Move ndiff option handling below the one for zenmap, since
the latter restricts the allowed python versions.

(wiz)

Updated x11/xf86-video-dummy to 0.3.8

(wiz)

Updated xf86-video-dummy to 0.3.8.

This new release of the dummy Xorg video driver adds a few cleanups and
compatibility with xorg-server 1.19.

Aaron Plattner (1):
      Remove pointless empty functions

Alan Coopersmith (2):
      configure: Drop AM_MAINTAINER_MODE
      autogen.sh: Honor NOCONFIGURE=1

Antoine Martin (2):
      Honor DacSpeed setting in xorg.conf
      remove dead code in dummy driver

Julien Cristau (2):
      configure: require xorg-server 1.4.99.901
      xf86-video-dummy 0.3.8

Peter Hutterer (1):
      Switch to using dixChangeWindowProperty

(wiz)

Fix PLIST for gtk3 option.

XXX: kde4 is probably broken too.

(wiz)

Updated mail/dovecot2 to 2.2.27

(adam)

Changes 2.2.27:
* dovecot.list.index.log rotation sizes/times were changed so that
  the .log file stays smaller and .log.2 is deleted sooner.
+ Added mail_crypt plugin that allows encryption of stored emails.
  See http://wiki2.dovecot.org/Plugins/MailCrypt
+ stats: Global stats can be sent to Carbon server by setting
  stats_carbon_server=ip:port
+ imap/pop3 proxy: If passdb returns proxy_not_trusted, don't send
  ID/XCLIENT
+ Added generic hash modifier for %variables:
  %{<hash algorithm>;rounds=<n>,truncate=<bits>,salt=s>:field}
  Hash algorithm is any of the supported ones, e.g. md5, sha1, sha256.
  Also "pkcs5" is supported using SHA256. For example: %{sha256:user}
  or %{md5;truncate=32:user}.
+ Added support for SHA3-256 and SHA3-512 hashes.
+ config: Support DNS wildcards in local_name, e.g.
  local_name *.example.com { .. } matches anything.example.com, but
  not multiple.anything.example.com.
+ config: Support multiple names in local_name, e.g.
  local_name "1.example.com 2.example.com" { .. }
- Fixed crash in auth process when auth-policy was configured and
  authentication was aborted/failed without a username set.
- director: If two users had different tags but the same hash,
  the users may have been redirected to the wrong tag's hosts.
- Index files may have been thought incorrectly lost, causing
  "Missing middle file seq=.." to be logged and index rebuild.
  This happened more easily with IMAP hibernation enabled.
- Various fixes to restoring state correctly in un-hibernation.
- dovecot.index files were commonly 4 bytes per email too large. This
  is because 3 bytes per email were being wasted that could have been
  used for IMAP keywords.
- Various fixes to handle dovecot.list.index corruption better.
- lib-fts: Fixed assert-crash in address tokenizer with specific input.
- Fixed assert-crash in HTML to text parsing with specific input
  (e.g. for FTS indexing or snippet generation)
- doveadm sync -1: Fixed handling mailbox GUID conflicts.
- sdbox, mdbox: Perform full index rebuild if corruption is detected
  inside lib-index, which runs index fsck.
- quota: Don't skip quota checks when moving mails between different
  quota roots.
- search: Multiple sequence sets or UID sets in search parameters
  weren't handled correctly. They were incorrectly merged together.

(adam)

Updated misc/libreoffice to 5.2.3.3nb1

(ryoon)

Bump PKGREVISION

* Disable print/cups dependency to fix a freeze during ods/xls/xlsx loading
* Fix cups PLIST

(ryoon)

Add gnumeric-1.2.26 to list, even though the update to 1.8.4 was only
eight years ago.

(hauke)

Updated net/syncthing to 0.14.14

(wiz)

Updated syncthing to 0.14.14.

This is a security release recommended for all users.

Two distinct security vulnerabilities have been corrected in this
release. Either would let a remote attacker, controlling a device
that is already accepted by Syncthing, perform arbitrary reads and
writes to files outside the configured folders.

The first issue is that path validation was lacking in several
places, resulting in Syncthing accepting index entries for files
like "../../foo", thus resulting in a path above the configured
folder.

The second issue is that where path validation was correct, symlinks
could be used to trick Syncthing. An attacker could create a symlink
"foo -> ../../" and then request the contents of "foo/something",
again escaping the constraints of the folder.

Syncing symlinks between v0.14.14 and previous versions will not
work.

This is due to the fix to the above issue. Normal files and
directories will sync fine. To continue syncing symlinks, both
sides must be upgraded to v0.14.14.

Further resolved issues:

    #3753: The build no longer requires Go 1.7.
    #3769: The wording in the GUI around "last file received" is
    now clearer.

(wiz)

Use generic-nonlicense instead of nonexisting xbeeb-pseudolicense.

(wiz)

note update of jemalloc

(maya)

jemalloc: update to 4.3.1

from Jonathan Buschmann in PR pkg/51631
ok gson

Changelog :

4.3.1

Bug fixes:

    Fix a severe virtual memory leak. This regression was first released in 4.3.0. (@interwq, @jasone)
    Refactor atomic and prng APIs to restore support for 32-bit platforms that use pre-C11 toolchains, e.g. FreeBSD's mips. (@jasone)

4.3.0

This is the first release that passes the test suite for multiple Windows configurations, thanks in large part to @glandium setting up continuous integration via AppVeyor (and Travis CI for Linux and OS X).

