Updated lang/openjdk8 to 1.8.60

(ryoon)

Update to 1.8.60

Changelog:
From: https://www.java.com/en/download/faq/release_changes.xml
Java 8 Update 60 (8u60)
Release Highlights

    IANA Data 2015e
    JDK 8u60 contains IANA time zone data version 2015e. For more information, refer to Timezone Data Versions in the JRE Software.
    Bug Fix: dns_lookup_realm should be false by default
    The dns_lookup_realm setting in Kerberos' krb5.conf file is by default false. See 8080637.
    Bug Fix: Disable RC4 cipher suites
    RC4-based TLS ciphersuites (e.g. TLS_RSA_WITH_RC4_128_SHA) are now considered compromised and should no longer be used (see RFC 7465). Accordingly, RC4-based TLS ciphersuites have been deactivated by default in the Oracle JSSE implementation by adding "RC4" to "jdk.tls.disabledAlgorithms" security property, and by removing them from the default enabled ciphersuites list. These cipher suites can be reactivated by removing "RC4" form "jdk.tls.disabledAlgorithms" security property in the java.security file or by dynamically calling Security.setProperty(), and also readding them to the enabled ciphersuite list using the SSLSocket/SSLEngine.setEnabledCipherSuites() methods. You can also use the -Djava.security.properties command line option to override the jdk.tls.disabledAlgorithms security property. For example:
    java -Djava.security.properties=my.java.security ...
    where my.java.security is a file containing the property without RC4:
    jdk.tls.disabledAlgorithms=SSLv3
    Even with this option set from commandline, the RC4 based ciphersuites need to be re-added to the enabled ciphersuite list by using the SSLSocket/SSLEngine.setEnabledCipherSuites() methods. See 8076221.
    Bug Fix: Support keystore type detection for JKS and PKCS12 keystores
    Keystore Compatibility Mode: To aid interoperability, the Java keystore type JKS now supports keystore compatibility mode by default. This mode enables JKS keystores to access both JKS and PKCS12 file formats. To disable keystore compatibility mode set the Security property keystore.type.compat to the string value false. See 8062552.
    Bug Fix: Deprecate Unsafe monitor methods in JDK 8u release
    The methods monitorEnter, monitorExit and tryMonitorEnter on sun.misc.Unsafe are marked as deprecated in JDK 8u60 and will be removed in a future release. These methods are not used within the JDK itself and are very rarely used outside of the JDK. See 8069302.
    Bug Fix: Extract JFR recording from the core file using SA
    DumpJFR is a Serviceability Agent based tool that can be used to extract Java Flight Recorder(JFR) data from the core files and live Hotspot processes. DumpJFR can be used in one of the following methods:
        Attach DumpJFR to a live process:

        java -cp $JAVA_HOME/lib/sa-jdi.jar sun.jvm.hotspot.tools.DumpJFR <pid>

        Attach DumpJFR to a core file:

        java -cp $JAVA_HOME/lib/sa-jdi.jar sun.jvm.hotspot.tools.DumpJFR <java> <core>

    DumpJFR tool dumps the JFR data to a file called recording.jfr in the current working folder. See 8065301 (not public).
    Bug Fix: Local variables named 'enum' lead to spurious compiler crashes
    The javac parser is incorrectly parsing local variables with name 'enum'; this results in spurious failures when a program containing such local variables is compiled with a 'source' flag corresponding to a release in which the enum construct is not available (such as '-source 1.4'). See 8069181.

Java Development Kit for ARM Release 8u60

This release includes Java Development Kit for ARM Release 8u60 (JDK 8u60 for ARM). For ARM device support information, see JDK for ARM Downloads page. For system requirements, installation instructions and troubleshooting tips, see Installation Instructions page.

Limitation: Native Memory Tracking support is limited in JDK for ARM. The java command line option XX:NativeMemoryTracking=detail is not supported for ARM targets (an error message is displayed to user). Instead, use the following option:
XX:NativeMemoryTracking=summary
Documentation Updates due to Nashorn Enhancements
JDK 8u60 includes new enhancements to Nashorn. As a result the following documentation changes should be read in conjunction with the current Nashorn documentation:

    Addition: In the previous section, we mentioned that every JavaScript object when exposed to Java APIs implements the java.util.Map interface. This is true even for JavaScript arrays. However, this behavior is often not desired or expected when the Java code expects JSON-parsed objects. Java libraries that manipulate JSON-parsed objects usually expect arrays to expose the java.util.List interface instead. If you need to expose your JavaScript objects so that arrays are exposed as lists and not maps, you can use the Java.asJSONCompatible(obj) function, where obj is the root of your JSON object tree.
    Correction: The caution mentioned at the end of Mapping Data Types section, is no longer applicable. Nashorn ensures that internal JavaScript strings are converted to java.lang.String when exposed externally.
    Correction: The statement in the section Mapping Data Types, that mentions "For example, arrays must be explicitly converted,..." is not correct. Arrays are automatically converted to Java array types, such as java.util.List, java.util.Collection, java.util.Queue and java.util.Deque and so on.

Changes in Deployment Rule Set v1.2
JDK 8u60 implements Deployment Rule Set (DRS) 1.2, which includes the following changes:

    Add "checksum" element as sub element of "id" which can allow unsigned jars to be identified by the SHA-256 checksum of the uncompressed form of a jar:
        The "checksum" element will match only unsigned jars, and the given hash will be compared only against the uncompressed form of the jar.
        The "checksum" element (similar to "certificate" element) has two arguments "hash" and "algorithm", however, unlike "certificate" element, the only supported value for "algorithm" is "SHA-256". Any other value provided will be ignored.
    Allow "message" element to apply to all rule types, where previously it only applied to a block rule:
        In a run rule, a message sub element will cause a message dialog to be displayed where without a run rule, the default behavior would be to show certificate or unsigned dialog. The message will be displayed in the message dialog.
        In a default rule, the message will only be displayed if the default action is to block. In such a case the message will be included in the block dialog.
    Echo "customer" blocks in the Java Console, trace files, and Java Usage Tracker records.
        Previous to DRS 1.2, "customer" elements could be included (with any sub-elements) in the ruleset.xml file. This element and all its sub elements are ignored. In DRS 1.2, the elements are still functionally ignored. However:
            When parsing the ruleset.xml file, all "customer" blocks will be echoed to the Java Console and deployment trace file (if Console and Tracing are enabled).
            When using a rule, all "customer" records included within that rule will be added to the Java Usage Tracker (JUT) record (if JUT is enabled).

