+ gnome-3.22, gnuchess-6.2.3, libjpeg-turbo-1.5.1, p5-Business-ISBN-3.003,
  p5-Net-Domain-TLD-1.75, p5-Text-Glob-0.10.

(wiz)

Updated security/openssl to 1.0.2i

(jperkin)

Update security/openssl to 1.0.2i.

Changes between 1.0.2h and 1.0.2i [22 Sep 2016]

  *) OCSP Status Request extension unbounded memory growth

    A malicious client can send an excessively large OCSP Status Request
    extension. If that client continually requests renegotiation, sending a
    large OCSP Status Request extension each time, then there will be unbounded
    memory growth on the server. This will eventually lead to a Denial Of
    Service attack through memory exhaustion. Servers with a default
    configuration are vulnerable even if they do not support OCSP. Builds using
    the "no-ocsp" build time option are not affected.

    This issue was reported to OpenSSL by Shi Lei (Gear Team, Qihoo 360 Inc.)
    (CVE-2016-6304)
    [Matt Caswell]

  *) In order to mitigate the SWEET32 attack, the DES ciphers were moved from
    HIGH to MEDIUM.

    This issue was reported to OpenSSL Karthikeyan Bhargavan and Gaetan
    Leurent (INRIA)
    (CVE-2016-2183)
    [Rich Salz]

  *) OOB write in MDC2_Update()

    An overflow can occur in MDC2_Update() either if called directly or
    through the EVP_DigestUpdate() function using MDC2. If an attacker
    is able to supply very large amounts of input data after a previous
    call to EVP_EncryptUpdate() with a partial block then a length check
    can overflow resulting in a heap corruption.

    The amount of data needed is comparable to SIZE_MAX which is impractical
    on most platforms.

    This issue was reported to OpenSSL by Shi Lei (Gear Team, Qihoo 360 Inc.)
    (CVE-2016-6303)
    [Stephen Henson]

  *) Malformed SHA512 ticket DoS

    If a server uses SHA512 for TLS session ticket HMAC it is vulnerable to a
    DoS attack where a malformed ticket will result in an OOB read which will
    ultimately crash.

    The use of SHA512 in TLS session tickets is comparatively rare as it requires
    a custom server callback and ticket lookup mechanism.

    This issue was reported to OpenSSL by Shi Lei (Gear Team, Qihoo 360 Inc.)
    (CVE-2016-6302)
    [Stephen Henson]

  *) OOB write in BN_bn2dec()

    The function BN_bn2dec() does not check the return value of BN_div_word().
    This can cause an OOB write if an application uses this function with an
    overly large BIGNUM. This could be a problem if an overly large certificate
    or CRL is printed out from an untrusted source. TLS is not affected because
    record limits will reject an oversized certificate before it is parsed.

    This issue was reported to OpenSSL by Shi Lei (Gear Team, Qihoo 360 Inc.)
    (CVE-2016-2182)
    [Stephen Henson]

  *) OOB read in TS_OBJ_print_bio()

    The function TS_OBJ_print_bio() misuses OBJ_obj2txt(): the return value is
    the total length the OID text representation would use and not the amount
    of data written. This will result in OOB reads when large OIDs are
    presented.

    This issue was reported to OpenSSL by Shi Lei (Gear Team, Qihoo 360 Inc.)
    (CVE-2016-2180)
    [Stephen Henson]

  *) Pointer arithmetic undefined behaviour

    Avoid some undefined pointer arithmetic

    A common idiom in the codebase is to check limits in the following manner:
    "p + len > limit"

    Where "p" points to some malloc'd data of SIZE bytes and
    limit == p + SIZE

    "len" here could be from some externally supplied data (e.g. from a TLS
    message).

    The rules of C pointer arithmetic are such that "p + len" is only well
    defined where len <= SIZE. Therefore the above idiom is actually
    undefined behaviour.

    For example this could cause problems if some malloc implementation
    provides an address for "p" such that "p + len" actually overflows for
    values of len that are too big and therefore p + len < limit.

    This issue was reported to OpenSSL by Guido Vranken
    (CVE-2016-2177)
    [Matt Caswell]

  *) Constant time flag not preserved in DSA signing

    Operations in the DSA signing algorithm should run in constant time in
    order to avoid side channel attacks. A flaw in the OpenSSL DSA
    implementation means that a non-constant time codepath is followed for
    certain operations. This has been demonstrated through a cache-timing
    attack to be sufficient for an attacker to recover the private DSA key.

