doc: Updated security/gnutls to 3.6.10

(nia)

gnutls: Update to 3.6.10

* Version 3.6.10 (released 2019-09-29)

** libgnutls: Added support for deterministic ECDSA/DSA (RFC6979)
  Deterministic signing can be enabled by setting
  GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE when calling gnutls_privkey_sign_*()
  functions (#94).

** libgnutls: add gnutls_aead_cipher_encryptv2 and gnutls_aead_cipher_decryptv2
  functions that will perform in-place encryption/decryption on data buffers (#718).

** libgnutls: Corrected issue in gnutls_session_get_data2() which could fail under
  TLS1.3, if a timeout callback was not set using gnutls_transport_set_pull_timeout_function()
  (#823).

** libgnutls: added interoperability tests with gnutls 2.12.x; addressed
  issue with large record handling due to random padding (#811).

** libgnutls: the server now selects the highest TLS protocol version,
  if TLS 1.3 is enabled and the client advertises an older protocol version first (#837).

** libgnutls: fix non-PIC assembly on i386 (#818).

** libgnutls: added support for GOST 28147-89 cipher in CNT (GOST counter) mode
  and MAC generation based on GOST 28147-89 (IMIT). For description of the
  modes see RFC 5830. S-Box is id-tc26-gost-28147-param-Z (TC26Z) defined in
  RFC 7836.

** certtool: when outputting an encrypted private key do not insert the textual description
  of it. This fixes a regression since 3.6.5 (#840).

** API and ABI modifications:
gnutls_aead_cipher_encryptv2: Added
gnutls_aead_cipher_decryptv2: Added
GNUTLS_CIPHER_GOST28147_TC26Z_CNT: Added
GNUTLS_MAC_GOST28147_TC26Z_IMIT: Added

(nia)

doc: Updated net/syncthing to 1.3.0

(nia)

syncthing: Update to 1.3.0

This release adds the "databaseTuning" config option to adjust parameters for the database size in use. The default is "auto" which automatically determines appropriate parameters. The other options are "small" (results in the parameters used previously, and used now for small databases) and "large" (results in the new parameters for large databases, regardless of the actual database size).
Bugfixes

    #5985: Log spam and high CPU use if #include path is wrong in .stignore

Enhancements

    #5138: Rate limit can be very bursty
    #5948: Improve free space checking when syncing
    #5966: Database performance: improve situation with huge databases

Other issues

    #5924: Upgrade server JSON generator
    #5991: lib/api: TestHostCheck never finishes with Go 1.13rc2 under Docker
    #5999: Allow providing your own ldflags for building

(nia)

My clock was wrong.

(prlw1)

nios2-gcc3

(maya)

nios2-gcc3: remove. The compiler built from this package hangs during the
build.

We have other nios2-gcc packages. (And it's still in the latest GCC sources)

(maya)

or1k-none-elf-gcc: skip portability checks for a libgo shell script.

We don't run it.

(maya)

Updated archivers/star to 1.6.1nb1

(micha)

star: Update to 1.6.1nb1

Switch to latest distfile.
Update PLIST.
Replaced MESSAGE with share/doc/star/INSTALL.pkgsrc.

Changelog
=========

Release 2019-03-29:
- libschily: the lutimens() emulation no longer returns ENOSYS in case
  that the lstat() call fails, since this error code may e.g. be
  ENAMETOOLONG and used as an important indicator for long path name
  handling.

  This bug caused incorrect behavior when star extracted long pathnames
  on a platform without utimensat().

- star: The code restructuring to openat() from Summer 2018 did not
  only cause a noticeable speed up even when not using -find, it at
  the same time resulted in a wrong error message when a file type
  was seen that is not archivable (e.g. a socket while using the USTAR
  format). The correct message was something like "Unsupported filetype",
  while the bug caused a "file not found " message. This has been fixed
  by adding a new parameter "fd" to the function stat_to_info().

- star: header.c::get_xhtype() we did forgot to initialize:

    finfo.f_devminorbits

  and

    finfo.f_xflags

  This is now done.

- star: The USTAR format now is able to create base-256 values in
  the field "t_devmajor". "t_devminor" did already support base-256.

- star: The GNU tar format now is able to create base-256 values in
  the fields "t_devmajor" and "t_devminor".

- star: The man page star.4 now mentions which fileds may have
  base-256 numbers.

- star: The man page star.4 now longer contains the doubled "field field"
  in the explanation of the added UID/GID number for ACLs.

- star: The man page star.4 now has a better description for the additional
  numeric fields in the ACL entries to prevent GNU tar from continuing
  with it's incompatible ACL implementation.

- star: New ACL reference archives for the ultra compact format, that has
  been defined together with the libachive people, have been added to the
  directory testscripts/:

  acl-nfsv4-compact-test.tar.gz
  acl-nfsv4-compact-test2.tar.gz
  acl-nfsv4-compact-test3.tar.gz
  acl-nfsv4-compact-test4.tar.gz
  acl-nfsv4-compact-test5.tar.gz

- star: Linux now uses the new <linux/fs.h> instead of <ext2/ext2_fs.h>
  to retrieve file flags.

  Thanks to a hint from Martin Matuska <martin@matuska.org> from the
  libarchive team.

- star: Support for the following new BSD Flags:

    compressed hidden offline rdonly reparse sparse system

  has been added.

  Thanks to a hint from Martin Matuska <martin@matuska.org> from the
  libarchive team.

- star: Support for the following new Linux flags:

    dirsync nocow notail projinherit topdir

  has been added.

  Thanks to a hint from Martin Matuska <martin@matuska.org> from the
  libarchive team.

- star: Support for reading non-comliant libarchive tarballs that use.

    "securedeletion" or "journal"

  instead of the documented text has been added. This was used by
  libarchive until March 20, when libarchive has been fixed. We introduce
  the above names for compatibility with old TARs created by libarchive.

- star: When an "old star" archive is read and this archive is from a system
  like FreeBSD with non-continous minor bits, star no longer warns unless
  there is a device file in the archive.

- star: unit tests: the scripts now contain

    LC_ALL=C export LC_ALL

  instead of just LC_ALL=C to make the environment exported.

- star/libstrar: The case where iconv() returns -1 and sets errno to E2BIG
  is now handled correctly.

- star: The testscripts/ directory now contains the tar test archives
  from the portability tests from Michal Gorny. Check

    http://cdrtools.sourceforge.net/private/portability-of-tar-features.html

  for an updated (to match star-1.6) variant of the results from the portability
  tests from Michal Gorny.

- star: older versions of star did not print the messages:

    "WARNING: Archive is 'xxx' compressed, trying to use the -xxx option.\n"

  in case that the option -print-artype was in use. Later versions that
  added support for more than "gzip" and "bzip2" forgot to add the same
  exception for the new compression methods. We now ommit this message
  for all compression types.

- star: Support for the "lzma" compression has been added.

- star: Support for the "freeze2" compression has been added.

- star: The compression method name list did not include the text "zstd".
  We added the missing text.

- star: The hint messages that are printed when a compressed input archive
  is not seekable did forgot to mention "lzip" and "zstd". We added the
  forgotten messages.

- star: New unit tests check whether star is able to auto-detect and auto
  decompress various compression formats.

- star: The unit tests now include the portability tests from Michal Gorny

- A new option cli=name (must be argv[1]) allows to select all
  supported command line interfaces (star, suntar, gnutar,
  pax, cpio) when called as star.

  This is needed to be able to test all command line interfaces from
  out unit tests since star is not installed in this case and a selection
  from argv[0] would not work.

- star: The version date is now "2019/03/20"

Release 2019-04-29:
- libfind/star: the verbose listing code has ben restructured to have
  the file permissions in the same string as the file type.
  This is needed to implement the POSIX pax listformat interpreter
  format %M in future.

- libfind/star: the verbose listing no longer prints "l" for mandatory
  record locking for non-directory type file, but rather only
  for plain files.

- star: The "gnutar" emulation now prints the --help output to stdout as
  GNU tar does.

- star: The gnutar.1 man page now mentions that the GNU tar
  options -g / -G did never work and it thus makes no sense to
  implement them.

- star: very outdated code in list.c has been removed.

- star: Added new unit tests for incremental backups and restores.
  This in special include tests that always fail with GNU tar
  as GNU tar is not usable and never was usable for incremental
  restores in case that the differences are more than trivial.

- star: new version date 2019-04-01

Release 2019-06-13:
- star: fixed a bug in the FIFO code that mainly happened on Linux (with
  a 1000x higher probability than it happens on Solaris). The bug was.
  caused, as a check for a flag has been done twice instead of only once
  where it could change it's value between both locations. As a.
  result, star reported "star: Implementation botch: with FIFO_MEOF"
  as the tar side of the FIFO did sometimes not wait for the FIFO_IWAIT
  state when called as "star -multivolume -tv f=... f=... ...
  For this reason, star incorrectly got a wakeup at the wrong location.

  The bug appeared in case that star -x/-t -multivol f=.. f=.. ....
  has been called with very small tar archives.

  Thanks to Heiko Eissfeldt for reporting.

- star: The FIFO code renamed the "flag" member of the "m_head" structure
  to "gflag" for better readability.

