Enable librdkafka

(fhajny)

Added devel/librdkafka version 0.9.5

(fhajny)

Import librdkafka 0.9.5 as devel/librdkafka.

librdkafka is a C library implementation of the Apache Kafka protocol,
containing both Producer and Consumer support.

(fhajny)

Added www/ruby-actionview42 version 4.2.8

(minskim)

Add ruby-actionview42

(minskim)

Import ruby-actionview-4.2.8 as www/ruby-actionview42

Action View provides simple, battle-tested conventions and helpers for
building web pages.

(minskim)

Updated pkgtools/pkg_install to 20170419nb1

(joerg)

pkg_install-20170419:
- Convert to libarchive 3.x interfaces, avoiding the legacy glue.
- Rename local copy of netpgpverify to match installed headers.
- Shuffle bootstrap code to reduce special cases in pkg_add.
- Always read/write file names in tar archives as binary. While they are
  supposed to be UTF-8, locale conversion creates more problems than it
  solves here.
- Fix const correctness in gpg_verify.
- Add format string annotation for xasprintf for GCC-like compilers.
- Restrict supported archive formats for binary packages to ar (signed
  packages) and tar (actual content) with uncompressed/gzip/bzip2/xz as
  compression choices. This reduces the exposed libarchive surface.
- The pkg-vulnerability file correspondingly supports only the same
  compression choices.

(joerg)

Block signals explicitly during lwp creation since blocking via the context
doea not work.

(christos)

Updated emulators/mame to 0.184

(wiz)

Updated mame to 0.184.

Well, it窶冱 the last Wednesday of the month, and I hope you know
what that means: it窶冱 time for your regularly scheduled MAME release.
There aren窶冲 a huge number of new working machines in this release,
but there are some significant improvements. Thanks to kazblox,
MAME now emulates some of the peculiarities of Famicom clone hardware,
and thanks to shattered, emulation of the Agat-7 Apple II clone is
improved. Peter Ferrie provided a superior Apple II language card
implementation. We窶况e got lots of additions to the BBC and PC
software lists from Nigel Barnes and darkstar.

We窶况e made substantial improvements to some of MAME窶冱 non-emulation
features. The -romident verb is now much faster when used on a
folder or archive containing multiple files, and will identify ROMs
for emulated slot devices that aren窶冲 inserted by default. The
-listxml output now includes all linked devices, and is produced
at least 30% faster. We窶况e also improved -verifyroms so it covers
more devices and is faster when verifying ROMs for a subset of
drivers/devices.

MAME 0.184 includes support for plenty of newly dumped versions of
supported arcade games, including a rare US prototype of Shanghai
III, the world release of Super Crowns Golf, a version of Flashgirl
that shows the Kyugo logo, a German version of Raiden II, the
Japanese release of Radical Radial, and bootlegs of Bomber Man and
Phoenix. There are also several new chess computers, and even more
Aristocrat Mark V gambler sets. If you窶决e interested in the TI-8x
graphing calculators, it窶冱 now possible to get an emulated TI-82
or TI-85 to communicate with another emulated instance or with a
program running on the host computer over a socket.

(wiz)

Add upstream bug report URL.

(wiz)

A few more pullup tickets.

(bsiegert)

Pullup ticket #5276 - requested by sevan
wm/fluxbox: build fix

Revisions pulled up:
- wm/fluxbox/PLIST                                              1.23

---
  Module Name:    pkgsrc
  Committed By:  pho
  Date:          Thu Apr 13 04:29:05 UTC 2017

  Modified Files:
          pkgsrc/wm/fluxbox: PLIST

  Log Message:
  Fix PLIST for the nls option: he_IL.UTF-8 was missing

(bsiegert)

Pullup ticket #5323 - requested by sevan
print/ghostscript-gpl: security fix

Revisions pulled up:
- print/ghostscript-gpl/Makefile                                1.25
- print/ghostscript-gpl/distinfo                                1.17
- print/ghostscript-gpl/patches/patch-CVE-2016-10217            1.1
- print/ghostscript-gpl/patches/patch-CVE-2016-10219            1.1
- print/ghostscript-gpl/patches/patch-CVE-2016-10220            1.1
- print/ghostscript-gpl/patches/patch-CVE-2017-5951            1.1

---
  Module Name:    pkgsrc
  Committed By:  tez
  Date:          Tue Apr 18 22:07:07 UTC 2017

  Modified Files:
          pkgsrc/print/ghostscript-gpl: Makefile distinfo
  Added Files:
          pkgsrc/print/ghostscript-gpl/patches: patch-CVE-2016-10217
              patch-CVE-2016-10219 patch-CVE-2016-10220 patch-CVE-2017-5951

  Log Message:
  Patches for CVE-2016-10217, CVE-2016-10219, CVE-2016-10220 & CVE-2017-5951

(bsiegert)

Updated net/wireshark to 2.2.6

(wiz)

Updated wireshark to 2.2.6.

What's New

  Bug Fixes

  The following vulnerabilities have been fixed:
    * [1]wnpa-sec-2017-12
      IMAP dissector crash ([2]Bug 13466) [3]CVE-2017-7703
    * [4]wnpa-sec-2017-13
      WBMXL dissector infinite loop ([5]Bug 13477) [6]CVE-2017-7702
    * [7]wnpa-sec-2017-14
      NetScaler file parser infinite loop ([8]Bug 13478) [9]CVE-2017-7700
    * [10]wnpa-sec-2017-15
      RPCoRDMA dissector infinite loop ([11]Bug 13558) [12]CVE-2017-7705
    * [13]wnpa-sec-2017-16
      BGP dissector infinite loop ([14]Bug 13557) [15]CVE-2017-7701
    * [16]wnpa-sec-2017-17
      DOF dissector infinite loop ([17]Bug 13453) [18]CVE-2017-7704
    * [19]wnpa-sec-2017-18
      PacketBB dissector crash ([20]Bug 13559)
    * [21]wnpa-sec-2017-19
      SLSK dissector long loop ([22]Bug 13576)
    * [23]wnpa-sec-2017-20
      SIGCOMP dissector infinite loop ([24]Bug 13578)
    * [25]wnpa-sec-2017-21
      WSP dissector infinite loop ([26]Bug 13581)