    This issue was reported by C辿sar Pereida (Aalto University), Billy Brumley
    (Tampere University of Technology), and Yuval Yarom (The University of
    Adelaide and NICTA).
    (CVE-2016-2178)
    [C辿sar Pereida]

  *) DTLS buffered message DoS

    In a DTLS connection where handshake messages are delivered out-of-order
    those messages that OpenSSL is not yet ready to process will be buffered
    for later use. Under certain circumstances, a flaw in the logic means that
    those messages do not get removed from the buffer even though the handshake
    has been completed. An attacker could force up to approx. 15 messages to
    remain in the buffer when they are no longer required. These messages will
    be cleared when the DTLS connection is closed. The default maximum size for
    a message is 100k. Therefore the attacker could force an additional 1500k
    to be consumed per connection. By opening many simulataneous connections an
    attacker could cause a DoS attack through memory exhaustion.

    This issue was reported to OpenSSL by Quan Luo.
    (CVE-2016-2179)
    [Matt Caswell]

  *) DTLS replay protection DoS

    A flaw in the DTLS replay attack protection mechanism means that records
    that arrive for future epochs update the replay protection "window" before
    the MAC for the record has been validated. This could be exploited by an
    attacker by sending a record for the next epoch (which does not have to
    decrypt or have a valid MAC), with a very large sequence number. This means
    that all subsequent legitimate packets are dropped causing a denial of
    service for a specific DTLS connection.

    This issue was reported to OpenSSL by the OCAP audit team.
    (CVE-2016-2181)
    [Matt Caswell]

  *) Certificate message OOB reads

    In OpenSSL 1.0.2 and earlier some missing message length checks can result
    in OOB reads of up to 2 bytes beyond an allocated buffer. There is a
    theoretical DoS risk but this has not been observed in practice on common
    platforms.

    The messages affected are client certificate, client certificate request
    and server certificate. As a result the attack can only be performed
    against a client or a server which enables client authentication.

    This issue was reported to OpenSSL by Shi Lei (Gear Team, Qihoo 360 Inc.)
    (CVE-2016-6306)
    [Stephen Henson]

(jperkin)

Needs krb5.

(jperkin)

Do not use deprecated GnuTLS functions
http://bugzilla.gnome.org/show_bug.cgi?id=648606
require minimally gnutls 2.2.0 for use of currently used functions

since the recent gnutls update, deprecated => obsoleted
fixes build for now, discussing with wiz@ seems reasonable later
to update to the gnome3 version and, if necessary, adding back vino2.

(richard)

Updated chat/irssi to 0.8.20nb1

(maya)

irssi: add patch for buf.pl update as it is shipped with irssi.

previously it would create a world readable file containing chat
logs when /upgrade was used.

while a security fix, you have to jump through many hoops to be
affected by it - we don't enable perl scripts by default, we
don't run that perl script by default, and you'd have to know that
/upgrade exists in the first place, and run on a system where world
readability of files is a concern.

still, grab upstream update, bump PKGREVISION.

(maya)

Updated devel/py-cffi to 1.8.3nb1

(wiz)

Add patch to distinfo and bump PKGREVISION for it.

('make test' still fails with mprotect enabled.)

(wiz)

Remove redundent/unnecessary .include lines, and  PYDISTUTILSPKG= yes, thanks wiz.

(mef)

Handle PaX/MPROTECT

(christos)

Update HOMEPAGE, previous was 404

(mef)

Fix build on NetBSD-7.99.36

Address conflicts of local gettext.h with /usr/include/libintl.h.
Undefine system symbols and allow package's specific ones.

GUI presents correctly texts in a local language.

(kamil)

Fix Darwin subst.

(jperkin)

Updated chat/irssi to 0.8.20

(maya)

irssi: update to 0.8.20, security fix.

catch up with irssi-icb, irssi-xmpp distinfo (they grab irssi versioned
file).

comment out part of irssi-xmpp makefile which is breaking the build.

irssi 0.8.20 changes:

- Correct the name of an emitted sasl signal (#484)
- Correct the prototype for the 'message private' signal (#515)
- Corrections in away and hilight help text (#477, #518)
- /squery and /servlist commands have been restored.
- Where Irssi would previously only report "System error" on connect,
  it will now try harder to retrieve the system error message.
- Fixed issue with +channels not working properly (#533)
- Fixed crash in optchan when item has no server (#485)
- Fixed random remote crash in the nicklist handling (#529)
- Fixed remote crash due to incorrect bounds checking on
  formats, reported by Gabriel Campana and Adrien Guinet from
  Quarkslab.

