Added editors/codeblocks version 16.01

(kamil)

Add editors/codeblocks

(kamil)

Import codeblocks-16.01 as editors/codeblock

Code::Blocks is a free C++ IDE built to meet the most demanding needs of its
users. It is designed to be very extensible and fully configurable.

Finally, an IDE with all the features you need, having a consistent look, feel
and operation across platforms.

Built around a plugin framework, Code::Blocks can be extended with plugins. Any
kind of functionality can be added by installing/coding a plugin. For instance,
compiling and debugging functionality is already provided by plugins!

Originally packaged in pkgsrc-wip by:
- Ondrej Tuma,
- Joerg Sonnenberg,
- Thomas Klausner,
- Tobias Nygren,
- Mark Davies,
- Blue Rats,
- Aleksej Saushev,
- Aleksej Lebedev,
- K.I.A.Derouiche
and
- myself.

(kamil)

set cdn.netbsd.org as the bin install site for netbsd

(mspo)

add cdn.netbsd.org to the top of MASTER_SITE_BACKUP

(mspo)

options.mk:
    Don't default on inet6, since the inet6 code in conserver8 depends
    on some Linux-isms (ipv6 sockets can accept ipv4 packets.)

PLIST:
    add some example configurations that were missing.

(schnoebe)

Added editors/codelite version 9.1

(kamil)

Add editors/codelite

(kamil)

Import codelite-9.1 as editors/codelite

CodeLite is an open source, free, cross platform IDE for the C/C++ programming
languages which runs on all major Platforms.

Originally packaged in pkgsrc-wip by myself.

(kamil)

Require x11/qt4-tools for the qmake tool needed in configure

(kamil)

Import codelite-9.1 as editors/codelite

CodeLite is an open source, free, cross platform IDE for the C/C++ programming
languages which runs on all major Platforms.

Originally packaged in pkgsrc-wip by myself.

(kamil)

Note update of netpgpverify and libnetpgpverify to 20160617

(agc)

Update netpgpverify and libnetpgpverify to 20160617

+ don't assume memory will be NUL-terminated when printing

(agc)

Updated devel/bullet to 2.82

(rumko)

devel/bullet: Update to 2.82

Summary of the included ChangeLog:
* Added GPU deformable object solvers to OpenCL and DirectCompute
* Create a separate library for MiniCL
* Moved vectormath into Bullet/src, and added a SSE implementation
* Added a btParallelConstraintSolver
* Added Separantix Axis Test and Polyhedral Clipping support
* OpenCL and DirectCompute cloth as basic support for capsule collision
* Use Hierachical Approximate Convex Decomposition
* Add Intel cmake-build support for OpenCL accelerated cloth/particle
* preliminary build support for Google NativeClient, using premake4

Ok@ wiz

(rumko)

Updated security/py-certbot to 0.8.1

(fhajny)

Fix forgotten change, ride previous revision

(fhajny)

Update security/py-certbot (and security/py-acme) to 0.8.1.

No changelog provided, Github issues touched:

- Update the autos in response to 0.8.1 release
- Fix default detection
- Provide nonroot guidance when logging gets EACCES.
- Add additional warning with actual exception message during
  renewal
- Interactive webroot values not stored in renewal config file
- Preserve common name during renewal
- Mageia Bootstrap
- Initialize Augeas in a different method to be able to react to
  ImportError
- Renew changes common name
- Update letsencrypt-auto in response to Arch package rename
- On Mac OSX: "ValueError: Invalid header value"
- Strip "\n" from end of OS version string for OS X.
- Revert "Use --force-reinstall to fix bad virtualenv package"
- Exit if cannot bootstrap in certbot-auto
- Add --disable-hook-validation
- --post-hook validation too strict
- letsencrypt-auto gives "sudo" is not available
- mageia bootstrap [needs revision]
- Install/compile fails of letsencrypt-auto on Smartos/Illumos

(fhajny)

graphics/Coin: fix build when used as a dependency

Get rid of:
SbBasic.h:99:5: error: call to function 'cc_debugerror_post' that
is neither visible in the template definition nor found by
argument-dependent lookup

Ok@ wiz

(rumko)

graphics/liblqr: Remove inlines so digikam and clang are happy.

Bump PKGREVISION.

(rumko)

devel/libhid: make it build under fbsd

* malloc and friends need stdlib
* ulong is not defined on FreeBSD

Ok@ wiz

(rumko)

devel/boost-libs: fix build on fbsd

Ensure proper PLIST contents after disabling long double math functions.

Ok@ wiz

(rumko)

Update netpgpverify and libnetpgpverify to 20160616

+ bring over joerg's printflike change from the netpgpverify
version in src/crypto

+ add a test for cleartext signatures with version information
to complement the one with no version information

(agc)

Updated www/nginx-devel to 1.11.1

(fhajny)

Updated www/nginx to 1.10.1

(fhajny)

Update www/nginx-devel to 1.11.1.

Changes with nginx 1.11.1

- Security: a segmentation fault might occur in a worker process
  while writing a specially crafted request body to a temporary
  file (CVE-2016-4450); the bug had appeared in 1.3.9.

Changes with nginx 1.11.0

- Feature: the "transparent" parameter of the "proxy_bind",
  "fastcgi_bind", "memcached_bind", "scgi_bind", and "uwsgi_bind"
  directives.

- Feature: the $request_id variable.

- Feature: the "map" directive supports combinations of multiple
  variables as resulting values.

- Feature: now nginx checks if EPOLLRDHUP events are supported by
  kernel, and optimizes connection handling accordingly if the
  "epoll" method is used.

- Feature: the "ssl_certificate" and "ssl_certificate_key"
  directives can be specified multiple times to load certificates
  of different types (for example, RSA and ECDSA).

- Feature: the "ssl_ecdh_curve" directive now allows specifying a
  list of curves when using OpenSSL 1.0.2 or newer; by default
  a list built into OpenSSL is used.

- Change: to use DHE ciphers it is now required to specify
  parameters using the "ssl_dhparam" directive.

- Feature: the $proxy_protocol_port variable.

- Feature: the $realip_remote_port variable in the
  ngx_http_realip_module.

- Feature: the ngx_http_realip_module is now able to set the
  client port in addition to the address.

- Change: the "421 Misdirected Request" response now used when
  rejecting requests to a virtual server different from one
  negotiated during an SSL handshake; this improves interoperability
  with some HTTP/2 clients when using client certificates.

- Change: HTTP/2 clients can now start sending request body
  immediately; the "http2_body_preread_size" directive controls
  size of the buffer used before nginx will start reading client
  request body.

- Bugfix: cached error responses were not updated when using the
  "proxy_cache_bypass" directive.

Changes with nginx 1.9.15

- Bugfix: "recv() failed" errors might occur when using HHVM as a
  FastCGI server.

- Bugfix: when using HTTP/2 and the "limit_req" or "auth_request"
  directives a timeout or a "client violated flow control" error
  might occur while reading client request body; the bug had appeared
  in 1.9.14.

- Workaround: a response might not be shown by some browsers if
  HTTP/2 was used and client request body was not fully read; the
  bug had appeared in 1.9.14.

- Bugfix: connections might hang when using the "aio threads"
  directive.
  Thanks to Mindaugas Rasiukevicius.

Changes with nginx 1.9.14

- Feature: OpenSSL 1.1.0 compatibility.

- Feature: the "proxy_request_buffering",
  "fastcgi_request_buffering",
  "scgi_request_buffering", and "uwsgi_request_buffering"
  directives now work with HTTP/2.

- Bugfix: "zero size buf in output" alerts might appear in logs
  when using HTTP/2.

- Bugfix: the "client_max_body_size" directive might work
  incorrectly when using HTTP/2.

- Bugfix: of minor bugs in logging.

