Pullup ticket #4399 addendum - requested by tron
mail/thunderbird: restore dropped enigmail distinfo

Revisions pulled up:
- mail/thunderbird/distinfo                                    1.140

-------------------------------------------------------------------
  Module Name:    pkgsrc
  Committed By:  tron
  Date:          Tue May  6 19:26:57 UTC 2014

  Modified Files:
          pkgsrc/mail/thunderbird: distinfo

  Log Message:
  Re-add checksum for "enigmail-1.6.tar.gz". Problem found by wizd(8).

                                                                                  To generate a diff of this commit:
  cvs rdiff -u -r1.139 -r1.140 pkgsrc/mail/thunderbird/distinfo

(spz)

Updated databases/redis to 2.8.9

(fhajny)

Update redis to 2.8.9.

--[ Redis 2.8.9 ] Release date: 22 Apr 2014

# UPGRADE URGENCY: LOW, only new features introduced, no bugs fixed.

* [NEW] The HyperLogLog data structure. You can read more about it
        in this blog post. http://antirez.com/news/75
* [NEW] The Sorted Set data type has now support for lexicographic range
        queries, check the new commands ZRANGEBYLEX, ZLEXCOUNT and
        ZREMRANGEBYLEX, which are documented at http://redis.io.

--[ Redis 2.8.8 ] Release date: 25 Mar 2014

# UPGRADE URGENCY: HIGH for Redis, LOW for Sentinel. There is a potentially
                  critical bug fix causing data loss in Redis but it requires
                  a combination of disk full and the use of the
                  SHUTDOWN command.

* [FIX] Fixed data loss when SHUTDOWN was used with a disk full condition.
* [FIX] Fixed a memory leak in the SORT syntax error processing.
* [FIX] When Sentinel down-after-milliseconds parameter is modified at runtime
        now it gets propagated to all the slaves and sentinel instances
        of the master.
* [FIX] `install_server.sh` script finally fixed.
* [FIX] Different fixes to maxclients handling.

* [NEW] Sentinels are now able to send update messages in a peer-to-peer
        fashion even if no Redis instances are available. Now the Sentinel
        liveness property that the most updated configuration in a given
        partition is propagated to all the Sentinels is extended to partitions
        without reachable instances.
* [NEW] Sentinel safety properties are now ensured in a crash-recovery system
        model since some state is persisted on disk before replying to other
        nodes, and reloaded at startup.
* [NEW] Sentinel now uses CLIENT SETNAME so that it is easy to identify
        Sentinels using CLIENT LIST among other clients.
* [NEW] Sentinel failure detection and reconnection code improved.
* [NEW] Use all 24 bits (instead of 22) for the Redis objects LRU field.
        Note that the new LRU algorithm using eviction pools was not backported
        from unstable for safery / code maturity concerns.
* [NEW] Majory speedup for the INFO command (it is now 6 times faster).
* [NEW] More Sentinel unit tests.
* [NEW] New command DEBUG ERROR returns the specified error. Example:
        DEBUG ERROR "LOADING database". This is handy to write Redis client
        libraries unit tests.
* [NEW] redis-cli now supports multi-line editing via updated linenoise lib.

(fhajny)

pullup #4399

(spz)

Pullup ticket #4399 - requested by tron
mail/thunderbird: security update

Revisions pulled up:
- mail/thunderbird/Makefile                                    1.136
- mail/thunderbird/distinfo                                    1.139

-------------------------------------------------------------------
  Module Name: pkgsrc
  Committed By: tron
  Date: Tue May  6 16:03:38 UTC 2014

  Modified Files:
  pkgsrc/mail/thunderbird: Makefile distinfo

  Log Message:
  Update "thunderbird" package to version 24.5.0.

  The following security problems were fixed in this release:
  - MFSA 2014-46 Use-after-free in nsHostResolve
  - MFSA 2014-44 Use-after-free in imgLoader while resizing images
  - MFSA 2014-43 Cross-site scripting (XSS) using history navigations
  - MFSA 2014-42 Privilege escalation through Web Notification API
  - MFSA 2014-38 Buffer overflow when using non-XBL object as XBL
  - MFSA 2014-37 Out of bounds read while decoding JPG images
  - MFSA 2014-35 Privilege escalation through Mozilla Maintenance Service
                  Installer
  - MFSA 2014-34 Miscellaneous memory safety hazards

  To generate a diff of this commit:
  cvs rdiff -u -r1.135 -r1.136 pkgsrc/mail/thunderbird/Makefile
  cvs rdiff -u -r1.138 -r1.139 pkgsrc/mail/thunderbird/distinfo

(spz)

Updated textproc/sphinxsearch to 2.1.8

(fhajny)

