Revert erroneous commit to branch pkgsrc-2010Q3.
Sorry for the inconvenience.

(jkunz)

Revert erroneous commit to branch pkgsrc-2010Q3.
Sorry for the inconvenience.

(jkunz)

Update to version 0.3.4

Changes:
Bug    #11:
Fix screenshot rotation for 60SCx
Request #12:
add driver for Forerunner 305

(jkunz)

Update to version 0.17.0.

Changes:
* French Cadastre plugin
* Bing Maps plugin
* GDAL raster background plugin
* Printing and exporting to PDF/raster/SVG
* Extrude interaction for ways
* Filter system
* Toolbar editor (create/modify tollbars)
* Allow to align background image with <SPACE>+pan
* When opening/importing, always fallback to GDAL if available. Allows to open most GDAL supported geomtery files.
* Styles : allow to texture areas with an icon
* Auto-add "source" tag when drawing over a background map; define the value in the WMS and TMS editors
* New command line options: "--ignore-preferences" && "--reset-preferences"
* "--importag-tags-as-is" command-line switch to prevent adding underscores to imported tags
* When creating a way or area, press "C" to close the current way
* New preference: "Allow node/way creation in select mode". When checked, allows double-click to create a node and double-click on a node to start a way in select mode.
* Snap to angle functionality when creating way: keeping "o" pressed snap to 45� angles, "h" snap to 30� angles
* Ability to enter and select multiple OSM servers in preferences
* Use Nominatim (http://nominatim.openstreetmap.org/) for place name lookup due to gazetteer closure
* Support for XAPI
* Allow to rename a layer by double-clicking on its name
* If a shapefile do not provide its projection, ask the user for it and do not crash
* "Set view projection to layer's" action added to image layers; set the main projection to the one of the layer
* Tool to align edges to regularly spaced angles (can orthogonalise buildings)
* Join areas tool
* Add a "portable" mode to merkaartor via command-line ("-p") or build setting ("PORTABLE=1")
* Add a "Find" button to the Feature dock. Press "Reset" to revert to list current features.

(jkunz)

Pullup ticket #3319.

(tron)

Pullup ticket #3319 - requested by taca
lang/php5: security update
lang/php53: security update

Revisions pulled up:
- lang/php5/Makefile.common 1.45
- lang/php5/distinfo 1.83
- lang/php5/distinfo 1.84
- lang/php5/patches/patch-ab 1.6
- lang/php5/patches/patch-ab delete
- lang/php53/Makefile.common 1.4
- lang/php53/distinfo 1.9
- lang/php53/patches/patch-ar 1.1
---
Module Name: pkgsrc
Committed By: jklos
Date: Thu Jan  6 22:13:24 UTC 2011

Modified Files:
pkgsrc/lang/php5: distinfo
Added Files:
pkgsrc/lang/php5/patches: patch-ab

Log Message:
Fix VAX floating point handling in zend_strtod.c.
---
Module Name: pkgsrc
Committed By: taca
Date: Fri Jan  7 09:16:28 UTC 2011

Modified Files:
pkgsrc/lang/php5: Makefile.common distinfo
Removed Files:
pkgsrc/lang/php5/patches: patch-ab

Log Message:
Update php5 pacakge to 5.2.17.

* patch-ab (Fix VAX floating point handling) is merge to PHP 5.2.17.

06 Jan 2010, PHP 5.2.17
- Fixed Bug #53632 (infinite loop with x87 fpu). (CVE-2010-4645) (Scott,
  Rasmus)
---
Module Name: pkgsrc
Committed By: taca
Date: Fri Jan  7 09:20:16 UTC 2011

Modified Files:
pkgsrc/lang/php53: Makefile.common distinfo
Added Files:
pkgsrc/lang/php53/patches: patch-ar

Log Message:
Update php53 pacakge to 5.3.5.

* Add fix for VAX floating point handling (Bug #53682), r307192 from
  PHP's repositry.  (It is in PHP 5.2.17 but not in 5.3.5).

06 Jan 2011, PHP 5.3.5
- Fixed Bug #53632 (infinite loop with x87 fpu). (Scott, Rasmus)

(tron)

Pullup ticket #3317 and #3318.

(tron)

Pullup ticket #3317 - requested by taca
www/contao29: security update

Revisions pulled up:
- www/contao29/Makefile 1.8-1.10
- www/contao29/Makefile.version 1.3-1.4
- www/contao29/distinfo 1.4-1.6
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Dec  2 13:32:45 UTC 2010

Modified Files:
pkgsrc/www/contao29: Makefile Makefile.version distinfo

Log Message:
Update contao29 package to 2.9.2.

Version 2.9.2 (2010-12-02)
--------------------------
- Updated TCPDF to version 5.9.023 (#2686)
- Updated MooTools Core to version 1.2.5 (#2545)
- Updated TinyMCE to version 3.3.9.2 (#2702)
- Updated mediaboxAdvanced to version 1.2.5 (#2701)
- Added: allow external images in HTML newsletters (#2396)
- Added: added insert tags for acronyms and abbreviations (#2478)
- Added: add class "sibling" to pages on the same level in the navigation menu (#2419)
- Fixed: do not allow insert tags in comments (#2499)
- Fixed: check for custom layout sections during the theme import
- Fixed: only send the comments notification once (#2407)
- Fixed: skipping the first item of a news list did not work correctly (#2488)
- Fixed: allow column width 0 in page layouts (#2554)
- Fixed: consider the protocol when loading scripts from the Google CDN (#2450)
- Fixed: textareas in the back end were cut off in Opera (#2404)
- Fixed: the task history could not be collapsed (#2424)
- Fixed: the link insert tags showed the page title instead of the page name (#2371)
- Fixed: do not show empty fieldset legends in the form generator (#2625)
- Fixed: preserve curly brackets when replacing simple tokens (#2597)
- Fixed: the style sheet importer did not support some CSS3 selectors (#2566)
- Fixed: textual date insert tags were not replaced when loaded from cache (#2644)
- Fixed: the image insert tag did not output the image dimensions (#2529)
- Fixed: clear the $_GET array after rendering the event list module (#2445)
- Fixed: do not aggregate style sheets with a @font-face selector (#2443)
- Fixed: news insert tags did not handle entities correctly (#2604)
- Fixed: do not show the FTP and database passwords in the install tool (#2417)
- Fixed: minor fixes for the TimePeriod widget (#2477)
- Fixed: update the CSS files after an old version of a record has been restored (#2524)
- Fixed: custom page templates were not shown in "override all" mode (#2494)
- Fixed: incorrect event sorting (#2675)
- Fixed: do not execute hooks in the extension manager (#2448)
- Fixed: check for existing files when renaming files in the file manager (#2610)
- Fixed: check redirect pages for circular references (#2704)
- Fixed: fixed a few minor spelling issues (#2403)
- Fixed some minor issues
---
odule Name: pkgsrc
Committed By: taca
Date: Thu Dec  2 15:41:30 UTC 2010

Modified Files:
pkgsrc/www/contao29: Makefile distinfo

Log Message:
Due to a serious bug of installtool, Contao 2.9.2 has repackaged.

So, introduce DIST_SUBDIR and Bump PKGREVISION.
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Jan  6 13:19:08 UTC 2011

Modified Files:
pkgsrc/www/contao29: Makefile Makefile.version distinfo

Log Message:
Update contao29 (and implicitly contao29-example) pacakge to 2.9.3.

Version 2.9.3 (2011-01-06)
--------------------------
- Fixed: custom templates were not always shown in "override all" mode (#2725)
- Fixed: prevent the X_FORWARDED_FOR header against XSS attacks (#2751)
- Fixed: preserve the selector fields in the personal data module (#2609)
- Fixed: skip mounted folders in the file manager if they do not exist (#2708)
- Fixed: the quick navigation modules failed to work when aliases were
  disabled (#2718)
- Fixed some minor issues

(tron)

Pullup ticket #3318 - requested by taca
www/typolight28: security patch

Revisions pulled up:
- www/typolight28/Makefile 1.12
- www/typolight28/distinfo 1.10
- www/typolight28/patches/patch-ae 1.1
- www/typolight28/patches/patch-af 1.1
---
Mommitted By: taca
Date: Thu Jan  6 14:23:41 UTC 2011

Modified Files:
pkgsrc/www/typolight28: Makefile distinfo
Added Files:
pkgsrc/www/typolight28/patches: patch-ae patch-af

Log Message:
Add the same patch of Comment module as Contao 2.9.3.
Changes are derived from Conao's repository.

Bump PKGREVISION.

(tron)

Pullup ticket #3316

(sbd)

Pullup ticket #3316 - requested by tron
Security patch for wireshark

Revisions pulled up:
- pkgsrc/net/wireshark/Makefile 1.58
- pkgsrc/net/wireshark/distinfo 1.38
- pkgsrc/net/wireshark/patches/patch-SA42767 1.1

-------------------------------------------------------------------------
  Module Name: pkgsrc
  Committed By: tron
  Date: Tue Jan  4 15:39:34 UTC 2011

  Modified Files:
  pkgsrc/net/wireshark: Makefile distinfo
  Added Files:
  pkgsrc/net/wireshark/patches: patch-SA42767

  Log Message:
  Add patch from the Wireshark SVN repository to fix the security
  vulnerability reported in SA42767 which affects the ENTTEC dissector.

(sbd)

Pullup ticket #3315

(sbd)

Pullup ticket #3315 - requested by taca
www/geeklog security fix

Revisions pulled up:
- pkgsrc/www/geeklog/Makefile 1.29, 1.30
- pkgsrc/www/geeklog/PLIST 1.14
- pkgsrc/www/geeklog/distinfo 1.15, 1.16

-------------------------------------------------------------------------
  Module Name: pkgsrc
  Committed By: taca
  Date: Thu Nov  4 15:52:10 UTC 2010

  Modified Files:
  pkgsrc/www/geeklog: Makefile PLIST distinfo

  Log Message:
  Update www/geeklog package to 1.7.1.

  Geeklog History/Changes:

  Oct 31, 2010 (1.7.1)
  ------------

  - Fixed description of $index parameter for STORY_renderArticle (bug #0001203)
    [Dirk]
  - The number of successfully imported users was always reported as 0 for the
    "Batch Add" option in the User Manager (bug #0001211) [Ivy, Dirk]
  - Fixed a bug in the MS SQL changeDESCRIBE method to properly prefix the proper
    sql query string [Randy]

  - Updated Hebrew language files, provided by LWC
  - New Italian language files for the Links plugin, provided by Rouslan Placella
  - Updated Italian language files for the Static Pages plugin, provided by
    Rouslan Placella

  Calendar Plugin
  ---------------
  - Fixed an SQL error when returning search results for the Personal Calendar
    (bug #0001195) [Dirk]

