Version 1.0.13
- Javascript: the sumo builds now include all symbols. They were
previously limited to symbols defined in minimal builds.
- The public `crypto_pwhash_argon2i_MEMLIMIT_MAX` constant was
incorrectly defined on 32-bit platforms. This has been fixed.
- Version 1.0.12 didn't compile on OpenBSD/i386 using the base gcc
compiler. This has been fixed.
- The Android compilation scripts have been updated for NDK r14b.
- armv7s-optimized code was re-added to iOS builds.
- An AVX2 optimized implementation of the Argon2 round function was
added.
- The Argon2id variant of Argon2 has been implemented. The
high-level `crypto_pwhash_str_verify()` function automatically detects
the algorithm and can verify both Argon2i and Argon2id hashed passwords.
The default algorithm for newly hashed passwords remains Argon2i in
this version to avoid breaking compatibility with verifiers running
libsodium <= 1.0.12.
- A `crypto_box_curve25519xchacha20poly1305_seal*()` function set was
implemented.
- scrypt was removed from minimal builds.
- libsodium is now available on Nuget.

(adam)

Updated cad/gtkwave to 3.3.83

(mef)

Updated cad/gtkwave to 3.3.83
-----------------------------
3.3.83  04aug17 Preserve search type for regex search across reloads or
                close/reopens of regex search widget.
                Update local libz to current version.

(mef)

Updated security/crudesaml to 1.9

Change since 1.8: Fix crash on PAM intialization failure

(manu)

Replace PHP_VERSIONS_INCOMPATIBLE with PHP_VERSIONS_ACCEPTED.

Reported by Jason Bacon.

(taca)

Note update of ISC DHCP related packages to 4.3.6.

net/isc-dhcp4
net/isc-dhclient4
net/isc-dhcpd4
net/isc-dhcrelay4

(taca)

Update isc-dhcp4 to 4.3.6.

This is mainly bug fix release and changes from 4.3.4 are too many to write
here, please refer RELNOTES in detail.

(taca)

Updated misc/libreoffice to 5.4.0.3nb1

(ryoon)

Bump PKGREVISION from upstream distfile change

Reported by Paul Goyette on pkgsrc-users@.

(ryoon)

Update nsd to version 4.1.17.

Changes from release notes.

Features

* zone parser parses type AVC (it has TXT format).
* Fix #1272: use writev to put tcp length field
  with data for outgoing zone transfer requests.

Bugfixes

* Fix potential null pointer in nsec3 adjustment tree.
* Fix text format of deletes for CDS and CDNSKEY,
  single 0 to represent empty base64 or hex string.

(nros)

Updated devel/py-hypothesis to 3.17.0, devel/py-test to 3.2.1

(adam)

Pytest 3.2.1
Bug Fixes:
* Fixed small terminal glitch when collecting a single test item.
* Correctly consider / as the file separator to automatically mark plugin files for rewrite on Windows.
* Properly escape test names when setting PYTEST_CURRENT_TEST environment variable.
* Fix error on Windows and Python 3.6+ when sys.stdout has been replaced with a stream-like object which does not implement the full io module buffer protocol. In particular this affects pytest-xdist users on the aforementioned platform.

Improved Documentation
* Explicitly document which pytest features work with unittest.

(adam)

3.17.0:
This release documents the previously undocumented phases feature”, making it part of the official public API. It also updates how the example database is used. Principally:
* A Phases.reuse argument will now correctly control whether examples from the database are run (it previously did exactly the wrong thing and controlled whether examples would be saved).
* Hypothesis will no longer try to rerun all previously failing examples. Instead it will replay the smallest previously failing example and a selection of other examples that are likely to trigger any other bugs that will found. This prevents a previous failure from dominating your tests unnecessarily.
* As a result of the previous change, Hypothesis will be slower about clearing out old examples from the database that are no longer failing (because it can only clear out ones that it actually runs).

(adam)

+ MesaLib-17.1.6, libsoup-2.58.2, p5-Class-Inspector-1.32,
  p5-Error-0.17025, syncthing-0.14.36.

(wiz)

Updated x11/mlterm to 3.8.2

(tsutsui)

Update mlterm to 3.8.2.

Change noted in doc/en/ReleaseNote:

ver 3.8.2
* Support page of VT400 or later. (NP, PP, PPA, PPR, PPB, DECCRA and DECLRP)
* Support DECRQDE, DECSCUSR(Ps = 3,4,5,6), DECATC, DECRQM, DECRQMH, DECSCA,
  DECERA, DECSEL and DECSED.
* Support SGR of DECRQSS.
* Support MC and DECMC which output screen contents to ~/.mlterm/[tty]-YYYYMMDDHHMMSS.snp.
* Add "baseline_offset" / --blpos option.
* Revive iiimf input method plugin.
  (--disable-iiimf optoin of configure script disables this feature.)
* Update unicode property table (generated from UnicodeData.txt and
  EastAsianWidth.txt) to version 10.0.0.
* Support brltty with the use of brlapi library. (Experimental)
  (configure with --enable-brlapi option.)
* Enable to build on msys2.
* Support DECDHL and DECDWL on console.
* libvte compatible library supports vte 0.48.0 API.
* Bug fixes:
  Fix unexpected blocking in exiting mlterm.jar.
  Fix a redrawing problem in inserting RTL characters between LTR ones or vice-versa.
  Fix unexpected erasing of DECIC and DECDC.
  Fix a bug which occupies 100% of CPU in switching mlterm-fb to an inactive
  console on linux.
  Fix freeze in copy&paste between windows of libvte compatible library.
  <dev> in OSC 5379;<dev>:a=b works.

