Log message:
Update dependency to newer package path.

	converters/php-mbstring
	databases/php-mysqli
	net/php-soap
	textproc/php-dom
	textproc/php-xsl
	time/php-calendar

No functional change should be done.

Log message:
Remove the case of PKG_PHP_VERSION is 4.

No functional change.

Log message:
Update drupal6 package to 6.16.

Drupal 6.16, 2010-03-03
----------------------
- Fixed security issues (Installation cross site scripting, Open redirection,
  Locale module cross site scripting, Blocked user session regeneration),
  see SA-CORE-2010-001.
- Better support for updated jQuery versions.
- Reduced resource usage of update.module.
- Fixed several issues relating to support of install profiles and
  distributions.
- Added a locking framework to avoid data corruption on long operations.
- Fixed a variety of other bugs.

Log message:
Update www/drupal6 package to 6.15, fixing security problem.

Drupal 6.15, 2009-12-16
----------------------
- Fixed security issues (Cross site scripting), see SA-CORE-2009-009.
- Fixed a variety of other bugs.

other pkgsrc changes:

* Add PKG_DESTDIR_SUPPORT spport.
* Use REPLACE_INTERPRETER.
* Change default.settings.php handling to fix PR pkg/42355.

Log message:
Update www/drupal6 package to fix security problem.
pkgsrc change: add LICENSE.

Drupal 6.14, 2009-09-16
----------------------
- Fixed security issues (OpenID association cross site request forgeries,
  OpenID impersonation and File upload), see SA-CORE-2009-008.
- Changed the system modules page to not run all cache rebuilds; use the
  button on the performance settings page to achieve the same effect.
- Added support for PHP 5.3.0 out of the box.
- Fixed a variety of small bugs.

Log message:
This release fixes security vulnerabilities. Sites are urged to upgrade \ 
immediately after reading the security announcement:

    * SA-CORE-2009-007 - Drupal core - Multiple vulnerabilities

In addition to this security vulnerability, the following bugs have been fixed \ 
since the 6.12 release:

    * - Patch #463450 by wulff: fixed documentation glitch.
    * #193577 by Rob Loach, Damien Tournoud, andypost: JavaScript string split() \ 
function does not behave like PHP explode(); causes problems with multiple node \ 
body break tags
    * #454992 by sun, bengtan: _drupal_flush_css_js() should not have 'q' as a \ 
possible CSS query character, since that is the Drupal path name character too
    * #452704 by andypost, catch: Names of compressed CSS and JS files should \ 
have a prefix, so that names starting in ad* will not happen. Those are easily \ 
blocked by firewalls, Firefox's Adblock, etc.
    * #468732 by andypost: cache_clear_all() mentioned cache_flush_delay \ 
incorrectly; it should say we use cache_lifetime
    * #460420 by wulff, andypost: drupal_set_title() in forum_overview() is not \ 
needed; menu already sets the title and is localized
    * #398902 by Nick Urban, alexanderpas, kscheirer: password equality checking \ 
was not using strict type checking; we should assume these are strings and \ 
compared character to character
    * #479216 by jhedstrom: fix grammar in forum module messages
    * #445748 by Dave Reid, dww: Fix module support for disabled module update \ 
status checking and do not track usage in that case.
    * #465190 by Heine: The Anonymous name is a plain text setting, so it should \ 
be escaped properly for output.
    * #246096 by Sutharsan, Pedro Lozano, mr.baileys, andypost: Actions set to \ 
run on cron were not actually triggered.
    * #226479 by gpk, BrianV, catch: We should always show the node access \ 
rebuild button. The check on when to show it was fragile, so the button might \ 
not have been there when actually needed.
    * #482646 by Dave Reid: For proper HTTP query simpletesting, we should pass \ 
on the instance identifier (database prefix).
    * #197266 by ufku, lilou, Dave Reid, c960657, drewish: Save a query by only \ 
calling file_space_used() when a limit is provided.
    * #408876 by Pasqualle, JamesAn: The 'serialize' Schema API property was \ 
used but not documented.
    * #145733 by kepten, brianV: The session.use_cookies PHP setting is required \ 
by Drupal, but it can be turned off, so try to ensure it is turned on at all \ 
times.
    * #373225 by jpulles, Josh Waihi: When changing columns, PostgreSQL needs \ 
explicit type casting to ensure that values are kept properly.
    * #236657 by hctom, swentel: In system_clear_cache_submit(), the function \ 
arguments were swapped (but it did not affect how it actually worked).
    * #243253 by Benjamin Melançon, dww: Update status should not attempt to \ 
request update data until a limit is reached. Fixed Drupal instances when \ 
drupal.org is down and gets less load on Drupal.org if data is not found.
    * #339466 by patryk, c960657, alexanderpas: Remove url() wrapping from \ 
remote links and link in a more user friendly OpenID provider list.
    * #461938 by grendzy, JamesAn: Use filter_xss_admin() on site name and site \ 
slogan, just like footer message and mission
    * #455172 by budda, RoboPhred, andypost: Fix drupal_mail() documentation, so \ 
that it encourages to set the body of the email as an array (like core does).
    * #329797 by berenddeboer, redndahead, danielb: The tablesort code did not \ 
account for possibly nested tables; only match immediate descendats, so elements \ 
of nested tables are not matched.
    * #352121 by valthebald, Damien Tournoud, mr.baileys: The safe string check \ 
on translations should only be applied to the default textgroup. Strings in \ 
other textgroups such as blocks and menu items are displayed via escaping and \ 
filtering, and might contain arbitrary HTML.

