+/- exaile-3.4.1  -> 3.4.3
+/- ghc-7.8.1    -> 7.8.3
+/- scilab-5.5.0  -> 5.5.1
+  rosegarden-14.12

(mef)

Pullup ticket #4576.

(tron)

Change version number from fixed `0' to main Python distribution version,
same as other buitin module (already changed over a half year ago).

(obache)

Updated devel/dev86 to 0.16.21

(ryoon)

Update to 0.16.21

* Update MASTER_SITES.

Changelog:
Not available.

(ryoon)

Updated devel/z80-asm to 2.3.7

(ryoon)

Update to 2.3.7

Changelog:

changes from version ?? to 1.1:
* user interface add key  =  to change the registers
  A,B,C,D,E,H,L,IX,IY,A',B',C',D',E',H',L',I,R
* display and update the cycle counter and the refresh register
* BUG in disasm.c  f_ld  LD rr,(nn) [only 1 byte loaded]  fixed!
* BUG in disasm.c  f_ex  EX (SP),IX break missing ==> runs into EX (SP),IY;  fixed!
* EI replaced by IFF1 & IFF2 (correct LD A,R & LD A,I)
* user interface  @(CPU reset), #(clear memory), *(clear all cpu register),
                  $(clear tick counter), &(SP init)
* console.c:  BUG in c_init()  usuage of undefined variable t  fixed!

changes from version 1.1 to 1.9:
* IN, OUT, INI, OUTD, ...  all implemented
* console.c:  BUG(?) in c_init()  if ICANON cleared  MIN should bet set to 1
* BUG in disasm.c  f_add  all 16-bit addition with carry bit :(  fixed!
* declaration of an assembler label may be appended by a colon
* if PC, SP, and MEMP input is requested current values are displayed in hexa
* HALT really halts the CPU now if interrupt is disabled else set runmode false
* user interface  !(NMI) implemented
* user interface  .  puts compiled instructions into memory and increases addr
* user interface  = =  to change 16-bit registers BC,DE,HL,BC',DE',HL',IX,IY
* BUG in disasm.c  f_adc  wrong carry/h/v flag calculation    fixed!
* BUG in disasm.c  f_sbc  wrong carry/h/v flag calculation    fixed!
* interrupt behaviour simulated, except IM=0 (probably tick count wrong)
* user interface  D(dump/disassemble into file)  toggle DI/EI to key ^ changed
* PC and SP defaults into hexa,  CALL, JP and RST in disassembling format, too
* user interface  " (protocol instructions executed)
* bank switching logic implemented (still experimental)
* BUG in disasm.c  f_ld  if 16 bit load from 0xffff adress OVERFLOW  fixed!
* disasm.c:  f_sll  opcode CB30-CB37  implemented
* warnings and error_msg now  occupy only the very last line (row 23)
* user interface  %  sets a breakpoint with a run counter at current PC
* breakpoints (address & counter) are displayed in row 22
* pseudo instruction EQU in assembler (asm.c) implemented
* CPU Halt-pin/status is displayed in upper right corner if active
* turbo mode improved a lot: 4 levels now (16 min, 380 sec, 38 sec, 2.5 sec)
* disasm.c:  f_nop2  all undocumented ED-opcodes implemented
* all the man pages updated
* turbo mode replaced by controling the clock speed/frequency
* the ports are implemented as a map onto one binary file named .Z80_ports
* hardware_clock.c  and  lcd_display.c  provided as examples for port usage

changes from version 1.9 to 2.0beta:
* BUG in inst-dist.c  ED63  ld hl,(nn)  A_NUM -> A_PODDLE_NUM  fixed!
* z80-asm permits in the case of exactly 1 section and inputfilename ends with
  .asm the outputfile to be optional (.asm is exchanged to .z80 for outputfile)
* BUG in z80-asm: if start > highest byte in memory undefined outputfile length
* HALT halts the CPU now if interrupt is enabled else set runmode false
  necessary for emulator mode ==>  user interface  &  sets a DI on stack
* user interface  !  toggle keyboard read disabled/enabled in run mode
  user interface ESC now simulates a NMI
* z80-mon has option -E for emulator mode (immediately CPU start)
* SIGTERM, SIGHUP terminates z80-mon, SIGUSR1 causes reset, SIGUSR2 causes NMI,
  SIGABORT causes cpu_wait=1 and SIGTRAP makes a CPU dump
* keyboard mapping implemented (used for IN from port stdin)
* simul.c:  decode() now handles stray FD and DD prefixes
* all FD and DD are simulated by decode() ==>  IXh,IXl,IYh,IYl introduced in
  regs.c and regs_token and set N_REGISTERS to 21 , global _ushort ddfdcb_reg
* decoder and executer [decode() and  execute.c] totally checked. Now memory
  read access separated from memory write access. Usage of DATA pins!
* in disasm.c: all 11 CB-executions and all 8 arith/logic-A-executions bundled
* BUG in disasm.c: f_cp/f_cpd/f_cpi/f_cpdr/...  h-flag wrong calculated  fixed!
* BUG in disasm.c: f_dec  p-flag wrong calculated  fixed!
* the f_... functions in execute.c now return a pointer to char, doesn't print
* total memory access encapsulated in memory.c / io-data access simulated
* Makefile updated (*.h) goes now into hardware,  make install added
* doc/man pages updated
* in asm.c: write_to_memory(), set_start_address(), get_current_address()
  introduced for usage of compile() [now returns the number of bytes writen]

changes from version 2.0b to 2.0c:
* BUG in asm.c: lexical_analysis: multiple label definition possible  fixed!
* BUG in compile.c: c_add: ADD IY,IX valid(typo), ADD IY,IY invalid  fixed!
* BUG in execute.c: f_alu: ADD,ADC,SBC use second operand (bad nemonic) fixed!
* BUG in execute.c: f_neg: carry-flag always effected (carry=!!A)  fixed!
* BUG in execute.c: f_bit: sign-flag effected only if bit 7 tested  fixed!
* BUG in execute.c: f_daa: total nonsense! (>=4 independent errors)  fixed!
* z80-asm.c Option -l added ==> in asm.c LISTING in pass 2 evaluated
* in execute.c: in disassembling mode jr and djnz instruction offset with sign
* user interface  t  enables base switch for disassembling constants
* user interface  L  now can read true binary files into memory
* user interface  a,b  changed to  u,v  and  e  deleted [reserved for register]
* pseudo instructions  DEFM, ALIGN  in assembler (asm.c) implemented (sll,too)
* Z80-Asm accepts integers to base 16 also if they have a h or H postfix
* hash table structur/allocation optimized and option -c in z80-asm.c added

changes from version 2.0c to 2.0:
* pseudo instruction  END  added and max label length to be 63 documented
* in asm.h: better interface (highest_address,generated_bytes,set_compile_pass)
* in asm.c: compile(void) now detects an EOF (take_line reads exactly 1 line)

changes from version 2.0 to 2.1
* in asm.c: compile(char *txt) ==> take_line(..) not longer obligate!
* ticks encapsulated ==> wait_tics(AMOUNT) and quartz.c/quartz.h introduced
* -DEFINES in Makefile  and  hardware/z80-ctc.c (experimental/beta Z80_CTC)
* BUG in compile.c: IX-/ IY-displacements must be < 128 and >= -128  fixed!
* in asm.c: in compile() all error_messages bundled (do we like to translate?)
* daisy_chain realized / more realistic interrupt handling by hardware
* bank switching logic re-implemented (still all banks must have same size)
* in regs.c register names to upper case (better to distinguish from addresses)
* user interface  j  switches relative versa absolute address (disasm jr/djnz)
* several small errors/bugs fixed
* user interface  j  enables now labeled address disassembling for jp/call/jr
* user interface  j  enables relative disassembling via two-pass disassembling
* z80-mon with -E now reads CPU status from .CPU and finishes if HALT in DI
* algebraic expressions evaluation in asm.c: valid operators ~,&,|,^,+,-,*,/,%
* in asm.c:  @ is a special 'label' indicating the current PC
* in asm.c: explicit binary constants must be lead-in by # replacing % prefix
      additionaly (to the 0x) the $ prefix for hexadecimal numbers is availible
* BUG in compile.c: c_ret: typo in case PO wrong machine code generated  fixed!
* several DJGCC compilation bugs removed (missing includes,defines,typos)

changes from version 2.1c to 2.2:
* BUG in asm.c: convert_arg: memmove deletes IX or IY but needed later  fixed!
* BUG in execute.c f_out/f_in: ts[] resp. tf[] must be at least 5 chars  fixed!
* BUG in compile.c c_ld: LD HL,(addr) should generate opcode 2A not ED6B fixed!
* BUG in compile.c convert_arg: char consts must not be converted to upper case
                                fixed!
* BUG in compile.c convert_arg: missing {} for for-loop body which results in
                                all strings became nilstrings    fixed!
* BUG in compile.c convert_arg: bug in string parsing, wrong indices  fixed!
* BUG in execute.c f_ld: LD (addr),rr puts only lower byte into memory  fixed!
* BUG in asm.c: convert_arg: (IX+-num)  num argument was not expected to be an
                              expression. test_number() <-> parse_expr()  fixed!
* BUG in asm.c: convert_arg: arg->label undefined! Default to false now  fixed!
* BUG in asm.c: lexical_analysis: overflow possible for 8-bit arguments in 1th
                                  pass if labels are used in expressions fixed!
* BUG in asm.c: lexical_analysis: pseudo instructions I_EQU, I_DEFM, I_ORG,
                                  I_ALIGN  also needs the current address as
                                  argument in pass 1 if it is a label  fixed!
* BUG in asm.c: lexical_analysis: parsing inside '..' was finished by delimiter
                                  (now new error message UNS introduced) fixed!
* BUG in z80-mon.c: main: init_ctc() must be before reset_cpu() because
                          set_cpu_pin() may call set_ctc_pin()! fixed!
* BUG in execute.c: ix_iy_disp: _ushort a must be casted to signed char  fixed!
* BUG in execute.c: reg_str: in case A_PODLE_IX_PLUS, A_PODLE_IY_PLUS argument
                              arg must be casted to signed char  fixed!
* in asm.c: if more than 4 bytes opcodes (e.g. DEFS) only the first 4 are shown
            in the assembler listing
* in asm.c: new error message: Invalid character argument for invalid character
            tokens containing more than 1 (or none) character
* in all places/files exchanged  DEFM <--> DEFS  (defs <--> defm). Historical
    DEFM is used to put messages (strings) in memory and
    DEFS is used to reserve storage (in memory) in Zilog Z80 assembler language