(tsutsui)

Updated devel/subversion to 1.9.7, devel/git to 2.14.1

(adam)

Git v2.14.1:
This release forward-ports the fix for "ssh://..." URL from Git v2.7.6

(adam)

Subversion 1.9.7:

This is a stable security release of the Apache Subversion open source
version control system.  It fixes one security issue:

    CVE-2017-9800:
    Arbitrary code execution on clients through malicious svn+ssh URLs in
    svn:externals and svn:sync-from-url
    http://subversion.apache.org/security/CVE-2017-9800-advisory.txt

(adam)

Updated devel/cmake to 3.9.1

(adam)

Changes in 3.9.1 since 3.9.0:

Utilities/Sphinx: Restore compatibility with Sphinx pre-1.2
Help: Silence warning about document not included in toctree
UseSWIG: Fix when Java is enabled as a language
VS: Fix VCTargetsPath detection
Android: Fix support for CMAKE_SYSROOT without CMAKE_SYSROOT_COMPILE
expat: Update script to get Expat 2.2.3
expat: Update CMake build for 2.2.3
Tests: Simplify RunCMake.find_package PackageRoot case regexes
find_*: Disable the PACKAGE_ROOT search path group for CMake 3.9
find_package: Add missing PACKAGE_ROOT_PATH search path implementation.
find_package: Fix PACKAGE_ROOT test to check find_pacakge(CONFIG) mode.
find_package: Split PACKAGE_ROOT tests to work with smaller regex
FindJava: Allow early access version trailing string to be mixed case
FindBoost: pop policy stack before returning
expat 2017-08-02 (97c6bd01)
server: Fix crash on missing cache entries
FindJava: fix hint for windows jre 1.6
Help: Fix module and function names in CMP0069 examples
Autogen: Always create AUTOMOC/AUTOUIC include directory

(adam)

Update self test bug status.

(wiz)

Fixes to get U-Boot building on NetBSD.

(jmcneill)

Fix double entry for devel/lua-gi update.

(triaxx)

Updated devel/lua-gi to 0.9.1

(triaxx)

Update devel/lua-gi to 0.9.1

Reviewed by maya@

Changes:
* marshal NULL strings as nil instead of empty strings. This allows use of e.g. DataInputStream:read_line() APIs.
* fix and improve build for OSX and Win-based configurations
* add support for arrays with lengths as struct fields
* allow GLib.Variant construction for lightuserdata
* fix gtop binding (certain structs could not be imported)
* adapt to new set of annotations in newer glib
* assorted Lua5.3 fixes, lgi is now fully Lua5.3 compatible
* fix binding of Gdk.Rectangle from newer GDK

(triaxx)

Added sysutils/u-boot-nanopi-neo version 2017.07
Added sysutils/u-boot-orangepi-plus2e version 2017.07
Added sysutils/u-boot-sinovoip-bpi-m3 version 2017.07

(jmcneill)

+ u-boot-nanopi-neo u-boot-orangepi-plus2e u-boot-sinovoip-bpi-m3

(jmcneill)

Add U-Boot package for FriendlyARM NanoPi NEO

(jmcneill)

Add U-Boot package for Xunlong Orange Pi Plus 2E

(jmcneill)

Add U-Boot package for Sinovoip Banana Pi BPI-M3

(jmcneill)

Add helpers for building U-Boot images.

(jmcneill)

Updated multimedia/adobe-flash-player to 26.0.0.151

(tsutsui)

Update adobe-flash-player to 26.0.0.151.

Upstream announcemnt:

https://helpx.adobe.com/security/products/flash-player/apsb17-23.html

Adobe Security Bulletin
Security updates available for Flash Player | APSB17-23

(tsutsui)

Updated textproc/mandoc to 1.14.3

(wiz)

Updated mandoc to 1.14.3.

Changes in version 1.14.3, released on August 5, 2017

    --- BUG FIXES ---
* man(7): Do not crash with out-of-bounds read access to a constant
  array if .sp or a blank line immediately precedes .SS or .SH.
* mdoc(7): Do not crash with out-of-bounds read access to a constant
  array if .sp or a blank line precede the first .Sh macro.
* tbl(7): Ignore explicitly specified negative column widths rather than
  wrapping around to huge numbers and risking memory exhaustion.
* man(1): No longer use names that only occur in the SYNOPSIS section.
  Gets rid of some surprising behaviour and bogus warnings.
    --- THANKS TO ---
  Leah Neukirchen (Void Linux), Markus Waldeck (Debian),
  Peter Bui (nd.edu), and Yuri Pankov (illumos) for bug reports.

(wiz)

Updated devel/jenkins to 2.73

(ryoon)

Update to 2.70.3

Changelog:
What's new in 2.73 (2017-08-06)

    Avoid unnecessary locking to improve performance related to actions. (issue 45244)
    Improve performance when reading the console text of a build. (issue 45915)
    Add Polish translations for setup wizard. (pull 2952)
    Reliably close build log file when using chained BuildListeners. (issue 45057, issue 43199)
    Modify the JNLPLauncher configuration page to work around regression in Docker Plugin (regression in 2.72). (issue 45895)

What's new in 2.72 (2017-07-30)
70 sunny0 cloudy11 stormCommunity reported issues: 7��JENKINS-45895 1��JENKINS-45956

    Enable remoting work directories by default for newly created agents launched via JNLP (Java Web Start Launcher). (issue 44112, feature documentation)
    Always follow redirects for downloading update center metadata, so misbehaving plugins cannot break it. (issue 38185)
    Minor optimization to queue maintenance routines and printing of console notes, mainly for the benefit of Pipeline node blocks. (issue 45553)
    Don't monitor response time on offline agents. (issue 20272)

What's new in 2.71 (2017-07-23)
Community reported issues: 2��JENKINS-45959 1��JENKINS-45895

    Winstone 4.1: Add Jetty HTTP/2 connector and corresponding options for Winstone-Jetty. (issue 45438, enabling HTTP/2 support in Winstone-Jetty)
    Don't reload user records from disk unless explicitly requested to improve performance of user record access. (issue 45737)
    Prevent NullPointerException in Jenkins#getRootURL() while the instance is not fully loaded yet. (issue 34914)
    Contributions to the PATH environment variable could result in malformed values on agents on a platform different from master's. (issue 14807)
    JNLP for launching agents now requests Java 8. (issue 45679)
    Prevent NullPointerException when a previous completed build is missing for upstream culprits check. (issue 45516)
    Correctly show or suppress warnings about undefined parameters based on hudson.model.ParametersAction.keepUndefinedParameters system property. (issue 45519)
    Internal: Delete obsolete SECURITY-144-compat exclusion that can break tests. (issue 25625)

(ryoon)

Updated devel/jenkins-lts to 2.60.2

(ryoon)

Update to 2.60.2

Changelog:
What's new in 2.60.2 (2017-07-19)
Community reported issues: 3��JENKINS-45057 1��JENKINS-43197 1��JENKINS-43199 1��JENKINS-45648