Update sphinxsearch to 2.1.8

Changes in 2.1.8
- Added JSON attribute support, built-in HA tools, better realtime indexes,
  fulltext search and ranking optimizations, more SphinxQL commands, and
  wordbreaker.
- fixed #1937, crash at SENTENCE operator
- fixed #1933, quorum operator works incorrectly if it uses a number that is
  also an exception
- fixed #1932, daemon index recovery after failed rotation
- fixed #1923, crash at indexer with dict=keywords and xml source
- fixed #1918, crash while hitless words are used within fulltext operators
  which require hits
- fixed #1878, daemon doesn't reset regexp_filter after rotation with
  seamless_rotate=0
- fixed #1769, crash after unsuccessful INSERT with RT index
- fixed #1682, field-end modifier doesn't work with words containing
  blended chars

Changes in 2.1.7
- fixed #1917, field limit propagation outside of group
- fixed #1915, exact form passes to index skipping stopwords filter
- fixed #1905, multiple lemmas at the end of a field
- fixed #1903, indextool check mode for hitless indexes and indexes with
  large amount of documents
- fixed #1902, crash on JSON field in the IN() function
- fixed #1884, crash at SNIPPET() with local indexes at distributed index
- fixed #1802, loading large keywords dictionary
- fixed #1786, indextool fails to handle indexes with AOT morphology
- fixed crash of daemon on logging very large messages
- fixed expression engine: division by zero, log and sqrt() functions

(fhajny)

Reinstate UnlimitedJCEPolicyJDK7.zip distinfo

(dsainty)

+ clamav-0.98.2, gdb-7.7.1, pulseaudio-5.0 [wip], silc-1.1.10,
  veusz-1.21.

(wiz)

Re-add checksum for "enigmail-1.6.tar.gz". Problem found by wizd(8).

(tron)

Note update of the "thunderbird" package to version 24.5.0.

(tron)

Update "thunderbird" package to version 24.5.0.

The following security problems were fixed in this release:
- MFSA 2014-46 Use-after-free in nsHostResolve
- MFSA 2014-44 Use-after-free in imgLoader while resizing images
- MFSA 2014-43 Cross-site scripting (XSS) using history navigations
- MFSA 2014-42 Privilege escalation through Web Notification API
- MFSA 2014-38 Buffer overflow when using non-XBL object as XBL
- MFSA 2014-37 Out of bounds read while decoding JPG images
- MFSA 2014-35 Privilege escalation through Mozilla Maintenance Service
              Installer
- MFSA 2014-34 Miscellaneous memory safety hazards

(tron)

homogenise fgrep to be grep -F

(richard)

Backpatch tweaks to support pkgsrc gtexinfo v5

(richard)

Fix rc.d handling.

(jperkin)

Fix rc.d handling.

(jperkin)

client-hook isn't an rc.d script, and the binary doesn't look for it in
that location anyway.  Add it to CONF_FILES instead.  Fixes builds with
INIT_SYSTEM=rc.d.

Bump PKGREVISION.

(jperkin)

Fix INIT_SYSTEM handling.

(jperkin)

Move INIT_SYSTEM to bsd.prefs.mk, allowing it to be tested in
package Makefiles when packages perform custom rc.d handling.

(jperkin)

Updated devel/nspr to 4.10.5

(ryoon)

Update to 4.10.5

Changelog:
An important internal change in NSPR 4.10.5 is that the configure script
was generated using Autoconf 2.69 instead of Autoconf 2.13. If your
build system uses Autoconf and your configure script invokes NSPR's
configure script as a sub-configure, some adjustments may be necessary.

NSPR 4.10.5 has the following bug fixes:
- Bug 50549: Link to ws2_32.lib instead of wsock32.lib under Windows.
- Bug 695993: Update NSPR's config.guess and config.sub, get rid of our
  non-upstreamed hacks. Contributed by Ulrich Weigand.
- Bug 849085: autoconf: Port NSPR's build/autoconf/acwinpaths.m4 to
  autoconf 2.56+.
- Bug 849093: autoconf: Do not call AC_PROG_CC inside a conditional
  block.
- Bug 977685: Support powerpc64le-linux platform in NSPR. Contributed by
  Ulrich Weigand.
- Bug 978636: Detect MSYS2 on configure. Contributed by Makoto Kato.
- Bug 981558: Do library timestamping with one-second resolution.
- Bug 986745: Add atomic primitives for Linux ppc64. Contributed by
  Ulrich Weigand.
- Bug 989497: nspr/configure.in should also call AC_PROG_CPP when
  cross-compiling.
- Bug 992471: nspr/configure.in should not check for CROSS_COMPILE in
  the environment.