changes after version 2.2:
* BUG in instr.c:  DEFS and DEFM must stay ordered lexicographicly  fixed!
* BUG in asm.c: compile: in printf if i>4 maximum must be 4 not 12  fixed!
* BUG in asm.c: compile: in I_ORG last must be set to address  fixed!
* in memory.c: set_default_byte() introduced to set the default memory value
* in z80-asm new option -f XX (this option defines DEFS & ORG gaps to be XX)
* BUG in asm.c: logic when to calculate EQU is wrong!! we need to store the
                expression in the hash table  NOT FIXED! "(pruchod != 11)"
* BUG in asm.c: the ALIGN statement must produce fill bytes, too (-f XX) fixed!
* BUG in asm.c: overwriting code warning must depend on fill byte  fixed!
* BUG in asm.c: test_number: if base is known (prefix) number may be start
                              with non-digit character  fixed!
* BUG in asm.c: compile I_ALIGN  address is already increased by out()  fixed!
* BUG in z80-asm.c: init: now it has parameter fill_byte to init memory  fixed!
* in asm.c/expression.c/hash.c: new evaluation logic for EQU and expressions
            implemented. Their values are now evaluated in pass 2 recursivly
* in z80-mon.c: ask() and ask_x() accept now all number representations like
            z80-asm (even the '?') except that any sign is forbidden
* pseudo instructions  DEFL  in assembler (asm.c) implemented
* BUG in z80-asm.c: parse_arg: ignores filename parameter if one can be
                                constructed from source filename  fixed!
* BUG in compile.c: out() should be performed to have correct PC if signed or
                    unsigned overflow of 8-bit argument occurs.(ret=8,9) fixed!
* in expression.c: new operators !, <<, >>, ==, !=, >, <, >=, <=, &&, ||
* BUG in hash.c:  last_label_reusable: uniq must be negated    fixed!
* in asm.c:  DEFL lables now multiple in hashtable (distinguished by lineno)
* in asm.c:  COND/ENDC enables conditionel compiling
* BUG in execute.c: f_in_block, f_out_block: F_sign, F_Z not effected and
                    if B!=0 F_Z not cleared  fixed!
* BUG in Makefile: now manuals are in doc/man not in doc  fixed!
* BUG in asm.c: convert_arg: indirect addressing was wrongly recognized  fixed!
* BUG in hash.c: is_in_table: for non-uniq lables (DEFL) wrong element  fixed!
* BUG in hash.c: add_to_table: ->uniq undefined  fixed!
* in expression.c: new operators ** , // , ?  and right operand of << and >>
                    is now interpreted as unsigned
* BUG in expression,c: parse_expr(): all expressions must be tried to be
                        evaluated in PASS 1 (needed for ORG, DEFS, CONDC) fixed!
* in ports.c:  cpu_pin iorq used, and the variables ADDRESS and DATA are set.
* in hardware/README:  explanation how to implement further add-ons
* z80-mon.c:  main: cpu_pins  busrq and busack are now served
* z80-cpu.c/ports,c:  Z80-CTC port access now wired at Z80-CPU
* BUG in ports.c: in_byte():  missing DATA bus assign from *data  fixed!

changes after version 2.3:
* BUG in Makefile: DEFINES are not put to in $(MAKE) hardware  fixed!
* hardware:  logic_analzyer implemented (to view the Z80 pins)
* in decode.c: refresh_cycle()  mreq- and rfsh-pin used and I<<8|R onto ADDRESS
* in z80-cpu.c:  machine cycle counter (triggered by wait_tics)
* BUG in asm.c:  no_para[]: RST needs 1 Parameter, not 0  fixed!
* BUG in execute.c: cp_block:  3 tics missing  fixed!
* in z80-mon.c:  machine cycle counter displayed
* in z80-cpu.c:  busrq  is now acknowledged at beginning of each machine cycle
* with dummy.c  print_ticks() reintroduced to mask it in non z80-mon programs
  using acknowledge_bus_request()
* BUG in hardware/z80-ctc.c: read_word():  fp may be 0  fixed!!
* only if !cpu_is_in_disassemble then set_cpu_pin() , acknowledge_bus_request()
  and  ADDRESS  are used  (databus can be used if cpu_is_in_disassemble mode)
* port_buffer for OLD_STYLE port_access via Z80_PORTS put in hardware now
* z80-global im Makefile als dependence of z80-cpu.h
* SSL_ZDS trigger in hardware
* BUG in execute.c: f_inc/f_dec: 16 bit registers shouldn't change flags fixed!
* BUG in execute.c: f_rrd: lower nibble in accu set wrongly  fixed!
* BUG in execute.c: f_adc16/f_sbc16: zero_flag wrongly calculated  fixed!
* BUG in execute.c: f_inc/f_dec: PV_flag wrongly calculated  fixed!
* in z80-asm.c und z80-mon.c option parsing simplified und equaly processed.
* BUG in execute.c: add,adc,sub,sbc,cp,f_adc16,f_sbc16: underflow check for
                    < -127 , < -32767 missing (V-Flag wrongly computed)  fixed!
* BUG ins asm.c: convert_arg():  arg->text isn't initialized to 0.  fixed!
* BUG in regs.h: missing #include "z80-global" to define seznam_type  fixed!
* BUG in execute.c: f_neg: PV_flag wrongly calculated  fixed!
* BUG in execute.c: f_neg: H_flag setiing typo: F_N must be F_NH  fixed!
* BUG in execute.c: f_inc/f_dec: PV_flag wrongly calculated for 8-bit register
                          (last fix affected only 8-bit memory access)  fixed!
* BUG in execute.c: add/adc/sub/sbc/cp/adc16/sbc16:  V_flag inverted mapped on
                                                      P_flag  fixed!
* in all Makefile:  -malign-function=0 replaced by -falign-function=0  and
                    Makefile-Variable CC  set to  gcc.
* doc/execute_timing.tex  to  doc/execute_timing.txt  renamed
* BUG in z80-mon.c: main: counter b & s for argv wrongly increased  fixed!
* BUG in memory.c: init_banks: map must be 0-pointer for first realloc  fixed!
* BUG in memory.c: init_banks: tok[3] must be tok[4] in two lines  fixed!
* BUG in memory.c: init_banks: superfluious else prohibited  bank[id].back_up
                    allocation.  fixed!
* BUG in memory.c: init_banks:  strtoul(..) needs check of *p if p is defined
                    after scanning tok2 and tok4 for numbers  fixed!
* BUG in memory.c: _uchar memory_at: logic for bank_access is missing  fixed!
* in hardware/banks-*:  new bank-mask notation introduced
* in doc/man/z80-banks.5  default bank after reset/initialisation documentated.
* in memory.c  bank-mask must now be a 2 hexadecimal number
* in doc/man/z80-mon.1  execution-mode preciser defined.
* in z80-cpu.c/z80-cpu.h:  new cpu-flag  cpu_is_in_x_mode  defined
* in z80-mon.c: main: cpu_is_in_x_mode is set if 'Execute instruction'-Key
* in execute.c:  cpu_is_in_x_mode  used for jr/djnz/halt/cp-, ld-, out-, in-
                  block instructions used

(ryoon)

Correct the error on previous commit.
(1) ${PREFIX} handling was not correct
(2) It is said ascii.cgi is deleted in ChangeLog, it was not taken care
  properly.
  3.14: 2013-11-27
      ascii.cgi deleted: the <isindex> it relies on is archaic and nonconformant.
Thanks joerg@ for review.

(mef)

MASTER_SITES moved from cs.cmu.edu to festvox.org.

(mef)

Updated games/openttd to 1.4.4
Updated games/openttd-data to 0.5.0

(ryoon)

Update to 0.5.0

* Update opengfx data to 0.5.0

Changelog:
* Add splites support

(ryoon)

Update to 1.4.4

Changelog:
1.4.4 (2014-10-21)
------------------------------------------------------------------------
(None)

1.4.4-RC1 (2014-10-08)
------------------------------------------------------------------------
- Fix: Image widgets stored 32bit SpriteID in uint16 (r26971)
- Fix: Owner of road depot road types were not properly changed upon bankruptcy [FS#6126] (r26955)
- Fix: Compilation on HAIKU (r26922)
- Fix: Crash when enabling 'Full animation' if multiplayer chat text is on screen [FS#6096] (r26919)
- Fix: Height computation of game script text in town GUI did not consider margins [FS#6119] (r26859)
- Fix: [Squirrel] Debian lintian issues (r26853)
- Fix: Compilation of strgen on various platforms like Solaris (r26850)
- Fix: Better display of refit information for articulated vehicles [FS#6113] (r26849, r26848)
- Fix: Do not assign a next hop when returning cargo [FS#6110] (r26847)
- Fix: The ok-button in the OSK for the signs list should just close the OSK [FS#6116] (r26827)

1.4.3 (2014-09-23)
------------------------------------------------------------------------
(None)

1.4.3-RC2 (2014-09-14)
------------------------------------------------------------------------
- Fix: Crashes on joining a server with pending order backups [FS#6112] (r26819)
- Fix: Crashes on start due to dereferencing the -1 index of the file names array of music files (r26809)

1.4.3-RC1 (2014-09-07)
------------------------------------------------------------------------
- Fix: TC_NO_SHADE did not work for 32bpp text rendering (r26792)
- Fix: Loading a game with order backups leaked Orders and left unreachable items in the pool (r26787)
- Fix: Buffer overrun in SQCompiler::Error (r26764)
- Fix: Desync due to not always properly restoring game state from the savegame (r26753)
- Fix: [Script] Crashes and infinite loops when using lists in item-descending order [FS#6085] (r26744)
- Fix: Incorrect CFLAGS when enabling gprof profiling (r26737, r26735)
- Fix: Do not reset the last selected airport or layout, unless it is really necessary [FS#6083] (r26732)
- Fix: Use the normal search path to look for xdg-open at Unix [FS#6077] (r26724)
- Fix: Properly check for cargo acceptance of houses [FS#5997] (r26723)

