Update ruby-rainbow to 2.1.0.

## 2.1.0 (2016-01-24)

* added X11 color support
* fixed `require` issue when rainbow is used as a dependency in another gem
* improved Windows support

(taca)

Note update of misc/ruby-parallel package to 1.6.2.

(taca)

Update ruby-parallel to 1.6.2.

* Clean up test cases for not calling finish
* Don't call :finish hook if there was an exception
* add test for queue error I just ran into
* Update redirects

(taca)

Note update of misc/ruby-ohai package to 8.12.0.

(taca)

Update ruby-ohai to 8.12.0.

8.12.0 (2016-03-09)

Full Changelog

Implemented enhancements:

* add plugin to detect user sessions using loginctl #766 (davide125)
* Improve virtualization detection on Solaris #760 (tas50)
* Improve FreeBSD guest virtualization detection #756 (tas50)
* Detect Openstack hosts #751 (tas50)
* Improve KVM host and guest detection #750 (tas50)
* Update GCE metadata API version and fail better #736 (tas50)

Fixed bugs:

* Make ohai work with Chef 12.7 and below #768 (jkeiser)
* Remove XML output in VirtualizationInfo and need for hpricot gem #755 (tas50)

v8.11.1 (2016-03-08)

Full Changelog

Implemented enhancements:

* Detect Azure on non-bootstrapped hosts #657
* Deprecate run_command and popen4 in the command mixin #730 (tas50)
* OHAI-726 Regex to support openjdk 1.8 #727 (davidnewman)
* Add support for the 2 latest EC2 metadata versions #725 (tas50)
* Improved debug logging for cloud plugins #724 (tas50)
* Detect paravirt amazon instances without hint files #722 (tas50)
* Detect Azure using the Azure agent and DHCP options #714 (tas50)

Fixed bugs:

* Use escape_glob_dir instead of escape_glob #747 (jaym)
* have a proper dependency on plist #737 (thommay)
* Fix digital ocean ip address detection #735 (ctso)
* Log sigar gem load failures #731 (tas50)
* ipaddress on Linux - default route pointing to unaddressed interface, with route src #682 (glennmatthews)

Release 8.10.0

* pr#720 Make Windows driver plugin opt-in via config
* pr#717 Don't enable packages plugin by default
* pr#711 Improve EC2 detection for HVM instances when a hint isn't present

Release 8.9.0

* phreakocious:
    - Collect layer 1 Ethernet information per NIC on Linux hosts
* Mark Gibbons:
    - Add kernel[:processor] with output of uname -p output
* Shahul Khajamohideen
    - Add packages plugin
* electrolinux
    - Add "alpine" platform and platform_family
* Julien Berard
    - Add instance_id to rackspace plugin
* Matt Whiteley
    - Allow route table override
* JM Howard Brown
    - Add tests and queue_depth to block_device
* pr#672 CPU plugin for Darwin (OS X) now properly reports the number of real CPUs adds "cores" to match the CPU output on Linux
    pr#674 CPU plugin for FreeBSD now reports "real" and "core" values to match the CPU output on Linux
* pr#654 Improvements to filesystem and wpar detection on AIX
* pr#683 Properly detect the init package on older Linux kernels
* pr#684 Remove non-functional cucumber tests
* pr#695 Fix detection of mac address on IPv6 only systems
* pr#703 Enable ChefStyle per RFC 64

(taca)

Note update of misc/ruby-commander package to 4.4.0.

(taca)

Update ruby-commander to 4.4.0.

=== 4.4.0 / 2016-02-19

* Add modular style template initialization. (@lebogan)
* Allow option names that start with a global option name.
* Fix handling of negatable global flags. (@mfurtak)

=== 4.3.8 / 2016-02-09

* Fix regression for deprecation warnings.

=== 4.3.7 / 2016-01-26

* Fix regression in help formatter introduced in 4.3.6.

=== 4.3.6 / 2016-01-26 [YANKED]

* Fix deprecation warnings on Ruby 2.3.0.
* Indent option descriptions the same way as program and command descriptions. (@badeball)

(taca)

Update devel/ruby-tins package to 1.9.0.

(taca)

Update ruby-tins to 1.9.0.

Add Tins::Duration class to display time durations.

(taca)

Updated net/nsd to 4.1.9

(pettai)

NSD 4.1.9
=========

BUG FIXES:
        - Change the nsd.db file version because of nanosecond precision fix.