(maya)

boehm-gc: apply upstream build fix for FreeBSD/DragonflyBSD.
Requested by David Shao in PR pkg/51414

from upstream commit:
https://github.com/ivmai/bdwgc/commit/6f4e123e34c2e20343a84b6fadd17bde0e7b354c

(maya)

Add tex-textcase dependency to tex-revtex (4.1r)
OK markd@

(prlw1)

Updated sysutils/xentools45 to 4.5.5
Updated sysutils/xenkernel45 to 4.5.5

(bouyer)

Update xenkernel45 and xentools45 to 4.5.5.
Changes since 4.5.3: mostly bugfixes, including fixes for
security issues XSA-172, XSA-173, XSA-175, XSA-176, XSA-178, XSA-179, XSA-180,
XSA-181, XSA-182, XSA-183, XSA-184, XSA-185, XSA-186 and XSA-187.
All but XSA-175 were already fixed in pkgsrc.
Complete list of changes and links to the XSA advisories:
https://www.xenproject.org/downloads/xen-archives/xen-45-series/xen-455.html

(bouyer)

Added support for mysql57

(adam)

Fix reversed assignement, pointed out by he@ (thanks !)

(bouyer)

Fix CONFLICTS pattern, pointed by @yatasan on twitter

(ryoon)

Updated devel/xulrunner45 to 45.4.0

(ryoon)

Update to 45.4.0

* Sync with firefox45-45.4.0

(ryoon)

Updated www/firefox45-l10n to 45.4.0

(ryoon)

Update to 45.4.0

* Sync with firefox45-45.4.0

(ryoon)

Updated www/firefox45 to 45.4.0

(ryoon)

Update to 45.4.0

Changelog:
Security vulnerabilities fixed in Firefox ESR 45.4

Announced
    September 13, 2016
Impact
    Critical
Products
    Firefox ESR
Fixed in

        Firefox ESR 45.4

Description

CVE-2016-5270 - Heap-buffer-overflow in nsCaseTransformTextRunFactory::TransformString [high]
Reporter: Atte Kettunen
Description: An out-of-bounds write of a boolean value during text conversion with some unicode characters. [1291016]

CVE-2016-5272 - Bad cast in nsImageGeometryMixin [high]
Reporter: Abhishek Arya
Description: A bad cast when processing layout with input elements can result in a potentially exploitable crash. [1297934]

CVE-2016-5276 - Heap-use-after-free in mozilla::a11y::DocAccessible::ProcessInvalidationList [high]
Reporter: Nils
Description: A use-after-free vulnerability triggered by setting a aria-owns attribute [1287721]

CVE-2016-5274 - use-after-free in nsFrameManager::CaptureFrameState [high]
Reporter: Nils
Description: A use-after-free issue in web animations during restyling. [1282076]

CVE-2016-5277 - Heap-use-after-free in nsRefreshDriver::Tick [high]
Reporter: Nils
Description: A user-after-free vulnerability with web animations when destroying a timeline [1291665]

CVE-2016-5278 - Heap-buffer-overflow in nsBMPEncoder::AddImageFrame [critical]
Reporter: Nils
Description: A potentially exploitable crash caused by a buffer overflow while encoding image frames to images [1294677]

CVE-2016-5280 - Use-after-free in mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap [high]
Reporter: Mei Wang
Description: Use-after-free vulnerability when changing text direction [1289970]

CVE-2016-5281 - use-after-free in DOMSVGLength [high]
Reporter: Brian Carpenter
Description: Use-after-free vulnerability when manipulating SVG format content through script [1284690]

CVE-2016-5284 - Add-on update site certificate pin expiration [high]
Reporter: Multiple people
Description: Due to flaws in the process we used to update "Preloaded Public Key Pinning" in our releases, the pinning for add-on updates became ineffective in early September. An attacker who was able to get a mis-issued certificate for a Mozilla web site could send malicious add-on updates to users on networks controlled by the attacker. Users who have not installed any add-ons are not affected. [1303127]

CVE-2016-5250 - Resource Timing API is storing resources sent by the previous page [moderate]
Reporter: Catalin Dumitru
Description: URLs of resources loaded after a navigation started can leak to the following page through the Resource Timing API, leading to potential information disclosure. [1254688]