- star: The debugging code in the FIFO has been enhanced to print the
  names of the flag bits in addition to the hex values.

- star: A deadlock situation that happens once every 500000 tries on
  Linux with multi-volume archives has been fixed.

  The problem was caused by a complex condition where the get side
  of the FIFO needs to check the EOF FIFO flag and the amount of data
  available in the FIFO and then decide whether to wait for a wakeup or
  not.

  Since the EOF flag needs to be checked first, a context switch in
  the get side of the FIFO could allow the put side to set the EOF flag
  before the get side did check the fill ratio of the FIFO. This
  caused both the get side and the put side to wait for a wakeup.

  The new code introduced a new variable mp->mayoblock that is set by
  the get side before checking for EOF. This new flags allows the
  put side to know that the get side is just in a critical situation
  and lets the put side wait until mp->mayoblock is no longer set,
  which signals a stable state in the get side. This permits to
  avoid the deadlock.

- star: Note that the FIFO has been initially written as a lock free
  design in the late 1980's. This is to allow high portability to even
  older UNIX versions. The star FIFO works on all UNIX variants that
  support pipes and shared memory, which is e.g. the case for
  SunOS-4.0 from 1988. At the time the FIFO has been designed, the
  target OS did not support multi-CPU systems and problems in the
  FIFO first appeared with massively faster multi-CPU systems around
  y2000. The recently detected problems all have been triggered by a
  different context switch behavior on Linux, even though they could
  have appeared on any OS in case that many million tries are
  attempted.

- star: bumped version to 1.6.1

Release 2019-07-15:
- star: the compress unit test no longer fails on Cygwin because the
  gzip binary is compiled incorrectly and does not support LZW.
  The related test is now skipped.

  Thanks to Heiko Eissfeldt for reporting

- star: some new unit tests failed if the schilytools source tree has
  been installed in a directory with spaces in it's name.

  Thanks to Heiko Eissfeldt for reporting

- star: The unit tests for incremental backups include archives that
  include userid/groupid and username/groupname that may not be
  restorable on a different computer. We now ignore these ID meta.
  data when comparing the results.

  Thanks to Heiko Eissfeldt for reporting

- star: When comparing nanoseconds in time stamps, star now has a mode
  that treats time stamps as equal in case that tv_nsec % 100 == 0
  and the rest of the nano seconds is equal. This is needd on Cygwin
  since NTFS counts in 1/10 microseconds since Januar 1 1601.

  This applies to both star -diff and the "newer" check while extracting
  files.

  Thanks to Heiko Eissfeldt for reporting

- star: a new option diffopts=dnlink has been implemented to support
  filesystems that do not follow the historic UNIX model for hard links
  on directories.

  Since Cygwin usually has a linkcount of 1 on directories, you need
  to use "star -diff diffopts=!dnlink ..." if you like to diff the
  meta data from a historical UNIX filesystem.

  Thanks to Heiko Eissfeldt for reporting

- star: The incremental backup/restore tests now use.
  "star -diff diffopts=!dnlink ..." to make them work on Cygwin.

  Thanks to Heiko Eissfeldt for reporting

- star: star -c -H exustar -acl -xattr-linux .
  did cause file not found messages from the attempt to archive the
  Linux xattrs. This was caused by a change from July 2018 when trying to
  optimize directory access in (non-find) create mode. The call to read
  the Linux xattrs has now been moved to the location where in former
  times the ACL code has already been moved.

  The move is needed because there is no ACL/XATTR related function
  that is similar to openat().

- star: A similar problem with get_xattr() did exist with star -diff

- star: star -diff did not compare ACLs since getinfo() no longer
  includes a call to get_acl(). We now call get_xattr() and get_acl()
  in diff.c

- star: The Solaris ACL interface now implelements lacl() / lacl_get() /
  lacl_set() to support very long pathnames with ACLs.

- star: The Linux ACL interface now implelements lacl_get_file() /
  lacl_set_file() to support very long pathnames with ACLs on platforms
  that implement the withdrawn POSIX ACL draft.

- star: The Linux xattr interface now implelements.
  llgetxattr() / llsetxattr() / lllistxattr() to support very long
  pathnames with Linux xattrs.

- star: New version date

Release 2019-07-22:
- star: "pax -pe" no longer sets the variable "doxattr" as this caused
  an error message:

    "NFSv4 extended attribute files are not yet supported.\n"

  that caused the OpenSolaris-ON "nightly" compilation to abort as a
  result of that error and exit code != 0.

Release 2019-08-13:
- libschily: Various functions and *at() emulation functions call stat()
  even though the caller does not know about that call.

  This could cause a missbehavior in case that a file returns EOVERFLOW
  with a normal stat(). We now compile these functions in unconditional
  large file mode to overcome that problem.

  The affected files are:

  diropen.c lutimens.c findinpath.c linkat.c mkdirs.c searchinpath.c
  resolvepath.c  lchmod.c renameat.c.

  Note that this problem affected star(1) on platforms that do not
  fully implement all *at() interfaces, since star started to support
  really long path names in July 2018.

- star: Star did not compile on platforms without ACLs anymore since
  we did rearrange the code with schilytools 2019-07-15.

  We now have the needed #undef USE_ACL in diff.c as well.

  Thanks to Dennis Clarke for reporting.

- star: Avoid a warning when a star -dump archive is unpacked on FreeBSD
  or Linux with non-contiguous minor bits. The warning is not needed
  since we only use SCHILY.dev in order to detect mount points but
  not to compute the major/minor parts.

Release 2019-08-13:
- star: star -xdev -find typically works to exclude mounted files.
  It still does not always do what is expected, e.g. in case that /proc
  is in the tree of scanned files, where files deep in the new mounted
  tree suddenly have the same FS ID as other filesystems, e.g. the file
  /proc/<pid>/path/a.out.

  In such cases, "star -find -xdev" is still recommended where the
  mounted file exclusion is done inside libfind instead of being
  done inside star.

  Before, files on other filesystems have not been honored at all when
  using "star -xdev -find ...".

(micha)

doc: Updated graphics/freeglut to 3.2.1

(nia)

freeglut: Update to 3.2.1

Changes:
- pkgsrc can delete a local patch.

(nia)

Updated shells/pbosh to 20190922

(micha)

pbosh: Switch to latest distfile.

Changelog
=========

Release 2019-03-29:
- Bourne Shell: local(1), export(1) and readonly(1) now all support to.
  expand the '~' character in environment variables like e.g. PATH.

- Bourne Shell: Added unit tests for the tilde expansion and the related
  changes.

Release 2019-04-29:
- libshedit/bsh/Bourne Shell: The TAB file name expansion now uses a new
  expansion funtion that is not based on pattern matching but on strstr()
  and thus is no longer fooled by file names that contain pattern matching
  meta characters.

- Bourne Shell: "trap -- ..." now correctly handles "--" even if the next
  argument is "-".

- Bourne Shell: trap now supports a new option -p that allows to restore
  the whole trap state using the following commands:

    old_traps=$(trap -p)
    trap "some commands" INT QUIT
    ...
    eval "$old_traps"

  This is possible because "trap -p" outputs the state for all signals
  and not only for those signals that are not in the default state.

  The new trap interfase was agreed on in the 2019-04-11 POSIX
  teleconference.

  Bourne Shell: The exception for "while true; do date; done | uniq -c"
  in job control handling that has been introduced in November 2015 has
  been refined to prevent it from causing "(bosh)" to stop from SIGTTIN.

  Thanks to Robert Elz <kre@munnari.OZ.AU> for reporting.

- Bourne Shell: A new #define JOB_DEBUG has been added.

- Bourne Shell: The command:

    (trap '' SEGV; $SHELL -c 'kill -s SEGV $$; echo survived')

  caused the shell not to print "survived" because a previous exception
  for SIGSEGV from the 1977 Bourne Shell version had not been removed
  for the POSIX variant of the shell. The problem occured because it
  was possible to unignore an ignored (at startup) SIGSEGV.

  Thanks to Robert Elz <kre@munnari.OZ.AU> for reporting.

- Bourne Shell: The code now uses SIG2STR_MAX for the size of the
  sig2str() output buffer.

- Bourne Shell: the behavior related to SIGINT on the command line
  in the case that the history editor is enabled has been changed to
  match the behavior of ksh. The Bourne Shell now calls trap commands
  for SIGINT when ^C is typed on the command line.

  Note that the classical Bourne Shell behavior (which is still active
  in case the history editor has been disabled via "set +o ved") is that
  the trap command is called after ^C is followed by a CR if both are
  typed on a PS1 prompt.

  Note: The behavior for "trap" in this area is currently not specified
  in POSIX.

- Bourne Shell: After jobcontrol has been introduced into the Bourne
  Shell: When in jobcontrol mode, the shell could no longer get
  signals at the same time as foreground jobs because when using
  jobcontrol, the shell is in a different process group than the
  foreground job.

  The Bourne Shell now derives the information about a delivered signal
  from the waitid() return data and thus is now able to work the same
  way as it has been designed in 1977. This is the same way as ksh works.

  If a foreground program catches such signals, the shell is still not
  able to detect the signal, but it is now closer to the original
  behavior from 1977.

