Prune x11/hotwire-shell

[dports.git] / UPDATING

This file documents some of the problems you may encounter when upgrading
your ports.  We try our best to minimize these disruptions, but sometimes
they are unavoidable.

You should get into the habit of checking this file for changes each time
you update your ports collection, before attempting any port upgrades.

20160914:
  AFFECTS: users of www/nginx-devel
  AUTHOR: osa@FreeBSD.org

  Nginx now creates logs under /var/log/nginx/ and changes default log
  names from "nginx-access.log" and "nginx-error.log" to "access.log" and
  "error.log" respectively.  This is important for the error log because
  the location is encoded and touched by nginx during startup regardless
  of the configured location for the error log.

  See http://trac.nginx.org/nginx/ticket/147 for additional information
  on why this happens.

20160914:
  AFFECTS: users of deskutils/xfce4-volumed-pulse
  AUTHOR: olivierd@FreeBSD.org

  The port has been updated to the latest stable version 0.2.2.
  Support of xfce4-mixer has been removed, so you can delete
  its properties with the following command:

  xfconf-query -c xfce4-mixer -p / -rR

20160910:
  AFFECTS: users of security/letsencrypt.sh
  AUTHOR: riggs@FreeBSD.org

  The config filename has been changed upstream from "config.sh"
  to "config". Users must rename the current config file manually.
  In addition, the default WELLKNOWN location has been changed to
  %%PREFIX%%/www/letsencrypt. In order to use the previous default
  location, the config file must be updated manually as well.

20160907:
  AFFECTS: users of math/galculator
  AUTHOR: woodsb02@FreeBSD.org

  galculator now uses GTK3 by default. An option exists in the port to revert
  to GTK2 if desired.

20160906:
  AFFECTS: uses of www/nginx
  AUTHOR: marino@FreeBSD.org

  Nginx now creates logs under /var/log/nginx/ and changes default log
  names from "nginx-access.log" and "nginx-error.log" to "access.log" and
  "error.log" respectively.  This is important for the error log because
  the location is encoded and touched by nginx during startup regardless
  of the configured location for the error log.

  See http://trac.nginx.org/nginx/ticket/147 for additional information
  on why this happens.

20160905:
  AFFECTS: users of databases/postgresql96-server
  AUTHOR: girgen@FreeBSD.org

  The default unix user used by the PostgreSQL daemon has changed to
  `postgres' to reflect the long time upstream's convention. Any scripts
  you have using the old `pgsql' unix user should be modified when upgrading to
  PostgreSQL version 9.6. Older versions of PostgreSQL will continue using
  `pgsql' until their end-of-life.

  For users with UTF-8 locales in the database: The ICU patch is *activated by
  default* for the PostgreSQL-9.6 server. For previous versions it was optional
  and default off, but this has changed. Please read the entry here below from
  20160811 and understand the consequences of changing between ICU and system
  locale for database collation (short version: don't). pg_upgrade requires the
  collation method to be the same (or a reindex), while pg_dump/restore does not.

  Also, the default home directory for the postgres user is now
  /var/db/postgres, and the default data directory for PostgreSQL 9.6 is
  /var/db/postgres/data96.

20160829:
  AFFECTS: users of x11/nvidia-driver
  AUTHOR: cem@FreeBSD.org

  The NVidia driver has been updated to version 367.35.  Starting with
  version 358.09, new kernel module was added, nvidia-modeset.ko.  This
  new driver component works in conjunction with the nvidia.ko kernel
  module to program the display engine of the GPU.

  Users that experience hangs when starting X11 server, or observe

        (II) NVIDIA(0): Validated MetaModes:
        (II) NVIDIA(0):     "NULL"

  messages in their /var/log/Xorg.0.log file should replace ``nvidia''
  with ``nvidia-modeset'' in /boot/loader.conf or /etc/rc.conf files,
  depending on how they prefer to load NVidia driver kernel module.

20160829:
  AFFECTS: users of security/sshguard
  AUTHOR: feld@FreeBSD.org

  Sshguard has been updated to 1.7.0. There have been several changes to
  this release. Notably the hosts and ipfilter backends are no longer
  supported. If you need these backends to be supported and you missed
  the survey sent out by upstream I urge you to contact upstream.

  The hosts backend was previously served by security/sshguard directly.
  The additional backends were slave ports with package name suffixes. I
  have opted to keep the master/slave port relationship but not choose a
  specific backend for security/sshguard. Instead it is now a metaport
  which will prompt you for which backend you prefer. If no backend is
  configured it will depend on security/sshguard-ipfw, which is the
  native FreeBSD firewall. This my be surprising to users who depended
  on security/sshguard which only provided hosts/TCP Wrappers blocking,
  but there is no replacement at this time.

  I would also like to document that sshguard no longer accepts the -e
  argument which allowed external scripts to run when sshguard finds a
  match. As a result the null backend can no longer be used to create
  custom blocking functionality; it only serves as a detection backend.

  If the removed backends return due to user demand they will be added
  as slave ports for consistency. I apologize for any inconvenience and
  lack of notice on the deprecation of these features.

20160815:
  AFFECTS: users of mail/rspamd*
  AUTHOR: vsevolod@FreeBSD.org

  Rspamd users should update Rspamd to 1.3.3 version as soon as possible
  and ensure that '/usr/local/etc/rspamd/module.d/fuzzy_check.conf` has
  the line `algorithm = "mumhash";` for the "rspamd.com" rule. The more
  detailed information could be found on
  https://rspamd.com/announce/2016/08/15/rspamd-1.3.3.html

20160815:
  AFFECTS: users of dns/powerdns*
  AUTHOR: junovitch@FreeBSD.org

  PowerDNS Authoritative Server and Recursor 4.0.0+ introduce significant
  changes to the configuration files, which need to be handled before
  restarting the services. As from the Recursor changelog, "The Lua hook
  infrastructure was redone using LuaWrapper; old scripts will no longer
  work, but new scripts are easier to write under the new interface."