  Oct 10, 2010 (1.7.1rc1)
  ------------

  - If content from an Autotag produces another Autotag it will be executed (to a
    maximum of 5 times) [Tom]
  - Themes can now have their own display functions for the start and end of
    Blocks. (Feature #0001188) [Tom]
  - Reverted a change in 1.7.0 that would send a Content-Type header when calling
    COM_refresh since this conflicts with some plugins (e.g. the Forum) [Dirk]
  - Fixed wrong view after posting a comment on a poll (bug #0001080, patch
    provided by Wojtek Szkutnik)
  - Fixed language in the dropdown for the permanent cookie in the Configuration
    (bug #0001117, patch provided by Eric Brisco)
  - Added cancel and delete buttons to comment edit and submission forms when
    needed. (Feature #0000981) [Tom]
  - Reverted parts of the changes for bug #0001057: Do _not_ escape curly braces
    when displaying a block's content (bug #0001156). If you run into the problem
    that words in curly braces inside blocks are interpreted as template
    variables, simply add a space after the opening and/or the closing brace
    [Dirk]
  - Autotags can now be inserted directly into template files.
    (Feature #0001181) [Tom]
  - Plugins are able to control moderation and return a string to be displayed.
    (Feature #0000619 patch provided by jmucchiello)
  - Admin lists can now display a 0 in a column instead of being blank
    (bug #0001060 patch provided by jmucchiello)
  - Fixed "Show & Hide Boxes" option in My Account (reported by Pushkar) [Dirk]
  - Display the topic name (instead of the topic id) in the list of draft stories
    (bug #0001171) [Dirk]
  - Fixed COM_formatTimeString to correctly handle intervals bigger than 4 weeks
    (bug #0001158) [Dirk]
  - Call PLG_templateSetVars for the Advanced Search form [Dirk]
  - Make sure we keep the current status of the user's Advanced Editor option
    even when Advanced Editor is disabled for the site (Thanks, Markus) [Dirk]
  - Comment submissions for plugins were missing the type [Dirk]
  - In the Group Editor, hide the 'Apply "Default Group" change' option until the
    state of the "Default Group" checkbox changes (feature request #0001116,
    patch provided by Dushyant Tiwari)
  - Fixed handling of $LANG_DIRECTION in the install script (cf. bug #0000871)
  - Fixed query highlighting in articles - didn't work for queries that contained
    characters filtered by COM_applyFilter [Dirk]

  - Updated Japanese language file, provided by the Geeklog.jp group
  - New and updated French (France) language files, provided by Ben
  - Updated Hebrew language file for the Links plugin, provided by LWC

  Static Pages Plugin
  -------------------
  - Call up the Advanced Editor when enabled (bug #0001147, patch provided by
    Samuel Leathers)
  - A Static Page can now be marked as a template and used by other Static Pages.
    (Feature #0001085) [Tom]

-------------------------------------------------------------------------
  Module Name: pkgsrc
  Committed By: taca
  Date: Mon Jan  3 01:57:25 UTC 2011

  Modified Files:
  pkgsrc/www/geeklog: Makefile distinfo

  Log Message:
  Update geeklog package to 1.7.1.1 (1.7.1sr1), security fix.

  Jan 2, 2011 (1.7.1sr1)
  ------------

  This release addresses the following security issue:

  Aung Khant of the YGN Ethical Hacker Group reported an XSS in the admin's
  configuration panel.

(sbd)

Pullup ticket #3314

(sbd)

Pullup ticket #3314 - requested by morr
wordpress critical security update.

Revisions pulled up:
- www/wordpress/Makefile 1.14
- www/wordpress/distinfo 1.10

-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: morr
Date: Thu Dec 30 22:27:45 UTC 2010

Modified Files:
pkgsrc/www/wordpress: Makefile distinfo

Log Message:
Critical security update.
ChangeLog:

* Fix XSS vulnerabilities in the KSES library: Don't be case sensitive
  to attribute names. Handle padded entities when checking for bad
  protocols. Normalize entities before checking for bad protocols in
  esc_url().

(sbd)

Pullup ticket #3313

(sbd)

Pullup ticket #3313 - requested by tron
Security patch for "sysutils/dbus"

Revisions pulled up:
- sysutils/dbus/Makefile 1.50
- sysutils/dbus/distinfo 1.36
- sysutils/dbus/patches/patch-CVE-2010-4352-1 1.1
- sysutils/dbus/patches/patch-CVE-2010-4352-2 1.1
- sysutils/dbus/patches/patch-CVE-2010-4352-3 1.1
- sysutils/dbus/patches/patch-CVE-2010-4352-4 1.1

-------------------------------------------------------------------------
  Module Name: pkgsrc
  Committed By: tron
  Date: Wed Dec 29 10:49:21 UTC 2010

  Modified Files:
  pkgsrc/sysutils/dbus: Makefile distinfo
  Added Files:
  pkgsrc/sysutils/dbus/patches: patch-CVE-2010-4352-1
      patch-CVE-2010-4352-2 patch-CVE-2010-4352-3 patch-CVE-2010-4352-4

  Log Message:
  Add fix for vulnerability reported in CVE-2010-4352 (SA42580) taken
  from the "dbus" GIT repository.

(sbd)

Pullup tickets 3309, 3310, 3311 and 3312

(sbd)

Pullup ticket #3311 - requested by taca
pkgsrc/www/typo3 security fix

Revisions pulled up:
- pkgsrc/www/typo3/Makefile 1.27
- pkgsrc/www/typo3/PLIST 1.16
- pkgsrc/www/typo3/distinfo 1.20

-------------------------------------------------------------------------
  Module Name: pkgsrc
  Committed By: taca
  Date: Thu Dec 16 15:35:34 UTC 2010

  Modified Files:
  pkgsrc/www/typo3: Makefile PLIST distinfo

  Log Message:
  Update typo3 package to 4.4.5.

  Quote from http://wiki.typo3.org/wiki/TYPO3_4.4.5, prease refer the
  page for more detail.

  Due to several security issues found in the TYPO3 Core, there was a combined
  release of TYPO3 4.2.16, 4.3.9 and 4.4.5.
  Find more details in the security bulletin:
  http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-022/

(sbd)

Pullup ticket #3310 - requested by taca
pkgsrc/www/horde security fix

Revisions pulled up:
- pkgsrc/www/horde/Makefile 1.70, 1.71
- pkgsrc/www/horde/PLIST 1.25
- pkgsrc/www/horde/distinfo 1.28, 1.29

-------------------------------------------------------------------------
  Module Name: pkgsrc
  Committed By: adam
  Date: Wed Nov 10 12:46:53 UTC 2010

  Modified Files:
  pkgsrc/www/horde: Makefile PLIST distinfo

  Log Message:
  Changes 3.3.10:
  * Fix searching DataTree elements (groups) if backend charset is different
    from interface charset
  * Fix accessing IMAP ACLs that contain non-alphanumeric characters
  * Avoid fatal errors when using DateTime with not properly configured PHP 5.3+
  * Fix importing recurrence exceptions from vCalendar 1.0.
  * Fix preferences management regression
  * Fix conversion of all-day events and certain yearly recurring events for
    Funambol clients.
  * Fix memcache cache regression.
  * Fix SyncML page sometimes deleting more anchors than selected.

-------------------------------------------------------------------------
  Module Name: pkgsrc
  Committed By: taca
  Date: Thu Dec 16 03:38:32 UTC 2010

  Modified Files:
  pkgsrc/www/horde: Makefile distinfo

  Log Message:
  Update horde pacakge to 3.3.11.

  Fixing http://secunia.com/advisories/42355/.

  -------
  v3.3.11
  -------

  [mms] SECURITY: Fix XSS when viewing details of a vCard (Bug #9357).
  [jan] Fix exporting recurrence exceptions to vCalendar 1.0.
  [jan] Skip event status synchronization with Outlook, which is broken.
  [jan] Don't send SIF data to recent Funambol clients, unless requested.
  [jan] Log all queries and errors by the history library.

(sbd)

Pullup ticket #3309 - requested by taca

Revisions pulled up:
- pkgsrc/textproc/php-intl/Makefile 1.2
- pkgsrc/textproc/php-intl/distinfo 1.2
- pkgsrc/textproc/php-intl/patches/patch-aa 1.2

-------------------------------------------------------------------------
  Module Name: pkgsrc
  Committed By: taca
  Date: Thu Dec 16 03:37:28 UTC 2010

  Modified Files:
  pkgsrc/textproc/php-intl: Makefile distinfo
  pkgsrc/textproc/php-intl/patches: patch-aa

  Log Message:
  Update php-intl package to 1.1.2.

  Changelog says only "* Bugfixes" but it is really fix CVE-2010-4409.

(sbd)

Pullup ticket #3312 - requested by taca
pkgsrc/lang/{php5,php53} security fixes

Revisions pulled up:
- pkgsrc/databases/php-mysql/Makefile 1.14
- pkgsrc/databases/php-mysqli/Makefile 1.3
- pkgsrc/databases/php-pdo_mysql/Makefile 1.12
- pkgsrc/lang/php5/Makefile 1.80, 1.81
- pkgsrc/lang/php5/Makefile.common 1.43, 1.44
- pkgsrc/lang/php5/distinfo 1.80, 1.81, 1.82
- pkgsrc/lang/php5/patches/patch-ak 1.8, deleted
- pkgsrc/lang/php5/patches/patch-bf 1.1, deleted
- pkgsrc/lang/php5/patches/patch-bg 1.1, deleted
- pkgsrc/lang/php53/Makefile 1.5, 1.6
- pkgsrc/lang/php53/Makefile.common 1.3
- pkgsrc/lang/php53/distinfo 1.7, 1.8
- pkgsrc/lang/php53/patches/patch-ab 1.3
- pkgsrc/lang/php53/patches/patch-am 1.1, deleted
- pkgsrc/lang/php53/patches/patch-an 1.1, deleted
- pkgsrc/lang/php53/patches/patch-ao 1.1, deleted
- pkgsrc/lang/php53/patches/patch-ap 1.1, deleted
- pkgsrc/lang/php53/patches/patch-aq 1.1, deleted
- pkgsrc/mail/php-imap/Makefile 1.21, 1.22
- pkgsrc/www/ap-php/Makefile 1.24
- pkgsrc/www/php-eaccelerator/Makefile 1.13

-------------------------------------------------------------------------
  Module Name: pkgsrc
  Committed By: taca
  Date: Thu Nov 25 03:43:50 UTC 2010

  Modified Files:
  pkgsrc/lang/php53: Makefile distinfo
  Added Files:
  pkgsrc/lang/php53/patches: patch-am patch-an patch-ao patch-ap patch-aq

  Log Message:
  - GC bug fix: http://svn.php.net/viewvc?view=revision&revision=303016
  - CVE-2010-3710 (a part of SA41724)
  http://svn.php.net/viewvc?view=revision&revision=303779
  - CVE-2010-3870 (a part of SA41724)
  http://svn.php.net/viewvc?view=revision&revision=304959
  - CVE-2010-4150 (php-imap)
  http://svn.php.net/viewvc?view=revision&revision=305032
  - CVE-2010-4156 (SA42135)
  http://svn.php.net/viewvc?view=revision&revision=305214

  Bump PKGREVISION.

-------------------------------------------------------------------------
  Module Name: pkgsrc
  Committed By: taca
  Date: Thu Nov 25 03:44:16 UTC 2010

  Modified Files:
  pkgsrc/lang/php5: Makefile distinfo
  Added Files:
  pkgsrc/lang/php5/patches: patch-ak patch-bf patch-bg

  Log Message:
  - CVE-2010-4150 (php-imap)
  http://svn.php.net/viewvc?view=revision&revision=305032
  - CVE-2010-3710 (a part of SA41724)
  http://svn.php.net/viewvc?view=revision&revision=303885
  - CVE-2010-3870 (a part of SA41724)
  http://svn.php.net/viewvc?view=revision&revision=305055

  Bump PKGREVISION.

-------------------------------------------------------------------------
  Module Name: pkgsrc
  Committed By: taca
  Date: Thu Nov 25 03:45:19 UTC 2010

  Modified Files:
  pkgsrc/mail/php-imap: Makefile

  Log Message:
  Bump REVISION since CVE-2010-4150 fix was added.

-------------------------------------------------------------------------
  Module Name: pkgsrc
  Committed By: taca
  Date: Mon Dec 13 13:15:46 UTC 2010

  Modified Files:
  pkgsrc/lang/php5: Makefile Makefile.common distinfo
  Removed Files:
  pkgsrc/lang/php5/patches: patch-ak patch-bf patch-bg

  Log Message:
  Update php5 package to 5.2.15 (PHP 5.2.15):

  The PHP development team would like to announce the immediate
  availability of PHP 5.2.15. This release marks the end of support for
  PHP 5.2. All users of PHP 5.2 are encouraged to upgrade to PHP 5.3.

