Fix build with LLVM IAS on ARM.

(joerg)

Add missing end-of-function marker. Use CFI on NetBSD/ARM.
Don't redefine exported symbols immediately.

(joerg)

Don't mess with sync builtins, it breaks the build with Clang.

(joerg)

Use C++11 containers in gold for libc++, old ext version doesn't work on
ARM due to lack of long long support.

(joerg)

Updated devel/lua-filesystem to 1.6.3

(fhajny)

Update devel/lua-filesystem to 1.6.3.

- Lua 5.3 support.
- Assorted bugfixes.

(fhajny)

Updated databases/mongo-c-driver to 1.1.2

(fhajny)

Update databases/mongo-c-driver to 1.1.2.

mongo-c-driver 1.1.2
====================
* Process connectTimeoutMS cast insensitively
* Addition of missing trace macros
* Improvement of internal error messages
* Fix a segfault in OpenSSL cleanup routines
* Fix for IPv66 support for replica sets
* Coalesce small vectorized TLS writes
* MinGW fixups
* Fix for a memory leak in get_database_names()
* Fixes for patching write concern through the bulk api
* Fix to normalize hostnames in uri parsing
* Fix for managing connections in the client pool
* Various other fixes

mongo-c-driver 1.1.0
====================
* ABI versioning for 1.1 versus 1.0 symbols
* additional geo index options
* authMechanismProperties in URI
* fixes for OS X Yosemite
* removal of replica set member limit
* SCRAM-SHA-1 SASL mechanism
* updated dependency on libbson 1.1 abi
* validation for bulk insert
* various memory leak fixes
* Fixes to documentation typos
* "How to Ask For Help" in the README
* Removed dependency on sasl for PLAIN authentication
* Use provided username, if available, for X.509 auth
* Fixed WriteConcern error reporting for some writes
* Check for closed sockets before attempting RPCs
* Fixes for gridfs file seek
* Fixes for mongoc_cursor_clone()
* Fixes for unix domain socket support
* Fixes for polling on win32
* Improved warnings on failure to connect
* Addition of wired tiger options
* Fixes for examples

Additions to the ABI include:
* support for extra option in count
  - mongoc_collection_count_with_opts
* additional index options
  - mongoc_index_opt_geo_get_default
  - mongoc_index_opt_geo_init
  - mongoc_index_opt_wt_get_default
  - mongoc_index_opt_wt_init
* rand interface to seed and verify the strong random number generation needed
  by some auth mechanisms
  - mongoc_rand_seed
  - mongoc_rand_add
  - mongoc_rand_status
* URI additions to support more complicated auth credentials
  - mongoc_uri_get_credentials
  - mongoc_uri_get_mechanism_properties
* Support for cursor returning metadata crud operations
  - mongoc_client_find_databases
  - mongoc_collection_find_indexes
  - mongoc_database_find_collections
* Kill cursor supportp
  - mongoc_client_kill_cursor
* Various get/setters on cursor
  - mongoc_cursor_get_batch_size
  - mongoc_cursor_get_id
  - mongoc_cursor_set_batch_size
* More socket/stream options
  - mongoc_socket_check_closed
  - mongoc_socket_inet_ntop
  - mongoc_stream_check_closed
  - mongoc_stream_write

(fhajny)

Updated devel/libbson to 1.1.2

(fhajny)

Update devel/libbson to 1.1.2.

Libbson 1.1.2
=============
* sscanf_s doesn't exist for mingw.

Libbson 1.1.0
=============
ABI/API changes include:
* Deprecation of bson_copy_to_excluding
* Addition of bson_copy_to_excluding_noinit
* Removal of MIN, MAX and ABS macros in favor of BSON_MIN, BSON_MAX and
  BSON_ABS.  Note this is a breaking source level change if you relied on
  these from bson.h.  Also note that this is not a breaking ABI change.
* Addition of BSON_ERROR_BUFFER_SIZE macro

Other changes include:
* Addition of a versioned ABI for the libbson shared library
* fixed bson_get_monotonic_time fallback when a system monotonic clock can not
  be found.  Formerly failed to compile with an incorrect call to
  bson_gettimeofday
* Allow the "dbref" convention in bson_validate when BSON_VALIDATE_DOLLAR_KEYS
  is present
* Support for ISO-8601 or $numberLong dates in bson <-> json parsing
* Quiet various compiler warnings

(fhajny)

Updated textproc/sphinxsearch to 2.2.8

(fhajny)

Update textproc/sphinxsearch to 2.2.8.

