Update 1.12 to 1.14
-------------------
1.14 2015.05.17
    - Add 'reap_finished_children', 'is_child' and 'is_parent'. (GH#6, Nine bit)

1.13 2015.05.11
    - Use 'select' instead of sleep in _waitpid_blocking. (GH#5)

(mef)

Update to 0.41
--------------
0.41      2015-05-16 03:35:49Z
  - mark this distribution as deprecated in metadata

(mef)

Update 0.4211 to 0.4212  (PKGVERSION as 0.42120)
-----------------------
0.4212 - Sun May 17 00:33:34 CEST 2015
  [BUG FIXES]
  - Revert "Stop using version->normal(); prefer stringify()"

(mef)

Update 0.410 to 0.412
---------------------
0.412  2015-05-19
    - release 0.411_001 without further changes

0.411_001      2015-05-11
    - move generation of test endpoints to author stage as requested per issue/#9
    - add a rough guide for contributors
    - fix rt#103251 to avoid removing bundled stuff by accident
    - Fix compilation errors under cl (Thanks to jddurand)

(mef)

(pkgsrc)
- Add one BUILD_DEPENDS to devel/p5-Devel-LexAlias for make test.
(upstream)
- Update to 0.13
--------------
0.13  2015-05-12
      - one more fix for blead (eserte, jplesnik, #6)

(mef)

Update to 0.095
---------------
0.095  2015-05-08
        * Extend documentation for slurp, submatches, eval_string.

(mef)

Update 1.77 to 1.80
-------------------
1.80  May 14, 2015
    - add be_like_java feature (bug report by Bojan Jovanovic)
    - generate warnings only when enabled

1.79  May 7, 2015
    - add repository metadata

1.78  May 7, 2015
    - accept any end of line terminator (i.e. "\r\n", "\r" or "\n")
      independently of the underlaying operating system (bug report by
      William Fishburne, problem analysis by Alexander Brett)

(mef)

(pkgsrc)
- As described below, PERL5_MODULE_TYPE converted to default to EU:MM
  ExtUtils::MakeMaker
(upstream)
- update to 0.04
--------------
0.04 2015-05-10T22:08:23Z
    - use EU::MM

(mef)

Update 0.28 to 0.30
-------------------
0.30      2015-05-15 20:43:54-04:00 America/New_York
  No changes from 0.29

0.29      2015-04-19 18:36:24+02:00 Europe/Berlin (TRIAL RELEASE)
  Fixed:
  - Fix double filehandle close error with tee on Windows
    (which started warning during the perl 5.21.x series,
    causing tests to fail)

(mef)

Update 0.014 to 0.016
---------------------
0.016    2015-05-19 05:34:02-04:00 America/New_York
  - Generated from ETHER/YAML-Tiny-1.67.tar.gz

0.015    2015-05-11 22:01:58-04:00 America/New_York (TRIAL RELEASE)
  - Generated from ETHER/YAML-Tiny-1.67.tar.gz

(mef)

Update to 2.57
--------------
2.57    - fix rt.cpan.org#104548, dont allow special chars like newline
          or < in keys, which leads to faile when saving.

(mef)

Fix Linux PLIST issue.
Tested under Debian GNU/Linux 8.

(ryoon)

Remove the patch .orig file(s) to avoid PLIST problems. (How do other
python packages deal with this?)

(hauke)

... and update the patch checksum.

(hauke)

In the readmore plugin, use the current flavour before the default
one, if available.

(hauke)

Explicitly depend on py-docutils, which some of the core plugins use.

(hauke)

Require -march=i586 on i386 for gcc atomic builtins. Fixes build on i386

(kefren)

Updated www/apache22 to 2.2.29nb1

(sborrill)

Add patch to mitigate Logjam TLS vulnerabilities (CVE-2015-4000).
Based on FreeBSD ports.

(sborrill)

Updated textproc/py-pygments to 2.0.2

(adam)

Changes 2.0.2:
* Fix Python tracebacks getting duplicated in the console lexer
* Backquote-delimited identifiers are now recognized in F#

(adam)

Updated graphics/jpegoptim to 1.4.3

(adam)

Changes 1.4.3:
- fix bug that could cause jpegoptim crash when processing certain jpeg files

(adam)

Updated shells/tcsh to 6.19.00

(kim)

Upgrade to 6.19.00

This is a mainly a bug fix release with few new features:

1. new cdtohome variable
2. locking in history files
3. history speedups.

(kim)

Include vmeter.h for struct vmtotal

(kefren)

SunOS needs <alloca.h> for alloca() and <sys/mkdev.h> for major()

(richard)

Remove local entry from PLIST. Error in last commit.

(rodent)

Fix this the right way, thanks to joerg@. Noticed this is linking against
pthread too, so let's included that bl3.mk here as well.

(rodent)

(richard)

sync requirements and comment with reality

(kefren)

PKGNAME correction

(adam)

The path to SU is correct
type is a shell builtin on the bundled OpenBSD pdksh
Remove comment as instructed by comment.
Checks performed on OpenBSD 5.7-current

(sevan)

Fix some issues raised by the previous update

- Never force install the init script, this is done by pkgsrc automatically
- Pre-create ${PKG_SYSCONFDIR}/sqlrelay.conf.d that was added in 0.48
- Doesn't really need libiconv directly
- Improve SMF manifest
- Remove some unneeded definitions.

Bump PKGREVISION.

(fhajny)

Update to mono 4.0.1

Changelist from the previous 3.10 may be found at:
http://www.mono-project.com/docs/about-mono/releases/

Tested on NetBSD/amd64 6.1_STABLE
There are still some hacks in patches that I'm not very happy about

(kefren)

Add patch to silence compilation warning found on NetBSD with gcc and
FreeBSD with clang: format specifies type 'int' but the argument has type 'long'
This seems to be fallout from the time_t change patches. Defuzz patches
while we're here.

(rodent)

Add patch to silence compilation warning found on NetBSD with gcc and
FreeBSD with clang: format specifies type 'int' but the argument has type 'long'
This seems to be fallout from the time_t change patches. Defuzz patches
while we're here.

(rodent)

Fix github tag to enable make fetch.

(ryoon)

Updated lang/tcl to 8.6.4; x11/tk to 8.6.4; databases/sqlite3 to 3.8.10.2

(adam)

Changes 3.8.10.2:
Fix an index corruption issue introduced by version 3.8.7. An index with a TEXT key can be corrupted by an INSERT into the corresponding table if the table has two nested triggers that convert the key value to INTEGER and back to TEXT again.

(adam)

Changes 8.6.4:
Bug fixes and improvements.

