Document new "mess822-qmailqueue" option.

(schmonz)

Updated mail/mess822 to 0.58nb5

(schmonz)

Add "mess822-qmailqueue" option to apply the QMAILQUEUE patch to
ofmipd(8) and new-inject(8). The patch is enabled by default for qmail
(via "qmail-netqmail"), so do the same here. Bump PKGREVISION.

(schmonz)

Updated mail/ezmlm-idx to 7.2.2nb1

(schmonz)

Install ezmlm-cgi(1) in libexec/cgi-bin (setuid root, as documented) and
ezcgi.css in ${PKG_SYSCONFDIR}. Provide supporting documentation in
share/doc/ezmlm-idx. Bump PKGREVISION.

(schmonz)

Updated audio/xjadeo to 0.8.7

(mef)

Updated audio/xjadeo to 0.87
----------------------------
2016-11-28 (0.8.7)  Robin Gareus <robin@gareus.org>
* fix release builds (mistake in 0.8.6)

2016-11-28 (0.8.6)  Robin Gareus <robin@gareus.org>
* explicitly request single-screen fullscreen on OSX
* weak-link against libjack (binaries)
* add NetBSD support

(pkgsrc changes)
- Drop two patches, upstream nos supports NetBSD
  (although the one patch still necessary)
- (note) Does this really fit to audio category ?
  This application shows video syncing to audio.

(mef)

+ nagios-nrpe-3.1.1 [pkg/52028], nagios-plugin-ldap-2.1.4,
  nagios-plugin-mysql-2.1.4, nagios-plugin-pgsql-2.1.4,
  nagios-plugin-radius-2.1.4, nagios-plugin-snmp-2.1.4,
  nagios-plugins-2.1.4 [pkg/52022].

(wiz)

Updated graphics/libepoxy to 1.4.2; www/nghttp2 to 1.23.0

(adam)

Changes 1.23.0:

libnghttp2

Previously, if libnghttp2 received an invalid header field, it is just ignored, and is treated like it was never happened. This release changes this behaviour, and now libnghttp2 treats an incoming invalid header field as error, and resets the stream with PROTOCOL_ERROR.

nghttp2_on_invalid_frame_callback is now called if validation of altsvc header field fails.

nghttpx

nghttpx now verifies that OCSP response received from a program specified by --fetch-ocsp-response-file. The validation can be turned off by using --no-verify-ocsp option. In this validation, it makes sure that the OCSP response is targeted to the expected certificate. This is important because we pass the file path to the external program (see --fetch-ocsp-response-file), and if the file is replaced because of renewal, and nghttpx has not reloaded its configuration, the certificate nghttpx has loaded and the one included in the file differ. Verifying the OCSP response detects this, and avoids to send wrong OCSP response.

(adam)

Updated emulators/libspectrum to 1.3.3; emulators/fuse-emulator to 1.3.5; emulators/fuse-emulator-utils to 1.3.1

(adam)

Version 1.3.1:
* Fix metadata in AVI files and standardise in other formats
* fmfconv: Return proper exit codes from utility

(adam)

Fuse 1.3.5:

Emulation core improvements:
* Disable tape traps when playing/recording RZX files

Miscellaneous improvements:
* Fix typo in LOG disk format
* Replace old ticket numbers from Trac to Allura
* WidgetUI: Fix memory leak in file selector
* Fix allocator sizeof operand mismatch and remove dead assignment
* Remove prototypes of old plus3 disk functions
* Increase allocated memory to keep GCC7 happy

(adam)

Changes 1.3.3:
* Silently skip PLTT blocks in SZX snapshots
* Document missing disk identifiers
* Validate "used bits in last byte" field in TZX tapes
* Fix the load of PZX tapes with malformed strings

(adam)

Implement a W^X-aware closure allocator. Overhead is one page per
closure, but the number should normally be moderately small. A smarter
scheme can be implemented if necessary. Requires NetBSD 7.99.72+.

Bump revision.

(joerg)

regen

(leot)

Delete reference to EVAL_PREFIX, it was removed in November 2015.

Pointed out by <prlw1> and <jperkin> in pkgsrc-users@

(leot)

Changes 1.4.2:
Add C++ guards around generated headers
Add z,relro and z,now to the GCC linker flags
Add explicit version flags for macOS builds
Add missing visibility compiler flags
Prefer using pkg-config files to find GLES
Fix build on MSVC 2013 when using the inline keyword
Fix dlwrap on aarch64
Require Meson ≥ 0.38.1
Allow building Epoxy as a Meson sub-project
Avoid crashes when running Epoxy on X servers without GLX

(adam)

Modernize patch filenames. No functional change intended.

(schmonz)

Modernize patch names. No functional change intended.

(schmonz)

Updated devel/p5-Dist-Zooky to 0.24
Updated devel/p5-Expect to 1.35
Updated devel/p5-Devel-PPPort to 3.36
Updated devel/p5-Exporter-Tiny to 1.000000
Updated devel/p5-File-ConfigDir to 0.018

(mef)

Updated devel/p5-File-ConfigDir to 0.018
----------------------------------------
0.018 2017-05-22
    - add vendorapp_cfg_dir
    - have a .perltidyrc

(mef)

vlc

(maya)

vlc: update to 2.2.6.

Includes significant security fixes allowing code execution via
a crafted subtitles file (fixes CVE-2017-8310, CVE-2017-8311,
CVE-2017-8312, CVE-2017-8313)

pkgsrc changes:
pull in <atomic> in a C++11 case rather than clang case,
it's a C++11 header. however I couldn't build with -std=c++11 for
other reasons.

it builds and runs clang 4.0, but the mkv plugin dies on an
undefined reference.

