Use generic SSL version method instead of ancient SSLv3-only. Adjust
PLIST to match reality. Bump revision.

(joerg)

Needs libXcursor.

(joerg)

Needs pkg-config.

(joerg)

Ignore truncation warnings from clang, e.g. on implicit casts from
INT64_T to float/double.

(joerg)

Update for doxygen changes. Bump revision.

(joerg)

Needs bsdtar to extract.

(joerg)

Needs ocaml-cohttp.

(joerg)

Always use C++11 STL and not TR1 on Unix.

(joerg)

qemu: fix build on macOS

(adam)

vvvvvv: Use physfs from pkgsrc.

Bump PKGREVISION

(nia)

slim: already depends on dbus, don't add it a second time.

(maya)

doc: Updated x11/slim to 1.3.6nb3

(maya)

slim: seems to require global dbus in order to successfully start things.

Make the rc.d script depend on dbus to have successful startup.
Add PREFIX/bin to path, so it works better with pkgsrc environments even
in the base xsrc case.

Bump PKGREVISION.

(maya)

vvvvvv: DESCR note

(nia)

doc: Added games/vvvvvv version 0.0.0.20200110

(nia)

games: Add vvvvvv

VVVVVV is a platform game all about exploring one simple mechanical idea -
what if you reversed gravity instead of jumping?

The game is designed not to artificially gate your progress. In VVVVVV there
are no locks, no power-ups, no switches, nothing to stop you progressing
except the challenges themselves.

(nia)

doc: Updated time/xtide to 2.15.2

(plunky)

update XTide to 2.15.2

Changes are many, it has been 13 years of development. See

  https://flaterco.com/xtide/changelog.html

for more information

(plunky)

doc: Added databases/libtcd version 2.2.7r2

(plunky)

add libtcd

(plunky)

add libtcd version 2.2.7-r2:

libtcd provides a software API for reading and writing Tide Constituent
Database (TCD) files.

The TCD file format and schema are used by XTide to retrieve constituent
definitions (speeds, equilibrium arguments, and node factors), harmonic
constants, subordinate station offsets and associated metadata for use
in generating tide predictions.

The TCD file format and schema were originally designed by Jan Depner
to improve the performance of XTide and to meet additional requirements
of the U.S. Naval Oceanographic Office (NAVO).  They are now maintained
primarily by David Flater.

The design goals for TCD included:

Available without installing heavy external packages.
Efficient for indexing and loading of stations.
Compact file format.
Translatable without loss from legacy XTide .txt and .xml files.
Exportable to legacy .txt and .xml formats.
Modifiable by end user using tideEditor.
Able to detect tampering (usually, misguided attempts to edit the
database in a word processor).

(plunky)

unrealircd: Build fix: don't accidentally detect epoll on SunOS

(nia)

anope: Build fix: Don't check for presence of epoll header on SunOS

In file included from /home/pbulk/build/chat/anope/work/anope-2.0.7-source/src/socketengines/socketengine_epoll.cpp:18:0:
/usr/include/sys/epoll.h:1:2: error: #error "This header has been disabled to stop its functionality from being used."
#error "This header has been disabled to stop its functionality from being used."
  ^~~~~
/home/pbulk/build/chat/anope/work/anope-2.0.7-source/src/socketengines/socketengine_epoll.cpp:23:20: error: 'epoll_event' was not declared in this scope

(nia)

Pullup tickets #6113 and #6115

(bsiegert)

Pullup ticket #6115 - requested by nia
net/libtorrent-rasterbar: NetBSD 8 build fix

Revisions pulled up:
- net/libtorrent-rasterbar/Makefile                            1.2-1.3
- net/libtorrent-rasterbar/PLIST                                1.2
- net/libtorrent-rasterbar/distinfo                            1.2-1.3
- net/libtorrent-rasterbar/patches/patch-include_libtorrent_buffer.hpp 1.2

---
  Module Name:    pkgsrc
  Committed By:  nia
  Date:          Sat Jan  4 16:49:12 UTC 2020

  Modified Files:
          pkgsrc/net/libtorrent-rasterbar: Makefile PLIST distinfo

  Log Message:
  libtorrent-rasterbar: Update to 1.2.3

  Changes:

      fix erroneous event=completed tracker announce when checking files
      promote errors in parsing listen_interfaces to post listen_failed_alert
      fix bug in protocol encryption/obfuscation
      fix buffer overflow in SOCKS5 UDP logic
      fix issue of rapid calls to file_priority() clobbering each other
      clear tracker errors on success
      optimize setting with unlimited unchoke slots
      fixed restoring of trackers, comment, creation date and created-by in resume data
      fix handling of torrents with too large pieces
      fixed division by zero in anti-leech choker
      fixed bug in torrent_info::swap

---
  Module Name:    pkgsrc
  Committed By:  nia
  Date:          Fri Jan 10 11:52:05 UTC 2020

  Modified Files:
          pkgsrc/net/libtorrent-rasterbar: Makefile distinfo
          pkgsrc/net/libtorrent-rasterbar/patches:
              patch-include_libtorrent_buffer.hpp

  Log Message:
  libtorrent-rasterbar: Let's not peek into internal malloc properties.