(adam)

delete duplicate entry

(jnemeth)

Package DeforaOS libSystem 0.2.1

It is essentially a bugfix and maintenance release, with:
- portability fix (SunOS)
- additional tests (Config)
- API addition (String)
- quiet mode for configctl(1)
- support for compiling in a separate directory (OBJDIR)

(khorben)

Add missing header. Patch up Python interpreter. Regen distinfo.

(joerg)

Updated security/clamav to 0.98.7
Updated security/clamav-doc to 0.98.7

(bouyer)

Update clamav to 0.98.7.
This release contains new scanning features and bug fixes.
    - Improvements to PDF processing: decryption, escape sequence
      handling, and file property collection.
    - Scanning/analysis of additional Microsoft Office 2003 XML format.
    - Fix infinite loop condition on crafted y0da cryptor file. Identified
      and patch suggested by Sebastian Andrzej Siewior. CVE-2015-2221.
    - Fix crash on crafted petite packed file. Reported and patch
      supplied by Sebastian Andrzej Siewior. CVE-2015-2222.
    - Fix false negatives on files within iso9660 containers. This issue
      was reported by Minzhuan Gong.
    - Fix a couple crashes on crafted upack packed file. Identified and
      patches supplied by Sebastian Andrzej Siewior.
    - Fix a crash during algorithmic detection on crafted PE file.
      Identified and patch supplied by Sebastian Andrzej Siewior.
    - Fix an infinite loop condition on a crafted "xz" archive file.
      This was reported by Dimitri Kirchner and Goulven Guiheux.
      CVE-2015-2668.
    - Fix compilation error after ./configure --disable-pthreads.
      Reported and fix suggested by John E. Krokes.
    - Apply upstream patch for possible heap overflow in Henry Spencer's
      regex library. CVE-2015-2305.
    - Fix crash in upx decoder with crafted file. Discovered and patch
      supplied by Sebastian Andrzej Siewior. CVE-2015-2170.
    - Fix segfault scanning certain HTML files. Reported with sample by
      Kai Risku.
    - Improve detections within xar/pkg files.

(bouyer)

Pullup tickets #4728 and #4730.

(tron)

Pullup ticket #4730 - requested by taca
databases/php-ldap: packaging fix
www/ap-php: packaging fix

Revisions pulled up:
- databases/php-ldap/Makefile                                  1.25
- www/ap-php/Makefile                                          1.34

---
  Module Name: pkgsrc
  Committed By: taca
  Date: Sat May 16 11:19:53 UTC 2015

  Modified Files:
  pkgsrc/databases/php-ldap: Makefile
  pkgsrc/databases/php-pdo_sqlite: Makefile
  pkgsrc/textproc/php-intl: Makefile
  pkgsrc/www/ap-php: Makefile

  Log Message:
  Reset PKGREVISION along with php{54,55,56} update.

(tron)

Pullup ticket #4728 - requested by khorben
emulators/qemu: security patch

Revisions pulled up:
- emulators/qemu/Makefile                              1.138,1.137 via patch
- emulators/qemu/distinfo                              1.104,1.103
- emulators/qemu/patches/patch-hw_block_fdc.c          1.1
- emulators/qemu/patches/patch-tests_Makefile          1.2
- emulators/qemu/patches/patch-user-exec.c              deleted

---
  Module Name: pkgsrc
  Committed By: khorben
  Date: Sat May 16 03:19:54 UTC 2015

  Modified Files:
  pkgsrc/emulators/qemu: Makefile distinfo
  Added Files:
  pkgsrc/emulators/qemu/patches: patch-hw_block_fdc.c

  Log Message:
  Add patch for CVE-2015-3456.

  fdc: force the fifo access to be in bounds of the allocated buffer

  During processing of certain commands such as FD_CMD_READ_ID and
  FD_CMD_DRIVE_SPECIFICATION_COMMAND the fifo memory access could
  get out of bounds leading to memory corruption with values coming
  from the guest.

  Fix this by making sure that the index is always bounded by the
  allocated memory.

  XXX pull-up where applicable

---
  Module Name: pkgsrc
  Committed By: ryoon
  Date: Wed Apr 29 20:30:53 UTC 2015

  Modified Files:
  pkgsrc/emulators/qemu: Makefile distinfo
  pkgsrc/emulators/qemu/patches: patch-tests_Makefile
  Removed Files:
  pkgsrc/emulators/qemu/patches: patch-user-exec.c

  Log Message:
  Update to 2.3.0

  Changelog:
    * Support for 32-bit KVM guests on 64-bit ARM hosts
    * Support for running KVM under valgrind
    * New IvyBridge CPU model for x86 guests
    * Xen: support for ioreq-server API
    * New 5KEc and 5KEf MIPS64r2, and M14K and M14Kc MIPS32r2
      microMIPS CPU models for MIPS guests
    * Basic support for transactional memory extentions in PowerPC guests
    * Improved VGA support for little-endian PPC/pSeries guests
    * PCI bus support for s390x guests
    * Support for automatic guest device unplug when passthrough devices
      are unbound from VFIO host driver
    * Improved UI performance/support for GTK+/VNC/SDL/Spice, and VNC
      support for multiseat
    * Performance improvements for virtio-blk emulation: asynchronous SCSI
      request handling, and disk read merging.
    * QEMU Guest Agent: now also supports file operations in Windows guests,
      can be used to enable/disable memory blocks in linux guests in
      support for memory hotplug.
    * Migration can now include a JSON description of migration stream to aid
      in identifying incompatibilities betweens guests/hosts.
    * And lots more...

(tron)

Update sqlrelay packages to 0.59.

(ryoon)

Reset PKGREVISION.

(ryoon)

Update to 0.59

* Fix build with Ruby 2.2.