As a result of the above changes, the DTD for DRS 1.2 is as follows:

<!ELEMENT ruleset (rule*)>
<!ATTRIBUTE ruleset href CDATA #IMPLIED>
<!ATTRIBUTE ruleset version CDATA #REQUIRED>

<!ELEMENT rule (id, action)>

<!ELEMENT id (certificate?) (checksum?) >
<!ATTRIBUTE id title CDATA #IMPLIED>
<!ATTRIBUTE id location CDATA #IMPLIED>

<!ELEMENT certificate EMPTY>
<!ATTLIST certificate algorithm CDATA #IMPLIED>
<!ATTLIST certificate hash CDATA #REQUIRED>

<!ELEMENT checksum EMPTY>
<!ATTLIST checksum algorithm CDATA #IMPLIED>
<!ATTLIST checksum hash CDATA #REQUIRED>

<!ELEMENT action (message?)>
<!ATTRIBUTE permission (run | block | default) #REQUIRED>
<!ATTRIBUTE version CDATA #IMPLIED>
<!ATTRIBUTE force (true|false) "false">

<!ELEMENT message (#PCDATA)>
<!ATTLIST message locale CDATA #IMPLIED>

Java Expiration Date

The expiration date for 8u60 is October 20, 2015. Java expires whenever a new release with security vulnerability fixes becomes available. For systems unable to reach the Oracle Servers, a secondary mechanism expires this JRE (version 8u60) on November 20, 2015. After either condition is met (new release becoming available or expiration date reached), Java will provide additional warnings and reminders to users to update to the newer version.
Bug Fixes

For a list of bug fixes included in this release, see JDK 8u60 Bug Fixes page.

(ryoon)

Updated math/coinmp to 1.8.3

(ryoon)

Update to 1.8.3

Changelog:
Not available.

(ryoon)

Updated www/nginx-devel to 1.9.5

(imil)

Updated to nginx 1.9.5

Changes from 1.9.4

*) Feature: the ngx_http_v2_module (replaces ngx_http_spdy_module).
  Thanks to Dropbox and Automattic for sponsoring this work.

*) Change: now the "output_buffers" directive uses two buffers by
  default.

*) Change: now nginx limits subrequests recursion, not simultaneous
  subrequests.

*) Change: now nginx checks the whole cache key when returning a
  response from cache.
  Thanks to Gena Makhomed and Sergey Brester.

*) Bugfix: "header already sent" alerts might appear in logs when using
  cache; the bug had appeared in 1.7.5.

*) Bugfix: "writev() failed (4: Interrupted system call)" errors might
  appear in logs when using CephFS and the "timer_resolution" directive
  on Linux.

*) Bugfix: in invalid configurations handling.
  Thanks to Markus Linnala.

*) Bugfix: a segmentation fault occurred in a worker process if the
  "sub_filter" directive was used at http level; the bug had appeared
  in 1.9.4.

Updated naxsi to 0.54

>From 0.53-2 "AppleJack":

* increased PCRE output vector from 6 to 30 (from 2 match groups to 10)
* removed negative rule on content-types (naxsi_core.rules) as naxsi supports
  json
* Fixed broken EXLOG on |NAME match zones (issues/110)
* Integrated libinjection (xss/sqli)

(imil)

Updated www/nginx to 1.8.0

(imil)

Updated naxsi to 0.54

>From 0.53-2 "AppleJack":

* increased PCRE output vector from 6 to 30 (from 2 match groups to 10)
* removed negative rule on content-types (naxsi_core.rules) as naxsi supports
  json
* Fixed broken EXLOG on |NAME match zones (issues/110)
* Integrated libinjection (xss/sqli)

Modified `options.mk' to allow www/nginx-devel to use ngx_http_v2_module instead
of ngx_http_spdy_module.

(imil)

Shelling perl in the Makefile can be problematic since pbulk-index may
invoke the Makefile prior to having the perl dependency installed.

Instead, gather ldopts during configure and pass them to libsvn_swig_perl
in order to build with the necessary ldflags.

(richard)

Build with the portable dumper like editors/xemacs, following advice
from upstream. This fixes spurious SIGSEV breakage during build on
newer NetBSD installations.

(hauke)

Updated net/openresolv to 3.7.1

(roy)

openresolv-3.7.1 has been released with the following changes:
  *  Typo's, thanks to Herbert Parentes Fortes Neto
  *  Clarify that private_interfaces="*" will not forward the root zone
  *  Change from bzip2 to xz for builiding the source tarball
  *  ensure that domain-insecure always appears in a server clause for
    the unbound subscriber

(roy)

Updated sysutils/cdrtools to 3.01nb1

(wiz)

Joerg Schilling has recently released schilytools-2005-09-16
Lines 83 to 84 of AN-2015-09-16 mention an issue affecting
unpriviledged users running cdda2wav on NetBSD:

cdda2wav: fixed the file setuid.c to work on NetBSD. Thanks to
Heiko Ei��feldt for reporting.

This is the referenced patch, extracted by fbrosson2014.

Bump PKGREVISION.

(wiz)

Updated devel/cmake to 3.3.2

(wiz)

Update to 3.3.2:

Changes in 3.3.2 since 3.3.1:

Brad King (2):
    Makefile: Print color escapes only when necessary
    CMake 3.3.2

Chuck Atkins (1):
    find_*: Fix search order when the environment duplicates some HINTS

Daniel Pfeifer (3):
    cmExtra{Kate,SublimeText}Generator: Remove unused cmXMLSafe includes
    cmCTest{BZR,GIT,P4}: Remove unused cmXMLSafe includes
    CTest: Fix XML double-encoding cases

Matt McCormick (1):
    CMakeDetermine{C,CXX}Compiler: Avoid if() auto-dereferene in quoted arguments

(wiz)

Updated devel/waf to 1.8.14

(wiz)

Update to 1.8.14:

Waf 1.8.14 has been released a few moments ago; it contains the following changes:
* Fixed a regression affecting Visual Studio detection on Python 3 when --msvc_lazy_autodetect is not provided
* Enabled vala processing on a folder basis with the vala_dir parameter - #1601
* Enabled vala resource processing - #1626

Waf 1.8.13 has been released today; it contains the following changes:
* Exposed the Popen parameters input/timeout to cmd_and_log/exec_command ('timeout' is for Python >= 3.3 though)
* Added 'with_sys_path' to Context.load_tool to use/skip sys.path
* Changed gccdeps so that it handles '..' within paths
* env = conf.env.derive().detach()
* Changed Sun compiler's default shared library flag from -Kpic to -xcode=pic32 - #1625
* Added bld(rule=, ..., cls_str=, cls_keyword=) for more descriptive outputs - #1598
* Added a lazy Visual Studio detection option --msvc_lazy_autodetect - #1614
* Changed the definition of function tests to prevent warnings with gcc - #1622

(wiz)

Updated x11/libdrm to 2.4.65

(wiz)

Update to 2.4.65:

    Alan Coopersmith (1):
      Include <alloca.h> when needed before calling alloca

    Christian König (2):
      amdgpu: remove sequence mutex
      amdgpu: serialize drmPrimeFDToHandle

    Emil Velikov (20):
      drm: add interface to get drm devices on the system v3
      Move -lm link flag to LIBADD
      vbltest: fix variable shadowing warning
      modetest: fix shadowing warnings
      intel: resolve shadowing warnings
      intel: error out on has_error in exec2
      intel: introduce to_bo_gem() helper
      configure: enable -Wshadow when available
      amdgpu: remove unneeded -Wno-switch-enum flag
      modetest: annotate const data as such for good measure
      libkms: use static const for good measure
      radeon: cleanup bo/cs func tables
      freedreno: annotate the device/bo/pipe/ringbuffer funcs as const data
      tests/amdgpu: reference the correct variable for memcpy
      tests/amdgpu: annotate the uvd message templates as const data
      tests/amdgpu: annotate (most of) the vce templates as const data
      tests/amdgpu: ensure tests work by using c99 initializers
      nouveau: use designated initializers
      intel: ignore missing-field-initializers warnings
      configure: remove -Wno-missing-field-initializers

    Hyungwon Hwang (2):
      xf86drmMode: remove the trailing white spaces
      modetest: remove the trailing white spaces

    Jonathan Gray (1):
      amdgpu: use EINVAL instead of EBADMSG in amdgpu_bo_cpu_unmap()

    Jérôme Glisse (1):
      drm: Add -lm to libdrm ldflags to fix build failure.

