Updated devel/py-logan to 0.6.0

(rodent)

Add tests PKG_OPTION. Update to 0.6.0. Dropped py26 support and added
py3{3,4} support. Add dependency on devel/py-flake8.

(rodent)

Updated databases/py-sqlalchemy-utils to 0.29.8

(rodent)

Changelog
---------

0.29.8 (2015-03-03)
^^^^^^^^^^^^^^^^^^^

- Added get_class_by_table ORM utility function

0.29.7 (2015-03-01)
^^^^^^^^^^^^^^^^^^^

- Added Enum representation support for ChoiceType

0.29.6 (2015-02-03)
^^^^^^^^^^^^^^^^^^^

- Added customizable TranslationHybrid default value

0.29.5 (2015-02-03)
^^^^^^^^^^^^^^^^^^^

- Made assert_max_length support PostgreSQL array type

0.29.4 (2015-01-31)
^^^^^^^^^^^^^^^^^^^

- Made CaseInsensitiveComparator not cast already lowercased types to lowercase

0.29.3 (2015-01-24)
^^^^^^^^^^^^^^^^^^^

- Fixed analyze function runtime property handling for PostgreSQL >= 9.4
- Fixed drop_database and create_database identifier quoting (#122)

0.29.2 (2015-01-08)
^^^^^^^^^^^^^^^^^^^

- Removed deprecated defer_except (SQLAlchemy's own load_only should be used from now on)
- Added json_sql PostgreSQL helper function

0.29.1 (2015-01-03)
^^^^^^^^^^^^^^^^^^^

- Added assert_min_value and assert_max_value testing functions

0.29.0 (2015-01-02)
^^^^^^^^^^^^^^^^^^^

- Removed TSVectorType.match_tsquery (now replaced by TSVectorType.match to be compatible with SQLAlchemy)
- Removed undocumented function tsvector_concat
- Added support for TSVectorType concatenation through OR operator
- Added documentation for TSVectorType (#102)

0.28.3 (2014-12-17)
^^^^^^^^^^^^^^^^^^^

- Made aggregated fully support column aliases
- Changed test matrix to run all tests without any optional dependencies (as well as with all optional dependencies)

0.28.2 (2014-12-13)
^^^^^^^^^^^^^^^^^^^

- Fixed issue with Color importing (#104)

0.28.1 (2014-12-13)
^^^^^^^^^^^^^^^^^^^

- Improved EncryptedType to support more underlying_type's; now supports: Integer, Boolean, Date, Time, DateTime, ColorType, PhoneNumberType, Unicode(Text), String(Text), Enum
- Allow a callable to be used to lookup the key for EncryptedType

0.28.0 (2014-12-12)
^^^^^^^^^^^^^^^^^^^

- Fixed PhoneNumber string coercion (#93)
- Added observes decorator (generates decorator will be deprecated later)

0.27.11 (2014-12-06)
^^^^^^^^^^^^^^^^^^^^

- Added loose typed column checking support for get_column_key
- Made get_column_key throw UnmappedColumnError to be consistent with SQLAlchemy

0.27.10 (2014-12-03)
^^^^^^^^^^^^^^^^^^^^

- Fixed column alias handling in dependent_objects

(rodent)

Version 0.6 - 2015-02-05
* Fix Delete query under multithread
* Add missing quote for with query name

Version 0.5 - 2015-01-29
* Add schema
* Add Common Table Expression
* Escape Mod operator '%' with format paramstyle
* Deprecate Interesect in favor of Intersect
* Add Values

(rodent)

Updated databases/py-pymysql to 0.6.6

(rodent)

Updated to 0.6.6. From CHANGELOG:

## 0.6.6

* Add context manager to cursor
* Fix can't encode blob that is not utf-8 on PY3. (regression of 0.6.4,
  Thanks to @wiggzz)

## 0.6.4
* Support "LOAD LOCAL INFILE".  Thanks @wraziens
* Show MySQL warnings after execute query.
* Fix MySQLError may be wrapped with OperationalError while connectiong. (#274)
* SSCursor no longer attempts to expire un-collected rows within __del__,
  delaying termination of an interrupted program; cleanup of uncollected
  rows is left to the Connection on next execute, which emits a
  warning at that time. (#287)
* Support datetime and time with microsecond. (#303)
* Use surrogateescape to format bytes on Python 3.
* OperationalError raised from connect() have information about original
  exception. (#304)
* `init_command` now support multi statement.
* `Connection.escape()` method now accepts second argument compatible to
  MySQL-Python.