(bsiegert)

Pullup ticket #6113 - requested by nia
www/firefox68: security fix (zero-day)

Revisions pulled up:
- www/firefox68/Makefile                                        1.7-1.8
- www/firefox68/distinfo                                        1.6-1.7
- www/firefox68/patches/patch-rust-1.39.0                      deleted

---
  Module Name: pkgsrc
  Committed By: nia
  Date: Wed Jan  8 21:49:32 UTC 2020

  Modified Files:
  pkgsrc/www/firefox68: Makefile distinfo
  Removed Files:
  pkgsrc/www/firefox68/patches: patch-rust-1.39.0

  Log Message:
  firefox68: Update to 68.4.0

  Security Vulnerabilities fixed in Firefox ESR 68.4:

  # CVE-2019-17015: Memory corruption in parent process during new content process initialization on Windows
  # CVE-2019-17016: Bypass of @namespace CSS sanitization during pasting
  # CVE-2019-17017: Type Confusion in XPCVariant.cpp
  # CVE-2019-17021: Heap address disclosure in parent process during content process initialization on Windows
  # CVE-2019-17022: CSS sanitization does not escape HTML tags
  # CVE-2019-17024: Memory safety bugs fixed in Firefox 72 and Firefox ESR 68.4

---
  Module Name: pkgsrc
  Committed By: nia
  Date: Thu Jan  9 20:51:59 UTC 2020

  Modified Files:
  pkgsrc/www/firefox68: Makefile distinfo

  Log Message:
  firefox68: Update to 68.4.1

  This release fixes one zero-day vulnerability:

  CVE-2019-17026: IonMonkey type confusion with StoreElementHole and FallibleStoreElement

  Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion.
  We are aware of targeted attacks in the wild abusing this flaw

(bsiegert)

Revbump Go packages after Go default version bump.

(bsiegert)

doc: note poppler* update to 0.84.0

(wiz)

poppler*: update to 0.84.0

Release 0.84.0:
        core:
        * Fix crash when converting from Unicode to ASCII-7
        * Splash::scaleImageYdXu: Protect against crash if srcWidth is too big
        * JBIG2Stream: fix potential crash in malformed documents
        * JBIG2Stream: fix leak in reset() if called several times
        * Internal code improvements

        utils:
        * pdfimages: Add error message if first page is larger then number of pages.
        * pdfinfo: Improved paper size recognition
        * pdfsig: Fix exit code when dumping signatures
        * pdftocairo: Error out when even/odd selects 0 pages
        * pdftohtml: Fix memory leak
        * pdftoppm: Add an option to scale before rotate
        * pdftoppm: Add -hide-annotations option
        * pdftoppm: Error out when even/odd selects 0 pages
        * pdftops: Improve -optimizecolorspace

        qt5:
        * Code cleanups

        glib:
        * Fix compiler warrnings

Release 0.83.0:
        core:
        * Improve when a file is recognized as Linearized
        * Improve const-ness of the code
        * Make code a bit more readable/maintanable
        * Fix uninitialized memory uses in broken files

        utils:
        * pdffonts: Make code a bit more readable/maintanable
        * pdftohtml: Make code a bit more readable/maintanable

        qt5:
        * Remove a bunch of unused internal functions
        * trUtf8 -> tr (less warnings)

        build system:
        * make-glib-api-docs: switch to python3

(wiz)

go: use go113 as the default for building packages.

I did a preliminary bulk build to find build failures resulting from this
change and fixed the fallout in www/grafana. Everything else seemed to be
ok.

(bsiegert)

go112 and go113 updates

(bsiegert)

Update go112 to 1.12.15.

These releases include fixes to the runtime and to the
net/http package.

The macOS releases enable the Hardened Runtime. See
https://golang.org/issue/34986 for details.

View the release notes for more information:
    https://golang.org/doc/devel/release.html#go1.13.minor

(bsiegert)

doc: note gstreamer1 updates

(wiz)

gstreamer: update to 1.16.2

The second 1.16 bug-fix release (1.16.2) was released on 3 December 2019.

This release only contains bugfixes and it should be safe to update from 1.16.1.

Highlighted bugfixes in 1.16.2

    Interlaced video scaling fixes
    CineForm video support in AVI
    audiorate: avoid glitches due to rounding errors after changing rate
    Command line tool output printing improvements on Windows
    various performance improvements, memory leak fixes and security fixes
    VP9 decoding fixes
    avfvideosrc: Explicitly request video permission on macOS 10.14+
    wasapi: bug fixes and stability improvements
    webrtc-audio-processing: fix segmentation fault on 32-bit windows
    tsdemux: improved handling of certain discontinuities
    vaapi h265 decoder: wait for I-frame before trying to decode

gstreamer

    gst-launch: Fix ugly stdout on Windows
    tee: Make sure to actually deactivate pads that are released
    bin: Drop need-context messages without source instead of crashing
    gst: Don't pass miniobjects to GST_DEBUG_OBJECT() and similar macros
    tracers: Don't leak temporary GstStructure