2.2.8
- It is now possible to add an option to an agent description.
- fixed #2182, incorrect query results with multiple same destination
  wordforms
- fixed #2181, improved error message on incorrect filters
- fixed #2178, ZONESPAN operator for queries with more than two words
- fixed #2172, incorrect results with field position fulltext operators
- fixed #2171, some index options do not work for template indexes
- fixed #2170, joined fields indexation with document id equals to 0
- fixed #2110, crash on snippet generation related to blend_chars inside
  HTML markup
- fixed WLCCS ranking factor computation
- fixed memory leak on queries with ZONEs

2.2.7
- added #2112, string equal comparison support for IF() function (for JSON
  and string attributes)
- added #2153, IN() support for mixed and top-level JSON array
- fixed #2158, crash at RT index after morphology changed to AOT after
  index was created
- fixed #2155, stopwords got missed on disk chunk save at RT index
- fixed #2151, agents statistics missed in case of huge amount of agents
- fixed #2139, escape all special characters in JSON result set, according
  to RFC 4627
- fixed #2123, no pid file created in x64 release built with vs2012
- fixed #2115, indexer crash on wordforms with multiple destination keywords
- fixed #2050, multi result set doesn't work without libmysqlclient
- fixed #2003, lemmatize_XX_all handling of short and exact words
- fixed #1912, reduce indextool memory usage during a check of a huge index
- fixed off by one errors in filtering of BIGINT attributes
- fixed seamless rotation in prefork mode
- fixed snippets crash with blend chars at the beginning of a string

(fhajny)

Updated net/rabbitmq to 3.5.0

(fhajny)

Update net/rabbitmq to 3.5.0.

3.5.0
- Priority queues
- Faster persistence
- I/O statistics
- .NET client API changes
See http://www.rabbitmq.com/release-notes/README-3.5.0.txt for details.

3.4.4
- Bug fixes
See http://www.rabbitmq.com/release-notes/README-3.4.4.txt for details.

3.4.3
- Bug fixes
- Security fixes to the management plugin (CVE-2015-0862)
See http://www.rabbitmq.com/release-notes/README-3.4.3.txt for details.

(fhajny)

Fix typo in previous, noted by rpalo.

(wiz)

Remove hash for deleted patch patch-Makefile.in

(dsainty)

Remove hash for deleted patch patch-Xfuncproto.h.in

(dsainty)

Updated archivers/lz4 to 127

(fhajny)

Update archivers/lz4 to 127.

r127:
N/A  : added a file on SVN

r126:
New  : lz4frame API is now integrated into liblz4
Fixed : GCC 4.9 bug on highest performance settings, reported by Greg Slazinski
Fixed : bug within LZ4 HC streaming mode, reported by James Boyle
Fixed : older compiler don't like nameless unions, reported by Cheyi Lin
Changed : lz4 is C90 compatible
Changed : added -pedantic option, fixed a few mminor warnings

r125:
Changed : endian and alignment code
Changed : directory structure : new "lib" directory
Updated : lz4io, now uses lz4frame
Improved: slightly improved decoding speed
Fixed : LZ4_compress_limitedOutput(); Special thanks to Christopher Speller !
Fixed : some alignment warnings under clang
Fixed : deprecated function LZ4_slideInputBufferHC()

(fhajny)

Suggest packaging Phabricator, Geogebra, Gitlab, and Baikal.

(wiz)

Updated cross/gcc-mips-current to 4.9.2

(martin)

Update to 4.9.2

(martin)

Updated cross/binutils-mips-current to 2.25

(martin)

Update to binutils 2.25

(martin)

Disable incompatible assembly sections on 32-bit OSX.  Based on MacPorts fix
in http://trac.macports.org/ticket/44170

(jperkin)

+ sudo-1.8.13.

(taca)

Find builtin XPG4 curses library on 64-bit SunOS.

(jperkin)

+ atk-2.16.0, calibre-2.22.0, gtk3-3.16.0, p5-JSON-MaybeXS-1.003004
  [pkg/49771], p5-Sereal-Decoder-3.005 [pkg/49772], p5-Sereal-Encoder-3.005
  [pkg/49773], p5-Unicode-Collate-1.12 [pkg/49774].

(wiz)

Revbump because of security/libssh2 update.