20160811:
  AFFECTS: users of security/libressl
  AUTHOR: brnrd@FreeBSD.org

  The port has been updated to the latest stable version 2.4 of LibreSSL.
  The shared library versions of the libraries have been bumped.
  With this update, the patch for the OPENSSL_VERSION_NUMBER has been
  removed. This causes issues with a number of ports. Patches for all
  ports for which this issues is known can be found on
  https://wiki.freebsd.org/LibreSSL/Ports#OPENSSL_VERSION_NUMBER

  After upgrading, manually update all packages that depend on any of the
  libraries provided by LibreSSL (libssl, libcrypto and libtls) since the
  versions of these libraries have changed. Normally, you can obtain the
  list of dependent software by running the following command:

  # pkg info -r libressl

  Then you should rebuild all ports depending on libressl to avoid dangling
  shared library dependencies. Poudriere and pkg handle this correctly,
  portmaster and portupgrade users can use the following to rebuild all
  dependent ports.

  Portmaster users:
      portmaster -r libressl
  Portupgrade users:
      portupgrade -fr security/libressl

20160811:
  AFFECTS: users of databases/postgresqlNN-server with ICU patch
  AUTHOR: girgen@FreeBSD.org

  The ICU patch is added to the PostgreSQL-9.5 server. Please note that you
  must never change between using the ICU patch and using system locale for
  the same database cluster without REINDEXing all TEXT/VARCHAR columns, or
  dump and restore your database. Failing to do so will result in corrupted
  indexes due to the differences between the locale definitions. ICU will
  always be the better choice for speed and correctness.

  Also, the ICU patch used to support other Unicode encodings than UTF-8,
  but that has been removed due to lack of demand and the complicated testing
  required. If you use another Unicode encoding and rely on ICU for collation,
  please refrain from upgrading the postgresql server and instead contact the
  author named above.

20160722:
  AFFECTS: users of emulators/virtualbox-ose
  AUTHOR: jkim@FreeBSD.org

  VirtualBox has been updated to 5.0.26 and it is incompatible with old
  kernel modules.  You should upgrade emulators/virtualbox-ose-kmod and
  load new kernel modules before starting new version, e.g.,

  # service vboxnet restart

20160722:
  AFFECTS: users of games/stonesoup-*
  AUTHOR: lifanov@mail.lifanov.com

  The WIZARD option has been renamed to NOWIZARD and is now an opt-out to
  better reflect the upstream. If you run a shared game server and would
  like the Wizard mode support disabled, please update port options.

20160718:
  AFFECTS: users of www/awstats
  AUTHOR: adamw@FreeBSD.org

  The directory containing icons has changed from ".../icons" to ".../icon".
  awstats has, in its suggested configuration file, contained an alias
  from /awstatsicons. After applying the awstats-7.5 update, you must
  update that alias to point to /usr/local/www/awstats/icon (just remove
  the "s" at the end).

20160708:
  AFFECTS: users of sysutils/screen
  AUTHOR: cy@FreeBSD.org

  GNU Screen was updated to version 4.4.0 (r417201).  Note that there was
  fix to screen message structure field responsible for $TERM handling,
  making it impossible to attach to older versions.

20160704:
  AFFECTS: users of databases/mysql57-*
  AUTHOR: riggs@FreeBSD.org

  The default location for my.cnf has changed from "/var/db/mysql/my.cnf"
  to "/usr/local/etc/mysql/my.cnf". Existing my.cnf files must be merged
  manually with the new default and moved to the new location. To
  continue using the my.cnf file at the old location, set "mysql_optfile"
  in /etc/rc.conf to point to the location of the existing my.cnf file.

20160701:
  AFFECTS: users of www/node5
  AUTHOR: bradleythughes@fastmail.fm

  Node.js v5.x has reached end of life and has been removed. Users that
  have not yet moved to v6.x should do so now by switching to the www/node
  port.

20160627:
  AFFECTS: users of sysutils/rsyslog7
  AUTHOR: brd@FreeBSD.org

  Rsyslog 7.x has reached end of life status and is being marked as
  depreciated.  Rsyslog 8 has been made the default.

20160626:
  AFFECTS: users of www/calendarserver
  AUTHOR: pi@FreeBSD.org

  Please note that updating from the previous version (5.1) to the current
  version (8.0) requires manual steps. Please consult the pkg-message for
  details.

20160624:
  AFFECTS: users of shells/zsh
  AUTHOR: adamw@FreeBSD.org

  zsh now looks for system-wide conf files in ${PREFIX}/etc, instead of
  /etc. If you have files like zshrc, zshenv, zprofile, zlogin, or zlogout
  in /etc, either move them to /usr/local/etc or rebuild zsh with the
  ETCDIR option on.

  Note that this change only affects system-wide conf files, which are not
  installed or created by a default installation.

20160621:
  AFFECTS: users of www/redmine
  AUTHOR: tz@FreeBSD.org

  Redmine was updated from 2.6.9 to 3.2.3. Since this an update over
  major versions be careful with your update.
  For further update instructions please have a look at:
  https://www.redmine.org/projects/redmine/wiki/RedmineUpgrade

20160621:
  AFFECTS: users of ftp/wget
  AUTHOR: vd@FreeBSD.org

  Wget 1.18 fixes a security vulnerability (CVE-2016-4971) and the fix
  introduces a backward-incompatibility for HTTP->FTP redirects. Any script that
  relies on the old behaviour must use --trust-server-names in order to trust
  the HTTP response and redirect to the new filename.

20160619:
  AFFECTS: users of databases/py-apsw
  AUTHOR: rm@FreeBSD.org

  SQLite 3.12 completely changed the semantics of VFS.xGetLastError() in an
  incompatible way. This required a rewrite of the relevant C, Python and test
  code. If you implement or use this method then you have to rewrite your code
  too. Also note that running the test suite from an earlier version of APSW
  against this or future SQLite versions will result in consuming all memory,
  swap or address space (an underlying integer changed meaning).

