Updated www/py-PasteDeploy to 1.5.2

(wiz)

Update to 1.5.2:

1.5.2
-----

* Fixed Python 3 issue in paste.deploy.util.fix_type_error()

1.5.1
-----

* Fixed use of the wrong variable when determining the context protocol

* Fixed invalid import of paste.deploy.Config to paste.deploy.config.Config

* Fixed multi proxy IPs bug in X-Forwarded-For header in PrefixMiddleware

* Fixed TypeError when trying to raise LookupError on Python 3

* Fixed exception reraise on Python 3

Thanks to Alexandre Conrad, Atsushi Odagiri, Pior Bastida and Tres Seaver for their contributions.

1.5.0
-----

* Project is now maintained by Alex Gr旦nholm <alex.gronholm@nextday.fi>

* Was printing extraneous data when calling setup.py

* Fixed missing paster template files (fixes "paster create -t paste.deploy")

* Excluded tests from release distributions

* Added support for the "call:" protocol for loading apps directly as
  functions (contributed by Jason Stitt)

* Added Python 3.x support

* Dropped Python 2.4 support

* Removed the ``paste.deploy.epdesc`` and ``paste.deploy.interfaces`` modules
  -- contact the maintainer if you actually needed them

1.3.4
-----

* Fix loadconfig path handling on Jython on Windows.

(wiz)

Updated www/py-paste to 2.0.2

(wiz)

Update to 2.0.2:

2.0.2
-----

* #22: Fix improper commas in request headers in wsgi_environ (https://bitbucket.org/ianb/paste/pull-request/22/fix-improper-commas-in-request-headers-in)
  Fixes issue #4 ("WSGI environ totally borked") (https://bitbucket.org/ianb/paste/issue/4/wsgi-environ-totally-borked)

* #24: test_wsgirequest_charset: Use UTF-8 instead of iso-8859-1 (https://bitbucket.org/ianb/paste/pull-request/24/test_wsgirequest_charset-use-utf-8-instead)
  Fixes issue #7 ("Python 3 test failure") (https://bitbucket.org/ianb/paste/issue/7/python-3-test-failure)

* #23: Replace cgi.parse_qsl w/ six.moves.urllib.parse.parse_qsl (https://bitbucket.org/ianb/paste/pull-request/23/replace-cgiparse_qsl-w)
  Fixes issue #8 ("cgi.parse_qsl is pending deprecation") (https://bitbucket.org/ianb/paste/issue/8/cgiparse_qsl-is-pending-deprecation)

* #20: Escape CGI environment variables in HTTP 404 responses (https://bitbucket.org/ianb/paste/pull-request/20/escape-cgi-environment-variables-in-http)

* #6: Add HTTP exception for new code 429 "Too Many Requests" (https://bitbucket.org/ianb/paste/pull-request/6/add-http-exception-for-new-code-429-too)

* #25: replace ``has_key`` method to ``in`` operator #9 (https://bitbucket.org/ianb/paste/pull-request/25/replace-has_key-method-to-in-operator-9)
  Fixes #9 ("used methods removed from py3") (https://bitbucket.org/ianb/paste/issue/9/used-methods-removed-from-py3)

* #5: Invalid error message when the socket is already in use (https://bitbucket.org/ianb/paste/issue/5/invalid-error-message-when-the-socket-is)

2.0.1
-----

* Fix setup.py for six dependency: move the six dependency from extras_require
  to install_requires.

* Port paste.proxy to Python 3.

* Fix paste.exceptions.serial_number_generator.hash_identifier() on Python 3.

* Fix paste.util.threadedprint.uninstall(). Rename duplicated uninstall()
  function to uninstall_stdin() and fix typo in variable name (_oldstin =>
  _oldstdin).

* Add README.rst file.

2.0
---

* Experimental Python 3 support.

* paste now requires the six module.

* Drop support of Python 2.5 and older.

* Fixed ``egg:Paste#cgi``

* In ``paste.httpserver``: give a 100 Continue response even when the
  server has been configured as an HTTP/1.0 server (clients may send
  ``Expect: 100-Continue`` before they know the version), and wrap
  100 Continue ``environ['wsgi.input']`` files with LimitedLengthFile
  just like normal request bodies are wrapped, keeping WSGI
  applications from over-reading from the socket.

* Fixed parsing of paths beginning with multiple forward slashes.

* Add tox.ini to run tests with tox on Python 2.6, 2.7 and 3.4.

(wiz)

pbr is now pulled in by mock, like it should be.
Remove here and bump PKGREVISION again.

(wiz)

Updated devel/py-mock to 1.1.2nb1

(wiz)

Add "pbr" and "six" dependencies, from requirements.txt. Bump PKGREVISION.

(wiz)

Fix builtin to not need any compiler elements in path, only to determine
version string... use awk instead to construct directly from gmp.h

(richard)

GNUpg -> GnuPG

(szptvlfn)

Pullup tickets #4762, #4763 and #4766.

(tron)

Pullup ticket #4766 - requested by taca
www/geeklog: security patch

Revisions pulled up:
- www/geeklog/Makefile                                          1.41
- www/geeklog/PLIST                                            1.20

---
  Module Name: pkgsrc
  Committed By: taca
  Date: Mon Jul  6 11:49:54 UTC 2015

  Modified Files:
  pkgsrc/www/geeklog: Makefile PLIST

  Log Message:
  Remove test and demo from wideimage library which is used by filemanger
  since these files contains XSS problem.

  Bump PKGREVISION.

(tron)

Pullup ticket #4763 - requested by joerg
devel/p5-Test-Approx: build fix

Revisions pulled up:
- devel/p5-Test-Approx/Makefile                                1.9

---
  Module Name: pkgsrc
  Committed By: joerg
  Date: Sun Jul  5 12:51:14 UTC 2015

  Modified Files:
  pkgsrc/devel/p5-Test-Approx: Makefile

  Log Message:
  Set module type correctly.

(tron)

Pullup ticket #4762 - requested by joerg
textproc/p5-Text-Microformat: build fix

Revisions pulled up:
- textproc/p5-Text-Microformat/Makefile                        1.9

---
  Module Name: pkgsrc
  Committed By: joerg
  Date: Sun Jul  5 12:42:35 UTC 2015

  Modified Files:
  pkgsrc/textproc/p5-Text-Microformat: Makefile

  Log Message:
  Set module type correctly.

(tron)

Updated pkgtools/url2pkg to 2.24

(wiz)

If URL is not recognized as "proper" github URL, don't die, but just print
a warning and continue.
Bump version.

(wiz)

Added www/py-Routes version 2.1

(wiz)

+ py-Routes.

(wiz)

Import py34-Routes-2.1 as www/py-Routes.

Routes is a Python re-implementation of the Rails routes system for
mapping URLs to Controllers/Actions and generating URLs. Routes makes
it easy to create pretty and concise URLs that are RESTful with little
effort.

Speedy and dynamic URL generation means you get a URL with minimal
cruft (no big dangling query args). Shortcut features like Named
Routes cut down on repetitive typing.

(wiz)

Added devel/py-repoze.lru version 0.6

(wiz)

+ py-repoze.lru

(wiz)

Import py34-repoze.lru-0.6 as devel/py-repoze.lru.

repoze.lru is a LRU (least recently used) cache implementation.
Keys and values that are not used frequently will be evicted from
the cache faster than keys and values that are used frequently.