  This release focuses on improving the security and stability of the
  PHP 5.2.x branch with a small number, of predominatly security fixes.

  Security Enhancements and Fixes in PHP 5.2.15:

  * Fixed extract() to do not overwrite $GLOBALS and $this when using
    EXTR_OVERWRITE.
  * Fixed crash in zip extract method (possible CWE-170).
  * Fixed a possible double free in imap extension.
  * Fixed possible flaw in open_basedir (CVE-2010-3436).
  * Fixed NULL pointer dereference in
    ZipArchive::getArchiveComment. (CVE-2010-3709).
  * Fixed bug #52929 (Segfault in filter_var with FILTER_VALIDATE_EMAIL with
    large amount of data).

  Key enhancements in PHP 5.2.15 include:

  * Fixed bug #47643 (array_diff() takes over 3000 times longer than php
    5.2.4).
  * Fixed bug #44248 (RFC2616 transgression while HTTPS request through proxy
    with SoapClient object).
  * To prepare for upgrading to PHP 5.3, now that PHP 5.2's support ended, a
    migration guide available on http://php.net/migration53, details the changes
    between PHP 5.2 and PHP 5.3.

  For a full list of changes in PHP 5.2.15 see the ChangeLog at
  http://www.php.net/ChangeLog-5.php#5.2.15.

-------------------------------------------------------------------------
  Module Name: pkgsrc
  Committed By: taca
  Date: Mon Dec 13 13:16:37 UTC 2010

  Modified Files:
  pkgsrc/lang/php53: Makefile Makefile.common distinfo
  pkgsrc/lang/php53/patches: patch-ab
  Removed Files:
  pkgsrc/lang/php53/patches: patch-am patch-an patch-ao patch-ap patch-aq

  Log Message:
  Update lang/php53 package to 5.3.4 (PHP 5.3.4).

  The PHP development team is proud to announce the immediate release of PHP
  5.3.4. This is a maintenance release in the 5.3 series, which includes a large
  number of bug fixes.

  Security Enhancements and Fixes in PHP 5.3.4:

  * Fixed crash in zip extract method (possible CWE-170).
  * Paths with NULL in them (foo\0bar.txt) are now considered as invalid
    (CVE-2006-7243).
  * Fixed a possible double free in imap extension (Identified by Mateusz
    Kocielski). (CVE-2010-4150).
  * Fixed NULL pointer dereference in
    ZipArchive::getArchiveComment. (CVE-2010-3709).
  * Fixed possible flaw in open_basedir (CVE-2010-3436).
  * Fixed MOPS-2010-24, fix string validation. (CVE-2010-2950).
  * Fixed symbolic resolution support when the target is a DFS share.
  * Fixed bug #52929 (Segfault in filter_var with FILTER_VALIDATE_EMAIL with
    large amount of data) (CVE-2010-3710).

  Key Bug Fixes in PHP 5.3.4 include:

  * Added stat support for zip stream.
  * Added follow_location (enabled by default) option for the http stream
    support.
  * Added a 3rd parameter to get_html_translation_table. It now takes a charset
    hint, like htmlentities et al.
  * Implemented FR #52348, added new constant ZEND_MULTIBYTE to detect zend
    multibyte at runtime.
  * Multiple improvements to the FPM SAPI.
  * Over 100 other bug fixes.

  For users upgrading from PHP 5.2 there is a migration guide available here,
  detailing the changes between those releases and PHP 5.3.

  For a full list of changes in PHP 5.3.4, see the ChangeLog. For source
  downloads please visit our downloads page, Windows binaries can be found on
  windows.php.net/download/.

-------------------------------------------------------------------------
  Module Name: pkgsrc
  Committed By: taca
  Date: Mon Dec 13 13:18:20 UTC 2010

  Modified Files:
  pkgsrc/databases/php-mysql: Makefile
  pkgsrc/databases/php-mysqli: Makefile
  pkgsrc/databases/php-pdo_mysql: Makefile
  pkgsrc/mail/php-imap: Makefile
  pkgsrc/www/ap-php: Makefile
  pkgsrc/www/php-eaccelerator: Makefile

  Log Message:
  Reset PKGREVISION by update of base PHP version.

-------------------------------------------------------------------------
  Module Name: pkgsrc
  Committed By: taca
  Date: Thu Dec 16 14:20:45 UTC 2010

  Modified Files:
  pkgsrc/lang/php5: Makefile.common distinfo

  Log Message:
  Update php5 pacakge to 5.2.16:

  PHP 5.2.16 Released!

  The PHP development team would like to announce the immediate availability of
  PHP 5.2.16. This release marks the end of support for PHP 5.2. All users of
  PHP 5.2 are encouraged to upgrade to PHP 5.3.

  This release focuses on addressing a regression in open_basedir implementation
  introduced in 5.2.15 in addition to fixing a crash inside PDO::pgsql on data
  retrieval when the server is down. All users who have upgraded to 5.2.15 and
  are utilizing open_basedir are strongly encouraged to upgrade to 5.2.16 or
  5.3.4.

  To prepare for upgrading to PHP 5.3, now that PHP 5.2's support ended, a
  migration guide available on http://php.net/migration53, details the changes
  between PHP 5.2 and PHP 5.3.

  For a full list of changes in PHP 5.2.16 see the ChangeLog at
  http://www.php.net/ChangeLog-5.php#5.2.16.

  ChangeLog:

  Version 5.2.16

  16-Dec-2010

  * Fixed bug #53517 (segfault in pgsql_stmt_execute() when postgres is
    down). (gyp at balabit dot hu)
  * Fixed bug #53516 (Regression in open_basedir handling). (Ilia)

(sbd)

Pullup tickets 3307 and 3308

(sbd)

Pullup ticket #3308 - requested by drochner
security updates for freetype2

Revisions pulled up:
- pkgsrc/graphics/freetype2/Makefile 1.75-1.77
- pkgsrc/graphics/freetype2/distinfo 1.37-1.39

Files added:
- pkgsrc/graphics/freetype2/patches/patch-ab 1.14, 1.15
- pkgsrc/graphics/freetype2/patches/patch-ac 1.6

-------------------------------------------------------------------------
  Module Name:    pkgsrc
  Committed By:  drochner
  Date:          Fri Oct 22 16:14:13 UTC 2010

  Modified Files:
          pkgsrc/graphics/freetype2: Makefile distinfo

  Log Message:
  update to 2.4.3
  changes:
  A rendering regression of S-shaped cubic arcs (introduced in
  version 2.4.0) has been fixed. Besides that, a bunch
  of fixes have been applied to improve handling of broken fonts.

  To generate a diff of this commit:
  cvs rdiff -u -r1.74 -r1.75 pkgsrc/graphics/freetype2/Makefile
  cvs rdiff -u -r1.36 -r1.37 pkgsrc/graphics/freetype2/distinfo

-------------------------------------------------------------------------
  Module Name:    pkgsrc
  Committed By:  drochner
  Date:          Wed Nov  3 11:56:37 UTC 2010

  Modified Files:
          pkgsrc/graphics/freetype2: Makefile distinfo
  Added Files:
          pkgsrc/graphics/freetype2/patches: patch-ab

  Log Message:
  add patch from upstream CVS to fix a possible buffer overflow
  when processing TrueType GX fonts (SA41738), bump PKGREVISION

  To generate a diff of this commit:
  cvs rdiff -u -r1.75 -r1.76 pkgsrc/graphics/freetype2/Makefile
  cvs rdiff -u -r1.37 -r1.38 pkgsrc/graphics/freetype2/distinfo
  cvs rdiff -u -r0 -r1.14 pkgsrc/graphics/freetype2/patches/patch-ab

-------------------------------------------------------------------------
  Module Name:    pkgsrc
  Committed By:  drochner
  Date:          Wed Nov 24 18:44:55 UTC 2010

  Modified Files:
          pkgsrc/graphics/freetype2: Makefile distinfo
          pkgsrc/graphics/freetype2/patches: patch-ab
  Added Files:
          pkgsrc/graphics/freetype2/patches: patch-ac

  Log Message:
  add patch from upstream CVS to fix handling the "SHZ" bytecode instruction
  which could be exploited to cause a crash and potentially execute
  arbitrary code via a specially crafted font (CVE-2010-3814)
  bump PKGREV
  being here, add CVE reference to an older patch

  To generate a diff of this commit:
  cvs rdiff -u -r1.76 -r1.77 pkgsrc/graphics/freetype2/Makefile
  cvs rdiff -u -r1.38 -r1.39 pkgsrc/graphics/freetype2/distinfo
  cvs rdiff -u -r1.14 -r1.15 pkgsrc/graphics/freetype2/patches/patch-ab
  cvs rdiff -u -r0 -r1.6 pkgsrc/graphics/freetype2/patches/patch-ac

(sbd)

Pullup ticket #3307 - requested by shannonjr
security/pcsc-lite vulnerability

Revisions pulled up:
- pkgsrc/security/pcsc-lite/Makefile 1.9
- pkgsrc/security/pcsc-lite/distinfo 1.9

Files added:
- pkgsrc/security/pcsc-lite/patches/patch-ac 1.5

-------------------------------------------------------------------------
  Module Name:    pkgsrc
  Committed By:  shannonjr
  Date:          Fri Dec 17 17:00:35 UTC 2010

  Modified Files:
          pkgsrc/security/pcsc-lite: Makefile distinfo
  Added Files:
          pkgsrc/security/pcsc-lite/patches: patch-ac

  Log Message:
  Backported security fix from Version 1.6.6 of pcsc-lite. The fix bounds the
  value of a pointer, prior to a memcpy(), to prevent a buffer overflow.

  To generate a diff of this commit:
  cvs rdiff -u -r1.8 -r1.9 pkgsrc/security/pcsc-lite/Makefile \
      pkgsrc/security/pcsc-lite/distinfo
  cvs rdiff -u -r0 -r1.5 pkgsrc/security/pcsc-lite/patches/patch-ac

(sbd)

Pullup ticket #3301.

(tron)

Pullup ticket #3301 - requested by tnn
devel/xulrunner: security update
www/firefox: security update

Revisions pulled up:
- devel/xulrunner/Makefile 1.43,1.45
- devel/xulrunner/PLIST 1.25-1.26
- devel/xulrunner/dist.mk 1.17
- devel/xulrunner/distinfo 1.39
- devel/xulrunner/mozilla-common.mk 1.17-1.18
- devel/xulrunner/patches/patch-pe delete
- www/firefox/Makefile 1.78,1.80
---
Module Name: pkgsrc
Committed By: joerg
Date: Wed Nov  3 01:22:36 UTC 2010

Modified Files:
pkgsrc/devel/xulrunner: mozilla-common.mk

Log Message:
Requires sqlite3 3.7.1 now. Reported by cegger.
---
Module Name: pkgsrc
Committed By: tnn
Date: Sat Nov 13 11:54:44 UTC 2010

Modified Files:
pkgsrc/devel/xulrunner: Makefile PLIST mozilla-common.mk
pkgsrc/mail/thunderbird: Makefile
pkgsrc/www/firefox: Makefile
pkgsrc/www/seamonkey: Makefile

Log Message:
Reluctantly switch over to bundled cairo and pixman for mozilla
packages, like other distros have recently done. Bump package revisions.