(nros)

Revbump because of security/libbsh2 update.

(nros)

Revbump because of security/libbsh2 update.

(nros)

Revbump because of security/libssh2 update.

(nros)

Updated security/libssh2 to 1.5.0

(nros)

Update libssh2 to 1.5.0 to address CVE-2015-1782.
http://www.libssh2.org/adv_20150311.html

Set LICENSE.

Changelog:

This release includes the following changes:

o Added Windows Cryptography API: Next Generation based backend

This release includes the following bugfixes:

o Security Advisory for CVE-2015-1782, using SSH_MSG_KEXINIT data unbounded
o missing _libssh2_error in _libssh2_channel_write
o knownhost: Fix DSS keys being detected as unknown.
o knownhost: Restore behaviour of `libssh2_knownhost_writeline` with short buffer.
o libssh2.h: on Windows, a socket is of type SOCKET, not int
o libssh2_priv.h: a 1 bit bit-field should be unsigned
o windows build: do not export externals from static library
o Fixed two potential use-after-frees of the payload buffer
o Fixed a few memory leaks in error paths
o userauth: Fixed an attempt to free from stack on error
o agent_list_identities: Fixed memory leak on OOM
o knownhosts: Abort if the hosts buffer is too small
o sftp_close_handle: ensure the handle is always closed
o channel_close: Close the channel even in the case of errors
o docs: added missing libssh2_session_handshake.3 file
o docs: fixed a bunch of typos
o userauth_password: pass on the underlying error code
o _libssh2_channel_forward_cancel: accessed struct after free
o _libssh2_packet_add: avoid using uninitialized memory
o _libssh2_channel_forward_cancel: avoid memory leaks on error
o _libssh2_channel_write: client spins on write when window full
o windows build: fix build errors
o publickey_packet_receive: avoid junk in returned pointers
o channel_receive_window_adjust: store windows size always
o userauth_hostbased_fromfile: zero assign to avoid uninitialized use
o configure: change LIBS not LDFLAGS when checking for libs
o agent_connect_unix: make sure there's a trailing zero
o MinGW build: Fixed redefine warnings.
o sftpdir.c: added authentication method detection.
o Watcom build: added support for WinCNG build.
o configure.ac: replace AM_CONFIG_HEADER with AC_CONFIG_HEADERS
o sftp_statvfs: fix for servers not supporting statfvs extension
o knownhost.c: use LIBSSH2_FREE macro instead of free
o Fixed compilation using mingw-w64
o knownhost.c: fixed that 'key_type_len' may be used uninitialized
o configure: Display individual crypto backends on separate lines
o examples on Windows: check for WSAStartup return code
o examples on Windows: check for socket return code
o agent.c: check return code of MapViewOfFile
o kex.c: fix possible NULL pointer de-reference with session->kex
o packet.c: fix possible NULL pointer de-reference within listen_state
o tests on Windows: check for WSAStartup return code
o userauth.c: improve readability and clarity of for-loops
o examples on Windows: use native SOCKET-type instead of int
o packet.c: i < 256 was always true and i would overflow to 0
o kex.c: make sure mlist is not set to NULL
o session.c: check return value of session_nonblock in debug mode
o session.c: check return value of session_nonblock during startup
o userauth.c: make sure that sp_len is positive and avoid overflows
o knownhost.c: fix use of uninitialized argument variable wrote
o openssl: initialise the digest context before calling EVP_DigestInit()
o libssh2_agent_init: init ->fd to LIBSSH2_INVALID_SOCKET
o configure.ac: Add zlib to Requires.private in libssh2.pc if using zlib
o configure.ac: Rework crypto library detection
o configure.ac: Reorder --with-* options in --help output
o configure.ac: Call zlib zlib and not libz in text but keep option names
o Fix non-autotools builds: Always define the LIBSSH2_OPENSSL CPP macro
o sftp: seek: Don't flush buffers on same offset
o sftp: statvfs: Along error path, reset the correct 'state' variable.
o sftp: Add support for fsync (OpenSSH extension).
o _libssh2_channel_read: fix data drop when out of window
o comp_method_zlib_decomp: Improve buffer growing algorithm
o _libssh2_channel_read: Honour window_size_initial
o window_size: redid window handling for flow control reasons
o knownhosts: handle unknown key types

(nros)

+ abcm2ps-7.8.13, abcmidi-20150316, afl-1.57b, anjuta-3.16.0,
  duplicity-0.7.02, exaile-3.4.4, ffmpeg2-2.6.1, fox-1.7.51,
  freeciv-2.5.0, gdl-3.16.0, gperiodic-3.0.0, gsharutils-4.15
  [pkg/49770], harfbuzz-0.9.40, libXdmcp-1.1.2, libdrm-2.4.60,
  liblangtag-0.5.5, libvdpau-1.1, py-cryptography-0.8.1,
  py-setuptools-14.3.1, rspamd-0.8.3, vala-0.28.0, xerces-c-3.1.2.