Changelog:
0.59 - updated docs, removed some Cygwin-specific info
added support for login warnings
made bind variable buffers dynamic on the client side
added maxbindvars parameter on the server side
binding a NULL to an integer works with db2 now
moved getting started with DB docs into the cloud
added a semaphore to ensure that the listener doesn't hand off the
client to the connection until the connection is ready,
elimiating a race condition on the handoff socket that could
occur if the connection timed out waiting for the listener
just after the listener had decided to use that connection
oracle temp tables that need to be truncated at the end of the session
are truncated with "truncate table xxx" now rather than
"delete from xxx"
oracle temp tables that need to be dropped at the end of the session
are truncated first, rather than the connection re-logging in
an ora-14452 error (basically indicating that a temp table can only be
dropped after being truncated, or if the current session ends)
does not automatically trigger a re-login any more
updated cachemanager to use directory::read() directly instead of
directory::getChildName(index)
added cache and opencache commands to sqlrsh
made cache ttl a 64-bit number
added enabled="yes"/"no" parameter to logger modules
updated odbc connection code to use new/delete and rudiments methods
rather than malloc/free and native calls
retired Ruby DBI driver
fixed command line client crash when using -id "instance" with an
instance that uses authtier="database"
fixed bugs that could make reexecuted db2 selects fail and cause a
database re-login loop
tweaked spec file to remove empty directories on uninstall
fixed typo that could sometimes cause a listener crash
postgresql and mdbtools return error code of 1 rather than 0 for all
errors now
tweaked odbc driver to work with Oracle Heterogenous Agent (dblinks)
fixed bugs related to autocommit with db's that support transaction
blocks
implemented the ODBC driver-manager dialog for windows
updated windows installer to install ODBC registry settings
ODBC driver copies references now
fixed various bugs in sqlrconfigfile that caused sqlr-start with no
-id to crash or behave strangely sometimes
refactored build process to use nmake and be compatible with many
different versions of MS Visual Studio
updated the slow query logger to show the date/time that the query
was executed
consolidated c, c++ and server source/includes down a few levels
implemented column-remapping for get db/table/column commands to
enable different formats for mysql, odbc, etc.
odbc connection correctly returns database/table lists now
added support for maxselectlistsize/maxitembuffersize to MySQL
connection
updated mysql connection to fetch blob columns in chunks and not be
bound by maxitembuffersize
fixed a misspelling in sqlrelay.dtd
swapped order of init directory detection, looking for /etc/init.d
ahead of /etc/rc.d/init.d to resolve conflict with dkms on
SuSE Enterprise
C# api and tests compile and work under Mono on unix/linux now
sqlr-start spawns a new window on Windows now
added global temp table tracking for firebird
added droptemptables parameter for firebird
added globaltemptables parameter for oracle and firebird
updated mysql connection to allow mysql_init to allocate a mysql
struct on platforms that support mysql_init, rather than
using a static struct
fixed subtle noon/midnight-related bugs in date/time translation
updated mysql connection to get affected rows when not using the
statement api
updated mysql connection not to use the statement API on windows,
for now
disabled mysql_change_user, for now
fixed blob-input binds on firebird

0.58 - updated spawn() calls to detach on windows
added support for sqlrelay.conf.d
removed support for undocumented ~/.sqlrelay.conf
fixed detection of oracle jdk 7 and 8 on debian and ubuntu systems
added ini files for PHP and PDO modules
added resultsetbuffersize, dontgetcolumninfo and nullsasnulls connect
string variables to the PHP PDO driver
refactored sqlr-status and removed dependency on libsqlrserver
cleaned up and refactored server-side classes quite a bit
fixed a bug where sqlrsh was losing the timezone when binding dates
server-devel headers are now installed
removed backupschema script
moved triggers, translations, resultsettranslations and parser into
separate project
blobs work when using fake input binds now
replaced sqlr-stop script with a binary (for Windows)
preliminary support for server components on Windows
sessionhandler="thread" is now forced on Windows
added various compile flags for clang's aggressive -Wall
added support for sybase 16.0
removed unnecessary -lsybdb/-lsybdb64 for sybase 15+
fixed PQreset, PQresetStart, PQresetPoll in postgresql drop-in
replacement lib
added debug-to-file support to PHP PDO driver
fixed subtle row-fetch bug in sybase/freetds drivers that could cause
the total row count to be set to garbage
fixed support for older versions of perl (5.00x)
fixed a bug in the DB2 connoutpection that caused blob input binds to be
truncated at the first null
added support for binding streams to output bind blobs in the PHP PDO
driver
updated PHP PDO guide with notes about bind variable formats
integrated Samat Yusup's dbh driver methods for PHP PDO
added stmt driver methods for suspending/resuming result sets to the
PHP PDO driver
added row cache to mysql drop-in replacement library to fix issues on
systems with 32-bit pointers
fixed subtle db2 output bind bfers the entire result set by default now
implemented an ext_SQLR_Debug database handle attribute for perl DBI
added support for type, length, precision, scale bind variable
attributes in perl DBI
output bind clobs and blobs work in perl DBI now
addd support for perl DBI ParamValues, ParamTypes and ParamArrays
attributes
tweaked the odbc driver so it works with the jdbc-odbc bridge and
jmeter
added custom db/statement attributes to perl DBI for
DontGetColumnInfo, GetNullsAsEmptyStrings and
ResultSetBufferSize
added note about JDBC-ODBC bridge removal in Oracle Java 8
made threaded listener the default
tweaks to sqlr-connection/sqlr-scaler processes to deal with lack of
SIGCHLD/waitpid() on windows
the signal on semaphore 2 is now undone manually when sqlr-connections
shut down and doesn't rely on semaphore undo's for normal
operation
subtly tweaked freeing of Oracle column-info buffers to work around
a crash that could occur after using a cursor bind

(ryoon)

Record error message that prompted MAKE_JOBS_SAFE=no

(abs)

Add MAKE_JOBS_SAFE=no

(abs)

Updated lang/bwbasic to 3.00

(wen)

Update to 3.00

Upstream changes:
CHANGES FROM 2.61 to 3.00

  * Code redesign from Howard Wulf, AF5NE

CHANGES FROM 2.60 to 2.61

  * Bug fix from Matthias Rustler

CHANGES FROM 2.50 to 2.60

  * New maths functions and append mode support from Edmond Orignac

  * Bug fixes

(wen)

Update to 3.00

Upstream changes:
CHANGES FROM 2.61 to 3.00

  * Code redesign from Howard Wulf, AF5NE

CHANGES FROM 2.60 to 2.61

  * Bug fix from Matthias Rustler

CHANGES FROM 2.50 to 2.60

  * New maths functions and append mode support from Edmond Orignac

  * Bug fixes

(wen)

Updated www/fcgi to 2.4.0nb2

(kim)

Use poll instead of select. Fixes CVE-2012-6687.

(kim)

Updated devel/p5-CPAN-Perl-Releases to 2.16

(wen)

Update to 2.16

Upstream changes:
version 2.16 at 2015-05-19 17:23:47 +0000
-----------------------------------------

  Change: e5c5a2f18fce4f450f0926c80323527825ab1b8d
  Author: Chris 'BinGOs' Williams <chris@bingosnet.co.uk>
  Date : 2015-05-19 18:23:47 +0000

    Updated for v5.22.0-RC1

(wen)

Updated www/h2o to 1.2.0

(wen)