New features:

    Add "J" (JSON) support to malloc_stats_print(). (@jasone)
    Add Cray compiler support. (@ronawho)

Optimizations:

    Add/use adaptive spinning for bootstrapping and radix tree node initialization. (@jasone)

Bug fixes:

    Fix large allocation to search starting in the optimal size class heap, which can substantially reduce virtual memory churn and fragmentation. This regression was first released in 4.0.0. (@mjp41, @jasone)
    Fix stats.arenas..nthreads accounting. (@interwq)
    Fix and simplify decay-based purging. (@jasone)
    Make DSS (sbrk(2)-related) operations lockless, which resolves potential deadlocks during thread exit. (@jasone)
    Fix over-sized allocation of radix tree leaf nodes. (@mjp41, @ogaun, @jasone)
    Fix over-sized allocation of arena_t (plus associated stats) data structures. (@jasone, @interwq)
    Fix EXTRA_CFLAGS to not affect configuration. (@jasone)
    Fix a Valgrind integration bug. (@ronawho)
    Disallow 0x5a junk filling when running in Valgrind. (@jasone)
    Fix a file descriptor leak on Linux. This regression was first released in 4.2.0. (@vsarunas, @jasone)
    Fix static linking of jemalloc with glibc. (@djwatson)
    Use syscall(2) rather than {open,read,close}(2) during boot on Linux. This works around other libraries' system call wrappers performing reentrant allocation. (@kspinka, @Whissi, @jasone)
    Fix OS X default zone replacement to work with OS X 10.12. (@glandium, @jasone)
    Fix cached memory management to avoid needless commit/decommit operations during purging, which resolves permanent virtual memory map fragmentation issues on Windows. (@mjp41, @jasone)
    Fix TSD fetches to avoid (recursive) allocation. This is relevant to non-TLS and Windows configurations. (@jasone)
    Fix malloc_conf overriding to work on Windows. (@jasone)
    Forcibly disable lazy-lock on Windows (was forcibly enabled). (@jasone)

(maya)

Revert "Pull in three commits from upstream"

Modifying '.l' files creates a dependency on flex itself.

(wiedi)

Install the README as qonk.txt so binary package users have a chance of
being able to figure out how to play. PKGREVISION -> 10.

(dholland)

We already have 2 sdcc packages: devel/sdcc and devel/sdcc3
AFAIK sdcc3 is up to date

(bouyer)

Pull in three commits from upstream
mainly related to https://github.com/westes/flex/issues/113
"v2.6.2 introduces behavior change that is incompatible with previous versions"

This fixes at least doxygen

(wiedi)

Sort.

(wiz)

Updated sysutils/py-diffoscope to 63

(khorben)

Update diffoscope to version 63

This adds a dependency on devel/colordiff.

Changelog for this version:

  * Greatly improve speed for large archives by fixing O(n^2) complexity for
    archive member lookup.
    - There is still O(n^2) complexity for archive member extraction, but this
      is less noticeable for various reasons and would require more complexity
      to fix, so for now is left as a task for the future.
  * Text output: add coloured diff support via colordiff(1).
  * Html-dir output: add +/- buttons to fold sub-diffs (i.e. toggle their
    visibility) as well as the whole diff itself. As with similar features in
    other programs, the effect affects all descendants if you shift-click.

The complete list of changes between version 44 and 63 can be found at
https://anonscm.debian.org/git/reproducible/diffoscope.git/tree/debian/changelog

(khorben)

Add SDCC - Small Device C Compiler suite to the Santa wish list.

(sevan)

Fix build, and a pkglint warning.

(wiz)

add patch to include sys/filio.h for FIONREAD on SunOS

(wiedi)

Updated net/restclient-ui to 3.6.1

(abs)

Updated net/restclient-ui to 3.6.1

v 3.6.1

  Bug fixes in custom HTTP methods.
  Support for PEM files in SSL truststore / keystore configuration.
  JS and CSS file content rendered with correct syntax highlighting.

v 3.6

  #46 #47 Added support for custom HTTP methods.
  #48 #50 option to ignore all SSL certificate warnings.
  #49 GET now supports body.
  Build moved to Gradle.

(abs)

Note updates of openldap, openldap-client and openldap-server.

(he)

Apply fix from https://bugzilla.redhat.com/show_bug.cgi?id=1238322
Incorrect multi-keyword mode cipherstring parsing.
Fixes CVE-2015-3276.
Submitted upstream as ITS#8543, it apparently wasn't already(!)
http://www.openldap.org/its/index.cgi/Incoming?id=8543

Bump PKGREVISION for both openldap, openldap-server and openldap-client
(to be on the safe side...)

(he)

Update to match firefox45

(abs)

Add lang/gcc6-aux to pkgsrc

(marino)

Add lang/gcc6-aux to pkgsrc

I had intended to migrate the ada framework to use gcc6-aux instead of
lang/gcc5-aux, but unfortunately there's been a regression on NetBSD.
It builds and tests perfectly on DragonFly and FreeBSD, but it only
builds on NetBSD.  All the ACAT tests that involve tasking fail, but
the cause is unclear.  All the modifications used on gcc5-aux for NetBSD
are present in gcc6-aux but pthread destruction results in a segfault.