(pettai)

Updated textproc/hs-tagsoup to 0.13.9

(szptvlfn)

Update to 0.13.9

CHANGES.txt:
0.13.9
    #50, fix a space leak
    #36, fix the demo examples
    #35, make IsString a superclass of StringLike
    #33, make flattenTree O(n) instead of O(n^2)
0.13.8
    #30, add parse/render functions directly to the Tree module
0.13.7
    #32, make sure upper case &#X works in lookupEntity
0.13.6
    #28, some named entities require a trailing semicolon (e.g. mid)
0.13.5
    #26, rename the test program to test-tagsoup
0.13.4
    #24, add isTagComment function
    Update the copyright year
0.13.3
    Work on GHC 7.9
0.13.2
    Remove all package upper bounds
    Allow QuickCheck-2.6

(szptvlfn)

Updated fonts/umefont-ttf to 0.600

(ryoon)

Update to 0.600

Status:
Unadjusted glyphs (characters; 1st pass): Uninode 8a2b-8b95
Unadjusted glyphs (Bushu; 1st pass): Gonben

(ryoon)

Updated print/pdf2djvu to 0.9.4

(ryoon)

Update to 0.9.4

Changelog:
pdf2djvu (0.9.4) unstable; urgency=low

  [ Jakub Wilk ]
  * Standardize on American spelling in the manual page.
  * Document that bugs can be reported to the mailing list.
  * Fix build failure with GCC 6.
    Thanks to Martin Michlmayr for the bug report.
    https://bugs.debian.org/812007
  * Improve warning message when a link with an unsupported
    action type is encountered.
    Thanks to Janusz S. Bień for the bug report.
    https://groups.io/g/pdf2djvu/message/26
  * Improve error handling in out-of-memory situations.
    Thanks to Daniel Stender for the bug report.
    https://bitbucket.org/jwilk/pdf2djvu/issue/107
  * Use HTTPS for sourceforge.net and freedesktop.org URLs.
  * Improve the test suite.
  * Update the Polish translation.

  [ Chris Leick ]
  * Update the German translation.

  [ Américo Monteiro ]
  * Update the Portuguese translation.

  [ Kyrill Detinov ]
  * Update the Russian translation.

  [ Jean-Paul Guillonneau ]
  * Update the French translation of the manual page.

-- Jakub Wilk <jwilk@jwilk.net>  Wed, 24 Feb 2016 18:34:05 +0100

(ryoon)

Update to puppet done

(fhajny)

Updated sysutils/puppet to 3.8.6

(fhajny)

Update sysutils/puppet to 3.8.6.

No changelog provided, commits since 3.8.4:
- (doc) Clarify auth_membership
- (PUP-4516) Exit immediately when sent INT or TERM
- (PUP-4516) Add signal name in exit message
- (PUP-4386) Windows group invalid user error msgs
- (PUP-5308) Bump beaker dependency
- (maint) Use beaker's puppet helper
- (maint) Remove obsolete test
- (PUP-5308) Use puppet config set for future parser
- (PUP-5480) Windows dirs should inherit SYSTEM
- Remove skipping based on commit msg
- (PUP-5308) Ensure future parser setting is in main section
- (PUP-5505) Improve performance of reading service plists
- (PUP-5522) Ensure consistency of node environment attr and param
- (PUP-5547) Prevent unnecessary environment eviction
- Revert "(PUP-5547) Prevent unnecessary environment eviction"
- (PUP-5547) Prevent unnecessary environment eviction
- (PUP-5509) Ensure error context for non-numeric index error
- (PUP-5590) Detect duplicate parameter names
- (PUP-5212) Pip package honors HTTP proxy
- (maint) Use Travis container infrastructure
- (maint) Use newer bundler
- Bump ruby version to 2.1.8
- (PUP-1293) Don't ignore status when using upstart provider
- (PUP-5378) acceptance: port all-functions test to 3.x
- (PUP-5378) ensure calling_all_functions works against 4x
- (maint) acceptance-fix with() function usage
- (maint) Relax fqdn_rand regex
- (maint) acceptance: fix calling all functions-split regex
- (PUP-5658) Disallow numeric types with ranges where to < from
- (maint) Update ruby build for windows
- (maint) Change apt_host to apt_signing_server
- (RE-6205) updating ruby for CVE-2015-7551
- (PUP-5670) bump facter release tag

(fhajny)

Updated print/pdf2djvu to 0.9.3nb2

(ryoon)

Improve dependencies from Jakub Wilk. Bump PKGREVISION

* Get rid of dependencies to C compiler, GNU sed, libxslt and pstreams
* Remove workaround for older NetBSD and MirBSD

(ryoon)

Remove two weird patches. Add comments to most others.

(wiz)

Updated databases/pgbouncer to 1.7.2

(fhajny)

Update databases/pgbouncer to 1.7.2.
Set up a separate user, previous PGUSER/PGGROUP integration didn't
make sense.

2016-02-26 - PgBouncer 1.7.2 - "Finally Airborne"

- Fix crash on stale pidfile removal. Problem introduced in 1.7.1.
- Disable cleanup - it breaks takeover and is not useful for
  production loads. Problem introduced in 1.7.1.
- After takeover, wait until pidfile is gone before booting. Slow
  shutdown due to memory cleanup exposed existing race. (#113)
- Make build reproducible by dropping DBGVER handling. (#112)
- Antimake: Sort file list from $(wildcard), newer gmake does not
  sort it anymore. (#111)
- Show libssl version in log.
- deb: Turn on full hardening.