## 0.6.3
* Fixed multiple result sets with SSCursor.
* Fixed connection timeout.
* Fixed literal set syntax to work on Py2.6.
* Allow for mysql negative values with 0 hour timedelta.
* Added Connection.begin().

(rodent)

Updated databases/py-orderedmultidict to 0.7.4

(rodent)

No ChangeLog, though tests seem to be py3x-compatible now. Depends on py-
six>=1.8.0. Remove executable permission from files in ${EGG_INFODIR} in
post-install.

(rodent)

Updated devel/py-fann2 to 1.0.7

(rodent)

Updated MAINTAINER.

1.0.7 - 2015-03-31
* Fixed build for ARM devices

1.0.6 - 2015-03-30
* Fixed type/size checking for array of arrays (ksuszka/patch-1).
* Updated README.
* Added ChangeLog.

(rodent)

Add Plan9 support.

(obache)

Use MACHINE_ARCH rather than LOWER_ARCH in PLIST substitution.  Noticed
by wiz.

(jperkin)

Remove FETCH_USING, not package-setable.

(wiz)

Updated devel/subversion to 1.8.13

(adam)

Changes 1.8.13:

This release addresses 3 security issues.

  CVE-2015-0202: Subversion HTTP servers with FSFS repositories are
                vulnerable to a remotely triggerable excessive memory
                use with certain REPORT requests.
  CVE-2015-0248: Subversion mod_dav_svn and svnserve are vulnerable to a
                remotely triggerable assertion DoS vulnerability for certain
                requests with dynamically evaluated revision numbers
  CVE-2015-0251: Subversion HTTP servers allow spoofing svn:author property
                values for new revisions

(adam)

When checking for C99 features, it helps to actually use C99.

(joerg)

Needs the Xdamage extension.

(joerg)

Use unified syntax on ARM.

(joerg)

Instruct ld to be more conservative with memory on NetBSD/ARM.

(joerg)

va_list should not be dereferenced.

(joerg)

Allow linking on NetBSD/ARM by asking ld to save memory.

(joerg)

Disable optimisations only when compiling for debugging.

(joerg)

Deferencing va_list is not a valid way to check for lack of (further)
arguments.

(joerg)

Needs Xdamage extension.

(joerg)

Fix example to not trigger alignment warnings. Fix a real bug while here
-- casting the address of ai_addr to sockaddr_* is not a good idea.

(joerg)

Regenerate to keep in sync with mplayer-share.

(joerg)

-I wants an argument, but since we don't have one, don't use it.

(joerg)

in/out and variants are x86 assembler instructions, use them only on
x86.

(joerg)

Don't pass -D without option on unknown-to-the-authors platforms like
ARM.

(joerg)

SSE2 support only makes sense on X86, but configure doesn't really
check. Use a blunt object to help it.

(joerg)

Support NetBSD platforms with non-fixed endianess. Remove patch backups
just before install to make patch updates easier.

(joerg)

Rpath option should get the path directly.

(joerg)

ARM requires more than 128MB data size.

(joerg)

Don't mess with __sync_*, clang disallows it this way. Failing at link
time is good enough anyway.

(joerg)

Allow building on platforms where "int3" is not a valid debug trap.
Build shared library with -fPIC on all platforms. Bump revision for
that.

(joerg)

Use unified asm syntax. Build with -O0 on ARM when using clang, to much
optimisation potential.

(joerg)

Has race conditions.

(joerg)

Add missing header for rand(3).

(joerg)

Dereferencing va_list is not portable and broken when using a
non-pointer type.