Since then gcc5-aux support has been improved, so I'm putting this away
for a while.  NetBSD has been removed from the platform support list
for now, but I'll review any patches I get to fix NetBSD tasking.

This compiler is based on gcc 6.2 and is primarily used for the Ada
frontend.

(marino)

Updated pkgtools/pkglint to 5.4.13

(rillig)

Updated pkglint to 5.4.13.

Changes since 5.4.12:

* Added check for unintended # comments, especially in HOMEPAGE
* Added check for quotes in COMMENT
* Fixed hardcoded package versions for PHP, Python, Lua, etc.
* Code cleanup in the tests

(rillig)

Add patch to fix RFC976 "From_ lines" issue

(wiedi)

Updated textproc/icu to 58.2; databases/mysql55 to 5.5.54; databases/mysql56 to 5.6.35; databases/mysql57 to 5.7.17

(adam)

Changes 5.5.54:

Security Notes
--------------
Incompatible Change: These changes were made to mysqld_safe:
* Unsafe use of rm and chown in mysqld_safe could result in privilege escalation. chown now can be used only when the target directory is /var/log. An incompatible change is that if the directory for the Unix socket file is missing, it is no longer created; instead, an error occurs. Due to these changes, /bin/bash is required to run mysqld_safe on Solaris. /bin/sh is still used on other Unix/Linux platforms.
* The --ledir option now is accepted only on the command line, not in option files.
* mysqld_safe ignores the current working directory.

Other related changes:
* Initialization scripts that invoke mysqld_safe pass --basedir explicitly.
* Initialization scripts create the error log file only if the base directory is /var/log or /var/lib.
* Unused systemd files for SLES were removed.

Bugs Fixed

(adam)

Changes 5.6.35:

Security Notes
--------------
Incompatible Change: These changes were made to mysqld_safe:
* Unsafe use of rm and chown in mysqld_safe could result in privilege escalation. chown now can be used only when the target directory is /var/log. An incompatible change is that if the directory for the Unix socket file is missing, it is no longer created; instead, an error occurs. Due to these changes, /bin/bash is required to run mysqld_safe on Solaris. /bin/sh is still used on other Unix/Linux platforms.
* The --ledir option now is accepted only on the command line, not in option files.
* mysqld_safe ignores the current working directory.

Other related changes:
* Initialization scripts that invoke mysqld_safe pass --basedir explicitly.
* Initialization scripts create the error log file only if the base directory is /var/log or /var/lib.
* Unused systemd files for SLES were removed.

* MySQL Server now includes a plugin library that enables administrators to introduce an increasing delay in server response to clients after a certain number of consecutive failed connection attempts. This capability provides a deterrent that slows down brute force attacks that attempt to access MySQL user accounts. For more information, see The Connection-Control Plugin.

* OpenSSL is ending support for version 1.0.1 in December 2016; see https://www.openssl.org/policies/releasestrat.html. Consequently, MySQL Commercial Server builds now use version 1.0.2 rather than version 1.0.1, and the linked OpenSSL library for the MySQL Commercial Server has been updated from version 1.0.1 to version 1.0.2j. For a description of issues fixed in this version, see https://www.openssl.org/news/vulnerabilities.html.

This change does not affect the Oracle-produced MySQL Community build of MySQL Server, which uses the yaSSL library instead.

Functionality Added or Changed
------------------------------
* InnoDB: By default, InnoDB reads uncommitted data when calculating statistics. In the case of an uncommitted transaction that deletes rows from a table, InnoDB excludes records that are delete-marked when calculating row estimates and index statistics, which can lead to non-optimal execution plans for other transactions that are operating on the table concurrently using a transaction isolation level other than READ UNCOMMITTED. To avoid this scenario, a new configuration option, innodb_stats_include_delete_marked, can be enabled to ensure that InnoDB includes delete-marked records when calculating persistent optimizer statistics. (Bug 23333990)
* Unit testing now uses Google Mock 1.8. (Bug 24572381, Bug 82823)

Bugs Fixed

(adam)

Changes 5.7.17:

Compilation Notes
-----------------
For GCC versions higher than 4.4, -fno-expensive-optimizations was replaced with -ffp-contract=off, which has the effect of enabling more optimizations.

Security Notes
--------------
Incompatible Change: These changes were made to mysqld_safe:
* Unsafe use of rm and chown in mysqld_safe could result in privilege escalation. chown now can be used only when the target directory is /var/log. An incompatible change is that if the directory for the Unix socket file is missing, it is no longer created; instead, an error occurs. Due to these changes, /bin/bash is required to run mysqld_safe on Solaris. /bin/sh is still used on other Unix/Linux platforms.
* The --ledir option now is accepted only on the command line, not in option files.
* mysqld_safe ignores the current working directory.

Other related changes:
* Initialization scripts that invoke mysqld_safe pass --basedir explicitly.
* Initialization scripts create the error log file only if the base directory is /var/log or /var/lib.
* Unused systemd files for SLES were removed.

* MySQL Server now includes a plugin library that enables administrators to introduce an increasing delay in server response to clients after a certain number of consecutive failed connection attempts. This capability provides a deterrent that slows down brute force attacks that attempt to access MySQL user accounts. For more information, see The Connection-Control Plugin.

