Updated textproc/p5-Text-Diff to 1.44

(wiz)

Update p5-Text-Diff to 1.44.

1.44 2016-02-26 NEILB
    - Fixed the handling of text without a trailing newline. This module now
      adds the same text that the diff tool does, "\n\\ No newline at end of
      file\n". Previously this module simply produced broken diffs when one or
      both files had no trailing newline. Fixed by Dave Rolsky. GitHub #1.

(wiz)

Updated devel/p5-Moo to 2.001000

(wiz)

Update p5-Moo to 2.001000.

2.001000 - 2016-02-29
  * Documentation
    - Added documentation for has's ability to accept an arrayref of attribute
      names to create with the same options.
    - Removed mention that we may not call BUILDARGS, since that behavior was
      removed in 2.000002.
    - Reorganized documentation of class methods to separate those provided as a
      public API (new/does/meta) from those used by Moo in the object lifecycle
      (BUILDARGS/FOREIGNBUILDARGS/BUILD/DEMOLISH).
    - Updated documentation of most class methods for clarity.
    - Updated BUILDARGS documentation to show an around rather than just
      overriding.
    - Added examples to FOREIGNBUILDARGS and BUILD.
    - Added explicit documentation for DOES and meta methods.

  * Fixes
    - Fixed grammar in error message when @ISA is changed unexpectedly before
      a constructor is fully generated.
    - Fixed Moo classes and Sub::Quote subs in packages that are nearly 252
      characters long.
    - Fixed Sub::Defer::undefer_package emitting warnings.
    - Fixed detection of constructors that have already been inlined.

  * Performance
    - The generated code in constructors and setters has had a number of
      microoptimizations applied.
    - Deferred subs (and quoted subs like some accessors) in roles will be
      undefered before copying them to classes.  This prevents the need for a
      goto on every call that would slow down the subs.
    - Fixed Moose inflation code resulting in constructors with deferred
      wrappers.

  * Other
    - Recommend Sub::Name 0.08, which fixes a memory leak.
    - The values given to BUILD subs will be the original values passed to new,
      rather than after coercions have been applied.  This brings the behavior
      in line with Moose.

(wiz)

Updated converters/p5-JSON-XS to 3.020

(wiz)

Update p5-JSON-XS to 3.02.

3.02 Fri Feb 26 22:45:20 CET 2016
- allow_nonref now affects booleans (\1, $Types::Serialiser::Boolean)
          as well (reported by Alex Efros).
- allow literal tabs in strings in relaxed mode (patch by
          lubo.rintel@gooddata.com).
- support "cbor" format in json_xs tool.
- support (and fix) calling encode and decode in list context
          (reported by Вадим Власов).
        - work around a bug in older perls crashing when presented
          with shared hash keys (Reini Urban).
        - use stability canary.

(wiz)

Updated devel/p5-File-Which to 1.20

(wiz)

Update p5-File-Which to 1.20:

1.20      2016-03-01 15:06:54 -0500
  - Fix bug where executable named "0" would not be found (gh#7)

(wiz)

Updated time/p5-DateTime to 1.2400

(wiz)

Update p5-DateTime to 1.24.

1.24  2016-02-29

- The last release partially broke $dt->time. If you passed a value to use as
  unit separator, this was ignored. Reported by Sergiy Zuban. RT #112585.

1.23  2016-02-28

- Make all DateTime::Infinite objects return the system's representation of
  positive or negative infinity for any method which returns a number of
  string representation (year(), month(), ymd(), iso8601(), etc.). Previously
  some of these methods could return "Nan", "-Inf--Inf--Inf", and other
  confusing outputs. Reported by Greg Oschwald. RT #110341.

1.22  2016-02-21 (TRIAL RELEASE)

- Fixed several issues with the handling of non-integer values passed to
  from_epoch().

  This method was simply broken for negative values, which would end up being
  incremented by a full second, so for example -0.5 became 0.5.

  The method did not accept all valid float values. Specifically, it did not
  accept values in scientific notation.

  Finally, this method now rounds all non-integer values to the nearest
  millisecond. This matches the precision we can expect from Perl itself (53
  bits) in most cases.

  Patch by Christian Hansen. GitHub #11.

1.21  2015-09-30

- Make all tests pass with both the current DateTime::Locale and the upcoming
  new version (currently still in trial releases).

(wiz)

Updated audio/musicpd to 0.19.13

(wiz)

Update mpd to 0.19.13.

ver 0.19.13 (2016/02/23)
* tags
  - aiff, riff: fix ID3 chunk padding
* decoder
  - ffmpeg: support the TAK codec
* fix disappearing duration of remote songs during playback
* initialize supplementary groups with glibc 2.19+

(wiz)

Updated fonts/harfbuzz to 1.2.3

(wiz)

Update harfbuzz to 1.2.3.