Changes with nginx 1.9.13

- Change: non-idempotent requests (POST, LOCK, PATCH) are no
  longer passed to the next server by default if a request has
  been sent to a backend; the "non_idempotent" parameter of the
  "proxy_next_upstream" directive explicitly allows retrying such
  requests.

- Feature: the ngx_http_perl_module can be built dynamically.

- Feature: UDP support in the stream module.

- Feature: the "aio_write" directive.

- Feature: now cache manager monitors number of elements in caches
  and tries to avoid cache keys zone overflows.

- Bugfix: "task already active" and "second aio post" alerts might
  appear in logs when using the "sendfile" and "aio" directives
  with subrequests.

- Bugfix: "zero size buf in output" alerts might appear in logs if
  caching was used and a client closed a connection prematurely.

- Bugfix: connections with clients might be closed needlessly if
  caching was used.
  Thanks to Justin Li.

- Bugfix: nginx might hog CPU if the "sendfile" directive was used
  on Linux or Solaris and a file being sent was changed during
  sending.

- Bugfix: connections might hang when using the "sendfile" and
  "aio threads" directives.

- Bugfix: in the "proxy_pass", "fastcgi_pass", "scgi_pass", and
  "uwsgi_pass" directives when using variables.
  Thanks to Piotr Sikora.

- Bugfix: in the ngx_http_sub_filter_module.

- Bugfix: if an error occurred in a cached backend connection, the
  request was passed to the next server regardless of the
  proxy_next_upstream directive.

- Bugfix: "CreateFile() failed" errors when creating temporary
  files on Windows.

Changes with nginx 1.9.12

- Feature: Huffman encoding of response headers in HTTP/2.
  Thanks to Vlad Krasnov.

- Feature: the "worker_cpu_affinity" directive now supports more
  than 64 CPUs.

- Bugfix: compatibility with 3rd party C++ modules; the bug had
  appeared in 1.9.11.
  Thanks to Piotr Sikora.

- Bugfix: nginx could not be built statically with OpenSSL on
  Linux; the bug had appeared in 1.9.11.

- Bugfix: the "add_header ... always" directive with an empty
  value did not delete "Last-Modified" and "ETag" header lines
  from error responses.

- Workaround: "called a function you should not call" and
  "shutdown while in init" messages might appear in logs when
  using OpenSSL 1.0.2f.

- Bugfix: invalid headers might be logged incorrectly.

- Bugfix: socket leak when using HTTP/2.

- Bugfix: in the ngx_http_v2_module.

Changes with nginx 1.9.11

- Feature: TCP support in resolver.

- Feature: dynamic modules.

- Bugfix: the $request_length variable did not include size of
  request headers when using HTTP/2.

- Bugfix: in the ngx_http_v2_module.

(fhajny)

Update www/nginx to 1.10.1.
Update 3rd party modules in options.mk.

Changes with nginx 1.10.1

- Security: a segmentation fault might occur in a worker process while
  writing a specially crafted request body to a temporary file
  (CVE-2016-4450); the bug had appeared in 1.3.9.

Changes with nginx 1.10.0

- 1.10.x stable branch.

Changes with nginx 1.9.15

- Bugfix: "recv() failed" errors might occur when using HHVM as a
  FastCGI server.

- Bugfix: when using HTTP/2 and the "limit_req" or "auth_request"
  directives a timeout or a "client violated flow control" error might
  occur while reading client request body; the bug had appeared in
  1.9.14.

- Workaround: a response might not be shown by some browsers if HTTP/2
  was used and client request body was not fully read; the bug had
  appeared in 1.9.14.

- Bugfix: connections might hang when using the "aio threads"
  directive.
  Thanks to Mindaugas Rasiukevicius.

Changes with nginx 1.9.14

- Feature: OpenSSL 1.1.0 compatibility.

- Feature: the "proxy_request_buffering", "fastcgi_request_buffering",
  "scgi_request_buffering", and "uwsgi_request_buffering" directives
  now work with HTTP/2.

- Bugfix: "zero size buf in output" alerts might appear in logs when
  using HTTP/2.

- Bugfix: the "client_max_body_size" directive might work incorrectly
  when using HTTP/2.

- Bugfix: of minor bugs in logging.

Changes with nginx 1.9.13

- Change: non-idempotent requests (POST, LOCK, PATCH) are no longer
  passed to the next server by default if a request has been sent to a
  backend; the "non_idempotent" parameter of the "proxy_next_upstream"
  directive explicitly allows retrying such requests.

- Feature: the ngx_http_perl_module can be built dynamically.

- Feature: UDP support in the stream module.

- Feature: the "aio_write" directive.

- Feature: now cache manager monitors number of elements in caches and
  tries to avoid cache keys zone overflows.

- Bugfix: "task already active" and "second aio post" alerts might
  appear in logs when using the "sendfile" and "aio" directives with
  subrequests.

- Bugfix: "zero size buf in output" alerts might appear in logs if
  caching was used and a client closed a connection prematurely.

- Bugfix: connections with clients might be closed needlessly if
  caching was used.
  Thanks to Justin Li.

- Bugfix: nginx might hog CPU if the "sendfile" directive was used on
  Linux or Solaris and a file being sent was changed during sending.

- Bugfix: connections might hang when using the "sendfile" and "aio
  threads" directives.

- Bugfix: in the "proxy_pass", "fastcgi_pass", "scgi_pass", and
  "uwsgi_pass" directives when using variables.
  Thanks to Piotr Sikora.

- Bugfix: in the ngx_http_sub_filter_module.

- Bugfix: if an error occurred in a cached backend connection, the
  request was passed to the next server regardless of the
  proxy_next_upstream directive.

- Bugfix: "CreateFile() failed" errors when creating temporary files
  on
  Windows.

Changes with nginx 1.9.12

- Feature: Huffman encoding of response headers in HTTP/2.
  Thanks to Vlad Krasnov.

- Feature: the "worker_cpu_affinity" directive now supports more than
  64 CPUs.

- Bugfix: compatibility with 3rd party C++ modules; the bug had
  appeared in 1.9.11.
  Thanks to Piotr Sikora.

- Bugfix: nginx could not be built statically with OpenSSL on Linux;
  the bug had appeared in 1.9.11.

- Bugfix: the "add_header ... always" directive with an empty value
  did
  not delete "Last-Modified" and "ETag" header lines from error
  responses.

- Workaround: "called a function you should not call" and "shutdown
  while in init" messages might appear in logs when using OpenSSL
  1.0.2f.

- Bugfix: invalid headers might be logged incorrectly.

- Bugfix: socket leak when using HTTP/2.

- Bugfix: in the ngx_http_v2_module.

Changes with nginx 1.9.11

- Feature: TCP support in resolver.

- Feature: dynamic modules.

- Bugfix: the $request_length variable did not include size of request
  headers when using HTTP/2.

- Bugfix: in the ngx_http_v2_module.

Changes with nginx 1.9.10

- Security: invalid pointer dereference might occur during DNS server
  response processing if the "resolver" directive was used, allowing an
  attacker who is able to forge UDP packets from the DNS server to
  cause segmentation fault in a worker process (CVE-2016-0742).

- Security: use-after-free condition might occur during CNAME response
  processing if the "resolver" directive was used, allowing an attacker
  who is able to trigger name resolution to cause segmentation fault in
  a worker process, or might have potential other impact
  (CVE-2016-0746).

- Security: CNAME resolution was insufficiently limited if the
  "resolver" directive was used, allowing an attacker who is able to
  trigger arbitrary name resolution to cause excessive resource
  consumption in worker processes (CVE-2016-0747).

- Feature: the "auto" parameter of the "worker_cpu_affinity"
  directive.

- Bugfix: the "proxy_protocol" parameter of the "listen" directive did
  not work with IPv6 listen sockets.

- Bugfix: connections to upstream servers might be cached incorrectly
  when using the "keepalive" directive.

- Bugfix: proxying used the HTTP method of the original request after
  an "X-Accel-Redirect" redirection.