Changes between 2.2.5.1 and 2.2.6:
----------------------------------

Video output:
* Fix systematic green line on nvidia
* Fix direct3d SPU texture offsets handling

Demuxer:
* Fix heap buffer overflows

Changes between 2.2.5 and 2.2.5.1:
----------------------------------

Security hardening for DLL hijacking environments

Translations updates

Misc:
* Update for Soundcloud, liveleak and Youtube scripts
* Fix potential out-of-band dereference in flac decoder
* Fix potential out-of-band reads in mpeg packetizers
* Fix infinite loop in subtitles demuxer
* Fix incorrect memory free in ogg demuxer
* Fix potential out-of-band reads in subtitle decoders and demuxers
* Fix green line on Windows with odd sizes

Changes between 2.2.4 and 2.2.5:
--------------------------------

Decoder:
* Fix mp3 playback quality regression in libmad
* Fix video scaling in VDPAU
* Fix playback of palettized codecs
* Fix ADPCM heap corruption (FG-VD-16-067)
* Fix AES3 16bps decoding
* Fix DVD/LPCM heap corruption (FG-VD-16-090)
* Fix SCTE-27 colors

Demuxer:
* Fix possible ASF integer overflow
* Fix MP4, VOC, XA, SMF divide-by-zero errors
* Fix MP4 heap buffer overflows
* Fix Flac metadata integer overflow
* Fix NSVf and AIFF infinite loops
* Fix flac null-pointer dereference
* Fix vorbis and opus comments integer overflows and leaks

Video output:
* Fix green line on Windows with AMD drivers
* Fix screenshots size

Access:
* Fix crash in screen recording on Windows
* Fix FTP scan string injection
* Fix HTTP size handling

Mux:
* Fix mp4 drift

Lua:
* Fix vimeo, youtube, dailymotion, cli, appletrailers, http,
  soundcloud scripts

Audio filter:
* Fix heap write in stereo_widen audio filter

Windows:
* The plugins loading will not load external DLLs by default.
  Plugins will need to LoadLibrary explicitely.
* Fix uninstaller path handling
* Fix taskbar buttons behavior

MacOS:
* Fix scrolling sensitivity on Sierra
* Resume points are deleted now if the user clears the list of
  recent items

(maya)

Updated devel/p5-Devel-PPPort to 3.36
-------------------------------------
3.36 - 2017-05-14
    * Support Perl 5.26.* which no longer has '.' in @INC

(mef)

Updated devel/p5-Exporter-Tiny to 1.000000
------------------------------------------
1.000000        2017-05-22
[ Packaging ]
- Repackage as 1.000000.

(mef)

Updated devel/p5-Expect to 1.35
-------------------------------
1.35 2017-05-18
    - Added AUTHOR key, listing all maintainers

1.34 2017-05-18
    Official maintainer JACOBY (Dave Jacoby)
    - Added a MANIFEST so that "make dist" will work

(mef)

Updated devel/p5-Dist-Zooky to 0.24
-----------------------------------------
version 0.24 at 2017-05-14 14:11:32 +0000
-----------------------------------------
  Date : 2017-05-14 15:11:32 +0000
    Document bundle option in dzooky

  Date : 2017-05-14 15:09:03 +0000
    Fix a bug introduced with the bundle support

(mef)

Updated devel/p5-B-Hooks-OP-Check to 0.21
Updated devel/p5-CPAN-Perl-Releases to 3.18
Updated devel/p5-CPANPLUS to 0.9168
Updated devel/p5-Data-Dumper-Concise to 2.023
Updated devel/p5-Devel-CheckOS to 1.80

(mef)

Updated devel/p5-Devel-CheckOS to 1.80
--------------------------------------
1.80    2017-05-24
  Fix bug where tests would fail if
  AUTOMATED_TESTING=1 on perl 5.26 and higher;
  For some reason that made it break on 5.8.9,
  but I don't really care

(mef)

Updated .devel/p5-Data-Dumper-Concise to 2.023
----------------------------------------------
2.023 - 2017-05-12
  - convert distribution from Module::Install to Distar; fixes RT#120856
  - every module has a $VERSION now (RT#116427)
  - add support for Trailingcomma option (RT#114609, Aaron Crane)

(mef)

Updated devel/p5-CPANPLUS to 0.9168
-----------------------------------
0.9168      Sun May 14 14:17:26 BST 2017
  * fix typo in YAML_BACKEND environment variable
  * Add support for meta x_use_unsafe_inc

(mef)

Updated devel/p5-CPAN-Perl-Releases to 3.18
------------------------------------------
version 3.18 at 2017-05-23 23:27:20 +0000
-----------------------------------------
    Updated for v5.26.0-RC2
-----------------------------------------
version 3.16 at 2017-05-11 17:04:15 +0000
-----------------------------------------
    Updated for v5.26.0-RC1
-----------------------------------------
version 3.14 at 2017-04-20 22:16:44 +0000
-----------------------------------------
    Updated for v5.25.12

(mef)

Updated devel/p5-B-Hooks-OP-Check to 0.21
-----------------------------------------
0.21      2017-05-11 14:19:03Z
  * re-add the creation of B/Hooks/OP/Check/Install/Files.pm to installation

0.20      2017-05-11 09:23:49Z
  * convert packaging to Dist::Zilla (fixes RT#120431)

(mef)

SunOS and GCC >=6.x fixes.

(jperkin)

Updated x11/libdrm to 2.4.81

(wiz)

Updated libdrm to 2.4.81.