(ryoon)

Updated www/firefox24 to 24.5.0
Updated devel/xulrunner24 to 24.5.0

(ryoon)

Reset PKGREVISION

(ryoon)

Update to 24.5.0

CHangelog:
Fixed in Firefox ESR 24.5
MFSA 2014-46 Use-after-free in nsHostResolve
MFSA 2014-44 Use-after-free in imgLoader while resizing images
MFSA 2014-43 Cross-site scripting (XSS) using history navigations
MFSA 2014-42 Privilege escalation through Web Notification API
MFSA 2014-38 Buffer overflow when using non-XBL object as XBL
MFSA 2014-37 Out of bounds read while decoding JPG images
MFSA 2014-35 Privilege escalation through Mozilla Maintenance Service Installer
MFSA 2014-34 Miscellaneous memory safety hazards (rv:29.0 / rv:24.5)

(ryoon)

Updated databases/couchdb to 1.5.1

(fhajny)

Update couchdb to 1.5.1.

Changes since 1.5.0:
- Add the max_count option (UUIDs Configuration) to allow rate-limiting
  the amount of UUIDs that can be requested from the /_uuids handler
  in a single request.

(fhajny)

Added fonts/koruri-ttf version 20140319

(ryoon)

Add koruri-ttf

(ryoon)

Import koruri-ttf-20140319 as fonts/koruri-ttf.

Koruri Japanese TrueType fonts.
It is based on M+ Font and Open Sans Font (alphanumeric).

Packaged by nonaka@, and submitted as PR pkg/48756.

(ryoon)

Remove sourceforge.jp mirror sites that is not listed
in official download page.
They have no uptodate content, and download.sourceforge.jp is
redirect only.

(ryoon)

Remove http://keihanna.dl.sourceforge.jp/ from sourceforge.jp mirror.
It is dead.

(ryoon)

Updated pkgtools/revbump to 2.6

(wiz)

Make finddepends look in modules.mk, plugins.mk, and schemas.mk as well.
Suggested by obache.
Bump version.

(wiz)

mozilla.org decided to discontinue mirroring of its content officially.
Remove not-working or abandoned mirror sites.

(ryoon)

+ Mesa-10.1.2, MesaLib-10.1.2, apache-ant-1.9.4,
  glu-10.1.2, maradns-2.0.09, xine-ui-0.99.8.

(wiz)

Updated sysutils/salt to 2014.1.3nb1

(imil)

More hardcoded paths fixing, here the munin module has its configuration
hardcoded to plain /etc/munin.

(imil)

This version is now GPL v3.

(wiz)

Updated security/py-cryptography to 0.4

(wiz)

Update to 0.4:

0.4 - 2014-05-03
~~~~~~~~~~~~~~~~

* Deprecated ``salt_length`` on
  :class:`~cryptography.hazmat.primitives.asymmetric.padding.MGF1` and added it
  to :class:`~cryptography.hazmat.primitives.asymmetric.padding.PSS`. It will be
  removed from ``MGF1`` in two releases per our :doc:`/api-stability` policy.
* Added :class:`~cryptography.hazmat.primitives.ciphers.algorithms.SEED` support.
* Added :class:`~cryptography.hazmat.primitives.cmac.CMAC`.
* Added decryption support to
  :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey`
  and encryption support to
  :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey`.
* Added signature support to
  :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey`
  and verification support to
  :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey`.

0.3 - 2014-03-27
~~~~~~~~~~~~~~~~

* Added :class:`~cryptography.hazmat.primitives.twofactor.hotp.HOTP`.
* Added :class:`~cryptography.hazmat.primitives.twofactor.totp.TOTP`.
* Added :class:`~cryptography.hazmat.primitives.ciphers.algorithms.IDEA` support.
* Added signature support to
  :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey`
  and verification support to
  :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey`.
* Moved test vectors to the new ``cryptography_vectors`` package.

(wiz)

Updated graphics/graphviz to 2.38.0

(wiz)

Update to 2.38.0:

April 13, 2014
- Release 2.38.0
- Resolves bugs: 2409, 2413, 2417, 2420, 2422, 2423, 2425
March 27, 2014
- Enable packing for dot
- Allow scaling to work for all non-dot layouts
March 9, 2014
- Add overline text characteristic.
March 4, 2014
- Fix bugs in gvpr and gv.cpp so edges can be created in subgraphs.
- Add edgepaint program for coloring edges to make them easier to tell apart.
- Modify neato to avoid unnecessary translations of output. This allows positions
given on input to remain the same on output.
- Fix swig java package to work and support gv.renderresult.
- Fix test for the absence of layout (old test relied on statically allocated Agraphinfo_t).
- HTML-like tables and cells can now specify which borders should be drawn.
- The fixedsize attribute now takes the value "shape" which allows labels much larger than the
node shape.