    Mathias Tillman (1):
      drm: fix the usage after free

    Mauro Rossi (2):
      amdgpu: add Makefile.sources
      amdgpu: add Android build support

    Michel Dänzer (1):
      tests: Add -lm to LDADD for dristat

    Rafał Sapała (1):
      intel: Serialize drmPrimeFDToHandle with struct_mutex

    Rob Clark (4):
      freedreno: don't take ownership of the dmabuf fd on import
      drm: make individual drm_server_info fxns optional
      freedreno: add API to get drm fd from fd_device
      Bump version for release

    Thierry Reding (1):
      omap: Initialize DMA BUF file descriptor to -1

    Tvrtko Ursulin (1):
      libdrm: Add framebuffer modifiers uapi

    Varad Gautam (5):
      freedreno: fix a bo cache segfault with imported bo's
      freedreno: fill bo->fd when importing
      freedreno: get bo size for imported dma-buf
      freedreno: use drmPrime wrappers to import/export prime bo's
      freedreno: serialize drmPrimeFDToHandle under table_lock

    monk.liu (1):
      amdgpu: fix missing deinit on vamgr_32

(wiz)

Updated x11/xf86-video-chips to 1.2.6

(wiz)

Update to 1.2.6:

Adam Jackson (3):
      Remove mibstore.h
      ddc: Use own thunk function instead of vgaHWddc1SetSpeedWeak
      Update for xserver 1.17

Alan Coopersmith (2):
      Add iopl.h to source lists in util/Makefile.am so it gets packaged
      Require ANSI C89 pre-processor, drop pre-C89 token pasting support

Matt Turner (1):
      xf86-video-chips 1.2.6

(wiz)

Updated x11/xf86-video-s3virge to 1.10.7

(wiz)

Update to 1.10.7:

Adam Jackson (3):
      Use own thunk function instead of vgaHW*Weak
      Fix build against xserver 1.17
      Remove call to miInitializeBackingStore

Matt Turner (1):
      xf86-video-s3virge 0.10.7

(wiz)

Updated fonts/unifont to 8.0.01nb1

(wiz)

Add FONTS_DIRS.* variables for proper installation.

Addresses PR 50280 by tsutsui@

Bump PKGREVISION.

(wiz)

also patch the portaudio sources to build only as a static library.
bump pkg version.

hopefully this now works properly.  for me, my portaudio-devel package
was sufficient to allow it to work and i didn't notice this problem.

(mrg)

Patch CVE-2015-1270. Via Debian.

(tnn)

Updated graphics/MesaLib to 11.0.2

(tnn)

Update to mesa-11.0.2. This fixes mesa 11 regressions found by dEQP tool.

(tnn)

Updated devel/py-virtualenv to 13.1.2nb1

(rodent)

Make this not self-conflict like we did with a lot of other python packages
ie. remove ${DESTDIR}${PREFIX}/bin/virtualenv in the post-install phase.
Bump PKGREVISION.

(rodent)

Added www/logswan version 1.00

(kamil)

+logswan

(kamil)

Import logswan-1.00 as www/logswan

Logswan is a fast Web log analyzer using probabilistic data structures. It is
targeted at very large log files, typically APIs logs. It has constant memory
usage regardless of the log file size, and takes approximatively 4MB of RAM.

Unique visitors counting is performed using two HyperLogLog counters (one for
IPv4, and another one for IPv6), providing a relative accuracy of 0.10%.

Project design goals include : speed, memory-usage efficiency, and keeping the
code as simple as possible.

Logswan is opinionated software :
- It only supports the Common Log Format, in order to keep the parsing code
  simple
- It does not split results per day, but log files can be split prior to being
  processed

(kamil)

fix typo in package name

(as noticed in the "www update.changes log" emails about
"Unknown package in CHANGES file")

(reed)

Updated net/samba4 to 4.3.0

(ryoon)

Update to 4.3.0

Changelog:
                  =============================
                  Release Notes for Samba 4.3.0
                          September 8, 2015
                  =============================

This is the first stable release of Samba 4.3.

UPGRADING
=========

Read the "New FileChangeNotify subsystem" and "smb.conf changes" sections
(below).

NEW FEATURES
============

Logging
-------

The logging code now supports logging to multiple backends.  In
addition to the previously available syslog and file backends, the
backends for logging to the systemd-journal, lttng and gpfs have been
added. Please consult the section for the 'logging' parameter in the
smb.conf manpage for details.

Spotlight
---------

Support for Apple's Spotlight has been added by integrating with Gnome
Tracker.

For detailed instructions how to build and setup Samba for Spotlight,
please see the Samba wiki: <https://wiki.samba.org/index.php/Spotlight>

New FileChangeNotify subsystem
------------------------------

Samba now contains a new subsystem to do FileChangeNotify. The
previous system used a central database, notify_index.tdb, to store
all notification requests. In particular in a cluster this turned out
to be a major bottleneck, because some hot records need to be bounced
back and forth between nodes on every change event like a new created
file.

The new FileChangeNotify subsystem works with a central daemon per
node. Every FileChangeNotify request and every event are handled by an
asynchronous message from smbd to the notify daemon. The notify daemon
maintains a database of all FileChangeNotify requests in memory and
will distribute the notify events accordingly. This database is
asynchronously distributed in the cluster by the notify daemons.

The notify daemon is supposed to scale a lot better than the previous
implementation. The functional advantage is cross-node kernel change
notify: Files created via NFS will be seen by SMB clients on other
nodes per FileChangeNotify, despite the fact that popular cluster file
systems do not offer cross-node inotify.

Two changes to the configuration were required for this new subsystem:
The parameters "change notify" and "kernel change notify" are not
per-share anymore but must be set globally. So it is no longer
possible to enable or disable notify per share, the notify daemon has
no notion of a share, it only works on absolute paths.

New SMB profiling code
----------------------

The code for SMB (SMB1, SMB2 and SMB3) profiling uses a tdb instead
of sysv IPC shared memory. This avoids performance problems and NUMA
effects. The profile stats are a bit more detailed than before.

Improved DCERPC man in the middle detection for kerberos
--------------------------------------------------------

The gssapi based kerberos backends for gensec have support for
DCERPC header signing when using DCERPC_AUTH_LEVEL_PRIVACY.

