Update for 2018.02-rc2

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

.gitlab-ci.yml

@@ -4,7 +4,7 @@
 # It needs to be regenerated every time a defconfig is added, using
 # "make .gitlab-ci.yml".
 
-image: buildroot/base
+image: buildroot/base:20180205.0730
 
 .defconfig_script: &defconfig_script
     - echo 'Configure Buildroot'
@@ -282,6 +282,8 @@ tests.package.test_ipython.TestIPythonPy2: *runtime_test
 tests.package.test_ipython.TestIPythonPy3: *runtime_test
 tests.package.test_python.TestPython2: *runtime_test
 tests.package.test_python.TestPython3: *runtime_test
+tests.package.test_rust.TestRust: *runtime_test
+tests.package.test_rust.TestRustBin: *runtime_test
 tests.toolchain.test_external.TestExternalToolchainBuildrootMusl: *runtime_test
 tests.toolchain.test_external.TestExternalToolchainBuildrootuClibc: *runtime_test
 tests.toolchain.test_external.TestExternalToolchainCCache: *runtime_test

.gitlab-ci.yml.in

@@ -4,7 +4,7 @@
 # It needs to be regenerated every time a defconfig is added, using
 # "make .gitlab-ci.yml".
 
-image: buildroot/base
+image: buildroot/base:20180205.0730
 
 .defconfig_script: &defconfig_script
     - echo 'Configure Buildroot'

CHANGES

@@ -1,4 +1,26 @@
-2018.02-rc1, To be released
+2018.02-rc2, Released February 15th, 2018
+
+	Fixes all over the tree.
+
+	Dependencies: Ensure C++ support is available like for C
+	support for packages needing 32bit host support.
+
+	utils/genrandconfig: Check host dependencies for config.
+
+	Updated/fixed packages: busybox, dnsmasq, dropbear, ffmpeg,
+	glibc, keepalived, libcpprestsdk, libgpiod, libmaxminddb,
+	librsvg, libtasn1, libv4l, libxml2, lightning, ltp-testsuite,
+	mesa3d, mesa3d-demos, mesa3d-headers, nftables, open-lldp,
+	php, postgresql, python-crossbar, qt5, qt53d, qt5enginio,
+	qt5tools, qt5webengine, qt5webkit, rsync, rust-bin, rustc,
+	systemd
+
+	Issues resolved (http://bugs.uclibc.org):
+
+	#9781: ti-sgx-km build on kernel >4.1
+	#10141: Squashfs extended attribute failures
+
+2018.02-rc1, Released February 5th, 2018
 
 	The global source-check and per-package <pkg>-source-check
 	targets have been removed.

DEVELOPERS

@@ -91,7 +91,7 @@ F:	package/hostapd/
 N:	Alexander Varnin <fenixk19@mail.ru>
 F:	package/liblog4c-localtime/
 
-N:	Alexandre Belloni <alexandre.belloni@free-electrons.com>
+N:	Alexandre Belloni <alexandre.belloni@bootlin.com>
 F:	package/tz/
 
 N:	Alexandre Esse <alexandre.esse.dev@gmail.com>
@@ -150,7 +150,7 @@ F:	package/lsscsi/
 N:	Anthony Viallard <viallard@syscom-instruments.com>
 F:	package/gnuplot/
 
-N:	Antoine Ténart <antoine.tenart@free-electrons.com>
+N:	Antoine Ténart <antoine.tenart@bootlin.com>
 F:	package/wf111/
 
 N:	ARC Maintainers <arc-buildroot@synopsys.com>
@@ -1251,7 +1251,7 @@ F:	package/systemd-bootchart/
 F:	package/tinyalsa/
 F:	package/tinyxml/
 
-N:	Maxime Ripard <maxime.ripard@free-electrons.com>
+N:	Maxime Ripard <maxime.ripard@bootlin.com>
 F:	package/kmsxx/
 
 N:	Michael Rommel <rommel@layer-7.net>
@@ -1280,7 +1280,7 @@ N:	Mike Harmony <mike.harmony@snapav.com>
 F:	board/sinovoip/m2-plus/
 F:	configs/bananapi_m2_plus_defconfig
 
-N:	Mylène Josserand <mylene.josserand@free-electrons.com>
+N:	Mylène Josserand <mylene.josserand@bootlin.com>
 F:	package/rtl8723bu/
 
 N:	Nathan Lynch <ntl@pobox.com>
@@ -1515,9 +1515,6 @@ F:	package/terminology/
 F:	package/upower/
 F:	package/xenomai/
 
-N:	Romain Perier <romain.perier@free-electrons.com>
-F:	package/amd-catalyst/
-
 N:	Ryan Barnett <ryan.barnett@rockwellcollins.com>
 F:	package/atftp/
 F:	package/miraclecast/
@@ -1738,7 +1735,7 @@ F:	support/scripts/size-stats
 F:	utils/size-stats-compare
 F:	toolchain/
 
-N:	Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
+N:	Thomas Petazzoni <thomas.petazzoni@bootlin.com>
 F:	arch/Config.in.arm
 F:	boot/boot-wrapper-aarch64/
 F:	boot/grub2/

Makefile

@@ -87,9 +87,9 @@ all:
 .PHONY: all
 
 # Set and export the version string
-export BR2_VERSION := 2018.02-rc1
+export BR2_VERSION := 2018.02-rc2
 # Actual time the release is cut (for reproducible builds)
-BR2_VERSION_EPOCH = 1517840000
+BR2_VERSION_EPOCH = 1518732000
 
 # Save running make version since it's clobbered by the make package
 RUNNING_MAKE_VERSION := $(MAKE_VERSION)

configs/bananapi_m1_defconfig

@@ -12,6 +12,7 @@ BR2_TARGET_UBOOT_CUSTOM_VERSION=y
 BR2_TARGET_UBOOT_CUSTOM_VERSION_VALUE="2017.09"
 BR2_TARGET_UBOOT_BOARD_DEFCONFIG="Bananapi"
 BR2_TARGET_UBOOT_NEEDS_DTC=y
+BR2_TARGET_UBOOT_NEEDS_PYLIBFDT=y
 BR2_TARGET_UBOOT_FORMAT_BIN=y
 BR2_TARGET_UBOOT_SPL=y
 BR2_TARGET_UBOOT_SPL_NAME="u-boot-sunxi-with-spl.bin"

configs/bananapi_m2_plus_defconfig

@@ -19,6 +19,7 @@ BR2_TARGET_UBOOT_CUSTOM_VERSION=y
 BR2_TARGET_UBOOT_CUSTOM_VERSION_VALUE="2017.07"
 BR2_TARGET_UBOOT_BOARD_DEFCONFIG="Sinovoip_BPI_M2_Plus"
 BR2_TARGET_UBOOT_NEEDS_DTC=y
+BR2_TARGET_UBOOT_NEEDS_PYLIBFDT=y
 BR2_TARGET_UBOOT_FORMAT_CUSTOM=y
 BR2_TARGET_UBOOT_FORMAT_CUSTOM_NAME="u-boot-sunxi-with-spl.bin"
 BR2_TARGET_UBOOT_BOOT_SCRIPT=y