20160616:
  AFFECTS: users of security/openssl*, security/libressl*
  AUTHOR: mat@FreeBSD.org

  Previously, to tell the ports tree, you needed to set:

  WITH_OPENSSL_PORT=yes

  And if you wanted a port that was not security/openssl, you needed to add,
  for example:

  OPENSSL_PORT= security/libressl

  Now, all you need to do is:

  DEFAULT_VERSIONS+=  ssl=libressl

  Valid values are base, openssl, openssl-devel, libressl, and libressl-devel.

20160614:
  AFFECTS: users of www/node, www/node5, and www/node4
  AUTHOR: adamw@FreeBSD.org

  node now prefers a few libraries from ports to the versions bundled
  with node. However, node cannot use the libssl from LibreSSL. If you
  are using LibreSSL as your SSL provider, you must enable the
  "BUNDLED_SSL" option when building node.

20160611:
  AFFECTS: users of textproc/xmlroff
  AUTHOR: hrs@FreeBSD.org

  The library part of xmlroff has been separated into textproc/libfo.
  Remove the installed xmlroff first when upgrading it because older
  xmlroff than 0.6.2_6 have files which libfo installs.  A typical
  error message is the following:

  pkg-static: libfo-0.6.2 conflicts with xmlroff-0.6.2_5 (installs files into the same place).  Problematic file: /usr/local/include/libfo-0.6/libfo/area/fo-area.h

20160610:
  AFFECTS: users of databases/postgresql-repmgr
  AUTHOR: bofh@FreeBSD.org

  The port has been repocopied to databases/postgresql-repmgr2 and current
  post has been updated to 3.x series. If anyone is still looking forward
  to use the 2.x please upgrade as following.

  # portmaster -o databases/postgresql-repmgr2 databases/postgresql-repmgr
    or
  # portupgrade -o databases/postgresql-repmgr2 databases/postgresql-repmgr

  Otherwise if you want to move on with 3.x series just use

  # portmaster -r databases/postgresql-repmgr
    or
  # portupgrade -fr databases/postgresql-repmgr

20160605:
  AFFECTS: users of www/h2o
  AUTHOR: junovitch@FreeBSD.org

  File paths no longer have a trailing / appended to them. This enables
  directing specific paths to a file but may break existing configurations.
  Refer to https://h2o.examp1e.net/configure/file_directives.html and
  revise your yaml config appropriately.

20160601:
  AFFECTS: users of security/libressl-devel
  AUTHOR: brnrd@FreeBSD.org

  The port has been updated to the latest "unstable" version of LibreSSL.
  The shared library versions of the libraries have been bumped.
  With this update, the patch for the OPENSSL_VERSION_NUMBER has been
  removed. This causes issues with a number of ports. Patches for many of
  these issues can be found on
  https://wiki.freebsd.org/LibreSSL/Ports#OPENSSL_VERSION_NUMBER

  After upgrading to 2.4.0, manually update all packages that depend on
  any of the libraries provided by LibreSSL (libssl, libcrypto and
  libtls) since the versions of these libraries have changed. Normally,
  you can obtain the list of dependent software by running the following
  command:

  # pkg info -r libressl-devel

  Then you should rebuild all ports depending on libressl-devel to avoid
  dangling shared library dependencies. Poudriere and pkg handle this
  correctly, portmaster and portupgrade users can use the following to
  rebuild all dependent ports.

  Portmaster users:
      portmaster -r libressl-devel
  Portupgrade users:
      portupgrade -fr security/libressl-devel

20160527:
  AFFECTS: users of mail/opensmtpd-extras (any of them)
  AUTHOR: adamw@FreeBSD.org

  The invocation for extras has changed. Some extras might fail unless
  you pass all options/arguments separated by quotes:

      filter myfilter dnsbl "-c /var/chroot/dnsbl" "-h my.dnsbl.com"

  Additionally, extras now run in a chroot. Either pass "-C" to skip the
  chroot entirely (not recommended), or put all required config files,
  resolv.conf, and external binaries into the chroot. For example:

      # mkdir -p /var/chroot/dnsbl/etc
      # cp /etc/resolv.conf /var/chroot/dnsbl/etc

      And pass "-c /var/chroot/dnsbl" to the filter.

20160526:
  AFFECTS: users of mail/opensmtpd
  AUTHOR: brnrd@FreeBSD.org

  Due to changes to the rc-script you must stop smtpd prior to upgrading
  mail/opensmtpd to version 5.9.2

  # service smtpd stop

  Then upgrade OpenSMTPD to version 5.9.2.
  Additionally version 5.9.2 changes the file mode bits for two directories.
  To allow existing installations to start successfully you must apply the
  following changes

  # chown -R root:_smtpq /var/spool/smtpd/offline
  # chmod -R 770 /var/spool/smtpd/offline
  # chmod -R 700 /var/spool/smtpd/purge

  After applying the changes, the smtpd daemon can successfully be started.

20160525:
  AFFECTS: users of devel/qtcreator
  AUTHOR: nolden@kde.org

  QBS (Qt Build System) was previously shipped as part of qtcreator, now
  it is independently available as devel/qbs. However, on upgrading
  qtcreator to 3.6.1, the depends will detect qbs through a previously
  installed qtcreator port and will not build/install correctly
  (devel/qbs won't be installed automatically as depends)

  The solution is to pkg remove qtcreator, then building works correctly.

20160523:
  AFFECTS: users of databases/db6
  AUTHOR: mandree@FreeBSD.org

  The databases/db6 port has been updated to release 6.2.23.

  This requires manual action in two places:
    1. dependent applications need to be recompiled,
    2. SQL databases, if any, need to be reindexed.