- Bourne Shell: new version date 2019-04-17

Release 2019-05-28:
- Bourne Shell: Similar to what ksh88 does, scripts are now checked
  before they are run. If there is a nul byte before a newline
  in the first 256 bytes, a file is rejected as alien binary
  instead of trying to interpret it as a script.

Release 2019-06-13:
- Bourne Shell: A new option "set -o globskipdot" has been added.
  If set, the entries "."  and ".." are skipped and not shown in globbing
  results. If not set, the entries "."  and ".." are always returned,
  even when they are not part of the readdir(3) results.

- Bourne Shell: The option "set -o globskipdot" has been made the
  new dfault behavior for "bosh", but not for "pbosh"

  Note that this new shell option has been introduced as a result
  of a related BUG discussion in the Austin Group telephone conference.
  The background is to permit shell scripts to check whether a shell
  grants to hide the "."  and ".." for all filesystems.

Release 2019-07-15:
- Bourne Shell: If OPTIND is set to a new value, the getopt() internal
  variable "_sp" is now reset to 1. This is needed in order to make sure
  that a combined option string can be parsed correctly.

- Bourne Shell/libshedit/bsh: The TAB expander now again gives .. as a.
  result if the pattern is ..

  This is needed in order to let ..TAB result in ../ on the command
  line editor.

Release 2019-09-22:
- Bourne Shell: The new function isbinary() that has been introduced
  in May and that should prevent the shell from interpreting binary
  files as shell scripts had a problem:

  In case that a disconnected TCP/IP based remote login caused a SIGTERM
  followed by the read() function on stdin returning EIO, the shell
  could go into a complex endless loop as the failing read() with
  "trapnote" set caused a longjmp() before the next prompt without first
  clearing "trapnote". As a result, the shell did hang endlessly around
  while just consuming CPU time.

  The shell now avoids to call the read() routine inside isbinary()
  when "trapnote" is set and this way is able to avoid the longjmp() on
  error.

- Bourne Shell: Fixed some typos in comment

  Thanks to Robert Clausecker for reporting

- Bourne Shell: print.c: Changed err++ for a BOOL typed variable
  into err = TRUE.

  Thanks to Robert Clausecker for reporting

- Bourne Shell, with obosh compilation type: Avoid an "unused" warning
  with word.c

- Bourne Shell: defs.h now includes an "extern int optopt;" in order
  to support Ultrix where this delcaration is missing in unistd.h.

  Thanks to Robert Clausecker for reporting

- bsh/Bourne Shell: test.c Now using a

    #if defined(S_IFPORT) && S_IFPORT != S_IFIFO

  to work around a strange definition on Ultrix

  Thanks to Robert Clausecker for reporting

- Bourne Shell: New version date

(micha)

doc: Added devel/meson version 0.51.2

(prlw1)

Add meson 0.51.2

The intention is to replace py-meson with meson to allow the possibility
of a python 3 meson to build a python 2 package.

No release notes, but
$ git log --oneline 0.51.1..0.51.2
6857936c (tag: 0.51.2, origin/0.51) Bump versions to 0.51.2 for release
267a69b1 Fix packaging.
0a460903 Fix tests for 0.51.2.
550a03ee gnome: Handle overriden g-ir-scanner
173facd4 cmake: fix missing -lpthread (fixes #5821)
ac2d69bd Pass optimization flags to rustc properly. Closes: #5788.
f2bd0812 Revert "gnome: Use find_program() to get glib-compile-resources"
acdcd736 Put native file before cross file in options list
524280db environment: simplify powerpc conditionals
51d1612d environment: simplify CPU logic via hw.machine_arch on BSDs
6b43e66e Canonicalize 'i86pc' return from platform.machine() for Solaris
bb63fe8e gnome: Use find_program() to get glib-compile-resources
c9524472 Made build. options alias basic ones when native building.
69a01dae Made set_option kwargs named-only.
5c7ff27e Do not print build and host settings when compiling natively.
949accb1 Do not print build compiler info when not cross compiling. It is confusing.
7aadc3aa vs backend: commandrunner.py takes source dir first
46c2a051 Update MSI creator script to newest VS on Win 7. [skip ci]
1a5c121f Fix cross compilation on OSX
c5f99542 coredata: Ignore directories when searching for machine files
85270dce mintro: Fix crash related to the sources kwarg (fixes #5741)
b48e1fcc docs: Add missing closing ` in reference manual
6f18ab18 interpreter: Fix permitted kwargs in dependency.get_variable
7f390e6a docs: correct key in dep.get_variable
58a6ab32 run_unitests: Skip the native_file_is_pipe test on cygwin
2640cd7e unit tests: Check whether pytest-xdist is available
be16f4cf Use pytest parallelisation if available.
5b02f88b ci/cygwin: Install pytest-xdist for unit tests
f7684ec5 ci/cygwin: Don't need a special step to install cmake
6e18169e tests/122 shared module: More verbose logging
87dee156 .travis.yml: Fix cross-mingw test failures
e7990883 cmake: 0.51 backport of #5665
750a7dc0 unit tests: Don't keep builddirs inside source tree on Cygwin
b591f3e7 Keep all build dirs inside the source tree.
bac86f25 meson: handle nested disabler
46d43b29 cmake: added test case for environment variables
e8421b24 meson: Use CMAKE_PREFIX_PATH environment variable
fd3384ca ValaCompiler: only emit '--debug' in debug build.
1e305e60 mintro: Fix section key in buildoptions
81e81209 BUGFIX: Fortran module regex handle more edge cases
d198d50c Fix missing return statements that are seen with -Werror=return-type.
f9211b75 No need to reserve build_ because we use build. instead.
41e9ac35 run_unitests: Add a unit test for native files that are pipes
4e2adb82 coredata: Correctly handle receiving a pipe for native/cross files
0e25505f Do not fail on passing `-Werror=unused-parameter` from environment
3beb2737 Return zero in cross_sizeof
58441054 cmake: Handle disabling subprojects

(prlw1)

Updated shells/bosh to 20190922

(micha)

bosh: Switch to latest distfile.

Changelog
=========

Release 2019-03-29:
- Bourne Shell: local(1), export(1) and readonly(1) now all support to.
  expand the '~' character in environment variables like e.g. PATH.

- Bourne Shell: Added unit tests for the tilde expansion and the related
  changes.

Release 2019-04-29:
- libshedit/bsh/Bourne Shell: The TAB file name expansion now uses a new
  expansion funtion that is not based on pattern matching but on strstr()
  and thus is no longer fooled by file names that contain pattern matching
  meta characters.

- Bourne Shell: "trap -- ..." now correctly handles "--" even if the next
  argument is "-".

- Bourne Shell: trap now supports a new option -p that allows to restore
  the whole trap state using the following commands:

    old_traps=$(trap -p)
    trap "some commands" INT QUIT
    ...
    eval "$old_traps"

  This is possible because "trap -p" outputs the state for all signals
  and not only for those signals that are not in the default state.

  The new trap interfase was agreed on in the 2019-04-11 POSIX
  teleconference.

  Bourne Shell: The exception for "while true; do date; done | uniq -c"
  in job control handling that has been introduced in November 2015 has
  been refined to prevent it from causing "(bosh)" to stop from SIGTTIN.

  Thanks to Robert Elz <kre@munnari.OZ.AU> for reporting.

- Bourne Shell: A new #define JOB_DEBUG has been added.

- Bourne Shell: The command:

    (trap '' SEGV; $SHELL -c 'kill -s SEGV $$; echo survived')

  caused the shell not to print "survived" because a previous exception
  for SIGSEGV from the 1977 Bourne Shell version had not been removed
  for the POSIX variant of the shell. The problem occured because it
  was possible to unignore an ignored (at startup) SIGSEGV.

  Thanks to Robert Elz <kre@munnari.OZ.AU> for reporting.

- Bourne Shell: The code now uses SIG2STR_MAX for the size of the
  sig2str() output buffer.

- Bourne Shell: the behavior related to SIGINT on the command line
  in the case that the history editor is enabled has been changed to
  match the behavior of ksh. The Bourne Shell now calls trap commands
  for SIGINT when ^C is typed on the command line.

  Note that the classical Bourne Shell behavior (which is still active
  in case the history editor has been disabled via "set +o ved") is that
  the trap command is called after ^C is followed by a CR if both are
  typed on a PS1 prompt.

  Note: The behavior for "trap" in this area is currently not specified
  in POSIX.

- Bourne Shell: After jobcontrol has been introduced into the Bourne
  Shell: When in jobcontrol mode, the shell could no longer get
  signals at the same time as foreground jobs because when using
  jobcontrol, the shell is in a different process group than the
  foreground job.

  The Bourne Shell now derives the information about a delivered signal
  from the waitid() return data and thus is now able to work the same
  way as it has been designed in 1977. This is the same way as ksh works.

  If a foreground program catches such signals, the shell is still not
  able to detect the signal, but it is now closer to the original
  behavior from 1977.

- Bourne Shell: new version date 2019-04-17

Release 2019-05-28:
- Bourne Shell: Similar to what ksh88 does, scripts are now checked
  before they are run. If there is a nul byte before a newline
  in the first 256 bytes, a file is rejected as alien binary
  instead of trying to interpret it as a script.

