Update editors/libreoffice-sq to version 5.2.5

[dports.git] / UPDATING

This file documents some of the problems you may encounter when upgrading
your ports.  We try our best to minimize these disruptions, but sometimes
they are unavoidable.

You should get into the habit of checking this file for changes each time
you update your ports collection, before attempting any port upgrades.

20170203:
  AFFECTS: users of security/libressl-devel
  AUTHOR: brnrd@FreeBSD.org

  The version 2.5.1 bumps the libcrypto, libssl and libtls shared library
  versions. You will have to rebuild all packages that depend on
  libressl-devel. Check the 20160811 libressl entry for more detailed
  guidance on rebuilding.

20170202:
  AFFECTS: users of www/uwsgi
  AUTHOR: feld@FreeBSD.org

  The previous disruptive changes to uwsgi for security have been remediated
  through creation of a dedicated uwsgi user/group and utilizing the
  uwsgi feature to set socket ownership. The uwsgi daemon by default now
  has the following properties:

  * Process runs as uwsgi user and group (UID/GID 165)
  * Socket mode is 660, still protecting unauthorized access from "other"
  * Socket ownership is www:www, restoring compatibility

20170130:
  AFFECTS: users of devel/ice, devel/py-ice, devel/php5-ice
  AUTHOR: grembo@FreeBSD.org

  Since __WORDSIZE as defined by <stdint.h> always reports 32 when using
  C++98/03 (unless __STDC_LIMIT_MACROS is set explictly), Ice 3.6.3 used
  "long long" for Int64 instead of "long" on 64-bit platforms by mistake.
  A workaround has been added in version 3.6.3_2 of these three ports,
  requiring to upgrade all of them at the same time and to rebuild all
  custom code that links against them.

20170129:
  AFFECTS: users of multimedia/motion
  AUTHOR: jhale@FreeBSD.org

  Version 3.x expected the configuration files to reside in:
        ${LOCALBASE}/etc
  Version 4.x expects the configuration files to reside in:
        ${LOCALBASE}/etc/motion
  This was unfortunately overlooked when the port was updated to 4.x, but it
  has now been fixed to install the default configuration file in the new
  location. The rc script now checks for motion.conf in the new location.

  While you may be able to simply copy your old motion.conf to the new location,
  it is recommended to review ${LOCALBASE}/etc/motion/motion.conf and make
  changes to it based on your old ${LOCALBASE}/etc/motion.conf as some options
  have been added and removed.

  Further, if you use motion with multiple cameras and have
  ${LOCALBASE}/etc/thread[0-9].conf files, they should be moved to
  ${LOCALBASE}/etc/motion as well. These files are deprecated and should be
  renamed to camera[0-9].conf and in motion.conf, lines like:
        thread /usr/local/etc/thread1.conf
  Should be converted to:
        camera /usr/local/etc/motion/camera1.conf

20170127:
  AFFECTS: users of www/uwsgi
  AUTHOR: feld@FreeBSD.org

  The default socket mode for uwsgi as 777 is a severe security concern.
  This has been remediated by changing the rc script to default to 600.
  The mode is configurable with rc.conf values: uwsgi_socket_mode="600"
  or for a profile named "www", uwsgi_www_socket_mode="600".

20170121:
  AFFECTS: users of security/tinc
  AUTHOR: dinoex@FreeBSD.org

  this version of tinc requires all nodes in the VPN to be linked with a
  version of OpenSSL or LibreSSL that supports the AES256 and SHA256
  algorithms.


20170120:
  AFFECTS: users of databases/mysql56-server
  AUTHOR: feld@FreeBSD.org

  databases/mysql56-server was updated to 5.6.35 which included backported
  rc script changes from the mysql57-server port. This broke mysql_optfile in
  rc.conf and also forced a sample my.cnf if none existed. MySQL has
  some parameters which cannot be changed after a database has been
  created, so this caused MySQL to fail to start.

  This change was reverted in mysql56-server-5.6.35_1

  An additional change was made in mysql56-server-5.6.35_2 to prevent
  automatic loading of a sample my.cnf which was causing issues for
  users who were running without a my.cnf.

20170117:
  AFFECTS: users of EoL'ed FreeBSD versions (<10.3, 11 prior to 11.0)
  AUTHOR: amdmi3@FreeBSD.org

  The ports system will now refuse to build anything if it's run on
  outdated system version. This protects users from unexpected build
  failures after code to support EoL'ed systems is removed from the
  tree. You may define ALLOW_UNSUPPORTED_SYSTEM to override this and
  allow builds, but no support will be provided in case of failures.

20170116:
  AFFECTS: users of java/wildfly10
  AUTHOR: olgeni@FreeBSD.org

  The java/wildfly10 port has been updated to 10.1.0. To complete the
  migration you must copy your existing configuration (directories
  "appclient", "standalone", and "domain") from /usr/local/wildfly-10.0.0
  to /usr/local/wildfly10.

20170115:
  AFFECTS: users of net-mgmt/librenms
  AUTHOR: dvl@FreeBSD.org

  The following is recommended for /var/db/mysql/my.cnf

  NOTE: these are global settings.  Please read this first:

  http://dev.mysql.com/doc/refman/5.7/en/sql-mode.html

  [mysqld]
  innodb_file_per_table=1
  sql-mode=""

20170109:
  AFFECTS: users of lang/ruby22
  AUTHOR: swills@FreeBSD.org

  The default ruby version has been updated from 2.2 to 2.3.

  If you compile your own ports you may keep 2.2 as the default version by
  adding the following lines to your /etc/make.conf file:

  #
  # Keep ruby 2.2 as default version
  #
  DEFAULT_VERSIONS+=ruby=2.2

  If you wish to update to the new default version, you need to first stop any
  software that uses ruby. Then, you will need to follow these steps, depending
  upon how you manage your system.

  If you use pkgng, simply upgrade:
  # pkg upgrade

  If you use portmaster, install new ruby, then rebuild all ports that depend
  on ruby:
  # portmaster -o lang/ruby23 lang/ruby22
  # portmaster -R -r ruby-2.3

  If you use portupgrade, install new ruby, then rebuild all ports that depend
  on ruby:

  # pkg delete -f ruby portupgrade
  # make -C /usr/ports/ports-mgmt/portupgrade install clean
  # pkg set -o lang/ruby22:lang/ruby23
  # portupgrade -x ruby-2.3.\* -fr lang/ruby23

20170102:
  AFFECTS: multimedia/ffmpeg
  AUTHOR: jbeich@FreeBSD.org

  OPTIMIZED_CFLAGS switched to only use vendor optimizations which
  means -ffast-math -fno-finite-math-only are no longer applied. If
  you did like the former behavior consider adding

      # multimedia/ffmpeg/Makefile.local
      OPTIMIZED_CFLAGS_CFLAGS += -ffast-math -fno-finite-math-only

  or

      # /etc/make.conf
      .if ${.CURDIR:M*/multimedia/ffmpeg}
      CFLAGS += -ffast-math -fno-finite-math-only
      .endif

20161230:
  AFFECTS: users of x11/xfce4-terminal
  AUTHOR: olivierd@FreeBSD.org

  The port has been updated to the latest stable version 0.8.2.
  Please, don't active the hidden 'MiscSlimTabs' option in
  ~/.config/xfce4/terminal/terminalrc, it requires Gtk+ > 3.20.