(joerg)

Needs libXxf86vm.

(joerg)

va_copy does not have const on the source list, so don't use const
structures containing the va_list either.

(joerg)

MACHINE_ARCH can be checked by equality.

(joerg)

Help detecting X11 libraries.

(joerg)

Don't hard-code use of x86 asm or little endian, but properly detect
suppoprt for either.

(joerg)

Use regparm calling convention only on i386.

(joerg)

Replace nasty global asm with a naked function. Avoids killing libbfd
when building with Clang.

(joerg)

Don't specify scheduling goals. Honour whatever the user sets.

(joerg)

For ARM, an additional binary is produced, so adjust the PLIST.
Fix mismatches between prototypes and implementations. Use unified ARM
syntax.

(joerg)

MACHINE_ARCH needs bsd.prefs.mk.

(joerg)

Assume that C99 platforms have uintptr_t. Fixes build on ARM.

(joerg)

Relocate build under ${WRKSRC} to simplify patching. Create build
directory in post-extract.

(joerg)

Remove old SunOS hacks that are no longer needed and are now actively
harmful when enabling certain options.

(jperkin)

Updated www/firefox to 36.0.4nb1

(martin)

Avoid another crash on big endian 64 bit platforms

(martin)

PR pkg/49803 solaris build fix

(tnn)

Use GEM_EXTSDIR in PLIST, sadly it seems not supported well with
print-PLIST.  Fix build problem several versions of Ruby.

(taca)

Remove unnecessary xmlto and asciidoc build dependencies.
Noted by uwe.

(wiz)

Updated textproc/py-phonenumbers to 7.0.4

(rodent)

Updated to latest release, 7.0.4. No easily-accessible ChangeLog. Assuming
more/better/faster.

(rodent)

Remove redundant RUBY_VERSION_SUPPORTED.
Thank you, taca@.

(ryoon)

Fix LICENSE to match current package contents.

(gdt)

Improve COMMENT. Based on PR 49799 by Edgar Fuß.

(wiz)

Updated audio/libebur128 to 1.0.1nb1

(wiz)

Add speexdsp dependency. Bump PKGREVISION.
Fixes libgroove build.

(wiz)

Updated www/ikiwiki to 3.20150329

(schmonz)

Update to 3.20150329. From the changelog:

  [ Joey Hess ]
  * Fix NULL ptr deref on ENOMEM in wrapper. (Thanks, igli)

  [ Simon McVittie ]
  * Really don't double-decode CGI submissions, even on Perl versions that
    bundle an old enough Encode.pm for that not to be a problem: the
    system might have a newer Encode.pm installed separately, like Fedora 20.
    (Closes: #776181; thanks, Anders Kaseorg)
  * If neither timezone nor TZ is set, set both to :/etc/localtime if
    we're on a GNU system and that file exists, or GMT otherwise
  * t/inline.t: accept translations of "Add a new post titled:"
    (Closes: #779365)
  * Consistently document command-line options as e.g. --refresh, not -refresh

  [ Amitai Schlair ]
  * In VCS-committed anonymous comments, link to url.

  [ Joey Hess ]
  * Fix XSS in openid selector. Thanks, Raghav Bisht. (Closes: #781483)

-- Simon McVittie <smcv@debian.org>  Sun, 29 Mar 2015 21:48:24 +0100

Updating this leaf package during the freeze for the bugfixes.

(schmonz)

Add missing PKG_GROUPS entry.  Fixes package build.

(jperkin)

Rather than hardcoding 'netbsd' and 'amd64', use LOWER_OPSYS and LOWER_ARCH to
give it a chance of building on other systems.

(jperkin)

Updated net/freeradius2 to 2.2.0nb10

(jperkin)

Ensure all PKG_SYSCONFDIR subdirs are created correctly.

Bump PKGREVISION.

(jperkin)

+ Sigil-0.8.5, afl-1.58b, dante-1.4.1, ghc7-7.10.1, glib2-2.44.0,
  glu-10.5.2, joe-4.0.0, mc-4.8.14, mined-2015.25, mksh-50e, pv-1.6.0
  [pkg/49795], py-anki2-2.0.32, py-test-2.7.0, webkit-gtk-2.8.0
  [wip].