gst-plugins-base

    xvimagepool: Update size, stride, and offset with allocated XvImage
    video-converter: Fix RGB-XYZ-RGB conversion
    audiorate: Update next_offset on rate change
    audioringbuffer: Reset reorder flag before check
    audio-buffer: Don't fail to map buffers with zero samples
    videorate: Fix max-duplication-time handling
    gl/gbm: ensure we call the resize callback before attempting to draw
    video-converter: Various fixes for interlaced scaling
    gstrtspconnection: messages_bytes not decreased
    check: Don't use real audio devices for tests
    riff: add CineForm mapping
    glfilters: Don't use static variables for storing per-element state
    glupload: Add VideoMetas and GLSyncMeta to the raw uploaded buffers
    streamsynchronizer: avoid pad release race during logging.
    gst-play: Use gst_print* to avoid broken stdout string on Windows

gst-plugins-good

    vp9dec: Fix broken 4:4:4 8bits decoding
    rtpsession: add locking for clear-pt-map
    rtpL16depay: don't crash if data is not modulo channels*width
    wavparse: Fix push mode ignoring audio with a size smaller than segment buffer
    wavparse: Fix push mode ignoring last audio payload chunk
    aacparse: fix wrong offset of the channel number in adts header
    jpegdec: Fix incorrect logic in EOI tag detection
    videocrop: Also update the coordinate when in-place
    jpegdec: don't overwrite the last valid line
    vpx: Error out if enabled and no features found
    v4l2videodec: ensure pool exists before orphaning it
    v4l2videoenc: fix type conversion errors
    v4l2bufferpool: Queue number of allocated buffers to capture
    v4l2object: fix mpegversion number typo
    v4l2object: Work around bad TRY_FMT colorimetry implementations

gst-plugins-bad

    avfvideosrc: Explicitly request video permission on macOS 10.14+
    wasapi: Various fixes and a workaround for a specific driver bug
    wasapi: Move to CoInitializeEx for COM initialization
    wasapi: Fix runtime/build warnings
    waylandsink: Commit the parent after creating subsurface
    msdkdec: fix surface leak in msdkdec_handle_frame
    tsmux: Fix copying of buffer region
    tsdemux: Handle continuity mismatch in more cases
    tsdemux: Always issue a DTS even when it's equal to PTS
    openexr: Fix build with OpenEXR 2.4 (and also OpenEXR 2.2 on Ubuntu 18.04)
    ccextractor: Always forward all sticky events to the caption pad
    pnmdec: Return early on ::finish() if we have no actual data to parse
    ass: avoid infinite unref loop with bad data
    fluidsynth: add sf3 to soundfont search path
    webrtcdsp/webrtcechoprobe segmentation fault on windows (1.16.0 x86)

gst-libav

    avvidenc: Fix error propagation
    avdemux: Fix segmentation fault if long_name is NULL
    avviddec: Fix huge leak caused by circular reference
    avviddec: Enforce allocate new AVFrame per input frame
    avdec_mpeg2video (and probably more): Huge memory leak in git master

gst-rtsp-server

    rtsp-media: Use lock in gst_rtsp_media_is_receive_only
    rtsp-client: RTP Info when completed_sender
    rtsp-client: fix location uri-format by getting uri directly from context instead

gstreamer-vaapi

    meson build: halt configuration if no renderer API
    libs: decoder: h265: skip all pictures prior the first I-frame
    libs: window: x11: Avoid usage of deprecated API

gst-editing-services

    Initialize debug categories before usage

gst-build

    gst-env: Use locally built GStreamer utility programs

(wiz)

doc: Update shells/pbosh to 20191205

(micha)

shells/pbosh: Update to 20191205

Based on Schily Tools Release 2019-12-05.

AN-2019-11-11:
-  libschily: the new functions wcastoi wcastol wcastolb that have been
    added with the previous release have been forgotten in the linker map
    file.

AN-2019-12-05:
-  include/schily/stdio.h: We no longer define getc_unlocked() on Solaris
    in case that it is defined already. This was needed since Oracle
    Solaris 11.4 compiles 64 bit by default and made stdio less opaque
    than before - this result in the same bahavior as for 32 bit programs.
    This means, we no longer need to use tricks to get fast access to
    stdio.

    Thanks to Rolf Dietze for reporting.

-  libschily: the function getargs() and similar (from the option parser
    group) fixed a bug that prevented the usability of the official method
    to include the char '+' inside option names by quoting the character
    in the option name used in the format string.

    This bug has been fixed in order to be able to support "star -dump+ ..."

-  libshedit: because of the changes in Oracle Solaris 11.4, we need to
    #undef FAST_GETC_PUTC in order to avoid to use getc_unlocked().

    Thanks to Rolf Dietze for reporting.

-  Bourne Shell/bsh: */hashcmd.c did not handle a malloc()ed string
    correctly and could cause a memory leak with hash commands that
    do not add new aliases.