20161228:
  AFFECTS: users of multimedia/mlt
  AUTHOR: avilla@FreeBSD.org

  MLT Qt plugins have been moved to their own ports, mlt-qt4 and
  mlt-qt5. Please, uninstall multimedia/mlt before you update:

  # pkg delete mlt

20161227:
  AFFECTS: users of security/openvpn, security/openvpn-polarssl
  AUTHOR: Matthias Andree <mandree@FreeBSD.org>

  The OpenVPN ports have been updated to the new upstream release v2.4,
  and their predecessors preserved as openvpn23 and openvpn23-polarssl,
  respectively.  Note that for the new v2.4 release, the
  openvpn-polarssl port has been renamed to openvpn-mbedtls to match the
  upstream library's new name.

20161218:
  AFFECTS: users of www/nghttp2
  AUTHOR: sunpoet@FreeBSD.org

  nghttp2 has been split into 2 ports: www/libnghttp2 for core library and
  www/nghttp2 for the rest. Please uninstall nghttp2 before you update
  this port.

20161216:
  AFFECTS: mail/thunderbird, www/seamonkey
  AUTHOR: gecko@FreeBSD.org

  ENIGMAIL is no longer provided as part of the ports after upstream
  dropped binary components in 1.9. Go to Tools -> Add-ons Manager
  then type "enigmail" in the search box to install.

20161213:
  AFFECTS: users of devel/skalibs, lang/execline, sysutils/s6
  AUTHOR: Colin Booth <colin-ports@heliocat.net>

  skalibs has undergone a major version bump and compatibility is not
  guaranteed for software with a runtime dependency on
  libskarnet.so.2.3.9.0. This will not affect lang/execline or
  sysutils/s6 as those are statically linked against libskarnet.a.

  execline has undergone a major version bump and compatibility is not
  guaranteed for software with a runtime dependency on
  libexecline.so.2.1.4.5. This will not affect sysutils/s6 as all s6
  programs are statically linked against libexecline.a.

  s6 has undergone a major version bump and compatibility is not
  guaranteed for software with a runtime dependency on
  libs6.so.2.2.4.3. Additionally, s6-applyuidgid and s6-setuidgid
  have moved from $PREFIX/sbin to $PREFIX/bin. Any scripts calling
  those utilities that are not relying on $PATH resolution to find
  them will need to be rewritten.

20161207:
  AFFECTS: users of www/node
  AUTHOR: bradleythughes@fastmail.fm

  The www/node port has been updated to node.js v7.2.0, the latest
  upstream release. A new port, www/node6, has been created for the
  v6.x LTS branch. Users wanting to stay on v6.x can replace www/node
  with www/node6 with one of the following commands:

  # pkg set -o www/node:www/node6
    or
  # portmaster -o www/node6 www/node
    or
  # portupgrade -o www/node6 www/node

20161202:
  AFFECTS: Users of textproc/p5-Search-Elasticsearch
  AUTHOR: tj@FreeBSD.org

  As of the 5.01 release of ths package, the client libraries for older
  versions of Elasticsearch have started to be shipped seperately.  If you are
  using this library to access a none 5.X server you will need to install one of
  the textproc/p5-Search-Elasticsearch-Client-* ports.

20161126:
  AFFECTS: Users of security/gpgme-*
  AUTHOR: jhale@FreeBSD.org

  Gpgme has been updated to 1.8.0.
  With it comes the removal of libgpgme-pthread.so in favor of using
  libgpgme.so itself as the thread-safe library. Ports that may have
  linked to -lgpgme-pthread will now just link to -lgpgme. PORTREVISION
  has been bumped on all ports with a dependency on security/gpgme.

  The Python module provided by security/py-gpgme has been renamed
  from pyme3 to gpg, as well.

  Portmaster users:
      portmaster -r gpgme
  Portupgrade users:
      portupgrade -fr security/gpgme

20161121:
  AFFECTS: Users of graphics/tiff
  AUTHOR: antoine@FreeBSD.org

  The tiff port was updated to 4.0.7.
  The following tools are removed from this release: bmp2tiff, gif2tiff, ras2tiff, rgb2ycbcr and thumbnail.

20161116:
  AFFECTS: Users of sysutils/bareos-*
  AUTHOR: rand@iteris.com

  Bareos v1.6.x changed the configuration scheme, from one configuration
  file per Bareos component (file daemon, storage daemon, and director)
  to several configuration files, in several directories, for each
  component. See http://doc.bareos.org/master/html/bareos-manual-main-reference.html

  The new scheme will use all files named *.conf in the directory
  hierarchies for each component:

    /usr/local/etc/bareos/bareos-dir.d/
    /usr/local/etc/bareos/bareos-fd.d/
    /usr/local/etc/bareos/bareos-sd.d/

  To retain the old configuration scheme of one file per component add
  appropriate lines such as these to your /etc/rc.conf:

    bareos_dir_config="/usr/local/etc/bareos/bareos-dir.conf"
    bareos_fd_config="/usr/local/etc/bareos/bareos-fd.conf"
    bareos_sd_config="/usr/local/etc/bareos/bareos-sd.conf"

20161113:
  AFFECTS: users of devel/libosinfo
  AUTHOR: novel@FreeBSD.org

  The libosinfo port was separated into three different ports
  to follow the upstream split:

   - sysutils/osinfo-db-tools: contains the CLI tools
   - misc/osinfo-db: contains database with OS data
   - devel/libosinfo: the library

  As osinfo-db-tools now ships binaries that previously were
  part of libosinfo, it's required to delete the old libosinfo
  package to prevent conflict because of same files installation:

  # pkg delete libosinfo

  And then install the new version.

20161112:
  AFFECTS: users of security/heimdal
  AUTHOR: hrs@FreeBSD.org

  Heimdal in the base system and security/heimdal <= 1.5.3_6 use
  Berkeley DB to store principals into /var/heimdal/heimdal.db and
  the database format is version 3 by default.  On the other hand,
  security/heimdal 1.5.3_7 or newer use the newer version of
  Berkeley DB and the database format is version 9.
  These two versions are not compatible with each other.  If there is
  a mismatch between Heimdal utilities and its database format,
  you will get an error like the following:

  # /usr/local/sbin/kadmin -l dump
  BDB0641 __db_meta_setup: /var/heimdal/heimdal.db: unexpected file type or format
  kadmin: hdb_open: opening /var/heimdal/heimdal: Invalid argument

  This mismatch can occur in the following three cases:

  1. You used Heimdal in the base system and switch to use security/heimdal
     after creating /var/db/heimdal.db.

  2. You used security/heimdal >= 1.5.3_7 and switch to use one in the
     base system.

  3. You used security/heimdal < 1.5.3_7 and upgrade it to 1.5.3_7 or later.

  To fix this mismatch, you need to dump contents of heimdal.db and
  rebuild the database by using kadmin(8) utility.