(wiz)

Added www/py-URLObject version 2.4.0

(wiz)

+ py-URLObject.

(wiz)

Import py34-URLObject-2.4.0 as www/py-URLObject.

URLObject is a utility class for manipulating URLs. The latest
incarnation of this library builds upon the ideas of its predecessor,
but aims for a clearer API, focusing on proper method names over
operator overrides. It's also being developed from the ground up
in a test-driven manner, and has full Sphinx documentation.

(wiz)

Added www/py-FormEncode version 1.3.0

(wiz)

+ py-FormEncode.

(wiz)

Import py-FormEncode-1.3.0 as www/py-FormEncode.

FormEncode is a validation and form generation package.  The
validation can be used separately from the form generation.  The
validation works on compound data structures, with all parts being
nestable.  It is separate from HTTP or any other input mechanism.

(wiz)

Added www/py-waitress version 0.8.9

(wiz)

+ py-waitress.

(wiz)

Import py-waitress-0.8.9 as www/py-waitress.

Waitress is meant to be a production-quality pure-Python WSGI server
with very acceptable performance.  It has no dependencies except
ones which live in the Python standard library.  It supports HTTP/1.0
and HTTP/1.1.

(wiz)

Rename zpl to zpl-2.0 to make space for zpl-2.1.
Switch all packages currently referencing zpl to zpl-2.0.
Add zpl-2.1.
Add zpl-2.1 to default-allowed per FSF.

(wiz)

Updated net/unbound to 1.5.4

(pettai)

Unbound 1.5.4

Features:
-  [bugzilla: 644 ] harden-algo-downgrade option, if turned off,
    fixes the reported excessive validation failure when multiple
    algorithms are present. If set to 'no', it allows the weakest
    algorithm to validate the zone.
-  stats reports tcp usage, of incoming-num-tcp buffers.
-  contrib/unbound_smf22.tar.gz: Solaris SMF installation/removal
    scripts.
-  Add ip-transparent config option for bind to non-local addresses.
-  Synthesize ANY responses from cache. Does not search exhaustively,
    but MX,A,AAAA,SOA,NS also CNAME.
-  unbound-control list_insecure command shows the negative trust
    anchors currently configured.
-  ratelimit feature, ratelimit: 1000, can be used to turn it on. It
    ratelimits recursion effort per zone. For particular names you can
    configure exceptions in unbound.conf.
-  Ratelimit does not apply to prefetched queries, and
    ratelimit-factor is default 10. Repeated normal queries get resolved
    and with prefetch stay in the cache.
-  unbound-control ratelimit_list lists high rate domains.
-  caps-whitelist in unbound.conf allows whitelist of loadbalancers
    that cannot work with caps-for-id or its fallback.
-  RFC 7553 RR type URI support, is now enabled by default.
-  cache-max-negative-ttl config option, default 3600.
-  Add local-zone type inform_deny, that logs query and drops answer.

Bug Fixes:
-  Unbound exits with a fatal error when the auto-trust-anchor-file
    fails to be writable. This is seconds after startup. You can load a
    readonly auto-trust-anchor-file with trust-anchor-file. The file has
    to be writable to notice the trust anchor change, without it, a trust
    anchor change will be unnoticed and the system will then become
    inoperable.
-  DLV is going to be decommissioned. Advice to stop using it, and
    put text in the example configuration and man page to that effect.
-  Patch from Brad Smith that syncs compat/getentropy_linux with
    OpenBSD's version (2015-03-04).
-  0x20 fallback improved: servfail responses do not count as missing
    comparisons (except if all responses are errors), inability to find
    nameservers does not fail equality comparisons, many nameservers does
    not try to compare more than max-sent-count, parse failures start 0x20
    fallback procedure.
-  store caps_response with best response in case downgrade response
    happens to be the last one.
-  Document that incoming-num-tcp increase is good for large servers.
-  Fix lintian warning in unbound-checkconf man page.
-  Updated default keylength in unbound-control-setup to 3k.
-  Fixup compile on cygwin, more portable openssl thread id.
-  Use reallocarray for integer overflow protection.
-  Fixed to add integer overflow checks on allocation (defense in depth).
-  Fix segfault on user not found at startup.
-  [bugzilla: 657 ] Fix that libunbound(3) recommends deprecated
    CRYPTO_set_id_callback.
-  If unknown trust anchor algorithm, and libressl is used, error
    message encourages upgrade of the libressl package.
-  rename ldns subdirectory to sldns to avoid name collision.
-  [bugzilla: 660 ] Fix interface-automatic broken in the presence of
    asymmetric routing.
-  Libunbound skips dos-line-endings from etc/hosts.
-  Fix crash in dnstap: Do not try to log TCP responses after timeout.
-  Fix that get_option for cache-sizes does not print double newline.
-  [bugzilla: 663 ] Fix that ssl handshake fails when using unix
    socket because dh size is too small.
-  [bugzilla: 664 ] libunbound python3 related fixes (from Tomas
    Hozza); Use print_function also for Python2. libunbound examples:
    produce sorted output. libunbound-Python: libldns is not used anymore.
    Fix issue with Python 3 mapping of FILE* using file_py3.i from ldns.
-  Fix leaked dns64prefix configuration string.
-  Removed contrib/unbound_unixsock.diff, because it has been
    integrated, use control-interface: /path in unbound.conf.
-  Change syntax of particular validator error to be easier for
    machine parse, swap rrset and ip adres info so it looks like:
    validation failure <www.example.nl. TXT IN>: signature crypto failed
    from 2001:DB8:7:bba4::53 for <*.example.nl. NSEC IN>
-  Fix that unparseable error responses are ratelimited.
-  SOA negative TTL is capped at minimumttl in its rdata section.
-  [bugzilla: 674 ] Do not free pointers given by getenv.
-  [bugzilla: 677 ] Fix CNAME corresponding to a DNAME was checked
    incorrectly and was therefore always synthesized.
    And fix DNAME responses from cache that failed internal chain test.
-  iana portlist update.

(pettai)

Update PLIST for Mako-1.0.1.

(wiz)

Updated devel/py-mako to 1.0.1

(wiz)

Update to 1.0.1:

1.0.1

Released: Thu Jan 22 2015

  • [feature] Added support for Lingua, a translation extraction system as an
    alternative to Babel. Pull request courtesy Wichert Akkerman.

    References: pull request bitbucket:9

  • [bug] [py3k] Modernized the examples/wsgi/run_wsgi.py file for Py3k. Pull
    requset courtesy Cody Taylor.

    References: pull request bitbucket:11

1.0.0

Released: Sun Jun 8 2014

  • [py2k] [bug] Improved the error re-raise operation when a custom
    Template.error_handler is used that does not handle the exception; the
    original stack trace etc. is now preserved. Pull request courtesy Manfred
    Haltner.

    References: pull request bitbucket:8

  • [py2k] [bug] [filters] Added an html_escape filter that works in “non
    unicode” mode. Previously, when using disable_unicode=True, the u filter
    would fail to handle non-ASCII bytes properly. Pull request courtesy George
    Xie.

    References: pull request bitbucket:7

  • [general] Compatibility changes; in order to modernize the codebase, Mako
    is now dropping support for Python 2.4 and Python 2.5 altogether. The
    source base is now targeted at Python 2.6 and forwards.