  To obtain a list of ports needing a recompilation,
  the following command should provide it:

  # pkg info -r db6

  Then rebuild db6 and the dependent ports.  For pkg users, this should
  be transparent.

  Portmaster users:
  #  portmaster -r databases/db6
  Portupgrade users:
  #  portupgrade -fr databases/db6

  In order to reindex SQL databases, a db6-upgrade61.sh script is
  provided in ${PREFIX}/bin, if and only if the port's SQL option is
  enabled.  For detailed reindexing instructions, see
  http://docs.oracle.com/cd/E17076_05/html/installation/sqlite_ver61.html
  and note that the FreeBSD port installs the upgrade61.sh script with a
  db6- prefix that you need to add.

20160511:
  AFFECTS: users of audio/clementine-player
  AUTHOR: sbruno@FreeBSD.org

  The audio/clementine-player port has been updated to v1.3.1, the latest
  upstream release.  The music database code now has a hard dependency on
  databases/sqlite having the FTS3_TOKENIZER option enabled.  This has
  been made the default option in databases/sqlite.

  Without this option, clementine-player will crash on startup.

20160510:
  AFFECTS: users of biology/seqan
  AUTHOR: junovitch@FreeBSD.org

  The biology/seqan port has been split into biology/seqan (only the
  library) and biology/seqan-apps for the programs based on SeqAn. Both
  ports are based on version 2.1.1 of the SeqAn repository. There is a new
  biology/seqan1 port with version 1.3 of SeqAn for backwards compatibility,
  but this port will likely be deprecated in the next year so please update
  your software to SeqAn2.

20160505:
  AFFECTS: users of www/node
  AUTHOR: bradleythughes@fastmail.fm

  The www/node port has been updated to node.js v6.0.0, the latest
  upstream release. Users of node.js v5.x are encouraged to upgrade as
  soon as possible, as upstream support will end two months from now.

  The www/node5 port has been created to aid users transition. Use one of
  the following commands to continue using node.js v5.x:

  # pkg install node5
    or
  # portmaster -o www/node5 www/node
    or
  # portupgrade -o www/node5 www/node

20160503:
  AFFECTS: users of security/libressl
  AUTHOR: brnrd@FreeBSD.org

  LibreSSL 2.3 has removed SSLv3 support completely which leads to issues
  with a number of ports. Patches for many of these issues can be found
  on https://wiki.freebsd.org/OpenSSL/No-SSLv3

  After upgrading to 2.3.4, manually update all packages that depend on
  any of the libraries provided by LibreSSL (libssl, libcrypto and
  libtls) since the versions of these libraries have changed. Normally,
  you can obtain the list of dependent software by running the following
  command:

  # pkg info -r libressl

  Then you should rebuild all ports depending on libressl to avoid dangling
  shared library dependencies. Poudriere and pkg handle this correctly,
  portmaster and portupgrade users can use the following to rebuild all
  dependent ports.

  Portmaster users:
      portmaster -r libressl
  Portupgrade users:
      portupgrade -fr security/libressl

20160501:
  AFFECTS: users of mail/dspam
  AUTHOR: junovitch@FreeBSD.org

  dspam has been modified to no longer run as root:mail by default.
  Existing configuration must be adjusted to reflect using a non-privileged
  port and the /var/run/dspam directory for PID and socket files.  If you
  need dspam to run as root for your mail setup, you can use the SETUID
  config option to enable the old insecure behavior.

20160229:
  AFFECTS: users of www/nginx and www/nginx-devel
  AUTHOR: osa@FreeBSD.org

  The ${MODULESDIR}, default directory for dynamic modules, has been
  changed from ${ETCDIR}/modules to ${PREFIX}/libexec/${PORTNAME}.
  It's highly recommended to review existing configuration files of
  nginx, i.e. ${PREFIX}/etc/nginx/nginx.conf.

20160424:
  AFFECTS: users of net-mgmt/icinga2
  AUTHOR: lme@FreeBSD.org

  The creation of Icinga2 directories and files in /var is now controlled
  by the /etc/rc.conf variable icinga2_mkvar.  Earlier ports always
  created the /var entries, but could slow startup significantly when /var
  was a normal disk rather than a RAM disk.  icinga2_mkvar defaults to
  "NO".

20160415:
  AFFECTS: users of audio/chromaprint
  AUTHOR: jhale@FreeBSD.org

  chromaprint has been updated to version 1.3.1 and includes a shared
  library bump. PORTREVISIONS have been bumped on affected ports.
  If you are using binary pkg, 'pkg upgrade' will do the right thing.
  Users of portmaster/portupgrade must rebuild all ports which depend
  on chromaprint.

  Portmaster users:
      portmaster -w -r chromaprint
  Portupgrade users:
      portupgrade -fr audio/chromaprint

20160414:
  AFFECTS: users of www/tt-rss
  AUTHOR: thierry@FreeBSD.org

  Tiny Tiny RSS can use a database running on a separate server.
  Previously, in this case, you had to set the option DBLOCAL; this option
  has been removed and replaced by a settable run-time flag: now you
  should set
  ttrssd_local_db="NO"
  in your /etc/rc.conf .

20160414:
  AFFECTS: users of graphics/kipi-plugin-googledrive and graphics/kipi-plugin-picasaweb
  AUTHOR: kde@FreeBSD.org

  DigiKam and its related ports have been updated to 4.14.0, the latest
  stable upstream release.

  The graphics/kipi-plugin-googledrive and graphics/kipi-plugin-picasaweb
  have both been merged into the new graphics/kipi-plugin-googleservices
  following a move done upstream.

  Those two ports must be removed, and graphics/kipi-plugin-googleservices
  should be used instead.