2016-02-18 - PgBouncer 1.7.1 - "Forward To Five Friends Or Else"

- WARNING: Since version 1.7, server_reset_query is not executed
  when database is in transaction-pooling mode. Seems this was not
  highlighted enough in 1.7 announcement. If your apps depend on
  that happening, use server_reset_query_always to restore previous
  behaviour.
- TLS: Rename sslmode "disabled" to "disable" as that is what
  PostgreSQL uses.
- TLS: client_tls_sslmode=verify-ca/-full now reject connections
  without client certificate. (#104)
- TLS: client_tls_sslmode=allow/require do validate client
  certificate if sent. Previously they left cert validation
  unconfigured so connections with client cert failed. (#105)
- Fix memleak when freeing database.
- Fix potential memleak in tls_handshake().
- Fix EOF handling in tls_handshake().
- Fix too small memset in asn1_time_parse compat.
- Fix non-TLS (--without-openssl) build. (#101)
- Fix various issues with Windows build. (#100)
- TLS: Use SSL_MODE_RELEASE_BUFFERS to decrease memory usage of
  inactive connections.
- Clean allocated memory on exit. Helps to run memory-leak
  checkers.
- Improve server_reset_query documentation. (#110)
- Add TLS options to sample config.

2015-12-18 - PgBouncer 1.7 - "Colors Vary After Resurrection"
- Support TLS connections. OpenSSL/LibreSSL is used as backend
  implementation.
- Support authentication via TLS client certificate.
- Support "peer" authentication on Unix sockets.
- Support Host Based Access control file, like pg_hba.conf in
  Postgres. This allows to configure TLS for network connections
  and "peer" authentication for local connections.
- Set query_wait_timeout to 120s by default. Current default (0)
  causes infinite queueing, which is not useful. That means if
  client has pending query and has not been assigned to server
  connection, the client connection will be dropped.
- Disable server_reset_query_always by default. Now reset query is
  used only in pools that are in session mode.
- Increase pkt_buf to 4096 bytes. Improves performance with TLS.
  The behaviour is probably load-specific, but it should be safe
  to do as since v1.2 the packet buffers are split from connections
  and used lazily from pool.
- Support pipelining count expected ReadyForQuery packets. This
  avoids releasing server too early. Fixes #52.
- Improved sbuf_loopcnt logic - socket is guarateed to be
  reprocessed even if there are no event from socket. Required for
  TLS as it has it's own buffering.
- Adapt system tests to work with modern BSD and MacOS. (Eric
  Radman)
- Remove crypt auth. It's obsolete and not supported by PostgreSQL
  since 8.4.
- Fix plain "--with-cares" configure option - without argument it
  was broken.

(fhajny)

Remove stray SunOS project definition from some SMF manifests.
These should never have made it in. Bump resp. PKGREVISIONs.

(fhajny)

Added sysutils/tarsnap-gui version 0.8

(wiz)

+ tarsnap-gui.

(wiz)

Import tarsnap-gui-0.8 as sysutils/tarsnap-gui.

The Tarsnap graphical user interface desktop application is an open
source cross-platform frontend to the popular Tarsnap backup service.

The application uses the tarsnap command line client utilities to
communicate with the Tarsnap service.

(wiz)

Updated graphics/sane-backends to 1.0.25nb3

(martin)

Fix usb bulk reads on big endian 64bit platforms.
Closes PR pkg/50340.

(martin)

Updated devel/nss to 3.22.3

(ryoon)

Update to 3.22.3

Changelog:
The NSS Development Team announces the release of NSS 3.22.3,
which is a patch release for NSS 3.22.

No new functionality is introduced in this release.

The following bugs have been resolved in NSS 3.22.3

* Bug 1243641 - Increase compatibility of TLS extended master secret,
  don't send an empty TLS extension last in the handshake

(ryoon)

+ webkit-gtk-2.10.8 and webkit24-gtk-2.4.10 (take this one)

While here `!}sort' and manually remove some duplicates pointed out by the
sort.

(leot)

Disable precompiled headers. Makes GCC segfault on NetBSD-7.0-i386.

(tnn)

Teach about difference of struct mcontext_t on Linux/i386 vs NetBSD/i386.
Fixes build on NetBSD/i386.