Overview of changes leading to 1.2.3
Thursday, February 25, 2016
====================================

- Blacklist GDEF table of certain versions of Times New Roman (Bold) Italic,
  due to bug in glyph class of ASCII double-quote character.  This should
  address "regression" introduced in 1.2.0 when we switched mark zeroing
  in most shapers from BY_UNICODE_LATE to BY_GDEF_LATE.
  This fourth release in a week should finally stablize things...

- hb-ot-font's get_glyph() implementation saw some optimizations.  Though,
  might be really hard to measure in real-world situations.

- Also, two rather small API changes:

We now disable some time-consuming internal bookkeeping if built with NDEBUG
defined.  This is a first time that we use NDEBUG to disable debug code.  If
there exist production systems that do NOT want to enable NDEBUG, please let
me know and I'll add HB_NDEBUG.

Added get_nominal_glyph() and get_variation_glyph() instead of get_glyph()

New API:
- hb_font_get_nominal_glyph_func_t
- hb_font_get_variation_glyph_func_t
- hb_font_funcs_set_nominal_glyph_func()
- hb_font_funcs_set_variation_glyph_func()
- hb_font_get_nominal_glyph()
- hb_font_get_variation_glyph()

Deprecated API:
- hb_font_get_glyph_func_t
- hb_font_funcs_set_glyph_func()

Clients that implement their own font-funcs are encouraged to replace
their get_glyph() implementation with a get_nominal_glyph() and
get_variation_glyph() pair.  The variation version can assume that
variation_selector argument is not zero.  Old (deprecated) functions
will continue working indefinitely using internal gymnastics; it is
just more efficient to use the new functions.

Overview of changes leading to 1.2.2
Wednesday, February 24, 2016
====================================

- Fix regression with mark positioning with fonts that have
  non-zero mark advances.  This was introduced in 1.2.0 while
  trying to make mark and cursive attachments to work together.
  I have partially reverted that, so this version is much more
  like what we had before.  All clients who updated to 1.2.0
  should update to this version.

Overview of changes leading to 1.2.1
Tuesday, February 23, 2016
====================================

- CoreText: Fix bug with wrong scale if font scale was changed later.
  https://github.com/libass/libass/issues/212
- CoreText: Drastically speed up font initialization.
- CoreText: Fix tiny leak.
- Group ZWJ/ZWNJ with previous syllable under cluster-level=0.
  https://github.com/behdad/harfbuzz/issues/217
- Add test/shaping/README.md about how to add tests to the suite.

(wiz)

Updated misc/calibre to 2.52.0

(wiz)

Update calibre to 2.52.0.

- version: 2.52.0
  date: 2016-02-26

  new features:
    - title: "Allow creating rules to ignore files when adding books based on the filename"
      description: "Useful when using the auto-add feature or when adding in bulk. Preferences->Adding Books->Rules to filter added files"

    - title: "calibredb add: Allow specifying filters to control adding of books from directories"

    - title: "E-book viewer: Allow copying the Table of Contents to the clipboard by right clicking on it."
      tickets: [1548791]

  bug fixes:
    - title: "FB2 metadata: Ignore invalid (unidentifiable) cover images."
      tickets: [1548417]

    - title: "FB2 metadata: Fix error when adding books with non-numeric series numbers."
      tickets: [1548405]

    - title: "DOCX Input: Fix handling of toggle properties such as bold/italic/strikethrough/etc. when specified as document defaults."
      tickets: [1548187]

    - title: "Conversion pipeline: Add support for the q CSS length unit"

  improved recipes:
    - AsiaOne
    - Today Online - Singapore
    - Foreign Policy
    - Outlook India
    - Economic and Political Weekly
    - Foreign Affairs
    - El Pais
    - LA Times
    - Al-Ahram
    - New York Times Book Review

  new recipes:
    - title: Al-Masry Alyoum
      author: Hassan Williamson

(wiz)

Remove patch (part of 1.2.2 update).

(wiz)

Updated sysutils/py-dbus to 1.2.2

(wiz)

Updated sysutils/dbus-python-common to 1.2.2

(wiz)

Update dbus python bindings to 1.2.2.

D-Bus Python Bindings 1.2.2 (2016-02-22)
========================================

The “mind fray” release.

Versioning changes:

• dbus-python releases now have an even micro version (1.2.0, 1.2.2),
  and snapshots from git have an odd micro version (1.2.1).

Dependencies:

• Building from git (but not from tarballs) now requires
  macros from the GNU Autoconf Archive, for example the autoconf-archive
  package in Debian or Fedora derivatives.

• Building from git (but not from tarballs) now requires Automake 1.13
  or later.

• The automated tests and some examples now require PyGI (the gi module),
  not PyGObject 2 (the deprecated glib and gobject modules).

