Commit graph

242616 commits

Author SHA1 Message Date
joerg
028768fa37 py-expat is required for building. 2015-12-23 12:38:56 +00:00
joerg
8929071b42 Newer xmlto insists on using elinks as links, which in turn fails when
building as root. Sidestep both by depending on w3m instead.
2015-12-23 12:38:37 +00:00
wiz
d7737f4982 + mcsim-5.6.1. 2015-12-23 09:50:16 +00:00
ryoon
ccb085e4f0 Build ivshmem* conditionally, fix broken if conditional 2015-12-22 23:52:00 +00:00
ryoon
9129e02826 Updated security/gnupg to 1.4.20 2015-12-22 20:56:17 +00:00
ryoon
d31773c16f Update to 1.4.20
Changelog:
Noteworthy changes in version 1.4.20 (2015-12-20)
-------------------------------------------------

 * Reject signatures made using the MD5 hash algorithm unless the
   new option --allow-weak-digest-algos or --pgp2 are given.

 * New option --weak-digest to specify hash algorithms which
   should be considered weak.

 * Changed default cipher for symmetric-only encryption to AES-128.

 * Fix for DoS when importing certain garbled secret keys.

 * Improved error reporting for secret subkey w/o corresponding public
   subkey.

 * Improved error reporting in decryption due to wrong algorithm.

 * Fix cluttering of stdout with trustdb info in double verbose mode.

 * Pass a DBUS envvar to gpg-agent for use by gnome-keyring.
2015-12-22 20:55:41 +00:00
bsiegert
f07a25c3c0 Pull in https://golang.org/cl/17672, "math/big: fix carry propagation in
Int.Exp Montgomery code", to fix CVE-2015-8618.

From the oss-security posting that asked for a CVE:

"The Go open source project has received notification of an error in the
math/big library (https://golang.org/pkg/math/big/). The problem that was
identified is similar to CVE-2015-3193
<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3193>. The
vulnerability was introduced in the 1.5 release, and remains present in Go
1.5.1 and 1.5.2.

"A fix for the issue has been applied to the master branch of the Go repo
under CL 17672 <https://go-review.googlesource.com/#/c/17672/>. We will
also be releasing Go 1.5.3 to fix this vulnerability."

ok wiz@
2015-12-22 20:44:40 +00:00
tsutsui
77dcc7c58d Updated net/mikutter to 3.2.12 2015-12-22 16:35:00 +00:00
tsutsui
bdae0b2cc5 Update mikutter to 3.2.12. (leaf package update)
* mikutter's faked appearance crashed
2015-12-22 16:34:05 +00:00
sevan
1bbc93053f Account for files installed on OpenBSD
Reviewed by wiz@
2015-12-22 13:19:55 +00:00
sborrill
aa4982a843 rinetd support SIGHUP, so add reload command to rc.d script.
Bump PKGREVISION
2015-12-22 10:09:15 +00:00
bsiegert
1ab771e06e Pull in http://golang.org/cl/8261 to fix build on OpenIndiana,
PR pkg/50565.

ok wiz@
2015-12-21 20:20:02 +00:00
wiz
eaa9bd5c62 + calibre-2.47.0, gnucash-2.6.10, gnupg-1.4.20. 2015-12-21 17:20:35 +00:00
ryoon
6d3ed2c818 Updated www/apache-tomcat8 to 8.0.30 2015-12-21 17:04:42 +00:00
ryoon
dec2f01786 Update to 8.0.30
Changelog:
Tomcat 8.0.30 (markt)
Catalina

    Fix: 34319: Only load those keys in StoreBase.processExpire from JDBCStore, that are old enough, to be expired. Based on a patch by Tom Anderson. (fschumacher)
    Add: 56917: As per RFC7231 (HTTP/1.1), allow HTTP/1.1 and later redirects to use relative URIs. This is controlled by a new attribute useRelativeRedirects on the Context and defaults to true. (markt)
    Fix: 58629: Allow an embedded Tomcat instance to start when the Service has no Engine configured. (markt)
    Fix: 58635: Enable break points to be set within agent code when running Tomcat with a Java agent. Based on a patch by Huxing Zhang. (markt)
    Fix: 58660: Correct a regression in 8.0.29 caused by the change that moved the redirection for context roots from the Mapper to the Default Servlet. (markt)
    Fix: Fixed potential NPE in HostConfig while deploying an application. Issue reported by coverity scan. (violetagg)
    Fix: 58655: Fix an IllegalStateException when calling HttpServletResponse.sendRedirect() with the RemoteIpFilter. This was caused by trying to correctly generate the absolute URI for the redirect. With the fix for 56917, redirects may now be relative making the sendRedirect() implementation for the RemoteIpFilter much simpler. This also addresses issues where the redirect may not have behaved as expected when redirecting from http to https to from https to http. (markt)
    Fix: 58657: Exceptions in a Servlet 3.1 ReadListener or WriteListener do not need to be immediately fatal to the connection. Allow an error response to be written. (markt)

Coyote

    Fix: Improve upgrade context classloader handling by using Context.bind and unbind. (remm)

Jasper

    Fix: 57136#c25: Change default value of quoteAttributeEL setting in Jasper to be true for better compatibility with other implementations and older versions of Tomcat (8.0.26/7.0.64 and earlier). Add command line option -no-quoteAttributeEL in JspC. (kkolinko)

Cluster

    Fix: Fix potential integer overflow in DeltaSession. Reported by coverity scan. (fschumacher)