  • [feature] Template modules now generate a JSON “metadata” structure at the
    bottom of the source file which includes parseable information about the
    templates’ source file, encoding etc. as well as a mapping of module source
    lines to template lines, thus replacing the “# SOURCE LINE” markers
    throughout the source code. The structure also indicates those lines that
    are explicitly not part of the template’s source; the goal here is to allow
    better integration with coverage and other tools.

  • [bug] [py3k] Fixed bug in decode.<encoding> filter where a non-string
    object would not be correctly interpreted in Python 3.

  • [bug] [py3k] Fixed bug in Python parsing logic which would fail on Python 3
    when a “try/except” targeted a tuple of exception types, rather than a
    single exception.

    References: #227

  • [feature] mako-render is now implemented as a setuptools entrypoint script;
    a standalone mako.cmd.cmdline() callable is now available, and the system
    also uses argparse now instead of optparse. Pull request courtesy Derek
    Harland.

    References: pull request bitbucket:5

  • [feature] The mako-render script will now catch exceptions and run them
    into the text error handler, and exit with a non-zero exit code. Pull
    request courtesy Derek Harland.

    References: pull request bitbucket:4

  • [bug] A rework of the mako-render script allows the script to run correctly
    when given a file pathname that is outside of the current directory, e.g.
    mako-render ../some_template.mako. In this case, the “template root”
    defaults to the directory in which the template is located, instead of ”.”.
    The script also accepts a new argument --template-dir which can be
    specified multiple times to establish template lookup directories. Standard
    input for templates also works now too. Pull request courtesy Derek
    Harland.

    References: pull request bitbucket:2

  • [feature] [py3k] Support is added for Python 3 “keyword only” arguments, as
    used in defs. Pull request courtesy Eevee.

    References: pull request github:7

0.9

0.9.1

Released: Thu Dec 26 2013

  • [bug] Fixed bug in Babel plugin where translator comments would be lost if
    intervening text nodes were encountered. Fix courtesy Ned Batchelder.

    References: #225

  • [bug] Fixed TGPlugin.render method to support unicode template names in
    Py2K - courtesy Vladimir Magamedov.

  • [bug] Fixed an AST issue that was preventing correct operation under alpha
    versions of Python 3.4. Pullreq courtesy Zer0-.

  • [bug] Changed the format of the “source encoding” header output by the code
    generator to use the format # -*- coding:%s -*- instead of # -*-
    encoding:%s -*-; the former is more common and compatible with emacs.
    Courtesy Martin Geisler.

  • [bug] Fixed issue where an old lexer rule prevented a template line which
    looked like “#*” from being correctly parsed.

    References: #224

0.9.0

Released: Tue Aug 27 2013

  • [bug] The Context.locals_() method becomes a private underscored method, as
    this method has a specific internal use. The purpose of Context.kwargs has
    been clarified, in that it only delivers top level keyword arguments
    originally passed to template.render().

    References: #219

  • [bug] Fixed the babel plugin to properly interpret ${} sections inside of a
    “call” tag, i.e. <%self:some_tag attr=”${_(‘foo’)}”/>. Code that’s subject
    to babel escapes in here needs to be specified as a Python expression, not
    a literal. This change is backwards incompatible vs. code that is relying
    upon a _(‘’) translation to be working within a call tag.

  • [bug] The Babel plugin has been repaired to work on Python 3.

    References: #187

  • [bug] Using <%namespace import=”*” module=”somemodule”/> now skips over
    module elements that are not explcitly callable, avoiding TypeError when
    trying to produce partials.

    References: #207

  • [bug] Fixed Py3K bug where a “lambda” expression was not interpreted
    correctly within a template tag; also fixed in Py2.4.

    References: #190

(wiz)

No need to set BuildDmx twice. Ride previous bump.

(dholland)

xorg-cf-files

(dholland)

PR pkg/50050 David Shao: remove use of -lxpg4 on Dragonfly. PKGREVISION++

(dholland)

Upstream fix for ignored TLSDHParamFile option

>From 6f120920d359d3b880c5c56bde4c1b91c3bedb01 Mon Sep 17 00:00:00 2001
From: Ben Jencks <ben@bjencks.net>
Date: Sun, 27 Jan 2013 18:27:03 -0500
Subject: [PATCH] ITS#7506 tls_o.c: Fix Diffie-Hellman parameter usage.

If a DHParamFile or olcDHParamFile is specified, then it will be used,
otherwise a hardcoded 1024 bit parameter will be used. This allows the use of
larger parameters; previously only 512 or 1024 bit parameters would ever be
used.

>From cfeb28412c28ce9feeea6e6c055286f201bd0a34 Mon Sep 17 00:00:00 2001
From: Howard Chu <hyc@openldap.org>
Date: Sat, 7 Sep 2013 06:39:53 -0700
Subject: [PATCH] ITS#7506 fix prev commit

The patch unconditionally enabled DHparams, which is a significant
change of behavior. Reverting to previous behavior, which only enables
DH use if a DHparam file was configured.

(manu)

Bump PKGREVISION for poppler shlib major bump.

(wiz)

Updated filesystems/tahoe-lafs to 1.10.1nb1

(wiz)

One of the dependencies now wants py-pbr, so tahoe-lafs wants it too.
Add the dependency, bump PKGREVISION.

(wiz)

Updated devel/py-pbr to 1.3.0

(wiz)

Update to 1.3.0:

1.3.0
-----

* Wrap env markers in parens
* Updated from global requirements
* Add more documentation around building docs
* Updated from global requirements
* Use string for 'OS_TEST_TIMEOUT' default
* Updated from global requirements
* This documents the use of comments that work between 2.6, 2.7 and 3.4

(wiz)

Fix package by adding 'zip' to tools.
Mark as not for python-3.x.

(wiz)

Fix packaging after compressed-mbox patch changes.

(wiz)

Fix build with poppler-0.34.

(wiz)

Switch to .tar.gz, no more double zipping and dos2unix.
No functional change, but the package is much nicer now.

(wiz)

Pullup tickets #4765, #4771, #4772, #4773 and #4774.

(tron)

Pullup ticket #4765 - requested by taca
www/typo3_62: security update

Revisions pulled up:
- www/typo3_62/Makefile                                        1.7
- www/typo3_62/PLIST                                            1.6
- www/typo3_62/distinfo                                        1.6

---
  Module Name: pkgsrc
  Committed By: taca
  Date: Sat Jul  4 09:58:30 UTC 2015

  Modified Files:
  pkgsrc/www/typo3_62: Makefile PLIST distinfo

  Log Message:
  Update typo3_62 to 6.2.14 (TYPO3 6.2.14).