SMB signing required in winbindd by default
-------------------------------------------

The effective value for "client signing" is required
by default for winbindd, if the primary domain uses active directory.

Experimental NTDB was removed
-----------------------------

The experimental NTDB library introduced in Samba 4.0 has been
removed again.

Improved support for trusted domains (as AD DC)
-----------------------------------------------

The support for trusted domains/forests has improved a lot.

samba-tool got "domain trust" subcommands to manage trusts:

  create      - Create a domain or forest trust.
  delete      - Delete a domain trust.
  list        - List domain trusts.
  namespaces  - Manage forest trust namespaces.
  show        - Show trusted domain details.
  validate    - Validate a domain trust.

External trusts between individual domains work in both ways
(inbound and outbound). The same applies to root domains of
a forest trust. The transitive routing into the other forest
is fully functional for kerberos, but not yet supported for NTLMSSP.

While a lot of things are working fine, there are currently a few limitations:

  - Both sides of the trust need to fully trust each other!
  - No SID filtering rules are applied at all!
  - This means DCs of domain A can grant domain admin rights
    in domain B.
  - It's not possible to add users/groups of a trusted domain
    into domain groups.

SMB 3.1.1 supported
-------------------

Both client and server have support for SMB 3.1.1 now.

This is the dialect introduced with Windows 10, it improves the secure
negotiation of SMB dialects and features.

There's also a new optinal encryption algorithm aes-gcm-128,
but for now this is only selected as fallback and aes-ccm-128
is preferred because of the better performance. This might change
in future versions when hardware encryption will be supported.
See https://bugzilla.samba.org/show_bug.cgi?id=11451.

New smbclient subcommands
-------------------------

  - Query a directory for change notifications: notify <dir name>
  - Server side copy: scopy <source filename> <destination filename>

New rpcclient subcommands
-------------------------

  netshareenumall - Enumerate all shares
  netsharegetinfo - Get Share Info
  netsharesetinfo - Set Share Info
  netsharesetdfsflags - Set DFS flags
  netfileenum - Enumerate open files
  netnamevalidate - Validate sharename
  netfilegetsec - Get File security
  netsessdel - Delete Session
  netsessenum - Enumerate Sessions
  netdiskenum - Enumerate Disks
  netconnenum - Enumerate Connections
  netshareadd - Add share
  netsharedel - Delete share

New modules
-----------

  idmap_script - see 'man 8 idmap_script'
  vfs_unityed_media - see 'man 8 vfs_unityed_media'
  vfs_shell_snap - see 'man 8 vfs_shell_snap'

New sparsely connected replia graph (Improved KCC)
--------------------------------------------------

The Knowledge Consistency Checker (KCC) maintains a replication graph
for DCs across an AD network. The existing Samba KCC uses a fully
connected graph, so that each DC replicates from all the others, which
does not scale well with large networks. In 4.3 there is an
experimental new KCC that creates a sparsely connected replication
graph and closely follows Microsoft's specification. It is turned off
by default. To use the new KCC, set "kccsrv:samba_kcc=true" in
smb.conf and let us know how it goes. You should consider doing this
if you are making a large new network. For small networks there is
little benefit and you can always switch over at a later date.

Configurable TLS protocol support, with better defaults
-------------------------------------------------------

The "tls priority" option can be used to change the supported TLS
protocols. The default is to disable SSLv3, which is no longer
considered secure.

Samba-tool now supports all 7 FSMO roles
-------------------------------------------------------

Previously "samba-tool fsmo" could only show, transfer or seize the
five well-known FSMO roles:

Schema Master
Domain Naming Master
RID Master
PDC Emulator
Infrastructure Master

It can now also show, transfer or seize the DNS infrastructure roles:

DomainDnsZones Infrastructure Master
ForestDnsZones Infrastructure Master

CTDB logging changes
--------------------

The destination for CTDB logging is now set via a single new
configuration variable CTDB_LOGGING.  This replaces CTDB_LOGFILE and
CTDB_SYSLOG, which have both been removed.  See ctdbd.conf(5) for
details of CTDB_LOGGING.

CTDB no longer runs a separate logging daemon.

CTDB NFS support changes
------------------------

CTDB's NFS service management has been combined into a single 60.nfs
event script.  This updated 60.nfs script now uses a call-out to
interact with different NFS implementations.  See the CTDB_NFS_CALLOUT
option in the ctdbd.conf(5) manual page for details.  A default
call-out is provided to interact with the Linux kernel NFS
implementation.  The 60.ganesha event script has been removed - a
sample call-out is provided for NFS Ganesha, based on this script.

The method of configuring NFS RPC checks has been improved.  See
ctdb/config/nfs-checks.d/README for details.

Improved Cross-Compiling Support
--------------------------------

A new "hybrid" build configuration mode is added to improve
cross-compilation support.

A common challenge in cross-compilation is that of obtaining the results
of tests that have to run on the target, during the configuration
phase of the build. The Samba build system already supports the following
means to do so:

  - Executing configure tests using the --cross-execute parameter
  - Obtaining the results from an answers file using the --cross-answers
    parameter

The first method has the drawback of inaccurate results if the tests are
run using an emulator, or a need to be connected to a running target
while building, if the tests are to be run on an actual target. The
second method presents a challenge of figuring out the test results.

The new hybrid mode runs the tests and records the result in an answer file.
To activate this mode, use both --cross-execute and --cross-answers in the
same configure invocation. This mode can be activated once against a
running target, and then the generated answers file can be used in
subsequent builds.

Also supplied is an example script that can be used as the
cross-execute program. This script copies the test to a running target
and runs the test on the target, obtaining the result. The obtained
results are more accurate than running the test with an emulator, because
they reflect the exact kernel and system libraries that exist on the
target.

Improved Sparse File Support
----------------------------
Support for the FSCTL_SET_ZERO_DATA and FSCTL_QUERY_ALLOCATED_RANGES
SMB2 requests has been added to the smbd file server.
This allows for clients to deallocate (hole punch) regions within a
sparse file, and check which portions of a file are allocated.

######################################################################
Changes
#######

smb.conf changes
----------------

  Parameter Name Description Default
  -------------- ----------- -------
  logging New (empty)
  msdfs shuffle referrals New no
  smbd profiling level New off
  spotlight New no
  tls priority New NORMAL:-VERS-SSL3.0
  use ntdb Removed
  change notify Changed to [global]
  kernel change notify Changed to [global]
  client max protocol Changed default SMB3_11
  server max protocol Changed default SMB3_11

Removed modules
---------------

vfs_notify_fam - see section 'New FileChangeNotify subsystem'.

KNOWN ISSUES
============

Currently none.

