devel/go-colortext: Add buildlink3.mk

(minskim)

doc: Added devel/go-godotenv version 1.2.0

(minskim)

devel/Makefile: Add go-godotenv

(minskim)

devel/go-godotenv: Import version 1.2.0

A Go port of the Ruby dotenv project, which loads env vars from a .env
file. It can be used as a library (for loading in env for your own
daemons etc) or as a bin command.

(minskim)

doc: Added devel/go-colortext version 1.0.0

(minskim)

devel/Makefile: Add go-colortext

(minskim)

devel/go-colortext: Import version 1.0.0

This is a package to change the color of the text and background in
the console, working both under Windows and other systems.

(minskim)

doc: Added devel/go-appengine version 1.1.0

(minskim)

devel/Makefile: Add go-appengine

(minskim)

devel/go-appengine: Import version 1.1.0

Package appengine provides basic functionality for Google App Engine.

(minskim)

geography/libmaxminddb: Add buildlink3.mk

(fhajny)

doc: Added geography/libmaxminddb version 1.3.2

(fhajny)

geography/libmaxminddb: Import libmaxminddb 1.3.2.

The libmaxminddb library provides a C library for reading MaxMind
DB files, including the GeoIP2 databases from MaxMind.

(fhajny)

doc: Updated fonts/fntsample to 5.2

(fhajny)

fonts/fntsample: Update to 5.2.

Changes in version 5.2
- Fix handling of non-ASCII characters in pdfoutline

Changes in version 5.1
- Make writing outlines with Cairo actually work
- Fix typos

Changes in version 5.0
- Add command line flag that allows to use pango for text layout
- Add possiblility to create PDF outline directly using cairo
- Switch to CMake as build system
- Add command line flag for loading Unicode blocks file during runtime.

(fhajny)

Pullup ticket #5826 - requested by taca
shells/zsh: security update

Revisions pulled up:
- shells/zsh/Makefile                                          1.85
- shells/zsh/PLIST                                              1.39
- shells/zsh/distinfo                                          1.63
- shells/zsh/patches/patch-configure.ac                        1.6

-------------------------------------------------------------------
  Module Name: pkgsrc
  Committed By: wen
  Date: Sun Sep  9 00:46:52 UTC 2018

  Modified Files:
  pkgsrc/shells/zsh: Makefile PLIST distinfo
  pkgsrc/shells/zsh/patches: patch-configure.ac

  Log Message:
  Update to 5.6

  Upstream changes:
  Changes from 5.5.1-test-2 to 5.6
  --------------------------------

  CVE-2018-0502: Data from the second line of a #! script file might be passed to
  execve().  For example, in the following situation -
  .
      printf '#!foo\nbar' > baz
      ./baz
  .
  the shell might take "bar" rather than "foo" for the argv[0] to be passed to
  execve().  [ Reported by Anthony Sottile and Buck Evan. ]

  CVE-2018-13259: A shebang line longer than 64 characters would be truncated.
  For example, in the following situation:
  .
      ( printf '#!'; repeat 64 printf 'x'; printf 'y' ) > foo
      ./foo
  .
  the shell might execute x...x (64 repetitions) rather than x...xy (64 x's,
  one y).  [ Reported by Daniel Shahaf. ]

  Changes from 5.5.1 to 5.5.1-test-2
  ----------------------------------

  Non-stop IEEE 754 arithmetic support - Inf and NaN are now returned
  from floating point operations where errors were printed before.
  Inf and NaN are also recognised in arithmetic expressions.

  In shell patterns, [[:blank:]] now honours the locale instead of
  matching exclusively on space and tab, like for the other POSIX
  character classes or for extended regular expressions.

  Nanosecond precision on file times is supported in the module
  zsh/stat.

  To generate a diff of this commit:
  cvs rdiff -u -r1.84 -r1.85 pkgsrc/shells/zsh/Makefile
  cvs rdiff -u -r1.38 -r1.39 pkgsrc/shells/zsh/PLIST
  cvs rdiff -u -r1.62 -r1.63 pkgsrc/shells/zsh/distinfo
  cvs rdiff -u -r1.5 -r1.6 pkgsrc/shells/zsh/patches/patch-configure.ac

(spz)

Pullup ticket #5825 - requested by wiz
www/curl: security update

Revisions pulled up:
- www/curl/Makefile                                            1.201
- www/curl/distinfo                                            1.146
- www/curl/patches/patch-src_tool__cb__hdr.c                    deleted

-------------------------------------------------------------------
  Module Name: pkgsrc
  Committed By: wiz
  Date: Wed Sep  5 06:49:26 UTC 2018

  Modified Files:
  pkgsrc/www/curl: Makefile distinfo
  Removed Files:
  pkgsrc/www/curl/patches: patch-src_tool__cb__hdr.c

  Log Message:
  curl: update to 7.61.1.

  This release includes the following bugfixes:

    o security advisory (CVE-2018-14618): NTLM password overflow via integer overflow [73]
    o CURLINFO_SIZE_UPLOAD: fix missing counter update [46]
    o CURLOPT_ACCEPT_ENCODING.3: list them comma-separated
    o CURLOPT_SSL_CTX_FUNCTION.3: might cause accidental connection reuse [72]
    o Curl_getoff_all_pipelines: improved for multiplexed [3]
    o DEPRECATE: remove release date from 7.62.0
    o HTTP: Don't attempt to needlessly decompress redirect body [30]
    o INTERNALS: require GnuTLS >= 2.11.3 [62]
    o README.md: add LGTM.com code quality grade for C/C++ [42]
    o SSLCERTS: improve the openssl command line
    o Silence GCC 8 cast-function-type warnings [47]
    o ares: check for NULL in completed-callback [3]
    o asyn-thread: Remove unused macro [40]
    o auth: only pick CURLAUTH_BEARER if we *have* a Bearer token [15]
    o auth: pick Bearer authentication whenever a token is available [15]
    o cmake: CMake config files are defining CURL_STATICLIB for static builds [54]
    o cmake: Respect BUILD_SHARED_LIBS [35]
    o cmake: Update scripts to use consistent style [9]
    o cmake: bumped minimum version to 3.4 [34]
    o cmake: link curl to the OpenSSL targets instead of lib absolute paths [34]
    o configure: conditionally enable pedantic-errors [64]
    o configure: fix for -lpthread detection with OpenSSL and pkg-config [38]
    o conn: remove the boolean 'inuse' field [3]
    o content_encoding: accept up to 4 unknown trailer bytes after raw deflate data [5]
    o cookie tests: treat files as text
    o cookies: support creation-time attribute for cookies [75]
    o curl: Fix segfault when -H @headerfile is empty [23]
    o curl: add http code 408 to transient list for --retry [78]
    o curl: fix time-of-check, time-of-use race in dir creation [71]
    o curl: use Content-Disposition before the "URL end" for -OJ [29]
    o curl: warn the user if a given file name looks like an option [56]
    o curl_threads: silence bad-function-cast warning [69]
    o darwinssl: add support for ALPN negotiation [7]
    o docs/CURLOPT_URL: fix indentation [20]
    o docs/CURLOPT_WRITEFUNCTION: size is always 1 [19]
    o docs/SECURITY-PROCESS: mention bounty, drop pre-notify
    o docs/examples: add hiperfifo example using linux epoll/timerfd [21]
    o docs: add disallow-username-in-url.d and haproxy-protocol.d to dist [50]
    o docs: clarify NO_PROXY env variable functionality [70]
    o docs: improved the manual pages of some callbacks [48]
    o docs: mention NULL is fine input to several functions [43]
    o formdata: Remove unused macro HTTPPOST_CONTENTTYPE_DEFAULT [40]
    o gopher: Do not translate `?' to `%09' [67]
    o header output: switch off all styles, not just unbold [8]
    o hostip: fix unused variable warning
    o http2: Use correct format identifier for stream_id [77]
    o http2: abort the send_callback if not setup yet [63]
    o http2: avoid set_stream_user_data() before stream is assigned [61]
    o http2: check nghttp2_session_set_stream_user_data return code [55]
    o http2: clear the drain counter in Curl_http2_done [27]
    o http2: make sure to send after RST_STREAM [58]
    o http2: separate easy handle from connections better [12]
    o http: fix for tiny "HTTP/0.9" response [51]
    o http_proxy: Remove unused macro SELECT_TIMEOUT [40]
    o lib/Makefile: only do symbol hiding if told to [32]
    o lib1502: fix memory leak in torture test [44]
    o lib1522: fix curl_easy_setopt argument type
    o libcurl-thread.3: expand somewhat on the NO_SIGNAL motivation [66]
    o mime: check Curl_rand_hex's return code [22]
    o multi: always do the COMPLETED procedure/state [3]
    o openssl: assume engine support in 1.0.0 or later [2]
    o openssl: fix debug messages [39]
    o projects: Improve Windows perl detection in batch scripts [49]
    o retry: return error if rewind was necessary but didn't happen [28]
    o reuse_conn(): memory leak - free old_conn->options [17]
    o schannel: client certificate store opening fix [68]
    o schannel: enable CALG_TLS1PRF for w32api >= 5.1
    o schannel: fix MinGW compile break [1]
    o sftp: don't send post-qoute sequence when retrying a connection [79]
    o smb: fix memory leak on early failure [26]
    o smb: fix memory-leak in URL parse error path [4]
    o smb_getsock: always wait for write socket too [11]
    o ssh-libssh: fix infinite connect loop on invalid private key [53]
    o ssh-libssh: reduce excessive verbose output about pubkey auth [53]
    o ssh-libssh: use FALLTHROUGH to silence gcc8 [76]
    o ssl: set engine implicitly when a PKCS#11 URI is provided [36]
    o sws: handle EINTR when calling select() [24]
    o system_win32: fix version checking [16]
    o telnet: Remove unused macros TELOPTS and TELCMDS [40]
    o test1143: disable MSYS2's POSIX path conversion [10]
    o test1148: disable if decimal separator is not point [65]
    o test1307: (fnmatch testing) disabled [31]
    o test1422: add required file feature [6]
    o test1531: Add timeout [41]
    o test1540: Remove unused macro TEST_HANG_TIMEOUT [40]
    o test214: disable MSYS2's POSIX path conversion for URL
    o test320: treat curl320.out file as binary [14]
    o tests/http_pipe.py: Use /usr/bin/env to find python
    o tests: Don't use Windows path %PWD for SSH tests [74]
    o tests: fixes for Windows line endlings [13]
    o tool_operate: Fix setting proxy TLS 1.3 ciphers
    o travis: build darwinssl on macos 10.12 to fix linker errors [33]
    o travis: execute "set -eo pipefail" for coverage build [45]
    o travis: run a 'make checksrc' too [25]
    o travis: update to GCC-8 [52]
    o travis: verify that man pages can be regenerated [50]
    o upload: allocate upload buffer on-demand [60]
    o upload: change default UPLOAD_BUFSIZE to 64KB [60]
    o urldata: remove unused pipe_broke struct field [57]
    o vtls: reinstantiate engine on duplicated handles [59]
    o windows: implement send buffer tuning [37]
    o wolfSSL/CyaSSL: Fix memory leak in Curl_cyassl_random [18]

  To generate a diff of this commit:
  cvs rdiff -u -r1.200 -r1.201 pkgsrc/www/curl/Makefile
  cvs rdiff -u -r1.145 -r1.146 pkgsrc/www/curl/distinfo
  cvs rdiff -u -r1.1 -r0 pkgsrc/www/curl/patches/patch-src_tool__cb__hdr.c

(spz)

Pullup ticket #5824 - requested by bsiegert
net/wireshark: security update

Revisions pulled up:
- net/wireshark/Makefile                                        1.194,1.196
- net/wireshark/distinfo                                        1.113-1.114
- net/wireshark/options.mk                                      1.20
- net/wireshark/patches/patch-ui_qt_packet__format__group__box.cpp deleted
- net/wireshark/patches/patch-ui_qt_time__shift__dialog.cpp    deleted
- net/wireshark/patches/patch-ui_qt_wireless__frame.cpp        deleted

-------------------------------------------------------------------
  Module Name:    pkgsrc
  Committed By:  wiz
  Date:          Thu Aug 16 13:20:32 UTC 2018

  Modified Files:
          pkgsrc/net/wireshark: Makefile distinfo
  Removed Files:
          pkgsrc/net/wireshark/patches:
              patch-ui_qt_packet__format__group__box.cpp
              patch-ui_qt_time__shift__dialog.cpp patch-ui_qt_wireless__frame.cpp

  Log Message:
  wireshark: update to 2.6.2.

  Wireshark 2.6.2 Release Notes

    What’s New

    Bug Fixes

      The following vulnerabilities have been fixed:

        • wnpa-sec-2018-34[1]

        • BGP dissector large loop. Bug 13741[2]. CVE-2018-14342[3].

        • wnpa-sec-2018-35[4]

        • ISMP dissector crash. Bug 14672[5]. CVE-2018-14344[6].

        • wnpa-sec-2018-36[7]

        • Multiple dissectors could crash. Bug 14675[8]. CVE-2018-14340[9].

        • wnpa-sec-2018-37[10]

        • ASN.1 BER dissector crash. Bug 14682[11]. CVE-2018-14343[12].

        • wnpa-sec-2018-38[13]

        • MMSE dissector infinite loop. Bug 14738[14]. CVE-2018-14339[15].

        • wnpa-sec-2018-39[16]

        • DICOM dissector crash. Bug 14742[17]. CVE-2018-14341[18].

        • wnpa-sec-2018-40[19]

        • Bazaar dissector infinite loop. Bug 14841[20].
          CVE-2018-14368[21].

        • wnpa-sec-2018-41[22]

        • HTTP2 dissector crash. Bug 14869[23]. CVE-2018-14369[24].

        • wnpa-sec-2018-42[25]

        • CoAP dissector crash. Bug 14966[26]. CVE-2018-14367[27].

      The following bugs have been fixed:

        • ISMP.EDP "Tuples" dissected incorrectly. Bug 4943[28].

        • Wireshark - Race issue when switching between files using
          Wireshark’s "Files in Set" dialog. Bug 10870[29].