configs/linksprite_pcduino_defconfig

@@ -41,6 +41,7 @@ BR2_TARGET_UBOOT_CUSTOM_VERSION_VALUE="2017.09"
 BR2_TARGET_UBOOT_USE_DEFCONFIG=y
 BR2_TARGET_UBOOT_BOARD_DEFCONFIG="Linksprite_pcDuino"
 BR2_TARGET_UBOOT_NEEDS_DTC=y
+BR2_TARGET_UBOOT_NEEDS_PYLIBFDT=y
 BR2_TARGET_UBOOT_FORMAT_BIN=y
 BR2_TARGET_UBOOT_SPL=y
 BR2_TARGET_UBOOT_SPL_NAME="u-boot-sunxi-with-spl.bin"

configs/orangepi_lite_defconfig

@@ -24,6 +24,7 @@ BR2_TARGET_UBOOT_CUSTOM_VERSION=y
 BR2_TARGET_UBOOT_CUSTOM_VERSION_VALUE="2017.11"
 BR2_TARGET_UBOOT_BOARD_DEFCONFIG="orangepi_lite"
 BR2_TARGET_UBOOT_NEEDS_DTC=y
+BR2_TARGET_UBOOT_NEEDS_PYLIBFDT=y
 BR2_TARGET_UBOOT_FORMAT_CUSTOM=y
 BR2_TARGET_UBOOT_FORMAT_CUSTOM_NAME="u-boot-sunxi-with-spl.bin"
 BR2_TARGET_UBOOT_BOOT_SCRIPT=y

configs/orangepi_one_defconfig

@@ -20,6 +20,7 @@ BR2_TARGET_UBOOT_CUSTOM_VERSION=y
 BR2_TARGET_UBOOT_CUSTOM_VERSION_VALUE="2018.01"
 BR2_TARGET_UBOOT_BOARD_DEFCONFIG="orangepi_one"
 BR2_TARGET_UBOOT_NEEDS_DTC=y
+BR2_TARGET_UBOOT_NEEDS_PYLIBFDT=y
 BR2_TARGET_UBOOT_FORMAT_CUSTOM=y
 BR2_TARGET_UBOOT_FORMAT_CUSTOM_NAME="u-boot-sunxi-with-spl.bin"
 BR2_TARGET_UBOOT_BOOT_SCRIPT=y

configs/orangepi_pc_defconfig

@@ -20,6 +20,7 @@ BR2_TARGET_UBOOT_CUSTOM_VERSION=y
 BR2_TARGET_UBOOT_CUSTOM_VERSION_VALUE="2018.01"
 BR2_TARGET_UBOOT_BOARD_DEFCONFIG="orangepi_pc"
 BR2_TARGET_UBOOT_NEEDS_DTC=y
+BR2_TARGET_UBOOT_NEEDS_PYLIBFDT=y
 BR2_TARGET_UBOOT_FORMAT_CUSTOM=y
 BR2_TARGET_UBOOT_FORMAT_CUSTOM_NAME="u-boot-sunxi-with-spl.bin"
 BR2_TARGET_UBOOT_BOOT_SCRIPT=y

configs/orangepi_pc_plus_defconfig

@@ -22,6 +22,7 @@ BR2_TARGET_UBOOT_CUSTOM_VERSION=y
 BR2_TARGET_UBOOT_CUSTOM_VERSION_VALUE="2018.01"
 BR2_TARGET_UBOOT_BOARD_DEFCONFIG="orangepi_pc_plus"
 BR2_TARGET_UBOOT_NEEDS_DTC=y
+BR2_TARGET_UBOOT_NEEDS_PYLIBFDT=y
 BR2_TARGET_UBOOT_FORMAT_CUSTOM=y
 BR2_TARGET_UBOOT_FORMAT_CUSTOM_NAME="u-boot-sunxi-with-spl.bin"
 BR2_TARGET_UBOOT_BOOT_SCRIPT=y

configs/orangepi_zero_defconfig

@@ -23,6 +23,7 @@ BR2_TARGET_UBOOT_CUSTOM_VERSION=y
 BR2_TARGET_UBOOT_CUSTOM_VERSION_VALUE="2018.01"
 BR2_TARGET_UBOOT_BOARD_DEFCONFIG="orangepi_zero"
 BR2_TARGET_UBOOT_NEEDS_DTC=y
+BR2_TARGET_UBOOT_NEEDS_PYLIBFDT=y
 BR2_TARGET_UBOOT_FORMAT_CUSTOM=y
 BR2_TARGET_UBOOT_FORMAT_CUSTOM_NAME="u-boot-sunxi-with-spl.bin"
 BR2_TARGET_UBOOT_BOOT_SCRIPT=y

docs/manual/adding-packages-cargo.txt

@@ -49,11 +49,11 @@ package. Let's start with an example:
 15: FOO_CARGO_ENV = CARGO_HOME=$(HOST_DIR)/share/cargo
 16: FOO_CARGO_MODE = $(if $(BR2_ENABLE_DEBUG),debug,release)
 17:
-18: FOO_BIN_DIR = target/$(RUST_TARGET_NAME)/$(FOO_CARGO_MODE)
+18: FOO_BIN_DIR = target/$(RUSTC_TARGET_NAME)/$(FOO_CARGO_MODE)
 19:
 20: FOO_CARGO_OPTS = \
 21:   --$(FOO_CARGO_MODE) \
-22: 	--target=$(RUST_TARGET_NAME) \
+22: 	--target=$(RUSTC_TARGET_NAME) \
 23: 	--manifest-path=$(@D)/Cargo.toml
 24:
 25: define FOO_BUILD_CMDS

docs/website/docs.html

@@ -78,8 +78,8 @@
   <div class="panel panel-primary">
     <div class="panel-heading">Training</div>
     <div class="panel-body">
-      <p><a href="http://www.free-electrons.com">Free Electrons</a> offers a
-	complete <a href="http://free-electrons.com/training/buildroot/">3-days
+      <p><a href="http://www.bootlin.com">Bootlin</a> (formerly Free Electrons)
+	offers a complete <a href="http://bootlin.com/training/buildroot/">3-days
 	  training course on Buildroot</a>. They also make the training
 	materials freely available:</p>
 
@@ -89,7 +89,7 @@
 	    <div class="panel-heading">Slides preview</div>
 	    <div class="panel-body">
 	      <div id="slides" style="width: 100%; padding-bottom: 75%; position: relative">
-		<a href="http://free-electrons.com/doc/training/buildroot/buildroot-slides.pdf"><img src="images/buildroot-slides.png" alt="buildroot slides" style="position:absolute; width:100%; height:100%; top:0; left:0;"></a>
+		<a href="http://bootlin.com/doc/training/buildroot/buildroot-slides.pdf"><img src="images/buildroot-slides.png" alt="buildroot slides" style="position:absolute; width:100%; height:100%; top:0; left:0;"></a>
 	      </div>
 	    </div>
 	  </div>
@@ -100,9 +100,9 @@
 	    <div class="panel-heading">Training materials</div>
 	    <div class="panel-body">
 	      <ul>
-		<li><a href="http://free-electrons.com/doc/training/buildroot/buildroot-slides.pdf">slides (PDF)</a></li>
-		<li><a href="http://free-electrons.com/doc/training/buildroot/buildroot-labs.pdf">practical labs (PDF)</a></li>
-		<li><a href="http://free-electrons.com/doc/training/buildroot/buildroot-labs.tar.xz">practical labs data (.tar.xz)</a></li>
+		<li><a href="http://bootlin.com/doc/training/buildroot/buildroot-slides.pdf">slides (PDF)</a></li>
+		<li><a href="http://bootlin.com/doc/training/buildroot/buildroot-labs.pdf">practical labs (PDF)</a></li>
+		<li><a href="http://bootlin.com/doc/training/buildroot/buildroot-labs.tar.xz">practical labs data (.tar.xz)</a></li>
 	      </ul>
 	    </div>
 	  </div>