  2015-07-01  e7376af                  [RELEASE] Release of TYPO3 6.2.14 =
  (TYPO3 Release Team)
  2015-07-01  0f3fb37  #59231          [SECURITY] Add hook to implement l=
  ogin protection methods (Nicole Cordes)
  2015-07-01  2973b57  #67538          [SECURITY] Disallow access to fall=
  back storage '0' (Nicole Cordes)
  2015-07-01  8546772  #67458          [SECURITY] XSS in 3rd party librar=
  y Flowplayer (Wouter Wolters)
  2015-07-01  9be2f6b  #34107          [SECURITY] Encode link text proper=
  ly in typolink (Nicole Cordes)
  2015-07-01  7695d91  #59211          [SECURITY] XSS in Filelist (Markus=
    Bucher)
  2015-07-01  4f6e84b  #59258          [SECURITY] Regenerate session id u=
  pon login if needed (Helmut Hummel)
  2015-07-01  bff9fa5  #56644          [SECURITY] Prevent edit of file me=
  tadata of files with no access (Marc Bastian Heinrichs)
  2015-07-01  fac6e13  #67799,#67775  [TASK] Travis: container based and=
    no composer self-update (Christian Kuhn)
  2015-07-01  ca0df84  #67835          [BUGFIX] Use single quotes in quer=
  y for values in EXT:workspaces (Andreas Fernandez)
  2015-07-01  e742451  #67867          [BUGFIX] Duplicate XLIFF identifie=
  rs (Xavier Perseguers)
  2015-07-01  af872e2  #65205          [BUGFIX] Load language file for er=
  ror messages (Nicole Cordes)
  2015-07-01  1f19bb5  #66895          [BUGFIX] Correction of Filelink of=
    FAL in linkvalidator (Pierre Boivin)
  2015-07-01  603edc3  #67837          [BUGFIX] 1st level cache for ``Que=
  ryResult::count()`` (Mathias Brodala)
  2015-06-30  a5bec24  #16840          [BUGFIX] hmenu.special =3D list mu=
  st evaluate showAccessRestrictedPages (Gilles FOUET)
  2015-06-30  f151333  #67834          [BUGFIX] Fix SQL error in IndexSea=
  rchRepository (Tim Schreiner)
  2015-06-29  d9d1754  #67779          [TASK] Travis: Add github oauth to=
  ken (Anja Leichsenring)
  2015-06-29  abbfcac                  [FOLLOWUP][BUGFIX] Only count item=
  s in ForViewHelper when ``iteration`` argument is set (Anja Leichsenrin=
  g)
  2015-06-29  3db88fe  #67801          [BUGFIX] Only count items in ForVi=
  ewHelper when ``iteration`` argument is set (Mathias Brodala)
  2015-06-26  e1198d9  #67770          [BUGFIX] Fix wrong variable spelli=
  ng in RteHtmlParser (Markus Klein)
  2015-06-26  0f4157b  #50231          [BUGFIX] Increase lifetime of cach=
  e_rootline (Christian Kuhn)
  2015-06-25  53d22b5  #67238          [BUGFIX] Avoid race conditions in =
  typo3temp/Cache (Bernhard Kraft)
  2015-06-25  ed1948d  #67735          [BUGFIX] Make ext_update working (=
  Markus Klein)
  2015-06-25  583eb67  #67703          [BUGFIX] Cleanup AbstractException=
  Handler and fix variable access (Mathias Schreiber)
  2015-06-23  9d8c63b  #67697          [TASK] Bump class alias loader ver=
  sion (Helmut Hummel)
  2015-06-23  0edaed8  #67696          [TASK] Bump composer installer ver=
  sion (Helmut Hummel)
  2015-06-23  25aa461  #67466          [TASK] Improve "Overwrite files" m=
  essage (Alina Fleser)
  2015-06-22  8d2fc92  #67620          [BUGFIX] Illegal string offset in =
  DataPreprocessor (Wouter Wolters)
  2015-06-22  2f9eca0  #24858          [BUGFIX] "fixed_lgd_cs" may crash =
  in eID environment (Benjamin Mack)
  2015-06-22  396595f  #67563          [BUGFIX] Render correct menu item =
  for broken shortcut (Andreas Wolf)
  2015-06-21  0d0b502  #23270          [BUGFIX] Correctly handle forceTyp=
  eValue =3D 0 (Benjamin Mack)
  2015-06-20  75114d6  #22774          [BUGFIX] Sorting ignored in "Templ=
  ate Overview" (Reinhard F=FChricht)
  2015-06-19  ec1d0cb  #67413          [BUGFIX] Don't force lowercase on =
  SQL SET() values (Stephan Gro=DFberndt)
  2015-06-18  af4c2a0  #66352          [BUGFIX] Properly resolve link for=
  mat to page type (Daniel Schmidt)
  2015-06-18  e903c84  #67432          [BUGFIX] Check if file exists befo=
  re deletion (Christoph Lehmann)
  2015-06-18  88f3653  #67543          [BUGFIX] Fix check for import / ex=
  port folder (Alexander Stehlik)
  2015-06-18  9e228bc  #67599          [BUGFIX] Use single quotes for pas=
  sword check (Andreas Fernandez)
  2015-06-18  28bdc45  #65563          [BUGFIX] File metadata can't be ed=
  ited inline (Benjamin Mack)
  2015-06-18  ee8c8b9  #67586          [TASK] Add basic unit tests for Co=
  ntentObjectRenderer::typoLink (Nicole Cordes)
  2015-06-17  0b7dee6  #56296          [BUGFIX] Properly escape option va=
  lue for groups (Wouter Wolters)
  2015-06-17  77ac8f2  #64654          [BUGFIX] Fix SQL error on recursiv=
  e TypoScript template inclusion (Andreas Fernandez)
  2015-06-17  856ca19  #60261          [BUGFIX] Add "tx_felogin" folder i=
  n "uploads" folder during install (Jonathan IROULIN)
  2015-06-16  d4ee83c  #53034          [BUGFIX] Always use MCRYPT_DEV_URA=
  NDOM if using mcrypt (Helmut Hummel)
  2015-06-15  4eff898  #67463          [BUGFIX] Scheduler now throws OutO=
  fBoundsException on SQL query error (Mathias Schreiber)
  2015-06-15  c90515e  #64429          [TASK] Remove version number from =
  generator tag (Wouter Wolters)
  2015-06-11  af1b31b  #67408          [TASK] Nail down php 5.6 instantia=
  tion issues in tests (Christian Kuhn)
  2015-06-10  0d91bf6  #67383          [BUGFIX] Check $http_response_head=
  ers in GeneralUtility::getUrl() (Andreas Fernandez)

(tron)

Pullup ticket #4774 - requested by taca
lang/php56: security update

Revisions pulled up:
- lang/php/phpversion.mk                                        1.105
- lang/php56/Makefile                                          1.7
- lang/php56/distinfo                                          1.13
- lang/php56/patches/patch-ext_spl_spl__heap.c                  deleted

---
  Module Name: pkgsrc
  Committed By: taca
  Date: Sat Jul 11 00:31:01 UTC 2015

  Modified Files:
  pkgsrc/lang/php: phpversion.mk
  pkgsrc/lang/php56: Makefile distinfo
  Removed Files:
  pkgsrc/lang/php56/patches: patch-ext_spl_spl__heap.c

  Log Message:
  Update php56 to 5.6.11.