WebSocket

    Add: 55006: The WebSocket client now honors the java.net.java.net.ProxySelector configuration (using the HTTP type) when establishing WebSocket connections to servers. Based on a patch by Niki Dokovski. (markt)
    Fix: 58624: Correct a thread safety issue that meant that blocking message writes could block indefinitely if the WebSocket connection was closed while a message write was in progress. (markt)

Web Applications

    Fix: 58631: Correct the continuation character use in the Windows Service How-To page of the documentation web application. (markt)

Tribes

    Fix: Ensure that the static member is registered to the add suspect list even if the static member that is registered to the remove suspect list has disappeared. (kfujino)
    Fix: Correct the warning log of when the member that is not registered in the membership is detected. (kfujino)
    Fix: When using a static cluster, add the members that have been cached in the membership service to the map members list in order to ensure that the map member is a static member. (kfujino)

jdbc-pool

    Fix: Correct evaluation of system property org.apache.tomcat.jdbc.pool.onlyAttemptCurrentClassLoader. It was basically ignored before. Reported by coverity scan. (fschumacher)
    Fix: Fix potential integer overflow in ConnectionPool and PooledConnection. Reported by coverity scan. (fschumacher)

Other

    Update: Update optional Checkstyle library to 6.13. (kkolinko)

2015-11-24 Tomcat 8.0.29 (markt)
General

    Update: 58596: Clarify the description in RUNNING.txt of how environment variables are used. (markt)

Catalina

    Add: Extend the fix for 57136 to provide a JSP Servlet initialisation parameter per web application that controls whether or not EL in JSP attributes is processed as if it uses JSP attribute quoting. By default, EL does not use JSP attribute quoting. (markt)
    Fix: 57799: InputStream.available() was causing an IO operation to occur even in blocking mode, which caused problems with NIO2. (remm)
    Add: Extend the fix for 58228 to include ServletContext.getRealPath(). (markt)
    Add: 58486: Protect against two further possible memory leaks associated with XML parsing. (markt)
    Fix: 58490: Fixed NPE thrown when scanning for javax.servlet.ServletContainerInitializer in case the web application is not extracted. (violetagg)
    Code: 58497: Make AbstractHttp11Processor easy to extend. (markt)
    Fix: 58508: Escape role names when generating associated MBeans in case the role name contains characters not permitted in an MBean name. (markt)
    Fix: 58518: Correct a regression in the fix for 56777 that added support for URIs in config file locations. File paths on Windows could previously be specified with \ or / as the separator. 56777 broke that. (markt)
    Fix: 58519: Fix ISE thrown by web application classloader in some error conditions due to trying to call initCause() on a ClassNotFoundException which is not permitted. (markt)
    Fix: 58534: Removed repeated conditional tests in o.a.tomcat.websocket.pojo.PojoMethodMapping and o.a.tomcat.util.net.AprEndpoint Patch provided by Anthony Whitford. (violetagg)
    Fix: 58535: Use Collections.reverseOrder when a reverse ordering is needed. (violetagg)
    Fix: 58537, 58546: Some of the inner classes in o.a.catalina.valves.ExtendedAccessLogValve and o.a.tomcat.util.net.SecureNio2Channel are made static. Patch provided by Anthony Whitford. (violetagg)
    Fix: 58540: Removed unused code from o.a.catalina.connector.Request. Patch provided by Anthony Whitford. (violetagg)
    Fix: 58541, 58544: It is more efficient to call Integer.toString(int) instead of Integer.valueOf(int).toString() when only a string representation of a primitive is needed. Based on a patch provided by Anthony Whitford. (violetagg)
    Fix: 58541, 58547: It is more efficient to call valueOf(...) instead of Number constructor. Based on a patch provided by Anthony Whitford. (violetagg)
    Fix: 58545: In some use cases it is more efficient to use Map.entrySet() instead of Map.keySet() Based on a patch provided by Anthony Whitford. (violetagg)
    Fix: Ensure that ServletRequest.getContentLengthLong is used instead of ServletRequest.getContentLength for servlets and valves provided by Tomcat. The API is available since Servlet specification 3.1. (violetagg)
    Add: Add a new RestCsrfPreventionFilter that provides basic CSRF protection for REST APIs. (violetagg)
    Fix: 58578: Avoid NPE accessing cookies during access logging for request that had no context mapping. (remm)
   error page fails, fall back to the standard error page rather than throwing an NPE. Based on a patch by Huxing Zhang. (markt)
    Fix: 58582: Combined realm should perform background processing on its sub-realms. Based upon a patch provided by Aidan. (schn additional check that a client provided session ID is in use in at least one other web application before allowing it to be used as the ID for a new session in the current web application. (markt)
    Add: Add support for DIGEST authentication to the JN
    Fix: Ensure that in an embedded Tomcat the logging configuration is not lost during garbage collection. (violetagg)
    Add: Move the functionality that provides redirects for context roots and directories where a trailing / is added from the Mapper to the DefaultServlet. This enables such requests to be processed by any configured Valves and Filters before the redirect is made. This behaviour is configurable via the mapperContextRootRedirectEnabled and mapperDirectoryRedirectEnabled attributes of the Context which may be used to restore the previous behaviour. (markt)

Coyote

    Fix: Cancel pending blocking IO operation following a timeout in the NIO2 connector. (remm)
    Fix: Add instance manager support for upgrade handlers, and set context class loader. (remm)
    Update: Synchronize OpenSSL to JSSE cipher mapping to recent OpenSSL changes. In particular, TLSv1.0 is now an alias for those ciphers that require TLSv1 and will not work with SSLv3. TLSv1 remains an alias for SSLv3. (markt)