Adam Jackson (3):
      Export drmDevicesEqual
      configure: Fix the <sys/sysmacros.h> check
      Fix stray caller of drmCompareDevices

Edward O'Callaghan (2):
      amdgpu/: concisely && consistently check null ptrs in canonical form
      amdgpu: Use the canonical form in branch predicate

Eric Anholt (2):
      Add pl111 as a KMS driver for utils.
      Add the DPI encoder/connector types to KMS utils.

Hawking Zhang (1):
      amdgpu: add raven family id

Ilia Mirkin (1):
      modetest: fix printing of fourcc on BE machines

Leo Liu (2):
      amdgpu/drm: add AMDGPU_HW_IP_VCN_DEC
      amdgpu/drm: add AMDGPU_HW_IP_VCN_ENC

Marek Ol邸叩k (1):
      Bump version to 2.4.81

Nicolai H辰hnle (3):
      amdgpu: add the interface of waiting multiple fences
      amdgpu: add a test for amdgpu_cs_wait_fences
      amdgpu: add missing extern "C" headers

Rob Clark (1):
      freedreno: fix double-free on exit

(wiz)

Updated security/py-cryptography_vectors to 1.8.2

(adam)

Changes 1.8.2:
Bug fixes.

(adam)

Updated net/py-boto to 2.47.0

(adam)

boto v2.47.0
Adds features for Google Cloud Storage.
Changes:
* Loosen requirements for ID field in PROJECT_PRIVATE_RE.
* Populate storage class from HEAD Object responses

(adam)

bsd.prefs.mk are not needed here

(adam)

Updated mail/pymsgauth to 2.1.0nb6

(schmonz)

Requires Python 2.x. While here, set LICENSE. Bump PKGREVISION.

(schmonz)

Added sysutils/dtb-arm-tegra124 version 4.11.3 [jmcneill 2017-05-25]
Added sysutils/dtb-arm64-tegra210 version 4.11.3 [jmcneill 2017-05-25]

(jmcneill)

+ dtb-arm-tegra124
+ dtb-arm64-tegra210

(jmcneill)

Initial import of dtb-arm64-tegra210.

The devicetree is a data structure for describing hardware. Rather than
hard coding every detail of a device into an operating system, many aspects
of the hardware can be described in a data structure that is passed to the
operating system at boot time.

This package includes Device Tree Blob (.dtb) files generated from
the Linux kernel for NVIDIA Tegra210 devices.

(jmcneill)

Initial import of dtb-arm-tegra124.

The devicetree is a data structure for describing hardware. Rather than
hard coding every detail of a device into an operating system, many aspects
of the hardware can be described in a data structure that is passed to the
operating system at boot time.

This package includes Device Tree Blob (.dtb) files generated from
the Linux kernel for NVIDIA Tegra124 devices.

(jmcneill)

Add infrastructure for building dtb files from linux kernel sources.

(jmcneill)

#5433

(spz)

Pullup ticket #5433 - requested by bsiegert
lang/go: security update

Revisions pulled up:
- lang/go/Makefile                                              1.52
- lang/go/distinfo                                              1.49
- lang/go/version.mk                                            1.26
- lang/go/PLIST                                                1.31

-------------------------------------------------------------------
  Module Name: pkgsrc
  Committed By: bsiegert
  Date: Thu May 25 09:06:43 UTC 2017

  Modified Files:
  pkgsrc/lang/go: Makefile distinfo version.mk

  Log Message:
  SECURITY: Update Go to 1.8.2, fixing CVE-2017-8932,
  carry bug in x86-64 P-256.

  A security-related issue was recently reported in Go's crypto/elliptic package.
  To address this issue, we have just released Go 1.7.6 and Go 1.8.2.

  The Go team would like to thank Vlad Krasnov and Filippo Valsorda at Cloudflare
  for reporting the issue and providing a fix.

  The issue affects Go's P-256 implementation on the 64-bit x86 architecture.

  This is CVE-2017-8932 and was addressed by this change:
  https://golang.org/cl/41070, tracked in this issue:
  https://golang.org/issue/20040

  To generate a diff of this commit:
  cvs rdiff -u -r1.51 -r1.52 pkgsrc/lang/go/Makefile
  cvs rdiff -u -r1.48 -r1.49 pkgsrc/lang/go/distinfo
  cvs rdiff -u -r1.25 -r1.26 pkgsrc/lang/go/version.mk

-------------------------------------------------------------------
  Module Name: pkgsrc
  Committed By: wen
  Date: Sun Apr  9 08:23:43 UTC 2017

  Modified Files:
  pkgsrc/lang/go: PLIST distinfo version.mk

  Log Message:
  Update to 1.8.1

  Upstream changes:
  go1.8.1 (released 2017/04/07) includes fixes to the compiler, linker, runtime,
  +documentation, go command and the crypto/tls, encoding/xml, image/png, net,
  +net/http, reflect, text/template, and time packages. See the Go 1.8.1 milestone
  +on our issue tracker for details.

  To generate a diff of this commit:
  cvs rdiff -u -r1.30 -r1.31 pkgsrc/lang/go/PLIST
  cvs rdiff -u -r1.44 -r1.45 pkgsrc/lang/go/distinfo
  cvs rdiff -u -r1.23 -r1.24 pkgsrc/lang/go/version.mk

(spz)

Modernize patch names. No functional change intended.

(schmonz)

Updated mail/ezmlm-idx to 7.2.2

(schmonz)

Update to 7.2.2. From the changelog:

ezmlm-idx-7.2.2, 2014-05-14
===========================

- Added replytolist feature to ezmlm-send. When enabled, strips incoming
  Reply-To: header and adds its own. Also alters the behavior of
  rewritefrom.