CVE-2016-5261 - Integer overflow and memory corruption in WebSocketChannel [high]
Reporter: Samuel Groß
Description: An integer overflow error in WebSockets during data buffering on incoming packets resulting in attacker controlled data being written at a known offset in the allocated buffer. [1287266]

CVE-2016-5257 - Memory safety bugs fixed in Firefox 49 and Firefox ESR 45.4 [critical]
Reporter: Mozilla developers
Description: Mozilla developers and community members Christoph Diehl, Andrew McCreight, Dan Minor, Byron Campen, Jon Coppeard, Steve Fink, Tyson Smith, Philipp, and Carsten Book reported memory safety bugs present in Firefox 48 and Firefox ESR 45.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort at least some of these could be exploited to run arbitrary code. [Memory safety bugs fixed in Firefox 49 and Firefox ESR 45.4]

(ryoon)

Fix PLIST on non-NetBSD.

(wiz)

+ gssdp-1.0.0, gupnp-1.0, opensmtpd-6.0.0, pan-0.140.

(wiz)

Updated print/dvidvi to 1.1

(wiz)

Update dvidvi to 1.1, using the texlive distfile.

Diff provided by markd.

The 1.0 distfile server has not been available for a couple years
now, there is no copy on nftp, and this package is part of one of
the texlive meta packages, so it would be good if it was fetchable.

Changes since 1.0:

2015-07-07  Peter Breitenlohner  <peb@mppmu.mpg.de>

* Makefile.am: Better dependencies for 'make check'.

2015-06-16  Peter Breitenlohner  <peb@mppmu.mpg.de>

* dvidvi.c: Drop <kpathsea/config.h> (isascii via KPSE_COMMON).

2015-04-17  Peter Breitenlohner  <peb@mppmu.mpg.de>

* dvidvi.c: #include <kpathsea/config.h> (for isascii).

2014-06-16  Peter Breitenlohner  <peb@mppmu.mpg.de>

* Makefile.am: Drop the obsolete ACLOCAL_AMFLAGS.

2013-06-28  Peter Breitenlohner  <peb@mppmu.mpg.de>

* dvidvi.c: First include <config.h>.

2012-11-19  Peter Breitenlohner  <peb@mppmu.mpg.de>

* Makefile.am: Avoid use of deprecated INCLUDES.

2012-05-29  Peter Breitenlohner  <peb@mppmu.mpg.de>

* dvidvi.c: Drop the problematic prototype for isatty(),
already declared in <unistd.h> or <kpathsea/c-fopen.h>.
Cast arguments to avoid MSVC compiler warnings.
From Akira Kakuto <kakuto@fuk.kindai.ac.jp> (W32TeX).

2011-09-25  Peter Breitenlohner  <peb@mppmu.mpg.de>

* dvidvi.test: New shell script for tests.
* tests/{play.dvi,playout.2}: Test input and expected output.
* Makefile.am: Add the test and its data.

2011-09-23  Peter Breitenlohner  <peb@mppmu.mpg.de>

* dvidvi.c (writedvifile): Write newline at end of stdout.

2011-04-18  Peter Breitenlohner  <peb@mppmu.mpg.de>

* dvidvi.c (writepreamble): Cast string literal to 'unsigned
const char *' to avoid 'differ in signedness' warning.

2011-02-07  Peter Breitenlohner  <peb@mppmu.mpg.de>

* Makefile.am (EXTRA_DIST): read.me has been renamed README.

2010-05-10  Peter Breitenlohner  <peb@mppmu.mpg.de>

* dvidvi.c (SET_BINARY): Remove casts to void.

2010-02-12  Peter Breitenlohner  <peb@mppmu.mpg.de>

* Makefile.am (AM_CPPFLAGS): Remove '-DNO_DEBUG' ...
* configure.ac: ... now added via KPSE_KPATHSEA_FLAGS.

2009-08-21  Peter Breitenlohner  <peb@mppmu.mpg.de>

Avoid maximal compiler warnings.
* dvidvi.c (oname): Constify global string.
(error, putstr): Constify string arg.

2009-06-22  Peter Breitenlohner  <peb@mppmu.mpg.de>

* Makefile.am (AM_CPPFLAGS): remove -DNeedFunctionPrototypes.

2009-06-09  Peter Breitenlohner  <peb@mppmu.mpg.de>

* Makefile.am (AM_CFLAGS): enable compiler warnings.
* dvidvi.c: declare most function as static and define them
with ANSI C prototypes. #include <unistd.h> to declare isatty.
Remove unused variables.
Remove SHORTINT (to select '%ld' or '%d' format specifiers),
all relevant variables are integer (typedef'ed as long).