* OpenSSL is ending support for version 1.0.1 in December 2016; see https://www.openssl.org/policies/releasestrat.html. Consequently, MySQL Commercial Server builds now use version 1.0.2 rather than version 1.0.1, and the linked OpenSSL library for the MySQL Commercial Server has been updated from version 1.0.1 to version 1.0.2j. For a description of issues fixed in this version, see https://www.openssl.org/news/vulnerabilities.html.

This change does not affect the Oracle-produced MySQL Community build of MySQL Server, which uses the yaSSL library instead.

(adam)

Changes 5.7.17:

Compilation Notes
-----------------
For GCC versions higher than 4.4, -fno-expensive-optimizations was replaced with -ffp-contract=off, which has the effect of enabling more optimizations.

Security Notes
--------------
Incompatible Change: These changes were made to mysqld_safe:
* Unsafe use of rm and chown in mysqld_safe could result in privilege escalation. chown now can be used only when the target directory is /var/log. An incompatible change is that if the directory for the Unix socket file is missing, it is no longer created; instead, an error occurs. Due to these changes, /bin/bash is required to run mysqld_safe on Solaris. /bin/sh is still used on other Unix/Linux platforms.
* The --ledir option now is accepted only on the command line, not in option files.
* mysqld_safe ignores the current working directory.

Other related changes:
* Initialization scripts that invoke mysqld_safe pass --basedir explicitly.
* Initialization scripts create the error log file only if the base directory is /var/log or /var/lib.
* Unused systemd files for SLES were removed.

* MySQL Server now includes a plugin library that enables administrators to introduce an increasing delay in server response to clients after a certain number of consecutive failed connection attempts. This capability provides a deterrent that slows down brute force attacks that attempt to access MySQL user accounts. For more information, see The Connection-Control Plugin.

* OpenSSL is ending support for version 1.0.1 in December 2016; see https://www.openssl.org/policies/releasestrat.html. Consequently, MySQL Commercial Server builds now use version 1.0.2 rather than version 1.0.1, and the linked OpenSSL library for the MySQL Commercial Server has been updated from version 1.0.1 to version 1.0.2j. For a description of issues fixed in this version, see https://www.openssl.org/news/vulnerabilities.html.

This change does not affect the Oracle-produced MySQL Community build of MySQL Server, which uses the yaSSL library instead.

(adam)

Updates in ICU 58.2

Common Changes
* CLDR 30.0.3
* Time zone database version 2016j
* ICU SVN repository structure change. See the note on the Source Code Access page for more information.

ICU4C Fixes
* 12815 uspoof_getSkeleton sets backwards-incompatible illegal argument exception
* 12822 digitlist.cpp won't compile on msvc under Node.js
* 12825 uspoof_check goes into an "infinite loop" when U+30FB is in an input string
* 12832 GreekUpper::toUpper skips the final character on a non-terminated UTF-8 string
* 12849 u_strToTitle returns incorrect length if destination is NULL
* 12868 uprv_convertToPosix() Windows bug

(adam)

Do not unconditionally add libedit/libreadline to LDFLAGS.

This way they got added as dependencies to sqlite3.so, while
only the sqlite3 binary really needs libreadline.

However, even without the LDFLAGS, the sqlite3 binary correctly
links the library in for me (on NetBSD).

Addresses PR 50776.

Bump PKGREVISION.

(wiz)

Remove duplicate PERL5 definition.

This is already defined in mk/pkginstall/header.

(wiz)

- bibtool-2.63, cint-5.16.19, concurrencykit-0.5.1, dmidecode-3.0,
  freeradius2-2.2.8, gloox-1.0.14, guile-gnome-2.16.4, hdf5-1.8.18,
  hydrogen-0.9.7, mlterm-3.7.2, p5-DBD-ODBC-1.52, p5-Mojolicious-7.11,
  pear-Console_Table-1.3.0, pear-Mail-1.3.0, php-sqlrelay-0.64,
  py-lupa-1.2, py-matplotlib-1.4.3, py-ncclient-0.4.7, py-proteus-3.6.1,
  py-sqlrelay-0.64, qgis-2.14.0.

done sometime this year, mostly.

(wiz)

Fix PLIST when dbus option is disabled.

>From John D. Baker in PR 51712.

(wiz)

+ tor-browser-6.0.7.

(wiz)

Updated math/gsl to 2.3

(wiz)

Updated gsl to 2.3.

* What is new in gsl-2.3:

** bug fix in documentation for gsl_linalg_LU_refine
  (bug #49728, Joey De Pauw)

** added gsl_multifit_linear_tsvd and gsl_multifit_wlinear_tsvd
  to give user more control over cutoff for truncated SVD

** added routines for Generalized Cross Validation for
  regularized linear least squares

** improved rstat example program and added documentation for
  gsl_rstat_sd_mean (Jonathan Leto)

** added function gsl_multifit_linear_rank

** bug fix in nonlinear least squares when using data weights with
  finite-difference Jacobian

** add 2D subspace method for large systems (multilarge_nlinear)

** bug fix in gsl_ran_beta for small parameters
  (bug #47646, Yu Liu)

** bug fix in gsl_complex_tan for negative imaginary arguments
  (bug #47347, Yu Liu)

** doc bug fix: value of golden ratio

** fixed scaling issue in 2D subspace nonlinear least squares
  method

** optimize dogleg methods to calculate Gauss-Newton point
  only when needed

(wiz)

Updated textproc/iso-codes to 3.72

(wiz)

Updated iso-codes to 3.72.

iso-codes 3.72
--------------
Dr. Tobias Quathamer <toddy@debian.org>
Thu, 8 Dec 2016

  [ ISO 3166-2 ]
  * Update from iso.org for Great Britain. Thanks to Vitali Yakavenka
    for the bug report. Closes: alioth#315563

  [ ISO 3166-2 translations ]
  * German by Dr. Tobias Quathamer

(wiz)

Updated mail/notmuch to 0.23.3

(wiz)

Updated notmuch to 0.23.3.