1.4.2 (2014-08-16)
------------------------------------------------------------------------
(None)

1.4.2-RC2 (2014-08-03)
------------------------------------------------------------------------
- Change: Use awk instead of trying to convince cpp to preprocess nfo files (r26708)
- Fix: CMD_CLEAR_ORDER_BACKUP should not be suppressed by pause modes (r26716)
- Fix: [NewGRF] Parameters to SCC_NEWGRF_PUSH_WORD and SCC_NEWGRF_UNPRINT were not skipped during drawing (r26713)
- Fix: [OSX] Compilation fails with some lzo2 versions, if __LP64__ is defined to 0 instead of checking whether it is defined [FS#6069] (r26709)
- Fix: Wrong breakdown sound was played for ships [FS#6015] (r26706)
- Fix: Integer overflows in acceleration code causing either too low acceleration or too high acceleration [FS#6067] (r26702)
- Fix: Discard incorrectly saved order backups when clients join [FS#6066] (r26700)
- Fix: Do not crash when trying to show an error about vehicle in a NewGRF and the NewGRF was not loaded at all (r26699)
- Fix: Slovak uses space as group separator in numbers [FS#6064] (r26695)
- Fix: Tighten parameter bound checks on GSCargoMonitor functions, and return -1 on out-of-bound parameters (r26685)

1.4.2-RC1 (2014-07-03)
------------------------------------------------------------------------
- Fix: CargoPacket::SourceStation() returns a StationID (r26660)
- Fix: Days in dates are not represented by ordinal numbers in all languages [FS#6047] (r26657)
- Fix: Production cheat cannot be allowed to be active in multiplayer for desync reasons, even when activated in singleplayer previously [FS#6044] (r26656)
- Fix: Make sure an 'abs' is used that supports int64 when using 'abs' on those variables (r26651)
- Fix: Support save/load chunk lengths of up to (1 << 32) - 1 [FS#6041] (r26650)
- Fix: Incorrect usage of string commands in the base language [FS#6037] (r26642, r26640, r26639, r26632)
- Fix: Segmentation fault when encountering a .obg/.obs/.obm with empty string/zero length MD5 checksums [FS#6038] (r26637)
- Fix: The 'Load' button was not properly enabled/disabled for old savegames without NewGRF information (r26634)
- Fix: If the video driver fails to supply a list of resolutions, display an error message [FS#6012] (r26629)

1.4.1 (2014-06-02)
------------------------------------------------------------------------
- Fix: First send packages about new company, then clients joining it to admin port [FS#6025] (r26616)

1.4.1-RC2 (2014-05-18)
------------------------------------------------------------------------
- Fix: Save/load issues on big endian machines (r26593, r26590, r26589)
- Fix: Consider multiheaded trains in station refits [FS#5995] (r26586)
- Fix: Game script could be changed in game by double clicking [FS#5974] (r26583)
- Fix: Transfer stations also should have a cargo rating [FS#5989] (r26581, r26580)
- Fix: [Network] AIs would not reset certain network state information upon creation of their company [FS#6003] (r26578, r26576)
- Fix: [Network] Client of non-dedicated server was not correctly put into the first company for all state variables [FS#6001] (r26577)

1.4.1-RC1 (2014-05-04)
------------------------------------------------------------------------
- Change: Remove demand calculation based on tiles (r26484)
- Change: Use pkg-config for libpng as well (r26435, r26433, r26432)
- Change: Use better distance metric for link graph [FS#5941] (r26411)
- Fix: [Windows] Crash when the operating system performs the "paint" callback during window creation [FS#5994] (r26539, r26538)
- Fix: OpenBSD compilation [FS#5992] (r26523)
- Fix: prevent from ever reading huge (or negative) amounts of data in strgen (r26521)
- Fix: Severity rating of dedicated server messages during world generation (r26518)
- Fix: Buffer overruns in handling of symbolic links inside tars (r26514)
- Fix: Incorrect usage of strecpy (r26505, r26485)
- Fix: Reading console input on dedicated server relied on unspecified behaviour (r26496)
- Fix: Allow single-vehicle consists to station-refit in a meaningful way (r26483)
- Fix: Prevent comparing to NULL when strndup could not allocate memory (r26476)
- Fix: Potentially undefined shifts in NewGRF code (r26475)
- Fix: Make sure there is no uninitialised sprite data (r26473)
- Fix: Draw text shadow for ellipses (r26467)
- Fix: Add special handling for PALETTE_CRASH to work for non-8bpp-mapped sprites (r26463)
- Fix: Avoid division by 0 when scaling flow values [FS#5970] (r26448)
- Fix: Draw links to match _settings_game.vehicle.road_side [FS#5961] (r26445)
- Fix: Load button for heightmap list was missing [FS#5953] (r26428)
- Fix: Do not crash when supplying an invalid filename without extension to cmd parameter -q (r26423)
- Fix: Some road constructions used the rail sound effect [FS#5946] (r26422)
- Fix: Goal GUI failed to shade [FS#5948] (r26420)
- Fix: Shares button state was not appropriately updated when switching setting or company [FS#5947] (r26416)

1.4.0 (2014-04-01)
------------------------------------------------------------------------
(None)

1.4.0-RC1 (2014-03-18)
------------------------------------------------------------------------
- Feature: [Script] APIs to get cargo waiting from/via other station (r26396)
- Fix: Do not explain "symmetric" cargodist mode when the setting does not allow it [FS#5939] (r26394)
- Fix: Update distances between link graph nodes when station sign is moved (r26393)
- Fix: No need to call OnFocus twice [FS#5933] (r26392)
- Fix: Select a specific font size when freetype fails to select one automatically [FS#5885] (r26389)
- Fix: Return correct values from ICU iterators in case of leading or trailing whitespace [FS#5924] (r26384)
- Fix: All goal commands invalidated the goal list of company 0 [FS#5932] (r26382)

1.4.0-beta5 (2014-02-25)
------------------------------------------------------------------------
- Feature: Warn the user about empty setting search results, and about missing setting search results due to filtering (r26322, r26321)
- Feature: [NewGRF] Extend object variable 0x60 to also return the view [FS#5696] (r26316)
- Feature: Allow map sizes up to 4096x4096 (r26319)
- Feature: [NoGo] Allow GS to hide story page date (r26307)
- Feature: [NoGo] More story APIs: RemovePageElement, GetCompany, GetDate, SetDate (r26306)
- Feature: [NoGo] ScriptStoryPageElementList() - a list of all story page elements for a given page (r26305)
- Feature: [NoGo] ScriptStoryPageList() - a list of all story pages (r26303)
- Change: improve the performance of map generation (r26313, r26312, r26311, r26310, r26309, r26308)
- Fix: Station sizes > 8 were always allowed [FS#5929] (r26375)
- Fix: [NewGRF] Mixed up callback mask flags in station inspect window [FS#5928] (r26374)
- Fix: Calling DoCommandP during the gameloop cleared pending persistent storage changes [FS#5831] (r26371)
- Fix: [Windows] Use a separate event to indicate that the drawing thread has finished initialising, preventing potential deadlocks (r26367)
- Fix: [Windows] Protect the whole video driver from concurrent access (r26366)
- Fix: [Windows] Do not draw the cursor when its sprite is not ready and set _screen.dst_ptr immediately when the buffer changes [FS#5867] (r26365)
- Fix: Writing out of the bounds of the rail type map [FS#5892] (r26364)
- Fix: Reset the default window size icon size just like all the other cached icon sizes [FS#5906] (r26362)
- Fix: ClientSizeChanged is only called via WndProcGdi which already has the mutex [FS#5922] (r26360)
- Fix: Some order options do not combine with others, e.g. go via + full load [FS#5845] (r26357)
- Fix: Protect all VideoDriver_SDL methods with the (now recursive) _draw_mutex (r26351)
- Fix: Make sure link graph jobs can delete themselves after SLA_NULL [FS#5898] (r26347)
- Fix: Call Layouter::ReduceLineCache from GenerateTownName in all cases to keep cache size in check [FS#5870] (r26346)
- Fix: Rewrite SmallStack so that it does not use a pool and is re-entrant (r26343)
- Fix: Reroute cargo when automatic distribution is switched off [FS#5902] (r26341)
- Fix: Do not redraw the link graph overlay if it is empty [FS#5908] (r26338)
- Fix: Some inconsistencies regarding link graph (job) IDs (r26331)
- Fix: The case of rerouting cargo from one VehicleCargoList to another (r26330)
- Fix: Take care of next_station when reassigning from MTA_DELIVER to MTA_TRANSFER [FS#5901] (r26327)
- Fix: when autosaving the message about a save already happening could be shown, even though the code's intention was to not show it [FS#5871] (r26326)
- Fix: Check whether NewGRF change vehicle capacity when they are not supposed to, and truncate cargo appropriately if they are allowed to [FS#5897] (r26317)
- Fix: The giant-screenshot confirmation window only triggered for ridiculously big screenshots, not for ludicrously big ones [FS#5899] (r26314)

1.4.0-beta4 (2014-02-06)
------------------------------------------------------------------------
- Change: [NewGRF] Make vehicle variable 61 return 'not available' instead of zero when using it in invalid callback contexts (r26294)
- Feature: Display speed limit also for road bridges in the TileInfo window [FS#5849] (r26277)
- Fix: [NoGo] Invalid DoCommand return callback for method returning bool (r26298)
- Fix: Correctly identify opposite ends of bridges and tunnels when converting rails [FS#5866, FS#5888] (r26291)
- Fix: Prevent infinite recursion also in RefreshLinks [FS#5878] (r26283)
- Fix: [NoAI] Some RemoveRail methods required to set a valid railtype, though it was not used anyway. Remove the need to set one [FS#5853] (r26279)
- Fix: Do not spawn link graph jobs for link graphs with only one node [FS#5874] (r26276)
- Fix: [NewGRF] If NewGRF provided the same station name for different industry types, stations would end up with same name. So also consider the provided name, not only the industry type (r26275)