  The following bugs have been fixed:
    * T30 FCF byte decoding masks DTC, CIG and NCS. ([27]Bug 1918)
    * Wireshark gives decoding error during rnsap message dissection(SCCP
      reassembly). ([28]Bug 3360)
    * Added IEEE 802.15.4-2003 AES-CCM security modes
      (packet-ieee802154). ([29]Bug 4912)
    * Payload in 2 SCCP DT1 messages in the same frame isn't
      (sub)dissected. ([30]Bug 11130)
    * IEEE 802.15.4: an area of Payload IEs is dissected twice. ([31]Bug
      13068)
    * Qt UI: Wireshark crash when deleting IO graph string while it's in
      editing mode. ([32]Bug 13234)
    * Crash on exit due to an invalid frame data sequence state. ([33]Bug
      13433)
    * Access Violation using Lua dissector. ([34]Bug 13457)
    * Some bytes ignored in every packet in NetScaler packet trace when
      vmnames are included in packet headers. ([35]Bug 13459)
    * VOIP RTP stream Find Reverse button doesn't work. ([36]Bug 13462)
    * Lua dissector: ProtoField int&42; do not allow FT_HEX or FT_OCT,
      crash when set to FT_HEX_DEC or FT_DEC_HEX. ([37]Bug 13484)
    * GIOP LocateRequest v1.0 is improperly indicated as "malformed".
      ([38]Bug 13488)
    * Bug in ZigBee - Zone Status Change Notification. ([39]Bug 13493)
    * Packet exception in packet-ua3g and incomplete strings in
      packet-noe. ([40]Bug 13502)
    * Wrong BGP capability dissect. ([41]Bug 13521)
    * Endpoint statistics column labels seem incorrect. ([42]Bug 13526)
    * Strange automatic jump in packet details for a certain DNS response
      packet. ([43]Bug 13533)
    * When a Lua enum or bool preference is changed via context menu,
      prefs_changed isn't called with Qt Wireshark. ([44]Bug 13536)
    * IO Graph selects wrong packet or displays "Packet number x isn't
      displayed". ([45]Bug 13537)
    * tshark's -z endpoints,ip ignores optional filter. ([46]Bug 13538)
    * SSL: Handshake type in Info column not always separated by comma.
      ([47]Bug 13539)
    * libfuzzer: PEEKREMOTE dissector bug. ([48]Bug 13544)
    * libfuzzer: packetBB dissector bug (packetbb.msg.addr.valuecustom).
      ([49]Bug 13545)
    * libfuzzer: WSP dissector bug (wsp.header.x_wap_tod). ([50]Bug
      13546)
    * libfuzzer: MIH dissector bug. ([51]Bug 13547)
    * libfuzzer: DNS dissector bug. ([52]Bug 13548)
    * libfuzzer: WLCCP dissector bug. ([53]Bug 13549)
    * libfuzzer: TAPA dissector bug. ([54]Bug 13553)
    * libfuzzer: lapsat dissector bug. ([55]Bug 13554)
    * libfuzzer: wassp dissector bug. ([56]Bug 13555)
    * Illegal reassembly of GSM SMS packets. ([57]Bug 13572)
    * SSH Dissector uses incorrect length for protocol field
      (ssh.protocol). ([58]Bug 13574)
    * NBAP malformed packet for short Binding ID. ([59]Bug 13577)
    * libfuzzer: WSP dissector bug (wsp.header.x_up_1.x_up_proxy_tod).
      ([60]Bug 13579)
    * libfuzzer: asterix dissector bug (asterix.021_230_RA). ([61]Bug
      13580)
    * RTPproxy dissector adds multi lines to info column. ([62]Bug 13582)

  Updated Protocol Support

  ASTERIX, BGP, BSSGP, BT AVRCP, BT HCI_CMD, BT HFP, BT PBAP, DNS, DOF,
  EAPOL-MKA, GIOP, GSM SMS, HTTP, ICMP, IEEE 802.11, IEEE 802.15.4, IMAP,
  ISIS LSP, iSNS, LAPSat, MIH, MySQL, NBAP, NBIFOM, PacketBB, PEEKREMOTE,
  RPCoRDMA, RTPproxy, SCCP, SIGCOMP, SLSK, SSH, SSL, T.30, TAPA, UA3G,
  WASSP, WBXML, WLCCP, WSP, and ZigBee ZCL IAS

(wiz)

Updated devel/waf to 1.9.9

(wiz)

Updated waf to 1.9.9.

NEW IN WAF 1.9.9
----------------
* Fix QT5 detection on macOS 1912
* Fix Clang compilation database when no c compiler is found #1914
* Fix python 3 compatibility with cppcheck #1921
* Fix the thread index in parallel_debug
* Fix install task for mac_files #1911
* Fix msvc version detection #1907
* Add VS2017 support #1927
* Add newer fortran flag detection #1916
* Add unity builds settings per task generator
* Add run_build_cls parameter to conf.run_build/conf.check
* Add a warning for missing cflags/cxxflags in gccdeps

(wiz)

Updated net/syncthing to 0.14.26

(wiz)

Updated syncthing to 0.14.26.

This is a regularly scheduled stable release.

Resolved issues since v0.14.25:

    #4035: Symlinks are now properly ignored on Windows.
    #2344: Discovery errors are more clearly displayed in the GUI.
    #3913: The language dropdown menu in the GUI is now correctly sorted.

Also:

    When there are items that could not be synced, their full path is displayed in the GUI.

(wiz)

Pullup ticket #5317 - requested by sevan
comms/minicom: security fix

Revisions pulled up:
- comms/minicom/Makefile                                        1.69
- comms/minicom/distinfo                                        1.18

---
  Module Name:    pkgsrc
  Committed By:  wiz
  Date:          Tue Apr 18 13:30:57 UTC 2017

  Modified Files:
          pkgsrc/comms/minicom: Makefile distinfo

  Log Message:
  Updated minicom to 2.7.1.

  New for version 2.7.1:
    - CVE-2017-7467: Fix an out of bounds data access that
      can lead to remote code execution. This issue was found
      by Solar Designer of Openwall during a security audit of
      the Virtuozzo 7 product, which contains derived downstream
      code in its prl-vzvncserver component. The corresponding
      Virtuozzo 7 fix is:
  https://src.openvz.org/projects/OVZ/repos/prl-vzvncserver/commits/6d95404e75b98f36b1cc85ee23df99dcf06ca13f

      Openwall would like to thank the Virtuozzo company for
      funding the effort.

(bsiegert)

Updated devel/ragel to 6.10

(wiz)

Updated ragel to 6.10.

Ragel 6.10 - Mar 24, 2017
=========================
-C codegen: test P vs PE in goto/call/ret statements in EOF actions, just
  before re-entering. If at the end of the input block then the EOF check is
  jumped to. This change prevents overrunning the buffer if control flow is
  issued in an EOF action without fixing the input pointer first. If a program
  properly issues an fhold before the control flow the program won't be
  affected.
-Updated action label generation. The previous set of conditions for
  generating the label didn't cover actions coming from the eofAction pointer
  (eof trans covered since it points into the set of transitions).
-Use separate signed/unsigned values for host type min/max. Using separate
  values avoids the need to type cast before the data goes into FsmCtx structs.
  Keep it in native types until it is used.
-Optionally do not generate entry point variables. Adds noentry write option
  for data.
-Various warning elimination and build updates.

