Update to 4.12.1:

Release 4.12.1
Fixed critical bug preventing the use of panel plugin due to wrong name.

Release 4.12.0
Mainly translation updates.

(youri)

Updated sysutils/xfce4-xkb-plugin to 0.7.1

(youri)

Update to 0.7.1:
2015-02-27 18:29
    * New version 0.7.1 - to be used with xfce4-settings 4.11 or later;
      do *not* use this version with XFCE 4.8 or 4.10, it won't work!
    * Many translation updates
    * Fix crash in xkb_util_normalize_group_name
    * Add Montenegrin flag; add el.svg as a synonym for gr.svg

(youri)

Updated www/p5-Mojolicious to 6.12

(wen)

Updated multimedia/ffmpeg2 to 2.7.1; graphics/lensfun to 0.3.1

(adam)

Update to 6.12

Upstream changes:
6.12  2015-06-18
  - Welcome to the Mojolicious core team Dan Book.
  - Added TO_JSON method to Mojo::Collection. (wttw)
  - Added find_packages function to Mojo::Loader.
  - Fixed bug in Mojo::Message where multipart content would get downgraded
    unnecessarily.

(wen)

version 2.7.1:
- postproc: fix unaligned access
- avformat: clarify what package needs to be compiled with SSL support
- avcodec/libx264: Avoid reconfig on equivalent aspect ratios
- avcodec/flacenc: Fix Invalid Rice order
- tls_gnutls: fix hang on disconnection
- avcodec/hevc_ps: Only discard overread VPS if a previous is available
- ffmpeg: Free last_frame instead of just unref
- avcodec/ffv1enc: fix bps for >8bit yuv when not explicitly set
- avio: fix potential crashes when combining ffio_ensure_seekback + crc
- examples/demuxing_decoding: use properties from frame instead of video_dec_ctx
- h264: er: Copy from the previous reference only if compatible
- doc: fix spelling errors
- configure: only disable VSX for !ppc64el
- ffmpeg_opt: Check for localtime() failure
- avformat/singlejpeg: fix standalone compilation
- configure: Disable VSX on unspecified / generic CPUs
- avformat: Fix bug in parse_rps for HEVC.
- takdec: ensure chan2 is a valid channel index
- avcodec/h264_slice: Use AVFrame dimensions for grayscale handling

(adam)

Release 0.3.1

Lensfun 0.3.1 maintenance release is out with more than 60 new lens profiles and another 30 updated calibrations.

Other changes:

Improved performance when used with 32-bit float image buffers
Introduced automated testing
lensfun-update-data now also works without root privileges
Fixed autoscaling for panoramic and equirectangular projections

(adam)

Updated sysutils/logrotate to 0.9.1

(nils)

Updated to version 3.9.1. Changelog :
3.9.0 -> 3.9.1
- Fix off-by-one error which can lead to crash when copytruncate is used.
3.8.9 -> 3.9.0
- Fix crash when using long dateformat. [nmerdan]
- Add support for %H dateformat. [czchen]
- Fix regression introduced in 3.8.9 when when rotating multiple
  logs when one of them is missing.
- In the debug mode, do not skip the code-path which handles the case when
  the last rotation does not exist. [Sergey Vidishev]
- Show more precise description when "log does not need rotating".\
- Add new -l option to log verbose output to file. The file is overwritten
  on every logrotate execution.
- Allow rotation of sparse files with copytruncate.

PKgsrc changes :
Switched from old Makefile to new building procedure, using autogen,
configure and (g)make, which was introduced in version 3.8.8.
The new patch file contains a workaround to get the new building procedure
working.

(nils)

regen

(ryoon)

Updated sysutils/xfce4-diskperf-plugin to 2.5.5

(youri)

Update to 2.5.5 (2015/3/3):
-----------------
* Use the new GtkTooltip API
* Fix a memory leak in the FreeBSD codepath (#11153)
* Add support for FreeBSD (bug #10350)
* New translations: th, ms, bg, oc, hr, en_AU, sr
* Updated translations: ar, ast, bg, cs, de, es, fr, it,
  hr, hu. ko, nb, nl, ug, pl, sv, tr, zh_CN, zh_TW

(youri)

Updated x11/xf86-input-vmmouse to 13.1.0

(wiz)

Update to 13.1.0 (all new patches have already been accepted upstream):

This release is intended for general distro inclusion,
Testing has been performed on various linux distros, FreeBSD 10.1 and
Solaris 11.2.