    Allow overriding the Jenkins session ID suffix so it doesn't change on every restart, possibly resulting in too many cookies. (how to set session ID, issue 25046, issue 44894)
    Add documentation for time zone specification for cron patterns (e.g. SCM polling). (issue 9283)
    Do not submit form when pressing Enter in the plugin manager's filter field. (issue 44523)
    Jenkins failed to perform some cleanup tasks, including saving the build queue, if stopped via REST /exit, CLI shutdown, or when restarting from Install as Windows Service. (issue 44589)
    Don't check whether disabled administrative monitors are active or not on the Manage Jenkins page. (issue 44608)
    When starting the jenkins.war directly, properly check for Java 8 as minimum instead of Java 7 before proceeding. (issue 44764)
    Prevent NullPointerException when calling restart CLI command (regression in 2.57). (issue 44769)
    Prevent possible NullPointerException when listing remote directories using the FilePath#list() and FilePath#listDirectories() APIs. (issue 44942)

What's new in 2.60.1 (2017-06-21)
Community reported issues: 3��JENKINS-43197 2��JENKINS-45057 1��JENKINS-42988 1��JENKINS-43199 1��JENKINS-45308 1��JENKINS-44485 1��JENKINS-42959 1��JENKINS-42089
2.60.1 is the first Jenkins LTS release that requires Java 8 to run. If you're using the Maven Project type, please note that it needs to use a JDK capable of running Jenkins, i.e. JDK 8 or up. If you configure an older JDK in a Maven Project, Jenkins will attempt to find a newer JDK and use that automatically. If your SSH Slaves fail to start and you have the plugin install the JRE to run them, make sure to update SSH Slaves Plugin to at least version 1.17 (1.20 recommended).
Changes since 2.60:

    Fix for NullPointerException while initiating some SSH connections (regression in 2.59). (issue 44120)

Notable changes since 2.46.3:

    Jenkins (master and agents) now requires Java 8 to run. (issue 27624, issue 42709, pull 2802, announcement blog post)
    Update Groovy to 2.4.8 to address memory leak issue. Pipeline: Groovy needs to be upgraded to 2.28 or higher to prevent regressions. (issue 33358, issue 42189)
    Upgrade the Windows Agent Installer module from 1.6 to 1.7. This change picks major updates in Windows service management logic. (full changelog, guide to upgrading old Windows service agents)
    Windows services: Upgrade the bundled Windows Service Wrapper from 1.18 to 2.0.2. (full changelog)
    Windows services: Enable Runaway Process Killer by default in new Agent and Master installations. (issue 39231)
    Windows services: Enable auto-upgrade of remoting on newly installed agents if they are connected by HTTPS. (issue 39237)
    Windows services: Add support of shared directories mapping in Windows agent services. (Shared Directory Mapper documentation)
    Windows services: Integrate various stability and performance fixes in Windows Service Wrapper from 1.18 to 2.0.2. There are many fixes around configuration options and process termination. (full changelog)
    Packaging: Do not invoke recursive chown in JENKINS_HOME during the RPM post-install step unless owned by a different user. (issue 23273)
    Use case-insensitive search by default for new and anonymous users. (issue 42645)
    Searching in the Build History widget takes into account user preferences (case sensitivity by default). (pull 2683)
    Allow searching by build parameter values in the Build History widget. (issue 40718)
    Update the Trilead SSH library to get support of new Mac, Key, and Key Exchange Algorithms. (issue 33021, issue 26379, issue 31549, issue 42959, issue 43979, issue 44046)
    When creating temporary files, use the jenkins prefix instead of the old hudson one. (pull 2778)
    Update German, French and Russian localizations. (pull 2777, pull 2787, pull 2798)
    Removed localizations with very low coverage: Albanian, Basque, Belarusian, Bengali, Esperanto, Galician, Georgian, Gujarati, Hindi, Icelandic, Indonesian, Irish, Kannada, Macedonian, Marathi, Mongolian, Occitan, Punjabi, Sinhala, Tamil, Telugu, Thai. (pull 2813)
    Internal API: Add the ability for ItemListener to veto copy operations; make Run#compareTo work across jobs; save Jenkins after calling setSecurityRealm or setAuthorizationStrategy. (issue 34691, issue 42319, pull 2762, pull 2782, pull 2790, pull 2805)

(ryoon)

Updated www/firefox-l10n to 55.0.1

(ryoon)

Update to 55.0.1

* Sync with www/firefox-55.0.1

(ryoon)

Updated www/firefox to 55.0.1

(ryoon)

Update to 55.0.1

Changelog:
Fixed
    Fix a regression the tab restoration process (bug 1388160)

    Fix a problem causing What's new pages not to be displayed (bug 1386224)

    Fix a rendering issue with some PKCS#11 libraries (bug 1388370)

    Disable the predictor prefetch (bug 1388160)

(ryoon)

rototill^W omit low GCC_REQD

(maya)

pbulk is able to handle the creation All directory itself[1].
changing the permission of ${PACKAGES} at the end of the script prevents that
from working.
Undo the change in r1.4 to create the All directory during setup & instead do
not change permissions.

Tested on OS X Tiger & FreeBSD.

Heads up by joerg
[1] http://mail-index.netbsd.org/pkgsrc-changes/2017/08/01/msg160826.html

(sevan)

forgot to revbump in the previous commit, now done.

(nros)

Install license to compy with apache version 2 license and
redistribution.
Bump PKGREVISION.

(nros)

Install license to comply with the bsd license and binary redistibution.
Add runtime paths to pkgconfig files.
Bump PKGREVISION.

(nros)

Install licenses and copyright information in freeimage and
freeimage-plus packages in order to comply with binary redistribution of
the boundled libraries.

(nros)

Updated www/php-owncloud to 10.0.2

(ryoon)

Update to 10.0.2

Changelog:
Version 10.0.2 May 30 2017

    [major] Fix issue with database.xml migration being triggered twice on market app install - core/#27982
    [major] Apps formerly marked as shipped can now be uninstalled - core/#27985
    [major] Market now properly updates app version when using multiple apps paths - core/#28002