20160413:
  AFFECTS: users of www/node-devel
  AUTHOR: bradleythughes@fastmail.fm

  www/node-devel was outdated and has been removed. Upstream no longer
  releases a development version. You can use the www/node port to get
  node.js 5.x by running one of the following commands:

  # pkg install node
    or
  # portmaster -o www/node www/node-devel
    or
  # portupgrade -o www/node www/node-devel

20160413:
  AFFECTS: multimedia/x264
  AUTHOR: jbeich@FreeBSD.org

  LSMASH replaced GPAC by default. If you use BATCH=y in /etc/make.conf
  and hit below error make sure to re-run "make config".

  ====> You cannot select multiple options from the MP4 radio
  *** Error code 1

20160412:
  AFFECTS: users of net/samba42 and net/samba/43
  AUTHOR: timur@FreeBSD.org

  Samba 4.2.x and 4.3.x ports have been updated to address
  BadLock(http://badlock.org) vulnerability, as well as few other
  discovered.

  Please note that Samba 4.1.x and older versions are also affected by
  the issues fixed with this release but are not supported anymore. It is
  strongly recommend to upgrade to a recent version at your earliest
  convenience.

  The security updates include new smb.conf options and a number of
  stricter behaviours to prevent Man in the Middle attacks. Between these
  changes, compatibility with a large number of older software versions
  has been lost in the default configuration.

  For more information about the related behaviour changes and the
  security issues please visit:

     https://www.samba.org/samba/latest_news.html#4.4.2
     https://www.samba.org/samba/history/samba-4.3.8.html
     https://www.samba.org/samba/history/samba-4.2.11.html

20160411:
  AFFECTS: users of databases/influxdb
  AUTHOR: cheffo@freebsd-bg.org

  To upgrade to InfluxDB 0.12, you must be on version 0.10 and all shards must
  be in TSM format (the default storage engine starting with InfluxDB 0.10).
  See the 0.10 documentation [1] for how to convert b1 and bz1 shards to TSM. If
  any b1 or bz1 shards are present, InfluxDB 0.12 will not start.

  Next, you need to update your metastore *before updating to 0.12.* [2]

  [1] https://docs.influxdata.com/influxdb/v0.10/administration/upgrading/#convert-b1-and-bz1-shards-to-tsm1
  [2] https://docs.influxdata.com/influxdb/v0.12/administration/upgrading/

20160406:
  AFFECTS: users of www/pecl-http
  AUTHOR: bofh@FreeBSD.org

  www/pecl-http has been updated to the latest 3.x stable release, which
  supports php70+ and a new port www/pecl-http2 has been created for the
  2.x branch.

  Should users want to continue to use version 2.x, replace www/pecl-http with
  www/pecl-http2 as follows:

  Using packages:

    # pkg delete pecl-http
    # pkg install pecl-http2

  Using ports:

    # portupgrade -o www/pecl-http2 www/pecl-http

  OR

    # portmaster -o www/pecl-http2 www/pecl-http

20160404:
  AFFECTS: users of lang/ruby21
  AUTHOR: swills@FreeBSD.org

  The default ruby version has been updated from 2.1 to 2.2.

  If you compile your own ports you may keep 2.1 as the default version by
  adding the following lines to your /etc/make.conf file:

  #
  # Keep ruby 2.1 as default version
  #
  DEFAULT_VERSIONS+=ruby=2.1

  If you wish to update to the new default version, you need to first stop any
  software that uses ruby. Then, you will need to follow these steps, depending
  upon how you manage your system.

  If you use pkgng, simply upgrade:
  # pkg upgrade

  If you use portmaster, install new ruby, then rebuild all ports that depend
  on ruby:
  # portmaster -o lang/ruby22 lang/ruby21
  # portmaster -R -r ruby-2.2

  If you use portupgrade, install new ruby, then rebuild all ports that depend
  on ruby:

  # pkg delete -f ruby portupgrade
  # make -C /usr/ports/ports-mgmt/portupgrade install clean
  # pkg set -o lang/ruby21:lang/ruby22
  # portupgrade -x ruby-2.2.\* -fr lang/ruby22

20160404:
  AFFECTS: mail/spamassassin
  AUTHOR: adamw@FreeBSD.org

  Support for SSLv3 has been removed from SpamAssassin, because
  SSLv3 is a Bad Idea. No direct option is provided to re-enable it.
  If your setup requires use of SSLv3, some instructions are available
  in FreeBSD PR 208225.

20160331:
  AFFECTS: security/clamav-unofficial-sigs
  AUTHOR: lukasz@wasikowski.net, sf@maxempire.com

  This version of clamav-unofficial-sigs is eXtremeSHOK's fork.
  Configuration file location has changed from
  %PREFIX%/clamav-unofficial-sigs.conf to
  %PREFIX%/clamav-unofficial-sigs/

  master.conf and os.conf hold default values, local changes should
  be placed in user.conf.

20160324:
  AFFECTS: print/ghostscript9-base
  AUTHOR: tijl@FreeBSD.org

  The default Ghostscript port has changed from print/ghostscript9-base,
  which is no longer developed, to print/ghostscript9-agpl-base.  Package
  users will upgrade automatically.  Ports users can stick with the old
  port by adding "DEFAULT_VERSIONS+=ghostscript=9" to /etc/make.conf, or
  move to the new port with:

      portmaster -o print/ghostscript9-agpl-base ghostscript9-base
  or: portupgrade -o print/ghostscript9-agpl-base print/ghostscript9-base

  And if you have ghostscript9-x11 installed:

      portmaster -o print/ghostscript9-agpl-x11 ghostscript9-x11
  or: portupgrade -o print/ghostscript9-agpl-x11 print/ghostscript9-x11

  Note that print/ghostscript9-agpl-base is licensed under the AGPLv3
  while print/ghostscript9-base is licensed under the GPLv3.

20160317:
  AFFECTS: security/openvas-client
  AUTHOR: tijl@FreeBSD.org

  The OpenVAS ports have been updated from version 2 to version 8.  All
  components have been renamed and rearranged.  The old OpenVAS client
  no longer exists.  Instead there is a web interface provided by
  security/greenbone-security-assistant or a command-line interface
  provided by security/openvas-cli.