Release 2019-06-13:
- Bourne Shell: A new option "set -o globskipdot" has been added.
  If set, the entries "."  and ".." are skipped and not shown in globbing
  results. If not set, the entries "."  and ".." are always returned,
  even when they are not part of the readdir(3) results.

- Bourne Shell: The option "set -o globskipdot" has been made the
  new dfault behavior for "bosh", but not for "pbosh"

  Note that this new shell option has been introduced as a result
  of a related BUG discussion in the Austin Group telephone conference.
  The background is to permit shell scripts to check whether a shell
  grants to hide the "."  and ".." for all filesystems.

Release 2019-07-15:
- Bourne Shell: If OPTIND is set to a new value, the getopt() internal
  variable "_sp" is now reset to 1. This is needed in order to make sure
  that a combined option string can be parsed correctly.

- Bourne Shell/libshedit/bsh: The TAB expander now again gives .. as a.
  result if the pattern is ..

  This is needed in order to let ..TAB result in ../ on the command
  line editor.

Release 2019-09-22:
- Bourne Shell: The new function isbinary() that has been introduced
  in May and that should prevent the shell from interpreting binary
  files as shell scripts had a problem:

  In case that a disconnected TCP/IP based remote login caused a SIGTERM
  followed by the read() function on stdin returning EIO, the shell
  could go into a complex endless loop as the failing read() with
  "trapnote" set caused a longjmp() before the next prompt without first
  clearing "trapnote". As a result, the shell did hang endlessly around
  while just consuming CPU time.

  The shell now avoids to call the read() routine inside isbinary()
  when "trapnote" is set and this way is able to avoid the longjmp() on
  error.

- Bourne Shell: Fixed some typos in comment

  Thanks to Robert Clausecker for reporting

- Bourne Shell: print.c: Changed err++ for a BOOL typed variable
  into err = TRUE.

  Thanks to Robert Clausecker for reporting

- Bourne Shell, with obosh compilation type: Avoid an "unused" warning
  with word.c

- Bourne Shell: defs.h now includes an "extern int optopt;" in order
  to support Ultrix where this delcaration is missing in unistd.h.

  Thanks to Robert Clausecker for reporting

- bsh/Bourne Shell: test.c Now using a

    #if defined(S_IFPORT) && S_IFPORT != S_IFIFO

  to work around a strange definition on Ultrix

  Thanks to Robert Clausecker for reporting

- Bourne Shell: New version date

(micha)

Updated www/apache-tomcat9 to 9.0.26

(ryoon)

Update to 9.0.26

Changelog:
Tomcat 9.0.26 (markt)
Oher

    Fix: Re-tagged to ensure that the source file for the changelog did not contain an XML byte order mark. (markt)

not released Tomcat 9.0.25 (markt)
Catalina

    Fix: Avoid a possible InvalidPathException when obtaining a URI for a configuration file. (markt)
    Fix: 63684: Wrapper never passed to RealmBase.hasRole() for given security constraints. (michaelo)
    Fix: 63740: Ensure configuration files are loaded correctly when a Host is configured with an xmlBase. Patch provided by uk4sx. (markt)
    Fix: Avoid a potential NullPointerException on Service stop if a Service is embedded directly (i.e. with no Server) in an applciation and JNDI is enabled. Patch provided by S. Ali Tokmen. (markt)
    Add: Add a new PropertySource implementation, EnvironmentPropertySource, that can be used to do property replacement in configuration files with environment variables. Based on a pull request provided by Thomas Meyer. (markt)

Coyote

    Fix: 63682: Fix a potential hang when using the asynchronous Servlet API to write the response body and the stream and/or connection window reaches 0 bytes in size. (markt)
    Fix: 63690: Use the average of the current and previous sizes when calculating overhead for HTTP/2 DATA and WINDOW_UPDATE frames to avoid false positives as a result of client side buffering behaviour that causes a small percentage of non-final DATA frames to be smaller than expected. (markt)
    Fix: 63706: Avoid NPE accessing https port with plaintext. (remm)
    Fix: Correct typos in the names of the configuration attributes overheadDataThreshold and overheadWindowUpdateThreshold. (markt)
    Fix: If the HTTP/2 connection requires an initial window size larger than the default, send a WINDOW_UPDATE to increase the flow control window for the connection so that the initial size of the flow control window for the connection is consistent with the increased value. (markt)
    Fix: 63710: When using HTTP/2, ensure that a content-length header is not set for those responses with status codes that do not permit one. (markt)
    Fix: 63737: Correct various issues when parsing the accept-encoding header to determine if gzip encoding is supported including only parsing the first header found. (markt)

Jasper

    Fix: 63724: Correct a regression introduced in 9.0.21 that broke compilation of JSPs in some configurations. (markt)

Web applications

    Fix: Correct the source code links on the index page for the ROOT web application to point to Git rather than Subversion. (markt)
    Fix: Fix various issues with the Javadoc generated for the documentation web application to enable release builds to be built with Java 10 onwards. (markt)
    Fix: 63733: Remove the documentation for the "Additional Components" since they have been remove / merged into the core Tomcat distribution for 9.0.5 onwards. (markt)
    Fix: 63739: Correct the invalid Automatic-Module-Name manifest entries for the Tomcat provided JARs included in the Tomcat embedded distribution. (markt)
    Fix: Fix a large number of Javadoc and documentation typos. Patch provided by KangZhiDong. (markt)
    Fix: Spelling and formatting corrections for the cluster how-to. Pull request provided by Bill Mitchell. (markt)

Other

    Add: Expand the coverage and quality of the French translations provided with Apache Tomcat. (remm)
    Add: Expand the coverage and quality of the Simplified Chinese translations provided with Apache Tomcat. Includes contributions by leeyazhou and 康智冬. (markt)
    Fix: 62140: Additional usage documentation in comments for catalina.[bat|sh]. (markt)
    Fix: Fix JSSE_OPTS quoting in catalina.bat. Contributed by Peter Uhnak. (fschumacher)
    Update: 63625: Update to Commons Daemon 1.2.1. This corrects several regressions in Commons Daemon 1.2.1, most notably the Windows Service crashing on start when using 32-bit JVMs. (markt)
    Fix: 63689: Correct a regression in the fix for 63285 that meant that when installing a service, the service display name was not set. (markt)
    Fix: When performing a silent install with the Windows Installer, ensure that the registry entires are added to the 64-bit registry when using a 64-bit JVM. (markt)
    Fix: Remove unused i18n messages and associated translations. Patch provided by KangZhiDong. (markt)
    Add: Expand the coverage and quality of the Korean translations provided with Apache Tomcat. (woonsan)

2019-08-17 Tomcat 9.0.24 (markt)
Coyote

    Code: Remove the code in the sendfile poller that ensured smaller pollsets were used with older, no longer supported versions of Windows that could not support larger pollsets. (markt)

not released Tomcat 9.0.23 (markt)
Catalina

    Update: 63627: Implement more fine-grained handling in RealmBase.authenticate(GSSContext, boolean). (michaelo)
    Add: 62496: Add option to write auth information (remote user/auth type) to response headers. (michaelo)
    Add: 57665: Add support for the X-Forwarded-Host header to the RemoteIpFilter and RemoteIpValve. (markt)
    Fix: 63550: Only try the alternateURL in the JNDIRealm if one has been specified. (markt)
    Add: 63556: Mark request as forwarded in RemoteIpValve and RemoteIpFilter (michaelo)
    Fix: If an unhandled exception occurs on a asynchronous thread started via AsyncContext.start(Runnable), process it using the standard error page mechanism. (markt)
    Fix: Discard large byte buffers allocated using setBufferSize when recycling the request. (remm)
    Fix: 63579: Correct parsing of malformed OPTIONS requests and reject them with a 400 response rather than triggering an internal error that results in a 500 response. (markt)
    Fix: 63608: Align the implementation of the negative match feature for patterns used with the RewriteValve with the description in the documentation. (markt)
    Fix: Avoid a NullPointerException in the CrawlerSessionManagerValve if no ROOT Context is deployed and a request does not map to any of the other deployed Contexts. Patch provided by Jop Zinkweg. (markt)
    Fix: 63636: Context.findRoleMapping() never called in StandardWrapper.findSecurityReference(). (michaelo)

