Log message:
yara py-yara: updated to 4.2.3

YARA v4.2.3
BUGFIX: Fix security issue that can lead to arbitrary code execution.
BUGFIX: Fix incorrect logic in expressions like <quantifier> of \ 
<string_set> in (start..end

Log message:
*: bump PKGREVISION for egg.mk users

They now have a tool dependency on py-setuptools instead of a DEPENDS

Log message:
security: Replace RMD160 checksums with BLAKE2s checksums

All checksums have been double-checked against existing RMD160 and
SHA512 hashes

Unfetchable distfiles (fetched conditionally?):
./security/cyrus-sasl/distinfo \ 
cyrus-sasl-dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d.patch.v2

Log message:
security: Remove SHA1 hashes for distfiles

Log message:
{,py-}yara: update to version 4.1.0

Since version 3.11.0:

YARA v4.1.0

 * New operators icontains, endswith, iendswith, startswith, istartswith.
 * Accept \t escape sequence in text strings.
 * Add --no-follow-links command-line option to yara.
 * Prevent yara from following links to "." (@1D2D).
 * Implemented non-blocking scanning API (@simonhf).
 * When a string causes too many matches, YARA raises a warning instead of \ 
failing (@wxsBSD).
 * BUGFIX: The use of --timeout could hang yara when scanning directories or \ 
lists of files (#1481).
 * BUGFIX: Incorrect parsing of PE certificates (#1443).
 * BUGFIX: Short-circuit evaluation not working fine with undefined expressions.

YARA v4.1.0-rc2

 * Don't raise warnings for non-ASCII strings.

YARA v4.1.0-rc1

 * New operators icontains, endswith, iendswith, startswith, istartswith.
 * Raise warnings for non-ascii strings.
 * Accept \t escape sequence in text strings.
 * Add --no-follow-links command-line option to yara.
 * Prevent yara from following links to "." (@1D2D).
 * Implemented non-blocking scanning API (@simonhf).
 * When a string causes too many matches, YARA raises a warning instead of failing.

YARA v4.0.5

 * BUGFIX: Fix bug in "macho" module introduced in v4.0.4.

YARA v4.0.4

 * BUGFIX: Multiple out-of-bounds reads in "macho" module.

Credits to Luis Merino from X41 D-SEC GmbH for reporting these issues.

YARA v4.0.3

 * BUGFIX: Multiple out-of-bounds read in "dotnet" module.

YARA v4.0.2

 * BUGFIX: Use-after-free bug in PE module (#1287).
 * BUGFIX: Incorrect errors in rules when a single rule is badly formatted (#1294).
 * BUGFIX: Assertion failed with rules that have invalid syntax (#1295).
 * BUGFIX: Integer overflow causing missed matches on files larger than 2GB (#1304).
 * BUGFIX: Crashes in Mac OS while scanning binaries with a signature that can't \ 
be verified (#1309).

YARA v4.0.1

 * Update sandboxed API (#1276).
 * BUGFIX: Fix regression in exports parsing in PE module (2bf67e6).
 * BUGFIX: Fix unaligned accesses in ARM (e1654ae).

YARA v4.0.0

 * New string modifiers base64 and base64wide (#1185).
 * New string modifier private (#1096).
 * Iterators for dictionaries and arrays (#1141).
 * Multiple API changes.
 * Memory footprint greatly reduced, specially when compiling large numbers of rules.
 * New commmand-line option --scan-list (#1261).
 * Added pdb_path field to "pe" module.
 * Added export_details array to "pe" module.
 * Added exports_index functions to "pe" module.
 * Improvements to "cuckoo" module.
 * BUGFIX: PE files with multiple signatures are parsed correctly (#940).
 * BUGFIX: Fix PE rich header parsing (#1164).
 * BUGFIX: Buffer overruns in "dotnet" module (#1167, #1173).

Log message:
security/py-yara: Update to 3.11.0

Coordinated with leot@ and he@ while investigating CVE-2019-19648.

Log message:
security: align variable assignments

pkglint -Wall -F --only aligned --only indent -r

No manual corrections.

Log message:
Changed PYTHON_VERSIONS_INCOMPATIBLE to PYTHON_VERSIONS_ACCEPTED; needed for \ 
future Python 3.8