lang/php73: update to 7.3.15

Update php73 to 7.3.15 (PHP 7.3.15).

20 Feb 2020, PHP 7.3.15

- Core:
  . Fixed bug #71876 (Memory corruption htmlspecialchars(): charset `*' not
    supported). (Nikita)
  . Fixed bug ##79146 (cscript can fail to run on some systems). (clarodeus)
  . Fixed bug #78323 (Code 0 is returned on invalid options). (Ivan Mikheykin)
  . Fixed bug #76047 (Use-after-free when accessing already destructed
    backtrace arguments). (Nikita)

- CURL:
  . Fixed bug #79078 (Hypothetical use-after-free in curl_multi_add_handle()).
    (cmb)

-Intl:
  . Fixed bug #79212 (NumberFormatter::format() may detect wrong type). (cmb)

- Libxml:
  . Fixed bug #79191 (Error in SoapClient ctor disables DOMDocument::save()).
    (Nikita, cmb)

- MBString:
  . Fixed bug #79154 (mb_convert_encoding() can modify $from_encoding). (cmb)

- MySQLnd:
  . Fixed bug #79084 (mysqlnd may fetch wrong column indexes with MYSQLI_BOTH).
    (cmb)

- OpenSSL:
  . Fixed bug #79145 (openssl memory leak). (cmb, Nikita)

- Phar:
  . Fixed bug #79082 (Files added to tar with Phar::buildFromIterator have
    all-access permissions). (CVE-2020-7063) (stas)
  . Fixed bug #79171 (heap-buffer-overflow in phar_extract_file).
    (CVE- 2020-7061) (cmb)
  . Fixed bug #76584 (PharFileInfo::decompress not working). (cmb)

- Reflection:
  . Fixed bug #79115 (ReflectionClass::isCloneable call reflected class
    __destruct). (Nikita)

- Session:
  . Fixed bug #79221 (Null Pointer Dereference in PHP Session Upload Progress).
    (CVE-2020-7062) (stas)

- SPL:
  . Fixed bug #79151 (heap use after free caused by
    spl_dllist_it_helper_move_forward). (Nikita)

- Standard:
  . Fixed bug #78902 (Memory leak when using stream_filter_append). (liudaixiao)

- Testing:
  . Fixed bug #78090 (bug45161.phpt takes forever to finish). (cmb)

- XSL:
  . Fixed bug #70078 (XSL callbacks with nodes as parameter leak memory). (cmb)

(taca)

Note update of net/unbound to 1.10.0.

(he)

Update unbound to version 1.10.0.

Pkgsrc changes:
* Adjust line numbers in patch.

Upstream changes:

The 1.10.0 release has RPZ support and serve stale functionality
according to draft draft-ietf-dnsop-serve-stale-10.  And a number of
other, smaller, features, and bug fixes.

The DNS Response Policy Zones (RPZ) functionality makes it possible
to express DNS response policies in a DNS zone. These zones can
be loaded from file or transferred over DNS zone transfers or
HTTP. The RPZ functionality in Unbound is implemented as specified in
draft-vixie-dnsop-dns-rpz-00. Only the QNAME and Response IP Address
triggers are supported. The supported RPZ actions are: NXDOMAIN, NODATA,
PASSTHRU, DROP and Local Data.

Enabling the respip module using `module-config` is required to use
RPZ. Each RPZ zone can be configured using the `rpz` clause. RPZ clauses
are applied in order of configuration.  Unbound can get the data from
zone transfer, a zonefile or https url, and more options are documented
in the man page.  A minimal RPZ configuration that will transfer the
RPZ zone using AXFR and IXFR can look like:

server:
  module-config: "respip validator iterator"

rpz:
  name: "rpz.example.com" # name of the policy zone
  master: 192.0.2.0   # address of the name server to transfer from

The serve-stale functionality as described in
draft-ietf-dnsop-serve-stale-10 is now supported in unbound.
This allows unbound to first try and resolve a domain name before
replying with expired data from cache.  This differs from unbound's
initial serve-expired behavior which attempts to reply with expired
entries from cache without waiting for the actual resolution to finish.
Both behaviors are available and can be configured with the various
serve-expired-* configuration options.  serve-expired-client-timeout is
the option that enables one or the other.

The DSA algorithms have been disabled by default, this is because of
RFC 8624.

There is a crash fix in the parse of text of type WKS, reported by
X41 D-Sec.