Changes with nginx 1.9.9

- Bugfix: proxying to unix domain sockets did not work when using
  variables; the bug had appeared in 1.9.8.

Changes with nginx 1.9.8

- Feature: pwritev() support.

- Feature: the "include" directive inside the "upstream" block.

- Feature: the ngx_http_slice_module.

- Bugfix: a segmentation fault might occur in a worker process when
  using LibreSSL; the bug had appeared in 1.9.6.

- Bugfix: nginx could not be built on OS X in some cases.

Changes with nginx 1.9.7

- Feature: the "nohostname" parameter of logging to syslog.

- Feature: the "proxy_cache_convert_head" directive.

- Feature: the $realip_remote_addr variable in the
  ngx_http_realip_module.

- Bugfix: the "expires" directive might not work when using variables.

- Bugfix: a segmentation fault might occur in a worker process when
  using HTTP/2; the bug had appeared in 1.9.6.

- Bugfix: if nginx was built with the ngx_http_v2_module it was
  possible to use the HTTP/2 protocol even if the "http2" parameter of
  the "listen" directive was not specified.

- Bugfix: in the ngx_http_v2_module.

Changes with nginx 1.9.6

- Bugfix: a segmentation fault might occur in a worker process when
  using HTTP/2.
  Thanks to Piotr Sikora and Denis Andzakovic.

- Bugfix: the $server_protocol variable was empty when using HTTP/2.

- Bugfix: backend SSL connections in the stream module might be timed
  out unexpectedly.

- Bugfix: a segmentation fault might occur in a worker process if
  different ssl_session_cache settings were used in different virtual
  servers.

- Bugfix: nginx/Windows could not be built with MinGW gcc; the bug had
  appeared in 1.9.4.
  Thanks to Kouhei Sutou.

- Bugfix: time was not updated when the timer_resolution directive was
  used on Windows.

- Miscellaneous minor fixes and improvements.
  Thanks to Markus Linnala, Kurtis Nusbaum and Piotr Sikora.

Changes with nginx 1.9.5

- Feature: the ngx_http_v2_module (replaces ngx_http_spdy_module).
  Thanks to Dropbox and Automattic for sponsoring this work.

- Change: now the "output_buffers" directive uses two buffers by
  default.

- Change: now nginx limits subrequests recursion, not simultaneous
  subrequests.

- Change: now nginx checks the whole cache key when returning a
  response from cache.
  Thanks to Gena Makhomed and Sergey Brester.

- Bugfix: "header already sent" alerts might appear in logs when using
  cache; the bug had appeared in 1.7.5.

- Bugfix: "writev() failed (4: Interrupted system call)" errors might
  appear in logs when using CephFS and the "timer_resolution" directive
  on Linux.

- Bugfix: in invalid configurations handling.
  Thanks to Markus Linnala.

- Bugfix: a segmentation fault occurred in a worker process if the
  "sub_filter" directive was used at http level; the bug had appeared
  in 1.9.4.

Changes with nginx 1.9.4

- Change: the "proxy_downstream_buffer" and "proxy_upstream_buffer"
  directives of the stream module are replaced with the
  "proxy_buffer_size" directive.

- Feature: the "tcp_nodelay" directive in the stream module.

- Feature: multiple "sub_filter" directives can be used
  simultaneously.

- Feature: variables support in the search string of the "sub_filter"
  directive.

- Workaround: configuration testing might fail under Linux OpenVZ.
  Thanks to Gena Makhomed.

- Bugfix: old worker processes might hog CPU after reconfiguration
  with
  a large number of worker_connections.

- Bugfix: a segmentation fault might occur in a worker process if the
  "try_files" and "alias" directives were used inside a location given
  by a regular expression; the bug had appeared in 1.7.1.

- Bugfix: the "try_files" directive inside a nested location given by
  a regular expression worked incorrectly if the "alias" directive was
  used in the outer location.

- Bugfix: in hash table initialization error handling.

- Bugfix: nginx could not be built with Visual Studio 2015.

Changes with nginx 1.9.3

- Change: duplicate "http", "mail", and "stream" blocks are now
  disallowed.

- Feature: connection limiting in the stream module.

- Feature: data rate limiting in the stream module.

- Bugfix: the "zone" directive inside the "upstream" block did not
  work on Windows.

- Bugfix: compatibility with LibreSSL in the stream module.
  Thanks to Piotr Sikora.

- Bugfix: in the "--builddir" configure parameter.
  Thanks to Piotr Sikora.

- Bugfix: the "ssl_stapling_file" directive did not work; the bug had
  appeared in 1.9.2.
  Thanks to Faidon Liambotis and Brandon Black.

- Bugfix: a segmentation fault might occur in a worker process if the
  "ssl_stapling" directive was used; the bug had appeared in 1.9.2.
  Thanks to Matthew Baldwin.

Changes with nginx 1.9.2

- Feature: the "backlog" parameter of the "listen" directives of the
  mail proxy and stream modules.

- Feature: the "allow" and "deny" directives in the stream module.

- Feature: the "proxy_bind" directive in the stream module.

- Feature: the "proxy_protocol" directive in the stream module.

- Feature: the -T switch.

- Feature: the REQUEST_SCHEME parameter added to the fastcgi.conf,
  fastcgi_params, scgi_params, and uwsgi_params standard configuration
  files.

- Bugfix: the "reuseport" parameter of the "listen" directive of the
  stream module did not work.

- Bugfix: OCSP stapling might return an expired OCSP response in some
  cases.

Changes with nginx 1.9.1

- Change: now SSLv3 protocol is disabled by default.

- Change: some long deprecated directives are not supported anymore.

- Feature: the "reuseport" parameter of the "listen" directive.
  Thanks to Yingqi Lu at Intel and Sepherosa Ziehau.

- Feature: the $upstream_connect_time variable.

- Bugfix: in the "hash" directive on big-endian platforms.

- Bugfix: nginx might fail to start on some old Linux variants; the
  bug had appeared in 1.7.11.

- Bugfix: in IP address parsing.
  Thanks to Sergey Polovko.

Changes with nginx 1.9.0

- Change: obsolete aio and rtsig event methods have been removed.

- Feature: the "zone" directive inside the "upstream" block.

- Feature: the stream module.

- Feature: byte ranges support in the ngx_http_memcached_module.
  Thanks to Martin Mlynar.

- Feature: shared memory can now be used on Windows versions with
  address space layout randomization.
  Thanks to Sergey Brester.

- Feature: the "error_log" directive can now be used on mail and
  server levels in mail proxy.

- Bugfix: the "proxy_protocol" parameter of the "listen" directive did
  not work if not specified in the first "listen" directive for a
  listen socket.

(fhajny)

Note update of www/SOGo package to 2.3.12.

(taca)

Update SOGo to 2.3.12, including security fix.