Version 10.0.1 May 23 2017

    [major] Clear cached app info before installing app - core/#27953
    [major] Fix to allow admin login when using home object store mode - core/#27963
    [major] Skeleton files correct copied for shibboleth - core/#27935
    [major] Automatically enable market app when upgrading from OC < 10 - core/#27930
    [major] Fix issue where market would run app migrations twice in some scenarios - market/#76
    [major] Fetch search terms from user backend (ex: LDAP) for more extended user search ability - core/#27906
    [major] Added support for upload-only link shares - core/#27548
    [major] When enabling default encryption module the admin must now explicitly choose encryption type (master key vs user key) - core/#27512
    [major] Fix missing "publicuri" field when upgrading from 9.1.5 - core/#27754
    [major] Add options to the user:sync command to handle missing accounts - core/#27798
    [major] Maintenance mode now properly blocks syncing on new DAV endpoint - core/#27821
    [major] Copy button for multiple link share now copies the correct link - core/#27863
    [major] Fix upload issues with IE11 - core/#27875
    [major] Allow apps to register multiple settings panels - core/#27885
    [major] Account table doesn't sync from user backends that have no listing support - core/#27862
    [major] Add events for password validation - core/#27883
    [major] Add JS event after external storage mount config is loaded, for UI extensions - core/#27740
    [major] Fix theming of setup page by autoloading default_enable theme apps - core/#27819
    [major] Allow apps to register custom settings page sections in info.xml - core/#27634
    [major] Add admin sharing option to restrict autocomplete to membership groups but still allow typing full name if known - core/#27869
    [minor] Market app update now doesn't overwrite local git checkouts - core/#27973
    [minor] Delete "appstoreenabled" config value when enabling market - core/#27956
    [minor] Do not verify email address when entered by an admin on their personal page - core/#27921
    [minor] Fix default share permission issue in public API core/#27927
    [minor] Properly rethrow exception when error occurred when enabling an app - core/#27970
    [minor] Remove own shares from "Shared with you" section - core/#27972
    [minor] Fix updating to daily from 10.0.0 with web updater - updater/#422
    [minor] Fix updating to 10.0.1 with web updater - core/#27965
    [minor] Removed unused and non-working auto-login after setup - core/#27971
    [minor] Fix SMB storage to return false if stat failed - core/#27859
    [minor] Update swiftmailer - core/#27897
    [minor] Escape filter in search - core/#27900
    [minor] Fix file name output in error pages - core/#27808
    [minor] Support for alternative login buttons through config.php - core/#27607
    [minor] Example theme app renamed to "theme-example" by convention - core/#27632
    [minor] Fix missing translation of built-in section names - core/#27645
    [minor] Add ability to disable password reset form in config - core/#27676
    [minor] Add support for themed radio buttons - core/#27681
    [minor] Fix customjs extension handling for external storage apps - core/#27683
    [minor] Fix upgrade error with mod_fcgid and PHP 7 - core/#27553
    [minor] Remove sharing subtab when link sharing is disallowed - core/#27708
    [minor] Add privacy warning in link shares panel - core/#27844
    [minor] Fix files app name in navigation menu - core/#27843
    [minor] Fix mimetype table code to ignore folder extensions - core/#27668
    [minor] Automatically focus the password field in password reset page - core/#27889
    [minor] Trashbin restore warnings due to missing entries now logged as debug - core/#27826
    [minor] Remove obsolete repair step RemoveOldShares - core/#27737
    [minor] "local link" was renamed to "private link" - core/#27594
    [minor] Fix column sorting in public file list page - core/#27308
    [minor] Don't display error when not connected to market - market/#51
    [minor] Fix issue with some apps info formats - market/#49
    [minor] Add ability to uninstall apps in market app UI - market/#67
    [minor] Improve visual feedback when installing market apps - market/#64
    [minor] Don't display license key in config report - configreport/#27

Version 10.0.0 Apr 27 2017
General

    Allows users to add the app to the Android homescreen - core/#25438
    Compatible with PHP 7.1 - core/#25436
    MySQL 4-byte UTF8 support: (utf8mb4 for e.g. Emoticons) - core/#17978
    Admin, personal pages and app management are now merged together into a single "Settings" entry - core/#26449
    Admin page displays the output of the server's status.php - core/#27238
    Also allow using email address for password recovery - core/#27168
    Support Redis Cluster - core/#26407
    ownCloud log entry reorder - core/#27562
    ownCloud log file rules to split into separate files - core/#27443
    occ scanner optimized memory usage for large scans by using autocommits - core/#27527

Filesystem

    Ability to exclude folders from being processed, like snapshot folders - core/#19235
    Checksum is computed on the fly and verified - core/#26655

Files App

    Share Link can be copied to the clipboard - core/#25418
    Display version sizes in versions panel - core/#26511
    Transfer ownership now works for individual folders - core/#27343
    Favorite star indicator now visible in the file lists related to sharing (ex: "Shared with you") - core/#19753

User management

    Ability to disable users in the users page (enable column first under cog icon) - core/#27333
    When changing personal email, an email confirmation is now sent - core/#7326
    When password is changed through any means, the user will now receive an email - core/#27498
    Change user preferences through OCC - core/#24770

External storage

    "Local" storage type can now be disabled by sysadmin in config.php - core/#26653
    External storage backends must use the core external storage API to work without files_external - core/#18160
    FTP external storage moved to a separate app files_external_ftp

Dav App

    CalDAV calendar public sharing - core/#2ultiple link shares - core/#27337
    When a recipient moves a file or folder out of a received share, the owner now receives a backup in their trashbin - core/#27042
    User avatars now visible in sharing autocomplete dropdown - core/#25976

Minor chang7473
    provisioning API now also returns the user's home path - core/#26850
    web updater shows link to changelog in admin page - core/#26796

For developers

    Users from all user backends are now stored in a central account table, improves perform  Added first login event - core/#26206
    Added postLogout hook - core/#27048
    New column in oc_jobs table to store last duration - core/#27144
    Ability to specify offset and limit when doing a REPORT query on a files endpoint - core/#26507
    Avatar API via WebDAV - core/#26872
    Improve return value support for two factor auth providers API - core/#26593
    Apps can now register Sabre plugins in info.xml - core/#26195
    REPORT method for files endpoint now allows searching for favorites - core/#26099
    Group backends can now return group display names (partial support, only used by sharing autocomplete) - core/#26750

(ryoon)

Update to 12.0.1

Changelog:
Changes
Server
Over 100 fixes were merged in the server.