  10 Jul 2015, PHP 5.6.11

  - Core:
    . Fixed bug #69768 (escapeshell*() doesn't cater to !). (cmb)
    . Fixed bug #69703 (Use __builtin_clzl on PowerPC).
      (dja at axtens dot net, Kalle)
    . Fixed bug #69732 (can induce segmentation fault with basic php code).
      (Dmitry)
    . Fixed bug #69642 (Windows 10 reported as Windows 8).
      (Christian Wenz, Anatol Belski)
    . Fixed bug #69551 (parse_ini_file() and parse_ini_string() segmentation
      fault). (Christoph M. Becker)
    . Fixed bug #69781 (phpinfo() reports Professional Editions of Windows
      7/8/8.1/10 as "Business"). (Christian Wenz)
    . Fixed bug #69740 (finally in generator (yield) swallows exception in
      iteration). (Nikita)
    . Fixed bug #69835 (phpinfo() does not report many Windows SKUs).
      (Christian Wenz)
    . Fixed bug #69892 (Different arrays compare indentical due to integer key
      truncation). (Nikita)
    . Fixed bug #69874 (Can't set empty additional_headers for mail()), regression
      from fix to bug #68776. (Yasuo)

  - GD:
    . Fixed bug #61221 (imagegammacorrect function loses alpha channel). (cmb)

  - GMP:
    . Fixed bug #69803 (gmp_random_range() modifies second parameter if GMP
      number). (Nikita)

  - PCRE:
    . Fixed Bug #53823 (preg_replace: * qualifier on unicode replace garbles the
      string). (cmb)
    . Fixed bug #69864 (Segfault in preg_replace_callback) (cmb, ab)

  - PDO_pgsql:
    . Fixed bug #69752 (PDOStatement::execute() leaks memory with DML
      Statements when closeCuror() is u). (Philip Hofstetter)
    . Fixed bug #69362 (PDO-pgsql fails to connect if password contains a
      leading single quote). (Matteo)
    . Fixed bug #69344 (PDO PgSQL Incorrect binding numeric array with gaps).
      (Matteo)

  - SimpleXML:
    . Refactored the fix for bug #66084 (simplexml_load_string() mangles empty
      node name). (Christoph Michael Becker)

  - SPL:
    . Fixed bug #69737 (Segfault when SplMinHeap::compare produces fatal error).
      (Stas)
    . Fixed bug #67805 (SplFileObject setMaxLineLength). (Willian Gustavo Veiga).
    . Fixed bug #69970 (Use-after-free vulnerability in
      spl_recursive_it_move_forward_ex()). (Laruence)

  - Sqlite3:
    . Fixed bug #69972 (Use-after-free vulnerability in
      sqlite3SafetyCheckSickOrOk()). (Laruence)

(tron)

Pullup ticket #4773 - requested by taca
lang/php55: security update

Revisions pulled up:
- lang/php/phpversion.mk                                        1.104
- lang/php55/Makefile                                          1.22
- lang/php55/distinfo                                          1.43
- lang/php55/patches/patch-ext_spl_spl__heap.c                  deleted

---
  Module Name: pkgsrc
  Committed By: taca
  Date: Sat Jul 11 00:30:11 UTC 2015

  Modified Files:
  pkgsrc/lang/php: phpversion.mk
  pkgsrc/lang/php55: Makefile distinfo
  Removed Files:
  pkgsrc/lang/php55/patches: patch-ext_spl_spl__heap.c

  Log Message:
  Update php55 to 5.5.27.

  09 Jul 2015, PHP 5.5.27

  - Core:
    . Fixed bug #69768 (escapeshell*() doesn't cater to !). (cmb)
    . Fixed bug #69703 (Use __builtin_clzl on PowerPC).
      (dja at axtens dot net, Kalle)
    . Fixed bug #69732 (can induce segmentation fault with basic php code).
      (Dmitry)
    . Fixed bug #69642 (Windows 10 reported as Windows 8).
      (Christian Wenz, Anatol Belski)
    . Fixed bug #69551 (parse_ini_file() and parse_ini_string() segmentation
      fault). (Christoph M. Becker)
    . Fixed bug #69781 (phpinfo() reports Professional Editions of Windows
      7/8/8.1/10 as "Business"). (Christian Wenz)
    . Fixed bug #69835 (phpinfo() does not report many Windows SKUs).
      (Christian Wenz)
    . Fixed bug #69892 (Different arrays compare indentical due to integer key
      truncation). (Nikita)
    . Fixed bug #69874 (Can't set empty additional_headers for mail()), regression
      from fix to bug #68776. (Yasuo)

  - GD:
    . Fixed bug #61221 (imagegammacorrect function loses alpha channel). (cmb)

  - Mysqlnd:
    . Fixed bug #69669 (mysqlnd is vulnerable to BACKRONYM) (CVE-2015-3152).
      (Andrey)

  - PCRE:
    . Fixed Bug #53823 (preg_replace: * qualifier on unicode replace garbles the
      string). (cmb)
    . Fixed bug #69864 (Segfault in preg_replace_callback) (cmb, ab)

  - PDO_pgsql:
    . Fixed bug #69752 (PDOStatement::execute() leaks memory with DML
      Statements when closeCuror() is u). (Philip Hofstetter)
    . Fixed bug #69362 (PDO-pgsql fails to connect if password contains a
      leading single quote). (Matteo)
    . Fixed bug #69344 (PDO PgSQL Incorrect binding numeric array with gaps).
      (Matteo)

  - Phar:
    . Fixed bug #69958 (Segfault in Phar::convertToData on invalid file). (Stas)
    . Fixed bug #69923 (Buffer overflow and stack smashing error in
      phar_fix_filepath). (Stas)

  - SimpleXML:
    . Refactored the fix for bug #66084 (simplexml_load_string() mangles empty
      node name). (Christoph Michael Becker)

  - SPL:
    . Fixed bug #69737 (Segfault when SplMinHeap::compare produces fatal error).
      (Stas)
    . Fixed bug #67805 (SplFileObject setMaxLineLength). (Willian Gustavo Veiga).

(tron)

Pullup ticket #4772 - requested by taca
lang/php54: security update

Revisions pulled up:
- lang/php/phpversion.mk                                        1.103
- lang/php54/Makefile                                          1.30
- lang/php54/distinfo                                          1.61

---
  Module Name: pkgsrc
  Committed By: taca
  Date: Sat Jul 11 00:29:17 UTC 2015

  Modified Files:
  pkgsrc/lang/php: phpversion.mk
  pkgsrc/lang/php54: Makefile distinfo

  Log Message:
  Update php54 to 5.4.43.

  09 Jul 2015 PHP 5.4.43

  - Core:
    . Fixed bug #69768 (escapeshell*() doesn't cater to !). (cmb)
    . Fixed bug #69874 (Can't set empty additional_headers for mail()), regression
      from fix to bug #68776. (Yasuo)

  - Mysqlnd:
    . Fixed bug #69669 (mysqlnd is vulnerable to BACKRONYM) (CVE-2015-3152).
      (Andrey)

  - Phar:
    . Fixed bug #69958 (Segfault in Phar::convertToData on invalid file). (Stas)
    . Fixed bug #69923 (Buffer overflow and stack smashing error in
      phar_fix_filepath). (Stas)

(tron)

+ fish-2.2.0, gnustep-objc-1.8, tigervnc-1.5.0.