1.4.0-beta3 (2014-01-21)
------------------------------------------------------------------------
- Feature: Several small performance improvements with the SSE blitters (r26260, r26259, r26256, r26255, r26254)
- Feature: [NewGRF] Add StringCodes 9A 1B, 9A 1C and 9A 1D to display amounts of cargo (r26244)
- Fix: Do not run into infinite recursion when getting next stopping station [FS#5865] (r26267, r26263)
- Fix: Update smallmap overlay if player joins different company and make sure company masks are valid [FS#5860] (r26266)
- Fix: Do not rebuild the link graph overlay cache twice in a row (r26265)
- Fix: Custom currency was reset on game start (r26262)
- Fix: Possible out of bounds reads with the SSE blitters [FS#5854, FS#5855] (r26247)
- Fix: Do not over reserve after autorefit, but do reserve mail for aircraft (r26236)
- Fix: Decimal and digit separators were swapped for Korean language (r26235)

1.4.0-beta2 (2014-01-07)
------------------------------------------------------------------------
- Feature: Blitter autoselection is now based on full animation state, so a non-animated specialised blitter will generally be chosen when animation is turned off (r26217)
- Feature: Specialised animated SSE4 blitter, and non-animated SSE4.1, SSSE3 and SSE2 blitters, improving the blitting significantly in many situations (r26214, r26213, r26212, r26211)
- Feature: Specialised SSE 4.1 sprite sorter, improving the sorting performance significantly (r26205)
- Fix: Validate everything from ini, obg, obs, obs, ... files [FS#5829] (r26206)
- Fix: Allow refitting at station if cargo has already been reserved (r26187)
- Fix: Visual effects did not work for articulated RV parts (r26180)

1.4.0-beta1 (2013-12-24)
------------------------------------------------------------------------
- Feature: [NewGRF] Vehicle variable 4D for determining the position within an articulated vehicle (r26157)
- Feature: [NewGRF] Invalidate vehicle colour palette when leaving a station [FS#5669] (r26027)
- Feature: [NoGo] New goal type that show a story page when clicked (r26012)
- Feature: Optional filter parameter to the 'content state' console command, to limit the content list to only content where the name match the filter (r26000)
- Feature: When calling the 'content select' console command without args, display all selected content (r25999)
- Feature: XDG base directory support [FS#5385] (r25975)
- Feature: [Script] ScriptTown::GetFundBuildingsDuration (r25969)
- Feature: [Script] ScriptTown::TOWN_GROWTH_NONE to indicate no town growth via ScriptTown::SetGrowthRate and GetGrowthRate (r25968)
- Feature: [NoGo] GSTown::TOWN_GROWTH_NORMAL to reset a town growth rate set previously via GSTown::SetGrowthRate (r25967)
- Feature: [NewGRF Debugging] Inspecting other vehicles in a chain (r25946)
- Feature: [NewGRF] Object property 0x18 to allow specifying the number of objects of that type being placed upon map creation (r25878)
- Feature: [NewGRF] Object property 0x10, bit 13 indicating that object amount scales with water content of map border (e.g. used for lighthouses) (r25874)
- Feature: Highlight active goto item in order list dropdown [FS#5784] (r25859)
- Feature: [Admin] Send info on bankruptcy quarters also in ADMIN_PACKET_SERVER_COMPANY_INFO [FS#5756] (r25845)
- Feature: Increase maximum number of object instances on the map from 64k to about 16M (r25844)
- Feature: Increase the total number of object types from 256 to 64000 (r25835)
- Feature: [NewGRF] Increase the object class limit from 32 to 255 (r25831)
- Feature: Toggle button for wrapping lines in the textfile GUI [FS#5748] (r25816)
- Feature: [NoGo] Game Scripts can now charge fees and give money to companies (r25788)
- Feature: [Script] Allow AIs and GS to found towns. Allow GS to rename towns (r25785)
- Feature: Add keywords to the openttd.desktop.in file (r25783)
- Feature: Sticky and shade buttons for jukebox window [FS#5743] (r25776)
- Feature: Additional layered main toolbar arrangements (r25772)
- Feature: Allow implicit orders even if no explicit ones are given (r25735)
- Feature: [OSX] Pinch gesture support for zooming [FS#4760] (r25666)
- Feature: Split unit localisation choice into a choice per type of unit, and move it to the advanced settings (r25508)
- Feature: Have tractive effort in imperial (lbf) and metric (kgf) units, have weights and volumes in imperial units (short tons, gallons) [FS#5482] (r25508)
- Feature: Differentiate between total waiting cargo count and available (not reserved) cargo count in the station list and sort based on the cargo count, not the cargo value (r25405)
- Feature: Timetable spreading of vehicles by Ctrl+Click when setting a start date (r25377)
- Feature: Allow opening a goal list and story window specific to a company (r25372, r25369)
- Feature: Show cargo by next hops and final destinations in the station GUI (r25365)
- Feature: Consider cargo waiting at other stations for rating at the origin station (r25362)
- Feature: Distribute cargo according to plan given by linkgraph (r25361)
- Feature: [NoGo] GUI for viewing story pages (r25344)
- Feature: Add industry list to scenario editor's map menu (r25335)
- Feature: [NoGo] Allow more concurrent goals in a game (r25299)
- Feature: [NoGo] Goals can now have a progress text and/or be marked as completed (r25296)
- Feature: Allow saving window sizes as default sizes (r25295)
- Feature: Add another button to window title bars to resize the window to its default size (r25294)
- Feature: Save stickyness of windows when Ctrl+Clicking the sticky button (r25292)
- Feature: When opening the object-build window, restore the object build-window to the previous state (r25284)
- Feature: Show the approximate monthly supply to a station of the different cargoes (r25272)
- Feature: [Win32] Driver param for the DirectMusic driver to specify the output port to use [FS#5552] (r25269)
- Feature: Linkgraph overlay over main viewport (r25264)
- Feature: Linkgraph overlay for smallmap (r25262)
- Feature: Display imminent closure of an industry in its view window (r25238)
- Feature: [NewGRF] Expose sprite base of foundation and shore sprites via Action D Game Variables (r25230)
- Feature: [NewGRF] Variable 0x82 for canals and rivers (dike map) (r25229)
- Feature: [Script] ScriptStation::HasRating [FS#5514] (r25150)
- Feature: Add sorting on rating for the town directory window [FS#5288] (r25097)
- Feature: Introduce dropdown for selecting the sort criterion in the town directory window (r25094)
- Feature: Georgian Lari and Iranian Rial as currencies [FS#5212] (r25076)
- Feature: Collapse subtypes in the refit GUI and only expand them after selecting the cargo type (r25044)
- Feature: Only display subtypes in the refit GUI which are available for all selected vehicles. Also add a generic list item to refit while keeping the subtypes of individual vehicles [FS#3764] (r25043)
- Feature: Show the amount of cargo that has already been reserved by full loading vehicles in the station (r25013)
- Change: [NewGRF] Reset the temporary storage registers for every sprite resolving (r26173)
- Change: Improve layout of build-airport GUI [FS#5832] (r26165)
- Change: Make it slightly more clear what ports are coming from where in the debug output when listening (r25997)
- Change: Preselect the current replacement in the right-side list of the autoreplace GUI, instead of selecting the first resp. previous item [FS#5734] (r25919)
- Change: Unify behaviour when clicking on different items in the goto dropdown list when giving orders (r25894)
- Change: Do not offer subsidies for auto-distributed cargo [FS#5766] (r25882)
- Change: Allow to remove unowned objects unless they have the 'unremovable' flag (r25879)
- Change: In scenario editor allow to build all objects which were available at any point in the past to support building scenarios with historic items (r25875)
- Change: Display the cost to upgrade a bridge at the end of bridge that was clicked and not the other end, which could be outside of the screen in some cases (r25854)
- Change: [NewGRF] Lower the limit of airport tile types, house types, industry tile types and object types per NewGRF from 256 to 255 to prevent usage of ID 0xFF in Action3, and thus allowing it to become an extended byte somewhen (r25841, r25839, r25837, r25834)
- Change: Clarify the relevance of the permissible palettes (r25792)
- Change: [NewGRF] Invalidate vehicle recolour palette during (un)loading [FS#5669] (r25648)
- Change: If an editbox is configured to be cleared with ESC, but the editbox is already empty, unselect the editbox instead (r25647)
- Change: Make the bridge and object picker not restore their previous size, but the previously saved size (r25543)
- Change: Right align the infrastructure statistics [FS#5595] (r25515)
- Change: Clarify the meaning of the server advertisement settings (r25252)
- Fix: Unify the time a RV needs to travel through a curve [FS#5831] (r26169)
- Fix: Certain hotkeys crashed the content GUI when the list was empty [FS#5834] (r26167)
- Fix: Backup data of altered persistent storage arrays was freed twice [FS#5830] (r26161)
- Fix: [Script] Various API functions did not check whether ScriptRoad::SetCurrentRoadType was called appropriately [FS#5825] (r26149)
- Fix: [Script] API failed for vehicles with only implicit orders [FS#5824] (r26148)
- Fix: Several fixes found by static code analysis (r26132, r26130-r26097, r26091-r26077, r26073-r26046)
- Fix: Invalidate vehicle colour palette again when rearranging consist, reversing, etc (r26026)
- Fix: [NoGo] Properly validate the range of the growth rate passed to GSTown::SetGrowthRate, instead of masking it to 16 bit (r25966)
- Fix: [Admin] The frame of a command packet was not set for the packets that were sent via the admin interface (r25770)
- Fix: [OSX] The new 10.7 fullscreen code can now also be compiled with older SDK versions [FS#4744] (r25657)
- Fix: Under certain circumstances a track type change would make the end-of-line-is-red setting ineffective [FS#5216] (r25609)
- Fix: Highlight the right entry in the sorting selector in station view window (r25426)
- Fix: Suppress focusing editboxes which are not visible (r25413)
- Fix: Add missing compatibility settings in afterload (r25390)
- Fix: Allow changing GS settings in-game via the AI/GS config window [FS#5507] (r25104)
- Fix: [NewGRF] Do not compare GRF local cargo subtype IDs from different GRFs (r25042)
- Remove: Ordered refit with subtypes, since the cases where it worked were corner cases rather than the general case [FS#3764] (r25041)

1.3.3 (2013-11-29)
------------------------------------------------------------------------
- Fix: Aircraft crashing near the map's border due to a lack of airports could trigger a crash [CVE-2013-6411] [FS#5820] (r26134)