Background:
The cairo-1.10 update caused multiple regressions in firefox, such as
flickering gif animations and crashes.
Mozilla doesn't seem interested in fixing it on the stable branches:
  https://bugzilla.mozilla.org/show_bug.cgi?id=610107
Other references:
  https://bugzilla.redhat.com/show_bug.cgi?id=628331
  http://bugs.gentoo.org/show_bug.cgi?id=337813
  https://bugzilla.mozilla.org/show_bug.cgi?id=597174

This workaround is guaranteed to cause other problems in the long run;
so we should attempt to switch back when we move to the mozilla-2.0
branch.
---
odule Name: pkgsrc
Committed By: tnn
Date: Sat Dec 11 14:46:29 UTC 2010

Modified Files:
pkgsrc/devel/xulrunner: Makefile PLIST dist.mk distinfo
pkgsrc/www/firefox: Makefile
Removed Files:
pkgsrc/devel/xulrunner/patches: patch-pe

Log Message:
Update to firefox-3.6.13.

MFSA 2010-84 XSS hazard in multiple character encodings
MFSA 2010-83 Location bar SSL spoofing using network error page
MFSA 2010-82 Incomplete fix for CVE-2010-0179
MFSA 2010-81 Integer overflow vulnerability in NewIdArray
MFSA 2010-80 Use-after-free error with nsDOMAttribute MutationObserver
MFSA 2010-79 Java security bypass from LiveConnect loaded via data: URL
            meta refresh
MFSA 2010-78 Add support for OTS font sanitizer
MFSA 2010-77 Crash and remote code execution using HTML tags inside a XUL tree
MFSA 2010-76 Chrome privilege escalation with window.open and <isindex> element
MFSA 2010-75 Buffer overflow while line breaking after document.write with
            long string
MFSA 2010-74 Miscellaneous memory safety hazards (rv:1.9.2.13/ 1.9.1.16)

(tron)

Pullup tickets #3302, #3303 and #3305.

(tron)

Pullup ticket #3303 - requested by tnn
www/seamonkey: security update

Revisions pulled up:
- www/seamonkey/Makefile 1.42-1.43,1.45 via patch
- www/seamonkey/distinfo 1.57-1.58
---
Module Name:    pkgsrc
Committed By:  tnn
Date:          Sat Nov 13 10:54:49 UTC 2010

Modified Files:
        pkgsrc/www/seamonkey: Makefile distinfo

Log Message:
Update to seamonkey-2.0.10.
Fixes MFSA 2010-73 Heap buffer overflow mixing document.write and DOM insertion
---
Module Name:    pkgsrc
Committed By:  tnn
Date:          Sat Nov 13 11:54:44 UTC 2010

Modified Files:
        pkgsrc/devel/xulrunner: Makefile PLIST mozilla-common.mk
        pkgsrc/mail/thunderbird: Makefile
        pkgsrc/www/firefox: Makefile
        pkgsrc/www/seamonkey: Makefile

Log Message:
Reluctantly switch over to bundled cairo and pixman for mozilla packages,
like other distros have recently done. Bump package revisions.

Background:
The cairo-1.10 update caused multiple regressions in firefox, such as
flickering gif animations and crashes.
Mozilla doesn't seem interested in fixing it on the stable branches:
  https://bugzilla.mozilla.org/show_bug.cgi?id=610107
Other references:
  https://bugzilla.redhat.com/show_bug.cgi?id=628331
  http://bugs.gentoo.org/show_bug.cgi?id=337813
  https://bugzilla.mozilla.org/show_bug.cgi?id=597174
---
odule Name: pkgsrc
Committed By: tnn
Date: Sun Dec 12 00:07:23 UTC 2010

Modified Files:
pkgsrc/www/seamonkey: Makefile distinfo

Log Message:
Update to seamonkey-2.0.11.

MFSA 2010-84 XSS hazard in multiple character encodings
MFSA 2010-83 Location bar SSL spoofing using network error page
MFSA 2010-82 Incomplete fix for CVE-2010-0179
MFSA 2010-81 Integer overflow vulnerability in NewIdArray
MFSA 2010-80 Use-after-free error with nsDOMAttribute MutationObserver
MFSA 2010-79 Java security bypass from LiveConnect loaded via data: URL
meta refresh
MFSA 2010-78 Add support for OTS font sanitizer
MFSA 2010-77 Crash and remote code execution using HTML tags inside a
XUL tree MFSA 2010-76 Chrome privilege escalation with window.open and
<isindex> element MFSA 2010-75 Buffer overflow while line breaking
after document.write with long string
MFSA 2010-74 Miscellaneous memory safety hazards (rv:1.9.2.13/ 1.9.1.16)

Also:
Fixes for a number of non-security-relevant crashes, increasing the
stability of the whole platform and the Mail & Newsgroups part of
SeaMonkey

(tron)

Pullup ticket #3302 - requested by tnn
mail/thunderbird: security update

Revisions pulled up:
- mail/thunderbird/Makefile 1.61-1.62,1.64 via patch
- mail/thunderbird/distinfo 1.76-1.77
- mail/thunderbird/patches/patch-pe delete
---
Module Name: pkgsrc
Committed By: tnn
Date: Sat Nov 13 11:05:05 UTC 2010

Modified Files:
pkgsrc/mail/thunderbird: Makefile distinfo

Log Message:
Update to thunderbird-3.1.6.
Fixes MFSA 2010-73 Heap buffer overflow mixing document.write and DOM insertion
---
Module Name: pkgsrc
Committed By: tnn
Date: Sat Nov 13 11:54:44 UTC 2010

Modified Files:
pkgsrc/devel/xulrunner: Makefile PLIST mozilla-common.mk
pkgsrc/mail/thunderbird: Makefile
pkgsrc/www/firefox: Makefile
pkgsrc/www/seamonkey: Makefile

Log Message:
Reluctantly switch over to bundled cairo and pixman for mozilla packages,
like other distros have recently done. Bump package revisions.

Background:
The cairo-1.10 update caused multiple regressions in firefox, such as
flickering gif animations and crashes.
Mozilla doesn't seem interested in fixing it on the stable branches:
  https://bugzilla.mozilla.org/show_bug.cgi?id=610107
Other references:
  https://bugzilla.redhat.com/show_bug.cgi?id=628331
  http://bugs.gentoo.org/show_bug.cgi?id=337813
  https://bugzilla.mozilla.org/show_bug.cgi?id=597174

This workaround is guaranteed to cause other problems in the long run;
so we should attempt to switch back when we move to the mozilla-2.0 branch.
---
Module Name: pkgsrc
Committed By: tnn
Date: Sat Dec 11 14:34:41 UTC 2010

Modified Files:
pkgsrc/mail/thunderbird: Makefile distinfo
Removed Files:
pkgsrc/mail/thunderbird/patches: patch-pe

Log Message:
Update to thunderbird-3.1.7.

- Several fixes to improve performance, stability and security
- Several fixes to improve handling of large folder files stored
locally.
- Several fixes to improve corruption in local copy of IMAP mailboxes.

- MFSA 2010-78 Add support for OTS font sanitizer
- MFSA 2010-75 Buffer overflow while line breaking after document.write
      with long string
- MFSA 2010-74 Miscellaneous memory safety hazards (rv:1.9.2.13/
1.9.1.16)

(tron)

Pullup ticket #3305 - requested by spz
security/p5-IO-Socket-SSL: security updated

Revisions pulled up:
- security/p5-IO-Socket-SSL/Makefile 1.53-1.54
- security/p5-IO-Socket-SSL/distinfo 1.38-1.39
---
Module Name: pkgsrc
Committed By: wiz
Date: Thu Dec 2 12:25:05 UTC 2010

Modified Files:
pkgsrc/security/p5-IO-Socket-SSL: Makefile distinfo

Log Message:
Update to 1.34:

v1.34 2010.11.01
- schema http for certificate verification changed to
  wildcards_in_cn=1, because according to rfc2818 this is valid and
  also seen in the wild
- if upgrading socket from inet to ssl fails due to handshake problems
  the socket gets downgraded, but is still open.
  See https://rt.cpan.org/Ticket/Display.html?id=61466
- deprecate kill_socket, just use close()
---
Module Name: pkgsrc
Committed By: gls
Date: Tue Dec 7 20:15:01 UTC 2010

Modified Files:
pkgsrc/security/p5-IO-Socket-SSL: Makefile distinfo

Log Message:
Update security/p5-IO-Socket-SSL to 1.35

Security fix

v1.35 2010.12.06
- if verify_mode is not VERIFY_NONE and the ca_file/ca_path cannot be
verified as valid it will no longer fall back to VERIFY_NONE but throw
an error. Thanks to Salvatore Bonaccorso and Daniel Kahn Gillmor for
pointing out the problem, see also
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606058

(tron)

Pullup ticket #3300 and #3304.

(tron)

Pullup ticket #3304 - requested by markd
emulators/suse113_openssl: security patch

Revisions pulled up:
- emulators/suse113_openssl/Makefile 1.2
- emulators/suse113_openssl/distinfo 1.2
---
Module Name: pkgsrc
Committed By: markd
Date: Sun Dec 12 09:58:21 UTC 2010

Modified Files:
pkgsrc/emulators/suse113_openssl: Makefile distinfo

Log Message:
Update for CVE-2010-3864. Bump PKGREVISION.

(tron)

Pullup ticket #3300 - requested by morr
www/wordpress: security update

Revisions pulled up:
- www/wordpress/Makefile 1.13
- www/wordpress/distinfo 1.9
---
Module Name: pkgsrc
Committed By: morr
Date: Fri Dec 10 23:34:18 UTC 2010

Modified Files:
pkgsrc/www/wordpress: Makefile distinfo

Log Message:
Security update to 3.0.3. Changes:

Fixes issues in the XML-RPC remote publishing interface which under certain circumstances allowed Author- and Contributor-level users to improperly edit, publish or delete posts.

(tron)

pullup #3299

(spz)

Pullup ticket 3299 - requested by tez
security fixes

Revisions pulled up:
- pkgsrc/security/mit-krb5/Makefile 1.50
- pkgsrc/security/mit-krb5/distinfo 1.26

Files added:
pkgsrc/security/mit-krb5/patches/patch-ca
pkgsrc/security/mit-krb5/patches/patch-cb
pkgsrc/security/mit-krb5/patches/patch-cc
pkgsrc/security/mit-krb5/patches/patch-cd

-------------------------------------------------------------------------
  Module Name:    pkgsrc
  Committed By:  tez
  Date:          Fri Dec  3 20:11:31 UTC 2010

  Modified Files:
          pkgsrc/security/mit-krb5: Makefile distinfo
  Added Files:
          pkgsrc/security/mit-krb5/patches: patch-ca patch-cb patch-cc patch-cd

  Log Message:
  add fix for CVE-2010-1323 from
  http://web.mit.edu/kerberos/advisories/2010-007-patch-r15.txt

  To generate a diff of this commit:
  cvs rdiff -u -r1.49 -r1.50 pkgsrc/security/mit-krb5/Makefile
  cvs rdiff -u -r1.25 -r1.26 pkgsrc/security/mit-krb5/distinfo
  cvs rdiff -u -r0 -r1.1 pkgsrc/security/mit-krb5/patches/patch-ca \
      pkgsrc/security/mit-krb5/patches/patch-cb \
      pkgsrc/security/mit-krb5/patches/patch-cc \
      pkgsrc/security/mit-krb5/patches/patch-cd

(spz)

Pullup ticket #3298.

(tron)

Pullup ticket #3298 - requested by bouyer
sysutils/xenkernel3: security patch
sysutils/xenkernel33: security patch

Revisions pulled up:
- sysutils/xenkernel3/Makefile 1.19
- sysutils/xenkernel3/distinfo 1.12
- sysutils/xenkernel3/patches/patch-dc 1.1
- sysutils/xenkernel33/Makefile 1.12
- sysutils/xenkernel33/distinfo 1.10
- sysutils/xenkernel33/patches/patch-ab 1.1
---
Module Name: pkgsrc
Committed By: bouyer
Date: Tue Dec  7 18:43:49 UTC 2010

Modified Files:
pkgsrc/sysutils/xenkernel3: Makefile distinfo
Added Files:
pkgsrc/sysutils/xenkernel3/patches: patch-dc

Log Message:
Add a fix for CVE-2010-4255, from the xen-devel list and adapted for Xen 3.1
---
Module Name: pkgsrc
Committed By: bouyer
Date: Tue Dec  7 18:44:26 UTC 2010

Modified Files:
pkgsrc/sysutils/xenkernel33: Makefile distinfo
Added Files:
pkgsrc/sysutils/xenkernel33/patches: patch-ab

Log Message:
Add a fix for CVE-2010-4255, from the xen-devel list.
Bump PKGREVISION.