  If you use Heimdal in the base system or older versions of
  security/heimdal, and plan to switch to use
  security/heimdal >= 1.5.3_7, execute the following command
  *after* creating a backup copy of /var/heimdal and installing
  security/heimdal:

  # /usr/bin/kadmin -l dump /var/heimdal/heimdal.db.dump
  # rm /var/heimdal/heimdal.db
  # /usr/local/sbin/kadmin -l load /var/heimdal/heimdal.db.dump
  # rm /var/heimdal/heimdal.db.dump

  The above example assumes security/heimdal is installed into
  /usr/local.  If your base system is compiled with WITHOUT_KERBEROS
  use the following instead:

  # db_dump185-5 /var/heimdal/heimdal.db | db_load-5 /var/heimdal/heimdal.db.new
  # chown 0600 /var/heimdal/heimdal.db.new
  # mv /var/heimdal/heimdal.db.new /var/heimdal/heimdal.db

  db_dump and db_load utilitites are installed by database/db5 as
  dependency of security/heimdal.

  If you want to switch from security/heimdal to Heimdal in the base
  system, use the following:

  # /usr/local/sbin/kadmin -l dump /var/heimdal/heimdal.db.dump
  # rm /var/heimdal/heimdal.db
  # /usr/bin/kadmin -l load /var/heimdal/heimdal.db.dump
  # rm /var/heimdal/heimdal.db.dump

20161105:
  AFFECTS: users of security/heimdal
  AUTHOR: hrs@FreeBSD.org

  kadmin(8) in heimdal-1.5.3_5 and prior did not create a database
  in /var/heimdal in Berkeley DB format which kdc(8) required.  This
  problem has been fixed in heimdal-1.5.3_6.

20161104:
  AFFECTS: users of mail/mu4e and mail/mu4e-maildirs
  AUTHOR: hrs@FreeBSD.org

  The package name of mail/mu4e* have been changed from mu4e* to
  mu4e*-emacsNN.  When upgrading the older versions, this change can
  cause the following error which prevents it from upgrading:

   pkg-static: mu4e-emacs25-0.9.16 conflicts with mu4e-0.9.16 (installs files into the same place).

  If this error occurs, please remove the old packages by using
  "pkg delete" manually:

   # pkg delete mu4e-0.9.16 mu4e-maildirs-0.8.20160126_1

20161103:
  AFFECTS: users of lang/perl5*
  AUTHOR: mat@FreeBSD.org

  The default Perl version has been switched to Perl 5.24.  If you are using
  binary packages to upgrade your system, you do not have anything to do, pkg
  upgrade will do the right thing.  For the other people, assuming you are
  migrating from 5.20 to 5.24, do:

  First, add to /etc/make.conf:

  DEFAULT_VERSIONS+=  perl5=5.24

  Portupgrade users:
        portupgrade -o lang/perl5.24 -f lang/perl5.20

          You can now remove the DEFAULT_VERSIONS line added earlier
          from /etc/make.conf

          Then you will need to rebuild everything that uses libperl.so, you
          can do so with:

        portupgrade -f `pkg shlib -qR libperl.so.5.20`

  Portmaster users:
        portmaster -o lang/perl5.24 lang/perl5.20

          You can now remove the DEFAULT_VERSIONS line added earlier
          from /etc/make.conf

          Then you will need to rebuild everything that uses libperl.so, you
          can do so with:

        portmaster -f `pkg shlib -qR libperl.so.5.20`

20161102:
  AFFECTS: users of security/acme-client
  AUTHOR: brnrd@FreeBSD.org

  The default configuration paths have changed from 'letsencrypt' to
  'acme'. Rename the directories used accordingly

        mv /usr/local/etc/letsencrypt /usr/local/etc/acme
        mv /usr/local/etc/ssl/letsencrypt /usr/local/etc/ssl/acme
        mv /usr/local/www/letsencrypt /usr/local/www/acme

  Check your scripts to ensure proper operation.

20161030:
  AFFECTS: users of mail/squirrelmail
  AUTHOR: adamw@FreeBSD.org

  For better php70 support, the squirrelmail port has switched from
  PEAR database access to PDO. If you are using squirrelmail with
  a database backend, you'll need to install a corresponding PDO
  database module, such as php56-pdo_sqlite.

20161030:
  AFFECTS: users of security/srm
  AUTHOR: rakuco@FreeBSD.org

  srm has been updated from 1.2.12 to 1.2.15. Since version 1.2.14,
  srm defaults to using its "simple" mode to overwrite files (one pass
  writing 0x00 to the files) instead of the 35-pass Gutmann method.

20161029:
  AFFECTS: users of irc/quassel
  AUTHOR: woodsb02@freebsd.org

  Quassel is now split into two ports / packages; one for providing
  the server backend (irc/quassel-core), and one for providing the
  client front-end (irc/quassel). Alternatively, the irc/quassel
  port can be built with the MONO option enabled to also install
  the client and server combined into a single monolithic binary.

20161028:
  AFFECTS: users of security/openssl and security/openssl-devel
  AUTHOR: brnrd@freebsd.org

  The shared library versions of OpenSSL have been bumped to avoid
  issues with ports' and base's OpenSSL not being binary compatible.

  Please rebuild all ports that depend on OpenSSL if you use OpenSSL
  from ports.

  If you use portmaster:
        portmaster -r openssl
  If you use portupgrade:
        portupgrade -fr security/openssl

20161026:
  AFFECTS: users of net-p2p/deluge
  AUTHOR: rm@FreeBSD.org

  Deluge port has been split out onto CLI part and GUI part. So if user
  only needs deluged, net-p2p/deluge-cli should be installed. For full
  deluge installation, including GTK+ GUI client, net-p2p/deluge should
  be installed as a usual.

  Old deluge package should be removed manually first:

  # pkg delete deluge

  After that install preferred deluge package as usual.

20161018:
  AFFECTS: users of x11/xfce4-terminal
  AUTHOR: olivierd@FreeBSD.org

  The port has been updated to the latest stable version 0.8.0.
  A warning appears each time we open new tab:

  Gtk-WARNING **: gtk_widget_size_allocate(): attempt to allocate
  widget with...

  This issue will disappear with Gtk > 3.21.

20161014:
  AFFECTS: users of lang/python3
  AUTHOR: antoine@FreeBSD.org

  The default version of python3 has changed from 3.4 to 3.5.
  If you wish to stick with older version, add "python3=3.4" to your
  DEFAULT_VERSIONS variable in /etc/make.conf.  To upgrade:

  If using portupgrade:
  # portupgrade -o lang/python35 lang/python34

  If using portmaster:
  # portmaster -o lang/python35 lang/python34

20161011:
  AFFECTS: Users of net-im/ejabberd
  AUTHOR: ashish@FreeBSD.org

  Before upgrading ejabberd to 16.09, please make sure to backup your
  ejabberd data using:

     % sudo -u ejabberd -H ejabberdctl backup /path/to/backup/file

  In some cases, ejabberd may fail to start, for which a workaround is to
  remove the schema.DAT file from /var/spool/ejabberd before starting, and
  then restoring everything from the backup using:

     % sudo -u ejabberd -H ejabberdctl restore /path/to/backup/file

  For more details:

  https://github.com/processone/ejabberd/issues/1305

20161005:
  AFFECTS: Users of audio/squeezeboxserver (now audio/logitechmediaserver)
  AUTHOR: woodsb02@FreeBSD.org

  With the rename of the audio/squeezeboxserver port to
  audio/logitechmediaserver, the server and database are now installed in
  different locations by default (/usr/local/share/logitechmediaserver and
  /var/db/logitechmediaserver respectively).