(wiz)

Updated pkgtools/pkglint to 4.138

(wiz)

Add REPLACE_LUA. Bump version.

(wiz)

Updated chat/gloox to 1.0.10

(wiz)

Update to 1.0.10:

v1.0.10 -- 09 Apr 2014
---------------------
- TLSSChannel: use malloc/realloc/free instead of their legacy Local* variants (fixes #222)
- VCard: remove \r from vcard photos. Fixes a recent change Facebook made to their vcard pictures (patch by Fernando Sanchez)
- Jingle: fixed replying; distinguish between 'from' and 'initiator'; added Jingle::Session::setInitiator()
- Jingle: fixed ::ICEUDP to actually add candidates; added ::Session::initiator(), ::setHandler(), ::sessionAccept( PluginList ); fixed storing of new sessions in ::SessionManager (patches by Erich Keane)
- Jingle: removed Jingle::setInitiator() and ::setResponder() (now provided by ctor)
- AtomicRefCount: fixed compilation on iOS (patch by Erich Keane)
- Jingle::Plugin: added JinglePluginType, pluginType(), and findPlugin() to easily look for and retrieve specific plugins
- ConnectionBOSH: fixed return value for recv() (patch by Sudarshan Prasad)
- Parser: get rid of bogus isValid() (fixes #180, #224)

v1.0.9 -- 15 Oct 2013
---------------------
- changed colon to dash in uid generation to possibly fix #191
- added Channel Binding (needed for SASL SCRAM-SHA-1-PLUS) to SChannel on win32 (untested)
- fixed SCRAM-SHA-1-PLUS

v1.0.8 -- 15 Oct 2013
---------------------
- ConnectionTLS: make stacked TLS/SSL connections work again with HTTP proxies
- added SASL SCRAM-SHA-1/SCRAM-SHA-1-PLUS authentication mechanisms (GnuTLS & OpenSSL only) (#201)
- properly seed the RNG
- SHA::hex(): finalize() only once

v1.0.7.1 -- 11 Oct 2013
---------------------
- fixed/updated the win32 project files

v1.0.7 -- 11 Oct 2013
---------------------
- added Jingle (XEP-0166)
- added Jingle ICE-UDP Transport (XEP-0176)
- added Jingle File Transfer (XEP-0234)
- fixed compilation in iOS7 SDK (thanks to Kurt Vermeersch)
- fixed bug in stanza handling/counting related to Stream Management (patch by Norbert Riedlin)
- added protected ClientBase::stanzasSent() to return sent stanzas (if Stream Management enabled)

v1.0.6 -- 04 Sep 2013
---------------------
- ClientBase: removed check for empty message body --> messages of type chat with empty bodies will be passed on to listeners - required for Message Carbons
- MessageSession: removed check for empty message body --> messages of type chat with empty bodies will be passed on to listeners - required for Message Carbons
- don't send presence after stream resumption
- added ClientBase::sendQueue()
- documentation updates and fixes

v1.0.5 -- 02 Sep 2013
---------------------
- added support for Stanza Forwarding (XEP-0297)
- added support for Message Carbons (XEP-0280)

v1.0.4 -- 30 Aug 2013
---------------------
- added support for Stream Management (XEP-0198)
- Fix some iterator usage for portability related to erase (patch by Daniel Bowen)
- Ensure setting a connection does not leave a deleted value in the member variable for a time (patch by Daniel Bowen)
- Add operator< and relatives to JID so that it can be in a map (patch by Daniel Bowen)
- Sandboxing on Apple doesn't like getprotobyname (patch by Daniel Bowen)
- MessageSession::send(): removed default argument of 2nd parameter to remove ambiguity of MS::send( string ) (#206) (source incompatible!)
- VCard: renamed setPhoto( string ) to setPhotoUri( string ) (#166) (source and binary incompatible)

v1.0.3 -- 22 Jul 2013
---------------------
- Changed license to GPLv3
- removed space from VS project name (--> gloox-1.0)
- VCardUpdate: fixed handling of empty hash (#203)
- VCardUpdate: added hasPhoto() to inidicate whether there was a photo tag (#203)
- compilation fixed when using getaddrinfo (patch by Roy van Dam)
- Receipt: recognize id attribute (patch by D鱈dac P辿rez) (#208)
- MessageSession: added MS::send( string& ) to properly provide a base for MUCMS::send( string& ) (#206)
- really fixed memory leak in prep::idna()
- gloox.vcproj: removed not-yet-present tlsgnutlsserver.cpp/.h