In addition, neg and key caches can be shared with multiple
libunbound contexts, a change that assists unwind.  The
contrib/unbound_portable.service provides a systemd start file for a
portable setup.  The configure --with-libbsd option allows the use
of the bsd compatibility library so that it can use the arc4random
from it.  The stats in contrib/unbound_munin_ have num.query.tls and
num.query.tls.resume added to them.  For unbound-control the command
view_local_datas_remove is added that removes data from a view.

Features:
- Merge RPZ support into master. Only QNAME and Response IP triggers are
  supported.
- Added serve-stale functionality as described in
  draft-ietf-dnsop-serve-stale-10. `serve-expired-*` options can be used
  to configure the behavior.
- Updated cachedb to honor `serve-expired-ttl`; Fixes #107.
- Renamed statistic `num.zero_ttl` to `num.expired` as expired replies
  come with a configurable TTL value (`serve-expired-reply-ttl`).
- Merge #135 from Florian Obser: Use passed in neg and key cache
  if non-NULL.
- Fix #153: Disable validation for DSA algorithms.  RFC 8624 compliance.
- Merge PR#151: Fixes for systemd units, by Maryse47, Edmonds
  and Frzk.  Updates the unbound.service systemd file and adds a portable
  systemd service file.
- Merge PR#154; Allow use of libbsd functions with configure option
  --with-libbsd. By Robert Edmonds and Steven Chamberlain.
- Merge PR#148; Add some TLS stats to unbound_munin_. By Fredrik Pettai.
- Merge PR#156 from Alexander Berkes; Added unbound-control
  view_local_datas_remove command.

Bug Fixes:
- Fix typo to let serve-expired-ttl work with ub_ctx_set_option(), by
  Florian Obser
- Update mailing list URL.
- Fix #140: Document slave not downloading new zonefile upon update.
- Downgrade compat/getentropy_solaris.c to version 1.4 from OpenBSD.
  The dl_iterate_phdr() function introduced in newer versions raises
  compilation errors on solaris 10.
- Changes to compat/getentropy_solaris.c for,
  ifdef stdint.h inclusion for older systems.  ifdef sha2.h inclusion
  for older systems.
- Fix 'make test' to work for --disable-sha1 configure option.
- Fix out-of-bounds null-byte write in sldns_bget_token_par while
  parsing type WKS, reported by Luis Merino from X41 D-Sec.
- Updated sldns_bget_token_par fix for also space for the zero
  delimiter after the character.  And update for more spare space.
- Fix #138: stop binding pidfile inside chroot dir in systemd service
  file.
- Fix the relationship between serve-expired and prefetch options,
  patch from Saksham Manchanda from Secure64.
- Fix unreachable code in ssl set options code.
- Removed the dnscrypt_queries and dnscrypt_queries_chacha tests,
  because dnscrypt-proxy (2.0.36) does not support the test setup
  any more, and also the config file format does not seem to have the
  appropriate keys to recreate that setup.
- Fix crash after reload where a stats lookup could reference old key
  cache and neg cache structures.
- Fix for memory leak when edns subnet config options are read when
  compiled without edns subnet support.
- Fix auth zone support for NSEC3 records without salt.
- Merge PR#150 from Frzk: Systemd unit without chroot.  It add
  contrib/unbound_nochroot.service.in, a systemd file for use with
  chroot: "", see comments in the file, it uses systemd protections
  instead.  It was superceded by #151, the unbound_portable.service
  file.
- Merge PR#155 from Robert Edmonds: contrib/libunbound.pc.in: Fixes
  to Libs/Requires for crypto library dependencies.
- iana portlist updated.
- Fix to silence the tls handshake errors for broken pipe and reset
  by peer, unless verbosity is set to 2 or higher.
- Merge PR#147; change rfc reference for reserved top level dns names.
- Fix #157: undefined reference to `htobe64'.
- Fix subnet tests for disabled DSA algorithm by default.
- Update contrib/fastrpz.patch for clean diff with current code.
- updated .gitignore for added contrib file.
- Add build rule for ipset to Makefile
- Add getentropy_freebsd.o to Makefile dependencies.
- Fix memory leak in error condition remote.c
- Fix double free in error condition view.c
- Fix memory leak in do_auth_zone_transfer on success
- Stop working on socket when socket() call returns an error.
- Check malloc return values in TLS session ticket code
- Fix fclose on error in TLS session ticket code.
- Add assertion to please static analyzer
- Fixed stats when replying with cached, cname-aliased records.
- Added missing default values for redis cachedb backend.
- Fix num_reply_addr counting in mesh and tcp drop due to size
  after serve_stale commit.
- Fix to create and destroy rpz_lock in auth_zones structure.
- Fix to lock zone before adding rpz qname trigger.
- Fix to lock and release once in mesh_serve_expired_lookup.
- Fix to put braces around empty if body when threading is disabled.
- Fix num_reply_states and num_detached_states counting with
  serve_expired_callback.
- Cleaner code in mesh_serve_expired_lookup.
- Document in unbound.conf manpage that configuration clauses can be
  repeated in the configuration file.
- Document 'ub_result.was_ratelimited' in libunbound.
- Fix use after free on log-identity after a reload; Fixes #163.
- Fix with libnettle make test with dsa disabled.
- Fix contrib/fastrpz.patch to apply cleanly.  Fix for serve-stale
  fixes, but it does not compile, conflicts with new rpz code.
- Fix to clean memory leak of respip_addr.lock when ip_tree deleted.
- Fix compile warning when threads disabled.