(wiz)

Updated devel/py-astor to 0.4.1

(rodent)

Updated to 0.4.1. No longer has tests directory installed to ${PYSITELIB}.

0.4.1  -- Added missing SourceGenerator.visit_arguments()

(rodent)

Regen distinfo.

(Apparently I added a comment to one of the new patches after creating
distinfo and testing.  Thanks to joerg@ for pointing out the issue.)

(gdt)

Needs libsocket on SunOS.

(jperkin)

Condense and sort GEMS_DISTFILES. This will make the Makefile easier to
maintain.

(rodent)

Comment patch. Move REPLACE_RUBY to options.mk for pgsql option. Cleanup
REPLACE_RUBY, REPLACE_BASH, CHECK_INTERPRETER_SKIP, etc. Move those
respective directives which reference pgsql to options.mk. That fixed 100+
warnings/informationals with those directives. Approved by MAINTAINER in
private mail.

(rodent)

Updated security/fwbuilder to 5.1.0.3599

(rodent)

Updated to latest release, 5.1.0.3599. Now requires mk/resolv, net/net-snmp
devel/zlib, textproc/libxslt, textproc/libxml2, devel/cppunit, mk/pthread.
Patches were defuzzed and updated. Patch added to fix LIBDIR expansion.
List of changes since the last version and this one is 2788 lines long.
Interested parties can find the ChangeLog in the doc/ directory of the
distfile or at:
http://sourceforge.net/p/fwbuilder/code/ci/builds/tree/doc/ChangeLog

(rodent)

SECURITY: Update libtiff to 4.0.4beta to fix
CVE-2014-8127
CVE-2014-8128
CVE-2014-8129
CVE-2014-8130 (likely)

Remaining unfixed vulnerabilities: CVE-2014-9655, CVE-2015-1547 (but
these are unfixed upstream AFAICS).

ok wiz

(bsiegert)

Updated security/libtasn1 to 4.4

(wiz)

Update to 4.4, security release.

* Noteworthy changes in release 4.4 (released 2015-03-29) [stable]
- Corrected a two-byte stack overflow in asn1_der_decoding. Reported
  by Hanno B旦ck.

* Noteworthy changes in release 4.3 (released 2015-03-09) [stable]
- Added asn1_decode_simple_ber()

(wiz)

Note exctags update

(bsiegert)

SECURITY: Fix CVE-2014-7204 (DoS in JavaScript parser) in exuberant-ctags.

(bsiegert)

Updated devel/redmine to 3.0.1

(ryoon)

Update to 3.0.1

* Fix sqlite3 option.

Changelog:
3.0.1 (2015-03-16)

    Defect #19197: Missing notification if assignee was a group
    Defect #19260: Non-default identifier-less git repositories are undeletable
    Defect #19305: settings: incompatible character encodings: UTF-8 and ASCII-8BIT: yaml generated on ruby 1.8
    Defect #19313: Attached inline images with non-ascii file name can not be seen when text formatting is Makdown
    Defect #19348: Project name is missing for versions from sub-projects
    Defect #19381: Wrong syntax for wiki macros in wiki_syntax_detailed.html
    Defect #19172: "gem update bundler" suggestion for "`x64_mingw` is not a valid platform"
    Defect #19218: Wrong name for pt-BR in language drop-down
    Defect #19225: When deleting one item from multivalued custom field / list of users, name of removed user is not visible in history
    Defect #19232: IMAP STARTTLS options typo :tls
    Defect #19253: Repository users broken if only one committer exists
    Defect #19316: CustomField#possible_values may raise undefined method `force_encoding' error
    Defect #19320: Spent time (last 7 days) in My page not updated
    Defect #19323: Incorrect links generated in emails if host setup uses other port (":" symbol)
    Defect #19325: ActionController::UnknownFormat: error for PDF request and unknown user
    Defect #19354: Unexpected milliseconds in JSON time attributes
    Defect #19368: Creating an issue without tracker_id attribute ignores custom field values
    Patch #19233: Change 20150113213922_remove_users_mail.rb from Irreversible to Reversible
    Patch #19322: Allow to ignore auto reply messages from Exchange server

