The NetBSD Project

CVS log for pkgsrc/net/samba4/Makefile

[BACK] Up to [cvs.NetBSD.org] / pkgsrc / net / samba4

Request diff between arbitrary revisions


Default branch: MAIN


Revision 1.154 / (download) - annotate - [select for diffs], Fri Nov 25 10:21:14 2022 UTC (13 days, 3 hours ago) by wiz
Branch: MAIN
CVS Tags: HEAD
Changes since 1.153: +3 -4 lines
Diff to previous 1.153 (colored)

samba: update to 4.17.3.

This is a security release in order to address the following defects:


o CVE-2022-42898: Samba's Kerberos libraries and AD DC failed to guard against
                  integer overflows when parsing a PAC on a 32-bit system, which
                  allowed an attacker with a forged PAC to corrupt the heap.
                  https://www.samba.org/samba/security/CVE-2022-42898.html

Changes since 4.17.2
--------------------
o  Joseph Sutton <josephsutton@catalyst.net.nz>
   * BUG 15203: CVE-2022-42898

o  Nicolas Williams <nico@twosigma.com>
   * BUG 15203: CVE-2022-42898

Revision 1.150.2.1 / (download) - annotate - [select for diffs], Sat Nov 5 17:58:53 2022 UTC (4 weeks, 4 days ago) by bsiegert
Branch: pkgsrc-2022Q3
Changes since 1.150: +2 -2 lines
Diff to previous 1.150 (colored) next main 1.151 (colored)

Pullup ticket #6694 - requested by taca
devel/samba4: security fix

via patch -- update to 4.16.6

---
   Samba 4.16.6 fixes these security problems.

   4.16.6 (2022-10-25)

   This is a security release in order to address the following defect:

   o CVE-2022-3437:  There is a limited write heap buffer overflow in the GSSAPI
		     unwrap_des() and unwrap_des3() routines of Heimdal (included
		     in Samba).
		     https://www.samba.org/samba/security/CVE-2022-3437.html

   Changes since 4.16.5
   ---------------------

   o  Joseph Sutton <josephsutton@catalyst.net.nz>
      * BUG 15134: CVE-2022-3437.

Revision 1.153 / (download) - annotate - [select for diffs], Wed Oct 26 10:31:06 2022 UTC (6 weeks, 1 day ago) by wiz
Branch: MAIN
Changes since 1.152: +2 -1 lines
Diff to previous 1.152 (colored)

*: bump PKGREVISION for libunistring shlib major bump

Revision 1.152 / (download) - annotate - [select for diffs], Tue Oct 25 16:15:35 2022 UTC (6 weeks, 1 day ago) by taca
Branch: MAIN
Changes since 1.151: +4 -4 lines
Diff to previous 1.151 (colored)

net/samba4: update to 4.17.2

4.17.2 (2022/10-25)

o CVE-2022-3437:  There is a limited write heap buffer overflow in the GSSAPI
                  unwrap_des() and unwrap_des3() routines of Heimdal (included
                  in Samba).
                  https://www.samba.org/samba/security/CVE-2022-3437.html

o CVE-2022-3592:  A malicious client can use a symlink to escape the exported
                  directory.
                  https://www.samba.org/samba/security/CVE-2022-3592.html

Changes since 4.17.1
--------------------

o  Volker Lendecke <vl@samba.org>
   * BUG 15207: CVE-2022-3592.

o  Joseph Sutton <josephsutton@catalyst.net.nz>
   * BUG 15134: CVE-2022-3437.

Revision 1.151 / (download) - annotate - [select for diffs], Tue Oct 25 07:46:11 2022 UTC (6 weeks, 2 days ago) by wiz
Branch: MAIN
Changes since 1.150: +3 -5 lines
Diff to previous 1.150 (colored)

samba: update to 4.17.1.

Changes since 4.17.0
--------------------

o  Jeremy Allison <jra@samba.org>
   * BUG 14611: CVE-2021-20251 [SECURITY] Bad password count not incremented
     atomically.
   * BUG 15174: smbXsrv_connection_shutdown_send result leaked.
   * BUG 15182: Flush on a named stream never completes.
   * BUG 15195: Permission denied calling SMBC_getatr when file not exists.

o  Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
   * BUG 15189: Samba 4.5 sometimes cannot be upgraded to Samba 4.6 or later
     over DRS: WERROR_DS_DRA_MISSING_PARENT due to faulty GET_ANC.
   * BUG 15191: pytest: add file removal helpers for TestCaseInTempDir.

o  Andrew Bartlett <abartlet@samba.org>
   * BUG 14611: CVE-2021-20251 [SECURITY] Bad password count not incremented
     atomically.
   * BUG 15189: Samba 4.5 sometimes cannot be upgraded to Samba 4.6 or later.
     over DRS: WERROR_DS_DRA_MISSING_PARENT due to faulty GET_ANC.

o  Ralph Boehme <slow@samba.org>
   * BUG 15182: Flush on a named stream never completes.

o  Volker Lendecke <vl@samba.org>
   * BUG 15151: vfs_gpfs silently garbles timestamps > year 2106.

o  Gary Lockyer <gary@catalyst.net.nz>
   * BUG 14611: CVE-2021-20251 [SECURITY] Bad password count not incremented
     atomically.

o  Stefan Metzmacher <metze@samba.org>
   * BUG 15200: multi-channel socket passing may hit a race if one of the
     involved processes already existed.
   * BUG 15201: memory leak on temporary of struct imessaging_post_state and
     struct tevent_immediate on struct imessaging_context (in
     rpcd_spoolss and maybe others).

o  Noel Power <noel.power@suse.com>
   * BUG 15205: Since popt1.19 various use after free errors using result of
     poptGetArg are now exposed.

o  Anoop C S <anoopcs@samba.org>
   * BUG 15192: Remove special case for O_CREAT in SMB_VFS_OPENAT from
     vfs_glusterfs.

o  Andreas Schneider <asn@samba.org>
   * BUG 15169: GETPWSID in memory cache grows indefinetly with each NTLM auth.

o  Joseph Sutton <josephsutton@catalyst.net.nz>
   * BUG 14611: CVE-2021-20251 [SECURITY] Bad password count not incremented
     atomically.

                   ==============================
                   Release Notes for Samba 4.17.0
                         September 13, 2022
                   ==============================


This is the first stable release of the Samba 4.17 release series.
Please read the release notes carefully before upgrading.


NEW FEATURES/CHANGES
====================

SMB Server performance improvements
-----------------------------------

The security improvements in recent releases
(4.13, 4.14, 4.15, 4.16), mainly as protection against symlink races,
caused performance regressions for meta data heavy workloads.

With 4.17 the situation improved a lot again:

- Pathnames given by a client are devided into dirname and basename.
  The amount of syscalls to validate dirnames is reduced to 2 syscalls
  (openat, close) per component. On modern Linux kernels (>= 5.6) smbd
  makes use of the openat2() syscall with RESOLVE_NO_SYMLINKS,
  in order to just use 2 syscalls (openat2, close) for the whole dirname.

- Contended path based operations used to generate a lot of unsolicited
  wakeup events causing thundering herd problems, which lead to masive
  latencies for some clients. These events are now avoided in order
  to provide stable latencies and much higher throughput of open/close
  operations.

Configure without the SMB1 Server
---------------------------------

It is now possible to configure Samba without support for
the SMB1 protocol in smbd. This can be selected at configure
time with either of the options:

--with-smb1-server
--without-smb1-server

By default (without either of these options set) Samba
is configured to include SMB1 support (i.e. --with-smb1-server
is the default). When Samba is configured without SMB1 support,
none of the SMB1 code is included inside smbd except the minimal
stub code needed to allow a client to connect as SMB1 and immediately
negotiate the selected protocol into SMB2 (as a Windows server also
allows).

None of the SMB1-only smb.conf parameters are removed when
configured without SMB1, but these parameters are ignored by
the smbd server. This allows deployment without having to change
an existing smb.conf file.

This option allows sites, OEMs and integrators to configure Samba
to remove the old and insecure SMB1 protocol from their products.

Note that the Samba client libraries still support SMB1 connections
even when Samba is configured as --without-smb1-server. This is
to ensure maximum compatibility with environments containing old
SMB1 servers.

Bronze bit and S4U support now also with MIT Kerberos 1.20
----------------------------------------------------------

In 2020 Microsoft Security Response Team received another Kerberos-related
report. Eventually, that led to a security update of the CVE-2020-17049,
Kerberos KDC Security Feature Bypass Vulnerability, also known as a „ŗŌ£ronze
Bit„ŗ With this vulnerability, a compromised service that is configured to use
Kerberos constrained delegation feature could tamper with a service ticket that
is not valid for delegation to force the KDC to accept it.

With the release of MIT Kerberos 1.20, Samba AD DC is able able to mitigate the
„ŗŌ£ronze Bit„ŗattack. MIT Kerberos KDC's KDB (Kerberos Database Driver) API was
changed to allow passing more details between KDC and KDB components. When built
against MIT Kerberos, Samba AD DC supports MIT Kerberos 1.19 and 1.20 versions
but 'Bronze Bit' mitigation is provided only with MIT Kerberos 1.20.

In addition to fixing the „ŗŌ£ronze Bit„ŗissue, Samba AD DC now fully supports
S4U2Self and S4U2Proxy Kerberos extensions.

Note the default (Heimdal-based) KDC was already fixed in 2021,
see https://bugzilla.samba.org/show_bug.cgi?id=14642

Resource Based Constrained Delegation (RBCD) support
----------------------------------------------------

Samba AD DC built with MIT Kerberos 1.20 offers RBCD support now. With MIT
Kerberos 1.20 we have complete RBCD support passing Sambas S4U testsuite.

samba-tool delegation got the 'add-principal' and 'del-principal' subcommands
in order to manage RBCD.

To complete RBCD support and make it useful to Administrators we added the
Asserted Identity [1] SID into the PAC for constrained delegation. This is
available for Samba AD compiled with MIT Kerberos 1.20.

Note the default (Heimdal-based) KDC does not support RBCD yet.

[1] https://docs.microsoft.com/en-us/windows-server/security/kerberos/kerberos-constrained-delegation-overview

Customizable DNS listening port
-------------------------------

It is now possible to set a custom listening port for the builtin DNS service,
making easy to host another DNS on the same system that would bind to the
default port and forward the domain-specific queries to Samba using the custom
port. This is the opposite configuration of setting a forwarder in Samba.

It makes possible to use another DNS server as a front and forward to Samba.

Dynamic DNS updates may not be proxied by the front DNS server when forwarding
to Samba. Dynamic DNS update proxying depends on the features of the other DNS
server used as a front.

CTDB changes
------------

* When Samba is configured with both --with-cluster-support and
  --systemd-install-services then a systemd service file for CTDB will
  be installed.

* ctdbd_wrapper has been removed.  ctdbd is now started directly from
  a systemd service file or init script.

* The syntax for the ctdb.tunables configuration file has been
  relaxed.  However, trailing garbage after the value, including
  comments, is no longer permitted.  Please see ctdb-tunables(7) for
  more details.

Operation without the (unsalted) NT password hash
-------------------------------------------------

When Samba is configured with 'nt hash store = never' then Samba will
no longer store the (unsalted) NT password hash for users in Active
Directory.  (Trust accounts, like computers, domain controllers and
inter-domain trusts are not impacted).

In the next version of Samba the default for 'nt hash store' will
change from 'always' to 'auto', where it will follow (behave as 'nt
hash store = never' when 'ntlm auth = disabled' is set.

Security-focused deployments of Samba that have eliminated NTLM from
their networks will find setting 'ntlm auth = disabled' with 'nt hash
store = always' as a useful way to improve compliance with
best-practice guidance on password storage (which is to always use an
interated hash).

Note that when 'nt hash store = never' is set, then arcfour-hmac-md5
Kerberos keys will not be available for users who subsequently change
their password, as these keys derive their values from NT hashes.  AES
keys are stored by default for all deployments of Samba with Domain
Functional Level 2008 or later, are supported by all modern clients,
and are much more secure.

Finally, also note that password history in Active Directory is stored
in nTPwdHistory using a series of NT hash values.  Therefore the full
password history feature is not available in this mode.

To provide some protection against password re-use previous Kerberos
hash values (the current, old and older values are already stored) are
used, providing a history length of 3.

There is one small limitation of this workaround: Changing the
sAMAccountName, userAccountControl or userPrincipalName of an account
can cause the Kerberos password salt to change.  This means that after
*both* an account rename and a password change, only the current
password will be recognised for password history purposes.

Python API for smbconf
----------------------

Samba's smbconf library provides a generic frontend to various
configuration backends (plain text file, registry) as a C library. A
new Python wrapper, importable as 'samba.smbconf' is available.  An
additional module, 'samba.samba3.smbconf', is also available to enable
registry backend support. These libraries allow Python programs to
read, and optionally write, Samba configuration natively.

JSON support for smbstatus
--------------------------

It is now possible to print detailed information in JSON format in
the smbstatus program using the new option --json. The JSON output
covers all the existing text output including sessions, connections,
open files, byte-range locks, notifies and profile data with all
low-level information maintained by Samba in the respective databases.

Protected Users security group
------------------------------

Samba AD DC now includes support for the Protected Users security
group introduced in Windows Server 2012 R2. The feature reduces the
attack surface of user accounts by preventing the use of weak
encryption types. It also mitigates the effects of credential theft by
limiting credential lifetime and scope.

The protections are intended for user accounts only, and service or
computer accounts should not be added to the Protected Users
group. User accounts added to the group are granted the following
security protections:

   * NTLM authentication is disabled.
   * Kerberos ticket-granting tickets (TGTs) encrypted with RC4 are
     not issued to or accepted from affected principals. Tickets
     encrypted with AES, and service tickets encrypted with RC4, are
     not affected by this restriction.
   * The lifetime of Kerberos TGTs is restricted to a maximum of four
     hours.
   * Kerberos constrained and unconstrained delegation is disabled.

If the Protected Users group is not already present in the domain, it
can be created with 'samba-tool group add'. The new '--special'
parameter must be specified, with 'Protected Users' as the name of the
group. An example command invocation is:

samba-tool group add 'Protected Users' --special

or against a remote server:

samba-tool group add 'Protected Users' --special -H ldap://dc1.example.com -U Administrator

The Protected Users group is identified in the domain by its having a
RID of 525. Thus, it should only be created with samba-tool and the
'--special' parameter, as above, so that it has the required RID
to function correctly.


REMOVED FEATURES
================

LanMan Authentication and password storage removed from the AD DC
-----------------------------------------------------------------

The storage and authentication with LanMan passwords has been entirely
removed from the Samba AD DC, even when "lanman auth = yes" is set.


smb.conf changes
================

  Parameter Name                          Description     Default
  --------------                          -----------     -------
  dns port                                New default     53
  fruit:zero_file_id                      New default     yes
  nt hash store                           New parameter   always
  smb1 unix extensions                    Replaces "unix extensions"
  volume serial number                    New parameter   -1
  winbind debug traceid                   New parameter   no

Revision 1.150 / (download) - annotate - [select for diffs], Mon Sep 12 16:04:57 2022 UTC (2 months, 3 weeks ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2022Q3-base
Branch point for: pkgsrc-2022Q3
Changes since 1.149: +2 -2 lines
Diff to previous 1.149 (colored)

samba4: updated to 4.16.5

Changes since 4.16.4
--------------------
* BUG 15128: Possible use after free of connection_struct when iterating
  smbd_server_connection->connections.
* BUG 15086: Spotlight RPC service returns wrong response when Spotlight is
  disabled on a share.
* BUG 15126: acl_xattr VFS module may unintentionally use filesystem
  permissions instead of ACL from xattr.
* BUG 15153: Missing SMB2-GETINFO access checks from MS-SMB2 3.3.5.20.1.
* BUG 15161: assert failed: !is_named_stream(smb_fname)") at
  ../../lib/util/fault.c:197.
* BUG 15148: Missing READ_LEASE break could cause data corruption.
* BUG 15124: rpcclient can crash using setuserinfo(2).
* BUG 15132: Samba fails to build with glibc 2.36 caused by including
  <sys/mount.h> in libreplace.
* BUG 15152: SMB1 negotiation can fail to handle connection errors.
* BUG 15078: samba-tool domain join segfault when joining a samba ad domain.

Revision 1.149 / (download) - annotate - [select for diffs], Tue Aug 30 17:47:50 2022 UTC (3 months, 1 week ago) by jperkin
Branch: MAIN
Changes since 1.148: +1 -13 lines
Diff to previous 1.148 (colored)

samba4: Various build fixes.

Revision 1.142.4.1 / (download) - annotate - [select for diffs], Sun Aug 28 08:13:40 2022 UTC (3 months, 1 week ago) by spz
Branch: pkgsrc-2022Q2
Changes since 1.142: +2 -3 lines
Diff to previous 1.142 (colored) next main 1.143 (colored)

Pullup tickets #6664 #6669 - requested by taca
net/samba4: security update
databases/ldb: dependency update

Update net/samba4 to 4.15.9 from samba-4.15.6 by patch,
since HEAD is on a later minor.
Update databases/ldb to 2.4.4 from 2.4.2 because samba-4.15.9 requires it.

Revision 1.148 / (download) - annotate - [select for diffs], Tue Aug 9 17:56:09 2022 UTC (3 months, 4 weeks ago) by adam
Branch: MAIN
Changes since 1.147: +14 -13 lines
Diff to previous 1.147 (colored)

samba4: updated to 4.16.4

Release Notes for Samba 4.16.4

This is a security release in order to address the following defects:

o CVE-2022-2031:  Samba AD users can bypass certain restrictions associated with
                  changing passwords.
                  https://www.samba.org/samba/security/CVE-2022-2031.html

o CVE-2022-32744: Samba AD users can forge password change requests for any user.
                  https://www.samba.org/samba/security/CVE-2022-32744.html

o CVE-2022-32745: Samba AD users can crash the server process with an LDAP add
                  or modify request.
                  https://www.samba.org/samba/security/CVE-2022-32745.html

o CVE-2022-32746: Samba AD users can induce a use-after-free in the server
                  process with an LDAP add or modify request.
                  https://www.samba.org/samba/security/CVE-2022-32746.html

o CVE-2022-32742: Server memory information leak via SMB1.
                  https://www.samba.org/samba/security/CVE-2022-32742.html

Revision 1.147 / (download) - annotate - [select for diffs], Fri Jul 29 20:33:38 2022 UTC (4 months, 1 week ago) by jperkin
Branch: MAIN
Changes since 1.146: +12 -2 lines
Diff to previous 1.146 (colored)

samba4: Add support for mit-krb5.

The builtin heimdal no longer builds and it's unclear how it can possibly
work as it uses functions that do not exist anywhere.  Also fix some SunOS
build issues.

I'm not convinced this won't break builds that use heimdal but will keep an
eye out for failures.

Revision 1.146 / (download) - annotate - [select for diffs], Wed Jul 27 08:23:04 2022 UTC (4 months, 1 week ago) by dogcow
Branch: MAIN
Changes since 1.145: +2 -2 lines
Diff to previous 1.145 (colored)

samba4 now requires ldb >= 2.5.1; no nb bump needed because it won't
compile correctly without it

Revision 1.145 / (download) - annotate - [select for diffs], Thu Jul 21 09:35:19 2022 UTC (4 months, 2 weeks ago) by adam
Branch: MAIN
Changes since 1.144: +4 -4 lines
Diff to previous 1.144 (colored)

samba4: updated to 4.16.3

Changes since 4.16.2
--------------------
* BUG 15099: Using vfs_streams_xattr and deleting a file causes a panic.
* BUG 14986: Add support for bind 9.18.
* BUG 15076: logging dsdb audit to specific files does not work.
* BUG 14979: Problem when winbind renews Kerberos.
* BUG 15095: Samba with new lorikeet-heimdal fails to build on gcc 12.1 in
  developer mode.
* BUG 15105: Crash in streams_xattr because fsp->base_fsp->fsp_name is NULL.
* BUG 15118: Crash in rpcd_classic - NULL pointer deference in
  mangle_is_mangled().
* BUG 15100: smbclient commands del & deltree fail with
  NT_STATUS_OBJECT_PATH_NOT_FOUND with DFS.
* BUG 15120: Fix check for chown when processing NFSv4 ACL.
* BUG 15082: The pcap background queue process should not be stopped.
* BUG 15097: testparm: Fix typo in idmap rangesize check.
* BUG 15106: net ads info returns LDAP server and LDAP server name as null.
* BUG 15108: ldconfig: /lib64/libsmbconf.so.0 is not a symbolic link.
* BUG 15090: CTDB child process logging does not work as expected.

Changes since 4.16.1
--------------------
* BUG 15042: Use pathref fd instead of io fd in vfs_default_durable_cookie.
* BUG 15069: vfs_gpfs with vfs_shadowcopy2 fail to restore file if original
  file had been deleted.
* BUG 15087: netgroups support removed.
* BUG 14674: net ads info shows LDAP Server: 0.0.0.0 depending on contacted
  server.
* BUG 15062: Update from 4.15  to 4.16 breaks discovery of [homes] on
  standalone server from Win and IOS.
* BUG 15071: waf produces incorrect names for python extensions with Python
  3.11.
* BUG 15075: smbclient -E doesn't work as advertised.
* BUG 15071: waf produces incorrect names for python extensions with Python
  3.11.
* BUG 15081: The samba background daemon doesn't refresh the printcap cache
  on startup.
* BUG 14443: Out-by-4 error in smbd read reply max_send clamp..

Changes since 4.16.0
--------------------
* BUG 14831: Share and server swapped in smbget password prompt.
* BUG 15022: Durable handles won't reconnect if the leased file is written
  to.
* BUG 15023: rmdir silently fails if directory contains unreadable files and
  hide unreadable is yes.
* BUG 15038: SMB2_CLOSE_FLAGS_FULL_INFORMATION fails to return information on
  renamed file handle.
* BUG 8731: Need to describe --builtin-libraries= better (compare with
 --bundled-libraries).
* BUG 14957: vfs_shadow_copy2 breaks "smbd async dosmode" sync fallback.
* BUG 15035: shadow_copy2 fails listing snapshotted dirs with
  shadow:fixinodes.
* BUG 15046: PAM Kerberos authentication incorrectly fails with a clock skew
  error.
* BUG 15041: Username map - samba erroneously applies unix group memberships
  to user account entries.
* BUG 14951: KVNO off by 100000.
* BUG 15027: Uninitialized litemask in variable in vfs_gpfs module.
* BUG 15055: vfs_gpfs recalls=no option prevents listing files.
* BUG 15054: smbd doesn't handle UPNs for looking up names.

Revision 1.144 / (download) - annotate - [select for diffs], Thu Jun 30 11:18:43 2022 UTC (5 months, 1 week ago) by nia
Branch: MAIN
Changes since 1.143: +2 -2 lines
Diff to previous 1.143 (colored)

*: Revbump packages that use Python at runtime without a PKGNAME prefix

Revision 1.143 / (download) - annotate - [select for diffs], Mon Jun 27 20:59:40 2022 UTC (5 months, 1 week ago) by rin
Branch: MAIN
Changes since 1.142: +2 -2 lines
Diff to previous 1.142 (colored)

net/samba{,4}: Restrict ``disabling PIE hack'' for NetBSD/powerpc
prior to 9.0.

ld.elf_so(1) for 9.0 and later support R_PPC_ADDR16_HA (== 6) and
friends:

http://cvsweb.netbsd.org/bsdweb.cgi/src/libexec/ld.elf_so/arch/powerpc/ppc_reloc.c#rev1.58.2.1

Bump revision.

Close PR pkg/38961.

Revision 1.142 / (download) - annotate - [select for diffs], Thu Mar 24 10:16:13 2022 UTC (8 months, 2 weeks ago) by hauke
Branch: MAIN
CVS Tags: pkgsrc-2022Q2-base, pkgsrc-2022Q1-base, pkgsrc-2022Q1
Branch point for: pkgsrc-2022Q2
Changes since 1.141: +3 -1 lines
Diff to previous 1.141 (colored)

Restore a SYSCONFDIR path substitution that had gone lost, probably as
a result of running mkpatches after 'make configure'.

Revision 1.141 / (download) - annotate - [select for diffs], Sun Mar 20 21:53:53 2022 UTC (8 months, 2 weeks ago) by adam
Branch: MAIN
Changes since 1.140: +2 -9 lines
Diff to previous 1.140 (colored)

samba4: updated to 4.15.6

Changes since 4.15.5
--------------------
* BUG 14169: Renaming file on DFS root fails with
  NT_STATUS_OBJECT_PATH_NOT_FOUND.
* BUG 14737: Samba does not response STATUS_INVALID_PARAMETER when opening 2
  objects with same lease key.
* BUG 14938: NT error code is not set when overwriting a file during rename
  in libsmbclient.
* BUG 14996: Fix ldap simple bind with TLS auditing.
* BUG 14674: net ads info shows LDAP Server: 0.0.0.0 depending on contacted
  server.
* BUG 14979: Problem when winbind renews Kerberos.
* BUG 8691: pam_winbind will not allow gdm login if password about to expire.
* BUG 14971: virusfilter_vfs_openat: Not scanned: Directory or special file.
* BUG 13631: DFS fix for AIX broken.
* BUG 14974: Solaris and AIX acl modules: wrong function arguments.
* BUG 7239: Function aixacl_sys_acl_get_file not declared / coredump.
* BUG 14900: Regression: Samba 4.15.2 on macOS segfaults intermittently
  during strcpy in tdbsam_getsampwnam.
* BUG 14989: Fix a use-after-free in SMB1 server.
* BUG 14968: smb2_signing_decrypt_pdu() may not decrypt with
  gnutls_aead_cipher_decrypt() from gnutls before 3.5.2.
* BUG 14984: changing the machine password against an RODC likely destroys
  the domain join.
* BUG 14993: authsam_make_user_info_dc() steals memory from its struct
  ldb_message *msg argument.
* BUG 14995: Use Heimdal 8.0 (pre) rather than an earlier snapshot.
* BUG 14967: Samba autorid fails to map AD users if id rangesize fits in the
  id range only once.

Revision 1.140 / (download) - annotate - [select for diffs], Wed Mar 9 16:36:54 2022 UTC (9 months ago) by nia
Branch: MAIN
Changes since 1.139: +2 -2 lines
Diff to previous 1.139 (colored)

samba4: Add missing dependency on bison

Revision 1.139 / (download) - annotate - [select for diffs], Mon Mar 7 22:45:49 2022 UTC (9 months ago) by thor
Branch: MAIN
Changes since 1.138: +2 -2 lines
Diff to previous 1.138 (colored)

net/samba4: security update to 4.15.5

This is a security release in order to address the following defects:

o CVE-2021-44141: UNIX extensions in SMB1 disclose whether the outside target
                  of a symlink exists.
                  https://www.samba.org/samba/security/CVE-2021-44141.html

o CVE-2021-44142: Out-of-Bound Read/Write on Samba vfs_fruit module.
                  https://www.samba.org/samba/security/CVE-2021-44142.html

o CVE-2022-0336:  Re-adding an SPN skips subsequent SPN conflict checks.
                  https://www.samba.org/samba/security/CVE-2022-0336.html

Revision 1.138 / (download) - annotate - [select for diffs], Mon Mar 7 21:40:37 2022 UTC (9 months ago) by thor
Branch: MAIN
Changes since 1.137: +3 -6 lines
Diff to previous 1.137 (colored)

net/samba4: version 4.15.4

This includes a patch (already posted upstream) to fix updated Samba on
NetBSD's /proc, so the upgrade is not blocked anymore.

Release notes for 4.15:

EW FEATURES/CHANGES
====================

VFS
---

The effort to modernize Samba's VFS interface is complete and Samba 4.15.0 ships
with a modernized VFS designed for the post SMB1 world.

For details please refer to the documentation at source3/modules/The_New_VFS.txt
or visit the <https://wiki.samba.org/index.php/The_New_VFS>.


Bind DLZ: add the ability to set allow/deny lists for zone transfer clients
---------------------------------------------------------------------------

Up to now, any client could use a DNS zone transfer request to the
bind server, and get an answer from Samba. Now the default behaviour
will be to deny those request. Two new options have been added to
manage the list of authorized/denied clients for zone transfer
requests. In order to be accepted, the request must be issued by a
client that is in the allow list and NOT in the deny list.


"server multi channel support" no longer experimental
-----------------------------------------------------

This option is enabled by default starting with 4.15 (on Linux and FreeBSD).
Due to dependencies on kernel APIs of Linux or FreeBSD, it's only possible
to use this feature on Linux and FreeBSD for now.


samba-tool available without the ad-dc
--------------------------------------

The 'samba-tool' command is now available when samba is configured
"--without-ad-dc". Not all features will work, and some ad-dc specific options
have been disabled. The 'samba-tool domain' options, for example, are limited
when no ad-dc is present. Samba must still be built with ads in order to enable
'samba-tool'.


Improved command line user experience
-------------------------------------

Samba utilities did not consistently implement their command line interface. A
number of options were requiring to specify values in one tool and not in the
other, some options meant different in different tools.

These should be stories of the past now. A new command line parser has been
implemented with sanity checking. Also the command line interface has been
simplified and provides better control for encryption, signing and kerberos.

Previously many tools silently ignored unknown options. To prevent unexpected
behaviour all tools will now consistently reject unknown options.

Also several command line options have a smb.conf variable to control the
default now.

All tools are now logging to stderr by default. You can use "--debug-stdout" to
change the behavior. All servers will log to stderr at early startup until logging
is setup to go to a file by default.

### Common parser:

Options added:
--client-protection=off|sign|encrypt

Options renamed:
--kerberos       ->    --use-kerberos=required|desired|off
--krb5-ccache    ->    --use-krb5-ccache=CCACHE
--scope          ->    --netbios-scope=SCOPE
--use-ccache     ->    --use-winbind-ccache

Options removed:
-e|--encrypt
-C removed from --use-winbind-ccache
-i removed from --netbios-scope
-S|--signing


### Duplicates in command line utils

ldbadd/ldbdel/ldbedit/ldbmodify/ldbrename/ldbsearch:
-e is still available as an alias for --editor,
   as it used to be.
-s is no longer reported as an alias for --configfile,
   it never worked that way as it was shadowed by '-s' for '--scope'.

ndrdump:
-l is not available for --load-dso anymore

net:
-l is not available for --long anymore

sharesec:
-V is not available for --viewsddl anymore

smbcquotas:
--user        ->    --quota-user

nmbd:
--log-stdout  ->    --debug-stdout

smbd:
--log-stdout  ->    --debug-stdout

winbindd:
--log-stdout  ->    --debug-stdout


Scanning of trusted domains and enterprise principals
-----------------------------------------------------

As an artifact from the NT4 times, we still scanned the list of trusted domains
on winbindd startup. This is wrong as we never can get a full picture in Active
Directory. It is time to change the default value to "No". Also with this change
we always use enterprise principals for Kerberos so that the DC will be able
to redirect ticket requests to the right DC. This is e.g. needed for one way
trusts. The options `winbind use krb5 enterprise principals` and
`winbind scan trusted domains` will be deprecated in one of the next releases.


Support for Offline Domain Join (ODJ)
-------------------------------------

The net utility is now able to support the offline domain join feature
as known from the Windows djoin.exe command for many years. Samba's
implementation is accessible via the 'net offlinejoin' subcommand. It
can provision computers and request offline joining for both Windows
and Unix machines. It is also possible to provision computers from
Windows (using djoin.exe) and use the generated data in Samba's 'net'
utility. The existing options for the provisioning and joining steps
are documented in the net(8) manpage.


'samba-tool dns zoneoptions' for aging control
----------------------------------------------

The 'samba-tool dns zoneoptions' command can be used to turn aging on
and off, alter the refresh and no-refresh periods, and manipulate the
timestamps of existing records.

To turn aging on for a zone, you can use something like this:

  samba-tool dns zoneoptions --aging=1 --refreshinterval=306600

which turns on aging and ensures no records less than five years old
are aged out and scavenged. After aging has been on for sufficient
time for records to be renewed, the command

  samba-tool dns zoneoptions --refreshinterval=168

will set the refresh period to the standard seven days. Using this two
step process will help prevent the temporary loss of dynamic records
if scavenging happens before their first renewal.


Marking old records as static or dynamic with 'samba-tool'
----------------------------------------------------------

A bug in Samba versions prior to 4.9 meant records that were meant to
be static were marked as dynamic and vice versa. To fix the timestamps
in these domains, it is possible to use the following options,
preferably before turning aging on.

   --mark-old-records-static
   --mark-records-dynamic-regex
   --mark-records-static-regex

The "--mark-old-records-static" option will make records older than the
specified date static (that is, with a zero timestamp). For example,
if you upgraded to Samba 4.9 in November 2018, you could use ensure no
old records will be mistakenly interpreted as dynamic using the
following option:

  samba-tool dns zoneoptions --mark-old-records-static=2018-11-30

Then, if you know that that will have marked some records as static
that should be dynamic, and you know which those are due to your
naming scheme, you can use commands like:

  samba-tool dns zoneoptions --mark-records-dynamic-regex='\w+-desktop'

where '\w+-desktop' is a perl-compatible regular expression that will
match 'bob-desktop', 'alice-desktop', and so on.

These options are deliberately long and cumbersome to type, so people
have a chance to think before they get to the end. You can make a
mess if you get it wrong.

All 'samba-tool dns zoneoptions' modes can be given a "--dry-run/-n"
argument that allows you to inspect the likely results before going
ahead.

NOTE: for aging to work, you need to have "dns zone scavenging = yes"
set in the smb.conf of at least one server.


DNS tombstones are now deleted as appropriate
---------------------------------------------

When all the records for a DNS name have been deleted, the node is put
in a tombstoned state (separate from general AD object tombstoning,
which deleted nodes also go through). These tombstones should be
cleaned up periodically. Due to a conflation of scavenging and
tombstoning, we have only been deleting tombstones when aging is
enabled.

If you have a lot of tombstoned DNS nodes (that is, DNS names for
which you have removed all the records), cleaning up these DNS
tombstones may take a noticeable time.


DNS tombstones use a consistent timestamp format
------------------------------------------------

DNS records use an hours-since-1601 timestamp format except for in the
case of tombstone records where a 100-nanosecond-intervals-since-1601
format is used (this latter format being the most common in Windows).
We had mixed that up, which might have had strange effects in zones
where aging was enabled (and hence tombstone timestamps were used).


samba-tool dns update and RPC changes
-------------------------------------

The dnsserver DCERPC pipe can be used by 'samba-tool' and Windows tools
to manipulate dns records on the remote server. A bug in Samba meant
it was not possible to update an existing DNS record to change the
TTL. The general behaviour of RPC updates is now closer to that of
Windows.

'samba-tool dns update' is now a bit more careful in rejecting and
warning you about malformed IPv4 and IPv6 addresses.

CVE-2021-3671: Crash in Heimdal KDC and updated security release policy
-----------------------------------------------------------------------

An unuthenticated user can crash the AD DC KDC by omitting the server
name in a TGS-REQ.  Per Samba's updated security process a specific
security release was not made for this issue as it is a recoverable
Denial Of Service.

See https://wiki.samba.org/index.php/Samba_Security_Proces

samba-tool domain backup offline with the LMDB backend
------------------------------------------------------

samba-tool domain backup offline, when operating with the LMDB backend
now correctly takes out locks against concurrent modification of the
database during the backup.  If you use this tool on a Samba AD DC
using LMDB, you should upgrade to this release for safer backups.

REMOVED FEATURES
================

Tru64 ACL support has been removed from this release. The last
supported release of Tru64 UNIX was in 2012.

NIS support has been removed from this release. This is not
available in Linux distributions anymore.

The DLZ DNS plugin is no longer built for Bind versions 9.8 and 9.9,
which have been out of support since 2018.


smb.conf changes
================

  Parameter Name                          Description     Default
  --------------                          -----------     -------
  client use kerberos                     New             desired
  client max protocol                     Values Removed
  client min protocol                     Values Removed
  client protection                       New             default
  client smb3 signing algorithms          New             see man smb.conf
  client smb3 encryption algorithms       New             see man smb.conf
  preopen:posix-basic-regex               New             No
  preopen:nomatch_log_level               New             5
  preopen:match_log_level                 New             5
  preopen:nodigits_log_level              New             1
  preopen:founddigits_log_level           New             3
  preopen:reset_log_level                 New             5
  preopen:push_log_level                  New             3
  preopen:queue_log_level                 New             10
  server max protocol                     Values Removed
  server min protocol                     Values Removed
  server multi channel support            Changed         Yes (on Linux and FreeBSD)
  server smb3 signing algorithms          New             see man smb.conf
  server smb3 encryption algorithms       New             see man smb.conf
  winbind use krb5 enterprise principals  Changed         Yes
  winbind scan trusted domains            Changed         No


Release notes for 4.14:

NEW FEATURES/CHANGES
====================

Here is a copy of a clarification note added to the Samba code
in the file: VFS-License-clarification.txt.
--------------------------------------------------------------

A clarification of our GNU GPL License enforcement boundary within the Samba
Virtual File System (VFS) layer.

Samba is licensed under the GNU GPL. All code committed to the Samba
project or that creates a "modified version" or software "based on" Samba must
be either licensed under the GNU GPL or a compatible license.

Samba has several plug-in interfaces where external code may be called
from Samba GNU GPL licensed code. The most important of these is the
Samba VFS layer.

Samba VFS modules are intimately connected by header files and API
definitions to the part of the Samba code that provides file services,
and as such, code that implements a plug-in Samba VFS module must be
licensed under the GNU GPL or a compatible license.

However, Samba VFS modules may themselves call third-party external
libraries that are not part of the Samba project and are externally
developed and maintained.

As long as these third-party external libraries do not use any of the
Samba internal structure, APIs or interface definitions created by the
Samba project (to the extent that they would be considered subject to the GNU
GPL), then the Samba Team will not consider such third-party external
libraries called from Samba VFS modules as "based on" and/or creating a
"modified version" of the Samba code for the purposes of GNU GPL.
Accordingly, we do not require such libraries be licensed under the GNU GPL
or a GNU GPL compatible license.

VFS
---

The effort to modernize Samba's VFS interface has reached a major milestone with
the next release Samba 4.14.

For details please refer to the documentation at source3/modules/The_New_VFS.txt or
visit the <https://wiki.samba.org/index.php/The_New_VFS>.

Printing
--------

Publishing printers in AD is more reliable and more printer features are
added to the published information in AD. Samba now also supports Windows
drivers for the ARM64 architecture.

Client Group Policy
-------------------
This release extends Samba to support Group Policy functionality for Winbind
clients. Active Directory Administrators can set policies that apply Sudoers
configuration, and cron jobs to run hourly, daily, weekly or monthly.

To enable the application of Group Policies on a client, set the global
smb.conf option 'apply group policies' to 'yes'. Policies are applied on an
interval of every 90 minutes, plus a random offset between 0 and 30 minutes.

Policies applied by Samba are 'non-tattooing', meaning that changes can be
reverted by executing the `samba-gpupdate --unapply` command. Policies can be
re-applied using the `samba-gpupdate --force` command.
To view what policies have been or will be applied to a system, use the
`samba-gpupdate --rsop` command.

Administration of Samba policy requires that a Samba ADMX template be uploaded
to the SYSVOL share. The samba-tool command `samba-tool gpo admxload` is
provided as a convenient method for adding this policy. Once uploaded, policies
can be modified in the Group Policy Management Editor under Computer
Configuration/Policies/Administrative Templates. Alternatively, Samba policy
may be managed using the `samba-tool gpo manage` command. This tool does not
require the admx templates to be installed.

Python 3.6 or later required

Revision 1.134.2.2 / (download) - annotate - [select for diffs], Sun Feb 6 19:11:23 2022 UTC (10 months ago) by bsiegert
Branch: pkgsrc-2021Q4
Changes since 1.134.2.1: +4 -2 lines
Diff to previous 1.134.2.1 (colored) to branchpoint 1.134 (colored) next main 1.135 (colored)

Pullup ticket #6577 - requested by taca
net/samba4: security fix

Revisions pulled up:
- net/samba4/Makefile                                           1.136-1.137
- net/samba4/distinfo                                           1.72

---
   Module Name:	pkgsrc
   Committed By:	gdt
   Date:		Tue Jan 25 19:25:01 UTC 2022

   Modified Files:
   	pkgsrc/net/samba4: Makefile

   Log Message:
   net/samba4: Add upstream bug report URL

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Mon Jan 31 13:45:12 UTC 2022

   Modified Files:
   	pkgsrc/net/samba4: Makefile distinfo

   Log Message:
   net/samba4: udpate to 4.13.17

                      ===============================
                      Release Notes for Samba 4.13.17
                             January 31, 2022
                      ===============================

   This is a security release in order to address the following defects:

   o CVE-2021-44142: Out-of-Bound Read/Write on Samba vfs_fruit module.
                     https://www.samba.org/samba/security/CVE-2021-44142.html

   o CVE-2022-0336:  Re-adding an SPN skips subsequent SPN conflict checks.
                     https://www.samba.org/samba/security/CVE-2022-0336.html

   Changes since 4.13.16
   ---------------------

   o  Ralph Boehme <slow@samba.org>
      * BUG 14914: CVE-2021-44142

   o  Joseph Sutton <josephsutton@catalyst.net.nz>
      * BUG 14950: CVE-2022-0336

Revision 1.137 / (download) - annotate - [select for diffs], Mon Jan 31 13:45:12 2022 UTC (10 months ago) by taca
Branch: MAIN
Changes since 1.136: +2 -2 lines
Diff to previous 1.136 (colored)

net/samba4: udpate to 4.13.17

                   ===============================
                   Release Notes for Samba 4.13.17
                          January 31, 2022
                   ===============================


This is a security release in order to address the following defects:

o CVE-2021-44142: Out-of-Bound Read/Write on Samba vfs_fruit module.
                  https://www.samba.org/samba/security/CVE-2021-44142.html

o CVE-2022-0336:  Re-adding an SPN skips subsequent SPN conflict checks.
                  https://www.samba.org/samba/security/CVE-2022-0336.html


Changes since 4.13.16
---------------------

o  Ralph Boehme <slow@samba.org>
   * BUG 14914: CVE-2021-44142

o  Joseph Sutton <josephsutton@catalyst.net.nz>
   * BUG 14950: CVE-2022-0336

Revision 1.136 / (download) - annotate - [select for diffs], Tue Jan 25 19:25:01 2022 UTC (10 months, 1 week ago) by gdt
Branch: MAIN
Changes since 1.135: +3 -1 lines
Diff to previous 1.135 (colored)

net/samba4: Add upstream bug report URL

Revision 1.134.2.1 / (download) - annotate - [select for diffs], Fri Jan 21 15:49:25 2022 UTC (10 months, 2 weeks ago) by bsiegert
Branch: pkgsrc-2021Q4
Changes since 1.134: +2 -2 lines
Diff to previous 1.134 (colored)

Pullup ticket #6572 - requested by taca
net/samba4: security fix

Revisions pulled up:
- net/samba4/Makefile                                           1.135
- net/samba4/distinfo                                           1.71

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Mon Jan 10 14:11:16 UTC 2022

   Modified Files:
   	pkgsrc/net/samba4: Makefile distinfo

   Log Message:
   net/samba4: update to 4.13.16

                      ===============================
                      Release Notes for Samba 4.13.16
                             January 10, 2022
                      ===============================

   This is a security release in order to address the following defects:

   o CVE-2021-43566:  mkdir race condition allows share escape in Samba 4.x.
                      https://www.samba.org/samba/security/CVE-2021-43566.html

   =======
   Details
   =======

   o  CVE-2021-43566:
      All versions of Samba prior to 4.13.16 are vulnerable to a malicious
      client using an SMB1 or NFS symlink race to allow a directory to be
      created in an area of the server file system not exported under the
      share definition. Note that SMB1 has to be enabled, or the share
      also available via NFS in order for this attack to succeed.

      Clients that have write access to the exported part of the file system
      under a share via SMB1 unix extensions or NFS can create symlinks that
      can race the server by renaming an existing path and then replacing it
      with a symlink. If the client wins the race it can cause the server to
      create a directory under the new symlink target after the exported
      share path check has been done. This new symlink target can point to
      anywhere on the server file system. The authenticated user must have
      permissions to create a directory under the target directory of the
      symlink.

      This is a difficult race to win, but theoretically possible. Note that
      the proof of concept code supplied wins the race only when the server
      is slowed down and put under heavy load. Exploitation of this bug has
      not been seen in the wild.

   Changes since 4.13.15
   ---------------------

   o  Jeremy Allison <jra@samba.org>
      * BUG 13979: CVE-2021-43566: mkdir race condition allows share escape in Samba 4.x

Revision 1.135 / (download) - annotate - [select for diffs], Mon Jan 10 14:11:16 2022 UTC (10 months, 3 weeks ago) by taca
Branch: MAIN
Changes since 1.134: +2 -2 lines
Diff to previous 1.134 (colored)

net/samba4: update to 4.13.16

                   ===============================
                   Release Notes for Samba 4.13.16
                          January 10, 2022
                   ===============================


This is a security release in order to address the following defects:

o CVE-2021-43566:  mkdir race condition allows share escape in Samba 4.x.
                   https://www.samba.org/samba/security/CVE-2021-43566.html


=======
Details
=======

o  CVE-2021-43566:
   All versions of Samba prior to 4.13.16 are vulnerable to a malicious
   client using an SMB1 or NFS symlink race to allow a directory to be
   created in an area of the server file system not exported under the
   share definition. Note that SMB1 has to be enabled, or the share
   also available via NFS in order for this attack to succeed.

   Clients that have write access to the exported part of the file system
   under a share via SMB1 unix extensions or NFS can create symlinks that
   can race the server by renaming an existing path and then replacing it
   with a symlink. If the client wins the race it can cause the server to
   create a directory under the new symlink target after the exported
   share path check has been done. This new symlink target can point to
   anywhere on the server file system. The authenticated user must have
   permissions to create a directory under the target directory of the
   symlink.

   This is a difficult race to win, but theoretically possible. Note that
   the proof of concept code supplied wins the race only when the server
   is slowed down and put under heavy load. Exploitation of this bug has
   not been seen in the wild.


Changes since 4.13.15
---------------------

o  Jeremy Allison <jra@samba.org>
   * BUG 13979: CVE-2021-43566: mkdir race condition allows share escape in Samba 4.x

Revision 1.134 / (download) - annotate - [select for diffs], Sat Dec 25 03:36:01 2021 UTC (11 months, 1 week ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2021Q4-base
Branch point for: pkgsrc-2021Q4
Changes since 1.133: +3 -3 lines
Diff to previous 1.133 (colored)

net/samba4: update to 4.13.15

This release contain security fixes.


                   ===============================
                   Release Notes for Samba 4.13.15
                          December 15, 2021
                   ===============================


This is the latest stable release of the Samba 4.13 release series.

Important Notes
===============

There have been a few regressions in the security release 4.13.14:

o CVE-2020-25717: A user on the domain can become root on domain members.
                  https://www.samba.org/samba/security/CVE-2020-25717.html
                  PLEASE [RE-]READ!
                  The instructions have been updated and some workarounds
                  initially adviced for 4.13.14 are no longer required and
                  should be reverted in most cases.

o BUG-14902: User with multiple spaces (eg Fred<space><space>Nurk) become
             un-deletable. While this release should fix this bug, it is
             adviced to have a look at the bug report for more detailed
             information, see https://bugzilla.samba.org/show_bug.cgi?id=14902.

Changes since 4.13.14
---------------------

o  Andrew Bartlett <abartlet@samba.org>
   * BUG 14656: Spaces incorrectly collapsed in ldb attributes.
   * BUG 14901: The CVE-2020-25717 username map [script] advice has undesired
     side effects for the local nt token.
   * BUG 14902: User with multiple spaces (eg Fred<space><space>Nurk) become un-
     deletable.

o  Ralph Boehme <slow@samba.org>
   * BUG 14922: Kerberos authentication on standalone server in MIT realm
     broken.

o  Alexander Bokovoy <ab@samba.org>
   * BUG 14903: Support for ROLE_IPA_DC is incomplete.

o  Stefan Metzmacher <metze@samba.org>
   * BUG 14899: winbindd doesn't start when "allow trusted domains" is off.
   * BUG 14901: The CVE-2020-25717 username map [script] advice has undesired
     side effects for the local nt token.

o  Joseph Sutton <josephsutton@catalyst.net.nz>
   * BUG 14901: The CVE-2020-25717 username map [script] advice has undesired
     side effects for the local nt token.