    We now create a copy using make()/makestr() before calling ab_push()
    or ab_insert() and always free "name" at the end of the function
    hashcmd()

-  Bourne Shell: The man page now documents that the command

        "set -o hashcmds"

    inside the file $HOME/.shrc makes a # on the fist column of that
    file and followed by a non-space character, no longer a comment..
    It is thus recommended to have "set -o hashcmds" close to the.
    bottom of the file $HOME/.shrc

(micha)

doc: Update shells/bosh to 20191205

(micha)

Update go113 to 1.13.6.

These releases include fixes to the runtime and to the
net/http package.

The macOS releases enable the Hardened Runtime. See
https://golang.org/issue/34986 for details.

View the release notes for more information:
    https://golang.org/doc/devel/release.html#go1.13.minor

(bsiegert)

shells/bosh: Update to 20191205

Based on Schily Tools Release 2019-12-05.

AN-2019-11-11:
-  libschily: the new functions wcastoi wcastol wcastolb that have been
    added with the previous release have been forgotten in the linker map
    file.

AN-2019-12-05:
-  include/schily/stdio.h: We no longer define getc_unlocked() on Solaris
    in case that it is defined already. This was needed since Oracle
    Solaris 11.4 compiles 64 bit by default and made stdio less opaque
    than before - this result in the same bahavior as for 32 bit programs.
    This means, we no longer need to use tricks to get fast access to
    stdio.

    Thanks to Rolf Dietze for reporting.

-  libschily: the function getargs() and similar (from the option parser
    group) fixed a bug that prevented the usability of the official method
    to include the char '+' inside option names by quoting the character
    in the option name used in the format string.

    This bug has been fixed in order to be able to support "star -dump+ ..."

-  libshedit: because of the changes in Oracle Solaris 11.4, we need to
    #undef FAST_GETC_PUTC in order to avoid to use getc_unlocked().

    Thanks to Rolf Dietze for reporting.

-  Bourne Shell/bsh: */hashcmd.c did not handle a malloc()ed string
    correctly and could cause a memory leak with hash commands that
    do not add new aliases.

    We now create a copy using make()/makestr() before calling ab_push()
    or ab_insert() and always free "name" at the end of the function
    hashcmd()

-  Bourne Shell: The man page now documents that the command

        "set -o hashcmds"

    inside the file $HOME/.shrc makes a # on the fist column of that
    file and followed by a non-space character, no longer a comment..
    It is thus recommended to have "set -o hashcmds" close to the.
    bottom of the file $HOME/.shrc

(micha)

doc: Update archivers/star to 1.6.1nb4

(micha)

doc: Updated textproc/p5-Swim to 0.1.48

(schmonz)

Update to 0.1.48. From the changelog:

- Fix a formatting bug from ingydotnet/git-subrepo
- Fix for https://github.com/ingydotnet/inline-pm/pull/74

(schmonz)

archivers/star: Update to 1.6.1nb4

Based on Schily Tools Release 2019-12-05.

AN-2019-11-11:
-  libschily: the new functions wcastoi wcastol wcastolb that have been
    added with the previous release have been forgotten in the linker map
    file.

-  star: When using star -copy, the default is now -no-secure-links.
    This is what users like since they are copying their own data that
    per definition cannot be untrusted external data.

-  star: star -diff is now "more smooth" to use, when the archive type
    is GNU TAR and the "atime" or "ctime" properties are not present
    for a specific file. Before, Jan 1 1970 was the assumed time in
    the archive.

-  star: star -diff now prints a diff statistics summary.

-  star: New version date

AN-2019-12-05:
-  include/schily/stdio.h: We no longer define getc_unlocked() on Solaris
    in case that it is defined already. This was needed since Oracle
    Solaris 11.4 compiles 64 bit by default and made stdio less opaque
    than before - this result in the same bahavior as for 32 bit programs.
    This means, we no longer need to use tricks to get fast access to
    stdio.

    Thanks to Rolf Dietze for reporting.

-  libschily: the function getargs() and similar (from the option parser
    group) fixed a bug that prevented the usability of the official method
    to include the char '+' inside option names by quoting the character
    in the option name used in the format string.

    This bug has been fixed in order to be able to support "star -dump+ ..."

-  libshedit: because of the changes in Oracle Solaris 11.4, we need to
    #undef FAST_GETC_PUTC in order to avoid to use getc_unlocked().

    Thanks to Rolf Dietze for reporting.

-  libfind: A new function walksname() has been added to set up the
    internals in "struct WALK" for external path names. This feature is
    needed to support "star -c list=names -find ...".

-  libfind: The functions fetchdir()/dfetchdir(), sortdir(), cmpdir() now
    use size_t instead of int for the entry number count and the allocated
    size.

    This breaks binary compatibility in 64 bit mode for those users only,
    that use the interfaces fetchdir()/dfetchdir(), sortdir(), cmpdir().

    The only application that currently uses these interfaces is "star".
    Simple users of libfind and programs compiled as 32 bit programs
    are not affected by the change.

    Warning: packetizers need to take care of the changed name of the
    shared library file for libfind.

-  libfind: Because of the binary incompatible change, we incremented
    the major library version number from 3 to 4.