  If you were an existing user of audio/squeezeboxserver, you should
  consider backing up you server configuration files and database before
  upgrading to audio/logitechmediaserver. If you wish to override the
  default locations for storing the server and database, you can set the
  SLIMDIR and SLIMDBDIR variables in your /etc/make.conf when building
  the audio/logitechmediaserver port.

20161004:
  AFFECTS: mail/roundcube-carddav
  AUTHOR:  gahr@FreeBSD.org

  There is no upgrade path from the 1.0 version. You'll need to:

  1. Log off from Roundcube.
  2. Manually drop all carddav_* tables from your db backend.
  3. Upgrade the mail/roundcube-carddav port.

  The new tables will be created upon login. The CardDAV plugin will need to be
  reconfigured.

  If you are running php < 7.0.0, you'll need to set the plugin option:
  $prefs['_GLOBAL']['suppress_version_warning'] = true;

  See https://github.com/blind-coder/rcmcarddav/issues/165 for details.

20160927:
  AFFECTS: emulators/ppsspp
  AUTHOR:  jbeich@FreeBSD.org

  Qt* GUI was split into separate ports:

      emulators/ppsspp-qt4
      emulators/ppsspp-qt5

20160927:
  AFFECTS: sysutils/android-file-transfer
  AUTHOR:  jbeich@FreeBSD.org

  Qt* GUI was split into separate ports:

      sysutils/android-file-transfer-qt4
      sysutils/android-file-transfer-qt5

20160922:
  AFFECTS: users of databases/pglogical, databases/pglogical-output
  AUTHOR:  matthew@FreeBSD.org

  As of version 1.2.0, databases/pglogical-output has been merged into
  databases/pglogical.  portmaster or portupgrade users should delete
  pglogical-output manually before upgrading.

20160921:
  AFFECTS: users of mail/sieve-connect
  AUTHOR: alexey@renatasystems.org

  Version 0.88 contains two breaking changes:
  1.  If the Sieve server does not offer STARTTLS, then connections should now
      fail.
  2.  When deriving a remote script name from the local filename, use the
      basename and strip off directories.

  For additional information see:
  http://mail.globnix.net/pipermail/sieve-connect-announce/2016/000012.html

20160919:
  AFFECTS: users of net/vtun
  AUTHOR: cy@FreeBSD.org

  The VTUN_EXTENDED_MODE option has been replaced by -e command line
  option.

20160914:
  AFFECTS: users of www/nginx-devel
  AUTHOR: osa@FreeBSD.org

  Nginx now creates logs under /var/log/nginx/ and changes default log
  names from "nginx-access.log" and "nginx-error.log" to "access.log" and
  "error.log" respectively.  This is important for the error log because
  the location is encoded and touched by nginx during startup regardless
  of the configured location for the error log.

  See http://trac.nginx.org/nginx/ticket/147 for additional information
  on why this happens.

20160914:
  AFFECTS: users of deskutils/xfce4-volumed-pulse
  AUTHOR: olivierd@FreeBSD.org

  The port has been updated to the latest stable version 0.2.2.
  Support of xfce4-mixer has been removed, so you can delete
  its properties with the following command:

  xfconf-query -c xfce4-mixer -p / -rR

20160910:
  AFFECTS: users of security/letsencrypt.sh
  AUTHOR: riggs@FreeBSD.org

  The config filename has been changed upstream from "config.sh"
  to "config". Users must rename the current config file manually.
  In addition, the default WELLKNOWN location has been changed to
  %%PREFIX%%/www/letsencrypt. In order to use the previous default
  location, the config file must be updated manually as well.

20160907:
  AFFECTS: users of math/galculator
  AUTHOR: woodsb02@FreeBSD.org

  galculator now uses GTK3 by default. An option exists in the port to revert
  to GTK2 if desired.

20160906:
  AFFECTS: uses of www/nginx
  AUTHOR: marino@FreeBSD.org

  Nginx now creates logs under /var/log/nginx/ and changes default log
  names from "nginx-access.log" and "nginx-error.log" to "access.log" and
  "error.log" respectively.  This is important for the error log because
  the location is encoded and touched by nginx during startup regardless
  of the configured location for the error log.

  See http://trac.nginx.org/nginx/ticket/147 for additional information
  on why this happens.

20160905:
  AFFECTS: users of databases/postgresql96-server
  AUTHOR: girgen@FreeBSD.org

  The default unix user used by the PostgreSQL daemon has changed to
  `postgres' to reflect the long time upstream's convention. Any scripts
  you have using the old `pgsql' unix user should be modified when upgrading to
  PostgreSQL version 9.6. Older versions of PostgreSQL will continue using
  `pgsql' until their end-of-life.

  For users with UTF-8 locales in the database: The ICU patch is *activated by
  default* for the PostgreSQL-9.6 server. For previous versions it was optional
  and default off, but this has changed. Please read the entry here below from
  20160811 and understand the consequences of changing between ICU and system
  locale for database collation (short version: don't). pg_upgrade requires the
  collation method to be the same (or a reindex), while pg_dump/restore does not.

  Also, the default home directory for the postgres user is now
  /var/db/postgres, and the default data directory for PostgreSQL 9.6 is
  /var/db/postgres/data96.

20160829:
  AFFECTS: users of x11/nvidia-driver
  AUTHOR: cem@FreeBSD.org

  The NVidia driver has been updated to version 367.35.  Starting with
  version 358.09, new kernel module was added, nvidia-modeset.ko.  This
  new driver component works in conjunction with the nvidia.ko kernel
  module to program the display engine of the GPU.

  Users that experience hangs when starting X11 server, or observe

        (II) NVIDIA(0): Validated MetaModes:
        (II) NVIDIA(0):     "NULL"

  messages in their /var/log/Xorg.0.log file should replace ``nvidia''
  with ``nvidia-modeset'' in /boot/loader.conf or /etc/rc.conf files,
  depending on how they prefer to load NVidia driver kernel module.

20160829:
  AFFECTS: users of security/sshguard
  AUTHOR: feld@FreeBSD.org

  Sshguard has been updated to 1.7.0. There have been several changes to
  this release. Notably the hosts and ipfilter backends are no longer
  supported. If you need these backends to be supported and you missed
  the survey sent out by upstream I urge you to contact upstream.

  The hosts backend was previously served by security/sshguard directly.
  The additional backends were slave ports with package name suffixes. I
  have opted to keep the master/slave port relationship but not choose a
  specific backend for security/sshguard. Instead it is now a metaport
  which will prompt you for which backend you prefer. If no backend is
  configured it will depend on security/sshguard-ipfw, which is the
  native FreeBSD firewall. This my be surprising to users who depended
  on security/sshguard which only provided hosts/TCP Wrappers blocking,
  but there is no replacement at this time.

  I would also like to document that sshguard no longer accepts the -e
  argument which allowed external scripts to run when sshguard finds a
  match. As a result the null backend can no longer be used to create
  custom blocking functionality; it only serves as a detection backend.

  If the removed backends return due to user demand they will be added
  as slave ports for consistency. I apologize for any inconvenience and
  lack of notice on the deprecation of these features.