Update to 1.2.0

Upstream changes:
1.2.0 2015-04-14 07:13:00+0000
- [core] bundle libyaml #248 (Kazuho Oku)
- [core] implement master-worker process mode and daemon mode (bundles Server::Starter) #258 #270 (Kazuho Oku)
- [file] more mime-types by default #250 #254 #280 (Tatsuhiko Kubo, George Liu, Kazuho Oku)
- [file][http1] fix connection being closed if the length of content is zero #276 (Kazuho Oku)
- [headers] fix heap overrun during configuration #251 (Kazuho Oku)
- [http2] do not delay sending PUSH_PROMISE #221 (Kazuho Oku)
- [http2] reduce memory footprint under high load #271 (Kazuho Oku)
- [http2] fix incorrect error sent when number of streams exceed the limit #268 (Kazuho Oku)
- [proxy] fix heap overrun when building request sent to upstream #266 #269 (Moto Ishizawa, Kazuho Oku)
- [proxy] fix laggy response in case the length of content is zero #274 #276 (Kazuho Oku)
- [SSL] fix potential stall while reading data from client #268 (Kazuho Oku)
- [SSL] bundle LibreSSL #236 #272 (Kazuho Oku)
- [SSL] obtain source-level compatibility with BoringSSL #228 (Kazuho Oku)
- [SSL] add directive `listen.ssl.cipher-preference` for controlling the selection logic of cipher-suites #233 (Kazuho Oku)
- [SSL] disable TLS compression #252 (bisho)
- [libh2o] fix C++ compatibility (do not use empty struct) #225 (Kazuho Oku)
- [libh2o] search external dependencies using pkg-config #227 (Kazuho Oku)
- [misc] fix GCC version detection bug used for controlling compiler warnings #224 (Kazuho Oku)
- [misc] check merory allocation failures in socket pool #265 (Tatsuhiko Kubo)

1.1.1 2015-03-09 06:12:00+0000
- [proxy] fix crash on NetBSD when upstream connection is persistent #217 (Kazuho Oku)
- [misc] fix compile error on FreeBSD #211 #212 (Syohei Yoshida)

1.1.0 2015-03-06 06:41:00+0000
- [core][file] send redirects appending '/' as abs-path redirects #209 (Kazuho Oku)
- [headers] add directives for manipulating response headers #204 (Kazuho Oku)
- [http2] do not send a corrupt response if header value is longer than 126 bytes #193 (Kazuho Oku)
- [http2] fix interoperability issue with nghttp2 0.7.5 and above 5c42eb1 (Kazuho Oku)
- [proxy] send `via` header to upstream #191 (Kazuho Oku)
- [proxy] resolve hostname asynchronously #207 (Kazuho Oku)
- [proxy] distribute load between upstream servers (using `rand()`) #208 (Kazuho Oku)
- [proxy] fix a bug that may cause a corrupt `location` header being forwarded #190 (Kazuho Oku)
- [reproxy] add support for `x-reproxy-url` header #187 #197 (Daisuke Maki, Kazuho Oku)

1.0.1 2015-02-23 05:50:00+0000
- [core] change backlog size from 65,536 to 65,535 #183 (Tatsuhiko Kubo)
- [http2] fix assertion failure in HPACK encoder #186 (Kazuho Oku)
- [http2] add `extern` to some global variables that were not marked as such #178 (Kazuho Oku)
- [proxy] close persistent upstream connection if client abruptly closes the stream #188 (Kazuho Oku)
- [proxy] fix internal state corruption in case upstream sends response headers divided into multpile packets #189 (Kazuho Oku)
- [SSL] add host header to OCSP request #176 (Masaaki Hirose)
- [libh2o] do not require header files under `deps/` when using libh2o #173 (Kazuho Oku)
- [libh2o] fix compile error in examples when compiled with `H2O_USE_LIBUV=0` #177 (Kazuho Oku)
- [libh2o] in example, add missing / after the reference path #180 (Matthieu Garrigues)
- [misc] fix invalid HTML in sample page #175 (Deepak Prakash)

1.0.0 2015-02-18 20:01:00+0000
- [core] add redirect handler #150 (Kazuho Oku)
- [core] add `pid-file` directive for specifying the pid file #164 (Kazuho Oku)
- [core] connections accepted by host-specific listeners should not be handled by handlers of other hosts #163 (Kazuho Oku)
- [core] (FreeBSD) fix a bug that prevented the standalone server from booting when run as root #160 (Kazuho Oku)
- [core] switch to pipe-based interthread messaging #154 (Kazuho Oku)
- [core] use kqueue on all BSDs #156 (Kazuho Oku)
- [access-log] more logging directives: %H, %m, %q, %U, %V, %v #158 (Kazuho Oku)
- [access-log] bugfix: header values were not logged when specified using uppercase letters #157 (Kazuho Oku)
- [file] add application/json to defalt MIME-types #159 (Tatsuhiko Kubo)
- [http2] add support for the finalized version of HTTP/2 #166 (Kazuho Oku)
- [http2] fix issues reported by h2spec v0.0.6 #165 (Kazuho Oku)
- [proxy] merge the cookie headers before sending to upstream #161 (Kazuho Oku)
- [proxy] simplify the configuration directives (and make persistent upstream connections as default) #162 (Kazuho Oku)
- [SSL] add configuration directive to preload DH params #148 (Jeff Marrison)
- [libh2o] separate versioning scheme using H2O_LIBRARY_VERSION_* #167 (Kazuho Oku)

0.9.2 2015-02-10 04:17:00+0000
- [core] graceful shutdown on SIGTERM #119 (Kazuho Oku)
- [core] less TCP errors under high load #81 (Kazuho Oku)
- [file] add support for HEAD requests #110 (Mark Hoersken)
- [http1] MSIE workaround (send `Cache-Control: private` in place of Vary) #114 (Kazuho Oku)
- [http2] support server-push #133 (Kazuho Oku)
- [http2] fix spurious RST_STREAMS being sent #132 (Kazuho Oku)
- [http2] weight-based distribution of bandwidth #135 (Kazuho Oku)
- [proxy] added configuration directive `proxy.preserve-host` #112 (Masahiro Nagano)
- [proxy] sends X-Forwarded-For and X-Forwarded-Proto headers #112 (Masahiro Nagano)
- [proxy] stability improvements #61 (Kazuho Oku)
- [misc] adjustments to make the source code more analyzer-friendly #113,#117 (Nick Desaulniers, Maks Naumov)

0.9.1 2015-01-19 21:13:00+0000
- added configuration directives: ssl/cipher-suite, ssl/ocsp-update-interval, ssl/ocsp-max-failures, expires, file.send-gzip
- [http2] added support for draft-16 (draft-14 is also supported)
- [http2] dependency-based prioritization
- [http2] improved conformance to the specification
- [SSL] OCSP stapling (automatically enabled by default)
- [SSL] fix compile error with OpenSSL below version 1.0.1
- [file] content negotiation (serving .gz files)
- [expires] added support for Cache-Control: max-age
- [libh2o] libh2o and the header files installed by `make install`
- [libh2o] fix compile error when used from C++
- automatically setuids to nobody when run as root and if `user` directive is not set
- automatically raises RLIMIT_NOFILE
- uses all CPU cores by default
- now compiles on NetBSD and other BSD-based systems

(wen)

Updated www/p5-Dancer2 to 0.160001

(wen)

Update to 0.160001

Upstream changes:
0.160001  2015-05-14 20:40:10+02:00 Europe/Amsterdam

    [ BUG FIXES ]
    * GH #893, #895: Catch config parse errors when Config::Any doesn't throw
      them. (Russell Jenkins)
    * GH #899: Minimum YAML version supported is v0.86 (Shlomi Fish)
    * GH #906: send_file - missing import and fix logic error for streaming
      by default (Russell Jenkins)

    [ DOCUMENTATION ]
    * GH #897: Remove docs for unimplemented 'load' keyword (Fayland Lam)

    [ ENHANCEMENT ]
    * GH #894, #898: Add status and headers methods to ::Response::Delayed
      (Yanick Champoux, Charlie Gonzalez)

(wen)

bmake-20150505

(joerg)

Update to bmake-20150505:
- Better .if checks
- Improved handling for "-" mode
- Improved suffix handling
- Recognize bitrig

(joerg)

Merge changes from bmake-20150505, the hard way because the last update
was incomplete and not using cvs import.