docs/website/download.html

@@ -76,37 +76,37 @@
 	</div>
       </div>
 
-      <h3 style="text-align: center;">Latest release candidate: <b>2018.02-rc1</b></h3>
+      <h3 style="text-align: center;">Latest release candidate: <b>2018.02-rc2</b></h3>
       <div class="row mt centered">
 	<div class="col-sm-6">
 	  <div class="flip-container center-block" ontouchstart="this.classList.toggle('hover');">
 	    <div class="flipper">
 	      <div class="front">
-		<a href="/downloads/buildroot-2018.02-rc1.tar.gz"><img src="images/zip.png" width="180" alt=""></a>
+		<a href="/downloads/buildroot-2018.02-rc2.tar.gz"><img src="images/zip.png" width="180" alt=""></a>
 	      </div>
 	      <div class="back">
-		<a href="/downloads/buildroot-2018.02-rc1.tar.gz"><img src="images/zip.png" width="180" alt=""></a>
+		<a href="/downloads/buildroot-2018.02-rc2.tar.gz"><img src="images/zip.png" width="180" alt=""></a>
 	      </div>
 	    </div>
 	  </div>
 
-	  <h3><a href="/downloads/buildroot-2018.02-rc1.tar.gz">buildroot-2018.02-rc1.tar.gz</a></h3>
-	  <p><a href="/downloads/buildroot-2018.02-rc1.tar.gz.sign">PGP signature</a></p>
+	  <h3><a href="/downloads/buildroot-2018.02-rc2.tar.gz">buildroot-2018.02-rc2.tar.gz</a></h3>
+	  <p><a href="/downloads/buildroot-2018.02-rc2.tar.gz.sign">PGP signature</a></p>
 	</div>
 	<div class="col-sm-6">
 	  <div class="flip-container center-block" ontouchstart="this.classList.toggle('hover');">
 	    <div class="flipper">
 	      <div class="front">
-		<a href="/downloads/buildroot-2018.02-rc1.tar.bz2"><img src="images/package.png" width="180" alt=""></a>
+		<a href="/downloads/buildroot-2018.02-rc2.tar.bz2"><img src="images/package.png" width="180" alt=""></a>
 	      </div>
 	      <div class="back">
-		<a href="/downloads/buildroot-2018.02-rc1.tar.bz2"><img src="images/package.png" width="180" alt=""></a>
+		<a href="/downloads/buildroot-2018.02-rc2.tar.bz2"><img src="images/package.png" width="180" alt=""></a>
 	      </div>
 	    </div>
 	  </div>
 
-	  <h3><a href="/downloads/buildroot-2018.02-rc1.tar.bz2">buildroot-2018.02-rc1.tar.bz2</a></h3>
-	  <p><a href="/downloads/buildroot-2018.02-rc1.tar.bz2.sign">PGP signature</a></p>
+	  <h3><a href="/downloads/buildroot-2018.02-rc2.tar.bz2">buildroot-2018.02-rc2.tar.bz2</a></h3>
+	  <p><a href="/downloads/buildroot-2018.02-rc2.tar.bz2.sign">PGP signature</a></p>
 	</div>
       </div>
 

docs/website/js/buildroot.js

@@ -90,5 +90,5 @@ jQuery(document).ready(function($) {
     load_activity("http://buildroot-busybox.2317881.n4.nabble.com/Buildroot-busybox-ft2.xml", "mailing-list-activity");
     load_activity("http://git.buildroot.org/buildroot/atom/?h=master", "commit-activity");
 
-    $('#slides').html('<iframe src="https://docs.google.com/gview?url=http://free-electrons.com/doc/training/buildroot/buildroot-slides.pdf&embedded=true" style="position:absolute; width:100%; height:100%; top:0; left:0;" frameborder="0"></iframe>')
+    $('#slides').html('<iframe src="https://docs.google.com/gview?url=http://bootlin.com/doc/training/buildroot/buildroot-slides.pdf&embedded=true" style="position:absolute; width:100%; height:100%; top:0; left:0;" frameborder="0"></iframe>')
 });

docs/website/news.html

@@ -9,6 +9,52 @@
 <h2>News</h2>
 <ul class="timeline">
 
+  <li>
+    <div class="timeline-badge"><i class="glyphicon glyphicon-thumbs-up"></i></div>
+    <div class="timeline-panel">
+      <div class="timeline-heading">
+	<h4 class="timeline-title">2018.02-rc2 released</h4>
+	<p><small class="text-muted"><i class="glyphicon glyphicon-time"></i>15 February 2018</small></p>
+      </div>
+      <div class="timeline-body">
+        <p>Another week, another release candidate with more cleanups
+          and build fixes. See the
+	  <a href="http://git.buildroot.net/buildroot/plain/CHANGES?id=2018.02-rc2">CHANGES</a>
+	  file for details.</p>
+
+	<p>Head to the <a href="/downloads/">downloads page</a> to pick up the
+	  <a href="/downloads/buildroot-2018.02-rc2.tar.bz2">2018.02-rc2
+	  release candidate</a>, and report any problems found to the
+	  <a href="support.html">mailing list</a> or
+	  <a href="https://bugs.buildroot.org">bug tracker</a>.</p>
+      </div>
+    </div>
+  </li>
+
+  <li class="timeline-inverted">
+    <div class="timeline-badge"><i class="glyphicon glyphicon-thumbs-up"></i></div>
+    <div class="timeline-panel">
+      <div class="timeline-heading">
+	<h4 class="timeline-title">2018.02-rc1 released</h4>
+	<p><small class="text-muted"><i class="glyphicon glyphicon-time"></i>5 February 2018</small></p>
+      </div>
+      <div class="timeline-body">
+	<p>We have a new release candidate! Lots of changes all over the
+	  tree, see the
+	  <a href="http://git.buildroot.net/buildroot/plain/CHANGES?id=2018.02-rc1">CHANGES</a>
+	  file for details and read the
+	  <a href="http://lists.busybox.net/pipermail/buildroot/2018-February/213171.html">announcement</a>.
+	</p>
+
+	<p>Head to the <a href="/downloads/">downloads page</a> to pick up the
+	  <a href="/downloads/buildroot-2018.02-rc1.tar.bz2">2018.02-rc1
+	    release candidate</a>, and report any problems found to the
+	  <a href="support.html">mailing list</a> or
+	  <a href="https://bugs.buildroot.org">bug tracker</a>.</p>
+      </div>
+    </div>
+  </li>
+
   <li>
     <div class="timeline-badge"><i class="glyphicon glyphicon-thumbs-up"></i></div>
     <div class="timeline-panel">

linux/Config.in

@@ -116,7 +116,7 @@ endif
 
 config BR2_LINUX_KERNEL_VERSION
 	string
-	default "4.15.1" if BR2_LINUX_KERNEL_LATEST_VERSION
+	default "4.15.3" if BR2_LINUX_KERNEL_LATEST_VERSION
 	default "v4.4.112-cip18" if BR2_LINUX_KERNEL_LATEST_CIP_VERSION
 	default BR2_LINUX_KERNEL_CUSTOM_VERSION_VALUE \
 		if BR2_LINUX_KERNEL_CUSTOM_VERSION