20160815:
  AFFECTS: users of mail/rspamd*
  AUTHOR: vsevolod@FreeBSD.org

  Rspamd users should update Rspamd to 1.3.3 version as soon as possible
  and ensure that '/usr/local/etc/rspamd/module.d/fuzzy_check.conf` has
  the line `algorithm = "mumhash";` for the "rspamd.com" rule. The more
  detailed information could be found on
  https://rspamd.com/announce/2016/08/15/rspamd-1.3.3.html

20160815:
  AFFECTS: users of dns/powerdns*
  AUTHOR: junovitch@FreeBSD.org

  PowerDNS Authoritative Server and Recursor 4.0.0+ introduce significant
  changes to the configuration files, which need to be handled before
  restarting the services. As from the Recursor changelog, "The Lua hook
  infrastructure was redone using LuaWrapper; old scripts will no longer
  work, but new scripts are easier to write under the new interface."

20160811:
  AFFECTS: users of security/libressl
  AUTHOR: brnrd@FreeBSD.org

  The port has been updated to the latest stable version 2.4 of LibreSSL.
  The shared library versions of the libraries have been bumped.
  With this update, the patch for the OPENSSL_VERSION_NUMBER has been
  removed. This causes issues with a number of ports. Patches for all
  ports for which this issues is known can be found on
  https://wiki.freebsd.org/LibreSSL/Ports#OPENSSL_VERSION_NUMBER

  After upgrading, manually update all packages that depend on any of the
  libraries provided by LibreSSL (libssl, libcrypto and libtls) since the
  versions of these libraries have changed. Normally, you can obtain the
  list of dependent software by running the following command:

  # pkg info -r libressl

  Then you should rebuild all ports depending on libressl to avoid dangling
  shared library dependencies. Poudriere and pkg handle this correctly,
  portmaster and portupgrade users can use the following to rebuild all
  dependent ports.

  Portmaster users:
      portmaster -r libressl
  Portupgrade users:
      portupgrade -fr security/libressl

20160811:
  AFFECTS: users of databases/postgresqlNN-server with ICU patch
  AUTHOR: girgen@FreeBSD.org

  The ICU patch is added to the PostgreSQL-9.5 server. Please note that you
  must never change between using the ICU patch and using system locale for
  the same database cluster without REINDEXing all TEXT/VARCHAR columns, or
  dump and restore your database. Failing to do so will result in corrupted
  indexes due to the differences between the locale definitions. ICU will
  always be the better choice for speed and correctness.

  Also, the ICU patch used to support other Unicode encodings than UTF-8,
  but that has been removed due to lack of demand and the complicated testing
  required. If you use another Unicode encoding and rely on ICU for collation,
  please refrain from upgrading the postgresql server and instead contact the
  author named above.

20160722:
  AFFECTS: users of emulators/virtualbox-ose
  AUTHOR: jkim@FreeBSD.org

  VirtualBox has been updated to 5.0.26 and it is incompatible with old
  kernel modules.  You should upgrade emulators/virtualbox-ose-kmod and
  load new kernel modules before starting new version, e.g.,

  # service vboxnet restart

20160722:
  AFFECTS: users of games/stonesoup-*
  AUTHOR: lifanov@mail.lifanov.com

  The WIZARD option has been renamed to NOWIZARD and is now an opt-out to
  better reflect the upstream. If you run a shared game server and would
  like the Wizard mode support disabled, please update port options.

20160718:
  AFFECTS: users of www/awstats
  AUTHOR: adamw@FreeBSD.org

  The directory containing icons has changed from ".../icons" to ".../icon".
  awstats has, in its suggested configuration file, contained an alias
  from /awstatsicons. After applying the awstats-7.5 update, you must
  update that alias to point to /usr/local/www/awstats/icon (just remove
  the "s" at the end).

20160708:
  AFFECTS: users of sysutils/screen
  AUTHOR: cy@FreeBSD.org

  GNU Screen was updated to version 4.4.0 (r417201).  Note that there was
  fix to screen message structure field responsible for $TERM handling,
  making it impossible to attach to older versions.

20160704:
  AFFECTS: users of databases/mysql57-*
  AUTHOR: riggs@FreeBSD.org

  The default location for my.cnf has changed from "/var/db/mysql/my.cnf"
  to "/usr/local/etc/mysql/my.cnf". Existing my.cnf files must be merged
  manually with the new default and moved to the new location. To
  continue using the my.cnf file at the old location, set "mysql_optfile"
  in /etc/rc.conf to point to the location of the existing my.cnf file.

20160701:
  AFFECTS: users of www/node5
  AUTHOR: bradleythughes@fastmail.fm

  Node.js v5.x has reached end of life and has been removed. Users that
  have not yet moved to v6.x should do so now by switching to the www/node
  port.

20160627:
  AFFECTS: users of sysutils/rsyslog7
  AUTHOR: brd@FreeBSD.org

  Rsyslog 7.x has reached end of life status and is being marked as
  depreciated.  Rsyslog 8 has been made the default.

20160626:
  AFFECTS: users of www/calendarserver
  AUTHOR: pi@FreeBSD.org

  Please note that updating from the previous version (5.1) to the current
  version (8.0) requires manual steps. Please consult the pkg-message for
  details.

20160624:
  AFFECTS: users of shells/zsh
  AUTHOR: adamw@FreeBSD.org

  zsh now looks for system-wide conf files in ${PREFIX}/etc, instead of
  /etc. If you have files like zshrc, zshenv, zprofile, zlogin, or zlogout
  in /etc, either move them to /usr/local/etc or rebuild zsh with the
  ETCDIR option on.

  Note that this change only affects system-wide conf files, which are not
  installed or created by a default installation.

20160621:
  AFFECTS: users of www/redmine
  AUTHOR: tz@FreeBSD.org

  Redmine was updated from 2.6.9 to 3.2.3. Since this an update over
  major versions be careful with your update.
  For further update instructions please have a look at:
  https://www.redmine.org/projects/redmine/wiki/RedmineUpgrade

20160621:
  AFFECTS: users of ftp/wget
  AUTHOR: vd@FreeBSD.org

  Wget 1.18 fixes a security vulnerability (CVE-2016-4971) and the fix
  introduces a backward-incompatibility for HTTP->FTP redirects. Any script that
  relies on the old behaviour must use --trust-server-names in order to trust
  the HTTP response and redirect to the new filename.

20160619:
  AFFECTS: users of databases/py-apsw
  AUTHOR: rm@FreeBSD.org

  SQLite 3.12 completely changed the semantics of VFS.xGetLastError() in an
  incompatible way. This required a rewrite of the relevant C, Python and test
  code. If you implement or use this method then you have to rewrite your code
  too. Also note that running the test suite from an earlier version of APSW
  against this or future SQLite versions will result in consuming all memory,
  swap or address space (an underlying integer changed meaning).

20160616:
  AFFECTS: users of security/openssl*, security/libressl*
  AUTHOR: mat@FreeBSD.org

  Previously, to tell the ports tree, you needed to set:

  WITH_OPENSSL_PORT=yes

  And if you wanted a port that was not security/openssl, you needed to add,
  for example:

  OPENSSL_PORT= security/libressl

  Now, all you need to do is:

  DEFAULT_VERSIONS+=  ssl=libressl

  Valid values are base, openssl, openssl-devel, libressl, and libressl-devel.