(wiz)

Fix EGG_NAME.

(joerg)

Redo rpath handling as the option is leaked into the config binary.
Bump revision.

(joerg)

Needs Ruby 2.x.

(joerg)

Do as the comment say and use -fPIC everywhere but for Win32.
Bump revision.

(joerg)

Don't conflict with NetBSD's strtoi. Disable liblive due to incompatible
interface changes.

(joerg)

Use explicit conversion to bool.

(joerg)

Remove PKG_DESTDIR_SUPPORT=user-destdir, which is default.

(rodent)

Remove commented PKGREVISION. Remove DESTDIR=user-destdir, which is default

(rodent)

Remove commented PKGREVISION. Remove DESTDIR=user-destdir, which is default

(rodent)

Fix HOMEPAGE.

(rodent)

Add patch for CVE-2014-8118 - Integer overflow allows remote attackers to
execute arbitrary code via a crafted CPIO header in the payload section of an
RPM file, which triggers a stack-based buffer overflow.

https://bugzilla.redhat.com/show_bug.cgi?id=1168715

Reviewed by wiz@

(sevan)

Note lua51 update.

(bsiegert)

SECURITY: Add a patch for CVE-2014-5461, taken from the Debian package.
Bump PKGREVISION.

(bsiegert)

need zlib

(tnn)

Do not replace "6.1" to ${OS_VERSION}.

(taca)

Note file update.

(bsiegert)

Needs dvips and pdftex for build.

(asau)

SECURITY: Update file to 5.22.

Bugs fixed:
* restructure elf note printing to avoid repeated messages
* add note limit, suggested by Alexander Cherepanov
* Bail out on partial pread()'s (Alexander Cherepanov)
* Fix incorrect bounds check in file_printable (Alexander Cherepanov)
* PR/405: ignore SIGPIPE from uncompress programs
* change printable -> file_printable and use it in
  more places for safety
* Fix for CVE-2014-9620.

(bsiegert)

The bundled SMF manifest should not have a project called for. This had been
added erroneously, based on modified Joyent manifests. Bump PKGREVISION for
the MySQL cluster/server packages.

(fhajny)

pass --with-lzma to configure script

(tnn)

osl 3.0 should be default acceptable (it is both FSF and OSI approved)

(tnn)

fix license

(tnn)

Updated www/firefox-l10n to 36.0.4

(ryoon)

Update to 36.0.4

* Sync with firefox-36.0.4

(ryoon)

Updated www/firefox to 36.0.4

(ryoon)

Update to 36.0.4

Changelog:
Fixed 36.0.4: Security fixes for issues disclosed at HP Zero Day Initiative's Pwn2Own contest

Fixed in Firefox 36.0.4
    2015-28 Privilege escalation through SVG navigation

Fixed in Firefox 36.0.3
    2015-29 Code execution through incorrect JavaScript bounds checking elimination

(ryoon)

Fix configure to compile on i386.

We are carrying a patch for configure to include -li386 on i386/i486,
but the upstream script is missing the [] intended to match multiple
subfamilies, and hence does not match.  This commit just adds in the
missing [], enabling compilation to succeed on i386, and not changing
anything on !i386.

(gdt)

Fix PLIST which was for previous version of clamav.
Noted by joerg@.

(taca)

Updated www/php-owncloud to 8.0.2

(ryoon)

Update to 8.0.2

Changelog:
Version 8.0.2 March 11th 2015
Prevent DB errors in certain high load situations
Fix installation and updating of apps from the app store
Fix documentation links
Fix file move/copy when out of storage space
Disable 3rd party apps during upgrade to prevent breaking ownCloud if incompatible apps are used
Fix compatibility with certain MariaDB versions
Print app upgrade information to console
Detect broken APC versions
Fix certain incompatibilities with older PHP 5.4 versions
Several smaller fixes

(ryoon)

Support different installations of PHP package versions. Fix MESSAGE, PLIST
and bump PKGREVISION.