20160311:
  AFFECTS: print/hplip
  AUTHOR: tijl@FreeBSD.org

  HPLIP has been updated to verion 3.16.2.  As part of the update support
  for the hpijs/foomatic-rip filter has been dropped.  This has long been
  unsupported upstream.  If you used this filter with your printer you'll
  have to remove the printer with HP Device Manager and then add it back as
  a new device.

20160311:
  AFFECTS: print/cups-base, print/cups-client, print/cups-image
  AUTHOR: tijl@FreeBSD.org

  The cups-base, cups-client and cups-image packages have been combined
  into one cups package.

  If you build your own ports the easiest way to update is to delete these
  packages first and then build and install print/cups.

  If you are using binary packages, depending on the packages installed on
  your system, pkg(8)'s solver might get confused. In this case do not proceed
  with the upgrade but delete first the packages:

  pkg delete -fg "cups*"

  Then usual upgrade process: pkg upgrade

  The device URI of USB printers has changed so you have to adjust the
  printer configuration.  Go to http://localhost:631/printers/.  Click on
  your printer and select "Modify Printer" in the Administration drop-down.
  You should then be able to select the new URI of the printer.  The web
  interface requires cookies and JavaScript to function properly so make
  sure your browser does not block them.

  The package also installs a devd(8) configuration file now that gives
  cups access to USB printers.  Unless you have any special needs you can
  remove any devd(8), devfs.conf(5) or devfs.rules(5) configuration related
  to cups that you may have added in the past.

20160306:
  AFFECTS: net-mgmt/yaf
  AUTHOR: pi@FreeBSD.org

  YAF is updated to version 2.8.1 with many new OPTIONS. Please use
  the default options to get same behavior as previous version.

20160302:
  AFFECTS: audio/alsa-utils, www/firefox, www/firefox-esr, www/seamonkey
  AUTHOR: jbeich@FreeBSD.org

  ALSA backend in libcubeb as used by Firefox has an unresolved issue
  with the OSS patch in audio/alsa-plugins. To avoid excessive CPU
  usage when playing HTML5 videos rebuild the port with BUFSZ_P2
  option enabled or reset options to default.

  However, with BUFSZ_P2 enabled alsa-utils may crash:

    $ aplay test.wav
    Playing WAVE 'test.wav' : Signed 16 bit Little Endian, Rate 48000 Hz, Stereo
    Assertion failed: (err >= 0), function set_params, file aplay.c, line 1289.
    Aborted by signal Abort trap...

20160229:
  AFFECTS: users of security/openssh-portable-devel
  AUTHOR: bdrewery@FreeBSD.org

  openssh-portable-devel has been removed since it is stale, insecure and
  not worth maintaining any longer.

  Users should switch back to openssh-portable.

  Using packages:

    # pkg delete openssh-portable-devel
    # pkg install openssh-portable

  Using ports:

    # portmaster -o security/openssh-portable openssh-portable-devel

  OR

    # portupgrade -o security/openssh-portable security/openssh-portable-devel

20160228:
  AFFECTS: users of mail/postfix
  AUTHOR: ohauer@FreeBSD.org

   Postfix has been updated to version 3.1, VDA and native SPF is no
   longer supported.

   - if VDA support is needed, users should stay on mail/postfix211
   - SPF support can be added to postfix via one of the mail/*spf* ports

   The Dovecot SASL OPTION was removed, Dovecot SASL support is always given
   from now on.  In addition, for each mail/postfix* port there is now a
   mail/postfix*-sasl slave port providing Cyrus SASL as default.

   To stay on postfix-2.11.x run the command:

   # pkg set -o mail/postfix:mail/postfix211

20160217:
  AFFECTS: users of www/nginx-devel
  AUTHOR: osa@FreeBSD.org

  Dynamic modules support has been enabled for the following third-party
  modules, in case of usage of these modules please update nginx
  configuration file for load these modules:

  load_module "modules/ngx_dynamic_upstream_module.so";
  load_module "modules/ngx_http_small_light_module.so";

20160214:
  AFFECTS: users of www/nginx-devel
  AUTHOR: osa@FreeBSD.org

  Dynamic modules support has been enabled for the following third-party
  modules, in case of usage of these modules please update nginx
  configuration file for load these modules:

  load_module "modules/ngx_http_echo_module.so";
  load_module "modules/ngx_http_headers_more_filter_module.so";
  load_module "modules/ngx_http_eval_module.so";
  load_module "modules/ngx_http_lua_module.so";
  load_module "modules/ngx_http_set_misc_module.so";

20160213:
  AFFECTS: users of www/nginx-devel
  AUTHOR: osa@FreeBSD.org

  Dynamic modules support has been enabled.  In case of usage following
  modules please update nginx configuration file for load these modules:

  load_module "modules/ngx_http_geoip_module.so";
  load_module "modules/ngx_http_image_filter_module.so";
  load_module "modules/ngx_http_xslt_filter_module.so";
  load_module "modules/ngx_mail_module.so";
  load_module "modules/ngx_stream_module.so";

  See https://www.nginx.com/blog/dynamic-modules-nginx-1-9-11/ for details.

20160127:
  AFFECTS: users of net-im/uTox
  AUTHOR: amdmi3@FreeBSD.org

  Before upgrading uTox port, please set maximum font scale in the
  program options.

20160119:
  AFFECTS: users of security/tor, security/tor-devel
  AUTHOR: amdmi3@FreeBSD.org

  The tor ports now create /var/log/tor subdirectory for tor logs. If
  you've used /var/log/tor as a log _file_, you'll need to update your
  torrc and move the file before updating the port.

20160118:
  AFFECTS: users of mail/rspamd and mail/rmilter
  AUTHOR: vsevolod@FreeBSD.org

  Rspamd has been updated to the version 1.1.0. If you have used per user
  statistics, then please consult changelog for details: your configuration
  should be changed.