    WARNING: This affects only distros that ship 64 bit versions of star
    using a shared version of libfind.

    Since Solaris defaults to 32 bit programs, this is expected to only
    affect Linux distros.

-  libstreamar: unicode.c has been changed to make sure that is works even
    in case that the "len" parameter is an unsigned.

-  libstreamar: to_utf8() from unicode.c has been rewritten to use size_t.
    instead of int. Several changes have been introduced in the other
    code as well.

-  libstreamar: from_utf8() from unicode.c has been rewritten to use size_t.
    instead of int. Several changes have been introduced in the other
    code as well.
-  star: The new-volume-script= script is now called at the end of
    _every tape_, even at the last one. This now allows to have a script
    that automatically renames a standard archive name into numbered
    archive names when a tree should be splitted into chunks, e.g. with
    this command line:

        star -c f=/tmp/v.tar tsize=1G new-volume-script='sh -c \
            "mv /tmp/v.tar /tmp/v$(($1-1)).tar" nv' .

    you get partial archives named /tmp/v1.tar ... /tmp/vn.tar

    Note that this would not work in case that "sh" is the historical
    Bourne Shell, e.g. as seen on Solaris 10. This is because
    "shell arithmetics" is a feature that was not present in the historical
    Bourne Shell.

-  star: The man page now mentions that "star cli=tar ..." works as an
    alias to "star cli=suntar ...".

-  star: The man page now mentions that "star cli=gnutar ..." does not
    impement the bugs from the GNU option parser.

-  star: Is "star cli=xxx ..." is used, then star now calls
    set_progname(xxx) and thus prints error messages labelled with the
    command line interface name.

-  star: In "pax" command line mode, star now uses -no-fsync as default
    in order to behave the same way as the closed source Solaris pax
    does.

-  star: Star now allows to combine the option list=names with -find
    This is useful, whenever a list of filenames is longer than ARG_MAX and
    thus cannot be used in the star command line after -find.

    Here is an example on how to use the new feature in a mercurial.
    based development environment:

        (hg status -a; hg status -m; hg status -c) | sed -e 's/^. //' > .hgfiles
        star -c list=.hgfiles -find -mtime -100 > /tmp/new.tar

    The first command puts all files under control of mercurial into
    thw file ".hgfiles" , while omitting the compile results from the
    file ".hgfiles".

    The second command takes that list and puts only those files into
    the archive that have been modified during the past 100 days.

-  star: A new option "-dump+" allows to have the "SCHILY.volhdr.hostname"
    meta data field filled out even when not making dumps with an
    associated dump level. This helps to remember the origin of tar
    archives.

-  star: unicode.c has been changed to use the same comment as unicode.c
    in libstreamar.

-  star: unicode.c has been changed to make sure that is works even.
    in case that the "len" parameter is an unsigned.

-  star: to_utf8() from unicode.c has been rewritten to use size_t.
    instead of int. Several changes have been introduced in the other
    code as well.

-  star: from_utf8() from unicode.c has been rewritten to use size_t.
    instead of int. Several changes have been introduced in the other
    code as well.

-  star: due to the incompatible interface change in libfind (see
    above), several changes have been introduced in order to use size_t
    instead of int for fetchdir()/dfetchdir(), sortdir(), cmpdir().

    This finally permits star to be able to make use of the current POSIX
    maximum meta data size for so called "pax" archives (TAR archives
    with POSIX.1-2001 meta data enhancements derived from the Solaris 7
    concept for tar from 1997). Previous versions of star have been
    limited to data no longer than 2 GB (even though the star main code
    supports 8 GB file size), this version now supports 8 GB for the.
    sum of all meta data for a single file in case a 64 bit binary from
    star is used.

-  star: the fifo now has a new variant of te function runfifo() that
    is used by the new fifo(1) standalone program. See below.

-  star: The README now mentions the new "star cli= ..." method and
    the fact that star deals with infinite path name length.

(micha)

doc: Updated pkgtools/pkg_alternatives to 1.7

(leot)

pkg_alternatives: Update to 1.7

Changes:
1.7
---
- Adjust pkg_alternatives(8) to point to the real user configuration wrapper
  file and bump date

(leot)

doc: Update devel/smake to 1.3nb8

(micha)

devel/smake: Update to 1.3nb8

Based on Release 2019-12-05.

From AN-2019-11-11:
-  libschily: the new functions wcastoi wcastol wcastolb that have been
    added with the previous release have been forgotten in the linker map
    file.

From AN-2019-12-05:
-  include/schily/stdio.h: We no longer define getc_unlocked() on Solaris
    in case that it is defined already. This was needed since Oracle
    Solaris 11.4 compiles 64 bit by default and made stdio less opaque
    than before - this result in the same bahavior as for 32 bit programs.
    This means, we no longer need to use tricks to get fast access to
    stdio.

    Thanks to Rolf Dietze for reporting.

-  libschily: the function getargs() and similar (from the option parser
    group) fixed a bug that prevented the usability of the official method
    to include the char '+' inside option names by quoting the character
    in the option name used in the format string.