Revision 1.133 / (download) - annotate - [select for diffs], Wed Dec 8 16:02:30 2021 UTC (11 months, 4 weeks ago) by adam
Branch: MAIN
Changes since 1.132: +2 -1 lines
Diff to previous 1.132 (colored)

revbump for icu and libffi

Revision 1.129.2.1 / (download) - annotate - [select for diffs], Wed Nov 24 12:45:47 2021 UTC (12 months, 2 weeks ago) by tm
Branch: pkgsrc-2021Q3
Changes since 1.129: +4 -4 lines
Diff to previous 1.129 (colored) next main 1.130 (colored)

Pullup ticket #6537 - requested by taca
net/samba4: security fix

Revisions pulled up:
- net/samba4/Makefile                                           1.130-1.132
- net/samba4/PLIST                                              1.39-1.40
- net/samba4/distinfo                                           1.67,1.69

---
   Module Name:	pkgsrc
   Committed By:	adam
   Date:		Wed Sep 29 19:01:31 UTC 2021

   Modified Files:
   	pkgsrc/archivers/ark: Makefile
   	pkgsrc/archivers/innoextract: Makefile
   	pkgsrc/archivers/libcomprex: Makefile buildlink3.mk
   	pkgsrc/archivers/libzip: Makefile buildlink3.mk
   	pkgsrc/archivers/php-pecl-zip: Makefile
   	pkgsrc/archivers/php-zip: Makefile
   	pkgsrc/audio/ardour: Makefile
   	pkgsrc/audio/ario: Makefile
   	pkgsrc/audio/audacious-plugins: Makefile
   	pkgsrc/audio/bmp-scrobbler: Makefile
   	pkgsrc/audio/cmusfm: Makefile
   	pkgsrc/audio/csound6: Makefile
   	pkgsrc/audio/din: Makefile
   	pkgsrc/audio/flactag: Makefile
   	pkgsrc/audio/forked-daapd: Makefile
   	pkgsrc/audio/gbemol: Makefile
   	pkgsrc/audio/glyr: Makefile buildlink3.mk
   	pkgsrc/audio/grip: Makefile
   	pkgsrc/audio/herrie: Makefile
   	pkgsrc/audio/hydrogen: Makefile
   	pkgsrc/audio/icecast: Makefile
   	pkgsrc/audio/jack-rack: Makefile
   	pkgsrc/audio/libmusicbrainz: Makefile buildlink3.mk
   	pkgsrc/audio/libmusicbrainz5: Makefile buildlink3.mk
   	pkgsrc/audio/libofa: Makefile
   	pkgsrc/audio/mad123: Makefile
   	pkgsrc/audio/moc: Makefile
   	pkgsrc/audio/mp3diags: Makefile
   	pkgsrc/audio/mpdas: Makefile
   	pkgsrc/audio/musicpd: Makefile
   	pkgsrc/audio/ncmpcpp: Makefile
   	pkgsrc/audio/pianobar: Makefile
   	pkgsrc/audio/pragha: Makefile
   	pkgsrc/audio/qmmp: Makefile
   	pkgsrc/audio/sound-juicer: Makefile
   	pkgsrc/audio/strawberry: Makefile
   	pkgsrc/audio/streamtuner: Makefile buildlink3.mk
   	pkgsrc/audio/terminatorx: Makefile
   	pkgsrc/audio/tremor-tools: Makefile
   	pkgsrc/audio/vimpc: Makefile
   	pkgsrc/audio/vorbis-tools: Makefile
   	pkgsrc/biology/canu: Makefile
   	pkgsrc/biology/coordgenlibs: Makefile buildlink3.mk
   	pkgsrc/biology/htslib: Makefile
   	pkgsrc/biology/maeparser: Makefile buildlink3.mk
   	pkgsrc/biology/ncbi-blast+: Makefile
   	pkgsrc/biology/openbabel: Makefile
   	pkgsrc/cad/kicad: Makefile
   	pkgsrc/cad/librecad: Makefile
   	pkgsrc/cad/openscad: Makefile
   	pkgsrc/chat/anope: Makefile
   	pkgsrc/chat/bitlbee: Makefile
   	pkgsrc/chat/centerim: Makefile
   	pkgsrc/chat/ctrlproxy: Makefile
   	pkgsrc/chat/ekg: Makefile
   	pkgsrc/chat/farstream: Makefile
   	pkgsrc/chat/gloox: Makefile
   	pkgsrc/chat/ircd-hybrid: Makefile
   	pkgsrc/chat/konversation: Makefile
   	pkgsrc/chat/ktp-accounts-kcm: Makefile
   	pkgsrc/chat/ktp-approver: Makefile
   	pkgsrc/chat/ktp-auth-handler: Makefile
   	pkgsrc/chat/ktp-common-internals: Makefile buildlink3.mk
   	pkgsrc/chat/ktp-contact-list: Makefile
   	pkgsrc/chat/ktp-contact-runner: Makefile
   	pkgsrc/chat/ktp-desktop-applets: Makefile
   	pkgsrc/chat/ktp-filetransfer-handler: Makefile
   	pkgsrc/chat/ktp-kded-integration-module: Makefile
   	pkgsrc/chat/ktp-send-file: Makefile
   	pkgsrc/chat/ktp-text-ui: Makefile
   	pkgsrc/chat/libgadu: Makefile buildlink3.mk
   	pkgsrc/chat/libpurple: Makefile
   	pkgsrc/chat/mumble: Makefile
   	pkgsrc/chat/profanity: Makefile
   	pkgsrc/chat/scrollz: Makefile
   	pkgsrc/chat/spectrum: Makefile
   	pkgsrc/chat/swift: Makefile
   	pkgsrc/chat/telepathy-gabble: Makefile
   	pkgsrc/chat/unrealircd: Makefile
   	pkgsrc/chat/weechat: Makefile
   	pkgsrc/chat/znc: Makefile
   	pkgsrc/comms/asterisk13: Makefile
   	pkgsrc/comms/asterisk16: Makefile
   	pkgsrc/comms/asterisk18: Makefile
   	pkgsrc/comms/gammu: Makefile
   	pkgsrc/converters/libabw: Makefile buildlink3.mk
   	pkgsrc/converters/libcdr: Makefile buildlink3.mk
   	pkgsrc/converters/libe-book: Makefile buildlink3.mk
   	pkgsrc/converters/libepubgen: Makefile buildlink3.mk
   	pkgsrc/converters/libetonyek: Makefile buildlink3.mk
   	pkgsrc/converters/libfreehand: Makefile buildlink3.mk
   	pkgsrc/converters/libmspub: Makefile buildlink3.mk
   	pkgsrc/converters/libmwaw: Makefile buildlink3.mk
   	pkgsrc/converters/libpagemaker: Makefile buildlink3.mk
   	pkgsrc/converters/libqxp: Makefile buildlink3.mk
   	pkgsrc/converters/librevenge: Makefile buildlink3.mk
   	pkgsrc/converters/libstaroffice: Makefile
   	pkgsrc/converters/libvisio: Makefile buildlink3.mk
   	pkgsrc/converters/libwpd: Makefile buildlink3.mk
   	pkgsrc/converters/libwpg: Makefile buildlink3.mk
   	pkgsrc/converters/libwps: Makefile buildlink3.mk
   	pkgsrc/converters/libzmf: Makefile
   	pkgsrc/converters/orcus: Makefile
   	pkgsrc/converters/rss2html: Makefile
   	pkgsrc/databases/couchdb: Makefile
   	pkgsrc/databases/freetds: Makefile buildlink3.mk
   	pkgsrc/databases/libcassandra: Makefile
   	pkgsrc/databases/mariadb104-client: Makefile
   	pkgsrc/databases/mariadb104-server: Makefile
   	pkgsrc/databases/mariadb105-client: Makefile
   	pkgsrc/databases/mariadb105-server: Makefile
   	pkgsrc/databases/mariadb106-client: Makefile
   	pkgsrc/databases/mariadb106-server: Makefile
   	pkgsrc/databases/mongodb: Makefile
   	pkgsrc/databases/mongodb3: Makefile
   	pkgsrc/databases/mysql-workbench: Makefile
   	pkgsrc/databases/mysql57-client: Makefile
   	pkgsrc/databases/mysql57-server: Makefile
   	pkgsrc/databases/p5-DBD-Sybase: Makefile
   	pkgsrc/databases/p5-sqlrelay: Makefile
   	pkgsrc/databases/p5-sybperl: Makefile
   	pkgsrc/databases/php-mssql: Makefile
   	pkgsrc/databases/php-pdo_dblib: Makefile
   	pkgsrc/databases/php-sqlrelay: Makefile
   	pkgsrc/databases/postgresql-postgis2: Makefile
   	pkgsrc/databases/py-mssql: Makefile
   	pkgsrc/databases/py-sqlrelay: Makefile
   	pkgsrc/databases/py-sybase: Makefile
   	pkgsrc/databases/qore-freetds-module: Makefile
   	pkgsrc/databases/ruby-sqlrelay: Makefile
   	pkgsrc/databases/ruby-tiny_tds: Makefile
   	pkgsrc/databases/soci: Makefile
   	pkgsrc/databases/sqlrelay: Makefile buildlink3.mk
   	pkgsrc/databases/sqlrelay-freetds: Makefile
   	pkgsrc/databases/sqlrelay-mysql: Makefile
   	pkgsrc/databases/sqlrelay-nodejs: Makefile
   	pkgsrc/databases/sqlrelay-odbc: Makefile
   	pkgsrc/databases/sqlrelay-pgsql: Makefile
   	pkgsrc/databases/sqlrelay-sqlite: Makefile
   	pkgsrc/databases/sqsh: Makefile
   	pkgsrc/databases/virtuoso: Makefile
   	pkgsrc/devel/aegis: Makefile
   	pkgsrc/devel/cfitsio: Makefile
   	pkgsrc/devel/cmake: Makefile
   	pkgsrc/devel/cmake-gui: Makefile
   	pkgsrc/devel/darcs: Makefile
   	pkgsrc/devel/ecore: Makefile buildlink3.mk
   	pkgsrc/devel/eio: Makefile buildlink3.mk
   	pkgsrc/devel/exempi: Makefile
   	pkgsrc/devel/fifengine: Makefile
   	pkgsrc/devel/gearmand: Makefile buildlink3.mk
   	pkgsrc/devel/git-base: Makefile
   	pkgsrc/devel/gnustep-base: Makefile
   	pkgsrc/devel/kdesdk-kioslaves: Makefile
   	pkgsrc/devel/kdesdk-strigi-analyzers: Makefile
   	pkgsrc/devel/kdesdk-thumbnailers: Makefile
   	pkgsrc/devel/kdevelop4: Makefile
   	pkgsrc/devel/kdevplatform: Makefile
   	pkgsrc/devel/kio-extras: Makefile
   	pkgsrc/devel/libcutl: Makefile
   	pkgsrc/devel/libftdi1: Makefile
   	pkgsrc/devel/libgit2: Makefile
   	pkgsrc/devel/libkgapi: Makefile
   	pkgsrc/devel/librelp: Makefile buildlink3.mk
   	pkgsrc/devel/libthrift: Makefile
   	pkgsrc/devel/libxenserver: Makefile buildlink3.mk
   	pkgsrc/devel/mad-flute: Makefile
   	pkgsrc/devel/mdds: Makefile
   	pkgsrc/devel/mdds1.2: Makefile
   	pkgsrc/devel/netcdf: Makefile buildlink3.mk
   	pkgsrc/devel/netcdf-cxx: Makefile buildlink3.mk
   	pkgsrc/devel/netcdf-fortran: Makefile buildlink3.mk
   	pkgsrc/devel/okteta: Makefile
   	pkgsrc/devel/php-gearman: Makefile
   	pkgsrc/devel/radare2: Makefile buildlink3.mk
   	pkgsrc/devel/radare2-cutter: Makefile
   	pkgsrc/devel/rudiments: Makefile buildlink3.mk
   	pkgsrc/devel/sdcc3: Makefile
   	pkgsrc/devel/ucommon: Makefile buildlink3.mk
   	pkgsrc/devel/vera++: Makefile
   	pkgsrc/editors/Sigil: Makefile
   	pkgsrc/editors/TeXmacs: Makefile
   	pkgsrc/editors/abiword: Makefile buildlink3.mk
   	pkgsrc/editors/abiword-plugins: Makefile
   	pkgsrc/editors/codelite: Makefile
   	pkgsrc/editors/emacs25: Makefile
   	pkgsrc/editors/emacs26: Makefile
   	pkgsrc/editors/emacs27: Makefile
   	pkgsrc/editors/gobby: Makefile
   	pkgsrc/editors/lyx: Makefile
   	pkgsrc/editors/obby: Makefile buildlink3.mk
   	pkgsrc/editors/poedit: Makefile
   	pkgsrc/editors/xournalpp: Makefile
   	pkgsrc/emulators/cannonball: Makefile
   	pkgsrc/emulators/ckmame: Makefile
   	pkgsrc/emulators/dolphin-emu: Makefile
   	pkgsrc/emulators/emulationstation: Makefile
   	pkgsrc/emulators/libretro-dolphin: Makefile
   	pkgsrc/emulators/mgba: Makefile
   	pkgsrc/emulators/qemu: Makefile
   	pkgsrc/emulators/wine: Makefile
   	pkgsrc/filesystems/cloudfuse: Makefile
   	pkgsrc/filesystems/fuse-curlftpfs: Makefile
   	pkgsrc/filesystems/fuse-wdfs: Makefile
   	pkgsrc/finance/QuantLib: Makefile
   	pkgsrc/finance/bitcoin: Makefile
   	pkgsrc/finance/cpuminer: Makefile
   	pkgsrc/finance/gnucash: Makefile
   	pkgsrc/finance/ledger: Makefile
   	pkgsrc/finance/libofx: Makefile
   	pkgsrc/fonts/ghostscript-cidfonts-ryumin: Makefile
   	pkgsrc/games/7kaa: Makefile
   	pkgsrc/games/amor: Makefile
   	pkgsrc/games/asc: Makefile
   	pkgsrc/games/assaultcube: Makefile
   	pkgsrc/games/bastet: Makefile
   	pkgsrc/games/bzflag: Makefile
   	pkgsrc/games/criticalmass: Makefile
   	pkgsrc/games/crossfire-client: Makefile
   	pkgsrc/games/crossfire-server: Makefile
   	pkgsrc/games/dhewm3: Makefile
   	pkgsrc/games/dopewars: Makefile
   	pkgsrc/games/enigma: Makefile
   	pkgsrc/games/etlegacy: Makefile
   	pkgsrc/games/etlegacy-server: Makefile
   	pkgsrc/games/flightgear: Makefile
   	pkgsrc/games/freeciv-client: Makefile
   	pkgsrc/games/freeciv-server: Makefile
   	pkgsrc/games/freeciv-share: Makefile
   	pkgsrc/games/ggz-client-libs: Makefile buildlink3.mk
   	pkgsrc/games/holtz: Makefile
   	pkgsrc/games/ioquake3: Makefile
   	pkgsrc/games/iortcw: Makefile
   	pkgsrc/games/klavaro: Makefile
   	pkgsrc/games/lgogdownloader: Makefile
   	pkgsrc/games/libggz: Makefile buildlink3.mk
   	pkgsrc/games/manaplus: Makefile
   	pkgsrc/games/megaglest: Makefile
   	pkgsrc/games/minetest: Makefile
   	pkgsrc/games/naev: Makefile
   	pkgsrc/games/openmw: Makefile
   	pkgsrc/games/openrct2: Makefile
   	pkgsrc/games/pingus: Makefile
   	pkgsrc/games/powder-toy: Makefile
   	pkgsrc/games/quakeforge: Makefile
   	pkgsrc/games/scummvm: Makefile
   	pkgsrc/games/scummvm-tools: Makefile
   	pkgsrc/games/simgear: Makefile buildlink3.mk
   	pkgsrc/games/supertux: Makefile
   	pkgsrc/games/supertuxkart: Makefile
   	pkgsrc/games/taisei: Makefile
   	pkgsrc/games/ufoai: Makefile
   	pkgsrc/games/violetland: Makefile
   	pkgsrc/games/warmux: Makefile
   	pkgsrc/games/warzone2100: Makefile
   	pkgsrc/games/wesnoth: Makefile
   	pkgsrc/games/widelands: Makefile
   	pkgsrc/games/yquake2: Makefile
   	pkgsrc/geography/R-rgdal: Makefile
   	pkgsrc/geography/R-sf: Makefile
   	pkgsrc/geography/gdal-lib: Makefile buildlink3.mk
   	pkgsrc/geography/mapserver: Makefile
   	pkgsrc/geography/merkaartor: Makefile
   	pkgsrc/geography/opencpn: Makefile
   	pkgsrc/geography/osm2pgsql: Makefile
   	pkgsrc/geography/pdal-lib: Makefile buildlink3.mk
   	pkgsrc/geography/py-gdal: Makefile
   	pkgsrc/geography/qgis: Makefile
   	pkgsrc/geography/qlandkartegt: Makefile
   	pkgsrc/geography/qlandkartem: Makefile
   	pkgsrc/geography/viking: Makefile
   	pkgsrc/graphics/GMT: Makefile
   	pkgsrc/graphics/GraphicsMagick: Makefile buildlink3.mk
   	pkgsrc/graphics/ImageMagick: Makefile buildlink3.mk
   	pkgsrc/graphics/ImageMagick6: Makefile buildlink3.mk
   	pkgsrc/graphics/aqsis: Makefile
   	pkgsrc/graphics/autotrace: Makefile
   	pkgsrc/graphics/blender: Makefile
   	pkgsrc/graphics/blender-lts: Makefile
   	pkgsrc/graphics/camlimages: Makefile
   	pkgsrc/graphics/darktable: Makefile
   	pkgsrc/graphics/digikam: Makefile
   	pkgsrc/graphics/drawpile: Makefile
   	pkgsrc/graphics/dx: Makefile
   	pkgsrc/graphics/edje: Makefile buildlink3.mk
   	pkgsrc/graphics/enblend-enfuse: Makefile
   	pkgsrc/graphics/feh: Makefile
   	pkgsrc/graphics/gimmage: Makefile
   	pkgsrc/graphics/gmic: Makefile
   	pkgsrc/graphics/gource: Makefile
   	pkgsrc/graphics/gpick: Makefile
   	pkgsrc/graphics/graphviz: Makefile
   	pkgsrc/graphics/gri: Makefile
   	pkgsrc/graphics/hugin: Makefile
   	pkgsrc/graphics/jp2a: Makefile
   	pkgsrc/graphics/kde-base-artwork: Makefile
   	pkgsrc/graphics/kdegraphics-strigi-analyzer: Makefile
   	pkgsrc/graphics/kgamma: Makefile
   	pkgsrc/graphics/koverartist: Makefile
   	pkgsrc/graphics/kqtquickcharts4: Makefile
   	pkgsrc/graphics/krita: Makefile
   	pkgsrc/graphics/libgltf: Makefile
   	pkgsrc/graphics/libkexiv2-kde4: Makefile
   	pkgsrc/graphics/libsixel: Makefile
   	pkgsrc/graphics/lsix: Makefile
   	pkgsrc/graphics/luminance-hdr: Makefile
   	pkgsrc/graphics/ncview: Makefile
   	pkgsrc/graphics/openimageio: Makefile buildlink3.mk
   	pkgsrc/graphics/osg: Makefile buildlink3.mk
   	pkgsrc/graphics/p5-GraphicsMagick: Makefile
   	pkgsrc/graphics/p5-PerlMagick: Makefile
   	pkgsrc/graphics/pcl: Makefile buildlink3.mk
   	pkgsrc/graphics/pfstools: Makefile
   	pkgsrc/graphics/php-imagick: Makefile
   	pkgsrc/graphics/pstoedit: Makefile
   	pkgsrc/graphics/ruby-RMagick: Makefile
   	pkgsrc/graphics/sane-airscan: Makefile
   	pkgsrc/graphics/shotwell: Makefile
   	pkgsrc/graphics/tango-icon-theme: Makefile
   	pkgsrc/graphics/vtk: Makefile buildlink3.mk
   	pkgsrc/graphics/zbar: Makefile
   	pkgsrc/graphics/zphoto: Makefile
   	pkgsrc/ham/fldigi: Makefile
   	pkgsrc/ham/gnuradio-channels: Makefile
   	pkgsrc/ham/gnuradio-companion: Makefile
   	pkgsrc/ham/gnuradio-core: Makefile
   	pkgsrc/ham/gnuradio-ctrlport: Makefile
   	pkgsrc/ham/gnuradio-digital: Makefile
   	pkgsrc/ham/gnuradio-doxygen: Makefile
   	pkgsrc/ham/gnuradio-dtv: Makefile
   	pkgsrc/ham/gnuradio-fec: Makefile
   	pkgsrc/ham/gnuradio-network: Makefile
   	pkgsrc/ham/gnuradio-qtgui: Makefile
   	pkgsrc/ham/gnuradio-soapy-sdr: Makefile
   	pkgsrc/ham/gnuradio-trellis: Makefile
   	pkgsrc/ham/gnuradio-uhd: Makefile
   	pkgsrc/ham/gnuradio-utils: Makefile
   	pkgsrc/ham/gnuradio-video-sdl: Makefile
   	pkgsrc/ham/gnuradio-vocoder: Makefile
   	pkgsrc/ham/gnuradio-wavelet: Makefile
   	pkgsrc/ham/gnuradio-zeromq: Makefile
   	pkgsrc/ham/gpredict: Makefile
   	pkgsrc/ham/gr-fcdproplus: Makefile
   	pkgsrc/ham/gr-osmosdr: Makefile
   	pkgsrc/ham/trustedQSL: Makefile
   	pkgsrc/ham/uhd: Makefile
   	pkgsrc/inputmethod/fcitx5-chinese-addons: Makefile
   	pkgsrc/inputmethod/fcitx5-mozc: Makefile
   	pkgsrc/inputmethod/fcitx5-table-extra: Makefile
   	pkgsrc/inputmethod/fcitx5-table-other: Makefile
   	pkgsrc/inputmethod/ibus-mozc: Makefile
   	pkgsrc/inputmethod/libime: Makefile
   	pkgsrc/inputmethod/librime: Makefile
   	pkgsrc/inputmethod/mozc-elisp: Makefile
   	pkgsrc/inputmethod/mozc-renderer: Makefile
   	pkgsrc/inputmethod/mozc-server: Makefile
   	pkgsrc/inputmethod/mozc-tool: Makefile
   	pkgsrc/inputmethod/uim-mozc: Makefile
   	pkgsrc/lang/konoha: Makefile
   	pkgsrc/lang/nodejs10: Makefile buildlink3.mk
   	pkgsrc/lang/nodejs12: Makefile buildlink3.mk
   	pkgsrc/lang/openjdk11: Makefile
   	pkgsrc/lang/openjdk8: Makefile
   	pkgsrc/lang/rust: Makefile
   	pkgsrc/mail/akonadi: Makefile
   	pkgsrc/mail/balsa: Makefile
   	pkgsrc/mail/claws-mail: Makefile
   	pkgsrc/mail/claws-mail-archive: Makefile
   	pkgsrc/mail/claws-mail-attachwarner: Makefile
   	pkgsrc/mail/claws-mail-attremover: Makefile
   	pkgsrc/mail/claws-mail-bogofilter: Makefile
   	pkgsrc/mail/claws-mail-dillo: Makefile
   	pkgsrc/mail/claws-mail-fetchinfo: Makefile
   	pkgsrc/mail/claws-mail-libravatar: Makefile
   	pkgsrc/mail/claws-mail-mailmbox: Makefile
   	pkgsrc/mail/claws-mail-managesieve: Makefile
   	pkgsrc/mail/claws-mail-newmail: Makefile
   	pkgsrc/mail/claws-mail-notification: Makefile
   	pkgsrc/mail/claws-mail-pgpcore: Makefile
   	pkgsrc/mail/claws-mail-pgpinline: Makefile
   	pkgsrc/mail/claws-mail-pgpmime: Makefile
   	pkgsrc/mail/claws-mail-rssyl: Makefile
   	pkgsrc/mail/claws-mail-smime: Makefile
   	pkgsrc/mail/claws-mail-spamassassin: Makefile
   	pkgsrc/mail/claws-mail-spamreport: Makefile
   	pkgsrc/mail/claws-mail-tnef: Makefile
   	pkgsrc/mail/claws-mail-vcalendar: Makefile
   	pkgsrc/mail/cone: Makefile
   	pkgsrc/mail/evolution-data-server: Makefile
   	pkgsrc/mail/libetpan: Makefile buildlink3.mk
   	pkgsrc/mail/mailfront: Makefile
   	pkgsrc/mail/milter-greylist: Makefile
   	pkgsrc/mail/mpop: Makefile
   	pkgsrc/mail/msmtp: Makefile
   	pkgsrc/mail/mutt: Makefile
   	pkgsrc/mail/nmh: Makefile
   	pkgsrc/mail/nullmailer: Makefile
   	pkgsrc/mail/wmbiff: Makefile
   	pkgsrc/mail/xfce4-mailwatch-plugin: Makefile
   	pkgsrc/math/R: Makefile
   	pkgsrc/math/R-CGIwithR: Makefile
   	pkgsrc/math/R-RNetCDF: Makefile
   	pkgsrc/math/R-ncdf: Makefile
   	pkgsrc/math/R-ncdf4: Makefile
   	pkgsrc/math/cantor: Makefile
   	pkgsrc/math/cgal: Makefile buildlink3.mk
   	pkgsrc/math/grace: Makefile
   	pkgsrc/math/libixion: Makefile
   	pkgsrc/math/octave: Makefile
   	pkgsrc/math/py-Scientific: Makefile
   	pkgsrc/math/py-libixion: Makefile
   	pkgsrc/math/py-netCDF4: Makefile
   	pkgsrc/math/qalculate: Makefile buildlink3.mk
   	pkgsrc/math/qalculate-gtk: Makefile
   	pkgsrc/math/sc-im: Makefile
   	pkgsrc/math/volk: Makefile
   	pkgsrc/math/vowpal_wabbit: Makefile
   	pkgsrc/math/xmgr: Makefile
   	pkgsrc/misc/bibletime: Makefile
   	pkgsrc/misc/esniper: Makefile
   	pkgsrc/misc/fbreader: Makefile
   	pkgsrc/misc/gwaei: Makefile
   	pkgsrc/misc/kaccessible: Makefile
   	pkgsrc/misc/kchmviewer: Makefile
   	pkgsrc/misc/kde-wallpapers4: Makefile
   	pkgsrc/misc/kdeartwork4: Makefile
   	pkgsrc/misc/kdepim-runtime4: Makefile
   	pkgsrc/misc/kdepim4: Makefile
   	pkgsrc/misc/kdepimlibs4: Makefile buildlink3.mk
   	pkgsrc/misc/kdeplasma-addons4: Makefile
   	pkgsrc/misc/kremotecontrol: Makefile
   	pkgsrc/misc/kstars: Makefile
   	pkgsrc/misc/ktux: Makefile
   	pkgsrc/misc/libcarddav: Makefile
   	pkgsrc/misc/libkdeedu: Makefile buildlink3.mk
   	pkgsrc/misc/libreoffice: Makefile
   	pkgsrc/misc/ocaml-opam: Makefile
   	pkgsrc/misc/parley: Makefile
   	pkgsrc/misc/rocs: Makefile
   	pkgsrc/misc/step: Makefile
   	pkgsrc/misc/superkaramba: Makefile
   	pkgsrc/misc/sweeper: Makefile
   	pkgsrc/misc/sword: Makefile buildlink3.mk
   	pkgsrc/misc/usbprog: Makefile
   	pkgsrc/misc/wandio: Makefile buildlink3.mk
   	pkgsrc/multimedia/audiocd-kio: Makefile
   	pkgsrc/multimedia/dvdauthor: Makefile
   	pkgsrc/multimedia/ffmpeg2: Makefile
   	pkgsrc/multimedia/ffmpeg3: Makefile
   	pkgsrc/multimedia/ffmpeg4: Makefile
   	pkgsrc/multimedia/ffmpegthumbs: Makefile
   	pkgsrc/multimedia/gnome-mplayer: Makefile
   	pkgsrc/multimedia/gpac: Makefile
   	pkgsrc/multimedia/kscd: Makefile
   	pkgsrc/multimedia/libkcddb: Makefile buildlink3.mk
   	pkgsrc/multimedia/lightspark: Makefile
   	pkgsrc/multimedia/mediatomb: Makefile
   	pkgsrc/multimedia/mkvtoolnix: Makefile
   	pkgsrc/multimedia/mkvtoolnix-old: Makefile
   	pkgsrc/multimedia/mplayerthumbs: Makefile
   	pkgsrc/multimedia/nostt: Makefile
   	pkgsrc/multimedia/obs-studio: Makefile
   	pkgsrc/multimedia/omxplayer: Makefile
   	pkgsrc/multimedia/totem: Makefile
   	pkgsrc/multimedia/transcode: Makefile
   	pkgsrc/multimedia/vlc: Makefile
   	pkgsrc/multimedia/xine-lib: Makefile
   	pkgsrc/multimedia/xine-ui: Makefile
   	pkgsrc/net/aiccu: Makefile
   	pkgsrc/net/bbk_cli: Makefile
   	pkgsrc/net/btget: Makefile
   	pkgsrc/net/cclive: Makefile
   	pkgsrc/net/ccrtp: Makefile buildlink3.mk
   	pkgsrc/net/choqok: Makefile
   	pkgsrc/net/chrony: Makefile
   	pkgsrc/net/dc_gui2: Makefile
   	pkgsrc/net/deforaos-vncviewer: Makefile
   	pkgsrc/net/doh: Makefile
   	pkgsrc/net/ettercap: Makefile
   	pkgsrc/net/ettercap-gtk: Makefile
   	pkgsrc/net/filezilla: Makefile
   	pkgsrc/net/flickcurl: Makefile
   	pkgsrc/net/freeDiameter: Makefile
   	pkgsrc/net/freeradius-freetds: Makefile
   	pkgsrc/net/freeradius-rest: Makefile
   	pkgsrc/net/glib-networking: Makefile
   	pkgsrc/net/grilo: Makefile buildlink3.mk
   	pkgsrc/net/grilo-plugins: Makefile
   	pkgsrc/net/grive2: Makefile
   	pkgsrc/net/gst-plugins0.10-rtmp: Makefile
   	pkgsrc/net/gst-plugins1-rtmp: Makefile
   	pkgsrc/net/gtk-gnutella: Makefile
   	pkgsrc/net/gtk-vnc: Makefile buildlink3.mk
   	pkgsrc/net/guacamole-server: Makefile
   	pkgsrc/net/icinga2: Makefile
   	pkgsrc/net/jigdo: Makefile
   	pkgsrc/net/kdenetwork-filesharing: Makefile
   	pkgsrc/net/kdenetwork-strigi-analyzers: Makefile
   	pkgsrc/net/kget: Makefile
   	pkgsrc/net/kmldonkey: Makefile
   	pkgsrc/net/knot: Makefile
   	pkgsrc/net/kopete: Makefile
   	pkgsrc/net/kppp: Makefile
   	pkgsrc/net/krdc: Makefile
   	pkgsrc/net/krfb: Makefile
   	pkgsrc/net/ktorrent: Makefile
   	pkgsrc/net/lftp: Makefile
   	pkgsrc/net/libcmis: Makefile
   	pkgsrc/net/libfilezilla: Makefile
   	pkgsrc/net/libgdata: Makefile buildlink3.mk
   	pkgsrc/net/libktorrent: Makefile buildlink3.mk
   	pkgsrc/net/libquvi: Makefile
   	pkgsrc/net/libtorrent-rasterbar: Makefile buildlink3.mk
   	pkgsrc/net/libtrace: Makefile
   	pkgsrc/net/libvncserver: Makefile buildlink3.mk
   	pkgsrc/net/libzrtpcpp: Makefile buildlink3.mk
   	pkgsrc/net/megatools: Makefile
   	pkgsrc/net/nanotodon: Makefile
   	pkgsrc/net/ncdc: Makefile
   	pkgsrc/net/net6: Makefile buildlink3.mk
   	pkgsrc/net/netatalk22: Makefile
   	pkgsrc/net/netatalk3: Makefile
   	pkgsrc/net/ntopng: Makefile
   	pkgsrc/net/ocamlnet: Makefile
   	pkgsrc/net/ocsync: Makefile buildlink3.mk
   	pkgsrc/net/openvpn: Makefile
   	pkgsrc/net/podcastdl: Makefile
   	pkgsrc/net/powerdns: Makefile
   	pkgsrc/net/py-smbc: Makefile
   	pkgsrc/net/qbittorrent: Makefile
   	pkgsrc/net/quvi: Makefile
   	pkgsrc/net/rdesktop: Makefile
   	pkgsrc/net/remmina: Makefile
   	pkgsrc/net/rtmpdump: Makefile buildlink3.mk
   	pkgsrc/net/rtorrent: Makefile
   	pkgsrc/net/samba: Makefile
   	pkgsrc/net/samba4: Makefile buildlink3.mk
   	pkgsrc/net/snort: Makefile
   	pkgsrc/net/synergy: Makefile
   	pkgsrc/net/taskserver: Makefile
   	pkgsrc/net/tcpflow: Makefile
   	pkgsrc/net/tigervnc: Makefile
   	pkgsrc/net/transmission: Makefile
   	pkgsrc/net/transmission-gtk: Makefile
   	pkgsrc/net/transmission-qt: Makefile
   	pkgsrc/net/unbound: Makefile buildlink3.mk
   	pkgsrc/net/urlgfe: Makefile
   	pkgsrc/net/vinagre: Makefile
   	pkgsrc/net/vino: Makefile
   	pkgsrc/net/wget: Makefile
   	pkgsrc/net/wireshark: Makefile
   	pkgsrc/net/wmget: Makefile
   	pkgsrc/net/zeroconf-ioslave: Makefile
   	pkgsrc/news/neix: Makefile
   	pkgsrc/news/newsbeuter: Makefile
   	pkgsrc/news/pan: Makefile
   	pkgsrc/parallel/slurm-wlm: Makefile
   	pkgsrc/print/auctex: Makefile
   	pkgsrc/print/brlaser: Makefile
   	pkgsrc/print/cups: Makefile
   	pkgsrc/print/cups-base: Makefile buildlink3.mk
   	pkgsrc/print/cups-drivers-Magicolor5440DL: Makefile
   	pkgsrc/print/cups-filters: Makefile buildlink3.mk
   	pkgsrc/print/cups-pdf: Makefile
   	pkgsrc/print/dspdfviewer: Makefile
   	pkgsrc/print/epdfview: Makefile
   	pkgsrc/print/ghostscript: Makefile buildlink3.mk
   	pkgsrc/print/ghostscript-gpl: Makefile buildlink3.mk
   	pkgsrc/print/gtklp: Makefile
   	pkgsrc/print/gutenprint-lib: Makefile
   	pkgsrc/print/hplip: Makefile
   	pkgsrc/print/libcups: Makefile buildlink3.mk
   	pkgsrc/print/mupdf: Makefile buildlink3.mk
   	pkgsrc/print/okular: Makefile
   	pkgsrc/print/p5-Net-CUPS: Makefile
   	pkgsrc/print/pdf2djvu: Makefile
   	pkgsrc/print/py-cups: Makefile
   	pkgsrc/print/qpdfview: Makefile
   	pkgsrc/print/scribus-qt4: Makefile
   	pkgsrc/print/scribus-qt5: Makefile
   	pkgsrc/print/xpdf4: Makefile
   	pkgsrc/print/xpp: Makefile
   	pkgsrc/print/zathura-pdf-mupdf: Makefile
   	pkgsrc/security/ap-modsecurity2: Makefile
   	pkgsrc/security/botan-devel: Makefile buildlink3.mk
   	pkgsrc/security/clamav: Makefile
   	pkgsrc/security/dirb: Makefile
   	pkgsrc/security/gnupg: Makefile
   	pkgsrc/security/gnupg-pkcs11-scd: Makefile
   	pkgsrc/security/gnupg2: Makefile
   	pkgsrc/security/gnutls: Makefile buildlink3.mk
   	pkgsrc/security/gsasl: Makefile
   	pkgsrc/security/kgpg: Makefile
   	pkgsrc/security/lastpass-cli: Makefile
   	pkgsrc/security/libfprint: Makefile
   	pkgsrc/security/liboauth: Makefile buildlink3.mk
   	pkgsrc/security/libprelude: Makefile buildlink3.mk
   	pkgsrc/security/libprelude-lua: Makefile
   	pkgsrc/security/libprelude-perl: Makefile
   	pkgsrc/security/libprelude-python: Makefile
   	pkgsrc/security/libpreludedb: Makefile buildlink3.mk
   	pkgsrc/security/libpreludedb-mysql: Makefile
   	pkgsrc/security/libpreludedb-perl: Makefile
   	pkgsrc/security/libpreludedb-pgsql: Makefile
   	pkgsrc/security/libpreludedb-python: Makefile
   	pkgsrc/security/libpreludedb-sqlite3: Makefile
   	pkgsrc/security/libykneomgr: Makefile
   	pkgsrc/security/opendnssec2: Makefile
   	pkgsrc/security/opensaml: Makefile
   	pkgsrc/security/openvas-libnasl: Makefile
   	pkgsrc/security/openvas-libraries: Makefile
   	pkgsrc/security/openvas-plugins: Makefile
   	pkgsrc/security/openvas-server: Makefile
   	pkgsrc/security/pam-yubico: Makefile
   	pkgsrc/security/php-oauth: Makefile
   	pkgsrc/security/php-oauth1: Makefile
   	pkgsrc/security/pkcs11-helper: Makefile buildlink3.mk
   	pkgsrc/security/prelude-lml: Makefile
   	pkgsrc/security/prelude-manager: Makefile
   	pkgsrc/security/prelude-pflogger: Makefile
   	pkgsrc/security/rvault: Makefile
   	pkgsrc/security/softhsm2: Makefile buildlink3.mk
   	pkgsrc/security/ykclient: Makefile buildlink3.mk
   	pkgsrc/sysutils/baloo: Makefile
   	pkgsrc/sysutils/cfengine3: Makefile
   	pkgsrc/sysutils/collectd-curl: Makefile
   	pkgsrc/sysutils/collectd-riemann: Makefile
   	pkgsrc/sysutils/collectd-virt: Makefile
   	pkgsrc/sysutils/collectd-write_prometheus: Makefile
   	pkgsrc/sysutils/conky: Makefile
   	pkgsrc/sysutils/edbus: Makefile buildlink3.mk
   	pkgsrc/sysutils/efreet: Makefile buildlink3.mk
   	pkgsrc/sysutils/gkrellm: Makefile
   	pkgsrc/sysutils/gnome-control-center: Makefile
   	pkgsrc/sysutils/gnome-settings-daemon: Makefile
   	pkgsrc/sysutils/gvfs: Makefile
   	pkgsrc/sysutils/k3b: Makefile
   	pkgsrc/sysutils/kcron: Makefile
   	pkgsrc/sysutils/kfilemetadata: Makefile
   	pkgsrc/sysutils/kfilemetadata5: Makefile
   	pkgsrc/sysutils/kuser: Makefile
   	pkgsrc/sysutils/libbaloo4: Makefile
   	pkgsrc/sysutils/mc: Makefile
   	pkgsrc/sysutils/openxenmanager: Makefile
   	pkgsrc/sysutils/riemann-client: Makefile buildlink3.mk
   	pkgsrc/sysutils/rsyslog: Makefile
   	pkgsrc/sysutils/rsyslog-dbi: Makefile
   	pkgsrc/sysutils/rsyslog-elasticsearch: Makefile
   	pkgsrc/sysutils/rsyslog-gnutls: Makefile
   	pkgsrc/sysutils/rsyslog-gssapi: Makefile
   	pkgsrc/sysutils/rsyslog-kafka: Makefile
   	pkgsrc/sysutils/rsyslog-libgcrypt: Makefile
   	pkgsrc/sysutils/rsyslog-mysql: Makefile
   	pkgsrc/sysutils/rsyslog-omprog: Makefile
   	pkgsrc/sysutils/rsyslog-pgsql: Makefile
   	pkgsrc/sysutils/rsyslog-rabbitmq: Makefile
   	pkgsrc/sysutils/rsyslog-relp: Makefile
   	pkgsrc/sysutils/rsyslog-snmp: Makefile
   	pkgsrc/sysutils/strigi: Makefile buildlink3.mk
   	pkgsrc/sysutils/syslog-ng-curl: Makefile
   	pkgsrc/sysutils/virt-viewer: Makefile
   	pkgsrc/sysutils/zabbix: Makefile
   	pkgsrc/sysutils/zabbix50-agent: Makefile
   	pkgsrc/sysutils/zabbix50-proxy: Makefile
   	pkgsrc/sysutils/zabbix50-server: Makefile
   	pkgsrc/textproc/FlightCrew: Makefile
   	pkgsrc/textproc/dikt: Makefile
   	pkgsrc/textproc/ebook-tools: Makefile buildlink3.mk
   	pkgsrc/textproc/iksemel: Makefile
   	pkgsrc/textproc/libclucene: Makefile buildlink3.mk
   	pkgsrc/textproc/libkolabxml: Makefile buildlink3.mk
   	pkgsrc/textproc/liblrdf: Makefile buildlink3.mk
   	pkgsrc/textproc/libnxml: Makefile buildlink3.mk
   	pkgsrc/textproc/libodfgen: Makefile buildlink3.mk
   	pkgsrc/textproc/lucene++: Makefile
   	pkgsrc/textproc/multimarkdown: Makefile
   	pkgsrc/textproc/odt2tex: Makefile
   	pkgsrc/textproc/p5-Syntax-SourceHighlight: Makefile
   	pkgsrc/textproc/raptor: Makefile buildlink3.mk
   	pkgsrc/textproc/raptor2: Makefile buildlink3.mk
   	pkgsrc/textproc/rasqal: Makefile buildlink3.mk
   	pkgsrc/textproc/redland: Makefile buildlink3.mk
   	pkgsrc/textproc/soprano: Makefile buildlink3.mk
   	pkgsrc/textproc/source-highlight: Makefile buildlink3.mk
   	pkgsrc/textproc/translate-shell: Makefile
   	pkgsrc/textproc/xmlrpc-c: Makefile buildlink3.mk
   	pkgsrc/textproc/xmltooling: Makefile
   	pkgsrc/time/taskwarrior: Makefile
   	pkgsrc/wm/compiz: Makefile
   	pkgsrc/www/R-RCurl: Makefile
   	pkgsrc/www/R-curl: Makefile
   	pkgsrc/www/SOGo: Makefile
   	pkgsrc/www/SOGo4: Makefile
   	pkgsrc/www/ap-auth-openidc: Makefile
   	pkgsrc/www/ap-authnz-crowd: Makefile
   	pkgsrc/www/ap2-auth-mellon: Makefile
   	pkgsrc/www/ap2-passenger: Makefile
   	pkgsrc/www/apache24: Makefile
   	pkgsrc/www/aws: Makefile
   	pkgsrc/www/aws-demos: Makefile
   	pkgsrc/www/cadaver: Makefile
   	pkgsrc/www/curl: Makefile buildlink3.mk
   	pkgsrc/www/elinks: Makefile
   	pkgsrc/www/felinks: Makefile
   	pkgsrc/www/htdavlock: Makefile
   	pkgsrc/www/htmldoc: Makefile
   	pkgsrc/www/kore: Makefile
   	pkgsrc/www/libmicrohttpd: Makefile buildlink3.mk
   	pkgsrc/www/libmrss: Makefile buildlink3.mk
   	pkgsrc/www/lighttpd: Makefile
   	pkgsrc/www/litmus: Makefile
   	pkgsrc/www/lua-curl: Makefile
   	pkgsrc/www/lynx: Makefile
   	pkgsrc/www/neon: Makefile buildlink3.mk
   	pkgsrc/www/netsurf: Makefile
   	pkgsrc/www/nghttp2: buildlink3.mk
   	pkgsrc/www/nspluginwrapper: Makefile
   	pkgsrc/www/ocaml-curl: Makefile
   	pkgsrc/www/p5-Net-Curl: Makefile
   	pkgsrc/www/passenger: Makefile
   	pkgsrc/www/php-curl: Makefile
   	pkgsrc/www/php-http: Makefile
   	pkgsrc/www/php-http3: Makefile
   	pkgsrc/www/py-curl: Makefile
   	pkgsrc/www/rekonq: Makefile
   	pkgsrc/www/ruby-patron: Makefile
   	pkgsrc/www/shibboleth-sp: Makefile
   	pkgsrc/www/sitecopy: Makefile
   	pkgsrc/www/snownews: Makefile
   	pkgsrc/www/squid4: Makefile
   	pkgsrc/www/wwwoffle: Makefile
   	pkgsrc/www/yahttp: Makefile
   	pkgsrc/x11/elementary: Makefile buildlink3.mk
   	pkgsrc/x11/enlightenment: Makefile buildlink3.mk
   	pkgsrc/x11/gtk2: Makefile
   	pkgsrc/x11/gtk3: Makefile
   	pkgsrc/x11/gtk4: Makefile
   	pkgsrc/x11/kactivities: Makefile buildlink3.mk
   	pkgsrc/x11/kactivities-stats: Makefile
   	pkgsrc/x11/kactivities5: Makefile
   	pkgsrc/x11/kde-baseapps4: Makefile
   	pkgsrc/x11/kde-runtime4: Makefile buildlink3.mk
   	pkgsrc/x11/kde-workspace4: Makefile buildlink3.mk
   	pkgsrc/x11/kdelibs4: Makefile buildlink3.mk
   	pkgsrc/x11/libkactivities4: Makefile buildlink3.mk
   	pkgsrc/x11/qt4-libs: Makefile
   	pkgsrc/x11/qt5-qtbase: Makefile
   	pkgsrc/x11/qt5-qtwebengine: Makefile
   	pkgsrc/x11/vte3: Makefile
   	pkgsrc/x11/wmweather: Makefile
   	pkgsrc/x11/x11vnc: Makefile
   	pkgsrc/x11/x2go-client: Makefile
   	pkgsrc/x11/xfce4-tumbler: Makefile
   	pkgsrc/x11/xlockmore: Makefile

   Log Message:
   revbump for boost-libs

---
   Module Name:	pkgsrc
   Committed By:	adam
   Date:		Fri Oct  8 13:20:34 UTC 2021

   Modified Files:
   	pkgsrc/net/samba4: Makefile PLIST distinfo

   Log Message:
   samba4: updated to 4.13.12

   Changes since 4.13.11
   ---------------------
   * BUG 14806: Address a signifcant performance regression in database access
     in the AD DC since Samba 4.12.
   * BUG 14807: Fix performance regression in lsa_LookupSids3/LookupNames4 since
     Samba 4.9 by using an explicit database handle cache.
   * BUG 14817: An unuthenticated user can crash the AD DC KDC by omitting the
     server name in a TGS-REQ.
   * BUG 14818: Address flapping samba_tool_drs_showrepl test.
   * BUG 14819: Address flapping dsdb_schema_attributes test.
   * BUG 14817: An unuthenticated user can crash the AD DC KDC by omitting the
     server name in a TGS-REQ
   * BUG 14817: An unuthenticated user can crash the AD DC KDC by omitting the
     server name in a TGS-REQ.
   * BUG 14817: An unuthenticated user can crash the AD DC KDC by omitting the
     server name in a TGS-REQ.
   * BUG 14817: An unuthenticated user can crash the AD DC KDC by omitting the
     server name in a TGS-REQ.
   * BUG 14817: An unuthenticated user can crash the AD DC KDC by omitting the
     server name in a TGS-REQ.
   * BUG 14817: An unuthenticated user can crash the AD DC KDC by omitting the
     server name in a TGS-REQ.
   * BUG 14784: Fix CTDB flag/status update race conditions.
   * BUG 14817: An unuthenticated user can crash the AD DC KDC by omitting the
     server name in a TGS-REQ.

---
   Module Name:	pkgsrc
   Committed By:	adam
   Date:		Wed Nov 10 13:33:20 UTC 2021

   Modified Files:
   	pkgsrc/net/samba4: Makefile PLIST distinfo

   Log Message:
   samba4: updated to 4.13.14

   Changes since 4.13.13
   ---------------------

   o  Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
      * CVE-2020-25722

   o  Andrew Bartlett <abartlet@samba.org>
      * CVE-2020-25718
      * CVE-2020-25719
      * CVE-2020-25721
      * CVE-2020-25722

   o  Ralph Boehme <slow@samba.org>
      * CVE-2020-25717

   o  Alexander Bokovoy <ab@samba.org>
      * CVE-2020-25717

   o  Samuel Cabrero <scabrero@samba.org>
      * CVE-2020-25717

   o  Nadezhda Ivanova <nivanova@symas.com>
      * CVE-2020-25722

   o  Stefan Metzmacher <metze@samba.org>
      * CVE-2016-2124
      * CVE-2020-25717
      * CVE-2020-25719
      * CVE-2020-25722
      * CVE-2021-23192
      * CVE-2021-3738
      * ldb: version 2.2.3

   o  Andreas Schneider <asn@samba.org>
      * CVE-2020-25719

   o  Joseph Sutton <josephsutton@catalyst.net.nz>
      * CVE-2020-17049
      * CVE-2020-25718
      * CVE-2020-25719
      * CVE-2020-25721
      * CVE-2020-25722
      * MS CVE-2020-17049

   Changes since 4.13.12
   ---------------------

   o  Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
      * BUG 14868: rodc_rwdc test flaps.
      * BUG 14881: Backport bronze bit fixes, tests, and selftest improvements.

   o  Andrew Bartlett <abartlet@samba.org>
      * BUG 14642: Provide a fix for MS CVE-2020-17049 in Samba [SECURITY] 'Bronze
        bit' S4U2Proxy Constrained Delegation bypass in Samba with
        embedded Heimdal.
      * BUG 14836: Python ldb.msg_diff() memory handling failure.
      * BUG 14845: "in" operator on ldb.Message is case sensitive.
      * BUG 14848: Release LDB 2.3.1 for Samba 4.14.9.
      * BUG 14871: Fix Samba support for UF_NO_AUTH_DATA_REQUIRED.
      * BUG 14874: Allow special chars like "@" in samAccountName when generating
        the salt.
      * BUG 14881: Backport bronze bit fixes, tests, and selftest improvements.

   o  Isaac Boukris <iboukris@gmail.com>
      * BUG 14642: Provide a fix for MS CVE-2020-17049 in Samba [SECURITY] 'Bronze
        bit' S4U2Proxy Constrained Delegation bypass in Samba with
        embedded Heimdal.
      * BUG 14881: Backport bronze bit fixes, tests, and selftest improvements.

   o  Viktor Dukhovni <viktor@twosigma.com>
      * BUG 12998: Fix transit path validation.
      * BUG 14881: Backport bronze bit fixes, tests, and selftest improvements.

   o  Luke Howard <lukeh@padl.com>
      * BUG 14642: Provide a fix for MS CVE-2020-17049 in Samba [SECURITY] 'Bronze
        bit' S4U2Proxy Constrained Delegation bypass in Samba with
        embedded Heimdal.
      * BUG 14881: Backport bronze bit fixes, tests, and selftest improvements.

   o  Stefan Metzmacher <metze@samba.org>
      * BUG 14881: Backport bronze bit fixes, tests, and selftest improvements.

   o  David Mulder <dmulder@suse.com>
      * BUG 14881: Backport bronze bit fixes, tests, and selftest improvements.

   o  Andreas Schneider <asn@samba.org>
      * BUG 14870: Prepare to operate with MIT krb5 >= 1.20.
      * BUG 14881: Backport bronze bit fixes, tests, and selftest improvements.

   o  Joseph Sutton <josephsutton@catalyst.net.nz>
      * BUG 14642: Provide a fix for MS CVE-2020-17049 in Samba [SECURITY] 'Bronze
        bit' S4U2Proxy Constrained Delegation bypass in Samba with
        embedded Heimdal.
      * BUG 14645: rpcclient NetFileEnum and net rpc file both cause lock order
        violation: brlock.tdb, share_entries.tdb.
      * BUG 14836: Python ldb.msg_diff() memory handling failure.
      * BUG 14845: "in" operator on ldb.Message is case sensitive.
      * BUG 14848: Release LDB 2.3.1 for Samba 4.14.9.
      * BUG 14868: rodc_rwdc test flaps.
      * BUG 14871: Fix Samba support for UF_NO_AUTH_DATA_REQUIRED.
      * BUG 14874: Allow special chars like "@" in samAccountName when generating
        the salt.
      * BUG 14881: Backport bronze bit fixes, tests, and selftest improvements.

   o  Nicolas Williams <nico@twosigma.com>
      * BUG 14642: Provide a fix for MS CVE-2020-17049 in Samba [SECURITY] 'Bronze
        bit' S4U2Proxy Constrained Delegation bypass in Samba with
        embedded Heimdal.
      * BUG 14881: Backport bronze bit fixes, tests, and selftest improvements.

Revision 1.132 / (download) - annotate - [select for diffs], Wed Nov 10 13:33:20 2021 UTC (12 months, 4 weeks ago) by adam
Branch: MAIN
Changes since 1.131: +4 -4 lines
Diff to previous 1.131 (colored)

samba4: updated to 4.13.14

Changes since 4.13.13
---------------------

o  Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
   * CVE-2020-25722

o  Andrew Bartlett <abartlet@samba.org>
   * CVE-2020-25718
   * CVE-2020-25719
   * CVE-2020-25721
   * CVE-2020-25722

o  Ralph Boehme <slow@samba.org>
   * CVE-2020-25717

o  Alexander Bokovoy <ab@samba.org>
   * CVE-2020-25717

o  Samuel Cabrero <scabrero@samba.org>
   * CVE-2020-25717

o  Nadezhda Ivanova <nivanova@symas.com>
   * CVE-2020-25722

o  Stefan Metzmacher <metze@samba.org>
   * CVE-2016-2124
   * CVE-2020-25717
   * CVE-2020-25719
   * CVE-2020-25722
   * CVE-2021-23192
   * CVE-2021-3738
   * ldb: version 2.2.3

o  Andreas Schneider <asn@samba.org>
   * CVE-2020-25719

o  Joseph Sutton <josephsutton@catalyst.net.nz>
   * CVE-2020-17049
   * CVE-2020-25718
   * CVE-2020-25719
   * CVE-2020-25721
   * CVE-2020-25722
   * MS CVE-2020-17049

Changes since 4.13.12
---------------------

o  Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
   * BUG 14868: rodc_rwdc test flaps.
   * BUG 14881: Backport bronze bit fixes, tests, and selftest improvements.

o  Andrew Bartlett <abartlet@samba.org>
   * BUG 14642: Provide a fix for MS CVE-2020-17049 in Samba [SECURITY] 'Bronze
     bit' S4U2Proxy Constrained Delegation bypass in Samba with
     embedded Heimdal.
   * BUG 14836: Python ldb.msg_diff() memory handling failure.
   * BUG 14845: "in" operator on ldb.Message is case sensitive.
   * BUG 14848: Release LDB 2.3.1 for Samba 4.14.9.
   * BUG 14871: Fix Samba support for UF_NO_AUTH_DATA_REQUIRED.
   * BUG 14874: Allow special chars like "@" in samAccountName when generating
     the salt.
   * BUG 14881: Backport bronze bit fixes, tests, and selftest improvements.

o  Isaac Boukris <iboukris@gmail.com>
   * BUG 14642: Provide a fix for MS CVE-2020-17049 in Samba [SECURITY] 'Bronze
     bit' S4U2Proxy Constrained Delegation bypass in Samba with
     embedded Heimdal.
   * BUG 14881: Backport bronze bit fixes, tests, and selftest improvements.

o  Viktor Dukhovni <viktor@twosigma.com>
   * BUG 12998: Fix transit path validation.
   * BUG 14881: Backport bronze bit fixes, tests, and selftest improvements.

o  Luke Howard <lukeh@padl.com>
   * BUG 14642: Provide a fix for MS CVE-2020-17049 in Samba [SECURITY] 'Bronze
     bit' S4U2Proxy Constrained Delegation bypass in Samba with
     embedded Heimdal.
   * BUG 14881: Backport bronze bit fixes, tests, and selftest improvements.

o  Stefan Metzmacher <metze@samba.org>
   * BUG 14881: Backport bronze bit fixes, tests, and selftest improvements.

o  David Mulder <dmulder@suse.com>
   * BUG 14881: Backport bronze bit fixes, tests, and selftest improvements.

o  Andreas Schneider <asn@samba.org>
   * BUG 14870: Prepare to operate with MIT krb5 >= 1.20.
   * BUG 14881: Backport bronze bit fixes, tests, and selftest improvements.

o  Joseph Sutton <josephsutton@catalyst.net.nz>
   * BUG 14642: Provide a fix for MS CVE-2020-17049 in Samba [SECURITY] 'Bronze
     bit' S4U2Proxy Constrained Delegation bypass in Samba with
     embedded Heimdal.
   * BUG 14645: rpcclient NetFileEnum and net rpc file both cause lock order
     violation: brlock.tdb, share_entries.tdb.
   * BUG 14836: Python ldb.msg_diff() memory handling failure.
   * BUG 14845: "in" operator on ldb.Message is case sensitive.
   * BUG 14848: Release LDB 2.3.1 for Samba 4.14.9.
   * BUG 14868: rodc_rwdc test flaps.
   * BUG 14871: Fix Samba support for UF_NO_AUTH_DATA_REQUIRED.
   * BUG 14874: Allow special chars like "@" in samAccountName when generating
     the salt.
   * BUG 14881: Backport bronze bit fixes, tests, and selftest improvements.

o  Nicolas Williams <nico@twosigma.com>
   * BUG 14642: Provide a fix for MS CVE-2020-17049 in Samba [SECURITY] 'Bronze
     bit' S4U2Proxy Constrained Delegation bypass in Samba with
     embedded Heimdal.
   * BUG 14881: Backport bronze bit fixes, tests, and selftest improvements.

Revision 1.131 / (download) - annotate - [select for diffs], Fri Oct 8 13:20:34 2021 UTC (14 months ago) by adam
Branch: MAIN
Changes since 1.130: +2 -3 lines
Diff to previous 1.130 (colored)

samba4: updated to 4.13.12

Changes since 4.13.11
---------------------
* BUG 14806: Address a signifcant performance regression in database access
  in the AD DC since Samba 4.12.
* BUG 14807: Fix performance regression in lsa_LookupSids3/LookupNames4 since
  Samba 4.9 by using an explicit database handle cache.
* BUG 14817: An unuthenticated user can crash the AD DC KDC by omitting the
  server name in a TGS-REQ.
* BUG 14818: Address flapping samba_tool_drs_showrepl test.
* BUG 14819: Address flapping dsdb_schema_attributes test.
* BUG 14817: An unuthenticated user can crash the AD DC KDC by omitting the
  server name in a TGS-REQ
* BUG 14817: An unuthenticated user can crash the AD DC KDC by omitting the
  server name in a TGS-REQ.
* BUG 14817: An unuthenticated user can crash the AD DC KDC by omitting the
  server name in a TGS-REQ.
* BUG 14817: An unuthenticated user can crash the AD DC KDC by omitting the
  server name in a TGS-REQ.
* BUG 14817: An unuthenticated user can crash the AD DC KDC by omitting the
  server name in a TGS-REQ.
* BUG 14817: An unuthenticated user can crash the AD DC KDC by omitting the
  server name in a TGS-REQ.
* BUG 14784: Fix CTDB flag/status update race conditions.
* BUG 14817: An unuthenticated user can crash the AD DC KDC by omitting the
  server name in a TGS-REQ.

Revision 1.130 / (download) - annotate - [select for diffs], Wed Sep 29 19:00:11 2021 UTC (14 months, 1 week ago) by adam
Branch: MAIN
Changes since 1.129: +2 -1 lines
Diff to previous 1.129 (colored)

revbump for boost-libs

Revision 1.129 / (download) - annotate - [select for diffs], Mon Sep 13 10:13:33 2021 UTC (14 months, 3 weeks ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2021Q3-base
Branch point for: pkgsrc-2021Q3
Changes since 1.128: +2 -3 lines
Diff to previous 1.128 (colored)

samba4: updated to 4.3.11

Changes since 4.13.10
* BUG 14769: smbd panic on force-close share during offload write.
* BUG 14731: Fix returned attributes on fake quota file handle and avoid
  hitting the VFS.
* BUG 14783: smbd "deadtime" parameter doesn't work anymore.
* BUG 14787: net conf list crashes when run as normal user.
* BUG 14607: Work around special SMB2 READ response behavior of NetApp Ontap
  7.3.7.
* BUG 14793: Start the SMB encryption as soon as possible.
* BUG 14792: Winbind should not start if the socket path for the privileged
  pipe is too long.

Revision 1.128 / (download) - annotate - [select for diffs], Sun Jul 25 15:58:04 2021 UTC (16 months, 2 weeks ago) by taca
Branch: MAIN
Changes since 1.127: +2 -2 lines
Diff to previous 1.127 (colored)

net/samba4: update to 4.3.10

Changes since 4.13.9
--------------------

o  Jeremy Allison <jra@samba.org>
   * BUG 14708: s3: smbd: Ensure POSIX default ACL is mapped into returned
     Windows ACL for directory handles.
   * BUG 14721: Take a copy to make sure we don't reference free'd memory.
   * BUG 14722: s3: lib: Fix talloc heirarcy error in parent_smb_fname().
   * BUG 14736: s3: smbd: Remove erroneous TALLOC_FREE(smb_fname_parent) in
     change_file_owner_to_parent() error path.

o  Andrew Bartlett <abartlet@samba.org>
   * BUG 14575: samba-tool: Give better error information when the
     'domain backup restore' fails with a duplicate SID.

o  Ralph Boehme <slow@samba.org>
   * BUG 14714: smbd: Correctly initialize close timestamp fields.
   * BUG 14740: Spotlight RPC service doesn't work with vfs_glusterfs.

o  Volker Lendecke <vl@samba.org>
   * BUG 14475: ctdb: Fix a crash in run_proc_signal_handler().

o  Stefan Metzmacher <metze@samba.org>
   * BUG 14750: gensec_krb5: Restore ipv6 support for kpasswd.
   * BUG 14752: smbXsrv_{open,session,tcon}: Protect
     smbXsrv_{open,session,tcon}_global_traverse_fn against invalid records.

o  Joseph Sutton <josephsutton@catalyst.net.nz>
   * BUG 14027: samba-tool domain backup offline doesn't work against bind DLZ
     backend.
   * BUG 14669: netcmd: Use next_free_rid() function to calculate a SID for
     restoring a backup.

Revision 1.127 / (download) - annotate - [select for diffs], Tue Jun 22 09:36:41 2021 UTC (17 months, 2 weeks ago) by nia
Branch: MAIN
CVS Tags: pkgsrc-2021Q2-base, pkgsrc-2021Q2
Changes since 1.126: +10 -3 lines
Diff to previous 1.126 (colored)

samba4: downgrade to 4.13.9, as discussed on netbsd-users@

Revision 1.126 / (download) - annotate - [select for diffs], Mon Jun 21 10:23:48 2021 UTC (17 months, 2 weeks ago) by nia
Branch: MAIN
Changes since 1.125: +2 -1 lines
Diff to previous 1.125 (colored)

samba4: Warn before starting if procfs is not mounted on NetBSD...