This release contains a number of build fixes and also changes to deal with
improved vmmouse port security and backoff if a vmmouse kernel module is
encountered. An additional dependency on libudev is introduced on linux.

Note that if the new linux 4.1 vmmouse functionality is used, the user-space
xf86-input-vmmouse driver can be skipped. Distros that want to keep the
xf86-input-vmmouse driver as a backup should *not* use any version prior to
13.0.99 since those versions would compete with the in-kernel vmmouse driver
for mouse input.

13.1.0:
Thomas Hellstrom (1):
      Bump version number for release

13.0.99:

Gaetan Nadon (6):
      Autoconf: remove AC_PROG_CC which overrides AC_PROG_CC_C99 from util-macros
      Autoconf: replace deprecated AC_HELP_STRING with AS_HELP_STRING
      Autoconf: minimum level required is 2.60
      Autoconf: Fix deprecated use of AC_OUTPUT
      "make dist" fails when workstation has no udev package
      tools: make install fails when user has no write permission in /lib

Jeremy Huddleston Sequoia (1):
      Always include config.h first

Lo誰c Yhuel (1):
      Fix wheel button labels

Peter Hutterer (4):
      Free the vmmouse data on UnInit
      Handle DEVICE_ABORT on ABI 19.1
      Don't de-reference pMse if it hasn't been initialised yet
      Drop AM_MAINTAINER_MODE

Stefan Dirsch (1):
      vmmouse_client.h: Include xorg-server.h before xf86_OSproc.h

Thomas Hellstrom (5):
      Back off if we detect a vmmouse kernel driver v3
      vmmouse: Run vmmouse_detect as an io privileged process
      vmmouse: Add support for the access restrict command
      vmmouse: Fix vmmouse_detect build on BSD
      vmmouse: Bump version number for release

(wiz)

Updated time/p5-DateTime-TimeZone to 1.92

(wiz)

Update to 1.92:

1.92    2015-06-22

- This distro now depends on DateTime::TimeZone::Local::Win32 when it is being
  installed on a Windows OS. This should lead to a better experience for
  Windows users. Requested by Matthew Horsfall and Karen Etheridge. RT
  #103275.

(wiz)

Updated mail/p5-Net-SMTP-SSL to 1.03

(wiz)

Update to 1.03:

1.03    2015-06-20

  - $net_smtp_ssl->isa('Net::SMTP') is now true

(wiz)

Updated www/p5-CGI to 4.21

(wiz)

Update to 4.21:

4.21 2015-06-16
- Fix regression of tmpFileName when calling with a plain string (GH #178,
  thanks to Simon McVittie for the report and fix)

(wiz)

Updated x11/modular-xorg-server to 1.17.2

(wiz)

Update to 1.17.2:

This picks up a pile of fixes from master.  Notable highlights:

- Fix for CVE-2015-3164 in Xwayland
- Fix int10 setup for vesa
- Fix regression in server-interpreted auth
- Fix fb setup on big-endian CPUs
- Build fix for for gcc5

Complete changelog:

Aaron Plattner (2):
      xfree86: Fix xf86_check_platform_slot's handling of PCI
      xfree86: Add GPU screens even if there are no active GDevs

Adam Jackson (1):
      xserver 1.17.2

Adel Gadllah (1):
      modesetting: Fix software cursor fallback

Alan Coopersmith (2):
      Clear ListenTransConns entries in CloseWellKnownConnections
      Accept x86_64 as well as i*86 for $host_cpu in Solaris on x86

Brent Collins (1):
      shm: Fix xselinux resource initialization for xinerama pixmaps

Chris Wilson (2):
      shm: Fix use-after-free in ShmDestroyPixmap
      present: Copy unflip contents back to the Screen Pixmap

Colin Harrison (2):
      os/xdmcp.c: Include Xtrans.h when building for WIN32
      os/utils.c: Don't try to build os_move_fd() for WIN32

Dave Airlie (2):
      os/access: fix regression in server interpreted auth
      glamor: don't do render ops with matching source/dest (v2)

Dima Ryazanov (1):
      xwayland: Implement smooth scrolling

Egbert Eich (6):
      symbols: Fix sdksyms.sh to cope with gcc5
      Xephyr: Don't crash when no command line argument is specified
      Xephyr: Print default server display number if none is specified
      Xephyr: Fix compile when debugging is enabled
      Xephyr: Fix screen image draw for the non-Glamor & non-XHSM case
      Xephyr: Fix broken image when endianess of client machine and host-Xserver differ

Emil Velikov (2):
      randr: remove chatty error messages
      randr: use randr: prefix in ErrorF()