    This bug has been fixed in order to be able to support "star -dump+ ..."

(micha)

libtorrent-rasterbar: Let's not peek into internal malloc properties.

(nia)

supertuxkart: Build fix: 64 bit atomic ops are required on i386

(nia)

lgogdownloader: Needs 64-bit atomic ops on i386

(nia)

doc: Removed graphics/libglvnd

(nia)

graphics: Remove libglvnd.

I originally imported this thinking it'd be useful. Turns out it's only
useful when you need proprietary nvidia drivers and Mesa to coeexist, and
this isn't supported in pkgsrc anyway.

(nia)

doc: Removed emulators/zsnes

(nia)

emulators: Remove zsnes.

32-bit x86 only due to use of 32-bit assembly code, but fails to build
on i386 due to problems with atomics.

No upstream release for 12 years and numerous accuracy problems and security
problems with untrusted ROMs unfixed - use emulators/snes9x.

(nia)

buzztrax: Build fix: disable dllwrapper explicitly

This is autodetected on 32-bit x86 but causes the build to fail due to
win32 headers not being available.

(nia)

Revbump due to package change.

Revbump due to package change.

(nros)

lang/gcc9: remove reference to nonexisting gcc9-libs

(rillig)

lang/gcc9: fix build problem on CentOS 6

There may still be follow-up problems. This fix is just based on the bulk
build logs.

(rillig)

lang/gcc9: make PLIST entries conditional on NetBSD-*-x86_64

This allows to install gcc9 with all its PKG_OPTIONS disabled. This still
installs the C++ compiler. The C++ include files end up in the private
directory though.

(rillig)

firefox: update minimum dependency versions for 72.0.1

NSPR >= 4.24 and NSS >= 3.48 are now required. (Rust is unchanged at
>= 1.37.)

(gutteridge)

e16themes: amend another comment

(gutteridge)

e16themes: update a comment

(gutteridge)

Add missing rpaths to pkg-config files (pkg-config overrides)

(nros)

doc: Updated devel/nss to 3.49

(ryoon)

nss: Update to 3.49

Changelog:
Notable Changes in NSS 3.49
* The legacy DBM database, libnssdbm, is no longer built by default when
using gyp builds. See Bug 1594933 for details.

Bugs fixed in NSS 3.49
* Bug 1513586 - Set downgrade sentinel for client TLS versions lower than
1.2.
* Bug 1606025 - Remove -Wmaybe-uninitialized warning in sslsnce.c
* Bug 1606119 - Fix PPC HW Crypto build failure
* Bug 1605545 - Memory leak in Pk11Install_Platform_Generate
* Bug 1602288 - Fix build failure due to missing posix signal.h
* Bug 1588714 - Implement CheckARMSupport for Win64/aarch64
* Bug 1585189 - NSS database uses 3DES instead of AES to encrypt DB entries
* Bug 1603257 - Fix UBSAN issue in softoken CKM_NSS_CHACHA20_CTR
initialization
* Bug 1590001 - Additional HRR Tests (CVE-2019-17023)
* Bug 1600144 - Treat ClientHello with message_seq of 1 as a second
ClientHello
* Bug 1603027 - Test that ESNI is regenerated after HelloRetryRequest
* Bug 1593167 - Intermittent mis-reporting potential security risk
SEC_ERROR_UNKNOWN_ISSUER
* Bug 1535787 - Fix automation/release/nss-release-helper.py on MacOS
* Bug 1594933 - Disable building DBM by default
* Bug 1562548 - Improve GCM perfomance on aarch32

(ryoon)

lang/gcc9: split PLIST into platform-specific files

The PLISTs differ a lot between the platforms. For gathering the initial
data it is easier to just list the files per platform than trying to get
all the conditions right in the first place.

There will be conditions for operating systems, for platforms, for
features, for version-specific include files to be fixed, for installed
programming languages, for nls, and several more.

(rillig)

babl: Apply removals to post-wrapper transformed arguments.

(nia)

freeglut: Resolve "undefined symbol fghJoystickRawRead" on SunOS

From OpenIndiana:
https://github.com/OpenIndiana/oi-userland/commit/ee89e22bb41ce7ac2a00065b85cf2c7f415543d2

Bump PKGREVISION

(nia)

waf: Not replacing the executable by default is probably a good idea.

"Waf script '2.0.19' and library '2.0.18' do not match (directory '/home/nia/pkgsrc/audio/suil/work/suil-0.10.6')"

(nia)

doc: Updated www/firefox68 to 68.4.1

(nia)

firefox68: Update to 68.4.1

This release fixes one zero-day vulnerability:

CVE-2019-17026: IonMonkey type confusion with StoreElementHole and FallibleStoreElement

Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion.
We are aware of targeted attacks in the wild abusing this flaw

(nia)

doc: Updated net/6tunnel to 0.13

(nia)

6tunnel: Update to 0.13

Changes by Stuart Cardall:

    Updated help message.

Changes by Paul Warren:

    Avoid segfault in "-f" mode.

Changes by Wojtek Kaniewski:

    Support automake's "make check" target.