Revision 1.125 / (download) - annotate - [select for diffs], Tue Jun 1 08:30:17 2021 UTC (18 months, 1 week ago) by adam
Branch: MAIN
Changes since 1.124: +2 -3 lines
Diff to previous 1.124 (colored)

samba4: updated to 4.14.5

Changes since 4.14.4
--------------------
* BUG 14696: s3: smbd: SMB1 SMBsplwr doesn't send a reply packet on success.
* BUG 14708: s3: smbd: Ensure POSIX default ACL is mapped into returned
  Windows ACL for directory handles.
* BUG 14721: s3: smbd: Fix uninitialized memory read in
  process_symlink_open() when used with vfs_shadow_copy2().
* BUG 14689: docs: Expand the "log level" docs on audit logging.
* BUG 14714: smbd: Correctly initialize close timestamp fields.
* BUG 14699: Fix gcc11 compiler issues.
* BUG 14718: docs-xml: Update smbcacls manpage.
* BUG 14719: docs: Update list of available commands in rpcclient.
* BUG 14475: ctdb: Fix a crash in run_proc_signal_handler().
* BUG 14695: s3:winbind: For 'security = ADS' require realm/workgroup to be
  set.
* BUG 14699: lib:replace: Do not build strndup test with gcc 11 or newer.

Revision 1.124 / (download) - annotate - [select for diffs], Sun May 30 20:02:31 2021 UTC (18 months, 1 week ago) by thor
Branch: MAIN
Changes since 1.123: +2 -2 lines
Diff to previous 1.123 (colored)

net/samba4: handle dbus dependency explicitly on Linux

This manifests as the snapper vfs files appearing depending on dbus
being present or not on Linux, causing PLIST mismatch. This option
actually disables this if desired. The default is still on, as
dbus is to be expected on modern Linux installs anyway.

Revision 1.123 / (download) - annotate - [select for diffs], Mon May 24 19:53:36 2021 UTC (18 months, 2 weeks ago) by wiz
Branch: MAIN
Changes since 1.122: +2 -1 lines
Diff to previous 1.122 (colored)

*: recursive bump for perl 5.34

Revision 1.122 / (download) - annotate - [select for diffs], Thu Apr 29 15:21:16 2021 UTC (19 months, 1 week ago) by taca
Branch: MAIN
Changes since 1.121: +2 -2 lines
Diff to previous 1.121 (colored)

net/samba4: update to 4.14.4

pkgsrc changes: remove extra spaces in some patch files.


                   ==============================
                   Release Notes for Samba 4.14.4
                           April 29, 2021
                   ==============================


This is a security release in order to address the following defect:

o CVE-2021-20254: Negative idmap cache entries can cause incorrect group entries
  in the Samba file server process token.


=======
Details
=======

o  CVE-2021-20254:
   The Samba smbd file server must map Windows group identities (SIDs) into unix
   group ids (gids). The code that performs this had a flaw that could allow it
   to read data beyond the end of the array in the case where a negative cache
   entry had been added to the mapping cache. This could cause the calling code
   to return those values into the process token that stores the group
   membership for a user.

   Most commonly this flaw caused the calling code to crash, but an alert user
   (Peter Eriksson, IT Department, Linköping University) found this flaw by
   noticing an unprivileged user was able to delete a file within a network
   share that they should have been disallowed access to.

   Analysis of the code paths has not allowed us to discover a way for a
   remote user to be able to trigger this flaw reproducibly or on demand,
   but this CVE has been issued out of an abundance of caution.


Changes since 4.14.3
--------------------

o  Volker Lendecke <vl@samba.org>
   * BUG 14571: CVE-2021-20254: Fix buffer overrun in sids_to_unixids().

Revision 1.121 / (download) - annotate - [select for diffs], Wed Apr 28 09:03:49 2021 UTC (19 months, 1 week ago) by nia
Branch: MAIN
Changes since 1.120: +2 -2 lines
Diff to previous 1.120 (colored)

samba4: add flex to USE_TOOLS

Revision 1.120 / (download) - annotate - [select for diffs], Thu Apr 22 15:47:45 2021 UTC (19 months, 2 weeks ago) by adam
Branch: MAIN
Changes since 1.119: +2 -3 lines
Diff to previous 1.119 (colored)

samba4: updated to 4.14.3

Changes since 4.14.2
--------------------
* BUG 14671: s3:modules:vfs_virusfilter: Recent New_VFS changes break
  vfs_virusfilter_openat.
* BUG 14586: build: Notice if flex is missing at configure time.
* BUG 14672: Fix smbd panic when two clients open same file.
* BUG 14675: Fix memory leak in the RPC server.
* BUG 14679: s3: smbd: fix deferred renames.
* BUG 14675: s3-iremotewinspool: Set the per-request memory context.
* BUG 14675: Fix memory leak in the RPC server.
* BUG 11899: third_party: Update socket_wrapper to version 1.3.2.
* BUG 14640: third_party: Update socket_wrapper to version 1.3.3.
* BUG 14665: samba-gpupdate: Test that sysvol paths download in
  case-insensitive way.
* BUG 14662: smbd: Ensure errno is preserved across fsp destructor.
* BUG 14663: idmap_rfc2307 and idmap_nss return wrong mapping for uid/gid
  conflict.
* BUG 14288: build: Only add -Wl,--as-needed when supported.

Revision 1.119 / (download) - annotate - [select for diffs], Wed Apr 21 13:24:14 2021 UTC (19 months, 2 weeks ago) by adam
Branch: MAIN
Changes since 1.118: +2 -1 lines
Diff to previous 1.118 (colored)

revbump for boost-libs

Revision 1.118 / (download) - annotate - [select for diffs], Wed Apr 14 19:11:20 2021 UTC (19 months, 3 weeks ago) by adam
Branch: MAIN
Changes since 1.117: +3 -2 lines
Diff to previous 1.117 (colored)

samba4: updated to 4.14.2

Samba 4.14.2

This is a follow-up release to depend on the correct ldb version. This is only
needed when building against a system ldb library.

This is a security release in order to address the following defects:

o CVE-2020-27840: Heap corruption via crafted DN strings.
o CVE-2021-20277: Out of bounds read in AD DC LDAP server.


Samba 4.14.1

This is a security release in order to address the following defects:

o CVE-2020-27840: Heap corruption via crafted DN strings.
o CVE-2021-20277: Out of bounds read in AD DC LDAP server.


Samba 4.14.0

This is the first stable release of the Samba 4.14 release series.
Please read the release notes carefully before upgrading.

NEW FEATURES/CHANGES
====================

Here is a copy of a clarification note added to the Samba code
in the file: VFS-License-clarification.txt.
--------------------------------------------------------------

A clarification of our GNU GPL License enforcement boundary within the Samba
Virtual File System (VFS) layer.

Samba is licensed under the GNU GPL. All code committed to the Samba
project or that creates a "modified version" or software "based on" Samba must
be either licensed under the GNU GPL or a compatible license.

Samba has several plug-in interfaces where external code may be called
from Samba GNU GPL licensed code. The most important of these is the
Samba VFS layer.

Samba VFS modules are intimately connected by header files and API
definitions to the part of the Samba code that provides file services,
and as such, code that implements a plug-in Samba VFS module must be
licensed under the GNU GPL or a compatible license.

However, Samba VFS modules may themselves call third-party external
libraries that are not part of the Samba project and are externally
developed and maintained.

As long as these third-party external libraries do not use any of the
Samba internal structure, APIs or interface definitions created by the
Samba project (to the extent that they would be considered subject to the GNU
GPL), then the Samba Team will not consider such third-party external
libraries called from Samba VFS modules as "based on" and/or creating a
"modified version" of the Samba code for the purposes of GNU GPL.
Accordingly, we do not require such libraries be licensed under the GNU GPL
or a GNU GPL compatible license.

VFS
---

The effort to modernize Samba's VFS interface has reached a major milestone with
the next release Samba 4.14.

For details please refer to the documentation at source3/modules/The_New_VFS.txt or
visit the <https://wiki.samba.org/index.php/The_New_VFS>.

Printing
--------

Publishing printers in AD is more reliable and more printer features are
added to the published information in AD. Samba now also supports Windows
drivers for the ARM64 architecture.

Client Group Policy
-------------------
This release extends Samba to support Group Policy functionality for Winbind
clients. Active Directory Administrators can set policies that apply Sudoers
configuration, and cron jobs to run hourly, daily, weekly or monthly.

To enable the application of Group Policies on a client, set the global
smb.conf option 'apply group policies' to 'yes'. Policies are applied on an
interval of every 90 minutes, plus a random offset between 0 and 30 minutes.

Policies applied by Samba are 'non-tattooing', meaning that changes can be
reverted by executing the `samba-gpupdate --unapply` command. Policies can be
re-applied using the `samba-gpupdate --force` command.
To view what policies have been or will be applied to a system, use the
`samba-gpupdate --rsop` command.

Administration of Samba policy requires that a Samba ADMX template be uploaded
to the SYSVOL share. The samba-tool command `samba-tool gpo admxload` is
provided as a convenient method for adding this policy. Once uploaded, policies
can be modified in the Group Policy Management Editor under Computer
Configuration/Policies/Administrative Templates. Alternatively, Samba policy
may be managed using the `samba-tool gpo manage` command. This tool does not
require the admx templates to be installed.

Python 3.6 or later required

Revision 1.117 / (download) - annotate - [select for diffs], Wed Mar 24 16:33:46 2021 UTC (20 months, 2 weeks ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2021Q1-base, pkgsrc-2021Q1
Changes since 1.116: +3 -3 lines
Diff to previous 1.116 (colored)

ldb: updated to 2.2.1; samba: updated to 4.13.7

                   ==============================
                   Release Notes for Samba 4.13.7
                           March 24, 2021
                   ==============================


This is a follow-up release to depend on the correct ldb version. This is only
needed when building against a system ldb library.

This is a security release in order to address the following defects:

o CVE-2020-27840: Heap corruption via crafted DN strings.
o CVE-2021-20277: Out of bounds read in AD DC LDAP server.


=======
Details
=======

o  CVE-2020-27840:
   An anonymous attacker can crash the Samba AD DC LDAP server by sending easily
   crafted DNs as part of a bind request. More serious heap corruption is likely
   also possible.

o  CVE-2021-20277:
   User-controlled LDAP filter strings against the AD DC LDAP server may crash
   the LDAP server.

For more details, please refer to the security advisories.


Changes since 4.13.6
--------------------

o  Release with dependency on ldb version 2.2.1.

Revision 1.116 / (download) - annotate - [select for diffs], Sat Mar 20 19:27:35 2021 UTC (20 months, 2 weeks ago) by adam
Branch: MAIN
Changes since 1.115: +2 -2 lines
Diff to previous 1.115 (colored)

samba4: updated to 4.13.5

Changes since 4.13.4
--------------------
* BUG 14634: s3:modules:vfs_virusfilter: Recent talloc changes cause infinite
  start-up failure.
* BUG 13992: s3: libsmb: Add missing cli_tdis() in error path if encryption
  setup failed on temp proxy connection.
* BUG 14604: smbd: In conn_force_tdis_done() when forcing a connection closed
  force a full reload of services.
* BUG 14593: dbcheck: Check Deleted Objects and reduce noise in reports about
  expired tombstones.
* BUG 14503: s3: Fix fcntl waf configure check.
* BUG 14602: s3/auth: Implement "winbind:ignore domains".
* BUG 14617: smbd: Use fsp->conn->session_info for the initial
  delete-on-close token.
* BUG 14648: s3: VFS: nfs4_acls. Add missing TALLOC_FREE(frame) in error
  path.
* BUG 14624: classicupgrade: Treat old never expires value right.
* BUG 14636: g_lock: Fix uninitalized variable reads.
* BUG 13898: s3:pysmbd: Fix fd leak in py_smbd_create_file().
* BUG 14625: lib:util: Avoid free'ing our own pointer.
* BUG 12505: HEIMDAL: krb5_storage_free(NULL) should work.

Revision 1.115 / (download) - annotate - [select for diffs], Wed Jan 27 06:17:17 2021 UTC (22 months, 1 week ago) by adam
Branch: MAIN
Changes since 1.114: +2 -2 lines
Diff to previous 1.114 (colored)

samba4: updated to 4.13.4

Changes 4.13.4
* BUG 14607: Work around special SMB2 IOCTL response behavior of NetApp Ontap
  7.3.7.
* BUG 14612: Temporary DFS share setup doesn't set case parameters in the
  same way as a regular share definition does.
* BUG 14605: lib: Avoid declaring zero-length VLAs in various messaging
  functions.
* BUG 14579: Do not create an empty DB when accessing a sam.ldb.
* BUG 14596: vfs_fruit may close wrong backend fd.
* BUG 14612: Temporary DFS share setup doesn't set case parameters in the
  same way as a regular share definition does.
* BUG 14606: vfs_virusfilter: Allocate separate memory for config char*.
* BUG 14596: vfs_fruit may close wrong backend fd.
* BUG 14607: Work around special SMB2 IOCTL response behavior of NetApp Ontap
  7.3.7.
* BUG 14601: The cache directory for the user gencache should be created
  recursively.
* BUG 14594: Be more flexible with repository names in CentOS 8 test
  environments.

Revision 1.114 / (download) - annotate - [select for diffs], Thu Dec 17 12:15:43 2020 UTC (23 months, 3 weeks ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2020Q4-base, pkgsrc-2020Q4
Changes since 1.113: +2 -3 lines
Diff to previous 1.113 (colored)

samba4: updated to 4.13.3

Changes since 4.13.2
* BUG 14210: libcli: smb2: Never print length if smb2_signing_key_valid()
  fails for crypto blob.
* BUG 14486: s3: modules: gluster. Fix the error I made in preventing talloc
  leaks from a function.
* BUG 14515: s3: smbd: Don't overwrite contents of fsp->aio_requests[0] with
  NULL via TALLOC_FREE().
* BUG 14568: s3: spoolss: Make parameters in call to user_ok_token() match
  all other uses.
* BUG 14590: s3: smbd: Quiet log messages from usershares for an unknown
  share.
* BUG 14248: samba process does not honor max log size.
* BUG 14587: vfs_zfsacl: Add missing inherited flag on hidden "magic"
  everyone@ ACE.
* BUG 13124: s3-libads: Pass timeout to open_socket_out in ms.
* BUG 14486: s3-vfs_glusterfs: Always disable write-behind translator.
* BUG 14517: smbclient: Fix recursive mget.
* BUG 14581: clitar: Use do_list()'s recursion in clitar.c.
* BUG 14486: manpages/vfs_glusterfs: Mention silent skipping of write-behind
  translator.
* BUG 14573: vfs_shadow_copy2: Preserve all open flags assuming ROFS.
* BUG 14514: interface: Fix if_index is not parsed correctly.

Revision 1.113 / (download) - annotate - [select for diffs], Fri Dec 4 20:45:36 2020 UTC (2 years ago) by nia
Branch: MAIN
Changes since 1.112: +2 -2 lines
Diff to previous 1.112 (colored)

Revbump packages with a runtime Python dep but no version prefix.

For the Python 3.8 default switch.

Revision 1.112 / (download) - annotate - [select for diffs], Fri Dec 4 04:56:09 2020 UTC (2 years ago) by riastradh
Branch: MAIN
Changes since 1.111: +2 -1 lines
Diff to previous 1.111 (colored)

Revbump for openpam cppflags change months ago, belatedly.

Revision 1.111 / (download) - annotate - [select for diffs], Thu Nov 12 06:37:18 2020 UTC (2 years ago) by adam
Branch: MAIN
Changes since 1.110: +3 -3 lines
Diff to previous 1.110 (colored)

samba4: updated to 4.13.2

Changes since 4.13.1
--------------------
   * BUG 14486: s3: modules: vfs_glusterfs: Fix leak of char
     **lines onto mem_ctx on return.
   * BUG 14471: RN: vfs_zfsacl: Only grant DELETE_CHILD if ACL tag is special.
   * BUG 14538: smb.conf.5: Add clarification how configuration changes
     reflected by Samba.
   * BUG 14552: daemons: Report status to systemd even when running in
     foreground.
   * BUG 14553: DNS Resolver: Support both dnspython before and after 2.0.0.
   * BUG 14486: s3-vfs_glusterfs: Refuse connection when write-behind xlator is
     present.
   * BUG 14487: provision: Add support for BIND 9.16.x.
   * BUG 14537: ctdb-common: Avoid aliasing errors during code optimization.
   * BUG 14541: libndr: Avoid assigning duplicate versions to symbols.
   * BUG 14522: docs: Fix default value of spoolss:architecture.
   * BUG 14388: winbind: Fix a memleak.
   * BUG 14531: s4:dsdb:acl_read: Implement "List Object" mode feature.
   * BUG 14486: docs-xml/manpages: Add warning about write-behind translator for
     vfs_glusterfs.
   * nsswitch/nsstest.c: Avoid nss function conflicts with glibc nss.h.
   * BUG 14530: vfs_shadow_copy2: Avoid closing snapsdir twice.
   * BUG 14547: third_party: Update resolv_wrapper to version 1.1.7.
   * BUG 14550: examples:auth: Do not install example plugin.
   * BUG 14513: ctdb-recoverd: Drop unnecessary and broken code.
   * BUG 14471: RN: vfs_zfsacl: Only grant DELETE_CHILD if ACL tag is special.

Changes since 4.13.0
--------------------
   * BUG 14434: CVE-2020-14318: s3: smbd: Ensure change notifies can't get set
     unless the directory handle is open for SEC_DIR_LIST.
   * BUG 12795: CVE-2020-14383: Remote crash after adding NS or MX records using
     'samba-tool'.
   * BUG 14472: CVE-2020-14383: Remote crash after adding MX records.
   * BUG 14436: CVE-2020-14323: winbind: Fix invalid lookupsids DoS.

4.31.0:
NEW FEATURES/CHANGES
====================

Python 3.6 or later required

Revision 1.109.2.1 / (download) - annotate - [select for diffs], Sun Nov 1 10:50:52 2020 UTC (2 years, 1 month ago) by bsiegert
Branch: pkgsrc-2020Q3
Changes since 1.109: +2 -2 lines
Diff to previous 1.109 (colored) next main 1.110 (colored)

Pullup ticket #6361 - requested by taca
net/samba4: security fix

Revisions pulled up:
- net/samba4/Makefile                                           1.110
- net/samba4/distinfo                                           1.53

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Fri Oct 30 07:17:16 UTC 2020

   Modified Files:
   	pkgsrc/net/samba4: Makefile distinfo

   Log Message:
   net/samba4: update to 4.12.9

   Summary from NEWS files:

   Samba 4.12.9 (2020-10-29)

   o  CVE-2020-14318:
      The SMB1/2/3 protocols have a concept of "ChangeNotify", where a client can
      request file name notification on a directory handle when a condition such as
      "new file creation" or "file size change" or "file timestamp update" occurs.

      A missing permissions check on a directory handle requesting ChangeNotify
      meant that a client with a directory handle open only for
      FILE_READ_ATTRIBUTES (minimal access rights) could be used to obtain change
      notify replies from the server. These replies contain information that should
      not be available to directory handles open for FILE_READ_ATTRIBUTE only.

   o  CVE-2020-14323:
      winbind in version 3.6 and later implements a request to translate multiple
      Windows SIDs into names in one request. This was done for performance
      reasons: Active Directory domain controllers can do multiple SID to name
      translations in one RPC call. It was an obvious extension to also offer this
      batch operation on the winbind unix domain stream socket that is available to
      local processes on the Samba server to reduce network round-trips to the
      domain controller.

      Due to improper input validation a hand-crafted packet can make winbind
      perform a NULL pointer dereference and thus crash.

   o  CVE-2020-14383:
      Some DNS records (such as MX and NS records) usually contain data in the
      additional section. Samba's dnsserver RPC pipe (which is an administrative
      interface not used in the DNS server itself) made an error in handling the
      case where there are no records present: instead of noticing the lack of
      records, it dereferenced uninitialised memory, causing the RPC server to
      crash. This RPC server, which also serves protocols other than dnsserver,
      will be restarted after a short delay, but it is easy for an authenticated
      non-admin attacker to crash it again as soon as it returns. The Samba DNS
      server itself will continue to operate, but many RPC services will not.

   Samba 4.12.8 (2020-10-07)

   Changes since 4.12.7
   --------------------

   o  Guenther Deschner <gd@samba.org>
      * BUG 14318: docs: Add missing winexe manpage.

   o  Volker Lendecke <vl@samba.org>
      * BUG 14465: idmap_ad does not deal properly with a RFC4511 section 4.4.1
        response.

   o  Laurent Menase <laurent.menase@hpe.com>
      * BUG 14388: winbind: Fix a memleak.

   o  Stefan Metzmacher <metze@samba.org>
      * BUG 14465: idmap_ad does not deal properly with a RFC4511 section 4.4.1
        response.
      * BUG 14482: Compilation of heimdal tree fails if libbsd is not installed.

   o  Christof Schmitt <cs@samba.org>
      * BUG 14166: util: Allow symlinks in directory_create_or_exist.

   o  Andreas Schneider <asn@samba.org>
      * BUG 14399: waf: Only use gnutls_aead_cipher_encryptv2() for GnuTLS >
        3.6.14.
      * BUG 14467: s3:smbd: Fix %U substitutions if it contains a domain name.

   o  Martin Schwenke <martin@meltin.net>
      * BUG 14466: ctdb disable/enable can fail due to race condition.

Revision 1.110 / (download) - annotate - [select for diffs], Fri Oct 30 07:17:16 2020 UTC (2 years, 1 month ago) by taca
Branch: MAIN
Changes since 1.109: +2 -2 lines
Diff to previous 1.109 (colored)

net/samba4: update to 4.12.9

Summary from NEWS files:

Samba 4.12.9 (2020-10-29)

o  CVE-2020-14318:
   The SMB1/2/3 protocols have a concept of "ChangeNotify", where a client can
   request file name notification on a directory handle when a condition such as
   "new file creation" or "file size change" or "file timestamp update" occurs.

   A missing permissions check on a directory handle requesting ChangeNotify
   meant that a client with a directory handle open only for
   FILE_READ_ATTRIBUTES (minimal access rights) could be used to obtain change
   notify replies from the server. These replies contain information that should
   not be available to directory handles open for FILE_READ_ATTRIBUTE only.

o  CVE-2020-14323:
   winbind in version 3.6 and later implements a request to translate multiple
   Windows SIDs into names in one request. This was done for performance
   reasons: Active Directory domain controllers can do multiple SID to name
   translations in one RPC call. It was an obvious extension to also offer this
   batch operation on the winbind unix domain stream socket that is available to
   local processes on the Samba server to reduce network round-trips to the
   domain controller.

   Due to improper input validation a hand-crafted packet can make winbind
   perform a NULL pointer dereference and thus crash.

o  CVE-2020-14383:
   Some DNS records (such as MX and NS records) usually contain data in the
   additional section. Samba's dnsserver RPC pipe (which is an administrative
   interface not used in the DNS server itself) made an error in handling the
   case where there are no records present: instead of noticing the lack of
   records, it dereferenced uninitialised memory, causing the RPC server to
   crash. This RPC server, which also serves protocols other than dnsserver,
   will be restarted after a short delay, but it is easy for an authenticated
   non-admin attacker to crash it again as soon as it returns. The Samba DNS
   server itself will continue to operate, but many RPC services will not.


Samba 4.12.8 (2020-10-07)

Changes since 4.12.7
--------------------

o  Gĺ≠ÁŌther Deschner <gd@samba.org>
   * BUG 14318: docs: Add missing winexe manpage.

o  Volker Lendecke <vl@samba.org>
   * BUG 14465: idmap_ad does not deal properly with a RFC4511 section 4.4.1
     response.

o  Laurent Menase <laurent.menase@hpe.com>
   * BUG 14388: winbind: Fix a memleak.

o  Stefan Metzmacher <metze@samba.org>
   * BUG 14465: idmap_ad does not deal properly with a RFC4511 section 4.4.1
     response.
   * BUG 14482: Compilation of heimdal tree fails if libbsd is not installed.

o  Christof Schmitt <cs@samba.org>
   * BUG 14166: util: Allow symlinks in directory_create_or_exist.

o  Andreas Schneider <asn@samba.org>
   * BUG 14399: waf: Only use gnutls_aead_cipher_encryptv2() for GnuTLS >
     3.6.14.
   * BUG 14467: s3:smbd: Fix %U substitutions if it contains a domain name.

o  Martin Schwenke <martin@meltin.net>
   * BUG 14466: ctdb disable/enable can fail due to race condition.

Revision 1.109 / (download) - annotate - [select for diffs], Sat Sep 19 14:00:54 2020 UTC (2 years, 2 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2020Q3-base
Branch point for: pkgsrc-2020Q3
Changes since 1.108: +2 -3 lines
Diff to previous 1.108 (colored)

net/samba4: update to 4.12.7

Update samba4 package to 4.12.7.


                   ==============================
                   Release Notes for Samba 4.12.7
                         September 18, 2020
                   ==============================


This is a security release in order to address the following defect:

o CVE-2020-1472: Unauthenticated domain takeover via netlogon ("ZeroLogon").

The following applies to Samba used as domain controller only (most
seriously the Active Directory DC, but also the classic/NT4-style DC).

Installations running Samba as a file server only are not directly
affected by this flaw, though they may need configuration changes to
continue to talk to domain controllers (see "file servers and domain
members" below).

The netlogon protocol contains a flaw that allows an authentication
bypass. This was reported and patched by Microsoft as CVE-2020-1472.
Since the bug is a protocol level flaw, and Samba implements the
protocol, Samba is also vulnerable.

However, since version 4.8 (released in March 2018), the default
behaviour of Samba has been to insist on a secure netlogon channel,
which is a sufficient fix against the known exploits. This default is
equivalent to having 'server schannel = yes' in the smb.conf.

Therefore versions 4.8 and above are not vulnerable unless they have
the smb.conf lines 'server schannel = no' or 'server schannel = auto'.

Samba versions 4.7 and below are vulnerable unless they have 'server
schannel = yes' in the smb.conf.

Note each domain controller needs the correct settings in its smb.conf.

Vendors supporting Samba 4.7 and below are advised to patch their
installations and packages to add this line to the [global] section if
their smb.conf file.

The 'server schannel = yes' smb.conf line is equivalent to Microsoft's
'FullSecureChannelProtection=1' registry key, the introduction of
which we understand forms the core of Microsoft's fix.

Some domains employ third-party software that will not work with a
'server schannel = yes'. For these cases patches are available that
allow specific machines to use insecure netlogon. For example, the
following smb.conf:

   server schannel = yes
   server require schannel:triceratops$ = no
   server require schannel:greywacke$ = no

will allow only "triceratops$" and "greywacke$" to avoid schannel.

More details can be found here:
https://www.samba.org/samba/security/CVE-2020-1472.html

Revision 1.108 / (download) - annotate - [select for diffs], Fri Sep 11 17:18:09 2020 UTC (2 years, 2 months ago) by jperkin
Branch: MAIN
Changes since 1.107: +4 -2 lines
Diff to previous 1.107 (colored)

samba4: Limit iconv hack to NetBSD.

Resolves issue on Linux reported by sobukus on IRC.

Revision 1.107 / (download) - annotate - [select for diffs], Mon Aug 31 18:10:53 2020 UTC (2 years, 3 months ago) by wiz
Branch: MAIN
Changes since 1.106: +2 -1 lines
Diff to previous 1.106 (colored)

*: bump PKGREVISION for perl-5.32.

Revision 1.106 / (download) - annotate - [select for diffs], Tue Aug 18 07:39:31 2020 UTC (2 years, 3 months ago) by adam
Branch: MAIN
Changes since 1.105: +2 -3 lines
Diff to previous 1.105 (colored)

samba4: updated to 4.12.6

Changes since 4.12.5
* BUG 14403: s3: libsmb: Fix SMB2 client rename bug to a Windows server.
* BUG 14424: dsdb: Allow "password hash userPassword schemes = CryptSHA256"
  to work on RHEL7.
* BUG 14450: dbcheck: Allow a dangling forward link outside our known NCs.
* BUG 14426: lib/debug: Set the correct default backend loglevel to
  MAX_DEBUG_LEVEL.
* BUG 14428: PANIC: Assert failed in get_lease_type().
* BUG 14422: util: Fix build on AIX by fixing the order of replace.h include.
* BUG 14355: srvsvc_NetFileEnum asserts with open files.
* BUG 14354: KDC breaks with DES keys still in the database and
  msDS-SupportedEncryptionTypes 31 indicating support for it.
* BUG 14427: s3:smbd: Make sure vfs_ChDir() always sets
  conn->cwd_fsp->fh->fd = AT_FDCWD.
* BUG 14428: PANIC: Assert failed in get_lease_type().
* BUG 14358: docs: Fix documentation for require_membership_of of
  pam_winbind.conf.
* BUG 14444: ctdb-scripts: Use nfsconf utility for variable values in CTDB
  NFS scripts.
* BUG 14425: s3:winbind:idmap_ad: Make failure to get attrnames for schema
  mode fatal.

Revision 1.105 / (download) - annotate - [select for diffs], Mon Aug 17 20:19:50 2020 UTC (2 years, 3 months ago) by leot
Branch: MAIN
Changes since 1.104: +2 -2 lines
Diff to previous 1.104 (colored)

*: revbump after fontconfig bl3 changes (libuuid removal)

Revision 1.101.2.1 / (download) - annotate - [select for diffs], Wed Jul 29 20:15:59 2020 UTC (2 years, 4 months ago) by bsiegert
Branch: pkgsrc-2020Q2
Changes since 1.101: +2 -3 lines
Diff to previous 1.101 (colored) next main 1.102 (colored)

Pullup ticket #6276 - requested by taca
net/samba4: security fix

Revisions pulled up:
- net/samba4/Makefile                                           1.102
- net/samba4/PLIST                                              1.31
- net/samba4/distinfo                                           1.49
- net/samba4/patches/patch-lib_replace_system_passwd.h          1.1

---
   Module Name:	pkgsrc
   Committed By:	adam
   Date:		Mon Jul  6 14:38:06 UTC 2020

   Modified Files:
   	pkgsrc/net/samba4: Makefile PLIST distinfo
   Added Files:
   	pkgsrc/net/samba4/patches: patch-lib_replace_system_passwd.h

   Log Message:
   samba4: updated to 4.12.5

   Changes since 4.12.4
   --------------------
      * BUG 14301: Fix smbd panic on force-close share during async io.
      * BUG 14374: Fix segfault when using SMBC_opendir_ctx() routine for share
        folder that contains incorrect symbols in any file name.
      * BUG 14391: Fix DFS links.
      * BUG 14310: Can't use DNS functionality after a Windows DC has been in
        domain.
      * BUG 14413: ldapi search to FreeIPA crashes.
      * BUG 14396: Add net-ads-join dnshostname=fqdn option.
      * BUG 14406: Fix adding msDS-AdditionalDnsHostName to keytab with Windows DC.
      * BUG 14386: docs-xml: Update list of posible VFS operations for
        vfs_full_audit.
      * BUG 14382: winbindd: Fix a use-after-free when winbind clients exit.
      * BUG 14370: Client tools are not able to read gencache anymore.

   Samba 4.12.4
   ============
   o  CVE-2020-10730:
      A client combining the 'ASQ' and 'VLV' LDAP controls can cause a NULL pointer
      de-reference and further combinations with the LDAP paged_results feature can
      give a use-after-free in Samba's AD DC LDAP server.

   o  CVE-2020-10745: Parsing and packing of NBT and DNS packets can consume
      excessive CPU.

   o  CVE-2020-10760:
      The use of the paged_results or VLV controls against the Global Catalog LDAP
      server on the AD DC will cause a use-after-free.

   o  CVE-2020-14303:
      The AD DC NBT server in Samba 4.0 will enter a CPU spin and not process
      further requests once it receives an empty (zero-length) UDP packet to
      port 137.

   For more details, please refer to the security advisories.

   Changes since 4.12.3
   --------------------
      * BUG 14378: CVE-2020-10745: Invalid DNS or NBT queries containing dots use
        several seconds of CPU each.
      * BUG 14364: CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ
        and VLV combined.
      * BUG 14402: CVE-2020-10760: Fix use-after-free in AD DC Global Catalog LDAP
        server with paged_result or VLV.
      * BUG 14417: CVE-2020-14303: Fix endless loop from empty UDP packet sent to
        AD DC nbt_server.
      * BUG 14364: CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ
        and VLV combined, ldb: Bump version to 2.1.4.

Revision 1.104 / (download) - annotate - [select for diffs], Tue Jul 28 01:11:10 2020 UTC (2 years, 4 months ago) by christos
Branch: MAIN
Changes since 1.103: +4 -4 lines
Diff to previous 1.103 (colored)

Move sysvol from /var/run/sysvol to /var/db/samba4/sysvol as FreeBSD does,
so that the provisioning data gets preserved across reboots.
From Matthias Perelmann

Revision 1.103 / (download) - annotate - [select for diffs], Tue Jul 21 18:42:25 2020 UTC (2 years, 4 months ago) by christos
Branch: MAIN
Changes since 1.102: +2 -1 lines
Diff to previous 1.102 (colored)

Fix arguments to getgroupmembership

Revision 1.102 / (download) - annotate - [select for diffs], Mon Jul 6 14:38:06 2020 UTC (2 years, 5 months ago) by adam
Branch: MAIN
Changes since 1.101: +2 -3 lines
Diff to previous 1.101 (colored)

samba4: updated to 4.12.5

Changes since 4.12.4
--------------------
   * BUG 14301: Fix smbd panic on force-close share during async io.
   * BUG 14374: Fix segfault when using SMBC_opendir_ctx() routine for share
     folder that contains incorrect symbols in any file name.
   * BUG 14391: Fix DFS links.
   * BUG 14310: Can't use DNS functionality after a Windows DC has been in
     domain.
   * BUG 14413: ldapi search to FreeIPA crashes.
   * BUG 14396: Add net-ads-join dnshostname=fqdn option.
   * BUG 14406: Fix adding msDS-AdditionalDnsHostName to keytab with Windows DC.
   * BUG 14386: docs-xml: Update list of posible VFS operations for
     vfs_full_audit.
   * BUG 14382: winbindd: Fix a use-after-free when winbind clients exit.
   * BUG 14370: Client tools are not able to read gencache anymore.

Samba 4.12.4
============
o  CVE-2020-10730:
   A client combining the 'ASQ' and 'VLV' LDAP controls can cause a NULL pointer
   de-reference and further combinations with the LDAP paged_results feature can
   give a use-after-free in Samba's AD DC LDAP server.

o  CVE-2020-10745: Parsing and packing of NBT and DNS packets can consume
   excessive CPU.

o  CVE-2020-10760:
   The use of the paged_results or VLV controls against the Global Catalog LDAP
   server on the AD DC will cause a use-after-free.

o  CVE-2020-14303:
   The AD DC NBT server in Samba 4.0 will enter a CPU spin and not process
   further requests once it receives an empty (zero-length) UDP packet to
   port 137.

For more details, please refer to the security advisories.


Changes since 4.12.3
--------------------
   * BUG 14378: CVE-2020-10745: Invalid DNS or NBT queries containing dots use
     several seconds of CPU each.
   * BUG 14364: CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ
     and VLV combined.
   * BUG 14402: CVE-2020-10760: Fix use-after-free in AD DC Global Catalog LDAP
     server with paged_result or VLV.
   * BUG 14417: CVE-2020-14303: Fix endless loop from empty UDP packet sent to
     AD DC nbt_server.
   * BUG 14364: CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ
     and VLV combined, ldb: Bump version to 2.1.4.

Revision 1.101 / (download) - annotate - [select for diffs], Fri May 22 10:55:48 2020 UTC (2 years, 6 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2020Q2-base
Branch point for: pkgsrc-2020Q2
Changes since 1.100: +2 -1 lines
Diff to previous 1.100 (colored)

revbump after updating security/nettle

Revision 1.100 / (download) - annotate - [select for diffs], Wed May 20 04:26:38 2020 UTC (2 years, 6 months ago) by dogcow
Branch: MAIN
Changes since 1.99: +2 -2 lines
Diff to previous 1.99 (colored)

Require docbook-xsl>=1.79.2 for building smb.conf.5; otherwise, it errors
out with
runtime error: file /usr/pkg/share/xsl/docbook/lib/lib.xsl line 58 element choose
xsltApplySequenceConstructor: A potential infinite template recursion was detected.

Revision 1.99 / (download) - annotate - [select for diffs], Tue May 19 16:51:43 2020 UTC (2 years, 6 months ago) by adam
Branch: MAIN
Changes since 1.98: +2 -3 lines
Diff to previous 1.98 (colored)

net/samba4 databases/ldb: updated to 4.12.3 2.1.3

Changes 4.12.3:
* BUG 14301: Fix smbd panic on force-close share during async io.
* BUG 14343: s3: vfs_full_audit: Add missing fcntl entry in vfs_op_names[]
  array.
* BUG 14361: vfs_io_uring: Fix data corruption with Windows clients.
* BUG 14372: Fix smbd crashes when MacOS Catalina connects if iconv
  initialization fails.
* BUG 14150: Exporting from macOS Adobe Illustrator creates multiple copies.
* BUG 14256: smbd does a chdir() twice per request.
* BUG 14320: smbd mistakenly updates a file's write-time on close.
* BUG 14350: vfs_shadow_copy2: implement case canonicalisation in
  shadow_copy2_get_real_filename().
* BUG 14375: Fix Windows 7 clients problem after upgrading samba file server.
* BUG 14359: s3: Pass DCE RPC handle type to create_policy_hnd.
* BUG 14155: Fix uxsuccess test with new MIT krb5 library 1.18.
* BUG 14342: mit-kdc: Explicitly reject S4U requests.
* BUG 14352: dbwrap_watch: Set rec->value_valid while returning nested
  share_mode_do_locked().
* BUG 14345: lib:util: Fix smbclient -l basename dir.
* BUG 14336: s3:libads: Fix ads_get_upn().
* BUG 14348: ctdb: Fix a memleak.
* BUG 14366: Malicous SMB1 server can crash libsmbclient.
* BUG 14330: ldb: Bump version to 2.1.3, LMDB databases can grow without
  bounds
* BUG 14361: vfs_io_uring: Fix data corruption with Windows clients.
* BUG 14344: s3/librpc/crypto: Fix double free with unresolved credential
  cache.
* BUG 14358: docs-xml: Fix usernames in pam_winbind manpages.

Revision 1.98 / (download) - annotate - [select for diffs], Tue May 19 12:13:51 2020 UTC (2 years, 6 months ago) by hauke
Branch: MAIN
Changes since 1.97: +2 -1 lines
Diff to previous 1.97 (colored)

The smb.conf(5) man page builds fine on netbsd-9, so re-add it.

This is probably the most important of the Samba man pages, and it
should not have been excluded from the build without a detailed
explanation, "just to make the pkg build".

Revision 1.97 / (download) - annotate - [select for diffs], Wed May 13 04:29:24 2020 UTC (2 years, 6 months ago) by rillig
Branch: MAIN
Changes since 1.96: +1 -2 lines
Diff to previous 1.96 (colored)

net/samba4: remove nonexistent file from REPLACE_PERL

Revision 1.96 / (download) - annotate - [select for diffs], Wed Apr 29 10:01:18 2020 UTC (2 years, 7 months ago) by adam
Branch: MAIN
Changes since 1.95: +2 -2 lines
Diff to previous 1.95 (colored)

samba4: updated to 4.12.2

Samba 4.12.2
This is a security release in order to address the following defects:
o CVE-2020-10700: Use-after-free in Samba AD DC LDAP Server with ASQ
o CVE-2020-10704: LDAP Denial of Service (stack overflow) in Samba AD DC

Revision 1.95 / (download) - annotate - [select for diffs], Tue Apr 7 08:17:28 2020 UTC (2 years, 8 months ago) by adam
Branch: MAIN
Changes since 1.94: +2 -2 lines
Diff to previous 1.94 (colored)

samba4: updated to 4.12.1

Samba 4.12.1
* BUG 14295: nmblib: Avoid undefined behaviour in handle_name_ptrs().
* BUG 14296: samba-tool group: Handle group names with special chars
  correctly.
* BUG 14293: Add missing check for DMAPI offline status in async DOS
  attributes.
* BUG 14295: Starting ctdb node that was powered off hard before results in
  recovery loop.
* BUG 14307: smbd: Ignore set NTACL requests which contain S-1-5-88 NFS ACEs.
* BUG 14316: vfs_recycle: Prevent flooding the log if we're called on
  non-existant paths.
* BUG 14313: librpc: Fix IDL for svcctl_ChangeServiceConfigW.
* BUG 14327: nsswitch: Fix use-after-free causing segfault in
  _pam_delete_cred.
* BUG 13622: fruit:time machine max size is broken on arm.
* BUG 14294: CTDB recovery corner cases can cause record resurrection and
  node banning.
* BUG 14332: s3/utils: Fix double free error with smbtree.
* BUG 14294: CTDB recovery corner cases can cause record resurrection and
  node banning.
* BUG 14295: Starting ctdb node that was powered off hard before results in
  recovery loop.
* BUG 14324: CTDB recovery daemon can crash due to dereference of NULL
  pointer.

Revision 1.94 / (download) - annotate - [select for diffs], Thu Apr 2 11:21:41 2020 UTC (2 years, 8 months ago) by adam
Branch: MAIN
Changes since 1.93: +2 -3 lines
Diff to previous 1.93 (colored)

samba4: updated to 4.12.0

samba 4.12.0:

NEW FEATURES/CHANGES
====================

Python 3.5 Required
-------------------

Samba's minimum runtime requirement for python was raised to Python
3.4 with samba 4.11.  Samba 4.12 raises this minimum version to Python
3.5 both to access new features and because this is the oldest version
we test with in our CI infrastructure.

(Build time support for the file server with Python 2.6 has not
changed)

Removing in-tree cryptography: GnuTLS 3.4.7 required
----------------------------------------------------

Samba is making efforts to remove in-tree cryptographic functionality,
and to instead rely on externally maintained libraries.  To this end,
Samba has chosen GnuTLS as our standard cryptographic provider.

Samba now requires GnuTLS 3.4.7 to be installed (including development
headers at build time) for all configurations, not just the Samba AD
DC.

Thanks to this work Samba no longer ships an in-tree DES
implementation and on GnuTLS 3.6.5 or later Samba will include no
in-tree cryptography other than the MD4 hash and that
implemented in our copy of Heimdal.

Using GnuTLS for SMB3 encryption you will notice huge performance and copy
speed improvements. Tests with the CIFS Kernel client from Linux Kernel 5.3
show a 3x speed improvement for writing and a 2.5x speed improvement for reads!

NOTE WELL: The use of GnuTLS means that Samba will honour the
system-wide 'FIPS mode' (a reference to the US FIPS-140 cryptographic
standard) and so will not operate in many still common situations if
this system-wide parameter is in effect, as many of our protocols rely
on outdated cryptography.

A future Samba version will mitigate this to some extent where good
cryptography effectively wraps bad cryptography, but for now that above
applies.

zlib library is now required to build Samba
-------------------------------------------

Samba no longer includes a local copy of zlib in our source tarball.
By removing this we do not need to ship (even where we did not
build) the old, broken zip encryption code found there.

New Spotlight backend for Elasticsearch
---------------------------------------

Support for the macOS specific Spotlight search protocol has been enhanced
significantly. Starting with 4.12 Samba supports using Elasticsearch as search
backend. Various new parameters have been added to configure this:

  spotlight backend = noindex | elasticsearch | tracker
  elasticsearch:address = ADDRESS
  elasticsearch:port = PORT
  elasticsearch:use tls = BOOLEAN
  elasticsearch:index = INDEXNAME
  elasticsearch:mappings = PATH
  elasticsearch:max results = NUMBER

Samba also ships a Spotlight client command "mdfind" which can be used to search
any SMB server that runs the Spotlight RPC service. See the manpage of mdfind
for details.

Note that when upgrading existing installations that are using the previous
default Spotlight backend Gnome Tracker must explicitly set "spotlight backend =
tracker" as the new default is "noindex".

'net ads kerberos pac save' and 'net eventlog export'
-----------------------------------------------------

The 'net ads kerberos pac save' and 'net eventlog export' tools will
no longer silently overwrite an existing file during data export.  If
the filename given exits, an error will be shown.

Fuzzing
-------

A large number of fuzz targets have been added to Samba, and Samba has
been registered in Google's oss-fuzz cloud fuzzing service.  In
particular, we now have good fuzzing coverage of our generated NDR
parsing code.

A large number of issues have been found and fixed thanks to this
effort.

'samba-tool' improvements add contacts as member to groups
----------------------------------------------------------

Previously 'samba-tool group addmemers' can just add users, groups and
computers as members to groups. But also contacts can be members of
groups. Samba 4.12 adds the functionality to add contacts to
groups. Since contacts have no sAMAccountName, it's possible that
there are more than one contact with the same name in different
organizational units. Therefore it's necessary to have an option to
handle group members by their DN.

To get the DN of an object there is now the "--full-dn" option available
for all necessary commands.

The MS Windows UI allows to search for specific types of group members
when searching for new members for a group. This feature is included
here with the new samba-tool group addmembers "--object-type=OBJECTYPE"
option. The different types are selected accordingly to the Windows
UI. The default samba-toole behaviour shouldn't be changed.

Allow filtering by OU or subtree in samba-tool
----------------------------------------------

A new "--base-dn" and "--member-base-dn" option is added to relevant
samba-tool user, group and ou management commands to allow operation
on just one part of the AD tree, such as a single OU.

VFS
===

SMB_VFS_NTIMES
--------------

Samba now uses a sentinel value based on utimensat(2) UTIME_OMIT to denote
to-be-ignored timestamp variables passed to the SMB_VFS_NTIMES() VFS function.

VFS modules can check whether any of the time values inside a struct
smb_file_time is to be ignored by calling is_omit_timespec() on the value.

'io_uring' vfs module
---------------------

The module makes use of the new io_uring infrastructure
(intruduced in Linux 5.1), see https://lwn.net/Articles/776703/

Currently this implements SMB_VFS_{PREAD,PWRITE,FSYNC}_SEND/RECV
and avoids the overhead of the userspace threadpool in the default
vfs backend. See also vfs_io_uring(8).

In order to build the module you need the liburing userspace library
and its developement headers installed, see
https://git.kernel.dk/cgit/liburing/

At runtime you'll need a Linux kernel with version 5.1 or higher.
Note that 5.4.14 and 5.4.15 have a regression that breaks the Samba
module! The regression was fixed in Linux 5.4.16 again.

MS-DFS changes in the VFS
-------------------------

This release changes set getting and setting of MS-DFS redirects
on the filesystem to go through two new VFS functions:

SMB_VFS_CREATE_DFS_PATHAT()
SMB_VFS_READ_DFS_PATHAT()

instead of smbd explicitly storing MS-DFS redirects inside
symbolic links on the filesystem. The underlying default
implementations of this has not changed, the redirects are
still stored inside symbolic links on the filesystem, but
moving the creation and reading of these links into the VFS
as first-class functions now allows alternate methods of
storing them (maybe in extended attributes) for OEMs who
don't want to mis-use filesystem symbolic links in this
way.


CTDB changes
============

* The ctdb_mutex_fcntl_helper periodically re-checks the lock file

  The re-check period is specified using a 2nd argument to this
  helper.  The default re-check period is 5s.

  If the file no longer exists or the inode number changes then the
  helper exits.  This triggers an election.


REMOVED FEATURES
================

The smb.conf parameter "write cache size" has been removed.

Since the in-memory write caching code was written, our write path has
changed significantly. In particular we have gained very flexible
support for async I/O, with the new linux io_uring interface in
development.  The old write cache concept which cached data in main
memory followed by a blocking pwrite no longer gives any improvement
on modern systems, and may make performance worse on memory-contrained
systems, so this functionality should not be enabled in core smbd
code.

In addition, it complicated the write code, which is a performance
critical code path.

If required for specialist purposes, it can be recreated as a VFS
module.

Retiring DES encryption types in Kerberos.
------------------------------------------
With this release, support for DES encryption types has been removed from
Samba, and setting DES_ONLY flag for an account will cause Kerberos
authentication to fail for that account (see RFC-6649).

Samba-DC: DES keys no longer saved in DB.
-----------------------------------------
When a new password is set for an account, Samba DC will store random keys
in DB instead of DES keys derived from the password.  If the account is being
migrated to Windbows or to an older version of Samba in order to use DES keys,
the password must be reset to make it work.

Heimdal-DC: removal of weak-crypto.
-----------------------------------
Following removal of DES encryption types from Samba, the embedded Heimdal
build has been updated to not compile weak crypto code (HEIM_WEAK_CRYPTO).

vfs_netatalk: The netatalk VFS module has been removed.
-------------------------------------------------------

The netatalk VFS module has been removed. It was unmaintained and is not needed
any more.

BIND9_FLATFILE deprecated
-------------------------

The BIND9_FLATFILE DNS backend is deprecated in this release and will
be removed in the future.  This was only practically useful on a single
domain controller or under expert care and supervision.

This release removes the 'rndc command' smb.conf parameter, which
supported this configuration by writing out a list of DCs permitted to
make changes to the DNS Zone and nudging the 'named' server if a new
DC was added to the domain.  Administrators using BIND9_FLATFILE will
need to maintain this manually from now on.

Revision 1.93 / (download) - annotate - [select for diffs], Tue Mar 10 22:10:48 2020 UTC (2 years, 8 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2020Q1-base, pkgsrc-2020Q1
Changes since 1.92: +2 -2 lines
Diff to previous 1.92 (colored)

librsvg: update bl3.mk to remove libcroco in rust case

recursive bump for the dependency change

Revision 1.92 / (download) - annotate - [select for diffs], Sun Mar 8 16:48:04 2020 UTC (2 years, 9 months ago) by wiz
Branch: MAIN
Changes since 1.91: +2 -1 lines
Diff to previous 1.91 (colored)

*: recursive bump for libffi

Revision 1.91 / (download) - annotate - [select for diffs], Sun Mar 8 12:39:27 2020 UTC (2 years, 9 months ago) by tnn
Branch: MAIN
Changes since 1.90: +1 -2 lines
Diff to previous 1.90 (colored)

samba4: make avahi optional

Avahi by default pulls in X11 via gtk2 and dbus, so you might want to
disable it on a small server if your clients don't need ZeroConf capability.

Revision 1.85.4.1 / (download) - annotate - [select for diffs], Wed Jan 29 13:13:05 2020 UTC (2 years, 10 months ago) by bsiegert
Branch: pkgsrc-2019Q4
Changes since 1.85: +5 -3 lines
Diff to previous 1.85 (colored) next main 1.86 (colored)

Pullup ticket #6125 - requested by taca
net/samba4: security fix

Revisions pulled up:
- net/samba4/Makefile                                           1.86-1.89
- net/samba4/PLIST                                              1.25
- net/samba4/distinfo                                           1.39-1.41
- net/samba4/patches/patch-source4_utils_oLschema2ldif_wscript__build 1.1

---
   Module Name:	pkgsrc
   Committed By:	adam
   Date:		Mon Dec 30 13:58:35 UTC 2019

   Modified Files:
   	pkgsrc/net/samba4: Makefile PLIST distinfo

   Log Message:
   samba4: updated to 4.11.4

   Changes since 4.11.3:
   * BUG 14161: s3: libsmb: Ensure SMB1 cli_qpathinfo2() doesn't return an inode
     number.
   * BUG 14174: s3: utils: smbtree. Ensure we don't call cli_RNetShareEnum()
     on an SMB1 connection.
   * BUG 14176: NT_STATUS_ACCESS_DENIED becomes EINVAL when using SMB2 in
     SMBC_opendir_ctx.
   * BUG 14189: s3: smbd: SMB2 - Ensure we use the correct session_id if
     encrypting an interim response.
   * BUG 14205: Prevent smbd crash after invalid SMB1 negprot.
   * BUG 13745: s3:printing: Fix %J substition.
   * BUG 13925: s3: Remove now unneeded call to cmdline_messaging_context().
   * BUG 14069: Incomplete conversion of former parametric options.
   * BUG 14070: Fix sync dosmode fallback in async dosmode codepath.
   * BUG 14171: vfs_fruit returns capped resource fork length.
   * BUG 14116: libnet_join: Add SPNs for additional-dns-hostnames entries.
   * BUG 14211: smbd: Increase a debug level.
   * BUG 14153: Prevent azure ad connect from reporting discovery errors:
     reference-value-not-ldap-conformant.
   * BUG 14179: krb5_plugin: Fix developer build with newer heimdal system
     library.
   * BUG 14168: replace: Only link libnsl and libsocket if requrired.
   * BUG 14175: ctdb: Incoming queue can be orphaned causing communication
     breakdown.
   * BUG 13846: ldb: Release ldb 2.0.8. Cross-compile will not take
     cross-answers or cross-execute.
   * BUG 13856: heimdal-build: Avoid hard-coded /usr/include/heimdal in
     asn1_compile-generated code.

---
   Module Name:	pkgsrc
   Committed By:	jperkin
   Date:		Wed Jan  8 10:40:03 UTC 2020

   Modified Files:
   	pkgsrc/net/samba4: distinfo
   Added Files:
   	pkgsrc/net/samba4/patches:
   	    patch-source4_utils_oLschema2ldif_wscript__build

   Log Message:
   samba4: Disable more fmemopen utilities on SunOS.

---
   Module Name:	pkgsrc
   Committed By:	jperkin
   Date:		Sat Jan 18 21:51:16 UTC 2020

   Modified Files:
   	pkgsrc/net/samba4: Makefile

   Log Message:
   *: Recursive revision bump for openssl 1.1.1.

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Tue Jan 21 14:12:36 UTC 2020

   Modified Files:
   	pkgsrc/net/samba4: Makefile distinfo

   Log Message:
   net/samba4: update to 4.11.5

   Update samba4 to 4.11.5.

                      ==============================
                      Release Notes for Samba 4.11.5
                             January 21, 2020
   		   ==============================

   This is a security release in order to address the following defects:

   o CVE-2019-14902: Replication of ACLs set to inherit down a subtree on AD
   		  Directory not automatic.
   o CVE-2019-14907: Crash after failed character conversion at log level 3 or
   		  above.
   o CVE-2019-19344: Use after free during DNS zone scavenging in Samba AD DC.

   =======
   Details
   =======

   o  CVE-2019-14902:
      The implementation of ACL inheritance in the Samba AD DC was not complete,
      and so absent a 'full-sync' replication, ACLs could get out of sync between
      domain controllers.

   o  CVE-2019-14907:
      When processing untrusted string input Samba can read past the end of the
      allocated buffer when printing a "Conversion error" message to the logs.

   o  CVE-2019-19344:
      During DNS zone scavenging (of expired dynamic entries) there is a read of
      memory after it has been freed.

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Mon Jan 27 14:04:13 UTC 2020

   Modified Files:
   	pkgsrc/net/samba4: Makefile

   Log Message:
   net/samba4: update depdendency

   Update dependency for daabases/ldb and devel/talloc.

   Bump PKGREVISION.