CHANGES SINCE 4.2.0rc4
======================

o  Andrew Bartlett <abartlet@samba.org>
    * Bug 10973: No objectClass found in replPropertyMetaData on ordinary
      objects (non-deleted)
    * Bug 11429: Python bindings don't check integer types
    * Bug 11430: Python bindings don't check array sizes

o  Ralph Boehme <slow@samba.org>
    * Bug 11467: Handling of 0 byte resource fork stream

o  Volker Lendecke <vl@samba.org>
    * Bug 11488: AD samr GetGroupsForUser fails for users with "()" in
      their name

o  Stefan Metzmacher <metze@samba.org>
    * Bug 11429: Python bindings don't check integer types

o  Matthieu Patou <mat@matws.net>
    * Bug 10973: No objectClass found in replPropertyMetaData on ordinary
      objects (non-deleted)

CHANGES SINCE 4.2.0rc3
======================

o  Ralph Boehme <slow@samba.org>
    * Bug 11444: Crash in notify_remove caused by change notify = no

o  G端nther Deschner <gd@samba.org>
    * Bug 11411: smbtorture does not build when configured --with-system-mitkrb5

o  Volker Lendecke <vl@samba.org>
    * Bug 11455: fix recursion problem in rep_strtoll in lib/replace/replace.c
    * Bug 11464: xid2sid gives inconsistent results
    * Bug 11465: ctdb: Fix the build on FreeBSD 10.1

o  Roel van Meer <roel@1afa.com>
    * Bug 11427: nmbd incorrectly matches netbios names as own name

o  Stefan Metzmacher <metze@samba.org>
    * Bug 11451: Poor SMB3 encryption performance with AES-GCM
    * Bug 11458: --bundled-libraries=!ldb,!pyldb,!pyldb-util doesn't
      disable ldb build and install

o  Andreas Schneider <asn@samba.org>
    * Bug 9862: Samba "map to guest = Bad uid" doesn't work

CHANGES SINCE 4.3.0rc2
======================

o  Andrew Bartlett <abartlet@samba.org>
    * Bug 11436: samba-tool uncaught exception error
    * Bug 10493: revert LDAP extended rule 1.2.840.113556.1.4.1941
                LDAP_MATCHING_RULE_IN_CHAIN changes

o  Ralph Boehme <slow@samba.org>
    * Bug 11278: Stream names with colon don't work with
                fruit:encoding = native
    * Bug 11426: net share allowedusers crashes

o  Amitay Isaacs <amitay@gmail.com>
    * Bug 11432: Fix crash in nested ctdb banning
    * Bug 11434: Cannot build ctdbpmda
    * Bug 11431: CTDB's eventscript error handling is broken

o  Stefan Metzmacher <metze@samba.org>
    * Bug 11451: Poor SMB3 encryption performance with AES-GCM (part1)
    * Bug 11316: tevent_fd needs to be destroyed before closing the fd

o  Arvid Requate <requate@univention.de>
    * Bug 11291: NetApp joined to a Samba/ADDC cannot resolve SIDs

o  Martin Schwenke <martin@meltin.net>
    * Bug 11432: Fix crash in nested ctdb banning

CHANGES SINCE 4.3.0rc1
======================

o  Jeremy Allison <jra@samba.org>
    * BUG 11359: strsep is not available on Solaris

o  Bj旦rn Baumbach <bb@sernet.de>
    * BUG 11421: Build with GPFS support is broken

o  Justin Maggard <jmaggard@netgear.com>
    * BUG 11320: "force group" with local group not working

o  Martin Schwenke <martin@meltin.net
    * BUG 11424: Build broken with --disable-python

#######################################
Reporting bugs & Development Discussion
#######################################

Please discuss this release on the samba-technical mailing list or by
joining the #samba-technical IRC channel on irc.freenode.net.

If you do report problems then please try to send high quality
feedback. If you don't provide vital information to help us track down
the problem then you will probably be ignored.  All bug reports should
be filed under the "Samba 4.1 and newer" product in the project's Bugzilla
database (https://bugzilla.samba.org/).

======================================================================
== Our Code, Our Bugs, Our Responsibility.
== The Samba Team
======================================================================

(ryoon)

Fix hardcoded bash usage and use 'gmake' to simplify getting datafiles
Thanks FreeBSD ports!  bump PKGREVISION

(richard)

Add upstream bug report URL.

(ryoon)

Add upstream bug report URL.

(ryoon)

Updated devel/git to 2.5.3

(adam)

Changes 2.5.3:
* The experimental untracked-cache feature were buggy when paths with
  a few levels of subdirectories are involved.

* Recent versions of scripted "git am" has a performance regression
  in "git am --skip" codepath, which no longer exists in the
  built-in version on the 'master' front.  Fix the regression in
  the last scripted version that appear in 2.5.x maintenance track
  and older.

Also contains typofixes, documentation updates and trivial code
clean-ups.

(adam)

+ autoconf-archive-2015.09.25, coinmp-1.8.3, dialog-1.2.20150920,
  gst-plugins1-base-1.6.0, gst-plugins1-good-1.6.0,
  gst-plugins1-ugly-1.6.0, gstreamer1-1.6.0, innoextract-1.5,
  p5-Archive-Zip-1.53, py-foolscap-0.9.1, raine-0.64.9,
  spice-protocol-0.12.10, x264-devel-20150926, xf86-video-chips-1.2.6,
  xf86-video-s3virge-1.10.7.

(wiz)

add bison to tools since we patched a .y file; noticed by Joerg

(dholland)

Remove old and probably stale Gecko Media Plugin patches (from FreeBSD?).
It might still be possible that pkgsrc needs adjustments for gmp loading
if/when we adopt some gmp packages, but until then they serve no purpose
and in fact appear to be harmful. Fixes Firefox startup error message:

addons.manager  ERROR  Exception calling provider GMPProvider.startup

(tnn)

Experimentally support building with X11_TYPE=modular on OS X. This targets
the Apple DRI platform instead of libpciaccess & libdrm. It is a step towards
packaging XQuartz and towards a future goal of migrating the platform away from
the so called "native" X11 which is no longer native by the usual definition.

(tnn)

Updated ansiweather to 1.05

(kamil)

Upgrade to 1.05

Stop fixing ansiweather's shebang (addressed upstream).

Upstream changelog
==================

AnsiWeather 1.05 (2015-09-27)

- Fixes for numeric translation on NetBSD (Thanks Kamil Rytarowski)
- Use xargs printf construct to avoid hardcoding path to external
  printf command (Thanks Kamil Rytarowski)
- Use '/bin/sh' shebang instead of '/usr/bin/env sh' for portability
  reasons (Thanks Kamil Rytarowski)
- Replacing spaces by underscores in location name before calling
  the weather API
- Force bc to always return integers for wind directions (Thanks Lornix)
- Documentation updates

AnsiWeather 1.04 (2015-09-10)

- Added a '-a' option to toggle ANSI colors display
- Daylight option in the example configuration file now default to
  false to match program default
- Better formatting for usage display
- Documentation updates

(kamil)

Updated chat/bitchx to 1.2.1

(kamil)

owncloud wants pdo_mysql or pdo_pgsql
bump PKGREVISION

(bouyer)

Upgrade to 1.2.1, reuse work from wip/bitchx (by Makoto Fujiwara)

Drop all local patches for old GCC fixes and tuning the program itself.