2009-06-02  Peter Breitenlohner  <peb@mppmu.mpg.de>

* dvidvi.c: always include <stdlib.h>, to avoid implicit
declaration of calloc, exit, free, and malloc.

2009-05-27  Peter Breitenlohner  <peb@mppmu.mpg.de>

Adapt to TL2009 build system.

2008-02-29  Peter Breitenlohner  <peb@mppmu.mpg.de>

* configure.in: added AC_CONFIG_HEADERS (moved
from ../kpathsea/common.ac to here).

2008-01-29  Peter Breitenlohner  <peb@mppmu.mpg.de>

Convert from autoconf-2.13 to autoconf-2.59+:
* Makefile.in: Add @configure_input@ line.
* aclocal.m4 (new): Generated (aclocal -I ../m4).
* configure: Regenerated (autoconf).

2004-12-30  Peter Breitenlohner  <peb@mppmu.mpg.de>
* dvidvi.c: Changed return type void of main() into int.

(wiz)

octave: suggest workaround for crashes in MESSAGE

the default uses OpenGL and depending on the setup, it may lack
certain features.

see GNU Octave bug #44823: http://savannah.gnu.org/bugs/?44823

(maya)

Updated www/firefox-l10n to 49.0

(ryoon)

Update to 49.0

* Sync with firefox-49.0

(ryoon)

Updated www/firefox to 49.0

(ryoon)

Update to 49.0

Changelog:
New
    Updated Firefox Login Manager to allow HTTPS pages to use saved HTTP logins. It窶冱 one more way Firefox is supporting Let窶冱 Encrypt and helping users transition to a more secure web.

    Added features to Reader Mode that make it easier on the eyes and the ears
        Controls that allow users to adjust the width and line spacing of text
        Narrate, which reads the content of a page out loud

    Improved video performance for users on systems that support SSSE3 without hardware acceleration

    Added context menu controls to HTML5 audio and video that let users loops files or play files at 1.25x speed

    Enhancements for Mac users
        Improved performance on OS X systems without hardware acceleration
        Improved appearance of anti-aliased OS X fonts

    Improvements in about:memory reports for tracking font memory usage

    Improve performance on Windows systems without hardware acceleration

Fixed
    Fixed an issue that prevented users from updating Firefox for Mac unless they originally installed Firefox. Now, those users as well as any user with administrative credentials can update Firefox.

    Various security fixes

Changed
    Ended Firefox for Mac support for OS X 10.6, 10.7, and 10.8.

    Ended Firefox for Windows support for SSE processors

    Removed Firefox Hello

    Re-enabled the default for Graphite2 font shaping

Developer
    Added a Cause column to the Network Monitor to show what caused each network request

    Introduced web speech synthesis API

Fixed in Firefox 49
    2016-85 Security vulnerabilities fixed in Firefox 49

CVE-2016-2827 - Out-of-bounds read in mozilla::net::IsValidReferrerPolicy [low]
Reporter: Atte Kettunen
Description: A content security policy (CSP) containing a referrer directive with no values can cause a non-exploitable crash. [1289085]

CVE-2016-5270 - Heap-buffer-overflow in nsCaseTransformTextRunFactory::TransformString [high]
Reporter: Atte Kettunen
Description: An out-of-bounds write of a boolean value during text conversion with some unicode characters. [1291016]

CVE-2016-5271 - Out-of-bounds read in PropertyProvider::GetSpacingInternal [low]
Reporter: Abhishek Arya
Description: An out-of-bounds read during the processing of text runs in some pages using display:contents. [1288946]

CVE-2016-5272 - Bad cast in nsImageGeometryMixin [high]
Reporter: Abhishek Arya
Description: A bad cast when processing layout with input elements can result in a potentially exploitable crash. [1297934]

CVE-2016-5273 - crash in mozilla::a11y::HyperTextAccessible::GetChildOffset [high]
Reporter: Nils
Description: A potentially exploitable crash in accessibility [1280387]

CVE-2016-5276 - Heap-use-after-free in mozilla::a11y::DocAccessible::ProcessInvalidationList [high]
Reporter: Nils
Description: A use-after-free vulnerability triggered by setting a aria-owns attribute [1287721]