(nia)

mplayer, gmplayer: Link libgifutil to resolve GifQuantizeBuffer()

Add -lgifutil when -lgif is used.

(ryoon)

doc: Updated graphics/giflib to 5.2.1nb1

(ryoon)

giflib: Install libutil as libgifutil to supply GifQuantizeBuffer()

Bump PKGREVISION.

(ryoon)

doc: Updated lang/mono6 to 6.6.0.161

(ryoon)

mono6: Update to 6.6.0.161

Changelog:
WebAssembly
CoreFX integration
.NET 4.8 reference assemblies

(ryoon)

doc: Updated www/firefox-l10n to 72.0.1

(ryoon)

firefox-l10n: Update to 72.0.1

* Sync with www/firefox-72.0.1

(ryoon)

doc: Updated www/firefox to 72.0.1

(ryoon)

firefox: Update to 72.0.1

Changelog:
72.0.1
Security fixes:
#CVE-2019-17026: IonMonkey type confusion with StoreElementHole and FallibleStoreElement

72.0
New
    Firefox���s Enhanced Tracking Protection marks a major new
    milestone in our battle against cross-site tracking: we now
    block fingerprinting scripts by default for all users, taking
    a new bold step in the fight for our users��� privacy.

    Firefox replaces annoying notification request pop-ups with a
    more delightful experience, by default for all users. The
    pop-ups no longer interrupt your browsing, in its place, a
    speech bubble will appear in the address bar when you interact
    with the site.

    Picture-in-picture video is now also available in Firefox for
    Mac and Linux: Select the blue icon from the right edge of a
    video to pop open a floating window so you can keep watching
    while working in other tabs or apps. Learn how the feature
    works.

Security fixes:
#CVE-2019-17015: Memory corruption in parent process during new content process initialization on Windows
#CVE-2019-17016: Bypass of @namespace CSS sanitization during pasting
#CVE-2019-17017: Type Confusion in XPCVariant.cpp
#CVE-2019-17018: Windows Keyboard in Private Browsing Mode may retain word suggestions
#CVE-2019-17019: Python files could be inadvertently executed upon opening a download
#CVE-2019-17020: Content Security Policy not applied to XSL stylesheets applied to XML documents
#CVE-2019-17021: Heap address disclosure in parent process during content process initialization on Windows
#CVE-2019-17022: CSS sanitization does not escape HTML tags
#CVE-2019-17023: NSS may negotiate TLS 1.2 or below after a TLS 1.3 HelloRetryRequest had been sent
#CVE-2019-17024: Memory safety bugs fixed in Firefox 72 and Firefox ESR 68.4
#CVE-2019-17025: Memory safety bugs fixed in Firefox 72

(ryoon)

Pullup ticket #6114 - requested by nia
misc/raspberrypi-userland: build fix

Revisions pulled up:
- misc/raspberrypi-userland/Makefile                            1.17

---
  Module Name: pkgsrc
  Committed By: nia
  Date: Thu Jan  9 02:06:44 UTC 2020

  Modified Files:
  pkgsrc/misc/raspberrypi-userland: Makefile

  Log Message:
  raspberrypi-userland: Needs pkg-config

(bsiegert)

Pullup ticket #6112 - requested by nia
graphics/GraphicsMagick: security fix

Revisions pulled up:
- graphics/GraphicsMagick/Makefile                              1.103
- graphics/GraphicsMagick/Makefile.common                      1.25
- graphics/GraphicsMagick/distinfo                              1.51
- graphics/p5-GraphicsMagick/Makefile                          1.49

---
  Module Name: pkgsrc
  Committed By: nia
  Date: Wed Jan  8 12:11:36 UTC 2020

  Modified Files:
  pkgsrc/graphics/GraphicsMagick: Makefile Makefile.common distinfo
  pkgsrc/graphics/p5-GraphicsMagick: Makefile

  Log Message:
  GraphicsMagick: Update to 1.3.34

  1.3.34 (December 24, 2019)
  ==========================

  Special Issues:

  * It has been discovered that the 'ICU' library (a perhaps 30MB C++
    library) which is now often a libxml2 dependendency causes huge
    process initialization overhead.  This is noticed as unexpected
    slowness when GraphicsMagick utilities are used to process small to
    medium sized files.  The time to initialize the 'ICU' library is
    often longer than the time that GraphicsMagick would otherwise
    require to read the input file, process the image, and write the
    output file.  If the 'ICU' dependency can not be avoided, then make
    sure to use the modules build so there is only impact for file
    formats which require libxml2.  Please lobby the 'ICU' library
    developers to change their implementation to avoid long start-up
    times due to merely linking with the library.

  Security Fixes:

  * GraphicsMagick is now participating in Google's oss-fuzz project due
    to the contributions and assistance of Alex Gaynor. Since February 4
    2018, 386 issues have been opened by oss-fuzz (some of which were
    benign build issues) and 376 of those issues have been resolved.
    The issues list is available at
    https://bugs.chromium.org/p/oss-fuzz/issues/list under search term
    "graphicsmagick".  Issues are available for anyone to view and
    duplicate if they have been in "Verified" status for 30 days, or if
    they have been in "New" status for 90 days.  There are too many
    fixes to list here.  Please consult the GraphicsMagick ChangeLog
    file, Mercurial repository commit log, and the oss-fuzz issues list
    for details.