(joerg)

Replace .Dt as well.

(joerg)

Makefile.in is gone.

(joerg)

Update of apache-roller to version 5.1.2

An approximate changelog 5.0.3 to 5.1.2 (resolved issues from Jira):
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Bug ROL-2057
Missing NPE check in Roller PageServlet class
Unassigned Kohei Nozaki Major 30/Mar/15

Bug ROL-2058
No salt renewal on POST request
David Johnson Kohei Nozaki Major 30/Mar/15

Bug ROL-2059
Comment preview is invisible in Gaurav theme
David Johnson Kohei Nozaki Major 30/Mar/15

Bug ROL-2061
Wrong next month link of Calendar
David Johnson Kohei Nozaki Major 30/Mar/15

Bug ROL-2062
Missing NPE check in IndexOperation#getDocument()
David Johnson Kohei Nozaki Major 30/Mar/15

Improvement ROL-2064
Add viewport meta tag to Gaurav theme
David Johnson Kohei Nozaki Trivial 30/Mar/15

Bug ROL-2065
Gaurav sometimes displaying empty summary as unresolved "$entry.summary"
David Johnson Kohei Nozaki Minor 30/Mar/15

Bug ROL-2066
Comment URLs using https:// not saving properly in Gaurav theme
David Johnson Kohei Nozaki Trivial 30/Mar/15

Bug ROL-2067
Velocity configuration improvement
David Johnson David Johnson Major 30/Mar/15

Documentation ROL-2056
Wrong pointer (section number) in Install Guide at section 11.2
Unassigned Kohei Nozaki Minor 05/Jan/15

Bug ROL-2052
Custom stylesheets not being updated correctly when user switches between shared and custom themes.
Unassigned Glen Mazza Major 06/Oct/14

Bug ROL-2051
Roller not falling back to standard theme renditions when mobile one unavailable.
Unassigned Glen Mazza Critical 02/Oct/14

Bug ROL-1387
In creating tag aggregate counts, count tags only from published blog entries
Glen Mazza linda skrocki Major 02/Oct/14

Bug ROL-1620
Plus signs in categories lead to a 404 category RSS/Atom feeds
Glen Mazza linda skrocki Major 02/Oct/14

Bug ROL-2055
Comment search should be case insensitive
Glen Mazza Glen Mazza Minor 02/Oct/14

Bug ROL-2054
Newly saved categories not appearing on blog
Glen Mazza Glen Mazza Major 02/Oct/14

Bug ROL-1974
Roller's ROME Propono dependency needs updating to use newer JARs
David Johnson Glen Mazza Minor 25/Aug/14

Bug ROL-1973
ROME dependency used by Roller needs updating
David Johnson Glen Mazza Minor 25/Aug/14

Bug ROL-1942
Uploaded media file not selectable in media file view
Greg Huber Budi Ariyanto Major 25/Aug/14

Bug ROL-1948
getRealPath() null not handled
Unassigned J端rgen Weber Major 25/Aug/14

Task ROL-2039
Rename webpage and roller_templatecode tables
Glen Mazza Glen Mazza Major 25/Aug/14

Improvement ROL-2041
gaurav theme -- render full blog entries on main blog page if no summary given
Gaurav Saini Glen Mazza Major 25/Aug/14

Improvement ROL-1999
Switch from Referrers to storing tracking codes (e.g., Google Analytics)
Unassigned Glen Mazza Major 25/Aug/14

Bug ROL-1980
When deleting categories, Roller allows you to move its entries to invisible "root" category.
Glen Mazza Glen Mazza Major 25/Aug/14

Bug ROL-1981
Allow user to specify order of blog categories
Glen Mazza Glen Mazza Major 25/Aug/14

Task ROL-1979
Remove subcategory functionality from Roller 5.1
Glen Mazza Glen Mazza Major 25/Aug/14

Bug ROL-1554
Listing Box "Invite a new user to join..." does not have a horizontal scrolling bar
Glen Mazza Davis Nguyen Major 25/Aug/14

Improvement ROL-2038
Add dualTheme element to themes.xml descriptor
Glen Mazza Glen Mazza Blocker 25/Aug/14

Improvement ROL-1938
Switch to mobile template only in standard template's index page
Unassigned Tiger Gui Major 25/Aug/14

Improvement ROL-1937
Standard and Mobile template switch improvement patch
Unassigned Tiger Gui Major 25/Aug/14

New Feature ROL-1934
LDAP Comment Authenticator
Dave Johnson (Inactive) Nick Padilla Major 25/Jan/12 25/Aug/14

Task ROL-1977
Remove unused properties from ApplicationResources.properties
Glen Mazza Anil Gangolli Minor 25/Aug/14

Improvement ROL-1881
Add delete blog entry option to entries page
Unassigned Nicolas Muller Major 25/Aug/14

Bug ROL-1571
missing graphic alt text
Unassigned mike duigou Major 25/Aug/14

Bug ROL-1928
Missing 500-to-510-migration.vm file in Roller Mobile branch
David Johnson David Johnson Major 25/Aug/14

Task ROL-2043
Switch from YUI3 to JQuery UI for autocomplete, tabs, dialogs
Glen Mazza Glen Mazza Major 25/Aug/14

Task ROL-2022
Add Categories, demote tags from gaurav theme
Gaurav Saini Glen Mazza Major 25/Aug/14

Task ROL-2008
In "switch to (media) folder" drop-down, don't list the current folder the user is in.
Greg Huber Glen Mazza Major 25/Aug/14

Bug ROL-1273
resource item error
Glen Mazza Jian Liu Major 25/Aug/14

Task ROL-1434
lots of UI messaging needs to be converted to i18n keys in resource bundles
Glen Mazza Allen Gilliland Major 25/Aug/14