20160614:
  AFFECTS: users of www/node, www/node5, and www/node4
  AUTHOR: adamw@FreeBSD.org

  node now prefers a few libraries from ports to the versions bundled
  with node. However, node cannot use the libssl from LibreSSL. If you
  are using LibreSSL as your SSL provider, you must enable the
  "BUNDLED_SSL" option when building node.

20160611:
  AFFECTS: users of textproc/xmlroff
  AUTHOR: hrs@FreeBSD.org

  The library part of xmlroff has been separated into textproc/libfo.
  Remove the installed xmlroff first when upgrading it because older
  xmlroff than 0.6.2_6 have files which libfo installs.  A typical
  error message is the following:

  pkg-static: libfo-0.6.2 conflicts with xmlroff-0.6.2_5 (installs files into the same place).  Problematic file: /usr/local/include/libfo-0.6/libfo/area/fo-area.h

20160610:
  AFFECTS: users of databases/postgresql-repmgr
  AUTHOR: bofh@FreeBSD.org

  The port has been repocopied to databases/postgresql-repmgr2 and current
  post has been updated to 3.x series. If anyone is still looking forward
  to use the 2.x please upgrade as following.

  # portmaster -o databases/postgresql-repmgr2 databases/postgresql-repmgr
    or
  # portupgrade -o databases/postgresql-repmgr2 databases/postgresql-repmgr

  Otherwise if you want to move on with 3.x series just use

  # portmaster -r databases/postgresql-repmgr
    or
  # portupgrade -fr databases/postgresql-repmgr

20160605:
  AFFECTS: users of www/h2o
  AUTHOR: junovitch@FreeBSD.org

  File paths no longer have a trailing / appended to them. This enables
  directing specific paths to a file but may break existing configurations.
  Refer to https://h2o.examp1e.net/configure/file_directives.html and
  revise your yaml config appropriately.

20160601:
  AFFECTS: users of security/libressl-devel
  AUTHOR: brnrd@FreeBSD.org

  The port has been updated to the latest "unstable" version of LibreSSL.
  The shared library versions of the libraries have been bumped.
  With this update, the patch for the OPENSSL_VERSION_NUMBER has been
  removed. This causes issues with a number of ports. Patches for many of
  these issues can be found on
  https://wiki.freebsd.org/LibreSSL/Ports#OPENSSL_VERSION_NUMBER

  After upgrading to 2.4.0, manually update all packages that depend on
  any of the libraries provided by LibreSSL (libssl, libcrypto and
  libtls) since the versions of these libraries have changed. Normally,
  you can obtain the list of dependent software by running the following
  command:

  # pkg info -r libressl-devel

  Then you should rebuild all ports depending on libressl-devel to avoid
  dangling shared library dependencies. Poudriere and pkg handle this
  correctly, portmaster and portupgrade users can use the following to
  rebuild all dependent ports.

  Portmaster users:
      portmaster -r libressl-devel
  Portupgrade users:
      portupgrade -fr security/libressl-devel

20160527:
  AFFECTS: users of mail/opensmtpd-extras (any of them)
  AUTHOR: adamw@FreeBSD.org

  The invocation for extras has changed. Some extras might fail unless
  you pass all options/arguments separated by quotes:

      filter myfilter dnsbl "-c /var/chroot/dnsbl" "-h my.dnsbl.com"

  Additionally, extras now run in a chroot. Either pass "-C" to skip the
  chroot entirely (not recommended), or put all required config files,
  resolv.conf, and external binaries into the chroot. For example:

      # mkdir -p /var/chroot/dnsbl/etc
      # cp /etc/resolv.conf /var/chroot/dnsbl/etc

      And pass "-c /var/chroot/dnsbl" to the filter.

20160526:
  AFFECTS: users of mail/opensmtpd
  AUTHOR: brnrd@FreeBSD.org

  Due to changes to the rc-script you must stop smtpd prior to upgrading
  mail/opensmtpd to version 5.9.2

  # service smtpd stop

  Then upgrade OpenSMTPD to version 5.9.2.
  Additionally version 5.9.2 changes the file mode bits for two directories.
  To allow existing installations to start successfully you must apply the
  following changes

  # chown -R root:_smtpq /var/spool/smtpd/offline
  # chmod -R 770 /var/spool/smtpd/offline
  # chmod -R 700 /var/spool/smtpd/purge

  After applying the changes, the smtpd daemon can successfully be started.

20160525:
  AFFECTS: users of devel/qtcreator
  AUTHOR: nolden@kde.org

  QBS (Qt Build System) was previously shipped as part of qtcreator, now
  it is independently available as devel/qbs. However, on upgrading
  qtcreator to 3.6.1, the depends will detect qbs through a previously
  installed qtcreator port and will not build/install correctly
  (devel/qbs won't be installed automatically as depends)

  The solution is to pkg remove qtcreator, then building works correctly.

20160523:
  AFFECTS: users of databases/db6
  AUTHOR: mandree@FreeBSD.org

  The databases/db6 port has been updated to release 6.2.23.

  This requires manual action in two places:
    1. dependent applications need to be recompiled,
    2. SQL databases, if any, need to be reindexed.

  To obtain a list of ports needing a recompilation,
  the following command should provide it:

  # pkg info -r db6

  Then rebuild db6 and the dependent ports.  For pkg users, this should
  be transparent.

  Portmaster users:
  #  portmaster -r databases/db6
  Portupgrade users:
  #  portupgrade -fr databases/db6

  In order to reindex SQL databases, a db6-upgrade61.sh script is
  provided in ${PREFIX}/bin, if and only if the port's SQL option is
  enabled.  For detailed reindexing instructions, see
  http://docs.oracle.com/cd/E17076_05/html/installation/sqlite_ver61.html
  and note that the FreeBSD port installs the upgrade61.sh script with a
  db6- prefix that you need to add.

20160511:
  AFFECTS: users of audio/clementine-player
  AUTHOR: sbruno@FreeBSD.org

  The audio/clementine-player port has been updated to v1.3.1, the latest
  upstream release.  The music database code now has a hard dependency on
  databases/sqlite having the FTS3_TOKENIZER option enabled.  This has
  been made the default option in databases/sqlite.

  Without this option, clementine-player will crash on startup.

20160510:
  AFFECTS: users of biology/seqan
  AUTHOR: junovitch@FreeBSD.org

  The biology/seqan port has been split into biology/seqan (only the
  library) and biology/seqan-apps for the programs based on SeqAn. Both
  ports are based on version 2.1.1 of the SeqAn repository. There is a new
  biology/seqan1 port with version 1.3 of SeqAn for backwards compatibility,
  but this port will likely be deprecated in the next year so please update
  your software to SeqAn2.

20160505:
  AFFECTS: users of www/node
  AUTHOR: bradleythughes@fastmail.fm

  The www/node port has been updated to node.js v6.0.0, the latest
  upstream release. Users of node.js v5.x are encouraged to upgrade as
  soon as possible, as upstream support will end two months from now.

