cleanup: Remove expired ports:

2022-03-31 security/revealrk: Deprecate, marked BROKEN on 12+ in 2018
2022-03-31 devel/apache-commons-modeler: Abandoned upstream, last release in
2013
2022-03-31 security/afl: Abandoned upstream, no new release since 2017. Please
consider using security/afl++ instead
2022-03-31 www/mod_line_edit: Abandoned upstream, last release in 2006, Apache
includes mod_sed
2022-03-31 www/myfaces: Unsupported by upstream, released in 2005
2022-03-31 www/mod_backtrace: Abandoned upstream in 2012 (version 2.0)
2022-03-31 security/base: Broken with PHP 7+, forked here
https://github.com/NathanGibbs3/BASE/
2022-03-31 security/find-zlib: Deprecated, no longer relevant
2022-03-31 security/razorback-clamavNugget: Abandonware, last release in 2012
and listed as alpha quality by upstream
2022-03-31 security/shimmer: Abandonware, last release in 2008
2022-03-31 security/kripp: Abandonware, upstream returns 404 and last release
was back in 2007
2022-03-31 security/ipfilter2dshield: Abandonware, no word of it on upstream web
site
2022-03-31 security/sha: Obsolete, we have tools in base

textproc/libxml2: bump all dependencies

This should make sure that all dependent ports will pick
up the new version commited with a13ec21cd733f67a9fc0dc00ab45268bdc236246

dns/bind911: Security update to 9.11.37.

Security:	CVE-2021-25220
MFH:		2022Q1
With hat:	secteam

dns/bind911: fix expiration date

Fix CONFLICTS entries of multiple ports

There have been lots of missing CONFLICTS_INSTALL entries, either
because conflicting ports were added without updating existing ports,
due to name changes of generated packages, due to mis-understanding
the format and semantics of the conflicts entries, or just due to
typoes in package names.

This patch is the result of a comparison of all files contained in
the official packages with each other. This comparison was based on
packages built with default options and may therefore have missed
further conflicts with optionally installed files.

Where possible, version numbers in conflicts entries have been
generalized, some times taking advantage of the fact that a port

dns/bind911: restore port

It is still in extended security mode, see
https://www.isc.org/blogs/bind-update-summer2021/

Reported by:	yasu

cleanup: Remove expired ports:

2021-10-31 devel/sdl_sge: Upstream no longer maintained
2021-12-31 net/appkonference: Outdated, depends on unsupported version of
net/asterisk
2021-12-31 dns/bind911: End of life, please migrate to a newer version of BIND9
2021-12-31 net/zebra: Abandoned upstream, last release in 2005. Consider
migrating to net/frr7 or net/bird2
2021-12-31 audio/osalp: Abandoned upstream, listed as beta and no new release
since 2008
2021-12-31 games/stransball2: Depends on expired devel/sdl_sge
2021-12-31 devel/rubygem-ruby-sdl-ffi: Depends on expired devel/sdl_sge
2021-12-31 devel/rubygem-rubygame: Depends on expired devel/sdl_sge
2021-12-31 devel/ruby-sdl: Depends on expired devel/sdl_sge
2021-12-31 games/magicmaze: Depends on expired devel/sdl_sge
2021-12-31 games/trophy: Depends on expired devel/clanlib1
2021-12-31 devel/clanlib1: Older than expired and removed devel/clanlib
2021-12-31 www/py-django31: Upgrade to Django 3.2+. Mainstream support ended
(April 6, 2021). Extended support ends December 2021. See
https://www.djangoproject.com/download/

dns/bind911: update to 9.11.36

MFH:		2021Q4
Security:	CVE-2021-25219

dns/bind911: update to 9.11.35

Changes:	https://downloads.isc.org/isc/bind9/9.11.35/RELEASE-NOTES-bind-9.11.35.html

dns/bind911: Update to 9.11.34

Changes:	https://downloads.isc.org/isc/bind9/9.11.34/RELEASE-NOTES-bind-9.11.34.html

dns/bind911: Fix redirect in WWW

dns/bind911: Update to 9.11.33.