        • Sorting on "Source port" or "Destination port" column sorts
          alphabetically, not numerically. Bug 11460[30].

        • Wireshark crashes when changing profiles. Bug 11648[31].

        • Crash when starting capture while saving capture file or
          rescanning file after display filter change. Bug 13594[32].

        • Crash when switching to TRANSUM enabled profile. Bug 13697[33].

        • TCP retransmission with additional payload leads to incorrect
          bytes and length in stream. Bug 13700[34].

        • Wireshark crashes with single quote string display filter. Bug
          14084[35].

        • randpkt can write packets that libwiretap can’t read. Bug
          14107[36].

        • Wireshark crashes when loading new file before previous load has
          finished. Bug 14351[37].

        • Valid packet produces Malformed Packet: OpcUa. Bug 14465[38].

        • Error received from dissect_wccp2_hash_assignment_info(). Bug
          14573[39].

        • CRC checker wrong for FPP. Bug 14610[40].

        • Cross-build broken due to make-dissectors and make-taps. Bug
          14622[41].

        • Extraction of SMB file results in wrong size. Bug 14662[42].

        • 6LoWPAN dissector merges fragments from different sources. Bug
          14700[43].

        • IP address to name resolution doesn’t work in TShark. Bug
          14711[44].

        • "Decode as" Modbus RTU over USB doesn’t work with 2.6.0 but with
          2.4.6. Bug 14717[45].

        • proto_tree_add_protocol_format might leak memory. Bug 14719[46].

        • tostring for NSTime objects in lua gives wrong results. Bug
          14720[47].

        • Media type "application/octet-stream" registered for both Thread
          and UASIP. Bug 14729[48].

        • Crash related to SCTP tap. Bug 14733[49].

        • Formatting of OSI area addresses/address prefixes goes past the
          end of the area address/address prefix. Bug 14744[50].

        • ICMPv6 Router Renumbering - Packet Dissector - malformed. Bug
          14755[51].

        • WiMAX HARQ MAP decoder segfaults when length is too short. Bug
          14780[52].

        • HTTP PUT request following a HEAD request is not correctly
          decoded. Bug 14793[53].

        • SYNC PDU type 3 miss the last PDU length. Bug 14823[54].

        • Reversed 128 bits service UUIDs when Bluetooth Low Energy
          advertisement data are dissected. Bug 14843[55].

        • Issues with Wireshark when the user doesn’t have permission to
          capture. Bug 14847[56].

        • Wrong description when LE Bluetooth Device Address type is
          dissected. Bug 14866[57].

        • LE Role advertisement type (0x1c) is not dissected properly
          according to the Bluetooth specification. Bug 14868[58].

        • Regression: Wireshark 2.6.0 and 2.6.1 are unable to read NetMon
          files which were readable by previous versions. Bug 14876[59].

        • Wireshark doesn’t properly display (deliberately) invalid 220
          responses from Postfix. Bug 14878[60].

        • Follow TCP Stream and click reassembled content moves you to
          incorrect current packet. Bug 14898[61].

        • Crash when changing profiles while loading a capture file. Bug
          14918[62].

        • Duplicate PDU during C Arrays Output Export. Bug 14933[63].

        • DCE/RPC not dissected when "reserved for use by implementations"
          flag bits set. Bug 14942[64].

        • Follow TCP Stream truncates output on missing (but ACKed)
          segments. Bug 14944[65].

        • There’s no option to include column headings when printing
          packets or exporting packet dissections with Qt Wireshark. Bug
          14945[66].

        • Qt: SCTP Graph Dialog: Abort when doing analysis. Bug 14971[67].

        • CMake is unable to find LUA libraries. Bug 14983[68].

    Updated Protocol Support

      6LoWPAN, ASN.1 BER, Bazaar, BGP, Bluetooth, Bluetooth HCI_CMD, CIGI,
      Cisco ttag, CoAP, Data, DCERPC, Diameter 3GPP, DICOM, DOCSIS, FPP,
      GSM A GM, GTPv2, HTTP, HTTP2, IAX2, ICMPv6, IEEE 1722, IEEE 802.11,
      IPv4, ISMP, LISP, MMSE, MTP3, MySQL, NFS, OpcUa, PPI GPS, Q.931,
      RNSAP, RPCoRDMA, S1AP, SCTP, SMB, SMTP, STUN, SYNC, T.30, TCP,
      TRANSUM, WAP, WCCP, Wi-SUN, WiMax HARQ Map Message, and WSP

    New and Updated Capture File Support

      Alcatel-Lucent Ascend and Microsoft Network Monitor

  To generate a diff of this commit:
  cvs rdiff -u -r1.193 -r1.194 pkgsrc/net/wireshark/Makefile
  cvs rdiff -u -r1.112 -r1.113 pkgsrc/net/wireshark/distinfo
  cvs rdiff -u -r1.1 -r0 \
      pkgsrc/net/wireshark/patches/patch-ui_qt_packet__format__group__box.cpp \
      pkgsrc/net/wireshark/patches/patch-ui_qt_time__shift__dialog.cpp \
      pkgsrc/net/wireshark/patches/patch-ui_qt_wireless__frame.cpp

-------------------------------------------------------------------
  Module Name:    pkgsrc
  Committed By:  wiz
  Date:          Sun Sep  2 21:49:06 UTC 2018

  Modified Files:
          pkgsrc/net/wireshark: Makefile distinfo options.mk

  Log Message:
  wireshark: update to 2.6.3.

  Fix some pkglint warnings while here.

  Wireshark 2.6.3 Release Notes

    Bug Fixes

      The following vulnerabilities have been fixed:

        • wnpa-sec-2018-44[1]

        • Bluetooth AVDTP dissector crash. Bug 14884[2]. CVE-2018-16058[3].

        • wnpa-sec-2018-45[4]

        • Bluetooth Attribute Protocol dissector crash. Bug 14994[5].
          CVE-2018-16056[6].

        • wnpa-sec-2018-46[7]

        • Radiotap dissector crash. Bug 15022[8]. CVE-2018-16057[9].

      The following bugs have been fixed:

        • Wireshark Hangs on startup initializing external capture plugins.
          Bug 14657[10].

        • Qt: SCTP Analyse Association Dialog: Segmentation fault when
          clicking twice the Filter Association button. Bug 14970[11].

        • Incorrect presentation of dissected data item (NETMASK) in ISAKMP
          dissector. Bug 14987[12].

        • Decode NFAPI: CONFIG.request Error. Bug 14988[13].

        • udpdump frame too long error. Bug 14989[14].

        • ISDN - LAPD dissector broken since version 2.5.0. Bug 15018[15].

        • ASTERIX Category 062 / 135 Altitude has wrong value. Bug
          15030[16].

        • Wireshark cannot decrypt SSL/TLS session if it was proxied over
          HTTP tunnel. Bug 15042[17].

        • TLS records in a HTTP tunnel are displayed as "Encrypted
          Handshake Message". Bug 15043[18].

        • BTATT Dissector: Temperature Measurement: Celsius and Fahrenheit
          swapped. Bug 15058[19].

        • Diameter AVP User Location Info, Mobile Network Code decoded not
          correctly. Bug 15068[20].