Revision 1.90 / (download) - annotate - [select for diffs], Wed Jan 29 12:44:14 2020 UTC (2 years, 10 months ago) by adam
Branch: MAIN
Changes since 1.89: +2 -3 lines
Diff to previous 1.89 (colored)

samba4: updated to 4.11.6

Changes since 4.11.5:
* BUG 14209: pygpo: Use correct method flags.
* BUG 14216: vfs_ceph_snapshots: Fix root relative path handling.
* BUG 14209: Avoiding bad call flags with python 3.8, using METH_NOARGS
  instead of zero.
* BUG 14218: source4/utils/oLschema2ldif: Include stdint.h before cmocka.h.
* BUG 14122: docs-xml/winbindnssinfo: Clarify interaction with idmap_ad etc.
* BUG 14251: smbd: Fix the build with clang.
* BUG 14199: upgradedns: Ensure lmdb lock files linked.
* BUG 14182: s3: VFS: glusterfs: Reset nlinks for symlink entries during
  readdir.
* BUG 14101: smbc_stat() doesn't return the correct st_mode and also the
  uid/gid is not filled (SMBv1) file.
* BUG 14219: librpc: Fix string length checking in
  ndr_pull_charset_to_null().
* BUG 14227: ctdb-scripts: Strip square brackets when gathering connection
  info.

Revision 1.89 / (download) - annotate - [select for diffs], Mon Jan 27 14:04:13 2020 UTC (2 years, 10 months ago) by taca
Branch: MAIN
Changes since 1.88: +4 -2 lines
Diff to previous 1.88 (colored)

net/samba4: update depdendency

Update dependency for daabases/ldb and devel/talloc.

Bump PKGREVISION.

Revision 1.88 / (download) - annotate - [select for diffs], Tue Jan 21 14:12:36 2020 UTC (2 years, 10 months ago) by taca
Branch: MAIN
Changes since 1.87: +2 -3 lines
Diff to previous 1.87 (colored)

net/samba4: update to 4.11.5

Update samba4 to 4.11.5.


                   ==============================
                   Release Notes for Samba 4.11.5
                          January 21, 2020
		   ==============================


This is a security release in order to address the following defects:

o CVE-2019-14902: Replication of ACLs set to inherit down a subtree on AD
		  Directory not automatic.
o CVE-2019-14907: Crash after failed character conversion at log level 3 or
		  above.
o CVE-2019-19344: Use after free during DNS zone scavenging in Samba AD DC.


=======
Details
=======

o  CVE-2019-14902:
   The implementation of ACL inheritance in the Samba AD DC was not complete,
   and so absent a 'full-sync' replication, ACLs could get out of sync between
   domain controllers.

o  CVE-2019-14907:
   When processing untrusted string input Samba can read past the end of the
   allocated buffer when printing a "Conversion error" message to the logs.

o  CVE-2019-19344:
   During DNS zone scavenging (of expired dynamic entries) there is a read of
   memory after it has been freed.

Revision 1.87 / (download) - annotate - [select for diffs], Sat Jan 18 21:50:25 2020 UTC (2 years, 10 months ago) by jperkin
Branch: MAIN
Changes since 1.86: +2 -1 lines
Diff to previous 1.86 (colored)

*: Recursive revision bump for openssl 1.1.1.

Revision 1.86 / (download) - annotate - [select for diffs], Mon Dec 30 13:58:35 2019 UTC (2 years, 11 months ago) by adam
Branch: MAIN
Changes since 1.85: +2 -2 lines
Diff to previous 1.85 (colored)

samba4: updated to 4.11.4

Changes since 4.11.3:
* BUG 14161: s3: libsmb: Ensure SMB1 cli_qpathinfo2() doesn't return an inode
  number.
* BUG 14174: s3: utils: smbtree. Ensure we don't call cli_RNetShareEnum()
  on an SMB1 connection.
* BUG 14176: NT_STATUS_ACCESS_DENIED becomes EINVAL when using SMB2 in
  SMBC_opendir_ctx.
* BUG 14189: s3: smbd: SMB2 - Ensure we use the correct session_id if
  encrypting an interim response.
* BUG 14205: Prevent smbd crash after invalid SMB1 negprot.
* BUG 13745: s3:printing: Fix %J substition.
* BUG 13925: s3: Remove now unneeded call to cmdline_messaging_context().
* BUG 14069: Incomplete conversion of former parametric options.
* BUG 14070: Fix sync dosmode fallback in async dosmode codepath.
* BUG 14171: vfs_fruit returns capped resource fork length.
* BUG 14116: libnet_join: Add SPNs for additional-dns-hostnames entries.
* BUG 14211: smbd: Increase a debug level.
* BUG 14153: Prevent azure ad connect from reporting discovery errors:
  reference-value-not-ldap-conformant.
* BUG 14179: krb5_plugin: Fix developer build with newer heimdal system
  library.
* BUG 14168: replace: Only link libnsl and libsocket if requrired.
* BUG 14175: ctdb: Incoming queue can be orphaned causing communication
  breakdown.
* BUG 13846: ldb: Release ldb 2.0.8. Cross-compile will not take
  cross-answers or cross-execute.
* BUG 13856: heimdal-build: Avoid hard-coded /usr/include/heimdal in
  asn1_compile-generated code.

Revision 1.85 / (download) - annotate - [select for diffs], Tue Dec 10 13:03:41 2019 UTC (2 years, 11 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2019Q4-base
Branch point for: pkgsrc-2019Q4
Changes since 1.84: +2 -3 lines
Diff to previous 1.84 (colored)

samba4: updated to 4.11.3

Samba 4.11.3
This is a security release in order to address the following defects:
o CVE-2019-14861: Samba AD DC zone-named record Denial of Service in DNS
		  management server (dnsserver).
o CVE-2019-14870: DelegationNotAllowed not being enforced in protocol transition
		  on Samba AD DC.

Revision 1.84 / (download) - annotate - [select for diffs], Sat Nov 23 08:45:45 2019 UTC (3 years ago) by mef
Branch: MAIN
Changes since 1.83: +2 -1 lines
Diff to previous 1.83 (colored)

Recursive revbump based on devel/cmocka 1.1.3 -> 1.1.5

Revision 1.83 / (download) - annotate - [select for diffs], Sun Nov 10 17:01:58 2019 UTC (3 years ago) by adam
Branch: MAIN
Changes since 1.82: +3 -4 lines
Diff to previous 1.82 (colored)

samba4: updated to 4.11.2

4.11.2:
This is a security release in order to address the following defects:
o CVE-2019-10218: Client code can return filenames containing path separators.
o CVE-2019-14833: Samba AD DC check password script does not receive the full
		  password.
o CVE-2019-14847: User with "get changes" permission can crash AD DC LDAP server
		  via dirsync.

4.11.1:
This is the latest stable release of the Samba 4.11 release series.


Changes since 4.11.0:
* BUG 14141: getpwnam and getpwuid need to return data for ID_TYPE_BOTH
  group.
* BUG 14094: smbc_readdirplus() is incompatible with smbc_telldir() and
  smbc_lseekdir().
* BUG 14152: s3: smbclient: Stop an SMB2-connection from blundering into
  SMB1-specific calls.
* BUG 14137: Fix stale file handle error when using mkstemp on a share.
* BUG 14106: Fix spnego fallback from kerberos to ntlmssp in smbd server.
* BUG 14140: Overlinking libreplace against librt and pthread against every
  binary or library causes issues.
* BUG 14130: s3-winbindd: Fix forest trusts with additional trust attributes.
* BUG 14134: auth/gensec: Fix non-AES schannel seal.
* BUG 14147: Deleted records can be resurrected during recovery.
* BUG 14136: Fix uncaught exception in classicupgrade.
* BUG 14139: fault.c: Improve fault_report message text pointing to our wiki.
* BUG 14128: s3:client: Use DEVICE_URI, instead of argv[0], for Device URI.
* BUG 14124: pam_winbind with krb5_auth or wbinfo -K doesn't work for users
  of trusted domains/forests.
* BUG 14131: Remove 'pod2man' as it is no longer needed.
* BUG 13884: Joining Active Directory should not use SAMR to set the
  password.
* BUG 14140: Overlinking libreplace against librt and pthread against every
  binary or library causes issues.
* BUG 14155: 'kpasswd' fails when built with MIT Kerberos.
* BUG 14129: Exit code of ctdb nodestatus should not be influenced by deleted
  nodes.

4.11.0:
* BUG 14049: ldb: Don't try to save a value that isn't there.
* ldb_dn: Free dn components on explode failure.
* ldb: Do not allow adding a DN as a base to itself.
* ldb: Release ldb 2.0.7.
* BUG 13695: ldb: Correct Pigeonhole principle validation in
  ldb_filter_attrs().
* BUG 14049: Fix ldb dn crash.
* BUG 14117: Deprecate "lanman auth = yes" and "encrypt passwords = no".
* BUG 14038: Fix compiling ctdb on older systems lacking POSIX robust
  mutexes.
* BUG 14121: smbd returns bad File-ID on filehandle used to create a file or
  directory.
* BUG 14098: vfs_glusterfs: Use pthreadpool for scheduling aio operations.
* BUG 14055: Add the target server name of SMB 3.1.1 connections as a hint to
  load balancers or servers with "multi-tenancy" support.
* BUG 14113: Fix byte range locking bugs/regressions.
* ldb: Fix mem-leak if talloc_realloc fails.
* BUG 14007: Fix join with don't exists machine account.
* BUG 14085: ctdb-recoverd: Only check for LMASTER nodes in the VNN map.

CHANGES SINCE 4.11.0rc2
* BUG 13972: Different Device Id for GlusterFS FUSE mount is causing data
  loss in CTDB cluster.
* BUG 14035: CVE-2019-10197: Permissions check deny can allow user to escape
  from the share.
* BUG 14059: ldb: Release ldb 2.0.6 (log database repack so users know what
  is happening).
* BUG 14092: docs: Deprecate "rndc command" for Samba 4.11.
* BUG 14059: ldb: Free memory when repacking database.
* BUG 14089: vfs_default: Use correct flag in vfswrap_fs_file_id.
* BUG 14090: vfs_glusterfs: Initialize st_ex_file_id, st_ex_itime and
  st_ex_iflags.
* BUG 14093: vfs_glusterfs: Enable profiling for file system operations.
* BUG 14059: Backport sambadowngradedatabase for v4.11.
* BUG 14035: CVE-2019-10197: Permissions check deny can allow user to escape
  from the share.
* BUG 14032: vfs_gpfs: Implement special case for denying owner access to
  ACL.
* BUG 14084: Avoid marking a node as connected before it can receive packets.
* BUG 14086: Fix onnode test failure with ShellCheck >= 0.4.7.
* BUG 14087: ctdb-daemon: Stop "ctdb stop" from completing before freezing
  databases.

Revision 1.82 / (download) - annotate - [select for diffs], Sun Nov 3 11:45:52 2019 UTC (3 years, 1 month ago) by rillig
Branch: MAIN
Changes since 1.81: +2 -2 lines
Diff to previous 1.81 (colored)

net: align variable assignments

pkglint -Wall -F --only aligned --only indent -r

No manual corrections.

Revision 1.72.2.1 / (download) - annotate - [select for diffs], Sun Sep 15 09:11:02 2019 UTC (3 years, 2 months ago) by bsiegert
Branch: pkgsrc-2019Q2
Changes since 1.72: +4 -4 lines
Diff to previous 1.72 (colored) next main 1.73 (colored)

Pullup ticket #6047 - requested by taca
databases/ldb: dependent update
net/samba4: security fix

Revisions pulled up:
- databases/ldb/Makefile                                        1.6
- databases/ldb/buildlink3.mk                                   1.2
- databases/ldb/distinfo                                        1.3
- net/samba4/Makefile                                           1.75,1.77-1.78
- net/samba4/PLIST                                              1.23
- net/samba4/distinfo                                           1.33-1.35

---
   Module Name:	pkgsrc
   Committed By:	wiz
   Date:		Sat Jul 20 22:46:59 UTC 2019

   Modified Files:

   	pkgsrc/net/samba4: Makefile buildlink3.mk


   Log Message:
   *: recursive bump for nettle 3.5.1

---
   Module Name:	pkgsrc
   Committed By:	wiz
   Date:		Sun Jul 21 22:26:08 UTC 2019

   Modified Files:

   	pkgsrc/net/samba4: Makefile


   Log Message:
   *: recursive bump for gdk-pixbuf2-2.38.1

---
   Module Name:	pkgsrc
   Committed By:	adam
   Date:		Sat Aug  3 06:54:39 UTC 2019

   Modified Files:
   	pkgsrc/net/samba4: Makefile PLIST distinfo

   Log Message:
   samba4: updated to 4.10.6

   Changes 4.10.6:
   * BUG 13956: s3: winbind: Fix crash when invoking winbind idmap scripts.
   * BUG 13964: smbd does not correctly parse arguments passed to dfree and
     quota scripts.
   * BUG 13965: samba-tool dns: use bytes for inet_ntop.
   * BUG 13828: samba-tool domain provision: Fix --interactive module in
     python3.
   * BUG 13893: ldb_kv: Skip @ records early in a search full scan.
   * BUG 13981: docs: Improve documentation of "lanman auth" and "ntlm auth"
     connection.
   * BUG 14002: python/ntacls: Use correct "state directory" smb.conf option
     instead of "state dir".
   * BUG 13840: registry: Add a missing include.
   * BUG 13944: Fix SMB guest authentication.
   * BUG 13958: AppleDouble conversion breaks Resourceforks.
   * BUG 13968: vfs_fruit makes direct use of syscalls like mmap() and pread().
   * BUG 13987: s3:mdssvc: Fix flex compilation error.
   * BUG 13872: s3/vfs_glusterfs[_fuse]: Avoid using NAME_MAX directly:
   * BUG 13799: dsdb:samdb: schemainfo update with relax control.
   * BUG 13964: s3:util: Move static file_pload() function to lib/util.
   * BUG 13957: smbd: Fix a panic.
   * BUG 12478: ldap server: Generate correct referral schemes.
   * BUG 13941: s4 dsdb/repl_meta_data: fix use after free in
     dsdb_audit_add_ldb_value.
   * BUG 13942: s4 dsdb: Fix use after free in
     samldb_rename_search_base_callback.
   * BUG 12204: dsdb/repl: we need to replicate the whole schema before we can
     apply it.
   * BUG 12478: ldb: Release ldb 1.5.5
   * BUG 13713: Schema replication fails if link crosses chunk boundary
     backwards.
   * BUG 13799: 'samba-tool domain schemaupgrade' uses relax control and skips
     the schemaInfo update provision.
   * BUG 13916: dsdb_audit: avoid printing "... remote host [Unknown]
     SID [(NULL SID)] ..."
   * BUG 13917: python/ntacls: We only need security.SEC_STD_READ_CONTROL in
     order to get the ACL.
   * BUG 13947: s3:loadparm: Ensure to truncate FS Volume Label at multibyte
     boundary.
   * BUG 13939: Using Kerberos credentials to print using spoolss doesn't work.
   * BUG 13998: wafsamba: Use native waf timer.
   * BUG 13984: ctdb-scripts: Fix tcp_tw_recycle existence check.

---
   Module Name:	pkgsrc
   Committed By:	wiz
   Date:		Sun Aug 11 13:25:21 UTC 2019

   Modified Files:

   	pkgsrc/net/samba4: Makefile


   Log Message:
   Bump PKGREVISIONs for perl 5.30.0

---
   Module Name:	pkgsrc
   Committed By:	adam
   Date:		Fri Aug 23 10:52:41 UTC 2019

   Modified Files:
   	pkgsrc/net/samba4: Makefile distinfo

   Log Message:
   samba4: updated to 4.10.7

   Samba 4.10.7
   * BUG 14010: Unable to create or rename file/directory inside shares
     configured with vfs_glusterfs_fuse module.
   * BUG 13844: build: Allow build when '--disable-gnutls' is set.
   * BUG 13973: samba-tool: Add 'import samba.drs_utils' to fsmo.py.
   * BUG 14008: Fix 'Error 32 determining PSOs in system' message on old DB
     with FL upgrade.
   * BUG 14021: s4/libnet: Fix joining a Windows pre-2008R2 DC.
   * BUG 14046: join: Use a specific attribute order for the DsAddEntry
     nTDSDSA object.
   * BUG 14015: vfs_catia: Pass stat info to synthetic_smb_fname().
   * BUG 14091: lookup_name: Allow own domain lookup when flags == 0.
   * BUG 13932: s4 librpc rpc pyrpc: Ensure tevent_context deleted last.
   * BUG 13915: DEBUGC and DEBUGADDC doesn't print into a class specific log
     file.
   * BUG 13949: Request to keep deprecated option "server schannel",
     VMWare Quickprep requires "auto".
   * BUG 13967: dbcheck: Fallback to the default tombstoneLifetime of 180 days.
   * BUG 13969: dnsProperty fails to decode values from older Windows versions.
   * BUG 13973: samba-tool: Use only one LDAP modify for dns partition fsmo
     role transfer.
   * BUG 13960: third_party: Update waf to version 2.0.17.
   * BUG 14051: netcmd: Allow 'drs replicate --local' to create partitions.
   * BUG 14017: ctdb-config: Depend on /etc/ctdb/nodes file.

---
   Module Name:	pkgsrc
   Committed By:	adam
   Date:		Tue Sep  3 19:11:58 UTC 2019

   Modified Files:
   	pkgsrc/net/samba4: Makefile distinfo

   Log Message:
   samba4: updated to 4.10.8

   Samba 4.10.8:

   This is a security release in order to address the following defect:

   o  CVE-2019-10197: Combination of parameters and permissions can allow user
                      to escape from the share path definition.

---
   Module Name:	pkgsrc
   Committed By:	adam
   Date:		Sat Aug  3 06:52:32 UTC 2019

   Modified Files:
   	pkgsrc/databases/ldb: Makefile buildlink3.mk distinfo

   Log Message:
   ldb: updated to 1.5.5

   1.5.5:
   Unknown changes

Revision 1.81 / (download) - annotate - [select for diffs], Mon Sep 9 00:33:05 2019 UTC (3 years, 3 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2019Q3-base, pkgsrc-2019Q3
Changes since 1.80: +2 -1 lines
Diff to previous 1.80 (colored)

net/samba4: Makefile format correction

Revert remove of a blank line.  There should be blank line.
Thanks to wiz@ noted via private mail.

Revision 1.80 / (download) - annotate - [select for diffs], Thu Sep 5 12:39:56 2019 UTC (3 years, 3 months ago) by hauke
Branch: MAIN
Changes since 1.79: +2 -1 lines
Diff to previous 1.79 (colored)

Solarish pthreads expect mutex datastructures to be properly zeroed
out, unlike the Linux implementation, which upstream mainly
targets. This leads to "tdb_open_ex: tdb_mutex_init failed for
/var/samba/lock/gencache.tdb: Device busy" errors, described in
<https://illumos.topicbox.com/groups/developer/T28dcabf2f69cac04>.

Illumos kernel code attempted to mitigate the problem as of
<https://www.illumos.org/issues/9959>, but the changes have yet to
show up in releases.

The patches originate from
<https://github.com/oposs/pkg.oetiker.ch-build/blob/master/build/samba4/patches/pthread_mutex_init>,
modified appropriately.

Tested on omniosce r151030.

Revision 1.79 / (download) - annotate - [select for diffs], Wed Sep 4 08:15:32 2019 UTC (3 years, 3 months ago) by taca
Branch: MAIN
Changes since 1.78: +2 -3 lines
Diff to previous 1.78 (colored)

net/samba4: update MASTER_SITES

Update MASTER_SITES switching to https URL.  And remove extra empty line.

Revision 1.78 / (download) - annotate - [select for diffs], Tue Sep 3 19:11:58 2019 UTC (3 years, 3 months ago) by adam
Branch: MAIN
Changes since 1.77: +2 -2 lines
Diff to previous 1.77 (colored)

samba4: updated to 4.10.8

Samba 4.10.8:

This is a security release in order to address the following defect:

o  CVE-2019-10197: Combination of parameters and permissions can allow user
                   to escape from the share path definition.

Revision 1.77 / (download) - annotate - [select for diffs], Fri Aug 23 10:52:41 2019 UTC (3 years, 3 months ago) by adam
Branch: MAIN
Changes since 1.76: +3 -4 lines
Diff to previous 1.76 (colored)

samba4: updated to 4.10.7

Samba 4.10.7
* BUG 14010: Unable to create or rename file/directory inside shares
  configured with vfs_glusterfs_fuse module.
* BUG 13844: build: Allow build when '--disable-gnutls' is set.
* BUG 13973: samba-tool: Add 'import samba.drs_utils' to fsmo.py.
* BUG 14008: Fix 'Error 32 determining PSOs in system' message on old DB
  with FL upgrade.
* BUG 14021: s4/libnet: Fix joining a Windows pre-2008R2 DC.
* BUG 14046: join: Use a specific attribute order for the DsAddEntry
  nTDSDSA object.
* BUG 14015: vfs_catia: Pass stat info to synthetic_smb_fname().
* BUG 14091: lookup_name: Allow own domain lookup when flags == 0.
* BUG 13932: s4 librpc rpc pyrpc: Ensure tevent_context deleted last.
* BUG 13915: DEBUGC and DEBUGADDC doesn't print into a class specific log
  file.
* BUG 13949: Request to keep deprecated option "server schannel",
  VMWare Quickprep requires "auto".
* BUG 13967: dbcheck: Fallback to the default tombstoneLifetime of 180 days.
* BUG 13969: dnsProperty fails to decode values from older Windows versions.
* BUG 13973: samba-tool: Use only one LDAP modify for dns partition fsmo
  role transfer.
* BUG 13960: third_party: Update waf to version 2.0.17.
* BUG 14051: netcmd: Allow 'drs replicate --local' to create partitions.
* BUG 14017: ctdb-config: Depend on /etc/ctdb/nodes file.

Revision 1.76 / (download) - annotate - [select for diffs], Sun Aug 11 13:22:29 2019 UTC (3 years, 3 months ago) by wiz
Branch: MAIN
Changes since 1.75: +2 -1 lines
Diff to previous 1.75 (colored)

Bump PKGREVISIONs for perl 5.30.0

Revision 1.75 / (download) - annotate - [select for diffs], Sat Aug 3 06:54:39 2019 UTC (3 years, 4 months ago) by adam
Branch: MAIN
Changes since 1.74: +3 -3 lines
Diff to previous 1.74 (colored)

samba4: updated to 4.10.6

Changes 4.10.6:
* BUG 13956: s3: winbind: Fix crash when invoking winbind idmap scripts.
* BUG 13964: smbd does not correctly parse arguments passed to dfree and
  quota scripts.
* BUG 13965: samba-tool dns: use bytes for inet_ntop.
* BUG 13828: samba-tool domain provision: Fix --interactive module in
  python3.
* BUG 13893: ldb_kv: Skip @ records early in a search full scan.
* BUG 13981: docs: Improve documentation of "lanman auth" and "ntlm auth"
  connection.
* BUG 14002: python/ntacls: Use correct "state directory" smb.conf option
  instead of "state dir".
* BUG 13840: registry: Add a missing include.
* BUG 13944: Fix SMB guest authentication.
* BUG 13958: AppleDouble conversion breaks Resourceforks.
* BUG 13968: vfs_fruit makes direct use of syscalls like mmap() and pread().
* BUG 13987: s3:mdssvc: Fix flex compilation error.
* BUG 13872: s3/vfs_glusterfs[_fuse]: Avoid using NAME_MAX directly:
* BUG 13799: dsdb:samdb: schemainfo update with relax control.
* BUG 13964: s3:util: Move static file_pload() function to lib/util.
* BUG 13957: smbd: Fix a panic.
* BUG 12478: ldap server: Generate correct referral schemes.
* BUG 13941: s4 dsdb/repl_meta_data: fix use after free in
  dsdb_audit_add_ldb_value.
* BUG 13942: s4 dsdb: Fix use after free in
  samldb_rename_search_base_callback.
* BUG 12204: dsdb/repl: we need to replicate the whole schema before we can
  apply it.
* BUG 12478: ldb: Release ldb 1.5.5
* BUG 13713: Schema replication fails if link crosses chunk boundary
  backwards.
* BUG 13799: 'samba-tool domain schemaupgrade' uses relax control and skips
  the schemaInfo update provision.
* BUG 13916: dsdb_audit: avoid printing "... remote host [Unknown]
  SID [(NULL SID)] ..."
* BUG 13917: python/ntacls: We only need security.SEC_STD_READ_CONTROL in
  order to get the ACL.
* BUG 13947: s3:loadparm: Ensure to truncate FS Volume Label at multibyte
  boundary.
* BUG 13939: Using Kerberos credentials to print using spoolss doesn't work.
* BUG 13998: wafsamba: Use native waf timer.
* BUG 13984: ctdb-scripts: Fix tcp_tw_recycle existence check.

Revision 1.74 / (download) - annotate - [select for diffs], Sun Jul 21 22:25:33 2019 UTC (3 years, 4 months ago) by wiz
Branch: MAIN
Changes since 1.73: +2 -2 lines
Diff to previous 1.73 (colored)

*: recursive bump for gdk-pixbuf2-2.38.1

Revision 1.73 / (download) - annotate - [select for diffs], Sat Jul 20 22:46:03 2019 UTC (3 years, 4 months ago) by wiz
Branch: MAIN
Changes since 1.72: +2 -2 lines
Diff to previous 1.72 (colored)

*: recursive bump for nettle 3.5.1

Revision 1.72 / (download) - annotate - [select for diffs], Fri Jun 28 17:13:50 2019 UTC (3 years, 5 months ago) by jperkin
Branch: MAIN
CVS Tags: pkgsrc-2019Q2-base
Branch point for: pkgsrc-2019Q2
Changes since 1.71: +2 -2 lines
Diff to previous 1.71 (colored)

samba4: Build fixes for SunOS.

Revision 1.71 / (download) - annotate - [select for diffs], Sat Jun 22 16:11:49 2019 UTC (3 years, 5 months ago) by jmcneill
Branch: MAIN
Changes since 1.70: +2 -1 lines
Diff to previous 1.70 (colored)

Enable ads option by default.

Revision 1.70 / (download) - annotate - [select for diffs], Wed Jun 19 21:22:59 2019 UTC (3 years, 5 months ago) by adam
Branch: MAIN
Changes since 1.69: +2 -2 lines
Diff to previous 1.69 (colored)

samba4: updated to 4.10.5

Release Notes for Samba 4.10.5

This is a security release in order to address the following defects:

o  CVE-2019-12435 (Samba AD DC Denial of Service in DNS management server
                  (dnsserver))
o  CVE-2019-12436 (Samba AD DC LDAP server crash (paged searches))

Details
=======

o  CVE-2019-12435:
   An authenticated user can crash the Samba AD DC's RPC server process via a
   NULL pointer dereference.

o  CVE-2019-12436:
    An user with read access to the directory can cause a NULL pointer
    dereference using the paged search control.

For more details and workarounds, please refer to the security advisories.

Revision 1.63.2.2 / (download) - annotate - [select for diffs], Tue Jun 4 16:17:37 2019 UTC (3 years, 6 months ago) by spz
Branch: pkgsrc-2019Q1
Changes since 1.63.2.1: +1 -1 lines
Diff to previous 1.63.2.1 (colored) to branchpoint 1.63 (colored) next main 1.64 (colored)

Pullup ticket #5972 - requested by taca
net/samba4: security update

Revisions pulled up:
- net/samba4/Makefile                                           1.67
- net/samba4/PLIST.Linux                                        1.2
- net/samba4/distinfo                                           1.28

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	maya
   Date:		Tue Apr 23 07:42:53 UTC 2019

   Modified Files:
   	pkgsrc/net/samba4: PLIST.Linux

   Log Message:
   samba4: update Linux-specific PLIST entries

   from mmoll in https://github.com/NetBSD/pkgsrc/pull/46
   I am not adding the SunOS part because the files are in the non-OS specific
   PLIST, now (the SunOS entries seem to be duplicated)


   To generate a diff of this commit:
   cvs rdiff -u -r1.1 -r1.2 pkgsrc/net/samba4/PLIST.Linux

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	maya
   Date:		Thu Apr 25 07:33:32 UTC 2019

   Modified Files:
   	pkgsrc/archivers/bmap-tools: Makefile
   	pkgsrc/archivers/engrampa: Makefile
   	pkgsrc/archivers/rox-archive: Makefile
   	pkgsrc/audio/aeneas: Makefile
   	pkgsrc/audio/amaroc: Makefile
   	pkgsrc/audio/ardour: Makefile
   	pkgsrc/audio/aubio: Makefile
   	pkgsrc/audio/cplay: Makefile
   	pkgsrc/audio/csound5: Makefile
   	pkgsrc/audio/csound6: Makefile
   	pkgsrc/audio/csound6-manual: Makefile
   	pkgsrc/audio/exaile: Makefile
   	pkgsrc/audio/eyeD3: Makefile
   	pkgsrc/audio/gtkpod: Makefile
   	pkgsrc/audio/icecast1: Makefile
   	pkgsrc/audio/ices-mp3: Makefile
   	pkgsrc/audio/libmatemixer: Makefile
   	pkgsrc/audio/lilv: Makefile
   	pkgsrc/audio/lv2: Makefile
   	pkgsrc/audio/moss: Makefile
   	pkgsrc/audio/picard: Makefile
   	pkgsrc/audio/playitslowly: Makefile
   	pkgsrc/audio/pocketsphinx: Makefile
   	pkgsrc/audio/pulseaudio: Makefile
   	pkgsrc/audio/py-beets: Makefile
   	pkgsrc/audio/quodlibet2: Makefile
   	pkgsrc/audio/rhythmbox: Makefile
   	pkgsrc/audio/solfege: Makefile
   	pkgsrc/audio/sonata: Makefile
   	pkgsrc/audio/sphinxtrain: Makefile
   	pkgsrc/audio/suil: Makefile
   	pkgsrc/audio/tunapie: Makefile
   	pkgsrc/benchmarks/fio: Makefile
   	pkgsrc/benchmarks/glmark2: Makefile
   	pkgsrc/biology/bcftools: Makefile
   	pkgsrc/biology/hisat2: Makefile
   	pkgsrc/biology/ncbi-blast+: Makefile
   	pkgsrc/biology/samtools: Makefile
   	pkgsrc/biology/stacks: Makefile
   	pkgsrc/cad/geda: Makefile
   	pkgsrc/cad/klayout: Makefile
   	pkgsrc/cad/openscad: Makefile
   	pkgsrc/chat/bitlbee: Makefile
   	pkgsrc/chat/centerim: Makefile
   	pkgsrc/chat/centerim5: Makefile
   	pkgsrc/chat/empathy: Makefile
   	pkgsrc/chat/gajim: Makefile
   	pkgsrc/chat/gajim-plugin-omemo: Makefile
   	pkgsrc/chat/hexchat: Makefile
   	pkgsrc/chat/konversation: Makefile
   	pkgsrc/chat/libpurple: Makefile
   	pkgsrc/chat/libtelepathy: Makefile
   	pkgsrc/chat/spectrum: Makefile
   	pkgsrc/chat/swift: Makefile
   	pkgsrc/chat/telepathy-farsight: Makefile
   	pkgsrc/chat/telepathy-gabble: Makefile
   	pkgsrc/chat/telepathy-glib: Makefile
   	pkgsrc/chat/telepathy-idle: Makefile
   	pkgsrc/chat/telepathy-logger: Makefile
   	pkgsrc/chat/telepathy-mission-control: Makefile
   	pkgsrc/chat/telepathy-mission-control5: Makefile
   	pkgsrc/chat/telepathy-qt: Makefile
   	pkgsrc/chat/tootstream: Makefile
   	pkgsrc/comms/multisync-gui: Makefile
   	pkgsrc/converters/libkkc: Makefile
   	pkgsrc/converters/sratom: Makefile
   	pkgsrc/converters/unoconv: Makefile
   	pkgsrc/converters/wkhtmltopdf: Makefile
   	pkgsrc/databases/apache-cassandra: Makefile
   	pkgsrc/databases/apache-cassandra2: Makefile
   	pkgsrc/databases/gourmet: Makefile
   	pkgsrc/databases/gramps3: Makefile
   	pkgsrc/databases/ldb: Makefile
   	pkgsrc/databases/libpqxx: Makefile
   	pkgsrc/databases/luma: Makefile
   	pkgsrc/databases/mongodb: Makefile
   	pkgsrc/databases/mysql-cluster: Makefile
   	pkgsrc/databases/mysql-workbench: Makefile
   	pkgsrc/databases/oraedit: Makefile
   	pkgsrc/databases/postgresql10-plpython: Makefile
   	pkgsrc/databases/postgresql11-plpython: Makefile
   	pkgsrc/databases/postgresql93-plpython: Makefile
   	pkgsrc/databases/postgresql94-plpython: Makefile
   	pkgsrc/databases/postgresql95-plpython: Makefile
   	pkgsrc/databases/postgresql96-plpython: Makefile
   	pkgsrc/databases/skytools: Makefile
   	pkgsrc/databases/sqlrelay-nodejs: Makefile
   	pkgsrc/databases/tdb: Makefile
   	pkgsrc/devel/ExmanIDE: Makefile
   	pkgsrc/devel/GConf: Makefile
   	pkgsrc/devel/RBTools: Makefile
   	pkgsrc/devel/accerciser: Makefile
   	pkgsrc/devel/accerciser3: Makefile
   	pkgsrc/devel/anjuta: Makefile
   	pkgsrc/devel/appdata-tools: Makefile
   	pkgsrc/devel/arcanist: Makefile
   	pkgsrc/devel/boa-constructor: Makefile
   	pkgsrc/devel/bpython: Makefile
   	pkgsrc/devel/bzr: Makefile
   	pkgsrc/devel/bzr-explorer: Makefile
   	pkgsrc/devel/bzr-gtk: Makefile
   	pkgsrc/devel/bzr-svn: Makefile
   	pkgsrc/devel/bzrtools: Makefile
   	pkgsrc/devel/clion-bin: Makefile
   	pkgsrc/devel/coccinelle: Makefile
   	pkgsrc/devel/codeville: Makefile
   	pkgsrc/devel/cppcheck: Makefile
   	pkgsrc/devel/ctemplate: Makefile
   	pkgsrc/devel/cvs-fast-export: Makefile
   	pkgsrc/devel/cvs2svn: Makefile
   	pkgsrc/devel/dconf: Makefile
   	pkgsrc/devel/diffuse: Makefile
   	pkgsrc/devel/distcc-pump: Makefile
   	pkgsrc/devel/doxygen: Makefile
   	pkgsrc/devel/epydoc: Makefile
   	pkgsrc/devel/eric4: Makefile
   	pkgsrc/devel/etrace: Makefile
   	pkgsrc/devel/fromcvs: Makefile
   	pkgsrc/devel/gdb: Makefile
   	pkgsrc/devel/gdb7: Makefile
   	pkgsrc/devel/gdbus-codegen: Makefile
   	pkgsrc/devel/git-remote-hg: Makefile
   	pkgsrc/devel/glib2: Makefile
   	pkgsrc/devel/glib2-tools: Makefile
   	pkgsrc/devel/global: Makefile
   	pkgsrc/devel/gnatpython: Makefile
   	pkgsrc/devel/go-cli: Makefile
   	pkgsrc/devel/go-termbox: Makefile
   	pkgsrc/devel/gobject-introspection: Makefile
   	pkgsrc/devel/gps: Makefile
   	pkgsrc/devel/hyperscan: Makefile
   	pkgsrc/devel/include-what-you-use: Makefile
   	pkgsrc/devel/intellij-ce-bin: Makefile
   	pkgsrc/devel/intellij-ue-bin: Makefile
   	pkgsrc/devel/kcachegrind: Makefile
   	pkgsrc/devel/kde-dev-scripts: Makefile
   	pkgsrc/devel/ko-po-check: Makefile
   	pkgsrc/devel/kpackage: Makefile
   	pkgsrc/devel/kpeople: Makefile
   	pkgsrc/devel/kpty: Makefile
   	pkgsrc/devel/kservice: Makefile
   	pkgsrc/devel/lettuce: Makefile
   	pkgsrc/devel/libdbusmenu-tools: Makefile
   	pkgsrc/devel/libftdi1: Makefile
   	pkgsrc/devel/libgit2: Makefile
   	pkgsrc/devel/libhid: Makefile
   	pkgsrc/devel/libpeas: Makefile
   	pkgsrc/devel/librdkafka: Makefile
   	pkgsrc/devel/lld: Makefile
   	pkgsrc/devel/lldb: Makefile
   	pkgsrc/devel/lokalize: Makefile
   	pkgsrc/devel/mate-common: Makefile
   	pkgsrc/devel/meld: Makefile
   	pkgsrc/devel/mercurial: Makefile
   	pkgsrc/devel/ncc: Makefile
   	pkgsrc/devel/netbeans-ide: Makefile
   	pkgsrc/devel/ninja-build: Makefile
   	pkgsrc/devel/phpstorm-bin: Makefile
   	pkgsrc/devel/ply: Makefile
   	pkgsrc/devel/py-gobject-shared: Makefile
   	pkgsrc/devel/py-proteus: Makefile
   	pkgsrc/devel/pycharm-bin: Makefile
   	pkgsrc/devel/pythontidy: Makefile
   	pkgsrc/devel/qbzr: Makefile
   	pkgsrc/devel/radare2-cutter: Makefile
   	pkgsrc/devel/reposurgeon: Makefile
   	pkgsrc/devel/ropper: Makefile
   	pkgsrc/devel/roundup: Makefile
   	pkgsrc/devel/rox-lib: Makefile
   	pkgsrc/devel/rubymine-bin: Makefile
   	pkgsrc/devel/sdcc3: Makefile
   	pkgsrc/devel/stgit: Makefile
   	pkgsrc/devel/subversion: Makefile
   	pkgsrc/devel/swig2: Makefile
   	pkgsrc/devel/tailor: Makefile
   	pkgsrc/devel/talloc: Makefile
   	pkgsrc/devel/tevent: Makefile
   	pkgsrc/devel/umbrello: Makefile
   	pkgsrc/devel/undebt: Makefile
   	pkgsrc/devel/waf: Makefile
   	pkgsrc/editors/Sigil: Makefile
   	pkgsrc/editors/TeXmacs: Makefile
   	pkgsrc/editors/cooledit: Makefile
   	pkgsrc/editors/gedit-python: Makefile
   	pkgsrc/editors/gedit3: Makefile
   	pkgsrc/editors/kate: Makefile
   	pkgsrc/editors/lyx: Makefile
   	pkgsrc/editors/medit: Makefile
   	pkgsrc/editors/nts: Makefile
   	pkgsrc/editors/pluma: Makefile
   	pkgsrc/editors/retext: Makefile
   	pkgsrc/editors/rox-edit: Makefile
   	pkgsrc/emulators/dynagen: Makefile
   	pkgsrc/emulators/fs-uae-arcade: Makefile
   	pkgsrc/emulators/fs-uae-launcher: Makefile
   	pkgsrc/emulators/gns3: Makefile
   	pkgsrc/emulators/hatari: Makefile
   	pkgsrc/emulators/keystone: Makefile
   	pkgsrc/emulators/libretro-dolphin: Makefile
   	pkgsrc/emulators/mame: Makefile
   	pkgsrc/emulators/openmsx: Makefile
   	pkgsrc/emulators/qemu: Makefile
   	pkgsrc/emulators/simulavr: Makefile
   	pkgsrc/emulators/snes9x-gtk: Makefile
   	pkgsrc/emulators/unicorn: Makefile
   	pkgsrc/filesystems/fuse-gmailfs: Makefile
   	pkgsrc/filesystems/fuse-pcachefs: Makefile
   	pkgsrc/filesystems/fuse-wikipediafs: Makefile
   	pkgsrc/filesystems/glusterfs: Makefile
   	pkgsrc/filesystems/tahoe-lafs: Makefile
   	pkgsrc/finance/gnucash: Makefile
   	pkgsrc/finance/ledger: Makefile
   	pkgsrc/finance/moneyguru: Makefile
   	pkgsrc/fonts/fontforge: Makefile
   	pkgsrc/fonts/mftrace: Makefile
   	pkgsrc/fonts/mkfontalias: Makefile
   	pkgsrc/games/4stAttack: Makefile
   	pkgsrc/games/accelerator3d: Makefile
   	pkgsrc/games/blindmine: Makefile
   	pkgsrc/games/crossfire-server: Makefile
   	pkgsrc/games/duckmaze: Makefile
   	pkgsrc/games/flare-engine: Makefile
   	pkgsrc/games/flare-game: Makefile
   	pkgsrc/games/gcompris: Makefile
   	pkgsrc/games/gnome-games: Makefile
   	pkgsrc/games/jools: Makefile
   	pkgsrc/games/kajongg: Makefile
   	pkgsrc/games/kye: Makefile
   	pkgsrc/games/monsterz: Makefile
   	pkgsrc/games/pysolfc: Makefile
   	pkgsrc/games/pytraffic: Makefile
   	pkgsrc/games/quakeforge: Makefile
   	pkgsrc/games/scid: Makefile
   	pkgsrc/games/singularity: Makefile
   	pkgsrc/games/stegavorto: Makefile
   	pkgsrc/games/teeworlds: Makefile
   	pkgsrc/games/wesnoth: Makefile
   	pkgsrc/geography/gpsd: Makefile
   	pkgsrc/geography/proj-swig: Makefile
   	pkgsrc/geography/qgis: Makefile
   	pkgsrc/graphics/MesaLib: Makefile
   	pkgsrc/graphics/MesaLib18: Makefile
   	pkgsrc/graphics/MesaLib7: Makefile
   	pkgsrc/graphics/aqsis: Makefile
   	pkgsrc/graphics/asymptote: Makefile
   	pkgsrc/graphics/blender: Makefile
   	pkgsrc/graphics/cinepaint: Makefile
   	pkgsrc/graphics/comix: Makefile
   	pkgsrc/graphics/dia-python: Makefile
   	pkgsrc/graphics/edje: Makefile
   	pkgsrc/graphics/eog: Makefile
   	pkgsrc/graphics/gif2png: Makefile
   	pkgsrc/graphics/graphite2: Makefile
   	pkgsrc/graphics/hugin: Makefile
   	pkgsrc/graphics/inkscape: Makefile
   	pkgsrc/graphics/jbig2dec: Makefile
   	pkgsrc/graphics/kiconthemes: Makefile
   	pkgsrc/graphics/krita: Makefile
   	pkgsrc/graphics/lensfun: Makefile
   	pkgsrc/graphics/libepoxy: Makefile
   	pkgsrc/graphics/libscigraphica: Makefile
   	pkgsrc/graphics/mate-backgrounds: Makefile
   	pkgsrc/graphics/mate-icon-theme: Makefile
   	pkgsrc/graphics/mate-icon-theme-faenza: Makefile
   	pkgsrc/graphics/mate-themes: Makefile
   	pkgsrc/graphics/mypaint: Makefile
   	pkgsrc/graphics/opencv: Makefile
   	pkgsrc/graphics/opencv-contrib-face: Makefile
   	pkgsrc/graphics/opencv2: Makefile
   	pkgsrc/graphics/scidavis: Makefile
   	pkgsrc/graphics/scigraphica: Makefile
   	pkgsrc/graphics/skencil: Makefile
   	pkgsrc/graphics/veusz: Makefile
   	pkgsrc/graphics/xdot: Makefile
   	pkgsrc/ham/chirp: Makefile
   	pkgsrc/ham/cwtext: Makefile
   	pkgsrc/ham/gr-fcdproplus: Makefile
   	pkgsrc/ham/gr-osmosdr: Makefile
   	pkgsrc/ham/hackrf: Makefile
   	pkgsrc/ham/uhd: Makefile
   	pkgsrc/inputmethod/ibus: Makefile
   	pkgsrc/inputmethod/ibus-anthy: Makefile
   	pkgsrc/inputmethod/ibus-array: Makefile
   	pkgsrc/inputmethod/ibus-hangul: Makefile
   	pkgsrc/inputmethod/ibus-libpinyin: Makefile
   	pkgsrc/inputmethod/ibus-pinyin: Makefile
   	pkgsrc/inputmethod/ibus-table: Makefile
   	pkgsrc/inputmethod/ibus-table-others: Makefile
   	pkgsrc/inputmethod/ibus-tegaki: Makefile
   	pkgsrc/inputmethod/tegaki-pygtk: Makefile
   	pkgsrc/inputmethod/tegaki-python: Makefile
   	pkgsrc/inputmethod/tegaki-recognize: Makefile
   	pkgsrc/inputmethod/tegaki-tools: Makefile
   	pkgsrc/inputmethod/tegaki-train: Makefile
   	pkgsrc/inputmethod/tegaki-wagomu: Makefile
   	pkgsrc/lang/clang: Makefile
   	pkgsrc/lang/clang-static-analyzer: Makefile
   	pkgsrc/lang/clang-tools-extra: Makefile
   	pkgsrc/lang/compiler-rt: Makefile
   	pkgsrc/lang/coq: Makefile
   	pkgsrc/lang/coreclr: Makefile
   	pkgsrc/lang/gcc8: Makefile
   	pkgsrc/lang/libLLVM: Makefile
   	pkgsrc/lang/libLLVM34: Makefile
   	pkgsrc/lang/libLLVM4: Makefile
   	pkgsrc/lang/likepython: Makefile
   	pkgsrc/lang/llvm: Makefile
   	pkgsrc/lang/micropython: Makefile
   	pkgsrc/lang/mono: Makefile
   	pkgsrc/lang/mono2: Makefile
   	pkgsrc/lang/npm: Makefile
   	pkgsrc/lang/nuitka: Makefile
   	pkgsrc/lang/pfe: Makefile
   	pkgsrc/lang/rust: Makefile
   	pkgsrc/lang/spidermonkey185: Makefile
   	pkgsrc/lang/spidermonkey52: Makefile
   	pkgsrc/mail/archivemail: Makefile
   	pkgsrc/mail/evolution-data-server: Makefile
   	pkgsrc/mail/fetchmailconf: Makefile
   	pkgsrc/mail/getmail: Makefile
   	pkgsrc/mail/mailman: Makefile
   	pkgsrc/mail/newspipe: Makefile
   	pkgsrc/mail/notmuch: Makefile
   	pkgsrc/mail/offlineimap: Makefile
   	pkgsrc/mail/pymsgauth: Makefile
   	pkgsrc/mail/queue-repair: Makefile
   	pkgsrc/mail/roundcube-plugin-enigma: Makefile
   	pkgsrc/mail/roundcube-plugin-password: Makefile
   	pkgsrc/mail/roundcube-plugin-zipdownload: Makefile
   	pkgsrc/mail/rss2email: Makefile
   	pkgsrc/mail/tmda: Makefile
   	pkgsrc/math/cantor: Makefile
   	pkgsrc/math/crfsuite: Makefile
   	pkgsrc/math/djbsort: Makefile
   	pkgsrc/math/gnumeric112: Makefile
   	pkgsrc/math/libshorttext: Makefile
   	pkgsrc/math/libsvm: Makefile
   	pkgsrc/math/maxima: Makefile
   	pkgsrc/math/sundials: Makefile
   	pkgsrc/math/units: Makefile
   	pkgsrc/math/z3: Makefile
   	pkgsrc/meta-pkgs/boost: Makefile
   	pkgsrc/meta-pkgs/bulk-large: Makefile
   	pkgsrc/meta-pkgs/bulk-medium: Makefile
   	pkgsrc/meta-pkgs/bulk-small: Makefile
   	pkgsrc/meta-pkgs/gnome: Makefile
   	pkgsrc/meta-pkgs/py-gnome-bindings: Makefile
   	pkgsrc/meta-pkgs/qmail-server: Makefile
   	pkgsrc/misc/byobu: Makefile
   	pkgsrc/misc/calibre: Makefile
   	pkgsrc/misc/deskbar-applet: Makefile
   	pkgsrc/misc/gaupol: Makefile
   	pkgsrc/misc/khard: Makefile
   	pkgsrc/misc/kig: Makefile
   	pkgsrc/misc/kunitconversion: Makefile
   	pkgsrc/misc/labelnation: Makefile
   	pkgsrc/misc/libkkc-data: Makefile
   	pkgsrc/misc/libmateweather: Makefile
   	pkgsrc/misc/libreoffice: Makefile
   	pkgsrc/misc/mate-calc: Makefile
   	pkgsrc/misc/mate-utils: Makefile
   	pkgsrc/misc/mnemosyne: Makefile
   	pkgsrc/misc/mtail: Makefile
   	pkgsrc/misc/orca: Makefile
   	pkgsrc/misc/rlwrap: Makefile
   	pkgsrc/misc/routeplanner-cli: Makefile
   	pkgsrc/misc/rox-memo: Makefile
   	pkgsrc/misc/superkaramba: Makefile
   	pkgsrc/misc/tellico: Makefile
   	pkgsrc/misc/todoman: Makefile
   	pkgsrc/multimedia/farsight2: Makefile
   	pkgsrc/multimedia/kodi: Makefile
   	pkgsrc/multimedia/mate-media: Makefile
   	pkgsrc/multimedia/mpv: Makefile
   	pkgsrc/multimedia/pitivi: Makefile
   	pkgsrc/multimedia/streamlink: Makefile
   	pkgsrc/net/Radicale: Makefile
   	pkgsrc/net/Radicale2: Makefile
   	pkgsrc/net/bittornado: Makefile
   	pkgsrc/net/bittornado-gui: Makefile
   	pkgsrc/net/bittorrent: Makefile
   	pkgsrc/net/bittorrent-gui: Makefile
   	pkgsrc/net/calypso: Makefile
   	pkgsrc/net/coda: Makefile
   	pkgsrc/net/coherence: Makefile
   	pkgsrc/net/coursera-dl: Makefile
   	pkgsrc/net/exabgp: Makefile
   	pkgsrc/net/flow-tools: Makefile
   	pkgsrc/net/freeradius-python: Makefile
   	pkgsrc/net/gallery-dl: Makefile
   	pkgsrc/net/gitso: Makefile
   	pkgsrc/net/glib-networking: Makefile
   	pkgsrc/net/gupnp: Makefile
   	pkgsrc/net/httpstat: Makefile
   	pkgsrc/net/ipcheck: Makefile
   	pkgsrc/net/knot: Makefile
   	pkgsrc/net/mate-user-share: Makefile
   	pkgsrc/net/mimms: Makefile
   	pkgsrc/net/mitmproxy: Makefile
   	pkgsrc/net/nagstamon: Makefile
   	pkgsrc/net/ndiff: Makefile
   	pkgsrc/net/netatalk3: Makefile
   	pkgsrc/net/netatalk30: Makefile
   	pkgsrc/net/nicotine: Makefile
   	pkgsrc/net/nicovideo-dl: Makefile
   	pkgsrc/net/ntop: Makefile
   	pkgsrc/net/nyx: Makefile
   	pkgsrc/net/omniORB: Makefile
   	pkgsrc/net/onionbalance: Makefile
   	pkgsrc/net/openconnect: Makefile
   	pkgsrc/net/pygopherd: Makefile
   	pkgsrc/net/rabbitmq: Makefile
   	pkgsrc/net/ruby-recog: Makefile
   	pkgsrc/net/samba4: Makefile
   	pkgsrc/net/scapy: Makefile
   	pkgsrc/net/speedtest-cli: Makefile
   	pkgsrc/net/syncthing-gtk: Makefile
   	pkgsrc/net/upnpinspector: Makefile
   	pkgsrc/net/wireshark: Makefile
   	pkgsrc/net/youtube-dl: Makefile
   	pkgsrc/net/zenmap: Makefile
   	pkgsrc/news/hellanzb: Makefile
   	pkgsrc/news/lottanzb: Makefile
   	pkgsrc/parallel/ganglia-monitor-core: Makefile
   	pkgsrc/parallel/slurm-wlm: Makefile
   	pkgsrc/pkgtools/gnome-packagekit: Makefile
   	pkgsrc/pkgtools/packagekit: Makefile
   	pkgsrc/print/atril: Makefile
   	pkgsrc/print/bg5pdf: Makefile
   	pkgsrc/print/bg5ps: Makefile
   	pkgsrc/print/electrix: Makefile
   	pkgsrc/print/hplip: Makefile
   	pkgsrc/print/lilypond: Makefile
   	pkgsrc/print/pdf-redact-tools: Makefile
   	pkgsrc/print/pdfshuffler: Makefile
   	pkgsrc/print/poppler-glib: Makefile
   	pkgsrc/print/scribus-qt4: Makefile
   	pkgsrc/print/tex-changes: Makefile
   	pkgsrc/print/tex-minted: Makefile
   	pkgsrc/security/PACK: Makefile
   	pkgsrc/security/botan: Makefile
   	pkgsrc/security/botan-devel: Makefile
   	pkgsrc/security/fail2ban: Makefile
   	pkgsrc/security/flawfinder: Makefile
   	pkgsrc/security/fsh: Makefile
   	pkgsrc/security/hitch: Makefile
   	pkgsrc/security/kwallet: Makefile
   	pkgsrc/security/libprelude-python: Makefile
   	pkgsrc/security/libpreludedb-python: Makefile
   	pkgsrc/security/mate-polkit: Makefile
   	pkgsrc/security/mbedtls: Makefile
   	pkgsrc/security/mixminion: Makefile
   	pkgsrc/security/pcsc-lite: Makefile
   	pkgsrc/security/prelude-correlator: Makefile
   	pkgsrc/security/pyca: Makefile
   	pkgsrc/security/sqlmap: Makefile
   	pkgsrc/security/sshfp: Makefile
   	pkgsrc/security/volatility: Makefile
   	pkgsrc/shells/autojump: Makefile
   	pkgsrc/shells/fish: Makefile
   	pkgsrc/shells/lshell: Makefile
   	pkgsrc/shells/xonsh: Makefile
   	pkgsrc/sysutils/ansible2: Makefile
   	pkgsrc/sysutils/binwalk: Makefile
   	pkgsrc/sysutils/bup: Makefile
   	pkgsrc/sysutils/caja: Makefile
   	pkgsrc/sysutils/caja-dropbox: Makefile
   	pkgsrc/sysutils/caja-extensions: Makefile
   	pkgsrc/sysutils/cuisine: Makefile
   	pkgsrc/sysutils/dbus-python-common: Makefile
   	pkgsrc/sysutils/dupeguru: Makefile
   	pkgsrc/sysutils/duplicity: Makefile
   	pkgsrc/sysutils/fabric: Makefile
   	pkgsrc/sysutils/gnome-commander: Makefile
   	pkgsrc/sysutils/htop: Makefile
   	pkgsrc/sysutils/kfilemetadata5: Makefile
   	pkgsrc/sysutils/libvirt: Makefile
   	pkgsrc/sysutils/lnav: Makefile
   	pkgsrc/sysutils/logfinder: Makefile
   	pkgsrc/sysutils/manifold: Makefile
   	pkgsrc/sysutils/mate-notification-daemon: Makefile
   	pkgsrc/sysutils/mate-power-manager: Makefile
   	pkgsrc/sysutils/mate-sensors-applet: Makefile
   	pkgsrc/sysutils/monitoring: Makefile
   	pkgsrc/sysutils/munin-doc: Makefile
   	pkgsrc/sysutils/munin-node: Makefile
   	pkgsrc/sysutils/openstack_init: Makefile
   	pkgsrc/sysutils/openxenmanager: Makefile
   	pkgsrc/sysutils/ovmf: Makefile
   	pkgsrc/sysutils/polysh: Makefile
   	pkgsrc/sysutils/rdiff-backup: Makefile
   	pkgsrc/sysutils/rsyslog: Makefile
   	pkgsrc/sysutils/rsyslog-dbi: Makefile
   	pkgsrc/sysutils/rsyslog-elasticsearch: Makefile
   	pkgsrc/sysutils/rsyslog-gnutls: Makefile
   	pkgsrc/sysutils/rsyslog-gssapi: Makefile
   	pkgsrc/sysutils/rsyslog-kafka: Makefile
   	pkgsrc/sysutils/rsyslog-libgcrypt: Makefile
   	pkgsrc/sysutils/rsyslog-mysql: Makefile
   	pkgsrc/sysutils/rsyslog-omprog: Makefile
   	pkgsrc/sysutils/rsyslog-pgsql: Makefile
   	pkgsrc/sysutils/rsyslog-rabbitmq: Makefile
   	pkgsrc/sysutils/rsyslog-relp: Makefile
   	pkgsrc/sysutils/rsyslog-snmp: Makefile
   	pkgsrc/sysutils/salt: Makefile
   	pkgsrc/sysutils/salt-docs: Makefile
   	pkgsrc/sysutils/tdir: Makefile
   	pkgsrc/sysutils/virt-manager: Makefile
   	pkgsrc/sysutils/virtinst: Makefile
   	pkgsrc/sysutils/vxargs: Makefile
   	pkgsrc/sysutils/xenkernel411: Makefile
   	pkgsrc/sysutils/xenkernel42: Makefile
   	pkgsrc/sysutils/xenkernel45: Makefile
   	pkgsrc/sysutils/xenkernel46: Makefile
   	pkgsrc/sysutils/xenkernel48: Makefile
   	pkgsrc/sysutils/xenstoretools: Makefile
   	pkgsrc/sysutils/xentools411: Makefile
   	pkgsrc/sysutils/xentools42: Makefile
   	pkgsrc/sysutils/xentools45: Makefile
   	pkgsrc/sysutils/xentools46: Makefile
   	pkgsrc/sysutils/xentools48: Makefile
   	pkgsrc/textproc/asciidoc: Makefile
   	pkgsrc/textproc/cmark: Makefile
   	pkgsrc/textproc/coccigrep: Makefile
   	pkgsrc/textproc/csvkit: Makefile
   	pkgsrc/textproc/csvtomd: Makefile
   	pkgsrc/textproc/dblatex: Makefile
   	pkgsrc/textproc/doclifter: Makefile
   	pkgsrc/textproc/gnome-doc-utils: Makefile
   	pkgsrc/textproc/gtk-doc: Makefile
   	pkgsrc/textproc/icu: Makefile
   	pkgsrc/textproc/iso-codes: Makefile
   	pkgsrc/textproc/ispell-lt: Makefile
   	pkgsrc/textproc/itstool: Makefile
   	pkgsrc/textproc/kapidox: Makefile
   	pkgsrc/textproc/libplist: Makefile
   	pkgsrc/textproc/libxlsxwriter: Makefile
   	pkgsrc/textproc/queequeg: Makefile
   	pkgsrc/textproc/rubber: Makefile
   	pkgsrc/textproc/serd: Makefile
   	pkgsrc/textproc/sord: Makefile
   	pkgsrc/textproc/subliminal: Makefile
   	pkgsrc/textproc/translate-toolkit: Makefile
   	pkgsrc/textproc/xmlada: Makefile
   	pkgsrc/textproc/xxdiff-scripts: Makefile
   	pkgsrc/textproc/yelp-tools: Makefile
   	pkgsrc/textproc/yelp-xsl: Makefile
   	pkgsrc/textproc/yodl: Makefile
   	pkgsrc/time/etm: Makefile
   	pkgsrc/time/hamster-applet: Makefile
   	pkgsrc/time/khal: Makefile
   	pkgsrc/time/ntpsec: Makefile
   	pkgsrc/time/wxRemind: Makefile
   	pkgsrc/wm/bmpanel2: Makefile
   	pkgsrc/wm/ccsm: Makefile
   	pkgsrc/wm/marco: Makefile
   	pkgsrc/wm/mate-netbook: Makefile
   	pkgsrc/wm/openbox: Makefile
   	pkgsrc/wm/oroborox: Makefile
   	pkgsrc/www/aws: Makefile
   	pkgsrc/www/bluefish: Makefile
   	pkgsrc/www/browser-bookmarks-menu: Makefile
   	pkgsrc/www/cherokee: Makefile
   	pkgsrc/www/clearsilver: Makefile
   	pkgsrc/www/cliqz: Makefile
   	pkgsrc/www/cppcms: Makefile
   	pkgsrc/www/ies4linux: Makefile
   	pkgsrc/www/ikiwiki: Makefile
   	pkgsrc/www/libpsl: Makefile
   	pkgsrc/www/loggerhead: Makefile
   	pkgsrc/www/nghttp2: Makefile
   	pkgsrc/www/php-concrete5: Makefile
   	pkgsrc/www/php-nextcloud: Makefile
   	pkgsrc/www/php-owncloud: Makefile
   	pkgsrc/www/py-flask-restplus: Makefile
   	pkgsrc/www/ruby-pygments.rb: Makefile
   	pkgsrc/www/trac: Makefile
   	pkgsrc/www/trafficserver: Makefile
   	pkgsrc/www/urlgrabber: Makefile
   	pkgsrc/www/varnish: Makefile
   	pkgsrc/www/viewvc: Makefile
   	pkgsrc/www/webkit-gtk: Makefile
   	pkgsrc/www/zopeedit: Makefile
   	pkgsrc/x11/alacarte: Makefile
   	pkgsrc/x11/arandr: Makefile
   	pkgsrc/x11/avant-window-navigator: Makefile
   	pkgsrc/x11/caribou: Makefile
   	pkgsrc/x11/driconf: Makefile
   	pkgsrc/x11/gnome-applets: Makefile
   	pkgsrc/x11/gnome-desktop: Makefile
   	pkgsrc/x11/gnome-mag: Makefile
   	pkgsrc/x11/gnome-terminal: Makefile
   	pkgsrc/x11/gtk2: Makefile
   	pkgsrc/x11/gtkada: Makefile
   	pkgsrc/x11/kconfigwidgets: Makefile
   	pkgsrc/x11/kde-runtime4: Makefile
   	pkgsrc/x11/kde-workspace4: Makefile
   	pkgsrc/x11/kde4-l10n-sr: Makefile
   	pkgsrc/x11/kitty: Makefile
   	pkgsrc/x11/ktextwidgets: Makefile
   	pkgsrc/x11/kxmlgui: Makefile
   	pkgsrc/x11/libdesktop-agnostic: Makefile
   	pkgsrc/x11/libmatekbd: Makefile
   	pkgsrc/x11/libxcb: Makefile
   	pkgsrc/x11/mate-applets: Makefile
   	pkgsrc/x11/mate-control-center: Makefile
   	pkgsrc/x11/mate-desktop: Makefile
   	pkgsrc/x11/mate-indicator-applet: Makefile
   	pkgsrc/x11/mate-menus: Makefile
   	pkgsrc/x11/mate-panel: Makefile
   	pkgsrc/x11/mate-screensaver: Makefile
   	pkgsrc/x11/mate-session-manager: Makefile
   	pkgsrc/x11/mate-settings-daemon: Makefile
   	pkgsrc/x11/mate-terminal: Makefile
   	pkgsrc/x11/mozo: Makefile
   	pkgsrc/x11/qt5-qtdeclarative: Makefile
   	pkgsrc/x11/qt5-qtwebkit: Makefile
   	pkgsrc/x11/rox-session: Makefile
   	pkgsrc/x11/rox-wallpaper: Makefile
   	pkgsrc/x11/xcb-proto: Makefile

   Log Message:
   PKGREVISION bump for anything using python without a PYPKGPREFIX.