(tron)

Pullup tickets #3296 and #3297.

(tron)

Pullup ticket #3297 - requested by obache
multimedia/gstreamer0.10: build fix

Revisions pulled up:
- multimedia/gstreamer0.10/buildlink3.mk 1.12
---
Module Name: pkgsrc
Committed By: obache
Date: Fri Dec  3 15:19:42 UTC 2010

Modified Files:
pkgsrc/multimedia/gstreamer0.10: buildlink3.mk

Log Message:
set GST_REGISTRY_FORK=no on DragonFly.
workaround of gst-inspect hung up as PR#44108.

(tron)

Pullup ticket #3296 - requested by morr
www/wordpress: security update

Revisions pulled up:
- www/wordpress/Makefile 1.12
- www/wordpress/PLIST 1.7
- www/wordpress/distinfo 1.8
---
Module Name: pkgsrc
Committed By: morr
Date: Sun Dec  5 16:46:29 UTC 2010

Modified Files:
pkgsrc/www/wordpress: Makefile PLIST distinfo

Log Message:
Security update. Changes:

* Fix moderate security issue where a malicious Author-level user could
  gain further access to the site.

* Remove pingback/trackback blogroll whitelisting feature as it can
  easily be abused.
* Fix canonical redirection for permalinks containing %category% with
  nested categories and paging.
* Fix occasional irrelevant error messages on plugin activation.
* Minor XSS fixes in request_filesystem_credentials() and when deleting
  a plugin.
* Clarify the license in the readme
* Multisite: Fix the delete_user meta capability
* Multisite: Force current_user_can_for_blog() to run map_meta_cap()
  even for super admins
* Multisite: Fix ms-files.php content type headers when requesting a
  URL with a query string
* Multisite: Fix the usage of the SUBDOMAIN_INSTALL constant for
  upgraded WordPress MU installs

While here, set license.

(tron)

Pullup tickets #3293, #3294 and #3295.

(tron)

Pullup ticket #3295 - requested by bouyer
mail/clamav: bug fix update

Revisions pulled up:
- mail/clamav/Makefile 1.106-1.108
- mail/clamav/distinfo 1.68-1.69
- mail/clamav/patches/patch-ab 1.14
- mail/clamav/patches/patch-ac deleted
- mail/clamav/patches/patch-ah deleted
---
Module Name:    pkgsrc
Committed By:  adam
Date:          Tue Oct 26 06:38:37 UTC 2010

Modified Files:
        pkgsrc/mail/clamav: Makefile distinfo

Log Message:
Changes 0.96.4:
* This is a bugfix release recommended for all users.
---
Module Name:    pkgsrc
Committed By:  bouyer
Date:          Thu Oct 28 20:15:38 UTC 2010

Modified Files:
        pkgsrc/mail/clamav: Makefile distinfo
Removed Files:
        pkgsrc/mail/clamav/patches: patch-ah

Log Message:
Revert previous, this patch is already in 0.96.4.
---
Module Name:    pkgsrc
Committed By:  adam
Date:          Wed Dec  1 07:44:10 UTC 2010

Modified Files:
        pkgsrc/mail/clamav: Makefile distinfo
        pkgsrc/mail/clamav/patches: patch-ab
Removed Files:
        pkgsrc/mail/clamav/patches: patch-ac

Log Message:
Changes 0.96.5:
* libclamav/pdf.c: fix crashes
* libclamav/pe_icons.c: off by one while
* libclamav: fix detection of embedded executables
* libclamav/matcher-ac.c: fix offset handling for sigs with {x-y} wildcards
* freshclam/manager.c: fix error path infinite loop
* clamd/clamd.c: fix RLIMIT_DATA setting on BSD
* freshclam: improve mirror management
* libclamav: fix possible use of uninitialized values
* libclamav: Set the unreliability flag on (un)packed files
* libclamav/c++: Update embedded copy of LLVM to version 2.8
* freshclam: make query format backward compatible
* freshclam: get detection stats directly from clamd
* libclamav/cache.c,c++/bytecode2llvm.cpp}: make cl_load thread safe
* freshclam: load database in subprocess
* clamd: add new commands DETSTATS and DETSTATSCLEAR
* libclamav/7z.c: fix file descriptor leak
* clamd, libclamavll: add ability to logg messages from libclamav
* libclamav/builtin_bytecodes.h: Don't disable JIT on pentium4

(tron)

Pullup ticket #3294 - requested by bouyer
net/ocsinventory-agent: compatibility update

Revisions pulled up:
- net/ocsinventory-agent/Makefile 1.3
- net/ocsinventory-agent/distinfo 1.2
- net/ocsinventory-agent/patches/patch-ab 1.2
- net/ocsinventory-agent/patches/patch-ac 1.2
- net/ocsinventory-agent/patches/patch-ap 1.1
---
Module Name: pkgsrc
Committed By: bouyer
Date: Wed Dec  1 21:00:51 UTC 2010

Modified Files:
pkgsrc/net/ocsinventory-agent: Makefile distinfo
pkgsrc/net/ocsinventory-agent/patches: patch-ab patch-ac
Added Files:
pkgsrc/net/ocsinventory-agent/patches: patch-ap

Log Message:
Update to 1.1.2.1. Main motivation is to avoid warnings with perl 5.12.
Other changes are mainly improvements in backend to support more OS,
more OS variants or versions.

(tron)

Pullup ticket #3293 - requested by bouyer
mail/imp: dependence fix

Revisions pulled up:
- mail/imp/Makefile 1.56
---
Module Name: pkgsrc
Committed By: bouyer
Date: Sun Nov 14 21:17:47 UTC 2010

Modified Files:
pkgsrc/mail/imp: Makefile

Log Message:
php5-pear-Mail_mimeDecode is required to properly display certain
mail (especially ones with a smime.p7s signature).
Bump PKGREVISION

(tron)

Pullup ticket #3292

(sbd)

Pullup ticket #3292 - requested by taca
pkgsrc/security/openssl security update

Revisions pulled up:
pkgsrc/security/openssl/Makefile 1.153
pkgsrc/security/openssl/distinfo 1.79

-------------------------------------------------------------------------
  Module Name: pkgsrc
  Committed By: taca
  Date: Fri Dec  3 00:17:21 UTC 2010

  Modified Files:
  pkgsrc/security/openssl: Makefile distinfo

  Log Message:
  Update openssl package to 0.9.8q.

      OpenSSL version 0.9.8q released
      ===============================

      OpenSSL - The Open Source toolkit for SSL/TLS
      http://www.openssl.org/

      The OpenSSL project team is pleased to announce the release of
      version 0.9.8q of our open source toolkit for SSL/TLS. This new
      OpenSSL version is a security and bugfix release. For a complete
      list of changes, please see

          http://www.openssl.org/source/exp/CHANGES.

      The most significant changes are:

        o Fix for security issue CVE-2010-4180
        o Fix for CVE-2010-4252

  To generate a diff of this commit:
  cvs rdiff -u -r1.152 -r1.153 pkgsrc/security/openssl/Makefile
  cvs rdiff -u -r1.78 -r1.79 pkgsrc/security/openssl/distinfo

(sbd)

Pullup tickets 3290 and 3291

(sbd)

Pullup ticket #3290 - requested by taca
net/bind97 security update

Revisions pulled up:
pkgsrc/net/bind97/Makefile 1.5
pkgsrc/net/bind97/distinfo 1.5

-------------------------------------------------------------------------
  Module Name: pkgsrc
  Committed By: taca
  Date: Thu Dec  2 00:31:34 UTC 2010

  Modified Files:
  pkgsrc/net/bind97: Makefile distinfo

  Log Message:
  Update bind97 package to bind-9.7.2pl3 (9.7.2-P3).

  http://www.isc.org/announcement/guidance-regarding-dec-1st-2010-security-advisories

  CVE: CVE-2010-3613
  CERT: VU#706148
  BIND: cache incorrectly allows a ncache entry and a rrsig for the same type

  CVE: CVE-2010-3614
  CERT: VU#837744
  BIND: Key algorithm rollover bug in bind9

  CVE: CVE-2010-3615
  CERT: VU#510208
  BIND: allow-query processed incorrectly

  To generate a diff of this commit:
  cvs rdiff -u -r1.4 -r1.5 pkgsrc/net/bind97/Makefile \
      pkgsrc/net/bind97/distinfo

(sbd)

Pullup ticket #3291 - requested by taca
net/bind96 security update

Revisions pulled up:
- pkgsrc/net/bind96/Makefile 1.17
- pkgsrc/net/bind96/distinfo 1.10

-------------------------------------------------------------------------
  Module Name: pkgsrc
  Committed By: taca
  Date: Thu Dec  2 00:32:34 UTC 2010

  Modified Files:
  pkgsrc/net/bind96: Makefile distinfo

  Log Message:
  Update bind96 package to bind-9.6.2pl3 (9.6.2-P3).

  http://www.isc.org/announcement/guidance-regarding-dec-1st-2010-security-advisories

  CVE: CVE-2010-3613
  CERT: VU#706148
  BIND: cache incorrectly allows a ncache entry and a rrsig for the same type

  CVE: CVE-2010-3614
  CERT: VU#837744
  BIND: Key algorithm rollover bug in bind9

  To generate a diff of this commit:
  cvs rdiff -u -r1.16 -r1.17 pkgsrc/net/bind96/Makefile
  cvs rdiff -u -r1.9 -r1.10 pkgsrc/net/bind96/distinfo

(sbd)

Pullup ticket #3288

(sbd)

Pullup ticket #3288 - requested by tron
Security update for "phpmyadmin" package

Revisions pulled up:
- pkgsrc/databases/phpmyadmin/Makefile 1.85
- pkgsrc/databases/phpmyadmin/distinfo 1.46

-------------------------------------------------------------------------
  Module Name: pkgsrc
  Committed By: tron
  Date: Mon Nov 29 19:13:30 UTC 2010

  Modified Files:
  pkgsrc/databases/phpmyadmin: Makefile distinfo

  Log Message:
  Update "phpmyadmin" package to versino 2.11.11.1. Changes since 2.11.11:
  Fix XSS vulnerability reported in PMASA-2010-8 (CVE-2010-4329?).

  To generate a diff of this commit:
  cvs rdiff -u -r1.84 -r1.85 pkgsrc/databases/phpmyadmin/Makefile
  cvs rdiff -u -r1.45 -r1.46 pkgsrc/databases/phpmyadmin/distinfo

(sbd)

Pullup tickets #3284, #3285 and #3287.

(tron)

Pullup ticket #3287 - requested by is
lang/ocaml: portability fix

Revisions pulled up:
- lang/ocaml/Makefile.common 1.27
- lang/ocaml/PLIST 1.23
- lang/ocaml/PLIST.opt 1.17
- lang/ocaml/distinfo 1.52
- lang/ocaml/patches/patch-aw 1.8
---
Module Name: pkgsrc
Committed By: is
Date: Sun Nov 28 08:41:33 UTC 2010

Modified Files:
pkgsrc/lang/ocaml: Makefile.common PLIST PLIST.opt distinfo
pkgsrc/lang/ocaml/patches: patch-aw

Log Message:
Make this package work again on architectures where we don't compile
natively (that is, only to byte-code).