- Fixed off-by-one typo in ezmlm-weed causing an "out of memory" error.

ezmlm-idx-7.2.1, 2014-05-09
===========================

- Fixed header address extraction in the presence of double quotes.

- Fixed rewritefrom feature to run if the list is not indexed.

ezmlm-idx-7.2.0, 2014-05-02
===========================

- Added <#C#>, <#T#>, and <#X#> substitutions for (un)subscribe
  confirmation emails, replaced with the hash code, time stamp, and
  action respectively.

- Added option to ezmlm-[un]sub to use a tag other than "manual" in Log.

- Added option to ezmlm-manage to show what response is being sent.

- Added optional rewritefrom feature to ezmlm-send, automatically
  enabled when the sender has a "reject" DMARC policy.

- Fixed behavior of ezmlm-manage -Q flag to match man page.

- Fixed ezmlm-import failing to flush output to the last message,
  and enhanced it to allow reading the mbox from stdin.
  Thanks to Tullio Andreatta.

- Fixed ezmlm-manage notifying target of an unsubscribe by a remote
  administrator when the -N option is in use.
  Thanks to Nebojsa Milovanovic.

- Fixed ezmlm-archive corrupting output index files.

- Internal rewrite of SQL modules to merge all common code.

ezmlm-idx-7.1.1, 2010-11-18
===========================

- Fixed bug in getln2 function that prevented error handling.

- Fixed bug in ezmlm-cron that prevented parsing of spaces.

- Fixed unclosed file descriptor on error path in ezmlm-cgi.

ezmlm-idx-7.1.0, 2010-11-03
===========================

- Added support for SQLite3 subscriber databases.
  Thanks to Mike Tedder.

- Added support for wildcard addresses in all address databases.

- Added support for qmqpservers to all ezmlm-idx programs.

- Added support for decoding sender addresses mangled with a BATV "btv1" tag.

- Added support for custom subject lines to ezmlm-get (for digests).

- Added a new "omitbottom" control file, equivalent to the -B option for
  both ezmlm-get and ezmlm-manage.

- Modified the (un)subscribe procedure to not require confirmation
  before telling the sender they were already on (or off) the list.

- Renamed to "setup" makefile target to the more standard "install".

- Modified ezmlm-split to exit silently if there is not "split" file,
  and added it back into the "manager" file to properly handle subscribe
  and unsubscribe requests destined for sublists.

- Made the ezmlm-reject -h (obey headerreject) option the default.

- Fixed ezmlm-send to obey the "addtrailer" setting instead of looking
  for a "text/trailer" file.

- Fixed handling of adding the trailer on old lists.

- Fixed adding the trailer to posts encoded with base64.

- Fixed handling Received: headers with the date stamp on a separate line.

- Fixed bug in command-line option processing which caused sender-
  confirmed posting to fail.

- Fixed handling BATV sender addresses with upper-case hex tags.
  Thanks to Kyle Wheeler for pointing this out.

- Adjusted filename in digest attachments to fix problem with Outlook.
  Thanks to Glen Stewart

ezmlm-idx-7.0.2, 2009-08-09
===========================

- Fixed selection of [un]subscribe subject line for moderated
  subscriptions.

- Clarified ezmlm-reject man page to note that Precedence: bulk is also
  rejected.

- Added a proper charset for ch_GB (Chinese GuoBiao), and added an
  explicit charset for the other languages that were missing them.

- Switched all ISO-8859-1 charsets to the more modern ISO-8859-15.

- Many small text updates and tweaks.

ezmlm-idx-7.0.1, 2009-07-09
===========================

- Added support for decoding sender addresses mangled by BATV prvs.

- Added missing ezmlm-checksub to the installed programs.

- Improved the TXT_BY message used in digests to work better with
  non-English languages.

- Fixed out-of-memory resulting in a permanent error.

- Fixed a buffer underflow bug in concatHDR.

- Fixed a bug in ezmlm-issubn.c that was causing it to scan the main
  list when it shouldn't.

- Fixed missing defaults in ezmlm-tstdig when digsize, digcount, or
  digtime were not created.

- Clarified the steps necessary when upgrading in UPGRADE.

ezmlm-idx-7.0.0, 2008-06-16
===========================

This version has three major architectural changes:

1. There is now support for internationalized messages.  All error
messages, all subject lines, and a few other messages are now configured
in a file named "text/messages" that is read at run time.  Messages in
this file will undergo header-style substitution before they are output.

Unlike other text files, all 3 of the files (DIR/text/messages,
/etc/ezmlm/LANG/text/messages, and /etc/ezmlm/default/text/messages) are
read, and only the first match (in the above order) is used for any
given message.  This allows for creation of partial files to override
just select messages.  If no match is found, the internal English text
is used.

2. The use of the "flags" file has been deprecated completely by
individual flag files accessed by the appropriate programs.  This, along
with corresponding changes to the ezmlmrc template, allows for lists to
be reconfigured without invoking ezmlm-make.  To upgrade a list to the
new setup, simply run "ezmlm-make -+ DIR".  Note that this will delete
the "config" and "flags" files, as they have been superceded by other
files.

3. Creation of subscriber tables has been moved out of ezmlm-mktab-* and
into ezmlm-make by adding some additional hooks to the subdb plugins.  A
ezmlm-rmtab program is also added to remove subscriber tables, also with
hooks in the subdb plugins.  The ezmlm-mktab-* programs have been
obsoleted by these changes and have been removed.