   This is a semi-manual PKGREVISION bump.


   To generate a diff of this commit:
   cvs rdiff -u -r1.65 -r1.66 pkgsrc/net/samba4/Makefile

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	adam
   Date:		Wed May 15 09:07:21 UTC 2019

   Modified Files:
   	pkgsrc/net/samba4: Makefile distinfo

   Log Message:
   samba4: updated to 4.10.3

   Samba 4.10.3, 4.9.8 and 4.8.12 Security Releases Available
   These are security releases in order to address CVE-2018-16860 (Samba AD DC S4U2Self/S4U2Proxy unkeyed checksum).


   To generate a diff of this commit:
   cvs rdiff -u -r1.66 -r1.67 pkgsrc/net/samba4/Makefile
   cvs rdiff -u -r1.27 -r1.28 pkgsrc/net/samba4/distinfo

Revision 1.69 / (download) - annotate - [select for diffs], Tue May 28 13:35:54 2019 UTC (3 years, 6 months ago) by jperkin
Branch: MAIN
Changes since 1.68: +1 -5 lines
Diff to previous 1.68 (colored)

*: Remove per-package MESSAGE.{rcd,smf} handling.

This is now centralised in mk/pkgformat so no need to do it manually.

Revision 1.68 / (download) - annotate - [select for diffs], Wed May 22 19:57:12 2019 UTC (3 years, 6 months ago) by adam
Branch: MAIN
Changes since 1.67: +2 -2 lines
Diff to previous 1.67 (colored)

samba4: updated to 4.10.4

Changes since 4.10.3:
* BUG 13938: s3: SMB1: Don't allow recvfile on stream fsp's.
* BUG 13882: py/provision: Fix for Python 2.6.
* BUG 13873: netcmd: Fix 'passwordsettings --max-pwd-age' command.
* BUG 13938: s3:smbd: Don't use recvfile on streams.
* BUG 13861: s3-libnet_join: 'net ads join' to child domain fails when using
  "-U admin@forestroot".
* BUG 13896: vfs_ceph: Explicitly enable libcephfs POSIX ACL support.
* BUG 13940: vfs_ceph: Fix cephwrap_flistxattr() debug message.
* BUG 13895: ctdb-common: Avoid race between fd and signal events.
* BUG 13943: ctdb-common: Fix memory leak in run_proc.
* BUG 13892: lib: Initialize getline() arguments.
* BUG 13903: winbind: Fix overlapping id ranges.
* BUG 13902: lib util debug: Increase format buffer to 4KiB.
* BUG 13927: nsswitch pam_winbind: Fix Asan use after free.
* BUG 13929: s4 lib socket: Ensure address string owned by parent struct.
* BUG 13936: s3 rpc_client: Fix Asan stack use after scope.
* BUG 10097: s3:smbd: Handle IO_REPARSE_TAG_DFS in
  SMB_FIND_FILE_FULL_DIRECTORY_INFO.
* BUG 10344: smb2_tcon: Avoid STATUS_PENDING completely on tdis.
* BUG 12845: smb2_sesssetup: avoid STATUS_PENDING responses for session
  setup.
* BUG 13698: smb2_tcon: Avoid STATUS_PENDING completely on tdis.
* BUG 13796: smb2_sesssetup: avoid STATUS_PENDING responses for session
  setup.
* BUG 13843: dbcheck: Fix the err_empty_attribute() check.
* BUG 13858: vfs_snapper: Drop unneeded fstat handler.
* BUG 13862: vfs_default: Fix vfswrap_offload_write_send()
  NT_STATUS_INVALID_VIEW_SIZE check.
* BUG 13863: smb2_server: Grant all 8192 credits to clients.
* BUG 13919: smbd: Implement SMB_FILE_NORMALIZED_NAME_INFORMATION handling.
* BUG 13872: s3/vfs_glusterfs: Dynamically determine NAME_MAX.
* BUG 13918: s3: modules: ceph: Use current working directory instead of
  share path.
* BUG 13831: winbind: Use domain name from lsa query for sid_to_name cache
  entry.
* BUG 13865: memcache: Increase size of default memcache to 512k.
* BUG 13857: docs: Update smbclient manpage for "--max-protocol".
* BUG 13861: 'net ads join' to child domain fails when using
  "-U admin@forestroot".
* BUG 13937: s3:utils: If share is NULL in smbcacls, don't print it.
* BUG 13939: s3:smbspool: Fix regression printing with Kerberos credentials.
* BUG 13860: ctdb-scripts: CTDB restarts failed NFS RPC services by hand,
  which is incompatible with systemd.
* BUG 13888: ctdb-daemon: Revert "We can not assume that just because we
  could complete a TCP handshake".
* BUG 13930: ctdb-daemon: Never use 0 as a client ID.
* BUG 13943: ctdb-common: Fix memory leak.
* BUG 13904: s3:debug: Enable logging for early startup failures.

Revision 1.67 / (download) - annotate - [select for diffs], Wed May 15 09:07:21 2019 UTC (3 years, 6 months ago) by adam
Branch: MAIN
Changes since 1.66: +2 -3 lines
Diff to previous 1.66 (colored)

samba4: updated to 4.10.3

Samba 4.10.3, 4.9.8 and 4.8.12 Security Releases Available
These are security releases in order to address CVE-2018-16860 (Samba AD DC S4U2Self/S4U2Proxy unkeyed checksum).

Revision 1.66 / (download) - annotate - [select for diffs], Thu Apr 25 07:33:12 2019 UTC (3 years, 7 months ago) by maya
Branch: MAIN
Changes since 1.65: +2 -1 lines
Diff to previous 1.65 (colored)

PKGREVISION bump for anything using python without a PYPKGPREFIX.

This is a semi-manual PKGREVISION bump.

Revision 1.63.2.1 / (download) - annotate - [select for diffs], Wed Apr 10 10:27:05 2019 UTC (3 years, 7 months ago) by bsiegert
Branch: pkgsrc-2019Q1
Changes since 1.63: +2 -2 lines
Diff to previous 1.63 (colored)

Pullup ticket #5933 - requested by taca
net/samba4: security fix

Revisions pulled up:
- net/samba4/Makefile                                           1.64-1.65
- net/samba4/PLIST                                              1.22
- net/samba4/distinfo                                           1.26-1.27

---
   Module Name:	pkgsrc
   Committed By:	adam
   Date:		Wed Apr  3 14:23:06 UTC 2019

   Modified Files:
   	pkgsrc/net/samba4: Makefile distinfo

   Log Message:
   samba4: updated to 4.10.1

   Changes since 4.10.0:
   * BUG 13837: py/kcc_utils: py2.6 compatibility.
   * BUG 13869: libcli: permit larger values of DataLength in
     SMB2_ENCRYPTION_CAPABILITIES of negotiate response.
   * BUG 13840: regfio: Improve handling of malformed registry hive files.
   * BUG 13789: ctdb-version: Simplify version string usage.
   * BUG 13859: lib: Make fd_load work for non-regular files.
   * BUG 13816: dbcheck in the middle of the tombstone garbage collection causes
     replication failures, dbcheck: add --selftest-check-expired-tombstones
     cmdline option.
   * BUG 13818: ndr_spoolss_buf: Fix out of scope use of stack variable in
     NDR_SPOOLSS_PUSH_ENUM_OUT().
   * BUG 13854: s4/messaging: Fix undefined reference in linking
     libMESSAGING-samba4.so.
   * BUG 13836: acl_read: Fix regression for empty lists.
   * BUG 13841: s4:dlz make b9_has_soa check dc=@ node.
   * BUG 13832: s3:client: Fix printing via smbspool backend with kerberos auth.
   * BUG 13847: s4:librpc: Fix installation of Samba.
   * BUG 13848: s3:lib: Fix the debug message for adding cache entries.
   * BUG 13793: s3:utils: Add 'smbstatus -L --resolve-uids' to show username.
   * BUG 13848: s3:lib: Fix the debug message for adding cache entries.
   * BUG 13853: s3:waf: Fix the detection of makdev() macro on Linux.
   * BUG 13789: ctdb-build: Drop creation of .distversion in tarball.
   * BUG 13838: ctdb-packaging: Test package requires tcpdump, ctdb package
     should not own system library directory.

---
   Module Name:	pkgsrc
   Committed By:	adam
   Date:		Mon Apr  8 18:35:59 UTC 2019

   Modified Files:
   	pkgsrc/net/samba4: Makefile PLIST distinfo

   Log Message:
   samba4: updated to 4.10.2

   Release Notes for Samba 4.10.2

   This is a security release in order to address the following defects:
   o  CVE-2019-3870 (World writable files in Samba AD DC private/ dir)
   o  CVE-2019-3880 (Save registry file outside share as unprivileged user)

   Details

   o  CVE-2019-3870:
      During the provision of a new Active Directory DC, some files in the private/
      directory are created world-writable.

   o  CVE-2019-3880:
      Authenticated users with write permission can trigger a symlink traversal to
      write or detect files outside the Samba share.

   For more details and workarounds, please refer to the security advisories.

   Changes since 4.10.1:
   * BUG 13834: CVE-2019-3870: pysmbd: Ensure a zero umask is set for
     smbd.mkdir().
   * BUG 13851: CVE-2018-14629: rpc: winreg: Remove implementations of
     SaveKey/RestoreKey.

Revision 1.65 / (download) - annotate - [select for diffs], Mon Apr 8 18:35:58 2019 UTC (3 years, 8 months ago) by adam
Branch: MAIN
Changes since 1.64: +2 -2 lines
Diff to previous 1.64 (colored)

samba4: updated to 4.10.2

Release Notes for Samba 4.10.2

This is a security release in order to address the following defects:
o  CVE-2019-3870 (World writable files in Samba AD DC private/ dir)
o  CVE-2019-3880 (Save registry file outside share as unprivileged user)

Details

o  CVE-2019-3870:
   During the provision of a new Active Directory DC, some files in the private/
   directory are created world-writable.

o  CVE-2019-3880:
   Authenticated users with write permission can trigger a symlink traversal to
   write or detect files outside the Samba share.

For more details and workarounds, please refer to the security advisories.

Changes since 4.10.1:
* BUG 13834: CVE-2019-3870: pysmbd: Ensure a zero umask is set for
  smbd.mkdir().
* BUG 13851: CVE-2018-14629: rpc: winreg: Remove implementations of
  SaveKey/RestoreKey.

Revision 1.64 / (download) - annotate - [select for diffs], Wed Apr 3 14:23:06 2019 UTC (3 years, 8 months ago) by adam
Branch: MAIN
Changes since 1.63: +2 -2 lines
Diff to previous 1.63 (colored)

samba4: updated to 4.10.1

Changes since 4.10.0:
* BUG 13837: py/kcc_utils: py2.6 compatibility.
* BUG 13869: libcli: permit larger values of DataLength in
  SMB2_ENCRYPTION_CAPABILITIES of negotiate response.
* BUG 13840: regfio: Improve handling of malformed registry hive files.
* BUG 13789: ctdb-version: Simplify version string usage.
* BUG 13859: lib: Make fd_load work for non-regular files.
* BUG 13816: dbcheck in the middle of the tombstone garbage collection causes
  replication failures, dbcheck: add --selftest-check-expired-tombstones
  cmdline option.
* BUG 13818: ndr_spoolss_buf: Fix out of scope use of stack variable in
  NDR_SPOOLSS_PUSH_ENUM_OUT().
* BUG 13854: s4/messaging: Fix undefined reference in linking
  libMESSAGING-samba4.so.
* BUG 13836: acl_read: Fix regression for empty lists.
* BUG 13841: s4:dlz make b9_has_soa check dc=@ node.
* BUG 13832: s3:client: Fix printing via smbspool backend with kerberos auth.
* BUG 13847: s4:librpc: Fix installation of Samba.
* BUG 13848: s3:lib: Fix the debug message for adding cache entries.
* BUG 13793: s3:utils: Add 'smbstatus -L --resolve-uids' to show username.
* BUG 13848: s3:lib: Fix the debug message for adding cache entries.
* BUG 13853: s3:waf: Fix the detection of makdev() macro on Linux.
* BUG 13789: ctdb-build: Drop creation of .distversion in tarball.
* BUG 13838: ctdb-packaging: Test package requires tcpdump, ctdb package
  should not own system library directory.

Revision 1.63 / (download) - annotate - [select for diffs], Wed Mar 27 06:28:05 2019 UTC (3 years, 8 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2019Q1-base
Branch point for: pkgsrc-2019Q1
Changes since 1.62: +3 -1 lines
Diff to previous 1.62 (colored)

Mark as incomparible with Python 2.7

Revision 1.62 / (download) - annotate - [select for diffs], Wed Mar 20 19:09:10 2019 UTC (3 years, 8 months ago) by adam
Branch: MAIN
Changes since 1.61: +9 -20 lines
Diff to previous 1.61 (colored)

samba4: updated to 4.10.0

Release Notes for Samba 4.10.0

This is the first stable release of the Samba 4.10 release series.
Please read the release notes carefully before upgrading.


NEW FEATURES/CHANGES
====================

GPO Improvements
----------------

A new 'samba-tool gpo backup' command has been added that can export a
set of Group Policy Objects from a domain in a generalised XML format.

A corresponding 'samba-tool gpo restore' command has been added to
rebuild the Group Policy Objects from the XML after generalization.
(The administrator needs to correct the values of XML entities between
the backup and restore to account for the change in domain).

KDC prefork
-----------

The KDC now supports the pre-fork process model and worker processes will be
forked for the KDC when the pre-fork process model is selected for samba.

Prefork 'prefork children'
--------------------------

The default value for this smdb.conf parameter has been increased from 1 to
4.

Netlogon prefork
----------------

DCERPC now supports pre-forked NETLOGON processes. The netlogon processes are
pre-forked when the prefork process model is selected for samba.

Offline domain backups
----------------------

The 'samba-tool domain backup' command has been extended with a new 'offline'
option. This safely creates a backup of the local DC's database directly from
disk. The main benefits of an offline backup are it's quicker, it stores more
database details (for forensic purposes), and the samba process does not have
to be running when the backup is made. Refer to the samba-tool help for more
details on using this command.

Group membership statistics
---------------------------

A new 'samba-tool group stats' command has been added. This provides summary
information about how the users are spread across groups in your domain.
The 'samba-tool group list --verbose' command has also been updated to include
the number of users in each group.

Paged results LDAP control
--------------------------

The behaviour of the paged results control (1.2.840.113556.1.4.319, RFC2696)
has been changed to more closely match Windows servers, to improve memory
usage. Paged results may be used internally (or is requested by the user) by
LDAP libraries or tools that deal with large result sizes, for example, when
listing all the objects in the database.

Previously, results were returned as a snapshot of the database but now,
some changes made to the set of results while paging may be reflected in the
responses. If strict inter-record consistency is required in answers (which is
not possible on Windows with large result sets), consider avoiding the paged
results control or alternatively, it might be possible to enforce restrictions
using the LDAP filter expression.

For further details see https://wiki.samba.org/index.php/Paged_Results

Prefork process restart
-----------------------

The pre-fork process model now restarts failed processes. The delay between
restart attempts is controlled by the "prefork backoff increment" (default = 10)
and "prefork maximum backoff" (default = 120) smbd.conf parameters.  A linear
back off strategy is used with "prefork backoff increment" added to the
delay between restart attempts up until it reaches "prefork maximum backoff".

Using the default sequence the restart delays (in seconds) are:
  0, 10, 20, ..., 120, 120, ...

Standard process model
----------------------

When using the standard process model samba forks a new process to handle ldap
and netlogon connections.  Samba now honours the 'max smbd processes' smb.conf
parameter.  The default value of 0, indicates there is no limit.  The limit
is applied individually to netlogon and ldap.  When the process limit is
exceeded Samba drops new connections immediately.

python3 support
---------------

This is the first release of Samba which has full support for Python 3.
Samba 4.10 still has support for Python 2, however, Python 3 will be used by
default, i.e. 'configure' & 'make' will execute using python3.

To build Samba with python2 you *must* set the 'PYTHON' environment variable
for both the 'configure' and 'make' steps, i.e.
   'PYTHON=python2 ./configure'
   'PYTHON=python2 make'
This will override the python3 default.

Alternatively, it is possible to produce Samba Python bindings for both
Python 2 and Python 3. To do so, specify '--extra-python=/usr/bin/python2'
as part of the 'configure' command. Note that python3 will still be used as
the default in this case.

Note that Samba 4.10 supports Python 3.4 onwards.

Future Python support
---------------------

Samba 4.10 will be the last release that comes with full support for
Python 2. Unfortunately, the Samba Team doesn't have the resources to support
both Python 2 and Python 3 long-term.

Samba 4.11 will not have any runtime support for Python 2. This means if
you use Python 2 bindings it is time to migrate to Python 3 now.

If you are building Samba using the '--disable-python' option (i.e. you're
excluding all the run-time Python support), then this will continue to work
on a system that supports either python2 or python3.

Also note that Samba 4.11 will most likely only support Python 3.6 onwards.

JSON logging
------------

Authentication messages now contain the Windows Event Id "eventId" and logon
type "logonType". The supported event codes and logon types are:
  Event codes:
    4624  Successful logon
    4625  Unsuccessful logon

  Logon Types:
    2  Interactive
    3  Network
    8  NetworkCleartext

The version number for Authentication messages is now 1.1, changed from 1.0

Password change messages now contain the Windows Event Id "eventId", the
supported event Id's are:
  4723 Password changed
  4724 Password reset

The version number for PasswordChange messages is now 1.1, changed from 1.0

Group membership change messages now contain the Windows Event Id "eventId",
the supported event Id's are:
  4728 A member was added to a security enabled global group
  4729 A member was removed from a security enabled global group
  4732 A member was added to a security enabled local group
  4733 A member was removed from a security enabled local group
  4746 A member was added to a security disabled local group
  4747 A member was removed from a security disabled local group
  4751 A member was added to a security disabled global group
  4752 A member was removed from a security disabled global group
  4756 A member was added to a security enabled universal group
  4757 A member was removed from a security enabled universal group
  4761 A member was added to a security disabled universal group
  4762 A member was removed from a security disabled universal group


The version number for GroupChange messages is now 1.1, changed from 1.0. Also
A GroupChange message is generated when a new user is created to log that the
user has been added to their primary group.

The leading "JSON <message type>:" and source file  prefix of the JSON formatted
log entries has been removed to make the parsing of the JSON log messages
easier. JSON log entries now start with 2 spaces followed by an opening brace
i.e. "  {"

SMBv2 samba-tool support
------------------------

On previous releases, some samba-tool commands would not work against a remote
DC that had SMBv1 disabled. SMBv2 support has now been added for samba-tool.
The affected commands are 'samba-tool domain backup|rename' and the
'samba-tool gpo' set of commands.

New glusterfs_fuse VFS module
-----------------------------

The new vfs_glusterfs_fuse module improves performance when Samba
accesses a glusterfs volume mounted via FUSE (Filesystem in Userspace
as part of the Linux kernel). It achieves that by leveraging a
mechanism to retrieve the appropriate case of filenames by querying a
specific extended attribute in the filesystem. No extra configuration
is required to use this module, only glusterfs_fuse needs to be set in
the "vfs objects" parameter. Further details can be found in the
vfs_glusterfs_fuse(8) manpage. This new vfs_glusterfs_fuse module does
not replace the existing vfs_glusterfs module, it just provides an
additional, alternative mechanism to access a Gluster volume.

REMOVED FEATURES
================

MIT Kerberos build of the AD DC
-------------------------------

While not removed, the MIT Kerberos build of the Samba AD DC is still
considered experimental.  Because Samba will not issue security
patches for this configuration, such builds now require the explicit
configure option: --with-experimental-mit-ad-dc

For further details see
https://wiki.samba.org/index.php/Running_a_Samba_AD_DC_with_MIT_Kerberos_KDC

samba_backup
------------

The samba_backup script has been removed. This has now been replaced by the
'samba-tool domain backup offline' command.

SMB client Python bindings
--------------------------

The SMB client python bindings are now deprecated and will be removed in future
Samba releases. This will only affects users that may have used the Samba
Python bindings to write their own utilities, i.e. users with a custom Python
script that includes the line 'from samba import smb'.

Revision 1.61 / (download) - annotate - [select for diffs], Wed Mar 13 18:02:31 2019 UTC (3 years, 8 months ago) by adam
Branch: MAIN
Changes since 1.60: +3 -4 lines
Diff to previous 1.60 (colored)

py-twine: updated to 1.13.0

Twine is a utility for publishing Python packages on PyPI. It provides build
system independent uploads of source and binary distribution artifacts for both
new and existing projects.

Revision 1.60 / (download) - annotate - [select for diffs], Fri Mar 1 20:03:24 2019 UTC (3 years, 9 months ago) by roy
Branch: MAIN
Changes since 1.59: +2 -2 lines
Diff to previous 1.59 (colored)

Add a patch taken from upstream to allow smbd to work when
winbindd has been started but not configured.

Revision 1.59 / (download) - annotate - [select for diffs], Sat Feb 23 21:29:29 2019 UTC (3 years, 9 months ago) by jperkin
Branch: MAIN
Changes since 1.58: +2 -1 lines
Diff to previous 1.58 (colored)

samba4: Needs socket libraries on SunOS.

Revision 1.58 / (download) - annotate - [select for diffs], Thu Jan 3 19:36:45 2019 UTC (3 years, 11 months ago) by adam
Branch: MAIN
Changes since 1.57: +5 -4 lines
Diff to previous 1.57 (colored)

samba4: use external tevent and tdb; bump revision

Revision 1.57 / (download) - annotate - [select for diffs], Sat Dec 22 01:13:52 2018 UTC (3 years, 11 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2018Q4-base, pkgsrc-2018Q4
Changes since 1.56: +40 -23 lines
Diff to previous 1.56 (colored)

samba4: buidling fixes

PkgSrc changes:
* fix building on Darwin and probably other systems as well
* install manpages
* use correct install_name on Darwin
* does not collide with p5-Parse-Yapp anymore
* use cmocka and libgcrypt
* clean-ups

Revision 1.56 / (download) - annotate - [select for diffs], Thu Dec 20 21:18:22 2018 UTC (3 years, 11 months ago) by adam
Branch: MAIN
Changes since 1.55: +13 -17 lines
Diff to previous 1.55 (colored)

samba4: updated to 4.9.4

Release Notes for Samba 4.9.4

Major bug fixes include:
   o dns: Fix CNAME loop prevention using counter regression.

Changes since 4.9.3:
   * BUG 9175: libcli/smb: Don't overwrite status code.
   * BUG 12164: wbinfo --group-info 'NT AUTHORITY\System' does not work.
   * BUG 13661: Session setup reauth fails to sign response.
   * BUG 13677: vfs_fruit: Validation of writes on AFP_AfpInfo stream.
   * BUG 13688: vfs_shadow_copy2: Nicely deal with attempts to open previous
     version for writing.
   * BUG 13455: Restoring previous version of stream with vfs_shadow_copy2 fails
     with NT_STATUS_OBJECT_NAME_INVALID fsp->base_fsp->fsp_name.
   * BUG 13571: CVE-2018-16853: Fix S4U2Self crash with MIT KDC build.
   * BUG 13708: s3-vfs: Prevent NULL pointer dereference in vfs_glusterfs.
   * PEP8: fix E231: missing whitespace after ','.
   * BUG 13629: winbindd: Fix crash when taking profiles.
   * BUG 13600: CVE-2018-14629 dns: Fix CNAME loop prevention using counter
     regression.
   * BUG 13686: 'samba-tool user syscpasswords' fails on a domain with many DCs.
   * BUG 13571: CVE-2018-16853: Do not segfault if client is not set.
   * BUG 13679: lib:util: Fix DEBUGCLASS pointer initializiation.
   * BUG 13696: ctdb-daemon: Exit with error if a database directory does not
     exist.
   * BUG 13498: s3:libads: Add net ads leave keep-account option.

Revision 1.55 / (download) - annotate - [select for diffs], Mon Dec 10 00:14:23 2018 UTC (3 years, 11 months ago) by ryoon
Branch: MAIN
Changes since 1.54: +1 -2 lines
Diff to previous 1.54 (colored)

Remove PLIST.*=no to fix packaging

Revision 1.54 / (download) - annotate - [select for diffs], Sun Dec 9 14:48:03 2018 UTC (3 years, 11 months ago) by ryoon
Branch: MAIN
Changes since 1.53: +12 -2 lines
Diff to previous 1.53 (colored)

FIx build on 32-bit architecture environments.

ldb-lmdb part is not buildable for 32-bit architecture environments.
Tested on NetBSD/i386 8.

Revision 1.53 / (download) - annotate - [select for diffs], Mon Dec 3 13:51:52 2018 UTC (4 years ago) by mlelstv
Branch: MAIN
Changes since 1.52: +3 -2 lines
Diff to previous 1.52 (colored)

Set SMB_PRIVATE directory correctly.
Add two missing libraries to PLIST.

Revision 1.52 / (download) - annotate - [select for diffs], Thu Nov 29 14:46:46 2018 UTC (4 years ago) by taca
Branch: MAIN
Changes since 1.51: +2 -2 lines
Diff to previous 1.51 (colored)

net/samba4: update to 4.9.3

                   =============================
                   Release Notes for Samba 4.9.3
                         November 27, 2018
                   =============================


This is a security release in order to address the following defects:

o  CVE-2018-14629 (Unprivileged adding of CNAME record causing loop in AD
                   Internal DNS server)
o  CVE-2018-16841 (Double-free in Samba AD DC KDC with PKINIT)
o  CVE-2018-16851 (NULL pointer de-reference in Samba AD DC LDAP server)
o  CVE-2018-16852 (NULL pointer de-reference in Samba AD DC DNS servers)
o  CVE-2018-16853 (Samba AD DC S4U2Self crash in experimental MIT Kerberos
                   configuration (unsupported))
o  CVE-2018-16857 (Bad password count in AD DC not always effective)


=======
Details
=======

o  CVE-2018-14629:
   All versions of Samba from 4.0.0 onwards are vulnerable to infinite
   query recursion caused by CNAME loops. Any dns record can be added via
   ldap by an unprivileged user using the ldbadd tool, so this is a
   security issue.

o  CVE-2018-16841:
   When configured to accept smart-card authentication, Samba's KDC will call
   talloc_free() twice on the same memory if the principal in a validly signed
   certificate does not match the principal in the AS-REQ.

   This is only possible after authentication with a trusted certificate.

   talloc is robust against further corruption from a double-free with
   talloc_free() and directly calls abort(), terminating the KDC process.

   There is no further vulnerability associated with this issue, merely a
   denial of service.

o  CVE-2018-16851:
   During the processing of an LDAP search before Samba's AD DC returns
   the LDAP entries to the client, the entries are cached in a single
   memory object with a maximum size of 256MB.  When this size is
   reached, the Samba process providing the LDAP service will follow the
   NULL pointer, terminating the process.

   There is no further vulnerability associated with this issue, merely a
   denial of service.

o  CVE-2018-16852:
   During the processing of an DNS zone in the DNS management DCE/RPC server,
   the internal DNS server or the Samba DLZ plugin for BIND9, if the
   DSPROPERTY_ZONE_MASTER_SERVERS property or DSPROPERTY_ZONE_SCAVENGING_SERVERS
   property is set, the server will follow a NULL pointer and terminate.

   There is no further vulnerability associated with this issue, merely a
   denial of service.

o  CVE-2018-16853:
   A user in a Samba AD domain can crash the KDC when Samba is built in the
   non-default MIT Kerberos configuration.

   With this advisory we clarify that the MIT Kerberos build of the Samba
   AD DC is considered experimental.  Therefore the Samba Team will not
   issue security patches for this configuration.

o  CVE-2018-16857:
   AD DC Configurations watching for bad passwords (to restrict brute forcing
   of passwords) in a window of more than 3 minutes may not watch for bad
   passwords at all.

For more details and workarounds, please refer to the security advisories.

Revision 1.51 / (download) - annotate - [select for diffs], Fri Nov 23 07:30:02 2018 UTC (4 years ago) by ryoon
Branch: MAIN
Changes since 1.50: +5 -3 lines
Diff to previous 1.50 (colored)

Update to 4.9.2

Changelog:
* Many bugfixes
* Update some bundled libraries

Revision 1.50 / (download) - annotate - [select for diffs], Wed Nov 14 22:22:14 2018 UTC (4 years ago) by kleink
Branch: MAIN
Changes since 1.49: +2 -2 lines
Diff to previous 1.49 (colored)

Revbump after cairo 1.16.0 update.

Revision 1.49 / (download) - annotate - [select for diffs], Mon Nov 12 14:40:22 2018 UTC (4 years ago) by jperkin
Branch: MAIN
Changes since 1.48: +3 -1 lines
Diff to previous 1.48 (colored)

*: Add CTF_SUPPORTED/CTF_FILES_SKIP where necessary.

Revision 1.48 / (download) - annotate - [select for diffs], Mon Nov 12 03:52:45 2018 UTC (4 years ago) by ryoon
Branch: MAIN
Changes since 1.47: +2 -2 lines
Diff to previous 1.47 (colored)

Recursive revbump from hardbuzz-2.1.1

Revision 1.47 / (download) - annotate - [select for diffs], Sat Sep 29 14:37:30 2018 UTC (4 years, 2 months ago) by wiedi
Branch: MAIN
CVS Tags: pkgsrc-2018Q3-base, pkgsrc-2018Q3
Changes since 1.46: +4 -2 lines
Diff to previous 1.46 (colored)

samba4: mention correct SMF instances

Revision 1.46 / (download) - annotate - [select for diffs], Wed Aug 22 09:46:07 2018 UTC (4 years, 3 months ago) by wiz
Branch: MAIN
Changes since 1.45: +2 -2 lines
Diff to previous 1.45 (colored)

Recursive bump for perl5-5.28.0

Revision 1.45 / (download) - annotate - [select for diffs], Wed Jul 4 13:40:30 2018 UTC (4 years, 5 months ago) by jperkin
Branch: MAIN
Changes since 1.44: +2 -2 lines
Diff to previous 1.44 (colored)

*: Move SUBST_STAGE from post-patch to pre-configure

Performing substitutions during post-patch breaks tools such as mkpatches,
making it very difficult to regenerate correct patches after making changes,
and often leading to substituted string replacements being committed.

Revision 1.44 / (download) - annotate - [select for diffs], Tue Jul 3 05:03:29 2018 UTC (4 years, 5 months ago) by adam
Branch: MAIN
Changes since 1.43: +2 -2 lines
Diff to previous 1.43 (colored)

extend PYTHON_VERSIONS_ for Python 3.7

Revision 1.43 / (download) - annotate - [select for diffs], Tue Apr 17 22:29:46 2018 UTC (4 years, 7 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2018Q2-base, pkgsrc-2018Q2
Changes since 1.42: +2 -2 lines
Diff to previous 1.42 (colored)

Add p11-kit to gnutls/bl3.mk and bump dependencies.

Revision 1.42 / (download) - annotate - [select for diffs], Mon Apr 16 14:35:03 2018 UTC (4 years, 7 months ago) by wiz
Branch: MAIN
Changes since 1.41: +2 -2 lines
Diff to previous 1.41 (colored)

Recursive bump for new fribidi dependency in pango.

Revision 1.41 / (download) - annotate - [select for diffs], Thu Apr 12 09:05:57 2018 UTC (4 years, 7 months ago) by maya
Branch: MAIN
Changes since 1.40: +2 -1 lines
Diff to previous 1.40 (colored)

samba4: require GCC 4.4

from xalopp in https://github.com/NetBSD/pkgsrc/pull/24
(Doesn't include the PLIST changes, which I'm hesitating about)

Revision 1.40 / (download) - annotate - [select for diffs], Mon Mar 12 11:17:23 2018 UTC (4 years, 8 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2018Q1-base, pkgsrc-2018Q1
Changes since 1.39: +2 -2 lines
Diff to previous 1.39 (colored)

Recursive bumps for fontconfig and libzip dependency changes.

Revision 1.39 / (download) - annotate - [select for diffs], Wed Feb 28 03:38:49 2018 UTC (4 years, 9 months ago) by nonaka
Branch: MAIN
Changes since 1.38: +5 -3 lines
Diff to previous 1.38 (colored)

net/samba4: use devel/talloc package instead of bundled library.

I'd like to install net/samba4 and net/freeradius on the same server.
But devel/talloc on which net/freeradius depends conflicts bundled talloc
library used in net/samba.
net/samba also should use devel/talloc package.

Bump PKGREVISION.

Revision 1.38 / (download) - annotate - [select for diffs], Sun Jan 28 20:11:00 2018 UTC (4 years, 10 months ago) by wiz
Branch: MAIN
Changes since 1.37: +2 -2 lines
Diff to previous 1.37 (colored)

Bump PKGREVISION for gdbm shlib major bump

Revision 1.37 / (download) - annotate - [select for diffs], Thu Nov 23 17:20:07 2017 UTC (5 years ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2017Q4-base, pkgsrc-2017Q4
Changes since 1.36: +2 -2 lines
Diff to previous 1.36 (colored)

recursive bump for libxkbcommon removal from at-spi2-core

Revision 1.36 / (download) - annotate - [select for diffs], Sun Nov 12 16:03:35 2017 UTC (5 years ago) by khorben
Branch: MAIN
Changes since 1.35: +2 -1 lines
Diff to previous 1.35 (colored)

Bump PKGREVISION on packages depending on CUPS

This should be the last part of the renaming operation for print/cups to
print/cups-base.

Rationale: packages depending on CUPS but not relying on a functional
printing setup only need to depend on print/cups-base (equivalent to the
former print/cups). The new print/cups now depends on print/cups-base
and on print/cups-filters, thus directly providing a functional printing
setup. This bump reflects this change of dependency.

As discussed on tech-pkg@

Revision 1.35 / (download) - annotate - [select for diffs], Wed Sep 20 15:14:30 2017 UTC (5 years, 2 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2017Q3-base, pkgsrc-2017Q3
Changes since 1.34: +2 -2 lines
Diff to previous 1.34 (colored)

net/samba4: update to 4.6.8, security fix


                   =============================
                   Release Notes for Samba 4.6.8
                         September 20, 2017
                   =============================


This is a security release in order to address the following defects:

o  CVE-2017-12150 (SMB1/2/3 connections may not require signing where they
   should)
o  CVE-2017-12151 (SMB3 connections don't keep encryption across DFS redirects)
o  CVE-2017-12163 (Server memory information leak over SMB1)


=======
Details
=======

o  CVE-2017-12150:
   A man in the middle attack may hijack client connections.

o  CVE-2017-12151:
   A man in the middle attack can read and may alter confidential
   documents transferred via a client connection, which are reached
   via DFS redirect when the original connection used SMB3.

o  CVE-2017-12163:
   Client with write access to a share can cause server memory contents to be
   written into a file or printer.

For more details and workarounds, please see the security advisories:

   o https://www.samba.org/samba/security/CVE-2017-12150.html
   o https://www.samba.org/samba/security/CVE-2017-12151.html
   o https://www.samba.org/samba/security/CVE-2017-12163.html


Changes since 4.6.7:
--------------------

o  Jeremy Allison <jra@samba.org>
   * BUG 12836: s3: smbd: Fix a read after free if a chained SMB1 call goes
     async.
   * BUG 13020: CVE-2017-12163: s3:smbd: Prevent client short SMB1 write from
     writing server memory to file.

o  Ralph Boehme <slow@samba.org>
   * BUG 12885: s3/smbd: Let non_widelink_open() chdir() to directories
     directly.

o  Stefan Metzmacher <metze@samba.org>
   * BUG 12996: CVE-2017-12151: Keep required encryption across SMB3 dfs
     redirects.
   * BUG 12997: CVE-2017-12150: Some code path don't enforce smb signing
     when they should.

Revision 1.34 / (download) - annotate - [select for diffs], Mon Sep 18 06:41:46 2017 UTC (5 years, 2 months ago) by taca
Branch: MAIN
Changes since 1.33: +3 -4 lines
Diff to previous 1.33 (colored)

net/samba4: update to 4.6.7

4.6.7 (2017/08/09): the latest stable release of the Samba 4.6 release series.

Changes since 4.6.6
---------------------
o  Jeremy Allison <jra@samba.org>
   * BUG 12836: s3: smbd: Fix a read after free if a chained SMB1 call goes async.
o  Andrew Bartlett <abartlet@samba.org>
   * BUG 11392: s4-cldap/netlogon: Match Windows 2012R2 and return
     NETLOGON_NT_VERSION_5 when version unspecified.
o  Ralph Boehme <slow@samba.org>
   * BUG 12885: s3/smbd: Let non_widelink_open() chdir() to directories directly.
   * BUG 12910: s3/notifyd: Ensure notifyd doesn't return from
     smbd_notifyd_init.
o  G√ľnther Deschner <gd@samba.org>
   * BUG 12840: vfs_fruit: Add fruit:model = <modelname> parametric option.
o  David Disseldorp <ddiss@samba.org>
   * BUG 12911: vfs_ceph: Fix cephwrap_chdir().
o  Dustin L. Howett
   * BUG 12720: idmap_ad: Retry query_user exactly once if we get
     TLDAP_SERVER_DOWN.
o  Thomas Jarosch <thomas.jarosch@intra2net.com>
   * BUG 12927: s3: libsmb: Fix use-after-free when accessing pointer *p.
o  Volker Lendecke <vl@samba.org>
   * BUG 12925: smbd: Fix a connection run-down race condition.
o  Stefan Metzmacher <metze@samba.org>
   * BUG 12782: winbindd changes the local password and gets
     NT_STATUS_WRONG_PASSWORD for the remote change.
   * BUG 12890: s3:smbd: consistently use talloc_tos() memory for
     rpc_pipe_open_interface().
o  Noel Power <noel.power@suse.com>
   * BUG 12937: smbcacls: Don't fail against a directory on Windows using SMB2.
o  Arvid Requate <requate@univention.de>
   * BUG 11392: s4-dsdb/netlogon: Allow missing ntver in cldap ping.
o  Garming Sam <garming@catalyst.net.nz>
   * BUG 12813: dnsserver: Stop dns_name_equal doing OOB read.
o  Andreas Schneider <asn@samba.org>
   * BUG 12886: s3:client: The smbspool krb5 wrapper needs negotiate for
     authentication.
o  Martin Schwenke <martin@meltin.net>
   * BUG 12898: ctdb-common: Set close-on-exec when creating PID file.


4.6.6 (2017/07/12): security release in order to address the following defect:

o  CVE-2017-11103 (Orpheus' Lyre mutual authentication validation bypass)

Changes since 4.6.5:
---------------------

o  Jeffrey Altman <jaltman@secure-endpoints.com>
   * BUG 12894: CVE-2017-11103: Orpheus' Lyre KDC-REP service name validation


4.6.5 (2017/06/06): the latest stable release of the Samba 4.6 release series.

Changes since 4.6.4:
---------------------

o  Jeremy Allison <jra@samba.org>
   * BUG 12804: s3: VFS: Catia: Ensure path name is also converted.
o  Christian Ambach <ambi@samba.org>
   * BUG 12765: s3:smbcacls add prompt for password.
o  Ralph Boehme <slow@samba.org>
   * BUG 12562: vfs_acl_xattr|tdb: Ensure create mask is at least 0666 if
     ignore_system_acls is set.
   * BUG 12702: Wrong sid->uid mapping for SIDs residing in sIDHistory.
   * BUG 12749: vfs_fruit: lp_case_sensitive() does not return a bool.
   * BUG 12766: s3/smbd: Update exclusive oplock optimisation to the lease area.
   * BUG 12798: s3/smbd: Fix exclusive lease optimisation.
o  Alexander Bokovoy <ab@samba.org>
   * BUG 12751: Allow passing trusted domain password as plain-text to PASSDB
     layer.
   * BUG 12764: systemd: Fix detection of libsystemd.
o  Amitay Isaacs <amitay@gmail.com>
   * BUG 12697: ctdb-readonly: Avoid a tight loop waiting for revoke to
     complete.
   * BUG 12770: ctdb-logging: Initialize DEBUGLEVEL before changing the value.
o  Shilpa Krishnareddy <skrishnareddy@panzura.com>
   * BUG 12756: notify: Fix ordering of events in notifyd.
o  Volker Lendecke <vl@samba.org>
   * BUG 12757: idmap_rfc2307: Lookup of more than two SIDs fails.
o  Stefan Metzmacher <metze@samba.org>
   * BUG 12767: samba-tool: Let 'samba-tool user syncpasswords' report deletions
     immediately.
o  Doug Nazar <nazard@nazar.ca>
   * BUG 12760: s3: smbd: inotify_map_mask_to_filter incorrectly indexes an
     array.
o  Andreas Schneider <asn@samba.org>
   * BUG 12687: vfs_expand_msdfs tries to open the remote address as a file
     path.
o  Martin Schwenke <martin@meltin.net>
   * BUG 12802: 'ctdb nodestatus' incorrectly displays status for all nodes with
     wrong exit code.
   * BUG 12814: ctdb-common: Fix crash in logging initialisation.

Revision 1.33 / (download) - annotate - [select for diffs], Tue Jun 27 13:37:16 2017 UTC (5 years, 5 months ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2017Q2-base, pkgsrc-2017Q2
Changes since 1.32: +4 -8 lines
Diff to previous 1.32 (colored)

Substitute SYSCONFDIR assumed by the embedded Heimdal code properly.
Fixes calls to e.g. krb5.keytab that were hardcoded to /etc. PKGREVISION++

Revision 1.32 / (download) - annotate - [select for diffs], Thu Jun 1 13:30:26 2017 UTC (5 years, 6 months ago) by jlam
Branch: MAIN
Changes since 1.31: +2 -2 lines
Diff to previous 1.31 (colored)

Use public SHLIB_TYPE instead of private _OPSYS_SHLIB_TYPE.

Revision 1.31 / (download) - annotate - [select for diffs], Mon May 29 00:24:19 2017 UTC (5 years, 6 months ago) by wiedi
Branch: MAIN
Changes since 1.30: +4 -1 lines
Diff to previous 1.30 (colored)

add workaround for https://bugzilla.samba.org/show_bug.cgi?id=12502
fixes build on sunos

Revision 1.27.2.1 / (download) - annotate - [select for diffs], Sat May 27 19:01:15 2017 UTC (5 years, 6 months ago) by bsiegert
Branch: pkgsrc-2017Q1
Changes since 1.27: +7 -10 lines
Diff to previous 1.27 (colored) next main 1.28 (colored)

Pullup ticket #5431 - requested by he
net/samba4: security fix

Revisions pulled up:
- net/samba4/Makefile                                           1.28-1.30
- net/samba4/PLIST                                              1.11-1.12
- net/samba4/distinfo                                           1.12-1.13
- net/samba4/options.mk                                         1.4
- net/samba4/patches/patch-lib_param_loadparm.h                 1.2
- net/samba4/patches/patch-source3_script_tests_test__smbclient__s3.sh 1.3

---
   Module Name:	pkgsrc
   Committed By:	ryoon
   Date:		Sat Apr  8 08:56:27 UTC 2017

   Modified Files:
   	pkgsrc/net/samba4: Makefile PLIST distinfo options.mk
   	pkgsrc/net/samba4/patches: patch-lib_param_loadparm.h
   	    patch-source3_script_tests_test__smbclient__s3.sh

   Log Message:
   Update to 4.6.2

   * Use internal heimdal

   Changelog:
   Changes since 4.6.1:
   --------------------

   o  Jeremy Allison <jra@samba.org>
      * BUG 12721: Fix regression with "follow symlinks = no".

   Changes since 4.6.0:
   --------------------

   o  Jeremy Allison <jra@samba.org>
      * BUG 12496: CVE-2017-2619: Symlink race permits opening files outside share
        directory.

   o  Ralph Boehme <slow@samba.org>
      * BUG 12496: CVE-2017-2619: Symlink race permits opening files outside share
        directory.

   CHANGES SINCE 4.6.0rc4
   ======================

   o  Jeremy Allison <jra@samba.org>
      * BUG 12592: Fix several issues found by covscan.
      * BUG 12608: s3: smbd: Restart reading the incoming SMB2 fd when the send
        queue is drained.

   o  Ralph Boehme <slow@samba.org>
      * BUG 12427: vfs_fruit doesn't work with fruit:metadata=stream.
      * BUG 12526: vfs_fruit: Only veto AppleDouble files if "fruit:resource" is
        set to "file".
      * BUG 12604: vfs_fruit: Enabling AAPL extensions must be a global switch.

   o  Volker Lendecke <vl@samba.org>
      * BUG 12612: Re-enable token groups fallback.

   o  Stefan Metzmacher <metze@samba.org>
      * BUG 9048: Samba4 ldap error codes.
      * BUG 12557: gensec:spnego: Add debug message for the failed principal.
      * BUG 12605: s3:winbindd: Fix endless forest trust scan.
      * BUG 12612: winbindd: Find the domain based on the sid within
        wb_lookupusergroups_send().

   o  Andreas Schneider <asn@samba.org>
      * BUG 12557: s3:librpc: Handle gss_min in gse_get_client_auth_token()
        correctly.
      * BUG 12582: idmap_hash: Add a deprecation message, improve the idmap_hash
        manpage.
      * BUG 12592: Fix several issues found by covscan.

   o  Martin Schwenke <martin@meltin.net>
      * BUG 12592: ctdb-logging: CID 1396883 Dereference null return value
        (NULL_RETURNS).

   CHANGES SINCE 4.6.0rc3
   ======================

   o  Jeremy Allison <jra@samba.org>
      * BUG 12545: s3: rpc_server/mdssvc: Add attribute "kMDItemContentType".
      * BUG 12572: s3: smbd: Don't loop infinitely on bad-symlink resolution.

   o  Ralph Boehme <slow@samba.org>
      * BUG 12490: vfs_fruit: Correct Netatalk metadata xattr on FreeBSD.
      * BUG 12536: s3/smbd: Check for invalid access_mask
        smbd_calculate_access_mask().
      * BUG 12591: vfs_streams_xattr: use fsp, not base_fsp.

   o  Amitay Isaacs <amitay@gmail.com>
      * BUG 12580: ctdb-common: Fix use-after-free error in comm_fd_handler().
      * BUG 12595: build: Fix generation of CTDB manpages while creating tarball.

   o  Bryan Mason <bmason@redhat.com>
      * BUG 12575: Modify smbspool_krb5_wrapper to just fall through to smbspool if
        AUTH_INFO_REQUIRED is not set or is not "negotiate".

   o  Stefan Metzmacher <metze@samba.org>
      * BUG 11830: s3:winbindd: Try a NETLOGON connection with noauth over NCACN_NP
        against trusted domains.
      * BUG 12262: 'net ads testjoin' and smb access fails after winbindd changed the
        trust password.
      * BUG 12585: librpc/rpc: fix regression in
        NT_STATUS_RPC_ENUM_VALUE_OUT_OF_RANGE error mapping.
      * BUG 12586: netlogon_creds_cli_LogonSamLogon doesn't work without
        netr_LogonSamLogonEx.
      * BUG 12587: winbindd child segfaults on connect to an NT4 domain.
      * BUG 12588: s3:winbindd: Make sure cm_prepare_connection() only returns OK
        with a valid tree connect.
      * BUG 12598: winbindd (as member) requires kerberos against trusted ad domain,
        while it shouldn't.
      * BUG 12601: Backport pytalloc_GenericObject_reference() related changes to
        4.6.

   o  Garming Sam <garming@catalyst.net.nz>
      * BUG 12600: dbchecker: Stop ignoring linked cases where both objects are
        alive.

   o  Andreas Schneider <asn@samba.org>
      * BUG 12571: s3-vfs: Only walk the directory once in open_and_sort_dir().

   o  Martin Schwenke <martin@meltin.net>
      * BUG 12589: CTDB statd-callout does not cause grace period when
        CTDB_NFS_CALLOUT="".
      * BUG 12595: ctdb-build: Fix RPM build.