Jasper

    Add: Deprecate the STRICT_QUOTE_ESCAPING system property and replace it with an initialisation parameter for the JSP Servlet. This enables per web application control of this configuration setting. (markt)

Cluster

    Fix: Optimize the session lock range in DeltaManager.requestCompleted. (kfujino)
    Fix: Enable an explicit configuration of local member in the static cluster membership. (kfujino)

Tribes

    Code: Distinguish the handling of the shutdown payload and member verification clearly. When handling shutdown payload, verification completion message is not required. (kfujino)
    Fix: When starting the StaticMembershipInterceptor, StaticMembershipInterceptor checks the required Interceptors. If the required Interceptor does not exist, it issues warning logs. (kfujino)

WebSocket

    Fix: Use instance manager for server endpoint instances. (remm)

Web applications

    Add: Make it clear in the documentation for the CGI servlet that the debug page is not considered secure and should not be used in production. (markt)
    Fix: The domain attribute of StaticMember is not required but optional. (kfujino)

jdbc-pool

    Fix: 58489: Correct QueryStatsComparator to hold up the general contract for Comparator. (fschumacher)
    Fix: When creating a QueryStats object, ensure that maxQueries is checked. If maxQueries is a value less than or equal to 0, QueryStats are never created. (kfujino)

Other

    Update: Update optional Checkstyle library to 6.12.1. (kkolinko)
    Add: Add support for creating a FindBugs report when building Tomcat. It is disabled by default. (violetagg)

2015-10-12 Tomcat 8.0.28 (markt)
Catalina

    Add: Add support for the custom classpath protocol in URLs. It an be used anywhere Tomcat accepts a URL for a configuration parameter. (markt)
    Fix: 56777: Allow file based configuration resources (user database, certificate revocation lists, keystores and trust stores) to be configured using URLs as well as files. (markt)
    Fix: Perform null-checking on input and stored credentials in all Realms before passing credentials off to CredentialHandlers for matching. (schultz)

Coyote

    Update: Add the new ciphers from RFC6655 and RFC7251 to the OpenSSL to JSSE cipher mapping. (markt)
    Update: Remove DES, RC2 and RC4 from DEFAULT for the OpenSSL to JSSE cipher mapping to align with the OpenSSL development branch. (markt)

Jasper

    Fix: Improve the error message when JSP parser encounters an error parsing an attribute value. (markt)

Web applications

    Update: 58474: Provide a reference to the differences between CATALINA_HOME and CATALINA_BASE in the sample application that is part of the documentation web application. (markt)

Extras

    Fix: Ensure JULI adapters does not include the LogFactoryImpl class. Patch provided by Benjamin Gandon. (markt)

2015-10-01 Tomcat 8.0.27 (markt)
Catalina

    Fix: 58187: Correct a regression in the fix for 57765 that meant that deployment of web applications deployed via the Manager application was delayed until the next execution of the automatic deployment background process. (markt)
    Fix: 58284: Correctly implement session serialization so non-serializable attributes are skipped with a warning. Patch provided by Andrew Shore. (markt)
    Fix: 58313: Fix concurrent access of encoders map when clearing encoders prior to switch to async. (markt)
    Fix: 58320: Fix concurrent access of request attributes which is possible during asynchronous processing. (markt)
    Fix: 58352: Always trigger a thread dump if Tomcat fails to stop gracefully from catalina.sh even if using -force. Patch provided by Alexandre Garnier. (markt)
    Fix: 58368: Fix a rare data race in the code that obtains the ApplicationFilterFactory instance. (markt)
    Fix: 58369: Fix a rare data race in the code that obtains the CookieProcessor for a StandardContext instance. (markt)
    Fix: Ensure the JAASRealm uses the configured CredentialHandler. (markt)
    Fix: 58372: Fix rare data races closed and suspended flags that could be triggered by async and/or comet processing. (markt)
    Fix: 58373: Fix rare data race with the application event listeners for StandardContext. (markt)
    Fix: 58374: Fix a rare data race in the AsyncContext implementation for access to the internal Tomcat request object to which it holds a reference. (markt)
    Fix: 58380: Fix two rare data races in the standard session implementation on the flag that tracks if the session is new and on the field that tracks the maximum inactive period. (markt)
    Fix: 58385: Fix a rare data race in the internal flag Tomcat uses to keep track of whether or not a request is being used for Comet processing. (markt)
    Fix: 58394: Fix a rare data race in Mapper when adding or removing a host. (markt)
    Fix: 58398: Fix a rare data race in LifecycleSupport. (markt)
    Fix: 58412: Ensure that the AsyncFileHandler has the source class and method name available for logging. (fschumacher)
    Fix: 58416: Correctly detect when a forced stop fails to stop Tomcat because the Tomcat process is waiting on some system call or is uninterruptible. (markt)
    Fix: 58436: Fix some rare data races in JULI's ClassLoaderLogManager during shutdown. (markt)
    Fix: 58845: Fix off-by one error in calculation of valid characters in a cookie domain. Patch provided by Thorsten Ehlers. (markt)