Smaller changes:

- Fixed a bug in ezmlm-request that caused a segfault when attempting to
  execute the "which" command.

- Added new program ezmlm-checksub to replace the
ezmlm-issubn ... || { echo error; exit 100; }
  lines in the ezmlmrc files.  ezmlm-issubn is now deprecated for use in
  .qmail files, but still exists for backwards compatibility.

- Added ezmlm-weed to the confirmer control files.

- Added <#a#> substitution for the local part of the accept address.

- ezmlm-warn will now process bounces for both the main and digest lists
  if neither the -d nor the -D options are given.

- Added several control files for programs:
dir/digcount ezmlm-tstdig
dir/digestcode ezmlm-get
dir/digformat ezmlm-get
dir/digsize ezmlm-tstdig
dir/digtime ezmlm-tstdig
dir/modcanedit ezmlm-manage
dir/modcanlist ezmlm-manage
dir/modgetonly ezmlm-get
dir/modpostonly ezmlm-store
dir/nosubconfirm ezmlm-manage
dir/nounsubconfirm ezmlm-manage
dir/nowarn ezmlm-warn
dir/subgetonly ezmlm-get
dir/noreturnposts ezmlm-clean

- Removed the ezmlm-make -4 option in favor of the above files.

- Fixed handling of digest bouncer in ezmlm-dispatch.

- Eliminated the use of vfork for portability.

- Added support for decoding sender addresses mangled by SRS.

- Fixed bug when running ezmlm-archive on a newly-created list.

- Always enable ezmlm-request in manager.

- Always enable the "deny" blacklist.

- Fixed a long standing bug in ezmlm-store that caused both posting and
  moderating to happen when both modpost and confirmpost were disabled.

Note: The subdb API was modified in this version.  You will need to
reinstall all sub-* modules along with the main package.  Also, the
messages changes also replaced the confirmpost subject line hack in
ezmlm-store and the mailinglist file.  The contents of DIR/confirmpost
and DIR/mailinglist are now ignored in favor of the SUB_CONFIRM_POST and
TXT_MAILING_LIST messages, respectively.

ezmlm-idx-6.0.1, 2007-10-06
===========================

- Fixed all of the subdb plugins to correct a problem that prevented
  ezmlm-manage from working properly.

- Fixed ezmlm-weed to handle MIME Delivery Status Notification messages
  better.

- Fixed ezmlm-send to insert the proper value for the List-ID: header.
  Thanks Bill Nugent.

- Added the necessary Sender: header to make DomainKeys work into the
  ezmlmrc template.

- ezmlm-mktab-mysql and ezmlm-mktab-pgsql will now only be installed if
  they were built (with "make mysql" or "make pgsql" respectively).

Note: The subdb API was modified in this version.  You will need to
reinstall all sub-* modules along with the main package.

ezmlm-idx-6.0.0, 2006-11-30
===========================

This version introduces two major changes in how ezmlm-idx operates.

First, the naming of subscriber lists has been revamped.  In previous
versions, the subscriber list would be identified by a full path to the
list directory.  In this version, the lists are identified by their
subdirectory name within the list base directory.  Full paths are
supported in some places for backwards compatibility, but only where
they fall within the list directory.  This coincidentally removes the
absolute path requirement in all places except ezmlm-make, and
eliminates the need for (and use of) all the "sql" files not in the list
base directory.

Second, all three subscriber database libraries (standard, MySQL, and
PostgreSQL) have been moved into dynamically loaded plugins.  If you
were previously using MySQL or PgSQL support, please follow the
instructions in UPGRADE.idx.  After this configuration, this version is
backwards configurable with previous versions.

The plugin support also adds support for an optional DIR/subdb file
which supercedes DIR/sql.  The file should contain the subscriber
database plugin name followed by the content that would have gone into
DIR/sql.  If it is not found, DIR/sql is used instead with an assumed
plugin name of "sql".  ezmlm-make will read in and convert DIR/sql if
DIR/subdb does not exist, but it writes out DIR/subdb.

Make sure to read the UPGRADE.idx file for more information on what
steps may be necessary to use this version.

ezmlm-idx-5.1.2, 2007-10-05
===========================

- Fixed ezmlm-send to insert the proper value for the List-ID: header.
  Thanks Bill Nugent.

- Added the necessary Sender: header to make DomainKeys work into the
  ezmlmrc template.

ezmlm-idx-5.1.1, 2006-11-23
===========================

- (Un)subscribe requests initiated and confirmed by a moderator are now
  marked in the Log as "+mod" or "-mod".  This is accomplished by the
  addition of another pair of subscribe/unsubscribe confirmation
  commands ("rc.cookie" and "wc.cookie") to ezmlm-manage to
  differentiate between moderated (un)subscribe requests and
  (un)subscribe requests iniated and confirmed by a moderator.

- Updated the embeded qmail-verh patch to version 0.07

ezmlm-idx-5.1.0, 2006-08-08
===========================

- Added a new configuration files "headerkeep" and "mimekeep" which
  override "headerremove" and "mimeremove" respectively if either of the
  former are present.  Instead of removing bad headers, the "headerkeep"
  file controls which ones *not* to remove.  The "mimekeep" file works
  similarly for MIME parts.

- Added a new program, ezmlm-import, which imports messages from a mbox
  file into ezmlm-idx's message archive.

- Modified ezmlm-gate, ezmlm-issubn, ezmlm-list, ezmlm-sub, and
  ezmlm-unsub to accept relative subscriber database names.  The changes
  take into account backwards compatibility.

- Added ezmlm-weed to both the moderator and manager control files.