package/busybox/0006-bunzip2-fix-runCnt-overflow-from-bug-10431.patch

@@ -0,0 +1,101 @@
+From 0402cb32df015d9372578e3db27db47b33d5c7b0 Mon Sep 17 00:00:00 2001
+From: Denys Vlasenko <vda.linux@googlemail.com>
+Date: Sun, 22 Oct 2017 18:23:23 +0200
+Subject: [PATCH] bunzip2: fix runCnt overflow from bug 10431
+
+This particular corrupted file can be dealth with by using "unsigned".
+If there will be cases where it genuinely overflows, there is a disabled
+code to deal with that too.
+
+function                                             old     new   delta
+get_next_block                                      1678    1667     -11
+
+Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
+Signed-off-by: Baruch Siach <baruch@tkos.co.il>
+---
+Patch status: upstream commit 0402cb32df0
+
+ archival/libarchive/decompress_bunzip2.c | 30 +++++++++++++++++++-----------
+ 1 file changed, 19 insertions(+), 11 deletions(-)
+
+diff --git a/archival/libarchive/decompress_bunzip2.c b/archival/libarchive/decompress_bunzip2.c
+index 7cd18f5ed4cf..bec89edd3a4d 100644
+--- a/archival/libarchive/decompress_bunzip2.c
++++ b/archival/libarchive/decompress_bunzip2.c
+@@ -156,15 +156,15 @@ static unsigned get_bits(bunzip_data *bd, int bits_wanted)
+ static int get_next_block(bunzip_data *bd)
+ {
+ 	struct group_data *hufGroup;
+-	int dbufCount, dbufSize, groupCount, *base, *limit, selector,
+-		i, j, runPos, symCount, symTotal, nSelectors, byteCount[256];
+-	int runCnt = runCnt; /* for compiler */
++	int groupCount, *base, *limit, selector,
++		i, j, symCount, symTotal, nSelectors, byteCount[256];
+ 	uint8_t uc, symToByte[256], mtfSymbol[256], *selectors;
+ 	uint32_t *dbuf;
+ 	unsigned origPtr, t;
++	unsigned dbufCount, runPos;
++	unsigned runCnt = runCnt; /* for compiler */
+ 
+ 	dbuf = bd->dbuf;
+-	dbufSize = bd->dbufSize;
+ 	selectors = bd->selectors;
+ 
+ /* In bbox, we are ok with aborting through setjmp which is set up in start_bunzip */
+@@ -187,7 +187,7 @@ static int get_next_block(bunzip_data *bd)
+ 	   it didn't actually work. */
+ 	if (get_bits(bd, 1)) return RETVAL_OBSOLETE_INPUT;
+ 	origPtr = get_bits(bd, 24);
+-	if ((int)origPtr > dbufSize) return RETVAL_DATA_ERROR;
++	if (origPtr > bd->dbufSize) return RETVAL_DATA_ERROR;
+ 
+ 	/* mapping table: if some byte values are never used (encoding things
+ 	   like ascii text), the compression code removes the gaps to have fewer
+@@ -435,7 +435,14 @@ static int get_next_block(bunzip_data *bd)
+ 			   symbols, but a run of length 0 doesn't mean anything in this
+ 			   context).  Thus space is saved. */
+ 			runCnt += (runPos << nextSym); /* +runPos if RUNA; +2*runPos if RUNB */
+-			if (runPos < dbufSize) runPos <<= 1;
++//The 32-bit overflow of runCnt wasn't yet seen, but probably can happen.
++//This would be the fix (catches too large count way before it can overflow):
++//			if (runCnt > bd->dbufSize) {
++//				dbg("runCnt:%u > dbufSize:%u RETVAL_DATA_ERROR",
++//						runCnt, bd->dbufSize);
++//				return RETVAL_DATA_ERROR;
++//			}
++			if (runPos < bd->dbufSize) runPos <<= 1;
+ 			goto end_of_huffman_loop;
+ 		}
+ 
+@@ -445,14 +452,15 @@ static int get_next_block(bunzip_data *bd)
+ 		   literal used is the one at the head of the mtfSymbol array.) */
+ 		if (runPos != 0) {
+ 			uint8_t tmp_byte;
+-			if (dbufCount + runCnt > dbufSize) {
+-				dbg("dbufCount:%d+runCnt:%d %d > dbufSize:%d RETVAL_DATA_ERROR",
+-						dbufCount, runCnt, dbufCount + runCnt, dbufSize);
++			if (dbufCount + runCnt > bd->dbufSize) {
++				dbg("dbufCount:%u+runCnt:%u %u > dbufSize:%u RETVAL_DATA_ERROR",
++						dbufCount, runCnt, dbufCount + runCnt, bd->dbufSize);
+ 				return RETVAL_DATA_ERROR;
+ 			}
+ 			tmp_byte = symToByte[mtfSymbol[0]];
+ 			byteCount[tmp_byte] += runCnt;
+-			while (--runCnt >= 0) dbuf[dbufCount++] = (uint32_t)tmp_byte;
++			while ((int)--runCnt >= 0)
++				dbuf[dbufCount++] = (uint32_t)tmp_byte;
+ 			runPos = 0;
+ 		}
+ 
+@@ -466,7 +474,7 @@ static int get_next_block(bunzip_data *bd)
+ 		   first symbol in the mtf array, position 0, would have been handled
+ 		   as part of a run above.  Therefore 1 unused mtf position minus
+ 		   2 non-literal nextSym values equals -1.) */
+-		if (dbufCount >= dbufSize) return RETVAL_DATA_ERROR;
++		if (dbufCount >= bd->dbufSize) return RETVAL_DATA_ERROR;
+ 		i = nextSym - 1;
+ 		uc = mtfSymbol[i];
+ 
+-- 
+2.15.1
+

package/busybox/0007-unlzma-fix-SEGV-closes-10436.patch

@@ -0,0 +1,34 @@
+From 9ac42c500586fa5f10a1f6d22c3f797df11b1f6b Mon Sep 17 00:00:00 2001
+From: Denys Vlasenko <vda.linux@googlemail.com>
+Date: Fri, 27 Oct 2017 15:37:03 +0200
+Subject: [PATCH] unlzma: fix SEGV, closes 10436
+
+Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
+Signed-off-by: Baruch Siach <baruch@tkos.co.il>
+---
+Patch status: upstream commit 9ac42c500586f
+
+ archival/libarchive/decompress_unlzma.c | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/archival/libarchive/decompress_unlzma.c b/archival/libarchive/decompress_unlzma.c
+index a9040877efa0..be4342414435 100644
+--- a/archival/libarchive/decompress_unlzma.c
++++ b/archival/libarchive/decompress_unlzma.c
+@@ -450,8 +450,12 @@ unpack_lzma_stream(transformer_state_t *xstate)
+  IF_NOT_FEATURE_LZMA_FAST(string:)
+ 			do {
+ 				uint32_t pos = buffer_pos - rep0;
+-				if ((int32_t)pos < 0)
++				if ((int32_t)pos < 0) {
+ 					pos += header.dict_size;
++					/* bug 10436 has an example file where this triggers: */
++					if ((int32_t)pos < 0)
++						goto bad;
++				}
+ 				previous_byte = buffer[pos];
+  IF_NOT_FEATURE_LZMA_FAST(one_byte2:)
+ 				buffer[buffer_pos++] = previous_byte;
+-- 
+2.15.1
+