3.0.0 (2015-02-19)

    Defect #2573: Latest projects list: no space after lists in project description
    Defect #6579: Tree hierachy being currupted on multiple submissions of an issue
    Defect #14151: Grammer problem with German x_days
    Defect #15789: Users can see all groups when adding a filter "Assignee's Group"
    Defect #15988: Unexpected behaviour on issue fields for users that have multiple roles
    Defect #18237: From a rake task context, impossible to create an IssueRelation normally
    Defect #18265: Wrong csv separator in Croatian
    Defect #18301: Revision shortlink at end of URL breaks URL autolinking
    Defect #18314: German Translation - button_update
    Defect #18605: Wrong usage of logger.info to test log level
    Defect #18654: Custom field is rendered, even if its value is empty (for multiple)
    Defect #18711: Respect cross-project subtask setting on issue bulk edit form
    Defect #18781: Redmine::FieldFormat::IntFormat does not accept "real" Integer values
    Defect #18832: Activity Stream Filter missing on right hand side due to permission
    Defect #18855: User with only Move Issue rights in the project can still create issues using mass copy!
    Defect #18918: Grouping label for "none" should be changed to "null", "No Value", or" (blank) ".
    Defect #19024: link_to in Redmine::Hook::ViewListener omits url root
    Defect #19030: Links to completed versions on the roadmap page might lead to a "403 not authorized page"
    Defect #19039: Mail notification is formatting dates with changer's locale
    Defect #19040: Potential DB deadlocks on concurrent issue creation
    Defect #19055: 'label_per_page' is no longer used
    Defect #19111: Bad spelling in Spanish "mail_body_reminder"
    Feature #992: Option to search open issues only
    Feature #1326: Add / edit an attachment description after upload
    Feature #1415: Let system administrator limit repositories valid sources
    Feature #4244: Multiple email addresses for each user
    Feature #4383: Search Names of Files Attached to Issues
    Feature #4518: Wiki formatting documentation for nested lists
    Feature #5450: Move wiki page to other project
    Feature #5991: Tracker should have it's own default issue status
    Feature #6426: MenuManager::MenuItem should support a named route as a url
    Feature #7249: Custom fields for Documents
    Feature #8121: Allow overriding direction of part of text
    Feature #8818: Repository user-mapping with multiple email addresses
    Feature #11702: Add user/group to multiple projects at once
    Feature #11724: Prevent users from seeing other users based on their project membership
    Feature #12097: Multi Thread Support
    Feature #12734: Add table reference to textile help
    Feature #13051: Support any macro in (pdf) export for wiki's and issues
    Feature #13425: Ignore X-Autoreply mails
    Feature #13497: Document all available Redmine links properly
    Feature #13849: Grouped filters in the filter drop-down
    Feature #14371: Drop Ruby 1.8.7 support
    Feature #14534: Upgrade to Rails 4.2
    Feature #15236: Propose diff view for long text custom fields
    Feature #16823: IMAP STARTTLS support
    Feature #17354: User detail : show user login to admins
    Feature #17763: Ability to render multiple partials with view hook
    Feature #18500: Optional linking when copying issues
    Feature #18571: Tab "New Issue" should not be displayed if a project has no trackers
    Feature #18631: Better search results pagination
    Feature #18801: Support for accent insensitive search with PostgreSQL
    Feature #18860: Replace awesome_nested_set gem with a custom implementation of nested sets
    Feature #18947: Ruby 2.2 support
    Feature #19131: Use a better content type for attachments created with application/octet-stream
    Patch #6586: Calendar view hook Request
    Patch #13120: Translation in language selection
    Patch #18182: Latvian translation update
    Patch #18261: Japanese translation change (fix terms mismatch "default")
    Patch #18276: Allow queries captions to be dynamic
    Patch #18290: Issue performance patch
    Patch #18390: Better RTL css for the system
    Patch #18392: German translation: Self-registration
    Patch #18565: html improvements on project landing page
    Patch #18659: Do not truncate subissue/related issues titles on single issue view
    Patch #18671: Japanese translation change (fix misspelled word)
    Patch #18679: LabelledFormBuilder#label outputs 2 label elements
    Patch #18692: Access keys for previous (p)/next (n) links
    Patch #18707: Allow attachment thumbnails from REST api
    Patch #18817: Sort helper undefined to_a for string
    Patch #18818: TimeEntry acts_as_activity_provider scope should joins(:project)
    Patch #18983: Allow filtering of Redmine Reminders by Version
    Patch #19005: Make search results per page configurable
    Patch #19035: Japanese translation fix (label_age)