Hans de Goede (1):
      Re-enable non serverfd input devices immediately on vtenter

Jason Gerecke (2):
      xfree86: Return NULL from xf86CompatOutput if no compat_output is defined
      dix: Do not allow device transform to be set on valuatorless devices

Jon TURNEY (9):
      ephyr: Avoid a segfault with 'DISPLAY= Xephy -glamor'
      os: XDMCP options like -query etc. should imply -listen tcp
      os: Teach vpnprintf() how to handle "%*.*s"
      hw/xwin/glx: Refactor parsing of the <proto> XML element
      hw/xwin/glx: Improve code generator to deal with latest Khronos OpenGL registry XML
      hw/xwin: Report Cygwin version information in log
      glamor: Fix build when configured --enable-glamor --disable-xshmfence
      hw/xwin/winclipboard: Link xwinclip with -lpthread
      hw/xnest: Fix build for MinGW

Jonathan Gray (2):
      glamor: remove const from the return type of glamor_get_drawable_location()
      glamor: fix build when DRI3 is not defined

J端rg Billeter (1):
      int10: Fix error check for pci_device_map_legacy

Keith Packard (1):
      mi: Partial pie-slice filled arcs may need more space for spans

Maarten Lankhorst (4):
      glamor: only use (un)pack_subimage when available
      glamor: do not check for gl errors in glamor_build_program
      glamor: Use GL_FRAMEBUFFER instead of GL_READ_FRAMEBUFFER
      glamor: GL_TEXTURE_MAX_LEVEL is not available on GLES2

Michal Srb (1):
      Expose GetMaster to modules.

Michel D辰nzer (2):
      Add AC_SYS_LARGEFILE defines to dix-config.h
      modesetting: Include dix-config.h from dumb_bo.c

Olivier Fourdan (4):
      ephyr: Fail if glamor is requested but not usable
      xwayland: Add dependency on glamor libs
      glamor: check max native ALU instructions
      dix: Fix image byte order on big endian hardware

Ray Strode (5):
      systemd-logind: filter out non-signal messages from message filter
      systemd-logind: don't second guess D-Bus default timeout
      xwayland: Enable access control on open sockets [CVE-2015-3164 1/3]
      os: support new implicit local user access mode [CVE-2015-3164 2/3]
      xwayland: default to local user if no xauth file given. [CVE-2015-3164 3/3]

Robert Ancell (1):
      xwayland: Fix error strings

Rui Matos (2):
      dix/events: Set currentTime to the given time stamp in NoticeTime
      xwayland: Throttle our cursor surface updates with a frame callback

Vicente Olivert Riera (1):
      backtrace.c: Fix word cast to a pointer

(wiz)

Updated x11/xf86-video-vesa to 2.3.4

(wiz)

Update to 2.3.4:

Minor update to fix PanelID support.  The minimum xserver version is
now 1.6; if you haven't updated your xserver in the last six years, now
would be a good time.

Adam Jackson (3):
      configure: Drop PanelID test
      Don't include deprecated xf86PciInfo.h
      vesa 2.3.4

Alan Coopersmith (1):
      Raise required version of xorg-server to >= 1.6

(wiz)

Rename MASTER_SITE_SOURCEFORGE_JP to MASTER_SITE_OSDN.
sourceforge.jp is renamed to osdn.jp.
However its mirror sites are not ready for osdn.jp.

(ryoon)

Updated net/xfce4-wavelan-plugin to 0.5.12

(youri)

Update to 0.5.12.

(youri)

Updated x11/xfce4-garcon to 0.5.0

(youri)

Update to 0.5.0, this bring a new dependency; gtk3.

(youri)

Updated x11/xfce4-places-plugin to 1.7.0

(youri)

Update to 1.7.0.

(youri)

Updated x11/xfce4-eyes-plugin to 4.4.4

(youri)

Update to 4.4.4.

(youri)

Updated x11/xfce4-exo to 0.10.6

(youri)

Update to 0.10.6.

(youri)

Updated x11/xfce4-desktop to 4.12.2

(youri)

Update to 4.12.2.

(youri)

Updated wm/xfce4-wm to 4.12.3

(youri)

Update to 4.12.3.

(youri)

Updated sysutils/xfce4-fsguard-plugin to 1.0.2

(youri)

Update to 1.0.2

(youri)

Updated multimedia/xfce4-mpc-plugin to 0.4.5

(youri)

Update to 0.4.5.

(youri)

Spell --export-dynamic correctly. Do not use gethostbyname_r on NetBSD.
Bump revision.