2.3.12 (2016-06-10)
-------------------

Enhancements
- [web] updated CKEditor to version 4.5.9
- [web] CKEditor: switched to the minimalist skin
- [web] CKEditor: added the base64image plugin
- [web] CKEditor: added the pastefromword plugin (#2295, #3313)
- [web] added Turkish (Turkey) (tr_TR) translation - thanks to Sinan Kurşunoğlu

Bug fixes
- [core] sanity checks for events with bogus timezone offsets
- [core] strip X- tags when securing content (#3695)
- [core] properly handle flattened timezone definitions (#2690)
- [eas] when using EAS/ItemOperations, use IMAP PEEK operation
- [web] fixed recipients when replying from a message in the Sent mailbox (#2625)
- [web] fixed localizable strings in Card viewer
- [web] properly encode HTML attributes in Contacts module to avoid XSS issues
- [web] handle c_mail field format of quick record of contacts of v3 (#3443)
- [web] fixed all-day events covering a timezone change (#3457)
- [web] fixed display of invitation with a category (#3590)

2.3.11 (2016-04-XX)
-------------------

Bug fixes
- properly escape organizer name when using EAS (#3615)
- properly escape wide characters (#3616)
- calendars list when creating a new component in a calendar in which the user
  can't delete components
- avoid double-appending domains in cache for multi-domain configurations (#3614)
- encode CR in EAS payload (#3626)
- password change during login process when using ppolicy
- correctly set answered/forwarded flags during EAS smart operations
- don't mark calendar invitations as read when fetching messages using EAS
- fixed messages archiving as zip file
- fixed multidomain issue with non-unique ID accross domains (#3625)
- fixed bogus headers generation when stripping folded bcc header (#3664)
- fixed issue with multi-value org units (#3630)
- fixed senstive range of checkboxes in appointment editor (#3665)

2.3.10 (2016-04-05)
-------------------

New features
- new user-based rate-limiting support for all SOGo requests (#3188)

Bug fixes
- respect the LDAP attributes mapping in the list view
- handle empty body data when forwarding mails (#3581)
- correctly set EAS message class for S/MIME messages (#3576)
- we now handle the default classifications for tasks (#3541)
- handle FilterType changes using EAS (#3543)
- handle Dovecot's mail_shared_explicit_inbox parameter when using EAS
- prevent concurrent Sync ops from same EAS device (#3603)
- handle EAS loop termination when SOGo is being shutdown (#3604)
- avoid marking mails as read when archiving a folder (#2792)
- now cache heartbeat interval and folders list during EAS Ping ops (#3606)
- sanitize non-us-ascii 7bit emails when using EAS (#3592)

2.3.9 (2016-03-16)
------------------

New features
- you can now limit the file upload size using the WOMaxUploadSize
  configuration parameter (integer value in kilobytes) (#3510, #3135)

Enhancements
- allow resources to prevent invitations (#3410)
- now support EAS MIME truncation
- added Lithuanan (lt) translation - thanks to Mantas Liobė

Bug fixes
- allow EAS attachments get on 2nd-level mailboxes (#3505)
- fixed EAS bday shift (#3518)
- prefer SOGoRefreshViewCheck to SOGoMailMessageCheck (#3465)
- properly unfold long mail headers (#3152)

(taca)

Note update of devel/SOPE package to 2.3.12.

(taca)

Update SOPE to 2.3.12 required by SOGo 2.3.12.

Changes are too many to write here, please refer ChangeLog file.

(taca)

Updated net/syncthing to 0.13.7

(abs)

Updated net/syncthing to 0.13.7

v0.13.7

Fixes the issue with the GUI being grey on startup (#3301)

v0.13.6

This is a bugfix release. There are also multiple cleanups and minor improvements to the web UI by @norgeous.

Resolved issues:

#3262: v0.13.5 -no-upgrade build now requires gcc (@calmh)
#3267: Favicon should not be animated (@calmh)
#3136: Toggling HTTP/HTTPS breaks GUI/API (@calmh)
#3287: Understand older/newer Hello messages (@calmh)
Warnings on relay connectivity issues are reduced (@scienmind)

(abs)

Remove unneeded patch after update to 6.0p1

(wiz)

Updated databases/mysql56 to 5.6.31

(adam)

Changes 5.6.31:

Security Notes

The linked OpenSSL library for the MySQL Commercial Server has been updated to version 1.0.1t. Issues fixed in the new version are described at http://www.openssl.org/news/vulnerabilities.html.

This change does not affect the Oracle-produced MySQL Community build of MySQL Server, which uses the yaSSL library instead. (Bug 23229564)

Functionality Added or Changed

A new CMake option, WITH_SYMVER16, if enabled, causes the libmysqlclient client library to contain extra symbols to be compatible with libmysqlclient on RHEL/OEL 5, 6, 7, and Fedora releases. All symbols present in libmysqlclient.so.16 are tagged with symver 16 in libmsqlclient.so.18, making those symbols have both symver 16 and 18. (Bug 22980983)

support-files/MacOSX/ReadMe.txt is no longer included in MySQL distributions. (Bug 81038, Bug 23088916)

The version of the tcmalloc library included in MySQL distributions was very old. It has been removed and is no longer included with MySQL. (Bug 80994, Bug 23068660)

Bugs Fixed

InnoDB: MySQL failed to build on Fedora 24 using GCC 6. (Bug 23227804)

InnoDB: Potential buffer overflow issues were corrected for the InnoDB memcached plugin. (Bug 23187607)

InnoDB: The full-text index cache was freed during a background index cache synchronization. (Bug 22996488)

InnoDB: A full-text index operation raised an assertion. (Bug 22963169)

InnoDB: An INSERT operation on a table with a FULLTEXT index and FTS_DOC_ID column failed because the inserted FTS_DOC_ID value exceeded the permitted gap between consecutive FTS_DOC_ID values. To avoid this problem, the permitted gap between the largest used FTS_DOC_ID value and new FTS_DOC_ID value was raised from 10000 to 65535. (Bug 22679185)

InnoDB: With innodb_autoinc_lock_mode=0, multiple threads waiting for a table-level lock caused an unexpected deadlock. (Bug 21983865, Bug 78761)

InnoDB: A FLUSH TABLES ... FOR EXPORT operation appeared to stall. A loop in the ibuf_contract_in_background function failed to exit. (Bug 21133329, Bug 77011)

InnoDB: A full-text query raised an assertion. Under certain circumstances, DDL operations such as ALTER TABLE ... RENAME caused full-text auxiliary tables to be removed on server restart. (Bug 13651665)

Replication: In the next_event() function, which is called by a slave's SQL thread to read the next even from the relay log, the SQL thread did not release the relaylog.log_lock it acquired when it ran into an error (for example, due to a closed relay log), causing all other threads waiting to acquire a lock on the relay log to hang. With this fix, the lock is released before the SQL thread leaves the function under the situation. (Bug 21697821)

References: See also: Bug 20492319.

Replication: If a multi-threaded replication slave running with relay_log_recovery=1 stopped unexpectedly, during restart the relay log recovery process could fail. This was due to transaction inconsistencies not being filled, see Handling an Unexpected Halt of a Replication Slave. Prior to this fix, to recover from this situation required manually setting relay_log_recovery=0, starting the slave with START SLAVE UNTIL SQL_AFTER_MTS_GAPS to fix any transaction inconsistencies and then restarting the slave with relay_log_recovery=1. This process has now been automated, enabling relay log recovery of a multi-threaded slave upon restart automatically. (Bug 77496, Bug 21507981)

INSERT with ON DUPLICATE KEY UPDATE and REPLACE on a table with a foreign key constraint defined failed with an incorrect ���duplicate entry��� error rather than a foreign key constraint violation error. (Bug 23135731)

References: This issue is a regression of: Bug 78853, Bug 22037930.

For debug builds, CONCAT_WS() could raise an assertion if there was nothing to append. (Bug 22888420)

Invoking Enterprise Encryption functions in multiple threads simultaneously could cause a server exit. (Bug 22839278)

Attempting to use Enterprise Encryption functions after creating and dropping them could cause a server exit. (Bug 22669012)

Setting sort_buffer_size to a very large value could cause some operations to fail with an out-of-memory error. (Bug 22594514)

An assertion could be raised when a deadlock occurred due to a SELECT ... GROUP BY ... FOR UPDATE query executed using a Loose Index Scan. (Bug 22187476)

Several potential buffer overflow issues were corrected. (Bug 21977380, Bug 23187436, Bug 23202778, Bug 23195370, Bug 23202699)

If the CA certificate as given to the --ssl-ca option had an invalid path, yaSSL returned an error message different from OpenSSL. Now both return SSL connection error: SSL_CTX_set_default_verify_paths failed. (Bug 21920657)

Some string functions returned one or a combination of their parameters as their result. If one of the parameters had a non-ASCII character set, the result string had the same character set, resulting in incorrect behavior when an ASCII string was expected. (Bug 18740222)

On Windows, MySQL installation could result in MySQL being placed under C:\Program Files\Canon\Easy-WebPrint EX. (Bug 14583183)

References: See also: Bug 70918, Bug 68821, Bug 68227.