Log message:
Convert @exec/@unexec to @pkgdir or drop it.

Log message:
6.12

The twelfth maintenance and security release of the Drupal 6 series. Only fixes \ 
for security vulnerabilities and other bugs have been committed. New features \ 
are only being added to the forthcoming Drupal 7.0 release.

This release fixes security vulnerabilities. Sites are urged to upgrade \ 
immediately after reading the security announcement:

    * SA-CORE-2009-006 - Drupal core - Cross site scripting

In addition to this security vulnerability, the following bugs have been fixed \ 
since the 6.11 release:

* #353328 by catch, BrianV: When a new commment is added, the redirection path \ 
should point to page, where the new comment is.
* #239945 by Xano, JeremyFrench, Damien Tournoud, andypost: Should not iterate \ 
over the children in taxonomy_get_tree() anymore if we reached max_depth.
* #292565 by grendzy, John Morahan, Jody Linn: remove path munging on 403/404 \ 
pages, which caused problems for login redirects
* #448268 by dww: Make sure that submitting the themes admin form clears out the \ 
update status cache, just like the modules admin form does.

Log message:
Update to 6.11

This release fixes a security vulnerability. Sites are urged to upgrade \ 
immediately after reading the security announcement:

    * SA-CORE-2009-005 - Drupal core - Cross site scripting

In addition to this security vulnerability, the following bugs have been fixed \ 
since the 6.10 release:

    * #376408 follow up by pwolanin: search_nodeapi() lacked break in switch; \ 
resulted in issue in logic not code flow
    * #197864 by vito_swat, alpritt, Murz, catch: Use hook_term_path() in forum \ 
module instead of hook_link_alter(); simplfies code, improves performance and \ 
compatibility.
    * #314314 by bastos, Dave Reid, mr.baileys, Pasqualle: fix invalid XHTML \ 
markup in update.php output
    * #372914 by chx, pwolanin, webchick: Menu link title localization was \ 
broken when a non-t callback was used
    * #395086 by Freso: call trim() before truncate_utf8() in comment module for \ 
better quality truncation.
    * #404244 by cwgordon7: minor code style fix in openid_help().
    * #357031 by hinfox, dereine, aaronbauman: trigger_nodeapi() passed a4 twice \ 
and did not pass a3 to the action when the action type was other then node
    * #141965 by jeffschuler: taxonomy_term_path() and its phpdoc block was \ 
separated by one blank line, thus disconnecting it for the API docs parser
    * #408962 by brianV: improve phpdoc documentation for \ 
menu_tree_collect_node_links() and menu_tree_check_access().
    * #290561 by mustafau, AlexisWilke: aggregator_save_category() should ask \ 
for the last insert ID in 'aggregator_category', not 'aggregator' when saving.
    * #292565 by lyricnz, Damien Tournoud, Jody Lynn, kleinmp, John Morahan, \ 
akalsey: Make forms work on 404 and 403 pages. Remove any fake destination set \ 
by drupal_not_found() or drupal_access_denied() so that we can properly redirect \ 
from those pages.
    * #325810 by darren.ferguson, miglius: in tableheader.js $('td'+ \ 
location.hash).offset() does not alway return an object, which breaks all \ 
JavaScript on the page, so check for the return value before using it.
    * #297972 by wilson98, scor, Steven Jones, yched, heyrocker: make the batch \ 
API compatible with drupal_execute(), so things like creating a CCK type or \ 
adding fields to it (by submitting forms programatically) are possible in update \ 
functions
    * #365996 by sammys: the correct full name for the timestamp field in \ 
postgresql is timestamp without time zone; improve compatibility with PostgreSQL \ 
/ schema module
    * #279233 by Aren Cambre, jbomb: Message printed when email is not being \ 
possible to send was informal and had a grammar problem.
    * - Patch #316515 by jmburnz, momendo: fixed position of OpenID logo.
    * - Patch #372414 by JohnAlbin: don't output empty div when no comment exist.
    * - Patch #228477 by anuradha: corrected Sinhala language.
    * - Patch #286374 by jhodgdon: fixed documentation of file_save_upload() \ 
validators.
    * #382096 by Arancaytar: clean up #maxlength use in the installer; remove \ 
arbitrary 45 character limits, put reasonable limits in place where it makes \ 
sense
    * #330084 by c960657: Remove unnecessary duplication of the From header \ 
value in Reply-to; standards indicate setting the From header should be \ 
sufficient
    * #385602 by Damien Tournoud, desbeers: log messages were not remembered on \ 
node preview
    * #437120 by mfb: avoid double escaping of taxonomy term names in feed links \ 
and channel titles
    * #437930 by soxofaan: remove unnecessary tabindex attribute from login \ 
form; makes altering harder
    * #160226 by kymmx, karschsp, Dave Reid, Berdir: statistics module was \ 
matching on prefixes of node paths instead of the node paths themselves (and \ 
possible subtabs)
    * #401304 by Darren Oh: make conditional in statistics_link() more explicit \ 
to catch node related invocations
    * #363262 follow up by Dave Reid: fix phpdoc comments on update functions to \ 
properly mark update functions added after 6.0 was released
    * #317775 by Starminder, pwolanin: do not store the menu router table \ 
serialized in cache, since it cases more performance problems then it solves
    * #282852 by Arancaytar, will_in_wi: remove negative margin on .node in \ 
Garland, so nodes do no overlap the messages area on the page
    * #227228 by ilmaestro, gpk, ball.in.th, catch, andypost: use per-table \ 
cache_flush variables to avoid not flushing all but the first table when \ 
multiple tables are cleared
    * #445600 by Rob Loach: allow for as few as 1 required word in submission of \ 
a node of a content type if the admin wants to set so
    * #343415 by Damien Tournoud: the form cache is not automatically cleared on \ 
submit if the page cache is activated
    * Rolling back #343415 given disputes around its change in Drupal 7.
    * #229660 by Dave Reid: use theme('username', ...) to display usernames on \ 
the user contact page
    * #447700 by dww: Earl Miles is not update.module maintainer anymore
    * #431148 by pwolanin, dww: Make it easier to visually distinguish security \ 
updates on Updates report
    * #396224 by pwolanin: Further harden template file name discovery
    * #220592 by dww and pwolanin: Always use the database for caching in update \ 
module, so that drupal.org project data persists. Improves both local and \ 
drupal.org site performance.