Enhancements:

• There is now a setuptools setup.py, allowing dbus-python to be installed
  into a virtualenv using pip from a standard Automake source release. This
  requires pre-existing system-wide installations of the normal build
  dependencies (pkg-config, libdbus, dbus-glib, a C compiler) and has
  some limitations. For system-wide installations and development,
  please use the Autoconf/Automake build system directly.
  (fd.o #55439; Simon McVittie)

• dbus-python now uses the common compiler warnings from AX_COMPILER_FLAGS
  (Simon McVittie)

• The automated tests can now be installed as GNOME-style "installed tests",
  and should be somewhat more reliable (Simon McVittie)

Fixes:

• "from dbus.service import *" now imports FallbackObject
  (fd.o #85720; Ben Longbons)

• The GConf-related examples work again (fd.o #85720; Ben Longbons)

• Consistently make examples executable, and install them all
  (fd.o #85720; Ben Longbons)

• Search PATH for an appropriately-versioned pythonX.Y-config, or as a last
  resort python-config, if there isn't a ${PYTHON}-config in the
  same directory as ${PYTHON} (fd.o #92085; Yamashita, Yuu)

• Add support for the Automake 1.13 parallel test driver (Simon McVittie)

• Skip building API documentation if "import epydoc" fails (Simon McVittie)

(wiz)

Updated devel/afl to 2.05b

(wiz)

Update afl to 2.05b:

--------------
Version 2.05b:
--------------

  - Put __sanitizer_cov_module_init & co behind #ifdef to avoid problems
    with ASAN. Spotted by Christian Holler.

--------------
Version 2.04b:
--------------

  - Removed indirect-calls coverage from -fsanitize-coverage (since it's
    redundant). Spotted by Kostya Serebryany.

(wiz)

Updated lang/nodejs4 to 4.3.2

(fhajny)

Update lang/nodejs4 to 4.3.2.

Irrelevant to (dynamically linked) lang/nodejs4:

* openssl: Upgrade from 1.0.2f to 1.0.2g

(fhajny)

Updated lang/nodejs to 5.7.1

(fhajny)

Update lang/nodejs to 5.7.1.

* path.relative():
  - Output is no longer unnecessarily verbose
  - Resolving UNC paths on Windows now works correctly
  - Resolving paths with prefixes now works correctly from
    the root directory
* url: Fixed an off-by-one error with parse()
* dgram: Now correctly handles a default address case when offset
  and length are specified (Matteo Collina) #5407.

Irrelevant to (dynamically linked) lang/nodejs:

* openssl: Upgrade from 1.0.2f to 1.0.2g

(fhajny)

Updated devel/netbeans-ide to 8.1

(asau)

Update to NetBeans 8.1

Noteworthy changes in NetBeans 8.1:

Updated GlassFish server to the version 4.1.1.

Updated Apache Tomcat server to the version 8.0.27.

JUnit is now included in the NetBeans bundles.

Java: improved editing, improved support for Maven,
support for Maven 3.3, improved refactoring, improved profiler,
improved debugger, support for Gluon Scene Builder,
support for WildFly 9 and 10.

JavaScript/HTML5: support for Knockout 3.2.0, support
for Angular 1.2 and 1.3, new support of Jade Template Engine.

Node.js support: editor, debugger, Grunt support, Gulp support.

JavaScript: editor improvements, JSDoc improvements, debugger.

JSON editor improvements.

PHP: Phing support, Codeception support, Nette Tester support.

(asau)

Note update of pkgtools/mksandbox to 1.6

(agc)

Patch from Silas Silva to:

+ add a --without-src command line argument which allows a sandbox to be
  made without mounting any src tree component

+ bump mksandbox package to 1.6.

(agc)

gawk will corrupt the output data stream in multibyte locales,
so force the locale to "C".

Fixes mozilla-rootcerts under Linux.

(dsainty)

Reduce DEPENDS. They are not minumal requirements.

(ryoon)

Updated editors/Sigil to 0.9.3

(ryoon)

Update to 0.9.3

* Disable debug build

Changelog:
The engine is written completely and get EPUB 3 support.

(ryoon)

x11/qt5* PKGREVISION Bump

(ryoon)

Use RPATH instead of RUNPATH to fix library not found error from Qt5 apps
Bump PKGREVISION

(ryoon)

Updated inputmethod/ibus to 1.5.13
Updated inputmethod/ibus-python to 1.5.13

(ryoon)

ibus, ibus-python: Update to 1.5.13

* Buildlink libX11 to ibus-python to fix build

Changelog:
1.5.13
    src: Use cache file for compose table for launching time 7241f66 d5bf50c 706ba01 97e28cc
    Add SetCursorLocationRelative D-Bus method (Daiki Ueno) (Rui Matos) b51c620

1.5.12
    check for x11 for the ui too (Marc-Antoine Perennou) c0ced65
    ibus-daemon update user cache when user observed path is updated 1d67867
    panel: Constrain the candidate area to the current monitor bounds (Alexey Kotlyarov) 4a8024b
    panel: Fix the default position of property panel with dual monitors 3ebeb65
    setup: Fix PyGIWarning: GdkX11 was imported without specifying a version 49f3a73
    engine: Change language code from ISO 639-2 to ISO 639-1 in simple.xml 3af58fa

(ryoon)

Updated devel/dconf to 0.22.0nb4

(ryoon)

Replace more hardcoded /etc. Bump PKGREVISION
This fixes error from inputmethod/ibus-skk's ibus-setup-skk.