On Fedora 24, upgrades using a Community MySQL Server RPM failed to replace an installed MariaDB Galera server due to a change in the MariaDB package. (Bug 81390, Bug 23273818)

MySQL did not compile under Solaris 12 using Sun Studio. To correct this, instances of __attribute__ were changed to MY_ATTRIBUTE. (Bug 80748, Bug 22932576)

The INSTALL-SOURCE file had partly outdated information and has been removed from source packages. (Binary packages are unaffected). (Bug 80680, Bug 23081064)

For a server compiled with -DWITH_PERFSCHEMA_STORAGE_ENGINE=0, a memory leak could occur for buffered log messages used during server startup. (Bug 80089, Bug 22578574)

For debug builds, merging a derived table into an outer query block could raise an assertion. (Bug 79502, Bug 22305361, Bug 21139722)

A null pointer dereference of a parser structure could occur during stored procedure name validation. (Bug 79396, Bug 22286421)

Using CREATE USER to create an account with the mysql_native_password or mysql_old_password authentication plugin and using a clause of the form IDENTIFIED WITH plugin AS 'hash_string' caused the account to be created without a password. (Bug 78033, Bug 21616496)

Failure of UNINSTALL PLUGIN could lead to inaccurate or confusing errors for subsequent INSTALL PLUGIN operations. (Bug 74977, Bug 20085672)

mysqld_multi displayed misleading error messages when it was unable to execute my_print_defaults. (Bug 74636, Bug 19920049)

On Windows, MySQL installation failed if the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ registry key was present with a key/value pair of "InstallLocation" and "\Hewlett-Packard\\". (Bug 74631, Bug 19949163)

mysqldump failed silently with no error message when it encountered an error while executing FLUSH LOGS.

(adam)

Override INSTALL script to make sure owner/group args do not leak
into the binary packages. Fixes problems with building software
manually against binary postgresql*-client packages built under an
unprivileged setup. Bump respective PKGREVISION.

See https://github.com/joyent/pkgsrc/issues/377

(fhajny)

Added editors/sasm version 3.5.0

(kamil)

Add editors/sasm

(kamil)

Import SASM-3.5.0 as editors/sasm

SASM (SimpleASM) - simple Open Source crossplatform IDE for NASM, MASM, GAS,
FASM assembly languages.

SASM has syntax highlighting and debugger.

The program works out of the box and is great for beginners to learn assembly
language.

SASM is translated into Russian and English.

Originally packaged in pkgsrc-wip by myself.

(kamil)

Updated graphics/p5-Image-ExifTool to 10.20

(wiz)

Updated p5-Image-ExifTool to 10.20.

June 13, 2016 - Version 10.20 (production release)

    Added a few new Sigma LensTypes (thanks LibRaw and Jos Roost)
    Added a new Sony LensType (thanks Jos Roost)
    Added two new Canon LensTypes (thanks Jos Roost and Norbert Wasser)
    Added a couple of new PentaxModelID's (thanks Louis Granboulan for one)
    Added a new Pentax LensType (thanks Louis Granboulan)
    Added a few new Olympus PictureMode values (thanks Daniel Pollock)
    Added a few more XMP tags
    Decode a new Nikon video tag (thanks Hayo Baan)
    Patched to allow protected binary data tags to be extracted when -b is combined with -php or -X if the tag is specifically requested
    Fixed bug introduced in version 9.96 where extended XMP is ignored if the MWG module is used
    Fixed problem where the MWG module wasn't loaded automatically if there were MWG tags in the argument to the -p option
    Fixed column alignment of alternate-language output (requires Unicode::LineBreak to be installed)
    Fixed problem writing Sigma:LensFocalRange

May 31, 2016 - Version 10.19

    Added a few new Sony and Sigma LensType values (thanks Jos Roost)
    Decode more Nikon tags (thanks Warren Hatch)
    Fixed an incorrect Sigma LensType (thanks LibRaw)
    Fixed decoding of D500 custom settings for NEF images (thanks Warren Hatch)

May 27, 2016 - Version 10.18

    Added a number of new Sigma LensTypes (thanks LibRaw)
    Added a few new Sony/Minolta lenses (thanks Jos Roost)
    Added ability to write FilePermissions
    Decode NikonCustom settings for the D500 (thanks Warren Hatch)
    Decode PLUS MediaSummaryCode values
    Use hexadecimal for Sigma LensType values
    Changed -fileOrder option to sort numbers in strings numerically
    Fixed typo in Samsung lens name

May 16, 2016 - Version 10.17

    Added support for Leica X-U (Typ 113) maker notes
    Added a new Pentax LensType (thanks Louis Granboulan)
    Added a number of new Sony lenses (thanks Jos Roost)
    Added a new Canon LensType (thanks Mees Dekker)
    Extract TIFF-format thumbnails and previews
    Patched to ignore XML entities inside comments
    Fixed inconsistent conversion of PreviewColorSpace values
    Fixed writing of TargetPrinter tag
    Fixed bug introduced in 10.16 which which could cause a runtime warning when using the -o option and not writing any "real" tags

May 3, 2016 - Version 10.16

    Added %D, %F and %E filename format codes
    Added a new Minolta lens (thanks Jos Roost)
    Decode Photoshop Compression mode
    Decode Nikon MultiExposure information for the D5
    Updated decoding of Sony tags for ILCA-68 (thanks Jos Roost)
    Fixed bug adding back XMP tags after deleting all XMP from MOV/MP4 files
    Fixed problem using -o option when reading from stdin (ie. FILE is "-")
    Fixed problem where user-defined Composite tags may not always override pre-defined Composite tags with the same name, and added feature to allow the user to specify whether they should override existing tags or not

(wiz)

Updated www/p5-CGI to 4.31

(wiz)

Updated p5-CGI to 4.31.

4.31 2016-06-14

    [ FEATURES ]
    - Add SameSite support to Cookie handling (thanks to pangyre)

    [ INTERNALS ]
    - The MultipartBuffer package has been renamed to CGI::MultipartBuffer.
      This has been done in a way to ensure any $MultipartBuffer package
      variables are still set correctly in CGI::MultipartBuffer. if you are
      explicitly using MultipartBuffer in a form such as:

        MultipartBuffer->new

      your code will break. you should be calling:

        CGI->new->new_MultipartBuffer( $boundary,$length );

      to ensure the correctly package is called. if you are extending the
      MultipartBuffer package though use of ISA or base (or parent) then you
      will need to update your code to use CGI::MultipartBuffer

    - fake using strict and warnings to appease CPANTS Kwalitee

    - require File::Temp v0.17+ to get seekable file handles (GH #204)

(wiz)

Updated net/openntpd to 6.0p1

(wiz)

Updated openntpd to 6.0p1.

Changes since OpenNTPD 5.9p1
============================

    * Fixed a link failure on older Linux distributions and a build
      failure on FreeBSD.
    * Set MOD_MAXERROR to avoid unsynced time status when using
      ntp_adjtime.
    * Fixed HTTP Timestamp header parsing to use strptime in a more
      portable fashion.
    * Hardened TLS for ntpd constraints, enabling server name
      verification. Thanks to Luis M. Merino.

Note that HTTPS TLS constraints are currently disabled in pkgsrc pending
evaluation of how best to deal with libressl.

(wiz)

Note update of netpgpverify and libnetpgpverify to 20160615

(agc)

Update netpgpverify and libnetpgpverify to 20160615:

Simplify the method of finding the end of the versioning information
in the signature - back up to the "\n" character at the end of the
signature start:

"-----BEGIN PGP SIGNATURE-----\n"

and then find the "\n\n" character sequence to denote the start of the
signature itself. The previous version worked, but this is more efficient.

(agc)

+ fuse-emulator-1.2.0, tor-browser-6.0.1.