Coyote

    Code: Refactor the APR poller to always use a single pollset now that the Windows operating systems that required multiple smaller pollsets to be used are no longer supported. (markt)
    Fix: 63524: Improve the handling of PEM file based keys and certificates that do not include a full certificate chain when configuring the internal, in-memory key store. Improve the handling of PKCS#1 formatted private keys when configuring the internal, in-memory key store. (markt)
    Update: Add callback when finishing the set properties rule in the digester. (remm)
    Fix: 63570: Fix regression retrieving local address with the NIO connector. Submitted by Aditya Kadakia. (remm)
    Fix: 63568: Avoid error when trying to set tcpNoDelay on socket types that do not support it, which can occur when using the NIO inherited channel capability. Submitted by František Kučera. (remm)
    Fix: Correct parsing of invalid host names that contain bytes in the range 128 to 255 and reject them with a 400 response rather than triggering an internal error that results in a 500 response. (markt)
    Fix: 63571: Allow users to configure infinite TLS session caches and/or timeouts. (markt)
    Fix: 63578: Improve handling of invalid requests so that 400 responses are returned to the client rather than 500 responses. (markt)
    Fix: Fix h2spec test suite failure. It is an error if a Huffman encoded string literal contains the EOS symbol. (jfclere)
    Add: Connections that fail the TLS handshake will now appear in the access logs with a 400 status code. (markt)
    Fix: Timeouts for HTTP/2 connections were not always correctly handled leaving some connections open for longer than expected. (markt)
    Fix: 63650: Refactor initialisation for JSSE based TLS connectors to enable custom JSSE providers that provide custom cipher suites to be used. (markt)
    Add: Expand the HTTP/2 excessive overhead protection to cover various forms of abusive client behaviour and close the connection if any such behaviour is detected. (markt)
    Fix: Fix a crash on shutdown with the APR/native connector when a blocking I/O operation was still in progress when the connector stopped. (markt)

Cluster

    Fix: Avoid failing Kubernetes membership (and preventing startup) if the stream cannot be opened, to get the same behavior as the DNS based membership. The namespace is still a failure on startup but it is easy to provide. (remm)
    Fix: Avoid non fatal NPEs with Tribes when JMX is not available. (remm)
    Fix: Make Kube environment optional for Kube memberships, for easier testing and Graal training. A warn log will occur if the environment is not present. (remm)

Web applications

    Fix: 63597: Update the custom 404 error page for the Host Manager to take account of previous refactoring so that the page is used for 404 errors rather than falling back to the default error page. (markt)

Other

    Fix: JNDI support for GraalVM native images. (remm)
    Fix: JSP runtime library support for GraalVM native images. (remm)
    Fix: java.util.logging configuration for GraalVM native images. (remm)
    Update: Update Checkstyle to 8.22. (markt)
    Update: 62696: The digital signature for the Windows installer now uses SHA-256 for hashes. (markt)
    Update: 63310: Update to Commons Daemon 1.2.0. This provides improved support for Java 11. This also changes the user configured by the Windows installer for the Windows service from Local System to the lower privileged Local Service. (markt)
    Fix: 55969: Tighten up the security of the Apache Tomcat installation created by the Windows installer. Change the default shutdown port used by the Windows installer from 8005 to -1 (disabled). Limit access to the chosen installation directory to local administrators, Local System and Local Service. (markt)
    Add: Expand the coverage and quality of the French translations provided with Apache Tomcat. (remm)
    Add: 63285: Add an option to service.bat so that when installing a Windows service, the name of the executables used by the Windows service may be changed to match the service name. This makes the installation behaviour consistent with the Windows installer. The original executable names will be restored when the Windows service is removed. The renaming can be enabled by using the new --rename option after the service name. (markt)
    Fix: 63567: Restore the passing of $LOGGING_MANAGER to the jvm in catalina.sh when calling stop. (markt)
    Fix: Correct broken OSGi data in JAR file manifests. (markt)
    Fix: Add "embed" to the Bundle-Name and Bundle-Symbolic-Name for the Tomact embedded WebSocket JAR to align the naming with the other embedded JARs and to differentiate it from the standard WebSocket JAR that does not include the API classes. (markt)
    Fix: 63555: Add Automatic-Module-Name entries for each of the Tomcat provided JARs included in the Tomcat embedded distribution. (markt)
    Update: Update dependency on bnd to 4.2.0. (markt)
    Update: Update the internal fork of Commons Codec to 3ebef4a (2018-08-01) to pick up the fix for CODEC-134. (markt)
    Update: Update the internal fork of Commons Pool2 to 796e32d (2018-08-01) to pick up the changes Commons Pool2 2.7.0. (markt)
    Update: Update the internal fork of Commons DBCP2 to 87d9e3a (2018-08-01) to pick up the changes Commons DBCP2 2.7.0 and DBCP-555. (markt)
    Update: 63648: Update the test TLS keys and certificates used in the test suite to replace the keys and certificates that are about to expire. (markt)

(ryoon)

Remove librsvg

(ryoon)

Updated devel/smake to 1.3nb5

(micha)

Updated graphics/librsvg to 2.46.0

(ryoon)

Update to 2.46.0

Changelog:
Version 2.46.0

- The following are highlights compared to the 2.44.x series.  For
  full details, please see the release notes for the 2.45.x series.

- All of librsvg.so is now implemented in Rust!  That is, except for a
  very thin wrapper over the public API functions.  Hopefully we can
  remove this wrapper when Cargo gets some more features around
  controlling the linking step.  This release requires at least Rust 1.34.

- Librsvg now comes with a Rust crate that can be used from Rust
  applications.  See librsvg_crate/examples.  This Rust API is
  designed to be idiomatic; if you want a Rust binding to the shared
  library instead, please use the "rsvg-rs" crate from crates.io.

- The following API functions are new in the C library:
    rsvg_handle_get_intrinsic_dimensions()
    rsvg_handle_render_document()
    rsvg_handle_render_layer()
    rsvg_handle_render_element()
    rsvg_handle_get_geometry_for_layer()
    rsvg_handle_get_geometry_for_element()

  Correspondingly, there is a new chapter in the documentation, called
  "Recommendations for Applications".  These new APIs conform better
  with the web platform's idea of how SVG sizing/positioning should
  work.  Applications should now find it easier to scale and render
  SVGs in a single call, instead of having to obtain image dimensions
  first.

- A bunch of functions have been deprecated but are still available:

    - rsvg_handle_write()/close() are deprecated in favor of the
      stream functions.  Unfortunately the write()/close() pair
      require buffering the entire document, in case it is a .svgz
      compressed file; the streaming functions do not have this
      problem.

    - Functions that return RsvgDimensionData and RsvgPositionData are
      deprecated, since they just use integers instead of floating
      point numbers.  They are replaced with the _get_geometry_*()
      functions above.

- The library is a lot more strict now in terms of detecting that the
  API functions are called in the correct order.  For example, calling
  rsvg_handle_get_dimensions() before rsvg_handle_close() will now
  emit a critical warning.

- Librsvg is gradually moving towards using code from Mozilla's Servo.
  We haven't quite gotten rid of libcroco and libxml2 yet, but this is
  in progress.

- Many thanks to all the people who participated in the long cycle for
  2.45.  Having the whole library's functionality in Rust is a big
  accomplishment!

Version 2.45.92
- #496 - Ensure all lengths and angles parse as finite numbers

- #497 - Don't panic on paths with all-invalid commands

- #500 - Added additional SVG blend-modes for the feBlend filter primitive (Andargor)

- Some changes in the build structure to allow for faster builds.

Version 2.45.91
- The documentation has a new chapter, Recommendations for Applications.

- #451 - Make rsvg-convert detect images larger than pixman's limit.

- #410 - Update introspection annotations.

- #449 - librsvg_crate: Make cancellable arguments consistent with gio-rs

- librsvg_crate: Take all gio arguments as IsA<SomeGioType> generics

- Updated Rust crates to avoid duplicates (Bastien Orivel)

Version 2.45.90
- New API functions:
    rsvg_handle_render_document()
    rsvg_handle_render_layer()
    rsvg_handle_render_element()
    rsvg_handle_get_geometry_for_layer()
    rsvg_handle_get_geometry_for_element()

  CairoRenderer in the librsvg_crate has corresponding functions
  as well.

- Fix builds with gettext ≥ 0.20 (Ting-Wei Lan).

- If the C API is called out of order, downgrade hard panics to
  g_critical() to cope with incorrect/old applications that called
  rsvg_handle_get_dimensions() before rsvg_handle_close().

- API reference documentation is much improved.

Version 2.45.8
- This version requires at least Rust 1.34.

- #485 - Fix build on Rust earlier than 1.36 (Kleis Auke Wolthuizen).

- More polishing of the Windows build (Chun-wei Fan).

- Update gtk-rs and dependent crates (Bastien Orivel)

Version 2.45.7
- Fix #463 - Don't panic if an SVG has character data outside the
  first element.

- Fix #467: Don't panic when there's an xi:include fallback with no
  parent element.  Thanks to Bastien Orivel for running afl-fuzz
  on librsvg.

- Fix #471: Fix blurry semi-opaque objects when rendering with a
  scaled transformation.  Thanks to the gnome-games people for
  isolating a test case and to Evgeniy Reizner for providing a more
  minimal one.

- Fix #481: Don't ignore the first x/y/dx/dy in text/tspan elements if
  there is more than one position specified.

- #452 - In librsvg_crate, SvgHandle now has a ::has_element_with_id()
  method.

- rsvg-convert now catches the case where the SVG has no dimensions.

- Replaced the Visual Studio build infrastructure for NMake
  (Chun-wei Fan).

- This version no longer contains the rsvg-view program, so librsvg no
  longer depends on GTK.  Please see
  https://people.gnome.org/~federico/blog/removing-rsvg-view.html for
  the rationale behind this change.