(rodent)

Mark broken for fetching dependency during build.

(joerg)

Note ntp4 update.

(bsiegert)

SECURITY: Update ntpd to 4.2.8p1.

* [Sec 2671] vallen in extension fields are not validated.
* [Sec 2672] On some OSes ::1 can be spoofed, bypassing source IP ACLs.

(bsiegert)

Updated x11/mlterm to 3.4.5nb1

(tsutsui)

Pull upstream fix for NetBSD which also affects RPIs.

https://bitbucket.org/arakiken/mlterm/commits/d2f31b50c2b90bf731ae2223a975d9bb6320478f
> x_display_wscons.c: WSDISPLAYIO_GET_FBINFO is supported.

Tested on RPI2 with the following change by jun@:
http://mail-index.netbsd.org/source-changes/2015/01/21/msg062550.html
> Newer Raspberry Pi firmware has changed the framebuffer from BGR to RGB.

Bump PKGREVISION.  (leaf package update)

(tsutsui)

Note lftp update.

(bsiegert)

SECURITY: add a patch to prevent saving of unknown host keys without user
intervention.
Bump PKGREVISION.

(bsiegert)

Ensure RANLIB is defined in the environment.

(jperkin)

Honor our CFLAGS. Fix build on systems with linkat.

(joerg)

Don't care about using plain return in K&R function for clang.

(joerg)

Provide library path to libpython too.

(joerg)

Uses set and dict comprehension as well as OrderedDict -- not for Python
2.6.

(joerg)

Fix build under Solaris 10.

(tron)

Note vorbis-tools update.

(bsiegert)

SECURITY: Fix CVE-2014-9640.
https://trac.xiph.org/changeset/19117
oggenc: fix crash on raw file close, reported by Hanno in issue #2009. pointer
to a non-static struct was escaping its scope.

(bsiegert)

Note tcllib update.

(bsiegert)

Fix rpath use.

(joerg)

SECURITY: Apply patch for XSS in html::textarea as of
http://core.tcl.tk/tcllib/info/09110adc43.
Bump PKGREVISION.

(bsiegert)

Add default-off libusb option.
If you enable this, scdaemon can use some USB Tokens without another
pcsc daemon.

>From Yasushi Oshima in PR 49760.

(wiz)

Updated devel/pth to 2.0.7nb4

(wiz)

Adapt syscall name patch for NetBSD>=6.0.
>From Yasushi Oshima in PR 49759.

(wiz)

Updated www/php-basercms to 3.0.7

(ryoon)

Update to 3.0.7

Changelog:
7 New features and 27 bugfixes.
See http://basercms.net/release/3_0_7 (in Japanese).

(ryoon)

Updated www/firefox-l10n to 36.0.3

(ryoon)

Update to 36.0.3

* Sync with firefox-36.0.3

(ryoon)

Updated www/firefox to 36.0.3

(ryoon)

Update to 36.0.3

Changelog:
Fixed 36.0.3: Security fixes for issues disclosed at HP Zero Day Initiative's Pwn2Own contest

(ryoon)

Updated www/php-ja-wordpress to 4.1.1

(ryoon)

Update to 4.1.1

Changelog:
* 21 bugs are fixed.

(ryoon)

fix PLIST breakage on amd64

(tnn)

fix build with clang ... but mark the package as BROKEN because even though
it builds now, the resulting binary does not boot in qemu.

(tnn)

Fix build on MKGCC=no systems

(tnn)

don't send standard error to /dev/null, we'd like to know if cp(1) fails

(tnn)

Fix error spotted in bulk build.
1) add patch-elisp-comp from FreeBSD ports to fix
  "Wrong type argument: stringp, nil"
2) for some reason the unit test fails if we're in CET time zone so
  just set TZ=GMT in the make environment for now.

(tnn)

Has race conditions at least on NetBSD.

(joerg)

Fix build on FreeBSD. Approved by gdt@.

(rodent)

Extend the list of packages that ccache.mk avoids in order to prevent
circular dependency errors on platforms where most builtins are provided
by pkgsrc.

(tnn)

+ openssh-6.8p1.

(taca)

Note update of PHP:

lang/php54 5.4.39
lang/php55 5.5.23
lang/php56 5.6.7

(taca)

Reset PKGREVISION with updating of php54, php55 and php56.