package/cargo-bin/cargo-bin.mk

@@ -6,7 +6,7 @@
 
 CARGO_BIN_VERSION = 0.24.0
 CARGO_BIN_SITE = https://static.rust-lang.org/dist
-CARGO_BIN_SOURCE = cargo-$(CARGO_BIN_VERSION)-$(RUST_HOST_NAME).tar.xz
+CARGO_BIN_SOURCE = cargo-$(CARGO_BIN_VERSION)-$(RUSTC_HOST_NAME).tar.xz
 CARGO_BIN_LICENSE = Apache-2.0 or MIT
 CARGO_BIN_LICENSE_FILES = LICENSE-APACHE LICENSE-MIT
 

package/cargo/cargo.mk

@@ -82,7 +82,7 @@ define HOST_CARGO_INSTALL_CMDS
 	$(INSTALL) -D -m 0755 $(@D)/target/release/cargo $(HOST_DIR)/bin/cargo
 	$(INSTALL) -D package/cargo/config.in \
 		$(HOST_DIR)/share/cargo/config
-	$(SED) 's/@RUST_TARGET_NAME@/$(RUST_TARGET_NAME)/' \
+	$(SED) 's/@RUSTC_TARGET_NAME@/$(RUSTC_TARGET_NAME)/' \
 		$(HOST_DIR)/share/cargo/config
 	$(SED) 's/@CROSS_PREFIX@/$(notdir $(TARGET_CROSS))/' \
 		$(HOST_DIR)/share/cargo/config

package/cargo/config.in

@@ -1,2 +1,2 @@
-[target.@RUST_TARGET_NAME@]
+[target.@RUSTC_TARGET_NAME@]
 linker = "@CROSS_PREFIX@gcc"

package/dnsmasq/0001-DNSSEC-fix-for-wildcard-NSEC-records.-CVE-2017-15107.patch

@@ -0,0 +1,212 @@
+From 4fe6744a220eddd3f1749b40cac3dfc510787de6 Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Fri, 19 Jan 2018 12:26:08 +0000
+Subject: [PATCH] DNSSEC fix for wildcard NSEC records. CVE-2017-15107 applies.
+
+It's OK for NSEC records to be expanded from wildcards,
+but in that case, the proof of non-existence is only valid
+starting at the wildcard name, *.<domain> NOT the name expanded
+from the wildcard. Without this check it's possible for an
+attacker to craft an NSEC which wrongly proves non-existence
+in a domain which includes a wildcard for NSEC.
+
+[baruch: drop the CHANGELOG hunk]
+Signed-off-by: Baruch Siach <baruch@tkos.co.il>
+---
+Upstream status: upstream commit 4fe6744a220e
+
+ CHANGELOG    |  12 +++++-
+ src/dnssec.c | 117 ++++++++++++++++++++++++++++++++++++++++++++++++++++-------
+ 2 files changed, 114 insertions(+), 15 deletions(-)
+
+diff --git a/src/dnssec.c b/src/dnssec.c
+index eb6c11cbe00f..a54a0b4f14cf 100644
+--- a/src/dnssec.c
++++ b/src/dnssec.c
+@@ -103,15 +103,17 @@ static void from_wire(char *name)
+ static int count_labels(char *name)
+ {
+   int i;
+-
++  char *p;
++  
+   if (*name == 0)
+     return 0;
+ 
+-  for (i = 0; *name; name++)
+-    if (*name == '.')
++  for (p = name, i = 0; *p; p++)
++    if (*p == '.')
+       i++;
+ 
+-  return i+1;
++  /* Don't count empty first label. */
++  return *name == '.' ? i : i+1;
+ }
+ 
+ /* Implement RFC1982 wrapped compare for 32-bit numbers */
+@@ -1094,8 +1096,8 @@ static int hostname_cmp(const char *a, const char *b)
+     }
+ }
+ 
+-static int prove_non_existence_nsec(struct dns_header *header, size_t plen, unsigned char **nsecs, int nsec_count,
+-				    char *workspace1, char *workspace2, char *name, int type, int *nons)
++static int prove_non_existence_nsec(struct dns_header *header, size_t plen, unsigned char **nsecs, unsigned char **labels, int nsec_count,
++				    char *workspace1_in, char *workspace2, char *name, int type, int *nons)
+ {
+   int i, rc, rdlen;
+   unsigned char *p, *psave;
+@@ -1108,6 +1110,9 @@ static int prove_non_existence_nsec(struct dns_header *header, size_t plen, unsi
+   /* Find NSEC record that proves name doesn't exist */
+   for (i = 0; i < nsec_count; i++)
+     {
++      char *workspace1 = workspace1_in;
++      int sig_labels, name_labels;
++
+       p = nsecs[i];
+       if (!extract_name(header, plen, &p, workspace1, 1, 10))
+ 	return 0;
+@@ -1116,7 +1121,27 @@ static int prove_non_existence_nsec(struct dns_header *header, size_t plen, unsi
+       psave = p;
+       if (!extract_name(header, plen, &p, workspace2, 1, 10))
+ 	return 0;
+-      
++
++      /* If NSEC comes from wildcard expansion, use original wildcard
++	 as name for computation. */
++      sig_labels = *labels[i];
++      name_labels = count_labels(workspace1);
++
++      if (sig_labels < name_labels)
++	{
++	  int k;
++	  for (k = name_labels - sig_labels; k != 0; k--)
++	    {
++	      while (*workspace1 != '.' && *workspace1 != 0)
++		workspace1++;
++	      if (k != 1 && *workspace1 == '.')
++		workspace1++;
++	    }
++	  
++	  workspace1--;
++	  *workspace1 = '*';
++	}
++	  
+       rc = hostname_cmp(workspace1, name);
+       
+       if (rc == 0)
+@@ -1514,24 +1539,26 @@ static int prove_non_existence_nsec3(struct dns_header *header, size_t plen, uns
+ 
+ static int prove_non_existence(struct dns_header *header, size_t plen, char *keyname, char *name, int qtype, int qclass, char *wildname, int *nons)
+ {
+-  static unsigned char **nsecset = NULL;
+-  static int nsecset_sz = 0;
++  static unsigned char **nsecset = NULL, **rrsig_labels = NULL;
++  static int nsecset_sz = 0, rrsig_labels_sz = 0;
+   
+   int type_found = 0;
+-  unsigned char *p = skip_questions(header, plen);
++  unsigned char *auth_start, *p = skip_questions(header, plen);
+   int type, class, rdlen, i, nsecs_found;
+   
+   /* Move to NS section */
+   if (!p || !(p = skip_section(p, ntohs(header->ancount), header, plen)))
+     return 0;
++
++  auth_start = p;
+   
+   for (nsecs_found = 0, i = ntohs(header->nscount); i != 0; i--)
+     {
+       unsigned char *pstart = p;
+       
+-      if (!(p = skip_name(p, header, plen, 10)))
++      if (!extract_name(header, plen, &p, daemon->workspacename, 1, 10))
+ 	return 0;
+-      
++	  
+       GETSHORT(type, p); 
+       GETSHORT(class, p);
+       p += 4; /* TTL */
+@@ -1548,7 +1575,69 @@ static int prove_non_existence(struct dns_header *header, size_t plen, char *key
+ 	  if (!expand_workspace(&nsecset, &nsecset_sz, nsecs_found))
+ 	    return 0; 
+ 	  
+-	  nsecset[nsecs_found++] = pstart;
++	  if (type == T_NSEC)
++	    {
++	      /* If we're looking for NSECs, find the corresponding SIGs, to 
++		 extract the labels value, which we need in case the NSECs
++		 are the result of wildcard expansion.
++		 Note that the NSEC may not have been validated yet
++		 so if there are multiple SIGs, make sure the label value
++		 is the same in all, to avoid be duped by a rogue one.
++		 If there are no SIGs, that's an error */
++	      unsigned char *p1 = auth_start;
++	      int res, j, rdlen1, type1, class1;
++	      
++	      if (!expand_workspace(&rrsig_labels, &rrsig_labels_sz, nsecs_found))
++		return 0;
++	      
++	      rrsig_labels[nsecs_found] = NULL;
++	      
++	      for (j = ntohs(header->nscount); j != 0; j--)
++		{
++		  if (!(res = extract_name(header, plen, &p1, daemon->workspacename, 0, 10)))
++		    return 0;
++
++		   GETSHORT(type1, p1); 
++		   GETSHORT(class1, p1);
++		   p1 += 4; /* TTL */
++		   GETSHORT(rdlen1, p1);
++
++		   if (!CHECK_LEN(header, p1, plen, rdlen1))
++		     return 0;
++		   
++		   if (res == 1 && class1 == qclass && type1 == T_RRSIG)
++		     {
++		       int type_covered;
++		       unsigned char *psav = p1;
++		       
++		       if (rdlen < 18)
++			 return 0; /* bad packet */
++
++		       GETSHORT(type_covered, p1);
++
++		       if (type_covered == T_NSEC)
++			 {
++			   p1++; /* algo */
++			   
++			   /* labels field must be the same in every SIG we find. */
++			   if (!rrsig_labels[nsecs_found])
++			     rrsig_labels[nsecs_found] = p1;
++			   else if (*rrsig_labels[nsecs_found] != *p1) /* algo */
++			     return 0;
++			   }
++		       p1 = psav;
++		     }
++		   
++		   if (!ADD_RDLEN(header, p1, plen, rdlen1))
++		     return 0;
++		}
++
++	      /* Must have found at least one sig. */
++	      if (!rrsig_labels[nsecs_found])
++		return 0;
++	    }
++
++	  nsecset[nsecs_found++] = pstart;   
+ 	}
+       
+       if (!ADD_RDLEN(header, p, plen, rdlen))
+@@ -1556,7 +1645,7 @@ static int prove_non_existence(struct dns_header *header, size_t plen, char *key
+     }
+   
+   if (type_found == T_NSEC)
+-    return prove_non_existence_nsec(header, plen, nsecset, nsecs_found, daemon->workspacename, keyname, name, qtype, nons);
++    return prove_non_existence_nsec(header, plen, nsecset, rrsig_labels, nsecs_found, daemon->workspacename, keyname, name, qtype, nons);
+   else if (type_found == T_NSEC3)
+     return prove_non_existence_nsec3(header, plen, nsecset, nsecs_found, daemon->workspacename, keyname, name, qtype, wildname, nons);
+   else
+-- 
+2.15.1
+