(tnn)

fix struct reg usage according to /usr/include/i386/reg.h

(tnn)

Updated net/proftpd to 1.3.5b

(wiedi)

Update net/proftpd (and modules) to 1.3.5b

1.3.5b - Released 10-Mar-2016
--------------------------------
- Bug 4187 - mod_geoip does not load all of the GeoIPTables properly.
- Bug 4191 - "Incorrect string value" reported by mod_sql_mysql for some UTF8
  characters.
- Bug 4097 - SSH rekey fails when using RSA hostkey smaller than 2048 bits.
- Bug 4198 - MLSD/MLST fact type "cdir" is incorrectly used for the current
  working directory.
- Bug 4201 - HiddenStores temporary files not removed when exceeding quota
  using SCP.
- Bug 4202 - MLSD lines not properly terminated with CRLF.
- Bug 4209 - Zero-length memory allocation possible, with undefined results.
- Bug 4210 - Avoid unbounded SFTP extended attribute key/values.
- Bug 4212 - Ensure that FTP data transfer commands fail appropriately when
  "RootRevoke on" is in effect.
- Bug 4217 - Handle FTP re-authentication attempts better.
- Bug 4223 - Permissions on files uploaded via STOU do not honor configured
  Umask.
- Bug 4227 - Support SFTP clients that send multiple INIT requests.
- Bug 4230 - TLSDHParamFile directive appears ignored because unexpected DH is
  chosen.

(wiedi)

Added www/py-djangocms-style version 1.7.0

(adam)

A Plugin for django CMS to add CSS classes to other plugins

(adam)

Add support for "-isystem dir", transform in the same way as "-Idir"

(markd)

Add support for -isystem to legacy wrappers.
  rewrite "-isystem dir" as "-isystem,dir"
  transform "-isystem,dir" in same ways as "-Idir"
  rewrite "-isystem,dir" back to "-isystem dir" in cmd-sink

(markd)

Remove precompiled Python files in tests directory

(adam)

Updated x11/mlterm to 3.7.0

(tsutsui)

Update mlterm to 3.7.0.

Changes noted in doc/en/ReleaseNote:

ver 3.7.0
* Support OSC 1337. (See http://www.iterm2.com/images.html)
* Support animation gif of OSC 5379 show_picture on MacOSX/cocoa.
* Enable to place configuration files in mlterm.app/mlterm/ on MacOSX/Cocoa.
* Add 'mlfc' tool which automatically generates ~/.mlterm/aafont and ~/.mlterm/font-fb.
* Change the format of ~/.mlterm/*font is changed as follows.
  [Charset] = [Font name];[Size],[Font name];[Size],[Font name];...
  -> [Charset] = [Font name]
* Drop XT_CBLINK (CSI?12h/CSI?12l) support.
* Simplify font configuration of OSC 5379. ('mlcc font USASCII <Font name>' is available.)
* "CSI 38;2;r;g;b m" and "CSI 48;2;r;g;b m" shows high colors instead of
  approximate vt 256 colors. "vt_color_mode" / --vtcolor(=256/high/true) option
  changes the behavior.
* Bug fixes:
  Fix illegal memory access on MacOSX/Cocoa and Android.
  Fix segfault in spliting window on MacOSX/Cocoa. (Enbugged at 3.6.2)

(tsutsui)

don't use msgfmt --check. It breaks with gettext 0.14.1.

(tnn)

Note remove www/drupal6 package.

(taca)

Remove drupal6, it has been EOL.

(taca)

Remove drupal6.

(taca)

try to fix build with clang-3.8

(tnn)

Updated security/tor-browser to 5.5.3

(ryoon)

Update to 5.5.3

Changelog:
Rebase to Firefox 38.7.0

(ryoon)

Updated security/putty to 0.67

(ryoon)

Update to 0.67

Changelog:  2016-03-05 PuTTY 0.67 released, fixing a SECURITY HOLE

PuTTY 0.67, released today, fixes a security hole in 0.66 and
before: vuln-pscp-sink-sscanf. It also contains a few other small
bug fixes.

Also, for the first time, the Windows executables in this release
(including the installer) are signed using an Authenticode certificate,
to help protect against tampering in transit from our website or
after downloading. You should find that they list "Simon Tatham"
as the verified publisher.

(ryoon)

Updated textproc/grep to 2.24

(ryoon)

Update to 2.24

Changelog:
* Noteworthy changes in release 2.24 (2016-03-10) [stable]

** Bug fixes

  grep -z would match strings it should not.  To trigger the bug, you'd
  have to use a regular expression including an anchor (^ or $) and a
  feature like a range or a backreference, causing grep to forego its DFA
  matcher and resort to using re_search.  With a multibyte locale, that
  matcher could mistakenly match a string containing a newline.
  For example, this command:
    printf 'a\nb\0' | LC_ALL=en_US.utf-8 grep -z '^[a-b]*b'
  would mistakenly match and print all four input bytes.  After the fix,
  there is no match, as expected.
  [bug introduced in grep-2.7]

  grep -Pz now diagnoses attempts to use patterns containing ^ and $,
  instead of mishandling these patterns.  This problem seems to be
  inherent to the PCRE API; removing this limitation is on PCRE's
  maint/README wish list.  Patterns can continue to match literal ^
  and $ by escaping them with \ (now needed even inside [...]).
  [bug introduced in grep-2.5]

(ryoon)

Updated sysutils/facette to 0.4.0devnb6

(imil)

disable portability check for unused configure script

(imil)