(ryoon)

Updated multimedia/mpv to 0.16.0

(leot)

Update multimedia/mpv to 0.16.0.

Changes:
Release 0.16.0
==============
This release changes the license of some non-MPlayer source files to LGPL 2.1 or later.

Build System Changes
--------------------
- build: enable vaapi under drm-only as well (issue #2808)
- build: enable vo_opengl_cb if GL headers are present
- build: make libavfilter mandatory
- build: make posix_spawn optional
- wscript: don窶冲 install the encoding profiles with encoding disabled

Features
--------
New
~~~
- Initial Android support
- ao: initial OpenSL ES support
- dxva2: support HEVC Main 10
- osc: add always-on mode and unify visibility mode (always/never/auto)
- player: add complex filter graph support
- rpi: add mpeg-4, vc-1 decoding support
- stream_dvb: support frontends with multiple delivery systems (e.g. DVB-C/DVB-T combo cards)
- vo_opengl: 10 bit support with ANGLE
- vo_opengl: add KMS/DRM VAAPI hardware decoding interop
- vo_opengl: dxinterop: add dxva2 passthrough
- vo_rpi: add geometry handling (--geometry, --autofit, fullscreen switching, etc.)
- vo_x11: add 16bpp support

Options and Commands
--------------------
Added
~~~~~
- --lavfi-complex option for complex filter graphs
- audio: change downmix behavior, add --audio-normalize-downmix
- command: add vf-command and af-command commands
- player: add --external-file option
- vo_opengl: add interpolation-threshold sub-option