- Added several more autoresponder signatures to ezmlm-weed.

- Modified the vfork test to use pid_t instead of int, to fix
  portability issues on Solaris.

- Fixed handling of missing ezmlmrc config file.

- Fixed ezmlm-dispatch to handle working in a non-default .qmail file.

ezmlm-idx-5.0.2, 2006-01-16
===========================

- All programs that copy the input message (ezmlm-get, ezmlm-manage,
  ezmlm-reject, ezmlm-request, and ezmlm-warn) will now copy the whole
  header but only a limited number of lines of the message body,
  configured by putting a number into "copylines".  If this control file
  is not present, no body lines are copied (to avoid spam complaints).

- Fixed ezmlm-make to override settings in the config files with command
  line options instead of the other way around.

- Updated Spanish translation for post-confirm.  Thanks Ruben Cardenal.

- Fixed bug in generation of a (currently unused) email address in the
  subscription confirmation message.

- Substitute <#c#> in (un)subscribe confirm messages with just the
  confirmation cookie (ie <#r#> without the <#l#>- prefix).

ezmlm-idx-5.0.1, 2005-12-16
===========================

- If files cannot be found in either the list directory or the
  language-specific directory, try to pull them from the default
  directory (/etc/ezmlm/default).

- Added a proper charset for Japanese texts.

- Added a Spanish translation for post-confirm.  Thanks Ruben Cardenal.

- Fixed a bug in ezmlm-cgi caused by the use of "char" type for array
  index calculations.

- Fixed ezmlm-gate failing to exit 0 on success.  Thanks Ian Charnas and
  Sami Farin.

ezmlm-idx-5.0.0, 2005-10-03
===========================

- Moved all the language-specific files (that is, all the "text" files
  plus "charset" and "mailinglist") out of the ezmlmrc files into
  individual files installed in a common location (/etc/ezmlm/LANG by
  default).

- Modified the programs to try to pull files that are not present in the
  list directory from the common location above.

- Replaced the use of the "config" file in ezmlm-make with individual
  files containing one setting each.  ezmlm-make will still read the
  config file for now, but it is considered depricated.  Running
  "ezmlm-make -+" on an existing list will upgrade it.

- Added a "conf-etc" config file to allow changing the path to
  configuration files (defaults to "/etc/ezmlm").

- Added a "conf-lang" config file to replace the "make ISO" mechanism.

- Modified the "copy" function, which translates from "text" files into
  output emails, to also select sections at run time based on the list's
  configured flags.

(schmonz)

Fix compiler flags for GCC 7 and newer on SunOS.

(jperkin)

Fix SunOS build with GCC 7.1.

(jperkin)

Test for PIE by linking rather than just compiling, as on at least SunOS
it is dependent on linker features.

(jperkin)

Handle _XOPEN_SOURCE correctly on SunOS.

(jperkin)

Regen.

(joerg)

go-1.8.3 follows hot on the heels of 1.8.2.

(bsiegert)

Update Go to 1.8.3, a non-security release.

This release includes fixes to the compiler, runtime, documentation, and the
database/sql package.
    https://golang.org/doc/devel/release.html#go1.8.minor

It also includes the security fix to the crypto/elliptic package from Go 1.8.2.

(bsiegert)

go-1.8.2

(bsiegert)

SECURITY: Update Go to 1.8.2, fixing CVE-2017-8932,
carry bug in x86-64 P-256.

A security-related issue was recently reported in Go's crypto/elliptic package.
To address this issue, we have just released Go 1.7.6 and Go 1.8.2.

The Go team would like to thank Vlad Krasnov and Filippo Valsorda at Cloudflare
for reporting the issue and providing a fix.

The issue affects Go's P-256 implementation on the 64-bit x86 architecture.

This is CVE-2017-8932 and was addressed by this change:
https://golang.org/cl/41070, tracked in this issue:
https://golang.org/issue/20040

(bsiegert)

cvs remove obsolete patch left there after upgrade.

(manu)

BPython installs man-pages when it finds Sphinx being installed in the system.
Now, Sphinx has been added as build dependency to always make the man-pages.

(adam)

Add BUILDLINK_INCDIRS per PR 50173.

(dholland)

fix PR pkg/52139:
PKGNAME for takao-ex-fonts-ttf conflicts withs takao-fonts-ttf.
Ok by wiz@.

(soda)

Updated security/cy2-saml to 1.8 [manu 2017-05-25]
Updated security/pam-saml to 1.8 [manu 2017-05-25]

(manu)

Update crudesaml to 1.8

Changelog since previous version in pkgsrc

crusdesaml-1.8          2017-05-26
Fix crash introduced server side in 1.6 for saml_log()

crusdesaml-1.7          2017-05-22
Only iterate on XML_ELEMENT_NODE nodes

crusdesaml-1.6          2017-05-20
Typos in man pages (Florian Best)
Don't log the password length if it is too small (Florian Best)
Stop if wxmlXPathRegisterNs failed (Florian Best)
autoconf: Remove duplicate $(DESTDIR) (Florian Best)
PAM: Require only one provider (Florian Best)
PAM: No SONAME versioning (Philipp Hahn)
autoconf: Only strictness foreign (Philipp Hahn)
PAM: fix static PAM module build (Philipp Hahn)
Hide internal symbols (Philipp Hahn)
Fix varadic function SIGSEGV (Philipp Hahn)
Fix crash when using saml_log()/saml_error() in SASL client plugin

crusdesaml-1.5          2012-11-13
mod_shib2 compatibility, debug messages (Jan Tomasek)

(manu)

git-base-2.13.0nb1 broke all little endian platforms on *BSD.
(NOTE: _BIG_ENDIAN is always defined even on litte endian platforms)
from nonaka@

(soda)

Note update of net/mosh to 1.3.0

(agc)

Update mosh from 1.2.6 to 1.3.0 (thanks to Matthew Parsons for the nudge).