(ryoon)

Fix default gpg2 of enigmail.

* Depend on gnupg2.
* Detect gpg2 command by default.

(ryoon)

Resulting shared library built with the zlib option links against it, so
use PKG_BUILD_OPTIONS here.

(rodent)

Updated security/polarssl to 1.3.9nb1

(rodent)

Add patch to make OpenSSL ("tests") optional. The package wants this by
default and users of other package management systems might imagine this
package functioning the same way. However, the PLIST differs by one item
without it, which users may change at their discretion. Add zlib option
too which I'd missed during the previous update. Bump PKGREVISION.

(rodent)

Note qt5-qtbase update.

(bsiegert)

SECURITY: Fix a division by zero when processing malformed BMP files.

This fixes a division by 0 when processing a maliciously crafted BMP
file. No impact beyond DoS.

PKGREVISION++.

(bsiegert)

Fix PLIST for nopangocairo case.

There's no sign of this inherit_graph file in destdir or even in the
working directory.  This change only affects non-default options, and
it didn't build before, so no PKGREVISION++.

(gdt)

Fix CVE-2015-0228 (lua module) with upstream patch.
lua module is not enabled by default.

(ryoon)

Note update of www/ruby-http package to 0.7.3.

(taca)

Update ruby-http to 0.7.3, security fix.

## 0.7.3 (2015-03-24)

* SECURITY FIX: http.rb failed to call the #post_connection_check method
  on SSL connections. This method implements hostname verification, and
  without it http.rb was vulnerable to MitM attacks. The problem was
  corrected by calling #post_connection_check (CVE-2015-1828)

(taca)

Note update of www/contao34 package to 3.4.5.

(taca)

Update contao34 to 3.4.5, a leaf package.

Version 3.4.5 (2015-03-27)
--------------------------

### Fixed
Consider the `$blnCache` flag when caching insert tags (see #7700).

### Updated
Updated TinyMCE to version 4.1.9 (see #7690).

### Fixed
Correctly calculate the max upload size in the DropZone uploader (see #7633).

### Fixed
Convert language codes to locales in the meta wizard (see #7667).

### Fixed
Replace only the `{{file}}` insert tag in the back end preview (see #7647).

### Fixed
Correctly convert date strings depending on their rgxp format (see #7721).

### Fixed
Update news and calendar feeds from the content view (see #7679).

### Fixed
Do not generally encode stand-alone ampersands (see #7684).

### Fixed
Restore some globals when catching the unused argument exception (see #7659).

### Fixed
Correctly set the CSS classes in the jQuery accordion and do not try to mess
with its ARIA handling (see #7622).

### Fixed
Handle language fragments without trailing slash when redirecting (see #7666).

### Fixed
Trigger the `load_callback` upon saving in "override all" mode (see #7670).

### Fixed
Ensure a unique language file array in the `Automator` class (see #7687).

(taca)

Note update of www/contao32 package to 3.2.20.

(taca)

Update contao32 package to 3.2.20, a leaf package.