Bug ROL-2044
Member management page allows user to remove himself from blog.
Glen Mazza Glen Mazza Major 25/Aug/14

Bug ROL-1966
Search highlight problem
Glen Mazza Maciej Rumianowski Major 25/Aug/14

Bug ROL-1957
Unable to find RSD template
Unassigned Harsh Gupta Major 25/Aug/14

Bug ROL-1792
Hit count increments with <link rel="stylesheet" type="text/css" media="all" href="$model.weblog.stylesheet">
Greg Huber Greg Huber Trivial 25/Aug/14

Bug ROL-1716
a bug found when call getPopularTags with the limit=-1 (v4 m1)
Unassigned guoweizhan Major 25/Aug/14

Bug ROL-1414
Email scrambler not detecting hyphens in email addresses
Allen Gilliland linda skrocki Major 25/Aug/14

Improvement ROL-1649
Korean translation resource file
Unassigned Woonsan Ko Minor 25/Aug/14

Bug ROL-1930
Saving Template causes Null Pointer Exception
David Johnson David Johnson Blocker 25/Aug/14

Task ROL-1983
Only expose AJAX User List Servlet to admin users
Glen Mazza Glen Mazza Major 25/Aug/14

Task ROL-1986
Stop sending re-confirmation email after blogger approves comment.
Greg Huber Glen Mazza Minor 25/Aug/14

Improvement ROL-1978
Switch to more SEO-friendly hyphens instead of underscores to separate blog titles
Glen Mazza Glen Mazza Minor 25/Aug/14

Bug ROL-1616
Input fields not emptied after creating a new user
Unassigned Ronald Iwema Minor 25/Aug/14

Bug ROL-1638
Problem with themes on case sensitive file systems
Unassigned German Eichberger Major 25/Aug/14

New Feature ROL-1021
Referrer queue warning / filling up in logs. unclosed sessions.
Unassigned Rob Wilson Major 25/Aug/14

Bug ROL-1927
Roller 5 MSSQL Issues/Fixes
David Johnson Nick Padilla Major 25/Aug/14

Improvement ROL-2034
Hide Profile Password fields with SSO
Glen Mazza J端rgen Weber Major 25/Aug/14

Bug ROL-1794
file uploads with spaces in their names are 404ing (incorrect URL escaping?)
Greg Huber Dick Davies Major 25/Aug/14

Improvement ROL-1370
Support of email notifications preference for blog commentors
Unassigned linda skrocki Major 25/Aug/14

Bug ROL-1346
Weblog Calendar incorrectly assuming Sunday is first day of week for every locale.
Unassigned Vahid Zaboli Major 25/Aug/14

Test ROL-2033
Test Roller 5.1 with a weblog client
David Johnson David Johnson Major 25/Aug/14

Task ROL-2010
Update User's Guide with new app screen shots
Glen Mazza Glen Mazza Major 25/Aug/14

Bug ROL-2002
https:// URLs not being processed correctly in the comment URL field
Greg Huber Glen Mazza Major 25/Aug/14

Task ROL-1994
Switch to Apache Commons Collections 4.0
Unassigned Glen Mazza Minor 25/Aug/14

Bug ROL-1870
Duplicate bookmarks not showing
Unassigned Greg Huber Major 25/Aug/14

Bug ROL-1925
Patch for the bug of OpenID only authentication
Glen Mazza Shutra Major 25/Aug/14

Improvement ROL-929
Resign | "Are you sure?" Confirmation
Glen Mazza Greg Hamer Minor 25/Aug/14

Improvement ROL-2015
Add a description element to theme descriptor file (theme.xml)
Greg Huber Glen Mazza Major 25/Aug/14

Task ROL-1997
Switch WeblogEntry's pub status fields (DRAFT, PUBLISHED, PENDING, SCHEDULED) to an enum type
Unassigned Glen Mazza Minor 25/Aug/14

Task ROL-1995
Switch to JPA Typed Queries
Glen Mazza Glen Mazza Major 25/Aug/14

Task ROL-1984
./app/src/test/resources/WEB-INF/security.xml needs updating to Spring & Spring Security 3.x namespaces
Unassigned Glen Mazza Major 25/Aug/14

Bug ROL-1738
Charset of E-Mail Subject Needs to be configurable
Unassigned SATO Naoki Major 25/Aug/14

Bug ROL-1715
SiteModel's getWeblogsByLetterPager not documented correctly
Glen Mazza David Johnson Minor 25/Aug/14

Task ROL-2028
Separate the Basic Theme into Basic and Basic Mobile Themes
David Johnson Glen Mazza Major 25/Aug/14

Bug ROL-2018
"Notify me of new comments" not working on trunk.
Glen Mazza Glen Mazza Major 25/Aug/14

Task ROL-2000
Change current rol_ prefix for two newest tables
Unassigned Glen Mazza Minor 25/Aug/14

Bug ROL-1992
Blogroll OPML import page raising 500 Security Error
Unassigned Glen Mazza Major 25/Aug/14

Task ROL-1991
Switch publish date pop-up calendar to one with year entry option
Unassigned Glen Mazza Minor 25/Aug/14

Improvement ROL-1907
Inefficient use of key set iterator.
Unassigned Shelan Perera Minor 25/Aug/14

Bug ROL-2032
Test Roller 5.1 with blogs.apache.org database & themes
David Johnson David Johnson Major 25/Aug/14

Bug ROL-2007
Changing values in Media File Editor frequently results in permissions error.
Greg Huber Glen Mazza Major 25/Aug/14

Bug ROL-1988
Category search not working if space exists in category
Glen Mazza Glen Mazza Major 25/Aug/14

Bug ROL-1952
Roller 5.0.1 does not work with PostgreSQL 9.1
Unassigned Matthias Wimmer Major 25/Aug/14

Bug ROL-1746
Uploaded file names are lower-cased with AtomPub.
Greg Huber Tatsuya Noyori Major 25/Aug/14

Bug ROL-1596
Frontpage theme lose record!
Glen Mazza xiaojf Major 25/Aug/14

Improvement ROL-1430
French Translation (based on version 4.0 files)
Unassigned Denis Balazuc Minor 25/Aug/14

Improvement ROL-1965
Searching with locale on Multi Language blog
Glen Mazza Maciej Rumianowski Major 25/Aug/14

Bug ROL-2016
roller-startup.log not created on startup
Greg Huber Greg Huber Minor 25/Aug/14

Bug ROL-2009
Custom template theme folder creation isn't working
Unassigned Glen Mazza Major 25/Aug/14

Improvement ROL-1947
Provide a blog entry-level description field that can go into HTML header field
Dave Johnson (Inactive) Glen Mazza Major 25/Aug/14

Bug ROL-1956
ValidateSaltFilter not working on file upload
Greg Huber Matthias Wimmer Major 25/Aug/14