Changes since previous version:
* New features:
* Change website URLs from http://mosh.mit.edu to
  https://mosh.org.  (Keith Winstein)
* Add --no-ssh-pty option for Dropbear compatibility and
  other issues.
* Switch to semantic versioning, making this version 1.3.0
  instead of 1.2.7.

* Platform support:
* Added nonce-incrementing test.  (Keith Winstein)
* Add build-source-package.sh for Debian.  (Keith Winstein)
* Fix CPPFLAGS handling possibly causing curses detection
  failure.  (John Hood)
* Add an Appveyor/Cygwin CI build.
* Improve warning-flags detection for 'make distcheck'.  (John Hood)
* Improve robustness of regression tests.  (John Hood)
* Support OpenBSD pledge() sandboxing.  (John Hood)
* Use backward-compatible name for AES in
  AppleCommonCrypto, fixing builds with older OS X SDKs.  (John Hood)
* Detect clock_gettime() and CLOCK_MONOTONIC carefully,
  fixing OS X 10.12 + Xcode 7.3 builds.  (John Hood)
* Support older versions of Perl, back to 5.10, fixing
  RHEL 5 builds. (Anders Kaseorg)
* Add a Travis OS X CI and release build.  (John Hood)
* Add --help and --version, enabling Automake's
'std-options' checks.  (Anders Kaseorg)
* Add a simple smoke test not requiring tmux, to help
  validate builds on older platforms including RHEL 5. (Anders Kaseorg)
* Check for presence of clock_gettime() for OS X, where
  the symbol may not be resolved on older OS X versions.  (John
  Hood)
* Fix a memory alignment issue in OCB with ARM/Neon. (Carlos Cabanero)
* Mosh now runs correctly on Bash for Windows with Windows 10
  Insider builds 15002 and higher. (No change in Mosh)
* Other minor platform compatibility fixes for Mosh
  sources and tests.  (John Hood)

* Bug fixes:
* Work around a pty buffering issue causing failed
  connections on FreeBSD 11, or with Dropbear.  (John Hood)
* Restore '-p 0' option for OS-selected UDP port bindings.  (John Hood)
* Shell hygiene fixes, including better quoting of
  pathnames.  (Anders Kaseorg)
* Fix typos in project docs.  (Jakub Wilk)
* Fix excess newlines on mosh client startup/shutdown.  (John Hood)
* Exit gracefully, closing session, on pty write or ioctl failure.  (John Hood)
* Fix two bugs that caused mosh-server to consume
  excessive CPU in certain circumstances.  (John Hood)
* Fix bug that caused text copied from mosh-client to
  paste as long lines joined by spaces.  (John Hood)
* Documentation improvements. (chenxiaoqino, Ashish Gupta)
* Use getuid(), not geteuid(), for correct getpw* lookups.  (John Hood)

(agc)

Updated net/openvpn to 2.4.2

(adam)

OpenVPN 2.4.2

Compared to OpenVPN 2.3 this is a major update with a large number of new features, improvements and fixes. Some of the major features are AEAD (GCM) cipher and Elliptic Curve DH key exchange support, improved IPv4/IPv6 dual stack support and more seamless connection migration when client's IP address changes (Peer-ID). Also, the new --tls-crypt feature can be used to increase users' connection privacy.

Compared to OpenVPN 2.4.1 there are several bugfixes and small enhancements. A summary of the changes is available in Changes.rst.

(adam)

Updated devel/lemon to 1.0.3.19.0

(adam)

Match sqlite3 version

(adam)

Updated databases/sqlite3 to 3.19.0; devel/py-attrs to 17.2.0. Removed databases/postgresql91*

(adam)

Removed databases/postgresql91

(adam)

Changes 17.2.0:
Validators are hashable again. Note that validators may become frozen in the future, pending availability of no-overhead frozen classes.

(adam)

SQLite Release 3.19.0
---------------------
The SQLITE_READ authorizer callback is invoked once with a column name that is an empty string for every table referenced in a query from which no columns are extracted.
When using an index on an expression, try to use expression values already available in the index, rather than loading the original columns and recomputing the expression.
Enhance the flattening optimization so that it is able to flatten views on the right-hand side of a LEFT JOIN.
Use replace() instead of char() for escaping newline and carriage-return characters embedded in strings in the .dump output from the command-line shell.
Avoid unnecessary foreign key processing in UPDATE statements that do not touch the columns that are constrained by the foreign keys.
On a DISTINCT query that uses an index, try to skip ahead to the next distinct entry using the index rather than stepping through rows, when an appropriate index is available.
Avoid unnecessary invalidation of sqlite3_blob handles when making changes to unrelated tables.
Transfer any terms of the HAVING clause that use only columns mentioned in the GROUP BY clause over to the WHERE clause for faster processing.
Reuse the same materialization of a VIEW if that VIEW appears more than once in the same query.
Enhance PRAGMA integrity_check so that it identifies tables that have two or more rows with the same rowid.
Enhance the FTS5 query syntax so that column filters may be applied to arbitrary expressions.
Enhance the json_extract() function to cache and reuse parses of JSON input text.
Added the anycollseq.c loadable extension that allows a generic SQLite database connection to read a schema that contains unknown and/or application-specific collating sequences.