(wiz)

Updated mail/rspamd to 1.5.5

(wiz)

Updated rspamd to 1.5.5.

1.5.5:
* [CritFix] Fix classifier learning with Redis backend
* [CritFix] Fix issue when parsing encoded rfc822/messages
* [Feature] Add escaped version of lua_ucl import
* [Feature] Add task:headers_foreach function
* [Feature] Allow to process filenames from content type
* [Feature] Allow to query hashed emails
* [Feature] Ignore bayes with mostly metatokens or with too few text
* [Feature] Probabilistically skip metatokens
* [Feature] Retrieve all virus names from SAVAPI
* [Feature] Rework classifiers lua metatokens
* [Feature] Store headers order
* [Feature] Store text tokens inside bayes tokens
* [Feature] Use cached shingles keys
* [Fix] Add missing score normalisation for HFILTER_URL_ONLY
* [Fix] Avoid lookup in absent hash
* [Fix] Check return values from Lua functions called from C
* [Fix] Do not count sending and loading time in rspamc
* [Fix] Escape json strings for controller rejplies from Lua
* [Fix] Fix archive scans for savapi
* [Fix] Fix domain_only emails RBL
* [Fix] Fix ip_score map configuration
* [Fix] Fix JSON output for history_redis
* [Fix] Fix one character length substrings search
* [Fix] Fix parsing of non-RFC compatible Exim received
* [Fix] Fix parsing of options for workers with the same type
* [Fix] Fix processing of small tokens vectors
* [Fix] Fix rfc2047 tokenization
* [Fix] Fix typo
* [Fix] More fixes for inplace decoding
* [Fix] Try to avoid modifications of the original data
* [Fix] URL redirector: Fix call to is_redirector
* [Rework] Set token data as uint64_t instead of chars array
* [WebUI] Check if neighbours' history backend versions match
* [WebUI] Disable phrase connectors replacement in history filtering
* [WebUI] Disable phrase connectors replacement in symbols filtering
* [WebUI] Do not hide messages with bad subject, just replace it with '???'
* [WebUI] Fix error message
* [WebUI] Fix history v2 display
* [WebUI] Fix legacy history
* [WebUI] history: break To address lists on commas
* [WebUI] Increase default timeout to 20 seconds
* [WebUI] Save some history table space

1.5.4:
* [Conf] Add history_redis default configuration
* [Feature] Add spoofed rules
* [Feature] Add URL_IN_SUBJECT rule
* [Feature] Allow to get task's subject
* [Feature] Allow to specify maximum number of shots for symbols
* [Feature] Distinguish URLs found in Subject
* [Feature] Memoize LPEG grammars
* [Feature] Parse else parts in SA rules
* [Feature] Process subject for mixed characters
* [Feature] Resolve url chains in url_redirector module
* [Feature] Stat greylisted messages as greylisted not soft-rejected
* [Feature] Support checking for redirector in Lua SURBL
* [Feature] Support tag_exists SA function
* [Feature] Work with broken rfc2047 tokens
* [Fix] Check all watcher's dependencies
* [Fix] Do not compile hyperscan with no SSSE3 support
* [Fix] Do not crash if cannot decode qp encoded part
* [Fix] Fix dependencies of DKIM when multiple signatures are found
* [Fix] Fix lists in whitelist plugin
* [Fix] Fix one-shot symbols weight calculations
* [Fix] Fix options and shots match
* [Fix] Fix order of symbol options
* [Fix] Fix parsing of dot at the end of the address
* [Fix] Fix parsing of lua table arguments
* [Fix] Fix processing of subject words
* [Fix] Fix string split memoization
* [Fix] Fix templates grammar usage
* [Fix] Fix various issues related to Lua stack manipulation
* [Fix] Force actions: Use postfilter if we have honor_action / require_action
* [Fix] Further fixes to avoid PHISHING FP
* [Fix] Preserve order of options in symbols
* [Fix] Rspamadm grep: deal with unusually-formatted logs
* [Fix] Use hostname suffix when dealing with history
* [Rework] Remove outdated SA rules
* [WebUI] Add flexible columns
* [WebUI] Add footable
* [WebUI] Add sender, recipients and subject columns
* [WebUI] Allow message-id break
* [WebUI] Fix history clustering
* [WebUI] Fix history display
* [WebUI] Fix sorting
* [WebUI] Humanize sizes
* [WebUI] Initial move towards footable
* [WebUI] Remove datatables
* [WebUI] Replace `.values` method with `.map`
* [WebUI] Rework v2 symbols display
* [WebUI] Try to normalize frequencies
* [WebUI] Unbreak WebUI
* [WebUI] Use Footable to draw Throughput summary table

(wiz)

Pullup ticket #5290 (second part) - requested by sevan
www/nginx: build fix

Revisions pulled up:
- www/nginx/options.mk                                          1.38

---
  Module Name:    pkgsrc
  Committed By:  maya
  Date:          Sat Apr 15 06:26:51 UTC 2017

  Modified Files:
          pkgsrc/www/nginx: options.mk

  Log Message:
  Use PKG_OPTIONS_LEGACY_OPTS for renaming v2->http2

  so existing users won't need to modify their configs

(bsiegert)

Updated devel/py-tortoisehg to 4.1.3

(wiz)

Updated py-tortoisehg to 4.1.3.

TortoiseHg 4.1.3

TortoiseHg 4.1.3 is a special release to pick up security fixes in Mercurial 4.1.3

TortoiseHg 4.1.2

TortoiseHg 4.1.2 is a regularly scheduled bug-fix release

Bug Fixes

    fix URLs to websites

Installer

    Latest evolve and dulwich extensions

(wiz)

Updated devel/py-setuptools_scm to 1.15.5

(wiz)

Updated py-setuptools_scm to 1.15.5.

v1.15.5
=======

* fix #167 by correctly respecting preformatted version metadata
  from PKG-INFO/EGG-INFO

v1.15.4
=======

* fix issue #164: iterate all found entry points to avoid erros when pip remakes egg-info
* enhance self-use to enable pip install from github again

v1.15.3
=======

* bring back correctly getting our version in the own sdist, finalizes #114
* fix issue #150: strip local components of tags

v1.15.2
=======

* fix issue #128: return None when a scm specific parse fails in a worktree to ease parse reuse

v1.15.1
=======

* fix issue #126: the local part of any tags is discarded
  when guessing new versions
* minor performance optimization by doing fewer git calls
  in the usual cases

(wiz)

Updated devel/py-setuptools to 35.0.0

(wiz)

Updated py-setuptools to 35.0.0.

v35.0.0
-------

* #436: In egg_info.manifest_maker, no longer read
  the file list from the manifest file, and instead
  re-build it on each build. In this way, files removed
  from the specification will not linger in the manifest.
  As a result, any files manually added to the manifest
  will be removed on subsequent egg_info invocations.
  No projects should be manually adding files to the
  manifest and should instead use MANIFEST.in or SCM
  file finders to force inclusion of files in the manifest.

v34.4.1
-------

* #1008: In MSVC support, use always the last version available for Windows SDK and UCRT SDK.