(taca)

Update php56 to 5.6.7, including security fix.

19 Mar 2015, PHP 5.6.7

- Core:
  . Fixed bug #69174 (leaks when unused inner class use traits precedence).
    (Laruence)
  . Fixed bug #69139 (Crash in gc_zval_possible_root on unserialize).
    (Laruence)
  . Fixed bug #69121 (Segfault in get_current_user when script owner is not
    in passwd with ZTS build). (dan at syneto dot net)
  . Fixed bug #65593 (Segfault when calling ob_start from output buffering
    callback). (Mike)
  . Fixed bug #68986 (pointer returned by php_stream_fopen_temporary_file
    not validated in memory.c). (nayana at ddproperty dot com)
  . Fixed bug #68166 (Exception with invalid character causes segv). (Rasmus)
  . Fixed bug #69141 (Missing arguments in reflection info for some builtin
    functions). (kostyantyn dot lysyy at oracle dot com)
  . Fixed bug #68976 (Use After Free Vulnerability in unserialize()). (Stas)
  . Fixed bug #69134 (Per Directory Values overrides PHP_INI_SYSTEM
    configuration options). (Anatol Belski)
  . Fixed bug #69207 (move_uploaded_file allows nulls in path). (Stas)

- CGI:
  . Fixed bug #69015 (php-cgi's getopt does not see $argv). (Laruence)

- CLI:
  . Fixed bug #67741 (auto_prepend_file messes up __LINE__). (Reeze Xia)

- cURL:
  . Fixed bug #69088 (PHP_MINIT_FUNCTION does not fully initialize cURL on
    Win32). (Grant Pannell)
  . Add CURLPROXY_SOCKS4A and CURLPROXY_SOCKS5_HOSTNAME constants if supported
    by libcurl. (Linus Unneback)

- Ereg:
  . Fixed bug #69248 (heap overflow vulnerability in regcomp.c) (CVE-2015-2305).
    (Stas)

- FPM:
  . Fixed bug #68822 (request time is reset too early). (honghu069 at 163 dot com)

- ODBC:
  . Fixed bug #68964 (Allowed memory size exhausted with odbc_exec). (Anatol)

- Opcache:
  . Fixed bug #69159 (Opcache causes problem when passing a variable variable
    to a function). (Dmitry, Laruence)
  . Fixed bug #69125 (Array numeric string as key). (Laruence)
  . Fixed bug #69038 (switch(SOMECONSTANT) misbehaves). (Laruence)

- OpenSSL:
  . Fixed bug #68912 (Segmentation fault at openssl_spki_new). (Laruence)
  . Fixed bug #61285, #68329, #68046, #41631 (encrypted streams don't observe
    socket timeouts). (Brad Broerman)
  . Fixed bug #68920 (use strict peer_fingerprint input checks)
    (Daniel Lowrey)
  . Fixed bug #68879 (IP Address fields in subjectAltNames not used)
    (Daniel Lowrey)
  . Fixed bug #68265 (SAN match fails with trailing DNS dot) (Daniel Lowrey)
  . Fixed bug #67403 (Add signatureType to openssl_x509_parse) (Daniel Lowrey)
  . Fixed bug (#69195 Inconsistent stream crypto values across versions)
    (Daniel Lowrey)

- pgsql:
  . Fixed bug #68638 (pg_update() fails to store infinite values).
    (william dot welter at 4linux dot com dot br, Laruence)

- Readline:
  . Fixed bug #69054 (Null dereference in readline_(read|write)_history() without
    parameters). (Laruence)

- SOAP:
  . Fixed bug #69085 (SoapClient's __call() type confusion through
    unserialize()). (andrea dot palazzo at truel dot it, Laruence)

- SPL:
  . Fixed bug #69108 ("Segmentation fault" when (de)serializing
    SplObjectStorage). (Laruence)
  . Fixed bug #68557 (RecursiveDirectoryIterator::seek(0) broken after
    calling getChildren()). (Julien)

- ZIP:
  . Fixed bug #69253 (ZIP Integer Overflow leads to writing past heap
    boundary) (CVE-2015-2331). (Stas)

(taca)

Update php55 to 5.5.23, including security fix.