(joerg)

Mention freeze end.

(wiz)

Fix build of tcl-pdflib against TCL 8.6.

(joerg)

Explicitly restrict upper version, ghc and ghc7 have incompatible
buildlink3.mk files.

(joerg)

Note update of php packages:

lang/php54 5.4.42nb1
lang/php55 5.5.26nb1
lang/php56 5.6.10nb1

(taca)

Add fix to https://bugs.php.net/bug.php?id=69737.

Bump PKGREVISION.

(taca)

Add fix to https://bugs.php.net/bug.php?id=69737.

Bump PKGREVISION.

(taca)

Add fix to https://bugs.php.net/bug.php?id=69737.

Bump PKGREVISION.

(taca)

Reset maintainer.

(wiz)

+ colordiff-1.0.15, cups-filters-1.0.70, digikam-4.11, erlang-18.0,
  gcc48-4.8.5, git-base-2.4.5, gtexinfo-6.0, libetonyek-0.1.3,
  liblangtag-0.5.7, mame-0.163, mono-4.0.2.5, musicpd-0.19.10,
  pango-1.37.1, pspp-0.8.5, py-setuptools-18.0.1, py-test-2.7.2,
  raine-0.64.5, socat-1.7.3.0 [pkg/49996], waf-1.8.11, x264-devel-20150627,
  xf86-input-vmmouse-13.1.0 [wiz].

(wiz)

Adjust perl script for 5.22 fallout.

Now, if defined(%foo) is an error, and one must use if %foo.

(gdt)

Not MAKE_JOBS_SAFE.

(joerg)

Needs pdftex.

(joerg)

Tighten JVM_MAX_HEAP used during the build to 800MB, so that the build
will work comfortable within a 2GB limit.

(joerg)

Explicitly specify build system type, so that Module::Build::Compat is
not tried.

(joerg)

Kill a symlink from the distfile that prevents build with Perl 5.22.

(joerg)

MirBSD also has SHA1Init() in libc.

Pointed out by bsiegert@

(sevan)

Fix missing config directory during build.

(joerg)

Fix build with Perl 5.22.

(joerg)

Disable register use warning for clang, gperf still has no way to create
modern code without such nonsense. Fix definition inconsistency.

(joerg)

xracer

(dholland)

Depends on netpbm. PKGREVISION -> 18

(dholland)

Pass -freal-loops if the compiler is clang or gcc. This does not fix
the build, but it gets further now.

(dholland)

Add oracle-jdk8 to the accepted list.

NB: I'm not game enough to do it in the freeze, but it looks like the
JVM version detection patching could be removed - it appears no longer
necessary now that Pkgsrc passes in the correct RXTX_PATH and JHOME_PATH
itself.  At any rate, adding version 8 is not required for the oracle-jdk8
build to complete smoothly.

(dsainty)

Fix configure stage error when both of -apache-mpm-event and
-apache-mpm-worker is set.
And fix PLIST mismatch error.

(ryoon)

Updated devel/py-astor to 0.5

(rodent)

0.5    -- Added support for Python 3.5 infix matrix
          multiplication

(rodent)

Updated databases/py-python-sql to 0.7

(rodent)

Version 0.7 - 2015-05-19
* Fix WINDOW and HAVING params order in Select
* Add window functions
* Add filter and within group to aggregate
* Add limitstyle with 'offset' and 'limit'
* Add Lateral

(rodent)

Updated converters/py-cairosvg to 1.0.15

(rodent)

Version 1.0.15, released on 2015-06-22
======================================

* Use xMidYMid as default preserveAspectRatio value

Version 1.0.14, released on 2015-06-02
======================================

* Support the shape-rendering property

Version 1.0.13, released on 2015-02-26
======================================

* Fix end markers

Version 1.0.12, released on 2015-02-26
======================================

* Don't crash when paths with markers end with a move_to action

Version 1.0.11, released on 2015-02-11
======================================

* Allow commas in viewboxes

Version 1.0.10, released on 2015-02-09
======================================

* Allow quotes around font names

(rodent)

Attempt to fix various build issues:

- Explicitly disable samba-regedit for now, it is built depending on
  various curses characteristics that we do not currently support.

- Avoid epoll implementation on SmartOS.

- Pull in Active Directory and LDAP options from net/samba, LDAP support
  is dynamically configured and we need to ensure that, if enabled, we
  correctly pull in openldap.  The SunOS native LDAP is missing some TLS
  functions that Samba depends upon.

Tested with various PKG_OPTIONS combinations, fixes build on SmartOS.