* #1008: In MSVC support, fix "vcruntime140.dll" returned path with Visual Studio 2017.

* #992: In msvc.msvc9_query_vcvarsall, ensure the
  returned dicts have str values and not Unicode for
  compatibilty with os.environ.

v34.4.0
-------

* #995: In MSVC support, add support for "Microsoft Visual Studio 2017" and "Microsoft Visual Studio Build Tools 2017".

* #999 via #1007: Extend support for declarative package
  config in a setup.cfg file to include the options
  ``python_requires`` and ``py_modules``.

(wiz)

Updated devel/py-pbr to 2.1.0

(wiz)

Updated py-pbr to 2.1.0.

2.1.0
-----

* Lazy import pkg_resources
* Initialize sphinx config using application instead of config
* Updated from global requirements
* Also generate XML coverage report
* Update to a newer hacking library

(wiz)

Updated devel/py-hypothesis to 3.7.0

(wiz)

Updated py-hypothesis to 3.7.0.

3.7.0 - 2017-03-20

This is a feature release.

New features:

    Rule based stateful testing now has an @invariant decorator that specifies methods that are run after init and after every step, allowing you to encode properties that should be true at all times. Thanks to Tom Prince for this feature.
    The decimals strategy now supports allow_nan and allow_infinity flags.
    There are significantly more strategies available for numpy, including for generating arbitrary data types. Thanks to Zac Hatfield Dodds for this feature.
    When using the data() strategy you can now add a label as an argument to draw(), which will be printed along with the value when an example fails. Thanks to Peter Inglesby for this feature.

Bug fixes:

    Bug fix: @composite now preserves functions窶� docstrings.
    The build is now reproducible and doesn窶冲 depend on the path you build it from. Thanks to Chris Lamb for this feature.
    numpy strategies for the void data type did not work correctly. Thanks to Zac Hatfield Dodds for this fix.

There have also been a number of performance optimizations:

    The permutations() strategy is now significantly faster to use for large lists (the underlying algorithm has gone from O(n^2) to O(n)).
    Shrinking of failing test cases should have got significantly faster in some circumstances where it was previously struggling for a long time.
    Example generation now involves less indirection, which results in a small speedup in some cases (small enough that you won窶冲 really notice it except in pathological cases).

(wiz)

Updated devel/py-dulwich to 0.17.2

(wiz)

Updated py-dulwich to 0.17.2.

0.17.2 2017-03-19

BUG FIXES

* Add workaround for
  https://bitbucket.org/pypy/pypy/issues/2499/cpyext-pystring_asstring-doesnt-work,
  fixing Dulwich when used with C extensions on pypy < 5.6. (Victor Stinner)

* Properly quote config values with a '#' character in them.
  (Jelmer Vernooij, #511)

(wiz)

Updated converters/py-chardet to 3.0.2

(wiz)

Updated py-chardet to 3.0.2.

chardet 3.0.2

Fixes an issue where detect would sometimes return None instead of a dict with the keys encoding, language, and confidence (Issue #113, PR #114).

chardet 3.0.1

This bugfix release fixes a crash in the EUC-TW prober when it encountered certain strings (Issue #67).

chardet 3.0.0

This release is long overdue, but still mostly serves as a placeholder
for the impending 4.0.0 release, which will have retrained models
for better accuracy. For now, this release will get the following
improvements up on PyPI:

    Added support for Turkish ISO-8859-9 detection (PR #41, thanks @queeup)
    Commented out large unused sections of Big5 and EUC-KR tables to save memory (8bc4b89)
    Removed Python 3.2 from testing, but add 3.4 - 3.6
    Ensure that stdin is open with mode 'rb' for chardetect CLI. (PR #38, thanks @lpsinger)
    Fixed chardetect crash with non-ascii file names (PR #39, thanks @nkanaev)
    Made naming conventions more Pythonic throughout (no more mTypicalPositiveRatio, and instead typical_positive_ratio)
    Modernized test scripts and infrastructure so we've got Travis testing and all that stuff
    Rename filter_without_english_words to filter_international_words and make it match current Mozilla implementation (PR #44, thanks @rsnair2)
    Updated filter_english_letters to match C implementation (c665459)
    Temporarily disabled Hungarian ISO-8859-2 and Windows-1250 detection because it is very inaccurate (da6c0a0)
    Allow CLI sub-package to be importable (PR #55)
    Add a hypotheis-based test (PR #66, thanks @DRMacIver)
    Strip endianness from UTF with BOM predictions so that the encoding can be passed directly to bytes.decode() (PR #73, thanks @snoack)
    Fixed broken links in docs (PR #90, thanks @roskakori)
    Added early exit to chardetect when encoding is detected instead of looping through entire file (PR #103, thanks @jpz)
    Use bytearray objects internally instead of wrap_ord calls, which provides a nice performance boost across the board (PR #106)
    Add language property to probers and UniversalDetector results (PR #180)
    Mark the 5 known test failures as such so we can have more useful Travis build results in the meantime (d588407)

(wiz)

Updated devel/py-mercurial to 4.1.3

(wiz)

Updated py-mercurial to 4.1.3.

Mercurial 4.1.3 (2017-4-18)

This is an out of cycle release to address a security issue:

    hg serve --stdio could be tricked into granting authorized users access to the Python debugger. Thanks to Jonathan Claudius of Mozilla for reporting this issue

(wiz)

Updated mail/squirrelmail to 1.4.23pre14605nb1

(maya)

squirrelmail: patch remote code execution (CVE-2017-7692)
separately escape tainted input before feeding it into popen.
https://www.wearesegment.com/research/Squirrelmail-Remote-Code-Execution.html

patch from Filipo Cavallarin@wearesegment, who also found the vulnerability.
bump PKGREVISION

(maya)

Do not use GNU make syntax. Fix build with bmake

(ryoon)

Updated devel/py-mercurial to 4.1.2

(wiz)

Updated py-mercurial to 4.1.2.