(wiz)

Updated x11/dunst to 1.1.0nb1

(kamil)

Fix prefix to software in config.h of dunst

Bump PKGREVISION.

Patch by Mateusz Poszwa.

(kamil)

Note update of netpgpverify and libnetpgpverify to 20160614

(agc)

Update netpgpverify (and libnetpgpverify) to 20160614

+ handle signatures created by gpg with "--no-emit-version", don't assume
there will always be a version string.

+ add a test for above

Fixes security PR/51240.

Thanks to xnox@ubuntu.com for reporting the error

(agc)

Set proper VARBASE in the example configuration

Little change - no PKGREVISION bump.

Patch by Mateusz Poszwa.

(kamil)

Updated devel/git to 2.9.0; Updated databases/mysql55 to 5.5.50

(adam)

Git 2.9 Release Notes
=====================

Backward compatibility notes
----------------------------

The end-user facing Porcelain level commands in the "git diff" and
"git log" family by default enable the rename detection; you can still
use "diff.renames" configuration variable to disable this.

Merging two branches that have no common ancestor with "git merge" is
by default forbidden now to prevent creating such an unusual merge by
mistake.

The output formats of "git log" that indents the commit log message by
4 spaces now expands HT in the log message by default.  You can use
the "--no-expand-tabs" option to disable this.

"git commit-tree" plumbing command required the user to always sign
its result when the user sets the commit.gpgsign configuration
variable, which was an ancient mistake, which this release corrects.
A script that drives commit-tree, if it relies on this mistake, now
needs to read commit.gpgsign and pass the -S option as necessary.

Updates since v2.8
------------------

UI, Workflows & Features

* Comes with git-multimail 1.3.1 (in contrib/).

* The end-user facing commands like "git diff" and "git log"
  now enable the rename detection by default.

* The credential.helper configuration variable is cumulative and
  there is no good way to override it from the command line.  As
  a special case, giving an empty string as its value now serves
  as the signal to clear the values specified in various files.

* A new "interactive.diffFilter" configuration can be used to
  customize the diff shown in "git add -i" sessions.

* "git p4" now allows P4 author names to be mapped to Git author
  names.

* "git rebase -x" can be used without passing "-i" option.

* "git -c credential.<var>=<value> submodule" can now be used to
  propagate configuration variables related to credential helper
  down to the submodules.

* "git tag" can create an annotated tag without explicitly given an
  "-a" (or "-s") option (i.e. when a tag message is given).  A new
  configuration variable, tag.forceSignAnnotated, can be used to tell
  the command to create signed tag in such a situation.

* "git merge" used to allow merging two branches that have no common
  base by default, which led to a brand new history of an existing
  project created and then get pulled by an unsuspecting maintainer,
  which allowed an unnecessary parallel history merged into the
  existing project.  The command has been taught not to allow this by
  default, with an escape hatch "--allow-unrelated-histories" option
  to be used in a rare event that merges histories of two projects
  that started their lives independently.

* "git pull" has been taught to pass the "--allow-unrelated-histories"
  option to underlying "git merge".

* "git apply -v" learned to report paths in the patch that were
  skipped via --include/--exclude mechanism or being outside the
  current working directory.

* Shell completion (in contrib/) updates.

* The commit object name reported when "rebase -i" stops has been
  shortened.

* "git worktree add" can be given "--no-checkout" option to only
  create an empty worktree without checking out the files.

* "git mergetools" learned to drive ExamDiff.

* "git pull --rebase" learned "--[no-]autostash" option, so that
  the rebase.autostash configuration variable set to true can be
  overridden from the command line.

* When "git log" shows the log message indented by 4-spaces, the
  remainder of a line after a HT does not align in the way the author
  originally intended.  The command now expands tabs by default to help
  such a case, and allows the users to override it with a new option,
  "--no-expand-tabs".

* "git send-email" now uses a more readable timestamps when
  formulating a message ID.

* "git rerere" can encounter two or more files with the same conflict
  signature that have to be resolved in different ways, but there was
  no way to record these separate resolutions.

* "git p4" learned to record P4 jobs in Git commit that imports from
  the history in Perforce.

* "git describe --contains" often made a hard-to-justify choice of
  tag to name a given commit, because it tried to come up
  with a name with smallest number of hops from a tag, causing an old
  commit whose close descendant that is recently tagged were not
  described with respect to an old tag but with a newer tag.  It did
  not help that its computation of "hop" count was further tweaked to
  penalize being on a side branch of a merge.  The logic has been
  updated to favor using the tag with the oldest tagger date, which
  is a lot easier to explain to the end users: "We describe a commit
  in terms of the (chronologically) oldest tag that contains the
  commit."

* "git clone" learned the "--shallow-submodules" option.

* HTTP transport clients learned to throw extra HTTP headers at the
  server, specified via http.extraHeader configuration variable.

* The "--compaction-heuristic" option to "git diff" family of
  commands enables a heuristic to make the patch output more readable
  by using a blank line as a strong hint that the contents before and
  after it belong to logically separate units.  It is still
  experimental.

* A new configuration variable core.hooksPath allows customizing
  where the hook directory is.

* An earlier addition of "sanitize_submodule_env" with 14111fc4 (git:
  submodule honor -c credential.* from command line, 2016-02-29)
  turned out to be a convoluted no-op; implement what it wanted to do
  correctly, and stop filtering settings given via "git -c var=val".

* "git commit --dry-run" reported "No, no, you cannot commit." in one
  case where "git commit" would have allowed you to commit, and this
  improves it a little bit ("git commit --dry-run --short" still does
  not give you the correct answer, for example).  This is a stop-gap
  measure in that "commit --short --dry-run" still gives an incorrect
  result.

* The experimental "multiple worktree" feature gains more safety to
  forbid operations on a branch that is checked out or being actively
  worked on elsewhere, by noticing that e.g. it is being rebased.

* "git format-patch" learned a new "--base" option to record what
  (public, well-known) commit the original series was built on in
  its output.

* "git commit" learned to pay attention to the "commit.verbose"
  configuration variable and act as if the "--verbose" option
  was given from the command line.

* Updated documentation gives hints to GMail users with two-factor
  auth enabled that they need app-specific-password when using
  "git send-email".

* The manpage output of our documentation did not render well in
  terminal; typeset literals in bold by default to make them stand
  out more.

* The mark-up in the top-level README.md file has been updated to
  typeset CLI command names differently from the body text.

Performance, Internal Implementation, Development Support etc.

* The embedded args argv-array in the child process is used to build
  the command line to run pack-objects instead of using a separate
  array of strings.

* A test for tags has been restructured so that more parts of it can
  easily be run on a platform without a working GnuPG.

* The startup_info data, which records if we are working inside a
  repository (among other things), are now uniformly available to Git
  subcommand implementations, and Git avoids attempting to touch
  references when we are not in a repository.

* The command line argument parser for "receive-pack" has been
  rewritten to use parse-options.

* A major part of "git submodule update" has been ported to C to take
  advantage of the recently added framework to run download tasks in
  parallel.  Other updates to "git submodule" that move pieces of
  logic to C continues.

* Rename bunch of tests on "git clone" for better organization.

* The tests that involve running httpd leaked the system-wide
  configuration in /etc/gitconfig to the tested environment.

* Build updates for MSVC.

* The repository set-up sequence has been streamlined (the biggest
  change is that there is no longer git_config_early()), so that we
  do not attempt to look into refs/* when we know we do not have a
  Git repository.

* Code restructuring around the "refs" API to prepare for pluggable
  refs backends.

* Sources to many test helper binaries and the generated helpers
  have been moved to t/helper/ subdirectory to reduce clutter at the
  top level of the tree.

* Unify internal logic between "git tag -v" and "git verify-tag"
  commands by making one directly call into the other.

* "merge-recursive" strategy incorrectly checked if a path that is
  involved in its internal merge exists in the working tree.