  Rmilter has been updated to the version 1.7.0. Support of SPF and Spamassassin
  has been dropped from this project completely. You might also consider
  migration from memcahched to redis in this version.

20160113:
  AFFECTS: users of sysutils/ansible
  AUTHOR: lifanov@mail.lifanov.com

  Ansible 2.0.0 introduces a number of incompatible configuration changes.
  Please read changelog and migrate current configuration:

  https://raw.githubusercontent.com/ansible/ansible/v2.0.0.0-1/CHANGELOG.md

  Ansible 1.9.* will be provided as sysutils/ansible1 until the next update
  of 2.0 branch.

20160111:
  AFFECTS: users of security/easy-rsa
  AUTHOR: mandree@FreeBSD.org

  The port has been upgraded to version 3. This incurs major changes,
  please see ${PREFIX}/share/doc/easy-rsa/doc/EasyRSA-Upgrade-Notes.md
  for details.

  The old version 2.2.2 has been retained as security/easy-rsa2.

20151227:
  AFFECTS: users of games/nethack34
  AUTHOR: glewis@FreeBSD.org

  The port name and installation location of games/nethack34 have changed
  to allow for a port of NetHack 3.6.0.  To preserve your save and bones
  files do the following after updating:

    # sudo cp -p ${LOCALBASE}/share/nethack/save/* ${LOCALBASE}/share/nethack34/save/
    # sudo cp -p ${LOCALBASE}/share/nethack/bon* ${LOCALBASE}/share/nethack34/

  After verifying the files were copied correctly, remove the playground
  directory (as these files are incompatible with NetHack 3.6.0).

    # sudo rm -r ${LOCALBASE}/share/nethack

20151219:
  AFFECTS: users of net/samba4, net/samba41
  AUTHOR: timur@FreeBSD.org

  Given version of Samba were marked as deprecated. Please, consider to upgrade.

  Samba4 was giving wrong builds with recent version of p5-Parse-Pidl. It was
  converted to use bundled version instead and to conflict with the given package.
  If you still intend to build net/samba4 - remove p5-Parse-Pidle first.

20151217:
  AFFECTS: users of security/tor, security/tor-devel
  AUTHOR: amdmi3@FreeBSD.org

  Tor rc.d script no longer overrides or forces logfile configuration,
  you now need to setup logging by hand. To preserve old behavior, add
  the following line to /usr/local/etc/tor/torrc:

    Log notice file /var/log/tor

20151215:
  AFFECTS: all users of www/node
  AUTHOR: koobs@FreeBSD.org

  www/node has been updated to the latest 5.x stable release, and a new port
  www/node4 has been created for the 4.x LTS branch.

  Should users want to continue to use version 4.x, replace www/node with
  www/node4 as follows:

  Using packages:

    # pkg delete node
    # pkg install node4

  Using ports:

    # portupgrade -o www/node4 www/node

  OR

    # portmaster -o www/node4 node

20151210:
  AFFECTS: users of comms/gammu
  AUTHOR: vanilla@FreeBSD.org

  The python binding of comms/gammu were split from the main port. To get them you
  need to install comms/py-gammu.

20151206:
  AFFECTS: users of mail/postfixadmin
  AUTHOR: riggs@FreeBSD.org

  Caveat when updating to version 2.93: If you have an existing
  configuration and are NOT using the recommended practice of putting your
  settings changes in config.local.php:

  Copy config.inc.php to config.local.php prior to upgrading, then revise
  config.local.php for the current version afterward.

  Postfixadmin will not function correctly unless correct and complete
  data structures are placed in config.inc.php. Therefore the file must be
  upgraded as part of the package and any changes to config.inc.php will
  be overwritten.

  Detailed information regarding this procedure is provided in step 3 of
  the installation instructions in ${DATADIR}/INSTALL.TXT (by default
  /usr/local/share/postfixadmin/INSTALL.TXT).

20151205:
  AFFECTS: users of devel/ncurses
  AUTHOR: bapt@FreeBSD.org

  ncurses has been updated to 6.0.
  If you are using binary pkg, 'pkg upgrade' will do the right thing.
  Users of portmaster/portupgrade must rebuild all ports which depend
  on ncurses.

  Portmaster users:
      portmaster -w -r ncurses
  Portupgrade users:
      portupgrade -fr devel/ncurses

20151203:
  AFFECTS: users of x11-toolkits/qt4-gui or x11-toolkits/qt5-gui
  AUTHOR: kde@FreeBSD.org

  Back in mid-2012, pkg-message was added to the port suggesting changes to the
  default shared memory limits in loader.conf(5). Since then, the default
  limits have been changed and the values suggested by the port are no longer
  sensible. If you have changed the following values in loader.conf(5) due to
  qt4-gui's or qt5-gui's pkg-message, please considering removing them and
  using the default settings:
  * kern.ipc.shmall
  * kern.ipc.shmmni
  * kern.ipc.shmseg
  See base r209037 and ports PR 202927 for more context.

20151203:
  AFFECTS: users of sysutils/logstash
  AUTHOR: junovitch@FreeBSD.org

  Logstash has been updated to the 2.1.0 release. The embedded ElasticSearch
  instance is no longer supported. If in use, end users must update
  logstash.conf to point to the URL of an ElasticSearch instance.

20151130:
  AFFECTS: users of net/samba43
  AUTHOR: timur@FreeBSD.org

  A new version of Samba server that has better integration with Windows 10.
  This is still experimental and there were reports that rolling upgrade from
  previous version of Samba fails to work.

  Please, backup all relevant files from /var/db/samba4/ directory, as well
  as configuration files.

  Follow https://wiki.samba.org/index.php/Updating_Samba for the upgrade path.