(jperkin)

Always use current system version SDK avoiding future SDKs, because this makes unuable binaries; use ksh as wrapper script on newer systems as well

(adam)

+nginx-devel-1.9.2 - for whomever cares about this.

(rodent)

Updated www/nginx to 1.8.0

(rodent)

Update to latest stable. Resolves CVE-2014-3616. From CHANGELOG:

Changes with nginx 1.8.0                                        21 Apr 2015
    *) 1.8.x stable branch.

Changes with nginx 1.7.12                                        07 Apr 2015
    *) Feature: now the "tcp_nodelay" directive works with backend SSL
      connections.
    *) Feature: now thread pools can be used to read cache file headers.
    *) Bugfix: in the "proxy_request_buffering" directive.
    *) Bugfix: a segmentation fault might occur in a worker process when
      using thread pools on Linux.
    *) Bugfix: in error handling when using the "ssl_stapling" directive.
    *) Bugfix: in the ngx_http_spdy_module.

Changes with nginx 1.7.11                                        24 Mar 2015
    *) Change: the "sendfile" parameter of the "aio" directive is
      deprecated; now nginx automatically uses AIO to pre-load data for
      sendfile if both "aio" and "sendfile" directives are used.
    *) Feature: experimental thread pools support.
    *) Feature: the "proxy_request_buffering", "fastcgi_request_buffering",
      "scgi_request_buffering", and "uwsgi_request_buffering" directives.
    *) Feature: request body filters experimental API.
    *) Feature: client SSL certificates support in mail proxy.
    *) Feature: startup speedup when using the "hash ... consistent"
      directive in the upstream block.
    *) Feature: debug logging into a cyclic memory buffer.
    *) Bugfix: in hash table handling.
    *) Bugfix: in the "proxy_cache_revalidate" directive.
    *) Bugfix: SSL connections might hang if deferred accept or the
      "proxy_protocol" parameter of the "listen" directive were used.
    *) Bugfix: the $upstream_response_time variable might contain a wrong
      value if the "image_filter" directive was used.
    *) Bugfix: in integer overflow handling.
    *) Bugfix: it was not possible to enable SSLv3 with LibreSSL.
    *) Bugfix: the "ignoring stale global SSL error ... called a function
      you should not call" alerts appeared in logs when using LibreSSL.
    *) Bugfix: certificates specified by the "ssl_client_certificate" and
      "ssl_trusted_certificate" directives were inadvertently used to
      automatically construct certificate chains.

Changes with nginx 1.7.10                                        10 Feb 2015
    *) Feature: the "use_temp_path" parameter of the "proxy_cache_path",
      "fastcgi_cache_path", "scgi_cache_path", and "uwsgi_cache_path"
      directives.
    *) Feature: the $upstream_header_time variable.
    *) Workaround: now on disk overflow nginx tries to write error logs once
      a second only.
    *) Bugfix: the "try_files" directive did not ignore normal files while
      testing directories.
    *) Bugfix: alerts "sendfile() failed" if the "sendfile" directive was
      used on OS X; the bug had appeared in 1.7.8.
    *) Bugfix: alerts "sem_post() failed" might appear in logs.
    *) Bugfix: nginx could not be built with musl libc.
    *) Bugfix: nginx could not be built on Tru64 UNIX.

Changes with nginx 1.7.9                                        23 Dec 2014
    *) Feature: variables support in the "proxy_cache", "fastcgi_cache",
      "scgi_cache", and "uwsgi_cache" directives.
    *) Feature: variables support in the "expires" directive.
    *) Feature: loading of secret keys from hardware tokens with OpenSSL
      engines.
    *) Feature: the "autoindex_format" directive.
    *) Bugfix: cache revalidation is now only used for responses with 200
      and 206 status codes.
    *) Bugfix: the "TE" client request header line was passed to backends
      while proxying.
    *) Bugfix: the "proxy_pass", "fastcgi_pass", "scgi_pass", and
      "uwsgi_pass" directives might not work correctly inside the "if" and
      "limit_except" blocks.
    *) Bugfix: the "proxy_store" directive with the "on" parameter was
      ignored if the "proxy_store" directive with an explicitly specified
      file path was used on a previous level.
    *) Bugfix: nginx could not be built with BoringSSL.