Mercurial 4.1.2 (2017-4-3)

This is a regularly-scheduled bugfix release.

    Mercurial should work inside IIS on Windows again. (issue5493)

    zstd support now refuses to work on old bundle formats. (issue5506)

    Merges involving subrepositories no longer crash in some cases. (issue5505)

    Checking for new heads during push is no longer accidentally quadratic

(wiz)

Updated www/p5-libwww to 6.26

(wiz)

Updated p5-libwww to 6.26.

6.26      2017-04-12
    - Perltidy all apps in the bin/ directory
    - Make all apps in bin/ use strict and warnings (RT #92633)
    - Fix bug tracker URL in metadata

(wiz)

Updated textproc/p5-Unicode-LineBreak to 2017.004

(wiz)

Updated p5-Unicode-LineBreak to 2017.004.

2017.004  Tue Apr 11 2017
# No new features.

2016.007_02  Sat Jul 02 2016
! lib/Text/LineFold.pm
! t/04fold.t
  - CPAN RT#115146: Space indenting not happening with "From" or " ".

(wiz)

Updated time/p5-Time-HiRes to 1.9742

(wiz)

Updated p5-Time-HiRes to 1.9742.

1.9742 [2017-04-16]
  - prefer 3-argument open: blead 1ae6ead9
  - fix dist/Time-HiRes/t/*.t that assumed '.' in @INC: blead 465db51d
  - fix cases where 'do file' should be 'do ./file'.: blead 8b69401c

(wiz)

Updated devel/p5-Tie-Cycle to 1.224

(wiz)

Updated p5-Tie-Cycle to 1.224.

1.224 2017-04-18T11:41:22Z
* Fix up various dist things and clarify that this is under
the Artistic License 2.0.

(wiz)

Updated www/p5-Template-Toolkit to 2.27

(wiz)

Updated p5-Template-Toolkit to 2.27.

#-----------------------------------------------------------------------
# Version 2.27 - 13th December 2016
#------------------------------------------------------------------------

* Ghost fixed the regex in the uri/url filters, removing double quotes
  to make it RFC3986 compliant.
  https://github.com/abw/Template2/issues/35

* Sean Zellmer added testrules.yml to always run compile*.t sequentially
  https://github.com/abw/Template2/pull/45

* Simon Dawson added 'empty' vmethods for scalar, list and hash
  https://github.com/abw/Template2/pull/46

* Dennis Clark added --envvars option to tpage
  https://github.com/abw/Template2/pull/49

* Yanick Champoux made Template::Toolkit a module
  https://github.com/abw/Template2/pull/51

* Various warnings silenced and typos fixed.

(wiz)

Updated devel/p5-Params-ValidationCompiler to 0.24

(wiz)

Updated p5-Params-ValidationCompiler to 0.24.

0.24    2017-04-08

- The source_for() exported by Params::ValidationCompiler did not work at
  all. Reported by Diab Jerius. GH #16.

(wiz)

Updated mail/p5-MIME-tools to 5.509

(wiz)

Updated p5-MIME-tools to 5.509.

5.509   2017-04-05  Dianne Skoll <dfs@roaringpenguin.com>

* VERSION 5.509 RELEASED

* Fix CPAN bug https://rt.cpan.org/Ticket/Display.html?id=120871
  Makefile.PL fails with no '.' in @INC

* Fix CPAN bug https://rt.cpan.org/Ticket/Display.html?id=118262
  Test t/Ref.t fails on Windows install

* Fix CPAN bug https://rt.cpan.org/Ticket/Display.html?id=119166
  MIME::Parser::parse_data() should check what it gets back...

* Fix CPAN bug https://rt.cpan.org/Ticket/Display.html?id=119568
  Allow \r\n to be used as line-end delimeter when outputting MIME
  message.

(wiz)

Updated www/p5-Mojolicious to 7.30

(wiz)

Updated p5-Mojolicious to 7.30.

7.30  2017-04-04
  - Deprecated Mojo::Server::Morbo::watch in favor of
    Mojo::Server::Morbo::Backend::Poll::watch. (marcus)
  - Added support for pluggable Morbo backends. (marcus)
  - Added Mojo::Server::Morbo::Backend and Mojo::Server::Morbo::Backend::Poll
    modules. (marcus)
  - Added backend attribute to Mojo::Server::Morbo. (marcus)
  - Added -b option to Morbo. (marcus)

(wiz)

Updated mail/p5-MIME-Charset to 1.012.2

(wiz)

Updated p5-MIME-Charset to 1.012.2.

1.012.2  2017-04-11  Hatuka*nezumi - IKEDA Soji  <hatuka(at)nezumi.nu>

    * Fix: Perl >= 5.26: Makefile.PL cannot use inc::Module::Install.

1.012.1  2017-04-07  Hatuka*nezumi - IKEDA Soji  <hatuka(at)nezumi.nu>

    * Fix: CPAN RT #116459: Remove "." from @INC when loading modules.
      A workaround for CVE-2016-1238.

(wiz)

Updated security/p5-IO-Socket-SSL to 2.048

(wiz)

Updated p5-IO-Socket-SSL to 2.048.

2.048 2017/04/16
- fixed small memory leaks during destruction of socket and context, RT#120643

(wiz)

Updated www/p5-HTML-Tree to 5.04

(wiz)

Updated p5-HTML-Tree to 5.04.

5.04    2017--04-17
  Release by Jeff Fearn

    [FIXES]
    * Remove Distzilla to fix RT #120521 #89820
    * Add POD to htmltree RT #116367
    * Speed up is_inside method RT #113415
      - From Todd Rinaldo https://github.com/madsen/HTML-Tree/pull/5
    * Fix extra spaces being added to comments RT #94311
      - From Tomaz Solc
    * Don't needlessly escape characters in element content RT #93431
      - From Tomaz Solc

(wiz)

Updated databases/p5-DBD-postgresql to 3.6.0

(wiz)

Updated p5-DBD-postgresql to 3.6.0.