Notmuch 0.23.3 (2016-11-27)
===========================

Command Line Interface
----------------------

Treat disappearing files during notmuch new as non-fatal.

Test Suite
----------

Fix incompatibility (related to signature size) with gnupg 2.1.16.

(wiz)

Updated devel/py-setuptools to 30.4.0

(wiz)

Updated py-setuptools to 30.4.0.

v30.4.0
-------

* #879: For declarative config:
  - read_configuration() now accepts ignore_option_errors argument. This allows scraping tools to read metadata without a need to download entire packages. E.g. we can gather some stats right from GitHub repos just by downloading setup.cfg.
  - packages find: directive now supports fine tuning from a subsection. The same arguments as for find() are accepted.

v30.3.0
-------

* #394 via #862: Added support for `declarative package
  config in a setup.cfg file
  <http://setuptools.readthedocs.io/en/latest/setuptools.html#configuring-setup-using-setup-cfg-files>`_.

v30.2.1
-------

* #850: In test command, invoke unittest.main with
  indication not to exit the process.

v30.2.0
-------

* #854: Bump to vendored Packaging 16.8.

v30.1.0
-------

* #846: Also trap 'socket.error' when opening URLs in
  package_index.

* #849: Manifest processing now matches the filename
  pattern anywhere in the filename and not just at the
  start. Restores behavior found prior to 28.5.0.

v30.0.0
-------

* #864: Drop support for Python 3.2. Systems requiring
  Python 3.2 support must use 'setuptools < 30'.

* #825: Suppress warnings for single files.

* #830 via #843: Once again restored inclusion of data
  files to sdists, but now trap TypeError caused by
  techniques employed rjsmin and similar.

(wiz)

Updated textproc/hunspell-de to 20161207

(wiz)

Updated hunspell-de to 20161207.

Changes not found.

(wiz)

Updated audio/speex to 1.2.0

(wiz)

Updated speex to 1.2.0.

I just pushed the Speex 1.2.0 stable release.
Thanks to Ralph Giles for helping with the release process.

(wiz)

Updated fonts/harfbuzz to 1.3.4

(wiz)

Updated harfbuzz to 1.3.4.

Overview of changes leading to 1.3.4
Monday, December 5, 2016
====================================

- Fix vertical glyph origin in hb-ot-font.
- Implement CBDT/CBLC color font glyph extents in hb-ot-font.

(wiz)

MAKE_ENV is in OPSYSVARS -- simplify previous.

Thanks, jperkin!

(wiz)

lang/gcc5-aux: Belated revbump

The previous fix had a revbump staged, but I missed it in the cvs commit.

(marino)

Updated net/py-foolscap to 0.12.5

(wiz)

Updated py-foolscap to 0.12.5.

* Release 0.12.5 (07-Dec-2016)

** Connection Status Reporting

This release adds an object named `ConnectionInfo`, which encapsulates
information about a connection (both progress while being established, and
the outcome once connected). This includes which connection hint was
successful, what happened with the other hints, which handlers were used for
each, and when the connection was made or lost. To get one of these, use
`tub.getConnectionInfoForFURL(furl)` any time after `getReference()` is
called, or `rref.getConnectionInfo()` after it resolves.  #267

It also adds `ReconnectionInfo`, a similar object for Reconnectors. These
capture the state of reconnection process (trying, established, waiting), and
will provide a `ConnectionInfo` for the most recent (possibly successful)
connection attempt. The API is `reconnector.getReconnectionInfo()`.  #268

For details, see "Connection Progress/Status" and "Reconnector Status" in
`doc/using-foolscap.rst`.

** Connection Handler API Changes

To support `ConnectionInfo`, the Connection Handler API was changed.

The one backwards-incompatible change was that the `hint_to_endpoint()`
method now takes a third argument, to update the status as the handler makes
progress. External handler functions will need to be modified to accept this
new argument, and applications which use them should declare a dependency
upon the latest Foolscap version, to avoid runtime breakage.

Several backwards-compatible changes were made too: handlers can provide a
`describe()` method (which feeds `ConnectionInfo.connectionHandlers`), and
they can now set a special attribute on any exception they raise, to further
influence the status string.

In addition, the `tor.control_endpoint_maker()` handler now accepts an
optional second argument, which causes the maker function to be called with a
additional `update_status` argument. This backwards-compatible change allows
the maker function to influence the `ConnectionInfo` status too.

The Tor connection handler was enhanced to report distinct statuses for the
different phases of connection: launching a new copy of Tor, connecting to an
existing Tor daemon, etc.