   CHANGES SINCE 4.6.0rc2
   ======================

   o  Jeremy Allison <jra@samba.org>
      * BUG 12499: s3: vfs: dirsort doesn't handle opendir of "." correctly.
      * BUG 12546: s3: VFS: vfs_streams_xattr.c: Make streams_xattr_open() store
        the same path as streams_xattr_recheck().
      * BUG 12531: Make vfs_shadow_copy2 cope with server changing directories.

   o  Andrew Bartlett <abartlet@samba.org>
      * BUG 12543: samba-tool: Correct handling of default value for use_ntvfs and
        use_xattrs.
      * BUG 12573: Samba < 4.7 does not know about compatibleFeatures and
        requiredFeatures.
      * BUG 12577: 'samba-tool dbcheck' gives errors on one-way links after a
        rename.

   o  Ralph Boehme <slow@samba.org>
      * BUG 12184: s3/rpc_server: Shared rpc modules loading.
      * BUG 12520: Ensure global "smb encrypt = off" is effective.
      * BUG 12524: s3/rpc_server: Move rpc_modules.c to its own subsystem.
      * BUG 12541: vfs_fruit: checks wrong AAPL config state and so always uses
        readdirattr.

   o  Volker Lendecke <vl@samba.org>
      * BUG 12551: smbd: Fix "map acl inherit" = yes.

   o  Stefan Metzmacher <metze@samba.org>
      * BUG 12398: Replication with DRSUAPI_DRS_CRITICAL_ONLY and
        DRSUAPI_DRS_GET_ANC results in WERR_DS_DRA_MISSING_PARENT S
      * BUG 12540: s3:smbd: allow "server min protocol = SMB3_00" to go via "SMB
        2.???" negprot.

   o  John Mulligan <jmulligan@nasuni.com>
      * BUG 12542: docs: Improve description of "unix_primary_group" parameter in
        idmap_ad manpage.

   o  Andreas Schneider <asn@samba.org>
      * BUG 12552: waf: Do not install the unit test binary for krb5samba.

   o  Amitay Isaacs <amitay@gmail.com>
      * BUG 12547: ctdb-build: Install CTDB tests correctly from toplevel.
      * BUG 12549: ctdb-common: ioctl(.. FIONREAD ..) returns an int value.

   o  Garming Sam <garming@catalyst.net.nz>
      * BUG 12577: 'samba-tool dbcheck' gives errors on one-way links after a
        rename.

   o  Uri Simchoni <uri@samba.org>
      * BUG 12529: waf: Backport finding of pkg-config.

   CHANGES SINCE 4.6.0rc1
   ======================

   o  Amitay Isaacs <amitay@gmail.com>
      * BUG 12469: CTDB lock helper getting stuck trying to lock a record.
      * BUG 12500: ctdb-common: Fix a bug in packet reading code for generic socket
        I/O.
      * BUG 12510: sock_daemon_test 4 crashes with SEGV.
      * BUG 12513: ctdb-daemon: Remove stale eventd socket.

   o  Björn Jacke <bj@sernet.de>
      * BUG 12535: vfs_default: Unlock the right file in copy chunk.

   o  Volker Lendecke <vl@samba.org>
      * BUG 12509: messaging: Fix dead but not cleaned-up-yet destination sockets.
      * BUG 12538: Backport winbind fixes.

   o  Stefan Metzmacher <metze@samba.org>
      * BUG 12501: s3:winbindd: talloc_steal the extra_data in
        winbindd_list_users_recv().

   o  Martin Schwenke <martin@meltin.net>
      * BUG 12511: ctdb-takeover: Handle case where there are no RELEASE_IPs to
        send.
      * BUG 12512: ctdb-scripts: Fix remaining uses of "ctdb gratiousarp".
      * BUG 12516: ctdb-scripts: /etc/iproute2/rt_tables gets populated with multiple
        'default' entries.

---
   Module Name:	pkgsrc
   Committed By:	jnemeth
   Date:		Mon Apr 10 15:27:22 UTC 2017

   Modified Files:
   	pkgsrc/net/samba4: Makefile

   Log Message:
   Add pkg-config to USE_TOOLS, which is needed to find gnutls.
   Problem found in a bulk build.  Not bumping PKGREVISION since it
   shouldn't change the binary package when it built.

---
   Module Name:    pkgsrc
   Committed By:   he
   Date:           Wed May 24 15:51:32 UTC 2017

   Modified Files:
           pkgsrc/net/samba4: Makefile PLIST distinfo

   Log Message:
   Update samba4 to version 4.6.4.

   Pkgsrc changes:
    * Adapt PLIST, new .so installed.

   Upstream changes:

   Changes since 4.6.3:
   ---------------------
   o  Volker Lendecke <vl@samba.org>
      * BUG 12780: CVE-2017-7494: Avoid remote code execution from a writable
        share.

   Changes since 4.6.2:
   --------------------
   o  Michael Adam <obnox@samba.org>
      * BUG 12743: s3:vfs:shadow_copy2: vfs_shadow_copy2 fails to list snapshots
        from shares with GlusterFS backend.

   o  Jeremy Allison <jra@samba.org>
      * BUG 12559: Fix for Solaris C compiler.
      * BUG 12628: s3: locking: Update oplock optimization for the leases era.
      * BUG 12693: Make the Solaris C compiler happy.
      * BUG 12695: s3: libgpo: Allow skipping GPO objects that don't have the
        expected LDAP attributes.
      * BUG 12747: Fix buffer overflow caused by wrong use of getgroups.

   o  Hanno Boeck <hanno@hboeck.de>
      * BUG 12746: lib: debug: Avoid negative array access.
      * BUG 12748: cleanupdb: Fix a memory read error.

   o  Ralph Boehme <slow@samba.org>
      * BUG 7537: streams_xattr and kernel oplocks results in
        NT_STATUS_NETWORK_BUSY.
      * BUG 11961: winbindd: idmap_autorid allocates ids for unknown SIDs from
        other backends.
      * BUG 12565: vfs_fruit: Resource fork open request with
        flags=O_CREAT|O_RDONLY.
      * BUG 12615: manpages/vfs_fruit: Document global options.
      * BUG 12624: lib/pthreadpool: Fix a memory leak.
      * BUG 12727: Lookup-domain for well-known SIDs on a DC.
      * BUG 12728: winbindd: Fix error handling in rpc_lookup_sids().
      * BUG 12729: winbindd: Trigger possible passdb_dsdb initialisation.

   o  Alexander Bokovoy <ab@samba.org>
      * BUG 12611: credentials_krb5: use gss_acquire_cred for client-side GSSAPI
        use case.
      * BUG 12690: lib/crypto: Implement samba.crypto Python module for RC4.

   o  Amitay Isaacs <amitay@gmail.com>
      * BUG 12697: ctdb-readonly: Avoid a tight loop waiting for revoke to
        complete.
      * BUG 12723: ctdb_event monitor command crashes if event is not specified.
      * BUG 12733: ctdb-docs: Fix documentation of "-n" option to 'ctdb tool'.

   o  Volker Lendecke <vl@samba.org>
      * BUG 12558: smbd: Fix smb1 findfirst with DFS.
      * BUG 12610: smbd: Do an early exit on negprot failure.
      * BUG 12699: winbindd: Fix substitution for 'template homedir'.

   o  Stefan Metzmacher <metze@samba.org>
      * BUG 12554: s4:kdc: Disable principal based autodetected referral detection.
      * BUG 12613: idmap_autorid: Allocate new domain range if the callers knows
        the sid is valid.
      * BUG 12724: LINKFLAGS_PYEMBED should not contain -L/some/path.
      * BUG 12725: PAM auth with WBFLAG_PAM_GET_PWD_POLICY returns wrong policy for
        trusted domain.
      * BUG 12731: rpcclient: Allow -U'OTHERDOMAIN\user' again.

   o  Christof Schmitt <cs@samba.org>
      * BUG 12725: winbindd: Fix password policy for pam authentication.

   o  Andreas Schneider <asn@samba.org>
      * BUG 12554: s3:gse: Correctly handle external trusts with MIT.
      * BUG 12611: auth/credentials: Always set the realm if we set the principal
        from the ccache.
      * BUG 12686: replace: Include sysmacros.h.
      * BUG 12687: s3:vfs_expand_msdfs: Do not open the remote address as a file.
      * BUG 12704: s3:libsmb: Only print error message if kerberos use is forced.
      * BUG 12708: winbindd: Child process crashes when kerberos-authenticating
        a user with wrong password.

   o  Uri Simchoni <uri@samba.org>
      * BUG 12715: vfs_fruit: Office document opens as read-only on macOS due to
        CNID semantics.
      * BUG 12737: vfs_acl_xattr: Fix failure to get ACL on Linux if memory is
        fragmented.

Revision 1.30 / (download) - annotate - [select for diffs], Wed May 24 15:51:32 2017 UTC (5 years, 6 months ago) by he
Branch: MAIN
Changes since 1.29: +2 -2 lines
Diff to previous 1.29 (colored)

Update samba4 to version 4.6.4.

Pkgsrc changes:
 * Adapt PLIST, new .so installed.

Upstream changes:

Changes since 4.6.3:
---------------------
o  Volker Lendecke <vl@samba.org>
   * BUG 12780: CVE-2017-7494: Avoid remote code execution from a writable
     share.

Changes since 4.6.2:
--------------------
o  Michael Adam <obnox@samba.org>
   * BUG 12743: s3:vfs:shadow_copy2: vfs_shadow_copy2 fails to list snapshots
     from shares with GlusterFS backend.

o  Jeremy Allison <jra@samba.org>
   * BUG 12559: Fix for Solaris C compiler.
   * BUG 12628: s3: locking: Update oplock optimization for the leases era.
   * BUG 12693: Make the Solaris C compiler happy.
   * BUG 12695: s3: libgpo: Allow skipping GPO objects that don't have the
     expected LDAP attributes.
   * BUG 12747: Fix buffer overflow caused by wrong use of getgroups.

o  Hanno Boeck <hanno@hboeck.de>
   * BUG 12746: lib: debug: Avoid negative array access.
   * BUG 12748: cleanupdb: Fix a memory read error.

o  Ralph Boehme <slow@samba.org>
   * BUG 7537: streams_xattr and kernel oplocks results in
     NT_STATUS_NETWORK_BUSY.
   * BUG 11961: winbindd: idmap_autorid allocates ids for unknown SIDs from
     other backends.
   * BUG 12565: vfs_fruit: Resource fork open request with
     flags=O_CREAT|O_RDONLY.
   * BUG 12615: manpages/vfs_fruit: Document global options.
   * BUG 12624: lib/pthreadpool: Fix a memory leak.
   * BUG 12727: Lookup-domain for well-known SIDs on a DC.
   * BUG 12728: winbindd: Fix error handling in rpc_lookup_sids().
   * BUG 12729: winbindd: Trigger possible passdb_dsdb initialisation.

o  Alexander Bokovoy <ab@samba.org>
   * BUG 12611: credentials_krb5: use gss_acquire_cred for client-side GSSAPI
     use case.
   * BUG 12690: lib/crypto: Implement samba.crypto Python module for RC4.

o  Amitay Isaacs <amitay@gmail.com>
   * BUG 12697: ctdb-readonly: Avoid a tight loop waiting for revoke to
     complete.
   * BUG 12723: ctdb_event monitor command crashes if event is not specified.
   * BUG 12733: ctdb-docs: Fix documentation of "-n" option to 'ctdb tool'.

o  Volker Lendecke <vl@samba.org>
   * BUG 12558: smbd: Fix smb1 findfirst with DFS.
   * BUG 12610: smbd: Do an early exit on negprot failure.
   * BUG 12699: winbindd: Fix substitution for 'template homedir'.

o  Stefan Metzmacher <metze@samba.org>
   * BUG 12554: s4:kdc: Disable principal based autodetected referral detection.
   * BUG 12613: idmap_autorid: Allocate new domain range if the callers knows
     the sid is valid.
   * BUG 12724: LINKFLAGS_PYEMBED should not contain -L/some/path.
   * BUG 12725: PAM auth with WBFLAG_PAM_GET_PWD_POLICY returns wrong policy for
     trusted domain.
   * BUG 12731: rpcclient: Allow -U'OTHERDOMAIN\user' again.

o  Christof Schmitt <cs@samba.org>
   * BUG 12725: winbindd: Fix password policy for pam authentication.

o  Andreas Schneider <asn@samba.org>
   * BUG 12554: s3:gse: Correctly handle external trusts with MIT.
   * BUG 12611: auth/credentials: Always set the realm if we set the principal
     from the ccache.
   * BUG 12686: replace: Include sysmacros.h.
   * BUG 12687: s3:vfs_expand_msdfs: Do not open the remote address as a file.
   * BUG 12704: s3:libsmb: Only print error message if kerberos use is forced.
   * BUG 12708: winbindd: Child process crashes when kerberos-authenticating
     a user with wrong password.

o  Uri Simchoni <uri@samba.org>
   * BUG 12715: vfs_fruit: Office document opens as read-only on macOS due to
     CNID semantics.
   * BUG 12737: vfs_acl_xattr: Fix failure to get ACL on Linux if memory is
     fragmented.

Revision 1.29 / (download) - annotate - [select for diffs], Mon Apr 10 15:27:22 2017 UTC (5 years, 7 months ago) by jnemeth
Branch: MAIN
Changes since 1.28: +2 -2 lines
Diff to previous 1.28 (colored)

Add pkg-config to USE_TOOLS, which is needed to find gnutls.
Problem found in a bulk build.  Not bumping PKGREVISION since it
shouldn't change the binary package when it built.

Revision 1.28 / (download) - annotate - [select for diffs], Sat Apr 8 08:56:27 2017 UTC (5 years, 8 months ago) by ryoon
Branch: MAIN
Changes since 1.27: +6 -9 lines
Diff to previous 1.27 (colored)

Update to 4.6.2

* Use internal heimdal

Changelog:
Changes since 4.6.1:
--------------------

o  Jeremy Allison <jra@samba.org>
   * BUG 12721: Fix regression with "follow symlinks = no".

Changes since 4.6.0:
--------------------

o  Jeremy Allison <jra@samba.org>
   * BUG 12496: CVE-2017-2619: Symlink race permits opening files outside share
     directory.

o  Ralph Boehme <slow@samba.org>
   * BUG 12496: CVE-2017-2619: Symlink race permits opening files outside share
     directory.

CHANGES SINCE 4.6.0rc4
======================

o  Jeremy Allison <jra@samba.org>
   * BUG 12592: Fix several issues found by covscan.
   * BUG 12608: s3: smbd: Restart reading the incoming SMB2 fd when the send
     queue is drained.

o  Ralph Boehme <slow@samba.org>
   * BUG 12427: vfs_fruit doesn't work with fruit:metadata=stream.
   * BUG 12526: vfs_fruit: Only veto AppleDouble files if "fruit:resource" is
     set to "file".
   * BUG 12604: vfs_fruit: Enabling AAPL extensions must be a global switch.

o  Volker Lendecke <vl@samba.org>
   * BUG 12612: Re-enable token groups fallback.

o  Stefan Metzmacher <metze@samba.org>
   * BUG 9048: Samba4 ldap error codes.
   * BUG 12557: gensec:spnego: Add debug message for the failed principal.
   * BUG 12605: s3:winbindd: Fix endless forest trust scan.
   * BUG 12612: winbindd: Find the domain based on the sid within
     wb_lookupusergroups_send().

o  Andreas Schneider <asn@samba.org>
   * BUG 12557: s3:librpc: Handle gss_min in gse_get_client_auth_token()
     correctly.
   * BUG 12582: idmap_hash: Add a deprecation message, improve the idmap_hash
     manpage.
   * BUG 12592: Fix several issues found by covscan.

o  Martin Schwenke <martin@meltin.net>
   * BUG 12592: ctdb-logging: CID 1396883 Dereference null return value
     (NULL_RETURNS).


CHANGES SINCE 4.6.0rc3
======================

o  Jeremy Allison <jra@samba.org>
   * BUG 12545: s3: rpc_server/mdssvc: Add attribute "kMDItemContentType".
   * BUG 12572: s3: smbd: Don't loop infinitely on bad-symlink resolution.

o  Ralph Boehme <slow@samba.org>
   * BUG 12490: vfs_fruit: Correct Netatalk metadata xattr on FreeBSD.
   * BUG 12536: s3/smbd: Check for invalid access_mask
     smbd_calculate_access_mask().
   * BUG 12591: vfs_streams_xattr: use fsp, not base_fsp.

o  Amitay Isaacs <amitay@gmail.com>
   * BUG 12580: ctdb-common: Fix use-after-free error in comm_fd_handler().
   * BUG 12595: build: Fix generation of CTDB manpages while creating tarball.

o  Bryan Mason <bmason@redhat.com>
   * BUG 12575: Modify smbspool_krb5_wrapper to just fall through to smbspool if
     AUTH_INFO_REQUIRED is not set or is not "negotiate".

o  Stefan Metzmacher <metze@samba.org>
   * BUG 11830: s3:winbindd: Try a NETLOGON connection with noauth over NCACN_NP
     against trusted domains.
   * BUG 12262: 'net ads testjoin' and smb access fails after winbindd changed the
     trust password.
   * BUG 12585: librpc/rpc: fix regression in
     NT_STATUS_RPC_ENUM_VALUE_OUT_OF_RANGE error mapping.
   * BUG 12586: netlogon_creds_cli_LogonSamLogon doesn't work without
     netr_LogonSamLogonEx.
   * BUG 12587: winbindd child segfaults on connect to an NT4 domain.
   * BUG 12588: s3:winbindd: Make sure cm_prepare_connection() only returns OK
     with a valid tree connect.
   * BUG 12598: winbindd (as member) requires kerberos against trusted ad domain,
     while it shouldn't.
   * BUG 12601: Backport pytalloc_GenericObject_reference() related changes to
     4.6.

o  Garming Sam <garming@catalyst.net.nz>
   * BUG 12600: dbchecker: Stop ignoring linked cases where both objects are
     alive.

o  Andreas Schneider <asn@samba.org>
   * BUG 12571: s3-vfs: Only walk the directory once in open_and_sort_dir().

o  Martin Schwenke <martin@meltin.net>
   * BUG 12589: CTDB statd-callout does not cause grace period when
     CTDB_NFS_CALLOUT="".
   * BUG 12595: ctdb-build: Fix RPM build.


CHANGES SINCE 4.6.0rc2
======================

o  Jeremy Allison <jra@samba.org>
   * BUG 12499: s3: vfs: dirsort doesn't handle opendir of "." correctly.
   * BUG 12546: s3: VFS: vfs_streams_xattr.c: Make streams_xattr_open() store
     the same path as streams_xattr_recheck().
   * BUG 12531: Make vfs_shadow_copy2 cope with server changing directories.

o  Andrew Bartlett <abartlet@samba.org>
   * BUG 12543: samba-tool: Correct handling of default value for use_ntvfs and
     use_xattrs.
   * BUG 12573: Samba < 4.7 does not know about compatibleFeatures and
     requiredFeatures.
   * BUG 12577: 'samba-tool dbcheck' gives errors on one-way links after a
     rename.

o  Ralph Boehme <slow@samba.org>
   * BUG 12184: s3/rpc_server: Shared rpc modules loading.
   * BUG 12520: Ensure global "smb encrypt = off" is effective.
   * BUG 12524: s3/rpc_server: Move rpc_modules.c to its own subsystem.
   * BUG 12541: vfs_fruit: checks wrong AAPL config state and so always uses
     readdirattr.

o  Volker Lendecke <vl@samba.org>
   * BUG 12551: smbd: Fix "map acl inherit" = yes.

o  Stefan Metzmacher <metze@samba.org>
   * BUG 12398: Replication with DRSUAPI_DRS_CRITICAL_ONLY and
     DRSUAPI_DRS_GET_ANC results in WERR_DS_DRA_MISSING_PARENT S
   * BUG 12540: s3:smbd: allow "server min protocol = SMB3_00" to go via "SMB
     2.???" negprot.

o  John Mulligan <jmulligan@nasuni.com>
   * BUG 12542: docs: Improve description of "unix_primary_group" parameter in
     idmap_ad manpage.

o  Andreas Schneider <asn@samba.org>
   * BUG 12552: waf: Do not install the unit test binary for krb5samba.

o  Amitay Isaacs <amitay@gmail.com>
   * BUG 12547: ctdb-build: Install CTDB tests correctly from toplevel.
   * BUG 12549: ctdb-common: ioctl(.. FIONREAD ..) returns an int value.

o  Garming Sam <garming@catalyst.net.nz>
   * BUG 12577: 'samba-tool dbcheck' gives errors on one-way links after a
     rename.

o  Uri Simchoni <uri@samba.org>
   * BUG 12529: waf: Backport finding of pkg-config.


CHANGES SINCE 4.6.0rc1
======================

o  Amitay Isaacs <amitay@gmail.com>
   * BUG 12469: CTDB lock helper getting stuck trying to lock a record.
   * BUG 12500: ctdb-common: Fix a bug in packet reading code for generic socket
     I/O.
   * BUG 12510: sock_daemon_test 4 crashes with SEGV.
   * BUG 12513: ctdb-daemon: Remove stale eventd socket.

o  Björn Jacke <bj@sernet.de>
   * BUG 12535: vfs_default: Unlock the right file in copy chunk.

o  Volker Lendecke <vl@samba.org>
   * BUG 12509: messaging: Fix dead but not cleaned-up-yet destination sockets.
   * BUG 12538: Backport winbind fixes.

o  Stefan Metzmacher <metze@samba.org>
   * BUG 12501: s3:winbindd: talloc_steal the extra_data in
     winbindd_list_users_recv().

o  Martin Schwenke <martin@meltin.net>
   * BUG 12511: ctdb-takeover: Handle case where there are no RELEASE_IPs to
     send.
   * BUG 12512: ctdb-scripts: Fix remaining uses of "ctdb gratiousarp".
   * BUG 12516: ctdb-scripts: /etc/iproute2/rt_tables gets populated with multiple
     'default' entries.

Revision 1.27 / (download) - annotate - [select for diffs], Sun Feb 12 06:25:53 2017 UTC (5 years, 9 months ago) by ryoon
Branch: MAIN
CVS Tags: pkgsrc-2017Q1-base
Branch point for: pkgsrc-2017Q1
Changes since 1.26: +2 -2 lines
Diff to previous 1.26 (colored)

Recursive revbump from fonts/harfbuzz

Revision 1.26 / (download) - annotate - [select for diffs], Mon Feb 6 13:55:51 2017 UTC (5 years, 10 months ago) by wiz
Branch: MAIN
Changes since 1.25: +2 -2 lines
Diff to previous 1.25 (colored)

Recursive bump for harfbuzz's new graphite2 dependency.

Revision 1.25 / (download) - annotate - [select for diffs], Sun Jan 1 14:43:53 2017 UTC (5 years, 11 months ago) by wiz
Branch: MAIN
Changes since 1.24: +2 -2 lines
Diff to previous 1.24 (colored)

Add python-3.6 to incompatible versions.

Revision 1.24 / (download) - annotate - [select for diffs], Tue Sep 20 11:12:23 2016 UTC (6 years, 2 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2016Q4-base, pkgsrc-2016Q4, pkgsrc-2016Q3-base, pkgsrc-2016Q3
Changes since 1.23: +2 -2 lines
Diff to previous 1.23 (colored)

Recursive bump for cups openssl -> gnutls change.

Revision 1.23 / (download) - annotate - [select for diffs], Mon Sep 19 13:04:26 2016 UTC (6 years, 2 months ago) by wiz
Branch: MAIN
Changes since 1.22: +2 -2 lines
Diff to previous 1.22 (colored)

Recursive PKGREVISION bump for gnutls shlib major bump.

Revision 1.18.2.1 / (download) - annotate - [select for diffs], Wed Jul 20 18:52:47 2016 UTC (6 years, 4 months ago) by spz
Branch: pkgsrc-2016Q2
Changes since 1.18: +6 -3 lines
Diff to previous 1.18 (colored) next main 1.19 (colored)

Pullup ticket #5060 - requested by taca
net/samba4: security update

Revisions pulled up:
- net/samba4/Makefile                                           1.19-1.22
- net/samba4/PLIST                                              1.8-1.9
- net/samba4/distinfo                                           1.11

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Thu Jul  7 16:44:14 UTC 2016

   Modified Files:
   	pkgsrc/net/samba4: Makefile PLIST distinfo

   Log Message:
   Update samba4 to 4.3.11 (Samba 4.3.11), including security fix for
   CVE-2016-2119.

   Changes from 4.3.9 to 4.3.10 are too many to write here, please refer
   WHATSNEW.txt file.

                      ==============================
                      Release Notes for Samba 4.3.11
                               July 07, 2016
                      ==============================

   This is a security release in order to address the following defect:

   o  CVE-2016-2119 (Client side SMB2/3 required signing can be downgraded)

   =======
   Details
   =======

   o  CVE-2016-2119:
      It's possible for an attacker to downgrade the required signing for
      an SMB2/3 client connection, by injecting the SMB2_SESSION_FLAG_IS_GUEST
      or SMB2_SESSION_FLAG_IS_NULL flags.

      This means that the attacker can impersonate a server being connected to by
      Samba, and return malicious results.

      The primary concern is with winbindd, as it uses DCERPC over SMB2 when talking
      to domain controllers as a member server, and trusted domains as a domain
      controller.  These DCE/RPC connections were intended to protected by the
      combination of "client ipc signing" and
      "client ipc max protocol" in their effective default settings
      ("mandatory" and "SMB3_11").

      Additionally, management tools like net, samba-tool and rpcclient use DCERPC
      over SMB2/3 connections.

      By default, other tools in Samba are unprotected, but rarely they are
      configured to use smb signing, via the "client signing" parameter (the default
      is "if_required").  Even more rarely the "client max protocol" is set to SMB2,
      rather than the NT1 default.

      If both these conditions are met, then this issue would also apply to these
      other tools, including command line tools like smbcacls, smbcquota, smbclient,
      smbget and applications using libsmbclient.

   Changes since 4.3.10:
   --------------------

   o  Stefan Metzmacher <metze@samba.org>
      * BUG 11860: CVE-2016-2119: Fix client side SMB2 signing downgrade.
      * BUG 11948: Total dcerpc response payload more than 0x400000.

   #######################################
   Reporting bugs & Development Discussion
   #######################################

   Please discuss this release on the samba-technical mailing list or by
   joining the #samba-technical IRC channel on irc.freenode.net.

   If you do report problems then please try to send high quality
   feedback. If you don't provide vital information to help us track down
   the problem then you will probably be ignored.  All bug reports should
   be filed under the "Samba 4.1 and newer" product in the project's Bugzilla
   database (https://bugzilla.samba.org/).


   To generate a diff of this commit:
   cvs rdiff -u -r1.18 -r1.19 pkgsrc/net/samba4/Makefile
   cvs rdiff -u -r1.7 -r1.8 pkgsrc/net/samba4/PLIST
   cvs rdiff -u -r1.10 -r1.11 pkgsrc/net/samba4/distinfo

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	wiz
   Date:		Sat Jul  9 06:39:18 UTC 2016