1.3.3-RC2 (2013-11-24)
------------------------------------------------------------------------
- Fix: [Script] Prevent scripts from crashing OpenTTD when they send text with command codes to user editable texts such as sign and station names [FS#5818] (r26093, r26092)
- Fix: Occasional hanging when client joins [FS#5811] (r26043)
- Fix: Multi line text was handled incorrectly causing glitches [FS#5809] (r26037, r26036)

1.3.3-RC1 (2013-11-17)
------------------------------------------------------------------------
- Fix: Crash when the ICU layouter thinks a font is corrupted [FS#5711] (r26029, r26018, r26017, r26016, r26015)
- Fix: Make the installer warning about Windows XP SP3 not trigger on the 64 bit Windows XP which is not really Windows XP to start with [FS#5773] (r26028)
- Fix: Only forward key presses to the IME system if an edit box has the input focus (r26023, r25693, r25691, r25689, r25686, r25684, r25682, r25681, r25667)
- Fix: Having trains miss a platform that is just being modified is less of a problem than having trains stop twice without moving [FS#5684] (r26013)
- Fix: --help text of ./configure for packages that require pkg-config (r26011)
- Fix: The AI/GS library name to use in Import, is not the name given by GetName but GetInstanceName [FS#5662] (r26010)
- Fix: [Windows] Conditional expression with enumeral with non-enumeral type (r26009)
- Fix: Game script showing vehicle on e.g. a goal, then the vehicle being removed and eventually being replaced by a non-user vehicle (most likely smoke) causing an assertion to trigger [FS#5804] (r26007, r26006)
- Fix: Crash when transferring savegame from server to client [FS#5478] (r26005)
- Fix: [OSX] Text input into an edit box would trigger hotkeys [FS#5705] (r26003, r25743, r25671)
- Fix: Comma key collided with F12 key for hotkeys; also remove '+' as that is generally not a key (the '+' on the numpad is a separate one) [FS#5679] (r25973)
- Fix: Rail laying sounds of others could be heard in multiplayer [FS#5665] (r25972)
- Fix: [SDL] Recursive mutex locking when changing blitter [FS#5787] (r25970)
- Fix: The wrong vehicle would be taken in a shared order vehicle list window when the ID >= 65536, causing assertions triggering later on [FS#5800] (r25965)
- Fix: [OSX] Compilation under OSX 10.9 [FS#5797] (r25962, r25951, r25950, r25913)
- Fix: [NewGRF] A powered rail type implies it is compatible as well, but some NewGRF did not state that causing the path reservation code to bail out in some cases because there was no compatible path [FS#5779] (r25961)
- Fix: Temporary persistent storage modifications, e.g. command tests or those from GUI, were not properly reset, creating the possibility of desyncs [FS#5772] (r25956)
- Fix: Train's 'force proceed' status gets reset when the track on the other side of the tile has a signal [FS#5723] (r25955)
- Fix: Wrong signal conversions for savegames from before 0.4.5 [FS#5731, FS#5732] (r25954, r25953)
- Fix: Do not skip numbers when skipping spaces and other sorting 'improving' characters [FS#5719] (r25952)
- Fix: Text direction forcing characters were not filtered out, but shown as ? when ICU was not used for layouting. These are included in chat and console messages to force them to be displayed right [FS#5683] (r25949)
- Fix: NewGRF inspect window in RTL mode (r25943)
- Fix: [NoGo] Preserve the relative town growth progress when changing the town growth rate [FS#5786] (r25931)
- Fix: Several drawing overflows in the signal GUI [FS#5733] (r25929, r25928, r25927)
- Fix: Centre the edit sign window like all query windows (r25918)
- Fix: Initialisation of default objects swapped cost and dates (r25868)
- Fix: Use the actual sprite dimensions for sizing the dropdown arrow of dropdown widgets (r25864)
- Fix: If the child widgets of a NWidgetHorizontal container do not fill the complete container, align them according to text direction [FS#5686] (r25862, r25729)
- Fix: When clearing font cache, also clear layout cache [FS#5737] (r25860)
- Fix: Goto button in order window was not always lowered when it should [FS#5783] (r25858, 25857)
- Fix: Searching for a suitable font failed, if one of the fonts had no '?' glyph, and no baseset is installed [FS#5704] (r25822, r25820)
- Fix: Sprite 0 was considered available, even if no baseset was loaded (r25821)
- Fix: [GS] Language file scanner considered filenames starting with '.' as valid translations, resulting in languages with empty name, which causes trouble [FS#5750] (r25818)
- Fix: [GS] Handle savegames which contain GS translations for languages with empty name more gently [FS#5750] (r25817)
- Fix: [Script] ScriptTile::IsBuildableRectangle could report true for tiles outside of the map, if they happened to wrap around into a valid area [FS#5754] (r25815)
- Fix: [Script] Decoding JSON data with an empty array from Admin port failed (r25809)
- Fix: Ensure the vehicle bar is high enough for the start/stop vehicle graphics [FS#5740] (r25805)
- Fix: Lower sprite and text at the vehicle bar if it is pressed [FS#5739] (r25804)
- Fix: Draw start/stop graphics of the vehicle bar at the right place in RTL mode [FS#5738] (r25803)
- Fix: [NewGRF] Do not allow changing palette when it is set by the NewGRF (r25794, r25793, r25972)
- Fix: Some spelling corrections to Catalan and Latin American town names [FS#5746] (r25775, r25774)
- Fix: If old savegames contain bridges over owned land, keep on drawing the bridges nevertheless [FS#5725] (r25753)
- Fix: Several RTL alignment issues [FS#5692] (r25733, r25732, r25731)
- Fix: NWidgetMatrix used pip_pre and pip_post inconsistently and incorrectly, causing misalignment for RTL [FS#5686] (r25727)
- Fix: Right side of object class string was misaligned (r25726)
- Fix: [OSX] Do not pass -mmacosx-version-min to compilers that do not support it (r25706)
- Fix: Autoreplace/renew also refits free wagons [FS#5700] (r25698)
- Fix: Textbuf caret rendering for complex scripts (e.g. Tamil) (r25696, r25694, r25652, r25651, r25092, r25091)
- Fix: Vehicle::MarkDirty must be called for the front engine [FS#5700] (r25695)
- Fix: [Win32] Several issues regarding conversion of characters (r25677, r25676, r25675, r25674, r25673)
- Fix: [Win32] Handle Unicode characters from outside the BMP correctly (r25672, r25670, r25669, r25668)
- Fix: [OSX] Crash when unhiding the main window [FS#4689] (r25665)
- Fix: [OSX] Bootstrap downloading of a baseset did not work [FS#4847] (r25664)
- Fix: [OSX] Monospace font detection [FS#4857] (r25663, r25662)
- Fix: [OSX] Rework font detection to work even if no default font sprites are present [FS#4847] (r25661)
- Fix: [OSX] The name is OpenTTD, not OTTD (r25660)
- Fix: [OSX] System mouse cursor could become visible during dragging [FS#4420] (r25659)
- Fix: [OSX] The mouse cursor would sometimes jump near the window borders [FS#4392] (r25658)
- Fix: [OSX] The new 10.7 fullscreen code can now also be compiled with older SDK versions [FS#4744] (r25656)
- Fix: [OSX] Mouse cursor was not displayed properly after switching to fullscreen on 10.7+ (r25655)
- Fix: Improve character and word deletion for CJK languages and complex scripts (r25654, r25653)
- Fix: [OSX] Define version constants before they are used (r25643)
- Fix: Some icu_config scripts are too stupid to separate two ldflags by spaces, thus only call it with one (r25642, r25638)
- Fix: Do not suggest a start date for the game when there will be no vehicles available at all (r25640, r25639)
- Fix: City list sort of population and rating are reversed compared to the icon [FS#5666] (r25630)
- Fix: [Script] Give a slightly less generic error when removing nonexistent rail [FS#5651] (r25614)
- Fix: [Script] Do not return ERR_UNKNOWN when trying to move an order to its current location [FS#5648] (r25612)
- Fix: Various misreferences in AI and GS changelog [FS#5649] (r25607)
- Fix: [Script] If a NewGRF returned station type that could not be built by an AI via callback 18, an unknown error would be thrown instead of falling back to the default station [FS#5641] (r25605)
- Fix: Only the front engine's date of last service was updated [FS#5550] (r25604)

(ryoon)

Updated textproc/libyaml to 0.1.6nb1

(wiz)

Fix CVS-2014-9130 using the upstream patch.
Bump PKGREVISION.

(wiz)

Fix build with MesaLib 10 (under recent NetBSD/amd64 7.99.3).

(ryoon)

Update HOMEPAGE, was Host Unknown. But the link to download still gets 404.

(mef)

Note update of net/ntp4 package to 4.2.8.

(taca)

Update ntpd4 pacakge to 4.2.8, here is summary for security related fixes.

NTP 4.2.8 (Harlan Stenn <stenn@ntp.org>, 2014/12/18)

Focus: Security and Bug fixes, enhancements.

Severity: HIGH

In addition to bug fixes and enhancements, this release fixes the
following high-severity vulnerabilities:

* Weak default key in config_auth().

  References: [Sec 2665] / CVE-2014-9293 / VU#852879
  CVSS: (AV:N/AC:L/Au:M/C:P/I:P/A:C) Base Score: 7.3
  Vulnerable Versions: all releases prior to 4.2.7p11
  Date Resolved: 28 Jan 2010

  Summary: If no 'auth' key is set in the configuration file, ntpd
would generate a random key on the fly.  There were two
problems with this: 1) the generated key was 31 bits in size,
and 2) it used the (now weak) ntp_random() function, which was
seeded with a 32-bit value and could only provide 32 bits of
entropy.  This was sufficient back in the late 1990s when the
code was written.  Not today.

  Mitigation: Upgrade to 4.2.7p11 or later.

  Credit: This vulnerability was noticed in ntp-4.2.6 by Neel Mehta
  of the Google Security Team.

* Non-cryptographic random number generator with weak seed used by
  ntp-keygen to generate symmetric keys.