CVE-2016-5274 - use-after-free in nsFrameManager::CaptureFrameState [high]
Reporter: Nils
Description: A use-after-free issue in web animations during restyling. [1282076]

CVE-2016-5277 - Heap-use-after-free in nsRefreshDriver::Tick [high]
Reporter: Nils
Description: A user-after-free vulnerability with web animations when destroying a timeline [1291665]

CVE-2016-5275 - global-buffer-overflow in mozilla::gfx::FilterSupport::ComputeSourceNeededRegions [critical]
Reporter: Nils
Description: A buffer overflow when working with empty filters during canvas rendering [1287316]

CVE-2016-5278 - Heap-buffer-overflow in nsBMPEncoder::AddImageFrame [critical]
Reporter: Nils
Description: A potentially exploitable crash caused by a buffer overflow while encoding image frames to images [1294677]

CVE-2016-5279 - Full local path of files is available to web pages after drag and drop [moderate]
Reporter: Rafael Gieschke
Description: The full path to local files is available to scripts when local files are drag and dropped into Firefox [1249522]

CVE-2016-5280 - Use-after-free in mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap [high]
Reporter: Mei Wang
Description: Use-after-free vulnerability when changing text direction [1289970]

CVE-2016-5281 - use-after-free in DOMSVGLength [high]
Reporter: Brian Carpenter
Description: Use-after-free vulnerability when manipulating SVG format content through script [1284690]

CVE-2016-5282 - Don't allow content to request favicons from non-whitelisted schemes [moderate]
Reporter: Richard Newman
Description: Favicons can be loaded through non-whitelisted protocols, such as jar: [932335]

CVE-2016-5283 - <iframe src> fragment timing attack can reveal cross-origin data [high]
Reporter: Gavin Sharp
Description: A timing attack vulnerability using iframes to potentially reveal private data using document resizes and link colors [928187]

CVE-2016-5284 - Add-on update site certificate pin expiration [high]
Reporter: Ryan Duff
Description: Due to flaws in the process we used to update "Preloaded Public Key Pinning" in our releases, the pinning for add-on updates became ineffective in early September. An attacker who was able to get a mis-issued certificate for a Mozilla web site could send malicious add-on updates to users on networks controlled by the attacker. Users who have not installed any add-ons are not affected. [1303127]

CVE-2016-5256 - Memory safety bugs fixed in Firefox 49 [critical]
Reporter: Mozilla developers
Description: Mozilla developers Christoph Diehl, Christian Holler, Gary Kwong, Nathan Froyd, Honza Bambas, Seth Fowler, and Michael Smith reported memory safety bugs present in Firefox 48. Some of these bugs showed evidence of memory corruption under certain circumstances could potentially exploited to run arbitrary code. [Memory safety bugs fixed in Firefox 49]

CVE-2016-5257 - Memory safety bugs fixed in Firefox 49 and Firefox ESR 45.4 [critical]
Reporter: Mozilla developers
Description: Mozilla developers and community members Christoph Diehl, Andrew McCreight, Dan Minor, Byron Campen, Jon Coppeard, Steve Fink, Tyson Smith, Philipp, and Carsten Book reported memory safety bugs present in Firefox 48 and Firefox ESR 45.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort at least some of these could be exploited to run arbitrary code. [Memory safety bugs fixed in Firefox 49 and Firefox ESR 45.4]

(ryoon)

Updated x11/xorg-cf-files to 1.0.6nb1

(jperkin)

Handle Solaris 11/sparc correctly.  Fixes PR#51475 from Joern Clausen.

Bump PKGREVISION.

(jperkin)

pkgsrc is now frozen in preparation for the pkgsrc-2016Q3 branch.

(jperkin)

Update python3 state comment.

(wiz)

Add upstream bug report URL.

(wiz)

Fix build with readline-7.0 and depend on it.

Bump PKGREVISION.

(wiz)

Bump version for last.

(markd)

Add tex-greek-inputenc

(markd)

Add tex-texdraw

(markd)

Add tex-eijkhout

(markd)

-kicad-*, updated to 4.0.4

(mef)

Add tex-currvita tex-localloc

(markd)

Add tex-cyrplain

(markd)

Add newly added packages

(markd)

Add a bunch of tex packages.

(markd)

Replace PLIST entries by dependencies on various tex packages.