Log message:
This release fixes a security vulnerability. Sites are urged to upgrade \ 
immediately after reading the security announcement:

    * SA-CORE-2009-003 - Local file inclusion on Windows

In addition to this security vulnerability, the following bugs have been fixed \ 
since the 6.9 release:

    * - Patch #298722 by pwolanin: _menu_translate returns FALSE before to_arg \ 
is available. Drupal.org upgrade blocker.
    * #310863 by bangpound, dboulet, catch, lee20: Locale variable results in \ 
locale module install, so skip adding empty variable when not needed.
    * #275796 by Gribnif, Damien Tournoud, Dave Reid, vaish: module_list() \ 
should set its static variable to NULL instead of unset()-ing it, so it does not \ 
retain its value
    * #328110 by marcingy, swentel, Damien Tournoud, pwolanin, David_Rothstein: \ 
the link argument is passed by reference to menu_link_save(), so avoid \ 
overwriting local variables in menu_enable().
    * #62926 by karschsp: increase the free tagging field maximum length to \ 
1024; the database limits are per-tag.
    * #220559 by eMPee584, Desbeers, Damien Tournoud: only ever add the active \ 
class to links in l() and theme_links(), if the language was set and is the \ 
current language or if the language was not set on the link
    * #365183 by Eaton: node_feed() did not use the same API functions as \ 
node_view() did, so custom fields were missing from the output
    * #356721 by c960657, Dave Reid: remove static caching of the clean URLs \ 
setting in url() to help automated tests; the setting is cached through \ 
variable_get(), which however allows altering of the setting
    * #290282 by kratib, jvandyk, ainigma32: Only track/limit the recursive \ 
invocations of actions_do(), instead of tracking/limiting them all.
    * #320395 by qutoz, swentel: Set node format to 0 in node_submit() if the \ 
body was turned off to avoid a minor notice.
    * #359918 by Dave Reid: database.inc documents the 'unique key' key, while \ 
it should be 'unique keys'
    * #152098 by hunthunthunt, mgifford, Dave Reid: add 'for' attribute to \ 
'label' tags on checkboxes and radio buttons, even if the 'label' wraps the \ 
element - accessibility best practice
    * #314286 backport of some of #229129 by assimonds: disbaled checkboxes did \ 
not receive their values properly from the default value set
    * #243524 by christefano, chx: our phpinfo page was very limited; give all \ 
info possible instead
    * #203323 by JirkaRybka, robertgarrigos, lilou, thePanz, c960657, sun: move \ 
the LANGUAGE_* constants to bootstrap.inc and remove several defined() checks on \ 
them now that they are always defined
    * #276174 by nbz, John Morahan, slightly modified: do not escape username \ 
more then once at multiple places in blog.module
    * #310768 by bob_hirnlego, cdale: missing primary table and field \ 
specification in db_rewrite_sql() when called from taxonomy_overview_terms()
    * #363262 by catch, chx: in Drupal 6, the url_alias table introduced a \ 
language column, but did not extend its index to that; though queries are formed \ 
on src and language
    * #326210 by AlexisWilke, grendzy, jhedstrom: Take the menu item in its \ 
first submission and menu_nodeapi() by reference, so that any modifications of \ 
the item in the saving process will carry over to other submit handlers; making \ 
itpossible to write modules extending menu item manipulation
    * - Patch #383318 by mr.baileys: incorrect memory shortage warning when \ 
memory limit is unlimited.
    * #337162 by midkemia and ainigma32: keep the Drupal 5 menu items \ 
descriptions when upgrading to Drupal 6
    * - Patch #381438 by drumm: do not use page cache for drupal.sh requests.
    * #109588 by fago, cdale: use the existing user account objects instead of \ 
arg() checks, as well as fix use of where it should be
    * #296082 by jandd, stefanor, nigel: avoid table aliasing in UPDATE query in \ 
system_update_6001() since PostreSQL does not support that
    * #376408 by ajevans85, pwolanin: Prevent an empty anchor tag and \ 
parenthesis appearing in the output for the search index in search_nodeapi()
    * #383724 by Heine, bjaspan: SA-CORE-2009-003