  References: [Sec 2666] / CVE-2014-9294 / VU#852879
  CVSS: (AV:N/AC:L/Au:M/C:P/I:P/A:C) Base Score: 7.3
  Vulnerable Versions: All NTP4 releases before 4.2.7p230
  Date Resolved: Dev (4.2.7p230) 01 Nov 2011

  Summary: Prior to ntp-4.2.7p230 ntp-keygen used a weak seed to
  prepare a random number generator that was of good quality back
in the late 1990s. The random numbers produced was then used to
generate symmetric keys. In ntp-4.2.8 we use a current-technology
cryptographic random number generator, either RAND_bytes from
OpenSSL, or arc4random().

  Mitigation: Upgrade to 4.2.7p230 or later.

  Credit:  This vulnerability was discovered in ntp-4.2.6 by
  Stephen Roettger of the Google Security Team.

* Buffer overflow in crypto_recv()

  References: Sec 2667 / CVE-2014-9295 / VU#852879
  CVSS: (AV:N/AC:L/Au:N/C:P/I:P/A:P) Base Score: 7.5
  Versions: All releases before 4.2.8
  Date Resolved: Stable (4.2.8) 18 Dec 2014

  Summary: When Autokey Authentication is enabled (i.e. the ntp.conf
  file contains a 'crypto pw ...' directive) a remote attacker
can send a carefully crafted packet that can overflow a stack
buffer and potentially allow malicious code to be executed
with the privilege level of the ntpd process.

  Mitigation: Upgrade to 4.2.8, or later, or
Disable Autokey Authentication by removing, or commenting out,
all configuration directives beginning with the crypto keyword
in your ntp.conf file.

  Credit: This vulnerability was discovered by Stephen Roettger of the
  Google Security Team.

* Buffer overflow in ctl_putdata()

  References: Sec 2668 / CVE-2014-9295 / VU#852879
  CVSS: (AV:N/AC:L/Au:N/C:P/I:P/A:P) Base Score: 7.5
  Versions: All NTP4 releases before 4.2.8
  Date Resolved: Stable (4.2.8) 18 Dec 2014

  Summary: A remote attacker can send a carefully crafted packet that
  can overflow a stack buffer and potentially allow malicious
code to be executed with the privilege level of the ntpd process.

  Mitigation: Upgrade to 4.2.8, or later.

  Credit: This vulnerability was discovered by Stephen Roettger of the
  Google Security Team.

* Buffer overflow in configure()

  References: Sec 2669 / CVE-2014-9295 / VU#852879
  CVSS: (AV:N/AC:L/Au:N/C:P/I:P/A:P) Base Score: 7.5
  Versions: All NTP4 releases before 4.2.8
  Date Resolved: Stable (4.2.8) 18 Dec 2014

  Summary: A remote attacker can send a carefully crafted packet that
can overflow a stack buffer and potentially allow malicious
code to be executed with the privilege level of the ntpd process.

  Mitigation: Upgrade to 4.2.8, or later.

  Credit: This vulnerability was discovered by Stephen Roettger of the
Google Security Team.

* receive(): missing return on error

  References: Sec 2670 / CVE-2014-9296 / VU#852879
  CVSS: (AV:N/AC:L/Au:N/C:N/I:N/A:P) Base Score: 5.0
  Versions: All NTP4 releases before 4.2.8
  Date Resolved: Stable (4.2.8) 18 Dec 2014

  Summary: Code in ntp_proto.c:receive() was missing a 'return;' in
  the code path where an error was detected, which meant
processing did not stop when a specific rare error occurred.
We haven't found a way for this bug to affect system integrity.
If there is no way to affect system integrity the base CVSS
score for this bug is 0. If there is one avenue through which
system integrity can be partially affected, the base score
becomes a 5. If system integrity can be partially affected
via all three integrity metrics, the CVSS base score become 7.5.

  Mitigation:
        Upgrade to 4.2.8, or later,
        or Remove or comment out all configuration directives
beginning with the crypto keyword in your ntp.conf file.

  Credit: This vulnerability was discovered by Stephen Roettger of the
  Google Security Team.

See http://support.ntp.org/security for more information.

(taca)

Updated devel/subversion to 1.8.11

(obache)

Update subversion to 1.8.11.

This release addresses two security issues:
    CVE-2014-3580: mod_dav_svn DoS from invalid REPORT requests.
    CVE-2014-8108: mod_dav_svn DoS from use of invalid transaction names.

Version 1.8.11
(15 Dec 2014, from /branches/1.8.x)
http://svn.apache.org/repos/asf/subversion/tags/1.8.10

User-visible changes:
  - Client-side bugfixes:
    * checkout/update: fix file externals failing to follow history and
      subsequently silently failing (issue #4185)
    * patch: don't skip targets in valid --git difs (r1592014, r1592034)
    * diff: make property output in diffs stable (r1589360)
    * diff: fix diff of local copied directory with props (r1619380, r1619393)
    * diff: fix changelist filter for repos-WC and WC-WC (r1621978, r1621981)
    * remove broken conflict resolver menu options that always error out
      (r1620332)
    * improve gpg-agent support (r1600331, r1600348, 1600368, r1600563,
      r1600781)
    * fix crash in eclipse IDE with GNOME Keyring (issue #3498)
    * fix externals shadowing a versioned directory (issue #4085)
    * fix problems working on unix file systems that don't support
      permissions (r1612225)
    * upgrade: keep external registrations (issue #4519)
    * cleanup: iprove performance of recorded timestamp fixups (r1633126)
    * translation updates for German

  - Server-side bugfixes:
    * disable revprop caching feature due to cache invalidation problems
      (r1543594, r1619774, r1619105, r1619118, r1619153, r1619802)
    * skip generating uniquifiers if rep-sharing is not supported (r1561426)
    * mod_dav_svn: reject requests with missing repository paths (r1643409)
    * mod_dav_svn: reject requests with invalid virtual transaction names
      (r1643437)
    * mod_dav_svn: avoid unneeded memory growth in resource walking
      (issue #4531)

Developer-visible changes:
  - General:
    * make sure all members of the repos layer notify struct are valid,
      fixes crashes in API users using all members (r1616131)
    * properly generate a version resource when building on Windows (r1542610,
      r1564576, r1568180)
    * fix LIBTOOL_M4 and LIBTOOL_CONFIG variable not be evaluated properly
      during a unix build (r1637826)
    * allow the use of libtool 2.4.3 (r1640862, r1640873, r1643793)

(obache)

Updated www/apache-tomcat7 to 7.0.57

(ryoon)

Update to 7.0.57

Changelog:
Tomcat 7.0.57 (violetagg)

    Catalina

        add 47919: Extend the information logged when Tomcat starts to optionally log the values of command line arguments (enabled by default) and environment variables (disabled by default). Note that the values added to CATALINA_OPTS and JAVA_OPTS environment variables will be logged, as they are used to build up the command line. (markt)
        add 56401: Log version information when Tomcat starts. (markt/kkolinko)
        fix 57022: Ensure SPNEGO authentication continues to work with the JNDI Realm using delegated credentials with recent Oracle JREs. (markt)
        fix Correct a couple of NPEs in the JNDI Realm that could be triggered with when not specifying a roleBase and enabling roleSearchAsUser. (markt)
        fix Remove the unnecessary registration of context.xml as a redeploy resource. The context.xml having an external docBase has already been registered as a redeploy resources at first. (kfujino)
        fix Improve the previous fix for 56401. Avoid logging version information in the constructor since it then gets logged at undesirable times such as when using StoreConfig. (markt)
        fix 57105: When parsing web.xml do not limit the buffer element of the jsp-property-group element to integer values as the allowed values are <number>kb or none. (markt)
        update Update the minimum required version of the Tomcat Native library (if used) to 1.1.32. (markt)
        update 57144: Improve ClientAbortException to provide non-null message. (kkolinko)

    Coyote

        add 53952: Add support for TLSv1.1 and TLSv1.2 for APR connector. Based upon a patch by Marcel Šebek. This feature requires Tomcat Native library 1.1.32 or later. (schultz/jfclere)
        add Disable SSLv3 by default for JSSE based HTTPS connectors (BIO and NIO). The change also ensures that SSLv2 is disabled for these connectors although SSLv2 should already be disabled by default by the JRE. (markt)
        add Disable SSLv3 by default for the APR/native HTTPS connector. (markt)
        fix Do not increase remaining counter at end of stream in IdentityInputFilter. (kkolinko)

    Jasper

        fix 57099: Ensure that semi-colons are not permitted in JSP import page directives. (markt)

    Cluster

        fix Avoid possible integer overflows reported by Coverity Scan. (fschumacher)

    WebSocket

        fix 57054: Correctly handle the case in the WebSocket client when the HTTP response to the upgrade request can not be read in a single pass; either because the buffer is too small or the server sent the response in multiple packets. (markt)
        fix Fix client subprotocol handling. (remm)
        fix Add null checks for arguments in remote endpoint. (remm/kkolinko)
        fix 57091: Work around the behaviour of the Oracle JRE when creating new threads in an applet environment that breaks the WebSocket client implementation. Patch provided by Niklas Hallqvist. (markt)
        fix 57118: Ensure that that an EncodeException is thrown by RemoteEndpoint.Basic.sendObject(Object) rather than an IOException when no suitable Encoder is configured for the given Object. (markt)

    Web applications

        fix Correct documentation for ServerCookie.ALLOW_NAME_ONLY system property. (kkolinko)
        fix 57049: Clarified that jvmRoute can be set in <Engine>'s jvmRoute or in a system property. (schultz)
        fix Correct version of Java WebSocket mentioned in documentation (s/1.0/1.1/). (markt/kkolinko)
        update In examples web application move Async and Comet examples from JSP to Servlet examples page. (kkolinko)
        update Suppress timestamp comments and enable charset header in Javadoc. (kkolinko)

    jdbc-pool

        fix 57079: Use Tomcat version number for jdbc-pool module when building and shipping the module as part of Tomcat. (markt/kkolinko)
        fix Fix broken overview page in javadoc generated via "javadoc" task in jdbc-pool build.xml file. (kkolinko)

    Other

        update 56079: The Apache Tomcat Windows service and the Apache Tomcat Windows service monitor application are now digitally signed. (markt)
        fix Fix timestamps in Tomcat build and jdbc-pool to use 24-hour format instead of 12-hour one and use UTC timezone. (markt/kkolinko)
        update Improve Tomcat build script to ensure that only one ecj-nn.jar file is present in Tomcat lib directory when Eclipse JDT Compiler is updated to a new version. (kkolinko)
        update 56596: Update to Tomcat Native Library version 1.1.32 to pick up the Windows binaries that are based on OpenSSL 1.0.1j and APR 1.5.1. (markt)
        code In Tomcat tests: log name of the current test method at start time. (kkolinko)

(ryoon)

Updated graphics/libsixel to 1.4.3

(obache)

Update libsixel to 1.4.3.

some portabilities and minor fixes.