Changes with nginx 1.7.8                                        02 Dec 2014
    *) Change: now the "If-Modified-Since", "If-Range", etc. client request
      header lines are passed to a backend while caching if nginx knows in
      advance that the response will not be cached (e.g., when using
      proxy_cache_min_uses).
    *) Change: now after proxy_cache_lock_timeout nginx sends a request to a
      backend with caching disabled; the new directives
      "proxy_cache_lock_age", "fastcgi_cache_lock_age",
      "scgi_cache_lock_age", and "uwsgi_cache_lock_age" specify a time
      after which the lock will be released and another attempt to cache a
      response will be made.
    *) Change: the "log_format" directive can now be used only at http
      level.
    *) Feature: the "proxy_ssl_certificate", "proxy_ssl_certificate_key",
      "proxy_ssl_password_file", "uwsgi_ssl_certificate",
      "uwsgi_ssl_certificate_key", and "uwsgi_ssl_password_file"
      directives.
    *) Feature: it is now possible to switch to a named location using
      "X-Accel-Redirect".
    *) Feature: now the "tcp_nodelay" directive works with SPDY connections.
    *) Feature: new directives in vim syntax highliting scripts.
    *) Bugfix: nginx ignored the "s-maxage" value in the "Cache-Control"
      backend response header line.
    *) Bugfix: in the ngx_http_spdy_module.
    *) Bugfix: in the "ssl_password_file" directive when using OpenSSL
      0.9.8zc, 1.0.0o, 1.0.1j.
    *) Bugfix: alerts "header already sent" appeared in logs if the
      "post_action" directive was used; the bug had appeared in 1.5.4.
    *) Bugfix: alerts "the http output chain is empty" might appear in logs
      if the "postpone_output 0" directive was used with SSI includes.
    *) Bugfix: in the "proxy_cache_lock" directive with SSI subrequests.

Changes with nginx 1.7.7                                        28 Oct 2014

    *) Change: now nginx takes into account the "Vary" header line in a
      backend response while caching.
    *) Feature: the "proxy_force_ranges", "fastcgi_force_ranges",
      "scgi_force_ranges", and "uwsgi_force_ranges" directives.
    *) Feature: the "proxy_limit_rate", "fastcgi_limit_rate",
      "scgi_limit_rate", and "uwsgi_limit_rate" directives.
    *) Feature: the "Vary" parameter of the "proxy_ignore_headers",
      "fastcgi_ignore_headers", "scgi_ignore_headers", and
      "uwsgi_ignore_headers" directives.
    *) Bugfix: the last part of a response received from a backend with
      unbufferred proxy might not be sent to a client if "gzip" or "gunzip"
      directives were used.
    *) Bugfix: in the "proxy_cache_revalidate" directive.
    *) Bugfix: in error handling.
    *) Bugfix: in the "proxy_next_upstream_tries" and
      "proxy_next_upstream_timeout" directives.
    *) Bugfix: nginx/Windows could not be built with MinGW-w64 gcc.

Changes with nginx 1.7.6                                        30 Sep 2014

    *) Change: the deprecated "limit_zone" directive is not supported
      anymore.
    *) Feature: the "limit_conn_zone" and "limit_req_zone" directives now
      can be used with combinations of multiple variables.
    *) Bugfix: request body might be transmitted incorrectly when retrying a
      FastCGI request to the next upstream server.
    *) Bugfix: in logging to syslog.
Changes with nginx 1.7.5                                        16 Sep 2014

    *) Security: it was possible to reuse SSL sessions in unrelated contexts
      if a shared SSL session cache or the same TLS session ticket key was
      used for multiple "server" blocks (CVE-2014-3616).
    *) Change: now the "stub_status" directive does not require a parameter.
    *) Feature: the "always" parameter of the "add_header" directive.
    *) Feature: the "proxy_next_upstream_tries",
      "proxy_next_upstream_timeout", "fastcgi_next_upstream_tries",
      "fastcgi_next_upstream_timeout", "memcached_next_upstream_tries",
      "memcached_next_upstream_timeout", "scgi_next_upstream_tries",
      "scgi_next_upstream_timeout", "uwsgi_next_upstream_tries", and
      "uwsgi_next_upstream_timeout" directives.
    *) Bugfix: in the "if" parameter of the "access_log" directive.
    *) Bugfix: in the ngx_http_perl_module.
    *) Bugfix: the "listen" directive of the mail proxy module did not allow
      to specify more than two parameters.
    *) Bugfix: the "sub_filter" directive did not work with a string to
      replace consisting of a single character.
    *) Bugfix: requests might hang if resolver was used and a timeout
      occurred during a DNS request.
    *) Bugfix: in the ngx_http_spdy_module when using with AIO.
    *) Bugfix: a segmentation fault might occur in a worker process if the
      "set" directive was used to change the "$http_...", "$sent_http_...",
      or "$upstream_http_..." variables.
    *) Bugfix: in memory allocation error handling.