Changed
~~~~~~~
- audio: change --audio-channels default back to stereo
- audio: remove default preference for libdcadec (decoder was merged with FFmpeg)
- command: always allow setting volume/mute properties
- command: show original aspect in video-aspect property too
- input: ignore --input-cursor for events injected by input commands (issue #2750)
- options: set fs=yes by default on RPI, and change RPI defaults handling
- sub: implement "sub-seek 0" (issue #2791)
- vo_opengl: default scaler-resizes-only sub-option to yes

Fixes and Minor Enhancements
----------------------------
- OS X/cocoa: fix charcode retrieving for accented characters
- TOOLS/lua/ao-null-reload.lua: send ao-reload on audio-device-list change (issue #2738)
- TOOLS/lua/autoload.lua: remove the extension prior to sort
- Windows: fix dropping URIs (issue #2782)
- af_lavrresample: prevent channels from being dropped, e.g. when going 7.1 -> 7.1(wide) and similar cases
- ao_coreaudio: fix 7.1(rear) channel mapping
- ao_openal: wipe out global context on init error (PR #2719)
- ao_wasapi: avoid under-run cascade in exclusive mode
- ao_wasapi: set buffer size to device period in exclusive mode
- audio: fix spdif PCM fallback
- build: add special openbsd case for iconv check (issue #2710)
- command: fix NULL pointer deref in "video-codec" property (issue #2729)
- command: fix track cycling logic (issue #2784)
- demux: disable stream cache if no tracks are selected (issue #2692)
- demux_mkv: add hack to fix opus gapless behavior
- demux_mkv: support channel layout in VfW muxed PCM (issue #2820)
- osc: fix runtime enable_osc(true/false)
- player: fix initial audio sync in certain cases (issue #2770)
- player: honor --force-window if video is selected, but inactive
- player: never show "DS: (unavailable)"
- player: restore old/correct --force-window behavior (issue #2825)
- player: rewrite timeline/ordered chapter support
- vaapi: fix compilation on older FFmpeg/Libav (issue #2737)
- vdpau: force driver to report preemption early
- video: don't wait for last video frame in the normal case (issue #2745)
- video: fix coverart switching
- video: slightly improve video stream switching
- vo_opengl: add precision qualifier to usampler2D on ANGLE (issue #2761)
- vo_opengl: default to rgba16f FBOs on ANGLE
- vo_opengl: don't use normalized coords for debanding rectangle textures (issue #2831)
- vo_opengl: dxinterop: fix compatibility issue with Vista
- vo_opengl: pass the correct target to deband functions with Apple hwdec interop
- vo_opengl: rename custom shader entrypoint from sample to sample_pixel (issue #2733)
- x11: get *current* XRandR screen configuration instead of polling for new screens, too

(leot)

Updated mail/exim to 4.86.2

(wiedi)

Update mail/exim and mail/exim-html to 4.86.2

Exim version 4.86.2
-------------------
Portability relase of 4.86.1

Exim version 4.86.1
-------------------
HS/04 Add support for keep_environment and add_environment options.
      This fixes CVE-2016-1531.

All installations having Exim set-uid root and using 'perl_startup' are
vulnerable to a local privilege escalation. Any user who can start an
instance of Exim (and this is normally *any* user) can gain root
privileges. If you do not use 'perl_startup' you *should* be safe.

New options
-----------

We had to introduce two new configuration options:

  keep_environment =
  add_environment =

Both options are empty per default. That is, Exim cleans the complete
environment on startup. This affects Exim itself and any subprocesses,
as transports, that may call other programs via some alias mechanisms,
as routers (queryprogram), lookups, and so on. This may affect used
libraries (e.g. LDAP).

** THIS MAY BREAK your existing installation **

If both options are not used in the configuration, Exim issues a warning
on startup. This warning disappears if at least one of these options is
used (even if set to an empty value).

keep_environment should contain a list of trusted environment variables.
(Do you trust PATH?). This may be a list of names and REs.

  keep_environment = ^LDAP_ : FOO_PATH

To add (or override) variables, you can use add_environment:

  add_environment = <; PATH=/sbin:/usr/sbin

New behaviour
-------------

Now Exim changes it's working directory to / right after startup,
even before reading it's configuration. (Later Exim changes it's working
directory to $spool_directory, as usual.)

Exim only accepts an absolute configuration file path now, when using
the -C option.

(wiedi)

Updated devel/py-mercurial to 3.7.2

(wiz)

Update py-mercurial to 3.7.2.

Include
changeset:  34663:332926212ef8
user:        FUJIWARA Katsunori <foozy@lares.dti.ne.jp>
date:        Wed Feb 24 06:10:46 2016 +0900
files:      mercurial/repoview.py tests/test-commandserver.t
description:
repoview: discard filtered changelog if index isn't shared with unfiltered

on top of 3.7.2 to fix a test failure, see
https://bz.mercurial-scm.org/show_bug.cgi?id=4642

This is a regularly-scheduled bugfix release.

    bundlerepo: properly handle hidden linkrev in filelog (issue4945)
    bundlerepo: properly handle hidden linkrev in manifestlog (issue4945)
    demandimport: add _imp to ignore list
    doc: correct example concerning "hg purge" alias in man page "hgrc.5"
    doc: remove deprecated option from synopsis of command help
    fileset: fix copy/paste in eol() error message
    help: fix typo in backgroundclose documentation