(obache)

Updated www/mediawiki to 1.24.1

(wen)

Update to 1.24.1(security update)

Upstream changes:
MediaWiki 1.24.1
This is a security and maintenance release of the MediaWiki 1.24 branch.

Changes since 1.24.0
(bug T76686) [SECURITY] thumb.php outputs wikitext message as raw HTML, which could lead to xss. Permission to edit MediaWiki namespace is required to exploit this.
(bug T77028) [SECURITY] Malicious site can bypass CORS restrictions in $wgCrossSiteAJAXdomains in API calls if it only included an allowed domain as part of its name.
(bug T74222) The original patch for T74222 was reverted as unnecessary.
Fixed a couple of entries in RELEASE-NOTES-1.24.
(bug T76168) OutputPage: Add accessors for some protected properties.
(bug T74834) Make 1.24 branch directly installable under PostgreSQL.

(wen)

Note update of the "mutt-devel" package to version 1.5.23nb2.

(tron)

Add fix for the security vulnerability reported in CVE-2014-9116 taken
from the mutt GIT repository.

(tron)

Note update of lang/php56 package to 5.6.4.

(taca)

Update php56 to 5.6.4, including security fix.

18 Dec 2014, PHP 5.6.4

- Core:
  . Fixed bug #68091 (Some Zend headers lack appropriate extern "C" blocks).
    (Adam)
  . Fixed bug #68104 (Segfault while pre-evaluating a disabled function).
    (Laruence)
  . Fixed bug #68185 ("Inconsistent insteadof definition."- incorrectly
    triggered). (Julien)
  . Fixed bug #68355 (Inconsistency in example php.ini comments).
    (Chris McCafferty)
  . Fixed bug #68370 ("unset($this)" can make the program crash). (Laruence)
  . Fixed bug #68422 (Incorrect argument reflection info for array_multisort()).
    (Alexander Lisachenko)
  . Fixed bug #68545 (NULL pointer dereference in unserialize.c). (Anatol)
  . Fixed bug #68446 (Array constant not accepted for array parameter default).
    (Bob, Dmitry)
  . Fixed bug #68594 (Use after free vulnerability in unserialize()).
    (CVE-2014-8142) (Stefan Esser)

- Date:
  . Fixed day_of_week function as it could sometimes return negative values
    internally. (Derick)

- FPM:
  . Fixed bug #68381 (fpm_unix_init_main ignores log_level).
    (David Zuelke, Remi)
  . Fixed bug #68420 (listen=9000 listens to ipv6 localhost instead of all
    addresses). (Remi)
  . Fixed bug #68421 (access.format='%R' doesn't log ipv6 address). (Remi)
  . Fixed bug #68423 (PHP-FPM will no longer load all pools). (Remi)
  . Fixed bug #68428 (listen.allowed_clients is IPv4 only). (Remi)
  . Fixed bug #68452 (php-fpm man page is oudated). (Remi)
  . Fixed request #68458 (Change pm.start_servers default warning to
    notice). (David Zuelke, Remi)
  . Fixed bug #68463 (listen.allowed_clients can silently result
    in no allowed access). (Remi)
  . Fixed request #68391 (php-fpm conf files loading order).
    (Florian Margaine, Remi)
  . Fixed bug #68478 (access.log don't use prefix). (Remi)

- Mcrypt:
  . Fixed possible read after end of buffer and use after free. (Dmitry)

- GMP:
  . Fixed bug #68419 (build error with gmp 4.1). (Remi)

- PDO_pgsql:
  . Fixed bug #67462 (PDO_PGSQL::beginTransaction() wrongly throws exception
  when not in transaction) (Matteo)
  . Fixed bug #68351 (PDO::PARAM_BOOL and ATTR_EMULATE_PREPARES misbehaving)
  (Matteo)

- Session:
  . Fixed bug #68331 (Session custom storage callable functions not being called)
    (Yasuo Ohgaki)

- SOAP:
  . Fixed bug #68361 (Segmentation fault on SoapClient::__getTypes).
    (Laruence)

- zlib:
  . Fixed bug #53829 (Compiling PHP with large file support will replace
    function gzopen by gzopen64) (Sascha Kettler, Matteo)

(taca)

Note update of lang/php55 package to 5.5.20.

(taca)

Update php55 to 5.5.20, including security fix.

17 Dec 2014, PHP 5.5.20

- Core:
  . Fixed bug #68091 (Some Zend headers lack appropriate extern "C" blocks).
    (Adam)
  . Fixed bug #68185 ("Inconsistent insteadof definition."- incorrectly
    triggered). (Julien)
  . Fixed bug #68370 ("unset($this)" can make the program crash). (Laruence)
  . Fixed bug #68545 (NULL pointer dereference in unserialize.c). (Anatol)
  . Fixed bug #68594 (Use after free vulnerability in unserialize()).
    (CVE-2014-8142) (Stefan Esser)

- Date:
  . Fixed day_of_week function as it could sometimes return negative values
    internally. (Derick)

- FPM:
  . Fixed bug #68381 (fpm_unix_init_main ignores log_level).
    (David Zuelke, Remi)
  . Fixed bug #68420 (listen=9000 listens to ipv6 localhost instead of all
    addresses). (Remi)
  . Fixed bug #68421 (access.format='%R' doesn't log ipv6 address). (Remi)
  . Fixed bug #68423 (PHP-FPM will no longer load all pools). (Remi)
  . Fixed bug #68428 (listen.allowed_clients is IPv4 only). (Remi)
  . Fixed bug #68452 (php-fpm man page is oudated). (Remi)
  . Fixed request #68458 (Change pm.start_servers default warning to
    notice). (David Zuelke, Remi)
  . Fixed bug #68463 (listen.allowed_clients can silently result
    in no allowed access). (Remi)
  . Fixed request #68391 (php-fpm conf files loading order).
    (Florian Margaine, Remi)
  . Fixed bug #68478 (access.log don't use prefix). (Remi)

- Mcrypt:
  . Fixed possible read after end of buffer and use after free. (Dmitry)

- PDO_pgsql:
  . Fixed bug #66584 (Segmentation fault on statement deallocation) (Matteo)
  . Fixed bug #67462 (PDO_PGSQL::beginTransaction() wrongly throws exception
  when not in transaction) (Matteo)
  . Fixed bug #68351 (PDO::PARAM_BOOL and ATTR_EMULATE_PREPARES misbehaving)
  (Matteo)

- zlib:
  . Fixed bug #53829 (Compiling PHP with large file support will replace
    function gzopen by gzopen64) (Sascha Kettler, Matteo)

(taca)

Note update of lang/php54 package to 5.4.36.

(taca)

Update php54 to 5.4.36, including security fix.

18 Dec 2014 PHP 5.4.36

- Core:
  . Upgraded crypt_blowfish to version 1.3. (Leigh)
  . Fixed bug #68545 (NULL pointer dereference in unserialize.c). (Anatol)
  . Fixed bug #68594 (Use after free vulnerability in unserialize()).
    (CVE-2014-8142) (Stefan Esser)

13 Nov 2014 PHP 5.4.35

- Core:
  . Fixed bug #68365 (zend_mm_heap corrupted after memory overflow in
    zend_hash_copy). (Dmitry)

- Fileinfo:
  . Fixed bug #68283 (fileinfo: out-of-bounds read in elf note headers).
    (CVE-2014-3710) (Remi)

- GMP:
. Fixed bug #63595 (GMP memory management conflicts with other libraries
  using GMP). (Remi)

- PDO_pgsql:
  . Fixed bug #66584 (Segmentation fault on statement deallocation) (Matteo)

(taca)

Updated devel/nss to 3.17.3nb1

(ryoon)

Fix build of www/firefox.
The build breakage is caused from inconsistent use of sqlite3
from NetBSD base and pkgsrc.
Bump PKGREVISION.

(ryoon)

+ postgresql-9.4.

(wiz)

+ calibre-2.13.0, cmake-3.1, darktable-1.6, digikam-4.6, gxine-0.99.9,
  wordpress-4.1, xine-lib-1.2.6.

(wiz)

Updated devel/py-mercurial to 3.2.3

(wiz)

Update to 3.2.3:

This is an unscheduled bugfix release containing two security fixes
for issues we uncovered in both Git and Mercurial for CVE-2014-9390.
Users on Mac and Windows are encouraged to upgrade.

    context: stop setting None for modified or added nodes
    darwin: omit ignorable codepoints when normcase()ing a file path
    encoding: add hfsignoreclean to clean out HFS-ignored characters
    largefiles: don't actually remove largefiles in an addremove dry run
    log: fix log -f slow path to actually follow history
    log: fix log revset instability
    manifest: disallow setting the node id of an entry to None
    pathauditor: check for Windows shortname aliases
    pathauditor: check for codepoints ignored on OS X
    rebase: ignore negative state when updating back to original wc parent
    update: add tests for untracked local file
    update: don't overwrite untracked ignored files on update

(wiz)

Set {MASTER_}SITES properly.

(obache)

Update MASTER_SITES to ${MASTER_SITE_SOURCEFORGE:=enigma-game/}

(mef)

Update MASTER_SITES to ${MASTER_SITE_SOURCEFORGE:=lensfun/}

(mef)

Update MASTER_SITES to ${MASTER_SITE_SOURCEFORGE:=gtksee.berlios/}

(mef)

Update MASTER_SITES (was Unknown site).

(mef)

Note update of mail/roundcube package to 1.0.4.

(taca)

Update roundcube to 1.0.4, which contains fix for possible CSRF attack.