Bug ROL-1954
user weblogs cannot be managed when admin logs in and select any user via Server Aministration and clicks on eit
Unassigned Harsh Gupta Major 25/Aug/14

Bug ROL-1795
Posting comments with SchemeEnforcementFilter in operation.
Greg Huber Greg Huber Minor 25/Aug/14

Task ROL-2030
Replace Xinha editor with something more recent
Unassigned Glen Mazza Minor 25/Aug/14

Task ROL-1968
Upgrade Spring Security from 2.0.7 to 3.1.4
Unassigned Glen Mazza Major 25/Aug/14

Improvement ROL-1964
SearchServlet does not preserve locale
Unassigned Maciej Rumianowski Minor 25/Aug/14

Task ROL-2005
Switch to top-level folders only for Media Files
Unassigned Glen Mazza Major 25/Aug/14

Bug ROL-1739
Missing constraint on weblogentrytagagg table
Glen Mazza David Johnson Major 25/Aug/14

Bug ROL-1778
Blog entry preview before first publish not working with Derby database
Glen Mazza Jos辿 Arthur Benetasso Villanova Major 25/Aug/14

(spz)

Fix depends.  If this has built before it was by sheer luck.
PKGREVISION++

(bad)

Update to Tomcat 6.0.44

Upstream changelog:

Catalina
++++++++
fix Correct typo in the message shown by HttpServlet for unexpected
HTTP method. (kkolinko)
add Allow to configure RemoteAddrValve and RemoteHostValve to adopt
behavior depending on the connector port. Implemented by
optionally adding the connector port to the string compared with
the patterns allow and deny. Configured using addConnectorPort
attribute on valve. (rjung)
fix 56608: Fix IllegalStateException for JavaScript files when
switching from Writer to OutputStream. The special handling of
this case in the DefaultServlet was broken due to a MIME type
change for JavaScript. (markt)
fix 57675: Correctly quote strings when using the extended access
log. (markt)

Coyote
++++++
fix 57234: Make SSL protocol filtering to remove insecure protocols
case insensitive. Correct spelling of filterInsecureProtocols
method. (kkolinko/schultz)
fix When applying the maxSwallowSize limit to a connection read
that many bytes first before closing the connection to give
the client a chance to read the response. (markt)
fix 57544: Fix a potential infinite loop when preparing a kept
alive HTTP connection for the next request. (markt)
add 57570: Make the processing of chunked encoding trailing headers
optional and disabled by default. (markt)
fix 57581: Change statistics byte counter in coyote Request object
to be long to allow values above 2Gb. (kkolinko)
update Update the minimum recommended version of the Tomcat Native
library (if used) to 1.1.33. (markt)

Jasper
++++++
fix Fix potential issue with BeanELResolver when running under a
security manager. Some classes may not be accessible but may
have accessible interfaces. (markt)
fix Simplify code in ProtectedFunctionMapper class of Jasper
runtime. (kkolinko)
fix 57801: Improve the error message in the start script in case
the PID read from the PID file is already owned by a process.
(rjung)

Web applications
++++++++++++++++
fix Update documentation for CGI servlet. Recommend to copy the
servlet declaration into web application instead of enabling
it globally. Correct documentation for cgiPathPrefix. (kkolinko)
update Improve Tomcat Manager documentation. Rearrange, add section
on HTML GUI, document /expire command and Server Status page.
(kkolinko)
add 54143: Add display of the memory pools usage (including PermGen)
to the Status page of the Manager web application. (kkolinko)
fix Fix several issues with status.xsd schema in Manager web
application, testing it against actual output of
StatusTransformer class. (kkolinko)
update Align algorithm that generates anchor names in Tomcat
documentation with Tomcat 7/8/9. No visible changes, but may
help with future updates to the documentation. (kkolinko)
fix 56058: Add links to the AccessLogValve documentation for
configuring reverse proxies and/or Tomcat to ensure that the
desired information is used entered in the access log when
Tomcat is running behind a reverse proxy. (markt)
fix 57503: Make clear that the JULI integration for log4j only
works with log4j 1.2.x. (markt)
update 57644: Update examples to use Apache Standard Taglib 1.2.5.
(jboynes/kkolinko)
fix 57706: Clarify the documentation for the AJP connector to make
clearer that when using tomcatAuthentication="false" the user
provided by the reverse proxy will not be associated with any
roles. (markt)
fix Correct the documentation for deployOnStartup to make clear
that if a WAR file is updated while Tomcat is stopped and
unpackWARs is true, Tomcat will not detect the changed WAR
file when it starts and will not replace the unpacked WAR file
with the contents of the updated WAR. (markt)
add 57759: Add information to the keyAlias documentation to make
it clear that the order keys are read from the keystore is
implementation dependent. (markt)
fix 57864: Update the documentation web application to make it
clearer that hex values are not valid for cluster send options.
Based on a patch by Kyohei Nakamura. (markt)

Other
+++++
add 57344: Provide sha1 checksum files for Tomcat downloads.
(kkolinko)
fix 57558: Change catalina-tasks.xml to use all jars in
${catalina.home}/lib to define Tomcat Ant tasks. This fixes
a NoClassDefFoundError with validate task. (kkolinko)
update Update to Tomcat Native Library version 1.1.33 to pick up the
Windows binaries that are based on OpenSSL 1.0.1m and APR 1.5.1.
(markt)

(spz)

Pullup tickets #4724, #4725 and #4726.

(tron)

Pullup ticket #4726 - requested by taca
lang/php56: security update

Revisions pulled up:
- lang/php/phpversion.mk                                        1.99
- lang/php56/distinfo                                          1.10

---
  Module Name: pkgsrc
  Committed By: taca
  Date: Sat May 16 11:18:57 UTC 2015

  Modified Files:
  pkgsrc/lang/php: phpversion.mk
  pkgsrc/lang/php56: distinfo

  Log Message:
  Update php56 to 5.6.9.