Version 3.6.0  Released April 17, 2017 (git tag 3.6.0)

  - Make sure we do not inadvertently modify the string passed to prepare() when
    doing the new backslash escape manipulation.
    [Greg Sabino Mullane]
    (CPAN ticket #114000)

  - Fix bug where $DBD::Pg::DBDPG_DEFAULT not picked up as a magic
    string first time it is used in a script.
    [Greg Sabino Mullane]
    (CPAN ticket #112309)

  - Fix UTF8 flag handling in pg_(get|put)copydata
    [Dagfinn Ilmari Manns奪ker]

  - Fix UTF8 double-encoding with pg_enable_utf8 = 0
    [Serge Pushkin]
    (CPAN ticket #103137)

  - Fix bug in quote_name which would fail to quote in some circumstances
    (Github Issue #22)

  - Allow clean parsing of new Postgres X.Y version format
    [Erik Rijkers    er at xs4all.nl]

  - Add pg_canonical_ids() and pg_canonical_names(), which returns information
    about each column in the result set.
    [Warstone    warstone at list.ru]
    (CPAN ticket #106858)

  - Map SQL_NUMERIC to PG_NUMERIC (instead of PG_FLOAT8)
    [Alice Maz    alice at alizemaz.com]
    (CPAN ticket #120358)

  - Force real, float, and double precision into SvNVs
    [Greg Sabino Mullane]
    (CPAN ticket #113683 and other places)

  - Support for number of rows greater than an "int". Requires support for same
    from a future version of libpq before it will work completely.
    [Greg Sabino Mullane]
    (CPAN ticket #102444)

  - Fix skipped test counts in Win32 builds
    [Andy Grundman]

  - Allow tests to work against Postgres 8.4 by tweaking client_encoding calls.
    [Pavel Raiskup    praiskup at redhat.com]
    (CPAN ticket #116179)

  - Silence warnings in t/02attribs.t and t/04misc.t
    [Dagfinn Ilmari Manns奪ker]

  - Support binary COPY format
    [Dagfinn Ilmari Manns奪ker]

  - Ensure tests do not use $ENV{PGSERVICE} or $ENV{PGDATABASE}
    [Erik Rijkers]

  - Switched canonical repo to git://github.com/bucardo/dbdpg.git

(wiz)

Updated www/p5-CGI to 4.36

(wiz)

Updated p5-CGI to 4.36.

4.36 2017-03-29

    [ ENHANCEMENT ]
    - Support PATCH HTTP method (thanks to GovtGeek for the... patch)
    - pass through max_age and samesite to CGI::Cookie->new in the call
      in CGI->cookie (GH #220)

    [ FIX ]
    - skip t/command_line.t on windows as it doesn't work

(wiz)

Updated textproc/miller to 5.1.0

(wiz)

Updated miller to 5.1.0.

This is a relatively minor release of Miller, containing feature
requests and bugfixes while I've been working on the Windows port
(which is nearly complete).

Features:

    JSON arrays: as described here, Miller being a tabular data
    processor isn't well-position to handle arbitrary JSON. (See
    jq for that.) But as of 5.1.0, arrays are converted to maps
    with integer keys, which are then at least processable using
    Miller. Details are here. The short of it is that you now have
    three options for the main mlr executable:

--json-map-arrays-on-input    Convert JSON array indices to Miller
map keys. (This is the default.) --json-skip-arrays-on-input
Disregard JSON arrays.  --json-fatal-arrays-on-input  Raise a fatal
error when JSON arrays are encountered in the input.

This resolves #133.

    The new mlr fraction verb makes possible in a few keystrokes
    what was only possible before using two-pass DSL logic: here
    you can turn numerical values down a column into their
    fractional/percentage contribution to column totals, optionally
    grouped by other key columns.

    The DSL functions strptime and strftime now handle fractional
    seconds. For parsing, use %S format as always; for formatting,
    there are now %1S through %9S which allow you to configure a
    specified number of decimal places. The return value from
    strptime is now floating-point, not integer, which is a minor
    backward incompatibility not worth labeling this release as
    6.0.0. (You can work around this using int(strptime(...)).) The
    DSL functions gmt2sec and sec2gmt, which are keystroke-savers
    for strptime and strftime, are similarly modified, as is the
    sec2gmt verb. This resolves #125.

    A few nearly-standalone programs -- which do not have anything
    to do with record streams -- are packaged within the Miller.
    (For example, hex-dump, unhex, and show-line-endings commands.)
    These are described here.

    The stats1 and merge-fields verbs now support an antimode
    aggregator, in addition to the existing mode aggregator.

    The join verb now by default does not require sorted input,
    which is the more common use case. (Memory-parsimonious joins
    which require sorted input, while no longer the default, are
    available using -s.) This another minor backward incompatibility
    not worth making a 6.0.0 over. This resolves #134.

    mlr nest has a keystroke-saving --evar option for a common use
    case, namely, exploding a field by value across records.

Documentation:

    The DSL reference now has per-function descriptions.

    There is a new feature-counting example in the cookbook.

Bugfixes:

    mlr join -j -l was not functioning correctly. This resolves
    #136.

    JSON escapes on output (\t and so on) were incorrect. This
    resolves #135.

(wiz)

Updated audio/libsndfile to 1.0.28

(wiz)

Updated libsndfile to 1.0.28.

Version 1.0.28 (2017-04-02)
  * Fix buffer overruns in FLAC and ID3 handling code.
  * Move to variable length header storage.
  * Fix detection of Large File Support for 32 bit systems.
  * Remove large stack allocations in ALAC handling code.
  * Remove all use of Variable Length Arrays.
  * Minor bug fixes and improvements.

(wiz)

Recursive bump for gnutls dependency in libnice.

(wiz)

Bump to 0.1.14 to follow libnice.

(wiz)

Updated net/libnice to 0.1.14

(wiz)

Updated libnice to 0.1.14.

libnice 0.1.14 (2017-04-03)
===========================
Improved RFC compliance
Split verbose logs into a separate option
Numerous bug fixes
Use GnuTLS for hash functions
Implement NewReno in PseudoTCP
Requires GLib 2.44 GnuTLS 2.12

(wiz)

Updated devel/p5-MetaCPAN-Client to 2.011000
Updated devel/p5-Git-CPAN-Patch to 2.3.1
Updated devel/p5-Data-Printer to 0.39
Updated devel/p5-Log-Dispatch-FileRotate to 1.25
Updated devel/p5-Function-Parameters to 2.000006

(mef)

fossil-2.2

(joerg)

Updated www/libmicrohttpd to 0.9.53

(wiz)

Updated libmicrohttpd to 0.9.53.