(wiz)

Pullup ticket #4771 - requested by taca
security/openssh: security update

Revisions pulled up:
- security/openssh/Makefile                                    1.233
- security/openssh/distinfo                                    1.92-1.93
- security/openssh/options.mk                                  1.30
- security/openssh/patches/patch-Makefile.in                    1.4
- security/openssh/patches/patch-auth-passwd.c                  1.2
- security/openssh/patches/patch-auth-rhosts.c                  1.2
- security/openssh/patches/patch-auth.c                        1.3
- security/openssh/patches/patch-auth1.c                        1.3
- security/openssh/patches/patch-auth2.c                        1.4
- security/openssh/patches/patch-channels.c                    1.2
- security/openssh/patches/patch-clientloop.c                  1.2
- security/openssh/patches/patch-compat.c                      deleted
- security/openssh/patches/patch-config.h.in                    1.4
- security/openssh/patches/patch-configure                      deleted
- security/openssh/patches/patch-configure.ac                  1.4
- security/openssh/patches/patch-defines.h                      1.3
- security/openssh/patches/patch-includes.h                    1.3
- security/openssh/patches/patch-openbsd-compat_openbsd-compat.h 1.3
- security/openssh/patches/patch-openbsd-compat_port-tun.c      1.2
- security/openssh/patches/patch-platform.c                    1.4
- security/openssh/patches/patch-scp.c                          1.3
- security/openssh/patches/patch-session.c                      1.4
- security/openssh/patches/patch-ssh.c                          1.4
- security/openssh/patches/patch-sshconnect.c                  deleted
- security/openssh/patches/patch-sshd.8                        1.1
- security/openssh/patches/patch-sshd.c                        1.4
- security/openssh/patches/patch-sshpty.c                      1.2

---
  Module Name: pkgsrc
  Committed By: taca
  Date: Thu Jul  9 16:14:24 UTC 2015

  Modified Files:
  pkgsrc/security/openssh: Makefile distinfo options.mk
  pkgsrc/security/openssh/patches: patch-Makefile.in patch-auth-passwd.c
      patch-auth-rhosts.c patch-auth.c patch-auth1.c patch-auth2.c
      patch-channels.c patch-clientloop.c patch-config.h.in
      patch-configure.ac patch-defines.h patch-includes.h
      patch-openbsd-compat_openbsd-compat.h
      patch-openbsd-compat_port-tun.c patch-platform.c patch-scp.c
      patch-session.c patch-ssh.c patch-sshd.c patch-sshpty.c
  Added Files:
  pkgsrc/security/openssh/patches: patch-sshd.8
  Removed Files:
  pkgsrc/security/openssh/patches: patch-compat.c patch-configure
      patch-sshconnect.c

  Log Message:
  Update openssh to 6.9.1 (OpenSSH 6.9p1) which contains security fix.

  pkgsrc change:

  * tcp_wrappers support was removed from release 6.7, but add it refering
    FreeBSD's ports.
  * hpn-patch is also based on FreeBSD's ports.

  Security
  --------

    * ssh(1): when forwarding X11 connections with ForwardX11Trusted=no,
      connections made after ForwardX11Timeout expired could be permitted
      and no longer subject to XSECURITY restrictions because of an
      ineffective timeout check in ssh(1) coupled with "fail open"
      behaviour in the X11 server when clients attempted connections with
      expired credentials. This problem was reported by Jann Horn.

    * ssh-agent(1): fix weakness of agent locking (ssh-add -x) to
      password guessing by implementing an increasing failure delay,
      storing a salted hash of the password rather than the password
      itself and using a timing-safe comparison function for verifying
      unlock attempts. This problem was reported by Ryan Castellucci.

  For more information, please refer release announce.

  http://www.openssh.com/txt/release-6.9
  http://www.openssh.com/txt/release-6.8
  http://www.openssh.com/txt/release-6.7

---
  Module Name: pkgsrc
  Committed By: dsainty
  Date: Fri Jul 10 07:00:29 UTC 2015

  Modified Files:
  pkgsrc/security/openssh: distinfo

  Log Message:
  Remove dangling stale hash for patch-sshconnect.c

(tron)

Updated textproc/py-html2text to 2015.6.21

(wiz)

Update to 2015.6.21:

2015.6.21
=========
----

* Fix #31: HTML entities stay inside link.
* Fix #71: Coverage detects command line tests.
* Fix #39: Documentation update.
* Fix #61: Functionality added for optional use of automatic links.
* Feature #80: ``title`` attribute is preserved in both inline and reference links.
* Feature #82: More command line options. See docs.

2015.6.12
=========
----

* Feature #76: Making ``pre`` blocks clearer for further automatic formatting.
* Fix #71: Coverage detects tests carried out in ``subprocesses``

2015.6.6
========
----

* Fix #24: ``3.200.3`` vs ``2014.7.3`` output quirks.
* Fix #61. Malformed links in markdown output.
* Feature #62: Automatic version number.
* Fix #63: Nested code, anchor bug.
* Fix #64: Proper handling of anchors with content that starts with tags.
* Feature #67: Documentation all over the module.
* Feature #70: Adding tests for the module.
* Fix #73: Typo in config documentation.

(wiz)

Updated www/ap2-perl to 2.0.9

(wiz)

Update to 2.0.9, even though it doesn't support 5.22 yet, as it claims;
at least it supports 5.20.0.

2.0.9 June 18, 2015

Add note to README about MP_INLINE problem when building with GCC 5.
[Niko Tyni <ntyni@debian.org>]

Fix t/api/aplog.t for apr-1.5.2. [Steve Hay]

Note that Perl 5.22.x is currently not supported. This is logged as
CPAN RT#101962 and will hopefully be addressed in 2.0.10. [Steve Hay]

Fix unthreaded build, which was broken in 2.0.9-rc2. [Steve Hay]

Remove PerlInterpScope. This has not been working properly with threaded
MPMs with httpd-2.4.x and the use-case of this directive was questionable.
[Jan Kaluza]

Allow running the test suite with httpd-2.4.x when mod_access_compat is not
loaded. [Steve Hay]

Add support for Apache httpd-2.4.x. [Torsten Foertsch, Jan Kaluza,
Steve Hay, Gozer]

Don't call modperl_threaded_mpm() et al. from XS code. Fixes Debian Bug
#765174. [Niko Tyni <ntyni@debian.org>]

Make sure modperl_interp_select uses r->server rather than the passed s
parameter to find the interpreter pool to pull an interpreter from. This
fixes an issue with vhosts with a separate interpreter pool and runtime
dir-config merges that used to pull the interpreter from the wrong pool.
[Torsten Foertsch]

PerlInterpScope is now more advisory. Using $(c|r)->pnotes will bind
the current interpreter to that object for it's lifetime.
$(c|r)->pnotes_kill() can be used to prematurely drop pnotes and
remove this binding. [Torsten Foertsch]

Now correctly invokes PerlCleanupHandlers, even if they are the only
handler type configured for that request [Torsten Foertsch]

For threaded MPMs, change interpreter managment to a new, reference-counted
allocation model. [Torsten Foertsch]

Expose modperl_interp_pool_t via ModPerl::InterpPool, modperl_tipool_t
via ModPerl::TiPool and modperl_tipool_config_t via ModPerl::TiPoolConfig
[Torsten Foertsch]

Expose modperl_interp_t via ModPerl::Interpreter [Torsten Foertsch]

Fix t/compat/apache_file.t on Windows. Apache::File->tmpfile() wants TMPDIR
or TEMP from the environment, or else defaults to /tmp. The latter is no
good on Windows, so make sure the environment variables are passed through.
(TEMP should be set to something suitable on Windows.) [Steve Hay]

Fix t/api/err_headers_out.t with HTTP::Headers > 6.00. [Rolando
<rolosworld@gmail.com>]

Fix the build with VC++ and dmake (rather than nmake) on Windows. The
Makefile generated by Apache2::Build uses shell commands for the manifest
file, but neglected to tell dmake to use the shell. [Steve Hay]

Don't write an 'rpm' target into the Makefile on Windows. It isn't relevant
on Windows, and the (hard-coded, not MakeMaker-generated) recipe group has
syntax which dmake doesn't understand. [Steve Hay]

(wiz)

Fix ftruncate. From startaq in
https://github.com/mamedev/mame/pull/257

(wiz)

Add ruby-ref

(fhajny)

Added devel/ruby-ref version 2.0.0

(fhajny)

Import ref-2.0.0 as devel/ruby-ref.