        • Heartbeat message "Info" displayed without comma separator. Bug
          15079[21].

    Updated Protocol Support

      ASTERIX, Bluetooth, Bluetooth ATT, Bluetooth AVDTP, DHCP, DTLS,
      E.212, FP, GSM A RR, HTTP, HTTP2, IEEE 802.11, ISAKMP, ISDN, K12,
      NFAPI, Nordic BLE, PFCP, Radiotap, SSL, Steam IHS Discovery, and TLS
      1.3

    New and Updated Capture File Support

      pcapng

    New and Updated Capture Interfaces support

      ciscodump, udpdump

  To generate a diff of this commit:
  cvs rdiff -u -r1.195 -r1.196 pkgsrc/net/wireshark/Makefile
  cvs rdiff -u -r1.113 -r1.114 pkgsrc/net/wireshark/distinfo
  cvs rdiff -u -r1.19 -r1.20 pkgsrc/net/wireshark/options.mk

(spz)

gimp: update bl3.mk for lcms -> lcms2 change, and recursive bump

(wiz)

doc: Updated databases/ruby-sequel to 5.12.0

(taca)

databases/ruby-sequel: update to 5.12.0

=== 5.12.0 (2018-08-31)

* Make constraint_validations extension respect Database#constraint_validations_table setting (jeremyevans)

* Make Sequel.extension load files from gems (jeremyevans)

* Map clob prepared statement argument type to OCI8::CLOB in the oracle adapter (pipistrellka) (#1534)

* Make Model.load_cache public in the static_cache plugin (AlexWayfer) (#1533)

* Enable support for NOWAIT on MariaDB 10.3+ (jeremyevans)

* Enable support for INTERSECT and EXCEPT on MariaDB 10.3+ (jeremyevans)

* Make tactical_eager_loading plugin handle automatic eager loading for associated objects created by eager_graph (jeremyevans)

* Cache eager_graph loader to speed up subsequent loads from the same dataset (jeremyevans)

* Add caller_logging database extension to log callers before queries, useful during development (jeremyevans)

* Add Database#call_procedure in the postgres adapter for calling PostgreSQL 11+ procedures (jeremyevans)

* Add eager_graph_eager plugin for chaining eager association loads after eager_graph association loads (jeremyevans)

* Support using Dataset#eager_graph in eager load callback for associations using join tables (jeremyevans)

* Make Dataset#graph handle existing selections without determinable aliases by forcing a subselect (jeremyevans)

* Freeze prepared statement arguments before returning the prepared statement (jeremyevans)

* Refactor emulated prepared statement internals to use a placeholder literalizer (jeremyevans)

=== 5.11.0 (2018-08-01)

* Fix using the jdbc/sqlserver adapter on JRuby 9.2+ (jeremyevans)

* Fix dumping schema for numeric/decimal columns with default values, broken starting in 5.9.0 (jeremyevans)

* Recognize additional check constraint violations on certain versions of SQLite (jeremyevans)

* Use cached model instances for Model.first calls without an argument or with a single integer argument in the static_cache plugin (AlexWayfer) (#1529)

* Support ON CONFLICT clause for INSERT on SQLite 3.24+ (jeremyevans)

* Support Dataset#window for WINDOW clause on MySQL 8 and SQLAnywhere (jeremyevans)

* Enable window function support on SQLAnywhere (jeremyevans)

* Support using a hash as a window function :frame option value, with support for ROWS/RANGE/GROUPS, numeric offsets, and EXCLUDE (jeremyevans)

* Allow using set_column_default with a nil value to remove the default value for a column on MySQL when the column is NOT NULL (jeremyevans)

=== 5.10.0 (2018-07-01)

* Use input type casts when using the postgres adapter with pg 0.18+ to reduce string allocations for some primitive types used as prepared statement arguments (jeremyevans)

* Assume local time if database timezone not specified when handling BC timestamps on JRuby 9.2.0.0 in the pg_extended_date_support extension (jeremyevans)

* Fix parsing of timetz types in the jdbc/postgresql adapter (jeremyevans)

* Make SQLTime.parse respect SQLTime.date and Sequel.application_timezone (jeremyevans)

* Add :top as an option in the list plugin (celsworth) (#1526)

* Fix Model#{ancestors,descendants,self_and_siblings} in the tree plugin when custom parent/children association names are used (jeremyevans) (#1525)

* Treat read-only mode error as disconnect error on mysql and mysql2 adapters, for better behavior on AWS Aurora cluster (jeremyevans)

* Don't use cached placeholder literalizers for in Dataset#{first,where_all,where_each,where_single_value} if argument is empty array or hash (jeremyevans)

* Support :tablespace option when adding tables, indexes, and materialized views on PostgreSQL (jeremyevans)

* Support :include option for indexes on PostgreSQL 11+ (jeremyevans)

* Allow the use of IN/NOT IN operators with set returning functions for Sequel::Model datasets (jeremyevans)

* Make many_to_pg_array associations in the pg_array_associations plugin work on PostgreSQL 11 (jeremyevans)

* Only load strscan library in pg_array extension if it is needed (jeremyevans)

* Don't remove related many_to_one associations from cache when setting column value to existing value for model instances that have not been persisted (jeremyevans) (#1521)

* Support ruby 2.6+ endless ranges in the pg_range extension (jeremyevans)

* Support ruby 2.6+ endless ranges in filters, using just a >= operator for them (jeremyevans)

(taca)

Note update of net/unbound to 1.8.0.

(he)

Update unbound to version 1.8.0

Upstream changes:

Features
- unbound-control auth_zone_reload _zone_ option rereads the zonefile.
- unbound-control auth_zone_transfer _zone_ option starts the probe
  sequence for a master to transfer the zone from and transfers when
  a new zone version is available.
- num.queries.tls counter for queries over TLS.
- log port number with err_addr logs.
- dns64-ignore-aaaa: config option to list domain names for which the
  existing AAAA is ignored and dns64 processing is used on the A
  record.
- Fix #4112: Fix that unbound-anchor -f /etc/resolv.conf will not pass
  if DNSSEC is not enabled.  New option -R allows fallback from
  resolv.conf to direct queries.
- Note RFC8162 support.  SMIMEA record type can be read in by the
  zone record parser.
- Patches from Jim Hague (Sinodun) for EDNS KeepAlive.
- Add config tcp-idle-timeout (default 30s). This applies to
  client connections only; the timeout on TCP connections upstream
  is unaffected.
- Add edns-tcp-keepalive and edns-tcp-keepalive timeout options
  and implement option in client responses.
- Add delay parameter to streamtcp, -d secs.
  To be used when testing idle timeout.
- Expose if a query (or a subquery) was ratelimited (not src IP
  ratelimiting) to libunbound under 'ub_result.was_ratelimited'.
  This also introduces a change to 'ub_event_callback_type' in
  libunbound/unbound-event.h.
- Patch to implement tcp-connection-limit from Jim Hague (Sinodun).
  This limits the number of simultaneous TCP client connections
  from a nominated netblock.
- Fix #4142: unbound.service.in: improvements and fixes.
  Add unit dependency ordering (based on systemd-resolved).
  Add 'CAP_SYS_RESOURCE' to 'CapabilityBoundingSet' (fixes warnings
  about missing privileges during startup). Add 'AF_INET6' to
  'RestrictAddressFamilies' (without it IPV6 can't work). From
  Guido Shanahan.
- unbound-checkconf checks if modules exist and prints if they are
  not compiled in the name of the wrong module.
- Patch for stub-no-cache and forward-no-cache options that disable
  caching for the contents of that stub or forward, for when you
  want immediate changes visible, from Bjoern A. Zeeb.
- Upgraded crosscompile script to include libunbound DLL in the
  zipfile.
- Set libunbound to increase current, because the libunbound change
  to the event callback function signature.  That needs programs,
  that use it, to recompile against the new header definition.
- log-servfail: yes prints log lines that say why queries are
  returning SERVFAIL to clients.
- log-local-actions: yes option for unbound.conf that logs all the
  local zone actions, a patch from Saksham Manchanda (Secure64).
- #4146: num.query.subnet and num.query.subnet_cache counters.
- #4140: Expose repinfo (comm_reply) to the inplace_callbacks. This
  gives access to reply information for the client's communication
  point when the callback is called before the mesh state (modules).
  Changes to C and Python's inplace_callback signatures were also
  necessary.
- Set defaults to yes for a number of options to increase speed and
  resilience of the server.  The so-reuseport, harden-below-nxdomain,
  and minimal-responses options are enabled by default.  They used
  to be disabled by default, waiting to make sure they worked.  They
  are enabled by default now, and can be disabled explicitly by
  setting them to "no" in the unbound.conf config file.  The reuseport
  and minimal options increases speed of the server, and should be
  otherwise harmless.  The harden-below-nxdomain option works well
  together with the recently default enabled qname minimisation, this
  causes more fetches to use information from the cache.
- Added serve-expired-ttl and serve-expired-ttl-reset options.

Bug Fixes
- Windows example service.conf edited with more windows specific
  configuration.
- #4108: systemd reload hang fix.
- Fix usage printout for unbound-host, hostname has to be last
  argument on BSDs and Windows.
- Partial fix for permission denied on IPv6 address on FreeBSD.
- Fix that auth-zone master reply with current SOA serial does not
  stop scan of masters for an updated zone.
- Fix that auth-zone does not start the wait timer without checking
  if the wait timer has already been started.
- #4109: Fix that package config depends on python unconditionally.
- Patch, do not export python from pkg-config, from Petr Men邸鱈k.
- Fix checking for libhiredis printout in configure output.
- Fix typo on man page in ip-address description.
- Update libunbound/python/examples/dnssec_test.py example code to
  also set the 20326 trust anchor for the root in the example code.
- Better documentation for unblock-lan-zones and insecure-lan-zones
  config statements.
- Fix permission denied printed for auth zone probe random port nrs.
- Fix documentation ambiguity for tls-win-cert in tls-upstream and
  forward-tls-upstream docs.
- iana port update.
- Fix round robin for failed addresses with prefer-ip6: yes
- Note in documentation that the cert name match code needs
  OpenSSL 1.1.0 or later to be enabled.
- Fix to improve systemd socket activation code file descriptor
  assignment.
- Fix for 4126 that the #define for UNKNOWN_SERVER_NICENESS can be more
  easily changed to adjust default rtt assumptions.
- Fix #4127 unbound -h does not list -p help.
- Print error if SSL name verification configured but not available
  in the ssl library.
- Fix that ratelimit and ip-ratelimit are applied after reload of
  changed config file.
- Resize ratelimit and ip-ratelimit caches if changed on reload.
- Fix #4129 unbound-control error message with wrong cert permissions
  is too cryptic.
- Fix #4130: print text describing -dd and unbound-checkconf on
  config file read error at startup, the errors may have been moved
  away by the startup process.
- Fix #4131: for solaris, error YY_CURRENT_BUFFER undeclared.
- Fix use-systemd readiness signalling, only when use-systemd is yes
  and not in signal handler.
- Fix #4135: 64-bit Windows Installer Creates Entries Under The
  Wrong Registry Key, reported by Brian White.
- Fix man page, say that chroot is enabled by default.
- Sort out test runs when the build directory isn't the project
  root directory.
- Error if EDNS Keepalive received over UDP.
- Correct and expand manual page entries for keepalive and idle timeout.
- Implement progressive backoff of TCP idle/keepalive timeout.
- Fix 'make depend' to work when build dir is not project root.
- Fix #4139: Fix unbound-host leaks memory on ANY.
- Fix to remove systemd sockaddr function check, that is not
  always present.  Make socket activation more lenient.  But not
  different when socket activation is not used.
- Fix #4136: insufficiency from mismatch of FLEX capability between
  released tarball and build host.  Fix to unconditionally call
  destroy in daemon.c.
- Make capsforid fallback QNAME minimisation aware.
- document --enable-subnet in doc/README.
- Fix #4144: dns64 module caches wrong (negative) information.
- Fix that printout of error for cycle targets is a verbosity 4
  printout and does not wrongly print it is a memory error.
- Fix segfault in auth-zone read and reorder of RRSIGs.
- Fix contrib/fastrpz.patch.
- Fix warning on compile without threads.
- print servfail info to log as error.
- added more servfail printout statements, to the iterator.
- Fix classification for QTYPE=CNAME queries when QNAME minimisation is
  enabled.
- Fix only misc failure from log-servfail when val-log-level is not
  enabled.
- Fix lintflags for lint on FreeBSD.
- Fix that a local-zone with a local-zone-type that is transparent
  in a view with view-first, makes queries check for answers from the
  local-zones defined outside of views.

(he)

doc: Added devel/xxhash version 0.6.5

(fhajny)

devel/xxhash: Import xxhash 0.6.5.

xxHash is an Extremely fast Hash algorithm, running at RAM speed
limits. It successfully completes the SMHasher test suite which
evaluates collision, dispersion and randomness qualities of hash
functions.

(fhajny)

Add upstream patch to address CVE-2018-1000222.
Restore the tiff option, so libtiff can be avoided.
Ok by adam@.

(kim)

doc: Updated databases/py-cassandra-driver to 3.15.1

(fhajny)

databases/py-cassandra-driver: Update to 3.15.1.

- C* 4.0 schema-parsing logic breaks running against DSE 6.0.X

(fhajny)

doc: Updated net/py-lexicon to 2.7.2

(fhajny)

net/py-lexicon: Update to 2.7.2.

2.7.2
- Update online cassette
- online api change: domain_id became simply domain name

2.7.1
- Remove route53 tests, boto recordings no longer work.
- Create a library unit test suite
- [Gehirn Web Service] fix 400 response on GET request
- Update setup.py adding cryptography to the setup.py file
- Use ImportError instead of subclass ModuleNotFoundError, which is
  supported only by python 3.6

(fhajny)

doc/pkgsrc.*: regen

(leot)

doc/guide: Reword CONFLICTS usage suggestions

Despite most CONFLICTS are automatically detected at package
installation time it is still a good idea to manually mark CONFLICTS
in order to fail as early as possible instead e.g. of failing at
package installation time after possibly installing several (maybe
not needed) dependencies.