Upstream changelog
==================

[Changes 1.2.1]

* Prefer <fcntl.h> over <sys/fcntl.h> (reported by ncopa). (caf)

* Fix overflow in say() when handling a maximum-length client message. (caf)

* Remove WANT_CHAN_NICK_SERV define and include network services commands
  by default. (caf)

* Pass through externally-provided CPPFLAGS (reported by cpet). (caf)

* Don't set the mode on new channels until synched - this speeds up joining
  lots of channels at connect time if one of them is new, and reduces the
  chance of being flooded off the server. (caf)

* Correctly handle channel sync across multi-server. (caf)

* Fixes and improvements for channel logging. (caf)

* Use correct (MODECHAN and MODEUSER) display level for channel and user
  modes. (caf)

* Allow %- status format to handle max-length topics (reported by oxy). (caf)

* Add /FSET WOHIS_LOGGEDIN for services login info on hybrid, ratbox and
  ircu. (caf)

* Add sanity checking of incoming nicknames. (caf)

* /MV (massvoice) shouldn't send +v for already-voiced users. (caf)

* Fix lag check on recent 32 bit OpenBSD / NetBSD (reported by DJ). (caf)

* Fix key bindings that terminate with ^. (caf)

* Fix the $timer() scripting function. (caf)

* Fix the /TKB (timed kickban) command. (caf)

* Rewrite termcap/terminfo detection logic in configure and include term.h
  in term.c for the system definition of tparm().  This fixes a crash on
  NetBSD x86-64 (reported by jeezy), and should also ensure that terminfo
  is used in preference to termcap on NetBSD. (caf)

* Fix output when built against termcap. (caf)

* Fix STATUS_NOTIFY so that it appears in the right window. (caf)

* Improve robustness of status formats handling. (caf)

* Use system setenv() in preference to compat bsd_setenv(). (caf)

* Allow selection of alternate hashing methods with $crypt(). (caf)

* Improve the initial seeding of the randm() fallback RNG. (caf)

* Strengthen the cookie generation algorithm for /detach. (caf)

* RANDOM_SOURCE now only affects the rand() scripting function. (caf)

* Make RANDOM_LOCAL_PORTS actually random. (caf)

* Show same message on local terminal as used in emergency exit QUIT. (caf)

* Remove unused XLINK CTCP reply handler. (caf)

* Ensure add_socketread() doesn't leak file descriptors. (caf)

* Fix listing bans on local channels (/BANS &channel). (flashback)

* Fix unbanning by number (/UNBAN #channel #number). (caf)

* Improve the list_channels() function. (caf)

* Use socklen_t instead of plain int where available. (flashback)

* Use <termios.h> in preference to <sys/termios.h> where it's available. (caf)

* Skip malformed abots.sav entries in read_abot(), avoiding null
  dereferences found by Coverity. (flashback)

* Ensure proper handling of % when /FSET DCC is used. (caf)

* Improve robustness of CDCC save file loading. (caf)

* Fix open file leak in /LASTLOG found by Coverity. (caf)

* Fix file descriptor leak on SOCKS4 connection failure found by
  Coverity. (caf)

* Fix out-of-bounds error in cryptit() found by Coverity. (flashback)

* Cleanup save_formats(). (caf)

* Fix off-by-one error in add_socketread() and set_socketwrite() found
  by Coverity. (caf)

* Fix longstanding bug with ordering of rfc1459[] array. (caf)

* Fix crash after /SETAR -, reported by riderplus. (caf)

* Remove special handling of 484 numeric, which is no longer needed and
  was buggy (making BitchX think that usermode +G was set). (caf)

* Add /OBITS command, shows obituaries for some BitchX friends. (caf)

* Fix abuses of the RESIZE macro.  Reported by nenolod. (caf)

* Clears up a crash and some build warnings in the acro plugin. (caf)

* Applied patches from jdhore to clean up the plugin building
  and installing process. (caf)

* Fix building on newer Cygwin (reported by VICODAN). (caf)

* Fix building plugins on FreeBSD-10 (reported by cpet). (caf)

* Messages sent to channels should use lastlog level PUBLIC, not MSG. (caf)

* panasync OK'd releasing tcl.c, so here it is. (caf)

* Fix QUIT messages with SSL connections. (flashback)

* Rename include/bitchx to include/options.h, fixes building on
  case-insensitive platforms. (caf)

* Use AI_ADDRCONFIG flag to improve server address selection when client
  is built for IPv6 but we don't have an IPv6 address. (caf)

* Enable SSL support by default, if OpenSSL is present at build time. (caf)

* Fix leak and potential crash in lame_resolv() using IPv6.  (caf, snadge)

* Apply patch from snadge defining BIND_4_COMPAT on OpenBSD, to allow
  /nslookup to build. (caf)

* Fix problem connecting to IPv4 when IPv6 enabled on FreeBSD and enable
  IPv6 on all supporting platforms. Thanks to brabes, snadge and packet. (caf)

* Improve connect() error handling. (caf)

* Remove obsolete .spec files. (caf)

* configure - only create sig.inc if it's actually needed. (caf)

* configure - use the right dependencies when checking for net/if.h, i
  arpa/inet.h and resolv.h. Reported by flashback. (caf)

* Fix plugin Makefiles for out-of-tree building, reported by nyet. (caf)

* Add DESTDIR support to build system, to ease rpm and deb packaging.
  Reported separately by nyet and VICODAN. (caf)

* Fix /detach and wserv with IPv6 enabled. (caf, snadge, packet)

* Make default for NICK_COMPLETION_CHAR explicit. (caf)

* Reduce footprint when starting up disconnected. (caf)

* Fix /nslookup command (including fixing compilation on cygwin). (caf)

* Improve /detach error handling and remove bogus F_SETOWN use, reported
  by madsage. (caf)

* Add /FSET WHOIS_SECURE for SSL connection info on ratbox, unreal and
  freenode. (caf)

* Add /FSET CHANNEL_URL for services channel URL numeric. (caf)

* Fix crash bug in $mircansi() scripting function. (caf)

* Add half-op support to /topic and /untopic. (caf)

* Tidy up the URL grabber, fixing a memory leak. (caf)

* Cleanup the /BHELP code, fixing a potential crash. Apply updates to
  BitchX.help from t3gah. (caf)

* [1.1s01] Sanity check color codes, fixes a potential crash. (caf)

* Add /FSET USERMODE_OTHER to correctly format user mode changes where the
  source isn't the same as the target, reported by gauze. (caf)

* Improve country() and add several new TLDs, suggested by gauze. (caf)

* Apply fixes from darkfires removing non-standard use of arithmetic on
  void * values, to allow building on Irix. (caf)

* Apply fix from darkfires to allow building with ICC. (caf)

* Show correct message when a socket connection is closed cleanly. (caf)

* Add /FSET WHOIS_CALLERID for +g mode notification on hybrid & ratbox. (caf)

* Build script fix to allow plugins to build on x86-64. (caf)

* Correct count in /CLONES (reported by t3gah), and format output nicely
  using an /fset. (caf)

* Add definition of BIND_8_COMPAT to fix build problem on Mac OS X. (caf)