Version 3.2.20 (2015-03-26)
---------------------------

### Fixed
Correctly convert date strings depending on their rgxp format (see #7721).

### Fixed
Update news and calendar feeds from the content view (see #7679).

### Fixed
Do not generally encode stand-alone ampersands (see #7684).

### Fixed
Restore some globals when catching the unused argument exception (see #7659).

### Fixed
Correctly set the CSS classes in the jQuery accordion and do not try to mess
with its ARIA handling (see #7622).

### Fixed
Handle language fragments without trailing slash when redirecting (see #7666).

### Fixed
Trigger the `load_callback` upon saving in "override all" mode (see #7670).

### Fixed
Ensure a unique language file array in the `Automator` class (see #7687).

(taca)

Note update of www/ruby-rest-client package to 1.8.0.

(taca)

Update ruby-rest-client to 1.8.0, security fix.

# 1.8.0

- Security: implement standards compliant cookie handling by adding a
  dependency on http-cookie. This breaks compatibility, but was necessary to
  address a session fixation / cookie disclosure vulnerability.
  (#369 / CVE-2015-1820)

  Previously, any Set-Cookie headers found in an HTTP 30x response would be
  sent to the redirection target, regardless of domain. Responses now expose a
  cookie jar and respect standards compliant domain / path flags in Set-Cookie
  headers.

(taca)

Add 2 fixes to for amanda-server to work on NetBSD.

While amanda-client 3.3 has been stable on NetBSD for a while, the
server code has apparently never worked.  This commit adds several
patches:

  - include sys/{types,time}.h so autoconf tape drive checks pass
  - improve error messages when tape drive code is not compiled in
  - avoid perl crash in report generation

These changes have been tested on NetBSD 6 kernel with NetBSD 5
userland, amd64 (for no good reason, but this was the machine with the
tape drive), dumping many machines and writing to LTO.

The first two patches are taken from an upstream patch committed to
the 3.3 branch due to this problem being reported.  The third patch is
ad hoc based on perl debugging, and needs further investigation.  (But
it's better to get a report without a header line than an empty mail
message.)

(gdt)

Updated net/powerdns-pgsql to 3.4.3

(rodent)

Updated net/powerdns-mysql to 3.4.3

(rodent)

Updated net/powerdns-ldap to 3.4.3

(rodent)

Updated net/powerdns to 3.4.3

(rodent)

Updated to latest release, 3.4.3. Updated and defuzzed patches. Added cryptopp
and zeromq options, which are disabled by default. ChangeLog:

PowerDNS Authoritative Server 3.4.3

Warning: Version 3.4.3 of the PowerDNS Authoritative Server is a major upgrade if you are coming from 2.9.x. Additionally, if you are coming from any 3.x version (including 3.3.1), there is a mandatory SQL schema upgrade. Please refer to the Upgrade documentation for important information on correct and stable operation, as well as notes on performance and memory use.

Released March 2nd, 2015

Bug fixes:

    commit ceb49ce: pdns_control: exit 1 on unknown command (Ruben Kerkhof)
    commit 1406891: evaluate KSK ZSK pairs per algorithm (Kees Monshouwer)
    commit 3ca050f: always set di.notified_serial in getAllDomains (Kees Monshouwer)
    commit d9d09e1: pdns_control: don't open socket in /tmp (Ruben Kerkhof)

New features:

    commit 2f67952: Limit who can send us AXFR notify queries (Ruben Kerkhof)

Improvements:

    commit d7bec64: respond REFUSED instead of NOERROR for "unknown zone" situations
    commit ebeb9d7: Check for Lua 5.3 (Ruben Kerkhof)
    commit d09931d: Check compiler for relro support instead of linker (Ruben Kerkhof)
    commit c4b0d0c: Replace PacketHandler with UeberBackend where possible (Christian Hofstaedtler)
    commit 5a85152: PacketHandler: Share UeberBackend with DNSSECKeeper (Christian Hofstaedtler)
    commit 97bd444: fix building with GCC 5

Experimental API changes (Christian Hofstaedtler):

    commit ca44706: API: move shared DomainInfo reader into it's own function
    commit 102602f: API: allow writing to domains.account field
    commit d82f632: API: read and expose domain account field
    commit 2b06977: API: be more strict when parsing record contents
    commit 2f72b7c: API: Reject unknown types (TYPE0)
    commit d82f632: API: read and expose domain account field

PowerDNS Authoritative Server 3.4.2

Warning: Version 3.4.2 of the PowerDNS Authoritative Server is a major upgrade if you are coming from 2.9.x. Additionally, if you are coming from any 3.x version (including 3.3.1), there is a mandatory SQL schema upgrade. Please refer to the Upgrade documentation for important information on correct and stable operation, as well as notes on performance and memory use.