Mark package as BROKEN, it tries to download stuff over plain HTTP
during the build:
---8<---
downloading ICU data library (icudt)
the files will be extracted to: /pkgsrc-obj/textproc/R-stringi/work/.destdir/usr/pkg/lib/R/library/stringi/libs
no icudt in a local repo
trying URL 'http://static.rexamine.com/packages/icudt55l.zip'
Warning in download.file(paste(href, fname, sep = ""), outfname, mode = "wb") :
  unable to resolve 'static.rexamine.com'
Error in download.file(paste(href, fname, sep = ""), outfname, mode = "wb"): cannot open URL 'http://static.rexamine.com/packages/icudt55l.zip'

(tnn)

BUILDLINK_TRANSFORM needs to go before bsd.pkg.mk

(tnn)

add DESCR (Hi Wen!)

(tnn)

This package needs to be able to do atomic compare-and-swap on time_t.
Since time_t is 64 bits, on i386 it needs at least a pentium-class CPU.

(tnn)

Updated geography/opencpn to 4.2.0
Updated geography/opencpn-plugin-weather_routing to 20160208

(bouyer)

Update to version 20160208. Changes since 20150829:
- support opencpn 4.2.0
- bug fixes and UI improvements
- display currents along the route

(bouyer)

Update OpenCPN to 4.2.0.
Changes since 4.0.0:
As a successor to OpenCPN Version 4.0, OpenCPN Version 4.2 contains many new features and enhanced functions.

Among them are:

..Increased performance in all modes, particularly when using OpenGL graphics acceleration.
..Integrated Chart Downloader PlugIn, allowing systematic tracking and donwload of latest online charts from several popular sources.
..Integrated World Magnetic Model (WMM) PlugIn, providing accuratley calculated magnetic variation worldwide.
..Major update to embedded Users Manual.
..Measurably improved performance and reliability over all supported platforms.

more details here: http://opencpn.org/ocpn/release4.2

(bouyer)

Updated devel/cmake to 3.5.0

(adam)

Changes 3.5.0:
The cmake-gui(1) gained options to control warnings about deprecated functionality.
The cmake-gui(1) learned an option to set the toolset to be used with VS IDE and Xcode generators, much like the existing -T option to cmake(1).
The cmake-gui(1) gained a Regular Expression Explorer which may be used to create and evaluate regular expressions in real-time. The explorer window is available via the Tools menu.
The -Wdev and -Wno-dev cmake(1) options now also enable and suppress the deprecated warnings output by default.
The suppression of developer warnings as errors can now be controlled with the new -Werror=dev and -Wno-error=dev cmake(1) options.
The cmake(1) -E command-line tools copy, copy_if_different, copy_directory, and make_directory learned to support multiple input files or directories.
The cmake_parse_arguments() command is now implemented natively. The CMakeParseArguments module remains as an empty placeholder for compatibility.
The install(DIRECTORY) command learned to support generator expressions in the list of directories.
The CMAKE_ERROR_DEPRECATED variable can now be set using the -Werror=deprecated and -Wno-error=deprecated cmake(1) options.
The CMAKE_WARN_DEPRECATED variable can now be set using the -Wdeprecated and -Wno-deprecated cmake(1) options.
The VS_GLOBAL_<variable> target property is now implemented for VS 2010 and above. Previously it worked only in VS 2008 and below.
The ExternalProject module learned a new GIT_REMOTE_NAME option to control the git clone --origin value.
The FindBoost module now provides imported targets such as Boost::boost and Boost::filesystem.
The FindFLEX module FLEX_TARGET macro learned a new DEFINES_FILE option to specify a custom output header to be generated.
The FindGTest module now provides imported targets.
The FindGTK2 module, when GTK2_USE_IMPORTED_TARGETS is enabled, now sets GTK2_LIBRARIES to contain the list of imported targets instead of the paths to the libraries. Moreover it now sets a new GTK2_TARGETS variable containing all the targets imported.
The FindOpenMP module learned to support Clang.
The FindOpenSSL module gained a new OPENSSL_MSVC_STATIC_RT option to search for libraries using the MSVC static runtime.
The FindPNG module now provides imported targets.
The FindTIFF module now provides imported targets.
A FindXalanC module was introduced to find the Apache Xalan-C++ XSL transform processing library.
The FindXercesC module now provides imported targets.

(adam)

Updated www/ap-auth-mellon to 0.12.0
Fixes CVE-2016-2145] and CVE-2016-2146

(manu)

Update mod_auth_mellon to 0.12.0

Fixes CVE-2016-2145 and CVE-2016-2146

Changes since 0.10.0 frome NEWS file and patches/patch-0274

patch-0274
---------------------------------------------------------------------------
* Return 500 Internal Server Error if probe discovery fails.

Version 0.12.0
---------------------------------------------------------------------------

Security fixes:

* [CVE-2016-2145] Fix DOS attack (Apache worker process crash) due to
  incorrect error handling when reading POST data from client.