* Ensure that SHOW_AWAY_ONCE doesn't hide away status in /whois output. (caf)

* Fix the the -z command line option for specifying username. (flashback)

* Fix up /WILN, /WILC and /WILCR. (caf)

* Backport changes from epic5 to make recv_nick, sent_nick and sent_body
  per-server, and apply new version of do_oops from flashback. This means
  that /oops, "/query .", "/query ,", "/msg ." and "/msg ," are per-server,
  along with the $. $, and $B aliases. (caf)

* Handle error return from getcwd() in /cd. (caf)

* Fix alloca warnings on freebsd. (caf)

* Fix memory leak in banlist.c. (caf)

* Apply a fix contributed by cpet for the configure script on
  FreeBSD 9. (caf)

* Fix a refcounting issue in the whowas list handling, which should make
  the listing of users that left in a netsplit right again. (caf)

* Improve argument-handling in /hostname command - now supports doing
  /hostname 2 to switch to second vhost. (caf)

* Change the display of server stats so that the averages (eg. users per
  channel) are correctly rounded. (caf)

* Reinstate RPL_WHOISACTUALLY / RPL_WHOISHOST numerics - things seem to have
  stabilised in the ircd world on this. (caf)

* Fixed two cases where the client was incorrectly deciding that a numeric
  originated from a remote server rather than the local server - this caused
  BitchX to falsely report channel desynch and incorrectly hide some
  numerics. (caf)

* Fixed $servernum() scripting function, it was returning the wrong server
  reference in most cases. (caf)

* [1.1s01] Fixed .cmsg crash reported by zimzum. (caf)

* Changed the defaults for JOIN_NEW_WINDOW_TYPE and QUERY_NEW_WINDOW_TYPE
  so that they work out of the box. (caf)

* Some cleanups in quit message handling, fixed a bug where a quit from an
  unexpected source could crash the client. (caf)

* Cleaned up the handling of channel mode changes a little, including fixing
  buggy handling of certain key and limit mode changes. (caf)

* Fix bug where you got disconnected if the server sent a 464 numeric
  (bad password) that the client wasn't expecting. (caf)

* Add /HOP and /DEHOP commands for halfop. (caf)

* Removed "scan" plugin, this functionality is now covered by /SCAN -stat.
  (caf)

* Change NICKSORT_OP to NICKSORT_STAT (sorts nicks by channel status -
  chanop first, then halops, voices and others).  Added /SCAN -stat
  to sort nicks using NICKSORT_OP.  Removed NICKSORT_VOICE - it was broken
  anyway. (caf)

* Add halfop nick prefix to default status line, and change the voice prefix
  so it appears whether or not you're opped. (caf)

* Add halfop support to $channel() scripting function. (caf)

* Rework /SCAN and /NAMES formatting.  This removes the /FSETs NAMES_BOTCOLOR,
  NAMES_FRIENDCOLOR, NAMES_NICKCOLOR, NAMES_OPCOLOR, NAMES_SHITCOLOR and
  NAMES_VOICECOLOR and replaces them with new /FSETs. (caf)

* Add $ishalfop(<nick> <channel) scripting function, just like the
  existing function in EPIC. (caf)

* Fix four bugs in the /FE scripting function. (caf)

* Fix incompatibility with 64-bit platforms. (caf)

* Fix module load version check logic. (caf)

* [1.1s01] Cleanups to allow compiling with new gcc releases. (caf)

* [1.1s01] Fix configure check for termcap.h. (caf)

* [1.1s01] Re-implement code to find available vhost addresses
  (CVE-2007-5839). (caf)

* [1.1s01] Fix test for GCC >= 2.7 - fixes compiling on S390 platform. (caf)

* [1.1s01] Improve buffer handling in convert_output_format_raw
  (CVE-2007-4584). (caf)

* [1.1s01] Handle negative numerics correctly (CVE-2007-3360). (caf)

(kamil)

Improve COMMENT (expand XMP)

(wiz)

Pullup ticket #4820.

(bsiegert)

Pullup ticket #4820 - requested by ryoon
emulators/qemu: security fix

Revisions pulled up:
- emulators/qemu/Makefile                                      1.144
- emulators/qemu/distinfo                                      1.106

---
  Module Name:    pkgsrc
  Committed By:  ryoon
  Date:          Fri Sep 25 14:57:59 UTC 2015

  Modified Files:
          pkgsrc/emulators/qemu: Makefile distinfo

  Log Message:
  Update to 2.4.0.1

  Changelog:
  * net: avoid infinite loop when receiving packets(CVE-2015-5278)

  Ne2000 NIC uses ring buffer of NE2000_MEM_SIZE(49152)
  bytes to process network packets. While receiving packets
  via ne2000_receive() routine, a local 'index' variable
  could exceed the ring buffer size, leading to an infinite
  loop situation.

  Reported-by: Qinghao Tang <luodalongde@gmail.com>
  Signed-off-by: P J P <pjp@fedoraproject.org>
  Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
  (cherry picked from commit 737d2b3c41d59eb8f94ab7eb419b957938f24943)
  Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>

  * net: add checks to validate ring buffer pointers(CVE-2015-5279)

  Ne2000 NIC uses ring buffer of NE2000_MEM_SIZE(49152)
  bytes to process network packets. While receiving packets
  via ne2000_receive() routine, a local 'index' variable
  could exceed the ring buffer size, which could lead to a
  memory buffer overflow. Added other checks at initialisation.

  Reported-by: Qinghao Tang <luodalongde@gmail.com>
  Signed-off-by: P J P <pjp@fedoraproject.org>
  Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
  (cherry picked from commit 9bbdbc66e5765068dce76e9269dce4547afd8ad4)
  Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>

  * e1000: Avoid infinite loop in processing transmit descriptor (CVE-2015-6815)

  While processing transmit descriptors, it could lead to an infinite
  loop if 'bytes' was to become zero; Add a check to avoid it.

  [The guest can force 'bytes' to 0 by setting the hdr_len and mss
  descriptor fields to 0.
  --Stefan]

  Signed-off-by: P J P <pjp@fedoraproject.org>
  Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
  Reviewed-by: Thomas Huth <thuth@redhat.com>
  Message-id: 1441383666-6590-1-git-send-email-stefanha@redhat.com
  (cherry picked from commit b947ac2bf26479e710489739c465c8af336599e7)
  Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>

  * vnc: fix memory corruption (CVE-2015-5225)

  The _cmp_bytes variable added by commit "bea60dd ui/vnc: fix potential
  memory corruption issues" can become negative.  Result is (possibly
  exploitable) memory corruption.  Reason for that is it uses the stride
  instead of bytes per scanline to apply limits.

  For the server surface is is actually fine.  vnc creates that itself,
  there is never any padding and thus scanline length always equals stride.

  For the guest surface scanline length and stride are typically identical
  too, but it doesn't has to be that way.  So add and use a new variable
  (guest_ll) for the guest scanline length.  Also rename min_stride to
  line_bytes to make more clear what it actually is.  Finally sprinkle
  in an assert() to make sure we never use a negative _cmp_bytes again.