    help: hg.intevation.de is new primary name of hg.intevation.de (and new cert)
    help: update template examples to use reST literal syntax
    hg: obtain lock when creating share from pooled repo (issue5104)
    log: fix order of revisions filtered by multiple OR options (issue5100)
    rebase: update working directory when aborting (issue5084)
    revert: properly revert to ancestor of p2 during merge (issue5052)
    revset: flatten chained 'list' operations (aka function args) (issue5072)
    setup: avoid procedure related to hg.exe at setup.py --pure
    ui: fix crash by non-interactive prompt echo for user name
    unionrepo: properly handle hidden linkrev in revlog (issue5070)
    zeroconf: forward all arguments passed to ui.configitems() wrapper

(wiz)

Pass correct GCC ABI flags on AIX.

Fix from Eric N. Vander Weele <ericvw@gmail.com>

(jperkin)

+ mcsim-5.6.5, p5-DateTime-1.2400, p5-File-Which-1.20, p5-Moo-2.001000,
  stgit-0.17.1 [pkg/50875].

(wiz)

Remove GCC pragma patch, it breaks various platforms.

(jperkin)

Remove GCC pragma patch, breaks on various platforms.

(jperkin)

Updated x11/gtk2 to 2.24.29nb1

(nros)

Add patch to gtk2 to fix CVE-2013-7447.

(nros)

Replace whitespace with tab

(ryoon)

Updated security/libressl to 2.2.6

(sevan)

Revert meaningless change.

(asau)

Note addition of bazel 0.2.0.

(jmmv)

Add and enable bazel.

(jmmv)

Initial addition of bazel-0.2.0:

Bazel is a build tool that builds code quickly and reliably.  It is used to
build the majority of Google's software, and thus it has been designed to
handle build problems present in Google's development environment, including:

* A massive, shared code repository, in which all software is built from
  source.  Bazel has been built for speed, using both caching and parallelism
  to achieve this.  Bazel is critical to Google's ability to continue to scale
  its software development practices as the company grows.

* An emphasis on automated testing and releases.  Bazel has been built for
  correctness and reproducibility, meaning that a build performed on a
  continuous build machine or in a release pipeline will generate
  bitwise-identical outputs to those generated on a developer's machine.

* Language and platform diversity.  Bazel's architecture is general enough to
  support many different programming languages within Google, and can be used
  to build both client and server software targeting multiple architectures
  from the same underlying codebase.

(jmmv)

Note update of fuse-sshfs to 2.7

(jmmv)

Update to 2.7:

* Integrated osxfuse's copy of sshfs, which means that sshfs now works
  on OS X out of the box.
* Added -o cache_max_size=N option to let users tune the maximum size of
  the cache in number of entries.
* Added -o cache_clean_interval=N and -o cache_min_clean_interval=N
  options to let users tune the cleaning behavior of the cache.

(jmmv)

GC old patch.

(joerg)

Needs kernel types on NetBSD.

(joerg)

Needs pkg-config for autoconf.

(joerg)

Use bsdtar as pax-as-tar doesn't work.

(joerg)

Request kernel types on NetBSD.

(joerg)

Request kernel types on NetBSD.

(joerg)

Fix const violation. Fix delete on array. Request kernel types on
NetBSD. Bump revision. Don't fix cheese-style memory leaks.

(joerg)

NetBSD's v4l2 emulation doesn't currently have focus-related settings,
so conditionalize parts.

(joerg)

Don't do clever things with include guards, clever things tend to break.

(joerg)

The CVP override is no longer needed for Clang 3.8.

(joerg)

Sun Audio needs kernel types on NetBSD.

(joerg)

When using the Mersenne Twister, include the right header.

(joerg)

Request kernel types on NetBSD.

(joerg)

Needs pkg-config.

(joerg)

Request kernel types on NetBSD.

(joerg)

Newer binutils requires cmpw access to %r11 to explicitly qualify the
16bit part as %r11w.

(joerg)

Catch up with the sphinx-induced PLIST change. Bump revision.

(joerg)

Fix build with newer binutils by making the start/end marker of the
module list hidden. There really is no point in keeping them global.
Ideally, this would be using the normal linker set logic, but that's a
more involved change.

(joerg)

Updated lang/polyml to 5.6

(asau)

Update to Poly/ML 5.6.
Changes include major improvements of FFI.

(asau)

Updated lang/sbcl to 1.3.3

(asau)

Update to SBCL 1.3.3

changes in sbcl-1.3.3 relative to sbcl-1.3.2:
* enhancement: warn about argument mismatch for functions passed as
  arguments to other functions (e.g. REDUCE, MAP) at compile-time.
* optimization: functions accepting other functions (e.g. REDUCE, FIND) can
  now be constant-folded if all function arguments are declared as foldable.
* optimization: improved logical operations on integers of unknown type.
* bug fix: exception handling no longer leaks memory on OS X. (lp#326238)

(asau)

Fix rpath problem

(adam)

Updated security/openssl to 1.0.2g

(jperkin)

Update security/openssl to version 1.0.2g.

Changes between 1.0.2f and 1.0.2g [1 Mar 2016]

  * Disable weak ciphers in SSLv3 and up in default builds of OpenSSL.
    Builds that are not configured with "enable-weak-ssl-ciphers" will not
    provide any "EXPORT" or "LOW" strength ciphers.
    [Viktor Dukhovni]

  * Disable SSLv2 default build, default negotiation and weak ciphers.  SSLv2
    is by default disabled at build-time.  Builds that are not configured with
    "enable-ssl2" will not support SSLv2.  Even if "enable-ssl2" is used,
    users who want to negotiate SSLv2 via the version-flexible SSLv23_method()