v1.0.2 -- 05 Jul 2013
---------------------
- SOCKS5Bytestream: Don't wait for incoming data, notify about open stream immediately upon
connection (patch by Erik Horemans)
- fixed/updated Code::Blocks and VS project files (fixes #197, #198)
- fixed memory leak in ClientBase (fixes #204)
- fixed memory leak in prep::idna()

v1.0.1 -- 29 Jun 2013
---------------------
- Added support for Serverless Messaging (XEP-0174)
- TLSOpenSSLServer: compilation fix
- don't bail on DNS TCP queries
- fixed 袖s timeout value (now defaults to 1.000.000)
- omit port in initial greeting (usually -1 anyway)
- fixed SHA1 hashes of 55 byte strings (#164)
- fixed CFLAGS and LIBS in pkg-config file (#163)
- fixed SOCKS5Bytestream double close notification
- tell gcrypt that we're using pthreads (if available)
- ClientBase: send IQ error response for unsupported features
- ClientBase: fixed potential infinite loop on IQ error
- ClientBase: fixed NTLM auth
- ClientBase, SEF: mutex-protected SE handling
- PubSub: added 'subscribe & configure'
- PubSub: added optional subid
- SOCKS5BytestreamServer: expose local socket
- RosterManager: don't use string-comparison on JIDs; use JID class
- NonSASLAuth: fixed resource usage by deprecating ClientBase::m_selectedResource
- InBandBytestream: don't call handler in dtor
- util: fixed long2string()
- fixed a few leaks in GnutTLS client code (#181)
- VCard: made getters const (#186) (binary-incompatible change!)
- PubsubManager: fixed using wrong Tag (#190)
- Search: fixed search() (#193)
- DNS: fix socket leak if no network connection is available (#192)
- PubsubManager: unconditionally call handleItemPublication() (#194)
- configure: Added -lgcrypt (dependency of GNUTLS)

(wiz)

Updated net/gst-plugins1-libnice to 0.1.6

(wiz)

Updated net/libnice to 0.1.6

(wiz)

Update libnice packages to 0.1.6:

libnice 0.1.6 (2014-04-28)
==========================
API: nice_agent_restart_stream() to do a ICE restart on a single strema
API: nice_component_state_to_string() to get a printable name for a component
  state
API: nice_agent_forget_relays() to forget the relays set for a
  specific component, along with nice_agent_restart_stream(), it allows
  changing the current relay without dropping the connection.
It is now possible to add relays after the initial candidate gathering.
Many bug fixes

(wiz)

Updated devel/monotone to 1.1

(wiz)

Update to 1.1:

Sun May  4 09:55:54 UTC 2014

        1.1 release.

        Changes

        - '_MTN/wanted-testresults' must now have 1 hex-encoded
          signing key hash in lowercase per line.

        New features

        - 'automate atttributes' now also works without a workspace
          and returns the attributes for a specific file from the
          revision's manifest

        - New 'erase_descendants' automate command which returns all
          input revisions, except those that are a descendant of
          another revision in the input.

        - New 'min(A)' selector is now available which returns all
          revisions selected by A which are not descendants of other
          revisions selected by A.

        - New 'not(A)' selector is now available which returns all
          revisions not selected by 'A'.

        - All certs for a revision are now output by 'mtn log' with
          'suspend', 'testresult', and custom certs placed under a
          a new 'Other certs' heading.

        - New conflict 'dropped/modified' allows explicitly resolving
          the case of a file that is dropped on one side of a merge,
          and modified on the other. Previously, the modifications
          were always lost; now you have the option of re-adding the
          file with the modifications during merge conflict
          resolution.

        - New attribute 'mtn:resolve_conflict' allows specifying a
          persistent 'drop' conflict resolution for a dropped/modified
          conflict. This is useful in the case where the conflict will
          occur again in the future, for example when a file that is
          maintained in an upstream branch is not needed, and
          therefore dropped, in a local branch.

        Bugs fixed

        - Monotone now compiles against Botan 1.10.x (as well as most of
          the testing releases in 1.9.y).

        - Struct file_handle got renamed to avoid clash with newer glibc's
          fcntl.h.

        - Monotone now compiles just fine with gcc's option
          "-Werror=format-security."

        - Fixed renaming across devices, for example if parts of the
          workspace are on NFS.

        - Fixed recursive file removal on Solaris.

        - Fixed a failure to revert some files when inodeprints is
          enabled.

        - Fix an early abort in netsync on Windows, which caused
          problems transferring large files.

        - Work around a 64-bit issue with mktime on Mac OS X for dates
          in 1901 and before.

        - Allow an ssh_agent socket path including dashes.

        - Monotone now works with Lua 5.2, even if it doesn't have
          backwards-compatibility compiled in.

        - Various fixes for compatibility with newer boost versions.

        - mtn add and mtn list are now more consistent in their use of
          --recursive and --unknown options.