Coyote

    Fix: Correct some edge cases in RequestUtil.normalize(). (markt)
    Fix: 58275: The IBM JREs accept cipher suite names starting with TLS_ or SSL_ but when listing the supported cipher suites only the SSL_ version is reported. This can break Tomcat's check that at least one requested cipher suite is supported. Tomcat now includes a work-around so either form of the cipher suite name can be used when running on an IBM JRE. (markt)
    Fix: 58357: For reasons not currently understood when the APR/native connector is used with OpenSSL reads can return an error code when there is no apparent error. This was work-around for HTTP upgrade connections by treating this as EAGAIN. The same fix has now been applied to the standard HTTP connector. (markt)
    Code: Minor clean-up in NIO2 SSL handshake code to address some theoretical concurrency issues. (markt)
    Fix: 58367: Fix a rare data race in the code that obtains the reason phrase for a given HTTP response code. (markt)
    Fix: 58370: Fix a rare data race in the connector shutdown code. (markt)
    Fix: 58371: Fix a rare data race when accessing request URI in String form when switching from non-async to async due to early triggering of the gathering of request statistics. (markt)
    Fix: 58375: Fix a rare data race on the internal flag Tomcat uses to mark a response as committed. (markt)
    Fix: 58377: Fix a rare data race on the internal flag Tomcat uses to mark a request as using HTTP keep-alive when switching to asynchronous processing. (markt)
    Fix: 58379: Fix a rare data race on the internal reference Tomcat retains to the socket when switching to asynchronous processing. (markt)
    Fix: 58387: Fix a rare data race when closing Comet connections. (markt)
    Fix: 58388: Fix a data race when determining if Comet processing is occurring on a container or non-container thread. (markt)
    Fix: 58389: Fix a rare data race while shutting down the thread pools on Connector stop. (markt)
    Code: Clean up use of error flag on socket wrapper prompted by 58390. (markt)
    Code: Remove some unnecessary code from the NIO Poller and fix 58396 as a side-effect. (markt)
    Fix: 57799: Remove useless sendfile check for NIO SSL. (remm)

Jasper

    Fix: 57136: Correct a regression in the previous fix for this issue. \${ should only be an escape for ${ within an EL expression. Within a JSP page \$ should be an escape for $. The EL specification applies when parsing the expression delimited by ${ and }. Parsing of the delimiting ${ and } is the responsibility of the JSP specification. (markt)
    Fix: 58296: Fix a memory leak in the JSP unloading feature that meant that using a value other than -1 for maxLoadedJsps triggered a memory leak once the limit was reached. (markt)
    Fix: 58327: Cache the expression string for value expression literals since it is frequently used and may be expensive to evaluate. Patch provided by Andreas Kohn. (markt)
    Fix: 58340: Improve error reporting for tag files packaged in JARs. (markt)
    Fix: 58424: When parsing TLD files, allow whitespace around boolean configuration values. (schultz)
    Fix: Fix a possible resource leak reported by coverity scan. (fschumacher)
    Fix: 58427: Enforce the JSP specification defined limitations of which elements are allowed in an implicit.tld file. (markt)
    Fix: 58444: Ensure that JSPs work with any custom base class that meets the requirements defined in the JSP specification without requiring that base class to implement Tomcat specific code. (markt)

Cluster

    Fix: Fix a default clusterListeners in SimpleTcpCluster. The optimal default value is different for each session manager. ClusterSessionListener is never used in BackupManager. (kfujino)
    Fix: Correct log messages in case of using BackupManager. (kfujino)

WebSocket

    Fix: 58342: Fix a copy and paste error that meant MessageHandler removal could fail for binary and pong MessageHandlers. Patch provided by DJ. (markt)
    Fix: Data races detected by RV-Predict, mostly caused by completion handlers running in separate threads. (markt)
    Fix: 58414: Correctly handle sending zero length messages when using per message deflate. (markt)

Web applications

    Fix: Correct documentation for cluster-howto. (kfujino)
    Fix: Add missing documentation for property alwaysAddExpires for the LegacyCookieProcessor. (markt)

Tribes

    Add: Add support for configurations of ChannelListener and MembershipListener in server.xml. (kfujino)
    Fix: Correct log messages in case of using ReplicatedMap. (kfujino)
    Fix: 58381: Fix a rare data race in the NioReceiver. (markt)
    Fix: 58382: Fix multiple rare data races in the default membership implementation. (markt)
    Fix: 58383: Fix a data race in SenderState. (markt)
    Fix: 58386: Fix a data race in ObjectReader. (markt)
    Fix: 58391: Fix multiple data races in NonBlockingCoordinator, most of which were associated with ensuring that log messages contained the correct information. (markt)
    Fix: 58392: Fix a data race in DomainFilterInterceptor. (markt)
    Fix: 58393: Fix a data race on the listener in McastService. (markt)
    Fix: 58395: Fix multiple data races in MemberImpl that were likely to cause issues if certain properties were updated concurrently (such updates are unlikely in normal usage). (markt)
    Code: Remove some unnecessary code from PooledParallelSender and fix 58397. (markt)

jdbc-pool

    Fix: Make sure the pool has been properly configured when attributes that related to the pool size are changed via JMX. (kfujino)

Other

    Fix: Ensure logging works for all tests in a class rather than just the first one executed. (markt)
    Add: 58344: Add build properties to enable tests to be executed against alternative binaries. Based on a patch by Petr Sumbera. (markt)
2015-12-21 17:04:13 +00:00
ryoon
1c448545dc Updated www/apache-tomcat7 to 7.0.67 2015-12-21 17:03:55 +00:00
ryoon
fec03bdd4f Update to 7.0.67
Changelog:
Tomcat 7.0.67 (violetagg)