Changes:	https://downloads.isc.org/isc/bind9/9.11.33/RELEASE-NOTES-bind-9.11.33.html

devel/protobuf-c: Bump PORTREVISION of dependent ports

Bump the PORTREVISION of ports that use protobuf-c and bake in the value
of PROTOBUF_C_VERSION*.
Sponsored by:	Farsight Security, Inc.

dns/bind911: Update to 9.11.32

Changes:
https://downloads.isc.org/isc/bind9/9.11.32/RELEASE-NOTES-bind-9.11.32.html

dns/bind911: Update to 9.11.31.

MFH:		2021Q2
Security:	CVE-2021-25214
Security:	CVE-2021-25215
Security:	CVE-2021-25216
Sponsored by:	Absolight

all: Remove all other $FreeBSD keywords.

Remove # $FreeBSD$ from Makefiles.

Update to BIND9 9.11.29.

Changes:
https://downloads.isc.org/isc/bind9/9.11.29/RELEASE-NOTES-bind-9.11.29.html

Update to 9.11.28

Security:	CVE-2020-8625

Update to 9.11.27

Update to 9.11.26.

Changes:
https://downloads.isc.org/isc/bind9/9.11.25/RELEASE-NOTES-bind-9.11.25.html

Fix BIND9 9.11.25's manpages.

Update to 9.11.25.

Changes:
https://downloads.isc.org/isc/bind9/9.11.25/RELEASE-NOTES-bind-9.11.25.html

Update to 9.11.24

Changes:	https://downloads.isc.org/isc/bind9/9.11.24/RELEASE-NOTES-bind-9.11.24.html

Update to 9.11.23.

MFH:		2020Q3 (bugfix)
Changes:	https://downloads.isc.org/isc/bind9/9.11.23/RELEASE-NOTES-bind-9.11.23.html

Add an option to use the DNS accept filter if available.

PR:		241613
Submitted by:	eugen

Enabled DNSTAP by default.

The ISC recommends having it by default (it is in the packages they
distribute) and the footprint of the dependecies is very small.

While there, cleanup plists.

PR:		237861
Reported by:	Greg Rivers

Update to 9.11.22.

MFH:		2020Q3 (security fix)
Security:	CVE-2020-8620, CVE-2020-8621, CVE-2020-8622,
		CVE-2020-8623, CVE-2020-8624

Fix rndc with LMDB 0.9.26+.

PR:		247950
Submitted by: 	delphij
Reportedy:	david isnic is
Obtained from:	https://gitlab.isc.org/isc-projects/bind9/-/issues/1976
MFH:		2020Q3 (not sure if needed)

Update to 9,11,21.

Changes:	https://downloads.isc.org/isc/bind9/9.11.21/RELEASE-NOTES-bind-9.11.21.html
MFH:		2020Q3 (bug fixes)

Update to 9.11.20.

MFH:		2020Q2
Security:	CVE-2020-8619
Submitted by:   mat (maintainer)

Bump PORTREVISION for devel/json-c json-c

Update to 9.11.19.

MFH:		2020Q2
Security:	CVE-2020-8616, CVE-2020-8617

Update to 9.11.18.

MFH:		2020Q2
Changes:	https://downloads.isc.org/isc/bind9/9.11.18/RELEASE-NOTES-bind-9.11.18.html

Update to 9.11.17.

Add forgotten CONFLICTS lines.

Update to 9.11.16.

Changes:	https://downloads.isc.org/isc/bind9/9.11.16/RELEASE-NOTES-bind-9.11.16.html

Update to 9.11.15.

Changes:	https://downloads.isc.org/isc/bind9/9.11.15/RELEASE-NOTES-bind-9.11.15.html

Fix build when devel/jsoncpp is installed.

PR:		243387
Submitted by:	dron kubstu ru

Add descriptions for the patches.

Update to 9.11.14.

Changes:	https://downloads.isc.org/isc/bind9/9.11.14/RELEASE-NOTES-bind-9.11.14.html

Update to 9.11.13.

MFH:		2019Q4
Security:	CVE-2019-6477

Update to 9.11.12.

Changes:	https://downloads.isc.org/isc/bind9/9.11.12/RELEASE-NOTES-bind-9.11.12.html

Drop the ipv6 virtual category for d* category as it is not relevant anymore

Update to 9.11.11.

While there, add back GEOIP support via the "new" libmaxminddb.