RELEASE 1.0.4
-------------
- Disable TinyMCE contextmenu plugin as there are more cons than pros in using it (#1490118)
- Fix bug where show_real_foldernames setting wasn't honored on compose page (#1490153)
- Fix issue where Archive folder wasn't protected in Folder Manager (#1490154)
- Fix compatibility with PHP 5.2. in rcube_imap_generic (#1490115)
- Fix setting flags on servers with no PERMANENTFLAGS response (#1490087)
- Fix regression in SHAA password generation in ldap driver of password plugin (#1490094)
- Fix displaying of HTML messages with absolutely positioned elements in Larry skin (#1490103)
- Fix font style display issue in HTML messages with styled <span> elements (#1490101)
- Fix download of attachments that are part of TNEF message (#1490091)
- Fix handling of uuencoded messages if messages_cache is enabled (#1490108)
- Fix handling of base64-encoded attachments with extra spaces (#1490111)
- Fix handling of UNKNOWN-CTE response, try do decode content client-side (#1490046)
- Fix bug where creating subfolders in shared folders wasn't possible without ACL extension (#1490113)
- Fix reply scrolling issue with text mode and start message below the quote (#1490114)
- Fix possible issues in skin/skin_path config handling (#1490125)
- Fix lack of delimiter for recipient addresses in smtp_log (#1490150)
- Fix generation of Blowfish-based password hashes (#1490184)
- Fix bugs where CSRF attacks were still possible on some requests

(taca)

Note updates to devel/git{,-base,-docs,-gitk,-svn}, www/gitweb.

(schmonz)

Update to 2.2.1. From the changelog:

* We used to allow committing a path ".Git/config" with Git that is
  running on a case sensitive filesystem, but an attempt to check out
  such a path with Git that runs on a case insensitive filesystem
  would have clobbered ".git/config", which is definitely not what
  the user would have expected.  Git now prevents you from tracking
  a path with ".Git" (in any case combination) as a path component.

* On Windows, certain path components that are different from ".git"
  are mapped to ".git", e.g. "git~1/config" is treated as if it were
  ".git/config".  HFS+ has a similar issue, where certain unicode
  codepoints are ignored, e.g. ".g\u200cit/config" is treated as if
  it were ".git/config".  Pathnames with these potential issues are
  rejected on the affected systems.  Git on systems that are not
  affected by this issue (e.g. Linux) can also be configured to
  reject them to ensure cross platform interoperability of the hosted
  projects.

* "git fsck" notices a tree object that records such a path that can
  be confused with ".git", and with receive.fsckObjects configuration
  set to true, an attempt to "git push" such a tree object will be
  rejected.  Such a path may not be a problem on some filesystems
  but in order to protect those on HFS+ and on case insensitive
  filesystems, this check is enabled on all platforms.

A big "thanks!" for bringing this issue to us goes to our friends in
the Mercurial land, namely, Matt Mackall and Augie Fackler.

Also contains typofixes, documentation updates and trivial code clean-ups.

Changes since v2.2.0 are as follows:

Hartmut Henkel (1):
      l10n: de.po: fix typos

Jeff King (8):
      unpack-trees: propagate errors adding entries to the index
      read-tree: add tests for confusing paths like ".." and ".git"
      verify_dotfile(): reject .git case-insensitively
      t1450: refactor ".", "..", and ".git" fsck tests
      fsck: notice .git case-insensitively
      utf8: add is_hfs_dotgit() helper
      read-cache: optionally disallow HFS+ .git variants
      fsck: complain about HFS+ ".git" aliases in trees

Johannes Schindelin (3):
      path: add is_ntfs_dotgit() helper
      read-cache: optionally disallow NTFS .git variants
      fsck: complain about NTFS ".git" aliases in trees

(schmonz)

Updated multimedia/xine-lib to 1.2.5nb8

(wiz)

I found the magic incantation to make this use pkgsrc libdvdnav.
Do that. Bump PKGREVISION.

(wiz)

Remove patch-aa after update removed it from distinfo.

(wiz)

Remove patch-aa after update removed it from distinfo.

(wiz)

Remove patch-aa after update removed it from distinfo.

(wiz)

Updated mail/spamass-milter to 0.4.0

(gdt)

Update to 0.4.0.
Several patches are dropped because they were integrated upsteam.
(Approval during freeze by wiz@.)

Upstream changes since 0.3.1 from
  https://savannah.nongnu.org/forum/forum.php?forum_id=8094

Item posted by Todd Kover <kovert> on Thu 11 Sep 2014 01:05:20 AM GMT.

I am pleased to announce the release of spamass-milt version 0.4.0.

This is the first of what I hope are a number of maintenance releases
with the goal to eliminate the outstanding bug/patch/feature requests:

The following changes are included in this release

- -C option to change the default reject code
- -S option to specify a path to sendmail (for the -x option)
- -R option to specify the rejection message
- -a option to skip messages that were authenticated
- IPv6 address support
- zombie process fix for the - option introduced in 0.3.2

This also includes the fix for CVE-2010-1132 that was in the unannounced but generated 0.3.2 release.

(gdt)

Fix build. With 8.6.0 the rabbitmq plugin moved to contrib/.

(fhajny)

Updated security/prelude-correlator to 0.9.0beta8nb5

(wiz)

Fix packaging with py-setuptools-0.8.

While here, fix interpreter path in installed file. Bump PKGREVISION.

(wiz)

Updated multimedia/xine-lib to 1.2.5nb7

(wiz)

Use more existing packages from pkgsrc.
XXX: couldn't convince it to use pkgsrc libraries for libdvdnav
and libdvdread though
XXX: musepack support is old-fashioned, so I haven't enabled the pkgsrc
dependency since xine would then conflict with vlc

(wiz)

Add forgotten patches to allow zlib 1.2.3 and rename libutil to
libmyutil.

(joerg)

Avoid confusion with libutil. Allow zlib 1.2.3. Bump revision.

(joerg)

Yet another copy of ecb.h in CPAN.

(joerg)

Remove redundant includes. Tell configure explicitly how to link Python.

(joerg)

Add rtsp to PLIST_VARS to fix PLIST

(abs)

Don't try to detect libz and friends, explicitly use them. Avoids
failing detection on SLES11.

(joerg)

Change MASTER_SITES to original location.

(obache)

+ Mesa-10.4, glu-10.4, gsharutils-4.14.2, phonon-4.8.3,
  tkgate-1.8.7 [pkg/49482], vinagre-3.14.3, wine-devel-1.7.33.

(wiz)

Bump py-setuptools dependency to 0.8 since that version changed
version number handling.

(wiz)

Reset MAINTAINER, requested in PR pkg/49382.

(obache)

"-a" option for cp(1) is not portable, use standard combination "-RpP" instead.
PR pkg/49475 by Sevan Janiyan.

(obache)

Added the suse131 gstreamer and sqlite3 versions and their 32-bit variants.
OK'd by pkgsrc-pmc@ in private mail. This fixes build failure with
wip/skype4.

(rodent)

Added emulators/suse131_sqlite3 version 13.1

(rodent)

Import suse_sqlite3-13.1 as emulators/suse131_sqlite3.

Linux compatibility package based on the openSUSE Linux distribution.
Please visit http://www.opensuse.org/ for more information about openSUSE
Linux.

This package supports running ELF binaries linked with glibc2 that
require the sqlite3 shared libraries.

(rodent)

Import suse32_sqlite3-13.1 as emulators/suse131_32_sqlite3.

Linux compatibility package based on the openSUSE Linux distribution.
Please visit http://www.opensuse.org/ for more information about openSUSE
Linux.

This package supports running ELF binaries linked with glibc2 that
require the sqlite3 shared libraries.

(rodent)

Added emulators/suse131_gstreamer version 13.1

(rodent)

Import suse_gstreamer-13.1 as emulators/suse131_gstreamer.

Linux compatibility package based on the openSUSE Linux distribution.
Please visit http://www.opensuse.org/ for more information about openSUSE
Linux.

This package supports running ELF binaries linked with glibc2 that
require the gstreamer shared libraries.

(rodent)

Added emulators/suse131_32_gstreamer version 13.1

(rodent)

Import suse32_gstreamer-13.1 as emulators/suse131_32_gstreamer.

Linux compatibility package based on the openSUSE Linux distribution.
Please visit http://www.opensuse.org/ for more information about openSUSE
Linux.

This package supports running ELF binaries linked with glibc2 that
require the gstreamer shared libraries.

(rodent)

Add gstreamer and sqlite3, as these were forgotten and will be required for
the 32-bit packages to work correctly. Discussed with wiz@.

(rodent)

Adjust the edits to the add-to-xpdfrc file. Do it with SUBST instead
of raw seddery. While here, fix DEINSTALL to more reliably remove the
block this package adds to xpdfrc, and also to avoid stepping on its
own scratch files.

>From qjsgkem on freenode.

XXX: This package really shouldn't be munging files in PKG_SYSCONFDIR, but
XXX: that's probably nontrivial to avoid and an issue for some other day.

(dholland)

Fix PLISTs after update. Reported by qjsgkem on freenode.
Bump PKGREVISIONS.

(dholland)

Pullup ticket #4573.

(tron)

Pullup ticket #4573 - requested by roy
net/powerdns-recursor: security patch

Revisions pulled up:
- net/powerdns-recursor/Makefile                                1.16
- net/powerdns-recursor/distinfo                                1.12
- net/powerdns-recursor/patches/patch-CVE-2014-8601            1.1

---
  Module Name:    pkgsrc
  Committed By:  roy
  Date:          Thu Dec 11 20:18:17 UTC 2014

  Modified Files:
          pkgsrc/net/powerdns-recursor: Makefile distinfo
  Added Files:
          pkgsrc/net/powerdns-recursor/patches: patch-CVE-2014-8601

  Log Message:
  Add upstream patch to fix CVE-2014-8601.
  Remove myself as maintainer.

(tron)

Fix build with py-setuptool-0.8.

(wiz)

Fix build with py-setuptools-0.8.

(wiz)

Fix build with py-setuptools-0.8.

(wiz)

Fix build with py-setuptools-0.8.

(wiz)

HOMEPAGE was Forbidden(403) Status, stip the last leaf from its URL.

(mef)

MASTER_SITES directory is one level down now.

(mef)

Fix packaging with py-setuptools-0.8.

(wiz)

Fix packaging with py-setuptools-0.8.

(wiz)