(he)

doc: Updated editors/bvi to 1.4.1

(nia)

bvi: Update to 1.4.1

New in release 1.4.1
====================

* Minor fixes

(nia)

rust: src/bootstrap/bin/rustc.rs is not patched, so exclude from SUBST

(ryoon)

Use USE_TOOLS += byacc instead of explicitely adding build dependency

(cheusov)

doc: Updated net/nsd to 4.2.4

(ryoon)

nsd: Update to 4.2.4

Changelog:
3 December 2019: Wouter
- Fix #52: do not log transient network full errors unless higher
  verbosity is set.
- Fix checkconf test for new error output string.
- tag for 4.2.4rc1 release.

27 November 2017 Jeroen
- Fix regressions in configparser.y

22 November 2019: Wouter
- Fix #48: Add make distclean that removes config.h made by configure.
  And add maintainer-clean that removes bison and flex output.

18 November 2019: Wouter
- Detect fixed time memcmp for openssl 0.9.8 compatibility.
- Detect EC_KEY_new_by_curve_name for openssl 0.9.8.
- include limits.h for UINT_MAX.
- If no recvmmsg, dont use msg_flags member, but errno for error,
  where our fallback function left it, msg_flags also does not exist
  on some systems.
- Remove unused variable warning for portability.

14 November 2019: Wouter
- Fix checkconf test with filenames that sort in the same order.
- Tag for 4.2.3rc1.  Branch master is 4.2.4 in development.

11 November 2019: Wouter
- Fix #44: document that remote-control is a top-level nsd.conf
  attribute.
- Fix compile on OSX.
- Fix for #44: nicer top-level clause documentation.

22 October 2019: Jeroen
- Number of different UDP handlers has been reduced to one. recvmmsg
  and sendmmsg implementations are now used on all platforms.
  Compatible implementations are in place for systems that lack the
  system calls.
- Socket options are now set in designated functions for easy reuse.
- Socket setup has been simplified for easy reuse.
- Configuration parser is now aware of the context in which an option
  was specified.

21 October 2019: Wouter
- For #21 add
  contrib/patch_for_s6_startup_and_other_service_supervisors.diff
  that adds support for readiness notification with READY_FD from
  Cameron Nemo.

17 October 2019: Jeroen
- Fix #40: Merge small fixes for confine-to-zone by Greg Bock.

15 October 2019: Jeroen
- For #39: Merge confine-to-zone feature contributes by Greg Bock.

26 September 2019: Wouter
- Fix #38: log address and failure reason with tls handshake errors,
  squelches (the same as unbound) some unless high verbosity is used.
- Fixup clang analysis warning in xfrd_parse_received_xfr_packet
  master dereference.

25 September 2019: Wouter
- The nsd.conf includes are sorted ascending, for include statements
  with a '*' from glob.

16 September 2019: Wouter
- Fixup warnings during --disable-ipv6 compile.
- Fixup unit test executable to run without IPv6.

4 September 2019: Wouter
- Fix #35: excessive logging of ixfr failures, it stops the log when
  fallback to axfr is possible. log is enabled at high verbosity.

2 September 2019: Wouter
- For #21: pidfile "" allows to run NSD without a pidfile, for
  startup management tools like daemontools.