  14 May 2015, PHP 5.6.9

  - Core:
    . Fixed bug #69467 (Wrong checked for the interface by using Trait).
      (Laruence)
    . Fixed bug #69420 (Invalid read in zend_std_get_method). (Laruence)
    . Fixed bug #60022 ("use statement [...] has no effect" depends on leading
      backslash). (Nikita)
    . Fixed bug #67314 (Segmentation fault in gc_remove_zval_from_buffer).
      (Dmitry)
    . Fixed bug #68652 (segmentation fault in destructor). (Dmitry)
    . Fixed bug #69419 (Returning compatible sub generator produces a warning).
      (Nikita)
    . Fixed bug #69472 (php_sys_readlink ignores misc errors from
          GetFinalPathNameByHandleA). (Jan Starke)
    . Fixed bug #69364 (PHP Multipart/form-data remote dos Vulnerability). (Stas)
    . Fixed bug #69403 (str_repeat() sign mismatch based memory corruption).
      (Stas)
    . Fixed bug #69418 (CVE-2006-7243 fix regressions in 5.4+). (Stas)
    . Fixed bug #69522 (heap buffer overflow in unpack()). (Stas)

  - FTP:
    . Fixed bug #69545 (Integer overflow in ftp_genlist() resulting in heap
      overflow). (Stas)

  - ODBC:
    . Fixed bug #69354 (Incorrect use of SQLColAttributes with ODBC 3.0).
      (Anatol)
    . Fixed bug #69474 (ODBC: Query with same field name from two tables returns
      incorrect result). (Anatol)
    . Fixed bug #69381 (out of memory with sage odbc driver). (Frederic Marchall,
        Anatol Belski)

  - OpenSSL:
    . Fixed bug #69402 (Reading empty SSL stream hangs until timeout).
      (Daniel Lowrey)

  - PCNTL:
    . Fixed bug #68598 (pcntl_exec() should not allow null char). (Stas)

  - PCRE
    . Upgraded pcrelib to 8.37.

  - Phar:
    . Fixed bug #69453 (Memory Corruption in phar_parse_tarfile when entry
      filename starts with null). (Stas)

(tron)

Pullup ticket #4725 - requested by taca
lang/php55: security update

Revisions pulled up:
- lang/php/phpversion.mk                                        1.98
- lang/php55/distinfo                                          1.40

---
  Module Name: pkgsrc
  Committed By: taca
  Date: Sat May 16 11:17:45 UTC 2015

  Modified Files:
  pkgsrc/lang/php: phpversion.mk
  pkgsrc/lang/php55: distinfo

  Log Message:
  Update php55 to 5.5.25.

  14 May 2015, PHP 5.5.25

  - Core:
    . Fixed bug #69364 (PHP Multipart/form-data remote dos Vulnerability). (Stas)
    . Fixed bug #69403 (str_repeat() sign mismatch based memory corruption).
      (Stas)
    . Fixed bug #69418 (CVE-2006-7243 fix regressions in 5.4+). (Stas)
    . Fixed bug #69522 (heap buffer overflow in unpack()). (Stas)
    . Fixed bug #69467 (Wrong checked for the interface by using Trait).
      (Laruence)
    . Fixed bug #69420 (Invalid read in zend_std_get_method). (Laruence)
    . Fixed bug #60022 ("use statement [...] has no effect" depends on leading
      backslash). (Nikita)
    . Fixed bug #67314 (Segmentation fault in gc_remove_zval_from_buffer).
      (Dmitry)
    . Fixed bug #68652 (segmentation fault in destructor). (Dmitry)
    . Fixed bug #69419 (Returning compatible sub generator produces a warning).
      (Nikita)
    . Fixed bug #69472 (php_sys_readlink ignores misc errors from
      GetFinalPathNameByHandleA). (Jan Starke)

  - FTP:
    . Fixed bug #69545 (Integer overflow in ftp_genlist() resulting in heap
      overflow). (Stas)

  - ODBC:
    . Fixed bug #69474 (ODBC: Query with same field name from two tables returns
      incorrect result). (Anatol)
    . Fixed bug #69381 (out of memory with sage odbc driver). (Frederic Marchall,
      Anatol Belski)

  - OpenSSL:
    . Fixed bug #69402 (Reading empty SSL stream hangs until timeout).
      (Daniel Lowrey)

  - PCNTL:
    . Fixed bug #68598 (pcntl_exec() should not allow null char). (Stas)

  - Phar:
    . Fixed bug #69453 (Memory Corruption in phar_parse_tarfile when entry filename
      starts with null). (Stas)

(tron)

Pullup ticket #4724 - requested by taca
lang/php54: security update

Revisions pulled up:
- lang/php/phpversion.mk                                        1.97
- lang/php54/distinfo                                          1.57

---
  Module Name: pkgsrc
  Committed By: taca
  Date: Sat May 16 11:16:41 UTC 2015

  Modified Files:
  pkgsrc/lang/php: phpversion.mk
  pkgsrc/lang/php54: distinfo

  Log Message:
  Update php54 to 5.4.41.

  14 May 2015 PHP 5.4.41

  - Core:
    . Fixed bug #69364 (PHP Multipart/form-data remote dos Vulnerability). (Stas)
    . Fixed bug #69403 (str_repeat() sign mismatch based memory corruption).
      (Stas)
    . Fixed bug #69418 (CVE-2006-7243 fix regressions in 5.4+). (Stas)
    . Fixed bug #69522 (heap buffer overflow in unpack()). (Stas)

  - FTP:
    . Fixed bug #69545 (Integer overflow in ftp_genlist() resulting in heap
      overflow). (Stas)

  - PCNTL:
    . Fixed bug #68598 (pcntl_exec() should not allow null char). (Stas)

  - PCRE
    . Upgraded pcrelib to 8.37.

  - Phar:
    . Fixed bug #69453 (Memory Corruption in phar_parse_tarfile when entry
      filename starts with null). (Stas)

(tron)

Updated devel/py-tortoisehg to 3.4

(nros)

Updated py-tortoisehg to version 3.4.

Release notes:
TortoiseHg 3.4 is a regularly scheduled feature release.

Bug Fixes

    bookmark, matching, sign, tag: allow to resize horizontally while
    having fixed height (refs #4043)
    bookmark, tag, update: avoid combo box taking too much space (fixes #4043)
    commit: prompt for new largefiles first to skip extra confirmation
    (fixes #1954)
    filedata: rewrite copy detection by using copies.pathcopies() (fixes #3949)
    merge: discard p2 changes without using debugsetparents (fixes #3856)
    mergetools: add $output to meld to change which file will be saved
    (fixes #4134)
    quickop: do not calculate status unnecessarily in GUI process (refs #1828)
    quickop: catch known exceptions raised from repo.status() (fixes #1828)
    repomodel: clear cache of latest tags on repository change (fixes #4137)
    repoview: ignore corrupted column_widths saved in QSettings (fixes #1456)
    repowidget: refresh commit tab after rollback or custom hg command
    (fixes #3981)
    revset: set appropriate size policy to status bar of query dialog
    (fixes #834)
    sync: get host fingerprint asynchronously by extension command
    (fixes #4114)

Improvements

    bookmark: add simple bookmark dialog to sync screen (fixes #322)
    commit: do not overwrite username if ui.askusername is set (closes #4064)
    filectxactions: enable shortcuts only if the owner or its children has focus
    filectxactions: add shortcut to delete unversioned file (closes #3681)
    fileview, status: enable annotate mode for working directory
    rebase: mention command line options in checkbox labels
    sync: add "unbundle" to "repository" menu (fixes #4067)
    workbench: add default merge action to main menu and toolbar (closes #222)

(nros)