* The test scripts for "git p4" (but not "git p4" implementation
  itself) has been updated so that they would work even on a system
  where the installed version of Python is python 3.

* As nobody maintains our in-tree git.spec.in and distros use their
  own spec file, we stopped pretending that we support "make rpm".

* Move from "unsigned char[20]" to "struct object_id" continues.

* The code for warning_errno/die_errno has been refactored and a new
  error_errno() reporting helper is introduced.
  (merge 1da045f nd/error-errno later to maint).

* Running tests with '-x' option to trace the individual command
  executions is a useful way to debug test scripts, but some tests
  that capture the standard error stream and check what the command
  said can be broken with the trace output mixed in.  When running
  our tests under "bash", however, we can redirect the trace output
  to another file descriptor to keep the standard error of programs
  being tested intact.

* t0040 had too many unnecessary repetitions in its test data.  Teach
  test-parse-options program so that a caller can tell what it
  expects in its output, so that these repetitions can be cleaned up.

* Add perf test for "rebase -i".

* Common mistakes when writing gitlink: in our documentation are
  found by "make check-docs".

* t9xxx series has been updated primarily for readability, while
  fixing small bugs in it.  A few scripted Porcelain commands have
  also been updated to fix possible bugs around their use of
  "test -z" and "test -n".

* CI test was taught to run git-svn tests.

* "git cat-file --batch-all" has been sped up, by taking advantage
  of the fact that it does not have to read a list of objects, in two
  ways.

* test updates to make it more readable and maintainable.
  (merge e6273f4 es/t1500-modernize later to maint).

* "make DEVELOPER=1" worked as expected; setting DEVELOPER=1 in
  config.mak didn't.
  (merge 51dd3e8 mm/makefile-developer-can-be-in-config-mak later to maint).

* The way how "submodule--helper list" signals unmatch error to its
  callers has been updated.

* A bash-ism "local" has been removed from "git submodule" scripted
  Porcelain.

Also contains various documentation updates and code clean-ups.

(adam)

Changes 5.5.0:

Functionality Added or Changed

The version of the tcmalloc library included in MySQL distributions was very old. It has been removed and is no longer included with MySQL.

Bugs Fixed

INSERT with ON DUPLICATE KEY UPDATE and REPLACE on a table with a foreign key constraint defined failed with an incorrect ���duplicate entry��� error rather than a foreign key constraint violation error.

Setting sort_buffer_size to a very large value could cause some operations to fail with an out-of-memory error.

Several potential buffer overflow issues were corrected.

If the CA certificate as given to the --ssl-ca option had an invalid path, yaSSL returned an error message different from OpenSSL. Now both return SSL connection error: SSL_CTX_set_default_verify_paths failed.

Some string functions returned one or a combination of their parameters as their result. If one of the parameters had a non-ASCII character set, the result string had the same character set, resulting in incorrect behavior when an ASCII string was expected.

A null pointer dereference of a parser structure could occur during stored procedure name validation.

mysqld_multi displayed misleading error messages when it was unable to execute my_print_defaults.

(adam)

-Wmaybe-uninitialized doesn't exist for NetBSD 6's gcc 4.5.3 and
breaks the build.  It does exist in NetBSD 7's gcc 4.8.4, but the
build is successful without it. So only apply the flag for gcc 5,
as it is necessary for 5.4.0.

Report from jnemeth@

(prlw1)

bump pkgrevision.

(youri)

Update PLIST.

(youri)

Remove stray chunk from patch file. Ride previous revision.

(fhajny)

Use proper CONF_FILES for my.cnf. Makes mysql56-client look for it
under $PKG_SYSCONFDIR, and prevents mysql_install_db from creating
$PREFIX/my.cnf. Brings mysql56-client and mysql56-server in sync
WRT my.cnf location. Bump respective PKGREVISIONs.

Noticed by peterkelm@ on Github.

(fhajny)

Use the blue background by default, the teal background looks bad.

(youri)

Remove discouraged x-zip MIME type.

(youri)

Updated graphics/libjpeg-turbo to 1.5.0

(wiz)

Updated libjpeg-turbo to 1.5.0.

1.5.0
=====

### Significant changes relative to 1.5 beta1:

1. Fixed an issue whereby a malformed motion-JPEG frame could cause the "fast
path" of libjpeg-turbo's Huffman decoder to read from uninitialized memory.

2. Added libjpeg-turbo version and build information to the global string table
of the libjpeg and TurboJPEG API libraries.  This is a common practice in other
infrastructure libraries, such as OpenSSL and libpng, because it makes it easy
to examine an application binary and determine which version of the library the
application was linked against.

3. Fixed a couple of issues in the PPM reader that would cause buffer overruns
in cjpeg if one of the values in a binary PPM/PGM input file exceeded the
maximum value defined in the file's header.  libjpeg-turbo 1.4.2 already
included a similar fix for ASCII PPM/PGM files.  Note that these issues were
not security bugs, since they were confined to the cjpeg program and did not
affect any of the libjpeg-turbo libraries.

4. Fixed an issue whereby attempting to decompress a JPEG file with a corrupt
header using the `tjDecompressToYUV2()` function would cause the function to
abort without returning an error and, under certain circumstances, corrupt the
stack.  This only occurred if `tjDecompressToYUV2()` was called prior to
calling `tjDecompressHeader3()`, or if the return value from
`tjDecompressHeader3()` was ignored (both cases represent incorrect usage of
the TurboJPEG API.)

5. Fixed an issue in the ARM 32-bit SIMD-accelerated Huffman encoder that
prevented the code from assembling properly with clang.

6. The `jpeg_stdio_src()`, `jpeg_mem_src()`, `jpeg_stdio_dest()`, and
`jpeg_mem_dest()` functions in the libjpeg API will now throw an error if a
source/destination manager has already been assigned to the compress or
decompress object by a different function or by the calling program.  This
prevents these functions from attempting to reuse a source/destination manager
structure that was allocated elsewhere, because there is no way to ensure that
it would be big enough to accommodate the new source/destination manager.

1.4.90 (1.5 beta1)
==================

### Significant changes relative to 1.4.2:

1. Added full SIMD acceleration for PowerPC platforms using AltiVec VMX
(128-bit SIMD) instructions.  Although the performance of libjpeg-turbo on
PowerPC was already good, due to the increased number of registers available
to the compiler vs. x86, it was still possible to speed up compression by about
3-4x and decompression by about 2-2.5x (relative to libjpeg v6b) through the
use of AltiVec instructions.

2. Added two new libjpeg API functions (`jpeg_skip_scanlines()` and
`jpeg_crop_scanline()`) that can be used to partially decode a JPEG image.  See
[libjpeg.txt](libjpeg.txt) for more details.

3. The TJCompressor and TJDecompressor classes in the TurboJPEG Java API now
implement the Closeable interface, so those classes can be used with a
try-with-resources statement.

4. The TurboJPEG Java classes now throw unchecked idiomatic exceptions
(IllegalArgumentException, IllegalStateException) for unrecoverable errors
caused by incorrect API usage, and those classes throw a new checked exception
type (TJException) for errors that are passed through from the C library.

5. Source buffers for the TurboJPEG C API functions, as well as the
`jpeg_mem_src()` function in the libjpeg API, are now declared as const
pointers.  This facilitates passing read-only buffers to those functions and
ensures the caller that the source buffer will not be modified.  This should
not create any backward API or ABI incompatibilities with prior libjpeg-turbo
releases.

6. The MIPS DSPr2 SIMD code can now be compiled to support either FR=0 or FR=1
FPUs.

7. Fixed additional negative left shifts and other issues reported by the GCC
and Clang undefined behavior sanitizers.  Most of these issues affected only
32-bit code, and none of them was known to pose a security threat, but removing
the warnings makes it easier to detect actual security issues, should they
arise in the future.

8. Removed the unnecessary `.arch` directive from the ARM64 NEON SIMD code.
This directive was preventing the code from assembling using the clang
integrated assembler.