Changes:	https://downloads.isc.org/isc/bind9/9.11.11/RELEASE-NOTES-bind-9.11.11.html

Update to 9.11.10.

Update to 9.11.9.

Changes:	https://downloads.isc.org/isc/bind9/9.11.9/RELEASE-NOTES-bind-9.11.9.html

Make a note about expiration here.

Update to 9.11.8.

MFH:		2019Q2 (security blanket)
Security:	CVE-2019-6471

Convert BIND9's pkg-message files to UCL.

Fix build with DNSTAP enabled.

PR:		238036
Reported by:	Artyom Davidov

Update to 9.11.7.

Update to BIND9 9.11.6-P1.

MFH:		2019Q2
Security:	CVE-2018-5743

Remove conflicts from bind-tools and the server ports.

All servers now depend on the same bind-tools, from the latest BIND9
release.

Chase dependencies to make sure they now depend on the correct port.

Differential Revision:	https://reviews.freebsd.org/D19922

Make WITH_DEBUG actually build and be as helpful as possible.

Update WWW.

PR:		236196
Submitted by:	Leonid Nevecherya

Add BIND 9.14.0 first release candidate.

Update to 9.11.6.

Update to 9.11.5-P4.

MFH:		2019Q1 (blanket)
Security:	CVE-2018-5744 CVE-2018-5745 CVE-2019-6465

Update dns/libidn2 to 2.1.1

- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://gitlab.com/libidn/libidn2/blob/master/NEWS

Remove GeoIP-related options. Where possible, replace GeoIP 1 defaults
with GeoIP 2.

Also, as suggested by zi, add an UPDATING note about this.

Update dns/libidn2 to 2.1.0

- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://gitlab.com/libidn/libidn2/blob/master/NEWS

Update to 9.11.5-P1, 9.12.3-P1, 9.13.5.

While there:
- Don't disable symbol table generation when building WITH_DEBUG.
- Try and make sure nullfs can really be used in a more robustt and
  centralized way.
- Make sure all changes are sync'ed among all BIND9 ports.

Make sure gost is really disabled.

It may get picked up from the base OpenSSL and break startup.
While there, make sure the correct engines are used.

Reported by:	Kevin P. Neal (on ports@)

Remove GOST support from BIND9 9.11 and 9.12.

It was never (widely|really) used, and support for it has been dropped
in OpenSSL starting at 1.1, and BIND9 starting at 9.13.

PR:		231980
Reported by:	mfechner

Update to 9.11.5.

Update to 9.11.4-P2.

Switch to libidn2 for idn.

Update devel/json-c to 0.13.1

- Add my LOCAL to MASTER_SITES
- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://github.com/json-c/json-c/blob/master/ChangeLog
PR:		231007
Exp-run by:	antoine

Permit using allow-new-zones, LMDB, and a chrooted environment.

Fixes this obscure and not at all helpful message:
mdb_env_open of '_default.nzd' failed: No such file or directory

PR:		229125
Reported by:	Tomas Ciernik
MFH:		2018Q3

Update to 9.11.4-P1 and 9.12.2-P1.

Security:	CVE-2018-5740
Sponsored by:	Absolight

Update BIND9 ports to 9.11.4, 9.12.2 and 9.13.2.

Sponsored by:	Absolight

Include a patch to fix CVE-2018-5738 in all the BIND9 ports.

MFH:		2018Q2 (blanket)
Security:	CVE-2018-5738
Sponsored by:	Absolight

Move things around a bit to be more handbook compliant.

Sponsored by:	Absolight

Add BIND9 9.13.0.

The ISC changed their release model, they are now doing
odd-unstable/even-stable release numbering.  This is a development
version, consider it alpha/beta quality.  The next stable release will
be 9.14.0.

Changes:	https://kb.isc.org/article/AA-01612
Sponsored by:	Absolight

Add PY_FLAVOR to Python module dependencies.

Sponsored by:	Absolight

Fix build when LOCALBASE!=/usr/local.

PR:		227554
Submitted by:	John Hein
Sponsored by:	Absolight

Enable the FILTER_AAAA option by default, the feature was made non
optional in recent versions, so might as well do it in older ones.