    Update broken on PGSQL
    Add brackets around concat statements so comparing the result works a…
    Can't close PDF preview
    Add a repair step to drop the account_terms table on oc migration
    [stable12] Fix show password button for password change
    [stable12] Enable postgres on drone again
    fix overlay on show password
    [stable12] Add new bundle
    [stable12] proper logo height in emails for Outlook
    scan.nextcloud.com causing exception in theming?
    Long running php processes: LDAP timeout
    X-XSS-Protection header invalid (NextCloud 12.0.0.29)
    [stable12] Fix for mb strlen
    [stable12] Fix error message on untrusted domain error page
    [12] Fix renaming of non-renamble mounts
    [12] Also repair storage id's when repairing invalid entries
    [12] still remove the federated share even if we cant notify the remote
    [stable12] Show warning if PHP 7.2 is used
    [stable12] fix preview for public links
    [stable12] Fix config.sample.php documentation
    [stable12] Add recovery key on public upload
    [stable12] Backport translation fixes
    [stable12] Enable acceptance tests again on Drone 0.7
    [stable12] Backport allow to theme emails
    [stable 12] Add ellipsis for app titles in the app menu popover
    [stable12] Fix emitting of legacy hook post_unshare
    [stable12] Allow overwriting of IOS theming values
    Update 3rdparty for "Fix infinite propfinds reporting files as direct…
    [12] Fix invalid path repair step not getting all invalid entries
    [stable12] Add test to check if new files are added to the root of the repository
    [12] null users dont exist
    [12] Fix scan permissions with nested permissions masks
    [12] fix moving folders out of a cache jail
    Moving shared folders doesn't work as expected
    Write cert bundle to tmp file first
    [12] properly block file upload to non-active filelist
    nc beta 4 internal server error due to totp backup codes
    [12] Fix propagating changes within jail wrapper
    [12] dont die if we try to access the shared cache while setting up the shared storage
    hint should not be clickable
    Check if Circles is still here
    [stable12] Allow dir-listing also when one child is blocked by access control
    [stable12] Fix unselecting items on multi select dropdowns
    [stable12] Fix remote share activity emails
    [stable12] fix alignment of radio button and its label in encryption settings
    Remote share emails doesn't show what's shared.
    [stable12] Ldap password renewal fixes for NC12
    [stable12] Use PNG icons for activity emails and ios client
    [stable12] Use the share_folder config for remote shares
    [stable12] Don't load navigation entries of restricted apps
    [stable12] Don't try to generate logs for chunking paths
    [stable12] Don't log passwords on dav exceptions
    Use translated Hint instead of english error on password policy
    [stable12] Add info text about updates
    [stable12] Use base url for cache prefix and SCSS caching
    [stable12] Enhance the logging if the part file can not be renamed
    [stable12] Improved logging for object storage and trashbin
    [stable12] Fix more icon in apps menu on bright backgrounds
    [stable12] Use realpath to obtain the webroot
    [stable12] Don't create activities for email and password change before login
    [stable12] Allow to force a language and set it via the ocs api
    [stable12] Create users in non default backends first
    Progress bar message completely wrong with multi-GB file upload
    [stable12] Fix example theme
    [stable12] Don't try to save the setting when its not an admin
    Update layout.user.php
    Fix upload remaining time and uploadrate value
    [stable12] App menu fixes
    [stable12] Allow to find local users by their email address
    [stable12] Treat PHP Errors on User session regenerate
    [stable12] Ldap attempt reconnect stable12
    [stable12] allow users to send PropPatch request when calendar is group-shared with them
    [stable12] urldecode group principals in Cal- and CardDAV backend
    [stable12] Use the guest.css for the maintenance page as well
    [stable12] Fixed a crash caused by Local::copyFromStorage() not conforming to Co…
    [stable12] Make file name input tooltip error text change
    Translate OAuth2 in stable12
    [stable12] Localize contacts menu search input placeholder
    [stable12] Prevent sending second WWW-Authenticate header
    [stable12] don't try to encrypt/decrypt the certificate bundle
    [stable12] allow PropPatch requests to contact_birthdays
    [stable12] Fix username and avatar for external users
    [stable12] Fix tag label removed when share view is opened
    [stable12] Fix unknown share token error message
    [stable12] no themed icon when dragging folder
    [stable12] Add quota to the files view
    "Unspecified share exception" instead of proper 404 page on unknown public share tokens
    [stable12] fix "add to your nextcloud" input field
    [stable12] Revert "allow admin to disable groups on personal page"
    Bearer auth backend causes problems with several dav clients
    [stable12] filter missing groups in share provider
    [stable12] use the email address configured in Nextcloud as sender instead of the users email address
    [stable12] execute eval in global scope, addresses #5314
    [stable12] l10n improvements from transifex
    [stable12] Treat PHP Errors on User session regenerate
    [stable12] Ldap attempt reconnect stable12
    [stable12] allow users to send PropPatch request when calendar is group-shared with them
    [stable12] urldecode group principals in Cal- and CardDAV backend
    [stable12] Use the guest.css for the maintenance page as well
    [stable12] Fixed a crash caused by Local::copyFromStorage() not conforming to Co…
    [stable12] Make file name input tooltip error text change
    Translate OAuth2 in stable12
    [stable12] Localize contacts menu search input placeholder
    [stable12] Prevent sending second WWW-Authenticate header
    [stable12] don't try to encrypt/decrypt the certificate bundle
    [stable12] allow PropPatch requests to contact_birthdays
    [stable12] Fix username and avatar for external users
    [stable12] Fix tag label removed when share view is opened
    [stable12] Fix unknown share token error message
    [stable12] no themed icon when dragging folder
    [stable12] Add quota to the files view
    "Unspecified share exception" instead of proper 404 page on unknown public share tokens
    [stable12] fix "add to your nextcloud" input field
    [stable12] Revert "allow admin to disable groups on personal page"
    Bearer auth backend causes problems with several dav clients
    [stable12] filter missing groups in share provider
    [stable12] use the email address configured in Nextcloud as sender instead of the users email address
    [stable12] execute eval in global scope, addresses #5314
    [stable12] l10n improvements from transifex

Activity

    [stable12] Fix mimetype icon of deleted folders
    [stable12] Use PNG icons for emails and ios client
    [stable12] Ignore paths from chunking

Notifications

    Allow to expand the message on click...

text editor

    [stable12] Use text editor endpoint for previews
    [stable12] Use CRLF line ending by default for better compatibility

Gallery

    Fix link when opening from files
    [stable12] Do not use propably outdated core translations
    Fix the translation source
    [stable12] Fix logged error if file ID is not available
    [stable12] Merge JS for public pages

PDF viewer

    missing context dir
    Fix z index for small screen sizes

(ryoon)

Updated security/stunnel to 5.42

(schmonz)

Update to 5.42. From the changelog:

* New features
  - "redirect" also supports "exec" and not only "connect".
  - PKCS#11 engine DLL updated to version 0.4.7.
* Bugfixes
  - Fixed premature cron thread initialization causing hangs.
  - Fixed "verifyPeer = yes" on OpenSSL <= 1.0.1.
  - Fixed pthreads support on OpenSolaris.

(schmonz)

convmv is updated.

(ryoon)

Updated converters/convmv to 2.03

(ryoon)

Update to 2.03

Changelog:
2.03
- fix man page build due to non-ASCII char (thanks, Anton!)