- The poly element no longer supports "verts" as an alias for the
  "points" attribute.  The "verts" name was only used in SVG pre-1.0,
  and we had been cargo-culting that name ever since.

- We now use more machinery from Mozilla Servo, in this case the
  markup5ever and rust-selectors crates.  This is in line with
  gradually replacing libcroco with a Rust-only CSS machinery.

- Lots and lots of refactoring and cleanups:  use the rctree crate
  instead of our own tree representation; remove interior mutability
  in element structs; make the gradients and patterns code less
  repetitive (Paolo Borelli).

- Update some dependencies (Bastien Orivel).

- New section in COMPILING.md about cross-compilation to Windows using
  mingw (Takuro Ashie)

- Fix static linking and Windows builds (Kleis Auke Wolthuizen).

Version 2.45.6
- Librsvg now requires Rust 1.30.0 or later.

- Librsvg now requires Cairo 1.16.0 or later.  Thanks to
  Julian Sparber for keeping up with cairo-rs API changes.

- This version introduces librsvg_crate, an idiomatic Rust crate for
  using librsvg from Rust programs directly, without using GObject
  machinery.  This API is subject to change, but you can start using
  it now in an experimental fashion.  Thanks to Paolo Borelli and
  Jordan Petridis for fine-tuning this new API.

- All of the librsvg internals are now in Rust!  The C code is just a
  thin wrapper over Rust functions.

- The internals library has been converted to Rust 2018 (Jordan Petridis).

- Within librsvg_crate, there is a new infrastructure for doing
  reftests in Rust, that does not depend on PNG reference files.  See
  librsvg_crate/tests for details.

- This release introduces the following new APIs:
  rsvg_handle_get_intrinsic_dimensions(),
  rsvg_handle_get_geometry_for_element().

- Parsing of the "style" attribute, which has a plain list of CSS
  property declarations, is now done with rust-cssparser.
- CSS selector matching should be marginally faster than before.

- Fix Visual Studio builds (Chun-wei Fan).

- Fix #11 - Respect the "direction" property for bidirectional text (Khaled Hosny).

- Fix #295 - Ensure the initial viewport fits into temporary surfaces for compositing

- Fix #425 - Don't fail parsing if the system's locale is broken (Paolo Borelli).

- Fix #438, #443 - Don't create intermediate raster surfaces unless
  absolutely needed.  This was causing blurred output for SVGs from
  Inkscape and Illustrator, since they include an "enable-background"
  property even when there are no filters in use.  Thanks to Julian
  Sparber, Jordan Petridis, Zeeshan Ali for doing a huge "git bisect"
  to find the cause of this bug.

- Fix #443 - Fix blurry output when enable-background is used without filters.

- Fix #455 - Fix rounding error on i386 (Olivier Tilloy).

- Check for Cairo errors when constructing paths.

Version 2.45.5
- At build time, you can now pass $CARGO and $RUSTC environment
  variables if you need to override the default Rust toolchain.
  Please see COMPILING.md for details.  (Tobias Kortkamp)
- Fix #405 - In the gdk-pixbuf loader, don't crash if the write()
  function doesn't receive a GError.
- Fix #268 - Remove the comp-op property; it's not in SVG 1.1 nor SVG 2.
- Fix #415 - register RsvgHandleFlags and the RsvgError enum values in
  a thread-safe fashion (Sebastian Dröge).
- All of the library's non-GObject functionality is implemented in
  Rust now.
- Update the cairo crate (Kornel Lesiński).
- Clean up the loading code paths (Paolo Borelli).
- Updated compilation docs for Debian (Jordan Petridis)
- Updated parts of the reference documentation.

Version 2.45.4
- Brown paper bag release, my apologies.
- Fix #402 - Fix the library's soname.  Thanks to Gabriele Balducci
  for reporting it, and Kalev Lember for fixing it.

Version 2.45.3
- Big news!  All the real work in the library is now implemented in
  Rust.  The public API is implemented in C, but most it calls
  immediately into the Rust code.  Special thanks to Paolo Borelli and
  Carlos Martín Nieto for making this possible.

- rsvg_handle_set_base_uri() now really assumes that it is passed a
  URI.  Previously it would try to differentiate between real URIs,
  and absolute or relative file paths.  If this breaks your code
  (i.e. you are passing a filename, not a URI), please tell us so we
  can restore the old behavior!

- Fix #395 - Don't panic in feMorphology if it ends up with a negative
  scaling transformation.
- Fix #398 - Detect circular references in gradients.
- Match the Firefox/Chrome behavior on gradients and patterns with
  circular references for fallbacks (Paolo Borelli).
- Fixes for Rust 1.30 and below (Jordan Petridis).
- Lots and lots of refactoring (Paolo Borelli, Federico Mena).

Version 2.45.2
- rsvg_cleanup() is now deprecated.  This was only meant to be called
  from code to be checked by Valgrind.  Leak checkers may show
  reachable memory from libxml2; real memory leaks should still be
  reported, of course.  (Kornel Lesiński).

- As an experimental change, librsvg no longer calls xmlInitParser()
  from libxml2.  Please tell us if this causes problems for
  multithreaded programs.

- Added g_warning()s to ensure the API is called in the correct
  sequence.

- The text handling code has been completely refactored and
  simplified.  This will allow us to implement the x/y/dx/dy
  properties for multiple glyphs in the future.  Please report any
  problems you experience in text rendering.

- Fix #385 - Don't crash if there is no rsvg_handle_write() before
  rsvg_handle_close().
- Fix #391 - Avoid undefined behavior when casting opaque pointers
  (Jordan Petridis).
- Fix crash when a linear RGB filter is followed by an SRGB filter
  (Ivan Molodetskikh).
- Fix #393 - Stack overflow when freeing thousands of sibling elements.
- Fix positioning of adjacent <tspan> elements.
- All the toplevel loading and drawing code is implemented in Rust now.
- Pixbuf conversion code is in Rust now (Paolo Borelli).
- Cleanups in the code for XML processing, markers, attributes (Paolo
  Borelli).
- Many build/link fixes (Jordan Petridis).
- Cleanups in the code that calls libxml2 (Kornel Lesiński).

Version 2.45.1
- New public API, rsvg_handle_get_geometry_sub(), to get the exact
  geometry of an element.  The functions
  rsvg_handle_get_position_sub() and rsvg_handle_get_dimensions_sub()
  are deprecated now; these returned incomplete data with integer
  coordinates (Julian Sparber).

- rsvg_handle_write() and rsvg_handle_close() are now deprecated in
  favor of the functions which use a GInputStream.  The former need to
  buffer the entire SVG data first; the latter don't need buffering.

- Librsvg no longer tries to load XML entities which reference
  external resources, either parameter or general entities, declared
  in the DTD.  This never worked properly, and it is better to do so
  via the xi:include mechanism.  Also, unparsed external entities with
  a notation are not really supported in SVG; it has its own <image>
  element and similar for that purpose.  Only internal general
  entities are supported now, for example:

    <!ENTITY foo "<some xml here>">
    <!ENTITY bar "some text here">

- Started support for localized error messages (Daniel García Moreno).

- Ported to Rust: loading code, XML processing code, data: URL parsing,

- Many code cleanups and refactorings, courtesy of Paolo Borelli.
- Fix undefined behavior in casts (Jordan Petridis).
- Cairo/Rust API updates by Julian Sparber.
- configure.ac cleanups by Maya Rashish.

Version 2.45.0
- Librsvg now requires Rust 1.27.
- Librsvg now requires Cairo 1.15.12.
- Fix building when srcdir != builddir (Mathieu Bridon).
- Fix #339 - Panic in filters with primitiveUnits="objectBoundingBox"
  on zero-sized elements (Ivan Molodetskikh).
- Fix #335 - Don't panic if the toplevel node is not <svg>.
- Fixes from fuzz testing (Ivan Molodetskikh): don't panic when the
  feConvolveMatrix kernel is not set; fix upper bounds in filter pixel
  getters.
- Fix #337 - Don't panic with "em" or "ex" units in the font-size property.
- Fix #338 - Don't panic when an image element doesn't have
  width/height attributes.
- Fix #340 - Don't panic when a marker has a zero-sized viewBox attribute.
- Fix #341 - Don't infinite-loop with cyclic pattern references.
- Fix #342 - Don't crash if a <use> node references one of its ancestors.
- Special thanks to Ivan Molodetskikh for doing a fuzz-testing run for
  this round.
- Fix #344 - Don't panic when a viewBox has overflowing numbers.
- Fix #345 - Fix panics due to bad path parsing and overflows in
  surface size.
- Updates to the CI infrastructure and the build documentation (Jordan
  Petridis).
- Cleanups and refactoring (Paolo Borelli, Linus Unnebäck, Federico Mena).
- Fix #343 - Handle child being in error in feComponentTransfer.
- Fix #346 - Handle filter primitives producing errors.
- Fix #347 - Regression in computation of text element extents.
- Fix #348 - Fix incorrect font sizing.
- Fix #349 - Don't panic when loading an external image that is bigger
  than Cairo's limits.
- Fix - rsvg_handle_get_dimensions_sub() no longer panics if passed a
  nonexistent fragment identifier.
- Fix 32-bit builds (Jordan Petridis).
- Fix #256 - Correctly match the systemLanguage attribute with the
  user's locale.
- Fix #320 - Parse xml:lang correctly.
- Fix #334 - Don't modify the caller's cairo_t state during rendering.
- Fix #349 - Don't panic if we get a "data:" URI with empty data.
- Fix #352 - Don't panic on getting a very large "order" for
  feConvolveMatrix (Ivan Molodetskikh).
- Fix #363 - Don't drop spaces around <tspan> elements.
- Fix #365 - rsvg-convert now uses pixel units for SVG output, instead
  of points.  This requires cairo 1.15.12 (Antonio Ospite).
- Fix #358, #366 - tweaks to have the test suite pass on i386 and
  non-x86_64 platforms (Simon McVittie, Federico Mena).
- Fix #368 - With RSVG_LOG=1, librsvg will now report when SVGs have
  references to nonexistent elements, to aid debugging (for example,
  in an xlink:href attribute).
- Fix #371 - rsvg-convert was positioning extracted elements
  incorrectly when using the -w/-h options together with --export-id.
- Fix #372 - Mis-rendering in small arc segments.
- Fix #373 - Rendering of gradients for horizontal/vertical stroked
  lines with gradientUnits="userSpaceOnUse".
- Fix a couple of memory leaks in the error paths of the GdkPixbuf
  loader (Benedikt Heine).
- Allow reference tests with a small difference to pass without
  breaking the build (Simon McVittie).
- CSS processing code is now in Rust, although it still calls libcroco
  to do the parsing.
- XML processing code is partially moved to Rust, although it still
  calls libxml2 for the XML parsing.
- Special thanks to Alex Crichton for ensuring that MacOS builds work.