  The www/node5 port has been created to aid users transition. Use one of
  the following commands to continue using node.js v5.x:

  # pkg install node5
    or
  # portmaster -o www/node5 www/node
    or
  # portupgrade -o www/node5 www/node

20160503:
  AFFECTS: users of security/libressl
  AUTHOR: brnrd@FreeBSD.org

  LibreSSL 2.3 has removed SSLv3 support completely which leads to issues
  with a number of ports. Patches for many of these issues can be found
  on https://wiki.freebsd.org/OpenSSL/No-SSLv3

  After upgrading to 2.3.4, manually update all packages that depend on
  any of the libraries provided by LibreSSL (libssl, libcrypto and
  libtls) since the versions of these libraries have changed. Normally,
  you can obtain the list of dependent software by running the following
  command:

  # pkg info -r libressl

  Then you should rebuild all ports depending on libressl to avoid dangling
  shared library dependencies. Poudriere and pkg handle this correctly,
  portmaster and portupgrade users can use the following to rebuild all
  dependent ports.

  Portmaster users:
      portmaster -r libressl
  Portupgrade users:
      portupgrade -fr security/libressl

20160501:
  AFFECTS: users of mail/dspam
  AUTHOR: junovitch@FreeBSD.org

  dspam has been modified to no longer run as root:mail by default.
  Existing configuration must be adjusted to reflect using a non-privileged
  port and the /var/run/dspam directory for PID and socket files.  If you
  need dspam to run as root for your mail setup, you can use the SETUID
  config option to enable the old insecure behavior.

20160229:
  AFFECTS: users of www/nginx and www/nginx-devel
  AUTHOR: osa@FreeBSD.org

  The ${MODULESDIR}, default directory for dynamic modules, has been
  changed from ${ETCDIR}/modules to ${PREFIX}/libexec/${PORTNAME}.
  It's highly recommended to review existing configuration files of
  nginx, i.e. ${PREFIX}/etc/nginx/nginx.conf.

20160424:
  AFFECTS: users of net-mgmt/icinga2
  AUTHOR: lme@FreeBSD.org

  The creation of Icinga2 directories and files in /var is now controlled
  by the /etc/rc.conf variable icinga2_mkvar.  Earlier ports always
  created the /var entries, but could slow startup significantly when /var
  was a normal disk rather than a RAM disk.  icinga2_mkvar defaults to
  "NO".

20160415:
  AFFECTS: users of audio/chromaprint
  AUTHOR: jhale@FreeBSD.org

  chromaprint has been updated to version 1.3.1 and includes a shared
  library bump. PORTREVISIONS have been bumped on affected ports.
  If you are using binary pkg, 'pkg upgrade' will do the right thing.
  Users of portmaster/portupgrade must rebuild all ports which depend
  on chromaprint.

  Portmaster users:
      portmaster -w -r chromaprint
  Portupgrade users:
      portupgrade -fr audio/chromaprint

20160414:
  AFFECTS: users of www/tt-rss
  AUTHOR: thierry@FreeBSD.org

  Tiny Tiny RSS can use a database running on a separate server.
  Previously, in this case, you had to set the option DBLOCAL; this option
  has been removed and replaced by a settable run-time flag: now you
  should set
  ttrssd_local_db="NO"
  in your /etc/rc.conf .

20160414:
  AFFECTS: users of graphics/kipi-plugin-googledrive and graphics/kipi-plugin-picasaweb
  AUTHOR: kde@FreeBSD.org

  DigiKam and its related ports have been updated to 4.14.0, the latest
  stable upstream release.

  The graphics/kipi-plugin-googledrive and graphics/kipi-plugin-picasaweb
  have both been merged into the new graphics/kipi-plugin-googleservices
  following a move done upstream.

  Those two ports must be removed, and graphics/kipi-plugin-googleservices
  should be used instead.

20160413:
  AFFECTS: users of www/node-devel
  AUTHOR: bradleythughes@fastmail.fm

  www/node-devel was outdated and has been removed. Upstream no longer
  releases a development version. You can use the www/node port to get
  node.js 5.x by running one of the following commands:

  # pkg install node
    or
  # portmaster -o www/node www/node-devel
    or
  # portupgrade -o www/node www/node-devel

20160413:
  AFFECTS: multimedia/x264
  AUTHOR: jbeich@FreeBSD.org

  LSMASH replaced GPAC by default. If you use BATCH=y in /etc/make.conf
  and hit below error make sure to re-run "make config".

  ====> You cannot select multiple options from the MP4 radio
  *** Error code 1

20160412:
  AFFECTS: users of net/samba42 and net/samba/43
  AUTHOR: timur@FreeBSD.org

  Samba 4.2.x and 4.3.x ports have been updated to address
  BadLock(http://badlock.org) vulnerability, as well as few other
  discovered.

  Please note that Samba 4.1.x and older versions are also affected by
  the issues fixed with this release but are not supported anymore. It is
  strongly recommend to upgrade to a recent version at your earliest
  convenience.

  The security updates include new smb.conf options and a number of
  stricter behaviours to prevent Man in the Middle attacks. Between these
  changes, compatibility with a large number of older software versions
  has been lost in the default configuration.

  For more information about the related behaviour changes and the
  security issues please visit:

     https://www.samba.org/samba/latest_news.html#4.4.2
     https://www.samba.org/samba/history/samba-4.3.8.html
     https://www.samba.org/samba/history/samba-4.2.11.html

20160411:
  AFFECTS: users of databases/influxdb
  AUTHOR: cheffo@freebsd-bg.org

  To upgrade to InfluxDB 0.12, you must be on version 0.10 and all shards must
  be in TSM format (the default storage engine starting with InfluxDB 0.10).
  See the 0.10 documentation [1] for how to convert b1 and bz1 shards to TSM. If
  any b1 or bz1 shards are present, InfluxDB 0.12 will not start.

  Next, you need to update your metastore *before updating to 0.12.* [2]

  [1] https://docs.influxdata.com/influxdb/v0.10/administration/upgrading/#convert-b1-and-bz1-shards-to-tsm1
  [2] https://docs.influxdata.com/influxdb/v0.12/administration/upgrading/

20160406:
  AFFECTS: users of www/pecl-http
  AUTHOR: bofh@FreeBSD.org

  www/pecl-http has been updated to the latest 3.x stable release, which
  supports php70+ and a new port www/pecl-http2 has been created for the
  2.x branch.

  Should users want to continue to use version 2.x, replace www/pecl-http with
  www/pecl-http2 as follows:

  Using packages:

    # pkg delete pecl-http
    # pkg install pecl-http2

  Using ports:

    # portupgrade -o www/pecl-http2 www/pecl-http

  OR

    # portmaster -o www/pecl-http2 www/pecl-http

20160404:
  AFFECTS: users of lang/ruby21
  AUTHOR: swills@FreeBSD.org

  The default ruby version has been updated from 2.1 to 2.2.

  If you compile your own ports you may keep 2.1 as the default version by
  adding the following lines to your /etc/make.conf file:

  #
  # Keep ruby 2.1 as default version
  #
  DEFAULT_VERSIONS+=ruby=2.1

  If you wish to update to the new default version, you need to first stop any
  software that uses ruby. Then, you will need to follow these steps, depending
  upon how you manage your system.

  If you use pkgng, simply upgrade:
  # pkg upgrade

  If you use portmaster, install new ruby, then rebuild all ports that depend
  on ruby:
  # portmaster -o lang/ruby22 lang/ruby21
  # portmaster -R -r ruby-2.2

  If you use portupgrade, install new ruby, then rebuild all ports that depend
  on ruby:

  # pkg delete -f ruby portupgrade
  # make -C /usr/ports/ports-mgmt/portupgrade install clean
  # pkg set -o lang/ruby21:lang/ruby22
  # portupgrade -x ruby-2.2.\* -fr lang/ruby22

20160404:
  AFFECTS: mail/spamassassin
  AUTHOR: adamw@FreeBSD.org

  Support for SSLv3 has been removed from SpamAssassin, because
  SSLv3 is a Bad Idea. No direct option is provided to re-enable it.
  If your setup requires use of SSLv3, some instructions are available
  in FreeBSD PR 208225.