2.02
- add option --caseful-sz to optionally treat upper-/lowercasing of sz. This also fixes unwanted unidirectional lowercasing of U+1E9E

(ryoon)

Updated security/gnupg21 to 2.1.23

(ryoon)

Update to 2.1.23

Changelog:
Noteworthy changes in version 2.1.23
====================================

  * gpg: "gpg" is now installed as "gpg" and not anymore as "gpg2".
    If needed, the new configure option --enable-gpg-is-gpg2 can be
    used to revert this.

  * gpg: Options --auto-key-retrieve and --auto-key-locate "local,wkd"
    are now used by default.  Note: this enables keyserver and Web Key
    Directory operators to notice when a signature from a locally
    non-available key is being verified for the first time or when
    you intend to encrypt to a mail address without having the key
    locally.  This new behaviour will eventually make key discovery
    much easier and mostly automatic.  Disable this by adding
      no-auto-key-retrieve
      auto-key-locate local
    to your gpg.conf.

  * agent: Option --no-grab is now the default.  The new option --grab
    allows to revert this.

  * gpg: New import option "show-only".

  * gpg: New option --disable-dirmngr to entirely disable network
    access for gpg.

  * gpg,gpgsm: Tweaked DE-VS compliance behaviour.

  * New configure flag --enable-all-tests to run more extensive tests
    during "make check".

  * gpgsm: The keygrip is now always printed in colon mode as
    documented in the man page.

  * Fixed connection timeout problem under Windows.

(ryoon)

Remove duplicated whitespace

(ryoon)

Updated textproc/pdfgrep to 2.0.1

(ryoon)

Add patches/

(ryoon)

Update to 2.0.1

* Disable C++ locale on NetBSD to avoid runtime error in non-C locale case

Changelog:
Version 2.0.1  [2017-03-06]
---------------------------

  - Bugfix: Fix --cache when used with recursive search

Version 2.0  [2017-01-25]
-------------------------

  - **Incompatible change**: `--context/-C` is now line based as opposed to
    character based and works just like grep
  - Two new options from grep: `-A/--after-context` and `-B/--before-context`
  - Lines with multiple matches are now printed only once
  - Optional caching of pdf-text for faster operation (by Christian Dietrich)
    This adds a **new dependency**: libgcrypt
  - Bash-completion improvements (by Rainer M端ller)
  - Bugfix: Fixed string search (`-F`) now works as advertised with multiple
    patterns
  - Bugfix: Empty pages can now be matched with `^$`
  - Bugfix: The pattern `^` now matches *only* at the beginning of pages
  - Bugfix: Text outside of PDF's CropBox but inside the MediaBox is not
    ignored anymore.
  - Various fixes for BSD support

(ryoon)

Updated net/Radicale2 to 2.1.4

(prlw1)

* vobject != vdirsyncer.vobject, so correct dependency and remove patches.
  https://github.com/Kozea/Radicale/issues/675#issuecomment-320029350

* override folder for storing local collections, from
  /var/lib/radicale/collections to ${PREFIX}/share/radicale/collections

Update Radicale2 to 2.1.4

2.1.4 - Wild Radish
-------------------

This feature is not compatible with the 1.x.x versions. See
http://radicale.org/1to2/ if you want to switch from 1.x.x to
2.x.x.

* Fix incorrect time range matching and calculation for some edge-cases with
  rescheduled recurrences
* Fix owner property

2.1.3 - Wild Radish
-------------------

This feature is not compatible with the 1.x.x versions. See
http://radicale.org/1to2/ if you want to switch from 1.x.x to
2.x.x.

* Enable timeout for SSL handshakes and move them out of the main thread
* Create cache entries during upload of items
* Stop built-in server on Windows when Ctrl+C is pressed
* Prevent slow down when multiple requests hit a collection during cache warm-up

2.1.2 - Wild Radish
-------------------

This feature is not compatible with the 1.x.x versions. See
http://radicale.org/1to2/ if you want to switch from 1.x.x to
2.x.x.

* Remove workarounds for bugs in VObject < 0.9.5
* Error checking of collection tags and associated components
* Improve error checking of uploaded collections and components
* Don't delete empty collection properties implicitly
* Improve logging of VObject serialization

(prlw1)

Fix build under macOS Sierra and possibly older versions as well.

(tron)

Updated www/firefox-l10n to 55.0

(ryoon)

Update to 55.0

* Sync with www/firefox-55.0
* Add be locale

(ryoon)

Updated www/firefox to 55.0

(ryoon)

Update to 55.0

Changelog:
New
    Launched Windows support for WebVR, bringing immersive experiences to the web. See examples and try working demos at Mozilla VR.

    Added options that let users optimize recent performance improvements
        Setting to enable Hardware VP9 acceleration on Windows 10 Anniversary Edition for better battery life and lower CPU usage while watching videos
        Setting to modify the number of concurrent content processes for faster page loading and more responsive tab switching

    Simplified installation process with a streamlined Windows stub installer
        Firefox for Windows 64-bit is now installed by default on 64-bit systems with at least 2GB of RAM
        Full installers with advanced installation options are still available

    Improved address bar functionality
        Search with any installed one-click search engine directly from the address bar
        Search suggestions appear by default
        When entering a hostname (like pinterest.com) in the URL bar, Firefox resolves to the secure version of the site (https://www.pinterest.com) instead of the insecure version (http://www.pinterest.com) when possible

    Updated Sidebar for bookmarks, history, and synced tabs so it can appear at the right edge of the window as well as the left

    Added support for stereo microphones with WebRTC

    Pages can be simplified before printing from within Print Preview

    Updated Firefox for OSX and macOS to allow users to assign custom keyboard shortcuts to Firefox menu items via System Preferences

    Browsing sessions with a high number of tabs are now restored in an instant

    Make screenshots of webpages, and save them locally or upload them to the cloud. This feature will undergo A/B testing and will not be visible for some users.

    Added Belarusian (be) locale

Fixed
    Various security fixes

Changed
    Made the Adobe Flash plugin click-to-activate by default and allowed only on http:// and https:// URL schemes. (This change will not be visible to all users immediately. For more information see the Firefox plugin roadmap)

    Firefox does not support downgrades, even though this may have worked in past versions. Users who install Firefox 55+ and later downgrade to an earlier version may experience issues with Firefox.

    Modernized application update UI to be less intrusive and more aligned with the rest of the browser. Only users who have not restarted their browser 8 days after downloading an update or users who opted out of automatic updates will see this change.