        - Produce a meaningful error message when trying to disapprove a
          root.

        - Allow monotone to compile on platforms where MAXPATHLEN isn't
          defined (i.e. GNU/Hurd).

        - Allow monotone to compile on C++11-enabled g++ and clang++.

        - Allow the test suite to run on systems behind a broken DNS
          resolver and in cases where names cannot be resolved at all.

        - Allow the test suite to run from directories containing
          spaces and lots of other minor tweaks to the test suite
          making its results more reliable.

        Internal

        - The performance and memory usage of regular expressions has
          been improved throughout. This affects any use of the
          ".mtn-ignore" file such as "mtn ls unknown" and "mtn add",
          and any calls to "regex.search" in Lua hooks.

        Other

        - 'mtn diff' now outputs old and new revision IDs in the diff
          header when both are specified.

        - Additional Vim syntax files and an output colorization script
          in contrib.

(wiz)

Add in missing dependency on p5-Crypt-Blowfish_PP.

Bump PKGREVISION.

(dsainty)

Added security/p5-Crypt-Blowfish_PP version 1.12

(dsainty)

SUBDIR+=p5-Crypt-Blowfish_PP

(dsainty)

This is Crypt::Blowfish_PP, a Perl implementation of the Blowfish
cryptography algorithm designed by Bruce Schneier.

(dsainty)

Add me for Linux and OpenBSD.

(rodent)

+ courier-0.73.1
+ courier-authlib-0.66.1
+ courier-imap-4.15
+ maildrop-2.7.1
+ sqwebmail-5.7.2

(rodent)

Buildlink libiconv using build dependency method for OpenBSD. The courier-
{authlib,maildir} packages won't build otherwise (at least with
PREFER_PKGSRC=yes).

(rodent)

Python 2.6 is not supported by py-tryton.

(joerg)

devel/py-logon doesn't support Python 3.3.

(joerg)

devel/lua-stdlib-doc is gone.

(joerg)

Fix dependency.

(joerg)

Add amd64 to LP64PLATFORMS, OpenBSD returns amd64 instead of x86_64
No objection on public mailinglist.

(ryoon)

Fix OpenBSD 5.5 build

* OpenBSD 5.5 has /usr/include/sys/atomic.h, but it is different from NetBSD's
  one

(ryoon)

Fix build under OpenBSD/amd64 5.5

Use /usr/bin/libtool instead of libtool-base from pkgsrc, ugly workaround

(ryoon)

Support OpenBSD

* Borrow code from OpenBSD Ports

(ryoon)

Fix OpenBSD build
Use gcc46 instead of gcc45 for OpenBSD, because gcc45 from pkgsrc does not
support OpenBSD (yet)

(ryoon)

Fix build under OpenBSD

* Treat OpenBSD like other *BSD

(ryoon)

Create symlinks to library under OpenBSD

(ryoon)

Fix packaging under OpenBSD

* It create .so.1.0 libraries instead of .so
* Use bsdtar as tar forcibly under OpenBSD
* Fix tremor/vorbis conditional, but it is not used now

(ryoon)

Updated devel/libuuid to 2.24.2

(adam)

Changes 2.24.2:
* __uuid_generate_time()  report if clock_seq is safe
* do not use invalid file descriptor
* fix test in get_clock()
* get_clock()  report if the clock_seq is safe
* introduce uuid_generate_time_safe()
* manpage spelling fixes
* move __uuid function to UUIDD_PRIVATE in uuid.sym
* rename uuid__generate_* to __uuid_generate_*
* update manpage, mention uuid_generate_time_safe

(adam)

- bump PKGREVISION for previous commit
Thanks wiz@

(szptvlfn)

Pullup tickets #4396, #4397 and #4398.

(tron)

Pullup ticket #4398 - requested by obache
emulators/suse131_mozilla-nss: security update

Revisions pulled up:
- emulators/suse131_mozilla-nss/Makefile                        1.2-1.3
- emulators/suse131_mozilla-nss/distinfo                        1.2-1.3

---
  Module Name: pkgsrc
  Committed By: obache
  Date: Fri Apr  4 10:08:21 UTC 2014

  Modified Files:
  pkgsrc/emulators/suse131_mozilla-nss: Makefile distinfo

  Log Message:
  Update suse131_mozilla-nss RPM to 3.15.5-16.1 from openSUSE-SU-2014:0448-1.