Tue Apr 11 22:17:00 MSK 2017
Releasing GNU libmicrohttpd 0.9.53. -EG

Mon Apr 10 19:50:20 MSK 2017
HTTPS tests: skip tests instead of failing if HTTPS is not supported by
libcurl.
HTTPS tests: fixed return values so testsuite is able to correctly
interpret it.
Fixed ignored result of epoll test in test_https_get_select. -EG

Thu Apr 06 23:02:07 MSK 2017
Make zzuf tests compatible with *BSD platforms. -EG

Thu Apr 06 22:14:22 MSK 2017
Added warning for hypothetical extra large timeout.
Fixed incorrect timeout calculation under extra rare conditions.
Fixed accidental usage of IPv6 in testsuite in specific conditions. -EG

Wed Apr 05 14:14:22 MSK 2017
Updated autoinit_funcs.h to latest upstream version with proper support of
Oracle/Sun compiler. -EG

Wed Apr 05 12:53:26 MSK 2017
Fixed some compiler warnings.
Fixed error snprintf() errors detection in digestauth.c.
Converted many run-time 'strlen()' to compile-time calculations. -EG

Sun Mar 26 13:49:01 MSK 2017
Internal refactoring for simplification and unification.
Minor optimizations and minor fixes.
MHD_USE_ITC used again in thread pool mode. -EG

Sat Mar 25 20:58:24 CET 2017
Remove dead MHD_strx_to_sizet-functions and associated
test cases from code. -CG

Sat Mar 25 20:40:10 CET 2017
Allow chunk size > 16 MB (up to 2^64-1). Ignore
chunk extensions instead of triggering an error.
(fixes #4967). -CG

Tue Mar 25 20:59:18 MSK 2017
Check for invalid combinations of flags and options in
MHD_start_daemon(). -EG

Tue Mar 21 13:51:04 CET 2017
Use "-lrt" to link libmicrohttpd if we are using
clock_gettime() as needed by glibc < 2.17. -CG

Tue Mar 21 13:42:07 CET 2017
Allow chaining of suspend-resume calls withuot
the application processing data from the network. -CG

Mon Mar 20 0:51:24 MSK 2017
Added autoconf module for detection whatever shutdown of listening socket
trigger select. This is only reliable method to use such feature as some
platforms change behaviour from version to version. -EG

Sun Mar 19 13:57:30 MSK 2017
Rewritten logic of handling "upgraded" TLS connections in epoll mode:
used edge trigger instead of level trigger,
upgraded "ready" connection are stored in DL-list,
fixed handling of more than 128 ready connections,
fixed busy-waiting for idle "upgraded" TLS connections. -EG

Fri Mar 17 10:45:31 MSK 2017
If read buffer is full, MHD need to receive remote data and application
suspended connection, do not fail while connection is suspended and give
application one more chance to read data from buffer once connection is
resumed. -EG

Thu Mar 16 23:45:29 MSK 2017
Allow again to run MHD in external epoll mode by
MHD_run_from_select() - this allow unification of user code
and produce no harm for performance. Especially useful with
MHD_USE_AUTO flag. -EG

Thu Mar 16 23:12:07 MSK 2017
Idle connection should be disconnected *after* "timeout" number of
second, not *before* this number. -EG/VT

Thu Mar 16 22:31:54 MSK 2017
Unified update of last activity on connections.
Update last activity only if something is really transmitted.
Update last activity each time when something is transmitted.
Removed early duplicated check for timeout on HTTPS connections.
Removed update of last active time for connections without timeout.
Fixed reset of timeout timer on resumed connections.
Fixed never-expired timeouts on HTTPS connections.
Fixed thread-safety of MHD_set_connection_option(). -EG

Thu Mar 16 21:05:08 MSK 2017
Fixed minor bug resulted in slight slowdown of HTTPS connection
handshake. -EG

Thu Mar 16 20:35:59 MSK 2017
Improved thread-safety for DL-lists. -EG

Thu Mar 16 17:55:01 MSK 2017
Fixed thread-safety of MHD_get_daemon_info() for
MHD_DAEMON_INFO_CURRENT_CONNECTIONS. -EG

Thu Mar 16 16:49:07 MSK 2017
Added ability to get actual daemon flags via MHD_get_daemon_info().
Fixed test_upgrade to work in request mode.
Fixed compiler warnings in test_upgrade. -EG

Wed Mar 15 23:29:59 MSK 2017
Prevented socket read/write if connection is suspended.
Added missing resets of 'connection->in_idle'.
Reworked handling of suspended connection: ensure that
connection is not disconnected by timeout, always
updated read/write states right after suspending. -EG

Wed Mar 15 21:02:26 MSK 2017
Added new enum value MHD_CONNECTION_INFO_CONNECTION_TIMEOUT
to get connection timeout by MHD_get_connection_info(). -EG

Sat Mar 11 12:03:45 CET 2017
Fix largepost example from tutorial to properly generate
error pages. -CG
Fix largepost example, must only queue replies either before upload
happens or after upload is done, not while upload is ongoing

Fri Mar 10 16:37:12 CET 2017
Fix hypothetical integer overflow for very, very large
timeout values. -CG

Fri Mar 10 16:22:54 CET 2017
Handle case that we do not listen at all more gracefully
in MHD_start_daemon() and not pass '-1' to helper functions
that expect a valid socket. -CG

Tue Mar  7 12:11:44 BRT 2017
Updates file `.gitignore`.

Tue Mar  7 10:37:45 BRT 2017
Updated the MHD_OPTION_URI_LOG_CALLBACK's documentation.

Mon Mar  6 21:46:59 BRT 2017
Added the i18n example fixing #4924. -SC

Wed Mar 1 23:47:05 CET 2017
Minor internal optimisations.
Changed closure connection monitoring logic: now all connections are
monitored for OOB data (which treated as error), connections are not
monitored any more for incoming data if incoming data is not required for
processing. except_fd_set is not optional now for MHD_get_fdset(),
MHD_get_fdset2() and MHD_run_from_select().
Improved connection processing in epoll mode: now connection can process
both read and write each turn.
Updated HTTP response codes; updated and added all missing standard HTTP
headers names (and headers categories); updated and added all missing
standard and additional HTTP methods. Now MHD return status
MHD_HTTP_REQUEST_HEADER_FIELDS_TOO_LARGE (431) instead of old
MHD_HTTP_REQUEST_ENTITY_TOO_LARGE (413) for very long header.
Reworked handling of data pending in TLS buffers, resolved busy-waiting
if incoming data is pending in TLS buffers and connection is in
LOOP_INFO_WRITE mode.
Do not clear 'ready' flag in epoll mode if send()/recv() result is
EINTERRUPTED.
Better detection of unready connection state: used less number of calls of
recv()/send() in epoll mode.
Configure: do not run gcrypt and GnuTLS tests if HTTPS is disabled by
configure parameter.
Fixed wrong value returned by MHD_get_timeout().
All double-linked lists now walked from tail to head. As new items are
added to head, this result in more uniform processing time.
Improved sockets errors handling in epoll mode.
OOB data on 'upgraded' sockets is treated as error. -EG

Thu Feb 16 11:20:05 CET 2017
Replace tsearch configure check with code from gnulib. -CG