Pointed out by discussion on pkgsrc-changes@ by <jperkin>:

<https://mail-index.NetBSD.org/pkgsrc-changes/2018/09/09/msg180626.html>

Last two paragraphs from <jperkin>, thanks!

Also discussed with <wiz>, thanks!

(leot)

Parameterize loadable module extension. Should fix packaging on non-Darwin.

(schmonz)

Updated devel/googletest, devel/msgpack

(adam)

msgpack: updated to 3.1.1

version 3.1.1
Add force endian set functionality
Fix vrefbuffer memory management problem
Fix msvc specific problem
Update boost from 1.61.0 to 1.68.0
Fix msgpack_timestamp type mismatch bug

(adam)

googletest: updatee to 1.8.1

v1.8.1:
1.8.1 Release reflects a current version of the project.
The 1.8.x is the last release supporting pre-C++11 compilers.
The 1.8.x will not accept any requests for any new features and any bugfix requests will only be accepted if proven "critical"

(adam)

Set default malloc_options iff NetBSD. Other platforms that don't
support the same options may make noise about that, such as OpenBSD.
Suggested by joerg@.

(schmonz)

doc: Updated mail/qmail-run to 20180910

(schmonz)

Add scripts to wrap spamc and rspamc, suitable for use in .qmail files
with e.g. condtomaildir(1). Bump version.

(schmonz)

wireshark: Readjust PLIST for ${PLIST.icons} entries

Readd ${PLIST.icons} as it was in net/wireshark/PLIST,-r1.36 in order to at
least fix wireshark when is built with `-qt5' option.

(leot)

Pullup ticket #5823 - requested by bsiegert
x11/libX11: security update

Revisions pulled up:
- x11/libX11/Makefile                                          1.46
- x11/libX11/PLIST                                              1.14
- x11/libX11/distinfo                                          1.28

-------------------------------------------------------------------
  Module Name:    pkgsrc
  Committed By:  wiz
  Date:          Tue Aug 21 19:29:48 UTC 2018

  Modified Files:
          pkgsrc/x11/libX11: Makefile PLIST distinfo

  Log Message:
  libX11: update to 1.6.6.

  Security fix release.

  Alan Coopersmith (6):
        Make Xkb{Get,Set}NamedIndicator spec & manpages match code
        Clarify state parameter to XkbSetNamedDeviceIndicator
        Improve table formatting in XkbChangeControls & XkbKeyNumGroups man pages
        If XGetImage fails to create image, don't dereference it to bounds check
        Use size_t for buffer sizes in SetHints.c
        Change fall through comment in lcDB.c to match gcc's requirements

  Arthur Huillet (1):
        _XDefaultError: set XlibDisplayIOError flag before calling exit

  Bhavi Dhingra (1):
        Fix possible memory leak in cmsProp.c:140

  Martin Natano (1):
        Don't rebuild ks_tables.h if nothing changed.

  Matthieu Herrb (2):
        Remove statement with no effect.
        libX11 1.6.6

  Michal Srb (1):
        Use flexible array member instead of fake size.

  Ryan C. Gordon (1):
        Valgrind fix for XStoreColor and XStoreColors.

  Samuel Thibault (1):
        XkbOpenDisplay.3: fix typo

  Tobias Stoeckmann (4):
        Validation of server response in XListHosts.
        Fixed off-by-one writes (CVE-2018-14599).
        Fixed out of boundary write (CVE-2018-14600).
        Fixed crash on invalid reply (CVE-2018-14598).

  walter harms (13):
        fix shadow warning
        _XIOError(dpy); will never return so remore dead
        remove argument check for free() adjust one inden
        fix shadow char_size
        fix more shadow warning
        no need to check argument for _XkbFree()
        remove stray extern
        no need to check args for Xfree()
        fix memleak in error path
        fix memleak in error path
        no need to check XFree arguments
        mark _XDefaultIOError as no_return
        Fixes: warning: variable 'req' set but not,used

  wharms (3):
        add _X_UNUSED to avoid unused variable warnings
        remove empty line
        silence gcc warning assignment discards 'const' qualifier from
  pointer target type

  To generate a diff of this commit:
  cvs rdiff -u -r1.45 -r1.46 pkgsrc/x11/libX11/Makefile
  cvs rdiff -u -r1.13 -r1.14 pkgsrc/x11/libX11/PLIST
  cvs rdiff -u -r1.27 -r1.28 pkgsrc/x11/libX11/distinfo

(spz)

Pullup ticket #5821 - requested by bsiegert
x11/libxkbcommon: security update

Revisions pulled up:
- x11/libxkbcommon/Makefile                                    1.21
- x11/libxkbcommon/distinfo                                    1.14

-------------------------------------------------------------------
  Module Name:    pkgsrc
  Committed By:  wiz
  Date:          Thu Aug 16 12:21:44 UTC 2018

  Modified Files:
          pkgsrc/x11/libxkbcommon: Makefile distinfo

  Log Message:
  libxkbcommon: update to 0.8.2.

  libxkbcommon 0.8.2 - 2018-08-05
  =========

  - Fix various problems found with fuzzing (see commit messages for
    more details):

      - Fix a few NULL-dereferences, out-of-bounds access and undefined behavior
        in the XKB text format parser.

  libxkbcommon 0.8.1 - 2018-08-03
  =========

  - Fix various problems found in the meson build (see commit messages for more
    details):

      - Fix compilation on Darwin.

      - Fix compilation of the x11 tests and demos when XCB is installed in a
        non-standard location.

      - Fix xkbcommon-x11.pc missing the Requires specification.

  - Fix various problems found with fuzzing and Coverity (see commit messages for
    more details):

      - Fix stack overflow in the XKB text format parser when evaluating boolean
        negation.

      - Fix NULL-dereferences in the XKB text format parser when some unsupported
        tokens appear (the tokens are still parsed for backward compatibility).

      - Fix NULL-dereference in the XKB text format parser when parsing an
        xkb_geometry section.

      - Fix an infinite loop in the Compose text format parser on some inputs.

      - Fix an invalid free() when using multiple keysyms.

  - Replace the Unicode characters for the leftanglebracket and rightanglebracket
    keysyms from the deprecated LEFT/RIGHT-POINTING ANGLE BRACKET to
    MATHEMATICAL LEFT/RIGHT ANGLE BRACKET.

  - Reject out-of-range Unicode codepoints in xkb_keysym_to_utf8 and
    xkb_keysym_to_utf32.

  To generate a diff of this commit:
  cvs rdiff -u -r1.20 -r1.21 pkgsrc/x11/libxkbcommon/Makefile
  cvs rdiff -u -r1.13 -r1.14 pkgsrc/x11/libxkbcommon/distinfo

(spz)

lang/ghc7: fix typo in error message

(rillig)

xlockmore{,-lite}: restore CONFLICTS.

(maya)

doc: Updated graphics/gimp to 2.10.6nb2

(wiz)

gimp: switch to lcms2.

Bump PKGREVISION.

(wiz)

xlockmore{,-lite}: drop CONFLICTS.