20160331:
  AFFECTS: security/clamav-unofficial-sigs
  AUTHOR: lukasz@wasikowski.net, sf@maxempire.com

  This version of clamav-unofficial-sigs is eXtremeSHOK's fork.
  Configuration file location has changed from
  %PREFIX%/clamav-unofficial-sigs.conf to
  %PREFIX%/clamav-unofficial-sigs/

  master.conf and os.conf hold default values, local changes should
  be placed in user.conf.

20160324:
  AFFECTS: print/ghostscript9-base
  AUTHOR: tijl@FreeBSD.org

  The default Ghostscript port has changed from print/ghostscript9-base,
  which is no longer developed, to print/ghostscript9-agpl-base.  Package
  users will upgrade automatically.  Ports users can stick with the old
  port by adding "DEFAULT_VERSIONS+=ghostscript=9" to /etc/make.conf, or
  move to the new port with:

      portmaster -o print/ghostscript9-agpl-base ghostscript9-base
  or: portupgrade -o print/ghostscript9-agpl-base print/ghostscript9-base

  And if you have ghostscript9-x11 installed:

      portmaster -o print/ghostscript9-agpl-x11 ghostscript9-x11
  or: portupgrade -o print/ghostscript9-agpl-x11 print/ghostscript9-x11

  Note that print/ghostscript9-agpl-base is licensed under the AGPLv3
  while print/ghostscript9-base is licensed under the GPLv3.

20160317:
  AFFECTS: security/openvas-client
  AUTHOR: tijl@FreeBSD.org

  The OpenVAS ports have been updated from version 2 to version 8.  All
  components have been renamed and rearranged.  The old OpenVAS client
  no longer exists.  Instead there is a web interface provided by
  security/greenbone-security-assistant or a command-line interface
  provided by security/openvas-cli.

20160311:
  AFFECTS: print/hplip
  AUTHOR: tijl@FreeBSD.org

  HPLIP has been updated to verion 3.16.2.  As part of the update support
  for the hpijs/foomatic-rip filter has been dropped.  This has long been
  unsupported upstream.  If you used this filter with your printer you'll
  have to remove the printer with HP Device Manager and then add it back as
  a new device.

20160311:
  AFFECTS: print/cups-base, print/cups-client, print/cups-image
  AUTHOR: tijl@FreeBSD.org

  The cups-base, cups-client and cups-image packages have been combined
  into one cups package.

  If you build your own ports the easiest way to update is to delete these
  packages first and then build and install print/cups.

  If you are using binary packages, depending on the packages installed on
  your system, pkg(8)'s solver might get confused. In this case do not proceed
  with the upgrade but delete first the packages:

  pkg delete -fg "cups*"

  Then usual upgrade process: pkg upgrade

  The device URI of USB printers has changed so you have to adjust the
  printer configuration.  Go to http://localhost:631/printers/.  Click on
  your printer and select "Modify Printer" in the Administration drop-down.
  You should then be able to select the new URI of the printer.  The web
  interface requires cookies and JavaScript to function properly so make
  sure your browser does not block them.

  The package also installs a devd(8) configuration file now that gives
  cups access to USB printers.  Unless you have any special needs you can
  remove any devd(8), devfs.conf(5) or devfs.rules(5) configuration related
  to cups that you may have added in the past.

20160306:
  AFFECTS: net-mgmt/yaf
  AUTHOR: pi@FreeBSD.org

  YAF is updated to version 2.8.1 with many new OPTIONS. Please use
  the default options to get same behavior as previous version.

20160302:
  AFFECTS: audio/alsa-utils, www/firefox, www/firefox-esr, www/seamonkey
  AUTHOR: jbeich@FreeBSD.org

  ALSA backend in libcubeb as used by Firefox has an unresolved issue
  with the OSS patch in audio/alsa-plugins. To avoid excessive CPU
  usage when playing HTML5 videos rebuild the port with BUFSZ_P2
  option enabled or reset options to default.

  However, with BUFSZ_P2 enabled alsa-utils may crash:

    $ aplay test.wav
    Playing WAVE 'test.wav' : Signed 16 bit Little Endian, Rate 48000 Hz, Stereo
    Assertion failed: (err >= 0), function set_params, file aplay.c, line 1289.
    Aborted by signal Abort trap...

20160229:
  AFFECTS: users of security/openssh-portable-devel
  AUTHOR: bdrewery@FreeBSD.org

  openssh-portable-devel has been removed since it is stale, insecure and
  not worth maintaining any longer.

  Users should switch back to openssh-portable.

  Using packages:

    # pkg delete openssh-portable-devel
    # pkg install openssh-portable

  Using ports:

    # portmaster -o security/openssh-portable openssh-portable-devel

  OR

    # portupgrade -o security/openssh-portable security/openssh-portable-devel

20160228:
  AFFECTS: users of mail/postfix
  AUTHOR: ohauer@FreeBSD.org

   Postfix has been updated to version 3.1, VDA and native SPF is no
   longer supported.

   - if VDA support is needed, users should stay on mail/postfix211
   - SPF support can be added to postfix via one of the mail/*spf* ports

   The Dovecot SASL OPTION was removed, Dovecot SASL support is always given
   from now on.  In addition, for each mail/postfix* port there is now a
   mail/postfix*-sasl slave port providing Cyrus SASL as default.

   To stay on postfix-2.11.x run the command:

   # pkg set -o mail/postfix:mail/postfix211

20160217:
  AFFECTS: users of www/nginx-devel
  AUTHOR: osa@FreeBSD.org

  Dynamic modules support has been enabled for the following third-party
  modules, in case of usage of these modules please update nginx
  configuration file for load these modules:

  load_module "modules/ngx_dynamic_upstream_module.so";
  load_module "modules/ngx_http_small_light_module.so";

20160214:
  AFFECTS: users of www/nginx-devel
  AUTHOR: osa@FreeBSD.org

  Dynamic modules support has been enabled for the following third-party
  modules, in case of usage of these modules please update nginx
  configuration file for load these modules:

  load_module "modules/ngx_http_echo_module.so";
  load_module "modules/ngx_http_headers_more_filter_module.so";
  load_module "modules/ngx_http_eval_module.so";
  load_module "modules/ngx_http_lua_module.so";
  load_module "modules/ngx_http_set_misc_module.so";

20160213:
  AFFECTS: users of www/nginx-devel
  AUTHOR: osa@FreeBSD.org

  Dynamic modules support has been enabled.  In case of usage following
  modules please update nginx configuration file for load these modules:

  load_module "modules/ngx_http_geoip_module.so";
  load_module "modules/ngx_http_image_filter_module.so";
  load_module "modules/ngx_http_xslt_filter_module.so";
  load_module "modules/ngx_mail_module.so";
  load_module "modules/ngx_stream_module.so";

  See https://www.nginx.com/blog/dynamic-modules-nginx-1-9-11/ for details.