Changes with nginx 1.7.4                                        05 Aug 2014

    *) Security: pipelined commands were not discarded after STARTTLS
      command in SMTP proxy (CVE-2014-3556); the bug had appeared in 1.5.6.
    *) Change: URI escaping now uses uppercase hexadecimal digits.
    *) Feature: now nginx can be build with BoringSSL and LibreSSL.
    *) Bugfix: requests might hang if resolver was used and a DNS server
      returned a malformed response; the bug had appeared in 1.5.8.
    *) Bugfix: in the ngx_http_spdy_module.
    *) Bugfix: the $uri variable might contain garbage when returning errors
      with code 400.
    *) Bugfix: in error handling in the "proxy_store" directive and the
      ngx_http_dav_module.
    *) Bugfix: a segmentation fault might occur if logging of errors to
      syslog was used; the bug had appeared in 1.7.1.
    *) Bugfix: the $geoip_latitude, $geoip_longitude, $geoip_dma_code, and
      $geoip_area_code variables might not work.
    *) Bugfix: in memory allocation error handling.

Changes with nginx 1.7.3                                        08 Jul 2014
    *) Feature: weak entity tags are now preserved on response
      modifications, and strong ones are changed to weak.
    *) Feature: cache revalidation now uses If-None-Match header if
      possible.
    *) Feature: the "ssl_password_file" directive.
    *) Bugfix: the If-None-Match request header line was ignored if there
      was no Last-Modified header in a response returned from cache.
    *) Bugfix: "peer closed connection in SSL handshake" messages were
      logged at "info" level instead of "error" while connecting to
      backends.
    *) Bugfix: in the ngx_http_dav_module module in nginx/Windows.
    *) Bugfix: SPDY connections might be closed prematurely if caching was
      used.

Changes with nginx 1.7.2                                        17 Jun 2014
    *) Feature: the "hash" directive inside the "upstream" block.
    *) Feature: defragmentation of free shared memory blocks.
    *) Bugfix: a segmentation fault might occur in a worker process if the
      default value of the "access_log" directive was used; the bug had
      appeared in 1.7.0.
    *) Bugfix: trailing slash was mistakenly removed from the last parameter
      of the "try_files" directive.
    *) Bugfix: nginx could not be built on OS X in some cases.
    *) Bugfix: in the ngx_http_spdy_module.

Changes with nginx 1.7.1                                        27 May 2014
    *) Feature: the "$upstream_cookie_..." variables.
    *) Feature: the $ssl_client_fingerprint variable.
    *) Feature: the "error_log" and "access_log" directives now support
      logging to syslog.
    *) Feature: the mail proxy now logs client port on connect.
    *) Bugfix: memory leak if the "ssl_stapling" directive was used.
    *) Bugfix: the "alias" directive used inside a location given by a
      regular expression worked incorrectly if the "if" or "limit_except"
      directives were used.
    *) Bugfix: the "charset" directive did not set a charset to encoded
      backend responses.
    *) Bugfix: a "proxy_pass" directive without URI part might use original
      request after the $args variable was set.
    *) Bugfix: in the "none" parameter in the "smtp_auth" directive; the bug
      had appeared in 1.5.6.
    *) Bugfix: if sub_filter and SSI were used together, then responses
      might be transferred incorrectly.
    *) Bugfix: nginx could not be built with the --with-file-aio option on
      Linux/aarch64.

Changes with nginx 1.7.0                                        24 Apr 2014
    *) Feature: backend SSL certificate verification.
    *) Feature: support for SNI while working with SSL backends.
    *) Feature: the $ssl_server_name variable.
    *) Feature: the "if" parameter of the "access_log" directive.

(rodent)

Updated net/haproxy to 1.5.12

(rodent)

Update to 1.5.12. Fixes a pile of bugs. From CHANGELOG:

2015/05/02 : 1.5.12
    - BUG/MINOR: ssl: Display correct filename in error message
    - DOC: Fix L4TOUT typo in documentation
    - BUG/MEDIUM: Do not consider an agent check as failed on L7 error
    - BUG/MINOR: pattern: error message missing
    - BUG/MEDIUM: pattern: some entries are not deleted with case insensitive match
    - BUG/MEDIUM: buffer: one byte miss in buffer free space check
    - BUG/MAJOR: http: don't read past buffer's end in http_replace_value
    - BUG/MEDIUM: http: the function "(req|res)-replace-value" doesn't respect the HTTP syntax
    - BUG/MEDIUM: peers: correctly configure the client timeout
    - BUG/MINOR: compression: consider the expansion factor in init
    - BUG/MEDIUM: http: hdr_cnt would not count any header when called without name
    - BUG/MEDIUM: listener: don't report an error when resuming unbound listeners
    - BUG/MEDIUM: init: don't limit cpu-map to the first 32 processes only
    - BUG/MEDIUM: stream-int: always reset si->ops when si->end is nullified
    - BUG/MEDIUM: http: remove content-length from chunked messages
    - DOC: http: update the comments about the rules for determining transfer-length
    - BUG/MEDIUM: http: do not restrict parsing of transfer-encoding to HTTP/1.1
    - BUG/MEDIUM: http: incorrect transfer-coding in the request is a bad request
    - BUG/MEDIUM: http: remove content-length form responses with bad transfer-encoding
    - MEDIUM: http: restrict the HTTP version token to 1 digit as per RFC7230
    - MEDIUM: http: add option-ignore-probes to get rid of the floods of 408
    - BUG/MINOR: config: clear proxy->table.peers.p for disabled proxies
    - MINOR: stick-table: don't attach to peers in stopped state
    - MEDIUM: config: initialize stick-tables after peers, not before
    - MEDIUM: peers: add the ability to disable a peers section
    - DOC: document option http-ignore-probes
    - DOC: fix the comments about the meaning of msg->sol in HTTP
    - BUG/MEDIUM: http: wait for the exact amount of body bytes in wait_for_request_body
    - BUG/MAJOR: http: prevent risk of reading past end with balance url_param
    - DOC: update the doc on the proxy protocol

(rodent)

deduplicate configure argument.

(szptvlfn)

Updated sysutils/ansible to 1.6.10nb1

(jperkin)

Fix a couple of issues:

- pkgin changed its output delimiter from a space to ';' when outputting
  to a non-tty, breaking various configuration management systems which
  relied on the previous behaviour.  Handle both types in ansible until
  NetBSDfr/pkgin#46 is resolved.

- OS X 10.10 changed the behaviour of sysctl(8) to hide certain entries
  unless they are explicitly named.  Apply patch to fix hw.model and
  hw.usermem from https://github.com/ansible/ansible/pull/8171/files

Clean up patches while here.  Bump PKGREVISION.

(jperkin)

SHA1Init() is only present in the libc of NetBSD, OpenBSD & Bitrig.
Switch if statment from a *BSD wildcard to specifically listing these operating
systems so FreeBSD & DragonFlyBSD can then use security/nettle.

Reviewed by wiz@

(sevan)

For NetBSD, use TLS if available. Fixes rare asserts in automoc4 on
exit. Bump revision.

(joerg)

gets() considered harmful.

(dholland)

Fix build with Perl 5.22.

(joerg)

Explicitly specify order for library installation, since libUtils.la is
used by others and needs to be installed before to allow relinking.

(joerg)

Fix Perl 5.22 compat issue.

(joerg)

Use the buildlink3.mk of the choosen PHP to get the dependency,
otherwise bulk builds may get inconcistent versions installed.

(joerg)

Needs pkg-config.

(joerg)

Fix one more defined(@) issue.

(joerg)

Explicitly depend on libxml2 now.

(joerg)

Treat bitrig like openbsd.

(dholland)

Use standard headers.

(dholland)

Remove explicit depends on files in /usr/include, some of which may not
exist on some platforms... and some of which weren't actually used anyway.

Also fix build failure that cropped up on netbsd-current while testing
the previous.

(dholland)

Cast argument of sqrt to double to placate Solaris compiler.
Also while here remove one article of pkglint.

(dholland)

Extend this patch to a second chunk of code with the same logic.
Seen in the Solaris build.

(dholland)

Updated www/aipo to 8.0.1

(ryoon)

Update to 8.0.1

Changelog:
* Add messaging.
* UI improvements including for Smartphone.
* Many improvements.

(ryoon)

Properly install our config.guess, the symlink isn't picked up
otherwise. Fix makefml for Perl 5.22. Drop now redundant patch against
the original config.guess.

(joerg)

Update the list of build dependencies for devel/py-protobuf

This should effectively fix building this package.

(khorben)

Add a missing PERL5_PACKLIST entry, should fix build with new perl

(bouyer)

Also depend on p5-CGI and p5-CGI-Fast. Should fix build with new perl

(bouyer)

Add devel/py-google-apputils

This is necessary to fix building devel/py-protobuf.

(khorben)