This library provides object references for Ruby as well as some
common utilities for working with references. Object references
are used to point to other objects and come in three distinct
flavors that interact differently with the garbage collector.

(fhajny)

Mention emulators/mess removal.

(wiz)

Remove emulators/mess, now part of emulators/mame.

(wiz)

Updated emulators/mame to 0.163

(wiz)

Update to 0.163. Major change compared to previous 0.159:
MESS is now part of MAME.

Otherwise, the usual improvements and new drivers.

(wiz)

Bump PKGREVISION for libnotify dependency.

(wiz)

Change position where GCC_REQD is defined to help with potential race
condition against bsd.prefs.mk.

(fhajny)

Add libnotify dependency.

(youri)

Restore SSL functionnality with OpenSSL 1.0.1p (revision bump)

This changes just bumps PKGREVISION after patches were added
in mysql56-client/patches which impact mysql56-server.

For the record, the commit log or that patches:
> With OpenSSL 1.0.1p upgrade, DH parameters below 1024 bits are now
> refused. MySQL hardcodes 512 bits DH parameters and will therefore
> fail to run SSL connexions with OpenSSL 1.0.1p
>
> Apply fix from upstream:
> https://github.com/mysql/mysql-server/commit/866b988a76e8e7e217017a7883a52a12ec5024b9

(manu)

Add a build dependency on xsltproc when building with the compressed-mbox patch

(tonio)

Updated sysutils/mtx to 1.3.12nb1

(bouyer)

After executing a scsi command reset the timeout to default value
(like other scsi backends do).
Bump PKGREVISION

(bouyer)

Restore SSL functionnality with OpenSSL 1.0.1p

With OpenSSL 1.0.1p upgrade, DH parameters below 1024 bits are now
refused. MySQL hardcodes 512 bits DH parameters and will therefore
fail to run SSL connexions with OpenSSL 1.0.1p

Apply fix from upstream:
https://github.com/mysql/mysql-server/commit/866b988a76e8e7e217017a7883a52a12ec5024b9

(manu)

Updated chat/mcabber to 1.0.0

(degroote)

Update to 1.0.0

mcabber (1.0.0)

* Message Carbons support / XEP-0280 (Roeland Jago Douma)
* Support for using external password managers (Christian Burkert)
* [UI] Add a backward completion (Oleg)
* [UI] Multilanguage spell checking (Dmitry Potapov)
* [UI] New option 'buffer_smart_scrolling' to lock buffer automatically
  when scrolled up (Hermitifier)
* [UI] New command /roster next_open_buffer
* [UI] New option 'attention_char'
* [UI] Try to display the GLib warnings in the log window
* [UI] Display the number of occupants in MUC rooms (shizeeque)
* [UI] New option switch /room topic -u to unescape the topic (shizeeque)
* [MUC] Support for storing MUC room passwords (Nico Golde)
* [MUC] Use bookmarked password (if any) when using "/room join"
* [Hooks] New "hook-mdr-received" hook
* Remove support for obsolete XEP 22 (Frank Zschockelt)
* Misc. bugfixes and minor improvements

-- Mikael, 2015-06-28

(degroote)

Updated net/dnsmasq to 2.73

(fhajny)

Update net/dnsmasq to 2.73.
Fix build on SunOS.

Version 2.73
  Fix crash at startup when an empty suffix is supplied to
  --conf-dir, also trivial memory leak. Thanks to
  Tomas Hozza for spotting this.

  Remove floor of 4096 on advertised EDNS0 packet size when
  DNSSEC in use, the original rationale for this has long gone.
  Thanks to Anders Kaseorg for spotting this.

  Use inotify for checking on updates to /etc/resolv.conf and
  friends under Linux. This fixes race conditions when the files are
  updated rapidly and saves CPU by noy polling. To build
  a binary that runs on old Linux kernels without inotify,
  use make COPTS=-DNO_INOTIFY

  Fix breakage of --domain=<domain>,<subnet>,local - only reverse
  queries were intercepted. THis appears to have been broken
  since 2.69. Thanks to Josh Stone for finding the bug.

  Eliminate IPv6 privacy addresses and deprecated addresses from
  the answers given by --interface-name. Note that reverse queries
  (ie looking for names, given addresses) are not affected.
  Thanks to Michael Gorbach for the suggestion.

  Fix crash in DNSSEC code with long RRs. Thanks to Marco Davids
  for the bug report.

  Add --ignore-address option. Ignore replies to A-record
  queries which include the specified address. No error is
  generated, dnsmasq simply continues to listen for another
  reply. This is useful to defeat blocking strategies which
  rely on quickly supplying a forged answer to a DNS
  request for certain domains, before the correct answer can
  arrive. Thanks to Glen Huang for the patch.

  Revisit the part of DNSSEC validation which determines if an
  unsigned answer is legit, or is in some part of the DNS
  tree which should be signed. Dnsmasq now works from the
  DNS root downward looking for the limit of signed
  delegations, rather than working bottom up. This is
  both more correct, and less likely to trip over broken
  nameservers in the unsigned parts of the DNS tree
  which don't respond well to DNSSEC queries.

  Add --log-queries=extra option, which makes logs easier
  to search automatically.

  Add --min-cache-ttl option. I've resisted this for a long
  time, on the grounds that disbelieving TTLs is never a
  good idea, but I've been persuaded that there are
  sometimes reasons to do it. (Step forward, GFW).
  To avoid misuse, there's a hard limit on the TTL
  floor of one hour. Thansk to RinSatsuki for the patch.

  Cope with multiple interfaces with the same link-local
  address. (IPv6 addresses are scoped, so this is allowed.)
  Thanks to Cory Benfield for help with this.

  Add --dhcp-hostsdir. This allows addition of new host
  configurations to a running dnsmasq instance much more
  cheaply than having dnsmasq re-read all its existing
  configuration each time.

  Don't reply to DHCPv6 SOLICIT messages if we're not
  configured to do stateful DHCPv6. Thanks to Win King Wan
  for the patch.

  Fix broken DNSSEC validation of ECDSA signatures.

  Add --dnssec-timestamp option, which provides an automatic
  way to detect when the system time becomes valid after
  boot on systems without an RTC, whilst allowing DNS
  queries before the clock is valid so that NTP can run.
  Thanks to Kevin Darbyshire-Bryant for developing this idea.

  Add --tftp-no-fail option. Thanks to Stefan Tomanek for
  the patch.

  Fix crash caused by looking up servers.bind, CHAOS text
  record, when more than about five --servers= lines are
  in the dnsmasq config. This causes memory corruption
  which causes a crash later. Thanks to Matt Coddington for
  sterling work chasing this down.

  Fix crash on receipt of certain malformed DNS requests.
  Thanks to Nick Sampanis for spotting the problem.
  Note that this is could allow the dnsmasq process's
  memory to be read by an attacker under certain
  circumstances, so it has a CVE, CVE-2015-3294

  Fix crash in authoritative DNS code, if a .arpa zone
  is declared as authoritative, and then a PTR query which
  is not to be treated as authoritative arrived. Normally,
  directly declaring .arpa zone as authoritative is not
  done, so this crash wouldn't be seen. Instead the
  relevant .arpa zone should be specified as a subnet
  in the auth-zone declaration. Thanks to Johnny S. Lee
  for the bugreport and initial patch.