  Reported-by: 范祚至(库特) <zuozhi.fzz@alibaba-inc.com>
  Reviewed-by: P J P <ppandit@redhat.com>
  Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
  (cherry picked from commit eb8934b0418b3b1d125edddc4fc334a54334a49b)
  Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>

(bsiegert)

Added x11/arandr version 0.1.8

(kamil)

Pullup ticket #4818.

(bsiegert)

Pullup ticket #4818 - requested by taca
net/ruby-userstream: correct dependency

Revisions pulled up:
- net/ruby-userstream/Makefile                                  1.6

---
  Module Name: pkgsrc
  Committed By: taca
  Date: Sun Sep 27 04:11:36 UTC 2015

  Modified Files:
  pkgsrc/net/ruby-userstream: Makefile

  Log Message:
  Correct dependency to textproc/ruby-yajl; do not override gemspec yajl
  but yajl-ruby.  Fix run time problem of ruby-tw.

  Bump PKGREVISION.

(bsiegert)

+arandr

(kamil)

Import arandr-0.1.8 as x11/arandr

ARandR is designed to provide a simple visual front end for XRandR.
Relative monitor positions are shown graphically
and can be changed in a drag-and-drop way.

(kamil)

Revert previous.

This warning isn't supposed to fire on macro code, so this is either
something subtly odd in pkgin or broken in OS X's clang.  This still
needs fixing, but in a way that's more limited to the problematic
platform.

(gdt)

Updated multimedia/mpv to 0.11.0

(leot)

Update multimedia/mpv to mpv-0.11.0.

Changes:
Features
========
New
---
  * vo_opengl: implement debanding

Removed
-------
  * audio/filter: remove center, extrastereo, karaoke, sinesuppress, sub,
    surround, sweep, ladspa, hrtf, export and bs2b filters (these are either
    considered useless or have replacements in lavfi)
  * video/filter: remove lavfi wrappers for noise, hqdn3d, unsharp and delogo
    (these filters remain usable through lavfi)

Behavior
--------
  * vo_opengl: require FBOs by default (use dumb-mode suboption for old
    hardware and broken drivers)
  * vo_opengl: enable debanding by default for the opengl-hq preset
  * audio/out: use new sample format determination code
  * player: prefer logical current directory path (affects logic for resuming
    playback)
  * vf_vdpaurb: Pass through non-hardware-decoded content
  * player: make force-window=immediate work in auto-profiles

Options and Commands
====================
Added
-----
  * af_lavrresample: add normalize suboption
  * vo_opengl: add deband, deband-iterations, deband-threshold, deband-range
    and deband-grain suboptions
  * af_lavfi: implement af-metadata property (like vf-metadata) (#2311)

Changed
-------
  * command: make "add 0" not change the value

Removed
-------
  * vo_opengl: remove source-shader suboption

Fixes and Minor Enhancements
============================
  * options: fix --no-config
  * cache: do not include backbuffer size in total stream cache size (#2305)
  * audio/format: actually prefer float over double sample format for int->
    float conversions
  * audio/format: fix interlaved vs. non-interleaved conversions
  * audio/format: revise format conversion scoring
  * video: make --field-dominance set interlaced flag (#2289)
  * vf: vf_stereo3d compilation depends on libavfilter
  * vf_yadif: add hack for Libav compatibility (#2335)
  * player: add opus to list of external audio file extensions (#2336)
  * build: allow disabling vapoursynth completely
  * libmpv/win32: allow multiple windows at the same time (#2319)

(leot)

pullup 4815

(spz)

Pullup ticket #4815 - requested by ryoon
www/firefox: build fix

Revisions pulled up:
- www/firefox/mozilla-common.mk                                1.63

-------------------------------------------------------------------
  Module Name: pkgsrc
  Committed By: ryoon
  Date: Thu Sep 24 22:36:27 UTC 2015

  Modified Files:
  pkgsrc/www/firefox: mozilla-common.mk

  Log Message:
  Fix NetBSD/i386 build.
  flag for c++ compiler is CXXFLAGS.

  To generate a diff of this commit:
  cvs rdiff -u -r1.62 -r1.63 pkgsrc/www/firefox/mozilla-common.mk

(spz)

Fix fallout for native X.org users; don't buildlink packages which do
not have the appropriate builtin.mk handling. Should be fixed differently
when native X.org catches up.

(tnn)

added x11/xtrace

(tnn)

Import xtrace-1.3.1 as x11/xtrace.
(from pkgsrc-wip, originally packaged by reed@)

Xtrace fakes an X server and forwards all connections to a real X
server, displaying the communication between clients.  It prints
the requests going from client to server and the replies, events
and errors going the other way.

(tnn)

remove games/foobillard (dead homepage and master site) and instead add
games/foobillardplus which is a continuation of the old code by a new
maintainer.

(tnn)

GC devel/librsync, superseded by net/librsync.

(joerg)

Removed devel/librsync

(joerg)

Pullup ticket #4817 - requested by dholland
sysutils/findutils: build fix

Revisions pulled up:
- sysutils/findutils/distinfo                                  1.17
- sysutils/findutils/patches/patch-gnulib_lib_getdate.y        1.1

---
  Module Name: pkgsrc
  Committed By: dholland
  Date: Sat Sep 26 18:49:50 UTC 2015

  Modified Files:
  pkgsrc/sysutils/findutils: distinfo
  Added Files:
  pkgsrc/sysutils/findutils/patches: patch-gnulib_lib_getdate.y

  Log Message:
  Remove wrong compile-time assertion about the size of time_t. (I'm
  sure this wrong code has popped up before, but I can't find any other
  patches for it in pkgsrc right now.) PR 50273.

(bsiegert)

Pullup ticket #4817 - requested by dholland
sysutils/findutils: build fix

Revisions pulled up:
- sysutils/findutils/distinfo                                  1.17
- sysutils/findutils/patches/patch-gnulib_lib_getdate.y        1.1

---
  Module Name: pkgsrc
  Committed By: dholland
  Date: Sat Sep 26 18:49:50 UTC 2015

  Modified Files:
  pkgsrc/sysutils/findutils: distinfo
  Added Files:
  pkgsrc/sysutils/findutils/patches: patch-gnulib_lib_getdate.y

  Log Message:
  Remove wrong compile-time assertion about the size of time_t. (I'm
  sure this wrong code has popped up before, but I can't find any other
  patches for it in pkgsrc right now.) PR 50273.

(bsiegert)

Update fengoffice to 3.2.2.1.

Changes are too many to write here, please refer readme.txt file.

(taca)

Note update of www/geeklog package to 2.1.0nb2.

(taca)

Tweak geeklog.conf to support mod_authz_core as well as mod_authz_core.

(taca)

Note update of www/fengoffice package to 3.2.2.1.

(taca)

Update pear-Log to 1.12.9.
Release date: 2015-06-14 23:33 UTC

Changelog:

Updating the pear/pear_exception dependency to a stable release.

(taca)

Note ISC DHCP packages to 4.3.3:

net/isc-dhcp4
net/isc-dhclient4
net/isc-dhcpd4
net/isc-dhcrelay4

(taca)