** Minor Fixes

Foolscap-0.12.0 broke `flappserver create`, causing the command to hang
rather than exiting cleanly (although the flappserver directory itself was
probably created properly). This release finally fixes it.  #271

(wiz)

Revert "Specify readline requirement"

The underlying problem should be debugged and fixed instead.

(wiz)

Wrap Dragonfly specific workaround in .if ${OPSYS} == "DragonFly"

(wiz)

Wrap DragonFly specific workaround in .if ${OPSYS} == "DragonFly"

(wiz)

Revert "Specify readline requirement on 30 packages"

Many of these definitely do not depend on readline.
So there must be a different underlying problem, and that
should be tracked down instead of papering over it.

(wiz)

Updated security/libgcrypt to 1.7.4

(wiz)

Updated libgcrypt to 1.7.4.

Noteworthy changes in version 1.7.4 (2016-12-09)  [C21/A1/R4]
------------------------------------------------

* Performance:

  - More ARMv8/AArch32 improvements for AES, GCM, SHA-256, and SHA-1.

  - Add ARMv8/AArch32 assembly implementation for Twofish and
    Camellia.

  - Add bulk processing implementation for ARMv8/AArch32.

  - Add Stribog OIDs.

  - Improve the DRBG performance and sync the code with the Linux
    version.

* Internal changes:

  - When secure memory is requested by the MPI functions or by
    gcry_xmalloc_secure, they do not anymore lead to a fatal error if
    the secure memory pool is used up.  Instead new pools are
    allocated as needed.  These new pools are not protected against
    being swapped out (mlock can't be used).  However, these days
    this is considered a minor issue and can easily be mitigated by
    using encrypted swap space.

* Bug fixes:

  - Fix GOST 28147 CryptoPro-B S-box.

  - Fix error code handling of mlock calls.

(wiz)

Updated textproc/libunistring to 0.9.7

(wiz)

Updated libunistring to 0.9.7.

New in 0.9.7:
* The license has changed from LGPLv3+ to "LGPLv3+ or GPLv2"

(wiz)

Updated audio/musicpd to 0.19.20

(wiz)

Updated musicpd to 0.19.20.

ver 0.19.20 (2016/12/09)
* protocol
  - "setprio" re-enqueues old song if priority has been raised
* decoder
  - ffmpeg: ignore empty packets
  - pcm: fix corruption bug with partial frames (after short read)
  - sidplay: fix playback speed with libsidplayfp
* output
  - winmm: fix 8 bit playback
* fix gcc 7.0 -Wimplicit-fallthrough
* systemd: paranoid security settings

(wiz)

Updated textproc/py-lxml to 3.7.0

(wiz)

Updated py-lxml to 3.7.0.

3.7.0 (2016-12-10)
==================

Features added
--------------

* GH#217: ``XMLSyntaxError`` now behaves more like its ``SyntaxError``
  baseclass.  Patch by Philipp A.

* GH#216: ``HTMLParser()`` now supports the same ``collect_ids`` parameter
  as ``XMLParser()``.  Patch by Burak Arslan.

* GH#210: Allow specifying a serialisation method in ``xmlfile.write()``.
  Patch by Burak Arslan.

* GH#203: New option ``default_doctype`` in ``HTMLParser`` that allows
  disabling the automatic doctype creation.  Patch by Shadab Zafar.

* GH#201: Calling the method ``.set('attrname')`` without value argument
  (or ``None``) on HTML elements creates an attribute without value that
  serialises like ``<div attrname></div>``.  Patch by Daniel Holth.

* GH#197: Ignore form input fields in ``form_values()`` when they are
  marked as ``disabled`` in HTML.  Patch by Kristian Klemon.

Bugs fixed
----------

* GH#206: File name and line number were missing from XSLT error messages.
  Patch by Marcus Brinkmann.

Other changes
-------------

* Log entries no longer allow anything but plain string objects as message text
  and file name.

* ``zlib`` is included in the list of statically built libraries.

(wiz)

Updated devel/py-test to 3.0.5

(wiz)

Updated py-test to 3.0.5.

3.0.5
=====

* Add warning when not passing ``option=value`` correctly to ``-o/--override-ini`` (`#2105`_).
  Also improved the help documentation. Thanks to `@mbukatov`_ for the report and
  `@lwm`_ for the PR.

* Now ``--confcutdir`` and ``--junit-xml`` are properly validated if they are directories
  and filenames, respectively (`#2089`_ and `#2078`_). Thanks to `@lwm`_ for the PR.

* Add hint to error message hinting possible missing ``__init__.py`` (`#478`_). Thanks `@DuncanBetts`_.

* More accurately describe when fixture finalization occurs in documentation (`#687`_). Thanks `@DuncanBetts`_.

* Provide ``:ref:`` targets for ``recwarn.rst`` so we can use intersphinx referencing.
  Thanks to `@dupuy`_ for the report and `@lwm`_ for the PR.

* In Python 2, use a simple ``+-`` ASCII string in the string representation of ``pytest.approx`` (for example ``"4 +- 4.0e-06"``)
  because it is brittle to handle that in different contexts and representations internally in pytest
  which can result in bugs such as `#2111`_. In Python 3, the representation still uses ``賊`` (for example ``4 賊 4.0e-06``).
  Thanks `@kerrick-lyft`_ for the report and `@nicoddemus`_ for the PR.