This file is used by both xlockmore-lite and xlockmore, and results in
the package being considered conflicting with itself.

Reported by he in PR pkg/53586

(maya)

doc: Updated editors/nano to 3.0

(wiedi)

nano: update to 3.0

2018.09.09 - GNU nano 3.0 "Water Flowing Underground" speeds up the
            reading of a file by seventy percent, roughly doubles the
            speed of handling ASCII text, changes the way words at line
            boundaries are deleted, makes <Ctrl+Delete> wipe the next
            word and <Ctrl+Shift+Delete> the preceding word, binds M-Q
            to 'findprevious' by default (the Tabs-to-Spaces toggle is
            placed on M-O, and the More-Space toggle is fully removed),
            makes an external spell check undoable, shows the correct
            number of lines on the status bar when opening multiple
            files, removes the 'formatter' command, removes the
            'searchagain' bindable function (M-W is now bound to
            'findnext' by default), moves the No-Convert toggle to the
            Insert menu, removes the Backup and New-Buffer toggles from
            the main menu (they remain in the Write-Out and Insert
            menus, respectively), is more precise in what it accepts as
            a rebindable key name, ignores any presses of <Esc> before
            a valid command keystroke, recognizes some more escape
            sequences for modified editing-pad keys, does not hide
            rcfile error messages on a Linux console, renames the
            bindable functions 'copytext' to 'copy' and 'uncut' to
            'paste', and avoids a possible hang during a Full-Justify.

(wiedi)

- bind-9.11.2.

(taca)

doc: Added net/bind912 version 9.12.2pl1

(taca)

net/Makefile: add and enable bind912

(taca)

net/bind912: Added BIND 9.12 package

Add bind-9.12.2pl1 (BIND 9.12.2-P1) pacakge.

Note: named(8) requires writable permission to current directory when
start up or the directory specified by "directory" in options statement.

BIND, the Berkeley Internet Name Daemon, version 9 is a major rewrite
of nearly all aspects of the underlying BIND architecture.  Some
of the important features of BIND-9 are:

- DNS Security
- IP version 6
- DNS Protocol Enhancements
- Views
- Multiprocessor Support
- Improved Portability Architecture
- Full NSEC3 support
- Automatic zone re-signing
- New update-policy methods tcp-self and 6to4-self

This package contains the BIND 9.12 release.

- named and related libraries have been substantially refactored for
  improved query performance.
- Code implementing the name server query processing logic has been
  moved into a new libns library.
- The DNS Response Policy Service API (DNSRPS) is now supported.
- Log file timestamps can now also be formatted in ISO 8601 (local)
  or ISO 8601 (UTC) formats.
- Added support for the EDNS Padding and Keepalive options.
- 'new-zones-directory' option sets the location where the
  configuration data for zones added by rndc addzone is stored.
- The default key algorithm in rndc-confgen is now hmac-sha256.
- filter-aaaa-on-v4 and filter-aaaa-on-v6 options are now available
  by default without a configure option.
- The obsolete isc-hmac-fixup command has been removed.

(taca)

doc: Added net/bind911 version 9.11.4pl1

(taca)

net/Makefile Add and enable bind911

(taca)

net/bind911 Add BIND 9.11 package

Add bind9.11.4pl1 (BIND 9.11.4-P1) package.

Note: named(8) requires writable permission to current directory when
start up or the directory specified by "directory" in options statement.

BIND, the Berkeley Internet Name Daemon, version 9 is a major rewrite
of nearly all aspects of the underlying BIND architecture.  Some
of the important features of BIND-9 are:

- DNS Security
- IP version 6
- DNS Protocol Enhancements
- Views
- Multiprocessor Support
- Improved Portability Architecture
- Full NSEC3 support
- Automatic zone re-signing
- New update-policy methods tcp-self and 6to4-self

This package contains the BIND 9.11 release.

- Catalog Zones, a new method for provisioning servers
- "dnstap", a fast and flexible method of capturing and logging
  DNS traffic.
- "dyndb", a new API for loading zone data from an external database
- dnssec-keymgr, a new key mainenance utility
- mdig, an alternate version of dig utility
- And more...

(taca)

doc Updated misc/ruby-sprockets to 3.7.2

(taca)

misc/ruby-sprockets update to 3.7.2

**3.7.2** (June 19, 2018)

* Security release for [CVE-2018-3760](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3760).

(taca)

On OpenBSD, detect clang and prefer it over gcc. Addresses pkg/53170.

(schmonz)

doc/TODO: add some

+ adwaita-icon-theme-3.30.0, bsdtar-3.3.3, dconf-0.30.0,
  extra-cmake-modules-5.50.0, gdk-pixbuf2-2.38.0, glib-networking-2.58.0,
  gtk3-3.24.0, gtksourceview3-3.24.9, gtksourceview4-4.0.3,
  libmpdclient-2.15, libsoup-2.64.0, links-2.17, openal-soft-1.19.0,
  oxygen-icons-5.50.0, py-mercurial-4.7.1, py-oauth2client-4.1.3,
  py-simplejson-3.16.1, waf-2.0.11, webkit-gtk-2.22.0.

(wiz)

doc: Updated devel/p5-Proc-Pidfile to 1.07

(wiz)

p5-Proc-Pidfile: update to 1.07.

1.07 2018-09-06 NEILB
    - Added [MetaProvides::Package] to dist.ini to address Kwalitee
      suggestion. NAWGLAN++
    - Doc fix from NAWGLAN++
    - The function looking for an unused pid would return $MAXPID if it failed,
      rather than the expected undef. AWRIGLEY++
    - The testsuite would sometimes hang, as a result of the way it was
      looking for PIDs. Changed the way this works, and skip the relevant
      tests if we can't find PIDs. RT#96998 and report from AWRIGLEY.

1.06_03 2015-03-01 NEILB
    - Added [MetaProvides::Package] to dist.ini to address Kwalitee
      suggestion. NAWGLAN++
    - Doc fix from NAWGLAN++

1.06_02 2014-09-18 NEILB
    - The function looking for an unused pid would return $MAXPID if it failed,
      rather than the expected undef. AWRIGLEY++

1.06_01 2014-09-16 NEILB
    - The testsuite would sometimes hang, as a result of the way it was
      looking for PIDs. Changed the way this works, and skip the relevant
      tests if we can't find PIDs. RT#96998 and report from AWRIGLEY.

(wiz)

doc: Updated devel/p5-GitLab-API-v3 to 1.04

(wiz)

p5-GitLab-API-v3: update to 1.04.

1.04 2018-09-06

- Utilize the x_deprecated META flag.

1.03 2018-09-06

- Make deprecation notice uppercase.

(wiz)

doc: Updated devel/p5-Carp to 1.50

(wiz)

p5-Carp: update to 1.50.

1.50
not documented

version 1.49

* comment only change, document the change from 1.47 better
  and create a commit in blead-perl which can be used to
  reference this issue from the bug report.

version 1.48

* guard against hand-rolled UNIVERSAL::can() implementations
  which throw exceptions when we call $obj->can("((").

version 1.47, 1.47_02

  * Deal with overloading when overload.pm is not use

  * Note 1.47_02 only existed for one commit in blead-perl,
    and in fact no 1.47 should ever see the wild.

version 1.47, 1.47_01

  * Do not die on trappable stack-not-refcounted bugs while
    serializing the stack.