Security fixes:
CVE-2017-7798: XUL injection in the style editor in devtools

Reporter
    Frederik Braun
Impact
    critical

Description

The Developer Tools feature suffers from a XUL injection vulnerability due to improper sanitization of the web page source code. In the worst case, this could allow arbitrary code execution when opening a malicious page with the style editor tool.
References

    Bug 1371586, 1372112

#CVE-2017-7800: Use-after-free in WebSockets during disconnection

Reporter
    Looben Yang
Impact
    critical

Description

A use-after-free vulnerability can occur in WebSockets when the object holding the connection is freed before the disconnection operation is finished. This results in an exploitable crash.
References

    Bug 1374047

#CVE-2017-7801: Use-after-free with marquee during window resizing

Reporter
    Nils
Impact
    critical

Description

A use-after-free vulnerability can occur while re-computing layout for a marquee element during window resizing where the updated style object is freed while still in use. This results in a potentially exploitable crash.
References

    Bug 1371259

#CVE-2017-7809: Use-after-free while deleting attached editor DOM node

Reporter
    Nils
Impact
    high

Description

A use-after-free vulnerability can occur when an editor DOM node is deleted prematurely during tree traversal while still bound to the document. This results in a potentially exploitable crash.
References

    Bug 1380284

#CVE-2017-7784: Use-after-free with image observers

Reporter
    Nils
Impact
    high

Description

A use-after-free vulnerability can occur when reading an image observer during frame reconstruction after the observer has been freed. This results in a potentially exploitable crash.
References

    Bug 1376087

#CVE-2017-7802: Use-after-free resizing image elements

Reporter
    Nils
Impact
    high

Description

A use-after-free vulnerability can occur when manipulating the DOM during the resize event of an image element. If these elements have been freed due to a lack of strong references, a potentially exploitable crash may occur when the freed elements are accessed.
References

    Bug 1378147

#CVE-2017-7785: Buffer overflow manipulating ARIA attributes in DOM

Reporter
    Nils
Impact
    high

Description

A buffer overflow can occur when manipulating Accessible Rich Internet Applications (ARIA) attributes within the DOM. This results in a potentially exploitable crash.
References

    Bug 1356985

#CVE-2017-7786: Buffer overflow while painting non-displayable SVG

Reporter
    Nils
Impact
    high

Description

A buffer overflow can occur when the image renderer attempts to paint non-displayable SVG elements. This results in a potentially exploitable crash.
References

    Bug 1365189

#CVE-2017-7806: Use-after-free in layer manager with SVG

Reporter
    Nils
Impact
    high

Description

A use-after-free vulnerability can occur when the layer manager is freed too early when rendering specific SVG content, resulting in a potentially exploitable crash.
References

    Bug 1378113

#CVE-2017-7753: Out-of-bounds read with cached style data and pseudo-elements

Reporter
    SkyLined
Impact
    high

Description

An out-of-bounds read occurs when applying style rules to pseudo-elements, such as ::first-line, using cached style data.
References

    Bug 1353312

#CVE-2017-7787: Same-origin policy bypass with iframes through page reloads

Reporter
    Oliver Wagner
Impact
    high

Description

Same-origin policy protections can be bypassed on pages with embedded iframes during page reloads, allowing the iframes to access content on the top level page, leading to information disclosure.
References

    Bug 1322896

#CVE-2017-7807: Domain hijacking through AppCache fallback

Reporter
    Mathias Karlsson
Impact
    high

Description

A mechanism that uses AppCache to hijack a URL in a domain using fallback by serving the files from a sub-path on the domain. This has been addressed by requiring fallback files be inside the manifest directory.
References

    Bug 1376459

#CVE-2017-7792: Buffer overflow viewing certificates with an extremely long OID

Reporter
    Fraser Tweedale
Impact
    high

Description

A buffer overflow will occur when viewing a certificate in the certificate manager if the certificate has an extremely long object identifier (OID). This results in a potentially exploitable crash.
References

    Bug 1368652

#CVE-2017-7804: Memory protection bypass through WindowsDllDetourPatcher

Reporter
    Stephen Fewer
Impact
    high

Description

The destructor function for the WindowsDllDetourPatcher class can be re-purposed by malicious code in concert with another vulnerability to write arbitrary data to an attacker controlled location in memory. This can be used to bypass existing memory protections in this situation.
Note: This attack only affects Windows operating systems. Other operating systems are not affected.
References

    Bug 1372849

#CVE-2017-7791: Spoofing following page navigation with data: protocol and modal alerts

Reporter
    Jose María Acuña
Impact
    moderate

Description

On pages containing an iframe, the data: protocol can be used to create a modal alert that will render over arbitrary domains following page navigation, spoofing of the origin of the modal alert from the iframe content.
References

    Bug 1365875

#CVE-2017-7808: CSP information leak with frame-ancestors containing paths

Reporter
    Jun Kokatsu
Impact
    moderate

Description

A content security policy (CSP) frame-ancestors directive containing origins with paths allows for comparisons against those paths instead of the origin. This results in a cross-origin information leak of this path information.
References

    Bug 1367531

#CVE-2017-7782: WindowsDllDetourPatcher allocates memory without DEP protections

Reporter
    Arthur Edelstein
Impact
    moderate

Description

An error in the WindowsDllDetourPatcher where a RWX ("Read/Write/Execute") 4k block is allocated but never protected, violating DEP protections.
Note: This attack only affects Windows operating systems. Other operating systems are not affected.
References

    Bug 1344034

#CVE-2017-7781: Elliptic curve point addition error when using mixed Jacobian-affine coordinates

Reporter
    Antonio Sanso
Impact
    moderate

Description

An error occurs in the elliptic curve point addition algorithm that uses mixed Jacobian-affine coordinates where it can yield a result POINT_AT_INFINITY when it should not. A man-in-the-middle attacker could use this to interfere with a connection, resulting in an attacked party computing an incorrect shared secret.
References

    Bug 1352039

#CVE-2017-7794: Linux file truncation via sandbox broker

Reporter
    Jann Horn
Impact
    moderate

Description

On Linux systems, if the content process is compromised, the sandbox broker will allow files to be truncated even though the sandbox explicitly only has read access to the local file system and no write permissions.
Note: This attack only affects the Linux operating system. Other operating systems are not affected.
References

    Bug 1374281

#CVE-2017-7803: CSP containing 'sandbox' improperly applied

Reporter
    Rhys Enniks
Impact
    moderate

Description

When a page’s content security policy (CSP) header contains a sandbox directive, other directives are ignored. This results in the incorrect enforcement of CSP.
References