   Modified Files:
   	pkgsrc/archivers/dar: Makefile
   	pkgsrc/archivers/file-roller: Makefile
   	pkgsrc/archivers/libzip: Makefile
   	pkgsrc/archivers/upx: Makefile
   	pkgsrc/audio/abcde: Makefile
   	pkgsrc/audio/amarok: Makefile
   	pkgsrc/audio/ardour: Makefile
   	pkgsrc/audio/arts: Makefile
   	pkgsrc/audio/disc-cover: Makefile
   	pkgsrc/audio/distmp3: Makefile
   	pkgsrc/audio/festival: Makefile
   	pkgsrc/audio/flac2mp3: Makefile
   	pkgsrc/audio/gtkpod: Makefile
   	pkgsrc/audio/jack: Makefile
   	pkgsrc/audio/kid3: Makefile
   	pkgsrc/audio/libgroove: Makefile
   	pkgsrc/audio/liteamp: Makefile
   	pkgsrc/audio/lmms: Makefile
   	pkgsrc/audio/mkcdtoc: Makefile
   	pkgsrc/audio/mp32ogg: Makefile
   	pkgsrc/audio/mp3cut: Makefile
   	pkgsrc/audio/mserv: Makefile
   	pkgsrc/audio/mserv-devel: Makefile
   	pkgsrc/audio/mserv-irman: Makefile
   	pkgsrc/audio/mstream: Makefile
   	pkgsrc/audio/nas-auscope: Makefile
   	pkgsrc/audio/normalize: Makefile
   	pkgsrc/audio/oggasm: Makefile
   	pkgsrc/audio/paprefs: Makefile
   	pkgsrc/audio/pavucontrol: Makefile
   	pkgsrc/audio/pavumeter: Makefile
   	pkgsrc/audio/rip: Makefile
   	pkgsrc/audio/sphinxbase: Makefile
   	pkgsrc/audio/sphinxtrain: Makefile
   	pkgsrc/benchmarks/bonnie++: Makefile
   	pkgsrc/benchmarks/bytebench: Makefile
   	pkgsrc/benchmarks/hbench: Makefile
   	pkgsrc/benchmarks/iozone: Makefile
   	pkgsrc/benchmarks/lmbench: Makefile
   	pkgsrc/biology/bioperl: Makefile
   	pkgsrc/biology/bodr: Makefile
   	pkgsrc/biology/bwa: Makefile
   	pkgsrc/biology/cdhit: Makefile
   	pkgsrc/biology/gnome-chemistry-utils: Makefile
   	pkgsrc/biology/gromacs: Makefile
   	pkgsrc/biology/mpqc: Makefile
   	pkgsrc/biology/mummer: Makefile
   	pkgsrc/cad/dinotrace: Makefile
   	pkgsrc/cad/freehdl: Makefile
   	pkgsrc/cad/geda: Makefile
   	pkgsrc/cad/gwave: Makefile
   	pkgsrc/cad/spiceprm: Makefile
   	pkgsrc/chat/anope: Makefile
   	pkgsrc/chat/bitchbot: Makefile
   	pkgsrc/chat/centerim: Makefile
   	pkgsrc/chat/cgiirc: Makefile
   	pkgsrc/chat/dccserver: Makefile
   	pkgsrc/chat/dircproxy: Makefile
   	pkgsrc/chat/finch: Makefile
   	pkgsrc/chat/inspircd: Makefile
   	pkgsrc/chat/inspircd12: Makefile
   	pkgsrc/chat/ircd-hybrid: Makefile
   	pkgsrc/chat/ircservices: Makefile
   	pkgsrc/chat/jabberd2: Makefile
   	pkgsrc/chat/kgb-bot: Makefile
   	pkgsrc/chat/kmess: Makefile
   	pkgsrc/chat/konversation: Makefile
   	pkgsrc/chat/konversation-kde3: Makefile
   	pkgsrc/chat/libpurple: Makefile
   	pkgsrc/chat/pidgin-libnotify: Makefile
   	pkgsrc/chat/pidgin-otr: Makefile
   	pkgsrc/chat/pidgin-sametime: Makefile
   	pkgsrc/chat/pidgin-silc: Makefile
   	pkgsrc/chat/sirc: Makefile
   	pkgsrc/chat/vicq: Makefile
   	pkgsrc/chat/xchat: Makefile
   	pkgsrc/chat/xchat-python: Makefile
   	pkgsrc/comms/asterisk: Makefile
   	pkgsrc/comms/asterisk13: Makefile
   	pkgsrc/comms/asterisk18: Makefile
   	pkgsrc/comms/fidogate: Makefile
   	pkgsrc/comms/gnome-pilot: Makefile
   	pkgsrc/comms/mgetty+sendfax: Makefile
   	pkgsrc/comms/op_panel: Makefile
   	pkgsrc/comms/p5-Asterisk: Makefile
   	pkgsrc/comms/pilot-link: Makefile
   	pkgsrc/comms/pilotmgr: Makefile
   	pkgsrc/converters/2vcard: Makefile
   	pkgsrc/converters/bibtex2html: Makefile
   	pkgsrc/converters/code2html: Makefile
   	pkgsrc/converters/convmv: Makefile
   	pkgsrc/converters/doc2html: Makefile
   	pkgsrc/converters/docx2txt: Makefile
   	pkgsrc/converters/dos2unix: Makefile
   	pkgsrc/converters/help2man: Makefile
   	pkgsrc/converters/jcode-perl: Makefile
   	pkgsrc/converters/libabw: Makefile
   	pkgsrc/converters/libfreehand: Makefile
   	pkgsrc/converters/libvisio: Makefile
   	pkgsrc/converters/libwpg: Makefile
   	pkgsrc/converters/nkf: Makefile
   	pkgsrc/converters/rpm2cpio: Makefile
   	pkgsrc/converters/skf: Makefile
   	pkgsrc/converters/smbchartool: Makefile
   	pkgsrc/converters/txt2html: Makefile
   	pkgsrc/converters/txt2pdbdoc: Makefile
   	pkgsrc/cross/avr-binutils: Makefile
   	pkgsrc/cross/avr-gcc: Makefile
   	pkgsrc/cross/avr-libc: Makefile
   	pkgsrc/cross/binutils-mips-current: Makefile
   	pkgsrc/cross/cc65: Makefile
   	pkgsrc/cross/cross-binutils: Makefile
   	pkgsrc/cross/cross-libtool-base: Makefile
   	pkgsrc/cross/gcc-mips-current: Makefile
   	pkgsrc/cross/nios2-gcc: Makefile
   	pkgsrc/cross/nios2-gcc3: Makefile
   	pkgsrc/cross/nios2-gcc41: Makefile
   	pkgsrc/databases/couchdb: Makefile
   	pkgsrc/databases/cstore: Makefile
   	pkgsrc/databases/gnome-mime-data: Makefile
   	pkgsrc/databases/gq: Makefile
   	pkgsrc/databases/idzebra: Makefile
   	pkgsrc/databases/innotop: Makefile
   	pkgsrc/databases/krecipes: Makefile
   	pkgsrc/databases/lbdb: Makefile
   	pkgsrc/databases/libcassandra: Makefile
   	pkgsrc/databases/maatkit: Makefile
   	pkgsrc/databases/mariadb55-client: Makefile
   	pkgsrc/databases/mysql-cluster: Makefile
   	pkgsrc/databases/mysql51-client: Makefile
   	pkgsrc/databases/mysql55-client: Makefile
   	pkgsrc/databases/mysql56-client: Makefile
   	pkgsrc/databases/mysqltuner: Makefile
   	pkgsrc/databases/mytop: Makefile
   	pkgsrc/databases/p5-DBI: Makefile
   	pkgsrc/databases/p5-DBIWrapper: Makefile
   	pkgsrc/databases/p5-perl-ldap: Makefile
   	pkgsrc/databases/p5-postgresql: Makefile
   	pkgsrc/databases/p5-sybperl: Makefile
   	pkgsrc/databases/p5-tokyocabinet: Makefile
   	pkgsrc/databases/p5-tokyotyrant: Makefile
   	pkgsrc/databases/percona-toolkit: Makefile
   	pkgsrc/databases/pgbuildfarm: Makefile
   	pkgsrc/databases/postgresql-postgis2: Makefile
   	pkgsrc/databases/postgresql91: Makefile
   	pkgsrc/databases/postgresql91-docs: Makefile
   	pkgsrc/databases/postgresql91-plperl: Makefile
   	pkgsrc/databases/postgresql92: Makefile
   	pkgsrc/databases/postgresql92-docs: Makefile
   	pkgsrc/databases/postgresql92-plperl: Makefile
   	pkgsrc/databases/postgresql93: Makefile
   	pkgsrc/databases/postgresql93-docs: Makefile
   	pkgsrc/databases/postgresql93-plperl: Makefile
   	pkgsrc/databases/postgresql94: Makefile
   	pkgsrc/databases/postgresql94-docs: Makefile
   	pkgsrc/databases/postgresql94-plperl: Makefile
   	pkgsrc/databases/postgresql95: Makefile
   	pkgsrc/databases/postgresql95-docs: Makefile
   	pkgsrc/databases/postgresql95-plperl: Makefile
   	pkgsrc/databases/rdb: Makefile
   	pkgsrc/databases/rrdtool: Makefile
   	pkgsrc/databases/rrdtool12: Makefile
   	pkgsrc/databases/sqlrelay: Makefile
   	pkgsrc/databases/yasql: Makefile
   	pkgsrc/devel/GConf: Makefile
   	pkgsrc/devel/MoarVM: Makefile
   	pkgsrc/devel/RTx-RightsMatrix: Makefile
   	pkgsrc/devel/adocman: Makefile
   	pkgsrc/devel/aegis: Makefile
   	pkgsrc/devel/anjuta: Makefile
   	pkgsrc/devel/atkmm: Makefile
   	pkgsrc/devel/autoconf: Makefile
   	pkgsrc/devel/autoconf213: Makefile
   	pkgsrc/devel/autogen: Makefile
   	pkgsrc/devel/automake: Makefile
   	pkgsrc/devel/automake14: Makefile
   	pkgsrc/devel/bglibs: Makefile
   	pkgsrc/devel/binutils: Makefile
   	pkgsrc/devel/bison: Makefile
   	pkgsrc/devel/bugzilla: Makefile
   	pkgsrc/devel/bugzilla3: Makefile
   	pkgsrc/devel/cogito: Makefile
   	pkgsrc/devel/colordiff: Makefile
   	pkgsrc/devel/commit-patch: Makefile
   	pkgsrc/devel/cook: Makefile
   	pkgsrc/devel/cqual: Makefile
   	pkgsrc/devel/ctemplate: Makefile
   	pkgsrc/devel/cvs2cl: Makefile
   	pkgsrc/devel/cvs2html: Makefile
   	pkgsrc/devel/cvsd: Makefile
   	pkgsrc/devel/cvsutils: Makefile
   	pkgsrc/devel/darcs: Makefile
   	pkgsrc/devel/delta: Makefile
   	pkgsrc/devel/devhelp: Makefile
   	pkgsrc/devel/doxygen: Makefile
   	pkgsrc/devel/easygit: Makefile
   	pkgsrc/devel/etrace: Makefile
   	pkgsrc/devel/gconfmm: Makefile
   	pkgsrc/devel/gcvs: Makefile
   	pkgsrc/devel/gdb: Makefile
   	pkgsrc/devel/gdbus-codegen: Makefile
   	pkgsrc/devel/gdl: Makefile
   	pkgsrc/devel/geany: Makefile
   	pkgsrc/devel/git-base: Makefile
   	pkgsrc/devel/git-docs: Makefile
   	pkgsrc/devel/gitolite: Makefile
   	pkgsrc/devel/glib2: Makefile
   	pkgsrc/devel/glibmm: Makefile
   	pkgsrc/devel/global: Makefile
   	pkgsrc/devel/gmake: Makefile
   	pkgsrc/devel/gperftools: Makefile
   	pkgsrc/devel/gps: Makefile
   	pkgsrc/devel/jemalloc: Makefile
   	pkgsrc/devel/kdbg: Makefile
   	pkgsrc/devel/kdesdk-kioslaves: Makefile
   	pkgsrc/devel/kdesdk3: Makefile
   	pkgsrc/devel/kdevelop-base: Makefile
   	pkgsrc/devel/kdevelop4: Makefile
   	pkgsrc/devel/kdevplatform: Makefile
   	pkgsrc/devel/kdoctools: Makefile
   	pkgsrc/devel/ktexteditor: Makefile
   	pkgsrc/devel/lcov: Makefile
   	pkgsrc/devel/ldapsdk: Makefile
   	pkgsrc/devel/libbonobo: Makefile
   	pkgsrc/devel/libcerf: Makefile
   	pkgsrc/devel/libcompizconfig: Makefile
   	pkgsrc/devel/libgnomeui: Makefile
   	pkgsrc/devel/libidn: Makefile
   	pkgsrc/devel/libpgm: Makefile
   	pkgsrc/devel/libsigc++: Makefile
   	pkgsrc/devel/libstatgrab: Makefile
   	pkgsrc/devel/libthrift: Makefile
   	pkgsrc/devel/libtool: Makefile
   	pkgsrc/devel/libtool-base: Makefile
   	pkgsrc/devel/libtool-fortran: Makefile
   	pkgsrc/devel/libwhisker2: Makefile
   	pkgsrc/devel/lua-posix: Makefile
   	pkgsrc/devel/memcached: Makefile
   	pkgsrc/devel/monodevelop: Makefile
   	pkgsrc/devel/monotone: Makefile
   	pkgsrc/devel/mr: Makefile
   	pkgsrc/devel/nasm: Makefile
   	pkgsrc/devel/ncurses: Makefile
   	pkgsrc/devel/netbeans-ide: Makefile
   	pkgsrc/devel/nspr: Makefile
   	pkgsrc/devel/nss: Makefile
   	pkgsrc/devel/ossp-uuid: Makefile
   	pkgsrc/devel/p5-App-perlbrew: Makefile
   	pkgsrc/devel/p5-B-Hooks-OP-Annotation: Makefile
   	pkgsrc/devel/p5-EV: Makefile
   	pkgsrc/devel/p5-Event: Makefile
   	pkgsrc/devel/p5-LDAP: Makefile
   	pkgsrc/devel/p5-Log-Any-Adapter-Log4perl: Makefile
   	pkgsrc/devel/p5-Log-Log4perl: Makefile
   	pkgsrc/devel/p5-Test-Log4perl: Makefile
   	pkgsrc/devel/pangomm: Makefile
   	pkgsrc/devel/papaya: Makefile
   	pkgsrc/devel/patchutils: Makefile
   	pkgsrc/devel/prcs: Makefile
   	pkgsrc/devel/pstreams: Makefile
   	pkgsrc/devel/quilt: Makefile
   	pkgsrc/devel/refinecvs: Makefile
   	pkgsrc/devel/rpc2: Makefile
   	pkgsrc/devel/rt-mysql: Makefile
   	pkgsrc/devel/rt4: Makefile
   	pkgsrc/devel/sdcc: Makefile
   	pkgsrc/devel/sdcc3: Makefile
   	pkgsrc/devel/sparse: Makefile
   	pkgsrc/devel/startbug1: Makefile
   	pkgsrc/devel/stfl: Makefile
   	pkgsrc/devel/stgit: Makefile
   	pkgsrc/devel/subversion: Makefile
   	pkgsrc/devel/sunifdef: Makefile
   	pkgsrc/devel/svk: Makefile
   	pkgsrc/devel/tet3: Makefile
   	pkgsrc/devel/tmake: Makefile
   	pkgsrc/devel/valgrind: Makefile
   	pkgsrc/devel/xfce4-conf: Makefile
   	pkgsrc/devel/xulrunner10: Makefile
   	pkgsrc/devel/xulrunner17: Makefile
   	pkgsrc/devel/xulrunner192: Makefile
   	pkgsrc/editors/TeXmacs: Makefile
   	pkgsrc/editors/conglomerate: Makefile
   	pkgsrc/editors/emacs20: Makefile
   	pkgsrc/editors/emacs21: Makefile
   	pkgsrc/editors/emacs22: Makefile
   	pkgsrc/editors/gedit: Makefile
   	pkgsrc/editors/gedit-python: Makefile
   	pkgsrc/editors/gedit3: Makefile
   	pkgsrc/editors/kile: Makefile
   	pkgsrc/editors/kile-kde3: Makefile
   	pkgsrc/editors/lyx: Makefile
   	pkgsrc/editors/nvi-m17n: Makefile
   	pkgsrc/editors/vigor: Makefile
   	pkgsrc/editors/xemacs-packages: Makefile
   	pkgsrc/emulators/darwin_lib: Makefile
   	pkgsrc/emulators/freebsd_lib: Makefile
   	pkgsrc/emulators/fuse-emulator: Makefile
   	pkgsrc/emulators/hercules: Makefile
   	pkgsrc/emulators/kegs: Makefile
   	pkgsrc/emulators/libspectrum: Makefile
   	pkgsrc/emulators/osf1_lib: Makefile
   	pkgsrc/emulators/palmosemulator: Makefile
   	pkgsrc/emulators/qemu: Makefile
   	pkgsrc/emulators/qemu0: Makefile
   	pkgsrc/emulators/raine: Makefile
   	pkgsrc/emulators/shoebill: Makefile
   	pkgsrc/emulators/snes9x-gtk: Makefile
   	pkgsrc/emulators/suse100_base: Makefile
   	pkgsrc/emulators/suse121_base: Makefile
   	pkgsrc/emulators/suse131_base: Makefile
   	pkgsrc/emulators/tme: Makefile
   	pkgsrc/emulators/z26: Makefile
   	pkgsrc/filesystems/fuse-svnfs: Makefile
   	pkgsrc/finance/gkrellm-stock: Makefile
   	pkgsrc/finance/gnucash: Makefile
   	pkgsrc/finance/kmymoney2: Makefile
   	pkgsrc/fonts/fntsample: Makefile
   	pkgsrc/fonts/ja-shinonome: Makefile
   	pkgsrc/fonts/monafonts: Makefile
   	pkgsrc/fonts/terminus-font: Makefile
   	pkgsrc/fonts/tex-accfonts: Makefile
   	pkgsrc/fonts/tex-dosepsbin: Makefile
   	pkgsrc/fonts/tex-fontools: Makefile
   	pkgsrc/fonts/tex-mf2pt1: Makefile
   	pkgsrc/fonts/ttf2pt1: Makefile
   	pkgsrc/fonts/type1inst: Makefile
   	pkgsrc/fonts/unifont: Makefile
   	pkgsrc/games/asc: Makefile
   	pkgsrc/games/asciiquarium: Makefile
   	pkgsrc/games/bzflag: Makefile
   	pkgsrc/games/crossfire-client: Makefile
   	pkgsrc/games/crossfire-server: Makefile
   	pkgsrc/games/eboard: Makefile
   	pkgsrc/games/frozen-bubble: Makefile
   	pkgsrc/games/minami: Makefile
   	pkgsrc/games/netmaj: Makefile
   	pkgsrc/games/wesnoth: Makefile
   	pkgsrc/games/xboard: Makefile
   	pkgsrc/games/xracer: Makefile
   	pkgsrc/games/xscorch: Makefile
   	pkgsrc/games/zoom: Makefile
   	pkgsrc/geography/gpsdrive: Makefile
   	pkgsrc/geography/proj-swig: Makefile
   	pkgsrc/geography/qgis: Makefile
   	pkgsrc/graphics/GraphicsMagick: Makefile
   	pkgsrc/graphics/ImageMagick: Makefile
   	pkgsrc/graphics/ImageMagick6: Makefile
   	pkgsrc/graphics/OpenRM: Makefile
   	pkgsrc/graphics/asymptote: Makefile
   	pkgsrc/graphics/cairomm: Makefile
   	pkgsrc/graphics/cdlabelgen: Makefile
   	pkgsrc/graphics/cheese: Makefile
   	pkgsrc/graphics/circos: Makefile
   	pkgsrc/graphics/claraocr: Makefile
   	pkgsrc/graphics/compface: Makefile
   	pkgsrc/graphics/digikam: Makefile
   	pkgsrc/graphics/digikam-doc-kde3: Makefile
   	pkgsrc/graphics/digikam-kde3: Makefile
   	pkgsrc/graphics/enblend-enfuse: Makefile
   	pkgsrc/graphics/fly: Makefile
   	pkgsrc/graphics/g2: Makefile
   	pkgsrc/graphics/gd: Makefile
   	pkgsrc/graphics/get_ds7: Makefile
   	pkgsrc/graphics/gimp: Makefile
   	pkgsrc/graphics/gimp-docs-en: Makefile
   	pkgsrc/graphics/gimp-ufraw: Makefile
   	pkgsrc/graphics/gnome-icon-theme: Makefile
   	pkgsrc/graphics/goocanvasmm: Makefile
   	pkgsrc/graphics/graphviz: Makefile
   	pkgsrc/graphics/gri: Makefile
   	pkgsrc/graphics/gtkam: Makefile
   	pkgsrc/graphics/gtkglext: Makefile
   	pkgsrc/graphics/gwenview-kde3: Makefile
   	pkgsrc/graphics/icon-naming-utils: Makefile
   	pkgsrc/graphics/inkscape: Makefile
   	pkgsrc/graphics/kbarcode: Makefile
   	pkgsrc/graphics/kipi-plugins-calendar-kde3: Makefile
   	pkgsrc/graphics/kipi-plugins-kde3: Makefile
   	pkgsrc/graphics/koverartist: Makefile
   	pkgsrc/graphics/magicpoint: Makefile
   	pkgsrc/graphics/netpbm: Makefile
   	pkgsrc/graphics/pfstools: Makefile
   	pkgsrc/graphics/ps2eps: Makefile
   	pkgsrc/graphics/ristretto: Makefile
   	pkgsrc/graphics/showimg: Makefile
   	pkgsrc/graphics/tex-a2ping: Makefile
   	pkgsrc/graphics/tex-epstopdf: Makefile
   	pkgsrc/graphics/tex-pdfcrop: Makefile
   	pkgsrc/graphics/ucview: Makefile
   	pkgsrc/graphics/unicap: Makefile
   	pkgsrc/graphics/xplot: Makefile
   	pkgsrc/graphics/xplot-devel: Makefile
   	pkgsrc/graphics/zphoto: Makefile
   	pkgsrc/ham/fldigi: Makefile
   	pkgsrc/ham/gnuradio-core: Makefile
   	pkgsrc/ham/hamlib: Makefile
   	pkgsrc/ham/linpsk: Makefile
   	pkgsrc/ham/osmo-sdr: Makefile
   	pkgsrc/ham/trustedQSL: Makefile
   	pkgsrc/inputmethod/scim: Makefile
   	pkgsrc/inputmethod/xcin: Makefile
   	pkgsrc/lang/asn1c: Makefile
   	pkgsrc/lang/cim: Makefile
   	pkgsrc/lang/clang-static-analyzer: Makefile
   	pkgsrc/lang/erlang: Makefile
   	pkgsrc/lang/fort77: Makefile
   	pkgsrc/lang/g95: Makefile
   	pkgsrc/lang/gcc-aux: Makefile
   	pkgsrc/lang/gcc44: Makefile
   	pkgsrc/lang/gcc45: Makefile
   	pkgsrc/lang/gcc46: Makefile
   	pkgsrc/lang/gcc47: Makefile
   	pkgsrc/lang/gcc48: Makefile
   	pkgsrc/lang/gcc49: Makefile
   	pkgsrc/lang/gcc5: Makefile
   	pkgsrc/lang/gforth: Makefile
   	pkgsrc/lang/ghc: Makefile
   	pkgsrc/lang/ghc-bootstrap: Makefile
   	pkgsrc/lang/ghc7: Makefile
   	pkgsrc/lang/go: Makefile
   	pkgsrc/lang/go14: Makefile
   	pkgsrc/lang/guile: Makefile
   	pkgsrc/lang/gwydion-dylan: Makefile
   	pkgsrc/lang/libLLVM: Makefile
   	pkgsrc/lang/llvm: Makefile
   	pkgsrc/lang/mercury: Makefile
   	pkgsrc/lang/mono: Makefile
   	pkgsrc/lang/mono2: Makefile
   	pkgsrc/lang/moscow_ml: Makefile
   	pkgsrc/lang/nqp: Makefile
   	pkgsrc/lang/oo2c: Makefile
   	pkgsrc/lang/ossp-js: Makefile
   	pkgsrc/lang/parrot: Makefile
   	pkgsrc/lang/pfe: Makefile
   	pkgsrc/lang/rakudo-star: Makefile
   	pkgsrc/lang/sather: Makefile
   	pkgsrc/lang/see: Makefile
   	pkgsrc/lang/spidermonkey17: Makefile
   	pkgsrc/mail/YoSucker: Makefile
   	pkgsrc/mail/amavis-perl: Makefile
   	pkgsrc/mail/amavisd-new: Makefile
   	pkgsrc/mail/anomy-sanitizer: Makefile
   	pkgsrc/mail/avenger: Makefile
   	pkgsrc/mail/balsa: Makefile
   	pkgsrc/mail/bogofilter: Makefile
   	pkgsrc/mail/claws-mail: Makefile
   	pkgsrc/mail/claws-mail-vcalendar: Makefile
   	pkgsrc/mail/clawsker: Makefile
   	pkgsrc/mail/cone: Makefile
   	pkgsrc/mail/courier-analog: Makefile
   	pkgsrc/mail/courier-imap: Makefile
   	pkgsrc/mail/courier-maildir: Makefile
   	pkgsrc/mail/cyrus-imapd: Makefile
   	pkgsrc/mail/cyrus-imapd23: Makefile
   	pkgsrc/mail/cyrus-imapd24: Makefile
   	pkgsrc/mail/dcc: Makefile
   	pkgsrc/mail/demime: Makefile
   	pkgsrc/mail/distribute: Makefile
   	pkgsrc/mail/dspam: Makefile
   	pkgsrc/mail/elmo: Makefile
   	pkgsrc/mail/etpan: Makefile
   	pkgsrc/mail/exim: Makefile
   	pkgsrc/mail/exim3: Makefile
   	pkgsrc/mail/faces: Makefile
   	pkgsrc/mail/fetchyahoo: Makefile
   	pkgsrc/mail/fix-mime-charset: Makefile
   	pkgsrc/mail/fml: Makefile
   	pkgsrc/mail/fromto: Makefile
   	pkgsrc/mail/grepmail: Makefile
   	pkgsrc/mail/imapsync: Makefile
   	pkgsrc/mail/kbiff: Makefile
   	pkgsrc/mail/mailagent: Makefile
   	pkgsrc/mail/maildrop: Makefile
   	pkgsrc/mail/mailgraph: Makefile
   	pkgsrc/mail/mailhops: Makefile
   	pkgsrc/mail/mailserv: Makefile
   	pkgsrc/mail/mailsort: Makefile
   	pkgsrc/mail/majordomo: Makefile
   	pkgsrc/mail/mb2md: Makefile
   	pkgsrc/mail/mdfrm: Makefile
   	pkgsrc/mail/mhonarc: Makefile
   	pkgsrc/mail/mime-construct: Makefile
   	pkgsrc/mail/minimalist: Makefile
   	pkgsrc/mail/mutt: Makefile
   	pkgsrc/mail/opendkim: Makefile
   	pkgsrc/mail/opendmarc: Makefile
   	pkgsrc/mail/policyd-weight: Makefile
   	pkgsrc/mail/poppy: Makefile
   	pkgsrc/mail/postfix: Makefile
   	pkgsrc/mail/postgrey: Makefile
   	pkgsrc/mail/prayer: Makefile
   	pkgsrc/mail/qgreylist: Makefile
   	pkgsrc/mail/qmHandle: Makefile
   	pkgsrc/mail/qmail-lint: Makefile
   	pkgsrc/mail/qmqtool: Makefile
   	pkgsrc/mail/rspamd: Makefile
   	pkgsrc/mail/sendmail-qtool: Makefile
   	pkgsrc/mail/sendymail: Makefile
   	pkgsrc/mail/spamassassin: Makefile
   	pkgsrc/mail/squirrelmail: Makefile
   	pkgsrc/mail/sqwebmail: Makefile
   	pkgsrc/mail/teapop: Makefile
   	pkgsrc/mail/thunderbird-enigmail: Makefile
   	pkgsrc/mail/turba: Makefile
   	pkgsrc/math/R: Makefile
   	pkgsrc/math/R-gdata: Makefile
   	pkgsrc/math/R-genetics: Makefile
   	pkgsrc/math/antixls: Makefile
   	pkgsrc/math/ess: Makefile
   	pkgsrc/math/fftw: Makefile
   	pkgsrc/math/fftwf: Makefile
   	pkgsrc/math/genius: Makefile
   	pkgsrc/math/maxima: Makefile
   	pkgsrc/math/ntl: Makefile
   	pkgsrc/math/ocaml-zarith: Makefile
   	pkgsrc/math/octave: Makefile
   	pkgsrc/math/pari: Makefile
   	pkgsrc/math/pari23: Makefile
   	pkgsrc/math/ppl: Makefile
   	pkgsrc/math/pspp: Makefile
   	pkgsrc/math/qalculate-kde: Makefile
   	pkgsrc/math/superlu: Makefile
   	pkgsrc/math/udunits: Makefile
   	pkgsrc/math/xmgr: Makefile
   	pkgsrc/math/yacas: Makefile
   	pkgsrc/mbone/beacon: Makefile
   	pkgsrc/meta-pkgs/bulk-medium: Makefile
   	pkgsrc/meta-pkgs/bulk-small: Makefile
   	pkgsrc/meta-pkgs/kde3: Makefile
   	pkgsrc/meta-pkgs/kde4: Makefile
   	pkgsrc/meta-pkgs/netbsd-www: Makefile
   	pkgsrc/meta-pkgs/texlive-collection-bibtexextra: Makefile
   	pkgsrc/meta-pkgs/texlive-collection-latexextra: Makefile
   	pkgsrc/meta-pkgs/texlive-collection-pstricks: Makefile
   	pkgsrc/meta-pkgs/xfce4: Makefile
   	pkgsrc/misc/bbweather: Makefile
   	pkgsrc/misc/byobu: Makefile
   	pkgsrc/misc/colorize: Makefile
   	pkgsrc/misc/cowsay: Makefile
   	pkgsrc/misc/dpkg: Makefile
   	pkgsrc/misc/gkrellm-weather: Makefile
   	pkgsrc/misc/gnome-utils: Makefile
   	pkgsrc/misc/gwaei: Makefile
   	pkgsrc/misc/ipbt: Makefile
   	pkgsrc/misc/kanjipad: Makefile
   	pkgsrc/misc/kdepim3: Makefile
   	pkgsrc/misc/kdepim4: Makefile
   	pkgsrc/misc/koffice: Makefile
   	pkgsrc/misc/libcdio: Makefile
   	pkgsrc/misc/libcdio-paranoia: Makefile
   	pkgsrc/misc/libreoffice: Makefile
   	pkgsrc/misc/libreoffice4: Makefile
   	pkgsrc/misc/libreoffice43: Makefile
   	pkgsrc/misc/loco: Makefile
   	pkgsrc/misc/mirmon: Makefile
   	pkgsrc/misc/nxtvepg: Makefile
   	pkgsrc/misc/openoffice3: Makefile
   	pkgsrc/misc/p5-Locale-libintl: Makefile
   	pkgsrc/misc/pdmenu: Makefile
   	pkgsrc/misc/reed: Makefile
   	pkgsrc/misc/rlwrap: Makefile
   	pkgsrc/misc/rpm: Makefile
   	pkgsrc/misc/stellarium: Makefile
   	pkgsrc/misc/taskjuggler: Makefile
   	pkgsrc/misc/tds: Makefile
   	pkgsrc/misc/tellico-kde3: Makefile
   	pkgsrc/misc/teseq: Makefile
   	pkgsrc/misc/topless: Makefile
   	pkgsrc/misc/vfu: Makefile
   	pkgsrc/misc/vym: Makefile
   	pkgsrc/misc/whohas: Makefile
   	pkgsrc/multimedia/acidrip: Makefile
   	pkgsrc/multimedia/dirac: Makefile
   	pkgsrc/multimedia/dvb-apps: Makefile
   	pkgsrc/multimedia/dvdrip: Makefile
   	pkgsrc/multimedia/ffmpeg2: Makefile
   	pkgsrc/multimedia/ffmpeg3: Makefile
   	pkgsrc/multimedia/gmediaserver: Makefile
   	pkgsrc/multimedia/gnome-media: Makefile
   	pkgsrc/multimedia/gst-plugins0.10-base: Makefile
   	pkgsrc/multimedia/gst-plugins0.10-ffmpeg: Makefile
   	pkgsrc/multimedia/gst-plugins1-base: Makefile
   	pkgsrc/multimedia/gst-plugins1-libav: Makefile
   	pkgsrc/multimedia/gst-plugins1-omx: Makefile
   	pkgsrc/multimedia/gstreamer0.10: Makefile
   	pkgsrc/multimedia/gstreamer1: Makefile
   	pkgsrc/multimedia/gxine: Makefile
   	pkgsrc/multimedia/handbrake: Makefile
   	pkgsrc/multimedia/kdenlive: Makefile
   	pkgsrc/multimedia/kmplayer: Makefile
   	pkgsrc/multimedia/kmplayer-kde3: Makefile
   	pkgsrc/multimedia/libvpx: Makefile
   	pkgsrc/multimedia/ming: Makefile
   	pkgsrc/multimedia/mpv: Makefile
   	pkgsrc/multimedia/vlc: Makefile
   	pkgsrc/multimedia/vlc20: Makefile
   	pkgsrc/multimedia/x264-devel: Makefile
   	pkgsrc/multimedia/xawtv: Makefile
   	pkgsrc/multimedia/xine-lib: Makefile
   	pkgsrc/net/amule: Makefile
   	pkgsrc/net/argus: Makefile
   	pkgsrc/net/arp-scan: Makefile
   	pkgsrc/net/bind910: Makefile
   	pkgsrc/net/bind99: Makefile
   	pkgsrc/net/choqok: Makefile
   	pkgsrc/net/clive: Makefile
   	pkgsrc/net/coda: Makefile
   	pkgsrc/net/dctc: Makefile
   	pkgsrc/net/ddclient: Makefile
   	pkgsrc/net/dhcpd-pools: Makefile
   	pkgsrc/net/dlint: Makefile
   	pkgsrc/net/dnscheck: Makefile
   	pkgsrc/net/dnstracer: Makefile
   	pkgsrc/net/exabgp: Makefile
   	pkgsrc/net/fpdns: Makefile
   	pkgsrc/net/freeradius: Makefile
   	pkgsrc/net/get-flash-videos: Makefile
   	pkgsrc/net/gift: Makefile
   	pkgsrc/net/gnapfetch: Makefile
   	pkgsrc/net/ipcalc: Makefile
   	pkgsrc/net/irrd: Makefile
   	pkgsrc/net/kftpgrabber: Makefile
   	pkgsrc/net/kismet: Makefile
   	pkgsrc/net/kmldonkey-kde3: Makefile
   	pkgsrc/net/ktorrent: Makefile
   	pkgsrc/net/ktorrent-kde3: Makefile
   	pkgsrc/net/ldns: Makefile
   	pkgsrc/net/lftp: Makefile
   	pkgsrc/net/libktorrent: Makefile
   	pkgsrc/net/libquic: Makefile
   	pkgsrc/net/librsync: Makefile
   	pkgsrc/net/logjam: Makefile
   	pkgsrc/net/md-whois: Makefile
   	pkgsrc/net/mirror: Makefile
   	pkgsrc/net/mldonkey: Makefile
   	pkgsrc/net/monsoon: Makefile
   	pkgsrc/net/mrtg: Makefile
   	pkgsrc/net/nagios-nrpe: Makefile
   	pkgsrc/net/nagios-nsca: Makefile
   	pkgsrc/net/nagios-plugin-snmp: Makefile
   	pkgsrc/net/nagios-plugin-spamd: Makefile
   	pkgsrc/net/nagios-plugins: Makefile
   	pkgsrc/net/nasd: Makefile
   	pkgsrc/net/net-snmp: Makefile
   	pkgsrc/net/netatalk22: Makefile
   	pkgsrc/net/netatalk30: Makefile
   	pkgsrc/net/netdisco: Makefile
   	pkgsrc/net/nocol: Makefile
   	pkgsrc/net/ns: Makefile
   	pkgsrc/net/ntp4: Makefile
   	pkgsrc/net/ocsinventory-agent: Makefile
   	pkgsrc/net/oinkmaster: Makefile
   	pkgsrc/net/openwbem: Makefile
   	pkgsrc/net/perlbal: Makefile
   	pkgsrc/net/pfnet: Makefile
   	pkgsrc/net/proftpd: Makefile
   	pkgsrc/net/quagga: Makefile
   	pkgsrc/net/radiusd-cistron: Makefile
   	pkgsrc/net/rancid: Makefile
   	pkgsrc/net/remmina: Makefile
   	pkgsrc/net/remmina-plugins: Makefile
   	pkgsrc/net/samba: Makefile
   	pkgsrc/net/samba4: Makefile
   	pkgsrc/net/sitescooper: Makefile
   	pkgsrc/net/smokeping: Makefile
   	pkgsrc/net/snmptt: Makefile
   	pkgsrc/net/spread: Makefile
   	pkgsrc/net/stripes: Makefile
   	pkgsrc/net/tacacs: Makefile
   	pkgsrc/net/tacacs-shrubbery: Makefile
   	pkgsrc/net/tigervnc: Makefile
   	pkgsrc/net/tightvnc: Makefile
   	pkgsrc/net/torrentutils: Makefile
   	pkgsrc/net/tsclient: Makefile
   	pkgsrc/net/udpcast: Makefile
   	pkgsrc/net/vcheck: Makefile
   	pkgsrc/net/vino: Makefile
   	pkgsrc/net/vnc: Makefile
   	pkgsrc/net/vpnc: Makefile
   	pkgsrc/net/walker: Makefile
   	pkgsrc/net/wget: Makefile
   	pkgsrc/net/whois3: Makefile
   	pkgsrc/net/wireshark: Makefile
   	pkgsrc/net/wireshark1: Makefile
   	pkgsrc/net/wol: Makefile
   	pkgsrc/news/cleanscore: Makefile
   	pkgsrc/news/newsbeuter: Makefile
   	pkgsrc/news/nntpcache: Makefile
   	pkgsrc/news/tin: Makefile
   	pkgsrc/news/trn: Makefile
   	pkgsrc/parallel/gridscheduler: Makefile
   	pkgsrc/parallel/mpi-ch: Makefile
   	pkgsrc/parallel/openmpi: Makefile
   	pkgsrc/parallel/parallel: Makefile
   	pkgsrc/parallel/pdsh: Makefile
   	pkgsrc/parallel/sge: Makefile
   	pkgsrc/parallel/slurm: Makefile
   	pkgsrc/pkgtools/gnome-packagekit: Makefile
   	pkgsrc/pkgtools/lintpkgsrc: Makefile
   	pkgsrc/pkgtools/pkg_distinst: Makefile
   	pkgsrc/pkgtools/pkg_filecheck: Makefile
   	pkgsrc/pkgtools/pkg_notify: Makefile
   	pkgsrc/pkgtools/pkg_p5up2date: Makefile
   	pkgsrc/pkgtools/pkgdep: Makefile
   	pkgsrc/pkgtools/pkgdepgraph: Makefile
   	pkgsrc/pkgtools/pkgdiff: Makefile
   	pkgsrc/pkgtools/pkglint4: Makefile
   	pkgsrc/pkgtools/pkgse: Makefile
   	pkgsrc/pkgtools/pkgsrc-todo: Makefile
   	pkgsrc/pkgtools/port2pkg: Makefile
   	pkgsrc/pkgtools/revbump: Makefile
   	pkgsrc/pkgtools/texlive2pkg: Makefile
   	pkgsrc/pkgtools/url2pkg: Makefile
   	pkgsrc/print/a2ps: Makefile
   	pkgsrc/print/bibtool: Makefile
   	pkgsrc/print/chktex: Makefile
   	pkgsrc/print/cups: Makefile
   	pkgsrc/print/cups-pdf: Makefile
   	pkgsrc/print/cups15: Makefile
   	pkgsrc/print/enscript: Makefile
   	pkgsrc/print/foomatic-filters: Makefile
   	pkgsrc/print/foomatic4-db-engine: Makefile
   	pkgsrc/print/foomatic4-filters: Makefile
   	pkgsrc/print/ghostscript-agpl: Makefile
   	pkgsrc/print/ghostscript-gpl: Makefile
   	pkgsrc/print/gutenprint-lib: Makefile
   	pkgsrc/print/gv: Makefile
   	pkgsrc/print/hplip: Makefile
   	pkgsrc/print/html2ps: Makefile
   	pkgsrc/print/if-psprint: Makefile
   	pkgsrc/print/ja-a2ps: Makefile
   	pkgsrc/print/kbibtex: Makefile
   	pkgsrc/print/kbibtex-kde3: Makefile
   	pkgsrc/print/latexmk: Makefile
   	pkgsrc/print/lilypond: Makefile
   	pkgsrc/print/luatex: Makefile
   	pkgsrc/print/pdflib: Makefile
   	pkgsrc/print/pdflib-lite: Makefile
   	pkgsrc/print/psjoin: Makefile
   	pkgsrc/print/pslib: Makefile
   	pkgsrc/print/psutils: Makefile
   	pkgsrc/print/qpdf: Makefile
   	pkgsrc/print/scribus: Makefile
   	pkgsrc/print/scribus-qt4: Makefile
   	pkgsrc/print/tex-cjk-gs-integrate: Makefile
   	pkgsrc/print/tex-glossaries: Makefile
   	pkgsrc/print/tex-kotex-utils: Makefile
   	pkgsrc/print/tex-oberdiek: Makefile
   	pkgsrc/print/tex-pdftex-doc: Makefile
   	pkgsrc/print/tex-pdftools: Makefile
   	pkgsrc/print/tex-pkfix: Makefile
   	pkgsrc/print/tex-tetex: Makefile
   	pkgsrc/print/tex-texlive.infra: Makefile
   	pkgsrc/print/tex-thumbpdf: Makefile
   	pkgsrc/print/tex-xetex: Makefile
   	pkgsrc/print/tex4ht: Makefile
   	pkgsrc/print/xetex: Makefile
   	pkgsrc/print/yup: Makefile
   	pkgsrc/security/Bastille: Makefile
   	pkgsrc/security/CSP: Makefile
   	pkgsrc/security/antonym: Makefile
   	pkgsrc/security/apg: Makefile
   	pkgsrc/security/base: Makefile
   	pkgsrc/security/boringssl: Makefile
   	pkgsrc/security/caff: Makefile
   	pkgsrc/security/ccid: Makefile
   	pkgsrc/security/clusterssh: Makefile
   	pkgsrc/security/courier-authlib: Makefile
   	pkgsrc/security/dnssec-tools: Makefile
   	pkgsrc/security/egd: Makefile
   	pkgsrc/security/f-prot-antivirus6-ms-bin: Makefile
   	pkgsrc/security/gnutls: Makefile
   	pkgsrc/security/gpg2dot: Makefile
   	pkgsrc/security/hackbot: Makefile
   	pkgsrc/security/lasso: Makefile
   	pkgsrc/security/libprelude: Makefile
   	pkgsrc/security/libprelude-perl: Makefile
   	pkgsrc/security/libpreludedb: Makefile
   	pkgsrc/security/libpreludedb-mysql: Makefile
   	pkgsrc/security/libpreludedb-perl: Makefile
   	pkgsrc/security/libpreludedb-pgsql: Makefile
   	pkgsrc/security/libpreludedb-python: Makefile
   	pkgsrc/security/libpreludedb-sqlite3: Makefile
   	pkgsrc/security/log2timeline: Makefile
   	pkgsrc/security/mbedtls: Makefile
   	pkgsrc/security/mbedtls1: Makefile
   	pkgsrc/security/mhash: Makefile
   	pkgsrc/security/mit-krb5: Makefile
   	pkgsrc/security/munge: Makefile
   	pkgsrc/security/nikto: Makefile
   	pkgsrc/security/openpam: Makefile
   	pkgsrc/security/openssh: Makefile
   	pkgsrc/security/openssl: Makefile
   	pkgsrc/security/p5-pcsc: Makefile
   	pkgsrc/security/pcsc-tools: Makefile
   	pkgsrc/security/pgp5: Makefile
   	pkgsrc/security/pgpenvelope: Makefile
   	pkgsrc/security/policykit: Makefile
   	pkgsrc/security/policykit-gnome: Makefile
   	pkgsrc/security/polkit: Makefile
   	pkgsrc/security/py-lasso: Makefile
   	pkgsrc/security/racoon2: Makefile
   	pkgsrc/security/sfs: Makefile
   	pkgsrc/security/skey: Makefile
   	pkgsrc/security/sks: Makefile
   	pkgsrc/security/sleuthkit: Makefile
   	pkgsrc/security/snortsnarf: Makefile
   	pkgsrc/security/stunnel: Makefile
   	pkgsrc/security/tct: Makefile
   	pkgsrc/security/validns: Makefile
   	pkgsrc/security/zebedee: Makefile
   	pkgsrc/security/zoneminder: Makefile
   	pkgsrc/shells/mksh: Makefile
   	pkgsrc/shells/perlsh: Makefile
   	pkgsrc/shells/xsh: Makefile
   	pkgsrc/sysutils/amanda-common: Makefile
   	pkgsrc/sysutils/amtterm: Makefile
   	pkgsrc/sysutils/backuppc: Makefile
   	pkgsrc/sysutils/bacula: Makefile
   	pkgsrc/sysutils/boxbackup-client: Makefile
   	pkgsrc/sysutils/boxbackup-server: Makefile
   	pkgsrc/sysutils/bup: Makefile
   	pkgsrc/sysutils/cdbkup: Makefile
   	pkgsrc/sysutils/cdrkit: Makefile
   	pkgsrc/sysutils/cfengine2: Makefile
   	pkgsrc/sysutils/collectd: Makefile
   	pkgsrc/sysutils/consolekit: Makefile
   	pkgsrc/sysutils/coreutils: Makefile
   	pkgsrc/sysutils/cpogm: Makefile
   	pkgsrc/sysutils/cvsreport: Makefile
   	pkgsrc/sysutils/dirvish: Makefile
   	pkgsrc/sysutils/diskscrub: Makefile
   	pkgsrc/sysutils/dmassage: Makefile
   	pkgsrc/sysutils/dmesg2gif: Makefile
   	pkgsrc/sysutils/etckeeper: Makefile
   	pkgsrc/sysutils/etcmanage: Makefile
   	pkgsrc/sysutils/filelight-kde3: Makefile
   	pkgsrc/sysutils/gdmap: Makefile
   	pkgsrc/sysutils/gio-fam: Makefile
   	pkgsrc/sysutils/gnome-commander: Makefile
   	pkgsrc/sysutils/gnome-device-manager: Makefile
   	pkgsrc/sysutils/gnome-mount: Makefile
   	pkgsrc/sysutils/gnome-power-manager: Makefile
   	pkgsrc/sysutils/gnome-system-tools: Makefile
   	pkgsrc/sysutils/gnome-volume-manager: Makefile
   	pkgsrc/sysutils/hal: Makefile
   	pkgsrc/sysutils/hal-info: Makefile
   	pkgsrc/sysutils/k3b: Makefile
   	pkgsrc/sysutils/k3b-kde3: Makefile
   	pkgsrc/sysutils/k4dirstat: Makefile
   	pkgsrc/sysutils/krusader: Makefile
   	pkgsrc/sysutils/lavaps: Makefile
   	pkgsrc/sysutils/libgtop: Makefile
   	pkgsrc/sysutils/liboobs: Makefile
   	pkgsrc/sysutils/libvirt: Makefile
   	pkgsrc/sysutils/lilo: Makefile
   	pkgsrc/sysutils/lsof: Makefile
   	pkgsrc/sysutils/lxpanel: Makefile
   	pkgsrc/sysutils/magicrescue: Makefile
   	pkgsrc/sysutils/mc: Makefile
   	pkgsrc/sysutils/mc46: Makefile
   	pkgsrc/sysutils/memconf: Makefile
   	pkgsrc/sysutils/mgm: Makefile
   	pkgsrc/sysutils/munin-doc: Makefile
   	pkgsrc/sysutils/munin-node: Makefile
   	pkgsrc/sysutils/munin-server: Makefile
   	pkgsrc/sysutils/pflogsumm: Makefile
   	pkgsrc/sysutils/rconfig: Makefile
   	pkgsrc/sysutils/roller: Makefile
   	pkgsrc/sysutils/rsnapshot: Makefile
   	pkgsrc/sysutils/safetynet: Makefile
   	pkgsrc/sysutils/sarah: Makefile
   	pkgsrc/sysutils/shelldap: Makefile
   	pkgsrc/sysutils/smbldap-tools: Makefile
   	pkgsrc/sysutils/stow: Makefile
   	pkgsrc/sysutils/strace: Makefile
   	pkgsrc/sysutils/strigi: Makefile
   	pkgsrc/sysutils/swatch: Makefile
   	pkgsrc/sysutils/tenshi: Makefile
   	pkgsrc/sysutils/vifm: Makefile
   	pkgsrc/sysutils/webmin: Makefile
   	pkgsrc/sysutils/xentools3: Makefile
   	pkgsrc/sysutils/xentools3-hvm: Makefile
   	pkgsrc/sysutils/xentools33: Makefile
   	pkgsrc/sysutils/xentools41: Makefile
   	pkgsrc/sysutils/xentools42: Makefile
   	pkgsrc/sysutils/xentools45: Makefile
   	pkgsrc/sysutils/xentools46: Makefile
   	pkgsrc/sysutils/xps: Makefile
   	pkgsrc/sysutils/znapzend: Makefile
   	pkgsrc/textproc/Markdown: Makefile
   	pkgsrc/textproc/aspell: Makefile
   	pkgsrc/textproc/aspell-da: Makefile
   	pkgsrc/textproc/aspell-fo: Makefile
   	pkgsrc/textproc/btparse: Makefile
   	pkgsrc/textproc/c2html: Makefile
   	pkgsrc/textproc/cdif: Makefile
   	pkgsrc/textproc/cmigemo: Makefile
   	pkgsrc/textproc/crush-tools: Makefile
   	pkgsrc/textproc/dict-mueller7: Makefile
   	pkgsrc/textproc/diffsplit: Makefile
   	pkgsrc/textproc/docbook-xsl: Makefile
   	pkgsrc/textproc/dsssl-docbook-modular: Makefile
   	pkgsrc/textproc/dtdparse: Makefile
   	pkgsrc/textproc/eb: Makefile
   	pkgsrc/textproc/freepwing: Makefile
   	pkgsrc/textproc/grep: Makefile
   	pkgsrc/textproc/groff: Makefile
   	pkgsrc/textproc/gtk-doc: Makefile
   	pkgsrc/textproc/halibut: Makefile
   	pkgsrc/textproc/html2wml: Makefile
   	pkgsrc/textproc/hunspell: Makefile
   	pkgsrc/textproc/hunspell-de: Makefile
   	pkgsrc/textproc/hyphen: Makefile
   	pkgsrc/textproc/intltool: Makefile
   	pkgsrc/textproc/ispell-de: Makefile
   	pkgsrc/textproc/ja-groff: Makefile
   	pkgsrc/textproc/kdoc: Makefile
   	pkgsrc/textproc/latex2html: Makefile
   	pkgsrc/textproc/libxml++: Makefile
   	pkgsrc/textproc/libxslt: Makefile
   	pkgsrc/textproc/mdoclint: Makefile
   	pkgsrc/textproc/multimarkdown: Makefile
   	pkgsrc/textproc/mythes: Makefile
   	pkgsrc/textproc/namazu: Makefile
   	pkgsrc/textproc/ndtpd: Makefile
   	pkgsrc/textproc/openjade: Makefile
   	pkgsrc/textproc/opensp: Makefile
   	pkgsrc/textproc/p5-libxml: Makefile
   	pkgsrc/textproc/p5-mecab: Makefile
   	pkgsrc/textproc/p5-mobiperl: Makefile
   	pkgsrc/textproc/po4a: Makefile
   	pkgsrc/textproc/pod2mdoc: Makefile
   	pkgsrc/textproc/postgresql-autodoc: Makefile
   	pkgsrc/textproc/redland: Makefile
   	pkgsrc/textproc/rfcutil: Makefile
   	pkgsrc/textproc/sablotron: Makefile
   	pkgsrc/textproc/sub2srt: Makefile
   	pkgsrc/textproc/tex-latexdiff: Makefile
   	pkgsrc/textproc/tex-latexdiff-doc: Makefile
   	pkgsrc/textproc/texi2html: Makefile
   	pkgsrc/textproc/troffcvt: Makefile
   	pkgsrc/textproc/xapian-omega: Makefile
   	pkgsrc/textproc/xmltoman: Makefile
   	pkgsrc/textproc/yamcha: Makefile
   	pkgsrc/time/hebcal: Makefile
   	pkgsrc/time/ical2rem: Makefile
   	pkgsrc/time/libical: Makefile
   	pkgsrc/time/rem2ics: Makefile
   	pkgsrc/time/remind: Makefile
   	pkgsrc/time/rsibreak: Makefile
   	pkgsrc/time/rsibreak-kde3: Makefile
   	pkgsrc/time/titrax: Makefile
   	pkgsrc/wm/afterstep: Makefile
   	pkgsrc/wm/bbkeys: Makefile
   	pkgsrc/wm/bbkeys09: Makefile
   	pkgsrc/wm/compiz-fusion-plugins-extra: Makefile
   	pkgsrc/wm/enlightenment: Makefile
   	pkgsrc/wm/fvwm: Makefile
   	pkgsrc/wm/fvwm-devel: Makefile
   	pkgsrc/wm/fvwm-themes: Makefile
   	pkgsrc/wm/i3: Makefile
   	pkgsrc/wm/ratpoison: Makefile
   	pkgsrc/wm/waimea: Makefile
   	pkgsrc/wm/windowmaker: Makefile
   	pkgsrc/wm/wmakerconf: Makefile
   	pkgsrc/www/SpeedyCGI: Makefile
   	pkgsrc/www/adzap: Makefile
   	pkgsrc/www/album: Makefile
   	pkgsrc/www/album_themes: Makefile
   	pkgsrc/www/amaya: Makefile
   	pkgsrc/www/ap2-perl: Makefile
   	pkgsrc/www/apache22: Makefile
   	pkgsrc/www/apache24: Makefile
   	pkgsrc/www/awstats: Makefile
   	pkgsrc/www/bannerfilter: Makefile
   	pkgsrc/www/bins: Makefile
   	pkgsrc/www/bluefish: Makefile
   	pkgsrc/www/calamaris: Makefile
   	pkgsrc/www/checkbot: Makefile
   	pkgsrc/www/clearsilver: Makefile
   	pkgsrc/www/cronolog: Makefile
   	pkgsrc/www/curl: Makefile
   	pkgsrc/www/cvsweb: Makefile
   	pkgsrc/www/dansguardian: Makefile
   	pkgsrc/www/davical: Makefile
   	pkgsrc/www/dillo: Makefile
   	pkgsrc/www/drraw: Makefile
   	pkgsrc/www/firefox: Makefile
   	pkgsrc/www/firefox24: Makefile
   	pkgsrc/www/firefox31: Makefile
   	pkgsrc/www/firefox38: Makefile
   	pkgsrc/www/firefox45: Makefile
   	pkgsrc/www/gallery: Makefile
   	pkgsrc/www/gitweb: Makefile
   	pkgsrc/www/h2o: Makefile
   	pkgsrc/www/htmlfix: Makefile
   	pkgsrc/www/htmllint: Makefile
   	pkgsrc/www/icedtea-web: Makefile
   	pkgsrc/www/ikiwiki: Makefile
   	pkgsrc/www/kannel: Makefile
   	pkgsrc/www/kdewebdev3: Makefile
   	pkgsrc/www/libwww: Makefile
   	pkgsrc/www/liferea: Makefile
   	pkgsrc/www/llgal: Makefile
   	pkgsrc/www/make_album: Makefile
   	pkgsrc/www/mknmz-wwwoffle: Makefile
   	pkgsrc/www/moodle: Makefile
   	pkgsrc/www/neon: Makefile
   	pkgsrc/www/netsurf: Makefile
   	pkgsrc/www/nvu: Makefile
   	pkgsrc/www/p5-HTMLObject: Makefile
   	pkgsrc/www/p5-libwww: Makefile
   	pkgsrc/www/php-owncloud: Makefile
   	pkgsrc/www/privoxy: Makefile
   	pkgsrc/www/py-moin: Makefile
   	pkgsrc/www/screws: Makefile
   	pkgsrc/www/snownews: Makefile
   	pkgsrc/www/squid3: Makefile
   	pkgsrc/www/squidGuard: Makefile
   	pkgsrc/www/squidanalyzer: Makefile
   	pkgsrc/www/squidclamav: Makefile
   	pkgsrc/www/surfraw: Makefile
   	pkgsrc/www/swish-e: Makefile
   	pkgsrc/www/w3m: Makefile
   	pkgsrc/www/wApua: Makefile
   	pkgsrc/www/wdg-validate: Makefile
   	pkgsrc/www/webkit-gtk: Makefile
   	pkgsrc/www/webkit24-gtk: Makefile
   	pkgsrc/www/weblint: Makefile
   	pkgsrc/www/webnew: Makefile
   	pkgsrc/www/whisker: Makefile
   	pkgsrc/www/wml: Makefile
   	pkgsrc/www/wwwoffle: Makefile
   	pkgsrc/www/yaws: Makefile
   	pkgsrc/x11/alacarte: Makefile
   	pkgsrc/x11/eterm: Makefile
   	pkgsrc/x11/gcolor2: Makefile
   	pkgsrc/x11/gnome-desktop: Makefile
   	pkgsrc/x11/gnome-panel: Makefile
   	pkgsrc/x11/gnome-session: Makefile
   	pkgsrc/x11/gnome-terminal: Makefile
   	pkgsrc/x11/gtk: Makefile
   	pkgsrc/x11/gtk-sharp: Makefile
   	pkgsrc/x11/gtk2: Makefile
   	pkgsrc/x11/gtk2-chtheme: Makefile
   	pkgsrc/x11/gtk3: Makefile
   	pkgsrc/x11/gtkada: Makefile
   	pkgsrc/x11/gtkmm: Makefile
   	pkgsrc/x11/gtkmm3: Makefile
   	pkgsrc/x11/gtksourceview: Makefile
   	pkgsrc/x11/gtksourceview2: Makefile
   	pkgsrc/x11/gtksourceviewmm: Makefile
   	pkgsrc/x11/kconfigwidgets: Makefile
   	pkgsrc/x11/kdebindings-ruby: Makefile
   	pkgsrc/x11/kdelibs3: Makefile
   	pkgsrc/x11/p5-Wx: Makefile
   	pkgsrc/x11/pixman: Makefile
   	pkgsrc/x11/py-wxWidgets: Makefile
   	pkgsrc/x11/qt5-qtbase: Makefile
   	pkgsrc/x11/wxGTK30: Makefile
   	pkgsrc/x11/xephem: Makefile
   	pkgsrc/x11/xfce4-exo: Makefile
   	pkgsrc/x11/xfce4-whiskermenu-plugin: Makefile
   	pkgsrc/x11/xkbset: Makefile
   	pkgsrc/x11/xplanet: Makefile
   	pkgsrc/x11/xscreensaver: Makefile

   Log Message:
   Bump PKGREVISION for perl-5.24.0 for everything mentioning perl.


   To generate a diff of this commit:
   cvs rdiff -u -r1.19 -r1.20 pkgsrc/net/samba4/Makefile

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	wiz
   Date:		Sat Jul  9 13:04:18 UTC 2016

   Modified Files:
   	pkgsrc/audio/ardour: Makefile
   	pkgsrc/audio/aubio: Makefile
   	pkgsrc/audio/csound5: Makefile
   	pkgsrc/audio/csound6: Makefile
   	pkgsrc/audio/csound6-manual: Makefile
   	pkgsrc/audio/exaile: Makefile
   	pkgsrc/audio/eyeD3: Makefile
   	pkgsrc/audio/moss: Makefile
   	pkgsrc/audio/mutagen-tools: Makefile
   	pkgsrc/audio/picard: Makefile
   	pkgsrc/audio/py-acoustid: Makefile
   	pkgsrc/audio/py-ao: Makefile
   	pkgsrc/audio/py-beets: Makefile
   	pkgsrc/audio/py-cddb: Makefile
   	pkgsrc/audio/py-daap: Makefile
   	pkgsrc/audio/py-discogs_client: Makefile
   	pkgsrc/audio/py-id3: Makefile
   	pkgsrc/audio/py-id3lib: Makefile
   	pkgsrc/audio/py-karaoke: Makefile
   	pkgsrc/audio/py-libmtag: Makefile
   	pkgsrc/audio/py-mad: Makefile
   	pkgsrc/audio/py-musicbrainz: Makefile
   	pkgsrc/audio/py-musique: Makefile
   	pkgsrc/audio/py-ogg: Makefile
   	pkgsrc/audio/py-vorbis: Makefile
   	pkgsrc/audio/quodlibet2: Makefile
   	pkgsrc/audio/rhythmbox: Makefile
   	pkgsrc/audio/solfege: Makefile
   	pkgsrc/audio/sonata: Makefile
   	pkgsrc/audio/streamtuner: options.mk
   	pkgsrc/audio/tunapie: Makefile
   	pkgsrc/benchmarks/glmark2: Makefile
   	pkgsrc/biology/py-mol: Makefile
   	pkgsrc/cad/py-MyHDL: Makefile
   	pkgsrc/chat/empathy: Makefile
   	pkgsrc/chat/gajim: Makefile options.mk
   	pkgsrc/chat/libtelepathy: Makefile
   	pkgsrc/chat/py-xmpppy: Makefile
   	pkgsrc/chat/spectrum: Makefile
   	pkgsrc/chat/telepathy-farsight: Makefile
   	pkgsrc/chat/telepathy-gabble: Makefile
   	pkgsrc/chat/telepathy-glib: Makefile
   	pkgsrc/chat/telepathy-haze: Makefile
   	pkgsrc/chat/telepathy-idle: Makefile
   	pkgsrc/chat/telepathy-logger: Makefile
   	pkgsrc/chat/telepathy-mission-control5: Makefile
   	pkgsrc/chat/telepathy-qt: Makefile
   	pkgsrc/chat/xchat-python: Makefile
   	pkgsrc/comms/multisync-gui: Makefile
   	pkgsrc/comms/py-gammu: Makefile
   	pkgsrc/converters/py-jpCodecs: Makefile
   	pkgsrc/converters/py-yenc: Makefile
   	pkgsrc/converters/py-zbase32: Makefile
   	pkgsrc/converters/py-zfec: Makefile
   	pkgsrc/converters/py-zhCodecs: Makefile
   	pkgsrc/databases/gourmet: Makefile
   	pkgsrc/databases/gramps3: Makefile options.mk
   	pkgsrc/databases/libpqxx: Makefile
   	pkgsrc/databases/luma: Makefile
   	pkgsrc/databases/mongodb: Makefile
   	pkgsrc/databases/py-PgSQL: Makefile
   	pkgsrc/databases/py-bdb-xml: Makefile
   	pkgsrc/databases/py-carbon: Makefile options.mk
   	pkgsrc/databases/py-cassa: Makefile
   	pkgsrc/databases/py-cdb: Makefile
   	pkgsrc/databases/py-ckanclient: Makefile
   	pkgsrc/databases/py-couchdb: Makefile
   	pkgsrc/databases/py-datapkg: Makefile
   	pkgsrc/databases/py-elixir: Makefile
   	pkgsrc/databases/py-ldap: Makefile
   	pkgsrc/databases/py-metakit: Makefile
   	pkgsrc/databases/py-mssql: Makefile
   	pkgsrc/databases/py-mysqldb: Makefile
   	pkgsrc/databases/py-python-rrdtool: Makefile
   	pkgsrc/databases/py-sqlalchemy-migrate: Makefile
   	pkgsrc/databases/py-sqlite: Makefile
   	pkgsrc/databases/py-sqlite2: Makefile
   	pkgsrc/databases/py-sqlrelay: Makefile
   	pkgsrc/databases/py-sybase: Makefile
   	pkgsrc/databases/py-table: Makefile
   	pkgsrc/databases/py-tokyocabinet: Makefile
   	pkgsrc/databases/py-whisper: Makefile
   	pkgsrc/databases/skytools: Makefile
   	pkgsrc/databases/tdb: Makefile
   	pkgsrc/devel/ExmanIDE: Makefile
   	pkgsrc/devel/GConf: Makefile
   	pkgsrc/devel/RBTools: Makefile
   	pkgsrc/devel/accerciser: Makefile
   	pkgsrc/devel/boa-constructor: Makefile
   	pkgsrc/devel/bokken: Makefile
   	pkgsrc/devel/bpython: Makefile
   	pkgsrc/devel/bugs-everywhere: Makefile
   	pkgsrc/devel/bzr: Makefile
   	pkgsrc/devel/bzr-explorer: Makefile
   	pkgsrc/devel/bzr-gtk: Makefile
   	pkgsrc/devel/bzr-svn: Makefile
   	pkgsrc/devel/bzrtools: Makefile
   	pkgsrc/devel/codeville: Makefile
   	pkgsrc/devel/cvs2svn: Makefile
   	pkgsrc/devel/diffuse: Makefile
   	pkgsrc/devel/distcc-pump: Makefile
   	pkgsrc/devel/doxygen: Makefile
   	pkgsrc/devel/epydoc: Makefile
   	pkgsrc/devel/eric4: Makefile
   	pkgsrc/devel/gdb: options.mk
   	pkgsrc/devel/gnatpython: Makefile
   	pkgsrc/devel/googletest: Makefile
   	pkgsrc/devel/gps: options.mk
   	pkgsrc/devel/gyp: Makefile
   	pkgsrc/devel/kdesdk3: Makefile
   	pkgsrc/devel/ko-po-check: Makefile
   	pkgsrc/devel/lettuce: Makefile
   	pkgsrc/devel/libappindicator: Makefile
   	pkgsrc/devel/libappindicator3: Makefile
   	pkgsrc/devel/libftdi1: Makefile
   	pkgsrc/devel/libgit2: Makefile
   	pkgsrc/devel/libhid: Makefile
   	pkgsrc/devel/meld: Makefile
   	pkgsrc/devel/py-InlineEgg: Makefile
   	pkgsrc/devel/py-Optik: Makefile
   	pkgsrc/devel/py-astroid: Makefile
   	pkgsrc/devel/py-at-spi: Makefile
   	pkgsrc/devel/py-buildbot: Makefile
   	pkgsrc/devel/py-buildbot-slave: Makefile
   	pkgsrc/devel/py-cached-property: Makefile
   	pkgsrc/devel/py-checker: Makefile
   	pkgsrc/devel/py-cheetah: Makefile
   	pkgsrc/devel/py-compizconfig: Makefile
   	pkgsrc/devel/py-daemon: Makefile
   	pkgsrc/devel/py-darcsver: Makefile
   	pkgsrc/devel/py-dialog2: Makefile
   	pkgsrc/devel/py-distorm3: Makefile
   	pkgsrc/devel/py-doctor: Makefile
   	pkgsrc/devel/py-enum34: Makefile
   	pkgsrc/devel/py-expect: Makefile
   	pkgsrc/devel/py-fastimport: Makefile
   	pkgsrc/devel/py-futures: Makefile
   	pkgsrc/devel/py-gflags: Makefile
   	pkgsrc/devel/py-gobject: Makefile
   	pkgsrc/devel/py-google-apputils: Makefile
   	pkgsrc/devel/py-hg-fastimport: Makefile
   	pkgsrc/devel/py-hg-git: Makefile
   	pkgsrc/devel/py-hglib: Makefile
   	pkgsrc/devel/py-hglist: Makefile
   	pkgsrc/devel/py-hgnested: Makefile
   	pkgsrc/devel/py-hgview: Makefile
   	pkgsrc/devel/py-ipaddr: Makefile
   	pkgsrc/devel/py-ipython010: Makefile
   	pkgsrc/devel/py-ipython013: Makefile
   	pkgsrc/devel/py-jersey: Makefile
   	pkgsrc/devel/py-kjbuckets: Makefile
   	pkgsrc/devel/py-kqueue: Makefile
   	pkgsrc/devel/py-logilab-astng: Makefile
   	pkgsrc/devel/py-logilab-common: Makefile
   	pkgsrc/devel/py-memcached: Makefile
   	pkgsrc/devel/py-mercurial: Makefile.version
   	pkgsrc/devel/py-multiprocessing: Makefile
   	pkgsrc/devel/py-newt: Makefile
   	pkgsrc/devel/py-open-vcdiff: Makefile
   	pkgsrc/devel/py-pqueue: Makefile
   	pkgsrc/devel/py-proteus: options.mk
   	pkgsrc/devel/py-protobuf: Makefile
   	pkgsrc/devel/py-pylint: Makefile
   	pkgsrc/devel/py-pytemplate: Makefile
   	pkgsrc/devel/py-pyutil: Makefile
   	pkgsrc/devel/py-quixote: Makefile
   	pkgsrc/devel/py-rope: Makefile
   	pkgsrc/devel/py-ruamel-ordereddict: Makefile
   	pkgsrc/devel/py-setuptools_trial: Makefile
   	pkgsrc/devel/py-singledispatch: Makefile
   	pkgsrc/devel/py-stompclient: Makefile
   	pkgsrc/devel/py-subprocess32: Makefile
   	pkgsrc/devel/py-subvertpy: Makefile
   	pkgsrc/devel/py-tabular: Makefile
   	pkgsrc/devel/py-tortoisehg: Makefile
   	pkgsrc/devel/py-tryton: options.mk
   	pkgsrc/devel/py-trytond: Makefile.common options.mk
   	pkgsrc/devel/py-unit: Makefile
   	pkgsrc/devel/py-unitgui: Makefile
   	pkgsrc/devel/py-usb: Makefile
   	pkgsrc/devel/py-windbg: Makefile
   	pkgsrc/devel/py-zanata-python-client: Makefile
   	pkgsrc/devel/py-zconfig: Makefile
   	pkgsrc/devel/qbzr: Makefile
   	pkgsrc/devel/reposurgeon: Makefile
   	pkgsrc/devel/roundup: Makefile
   	pkgsrc/devel/rox-lib: Makefile
   	pkgsrc/devel/scons: Makefile
   	pkgsrc/devel/stgit: Makefile
   	pkgsrc/devel/tailor: Makefile
   	pkgsrc/devel/talloc: Makefile
   	pkgsrc/devel/transifex-client: Makefile
   	pkgsrc/devel/umbrello: Makefile
   	pkgsrc/devel/xulrunner10: mozilla-common.mk
   	pkgsrc/devel/xulrunner17: mozilla-common.mk
   	pkgsrc/devel/xulrunner192: mozilla-common.mk
   	pkgsrc/editors/gedit-python: Makefile
   	pkgsrc/editors/kdissert: Makefile
   	pkgsrc/editors/lyx: Makefile
   	pkgsrc/editors/medit: Makefile
   	pkgsrc/editors/nts: Makefile
   	pkgsrc/editors/pluma: options.mk
   	pkgsrc/editors/zim: Makefile
   	pkgsrc/emulators/fs-uae-launcher: Makefile
   	pkgsrc/emulators/gns3: Makefile
   	pkgsrc/emulators/hatari: Makefile
   	pkgsrc/emulators/mame: Makefile
   	pkgsrc/emulators/openmsx: Makefile
   	pkgsrc/emulators/qemu: Makefile
   	pkgsrc/emulators/qemu0: Makefile
   	pkgsrc/emulators/unicorn: Makefile
   	pkgsrc/filesystems/fuse-gmailfs: Makefile
   	pkgsrc/filesystems/fuse-pcachefs: Makefile
   	pkgsrc/filesystems/fuse-wikipediafs: Makefile
   	pkgsrc/filesystems/glusterfs: Makefile
   	pkgsrc/filesystems/py-filesystem: Makefile
   	pkgsrc/filesystems/py-fuse-bindings: Makefile
   	pkgsrc/filesystems/tahoe-lafs: Makefile
   	pkgsrc/finance/gnucash: Makefile
   	pkgsrc/finance/moneyguru: Makefile
   	pkgsrc/finance/py-stripe: Makefile
   	pkgsrc/finance/py-vatnumber: Makefile
   	pkgsrc/fonts/mftrace: Makefile
   	pkgsrc/fonts/py-TTFQuery: Makefile
   	pkgsrc/games/4stAttack: Makefile
   	pkgsrc/games/blindmine: Makefile
   	pkgsrc/games/freeciv-share: Makefile.common
   	pkgsrc/games/gcompris: Makefile
   	pkgsrc/games/gnome-games: Makefile
   	pkgsrc/games/jools: Makefile
   	pkgsrc/games/kajongg: Makefile
   	pkgsrc/games/kye: Makefile
   	pkgsrc/games/monsterz: Makefile
   	pkgsrc/games/py-easyAI: Makefile
   	pkgsrc/games/py-renpy: Makefile
   	pkgsrc/games/pysolfc: Makefile
   	pkgsrc/games/pytraffic: Makefile
   	pkgsrc/games/teeworlds: Makefile
   	pkgsrc/games/wesnoth: Makefile
   	pkgsrc/geography/gpsd: Makefile
   	pkgsrc/geography/proj-swig: Makefile
   	pkgsrc/geography/py-google-maps-services-python: Makefile
   	pkgsrc/geography/py-obspy: Makefile
   	pkgsrc/geography/qgis: options.mk
   	pkgsrc/graphics/MesaLib: Makefile
   	pkgsrc/graphics/MesaLib7: Makefile
   	pkgsrc/graphics/blender: Makefile
   	pkgsrc/graphics/comix: Makefile
   	pkgsrc/graphics/dia-python: Makefile
   	pkgsrc/graphics/eog: Makefile
   	pkgsrc/graphics/eom: options.mk
   	pkgsrc/graphics/gimp-docs-en: Makefile.common
   	pkgsrc/graphics/libscigraphica: Makefile
   	pkgsrc/graphics/mypaint: Makefile
   	pkgsrc/graphics/py-OpenGL: Makefile
   	pkgsrc/graphics/py-aafigure: Makefile
   	pkgsrc/graphics/py-biggles: Makefile
   	pkgsrc/graphics/py-cairo: Makefile
   	pkgsrc/graphics/py-chart: Makefile
   	pkgsrc/graphics/py-dot: Makefile
   	pkgsrc/graphics/py-gdchart: Makefile
   	pkgsrc/graphics/py-gdmodule: Makefile
   	pkgsrc/graphics/py-gnuplot: Makefile
   	pkgsrc/graphics/py-goocanvas: Makefile
   	pkgsrc/graphics/py-gtkglext: Makefile
   	pkgsrc/graphics/py-imaging: Makefile
   	pkgsrc/graphics/py-imagingtk: Makefile
   	pkgsrc/graphics/py-matplotlib-gtk2: Makefile
   	pkgsrc/graphics/py-mcomix: Makefile
   	pkgsrc/graphics/py-piddle: Makefile
   	pkgsrc/graphics/py-pycha: Makefile
   	pkgsrc/graphics/py-sk1libs: Makefile
   	pkgsrc/graphics/py-uniconvertor: Makefile
   	pkgsrc/graphics/scigraphica: Makefile
   	pkgsrc/graphics/skencil: Makefile
   	pkgsrc/graphics/xdot: Makefile
   	pkgsrc/ham/gnuradio-core: Makefile.common
   	pkgsrc/inputmethod/ibus-python: Makefile
   	pkgsrc/inputmethod/ibus-tegaki: Makefile
   	pkgsrc/inputmethod/mozc-server: Makefile.common
   	pkgsrc/inputmethod/py-input-pad: Makefile
   	pkgsrc/inputmethod/py-zinnia: Makefile
   	pkgsrc/inputmethod/scim-python: Makefile
   	pkgsrc/inputmethod/tegaki-pygtk: Makefile
   	pkgsrc/inputmethod/tegaki-python: Makefile
   	pkgsrc/inputmethod/tegaki-recognize: Makefile
   	pkgsrc/inputmethod/tegaki-tools: Makefile
   	pkgsrc/inputmethod/tegaki-train: Makefile
   	pkgsrc/inputmethod/tegaki-wagomu: Makefile
   	pkgsrc/lang/clang-static-analyzer: Makefile
   	pkgsrc/lang/nodejs: Makefile.common
   	pkgsrc/lang/py-basicproperty: Makefile
   	pkgsrc/lang/py-pyrex: Makefile
   	pkgsrc/lang/py-pythonz: Makefile
   	pkgsrc/lang/python: pyversion.mk
   	pkgsrc/mail/archivemail: Makefile
   	pkgsrc/mail/fetchmailconf: Makefile
   	pkgsrc/mail/getmail: Makefile
   	pkgsrc/mail/mailman: Makefile
   	pkgsrc/mail/offlineimap: Makefile
   	pkgsrc/mail/py-libgmail: Makefile
   	pkgsrc/mail/thunderbird-enigmail: Makefile.common
   	pkgsrc/mail/tmda: Makefile
   	pkgsrc/math/gnumeric: Makefile
   	pkgsrc/math/gnumeric110: Makefile
   	pkgsrc/math/gnumeric112: Makefile
   	pkgsrc/math/py-Numeric: Makefile
   	pkgsrc/math/py-Scientific: Makefile
   	pkgsrc/math/py-cdecimal: Makefile
   	pkgsrc/math/py-ephem: Makefile
   	pkgsrc/math/py-fftw: Makefile
   	pkgsrc/math/py-fpconst: Makefile
   	pkgsrc/math/py-networkx: Makefile
   	pkgsrc/math/py-numarray: Makefile
   	pkgsrc/math/py-simpleeval: Makefile
   	pkgsrc/meta-pkgs/bulk-large: Makefile
   	pkgsrc/meta-pkgs/bulk-medium: Makefile
   	pkgsrc/meta-pkgs/gnome: Makefile
   	pkgsrc/meta-pkgs/py-gnome-bindings: Makefile
   	pkgsrc/misc/byobu: Makefile
   	pkgsrc/misc/calibre: Makefile
   	pkgsrc/misc/calibre1: Makefile
   	pkgsrc/misc/deskbar-applet: Makefile
   	pkgsrc/misc/kdeutils3: Makefile
   	pkgsrc/misc/khard: Makefile
   	pkgsrc/misc/koffice: Makefile
   	pkgsrc/misc/mnemosyne: Makefile
   	pkgsrc/misc/openoffice3: Makefile
   	pkgsrc/misc/orca: Makefile
   	pkgsrc/misc/py-anita: Makefile
   	pkgsrc/misc/py-anki2: Makefile
   	pkgsrc/misc/py-carddav: Makefile
   	pkgsrc/misc/py-stdnum: Makefile
   	pkgsrc/misc/routeplanner-cli: Makefile
   	pkgsrc/misc/superkaramba: Makefile
   	pkgsrc/multimedia/farsight2: Makefile
   	pkgsrc/multimedia/kodi: Makefile
   	pkgsrc/multimedia/libkate: options.mk
   	pkgsrc/multimedia/livestreamer: Makefile
   	pkgsrc/multimedia/pitivi: Makefile
   	pkgsrc/multimedia/py-gstreamer0.10: Makefile
   	pkgsrc/multimedia/py-ming: Makefile
   	pkgsrc/multimedia/totem: Makefile.common
   	pkgsrc/net/Radicale: options.mk
   	pkgsrc/net/avahi: options.mk
   	pkgsrc/net/bittornado: Makefile
   	pkgsrc/net/bittornado-gui: Makefile
   	pkgsrc/net/bittorrent: Makefile
   	pkgsrc/net/bittorrent-gui: Makefile
   	pkgsrc/net/calypso: Makefile
   	pkgsrc/net/coherence: Makefile
   	pkgsrc/net/coilmq: Makefile
   	pkgsrc/net/exabgp: Makefile
   	pkgsrc/net/gitso: Makefile
   	pkgsrc/net/gtk-vnc: options.mk
   	pkgsrc/net/mimms: Makefile
   	pkgsrc/net/mitmproxy: Makefile
   	pkgsrc/net/nagstamon: Makefile
   	pkgsrc/net/nicotine: Makefile
   	pkgsrc/net/nmap: options.mk
   	pkgsrc/net/omniORB: Makefile
   	pkgsrc/net/py-GeoIP: Makefile
   	pkgsrc/net/py-ORBit: Makefile
   	pkgsrc/net/py-adns: Makefile
   	pkgsrc/net/py-beanstalkc: Makefile
   	pkgsrc/net/py-bitmessage: Makefile
   	pkgsrc/net/py-caldav: Makefile
   	pkgsrc/net/py-dpkt: Makefile
   	pkgsrc/net/py-eventlib: Makefile
   	pkgsrc/net/py-foolscap: Makefile
   	pkgsrc/net/py-gevent: Makefile
   	pkgsrc/net/py-google: Makefile
   	pkgsrc/net/py-ipaddress: Makefile
   	pkgsrc/net/py-kenosis: Makefile
   	pkgsrc/net/py-libdnet: Makefile
   	pkgsrc/net/py-libpcap: Makefile
   	pkgsrc/net/py-medusa: Makefile
   	pkgsrc/net/py-metar: Makefile
   	pkgsrc/net/py-netifaces: Makefile
   	pkgsrc/net/py-netsnmp: Makefile
   	pkgsrc/net/py-omniORBpy: Makefile
   	pkgsrc/net/py-pcap: Makefile
   	pkgsrc/net/py-s3cmd: Makefile
   	pkgsrc/net/py-soappy: Makefile
   	pkgsrc/net/py-socketpool: Makefile
   	pkgsrc/net/py-spreadmodule: Makefile
   	pkgsrc/net/py-suds: Makefile
   	pkgsrc/net/py-tweepy: Makefile
   	pkgsrc/net/py-twisted: Makefile.common
   	pkgsrc/net/py-txamqp: Makefile
   	pkgsrc/net/py-zsi: Makefile
   	pkgsrc/net/pygopherd: Makefile
   	pkgsrc/net/samba4: Makefile
   	pkgsrc/net/scapy: Makefile options.mk
   	pkgsrc/net/upnpinspector: Makefile
   	pkgsrc/net/wireshark: Makefile
   	pkgsrc/net/wireshark1: Makefile
   	pkgsrc/news/hellanzb: Makefile
   	pkgsrc/news/lottanzb: Makefile
   	pkgsrc/pkgtools/gnome-packagekit: Makefile
   	pkgsrc/pkgtools/packagekit: Makefile
   	pkgsrc/print/hplip: options.mk
   	pkgsrc/print/lilypond: Makefile
   	pkgsrc/print/pdfshuffler: Makefile
   	pkgsrc/print/py-pisa: Makefile
   	pkgsrc/print/py-poppler: Makefile
   	pkgsrc/print/py-reportlab: Makefile
   	pkgsrc/print/scribus: Makefile
   	pkgsrc/print/scribus-qt4: Makefile
   	pkgsrc/security/botan: Makefile
   	pkgsrc/security/lasso: Makefile
   	pkgsrc/security/libprelude-python: Makefile
   	pkgsrc/security/libpreludedb-python: Makefile
   	pkgsrc/security/mixminion: Makefile
   	pkgsrc/security/prelude-correlator: Makefile
   	pkgsrc/security/py-SSLCrypto: Makefile
   	pkgsrc/security/py-backports.ssl_match_hostname: Makefile
   	pkgsrc/security/py-cryptkit: Makefile
   	pkgsrc/security/py-cryptopp: Makefile
   	pkgsrc/security/py-cybox: Makefile
   	pkgsrc/security/py-denyhosts: Makefile
   	pkgsrc/security/py-gnupg: Makefile
   	pkgsrc/security/py-lasso: Makefile
   	pkgsrc/security/py-libtaxii: Makefile
   	pkgsrc/security/py-m2crypto: Makefile
   	pkgsrc/security/py-mcrypt: Makefile
   	pkgsrc/security/py-oauth2: Makefile
   	pkgsrc/security/py-openid: Makefile
   	pkgsrc/security/py-prewikka: Makefile
   	pkgsrc/security/py-service_identity: Makefile
   	pkgsrc/security/py-stix: Makefile
   	pkgsrc/security/py-tlslite: Makefile
   	pkgsrc/security/py-urllib2-kerberos: Makefile
   	pkgsrc/security/py-xmlsec: Makefile
   	pkgsrc/security/py-yara: Makefile
   	pkgsrc/security/py-yubiauth: Makefile
   	pkgsrc/security/volatility: Makefile
   	pkgsrc/shells/lshell: Makefile
   	pkgsrc/sysutils/ansible: Makefile
   	pkgsrc/sysutils/bup: Makefile
   	pkgsrc/sysutils/caja-dropbox: Makefile
   	pkgsrc/sysutils/cuisine: Makefile
   	pkgsrc/sysutils/dbus-python-common: Makefile
   	pkgsrc/sysutils/duplicity: Makefile
   	pkgsrc/sysutils/euca2ools: Makefile
   	pkgsrc/sysutils/fabric: Makefile
   	pkgsrc/sysutils/gnome-commander: Makefile
   	pkgsrc/sysutils/libvirt: Makefile
   	pkgsrc/sysutils/manifold: Makefile
   	pkgsrc/sysutils/monitoring: Makefile
   	pkgsrc/sysutils/openxenmanager: Makefile
   	pkgsrc/sysutils/polysh: Makefile
   	pkgsrc/sysutils/py-borgbackup: Makefile
   	pkgsrc/sysutils/py-gnome-menus: Makefile
   	pkgsrc/sysutils/py-notify: Makefile
   	pkgsrc/sysutils/py-notify-python: Makefile
   	pkgsrc/sysutils/py-pefile: Makefile
   	pkgsrc/sysutils/py-xattr: Makefile
   	pkgsrc/sysutils/rdiff-backup: Makefile
   	pkgsrc/sysutils/salt: Makefile
   	pkgsrc/sysutils/salt-docs: Makefile
   	pkgsrc/sysutils/virt-manager: Makefile
   	pkgsrc/sysutils/virtinst: Makefile
   	pkgsrc/sysutils/xenkernel3: Makefile
   	pkgsrc/sysutils/xenkernel33: Makefile
   	pkgsrc/sysutils/xenkernel41: Makefile
   	pkgsrc/sysutils/xenkernel42: Makefile
   	pkgsrc/sysutils/xenkernel45: Makefile
   	pkgsrc/sysutils/xenkernel46: Makefile
   	pkgsrc/sysutils/xentools3: Makefile
   	pkgsrc/sysutils/xentools3-hvm: Makefile
   	pkgsrc/sysutils/xentools33: Makefile
   	pkgsrc/sysutils/xentools41: Makefile
   	pkgsrc/sysutils/xentools42: Makefile
   	pkgsrc/sysutils/xentools45: Makefile
   	pkgsrc/sysutils/xentools46: Makefile
   	pkgsrc/textproc/asciidoc: Makefile
   	pkgsrc/textproc/coccigrep: Makefile
   	pkgsrc/textproc/dblatex: Makefile
   	pkgsrc/textproc/gnome-doc-utils: Makefile
   	pkgsrc/textproc/gtk-doc: Makefile
   	pkgsrc/textproc/ispell-lt: Makefile
   	pkgsrc/textproc/itstool: Makefile
   	pkgsrc/textproc/libplist: Makefile
   	pkgsrc/textproc/markdown2social: Makefile
   	pkgsrc/textproc/py-4Suite: Makefile
   	pkgsrc/textproc/py-Excelerator: Makefile
   	pkgsrc/textproc/py-HappyDoc: Makefile
   	pkgsrc/textproc/py-Whoosh: Makefile
   	pkgsrc/textproc/py-X2: Makefile
   	pkgsrc/textproc/py-cabocha: Makefile
   	pkgsrc/textproc/py-cjson: Makefile
   	pkgsrc/textproc/py-cmTemplate: Makefile
   	pkgsrc/textproc/py-elementtree: Makefile
   	pkgsrc/textproc/py-empy: Makefile
   	pkgsrc/textproc/py-generateDS: Makefile
   	pkgsrc/textproc/py-gnosis-utils: Makefile
   	pkgsrc/textproc/py-iniparse: Makefile
   	pkgsrc/textproc/py-jsonlib: Makefile
   	pkgsrc/textproc/py-libxslt: Makefile
   	pkgsrc/textproc/py-marisa: Makefile
   	pkgsrc/textproc/py-mecab: Makefile
   	pkgsrc/textproc/py-relatorio: Makefile
   	pkgsrc/textproc/py-vobject: Makefile
   	pkgsrc/textproc/py-xlwt: Makefile
   	pkgsrc/textproc/py-xml: Makefile
   	pkgsrc/textproc/py-yamcha: Makefile
   	pkgsrc/textproc/queequeg: Makefile
   	pkgsrc/textproc/rubber: Makefile
   	pkgsrc/textproc/xmlada: Makefile
   	pkgsrc/time/etm: Makefile
   	pkgsrc/time/gdeskcal: Makefile
   	pkgsrc/time/hamster-applet: Makefile
   	pkgsrc/time/py-goocalendar: Makefile
   	pkgsrc/time/py-mxDateTime: Makefile
   	pkgsrc/time/wxRemind: Makefile
   	pkgsrc/wm/bmpanel2: Makefile
   	pkgsrc/wm/ccsm: Makefile
   	pkgsrc/wm/py-tyle: Makefile
   	pkgsrc/www/ap-scgi: Makefile
   	pkgsrc/www/bluefish: Makefile
   	pkgsrc/www/browser-bookmarks-menu: Makefile
   	pkgsrc/www/cherokee: Makefile
   	pkgsrc/www/clearsilver: Makefile
   	pkgsrc/www/firefox: mozilla-common.mk
   	pkgsrc/www/firefox24: mozilla-common.mk
   	pkgsrc/www/firefox31: mozilla-common.mk
   	pkgsrc/www/firefox38: mozilla-common.mk
   	pkgsrc/www/firefox45: mozilla-common.mk
   	pkgsrc/www/ies4linux: Makefile
   	pkgsrc/www/loggerhead: Makefile
   	pkgsrc/www/py-ClientForm: Makefile
   	pkgsrc/www/py-HTMLgen: Makefile
   	pkgsrc/www/py-beautifulsoup: Makefile
   	pkgsrc/www/py-blosxom: Makefile
   	pkgsrc/www/py-clearsilver: Makefile
   	pkgsrc/www/py-django-appmedia: Makefile
   	pkgsrc/www/py-django-mezzanine-filebrowser: Makefile
   	pkgsrc/www/py-django-mezzanine-grappelli: Makefile
   	pkgsrc/www/py-django-photologue: Makefile
   	pkgsrc/www/py-django14: Makefile options.mk
   	pkgsrc/www/py-djangorestframework: Makefile
   	pkgsrc/www/py-flup: Makefile
   	pkgsrc/www/py-gdata: Makefile
   	pkgsrc/www/py-google-api-python-client: Makefile
   	pkgsrc/www/py-graphite-web: Makefile
   	pkgsrc/www/py-jonpy: Makefile
   	pkgsrc/www/py-mechanize: Makefile
   	pkgsrc/www/py-mezzanine: Makefile
   	pkgsrc/www/py-moin: Makefile
   	pkgsrc/www/py-nevow: Makefile
   	pkgsrc/www/py-pendrell: Makefile
   	pkgsrc/www/py-python-digest: Makefile
   	pkgsrc/www/py-pywebdav: Makefile
   	pkgsrc/www/py-recaptcha: Makefile
   	pkgsrc/www/py-scgi: Makefile
   	pkgsrc/www/py-simpletal: Makefile
   	pkgsrc/www/py-swish-e: Makefile
   	pkgsrc/www/py-twill: Makefile
   	pkgsrc/www/py-uliweb: Makefile
   	pkgsrc/www/py-webpy: Makefile
   	pkgsrc/www/py-werkzeug-docs: Makefile
   	pkgsrc/www/ruby-pygments.rb: Makefile
   	pkgsrc/www/trac: Makefile
   	pkgsrc/www/urlgrabber: Makefile
   	pkgsrc/www/viewvc: Makefile
   	pkgsrc/www/webkit-gtk: Makefile
   	pkgsrc/www/webkit24-gtk: Makefile.common
   	pkgsrc/x11/alacarte: Makefile
   	pkgsrc/x11/arandr: Makefile
   	pkgsrc/x11/avant-window-navigator: Makefile
   	pkgsrc/x11/driconf: Makefile
   	pkgsrc/x11/gnome-applets: Makefile
   	pkgsrc/x11/gnome-mag: Makefile
   	pkgsrc/x11/gnome-panel: Makefile
   	pkgsrc/x11/gnome-terminal: Makefile
   	pkgsrc/x11/gtk2: Makefile
   	pkgsrc/x11/kde-workspace4: Makefile
   	pkgsrc/x11/libdesktop-agnostic: Makefile
   	pkgsrc/x11/mozo: Makefile
   	pkgsrc/x11/py-Pmw: Makefile
   	pkgsrc/x11/py-gnome2: Makefile
   	pkgsrc/x11/py-gnome2-desktop: Makefile
   	pkgsrc/x11/py-gnome2-extras: Makefile
   	pkgsrc/x11/py-gtk2: Makefile
   	pkgsrc/x11/py-gtksourceview: Makefile
   	pkgsrc/x11/py-keybinder: Makefile
   	pkgsrc/x11/py-kiwi: Makefile
   	pkgsrc/x11/py-qwt-qt4: Makefile
   	pkgsrc/x11/py-terminator: Makefile
   	pkgsrc/x11/py-vte: Makefile
   	pkgsrc/x11/py-wxWidgets: Makefile
   	pkgsrc/x11/rox-session: Makefile
   	pkgsrc/x11/tint2: Makefile