* Using ``item.Function``, ``item.Module``, etc., is now issuing deprecation warnings, prefer
  ``pytest.Function``, ``pytest.Module``, etc., instead (`#2034`_).
  Thanks `@nmundar`_ for the PR.

* Fix error message using ``approx`` with complex numbers (`#2082`_).
  Thanks `@adler-j`_ for the report and `@nicoddemus`_ for the PR.

* Fixed false-positives warnings from assertion rewrite hook for modules imported more than
  once by the ``pytest_plugins`` mechanism.
  Thanks `@nicoddemus`_ for the PR.

* Remove an internal cache which could cause hooks from ``conftest.py`` files in
  sub-directories to be called in other directories incorrectly (`#2016`_).
  Thanks `@d-b-w`_ for the report and `@nicoddemus`_ for the PR.

* Remove internal code meant to support earlier Python 3 versions that produced the side effect
  of leaving ``None`` in ``sys.modules`` when expressions were evaluated by pytest (for example passing a condition
  as a string to ``pytest.mark.skipif``)(`#2103`_).
  Thanks `@jaraco`_ for the report and `@nicoddemus`_ for the PR.

* Cope gracefully with a .pyc file with no matching .py file (`#2038`_). Thanks
  `@nedbat`_.

(wiz)

Updated databases/shared-mime-info to 1.8

(wiz)

Updated shared-mime-info to 1.8.

shared-mime-info 1.8 (2016-12-05)
* Add Flatpak-related mime-types
* Add mime-type for a number of Thomson-related disk (and cassette) images
* Add many audio and video mime-type aliases as used in VLC
* Add mime-type for pdf.lz files
* Write the correct length for literal and glob lists to the cache
* Build fixes

(wiz)

Updated sysutils/dbus to 1.10.14

(wiz)

Updated dbus to 1.10.14.

D-Bus 1.10.14 (2016-11-28)
==

The “Well, other bands know more than three chords” release.

Fixes:

• Work around an undesired effect of the fix for CVE-2014-3637
  (fd.o #80559), in which processes that frequently send fds, such as
  logind during a flood of new PAM sessions, can get disconnected for
  continuously having at least one fd "in flight" for too long;
  dbus-daemon interprets that as a potential denial of service attack.
  The workaround is to disable that check for uid 0 process such as
  logind, with a message in the system log. The bug remains open while
  we look for a more general solution.
  (fd.o #95263, LP#1591411; Simon McVittie)

• Don't run the test test-dbus-launch-x11.sh if X11 autolaunching
  was disabled at compile time. That test is not expected to work
  in that configuration. (fd.o #98665, Simon McVittie)

(wiz)

Updated graphics/cairo-gobject to 1.14.8

(wiz)

Updated graphics/cairo to 1.14.8

(wiz)

Update cairo{,-gobject} to 1.14.8.

Release 1.14.8    (2016-12-07  Bryce Harrington <bryce@osg.samsung.com>)
========================================================================
Bugfix release rolling up backported fixes for the past year.

For a complete log of changes since 1.14.6, please see:

    http://cairographics.org/releases/ChangeLog.cairo-1.14.8

Features
--------
None

API Changes
-----------
None

Dependency Changes
------------------
None

Performance Optimizations
-------------------------
None

Bug Fixes
---------
* Fix "invalidfont" error on some printers when printing PDFs with
  embedded fonts that have glyphs (such as spaces) with
  num_contours == 0.  (Bug #79897)
* Fix deadlock when destruction of a scaled font indirectly triggers
  destruction of a second scaled font, causing the global cache to be
  locked twice.  (Bug #93891)
* Fix X errors reported to applications when shmdt() is called before
  the Attach request is processed, due to missing xcb and xlib calls.
* Fix random failure in record-paint-alpha-clip-mast test case, caused
  by an incorrect assumption that a deferred clear can be skipped.
  (Bug #84330)
* Fix crash when dealing with an XShmGetImage() failure, caused by a
  double free in _get_image_surface().  (Bug #91967)
* Fix build issue when using non-GNU strings utility.  (Bug #88639)
* Cleanup debugging text sent to stdout instead of log.  (Bug #95227)

(wiz)

Make www/emacs-w3m build and run with xemacs, fixing PR pkg/40685

Changes:

o accomodate for differing dependencies:
  + graphics/gifsicle as a bug workaround
  + devel/flim (this was an implicite dependency through devel/semi)
  - devel/{apel,semi}, editors/mule-ucs contained in xemacs-packages

o conditional PLIST changes for differing installation paths

Tested with xemacs 21.4 and emacs 22

(hauke)

Updated devel/waf to 1.9.6

(wiz)

Updated waf to 1.9.6.

NEW IN WAF 1.9.6
----------------
* Display @argfile contents in msvcdeps #1831
* Enable configurable preprocessor cache sizes #1833
* Allocate lru cache entries lazily
* Let unity builds use relative paths for msys #1834
* Added --dump-test-scripts to the unit test module #1852
* Added a warning on ant_glob '.' uses #1853
* LaTeX configuration tests output results to config.log
* Accept functools.partial() as task rules #1865

(wiz)

Updated print/abcm2ps to 8.13.1

(wiz)

Updated abcm2ps to 8.13.1.

Fix pango detection.