  Fix authoritative DNS code to correctly reply to NS
  and SOA queries for .arpa zones for which we are
  declared authoritative by means of a subnet in auth-zone.
  Previously we provided correct answers to PTR queries
  in such zones (including NS and SOA) but not direct
  NS and SOA queries. Thanks to Johnny S. Lee for
  pointing out the problem.

  Fix logging of DHCPREPLY which should be suppressed
  by quiet-dhcp6. Thanks to J. Pablo Abonia for
  spotting the problem.

  Try and handle net connections with broken fragmentation
  that lose large UDP packets. If a server times out,
  reduce the maximum UDP packet size field in the EDNS0
  header to 1280 bytes. If it then answers, make that
  change permanent.

  Check IPv4-mapped IPv6 addresses when --stop-rebind
  is active. Thanks to Jordan Milne for spotting this.

  Allow DHCPv4 options T1 and T2 to be set using --dhcp-option.
  Thanks to Kevin Benton for patches and work on this.

  Fix code for DHCPCONFIRM DHCPv6 messages to confirm addresses
  in the correct subnet, even of not in dynamic address
  allocation range. Thanks to Steve Hirsch for spotting
  the problem.

  Add AddDhcpLease and DeleteDhcpLease DBus methods. Thanks
  to Nicolas Cavallari for the patch.

  Allow configuration of router advertisements without the
  "on-link" bit set. Thanks to Neil Jerram for the patch.

  Extend --bridge-interface to DHCPv6 and router
  advertisements. Thanks to Neil Jerram for the patch.

(fhajny)

Updated sysutils/cdrtools to 3.01alpha30

(wiz)

Update to 3.01a30:

NEW features of cdrtools-3.01a30:

****************
This is the final release candidate for cdrtools-3.01-final
****************

All:

- include/schily/signal.h now includes siginfo.h to make sure it
compiles even on very old Solaris versions where signal.h did not
yet include siginfo.h.

- include/schily/wait.h add a missing closing bracket for Haiku

- include/schily/wait.h added CLD_* macros and the enum idtype_t in case
they are missing. This allows to implement a waitid() emulation.

- include/schily/wait.h now includes schily/signal.h in case that
the local /usrinclude/sys/wait.h is non-POSIX and does not
define siginfo_t. This is e.g. the case on FreeBSD.

- The configure tests now include test that correctly identify Mac OS X as
non-POSIX with respect to waitid(). This prevents potential users of
waitid() from the unusable implementation on Mac OS X.

The rule for accepting an existing waitid() is the following:

- si.si_pid is set to be equal to the awaited pid

- si.si_code == CLD_EXITED for a chilt terminated by exit(2)

- si.si_status contains at least 16 bits from the exit(2)
code. This is still not POSIX but better than what we would
get from a historical wait*() call.

- The configure tests now check for the new FreeBSD wait6() and for
idtype_t.

- A new symlink for x86_64-cygwin32_nt-gcc.rul was added

- Added support for cygwin32_wow (not the already present cygwin32_wow64).

- The makefile system now allows to use:

COPTX=-DNO_PRAGMA_WEAK

to disable the use of #pragma weak. This may help to debug some
oddities of the GNU linker.

- The makefile system now includes a new test that needs constraints
that are not really supported by autoconf: it checks whether the
linker supports to link against external weak symbols in another
file. For this reason, a handcrafted complest was written.
This (currently) should fail on Cygwin due to a Cygwin bug.
A platform that allows to link against weak symbols defines
HAVE_LINK_WEAK. This permits the system to automatically detect
usability once e.g. linking on Cygwin will be fixed.

Thanks to Thomas Plank for reporting the known #pragma weak problem
in a new source file (libschily/error.c). Note that error() is a
UNIX (UNOS) libc function that exists since 1980 but some libc
implementors do not follow the rule not to introduce incompatible
interfaces for existing names. So we need to find a workaround
on these platforms.

- autoconf now checks for the type rlim_t in sys/resource.h

Libschily:

- libschily/comerr.c and libschily/fcomerr.c now have better
comment.

- libschily now uses the test:

#if defined(HAVE_PRAGMA_WEAK) && defined(HAVE_LINK_WEAK)

to prevent assuming that is suffucuent when the compiler supports
#pragma weak. We also need to have a linker that links against
weak symbols in libraries. HAVE_LINK_WEAK is e.g. not defined
on Cygwin...

Libmdigest:

- libmdigest now uses the test:

#if defined(HAVE_PRAGMA_WEAK) && defined(HAVE_LINK_WEAK)

to prevent assuming that is suffucuent when the compiler supports
#pragma weak. We also need to have a linker that links against
weak symbols in libraries. HAVE_LINK_WEAK is e.g. not defined
on Cygwin...

All:

- include/schily/sysexits.h adopts to the recent changes on Haiku that
prevent usual autoconf tests as #include <sysexits.h> works but symbols
are only defined with #define _BSD_SOURCE

- include/schily/wait.h now knows about the Haiku specific macro
WIFCORED() and #defines WCOREDUMP() to WIFCORED().

- Support for x86_64-haiku-cc.rul and x86_64-haiku-gcc.rul was added
to the makefile system.

- The file RULES/r-gmake.dep was modified to make sure that the
dependency files (*.d) depend from the include files as well.
Previous versions included xxx.d instead of $(ARCHDIR)/xxx.d

- Makefile system: two new targets have been added:

man creates localized versions of the man pages in the
OBJ directory

installman installs only the manual pages

Libschily:

- New function j_error() works where error() is to generic.

- make strlcatl() and wcslcatl() work with K&R compilers

- libschily/getargs.c now is more careful with calling va_arg()
and only calls it as many times as a related format is found in the
format string.

- libschily now contains a getdelim() implementation and always uses
getdelim() to implement the fgetaline() function.

- libschily: the *mem.c implementations now include new *mexval()
functions to set the exit code on failure to a static value instead
of the default "errno" value for the failure.

- libschily: the linker map file now also lists the forgotten new entries:
strlcatl() and wcslcatl()

- libschily/spawn.c:wait_chld() no longer returns 0 if the child process
was killed by a signal.

- libschily now adds some of the existing (old) man pages for various
functions from libschily.

Libfind:

- libfind/idcache.c now saves uname/gname as long as possible and uses
strlcpy() instead of strncpy().

- libfind: the forgotten entries find_hasexec() and find_hasprint()
have been added to the linker map file

Libsiconv:

- libsiconv: the forgotten sic_base() was added to the linker map file

Cdrecord:

- The programs cdrecord adopts to the recent Haiku
changes with a randomized address space and now use B_EXACT_ADDRESS
instead of B_ANY_ADDRESS for the clone_area() call to get shared memory
for a FIFO.

Cdda2wav (Maintained/enhanced by J�rg Schilling, originated by Heiko Eiﾟfeldt heiko@hexco.de):

- The programs cdda2wav adopts to the recent Haiku
changes with a randomized address space and now use B_EXACT_ADDRESS
instead of B_ANY_ADDRESS for the clone_area() call to get shared memory
for a FIFO.

Mkisofs (Maintained/enhanced by J�rg Schilling since 1997, originated by Eric Youngdale):

- mkisofs: isodump did not compile on non c99 compilers.

(wiz)