* [CVE-2016-2146] Fix DOS attack (Apache worker process crash /
  resource exhaustion) due to missing size checks when reading
  POST data.

In addition this release contains the following new features and fixes:

* Add MellonRedirecDomains option to limit the sites that
  mod_auth_mellon can redirect to. This option is enabled by default.

* Add support for ECP service options in PAOS requests.

* Fix AssertionConsumerService lookup for PAOS requests.

Version 0.11.1
---------------------------------------------------------------------------

Security fixes:

* [CVE-2016-2145] Fix DOS attack (Apache worker process crash) due to
  incorrect error handling when reading POST data from client.

* [CVE-2016-2146] Fix DOS attack (Apache worker process crash /
  resource exhaustion) due to missing size checks when reading
  POST data

Version 0.11.0
---------------------------------------------------------------------------

* Add SAML 2.0 ECP support.

* The MellonDecode option has been disabled. It was used to decode
  attributes in a Feide-specific encoding that is no longer used.

* Set max-age=0 in Cache-Control header, to ensure that all browsers
  verifies the data on each request.

* MellonMergeEnvVars On now accepts second optional parameter, the
  separator to be used instead of the default ';'.

* Add option MellonEnvVarsSetCount to specify if the number of values
  for any attribute should also be stored in environment variable
  suffixed _N.

* Add option MellonEnvVarsIndexStart to specify if environment variables
  for multi-valued attributes should start indexing with 0 (default) or
  with 1.

* Bugfixes:

  * Fix error about missing authentication with DirectoryIndex in
    Apache 2.4.

(manu)

Updated security/lasso to 2.5.1

(manu)

Update lasso to 2.5.1

Changes since 2.4.1 from NEWS file:

2.5.1 - February 19th 2016
---------------------------
17 commits, 16 files changed, 1096 insertions, 42 deletions

- Add missing urn constants used in PAOS HTTP header
- Set NotBefore in SAML 2.0 login assertions
- tests: fix leak in test test16_test_get_issuer
- id-ff: fix leak of profile->private_data->message_id
- saml-2.0: fix leak of message_id in
  lasso_profile_saml20_build_paos_request_msg
- tests: fix leaks in test_ecp
- xml: fix wrong termination of comment
- xml: fix leak in lasso_soap_envelope_new_full
- profile: fix leak of private idp_list field
- saml-2.0: fix leaks of url
- tests: fix leak
- tests: update valgrind suppressions
- perl: remove quotes from $PERL -V::ccflags: output (#9572)
- Fix wrong snippet type (fixes #9616). Thanks to Brett Gardner for the patch.
- tools.c: use correct NID and digest length when building RSA signature
  using SHA-2 digest
  (fixes #10019) Thanks to Brett Gardner for the patch.
- bindings/php5: fix enum getters and setters (fixes #10032). Thanks to
  Brett Gardner for the bug report.
- fix warning about INCLUDES directive

2.5.0 - September 2nd 2015
--------------------------
151 commits, 180 files changed, 8391 insertions, 1339 deletions

- lots of bugfixes (reported by static analysis tools like clang,
  coverity and manual inspection) thanks to Simo Sorce and John Dennis from
  RedHat
- xsd:choices are now parsed correctly by implementing a real finite automata
  for parsing XML documents. New flag for jumping forward and backward in
  schema snippets have been added. It fixes parsing of message from third
  party not following the ordre from the schema (they are entitled to do it but
  most SAML implementations do not)
- added C CGI examples for SP and IdP side
- removed the _POSIX_SOURCE declaration
- added support for the SHA-2 family of hash functions
- fixed protocol profile selection when parsing AuthnRequest
- added support for Python 3, thanks to Houzefa Abbasbhay from
  XCG Consulting
- fixed default value of WantAuthnRequestSigned in metadata parsing
- SAML 2.0 ECP is now functionnal, thanks to John Dennis from RedHat
- added two new API function to LassoProfile to extract the Issuer and
  InResponseTo attribute of messages, allowing pre-treatment before parsing
  the message, to load the metadata of the remote provider, or find the request
  which the response matches.
- fixed segfault when parsing HTTP-Redirect marlformed base64 content
- added support for automake 1.15 (jdennis)

(manu)

Updated net/haproxy to 1.6.4

(fhajny)

Update net/haproxy to 1.6.4. Throw in example config files.