This consists of two parts:

a) a patch to ocamldoc/Makefile to make it create the man pages using
the interpreted ocamldoc - this exists for both types of architectures,
so is safe. (This will be sent up-stream).

b) move a common shared library file to the common PLIST, and a lot of
files (natively compiled versions of the ML modules and natively compiled
versions of a few binaries) to PLIST.opt.

This has been build-tested on i386 (cross-compiled from amd64) and on
arm. unison builds and works.

"make test" shows the same amount of passed and failed tests (mostly
non-found libraries) as before; but this needs more investigation.

An additional issue to solve (with upstream) is that there's no easy way
to run the part of the test suite that would work on byte-code-only
architectures.

(tron)

Pullup ticket #3285 - requested by taca
lang/ruby18-base: build fix
lang/ruby19-base: build fix

Revisions pulled up:
- lang/ruby/rubyversion.mk 1.53
- lang/ruby18-base/PLIST 1.18
- lang/ruby19-base/PLIST 1.3
---
Module Name: pkgsrc
Committed By: taca
Date: Wed Nov 17 14:27:10 UTC 2010

Modified Files:
pkgsrc/lang/ruby: rubyversion.mk
pkgsrc/lang/ruby18-base: PLIST
pkgsrc/lang/ruby19-base: PLIST

Log Message:
Some improvements for rubyversion.mk:

- Set RUBY_API_VERSION after RUBY_VERSION has decided.
- Change old RUBY_DOCDIR and RUBY_EXAMPLESDIR to RUBY_DOC and RUBY_EG in
  comment.
- Fix shared libraries PLIST to support Mac OS X with introducing RUBY_SLEXT:
Shared library => .dylib
Extension library => .bundle
- Improve PRINT_PLIST_AWK to handle new shared libraries.

No functional change shoud be done and fix PR pkg/44050.

(tron)

Pullup ticket #3284 - requested by taca
net/net-snmp: build fix

Revisions pulled up:
- net/net-snmp/distinfo 1.57
- net/net-snmp/patches/patch-et 1.5
- net/net-snmp/patches/patch-eu 1.2
- net/net-snmp/patches/patch-ev 1.2
- net/net-snmp/patches/patch-ew 1.2
- net/net-snmp/patches/patch-ex 1.2
- net/net-snmp/patches/patch-ey 1.3
- net/net-snmp/patches/patch-ez 1.2
- net/net-snmp/patches/patch-fa 1.2
---
Module Name: pkgsrc
Committed By: taca
Date: Wed Nov 17 00:59:07 UTC 2010

Modified Files:
pkgsrc/net/net-snmp: distinfo
pkgsrc/net/net-snmp/patches: patch-et patch-eu patch-ev patch-ew
    patch-ex patch-ey patch-ez patch-fa

Log Message:
Fix build problem on NetBSD 4.

Previous patch for NetBSD wasn't really for netbsd4 but 4.99.58 and later.
So, I changed "#ifdef netbsd4" to "#ifdef NETBSD_STATS_VIA_SYSCTL" and
clean up patches.  Should be fix PR pkg/43288.

It is fix of build problem only, so no PKG_REVISION bump.

(tron)

Pullup ticket #3286

(sbd)

Pullup ticket 3286 - requested by tron
Security update for "libxml2" package

Revisions pulled up:
- pkgsrc/textproc/libxml2/Makefile 1.105, 1.106
- pkgsrc/textproc/libxml2/distinfo 1.79, 1.80, 1.81
- pkgsrc/textproc/libxml2/patches/patch-ab 1.19, 1.20, 1.21
- pkgsrc/textproc/libxml2/patches/patch-ae 1.11

-------------------------------------------------------------------------
  Module Name: pkgsrc
  Committed By: drochner
  Date: Thu Nov 25 13:18:39 UTC 2010

  Modified Files:
  pkgsrc/textproc/libxml2: Makefile distinfo
  pkgsrc/textproc/libxml2/patches: patch-ab patch-ae

  Log Message:
  update to 2.7.8
  changes:
  -add code to plug in ICU converters by default
  -Add xmlSaveOption XML_SAVE_WSNONSIG
  -documentation fixes
  -portability fixes
  -bugfixes, in particular for an XPath problem which can be exploited
    to crash the program by a malformed XPath expression (CVE-2010-4008)
  -misc improvements, cleanup

  To generate a diff of this commit:
  cvs rdiff -u -r1.104 -r1.105 pkgsrc/textproc/libxml2/Makefile
  cvs rdiff -u -r1.78 -r1.79 pkgsrc/textproc/libxml2/distinfo
  cvs rdiff -u -r1.18 -r1.19 pkgsrc/textproc/libxml2/patches/patch-ab
  cvs rdiff -u -r1.10 -r1.11 pkgsrc/textproc/libxml2/patches/patch-ae

-------------------------------------------------------------------------
  Module Name: pkgsrc
  Committed By: hauke
  Date: Fri Nov 26 12:56:21 UTC 2010

  Modified Files:
  pkgsrc/textproc/libxml2: distinfo
  pkgsrc/textproc/libxml2/patches: patch-ab

  Log Message:
  The Darwin 8 /bin/{,k}sh take offense at empty if .. fi blocks,
  so comment out the entire statement.

  To generate a diff of this commit:
  cvs rdiff -u -r1.79 -r1.80 pkgsrc/textproc/libxml2/distinfo
  cvs rdiff -u -r1.19 -r1.20 pkgsrc/textproc/libxml2/patches/patch-ab

-------------------------------------------------------------------------
  Module Name: pkgsrc
  Committed By: drochner
  Date: Fri Nov 26 13:43:25 UTC 2010

  Modified Files:
  pkgsrc/textproc/libxml2: Makefile distinfo
  pkgsrc/textproc/libxml2/patches: patch-ab

  Log Message:
  fix an obviously reversed conditional in "configure" which disabled
  symbol versioning, hopefully fixes PR pkg/44154 by Geert Hendrickx
  bump PKGREVISION

  To generate a diff of this commit:
  cvs rdiff -u -r1.105 -r1.106 pkgsrc/textproc/libxml2/Makefile
  cvs rdiff -u -r1.80 -r1.81 pkgsrc/textproc/libxml2/distinfo
  cvs rdiff -u -r1.20 -r1.21 pkgsrc/textproc/libxml2/patches/patch-ab

(sbd)

pullups #3277, #3278, #3279, #3280, #3281, #3283

(spz)

Pullup ticket 3283 - requested by tron
security fixes

Revisions pulled up:
- pkgsrc/multimedia/gmplayer/Makefile 1.86
- pkgsrc/multimedia/gmplayer/distinfo 1.70
- pkgsrc/multimedia/mencoder/Makefile 1.50
- pkgsrc/multimedia/mplayer/Makefile 1.73
- pkgsrc/multimedia/mplayer-share/distinfo 1.68

Files added:
pkgsrc/multimedia/mplayer-share/patches/patch-ab

-------------------------------------------------------------------------
  Module Name:    pkgsrc
  Committed By:  tron
  Date:          Tue Nov 23 12:31:30 UTC 2010

  Modified Files:
          pkgsrc/multimedia/gmplayer: Makefile distinfo
          pkgsrc/multimedia/mencoder: Makefile
          pkgsrc/multimedia/mplayer: Makefile
          pkgsrc/multimedia/mplayer-share: distinfo
  Added Files:
          pkgsrc/multimedia/mplayer-share/patches: patch-ab

  Log Message:
  Add fix for the vulnerability reported in CVE-2010-3429 taken from
  MPlayer's GIT repository.

  To generate a diff of this commit:
  cvs rdiff -u -r1.85 -r1.86 pkgsrc/multimedia/gmplayer/Makefile
  cvs rdiff -u -r1.69 -r1.70 pkgsrc/multimedia/gmplayer/distinfo
  cvs rdiff -u -r1.49 -r1.50 pkgsrc/multimedia/mencoder/Makefile
  cvs rdiff -u -r1.72 -r1.73 pkgsrc/multimedia/mplayer/Makefile
  cvs rdiff -u -r1.67 -r1.68 pkgsrc/multimedia/mplayer-share/distinfo
  cvs rdiff -u -r0 -r1.10 pkgsrc/multimedia/mplayer-share/patches/patch-ab

(spz)

Pullup ticket 3280 - requested by tron
security fixes

Revisions pulled up:
- pkgsrc/print/ghostscript/Makefile 1.82
- pkgsrc/print/ghostscript/distinfo 1.36

Files added:
pkgsrc/print/ghostscript/patches/patch-ae
pkgsrc/print/ghostscript/patches/patch-bd

-------------------------------------------------------------------------
  Module Name:    pkgsrc
  Committed By:  bouyer
  Date:          Sat Nov 13 17:03:00 UTC 2010

  Modified Files:
          pkgsrc/print/ghostscript: Makefile distinfo
  Added Files:
          pkgsrc/print/ghostscript/patches: patch-bd

  Log Message:
  Apply patch from official repository:
    - Fixed memory reallocation on bitmap size change. Reallocation is not only
      needed when dimendions and margins change, but also when the color depth
      changes. Fixes bugs #691029 and #691108.
  - Fixed arrayoption() macro in cups_put_params() function. Array values did
    not get actually set in cups.header data structure. Bug only showed via
    a compiler warning.
  - Silenced compiler warning by presetting c0..c3 in cups_map_cmyk() to zero.

  makes my epson USB printer work again with 2010Q3 cups+ghostscript
  PKGREVISION++

  To generate a diff of this commit:
  cvs rdiff -u -r1.80 -r1.81 pkgsrc/print/ghostscript/Makefile
  cvs rdiff -u -r1.34 -r1.35 pkgsrc/print/ghostscript/distinfo
  cvs rdiff -u -r0 -r1.3 pkgsrc/print/ghostscript/patches/patch-bd

-------------------------------------------------------------------------
  Module Name:    pkgsrc
  Committed By:  tron
  Date:          Tue Nov 23 11:10:16 UTC 2010

  Modified Files:
          pkgsrc/print/ghostscript: Makefile distinfo
  Added Files:
          pkgsrc/print/ghostscript/patches: patch-ae

  Log Message:
  Add Dr. Werner Fink's patch for the vulnerability reported in CVE-2010-2055.

  To generate a diff of this commit:
  cvs rdiff -u -r1.81 -r1.82 pkgsrc/print/ghostscript/Makefile
  cvs rdiff -u -r1.35 -r1.36 pkgsrc/print/ghostscript/distinfo
  cvs rdiff -u -r0 -r1.6 pkgsrc/print/ghostscript/patches/patch-ae

(spz)

Pullup ticket 3279 - requested by tron
security fixes

Revisions pulled up:
- pkgsrc/lang/python26/Makefile 1.31
- pkgsrc/lang/python26/distinfo 1.29

Files added:
pkgsrc/lang/python26/patches/patch-ba
pkgsrc/lang/python26/patches/patch-bb
pkgsrc/lang/python26/patches/patch-bc

-------------------------------------------------------------------------
  Module Name:    pkgsrc
  Committed By:  tez
  Date:          Wed Nov 17 18:44:07 UTC 2010

  Modified Files:
          pkgsrc/lang/python26: Makefile distinfo

  Log Message:
  Add fix for SA41968 (CVE-2010-3493) from the 2.7 branch repo
  http://svn.python.org/view/python/branches/release27-maint/Lib/smtpd.py?r1=86084&r2=82503&view=patch

  To generate a diff of this commit:
  cvs rdiff -u -r1.29 -r1.30 pkgsrc/lang/python26/Makefile
  cvs rdiff -u -r1.27 -r1.28 pkgsrc/lang/python26/distinfo

-------------------------------------------------------------------------
  Module Name:    pkgsrc
  Committed By:  tron
  Date:          Tue Nov 23 08:24:05 UTC 2010

  Modified Files:
          pkgsrc/lang/python26: Makefile distinfo
  Added Files:
          pkgsrc/lang/python26/patches: patch-ba patch-bb patch-bc

  Log Message:
  Add fix for CVE-2010-3492 and update the fix for CVE-2010-3493. Both
  fixes taken from the Python 2.7 branch in the Python SVN repository.