    Bug 1377426

#CVE-2017-7799: Self-XSS XUL injection in about:webrtc

Reporter
    Frederik Braun
Impact
    moderate

Description

JavaScript in the about:webrtc page is not sanitized properly being being assigned to innerHTML. Data on this page is supplied by WebRTC usage and is not under third-party control, making this difficult to exploit, but the vulnerability could possibly be used for a cross-site scripting (XSS) attack.
References

    Bug 1372509

#CVE-2017-7783: DOS attack through long username in URL

Reporter
    Amit Sangra
Impact
    low

Description

If a long user name is used in a username/password combination in a site URL (such as http://UserName:Password@example.com), the resulting modal prompt will hang in a non-responsive state or crash, causing a denial of service.
References

    Bug 1360842

#CVE-2017-7788: Sandboxed about:srcdoc iframes do not inherit CSP directives

Reporter
    Muneaki Nishimura
Impact
    low

Description

When an iframe has a sandbox attribute and its content is specified using srcdoc, that content does not inherit the containing page's Content Security Policy (CSP) as it should unless the sandbox attribute included allow-same-origin.
References

    Bug 1073952

#CVE-2017-7789: Failure to enable HSTS when two STS headers are sent for a connection

Reporter
    Muneaki Nishimura
Impact
    low

Description

If a server sends two Strict-Transport-Security (STS) headers for a single connection, they will be rejected as invalid and HTTP Strict Transport Security (HSTS) will not be enabled for the connection.
References

    Bug 1074642

#CVE-2017-7790: Windows crash reporter reads extra memory for some non-null-terminated registry values

Reporter
    Xiaoyin Liu
Impact
    low

Description

On Windows systems, if non-null-terminated strings are copied into the crash reporter for some specific registry keys, stack memory data can be copied until a null is found. This can potentially contain private data from the local system.
Note: This attack only affects Windows operating systems. Other operating systems are not affected.
References

    Bug 1350460

#CVE-2017-7796: Windows updater can delete any file named update.log

Reporter
    Matt Howell
Impact
    low

Description

On Windows systems, the logger run by the Windows updater deletes the file "update.log" before it runs in order to write a new log of that name. The path to this file is supplied at the command line to the updater and could be used in concert with another local exploit to delete a different file named "update.log" instead of the one intended.
Note: This attack only affects Windows operating systems. Other operating systems are not affected.
References

    Bug 1234401

#CVE-2017-7797: Response header name interning leaks across origins

Reporter
    Anne van Kesteren
Impact
    low

Description

Response header name interning does not have same-origin protections and these headers are stored in a global registry. This allows stored header names to be available cross-origin.
References

    Bug 1334776

#CVE-2017-7780: Memory safety bugs fixed in Firefox 55

Reporter
    Mozilla developers and community
Impact
    critical

Description

Mozilla developers and community members Gary Kwong, Christian Holler, André Bargull, Bob Clary, Carsten Book, Emilio Cobos Álvarez, Masayuki Nakano, Sebastian Hengst, Franziskus Kiefer, Tyson Smith, and Ronald Crane reported memory safety bugs present in Firefox 54. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.
References

    Memory safety bugs fixed in Firefox 55

#CVE-2017-7779: Memory safety bugs fixed in Firefox 55 and Firefox ESR 52.3

Reporter
    Mozilla developers and community
Impact
    critical

Description

Mozilla developers and community members Masayuki Nakano, Gary Kwong, Ronald Crane, Andrew McCreight, Tyson Smith, Bevis Tseng, Christian Holler, Bryce Van Dyk, Dragana Damjanovic, Kartikaya Gupta, Philipp, Tristan Bourvon, and Andi-Bogdan Postelnicu reported memory safety bugs present in Firefox 54 and Firefox ESR 52.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.
References

    Memory safety bugs fixed in Firefox 55 and Firefox ESR 52.3

(ryoon)

Updated print/p5-LaTeX-Encode to 0.092.0

(wen)

Update to 0.092.0

No upstream changelog found.

(wen)

Updated textproc/p5-XML-SAX-Writer to 0.57

(wen)

Update to 0.57

No upstream changelog found.

(wen)

Updated textproc/p5-XML-Tidy to 1.20

(wen)

Update to 1.20

Upstream changes:
- 1.20 H79M9hU8 Sun Jul 9 09:43:30:08 -0500 2017
      * removed broken Build.PL to resolve
      <HTTPS://RT.CPAN.Org/Ticket/Display.html?id=122406>. (Thank you,
      Slaven.)

(wen)

Updated textproc/p5-XML-XPath to 1.42

(wen)

Update to 1.42

Upstream changes:
1.42  2017-07-30 MANWAR
      - Fixed GitHub issue #5 (abstract is undef in meta files). Thanks @y.

1.41  2017-07-28 MANWAR
      - Fixed GitHub issue #4 (can't use non-ascii first character as element name). Thanks @nanis, @ikegami.

(wen)

Update MASTER_SITE_XEMACS list.

(hauke)

leim/hebrew.el from the pre-release leim package causes build problems
for the xemacs{,-current}, so we use the stable package instead.

(hauke)

Remove non-resolvable MASTER_SITE_XEMACS hosts.

(hauke)

DOCDIR is unused, fixes install.  Avoid continuation lines.

(jperkin)

DOCDIR is unused, fixes install.

(jperkin)

mk/pkgtasks: Failures in POST- stages of the scripts are non-fatal.

The return values of the postinstall and postremove meta-tasks are
ignored unless the user-settable variable ${PKG_FATAL_ERRORS} is
"yes".  ${PKG_FATAL_ERRORS} defaults to "no" to preserve the
existing behavior of install scripts by mk/pkginstall.

(jlam)

mk/pkgtasks: Fix bug in postinstall CONF_FILES assertion.

If ${DESTDIR} was non-empty and the source file was an absolute
path, the postinstall check target defined in mk/pkgtasks/files.mk
was improperly failing.  Fix the bug by only prepending ${PREFIX}
if the source path is relative, and always prepending ${DESTDIR}.

(jlam)

mk/pkgtasks: Add infrastructure to use "icon_themes" package task.

Add definitions for the gtk-update-icon-cache(1) command to the
script header template, and a makefile fragment that creates the
data file for the "icon_themes" package task if ${ICON_THEMES} is
"yes" in the package Makefile.

Also bump pkgtasks dependency to version 1.12 for the "icon_themes"
package task and compatibility with pkgsrc/mk/pkginstall.

(jlam)

Updated pkgtools/pkgtasks to 1.13.

(jlam)