9. Fixed a regression caused by 1.4.1[6] that prevented 32-bit and 64-bit
libjpeg-turbo RPMs from being installed simultaneously on recent Red Hat/Fedora
distributions.  This was due to the addition of a macro in jconfig.h that
allows the Huffman codec to determine the word size at compile time.  Since
that macro differs between 32-bit and 64-bit builds, this caused a conflict
between the i386 and x86_64 RPMs (any differing files, other than executables,
are not allowed when 32-bit and 64-bit RPMs are installed simultaneously.)
Since the macro is used only internally, it has been moved into jconfigint.h.

10. The x86-64 SIMD code can now be disabled at run time by setting the
`JSIMD_FORCENONE` environment variable to `1` (the other SIMD implementations
already had this capability.)

11. Added a new command-line argument to TJBench (`-nowrite`) that prevents the
benchmark from outputting any images.  This removes any potential operating
system overhead that might be caused by lazy writes to disk and thus improves
the consistency of the performance measurements.

12. Added SIMD acceleration for Huffman encoding on SSE2-capable x86 and x86-64
platforms.  This speeds up the compression of full-color JPEGs by about 10-15%
on average (relative to libjpeg-turbo 1.4.x) when using modern Intel and AMD
CPUs.  Additionally, this works around an issue in the clang optimizer that
prevents it (as of this writing) from achieving the same performance as GCC
when compiling the C version of the Huffman encoder
(<https://llvm.org/bugs/show_bug.cgi?id=16035>).  For the purposes of
benchmarking or regression testing, SIMD-accelerated Huffman encoding can be
disabled by setting the `JSIMD_NOHUFFENC` environment variable to `1`.

13. Added ARM 64-bit (ARMv8) NEON SIMD implementations of the commonly-used
compression algorithms (including the slow integer forward DCT and h2v2 & h2v1
downsampling algorithms, which are not accelerated in the 32-bit NEON
implementation.)  This speeds up the compression of full-color JPEGs by about
75% on average on a Cavium ThunderX processor and by about 2-2.5x on average on
Cortex-A53 and Cortex-A57 cores.

14. Added SIMD acceleration for Huffman encoding on NEON-capable ARM 32-bit
and 64-bit platforms.

    For 32-bit code, this speeds up the compression of full-color JPEGs by
about 30% on average on a typical iOS device (iPhone 4S, Cortex-A9) and by
about 6-7% on average on a typical Android device (Nexus 5X, Cortex-A53 and
Cortex-A57), relative to libjpeg-turbo 1.4.x.  Note that the larger speedup
under iOS is due to the fact that iOS builds use LLVM, which does not optimize
the C Huffman encoder as well as GCC does.

    For 64-bit code, NEON-accelerated Huffman encoding speeds up the
compression of full-color JPEGs by about 40% on average on a typical iOS device
(iPhone 5S, Apple A7) and by about 7-8% on average on a typical Android device
(Nexus 5X, Cortex-A53 and Cortex-A57), in addition to the speedup described in
[13] above.

    For the purposes of benchmarking or regression testing, SIMD-accelerated
Huffman encoding can be disabled by setting the `JSIMD_NOHUFFENC` environment
variable to `1`.

15. pkg-config (.pc) scripts are now included for both the libjpeg and
TurboJPEG API libraries on Un*x systems.  Note that if a project's build system
relies on these scripts, then it will not be possible to build that project
with libjpeg or with a prior version of libjpeg-turbo.

16. Optimized the ARM 64-bit (ARMv8) NEON SIMD decompression routines to
improve performance on CPUs with in-order pipelines.  This speeds up the
decompression of full-color JPEGs by nearly 2x on average on a Cavium ThunderX
processor and by about 15% on average on a Cortex-A53 core.

17. Fixed an issue in the accelerated Huffman decoder that could have caused
the decoder to read past the end of the input buffer when a malformed,
specially-crafted JPEG image was being decompressed.  In prior versions of
libjpeg-turbo, the accelerated Huffman decoder was invoked (in most cases) only
if there were > 128 bytes of data in the input buffer.  However, it is possible
to construct a JPEG image in which a single Huffman block is over 430 bytes
long, so this version of libjpeg-turbo activates the accelerated Huffman
decoder only if there are > 512 bytes of data in the input buffer.

18. Fixed a memory leak in tjunittest encountered when running the program
with the `-yuv` option.

1.4.2
=====

### Significant changes relative to 1.4.1:

1. Fixed an issue whereby cjpeg would segfault if a Windows bitmap with a
negative width or height was used as an input image (Windows bitmaps can have
a negative height if they are stored in top-down order, but such files are
rare and not supported by libjpeg-turbo.)

2. Fixed an issue whereby, under certain circumstances, libjpeg-turbo would
incorrectly encode certain JPEG images when quality=100 and the fast integer
forward DCT were used.  This was known to cause `make test` to fail when the
library was built with `-march=haswell` on x86 systems.

3. Fixed an issue whereby libjpeg-turbo would crash when built with the latest
& greatest development version of the Clang/LLVM compiler.  This was caused by
an x86-64 ABI conformance issue in some of libjpeg-turbo's 64-bit SSE2 SIMD
routines.  Those routines were incorrectly using a 64-bit `mov` instruction to
transfer a 32-bit JDIMENSION argument, whereas the x86-64 ABI allows the upper
(unused) 32 bits of a 32-bit argument's register to be undefined.  The new
Clang/LLVM optimizer uses load combining to transfer multiple adjacent 32-bit
structure members into a single 64-bit register, and this exposed the ABI
conformance issue.

4. Fixed a bug in the MIPS DSPr2 4:2:0 "plain" (non-fancy and non-merged)
upsampling routine that caused a buffer overflow (and subsequent segfault) when
decompressing a 4:2:0 JPEG image whose scaled output width was less than 16
pixels.  The "plain" upsampling routines are normally only used when
decompressing a non-YCbCr JPEG image, but they are also used when decompressing
a JPEG image whose scaled output height is 1.

5. Fixed various negative left shifts and other issues reported by the GCC and
Clang undefined behavior sanitizers.  None of these was known to pose a
security threat, but removing the warnings makes it easier to detect actual
security issues, should they arise in the future.

(wiz)

Do not attempt to generate DTrace objects for objects which do not contain
any DTrace probes.  Fixes build with newer DTrace.

(jperkin)

ship virtualenv with PYVERSSUFFIX so pkg_alternatives can find it

(wiedi)

Remove py-perclip, already packaged as py-pyperclip

(kamil)

Import pyperclip-1.5.27 as x11/py-perclip

Pyperclip is a cross-platform Python module for copy and paste clipboard
functions.

This program detects underlaying OS and installed software:
- gtk,
- PyQt4,
- xclip,
- xsel,
- klipper (&qdbus).

It works with Python 2 and 3.

(kamil)

Added security/py-aes version 1.6.0

(kamil)

Add security/py-aes

(kamil)

Import pyaes-1.6.0 as security/py-aes

A pure-Python implmentation of the AES block cipher algorithm and the common
modes of operation (CBC, CFB, CTR, ECB and OFB).

Features:
- Supports all AES key sizes
- Supports all AES common modes
- Pure-Python (no external dependancies)
- BlockFeeder API allows streams to easily be encrypted and decrypted
- Python 2.x and 3.x support (make sure you pass in bytes(), not strings for
  Python 3)

(kamil)

Added devel/ropper version 1.9.5

(kamil)

Add devel/ropper

(kamil)

Import Ropper-1.9.5 as devel/ropper

You can use ropper to display information about binary files in different file
formats and you can search for gadgets to build rop chains for different
architectures (x86/X86_64, ARM/ARM64, MIPS/MIPS64, PowerPC). For disassembly
ropper uses the awesome Capstone Framework.

Originally packaged in pkgsrc-wip by myself.

(kamil)