  To generate a diff of this commit:
  cvs rdiff -u -r1.30 -r1.31 pkgsrc/lang/python26/Makefile
  cvs rdiff -u -r1.28 -r1.29 pkgsrc/lang/python26/distinfo
  cvs rdiff -u -r0 -r1.1 pkgsrc/lang/python26/patches/patch-ba \
      pkgsrc/lang/python26/patches/patch-bb \
      pkgsrc/lang/python26/patches/patch-bc

(spz)

Pullup ticket 3281 - requested by tron
security fix

Revisions pulled up:
- pkgsrc/devel/libsmi/Makefile 1.17
- pkgsrc/devel/libsmi/distinfo 1.6

Files added:
pkgsrc/devel/libsmi/patches/patch-ae

-------------------------------------------------------------------------
  Module Name:    pkgsrc
  Committed By:  tron
  Date:          Tue Nov 23 11:30:50 UTC 2010

  Modified Files:
          pkgsrc/devel/libsmi: Makefile distinfo
  Added Files:
          pkgsrc/devel/libsmi/patches: patch-ae

  Log Message:
  Add fix for CVE-2010-2891 taken from Debian's GIT repository.

  To generate a diff of this commit:
  cvs rdiff -u -r1.16 -r1.17 pkgsrc/devel/libsmi/Makefile
  cvs rdiff -u -r1.5 -r1.6 pkgsrc/devel/libsmi/distinfo
  cvs rdiff -u -r0 -r1.1 pkgsrc/devel/libsmi/patches/patch-ae

(spz)

Pullup ticket 3278 - requested by tron
security fixes

Revisions pulled up:
- pkgsrc/net/wget/Makefile 1.102
- pkgsrc/net/wget/distinfo 1.36

Files added:
pkgsrc/net/wget/patches/patch-aa
pkgsrc/net/wget/patches/patch-ab
pkgsrc/net/wget/patches/patch-ac
pkgsrc/net/wget/patches/patch-ad
pkgsrc/net/wget/patches/patch-ae
pkgsrc/net/wget/patches/patch-af

-------------------------------------------------------------------------
  Module Name:    pkgsrc
  Committed By:  tron
  Date:          Tue Nov 23 08:22:47 UTC 2010

  Modified Files:
          pkgsrc/net/wget: Makefile distinfo
  Added Files:
          pkgsrc/net/wget/patches: patch-aa patch-ab patch-ac patch-ad patch-ae
              patch-af

  Log Message:
  Add Debian's "wget" 1.12 backport of the fix for CVE-2010-2252.

  To generate a diff of this commit:
  cvs rdiff -u -r1.101 -r1.102 pkgsrc/net/wget/Makefile
  cvs rdiff -u -r1.35 -r1.36 pkgsrc/net/wget/distinfo
  cvs rdiff -u -r0 -r1.11 pkgsrc/net/wget/patches/patch-aa \
      pkgsrc/net/wget/patches/patch-ac
  cvs rdiff -u -r0 -r1.9 pkgsrc/net/wget/patches/patch-ab
  cvs rdiff -u -r0 -r1.10 pkgsrc/net/wget/patches/patch-ad
  cvs rdiff -u -r0 -r1.8 pkgsrc/net/wget/patches/patch-ae
  cvs rdiff -u -r0 -r1.6 pkgsrc/net/wget/patches/patch-af

(spz)

Pullup ticket 3277 - requested by tron
security update

Revisions pulled up:
- pkgsrc/net/wireshark/Makefile 1.55
- pkgsrc/net/wireshark/distinfo 1.37

-------------------------------------------------------------------------
  Module Name:    pkgsrc
  Committed By:  tron
  Date:          Sun Nov 21 22:54:55 UTC 2010

  Modified Files:
          pkgsrc/net/wireshark: Makefile distinfo

  Log Message:
  Update "wireshark" package to version 1.4.2. Changes since version 1.4.1:
  - The following vulnerabilities have been fixed. See the security
    advisory for details and a workaround.
    - Nephi Johnson of BreakingPoint discovered that the LDSS
      dissector could overflow a buffer. (Bug 5318)
      Versions affected: 1.2.0 to 1.2.12 and 1.4.0 to 1.4.1.
    - The ZigBee ZCL dissector could go into an infinite loop. (Bug 5303)
      Versions affected: 1.4.0 to 1.4.1.
  - The following bugs have been fixed:
    - File-Open Display Filter is overwritten by Save-As Filename. (Bug 3894)
    - Wireshark crashes with "Gtk-ERROR **: Byte index 6 is off the
      end of the line" if click on last PDU. (Bug 5285)
    - GTK-ERROR can occur in packets when there are multiple
      Netbios/SMB headers in a single frame. (Bug 5289)
    - "Tshark -G values" crashes on Windows. (Bug 5296)
    - PROFINET I&M0FilterData packet not fully decoded. (Bug 5299)
    - PROFINET MRP linkup/linkdown decoding incorrect. (Bug 5300)
    - [lua] Dumper:close() will cause a segfault due later GC of the
      Dumper. (Bug 5320)
    - Network Instruments' trace files sometimes cannot be read with
      an error message of "Observer: bad record: Invalid magic
      number". (Bug 5330)
    - IO Graph Time of Day times incorrect for filtered data. (Bug
      5340)
    - Wireshark tools do not detect and read some ERF files
      correctly. (Bug 5344)
    - "editcap -h" sends some lines to stderr and others to stdout.
      (Bug 5353)
    - IP Timestamp Option: "flag=3D3" variant (prespecified) not
      displayed correctly. (Bug 5357)
    - AgentX PDU Header 'hex field highlighting' incorrectly spans
      extra bytes. (Bug 5364)
    - AgentX dissector cannot handle null OID in Open-PDU. (Bug
      5368)
    - Crash with "Gtk-ERROR **: Byte index 6 is off the end of the
      line". (Bug 5374)
    - ANCP Portmanagment TLV wrong decoded. (Bug 5388)
    - Crash during startup because of Python SyntaxError in
      wspy_libws.py. (Bug 5389)
  - Updated Protocol Support
    AgentX, ANCP, DIAMETER, HTTP, IP, LDSS, MIME, NBNS, PROFINET, SIP,
    TCP, Telnet, ZigBee
  - New and Updated Capture File Support
    Endace ERF, Network Instruments Observer.

  To generate a diff of this commit:
  cvs rdiff -u -r1.54 -r1.55 pkgsrc/net/wireshark/Makefile
  cvs rdiff -u -r1.36 -r1.37 pkgsrc/net/wireshark/distinfo

(spz)

Pullup ticket #3282.

(tron)

Pullup ticket #3282 - requested by obache
www/ap2-fcgid: security update

Revisions pulled up:
- www/ap2-fcgid/Makefile 1.7
- www/ap2-fcgid/distinfo 1.4
---
Module Name: pkgsrc
Committed By: obache
Date: Tue Nov 23 11:55:16 UTC 2010

Modified Files:
pkgsrc/www/ap2-fcgid: Makefile distinfo

Log Message:
Update ap2-fcgid to 2.3.6.

Changes with mod_fcgid 2.3.6

  *) SECURITY: CVE-2010-3872 (cve.mitre.org)
      Fix possible stack buffer overwrite.  Diagnosed by the reporter.
      P R 49406.  [Edgar Frank <ef-lists email.de>]

  *) Change the default for FcgidMaxRequestLen from 1GB to 128K.
      Administrators should change this to an appropriate value based on
      site requirements.  [Jeff Trawick]

  *) Allow FastCGI apps more time to exit at shutdown before being
      forcefully killed.  [Jeff Trawick]

  *) Correct a problem that resulted in FcgidMaxProcesses being ignored
      in some situations.  P R 48981.  [<rkosolapov gmail.com>]

  *) Fix the search for processes with the proper vhost config when
      ServerName isn't set in every vhost or a module updates
      r->server->server_hostname dynamically (e.g., mod_vhost_cdb)
      or a module updates r->server dynamically (e.g., mod_vhost_ldap).
      [Jeff Trawick]

  *) FcgidPassHeader now maps header names to environment variable names
      in the usual manner: The header name is converted to upper case and
      is prefixed with HTTP_.  An additional environment variable is
      created with the legacy name.  P R 48964.  [Jeff Trawick]

  *) Allow processes to be reused within multiple phases of a request
      by releasing them into the free list as soon as possible.
      [Chris Darroch]

  *) Fix lookup of process command lines when using FcgidWrapper or
      access control directives, including within .htaccess files.
      [Chris Darroch]

  *) Resolve a regression in 2.3.5 with httpd 2.0.x on some Unix platforms;
      ownership of mutex files was incorrect, resulting in a startup failure.
      P R 48651.  [Jeff Trawick, <pservit gmail.com>]

  *) Return 500 instead of segfaulting when the application returns no output.
      [Tatsuki Sugiura <sugi nemui.org>, Jeff Trawick]

  *) In FCGI_AUTHORIZER role, avoid spawning a new process for every
      different HTTP request.  [Chris Darroch]

(tron)

Pullup ticket #3276.

(tron)

Pullup ticket #3276 - requested by taca
security/openssl: security update

Revisions pulled up:
- security/openssl/Makefile 1.152
- security/openssl/distinfo 1.78
- security/openssl/patches/patch-bd delete
---
Module Name: pkgsrc
Committed By: taca
Date: Wed Nov 17 00:52:26 UTC 2010

Modified Files:
pkgsrc/security/openssl: Makefile distinfo
Removed Files:
pkgsrc/security/openssl/patches: patch-bd

Log Message:
Update security/openssl package to 0.9.8p.

  OpenSSL version 0.9.8p released
  ===============================

  OpenSSL - The Open Source toolkit for SSL/TLS
  http://www.openssl.org/

  The OpenSSL project team is pleased to announce the release of
  version 0.9.8p of our open source toolkit for SSL/TLS. This new
  OpenSSL version is a security and bugfix release which addresses
  CVE-2010-3864. For a complete list of changes,
  please see http://www.openssl.org/source/exp/CHANGES.

(tron)

Pullup ticket #3275.

(tron)

Pullup ticket #3275 - requested by dholland
filesystems/fuse: portability fix

Revisions pulled up:
- mk/fuse.buildlink3.mk 1.11
---
Module Name: pkgsrc
Committed By: dholland
Date: Mon Nov 15 04:51:33 UTC 2010

Modified Files:
pkgsrc/mk: fuse.buildlink3.mk

Log Message:
Use an include guard symbol name that doesn't conflict with
filesystems/fuse/buildlink3.mk.

(tron)

Pullup ticket #3272.

(tron)

Pullup ticket #3272 - requested by bouyer
net/p5-Net-SNMP: bug fix patch

Revisions pulled up:
- net/p5-Net-SNMP/Makefile 1.26
- net/p5-Net-SNMP/distinfo 1.9
- net/p5-Net-SNMP/patches/patch-aa 1.1
---
Module Name: pkgsrc
Committed By: bouyer
Date: Sat Nov 13 17:06:05 UTC 2010

Modified Files:
pkgsrc/net/p5-Net-SNMP: Makefile distinfo
Added Files:
pkgsrc/net/p5-Net-SNMP/patches: patch-aa

Log Message:
Bring in change from 6.0.1:
Removed all occurrences of the "locked" attribute that was
deprecated in Perl 5.12.0.

I didn't upgrade the package to 6.0.1 because it causes incompatibilities
with net/mrtg
PKGREVISON++

(tron)

Pullup ticket #3271.