package/dnsmasq/0002-Fix-DNSSEC-validation-errors-introduced-in-4fe6744a2.patch

@@ -0,0 +1,29 @@
+From cd7df612b14ec1bf831a966ccaf076be0dae7404 Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Sat, 20 Jan 2018 00:10:55 +0000
+Subject: [PATCH] Fix DNSSEC validation errors introduced in
+ 4fe6744a220eddd3f1749b40cac3dfc510787de6
+
+Signed-off-by: Baruch Siach <baruch@tkos.co.il>
+---
+Upstream status: upstream commit cd7df612b14ec
+
+ src/dnssec.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/dnssec.c b/src/dnssec.c
+index a54a0b4f14cf..c47e33569f96 100644
+--- a/src/dnssec.c
++++ b/src/dnssec.c
+@@ -1610,7 +1610,7 @@ static int prove_non_existence(struct dns_header *header, size_t plen, char *key
+ 		       int type_covered;
+ 		       unsigned char *psav = p1;
+ 		       
+-		       if (rdlen < 18)
++		       if (rdlen1 < 18)
+ 			 return 0; /* bad packet */
+ 
+ 		       GETSHORT(type_covered, p1);
+-- 
+2.15.1
+

package/dropbear/Config.in

@@ -13,7 +13,7 @@ config BR2_PACKAGE_DROPBEAR
 	  Alternatively, mount a persistent unionfs over your root
 	  filesystem.
 
-	  http://matt.ucc.asn.au/dropbear/dropbear.html
+	  https://matt.ucc.asn.au/dropbear/dropbear.html
 
 if BR2_PACKAGE_DROPBEAR
 

package/dropbear/dropbear.mk

@@ -5,7 +5,7 @@
 ################################################################################
 
 DROPBEAR_VERSION = 2017.75
-DROPBEAR_SITE = http://matt.ucc.asn.au/dropbear/releases
+DROPBEAR_SITE = https://matt.ucc.asn.au/dropbear/releases
 DROPBEAR_SOURCE = dropbear-$(DROPBEAR_VERSION).tar.bz2
 DROPBEAR_LICENSE = MIT, BSD-2-Clause-like, BSD-2-Clause
 DROPBEAR_LICENSE_FILES = LICENSE

package/ffmpeg/ffmpeg.hash

@@ -1,5 +1,5 @@
 # Locally calculated
-sha256 5a77278a63741efa74e26bf197b9bb09ac6381b9757391b922407210f0f991c0  ffmpeg-3.4.1.tar.xz
+sha256 2b92e9578ef8b3e49eeab229e69305f5f4cbc1fdaa22e927fc7fca18acccd740  ffmpeg-3.4.2.tar.xz
 sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643  COPYING.GPLv2
 sha256 b634ab5640e258563c536e658cad87080553df6f34f62269a21d554844e58bfe  COPYING.LGPLv2.1
 sha256 73d99bc83313fff665b426d6672b4e0479102bc402fe22314ac9ce94a38aa5ff  LICENSE.md

package/ffmpeg/ffmpeg.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-FFMPEG_VERSION = 3.4.1
+FFMPEG_VERSION = 3.4.2
 FFMPEG_SOURCE = ffmpeg-$(FFMPEG_VERSION).tar.xz
 FFMPEG_SITE = http://ffmpeg.org/releases
 FFMPEG_INSTALL_STAGING = YES

package/gconf/Config.in

@@ -9,9 +9,9 @@ config BR2_PACKAGE_GCONF
 	select BR2_PACKAGE_LIBGLIB2
 	select BR2_PACKAGE_LIBXML2
 	help
-	  GConf was a system used by the GNOME desktop environment for storing
-	  configuration settings for the desktop and applications. It is similar
-	  to the Windows Registry.
+	  GConf was a system used by the GNOME desktop environment for
+	  storing configuration settings for the desktop and
+	  applications. It is similar to the Windows Registry.
 