    will need to explicitly call either of:

        SSL_CTX_clear_options(ctx, SSL_OP_NO_SSLv2);
    or
        SSL_clear_options(ssl, SSL_OP_NO_SSLv2);

    as appropriate.  Even if either of those is used, or the application
    explicitly uses the version-specific SSLv2_method() or its client and
    server variants, SSLv2 ciphers vulnerable to exhaustive search key
    recovery have been removed.  Specifically, the SSLv2 40-bit EXPORT
    ciphers, and SSLv2 56-bit DES are no longer available.
    (CVE-2016-0800)
    [Viktor Dukhovni]

  *) Fix a double-free in DSA code

    A double free bug was discovered when OpenSSL parses malformed DSA private
    keys and could lead to a DoS attack or memory corruption for applications
    that receive DSA private keys from untrusted sources.  This scenario is
    considered rare.

    This issue was reported to OpenSSL by Adam Langley(Google/BoringSSL) using
    libFuzzer.
    (CVE-2016-0705)
    [Stephen Henson]

  *) Disable SRP fake user seed to address a server memory leak.

    Add a new method SRP_VBASE_get1_by_user that handles the seed properly.

    SRP_VBASE_get_by_user had inconsistent memory management behaviour.
    In order to fix an unavoidable memory leak, SRP_VBASE_get_by_user
    was changed to ignore the "fake user" SRP seed, even if the seed
    is configured.

    Users should use SRP_VBASE_get1_by_user instead. Note that in
    SRP_VBASE_get1_by_user, caller must free the returned value. Note
    also that even though configuring the SRP seed attempts to hide
    invalid usernames by continuing the handshake with fake
    credentials, this behaviour is not constant time and no strong
    guarantees are made that the handshake is indistinguishable from
    that of a valid user.
    (CVE-2016-0798)
    [Emilia K辰sper]

  *) Fix BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption

    In the BN_hex2bn function the number of hex digits is calculated using an
    int value |i|. Later |bn_expand| is called with a value of |i * 4|. For
    large values of |i| this can result in |bn_expand| not allocating any
    memory because |i * 4| is negative. This can leave the internal BIGNUM data
    field as NULL leading to a subsequent NULL ptr deref. For very large values
    of |i|, the calculation |i * 4| could be a positive value smaller than |i|.
    In this case memory is allocated to the internal BIGNUM data field, but it
    is insufficiently sized leading to heap corruption. A similar issue exists
    in BN_dec2bn. This could have security consequences if BN_hex2bn/BN_dec2bn
    is ever called by user applications with very large untrusted hex/dec data.
    This is anticipated to be a rare occurrence.

    All OpenSSL internal usage of these functions use data that is not expected
    to be untrusted, e.g. config file data or application command line
    arguments. If user developed applications generate config file data based
    on untrusted data then it is possible that this could also lead to security
    consequences. This is also anticipated to be rare.

    This issue was reported to OpenSSL by Guido Vranken.
    (CVE-2016-0797)
    [Matt Caswell]

  *) Fix memory issues in BIO_*printf functions

    The internal |fmtstr| function used in processing a "%s" format string in
    the BIO_*printf functions could overflow while calculating the length of a
    string and cause an OOB read when printing very long strings.

    Additionally the internal |doapr_outch| function can attempt to write to an
    OOB memory location (at an offset from the NULL pointer) in the event of a
    memory allocation failure. In 1.0.2 and below this could be caused where
    the size of a buffer to be allocated is greater than INT_MAX. E.g. this
    could be in processing a very long "%s" format string. Memory leaks can
    also occur.

    The first issue may mask the second issue dependent on compiler behaviour.
    These problems could enable attacks where large amounts of untrusted data
    is passed to the BIO_*printf functions. If applications use these functions
    in this way then they could be vulnerable. OpenSSL itself uses these
    functions when printing out human-readable dumps of ASN.1 data. Therefore
    applications that print this data could be vulnerable if the data is from
    untrusted sources. OpenSSL command line applications could also be
    vulnerable where they print out ASN.1 data, or if untrusted data is passed
    as command line arguments.

    Libssl is not considered directly vulnerable. Additionally certificates etc
    received via remote connections via libssl are also unlikely to be able to
    trigger these issues because of message size limits enforced within libssl.

    This issue was reported to OpenSSL Guido Vranken.
    (CVE-2016-0799)
    [Matt Caswell]

  *) Side channel attack on modular exponentiation

    A side-channel attack was found which makes use of cache-bank conflicts on
    the Intel Sandy-Bridge microarchitecture which could lead to the recovery
    of RSA keys.  The ability to exploit this issue is limited as it relies on
    an attacker who has control of code in a thread running on the same
    hyper-threaded core as the victim thread which is performing decryptions.

    This issue was reported to OpenSSL by Yuval Yarom, The University of
    Adelaide and NICTA, Daniel Genkin, Technion and Tel Aviv University, and
    Nadia Heninger, University of Pennsylvania with more information at