(ryoon)

smake: Update to 1.3nb5

Switch to latest distfile.

Changelog
=========

Release 2019-07-22:
- RULES/*: Changes CURDIR into CURWDIR as GNU make uses CURDIR and we
          added compatibility support to SunPro Make and smake.

- RULES: Added configuration symlinks for FreeBSD on PowerPC

- smake: The -C option now gives GNU make compatibility.
        - Multiple -C options are now supported
        - A new variable CURDIR has been implemented
        The old implementation from May 2009 did not yet support that.

Release 2019-08-13:
- smake: Added some code to trick out GCC that warns on a so called bit
        loss while enlarging the fastalloc() size parameter for alignment
        purposes.

(micha)

Updated lang/nim to 1.0.0

(ryoon)

Update to 1.0.0

Changelog:
This is a major release containing nearly 60 commits. Most changes are bug fixes, but this release also includes a couple new features:

    Binaries can now be built and run using the new run command.
    The NimblePkgVersion is now defined so you can easily get the package version in your source code (example).

Some other highlights:

    Temporary files are now kept when the --debug flag is used.
    Fixed dependency resolution issues with "#head" packages (#432 and #672).
    The install command can now take Nim compiler flags via the new --passNim flag.
    Command line arguments are now passed properly to tasks (#633).
    The test command now respects the specified backend (#631).
    The dump command will no longer prompt and now has an implicit -y.
    Fixed bugs with the new nimscript executor (#665).
    Fixed multiple downloads and installs of the same package (#678).
    Nimble init no longer overwrites existing files (#581).
    Fixed incorrect submodule version being pulled when in a non-master branch (#675).

(ryoon)

Updated editors/OmegaT to 5.0.0

(ryoon)

Update to 5.0.0

Changelog:
OmegaT 5.0.0 brings 3 enhancements and 1 bug fix.

BCP 47 language tags are now supported.

TM entries with almost-matching locales can now be shown as fuzzy
matches with a configurable penalty.

The bundled JRE in "with-JRE" distributions has been updated to
Java 8u222, now from AdoptOpenJDK rather than Oracle. Note that
the 32-bit Linux distribution has been discontinued. 32-bit Linux
users should use the "without-JRE" distribution and supply their
own JRE.... read more

(ryoon)

Updated misc/libreoffice to 6.3.2.2

(ryoon)

Update to 6.3.2.2

Changelog:
Bugs fixed compared to 6.3.1 rc1:
    tdf#126935 Spell Check Dialog: Area containing context of error no longer accessible to screen readers [Caolán McNamara]
    tdf#127343 When creating a query in design view using MySQL, the Add Tables dialog only displays tables from, and allows interaction with, the first alphabetically sorted schema [Caolán McNamara]

Bugs fixed compared to 6.3.1 (rc2):
    rhbz#1648281 [libreoffice][fix available] Junk character gets added when some emojis are inserted. [Caolán McNamara]
    rhbz#1691287 LibreOffice does not prompt for printer authentication [Caolán McNamara]
    tdf#93998 Image background missing on dialog [Miklos Vajna]
    tdf#98130 after upgrade from LO 4.4.7.2 to 5.0.5.2, clicking on checkboxes in a Base grid table form is inconsistent [Miklos Vajna]
    tdf#103345 FILEOPEN: Non-English numbering characters "①, ②, ③", "α, β, γ" are converted to digits (1,2,3) [Samuel Mehrbrodt]
    tdf#103988 FILESAVE: DOCX with X Y Bubble chart corrupted after roundtrip, cannot open in MSO [Balazs Varga]
    tdf#107394 Cell size change during paste not undone with undo if pasted as HTML [Miklos Vajna]
    tdf#107776 Saving and opening document looses graphics positions [Miklos Vajna]
    tdf#114657 FILESAVE: Data table (from copied chart) with empty row exported incorrectly to XLSX (Data Labels missing and X-Values wrong) -see Comment 6 [Balazs Varga]
    tdf#118169 FILESAVE DOCX ActiveX form control saved incorrectly with Hungarian accented letters [Tamás Zolnai]
    tdf#118710 Report Builder Character Settings dialog Highlighting tab page doesn't set background [Tamás Zolnai]
    tdf#118809 Firebird: XDatabaseMetaData implementation returns NULL strings for DatabaseProductName and DatabaseProductVersion [Julien Nabet]
    tdf#119809 FILESAVE DOCX The combo box ActiveX control is lost in LibreOffice Writer [Tamás Zolnai]
    tdf#121983 libpixman-1.so.0 not found when LO is built with internal cairo [Michael Stahl]
    tdf#122110 FILESAVE XLSX, One of the cell changes its textcolor to blue for no apparent reason. [Eike Rathke]
    tdf#122355 HELP button in Format Cells no longer opens help on Format Cells (it opens top of Help) [Caolán McNamara]
    tdf#124083 Import filter issue with DOCX with embedded graph in decimal precision of x-axis values [Balazs Varga]
    tdf#125088 Default buttons have the wrong text color on macOS [Xisco Faulí]
    tdf#125340 CRASH: closing LibreOffice while migration dialog is open ( GTK3 ) [Caolán McNamara]
    tdf#125610 More Characters button is unreadable on macOS [Xisco Faulí]
    tdf#126007 "Help" button in "AutoCorrect" dialog doesn't open relevant help entry [Caolán McNamara]
    tdf#126042 Title and extension version number are mangled together in extension dialog [Caolán McNamara]
    tdf#126560 KDE-integration (Plasma 5): shifting/inserting rows with Alt+Shift not working correctly [Jan-Marek Glogowski]
    tdf#126656 Modifying one outline level with slide scope selected changes layout for all the outline levels [Gülşah Köse]
    tdf#126663 XLSX: LibreOffice is freezed when I try open Style list in Sidebar [Noel Grandin]
    tdf#126693 I cannot create custom categories for captions [Caolán McNamara]
    tdf#126746 Closed shape cap style, losed after export to pptx [Bartosz Kosiorek]
    tdf#126784 Writer change not selected columns width [Justin Luth]
    tdf#126787 Setting borders on character format become paragraph format [Mike Kaganski]
    tdf#126792 DOCX legacy drop-downs are only supposed to hold 25 items [Tamás Zolnai]
    tdf#126911 Calc: Structure box and/of Structure tab in Function Wizard is very narrow [Caolán McNamara]
    tdf#126951 crash in custom slide show [Caolán McNamara]
    tdf#127003 Calc: Page Formatting: Header & Footer: cant insert field into proper position [Caolán McNamara]
    tdf#127029 gtk3: empty spinbuttons don't stay empty when the notebook gets split [Caolán McNamara]
    tdf#127048 Macro warning dialog is prompted in a file with no macro [Caolán McNamara]
    tdf#127085 PPTX: FILESAVE: Transparency is lost after RT [Tamás Zolnai]
    tdf#127092 MariaDB/MySQL native connector: Import tables creates empty table [Tamas Bunth]
    tdf#127093 MariaDB/MySQL native connector: Import of Autovalue from HSQLDB sets '0' to '1' [Tamas Bunth]
    tdf#127110 Vesion 6.3.0.4 not saving .xlsx files correctly [László Németh]
    tdf#127120 Double selecting of level in list in B&N dialog in Writer (gen) [Caolán McNamara]
    tdf#127168 "Ranges containing merged cells…" modal dialog underlays Autofilter pull-down [Caolán McNamara]
    tdf#127180 Firebird: propose migration + Firebird by default only in experimental [Julien Nabet]
    tdf#127189 Editing a particular math formula using underbrace / overbrace destroys the UI under GTK3 [Caolán McNamara]
    tdf#127240 installer text not fully visible [Roman Kuznetsov]
    tdf#127304 EDITING Horizontal multilevel axis labels all get the same vertical rotation [Balazs Varga]
    tdf#127357 Mail merge's "Select address list" dialog is no longer modal (except on gtk3) [Michael Weghorn]