2016/03/14 : 1.6.4
- BUG/MINOR: http: fix several off-by-one errors in the url_param
  parser
- BUG/MINOR: http: Be sure to process all the data received from a
  server
- BUG/MINOR: chunk: make chunk_dup() always check and set
  dst->size
- MINOR: chunks: ensure that chunk_strcpy() adds a trailing zero
- MINOR: chunks: add chunk_strcat() and chunk_newstr()
- MINOR: chunk: make chunk_initstr() take a const string
- MINOR: lru: new function to delete <nb> least recently used keys
- DOC: add Ben Shillito as the maintainer of 51d
- BUG/MINOR: 51d: Ensures a unique domain for each configuration
- BUG/MINOR: 51d: Aligns Pattern cache implementation with HAProxy
  best practices.
- BUG/MINOR: 51d: Releases workset back to pool.
- BUG/MINOR: 51d: Aligned const pointers to changes in 51Degrees.
- CLEANUP: 51d: Aligned if statements with HAProxy best practices
  and removed casts from malloc.
- DOC: fix a few spelling mistakes
- DOC: fix "workaround" spelling
- BUG/MINOR: examples: Fixing haproxy.spec to remove references to
  .cfg files
- MINOR: fix the return type for dns_response_get_query_id()
  function
- MINOR: server state: missing LF (\n) on error message printed
  when parsing server state file
- BUG/MEDIUM: dns: no DNS resolution happens if no ports provided
  to the nameserver
- BUG/MAJOR: servers state: server port is erased when dns
  resolution is enabled on a server
- BUG/MEDIUM: servers state: server port is used uninitialized
- BUG/MEDIUM: config: Adding validation to stick-table expire
  value.
- BUG/MEDIUM: sample: http_date() doesn't provide the right day of
  the week
- BUG/MEDIUM: channel: fix miscalculation of available buffer
  space.
- MEDIUM: pools: add a new flag to avoid rounding pool size up
- BUG/MEDIUM: buffers: do not round up buffer size during
  allocation
- BUG/MINOR: stream: don't force retries if the server is DOWN
- BUG/MINOR: counters: make the sc-inc-gpc0 and sc-set-gpt0 touch
  the table
- MINOR: unix: don't mention free ports on EAGAIN
- BUG/CLEANUP: CLI: report the proper field states in "show sess"
- MINOR: stats: send content-length with the redirect to allow
  keep-alive
- BUG: stream_interface: Reuse connection even if the output
  channel is empty
- DOC: remove old tunnel mode assumptions
- BUG/MAJOR: http-reuse: fix risk of orphaned connections
- BUG/MEDIUM: http-reuse: do not share private connections across
  backends
- BUG/MINOR: ssl: Be sure to use unique serial for regenerated
  certificates
- BUG/MINOR: stats: fix missing comma in stats on agent drain
- BUG/MINOR: lua: unsafe initialization
- DOC: lua: fix somme errors
- DOC: add server name at rate-limit sessions example
- BUG/MEDIUM: ssl: fix off-by-one in ALPN list allocation
- BUG/MEDIUM: ssl: fix off-by-one in NPN list allocation
- DOC: LUA: fix some typos and syntax errors
- MINOR: cfgparse: warn for incorrect 'timeout retry' keyword
  spelling in resolvers
- MINOR: mailers: increase default timeout to 10 seconds
- MINOR: mailers: use <CRLF> for all line endings
- BUG/MAJOR: lua: applets can't sleep.
- BUG/MINOR: server: some prototypes are renamed
- BUG/MINOR: lua: Useless copy
- BUG/MEDIUM: stats: stats bind-process doesn't propagate the
  process mask correctly
- BUG/MINOR: server: fix the format of the warning on address
  change
- BUG/MEDIUM: chunks: always reject negative-length chunks
- BUG/MINOR: systemd: ensure we don't miss signals
- BUG/MINOR: systemd: report the correct signal in debug message
  output
- BUG/MINOR: systemd: propagate the correct signal to haproxy
- MINOR: systemd: ensure a reload doesn't mask a stop
- BUG/MEDIUM: cfgparse: wrong argument offset after parsing server
  "sni" keyword
- CLEANUP: stats: Avoid computation with uninitialized bits.
- CLEANUP: pattern: Ignore unknown samples in pat_match_ip().
- CLEANUP: map: Avoid memory leak in out-of-memory condition.
- BUG/MINOR: tcpcheck: fix incorrect list usage resulting in
  failure to load certain configs
- BUG/MAJOR: samples: check smp->strm before using it
- MINOR: sample: add a new helper to initialize the owner of a
  sample
- MINOR: sample: always set a new sample's owner before evaluating
  it
- BUG/MAJOR: vars: always retrieve the stream and session from the
  sample
- CLEANUP: payload: remove useless and confusing nullity checks
  for channel buffer
- BUG/MINOR: ssl: fix usage of the various sample fetch functions
- MINOR: cfgparse: warn when uid parameter is not a number
- MINOR: cfgparse: warn when gid parameter is not a number
- BUG/MINOR: standard: Avoid free of non-allocated pointer
- BUG/MINOR: pattern: Avoid memory leak on out-of-memory condition
- CLEANUP: http: fix a build warning introduced by a recent fix
- BUG/MINOR: log: GMT offset not updated when entering/leaving DST

(fhajny)

note octave update to 4.0.0

(dbj)

don't use xcrun checking for xcrun on osx
command line tools don't install xcrun in the toolkit
so do a simple check for cc instead

(dbj)

set CHECK_BUILTIN.zlib:=yes so that zlib's builtin.mk won't create a fake zlib.pc
otherwise, freetype2 will add a Requires: for the fake .pc file to its own .pc file

(dbj)

add libiconv buildlink3 dependency, bump PKGREVISION

(dbj)

Only support the dri option if X11_TYPE is modular. Not very useful in and
of itself, but cuts down on noise from libdrm and MesaLib in X11_TYPE=native
bulk builds. Also, only enable the Present extension if building with DRI.