      Changes in mozilla-nss:
      - update to 3.15.5
      * required for Firefox 28
      * export FREEBL_LOWHASH to get the correct default
      headers (bnc#865539) New functionality
      * Added support for the TLS application layer protocol
      negotiation (ALPN) extension. Two SSL socket options,
      SSL_ENABLE_NPN and SSL_ENABLE_ALPN, can be used to
      control whether NPN or ALPN (or both) should be used
      for application layer protocol negotiation.
      * Added the TLS padding extension. The extension type
      value is 35655, which may change when an official
      extension type value is assigned by IANA. NSS
      automatically adds the padding extension to ClientHello
      when necessary.
      * Added a new macro CERT_LIST_TAIL, defined in certt.h,
      for getting the tail of a CERTCertList. Notable Changes
      * bmo#950129: Improve the OCSP fetching policy when
      verifying OCSP responses
      * bmo#949060: Validate the iov input argument (an array
      of PRIOVec structures) of ssl_WriteV (called via
      PR_Writev). Applications should still take care when
      converting struct iov to PRIOVec because the iov_len
      members of the two structures have different types
      (size_t vs. int). size_t is unsigned and may be larger
      than int.

  Bump PKGREVISION.

---
  Module Name: pkgsrc
  Committed By: obache
  Date: Sat May  3 02:19:27 UTC 2014

  Modified Files:
  pkgsrc/emulators/suse131_mozilla-nss: Makefile distinfo

  Log Message:
  Apply Security Update: openSUSE-SU-2014:0599-1
  update for MozillaFirefox

  Description:

      This is also a mozilla-nss update to version 3.16:
      * required for Firefox 29
      * bmo#903885 - (CVE-2014-1492) In a wildcard certificate,
      the wildcard character should not be embedded within
      the U-label of an internationalized domain name. See
      the last bullet point in RFC 6125, Section 7.2.
      * Supports the Linux x32 ABI. To build for the Linux x32
      target, set the environment variable USE_X32=1 when
      building NSS. New Functions:
      * NSS_CMSSignerInfo_Verify New Macros
      * TLS_RSA_WITH_RC4_128_SHA,
      TLS_RSA_WITH_3DES_EDE_CBC_SHA, etc., cipher suites that
      were first defined in SSL 3.0 can now be referred to
      with their official IANA names in TLS, with the TLS_
      prefix. Previously, they had to be referred to with
      their names in SSL 3.0, with the SSL_ prefix. Notable
      Changes:
      * ECC is enabled by default. It is no longer necessary to
      set the environment variable NSS_ENABLE_ECC=1 when
      building NSS. To disable ECC, set the environment
      variable NSS_DISABLE_ECC=1 when building NSS.
      * libpkix should not include the common name of CA as DNS
      names when evaluating name constraints.
      * AESKeyWrap_Decrypt should not return SECSuccess for
      invalid keys.
      * Fix a memory corruption in sec_pkcs12_new_asafe.
      * If the NSS_SDB_USE_CACHE environment variable is set,
      skip the runtime test sdb_measureAccess.
      * The built-in roots module has been updated to version
      1.97, which adds, removes, and distrusts several
      certificates.
      * The atob utility has been improved to automatically
      ignore lines of text that aren't in base64 format.
      * The certutil utility has been improved to support
      creation of version 1 and version 2 certificates, in
      addition to the existing version 3 support.

  Bump PKGREVISION.

(tron)

Pullup ticket #4397 - requested by obache
emulators/suse131_libcurl: security update

Revisions pulled up:
- emulators/suse131_libcurl/Makefile                            1.4
- emulators/suse131_libcurl/distinfo                            1.4

---
  Module Name: pkgsrc
  Committed By: obache
  Date: Sat May  3 02:13:44 UTC 2014

  Modified Files:
  pkgsrc/emulators/suse131_libcurl: Makefile distinfo

  Log Message:
  Apply Security Update: openSUSE-SU-2014:0598-1
  update for curl

  Description:

      This curl update fixes two security issues:

      - bnc#868627: Fixed wrong re-use of connections
      (CVE-2014-0138).
      - bnc#868629: Fixed IP address wildcard certificate
      validation  (CVE-2014-0139).

  Bump PKGREVISION.

(tron)

Pullup ticket #4396 - requested by obache
emulators/suse131_openssl: security update

Revisions pulled up:
- emulators/suse131_openssl/Makefile                            1.6-1.7
- emulators/suse131_openssl/distinfo                            1.6-1.7

---
  Module Name: pkgsrc
  Committed By: obache
  Date: Wed Apr 23 13:14:42 UTC 2014

  Modified Files:
  pkgsrc/emulators/suse131_openssl: Makefile distinfo

  Log Message:
  Apply Security Update: openSUSE-SU-2014:0560-1
  update for openssl

      This is an openssl version update to 1.0.1g.

      - The main reason for this upgrade was to be clear about
      the TLS  heartbeat problem know as "Heartbleed"
      (CVE-2014-0160). That  problem was already fixed in our
      previous openssl update.