(markd)

Add bunch of tex packages

(markd)

Add tex-mex 1.05

Polish formats for TeX

(markd)

Added PKGNAME to conform to directory name

(jaapb)

Add tex-utf8mex 2016

Tools to produce formats that read Polish language input

(markd)

Add tex-polski{,-doc} 1.3.3

Typeset Polish documents with LaTeX and Polish fonts

(markd)

Add tex-mwcls{,-doc} 0.74

Polish-oriented document classes

(markd)

Remove url2pkg marker.

(wiz)

Add tex-greek-inputenc{,-doc} 1.6

Greek encoding support for inputenc

(markd)

Added ocaml-ldap to SUBDIRs

(jaapb)

Added databases/ocaml-ldap version 2.2

(jaapb)

Add tex-currvita{,-doc} 2016

Typeset a curriculum vitae

(markd)

New package databases/ocaml-ldap, an LDAP library for OCaml.

Ocamldap is an implementation of the Light Weight Directory Access Protocol,
and a set of useful tools built around it. It includes high level libraries for
creating ldap clients and ldap servers.

It also includes many of the auxiliary tools needed for building intelligent
solutions, and interoperating with other directories. These include, an rfc2252
schema parser, and an schema checker, an ldif parser and printer, a search
filter parser (but no printer yet), and a rudimentary ldap url parser.

(jaapb)

Add tex-tap 0.77

TeX macros for typesetting complex tables

(markd)

Add tex-localloc{,-doc} 1.1b

Macros for localizing TeX register allocations

(markd)

Add tex-eijkhout 2016

Three unrelated packages: DB_process, to parse and process
database output; CD_labeler, to typeset user text to fit on a
CD label; and repeat, a nestable, generic loop macro.

(markd)

Add tex-cyrplain 2016

This directory contains files which can be used to make rusified
Plain TeX and other Plain TeX based formats, such as AMS-TeX, Texinfo
or BLUe TeX, using cyrillic fonts in LCY encoding (which is an 8-bit
extension of OT1 similar to cp866) or T2A encoding.

(markd)

Updated devel/p5-Parallel-Prefork to 0.18

(mef)

Updated devel/p5-Parallel-Prefork to 0.18
-----------------------------------------
0.18
        - fix the broken $pm->wait_all_children without timeout (by shogo82148)

(pkgsrc changes)
- For make test, following lines added
  BUILD_DEPENDS+= p5-Test-SharedFork-[0-9]*:../../devel/p5-Test-SharedFork
  BUILD_DEPENDS+= p5-forks-[0-9]*:../../devel/p5-forks
  BUILD_DEPENDS+= p5-IPC-Signal-[0-9]*:../../devel/p5-IPC-Signal

(mef)

Add tex-texdraw{,-doc}

(markd)

For make test, add BUILD_DEPENDS+=  p5-IPC-Signal-[0-9]*:../../devel/p5-IPC-Signal

(mef)

Add tex-texdraw 2.0

TeXdraw is a set of macro definitions for TeX, which allow the
user to produce PostScript drawings from within TeX and LaTeX.
TeXdraw has been designed to be extensible. Drawing 'segments'
are relocatable, self-contained units. Using a combination of
the TeX's grouping mechanism and the gsave/grestore mechanism
in PostScript, drawing segments allow for local changes to the
scaling and line parameters. Using TeX's macro definition
capability, new drawing commands can be constructed from
drawing segments.

(markd)

Updated devel/ccache to 3.3.1

(adam)

Changes 3.3.1:
* Fixed a problem in the ���multiple -arch options��� support introduced in 3.3. When using the direct mode (the default), different combinations of -arch options were not detected properly.
* Fixed an issue when compiler option -Wp,-MT,path is used instead of -MT path (and similar for -MF, -MP and -MQ) and run_second_cpp (CCACHE_CPP2) is enabled.

(adam)

Updated security/keychain to 2.8.3

(mef)

Updated security/keychain to 2.8.3
----------------------------------
* keychain 2.8.3 (24 Jun 2016)
  Summary: fix gpg key addition (Clemens Kaposi)

(mef)

Add tex-cc-pl{,-doc} tex-qpxqtx{,-doc}

(markd)

Add tex-qpxqtx{,-doc} 2016

typesetting math with TeX Gyre Pagella and pxfonts

(markd)

Add tex-cc-pl{,-doc} 1.02.2

Polish extension of Computer Concrete fonts

(markd)

Updated devel/p5-pango to 1.227

(mef)

Updated devel/p5-pango to 1.227
-------------------------------
Overview of changes in Pango 1.227
==================================
* Ensure word separation in linker arguments with pkg-config >= 0.29