    Catalina

        add	56917: As per RFC7231 (HTTP/1.1), allow HTTP/1.1 and later redirects to use relative URIs. This is controlled by a new attribute useRelativeRedirects on the Context and defaults to true. (markt)
        fix	58660: Correct a regression in 7.0.66 caused by the change that moved the redirection for context roots from the Mapper to the Default Servlet. (markt)
        fix	Fixed potential NPE in HostConfig while deploying an application. Issue reported by coverity scan. (violetagg)
        fix	58655: Fix an IllegalStateException when calling HttpServletResponse.sendRedirect() with the RemoteIpFilter. This was caused by trying to correctly generate the absolute URI for the redirect. With the fix for 56917, redirects may now be relative making the sendRedirect() implementation for the RemoteIpFilter much simpler. This also addresses issues where the redirect may not have behaved as expected when redirecting from http to https to from https to http. (markt)

    WebSocket

        fix	58658: Correct a regression in 7.0.66 that prevented Tomcat from starting on Java 6 unless the WebSocket JARs (that require Java 7) were removed. (markt)

    Web Applications

        add	Add a description of the default value of heartbeatSleeptime attribute and optionCheck attribute in the cluster channel docs. (kfujino)

    Tribes

        fix	Fix potential NPE in AbstractReplicatedMap.breakdown(). (kfujino)

Tomcat 7.0.66 (violetagg)	not released

    General

        update	58596: Clarify the description in RUNNING.txt of how environment variables are used. (markt)

    Catalina

        fix	34319: Only load those keys in StoreBase.processExpire from JDBCStore, that are old enough, to be expired. Based on a patch by Tom Anderson. (fschumacher)
        fix	56777: Allow file based configuration resources (user database, certificate revocation lists, keystores and trust stores) to be configured using URLs as well as files. Back-port provided by Huxing Zhang. (markt/violetagg)
        add	57741: Enable the CGI servlet to use the standard error page mechanism. Note that if the CGI servlet's debug init parameter is set to 10 or higher then the standard error page mechanism will be bypassed and a debug response generated by the CGI servlet will be returned instead. (markt)
        add	58486: Protect against two further possible memory leaks associated with XML parsing. (markt)
        code	58497: Make AbstractHttp11Processor easy to extend. (markt)
        fix	58508: Escape role names when generating associated MBeans in case the role name contains characters not permitted in an MBean name. (markt)
        fix	58522: Fixed concurrency issue when iterating web application's resources. (violetagg)
        fix	58534: Removed repeated conditional tests in o.a.tomcat.websocket.pojo.PojoMethodMapping and o.a.tomcat.util.net.AprEndpoint Patch provided by Anthony Whitford. (violetagg)
        fix	58535: Use Collections.reverseOrder when a reverse ordering is needed. (violetagg)
        fix	58537: Some of the inner classes in o.a.catalina.valves.ExtendedAccessLogValve are made static. Patch provided by Anthony Whitford. (violetagg)
        fix	58540: Removed unused code from o.a.catalina.connector.Request. Patch provided by Anthony Whitford. (violetagg)
        fix	58541, 58544: It is more efficient to call Integer.toString(int) instead of Integer.valueOf(int).toString() when only a string representation of a primitive is needed. Based on a patch provided by Anthony Whitford. (violetagg)
        fix	58541, 58547: It is more efficient to call valueOf(...) instead of Number constructor. Based on a patch provided by Anthony Whitford. (violetagg)
        fix	58545: In some use cases it is more efficient to use Map.entrySet() instead of Map.keySet() Based on a patch provided by Anthony Whitford. (violetagg)
        add	Add a new RestCsrfPreventionFilter that provides basic CSRF protection for REST APIs. (violetagg)
        fix	58581: If a custom error page fails, fall back to the standard error page rather than throwing an NPE. Based on a patch by Huxing Zhang. (markt)
        fix	58582: Combined realm should perform background processing on its sub-realms. Based upon a patch provided by Aidan. (kkolinko)
        fix	Handle the unlikely case where different versions of a web application are deployed with different session settings. (markt)
        add	Add a new Context option, enabled by default, that enables an additional check that a client provided session ID is in use in at least one other web application before allowing it to be used as the ID for a new session in the current web application. (markt)
        add	Add support for DIGEST authentication to the JNDIRealm. Based on a patch by Alexis Hassler. (markt)
        fix	58603: Ensure that HttpServletRequest.getRequestURL() returns the correct value when using the RemoteIpFilter. (markt)
        fix	Ensure that in an embedded Tomcat the logging configuration is not lost during garbage collection. (violetagg)
        add	Move the functionality that provides redirects for context roots and directories where a trailing / is added from the Mapper to the DefaultServlet. This enables such requests to be processed by any configured Valves and Filters before the redirect is made. This behaviour is configurable via the mapperContextRootRedirectEnabled and mapperDirectoryRedirectEnabled attributes of the Context which may be used to restore the previous behaviour. (markt)
        fix	58635: Enable break points to be set within agent code when running Tomcat with a Java agent. Based on a patch by Huxing Zhang. (markt)

    Jasper

        fix	57136#c25: Implement a setting that controls what quoting rule is used when parsing EL expressions in attributes on a JSP page (chapter JSP.1.6 of specification). The setting name is quoteAttributeEL and it is configured as initialisation parameter of JSP Servlet (per web application configuration is possible) and as a command line option for JspC. The default value was changed to true, which restores behaviour implemented in Tomcat 7.0.64. It means that attribute quoting is applied on top of EL quoting. This provides better compatibility with older versions of Tomcat and other implementations. (kkolinko)