  Bug fixes:

  * DPS: Eliminate a memory leak.

  * Debug Trace: Only output text to terminate an XML format log file if
    XML format is active.

  * EXIF Parser: Detect non-terminal parsing and report an error.

  * EXIF Parser: Eliminate heap buffer overflows.

  * HuffmanDecodeImage(): Fix heap overflow in 32-bit applications.

  * MAT: Implement subimage/subrange support.

  * MVG: Address non-terminal loops, excessive run-time, thrown
    assertions, divide-by-zero, heap overflow, and memory leaks.

  * OpenModule(): Now properly case-insensitive, as it used to be.

  * PCX: Verify that pixel region is not negative. Assure that opacity
    channel is initialized to opaqueOpacity.  Update DirectClass
    representation while PseudoClass representation is updated.  Improve
    read performance with uncompressed PCX.

  * PICT: Fix heap overflow in PICT writer.

  * PNG: Fix validation of raw profile length.

  * PNG: Skip coalescing layers if there is only one layer.

  * PNM: Fix denial of service opportunity by limiting the length of PNM
    comment text.

  * WPG: Avoid Avoid dereferencing a null pointer.

  * WPG: Implement subimage/subrange support.

  * WPG: Improve performance when reading an embedded image.

  * Wand library: In MagickClearException(), destroy any existing
    exception info before re-initializing the exception info or else
    there will be a memory leak.

  * XPM: Rquire that image properties appear in the first 512 bytes of
    the XPM file header.

  New Features:

  * Visual Studio build supports JBIG and WebP compression in TIFF format.

  API Updates:

  * None

  Feature improvements:

  * Compliles clean using GCC 9.

  Windows Delegate Updates/Additions:

  * bzlib: bzip is updated to 1.0.8 release.

  * jbig: jbigkit is updated to 2.1 release.

  * lcms: lcms2 is updated to 2.9 release.

  * libxml: libxml2 is updated to 2.9.10 release.

  * png: libpng is updated to 1.6.37 release.

  * tiff: libtiff is updated to 4.1.0 release.

  * webp: libwebp is updated to the 1.0.3 release.

  * zlib: zlib is updated to 1.2.11 release.

  * TIFF: Now also supports reading JBIG-compressed TIFF, and
    reading/writing WebP-compressed TIFF.  A number of libtiff feature
    options which are now commonly enabled were disabled and are now
    enabled by default.

  Build Changes:

  * MinGW: Static and shared library builds were not working.  Only the
    modules build was actually working!

  * Python scripts related to the build (enabled by
    --enable-maintainer-mode) are now compatible with Python 3.

  * Now supports using Google gperftools tcmalloc library for the memory
    allocator.  This improves performance for certain repetitive
    work-loads and heavily-threaded algorithms.

  * Configure now reports the status of zstd (FaceBook Zstandard)
    compression in its configuration summary.

  * TclMagick: Address many issues mentioned by SourceForge issue #420
    "TclMagick issues and patch".

  Behavior Changes:

  * PNG: Post-processing to convert the image type in the PNG reader
    based on a specified magick prefix string is now disabled.  This can
    (and should) be done after the image has been returned.

  * Trace Logging: The compiled-in logging default is always to stderr,
    which may be over-ridden using log.mgk as soon as it is loaded.

  * Windows Build: Search registry key HKEY_CURRENT_USER as well as
    HKEY_LOCAL_MACHINE when searching for Ghostscript.  By following the
    procedure documented in SourceForge bug 615 "GhostScript
    installation check", this allows for local user installations
    without "administrator" privileges.

(bsiegert)

doc: Updated devel/cbindgen to 0.12.1

(ryoon)

cbindgen: Update to 0.12.1

Changelog:
0.12.1
* Added support for #[repr*64)] on enums. https://github.com/eqrion/cbindgen/pull/441
* Added support to generate plain enums instead of enum classes for C++. https://github.com/eqrion/cbindgen/pull/443
* Fixed dependency resolution with lockfile v2. https://github.com/eqrion/cbindgen/pull/438

0.12.0
* Added support for #[repr(align)] and #[repr(packed)] on structs and unions. https://github.com/eqrion/cbindgen/pull/431
* Added support to generate copy-assignment operators for enums. https://github.com/eqrion/cbindgen/pull/434

0.11.1
Not available

0.11.0
* Made rust char map to uint32_t. https://github.com/eqrion/cbindgen/pull/424

(ryoon)

*: py-cachetools only supports python 3.x now, pass down to dependencies

(wiz)

doc: Updated devel/py-cachetools to 4.0.0

(wiz)

py-cachetools: update to 4.0.0.

v4.0.0 (2019-12-15)
===================

- Require Python 3.5 or later.

(wiz)

doc: note updates for py-angr and friends

(wiz)