PR:		226383
Sponsored by:	Absolight

Update BIND9 ports to 9.9.12, 9.10.7, 9.11.3 and 9.12.1.

Sponsored by:	Absolight

Teach named where its pid file should be by default, to be consistent
with the default configuration, rc script, man pages...

PR:		225687
Reported by:	John W. O'Brien
Sponsored by:	Absolight

Add a TCP_FASTOPEN option (default on) to allow not building it in. [1]

It is annoying because it outputs one line saying it cannot enable
TCP_FASTOPEN when the deamon starts.

While there, discover that FILTER_AAAA is always enabled in 9.12+ and no
longer an option, so remove it.

PR:		217288 [1] (based on)
Reported by:	doktornotor mailinator com
Sponsored by:	Absolight

Catch up with the conflicts lines in the BIND9 ports.

Sponsored by:	Absolight

Remove support for bind-tools from the BIND9 9.11 port.

Sponsored by:	Absolight

Update named.root.

Sponsored by:	People afraid of a nuclear holocaust.

Update BIND9* to 9.9.11-P1, 9.10.6-P1, 9.11.2-P1 and 9.12.0rc3

MFH:		2018Q1
Security:	CVE-2017-3145
Sponsored by:	Absolight

Add a TUNING_LARGE option.

https://kb.isc.org/article/AA-01314/0

Tunes certain compiled-in constants and default settings to
values better suited to large servers with 12/16GB+ of memory.
This can improve performance on such servers, but will consume
more memory and may degrade performance on smaller systems.

PR:		224859
Sponsored by:	Absolight

Fix altlog_proglist warning when it contains more than the named service.

PR:		224951
Submitted by:	Trix Farrar
Sponsored by:	Absolight

Update devel/json-c to 0.13

- Add TEST_TARGET
- While I'm here, fix shebang for net/opensips
- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://github.com/json-c/json-c/blob/master/ChangeLog
PR:		224675
Exp-run by:	antoine

Add an extra check to make sure syslogd is correctly configured when
using chroot.

Sponsored by:	Absolight

Add a symlink to named's session-keyfile.

Using nsupdate -l, and chroot was broken because nsupdate could not find
the keyfile by itself.

PR:		223403
Submitted by:	Harald Schmalzbauer
Sponsored by:	Absolight

Update license of ports using MPL (without version)

All ports now should use MPL[10|11|20] license.

Approved by:	portmgr (blanket)

Enable the PYTHON option by default, it brings a few interesting DNSSEC
tools.

Sponsored by:	Absolight

Install the mtree file as .sample to allow users to change them.

Sponsored by:	Absolight

Update BIND9 ports to 9.{9.11,10.6,11.2}.

Sponsored by:	Absolight

Update to 9.{9.10,10.5,11.1}-P3.

Sponsored by:	Absolight

Update to 9.{9.10,10.5,11.1}-P2.

Security:	CVE-2017-3142
Security:	CVE-2017-3143
Sponsored by:	Absolight

Update to 9.9.10-P1, 9.10.5-P1, 9.11.1-P1.

MFH:		2017Q2
Security:	CVE-2017-3140
Security:	CVE-2017-3141
Sponsored by:	Absolight

Remove special handling for testing and documentation domains, per RFC
6761 recommendations.

While there:
- Fix invalid syntax in sample slave config.
- Add a message about having syslogd working with BIND9 chroot.

PR:		217915
Reported by:	eserte12 yahoo de
Sponsored by:	Absolight

Update to 9.9.10, 9.10.5, 9.11.1 and 9.12 to latest snapshot.

While there:

Make it more maintainable by sorting stuff in the Makefile and removing
vestigial pre 10.3 things.

Refresh the root zone hints.

"Fix" the configuration section telling you to get some top level
zones from f.root-servers.net, which does not allow axfr any more. [1]

PR:		218656 [1]
Reported by:	Thomas Steen Rasmussen / Tykling [1]
MFH:		2017Q2
Sponsored by:	Absolight

Unbreak rndc calls when using non default rndc.key location.

PR:		218335
Sponsored by:	Absolight

Security update to 9.11.0P5.

Security:	c6861494-1ffb-11e7-934d-d05099c0ae8c
Approved by:	so
MFH:		2017Q2