20151130:
  AFFECTS: users of net/samba4, net/samba41, net/samba42
  AUTHOR: timur@FreeBSD.org

  Recent versions of devel/talloc, devel/tevent, database/tdb, database/ldb
  contained infinit recursive call to the strtol* set of replacement functions,
  which lead to coredumps. Unofficial patch was added meanwhile, but now
  official version of the fixed libs were released. If your version of
  net/samba4 works fine you don't need to recompile it. Other ports were also
  upgraded and some bugs were fixed in upstream.

20151122:
  AFFECTS: users of audio/audacity
  AUTHOR: riggs@FreeBSD.org

  Audacity has been upgraded to version 2.1.1. Changes in its settings
  processing may prevent it from starting. If this happens, removing its
  user-specific configuration directory ~/.audacity-data resolves this.

20151118:
  AFFECTS: users of mail/rmilter
  AUTHOR: vsevolod@FreeBSD.org

  Rmilter now has switched from user postfix to user _rmilter for security
  and sanity purposes. You might want to fix the ownership of
  /var/run/rmilter to user _rmilter and group mail.

20151105:
  AFFECTS: users of deskutils/egroupware
  AUTHOR: danilo@FreeBSD.org

  EGroupware 1.8 was deprecated and removed from sourceforge.net.
  To upgrade to the new version (14.3), make a backup of all files and
  database, remove all files from ${PREFIX}/www/eg:

    # pkg remove egroupware
    # rm -rf ${PREFIX}/www/eg

  Install the new egroupware:
    # pkg install egroupware
   or
    # make -C /usr/ports/deskutils/egroupware install clean

  Access the setup page on your browser and run the upgrade process
  (eg: http://<server>/eg/setup).

20151101:
  AFFECTS: users of www/codeigniter
  AUTHOR: junovitch@FreeBSD.org

  CodeIgniter has been updated to the 3.0.x release branch. End users
  must ensure their web applications are compliant with the guidance
  in the "Upgrading From a Previous Version" document.

  http://www.codeigniter.com/user_guide/installation/upgrade_300.html

  CodeIgniter 2.2.x has reached EOL as of 31 October 2015 but may be
  installed in the interim from the www/codeigniter22 port.

20151020:
  AFFECTS: users of security/keepassx2

  Due to a package name change, first remove the existing package
  and then reinstall it:

  # pkg delete security/keepassx2
  # portmaster security/keepassx2

20151019:
  AFFECTS: users of www/varnish4
  AUTHOR: feld@FreeBSD.org

  Varnish has been updated to 4.1.0. As part of the update an effort has
  been made to increase the security of the varnish daemons by utilizing
  separate UIDs. Users who upgrade will likely run into a permissions
  issue as a result. The simplest solution is to delete files varnish
  will recreate with the correct permissions and to adjust permissions
  of existing log files.

  The following changes will allow you to start varnishd, varnishlog,
  and varnishncsa successfully:

  # rm -r /usr/local/varnish/$(hostname)
  # rm /var/run/varnishlog.pid
  # rm /var/run/varnishncsa.pid
  # chown varnishlog /var/log/varnish.log
  # chown varnishlog /var/log/varnishncsa.log

  Please also note that the syntax for binding to additional IPs has
  changed in 4.1.0. Multiple listening addresses are now specified by
  using multiple -a arguments. In rc.conf it would look like this:

  varnishd_listen="x.x.x.x:80 -a y.y.y.y:80"

20151015:
  AFFECTS: users of devel/subversion, its bindings and www/mod_dav_svn
  AUTHOR: lev@FreeBSD.org

  The subversion upgdate to 1.9 branch introduces new "old" subversion
  port devel/subversion18.

  If you don't want to update your subversion installation, run

        pkg set -n subversion:subversion18

  and add

        WITH_SUBVERSION_VER=18

  to your /etc/make.conf

20151013:
  AFFECTS: users of security/sshguard-ipfw
  AUTHOR: feld@FreeBSD.org

  The sshguard update to 1.6.2 introduces a rewritten IPFW backend. The
  previous approach was to insert individual block rules with a
  predefined  numbered range. This does not scale well and is not
  flexible so the design was scrapped. The new approach utilizes IPFW
  tables. The sshguard IPFW backend now inserts offenders into hardcoded
  table 22.

  To continue blocking the attackers effectively you will need to add a
  block rule like the following:

  ipfw add deny all from 'table(22)' to any

  The release announcement can be found here:
    http://sourceforge.net/p/sshguard/mailman/message/34534861/

20151011:
  AFFECTS: users of emulators/qemu-sbruno, emulators/qemu-user-static
  AUTHOR: sbruno@FreeBSD.org

  The Jemalloc update at svn r286871 introduced some TLS enhancements
  for MIPS targets that require a bit of workaround.  Users who want
  to build MIPS packages should update their host systems past r286871
  prior to upgrading their qemu-user-static/qemu-sbruno ports.

  Discussion about this can be found here:
    https://lists.freebsd.org/pipermail/freebsd-mips/2015-October/004018.html

20151006:
  AFFECTS: users of www/firefox, www/seamonkey
  AUTHOR: gecko@FreeBSD.org

  Firefox since 41.0 and SeaMonkey since 2.38 require databases/sqlite3
  port built with DBSTAT option enabled (default). Re-run "make config"
  if the port(s) fail to build as described in ports/200853.

20150921:
  AFFECTS: users of mail/rspamd
  AUTHOR: vsevolod@FreeBSD.org

  rspamd has been updated to the version 1.0.
  For migration from the previous releases, please read the following document:
  https://rspamd.com/doc/migration.html

20150919:
  AFFECTS: users of multimedia/ffmpeg
  AUTHOR: riggs@FreeBSD.org

  ffmpeg has been updated to the version 2.8.
  If you are using binary pkg, 'pkg upgrade' will do the right thing.
  Users of portmaster/portupgrade must rebuild all ports which depend
  on ffmpeg.

  Portmaster users:
      portmaster -w -r ffmpeg
  Portupgrade users:
      portupgrade -fr multimedia/ffmpeg