  * Note 1.47_01 only existed for one commit in blead-perl,
    and in fact no 1.47 should ever see the wild.

version 1.46

  * avoid vivifying UNIVERSAL::isa:: in Carp

version 1.45

  * Optimize format_arg when arguments contain many references

version 1.43

  * fix problems introduced by the partial EBCDIC support from version
    1.35

version 1.42

  * add some doc clue about what cluck does

  * avoid floating point overflow in test

version 1.41

  * add missing "<FH> chunk #" phrase to messages

version 1.40; 2016-03-10
  * Get arg_string.t to compile in perl v5.6
  * Add information for how to contribute to Carp.

version 1.39; 2016-03-06
  * bugfix: longmess() should return the error in scalar context
  (CPANRT#107225)

(wiz)

doc: Updated databases/p5-DBD-mysql to 4.047

(wiz)

p5-DBD-mysql: update to 4.047.

2018-09-08 Daniël van Eeden, Patrick Galbraith, DBI/DBD community (4.047)
* Add options needed for public key based security.
* Allow several spaces after LIMIT clause.
* Basic GTID tracking.
* Fix GCC 8.1 warnings
* Fix warning: unused variable ‘buffer_len’
* Fix warning about bind->is_null assignment with incompatible pointer type
* Get rid of warning about unused variable ssl_verify_set
* Fix space/tab issue which leads to misleading indentation
* Change spaces/tabs to get rid of GCC8 warning

2018-03-09 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.046_01)
* Updated documentation re. multithreading (Daniël van Eeden)
* Remove #IFDEFs for code detecting ancient DBI versions. The minimum
  DBI version we require is version 1.609 from 2009!
* ChopBlanks should not trim binary fields (urcheon)
* Skipped test which failed on OpenBSD because Proc::ProcessTable does not
  come with a 'size' attribute on this platform (glasswalk3r, pali)
* Improved test suite with regards to MySQL 8.0
* Improved macOS installation notes.
* Use Devel::CheckLib 1.09 or newer, fixes
  https://github.com/perl5-dbi/DBD-mysql/issues/109
* Specify bigint as test dependency
* Add recommends and suggests tests dependencies (pali)
* Check only for libs via Devel::CheckLib in Makefile.PL (pali)
* Remove param --with-mysql from Makefile.PL documentation (pali)
* Check if specified Makefile.PL settings are working (pali)
  Fixes https://rt.cpan.org/Ticket/Display.html?id=119902
* Remember mysql_config value for Makefile.PL (pali)
* Locate MySQL libs using Devel::CheckLib (pali)
* Added a fix for 30insertfetch failure when using server-side prepared
  statements. The stmt was being freed for DML statements before
  the handle attribute was read, mysql_info was reading back nulls

(wiz)

libdrm

(maya)

libdrm: Implement drmParseSubsystemType, drmParsePciBusInfo for NetBSD

Needed for mesalib update, from riastradh.

(maya)

Updated shells/zsh to 5.6

(wen)

Update to 5.6

Upstream changes:
Changes from 5.5.1-test-2 to 5.6
--------------------------------

CVE-2018-0502: Data from the second line of a #! script file might be passed to
execve().  For example, in the following situation -
.
    printf '#!foo\nbar' > baz
    ./baz
.
the shell might take "bar" rather than "foo" for the argv[0] to be passed to
execve().  [ Reported by Anthony Sottile and Buck Evan. ]

CVE-2018-13259: A shebang line longer than 64 characters would be truncated.
For example, in the following situation:
.
    ( printf '#!'; repeat 64 printf 'x'; printf 'y' ) > foo
    ./foo
.
the shell might execute x...x (64 repetitions) rather than x...xy (64 x's,
one y).  [ Reported by Daniel Shahaf. ]

Changes from 5.5.1 to 5.5.1-test-2
----------------------------------

Non-stop IEEE 754 arithmetic support - Inf and NaN are now returned
from floating point operations where errors were printed before.
Inf and NaN are also recognised in arithmetic expressions.

In shell patterns, [[:blank:]] now honours the locale instead of
matching exclusively on space and tab, like for the other POSIX
character classes or for extended regular expressions.

Nanosecond precision on file times is supported in the module
zsh/stat.

(wen)

(net/p5-Socket6)  Remove netinet6/ipsec.h: Thu Sep 6 19:07:13 2018 +0000

(mef)

(net/p5-Socket6)  Remove netinet6/ipsec.h: Thu Sep 6 19:07:13 2018 +0000

(mef)

doc: Updated devel/libidn2 to 2.0.5

(schmonz)

Update to 2.0.5. From the changelog:

** Switched the default library behavior to IDNA2008 as amended
  by TR#46 (non-transitional). That default behavior is enabled when
  no flags are specified to function calls. Applications can utilize the
  %IDN2_NO_TR46 flag to switch to the unamended IDNA2008. This is done in
  the interest of interoperability based on the fact that this is what application
  writers care about rather than strict compliance with a particular protocol.

** Fixed memleak in idn2_to_unicode_8zlz().

** Return error (IDN2_ICONV_FAIL) on charset conversion errors.

** Fixed issue with STD3 rules applying in non-transitional
  TR46 mode.

** idn2: added option --usestd3asciirules.

(schmonz)

doc: Updated security/py-acme-tiny to 4.0.4

(schmonz)

Update to 4.0.4. From the git log:

- Make regular expression accept a whitespace after CN.
- Don't fail on openssl 1.1 output
- Add documentation and support for Red Hat openssl directories
- fix parsing of new (?) openssl output format
- Fix broken Markdown headings
- FIX CN parsing to work with OpenSSL 1.1
- Make acme_tiny.py executable in index
- Minor tweak that makes deploying a tiny bit easier
- OpenSSL output seems to have changed another time.
- fixed changing error message
- fixed more error message case changes
- Fix typos
- switched to grabbing the agreement url from /directory, addresses #145, #148, #172, #189
- damn python3 bytes-to-strings encoding gets you again...
- added python 3.6 to test coverage
- update SSL config
- mostly working ACMEv2, except for letsencrypt/boulder#3367
- deprecated CA url in favor of using the direct certificate authority directory url
- added badNonce retries
- consolidated external commandline execution error handling to bring back under 200 lines of code
- removed challenge payload that is no longer needed in new acme spec
- updated test coverage to ignore new setup.py file (setup install still gets tested via test_install.py)
- updated readme to note that ACME v2 certificate downloads now include the intermediate certificate
- added optional contact details
- fixed buffer to unicode decoding for tests
- cleaned up help and copyright text
- Readme: Only needs access to private account key
- added tiny user agent
- don't skip ValueError when urlopen(Request(nonvalid, ...))

(schmonz)

doc: Updated misc/ruby-sprockets22

(taca)

misc/ruby-sprockets22 Add fix for CVE-2018-3760

* Add fix for CVE-2018-3760.
* pkgsrc change: update HOMEPAGE.

(taca)

doc: Updated net/youtube-dl to 20180908

(leot)