---- Version 8.13.1 - 2016-12-10 ----

Add HTML4 colors
(asked by David Lacroix)
Fix loss of color when change on combined rests
(reported by David Lacroix)
Fix bad treatment of lyrics (w:) since 8.13.0
(reported by Guido Gonzato)

---- Version 8.13.0 - 2016-12-06 ----

Accept "||:" as either simple left repeat bar ("|:"), or double bar
and left repeat bar when on 2 music lines
(asked by Jean-Luc Zins)
Fix bad horizontal offset of word starting with a font change in w:
Change default value of %%vocalspace (23pt -> 10pt) !!compatibility!!
Fix bad vertical offset of lyrics (w:)
Don't scale the lyrics (w:) with %%staffscale value !!compatibility!!
(reported by Lionel Coates)
Output the lyrics (w:) after the decorations !!compatibility!!
Fix some clashes of left/right annotations with notes
(reported by Timm Reasbeck)
Fix bad tempo value when >= 128
(reported by Jean-Luc Zins)
Do more check about the values of %%pos
Fix loss of beam breaks when %%breakoneoln and EOL followed by grace notes
(reported by Timm Reasbeck)

(wiz)

Updated graphics/ImageMagick to 7.0.3.10

(wiz)

Updated ImageMagick to 7.0.3.10.

2016-12-10  7.0.3-10 Cristy  <quetzlzacatenango@image...>
  * Release ImageMagick version 7.0.3-10, GIT revision 19191:338f088:20161210.

2016-12-07  7.0.3-10 Cristy  <quetzlzacatenango@image...>
  * Set colorspace to sRGB if -append has non-homogenous colorspaces (reference
    https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=29105).
  * Respect connected-components:area-threshold define (reference
    https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=31006).
  * Enable alpha channel if background color is non-opaque (reference
    https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=31016).
  * Return correct offset for negative index for -fx option (reference
    https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=31019).
  * Fixed improper scaling of certain FITS images (reference
    https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=31028).
  * Properly center text label (reference
    https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=31027).

2016-12-05  7.0.3-9 Cristy  <quetzlzacatenango@image...>
  * Release ImageMagick version 7.0.3-9, GIT revision 19139:6fed3f1:20161205.

2016-11-26  7.0.3-9 Cristy  <quetzlzacatenango@image...>
  * Support the compare -read-mask option.
  * Support read-masks for the -modulate option.
  * Prevent buffer overflow when streaming an image (reference
    https://github.com/ImageMagick/ImageMagick/issues/312).
  * Fix possible buffer overflow when writing compressed TIFFS (vulnerability
    report from Cisco Talos, CVE-2016-8707).

(wiz)

Updated net/tor to 0.2.8.11

(wiz)

Updated tor to 0.2.8.11.

Changes in version 0.2.8.11 - 2016-12-08
  Tor 0.2.8.11 backports fixes for additional portability issues that
  could prevent Tor from building correctly on OSX Sierra, or with
  OpenSSL 1.1. Affected users should upgrade; others can safely stay
  with 0.2.8.10.

  o Minor bugfixes (portability):
    - Avoid compilation errors when building on OSX Sierra. Sierra began
      to support the getentropy() and clock_gettime() APIs, but created
      a few problems in doing so. Tor 0.2.9 has a more thorough set of
      workarounds; in 0.2.8, we are just using the /dev/urandom and mach
      monotonic time interfaces. Fixes bug 20865. Bugfix
      on 0.2.8.1-alpha.

  o Minor bugfixes (portability, backport from 0.2.9.5-alpha):
    - Fix compilation with OpenSSL 1.1 and less commonly-used CPU
      architectures. Closes ticket 20588.

(wiz)

Updated misc/calibre to 2.74.0

(wiz)

Updated calibre to 2.74.0.

- version: 2.74.0
  date: 2016-12-09

  new features:
    - title: "Amazon metadata download: Allow downloading from amazon.cn as well. To use go to Preferences->Metadata download and customize the amazon plugin to download from amazon.cn"

    - title: "Edit Book: Allow disabling the 'Files already arranged into folders' message popup"

  bug fixes:
    - title: "Edit Book: Fix selected text not being fully highlighted when using the solarized color schemes."
      tickets: [1647448]

    - title: "calibredb: Fix CSV output for the check_library command not being properly escaped"

    - title: "Fix subsetting of fonts whose names start with 'and' not working"

    - title: "Fix a regression in 2.72 that broke the --start-in-tray command line option."
      tickets: [1644876]

    - title: "Fix third party plugins that create dynamic context menus not working in linux"

    - title: "DOCX Input: Fix images wider than 50% of the page width being incorrectly right aligned even when anchored to the center of the page."
      tickets: [1646086]

    - title: "Catalog generation: Ensure all citation keys in BiBTeX catalogs have only ascii characters."
      tickets: [1646239]

    - title: "Get Books: Update ebookpoint and legimi plugins for website changes"

    - title: "EPUB3 metadata: Ensure updating metadata never produces empty dc:contributor elements."
      tickets: [1644702]

    - title: "DOCX Output: Fix an error when converting tables with spanning cells."
      tickets: [1644912]

    - title: "Nicer error message if the user tries to import data while the content server is running"

  improved recipes:
    - Frontline
    - Korea Herald
    - Pagina 12
    - Edge Conversations
    - Kitsapun
    - Mobile Nations
    - NME
    - Security Watch
    - Sign on SD
    - Star Advertiser
    - tyzden

(wiz)