Wed Feb 15 13:35:36 CET 2017
Fixing a few very rare race conditions for thread-pool or
thread-per-connection operations during shutdown.
Various minor cosmetic improvements.
Fixed #4884 and #4888 (solaris portability issues). -CG

Wed Feb 08 22:33:10 MSK 2016
Ported test_quiesce_stream to W32.
Improved precompiler flags selection of OpenBSD.
Fixed sending responses backed by files not supported by sendfile().
Fixed thread safety for responses backed by file FD.
Updated fileserver_example.
Improved handling of 'upgraded' TLS forwarding in select() and poll()
modes.
Fixed processing of incoming TLS data in epoll mode if more than 128
connections are active.
Fixed accepting more than 128 incoming connection in epoll mode.
Improved test_large_put, added poll() and epoll testing.
Added test_large_put_inc for testing of incremental buffer processing.
Rewritten epoll connection processing logic: handle all connection one
time per turn instead of trying to handle all active connection until all
pending data is dried. Result is more uniform connection processing
period. -EG

Wed Nov 23 15:24:10 MSK 2016
Used SO_REUSEADDR (on non-W32) alongside with SO_REUSEPORT if option
MHD_OPTION_LISTENING_ADDRESS_REUSE was set. -EG

Wed Nov 23 12:48:23 MSK 2016
Move all gettext-related staff to 'po' subdirectory.
Excluded gettext files generation from normal build.
Removed generated files from GIT. -EG

Tue Nov 15 19:08:43 MSK 2016
Fixed forwarding "upgraded" TLS connections for
chunks sizes larger than buffer size. -EG

Mon Nov 14 22:18:30 MSK 2016
Fixed unintentional usage of SO_REUSEADDR on W32.
Added support for SO_EXCLBIND on Solaris.
Fixed using MHD with MHD_OPTION_LISTENING_ADDRESS_REUSE
on Linux kernels before 3.9 (longterm 3.2 and 3.4
are still supported). -EG

Sun Nov 13 19:16:38 CET 2016
Fixed a few race issues on suspend-resume in cases where the
application uses threads even though MHD did not (or at least
had no internal need for locking). Also fixed DLL handling of
the timeout list, avoiding manipulating it for suspended
connections.  Finally, eliminated calling application logic
on suspended connections (which before could happen under
certain circumstances). -CG

Thu Nov 11 20:49:23 MSK 2016
Added support for various forms of
pthread_attr_setname_np() so thread names will be set
more efficiently on certain platforms (Solaris, NetBSD etc.) -EG

Thu Nov 10 21:50:35 MSK 2016
Added rejection in MHD_start_daemon() of invalid combinations
of daemon flags.
Added MHD_USE_AUTO and MHD_USE_AUTO_INTERNAL_THREAD for
automatic selection of polling function depending on
platform capabilities and requested mode. -EG

Thu Nov 10 17:49:56 MSK 2016
Ported "upgrade" tests to W32 and other platforms, used
"gnutls-cli" instead of "openssl" in tests, minor bugs
fixed, added verbose reporting if requested.
"Upgrade" processing - changed internal handling logic, improved
and refactored, bugs fixed, fixed sigpipe on Darwin, added
printing error to log, fixed compilation without HTTPS.
Added 'configure' parameter "--disable-httpupgrade" for building
minimal-sized MHD versions.
Added feature check "MHD_FEATURE_UPGRADE".
Responses destroyed (freed) earlier if possible.
Added many remarks in code comments about thread safety.
Some data races and other multithread-related issues are fixed,
including usage of closed sockets (may resulted in accidental closing
of wrong socket).
SO_NOSIGPIPE is used on all platform which support it, not only
on Darwin.
Added support for suspending connections in thread-per-connection
mode (itself almost useless, mostly to unify modes support).
Fixed Inter-Thread Communication channel usage in epoll modes.
Reworked daemon cleanups and handling MHD_stop_daemon(): resources
are freed only by specific threads, data races and other fixes.
Started usage of C99 standard 'bool' where supported with
fallback to 'int'.
Renamed many MHD flags. Now they are self-explainable and more
obvious, like MHD_USE_INTERNAL_POLLING_THREAD instead of
MHD_USE_SELECT_INTERNALLY. Old flag names are supported for
backward compatibility.
Improved processing of "fast" connections: now full sequence
"read request - send reply headers - send reply body" is processed
after single select()/poll(). If connection is slow, request is huge
or response in not immediately ready - connection will be processed
in "traditional" way.
Added usage of "calloc()" where supported.
Minor documentation fixes.
Minor improvements and fixes. -EG
"Upgrade" test fixes.
Documentation updated.
Added HTTP "Upgrade" example. -CG

(wiz)

Updated time/khal to 0.9.5

(wiz)

Update to Fossil 2.2:
    GIT comment tags are now handled by Fossil during import/export.
    Show the content of README files on directory listings.
    Support for Basic Authentication if enabled (default off).
    Show the hash algorithms used on the /rcvfromlist page.
    The /tarball and /zip pages now use the the r= query parameter to
    select which check-in to deliver. The uuid= query parameter is still
    accepted for backwards compatibility.
    Update the built-in SQLite to version 3.18.0.
    Run "PRAGMA optimize" on the database connection as it is closing.
    Add support for hash policies that control which of the
    Hardened-SHA1 or SHA3-256 algorithms is used to name new artifacts.
    Add the "gshow" and "gcat" subcommands to fossil stash.
    Add the /juvlist web page and use it to construct the
    Download Page of the Fossil self-hosting website using Ajax.
    Use the hardened SHA1 implemenation by Marc Stevens and Dan Shumow.
    Add the ability to read and understand artifact names that are
    based on SHA3-256 rather than SHA1, but do not actually generate any
    such names.
    Added the sha3sum command.
    Add checkbox widgets to various web pages.
    Add the fossil all ui command
    Add the /file webpage
    Enhance the /brlist webpage to make use of branch colors.
    Add support for the ms=EXACT|LIKE|GLOB|REGEXP query parameter on the
    /timeline webpage, with associated form widgets.
    Enhance the changes and status commands with many new filter options
    so that specific kinds of changes can be found without having to pipe
    through grep or sed.
    Enhanced the fossil sql command so that it opens the checkout
    database and the configuration database in addition to the
    respository database.
    Various TH1 enhancements.
    Rename crnl-glob setting to crlf-glob, but keep crnl-glob as a
    compatibility alias.
    Added the --command option to the diff command.
    Fix ticket set when using the "+" prefix with fields from the
    "ticketchng" table.
    Remove the "fusefs" command from builds that do not have the
    underlying support enabled.
    Fixes for incremental git import/export.
    Minor security enhancements to encrypted repositories.

(joerg)