    Cluster

        fix	Optimize the session lock range in DeltaManager.requestCompleted. (kfujino)
        fix	Enable an explicit configuration of local member in the static cluster membership. (kfujino)
        fix	Fix potential integer overflow in DeltaSession. Reported by coverity scan. (fschumacher)

    Tribes

        code	Distinguish the handling of the shutdown payload and member verification clearly. When handling shutdown payload, verification completion message is not required. (kfujino)
        fix	When starting the StaticMembershipInterceptor, StaticMembershipInterceptor checks the required Interceptors. If the required Interceptor does not exist, it issues warning logs. (kfujino)
        fix	Ensure that the static member is registered to the add suspect list even if the static member that is registered to the remove suspect list has disappeared. (kfujino)
        fix	Correct the warning log of when the member that is not registered in the membership is detected. (kfujino)
        fix	When using a static cluster, add the members that have been cached in the membership service to the map members list in order to ensure that the map member is a static member. (kfujino)

    WebSocket

        fix	Use instance manager for server endpoint instances. (remm)
        add	55006: The WebSocket client now honors the java.net.java.net.ProxySelector configuration (using the HTTP type) when establishing WebSocket connections to servers. Based on a patch by Niki Dokovski. (markt)
        fix	58624: Correct a thread safety issue that meant that blocking message writes could block indefinitely if the WebSocket connection was closed while a message write was in progress. (markt)

    Web applications

        add	Make it clear in the documentation for the CGI servlet that the debug page is not considered secure and should not be used in production. (markt)
        fix	The domain attribute of StaticMember is not required but optional. (kfujino)
        fix	58631: Correct the continuation character use in the Windows Service How-To page of the documentation web application. (markt)

    jdbc-pool

        fix	58489: Correct QueryStatsComparator to hold up the general contract for Comparator. (fschumacher)
        fix	When creating a QueryStats object, ensure that maxQueries is checked. If maxQueries is a value less than or equal to 0, QueryStats are never created. (kfujino)
        fix	Fix potential integer overflow in ConnectionPool and PooledConnection. Reported by coverity scan. (fschumacher)

Tomcat 7.0.65 (violetagg)	released 2015-10-19

    Catalina

        add	57681: Add a web application class loader implementation that supports the parallel loading of web application classes. Use of this feature requires a Java 7 or later JRE. Based on a patch by Huxing Zhang. (markt)
        fix	58187: Correct a regression in the fix for 57765 that meant that deployment of web applications deployed via the Manager application was delayed until the next execution of the automatic deployment background process. (markt)
        fix	58284: Correctly implement session serialization so non-serializable attributes are skipped with a warning. Patch provided by Andrew Shore. (markt)
        fix	58313: Fix concurrent access of encoders map when clearing encoders prior to switch to async. (markt)
        fix	58320: Fix concurrent access of request attributes which is possible during asynchronous processing. (markt)
        code	In preparation for implementing enhancement 57681, replace the use of the StandardClassLoader with URLClassLoader. This removes the server class loader from JMX. (markt)
        fix	58352: Always trigger a thread dump if Tomcat fails to stop gracefully from catalina.sh even if using -force. Patch provided by Alexandre Garnier. (markt)
        fix	58416: Correctly detect when a forced stop fails to stop Tomcat because the Tomcat process is waiting on some system call or is uninterruptible. (markt)
        fix	58436: Fix some rare data races in JULI's ClassLoaderLogManager during shutdown. (markt)

    Coyote

        fix	Correct some edge cases in RequestUtil.normalize(). (markt)
        fix	58275: The IBM JREs accept cipher suite names starting with TLS_ or SSL_ but when listing the supported cipher suites only the SSL_ version is reported. This can break Tomcat's check that at least one requested cipher suite is supported. Tomcat now includes a work-around so either form of the cipher suite name can be used when running on an IBM JRE. (markt)
        fix	58357: For reasons not currently understood when the APR/native connector is used with OpenSSL reads can return an error code when there is no apparent error. This was work-around for HTTP upgrade connections by treating this as EAGAIN. The same fix has now been applied to the standard HTTP connector. (markt)
        fix	57799: Remove useless sendfile check for NIO SSL. (remm)

    Jasper

        fix	57136: Correct a regression in the previous fix for this issue. \${ should only be an escape for ${ within an EL expression. Within a JSP page \$ should be an escape for $. The EL specification applies when parsing the expression delimited by ${ and }. Parsing of the delimiting ${ and } is the responsibility of the JSP specification. (markt)
        fix	58296: Fix a memory leak in the JSP unloading feature that meant that using a value other than -1 for maxLoadedJsps triggered a memory leak once the limit was reached. (markt)
        fix	58340: Improve error reporting for tag files packaged in JARs. (markt)
        fix	58444: Ensure that JSPs work with any custom base class that meets the requirements defined in the JSP specification without requiring that base class to implement Tomcat specific code. (markt)

    Cluster

        fix	Fix a default clusterListeners in SimpleTcpCluster. The optimal default value is different for each session manager. ClusterSessionListener is never used in BackupManager. (kfujino)
        fix	Correct log messages in case of using BackupManager. (kfujino)

    WebSocket

        fix	58342: Fix a copy and paste error that meant MessageHandler removal could fail for binary and pong MessageHandlers. Patch provided by DJ. (markt)
        fix	58414: Correctly handle sending zero length messages when using per message deflate. (markt)