(tron)

Pullup ticket #3271 - requested by sbd
print/cups: security patch

Revisions pulled up:
- print/cups/Makefile 1.170
- print/cups/distinfo 1.76
- print/cups/patches/patch-aq 1.4
- print/cups/patches/patch-ar 1.4
---
Module Name: pkgsrc
Committed By: sbd
Date: Fri Nov 12 08:24:32 UTC 2010

Modified Files:
pkgsrc/print/cups: Makefile distinfo
Added Files:
pkgsrc/print/cups/patches: patch-aq patch-ar

Log Message:
Add str3648.patch by Mike Sweet to address CVE-2010-2941.
Obtained from https://bugzilla.redhat.com/show_bug.cgi?id=624438
as Cups STR#3648 (http://www.cups.org/str.php?L3648) is not public yet!

(tron)

Pullup ticket #3270.

(tron)

Pullup ticket #3270 - requested by obache
lang/ruby: fix build of GEM packages under Solaris

Revisions p
- lang/ruby/gem.mk 1.2
---
Module Name: pkgsrc
Committed By: obache
Date: Wed Nov 10 10:57:41 UTC 2010

Modified Files:
pkgsrc/lang/ruby: gem.mk

Log Message:
Exactly set TZ=UTC, or not worked as expected on Solaris (time-zone difference = 0).
Fixes PR#44037.

(tron)

pullups 3267, 3268, 3269

(spz)

Pullup ticket 3267 - requested by wiz
security fix

Revisions pulled up:
- pkgsrc/finance/gnucash/Makefile 1.145
- pkgsrc/finance/gnucash/PLIST 1.38

-------------------------------------------------------------------------
  Module Name:    pkgsrc
  Committed By:  wiz
  Date:          Sun Nov  7 23:27:53 UTC 2010

  Modified Files:
          pkgsrc/finance/gnucash: Makefile PLIST

  Log Message:
  Do not install gnc-test-env. This file got CVE-2010-3999 attached to it
  and it's not needed except for testing. Bump PKGREVISION.

  While here, include desktopdb.mk.

  To generate a diff of this commit:
  cvs rdiff -u -r1.144 -r1.145 pkgsrc/finance/gnucash/Makefile
  cvs rdiff -u -r1.37 -r1.38 pkgsrc/finance/gnucash/PLIST

(spz)

Pullup ticket 3269 - requested by obache
security update

Revisions pulled up:
- pkgsrc/net/proftpd/Makefile 1.59
- pkgsrc/net/proftpd/PLIST 1.22
- pkgsrc/net/proftpd/distinfo 1.34
- pkgsrc/net/proftpd/options.mk 1.9
- pkgsrc/net/proftpd/patches/patch-aa 1.13
- pkgsrc/net/proftpd/patches/patch-ac 1.13
- pkgsrc/net/proftpd/patches/patch-ab 1.12

Files deleted:
pkgsrc/net/proftpd/patches/patch-ae

-------------------------------------------------------------------------
  Module Name:    pkgsrc
  Committed By:  obache
  Date:          Sun Nov  7 12:21:10 UTC 2010

  Modified Files:
          pkgsrc/net/proftpd: Makefile PLIST distinfo options.mk
          pkgsrc/net/proftpd/patches: patch-aa patch-ab patch-ac
  Removed Files:
          pkgsrc/net/proftpd/patches: patch-ae

  Log Message:
  Update proftpd to 1.3.3c.

  pksrc changes:
  * Instead of patch&subst to change layout of statedir, pass it to configure
      instead (and subst for manpages are fixed).
  * Convert custom mod_wrap library modification to SUBST.
  * Need to buildlink with security/tcp_wappers for mod_wrap.

  NEWS:
  1.3.3c - Released 29-Oct-2010
  --------------------------------
  - Bug 3511 - SQLAuthType Backend not properly rejected by mod_sql_sqlite.
  - Bug 3513 - EPERM error logged unnecessarily for SFTP logins on Linux.
  - Bug 3517 - mod_quotatab decrements file tally improperly for failed DELE
      commands.
  - Bug 3518 - Support SiteMiscEngine directive, for disabling mod_site_misc
      functionality via proftpd.conf.
  - Bug 3519 - Inappropriate directory traversal allowed by mod_site_misc.
  - Bug 3521 - Telnet IAC processing stack overflow.

  1.3.3b - Released 09-Sep-2010
  --------------------------------
  - Bug 3481 - Problem with SFTP directory listings.
  - Bug 3483 - NULL pointer dereference handling SITE command in mod_quotatab.
  - Bug 3485 - Disabling IPv6 via -4 or --ipv4 command-line options does not work.
  - Bug 3487 - Null pointer dereference with EPRT/EPSV/PASV/PORT command during
      data transfer.
  - Bug 3482 - ProFTPD corrupts utmpx log files on FreeBSD 9.0/HEAD.
  - Bug 3491 - Directory pattern not matching as expected.
  - Bug 3492 - Null pointer dereference during data transfer due to RNFR/RNTO.
  - Bug 3494 - Null pointer dereference for IPv6-enabled proftpd when no
      DefaultServer configured.
  - Bug 3501 - <Anonymous> logins with "AuthAliasOnly on" still handled as
      anonymous logins.

  1.3.3a - Released 01-Jul-2010
  --------------------------------
  - Bug 3400 - Add Japanese translation.
  - Bug 3401 - mod_sftp does not compile with pre-0.9.7 OpenSSL.
  - Bug 3402 - mod_tls does not compile with pre-0.9.7 OpenSSL due to Bug#3349.
  - Bug 3403 - File upload followed by MLSD leads to wrong file size entries in
      TransferLog.
  - Bug 3405 - Multiple SFTPAuthorizedUserKeys stores causes segfault on 64-bit
      platforms.
  - Bug 3354 - Renaming a file across mount points to a full disk does not fail
      as expected.
  - Bug 3408 - Use <termios.h> instead of <sys/termios.h> where possible.
  - Bug 3412 - Include files not included after restart due to permissions.
  - Bug 3409 - Build failure on newer FreeBSD due to utmp/utmpx system changes.
  - Bug 3417 - Unsafe use of pointer when scanning config for ScoreboardFile.
  - Bug 3418 - %U sometimes showing up as "(none)" in ExtendedLog.
  - Bug 3421 - RewriteHome does not work properly for SFTP connections.
  - Bug 3419 - SSL_shutdown() errors with openssl-0.9.8m.
  - Bug 3423 - Last line of multiline DisplayLogin file improperly handled.
  - Bug 3426 - mod_sftp does not log to TransferLog by default.
  - Bug 3425 - Improperly constructed destination paths for SCP uploads.
  - Bug 3427 - mod_sftp does not handle recursive SCP uploads properly.
  - Bug 3432 - ExecBeforeCommand does not interpolate the %F/%f variables
      properly.
  - Bug 3434 - TraceLog contains messages even with "Trace DEFAULT:0" configured.
  - Bug 3435 - Encoding/decoding conversion can cause CPU spike.
  - Bug 3436 - Support build-time option to disable use of nonblocking open of
      log files.  Use --disable-nonblocking-log-open to get the pre-1.3.3 behavior
      of opening log files.
  - Bug 3437 - UseImplicitSSL TLSOption causes PBSZ/PROT commands to fail.
  - Bug 3439 - Encoding fails if an NLS-enabled proftpd starts in a UTF8 locale.
  - Bug 3446 - .ftpaccess ignored in some cases.
  - Bug 3447 - mod_sftp can become confused during large recursive SCP uploads.
  - Bug 3448 - Ensure that STAT/LSTAT/FSTAT SFTP requests do not use cached/stale
      data.
  - Bug 3449 - mod_sftp does not properly handle the O_TRUNC flag in a SFTP OPEN
      request.
  - Bug 3450 - mod_sftp does not properly handle the O_APPEND flag in a SFTP OPEN
      request.
  - Bug 3451 - WinSCP can't upload files using protocol version 5 with mod_sftp.
  - Bug 3452 - mod_sftp does not advertise its supported SFTP extensions for
      protocol version 5.
  - Bug 3454 - msgfmt(1) options used for generating NLS files are not compatible
      with Solaris' msgfmt.
  - Bug 3456 - Problem attempting to recursively download a directory via SCP.
  - Bug 3458 - mod_sftp incorrectly performs OpenSSL cleanup.
  - Bug 3459 - mod_radius segfaults during incorrect login due to stale data.
  - Bug 3460 - REALPATH SFTP request can cause improperly cached directory
      configuration.
  - Bug 3462 - ftpasswd script's --delete-user option does not work.
  - Bug 3463 - ftpasswd script's --delete-group option does not work.
  - Bug 3465 - SIGSEGV at LIST after CCC.
  - Bug 3470 - Deferred resolution <Directory> paths not handled properly by
      mod_sftp.
  - Bug 3469 - ExtendedLog's %f variable not properly expanded for DELE if path
      begins with tilde ('~').
  - Bug 3467 - mod_ifsession does not merge <Directory> blocks properly.
  - Bug 3471 - Null values in allow/deny rules causes mod_wrap2 to segfault.
  - Bug 3472 - mod_sftp publickey authentication fails for large keys.
  - Bug 3424 - Bad LDAP lookup can cause mod_ldap segfault under some conditions.
  - Bug 3476 - LIST/NLST of path starting with "-" fails.
  - Bug 3475 - Add new 'noGetgrouplist' AuthUnixOption to work around buggy
      libc code.
  - Bug 3474 - Using SQLite database and SQLLog directive can lead to problems
      under load.

  To generate a diff of this commit:
  cvs rdiff -u -r1.58 -r1.59 pkgsrc/net/proftpd/Makefile
  cvs rdiff -u -r1.21 -r1.22 pkgsrc/net/proftpd/PLIST
  cvs rdiff -u -r1.33 -r1.34 pkgsrc/net/proftpd/distinfo
  cvs rdiff -u -r1.8 -r1.9 pkgsrc/net/proftpd/options.mk
  cvs rdiff -u -r1.12 -r1.13 pkgsrc/net/proftpd/patches/patch-aa \
        pkgsrc/net/proftpd/patches/patch-ac
  cvs rdiff -u -r1.11 -r1.12 pkgsrc/net/proftpd/patches/patch-ab
  cvs rdiff -u -r1.7 -r0 pkgsrc/net/proftpd/patches/patch-ae

(spz)

Pullup ticket 3268 - requested by taca
security update

Revisions pulled up:
- pkgsrc/databases/mysql51-client/Makefile.common 1.13
- pkgsrc/databases/mysql51-client/distinfo 1.10
- pkgsrc/databases/mysql51-server/PLIST 1.10
- pkgsrc/databases/mysql51-server/distinfo 1.12

-------------------------------------------------------------------------
  Module Name:    pkgsrc
  Committed By:  taca
  Date:          Thu Nov  4 15:57:07 UTC 2010

  Modified Files:
          pkgsrc/databases/mysql51-client: Makefile.common distinfo
          pkgsrc/databases/mysql51-server: PLIST distinfo

  Log Message:
  Update mysql51-{client,server} package from 5.1.51 to 5.1.52.

  This is maintainous release and pleare refer in detail:

          http://dev.mysql.com/doc/refman/5.1/en/news-5-1-52.html

  One note from the changes:

  * Security Fix: In prepared-statement mode, EXPLAIN for a SELECT from
    a derived table caused a server crash. (Bug#54488)

  To generate a diff of this commit:
  cvs rdiff -u -r1.12 -r1.13 pkgsrc/databases/mysql51-client/Makefile.common
  cvs rdiff -u -r1.9 -r1.10 pkgsrc/databases/mysql51-client/distinfo
  cvs rdiff -u -r1.9 -r1.10 pkgsrc/databases/mysql51-server/PLIST
  cvs rdiff -u -r1.11 -r1.12 pkgsrc/databases/mysql51-server/distinfo

(spz)