28 August 2019: Wouter
- In tests check for tls test tool availability.

(ryoon)

doc: Updated www/php-nextcloud to 18.0.1

(ryoon)

php-nextcloud: Update to 18.0.1

Changelog:
Changes

    [stable18] Fix cursor on disabled contenteditable divs (server#18961)
    Bump style-loader from 1.1.2 to 1.1.3 (server#18982)
    [stable18] Increase the timeout for app downloads (server#19025)
    [stable18] Fix loaded controller check (server#19060)
    [stable18] Allow to await the sidebar (server#19089)
    [stable18] expose Argon2 options (as we did for bcrypt) (server#19094)
    [stable18] fix multiselect actions for files (server#19108)
    [stable18] Adjust filelist color handling to new dark theme value (server#19117)
    [stable18] Reduce legacy event log level to debug (server#19118)
    [stable18] New file menu needs to be above the filelist header (server#19119)
    [stable18] Do not invert avatar colors when dark theme is enabled (server#19121)
    [stable18] Use the target for file notifications (server#19149)
    [stable18] Use correct appid for talk (server#19150)
    [stable18] add hub bundle for easy installation on upgraded instances (server#19153)
    [stable18] apps can have polyamorous relationships with bundles (server#19166)
    [stable18] Use themed favicon-fb (server#19189)
    [stable18] Fix "Call to undefined method OCA\\WorkflowEngine\\Entity\\File::t()" (server#19190)
    [stable18] Fix query selector for inverted icons (server#19206)
    [stable18] Do not encode contacts menu mailto links (server#19207)
    [stable18] Give the sharing tab a unique id so it also opens properly on other languages (server#19212)
    [stable18] WebcalRefreshJob: Fix reading refresh rate (server#19228)
    [stable18] Make sure to catch php errors during job execution (server#19269)
    [stable18] Center Buttons (server#19271)
    [stable18] Use the l10n from settings (server#19277)
    [stable18] Use proper andwhere clause (server#19278)
    [stable18] Add move (and firstlogin) option to transferownership service (server#19279)
    [stable18] for the DB ot pick an index specify the object_type (server#19283)
    [stable18] owner transfer multiselect fixes (server#19291)
    [stable18] Allow respecting PASSWORD_DEFAULT (server#19292)
    [stable18] Keep the modification time during decryptFile (server#19297)
    [stable18] Fix data Apache2 .htaccess typo (server#19302)
    [stable18] Fix display of DTEND for multi-day all-day event (server#19308)
    [stable18] do not overwrite global user auth credentials with empty values (server#19315)
    [stable18] Fix occ maintenance:install database connect failure (server#19326)
    [stable18] Fix event type (server#19330)
    [stable18] Array access on int will fail on php7.4 (server#19332)
    [stable18] Make sure the default share provider does not execute for other things (server#19334)
    [stable18] Disable link shares of disabled users (server#19340)
    [stable18] Prevent archieved download on secure view (server#19360)
    [stable18] Log Flow activity (server#19396)
    [stable18] Allow to serve static webm directly (server#19420)
    18.0.1 final (server#19422)
    [stable18] Allow to serve static mp4 directly (server#19428)
    [stable18] Update master php testing versions (activity#417)
    Update stable18 target versions (activity#418)
    [stable18] Update master php testing versions (files_pdfviewer#164)
    Update stable18 target versions (files_pdfviewer#165)
    Update stable18 target versions (files_texteditor#194)
    Update stable18 target versions (firstrunwizard#274)
    Update stable18 target versions (logreader#313)
    [stable18] Update master php testing versions (nextcloud_announcements#64)
    Update stable18 target versions (nextcloud_announcements#65)
    Update stable18 target versions (notifications#547)
    [stable18] Add linting via github actions (notifications#555)
    [stable18] Support Strict VoIP push notifications for iOS 13 SDK (notifications#565)
    [stable18] Update master php testing versions (password_policy#93)
    Update stable18 target versions (password_policy#94)
    [stable18] Lint with github actions (photos#153)
    [stable18] No more drone. Do it all on github actions (photos#158)
    [stable18] Respect .noimage and .nomedia files (photos#160)
    [stable18] added headers for your photos and favs (photos#172)
    [stable18] Fix/actions (photos#174)
    [stable18] Fix url escaping (photos#175)
    [stable18] Use actions from tutorial (photos#181)
    Update stable18 target versions (privacy#323)
    Update stable18 target versions (recommendations#182)
    Update stable18 target versions (serverinfo#170)
    [stable18] Update master php testing versions (survey_client#104)
    Update stable18 target versions (survey_client#105)
    [stable18] GitHub actions/lint (viewer#368)
    Fix url escaping (viewer#370)
    [stable18] Adjust tests syntax & formatting (viewer#379)
    [stable18] Use actions from tutorial (viewer#385)
    [stable18] Revert "Fix url escaping" (viewer#396)

(ryoon)

mpv: Add workaround for Swift static libraries on 10.15.

This will eventually need to be moved into the infrastructure once Swift
becomes more prevalent and we're able to handle any alternative layouts
that might be required.

(jperkin)

doc: Updated chat/ircd-hybrid to 8.2.29

(fox)