(tnn)

needs randrproto>=1.5.0

(tnn)

remove references to ruby200

(tnn)

drop ruby200-base

(tnn)

Fix previous

CVS: ----------------------------------------------------------------------
CVS: CVSROOT  cvs.NetBSD.org:/cvsroot
CVS: please use "PR category/123" to have the commitmsg appended to PR 123

(gdt)

Removed databases/postgresql-postgis2 successor databases/postgresql-postgis2 [gdt 2016-03-14]

CVS: ----------------------------------------------------------------------
CVS: CVSROOT  cvs.NetBSD.org:/cvsroot
CVS: please use "PR category/123" to have the commitmsg appended to PR 123

(gdt)

Remove postgresql-postgis

This package is well beyond obsolete, and is no longer maintained
upstream.  It only existed because postgis2 (now at 2.2, 2 major
releases later) was added instead of just updating this one.

(gdt)

Enable postgresql-postgis2 for PostgreSQL 9.5

(fhajny)

Updated databases/mongo-tools to 3.2.4

(fhajny)

Update databases/mongo-tools to 3.2.4.

3.2.4
- mongorestore --noIndexRestore inhibits empty collection creation

3.2.3
- mongoexport chokes on data with quotes

3.2.1
- Add bypassDocumentValidation option to mongorestore and mongoimport
- Missing "from" text in mongorestore status message

3.2.0
- Add bypassDocumentValidation option to mongorestore and mongoimport
- Missing "from" text in mongorestore status message

3.0.8
- bsondump does not keep attribut order
- mongodump issue with temporary map/reduce collections
- Error restoring database "insertion error: EOF"

(fhajny)

Updated databases/mongodb to 3.2.4

(fhajny)

Update databases/mongodb to 3.2.4.

- Fixed issue with setting optime when running with journaling
  disabled
- Have read concern majority reflect journaled state on
  the primary
- Fixed issue where specifying replication.enableMajorityReadConcern
  implied true regardless of the actual boolean value
- Fixed issue causing segfault when running aggregation that
  includes $lookup

(fhajny)

ivtools, nocol

(dholland)

Updated comms/conserver8 to 8.2.1.

(schnoebe)

Updated comms/conserver8 to 8.2.1.

(schnoebe)

Upstream: Update to 8.2.1
    version 8.2.1 (Jun 2, 2015):
- added TCP keepalives between client and server - TCP-based consoles
  already had the code - this was mostly an oversight
- patch for SEGV and task execution - patch by Artem Savkov
  <asavkov@redhat.com>
- expanded break sequences from [1-9] to [1-9a-z] - based on patch by
  Artem Savkov <asavkov@redhat.com>

pkgsrc:
    options.mk:
add support inet6
The way the conserver is coded, you get inet6 or you get uds
    patches/patch-conserver_readcfg.c:
new patch, fixing a setproctitle() bug with inet6.
This needs to be sent upstream.
    Makefile:
install sample configurations
Change maintainer to pkgsrc-users@netbsd.org
    old maintainer address bounced.
drop ``--with-regex'' option, it's no longer supported.

(schnoebe)

Updated www/sassc to 3.3.3

(adam)

Changes 3.3.3:
Fix failed assertions not being set to stderr
Fix version not working when compiled with Visual Studio
Fix poor handling of UTF-8 characters in paths

(adam)

Let's maintain this.

(wiz)

Updated net/php-baikal to 0.3.5

(wiz)

Update php-baikal to 0.3.5:

0.3.5

    #466: Fixed a small issue that can effect new installions. Existing working installations do not need to upgrade.

0.3.4

    Last build was broken, contained data in the Specific/ directory. This affected new installs but not upgrades.

0.3.3

    #457: The realm was not correctly set from configuration for Digest auth.
    Reduced memory usage in upgrade script. Should help with upgrading large databases.
    Removed BAIKAL_PATH_SABREDAV setting. It was no longer used.

(wiz)

+ afl-2.08b, cmake-3.5.0, dbus-python-common-1.2.4, denemo-2.0.4,
  dropbear-2016.72, farstream-0.2.8, glpk-4.59, grep-2.24, mc-4.8.16,
  ocaml-findlib-1.6.2, orcus-0.11.1, py-dbus-1.2.4, spice-protocol-0.12.11,
  talloc-2.1.6, tor-browser-5.5.3, transmission-2.92, waf-1.8.20,
  x264-devel-20160312, xterm-324.

(wiz)