(ryoon)

Updated www/firefox-l10n to 69.0.2

(ryoon)

Update to 69.0.2

* Sync with www/firefox-69.0.2

(ryoon)

Updated www/firefox to 69.0.2

(ryoon)

Update to 69.0.2

Changelog:
Fixed
    Fixed a crash when editing files on Office 365 websites (bug 1579858)

    Fixed detection of the Windows 10 Parental Controls feature being enabled (bug 1584613)

    Fixed a Linux-only crash when changing the playback speed while watching YouTube videos (bug 1582222)

(ryoon)

Enable ruby-sassc

(ryoon)

Updated devel/nss to 3.46.1

(ryoon)

Update to 3.46.1

Changelog:
* 1582343 - Soft token MAC verification not constant time
* 1577953 - Remove arbitrary HKDF output limit by allocating space as needed

(ryoon)

Updated devel/py-protobuf, www/py-aiohttp

(adam)

py-aiohttp: updated to 3.6.1

3.6.1:

Features
- Compatibility with Python 3.8.

Bugfixes
- correct some exception string format
- Emit a warning when ``ssl.OP_NO_COMPRESSION`` is
  unavailable because the runtime is built against
  an outdated OpenSSL.
- Update multidict requirement to >= 4.5

Improved Documentation
- Provide pytest-aiohttp namespace for pytest fixtures in docs.

(adam)

py-protobuf: updated to 3.10.0

3.10.0:
Add descriptor methods in descriptor_pool are deprecated.
Uses explicit imports to prevent multithread test failures in py3.
Added delitem for Python extension dict
Update six version to 1.12.0 and fix legacy_create_init issue

(adam)

Updated devel/protobuf, ham/uhd

(adam)

uhd: updated to 3.14.1.1

003.014.001.001

Device3: latch n on m in axi_rate_change in DUC/DDC
Device3: UART: fix TX <-> RX, FIFO size as parameter
Device3: Restore default buffer sizes for MPMD UDP
RFNoC: Fix off by one error in window.v
E320: fix time source clobbering ref source
B200: Add command to query bootloader status
RFNoC: fix multidevice graph connections
MPMD: Fix corner case in MPM device discovery
MPM: fixed mboard_max_revision value (MPM compat check failures)
MPM: Fix version string for logger
Docs: x300: update docs for multiple timed commands
Docs: Fix Doxygen warnings due to spurious backslashes
Docs: RFNoC: Fix Doxygen warning due to undoc'd parameter
Docs: Adjust FPGA functional verification tests
Docs: Fix MPM cmake command for E320
RFNoC: Re-enable flow ctrl for blocks on same xbar
Tools: Fix build issues with kitchen_sink
cmake: Add UHD_COMPONENT variable

(adam)

protobuf: updated to 3.10.0

Protocol Buffers v3.10.0

C++

Switch the proto parser to the faster MOMI parser.
Properly escape Struct keys in the proto3 JSON serializer.
Fix crash on uninitialized map entries.
Informed the compiler of has-bit invariant to produce better code
Unused imports of files defining descriptor extensions will now be reported
Add proto2::util::RemoveSubranges to remove multiple subranges in linear time.
Added BaseTextGenerator::GetCurrentIndentationSize()
Made implicit weak fields compatible with the Apple linker
Support 32 bit values for ProtoStreamObjectWriter to Struct.
Removed the internal-only header coded_stream_inl.h and the internal-only methods defined there.
Enforced no SWIG wrapping of descriptor_database.h (other headers already had this restriction).
Implementation of the equivalent of the MOMI parser for serialization. This removes one of the two serialization routines, by making the fast array serialization routine completely general. SerializeToCodedStream can now be implemented in terms of the much much faster array serialization. The array serialization regresses slightly, but when array serialization is not possible this wins big.
Do not convert unknown field name to snake case to accurately report error.
Fix a UBSAN warnings.
Add podspec for C++
protoc: fix source code info location for missing label
C++ Add move constructor for Reflection's SetString

(adam)

doc: Updated lang/ocaml to 4.08.1nb2

(maya)

ocaml: claim natdynlink support on solaris. bump PKGREVISION

fixes ocaml-findlib PLIST issue.

(maya)

doc: Updated net/gopher to 3.0.17

(leot)

gopher: Update to 3.0.17

Changes:
(changelog from debian/changelog with Debian-specific entries omitted)
3.0.17
------
  * Fix alignment issue in gopher directories.  Closes: #789892.

3.0.16
------
  * Bump compat to 9.  Closes: #817485.

3.0.15
------
  * Correct possible segfault in option parsing.  Closes #715977, #715978.

3.0.14
------
  * Fix Debian (Closes: #798758) thanks to patch from Axel Beckert
    + Use autoconf and gnulib instead of autoconf2.13.

3.0.13
------
  * More changes to download.c to prefer getcwd() to get_current_dir_name().
    Closes: #366560.

3.0.12
------
  * Applied patch to make it build for Hurd.  Closes: #346447.

(leot)

Updated devel/p5-Perl-PrereqScanner-NotQuiteLite to 0.9908

(wen)

Update to 0.9908

Upstream changes:
0.9908 2019/08/24
  - fixed Win32 path separator issues

0.9907 2019/08/22
  - changed scan_also and features options to accept glob expressions
  - added "version" option to show what's going on

0.9906 2019/07/06
  - fixed PackageVariant parser not to die when it finds something
    other than importing

(wen)

Updated www/p5-Catalyst-Manual to 5.9010

(wen)

Update to 5.9010

Upstream changes:
5.9010 - 2019-04-25
    - updated stale urls
    - numerous typo fixes
    - many pod syntax fixes
    - other pod syntax cleanup
    - added references to the RT issues queue, mailing list, and irc channel

(wen)

Updated www/p5-Catalyst-View-JSON to 0.37

(wen)

Update to 0.37
Update DEPENDS

Upstream changes:
0.37 - 2019-04-28
        - fix Makefile.PL when current directory not in @INC (perl 5.26+)
        - convert from Module::Install to Distar for release tooling
        - Drop unneeded prerequisite on YAML

(wen)

Updated www/p5-Catalyst-Runtime to 5.90124

(wen)

Update to 5.90124

Upstream changes:
5.90124 - 2019-01-18
  - Fix problem with from_psgi_response and streaming applications (
    https://github.com/perl-catalyst/catalyst-runtime/pull/168).

(wen)

librsvg: fix build w/ current lang/rust

Alternatively the package could be updated to 2.46.0 but I don't have
time to deal with any potential fallout right now.

(tnn)

Updated www/p5-HTML-Scrubber to 0.19

(wen)

Update to 0.19

Upstream changes:
0.19      2019-09-24 13:26:46+01:00 Europe/London
    - Made List::Util import explicitly require version 1.33 (for 'any')

0.18      2019-09-22 12:10:47+01:00 Europe/London
    - Reduced standard build dependancies (removed author deps)

(wen)

Updated www/p5-HTML-Clean to 1.4

(wen)

Update to 1.4

Upstream changes:
1.3 Tue Sep 13 14:36 MSK 2019

    - Fix meta description

1.3 Tue Sep 9 14:10 MSK 2019

    - Fix pod and typo

1.1 Tue Sep 9 12:30 MSK 2019

    - Fix pod. Add github repository

(wen)

Updated www/p5-Cookie-Baker to 0.11

(wen)

Update to 0.11

Upstream changes:
0.11 2019-06-07T06:27:50Z

  - Supportt SameSite=None https://github.com/kazeburo/Cookie-Baker/pull/15

(wen)

Updated www/p5-CGI-Simple to 1.22

(wen)

Update to 1.22

Upstream changes:
1.22  2019-09-07 MANWAR
      - Fixed issue RT# 130454, samesite parameter missing from sub cookie().

(wen)

adwaita-icon-theme: Avoid rsvg dep by pre-generating NetBSD icons.

Don't install them on non-NetBSD.

Bump PKGREVISION

(nia)

gnome-icon-theme: Avoid rsvg dep by pre-generating NetBSD logos.

Don't install the logos on non-NetBSD.

Bump PKGREVISION.

(nia)

cinepaint: switch us over to C++11.

Fixes PR pkg/54596: cinepaint build broken with latest OpenEXR

Bump PKGREVISION out of paranoia.

(maya)

pkgtools/url2pkg: keep DESCR and PLIST, fix GConf detection

The files DESCR and PLIST are no longer overwritten. They are only
created if they don't exist.

The GConf schemas detection had written the include line too often, once
for every schema file.

(rillig)

pitivi: Needs py-sqlite3

(nia)

gst-plugins1-transcoder: Apply usual 'can't resolve libraries to shared libraries' workaround

(nia)

gst-plugins1-editing-services: 'disabled', not 'false'!

(nia)