Released February 3rd, 2015

Find the downloads on our download page.

This is a performance and bugfix update to 3.4.1 and any earlier version. For high traffic setups, including those using DNSSEC, upgrading to 3.4.2 may show tremendous performance increases.

A list of changes since 3.4.1 follows.

Improvements:

    commit 73004f1: implement CORS for the HTTP API
    commit 4d9c289: qtype is now case insensitive in API and database
    commit 13af5d8, commit 223373a, commit 1d5a68d, commit 705a73f, commit b418d52: Allow (optional) PIE hardening
    commit 2f86f20: json-api: remove priority from json
    commit cefcf9f: backport remotebackend fixes
    commit 920f987, commit dd8853c: Support Lua 5.3
    commit 003aae5: support single-type ZSK signing
    commit 1c57e1d: Potential fix for ticket #1907, we now try to trigger libgcc_s.so.1 to load before we chroot. I can't reproduce the bug on my local system, but this "should" help. Seriously.
    commit 031ab21: update polarssl to 1.3.9

Bug fixes:

    commit 60b2b7c, commit d962fbc: refuse overly long labels in names
    commit a64fd6a: auth: limit long version strings to 63 characters and catch exceptions in secpoll
    commit fa52e02: pdnssec: fix ttl check for RRSIG records
    commit 0678b25: fix up latency reporting for sub-millisecond latencies (would clip to 0)
    commit d45c1f1: make sure we don't throw an exception on "pdns_control show" of an unknown variable
    commit 63c8088: fix startup race condition with carbon thread already trying to broadcast uninitialized data
    commit 796321c: make qsize-q more robust
    commit 407867c: mind04 discovered we count corrupt packets and EAGAIN situations as validly received packets, skewing the udp questions/answers graphs on auth.
    commit f06d069: make latency & qsize reporting 'live'. Plus fix that we only reported the qsize of the first distributor.
    commit 2f3498e: fix up statbag for carbon protocol and function pointers
    commit 0f2f999: get priority from table in Lua axfrfilter; fixes ticket #1857
    commit 96963e2, commit bbcbbbe, commit d5c9c07: various backends: fix records pointing at root
    commit e94c2c4: remove additional layer of trailing . stripping, which broke MX records to the root in the BIND backend. Should close ticket #1243.
    commit 8f35ba2: api: use uncached results for getKeys()
    commit c574336: read ALLOW-AXFR-FROM from the backend with the metadata

Minor changes:

    commit 1e39b4c: move manpages to section 1
    commit b3992d9: secpoll: Replace ~ with _
    commit 9799ef5: only zones with an active ksk are secure
    commit d02744f: api: show keys for zones without active ksk

New features:

    commit 1b97ba0: add signatures metric to auth, so we can plot signatures/second
    commit 92cef2d: pdns_control: make it posible to notify all zones at once
    commit f648752: JSON API: provide flush-cache, notify, axfr-retrieve
    commit 02653a7: add 'bench-db' to do very simple database backend performance benchmark
    commit a83257a: enable callback based metrics to statbas, and add 5 such metrics: uptime, sys-msec, user-msec, key-cache-size, meta-cache-size, signature-cache-size

Performance improvements:

    commit a37fe8c: better key for packetcache
    commit e5217bb: don't do time(0) under signature cache lock
    commit d061045, commit 135db51, commit 7d0f392: shard the packet cache, closing ticket #1910.
    commit d71a712: with thanks to Jack Lloyd, this works around the default Botan allocator slowing down for us during production use.

(rodent)