Bug Fixes:
----------
Fix a problem in REPLACE that can result in a corrupt database containing two or more rows with the same rowid.
Fix a problem in PRAGMA integrity_check that was causing a subsequent VACUUM to behave suboptimally.
Fix the PRAGMA foreign_key_check command so that it works correctly with foreign keys on WITHOUT ROWID tables.
Disallow leading zeros in numeric constants in JSON.
Disallow control characters inside of strings in JSON.
Limit the depth of recursion for JSON objects and arrays in order to avoid excess stack usage in the recursive descent parser.

(adam)

Simplify and fix SunOS compiler flags.

(jperkin)

Disable -Werror=missing-include-dirs

(jperkin)

Add workarounds for SunOS GCC 7.1 build.

(jperkin)

Note update of www/contao43 package to 4.3.10.

(taca)

Update contao43 to 4.3.10.

4.3.10

* Several bug fixes, especially it fixed a problem of generating
  language cache.

(taca)

+ ruby-redmine-3.3.3, sudo-1.8.20.

(taca)

Updated www/php-nextcloud to 12.0.0

(ryoon)

Note update of net/samba to 3.6.25nb6 and net/samba4 to 4.6.4.

(he)

Update to 12.0.0

* Tested with PHP 7.1.5

Changelog:
Not available (yet?)

(ryoon)

Update samba4 to version 4.6.4.

Pkgsrc changes:
* Adapt PLIST, new .so installed.

Upstream changes:

Changes since 4.6.3:
---------------------
o  Volker Lendecke <vl@samba.org>
  * BUG 12780: CVE-2017-7494: Avoid remote code execution from a writable
    share.

Changes since 4.6.2:
--------------------
o  Michael Adam <obnox@samba.org>
  * BUG 12743: s3:vfs:shadow_copy2: vfs_shadow_copy2 fails to list snapshots
    from shares with GlusterFS backend.

o  Jeremy Allison <jra@samba.org>
  * BUG 12559: Fix for Solaris C compiler.
  * BUG 12628: s3: locking: Update oplock optimization for the leases era.
  * BUG 12693: Make the Solaris C compiler happy.
  * BUG 12695: s3: libgpo: Allow skipping GPO objects that don't have the
    expected LDAP attributes.
  * BUG 12747: Fix buffer overflow caused by wrong use of getgroups.

o  Hanno Boeck <hanno@hboeck.de>
  * BUG 12746: lib: debug: Avoid negative array access.
  * BUG 12748: cleanupdb: Fix a memory read error.

o  Ralph Boehme <slow@samba.org>
  * BUG 7537: streams_xattr and kernel oplocks results in
    NT_STATUS_NETWORK_BUSY.
  * BUG 11961: winbindd: idmap_autorid allocates ids for unknown SIDs from
    other backends.
  * BUG 12565: vfs_fruit: Resource fork open request with
    flags=O_CREAT|O_RDONLY.
  * BUG 12615: manpages/vfs_fruit: Document global options.
  * BUG 12624: lib/pthreadpool: Fix a memory leak.
  * BUG 12727: Lookup-domain for well-known SIDs on a DC.
  * BUG 12728: winbindd: Fix error handling in rpc_lookup_sids().
  * BUG 12729: winbindd: Trigger possible passdb_dsdb initialisation.

o  Alexander Bokovoy <ab@samba.org>
  * BUG 12611: credentials_krb5: use gss_acquire_cred for client-side GSSAPI
    use case.
  * BUG 12690: lib/crypto: Implement samba.crypto Python module for RC4.

o  Amitay Isaacs <amitay@gmail.com>
  * BUG 12697: ctdb-readonly: Avoid a tight loop waiting for revoke to
    complete.
  * BUG 12723: ctdb_event monitor command crashes if event is not specified.
  * BUG 12733: ctdb-docs: Fix documentation of "-n" option to 'ctdb tool'.

o  Volker Lendecke <vl@samba.org>
  * BUG 12558: smbd: Fix smb1 findfirst with DFS.
  * BUG 12610: smbd: Do an early exit on negprot failure.
  * BUG 12699: winbindd: Fix substitution for 'template homedir'.

o  Stefan Metzmacher <metze@samba.org>
  * BUG 12554: s4:kdc: Disable principal based autodetected referral detection.
  * BUG 12613: idmap_autorid: Allocate new domain range if the callers knows
    the sid is valid.
  * BUG 12724: LINKFLAGS_PYEMBED should not contain -L/some/path.
  * BUG 12725: PAM auth with WBFLAG_PAM_GET_PWD_POLICY returns wrong policy for
    trusted domain.
  * BUG 12731: rpcclient: Allow -U'OTHERDOMAIN\user' again.

o  Christof Schmitt <cs@samba.org>
  * BUG 12725: winbindd: Fix password policy for pam authentication.

o  Andreas Schneider <asn@samba.org>
  * BUG 12554: s3:gse: Correctly handle external trusts with MIT.
  * BUG 12611: auth/credentials: Always set the realm if we set the principal
    from the ccache.
  * BUG 12686: replace: Include sysmacros.h.
  * BUG 12687: s3:vfs_expand_msdfs: Do not open the remote address as a file.
  * BUG 12704: s3:libsmb: Only print error message if kerberos use is forced.
  * BUG 12708: winbindd: Child process crashes when kerberos-authenticating
    a user with wrong password.

o  Uri Simchoni <uri@samba.org>
  * BUG 12715: vfs_fruit: Office document opens as read-only on macOS due to
    CNID semantics.
  * BUG 12737: vfs_acl_xattr: Fix failure to get ACL on Linux if memory is
    fragmented.

(he)