19 Mar 2015, PHP 5.5.23

- Core:
  . Fixed bug #69174 (leaks when unused inner class use traits precedence).
    (Laruence)
  . Fixed bug #69139 (Crash in gc_zval_possible_root on unserialize).
    (Laruence)
  . Fixed bug #69121 (Segfault in get_current_user when script owner is not
    in passwd with ZTS build). (dan at syneto dot net)
  . Fixed bug #65593 (Segfault when calling ob_start from output buffering
    callback). (Mike)
  . Fixed bug #69017 (Fail to push to the empty array with the constant value
    defined in class scope). (Laruence)
  . Fixed bug #68986 (pointer returned by php_stream_fopen_temporary_file
    not validated in memory.c). (nayana at ddproperty dot com)
  . Fixed bug #68166 (Exception with invalid character causes segv). (Rasmus)
  . Fixed bug #69141 (Missing arguments in reflection info for some builtin
    functions). (kostyantyn dot lysyy at oracle dot com)
  . Fixed bug #68976 (Use After Free Vulnerability in unserialize()). (Stas)
  . Fixed bug #69134 (Per Directory Values overrides PHP_INI_SYSTEM
    configuration options). (Anatol Belski)
  . Fixed bug #69207 (move_uploaded_file allows nulls in path). (Stas)

- CGI:
  . Fixed bug #69015 (php-cgi's getopt does not see $argv). (Laruence)

- CLI:
  . Fixed bug #67741 (auto_prepend_file messes up __LINE__). (Reeze Xia)

- cURL:
  . Fixed bug #69088 (PHP_MINIT_FUNCTION does not fully initialize cURL on
    Win32). (Grant Pannell)
  . Add CURLPROXY_SOCKS4A and CURLPROXY_SOCKS5_HOSTNAME constants if supported
    by libcurl. (Linus Unneback)

- Ereg:
  . Fixed bug #69248 (heap overflow vulnerability in regcomp.c). (Stas)

- FPM:
  . Fixed bug #68822 (request time is reset too early). (honghu069 at 163 dot com)

- ODBC:
  . Fixed bug #68964 (Allowed memory size exhausted with odbc_exec). (Anatol)

- Opcache:
  . Fixed bug #69125 (Array numeric string as key). (Laruence)
  . Fixed bug #69038 (switch(SOMECONSTANT) misbehaves). (Laruence)

- OpenSSL:
  . Fixed bugs #61285, #68329, #68046, #41631 (encrypted streams don't observe
    socket timeouts). (Brad Broerman)

- pgsql:
  . Fixed bug #68638 (pg_update() fails to store infinite values).
    (william dot welter at 4linux dot com dot br, Laruence)

- Readline:
  . Fixed bug #69054 (Null dereference in readline_(read|write)_history() without
    parameters). (Laruence)

- SOAP:
  . Fixed bug #69085 (SoapClient's __call() type confusion through
    unserialize()). (andrea dot palazzo at truel dot it, Laruence)

- SPL:
  . Fixed bug #69108 ("Segmentation fault" when (de)serializing
    SplObjectStorage). (Laruence)
  . Fixed bug #68557 (RecursiveDirectoryIterator::seek(0) broken after
    calling getChildren()). (Julien)

- ZIP:
  . Fixed bug #69253 (ZIP Integer Overflow leads to writing past heap
    boundary) (CVE-2015-2331). (Stas)

(taca)

Update php54 to 5.4.39, including securitfy fix.

19 Mar 2015 PHP 5.4.39

- Core:
  . Fixed bug #68976 (Use After Free Vulnerability in unserialize()). (Stas)
  . Fixed bug #69134 (Per Directory Values overrides PHP_INI_SYSTEM
    configuration options). (Anatol Belski)
  . Fixed bug #69207 (move_uploaded_file allows nulls in path). (Stas)

- Ereg:
  . Fixed bug #69248 (heap overflow vulnerability in regcomp.c). (Stas)

- SOAP:
  . Fixed bug #69085 (SoapClient's __call() type confusion through
    unserialize()). (Dmitry)

- ZIP:
  . Fixed bug #69253 (ZIP Integer Overflow leads to writing past heap
    boundary). (Stas)

(taca)

Fix problem of pod2man not found, thanks joerg.

(mef)

Fix build under Cygwin.

(ryoon)

Updated www/firefox to 36.0.1nb1

(martin)

Make it build & work on sparc64 again

(martin)

Restore hpn-patch delated DISTFIELS.

(taca)

Note update of mail/dovecot2-pigeonhole package to 0.4.7.

(taca)