 	  https://projects.gnome.org/gconf/
 

package/glibc/glibc.hash

@@ -1,4 +1,4 @@
 # Locally calculated (fetched from Github)
-sha256  0766875391224153502c5542a71b6e46db53b44691078b3130e1a0df41586430     glibc-glibc-2.26-107-g73a92363619e52c458146e903dfb9b1ba823aa40.tar.gz
+sha256  d0d44c2c7a46922376c08a1d45ae7bcbf9abd8f05603dd76637c8b74e6693e9e     glibc-glibc-2.26-144-gbbabb868cd248763373d0db763bacd84ce27ede8.tar.gz
 # Locally calculated (fetched from Github)
 sha256  5aa9adeac09727db0b8a52794186563771e74d70410e9fd86431e339953fd4bb     glibc-arc-2017.09-release.tar.gz

package/glibc/glibc.mk

@@ -10,7 +10,7 @@ GLIBC_SITE = $(call github,foss-for-synopsys-dwc-arc-processors,glibc,$(GLIBC_VE
 else
 # Generate version string using:
 #   git describe --match 'glibc-*' --abbrev=40 origin/release/MAJOR.MINOR/master
-GLIBC_VERSION = glibc-2.26-107-g73a92363619e52c458146e903dfb9b1ba823aa40
+GLIBC_VERSION = glibc-2.26-144-gbbabb868cd248763373d0db763bacd84ce27ede8
 # Upstream doesn't officially provide an https download link.
 # There is one (https://sourceware.org/git/glibc.git) but it's not reliable,
 # sometimes the connection times out. So use an unofficial github mirror.

package/keepalived/0001-Fix-build-with-Linux-kernel-headers-v4.15.patch

@@ -0,0 +1,59 @@
+From 15f93dd90484532e25c8f3e43fb34a361a79d7f2 Mon Sep 17 00:00:00 2001
+From: Baruch Siach <baruch@tkos.co.il>
+Date: Fri, 9 Feb 2018 11:55:19 +0200
+Subject: [PATCH] Fix build with Linux kernel headers v4.15
+
+Linux kernel version 4.15 changed the libc/kernel headers suppression
+logic in a way that introduces collisions:
+
+In file included from ./../include/vrrp_ipaddress.h:32:0,
+                 from ./../include/vrrp_arp.h:31,
+                 from vrrp.c:29:
+/home/peko/autobuild/instance-1/output/host/arc-buildroot-linux-uclibc/sysroot/usr/include/linux/in.h:29:3: error: redeclaration of enumerator 'IPPROTO_IP'
+   IPPROTO_IP = 0,  /* Dummy protocol for TCP  */
+   ^
+/home/peko/autobuild/instance-1/output/host/arc-buildroot-linux-uclibc/sysroot/usr/include/netinet/in.h:33:5: note: previous definition of 'IPPROTO_IP' was here
+     IPPROTO_IP = 0,    /* Dummy protocol for TCP.  */
+     ^~~~~~~~~~
+
+Include the libc netinet/in.h header first to suppress the kernel
+header.
+
+In addition, add _GNU_SOURCE to vrrp.c for the libc provided in6_pktinfo
+definition.
+
+Signed-off-by: Baruch Siach <baruch@tkos.co.il>
+---
+Upstream status: https://github.com/acassen/keepalived/pull/777
+
+ keepalived/include/vrrp_arp.h | 1 +
+ keepalived/vrrp/vrrp.c        | 1 +
+ 2 files changed, 2 insertions(+)
+
+diff --git a/keepalived/include/vrrp_arp.h b/keepalived/include/vrrp_arp.h
+index 77a26c450b12..a103ab075c1d 100644
+--- a/keepalived/include/vrrp_arp.h
++++ b/keepalived/include/vrrp_arp.h
+@@ -24,6 +24,7 @@
+ #define _VRRP_ARP_H
+ 
+ /* system includes */
++#include <netinet/in.h>
+ #include <net/ethernet.h>
+ #include <net/if_arp.h>
+ 
+diff --git a/keepalived/vrrp/vrrp.c b/keepalived/vrrp/vrrp.c
+index 3d2bfe41ab4f..435a4b54b2a9 100644
+--- a/keepalived/vrrp/vrrp.c
++++ b/keepalived/vrrp/vrrp.c
+@@ -26,6 +26,7 @@
+ #include "config.h"
+ 
+ /* local include */
++#define _GNU_SOURCE
+ #include "vrrp_arp.h"
+ #include "vrrp_ndisc.h"
+ #include "vrrp_scheduler.h"
+-- 
+2.15.1
+

package/libcpprestsdk/0004-libcpprestsdk-fix-building-as-a-static-library.patch

@@ -0,0 +1,38 @@
+From 8a9c3db14a390c0a8788405e52e9b8737a430191 Mon Sep 17 00:00:00 2001
+From: Adam Duskett <aduskett@gmail.com>
+Date: Mon, 12 Feb 2018 07:49:34 -0500
+Subject: [PATCH] libcpprestsdk: fix building as a static library
+
+Use pkg-config to find OpenSSL. This will automatically find any
+dependent libraries and put them in the correct order for linking.
+
+Upstream status: submitted
+https://github.com/Microsoft/cpprestsdk/pull/688
+
+Signed-off-by: Adam Duskett <aduskett@gmail.com>
+---
+ Release/cmake/cpprest_find_openssl.cmake | 10 +++++++---
+ 1 file changed, 7 insertions(+), 3 deletions(-)
+
+diff --git a/Release/cmake/cpprest_find_openssl.cmake b/Release/cmake/cpprest_find_openssl.cmake
+index 0b49a7e..2be8afb 100644
+--- a/Release/cmake/cpprest_find_openssl.cmake
++++ b/Release/cmake/cpprest_find_openssl.cmake
+@@ -41,8 +41,12 @@ function(cpprest_find_openssl)
+       # This should prevent linking against the system provided 0.9.8y
+       set(_OPENSSL_VERSION "")
+     endif()
+-    find_package(OpenSSL 1.0.0 REQUIRED)
+-
++    if(UNIX)
++		find_package(PkgConfig REQUIRED)
++		pkg_search_module(OPENSSL openssl REQUIRED)
++    else()
++    	find_package(OpenSSL 1.0.0 REQUIRED)
++	endif()
+     INCLUDE(CheckCXXSourceCompiles)
+     set(CMAKE_REQUIRED_INCLUDES "${OPENSSL_INCLUDE_DIR}")
+     set(CMAKE_REQUIRED_LIBRARIES "${OPENSSL_LIBRARIES}")
+-- 
+2.14.3
+

package/libcpprestsdk/libcpprestsdk.mk

@@ -9,7 +9,7 @@ LIBCPPRESTSDK_SITE = $(call github,Microsoft,cpprestsdk,$(LIBCPPRESTSDK_VERSION)
 LIBCPPRESTSDK_LICENSE = MIT
 LIBCPPRESTSDK_LICENSE_FILES = license.txt
 LIBCPPRESTSDK_SUBDIR = Release
-LIBCPPRESTSDK_DEPENDENCIES += boost openssl zlib
+LIBCPPRESTSDK_DEPENDENCIES += host-pkgconf boost openssl zlib
 LIBCPPRESTSDK_CONF_OPTS = -DWERROR=OFF
 