    Web applications

        fix	Correct documentation for cluster-howto. (kfujino)

    Extras

        fix	Ensure JULI adapters does not include the LogFactoryImpl class. Patch provided by Benjamin Gandon. (markt)

    Tribes

        add	Add support for configurations of ChannelListener and MembershipListener in server.xml. (kfujino)
        fix	Correct log messages in case of using ReplicatedMap. (kfujino)

    jdbc-pool

        fix	Make sure the pool has been properly configured when attributes that related to the pool size are changed via JMX. (kfujino)
2015-12-21 17:03:26 +00:00
mef
e697976fea Updated ham/fldigi to 3.23.07.04 2015-12-21 13:25:47 +00:00
mef
70b59abdf4 Update 3.23.07.03 to 3.23.07.04
--------------------------------
Previous distfile seems to be gone, so minor update.
ChangeLog not known, and sorry for updating during freeze.
2015-12-21 13:25:35 +00:00
richard
7fdb5f2308 From upstream https://bz.mercurial-scm.org/show_bug.cgi?id=4943
# Files opened in a+ mode have inconsistent behavior on various
# platforms. Windows requires that a file positioning call be made
# when the file handle transitions between reads and writes. See
# 3686fa2b8eee and the mixedfilemodewrapper in windows.py. On other
# platforms, Python or the platform itself can be buggy. Some versions
# of Solaris have been observed to not append at the end of the file
# if the file was seeked to before the end. See issue4943 for more.
#
# We work around this issue by inserting a seek() before writing.
# Note: This is likely not necessary on Python 3.

bump PKGREVISION
okay'd by wiz@
2015-12-21 13:19:17 +00:00
ryoon
83b1de293e Add devel/poco* to TODO 2015-12-21 12:34:58 +00:00
ryoon
3257477ea7 Fix build under NetBSD 6 or other platform that has no shm_open()
Fix PR pkg/50572.
2015-12-21 12:10:22 +00:00
dbj
105e0563ab update emulators/stella to 4.6.7 and enable darwin 2015-12-21 06:46:04 +00:00
sevan
da79f20d70 Account file installed on FreeBSD specifically
Reviewed by wiz@
2015-12-21 00:33:47 +00:00
sevan
6beaef5307 PLIST.auth_socket also applies to FreeBSD
Reviewed by wiz@
2015-12-21 00:32:15 +00:00
wiz
9d76a101ba + Hack-ttf-2.018, MesaLib-11.1, Sigil-0.9.2, afl-1.96b, apache24-2.4.18,
argon2-20151206, caff-2.2, cups-filters-1.5.0, drupal-8.0,
  ffmpeg2-2.8.4, fmsx-4.4, global-6.5.2, gst-plugins1-base-1.6.2,
  gst-plugins1-good-1.6.2, gst-plugins1-ugly-1.6.2, gstreamer1-1.6.2,
  libmicrohttpd-0.9.48, lilv-0.22.0, mcsim-5.6.0, meld-3.15.1,
  musicpd-0.19.12, openttd-1.5.3, p5-Archive-Zip-1.56,
  p5-Business-ISBN-Data-20140910.003, p5-CGI-4.23, p7zip-15.09,
  py-cffi-1.4.1, py-decorator-4.0.6, py-requests-toolbelt-0.5.1,
  py-setuptools-19.1.1, py-tortoisehg-3.6.2, racket-6.3, serd-0.22.0,
  sord-0.14.0, wine-1.8, x264-devel-20151219.
2015-12-20 15:50:20 +00:00
sevan
2f0f3ed4c4 Account files installed on FreeBSD specifically
Reviewed by wiz@
2015-12-20 12:39:30 +00:00
taca
171eab0c3d Note update of lang/ruby22-base package to 2.2.4nb1 replacing with previous
lang/ruby22 entry.
2015-12-20 05:29:20 +00:00
taca
983f1f969a Bump PKGREVISION.
There are enough period that all patch files are ignored due to missing
from distinfo.
2015-12-20 05:27:46 +00:00
taca
2e3573a964 Revert previous commit since it was wrong packge to bump PKGREVISION. 2015-12-20 05:26:31 +00:00
taca
b24e6180a2 + samba-4.3.3. 2015-12-20 05:22:51 +00:00
taca
3786f38722 Note update of lang/ruby22 package to 2.2.4nb1. 2015-12-20 05:21:19 +00:00
taca
a17693a415 Bump PKGREVISION.
There are enough period that all patch files are ignored due to missing
from distinfo.
2015-12-20 05:20:30 +00:00
wen
a901501cf0 Updated www/mediawiki to 1.26.1 2015-12-20 02:32:25 +00:00
wen
d8a7a974f9 Update to 1.26.1(security update)
Upstream changes:
MediaWiki 1.26.1

This is a security and bug fix release of the MediaWiki 1.26 branch.
Changes since 1.26