(mef)

Updated devel/pango to 1.40.3

(mef)

Updated devel/pango 1.40.1 to 1.40.3
------------------------------------
Overview of changes between 1.40.2 and 1.40.3
=============================================
- Fix export of pango_cairo_win32_font_map_get_type (#771004)
- Fix build on OS X (#770729)

Overview of changes between 1.40.1 and 1.40.2
=============================================
- Improve introspection builds in msvc (#764984)
- Properly handle UTF32 chars in coretext
- Add rebeccapurple to list of colors
- Correct font weight mapping in coretext (#766148)
- Use version macros for exports (#767587)

(mef)

+ cups-2.2, libprelude-3.1.0, libpreludedb-3.1.0, prelude-correlator-3.1.0,
  prelude-lml-3.1.0, prelude-manager-3.1.0, tor-browser-6.0.5,
  vim-8.0, wine-devel-1.9.19.

(wiz)

Updated fonts/kanjistrokeorders-ttf to 4.000

(mef)

Updated fonts/kanjistrokeorders-ttf to 4.000
--------------------------------------------
Changelog:
not available

(mef)

Update HOMEPAGE.

(wiz)

Updated fonts/cantarell-font to 0.025
-------------------------------------
0.0.25
- outline and spacing on C,G.
- improved terminals on numerous glyphs
- weight/stem width fixes (k,G)
- port imrpovements from regular to bold
- improved metrics
- fixes to f-ligatures
- shape fixes to some numerals
- fixes to anchors > composited glyphs

(mef)

Updated fonts/fntsample to 4.1

(mef)

Updated fonts/fntsample 3.2 to 4.1
----------------------------------
Changes in version 4.1:
        * Detect iconv and add LIBICONV to LDADD
        * Detect support for -Wl,--as-needed in configure
        * Those changes fix compilation on OS X

Changes in version 4.0:
        * Add a --no-embed option
        * Fix broken handling of font names

(mef)

Updated fonts/p5-Font-FreeType to 0.07
Updated fonts/p5-Font-TTF to 1.06

(mef)

Updated fonts/p5-Font-TTF to 1.06
---------------------------------
1.06  2016-08-17

* Source repo moved from Subversion to Github
* OpenType script and lang tags updated from ISO/IEC 14496-22:2015, draft amendment 2
* Various POD improvements
* Add deepcopy mode to Dumper::ttfdump()
* Bug fixes
*    Wasn't installing on Windows Perl 5.22 and up
*    Reading mark-to-ligature lookups would crash if anchors were omitted
*    Incorrect extension lookup structure
*    Multiple fixes in Silf table processing
*    rt.cpan.org #106562 Uninitialized value warnings
*    rt.cpan.org #106816 spelling errors in manpage

(mef)

Updated fons/p5-Fonts-FreeType 0.04 to 0.07
--------------------------------------------
0.07 2015-09-27 dmol@cpan.org
- No changes since 0.07_2

0.07_2 2015-09-24 dmol@cpan.org
- Try to support utf8_to_uvchr_buf for older perls

0.07_1 2015-09-24 dmol@cpan.org
- Fix UTF-8 string usage on non-intel architectures (GH#17)

0.06 2015-01-27 dmol@cpan.org
- No changes since 0.06_1

0.06_1 2015-01-27 dmol@cpan.org
- Allow optionally fallback to missing glyph

0.05  2015-01-27 dmol@cpan.org
- No changes since 0.05_02

0.05_2 2015-01-23 dmol@cpan.org
- Be more tolerant in test for checking underline position
  (CT#9d93130c-a254-11e4-9a11-67e5227a829d) (Ivan Baidakou, basiliscos).
- Get build options from freetype-config if it exists (RT#101654)
  (Zakariyya Mughal).

0.05_1 2015-01-21 dmol@cpan.org
- Avoid clang warning (RT#101653).
- Attempt to fix CT#939e0664-8c46-11e4-8147-dcee86cc0d3a.

--------------------------------------------------------------------
(pkgsrc changes)
- Drop patch-FreeType.xs (upstream implemented)
- Modify patch-Makefile.PL
  Upstream implemented automatic environment config, with some
  testing, but testing part is redundent to pkgsrc, and yet harmfull,
  so remove that part.
- Add buildlink to x11.buildlink3.mk to use freetype-config
  for automatic configuration

(mef)

Recursive bump for cups openssl -> gnutls change.

(wiz)