  Bump PKGREVISION.

---
  Module Name: pkgsrc
  Committed By: obache
  Date: Sat May  3 02:10:06 UTC 2014

  Modified Files:
  pkgsrc/emulators/suse131_openssl: Makefile distinfo

  Log Message:
  Apply Security Update: openSUSE-SU-2014:0592-1
  OpenSSL: Fixed a use-after-free race condition in OpenSSL's read buffer.

  Description:

      A use-after-free race condition in OpenSSL's read buffer
      was fixed that could cause connections to drop
      (CVE-2010-5298).

  Bump PKGREVISION.

(tron)

fix possible creation of invalid P2M entries, leading to xen crash
The vulnerability is only exposed to service domains for HVM guests
which have privilege over the guest.  In a usual configuration that
means only device model emulators (qemu-dm).
bump PKGREV

(drochner)

add missing file

(szptvlfn)

Changes 2.53:
Points to Gabor Szabo's GD::Simple tutorial, and fix link to repository.

(adam)

Fix build under Mac OS X.

(tron)

Updated www/squid3 to 3.4.5; www/squidanalyzer to 5.4

(adam)

Changes 3.4.5:
* Logformat annotation fixes
* Resolve 'dying from an unhandled exception: c'
* Fix order dependency between cache_dir and maximum_object_size
* Bug 4051: fix inverted test on CONNECT payload existence

(adam)

Changes 5.4:
- Change CSS to adjust calendar position.
- Add Czech language file.
- Add Ukrainian translation file.
- Add CustomHeader to allow custom definition of the logo and title.
  See squidanalyzer.conf or documentation for more explanation and
  example.
- Replace logrotate example that was too simplistic.
- Update documentation about -P option.
- Prevents the script to run multiple instances using a pid file. This
  patch adds a new command line option -P to change the default pid file
  (/tmp/squid-analyzer.pid).
- Remove useless command to delete special files because those files are
  not installed by make install.
- Fix spec file to build RPM.
- Fix usage to show $DEFAULT_CONFIGFILE that may not always be the
  right place following the installation.
- Remove squid requirement from RPM spec file.
- Add spanish language file.
- Remove ^M when reading translation files.
- Add new weekly reports.
- Add build and storage of weekly statistics.
- Fix CSS to reduce font size used in the calendar and increase size
  of the header.
- Add WeekDay translation string.
- Remove link on week, the week view is not available yet.
- Add week day and week number to the calendar.
- Fix bug where statistics from the last parsed day was count twice
  in months and years statisics.
- Add file etc/included to limit entries to matching users, networks
  or ip address.
- Show values of all dataset when mouse is over graph.
- Update pt_BR.txt language file.
- Update flotr2 to most recent version. Replace bars in graphs with
  line to have mouse tracking on each dataset. Change line graphs
  colors and reformat label shown on mouse over graph data.
- Remove special hidden character from documentation that prevent
  pod2man from working.
- Add TCP DENIED report in cache statistics.
- Fix missing semi-colon after graph width definition. Add missing
  graph on mime type.
- Add russian translation.
- Fix german lang file about new second level domain label.
- Update translation files with new Second_domain_graph_hits_title
  and Second_domain_graph_bytes_title variables.
- Add ordering of pie legend following percentage.
- Change trackFormatter so that mouse over the pie-chart color shows
  the domain/TLD name also with the value.
- Add advice about parsing access.log after logrotate.
- Fix some more issue on top second level report.

(adam)

Note/Update comments for patches.

(obache)

Note comment.

(obache)

move preference conditional line below bsd.prefs.mk.

(obache)

Update example instruction.
Current default ruby is 200.

(obache)

for hack before we intoduce fake openssl.pc, not referenced from anywhere.

(obache)

missing recursive bump from pixman.

(obache)

Exactly buildlink with gtk2 and gtk3, modules.mk will not prepared by finddepends(1).

(obache)

Not found sites providing update rpm for suse-10.0.

(obache)

Back out premature 1.7 libobjc2 Makefile commit

(rh)

Add PLIST.Linux to fix bulk builds (adds extra .so.4 link on Linux installs)

(rh)

Add entries for ppc.

(obache)

Update MASTER_SITES for suse10.0 distributuion.

(obache)

Try to fix build under OpenBSD

(ryoon)

Recursive revbump from pixman, fix PR pkg/48777
And bump library requirements

(ryoon)

Recursive revbump from x11/pixman
Fix PR pkg/48777

(ryoon)

Bump BUILDLINK_{API,ABI}_DEPENDS

* pixman_region32_clear() is implemented in 0.25.2 or later.
  It is required by firefox-29.0.

(ryoon)

Updated devel/py-virtualenv to 1.11.5

(wiz)