    (bug T117899) SECURITY: $wgArticlePath can no longer be set to relative paths that do not begin with a slash. This enabled trivial XSS attacks. Configuration values such as "http://my.wiki.com/wiki/$1" are fine, as are "/wiki/$1". A value such as "$1" or "wiki/$1" is not and will now throw an error
    (bug T119309) SECURITY: Use hash_compare() for edit token comparison
    (bug T118032) SECURITY: Don't allow cURL to interpret POST parameters starting with '@' as file uploads
    (bug T115522) SECURITY: Passwords generated by User::randomPassword() can no longer be shorter than $wgMinimalPasswordLength
    (bug T97897) SECURITY: Improve IP parsing and trimming. Previous behavior could result in improper blocks being issued
    (bug T109724) SECURITY: Special:MyPage, Special:MyTalk, Special:MyContributions and related pages no longer use HTTP redirects and are now redirected by MediaWiki
    Fixed ConfigException in ExpandTemplates due to AlwaysUseTidy.
    Fixed stray literal \n in Special:Search.
    Fix issue that breaks HHVM Repo Authorative mode.
    (bug T120267) Work around APCu memory corruption bug
2015-12-20 02:31:05 +00:00
mef
cd69877dfc Githubify, with GITHUB_RELEASE variable. 2015-12-19 22:38:32 +00:00
markd
d74046a25f blender update. 2015-12-19 20:54:31 +00:00
markd
a3c5cc5cfa Update blender to 2.76b
Fixes build with python35  (PR pkg/50566)

Blender 2.76, released Oct 9, 2015. (Update 2.76b is from Nov 3 2015).
- Initial support for Pixar's OpenSubdiv geometry subdivision technology.
- A huge view-port performance boost.
- Big file browser performance boost and arrow keys navigation support.
- Node auto-offset feature that helps organizing node layouts.
- Absolute grid snapping in the 3D view.
- Sculpting with tiled strokes.
- Text effect strips for the sequencer, supporting subtitle export
- As usual, hundreds of bugs fixed and other improvements!

Blender 2.75a release.
- Blender now supports a fully integrated Multi-View and Stereo 3D pipeline
- Cycles has much awaited initial support for AMD GPUs, and a new Light
  Portals feature.
- UI now allows font previews in the file browser.
- High quality options for viewport depth of field were added
- Modeling has a new Corrective Smooth modifier.
- The Decimate modifier was improved significantly.
- 3D viewport painting now supports symmetry and the distribution of Dynamic
  Topology was improved
- Video Sequence Editor: Placeholders can now replace missing frames of
  image sequences
- Game Engine now allows smoother LOD transitions, and supports mist
  attributes animation
- And: 100s of bug fixes and smaller feature improvements.
2015-12-19 20:52:12 +00:00
leot
4b46dfecad Updated net/youtube-dl to 20151218 2015-12-19 19:39:54 +00:00
leot
afaf2cbcc3 Update net/youtube-dl to 2015.12.18.
Update during the freeze approved by jperkin@
(while strictly speaking net/youtube-dl is a leaf package there are various
possible consumers, e.g. multimedia/mpv)

Changes:
2015.12.18:
 o Misc bugfixes and improvements (most user visible change is the fixes
   for #7900 and #7901 that fixes extraction of various youtube videos)

2015.12.13
 o New [funimation] extractor
 o Misc bugfixes and improvements

2015.12.10:
 o Misc bugfixes and improvements
2015-12-19 19:39:28 +00:00
taca
431051a05e Restrict PHP_VERSIONS_ACCEPTED to 55 and 56. 2015-12-19 14:27:12 +00:00
tsutsui
4af0f9785a Describe scim option. 2015-12-19 14:13:19 +00:00
martin
d37e0b28ad Updated www/firefox to 43.0nb1 2015-12-19 12:52:19 +00:00
martin
dcf3e88adf Remove changes for bugzilla ticket #1026499 which has been resolved
differently upstream.
2015-12-19 12:50:55 +00:00
tsutsui
bcf592fbef Updated x11/mlterm to 3.6.1 2015-12-19 11:44:09 +00:00
tsutsui
544dbb977f Update mlterm to 3.6.1. (leaf package update)
pkgsrc changes:
 - explicitly specify configure options which are changed to default
 - make scim configurable via option.mk (disabled by default)

Changes noted in doc/en/ReleaseNote:

ver 3.6.1
* Support DECDHL and DECDWL.
* Support button event mouse tracking (CSI?1002) and any event mouse tracking (CSI?1003)
  in MacOSX/Cocoa and Android.
* Support blinking cursor in MacOSX/Cocoa.
* Add 'autohide' value to 'scrollbar_mode' option.
* Disable conversion from Unicode to ISCII if use_ctl = false.
* Drop mlterm.ti and mlterm.tc which haven't been maintained recently.
* Build 'extra' and 'pixmap_engine' scrollbars by default.
* Enable following configure options by default.
  --enable-ind, --enable-ssh2, --enable-utmp, --enable-uim, --enable-m17nlib,
  --enable-scim, --enable-ibus, --enable-fcitx, --enable-canna, --enable-wnn
* Support ssh2 connection on framebuffer.
* Set XID of text screen instead of top window as the value of WINDOWID environmental variable.
* Bug fixes:
  Fix a bug which disabled CSI?3h and CSI?3l. (Enbugged at 3.6.0)
2015-12-19 11:43:24 +00:00
tsutsui
90d2ccad1c Updated net/mikutter to 3.2.11 2015-12-19 11:33:58 +00:00
tsutsui
0765041f09 Update mikutter to 3.2.11. (leaf package update)
* no response on clicking mouse over icons on some environments
* fix a spello method
2015-12-19 11:32:45 +00:00
ryoon
0ef34ad468 Remove unused patch
From David Bariod
2015-12-19 10:26:44 +00:00
ryoon
0059c5f03a Fix build under NetBSD 6, at least i386 2015-12-18 23:51:16 +00:00