   Log Message:
   Remove python33: adapt all packages that refer to it.


   To generate a diff of this commit:
   cvs rdiff -u -r1.20 -r1.21 pkgsrc/net/samba4/Makefile

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	wiz
   Date:		Mon Jul 11 12:28:17 UTC 2016

   Modified Files:
   	pkgsrc/net/samba4: Makefile PLIST

   Log Message:
   If py-dns or py-iso8601 are installed, the PLIST is wrong because
   the separate copy coming with samba4 is not installed.

   Depend on the two packages and never install the separate copies.

   Bump PKGREVISION.


   To generate a diff of this commit:
   cvs rdiff -u -r1.21 -r1.22 pkgsrc/net/samba4/Makefile
   cvs rdiff -u -r1.8 -r1.9 pkgsrc/net/samba4/PLIST

Revision 1.22 / (download) - annotate - [select for diffs], Mon Jul 11 12:28:17 2016 UTC (6 years, 4 months ago) by wiz
Branch: MAIN
Changes since 1.21: +4 -2 lines
Diff to previous 1.21 (colored)

If py-dns or py-iso8601 are installed, the PLIST is wrong because
the separate copy coming with samba4 is not installed.

Depend on the two packages and never install the separate copies.

Bump PKGREVISION.

Revision 1.21 / (download) - annotate - [select for diffs], Sat Jul 9 13:04:02 2016 UTC (6 years, 5 months ago) by wiz
Branch: MAIN
Changes since 1.20: +2 -2 lines
Diff to previous 1.20 (colored)

Remove python33: adapt all packages that refer to it.

Revision 1.20 / (download) - annotate - [select for diffs], Sat Jul 9 06:38:45 2016 UTC (6 years, 5 months ago) by wiz
Branch: MAIN
Changes since 1.19: +2 -1 lines
Diff to previous 1.19 (colored)

Bump PKGREVISION for perl-5.24.0 for everything mentioning perl.

Revision 1.19 / (download) - annotate - [select for diffs], Thu Jul 7 16:44:14 2016 UTC (6 years, 5 months ago) by taca
Branch: MAIN
Changes since 1.18: +2 -2 lines
Diff to previous 1.18 (colored)

Update samba4 to 4.3.11 (Samba 4.3.11), including security fix for
CVE-2016-2119.

Changes from 4.3.9 to 4.3.10 are too many to write here, please refer
WHATSNEW.txt file.


                   ==============================
                   Release Notes for Samba 4.3.11
                            July 07, 2016
                   ==============================


This is a security release in order to address the following defect:

o  CVE-2016-2119 (Client side SMB2/3 required signing can be downgraded)

=======
Details
=======

o  CVE-2016-2119:
   It's possible for an attacker to downgrade the required signing for
   an SMB2/3 client connection, by injecting the SMB2_SESSION_FLAG_IS_GUEST
   or SMB2_SESSION_FLAG_IS_NULL flags.

   This means that the attacker can impersonate a server being connected to by
   Samba, and return malicious results.

   The primary concern is with winbindd, as it uses DCERPC over SMB2 when talking
   to domain controllers as a member server, and trusted domains as a domain
   controller.  These DCE/RPC connections were intended to protected by the
   combination of "client ipc signing" and
   "client ipc max protocol" in their effective default settings
   ("mandatory" and "SMB3_11").

   Additionally, management tools like net, samba-tool and rpcclient use DCERPC
   over SMB2/3 connections.

   By default, other tools in Samba are unprotected, but rarely they are
   configured to use smb signing, via the "client signing" parameter (the default
   is "if_required").  Even more rarely the "client max protocol" is set to SMB2,
   rather than the NT1 default.

   If both these conditions are met, then this issue would also apply to these
   other tools, including command line tools like smbcacls, smbcquota, smbclient,
   smbget and applications using libsmbclient.


Changes since 4.3.10:
--------------------

o  Stefan Metzmacher <metze@samba.org>
   * BUG 11860: CVE-2016-2119: Fix client side SMB2 signing downgrade.
   * BUG 11948: Total dcerpc response payload more than 0x400000.


#######################################
Reporting bugs & Development Discussion
#######################################

Please discuss this release on the samba-technical mailing list or by
joining the #samba-technical IRC channel on irc.freenode.net.

If you do report problems then please try to send high quality
feedback. If you don't provide vital information to help us track down
the problem then you will probably be ignored.  All bug reports should
be filed under the "Samba 4.1 and newer" product in the project's Bugzilla
database (https://bugzilla.samba.org/).

Revision 1.16.2.2 / (download) - annotate - [select for diffs], Fri May 13 14:49:20 2016 UTC (6 years, 6 months ago) by bsiegert
Branch: pkgsrc-2016Q1
Changes since 1.16.2.1: +2 -2 lines
Diff to previous 1.16.2.1 (colored) to branchpoint 1.16 (colored) next main 1.17 (colored)

Pullup ticket #5011 - requested by taca
net/samba4: security fix

Revisions pulled up:
- net/samba4/Makefile                                           1.18
- net/samba4/PLIST                                              1.7
- net/samba4/distinfo                                           1.10
- net/samba4/patches/patch-lib_nss__wrapper_wscript             deleted

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sat May  7 03:09:33 UTC 2016

   Modified Files:
   	pkgsrc/net/samba4: Makefile PLIST distinfo
   Removed Files:
   	pkgsrc/net/samba4/patches: patch-lib_nss__wrapper_wscript

   Log Message:
   Update samba4 to 4.3.8, which contains security fix.

   This release fixes some regressions introduced by the last security fixes.
   Please see bug https://bugzilla.samba.org/show_bug.cgi?id=11849 for a list of
   bugs addressing these regressions and more information.

   Changes since 4.3.8:
   --------------------

   o  Jeremy Allison <jra@samba.org>
     * BUG 11742: lib: tevent: Fix memory leak when old signal action restored.
     * BUG 11771: lib: tevent: Fix memory leak when old signal action restored.
     * BUG 11822: s3: libsmb: Fix error where short name length was read as 2
       bytes, should be 1.

   o  Andrew Bartlett <abartlet@samba.org>
     * BUG 11780: smbd: Only check dev/inode in open_directory, not the full
       stat().
     * BUG 11789: pydsdb: Fix returning of ldb.MessageElement.

   o  Berend De Schouwer <berend.de.schouwer@gmail.com>
     * BUG 11643: docs: Add example for domain logins to smbspool man page.

   o  G√ľnther Deschner <gd@samba.org>
     * BUG 11789: libsmb/pysmb: Add pytalloc-util dependency to fix the build.

   o  Alberto Maria Fiaschi <alberto.fiaschi@estar.toscana.it>
     * BUG 8093: access based share enum: Handle permission set in configuration
        files.

   o  Volker Lendecke <vl@samba.org>
     * BUG 11816: nwrap: Fix the build on Solaris.
     * BUG 11827: vfs_catia: Fix memleak.
     * BUG 11878: smbd: Avoid large reads beyond EOF.

   o  Stefan Metzmacher <metze@samba.org>
     * BUG 11622: libcli/smb: Make sure we have a body size of 0x31 before
       dereferencing an ioctl response.
     * BUG 11623: libcli/smb: Fix BUFFER_OVERFLOW handling in tstream_smbXcli_np.
     * BUG 11755: s3:libads: Setup the msDS-SupportedEncryptionTypes attribute on
       ldap_add.
     * BUG 11771: tevent: Version 0.9.28. Fix memory leak when old signal action
       restored.
     * BUG 11782: s3:winbindd: Don't include two '\0' at the end of the domain
       list.
     * BUG 11789: s3:wscript: pylibsmb depends on pycredentials.
     * BUG 11841: Fix NT_STATUS_ACCESS_DENIED when accessing Windows public share.
     * BUG 11847: Only validate MIC if "map to guest" is not being used.
     * BUG 11849: auth/ntlmssp: Add ntlmssp_{client,server}:force_old_spnego
       option for testing.
     * BUG 11850: NetAPP SMB servers don't negotiate NTLMSSP_SIGN.
     * BUG 11858: Allow anonymous smb connections.
     * BUG 11870: Fix ads_sasl_spnego_gensec_bind(KRB5).
     * BUG 11872: Fix 'wbinfo -u' and 'net ads search'.

   o  Noel Power <noel.power@suse.com>
     * BUG 11738: libcli: Fix debug message, print sid string for new_ace trustee.

   o  Garming Sam <garming@catalyst.net.nz>
     * BUG 11789: build: Mark explicit dependencies on pytalloc-util.

   o  Partha Sarathi <partha@exablox.com>
     * BUG 11819: Fix the smb2_setinfo to handle FS info types and FSQUOTA
       infolevel.

   o  Jorge Schrauwen <sjorge@blackdot.be>
     * BUG 11816: configure: Don't check for inotify on illumos.

   o  Uri Simchoni <uri@samba.org>
     * BUG 11691: winbindd: Return trust parameters when listing trusts.
     * BUG 11753: smbd: Ignore SVHDX create context.
     * BUG 11763: passdb: Add linefeed to debug message.
     * BUG 11788: build: Fix disk-free quota support on Solaris 10.
     * BUG 11798: build: Fix build when '--without-quota' specified.
     * BUG 11806: vfs_acl_common: Avoid setting POSIX ACLs if "ignore system acls"
       is set.
     * BUG 11852: libads: Record session expiry for spnego sasl binds.

   o  Hemanth Thummala <hemanth.thummala@nutanix.com>
     * BUG 11740: Real memory leak(buildup) issue in loadparm.
     * BUG 11840: Mask general purpose signals for notifyd.

Revision 1.18 / (download) - annotate - [select for diffs], Sat May 7 03:09:33 2016 UTC (6 years, 7 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2016Q2-base
Branch point for: pkgsrc-2016Q2
Changes since 1.17: +2 -2 lines
Diff to previous 1.17 (colored)

Update samba4 to 4.3.8, which contains security fix.

This release fixes some regressions introduced by the last security fixes.
Please see bug https://bugzilla.samba.org/show_bug.cgi?id=11849 for a list of
bugs addressing these regressions and more information.

Changes since 4.3.8:
--------------------

o  Jeremy Allison <jra@samba.org>
   * BUG 11742: lib: tevent: Fix memory leak when old signal action restored.
   * BUG 11771: lib: tevent: Fix memory leak when old signal action restored.
   * BUG 11822: s3: libsmb: Fix error where short name length was read as 2
     bytes, should be 1.

o  Andrew Bartlett <abartlet@samba.org>
   * BUG 11780: smbd: Only check dev/inode in open_directory, not the full
     stat().
   * BUG 11789: pydsdb: Fix returning of ldb.MessageElement.

o  Berend De Schouwer <berend.de.schouwer@gmail.com>
   * BUG 11643: docs: Add example for domain logins to smbspool man page.

o  G√ľnther Deschner <gd@samba.org>
   * BUG 11789: libsmb/pysmb: Add pytalloc-util dependency to fix the build.

o  Alberto Maria Fiaschi <alberto.fiaschi@estar.toscana.it>
   * BUG 8093: access based share enum: Handle permission set in configuration
      files.

o  Volker Lendecke <vl@samba.org>
   * BUG 11816: nwrap: Fix the build on Solaris.
   * BUG 11827: vfs_catia: Fix memleak.
   * BUG 11878: smbd: Avoid large reads beyond EOF.

o  Stefan Metzmacher <metze@samba.org>
   * BUG 11622: libcli/smb: Make sure we have a body size of 0x31 before
     dereferencing an ioctl response.
   * BUG 11623: libcli/smb: Fix BUFFER_OVERFLOW handling in tstream_smbXcli_np.
   * BUG 11755: s3:libads: Setup the msDS-SupportedEncryptionTypes attribute on
     ldap_add.
   * BUG 11771: tevent: Version 0.9.28. Fix memory leak when old signal action
     restored.
   * BUG 11782: s3:winbindd: Don't include two '\0' at the end of the domain
     list.
   * BUG 11789: s3:wscript: pylibsmb depends on pycredentials.
   * BUG 11841: Fix NT_STATUS_ACCESS_DENIED when accessing Windows public share.
   * BUG 11847: Only validate MIC if "map to guest" is not being used.
   * BUG 11849: auth/ntlmssp: Add ntlmssp_{client,server}:force_old_spnego
     option for testing.
   * BUG 11850: NetAPP SMB servers don't negotiate NTLMSSP_SIGN.
   * BUG 11858: Allow anonymous smb connections.
   * BUG 11870: Fix ads_sasl_spnego_gensec_bind(KRB5).
   * BUG 11872: Fix 'wbinfo -u' and 'net ads search'.

o  Noel Power <noel.power@suse.com>
   * BUG 11738: libcli: Fix debug message, print sid string for new_ace trustee.

o  Garming Sam <garming@catalyst.net.nz>
   * BUG 11789: build: Mark explicit dependencies on pytalloc-util.

o  Partha Sarathi <partha@exablox.com>
   * BUG 11819: Fix the smb2_setinfo to handle FS info types and FSQUOTA
     infolevel.

o  Jorge Schrauwen <sjorge@blackdot.be>
   * BUG 11816: configure: Don't check for inotify on illumos.

o  Uri Simchoni <uri@samba.org>
   * BUG 11691: winbindd: Return trust parameters when listing trusts.
   * BUG 11753: smbd: Ignore SVHDX create context.
   * BUG 11763: passdb: Add linefeed to debug message.
   * BUG 11788: build: Fix disk-free quota support on Solaris 10.
   * BUG 11798: build: Fix build when '--without-quota' specified.
   * BUG 11806: vfs_acl_common: Avoid setting POSIX ACLs if "ignore system acls"
     is set.
   * BUG 11852: libads: Record session expiry for spnego sasl binds.

o  Hemanth Thummala <hemanth.thummala@nutanix.com>
   * BUG 11740: Real memory leak(buildup) issue in loadparm.
   * BUG 11840: Mask general purpose signals for notifyd.

Revision 1.16.2.1 / (download) - annotate - [select for diffs], Fri Apr 15 07:25:11 2016 UTC (6 years, 7 months ago) by bsiegert
Branch: pkgsrc-2016Q1
Changes since 1.16: +2 -3 lines
Diff to previous 1.16 (colored)

Pullup ticket #4958 - requested by manu
net/samba4: security fix

Revisions pulled up:
- net/samba4/Makefile                                           1.17
- net/samba4/PLIST                                              1.6
- net/samba4/distinfo                                           1.9

---
   Module Name:    pkgsrc
   Committed By:   manu
   Date:           Wed Apr 13 08:26:10 UTC 2016

   Modified Files:
           pkgsrc/net/samba4: Makefile PLIST distinfo

   Log Message:
   Update net/samba4 to 4.3.8

   This fixes the Badlock bug (CVE-2016-2118) and others vulnerabilities:
   o  CVE-2016-2118 (SAMR and LSA man in the middle attacks possible)
   o  CVE-2016-2115 (SMB IPC traffic is not integrity protected)
   o  CVE-2016-2114 ("server signing = mandatory" not enforced)
   o  CVE-2016-2113 (Missing TLS certificate validation)
   o  CVE-2016-2112 (LDAP client and server don't enforce integrity)
   o  CVE-2016-2111 (NETLOGON Spoofing Vulnerability)
   o  CVE-2016-2110 (Man in the middle attacks possible with NTLMSSP)
   o  CVE-2015-7560 (Incorrect ACL get/set allowed on symlink path)
   o  CVE-2016-0771 (Out-of-bounds read in internal DNS server)
   o  CVE-2015-5370 (Multiple errors in DCE-RPC code)

Revision 1.17 / (download) - annotate - [select for diffs], Wed Apr 13 08:26:10 2016 UTC (6 years, 7 months ago) by manu
Branch: MAIN
Changes since 1.16: +2 -3 lines
Diff to previous 1.16 (colored)

Update net/samba4 to 4.3.8

This fixes the Badlock bug (CVE-2016-2118) and others vulnerabilities:
o  CVE-2016-2118 (SAMR and LSA man in the middle attacks possible)
o  CVE-2016-2115 (SMB IPC traffic is not integrity protected)
o  CVE-2016-2114 ("server signing = mandatory" not enforced)
o  CVE-2016-2113 (Missing TLS certificate validation)
o  CVE-2016-2112 (LDAP client and server don't enforce integrity)
o  CVE-2016-2111 (NETLOGON Spoofing Vulnerability)
o  CVE-2016-2110 (Man in the middle attacks possible with NTLMSSP)
o  CVE-2015-7560 (Incorrect ACL get/set allowed on symlink path)
o  CVE-2016-0771 (Out-of-bounds read in internal DNS server)
o  CVE-2015-5370 (Multiple errors in DCE-RPC code)

Revision 1.16 / (download) - annotate - [select for diffs], Sat Mar 5 11:29:11 2016 UTC (6 years, 9 months ago) by jperkin
Branch: MAIN
CVS Tags: pkgsrc-2016Q1-base
Branch point for: pkgsrc-2016Q1
Changes since 1.15: +2 -1 lines
Diff to previous 1.15 (colored)

Bump PKGREVISION for security/openssl ABI bump.

Revision 1.15 / (download) - annotate - [select for diffs], Sun Jan 31 20:28:23 2016 UTC (6 years, 10 months ago) by ryoon
Branch: MAIN
Changes since 1.14: +2 -2 lines
Diff to previous 1.14 (colored)

Update to 4.3.4

Changelog:
                   =============================
                   Release Notes for Samba 4.3.4
                         January 12, 2016
                   =============================


This is the latest stable release of Samba 4.3.


Changes since 4.3.3:
--------------------

o  Michael Adam <obnox@samba.org>
   * BUG 11619: doc: Fix a typo in the smb.conf manpage, explanation of idmap
     config.
   * BUG 11647: s3:smbd: Fix a corner case of the symlink verification.

o  Jeremy Allison <jra@samba.org>
   * BUG 11624: s3: libsmb: Correctly initialize the list head when keeping a
     list of primary followed by DFS connections.
   * BUG 11625: Reduce the memory footprint of empty string options.

o  Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
   * BUG 11659: Update lastLogon and lastLogonTimestamp.

o  Ralph Boehme <slow@samba.org>
   * BUG 11065: vfs_fruit: Enable POSIX directory rename semantics.
   * BUG 11466: Copying files with vfs_fruit fails when using vfs_streams_xattr
     without stream prefix and type suffix.
   * BUG 11645: smbd: Make "hide dot files" option work with "store dos
     attributes = yes".

o  G√ľnther Deschner <gd@samba.org>
   * BUG 11639: lib/async_req: Do not install async_connect_send_test.

o  Stefan Metzmacher <metze@samba.org>
   * BUG 11394: Crash: Bad talloc magic value - access after free.

o  Rowland Penny <repenny241155@gmail.com>
   * BUG 11613: samba-tool: Fix uncaught exception if no fSMORoleOwner
     attribute is given.

o  Karolin Seeger <kseeger@samba.org>
   * BUG 11619: docs: Fix some typos in the idmap backend section.
   * BUG 11641: docs: Fix typos in man vfs_gpfs.

o  Uri Simchoni <uri@samba.org>
   * BUG 11649: smbd: Do not disable "store dos attributes" on-the-fly.

Revision 1.13.2.1 / (download) - annotate - [select for diffs], Sat Jan 2 09:44:52 2016 UTC (6 years, 11 months ago) by bsiegert
Branch: pkgsrc-2015Q4
Changes since 1.13: +2 -2 lines
Diff to previous 1.13 (colored) next main 1.14 (colored)

Pullup ticket #4881 - requested by wiz
net/samba4: security fix

Revisions pulled up:
- net/samba4/Makefile                                           1.14
- net/samba4/distinfo                                           1.7

---
   Module Name:	pkgsrc
   Committed By:	wiz
   Date:		Tue Dec 29 23:58:32 UTC 2015

   Modified Files:
   	pkgsrc/net/samba4: Makefile distinfo

   Log Message:
   Update samba4 to 4.3.3.

                      =============================
                      Release Notes for Samba 4.3.3
                            December 16, 2015
                      =============================

   This is a security release in order to address the following CVEs:

   o  CVE-2015-3223 (Denial of service in Samba Active Directory
   		  server)
   o  CVE-2015-5252 (Insufficient symlink verification in smbd)
   o  CVE-2015-5299 (Missing access control check in shadow copy
   		  code)
   o  CVE-2015-5296 (Samba client requesting encryption vulnerable
   		  to downgrade attack)
   o  CVE-2015-8467 (Denial of service attack against Windows
   		  Active Directory server)
   o  CVE-2015-5330 (Remote memory read in Samba LDAP server)

   Please note that if building against a system libldb, the required
   version has been bumped to ldb-1.1.24.  This is needed to ensure
   we build against a system ldb library that contains the fixes
   for CVE-2015-5330 and CVE-2015-3223.

   =======
   Details
   =======

   o  CVE-2015-3223:
      All versions of Samba from 4.0.0 to 4.3.2 inclusive (resp. all
      ldb versions up to 1.1.23 inclusive) are vulnerable to
      a denial of service attack in the samba daemon LDAP server.

      A malicious client can send packets that cause the LDAP server in the
      samba daemon process to become unresponsive, preventing the server
      from servicing any other requests.

      This flaw is not exploitable beyond causing the code to loop expending
      CPU resources.

   o  CVE-2015-5252:
      All versions of Samba from 3.0.0 to 4.3.2 inclusive are vulnerable to
      a bug in symlink verification, which under certain circumstances could
      allow client access to files outside the exported share path.

      If a Samba share is configured with a path that shares a common path
      prefix with another directory on the file system, the smbd daemon may
      allow the client to follow a symlink pointing to a file or directory
      in that other directory, even if the share parameter "wide links" is
      set to "no" (the default).

   o  CVE-2015-5299:
      All versions of Samba from 3.2.0 to 4.3.2 inclusive are vulnerable to
      a missing access control check in the vfs_shadow_copy2 module. When
      looking for the shadow copy directory under the share path the current
      accessing user should have DIRECTORY_LIST access rights in order to
      view the current snapshots.

      This was not being checked in the affected versions of Samba.

   o  CVE-2015-5296:
      Versions of Samba from 3.2.0 to 4.3.2 inclusive do not ensure that
      signing is negotiated when creating an encrypted client connection to
      a server.

      Without this a man-in-the-middle attack could downgrade the connection
      and connect using the supplied credentials as an unsigned, unencrypted
      connection.

   o  CVE-2015-8467:
      Samba, operating as an AD DC, is sometimes operated in a domain with a
      mix of Samba and Windows Active Directory Domain Controllers.

      All versions of Samba from 4.0.0 to 4.3.2 inclusive, when deployed as
      an AD DC in the same domain with Windows DCs, could be used to
      override the protection against the MS15-096 / CVE-2015-2535 security
      issue in Windows.

      Prior to MS16-096 it was possible to bypass the quota of machine
      accounts a non-administrative user could create.  Pure Samba domains
      are not impacted, as Samba does not implement the
      SeMachineAccountPrivilege functionality to allow non-administrator
      users to create new computer objects.

   o  CVE-2015-5330:
      All versions of Samba from 4.0.0 to 4.3.2 inclusive (resp. all
      ldb versions up to 1.1.23 inclusive) are vulnerable to
      a remote memory read attack in the samba daemon LDAP server.

      A malicious client can send packets that cause the LDAP server in the
      samba daemon process to return heap memory beyond the length of the
      requested value.

      This memory may contain data that the client should not be allowed to
      see, allowing compromise of the server.

      The memory may either be returned to the client in an error string, or
      stored in the database by a suitabily privileged user.  If untrusted
      users can create objects in your database, please confirm that all DN
      and name attributes are reasonable.

   Changes since 4.3.2:
   --------------------

   o  Andrew Bartlett <abartlet@samba.org>
      * BUG 11552: CVE-2015-8467: samdb: Match MS15-096 behaviour for
        userAccountControl.

   o  Jeremy Allison <jra@samba.org>
      * BUG 11325: CVE-2015-3223: Fix LDAP \00 search expression attack DoS.
      * BUG 11395: CVE-2015-5252: Fix insufficient symlink verification (file
        access outside the share).
      * BUG 11529: CVE-2015-5299: s3-shadow-copy2: Fix missing access check on
        snapdir.

   o  Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
      * BUG 11599: CVE-2015-5330: Fix remote read memory exploit in LDB.

   o  Stefan Metzmacher <metze@samba.org>
      * BUG 11536: CVE-2015-5296: Add man in the middle protection when forcing
        smb encryption on the client side.

Revision 1.14 / (download) - annotate - [select for diffs], Tue Dec 29 23:58:32 2015 UTC (6 years, 11 months ago) by wiz
Branch: MAIN
Changes since 1.13: +2 -2 lines
Diff to previous 1.13 (colored)

Update samba4 to 4.3.3.

                   =============================
                   Release Notes for Samba 4.3.3
                         December 16, 2015
                   =============================


This is a security release in order to address the following CVEs:

o  CVE-2015-3223 (Denial of service in Samba Active Directory
		  server)
o  CVE-2015-5252 (Insufficient symlink verification in smbd)
o  CVE-2015-5299 (Missing access control check in shadow copy
		  code)
o  CVE-2015-5296 (Samba client requesting encryption vulnerable
		  to downgrade attack)
o  CVE-2015-8467 (Denial of service attack against Windows
		  Active Directory server)
o  CVE-2015-5330 (Remote memory read in Samba LDAP server)

Please note that if building against a system libldb, the required
version has been bumped to ldb-1.1.24.  This is needed to ensure
we build against a system ldb library that contains the fixes
for CVE-2015-5330 and CVE-2015-3223.

=======
Details
=======

o  CVE-2015-3223:
   All versions of Samba from 4.0.0 to 4.3.2 inclusive (resp. all
   ldb versions up to 1.1.23 inclusive) are vulnerable to
   a denial of service attack in the samba daemon LDAP server.

   A malicious client can send packets that cause the LDAP server in the
   samba daemon process to become unresponsive, preventing the server
   from servicing any other requests.

   This flaw is not exploitable beyond causing the code to loop expending
   CPU resources.

o  CVE-2015-5252:
   All versions of Samba from 3.0.0 to 4.3.2 inclusive are vulnerable to
   a bug in symlink verification, which under certain circumstances could
   allow client access to files outside the exported share path.

   If a Samba share is configured with a path that shares a common path
   prefix with another directory on the file system, the smbd daemon may
   allow the client to follow a symlink pointing to a file or directory
   in that other directory, even if the share parameter "wide links" is
   set to "no" (the default).

o  CVE-2015-5299:
   All versions of Samba from 3.2.0 to 4.3.2 inclusive are vulnerable to
   a missing access control check in the vfs_shadow_copy2 module. When
   looking for the shadow copy directory under the share path the current
   accessing user should have DIRECTORY_LIST access rights in order to
   view the current snapshots.

   This was not being checked in the affected versions of Samba.

o  CVE-2015-5296:
   Versions of Samba from 3.2.0 to 4.3.2 inclusive do not ensure that
   signing is negotiated when creating an encrypted client connection to
   a server.

   Without this a man-in-the-middle attack could downgrade the connection
   and connect using the supplied credentials as an unsigned, unencrypted
   connection.

o  CVE-2015-8467:
   Samba, operating as an AD DC, is sometimes operated in a domain with a
   mix of Samba and Windows Active Directory Domain Controllers.

   All versions of Samba from 4.0.0 to 4.3.2 inclusive, when deployed as
   an AD DC in the same domain with Windows DCs, could be used to
   override the protection against the MS15-096 / CVE-2015-2535 security
   issue in Windows.

   Prior to MS16-096 it was possible to bypass the quota of machine
   accounts a non-administrative user could create.  Pure Samba domains
   are not impacted, as Samba does not implement the
   SeMachineAccountPrivilege functionality to allow non-administrator
   users to create new computer objects.

o  CVE-2015-5330:
   All versions of Samba from 4.0.0 to 4.3.2 inclusive (resp. all
   ldb versions up to 1.1.23 inclusive) are vulnerable to
   a remote memory read attack in the samba daemon LDAP server.

   A malicious client can send packets that cause the LDAP server in the
   samba daemon process to return heap memory beyond the length of the
   requested value.

   This memory may contain data that the client should not be allowed to
   see, allowing compromise of the server.

   The memory may either be returned to the client in an error string, or
   stored in the database by a suitabily privileged user.  If untrusted
   users can create objects in your database, please confirm that all DN
   and name attributes are reasonable.


Changes since 4.3.2:
--------------------

o  Andrew Bartlett <abartlet@samba.org>
   * BUG 11552: CVE-2015-8467: samdb: Match MS15-096 behaviour for
     userAccountControl.

o  Jeremy Allison <jra@samba.org>
   * BUG 11325: CVE-2015-3223: Fix LDAP \00 search expression attack DoS.
   * BUG 11395: CVE-2015-5252: Fix insufficient symlink verification (file
     access outside the share).
   * BUG 11529: CVE-2015-5299: s3-shadow-copy2: Fix missing access check on
     snapdir.

o  Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
   * BUG 11599: CVE-2015-5330: Fix remote read memory exploit in LDB.

o  Stefan Metzmacher <metze@samba.org>
   * BUG 11536: CVE-2015-5296: Add man in the middle protection when forcing
     smb encryption on the client side.

Revision 1.13 / (download) - annotate - [select for diffs], Fri Dec 18 15:03:35 2015 UTC (6 years, 11 months ago) by tnn
Branch: MAIN
CVS Tags: pkgsrc-2015Q4-base
Branch point for: pkgsrc-2015Q4
Changes since 1.12: +2 -2 lines
Diff to previous 1.12 (colored)

fix master site

Revision 1.12 / (download) - annotate - [select for diffs], Sun Dec 13 08:48:36 2015 UTC (6 years, 11 months ago) by wiz
Branch: MAIN
Changes since 1.11: +4 -5 lines
Diff to previous 1.11 (colored)

Update samba4 to 4.3.2.

While here, comment a patch.

Changes since 4.3.1:
--------------------

o   Michael Adam <obnox@samba.org>
    * BUG 11577: ctdb: Open the RO tracking db with perms 0600 instead of 0000.

o   Jeremy Allison <jra@samba.org>
    * BUG 11452: s3-smbd: Fix old DOS client doing wildcard delete - gives an
      attribute type of zero.
    * BUG 11565: auth: gensec: Fix a memory leak.
    * BUG 11566: lib: util: Make non-critical message a warning.
    * BUG 11589: s3: smbd: If EAs are turned off on a share don't allow an SMB2
      create containing them.
    * BUG 11615: s3: smbd: have_file_open_below() fails to enumerate open files
      below an open directory handle.

o   Ralph Boehme <slow@samba.org>
    * BUG 11562: s4:lib/messaging: Use correct path for names.tdb.
    * BUG 11564: async_req: Fix non-blocking connect().

o   Volker Lendecke <vl@samba.org>
    * BUG 11243: vfs_gpfs: Re-enable share modes.
    * BUG 11570: smbd: Send SMB2 oplock breaks unencrypted.
    * BUG 11612: winbind: Fix crash on invalid idmap configs.

o   YvanM <yvan.masson@openmailbox.org>
    * BUG 11584: manpage: Correct small typo error.

o   Stefan Metzmacher <metze@samba.org>
    * BUG 11327: dcerpc.idl: Accept invalid dcerpc_bind_nak pdus.
    * BUG 11581: s3:smb2_server: Make the logic of SMB2_CANCEL DLIST_REMOVE()
      clearer.

o   Marc Muehlfeld <mmuehlfeld@samba.org>
    * BUG 9912: Changing log level of two entries to DBG_NOTICE.
    * BUG 11581: s3-smbd: Fix use after issue in smbd_smb2_request_dispatch().

o   Noel Power <noel.power@suse.com>
    * BUG 11569: Fix winbindd crashes with samlogon for trusted domain user.
    * BUG 11597: Backport some valgrind fixes from upstream master.

o   Andreas Schneider <asn@samba.org
    * BUG 11563: Fix segfault of 'net ads (join|leave) -S INVALID' with
      nss_wins.

o   Tom Schulz <schulz@adi.com>
    * BUG 11511: Add libreplace dependency to texpect, fixes a linking error on
      Solaris.
    * BUG 11512: s4: Fix linking of 'smbtorture' on Solaris.

o   Uri Simchoni <uri@samba.org>
    * BUG 11608: auth: Consistent handling of well-known alias as primary gid.

Changes since 4.3.0:
--------------------

o   Jeremy Allison <jra@samba.org>
    * BUG 10252: s3: smbd: Fix our access-based enumeration on "hide unreadable"
      to match Windows.
    * BUG 10634: smbd: Fix file name buflen and padding in notify repsonse.
    * BUG 11486: s3: smbd: Fix mkdir race condition.
    * BUG 11522: s3: smbd: Fix opening/creating :stream files on the root share
      directory.
    * BUG 11535: s3: smbd: Fix NULL pointer bug introduced by previous 'raw'
    * stream fix (bug #11522).
    * BUG 11555: s3: lsa: lookup_name() logic for unqualified (no DOMAIN\
      component) names is incorrect.

o   Ralph Boehme <slow@samba.org>
    * BUG 11535: s3: smbd: Fix a crash in unix_convert().
    * BUG 11543: vfs_fruit: Return value of ad_pack in vfs_fruit.c.
    * BUG 11549: s3:locking: Initialize lease pointer in
      share_mode_traverse_fn().
    * BUG 11550: s3:smbstatus: Add stream name to share_entry_forall().
    * BUG 11555: s3:lib: Validate domain name in lookup_wellknown_name().

o   G√ľnther Deschner <gd@samba.org>
    * BUG 11038: kerberos: Make sure we only use prompter type when available.

o   Volker Lendecke <vl@samba.org>
    * BUG 11038: winbind: Fix 100% loop.
    * BUG 11053: source3/lib/msghdr.c: Fix compiling error on Solaris.

o   Stefan Metzmacher <metze@samba.org>
    * BUG 11316: s3:ctdbd_conn: make sure we destroy tevent_fd before closing
      the socket.
    * BUG 11515: s4:lib/messaging: Use 'msg.lock' and 'msg.sock' for messaging
      related subdirs.
    * BUG 11526: lib/param: Fix hiding of FLAG_SYNONYM values.

o   Björn Jacke <bj@sernet.de>
    * BUG 10365: nss_winbind: Fix hang on Solaris on big groups.
    * BUG 11355: build: Use as-needed linker flag also on OpenBSD.

o   Har Gagan Sahai <SHarGagan@novell.com>
    * BUG 11509: s3: dfs: Fix a crash when the dfs targets are disabled.

o   Andreas Schneider <asn@samba.org>
    * BUG 11502: pam_winbind: Fix a segfault if initialization fails.

o   Uri Simchoni <uri@samba.org>
    * BUG 11528: net: Fix a crash with 'net ads keytab create'.
    * BUG 11547: vfs_commit: set the fd on open before calling SMB_VFS_FSTAT.

Revision 1.11 / (download) - annotate - [select for diffs], Mon Sep 28 17:37:04 2015 UTC (7 years, 2 months ago) by ryoon
Branch: MAIN
Changes since 1.10: +2 -3 lines
Diff to previous 1.10 (colored)

Update to 4.3.0

Changelog:
                   =============================
                   Release Notes for Samba 4.3.0
                           September 8, 2015
                   =============================


This is the first stable release of Samba 4.3.


UPGRADING
=========

Read the "New FileChangeNotify subsystem" and "smb.conf changes" sections
(below).


NEW FEATURES
============

Logging
-------

The logging code now supports logging to multiple backends.  In
addition to the previously available syslog and file backends, the
backends for logging to the systemd-journal, lttng and gpfs have been
added. Please consult the section for the 'logging' parameter in the
smb.conf manpage for details.

Spotlight
---------

Support for Apple's Spotlight has been added by integrating with Gnome
Tracker.

For detailed instructions how to build and setup Samba for Spotlight,
please see the Samba wiki: <https://wiki.samba.org/index.php/Spotlight>

New FileChangeNotify subsystem
------------------------------

Samba now contains a new subsystem to do FileChangeNotify. The
previous system used a central database, notify_index.tdb, to store
all notification requests. In particular in a cluster this turned out
to be a major bottleneck, because some hot records need to be bounced
back and forth between nodes on every change event like a new created
file.

The new FileChangeNotify subsystem works with a central daemon per
node. Every FileChangeNotify request and every event are handled by an
asynchronous message from smbd to the notify daemon. The notify daemon
maintains a database of all FileChangeNotify requests in memory and
will distribute the notify events accordingly. This database is
asynchronously distributed in the cluster by the notify daemons.

The notify daemon is supposed to scale a lot better than the previous
implementation. The functional advantage is cross-node kernel change
notify: Files created via NFS will be seen by SMB clients on other
nodes per FileChangeNotify, despite the fact that popular cluster file
systems do not offer cross-node inotify.

Two changes to the configuration were required for this new subsystem:
The parameters "change notify" and "kernel change notify" are not
per-share anymore but must be set globally. So it is no longer
possible to enable or disable notify per share, the notify daemon has
no notion of a share, it only works on absolute paths.

New SMB profiling code
----------------------

The code for SMB (SMB1, SMB2 and SMB3) profiling uses a tdb instead
of sysv IPC shared memory. This avoids performance problems and NUMA
effects. The profile stats are a bit more detailed than before.

Improved DCERPC man in the middle detection for kerberos
--------------------------------------------------------

The gssapi based kerberos backends for gensec have support for
DCERPC header signing when using DCERPC_AUTH_LEVEL_PRIVACY.

SMB signing required in winbindd by default
-------------------------------------------

The effective value for "client signing" is required
by default for winbindd, if the primary domain uses active directory.

Experimental NTDB was removed
-----------------------------

The experimental NTDB library introduced in Samba 4.0 has been
removed again.

Improved support for trusted domains (as AD DC)
-----------------------------------------------

The support for trusted domains/forests has improved a lot.

samba-tool got "domain trust" subcommands to manage trusts:

  create      - Create a domain or forest trust.
  delete      - Delete a domain trust.
  list        - List domain trusts.
  namespaces  - Manage forest trust namespaces.
  show        - Show trusted domain details.
  validate    - Validate a domain trust.

External trusts between individual domains work in both ways
(inbound and outbound). The same applies to root domains of
a forest trust. The transitive routing into the other forest
is fully functional for kerberos, but not yet supported for NTLMSSP.

While a lot of things are working fine, there are currently a few limitations:

  - Both sides of the trust need to fully trust each other!
  - No SID filtering rules are applied at all!
  - This means DCs of domain A can grant domain admin rights
    in domain B.
  - It's not possible to add users/groups of a trusted domain
    into domain groups.

SMB 3.1.1 supported
-------------------

Both client and server have support for SMB 3.1.1 now.

This is the dialect introduced with Windows 10, it improves the secure
negotiation of SMB dialects and features.

There's also a new optinal encryption algorithm aes-gcm-128,
but for now this is only selected as fallback and aes-ccm-128
is preferred because of the better performance. This might change
in future versions when hardware encryption will be supported.
See https://bugzilla.samba.org/show_bug.cgi?id=11451.

New smbclient subcommands
-------------------------

  - Query a directory for change notifications: notify <dir name>
  - Server side copy: scopy <source filename> <destination filename>

New rpcclient subcommands
-------------------------

  netshareenumall 	- Enumerate all shares
  netsharegetinfo 	- Get Share Info
  netsharesetinfo 	- Set Share Info
  netsharesetdfsflags	- Set DFS flags
  netfileenum		- Enumerate open files
  netnamevalidate	- Validate sharename
  netfilegetsec		- Get File security
  netsessdel		- Delete Session
  netsessenum		- Enumerate Sessions
  netdiskenum		- Enumerate Disks
  netconnenum		- Enumerate Connections
  netshareadd		- Add share
  netsharedel		- Delete share

New modules
-----------

  idmap_script 		- see 'man 8 idmap_script'
  vfs_unityed_media	- see 'man 8 vfs_unityed_media'
  vfs_shell_snap	- see 'man 8 vfs_shell_snap'

New sparsely connected replia graph (Improved KCC)
--------------------------------------------------

The Knowledge Consistency Checker (KCC) maintains a replication graph
for DCs across an AD network. The existing Samba KCC uses a fully
connected graph, so that each DC replicates from all the others, which
does not scale well with large networks. In 4.3 there is an
experimental new KCC that creates a sparsely connected replication
graph and closely follows Microsoft's specification. It is turned off
by default. To use the new KCC, set "kccsrv:samba_kcc=true" in
smb.conf and let us know how it goes. You should consider doing this
if you are making a large new network. For small networks there is
little benefit and you can always switch over at a later date.

Configurable TLS protocol support, with better defaults
-------------------------------------------------------

The "tls priority" option can be used to change the supported TLS
protocols. The default is to disable SSLv3, which is no longer
considered secure.

Samba-tool now supports all 7 FSMO roles
-------------------------------------------------------

Previously "samba-tool fsmo" could only show, transfer or seize the
five well-known FSMO roles:

	Schema Master
	Domain Naming Master
	RID Master
	PDC Emulator
	Infrastructure Master

It can now also show, transfer or seize the DNS infrastructure roles:

	DomainDnsZones Infrastructure Master
	ForestDnsZones Infrastructure Master

CTDB logging changes
--------------------

The destination for CTDB logging is now set via a single new
configuration variable CTDB_LOGGING.  This replaces CTDB_LOGFILE and
CTDB_SYSLOG, which have both been removed.  See ctdbd.conf(5) for
details of CTDB_LOGGING.

CTDB no longer runs a separate logging daemon.

CTDB NFS support changes
------------------------

CTDB's NFS service management has been combined into a single 60.nfs
event script.  This updated 60.nfs script now uses a call-out to
interact with different NFS implementations.  See the CTDB_NFS_CALLOUT
option in the ctdbd.conf(5) manual page for details.  A default
call-out is provided to interact with the Linux kernel NFS
implementation.  The 60.ganesha event script has been removed - a
sample call-out is provided for NFS Ganesha, based on this script.

The method of configuring NFS RPC checks has been improved.  See
ctdb/config/nfs-checks.d/README for details.

Improved Cross-Compiling Support
--------------------------------

A new "hybrid" build configuration mode is added to improve
cross-compilation support.

A common challenge in cross-compilation is that of obtaining the results
of tests that have to run on the target, during the configuration
phase of the build. The Samba build system already supports the following
means to do so:

  - Executing configure tests using the --cross-execute parameter
  - Obtaining the results from an answers file using the --cross-answers
    parameter

The first method has the drawback of inaccurate results if the tests are
run using an emulator, or a need to be connected to a running target
while building, if the tests are to be run on an actual target. The
second method presents a challenge of figuring out the test results.

The new hybrid mode runs the tests and records the result in an answer file.
To activate this mode, use both --cross-execute and --cross-answers in the
same configure invocation. This mode can be activated once against a
running target, and then the generated answers file can be used in
subsequent builds.

Also supplied is an example script that can be used as the
cross-execute program. This script copies the test to a running target
and runs the test on the target, obtaining the result. The obtained
results are more accurate than running the test with an emulator, because
they reflect the exact kernel and system libraries that exist on the
target.

Improved Sparse File Support

Revision 1.10 / (download) - annotate - [select for diffs], Sun Aug 23 14:30:40 2015 UTC (7 years, 3 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2015Q3-base, pkgsrc-2015Q3
Changes since 1.9: +2 -2 lines
Diff to previous 1.9 (colored)

Bump PKGREVISION for nettle shlib major bump.

Revision 1.9 / (download) - annotate - [select for diffs], Fri Jun 26 16:09:49 2015 UTC (7 years, 5 months ago) by jperkin
Branch: MAIN
CVS Tags: pkgsrc-2015Q2-base, pkgsrc-2015Q2
Changes since 1.8: +4 -1 lines
Diff to previous 1.8 (colored)

Attempt to fix various build issues:

 - Explicitly disable samba-regedit for now, it is built depending on
   various curses characteristics that we do not currently support.

 - Avoid epoll implementation on SmartOS.

 - Pull in Active Directory and LDAP options from net/samba, LDAP support
   is dynamically configured and we need to ensure that, if enabled, we
   correctly pull in openldap.  The SunOS native LDAP is missing some TLS
   functions that Samba depends upon.

Tested with various PKG_OPTIONS combinations, fixes build on SmartOS.

Revision 1.8 / (download) - annotate - [select for diffs], Fri Jun 12 10:50:53 2015 UTC (7 years, 5 months ago) by wiz
Branch: MAIN
Changes since 1.7: +2 -2 lines
Diff to previous 1.7 (colored)

Recursive PKGREVISION bump for all packages mentioning 'perl',
having a PKGNAME of p5-*, or depending such a package,
for perl-5.22.0.

Revision 1.7 / (download) - annotate - [select for diffs], Tue May 26 15:17:56 2015 UTC (7 years, 6 months ago) by jperkin
Branch: MAIN
Changes since 1.6: +6 -2 lines
Diff to previous 1.6 (colored)

Move rc.d-specific MESSAGE file out of the way and only display if rc.d
is used.  Bump PKGREVISION.

Revision 1.6 / (download) - annotate - [select for diffs], Tue May 26 15:11:25 2015 UTC (7 years, 6 months ago) by jperkin
Branch: MAIN
Changes since 1.5: +9 -1 lines
Diff to previous 1.5 (colored)

Various changes to fix the build and install on SunOS.

Revision 1.5 / (download) - annotate - [select for diffs], Sun May 24 05:24:12 2015 UTC (7 years, 6 months ago) by spz
Branch: MAIN
Changes since 1.4: +4 -4 lines
Diff to previous 1.4 (colored)

make it build when MAKE_JOBS is not set

Revision 1.4 / (download) - annotate - [select for diffs], Sun May 17 15:47:01 2015 UTC (7 years, 6 months ago) by ryoon
Branch: MAIN
Changes since 1.3: +3 -3 lines
Diff to previous 1.3 (colored)

Bump PKGREVISION again.

* Change CACHE directory.

Revision 1.3 / (download) - annotate - [select for diffs], Sun May 17 13:46:27 2015 UTC (7 years, 6 months ago) by ryoon
Branch: MAIN
Changes since 1.2: +5 -1 lines
Diff to previous 1.2 (colored)

Bump PKGREVISION.

* Add py-expat dependency to fix build.
* Add knob for gettext.

Revision 1.2 / (download) - annotate - [select for diffs], Sun May 17 12:27:07 2015 UTC (7 years, 6 months ago) by ryoon
Branch: MAIN
Changes since 1.1: +2 -2 lines
Diff to previous 1.1 (colored)

Fix typo in comment.

Revision 1.1 / (download) - annotate - [select for diffs], Tue May 12 12:19:52 2015 UTC (7 years, 6 months ago) by ryoon
Branch: MAIN

Import samba-4.2.1 as net/samba4.

Samba is the standard Windows interoperability suite of programs
for Linux and Unix.

Samba is Free Software licensed under the GNU General Public License,
the Samba project is a member of the Software Freedom Conservancy.

Since 1992, Samba has provided secure, stable and fast file and
print services for all clients using the SMB/CIFS protocol, such
as all versions of DOS and Windows, OS/2, Linux and many others.

Samba is an important component to seamlessly integrate Linux/Unix
Servers and Desktops into Active Directory environments. It can
function both as a domain controller or as a regular domain member.

This package tracks 4.x branch release.

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.




CVSweb <webmaster@jp.NetBSD.org>