    http://cachebleed.info.
    (CVE-2016-0702)
    [Andy Polyakov]

  *) Change the req app to generate a 2048-bit RSA/DSA key by default,
    if no keysize is specified with default_bits. This fixes an
    omission in an earlier change that changed all RSA/DSA key generation
    apps to use 2048 bits by default.
    [Emilia K辰sper]

(jperkin)

Updated textproc/heirloom-doctools to 160217

(leot)

Update textproc/heirloom-doctools to 160217.
Patch provided by Carsten Kunze via pkgsrc-wip and discussed with me via private
emails.

Changes:
Release 160217
==============

2016-02-17
    tbl:  Invalid memory access bug fixed.  (When testing if a
    line starts with '_' or '=' it did not check if the string is
    empty.)

2016-02-16
    .tr bugfix:  When the first character given to .tr was un-
    known, all character translations had been done wrong.

2016-02-11
    tbl troff bug fixed:  Height of table had been calculated
    wrong.  This could lead to graphics artifacts if a table is
    at page bottom.

2016-02-10
    Many changes to -man and -mdoc.  Heirloom's manual page for-
    matting is now quite compatible to groff.

2016-02-08
    Operator 'v' added for ".if".  (Some manpages using this.)

2016-02-02
    -ms: Macros .QS and .QE added.

2016-01-29
    Support for groff's notation \[uXXXX] added.

2016-01-26
    nroff: Use of new names for .char now possible.  (Up to now
    only names found in the tab file could be used.)

2016-01-01
    Spaces are now allowed in filenames of .cf, .fp, .lf, .nx,
    and .so requests.  The documentation stated that %20 could be
    used to escape spaces.  However this was not implemented.
    The implementation has now been changed to allow spaces by
    quoting the filename with '"'.  Additionally character codes
    up to 255 are allowed now in filenames.  (Bug reported by
    Jacob Parker (https://github.com/jacobp100).)

2015-12-23
    groff's operator ".if F <font>" added.

2015-12-18
    Support for groff's notation \[char<n>] added.

2015-12-10
    File system case-sensitivity issue fixed.  (Reported by Henry
    McGilton.)

2015-10-28
    Set previous font to current font in case of unknown font.
    This is the groff behaviour.  E.g. \fIfoo\fP \f(CWbar\fP blah
    did underline "blah" in AT&T nroff.

2015-09-23
    \n[.ns] implemented (had only been documented up to now).

2015-09-21
    Basic HTML support added.

2015-09-18
    Escape \I added (test if argument is a valid identifier).  \I
    is equivalent to groff's \A.

2015-07-14
    PDFMark: \X'SetBorderStyle' added.

2015-07-08
    Special groff compatibility mode for manual pages added which
    is enabled when register .g is set to 1.

2015-06-24
    .box bug fixed: .box did discard part of roff's state.

2015-06-22
    mm(7): .PGFORM added to allow line length change inside docu-
    ment.

2015-06-10
    .ie-.el bug fixed.  Up to now .ie-.el did not work fully re-
    liable in AT&T roff.  (Found during -mdoc debugging.)

2015-06-08
    mdoc: Macro Lb with library definitions for FreeBSD and
    NetBSD added.

2015-06-05
    nroff -T37 (default), -Tlp and -Tlocale: Display of pic(7)
    drawings implemented.

2015-06-04
    troff -Tpost: All font description files now uppercase (for
    use on case-insensitive file systems) and use of groff font
    names instead of traditional names now possible with .ft and
    \f.

2015-05-26
    Bugfix: nroff: Local motions had not been local (did stay in
    effect across line boundary).

    nroff: Request \D'l ...' added.

2015-05-02
    mdoc(7): .El: List type stack bug fixed.

(leot)

Updated chat/swift to 3.0

(wiz)

Update swift to 3.0.

we are pleased to announce the availability of Swift 3.0, an XMPP client
focused on usability and security.
It is our first release for 3 years and includes bug fixes and new features
like:
- File-transfer using Jingle File Transfer
- Simple continuation of 1-to-1 chats in group chats
- Keyword highlighting ( http://swift.im/blog/keyword-highlighting )
- Simple blocking of contacts using Blocking Command
- Compact roster setting that hides avatars and status messages
- Quick contact search filter in roster
- and more.

For the full changelog see https://swift.im/docs/changelog-3-0.html .

(wiz)

Updated net/miniupnpd to 1.9.20160222

(adam)

Changes 1.9.20160222:
set IPv6 Hop limit to 10
fix HOST: header of event notifications in IPv6
be more compliant on 64bit machines : ui4 in [0;2^32-1]

(adam)

Update link to pkgsrc-wip.

(wiz)

regen

(wiz)

Note addition of fuse-sshfs, version 2.6.

(jmmv)

Add and enable fuse-sshfs.

(jmmv)

Initial addition of fuse-sshfs, version 2.6:

This is a filesystem client based on the SSH File Transfer Protocol.
Since most SSH servers already support this protocol it is very easy to
set up: i.e. on the server side there's nothing to do.  On the client
side mounting the filesystem is as easy as logging into the server with
ssh.

The idea of sshfs was taken from the SSHFS filesystem distributed with
LUFS.  There were some limitations in that codebase, and this
implementation features:

- Based on FUSE
- Multithreading
- Large reads (max 64k)
- Caching directory contents
- Reconnect on failure

(jmmv)

Add phonon-qt5* packages.

(markd)

Add phonon-qt5{,-backend-vlc,-backend-gstreamer}
phonon-backend-gstreamer-shared

(markd)

Add phonon-qt5-backend-gstreamer 4.8.2
Split common files out to phonon-backend-gstreamer-shared package.

(markd)