 $(eval $(cmake-package))

package/libgpiod/libgpiod.hash

@@ -1,2 +1,4 @@
 # From https://www.kernel.org/pub/software/libs/libgpiod/sha256sums.asc
 sha256 50c7862428ca90b58672e2475aea66d33a6fc86c6bab1928c0660f3aedf44a37  libgpiod-0.3.2.tar.xz
+# Hash for license file
+sha256 ce64d5f7b49ea6d80fdb6d4cdee6839d1a94274f7493dc797c3b55b65ec8e9ed  COPYING

package/libmaxminddb/0001-Add-disable-binaries.patch

@@ -0,0 +1,53 @@
+From 501f85fa729d08b90f0e1ff6f9378a0864f722a7 Mon Sep 17 00:00:00 2001
+From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+Date: Fri, 2 Feb 2018 13:19:18 +0100
+Subject: [PATCH] Add --disable-binaries
+
+mmdblookup now depends on pthread.h which can be disabled on some
+toolchains so add an option to be able to compile libmaxminddb without
+this binary
+
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+---
+ Makefile.am  | 6 +++++-
+ configure.ac | 6 ++++++
+ 2 files changed, 11 insertions(+), 1 deletion(-)
+
+diff --git a/Makefile.am b/Makefile.am
+index cebcd31..cfbfd77 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -4,8 +4,12 @@ include_HEADERS = include/maxminddb.h
+ nodist_include_HEADERS = include/maxminddb_config.h
+ 
+ SUBDIRS = \
+-  src     \
++  src
++
++if BINARIES
++SUBDIRS += \
+   bin
++endif
+ 
+ if TESTS
+ SUBDIRS += \
+diff --git a/configure.ac b/configure.ac
+index c494746..4d1beb4 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -119,6 +119,12 @@ AC_ARG_ENABLE(
+         esac],[debug=false])
+ AM_CONDITIONAL([DEBUG], [test x$debug = xtrue])
+ 
++AC_ARG_ENABLE([binaries],
++        AS_HELP_STRING([--enable-binaries], [Compilation of binaries code]),
++        [enable_binaries=${enableval}],
++        [enable_binaries=yes])
++AM_CONDITIONAL([BINARIES], [test "${enable_binaries}" = "yes"])
++
+ AC_ARG_ENABLE([tests],
+         AS_HELP_STRING([--enable-tests], [Compilation of tests code]),
+         [enable_tests=${enableval}],
+-- 
+2.7.4
+

package/libmaxminddb/libmaxminddb.mk

@@ -13,4 +13,11 @@ LIBMAXMINDDB_LICENSE_FILES = LICENSE
 LIBMAXMINDDB_AUTORECONF = YES
 LIBMAXMINDDB_CONF_OPTS = --disable-tests
 
+# mmdblookup binary depends on pthreads
+ifeq ($(BR2_TOOLCHAIN_HAS_THREADS),y)
+LIBMAXMINDDB_CONF_OPTS += --enable-binaries
+else
+LIBMAXMINDDB_CONF_OPTS += --disable-binaries
+endif
+
 $(eval $(autotools-package))

package/librsvg/librsvg.hash

@@ -1,2 +1,2 @@
-# From http://ftp.gnome.org/pub/gnome/sources/librsvg/2.40/librsvg-2.40.18.sha256sum
-sha256	bfc8c488c89c1e7212c478beb95c41b44701636125a3e6dab41187f1485b564c	librsvg-2.40.18.tar.xz
+# From http://ftp.gnome.org/pub/gnome/sources/librsvg/2.40/librsvg-2.40.20.sha256sum
+sha256	cff4dd3c3b78bfe99d8fcfad3b8ba1eee3289a0823c0e118d78106be6b84c92b	librsvg-2.40.20.tar.xz

package/librsvg/librsvg.mk

@@ -5,7 +5,7 @@
 ################################################################################
 
 LIBRSVG_VERSION_MAJOR = 2.40
-LIBRSVG_VERSION = $(LIBRSVG_VERSION_MAJOR).18
+LIBRSVG_VERSION = $(LIBRSVG_VERSION_MAJOR).20
 LIBRSVG_SITE = http://ftp.gnome.org/pub/gnome/sources/librsvg/$(LIBRSVG_VERSION_MAJOR)
 LIBRSVG_SOURCE = librsvg-$(LIBRSVG_VERSION).tar.xz
 LIBRSVG_INSTALL_STAGING = YES

package/libtasn1/libtasn1.hash

@@ -1,2 +1,6 @@
 # Locally calculated after checking pgp signature
-sha256	6753da2e621257f33f5b051cc114d417e5206a0818fe0b1ecfd6153f70934753	libtasn1-4.12.tar.gz
+# https://ftp.gnu.org/gnu/libtasn1/libtasn1-4.13.tar.gz.sig
+sha256	7e528e8c317ddd156230c4e31d082cd13e7ddeb7a54824be82632209550c8cca	libtasn1-4.13.tar.gz
+# Locally calculated
+sha256	8ceb4b9ee5adedde47b31e975c1d90c73ad27b6b165a1dcd80c7c545eb65b903	COPYING
+sha256	dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551	COPYING.LIB

package/libtasn1/libtasn1.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-LIBTASN1_VERSION = 4.12
+LIBTASN1_VERSION = 4.13
 LIBTASN1_SITE = $(BR2_GNU_MIRROR)/libtasn1
 LIBTASN1_DEPENDENCIES = host-bison
 LIBTASN1_LICENSE = GPL-3.0+ (tests, tools), LGPL-2.1+ (library)

package/libv4l/0002-keytable-fix-EVIOCSCLOCKID-related-compile-failure.patch

@@ -0,0 +1,35 @@
+From 663b7be9d27c979c914011a3ce707e227987bc59 Mon Sep 17 00:00:00 2001
+From: Peter Seiderer <ps.report@gmx.net>
+Date: Sat, 3 Feb 2018 22:47:18 +0100
+Subject: [PATCH] keytable: fix EVIOCSCLOCKID related compile failure
+
+Fixes:
+
+  keytable.c: In function 'test_event':
+  keytable.c:1351:12: error: 'EVIOCSCLOCKID' undeclared (first use in this function)
+    ioctl(fd, EVIOCSCLOCKID, &mode);
+              ^~~~~~~~~~~~~
+
+Signed-off-by: Peter Seiderer <ps.report@gmx.net>
+---
+ utils/keytable/keytable.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/utils/keytable/keytable.c b/utils/keytable/keytable.c
+index 34a1522e..925eab00 100644
+--- a/utils/keytable/keytable.c
++++ b/utils/keytable/keytable.c
+@@ -55,6 +55,10 @@ struct input_keymap_entry_v2 {
+ 	u_int8_t  scancode[32];
+ };
+ 
++#ifndef EVIOCSCLOCKID
++#define EVIOCSCLOCKID		_IOW('E', 0xa0, int)
++#endif
++
+ #ifndef EVIOCGKEYCODE_V2
+ #define EVIOCGKEYCODE_V2	_IOR('E', 0x04, struct input_keymap_entry_v2)
+ #define EVIOCSKEYCODE_V2	_IOW('E', 0x04, struct input_keymap_entry_v2)
+-- 
+2.16.1
+

package/libxml2/0001-CVE-2017-8872.patch

@@ -0,0 +1,33 @@
+From 8b329effb610f4138e4e680f6a6867570f6d6179 Mon Sep 17 00:00:00 2001
+From: Baruch Siach <baruch@tkos.co.il>
+Date: Fri, 9 Feb 2018 10:58:11 +0200
+Subject: [PATCH] CVE-2017-8872
+
+Taken from attachment to upstream bug report comment #9.
+
+https://bugzilla.gnome.org/show_bug.cgi?id=775200#c9
+https://bugzilla.gnome.org/attachment.cgi?id=366193&action=diff
+
+Signed-off-by: Baruch Siach <baruch@tkos.co.il>
+---
+ parser.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/parser.c b/parser.c
+index 1c5e036ea265..025111067ae8 100644
+--- a/parser.c
++++ b/parser.c
+@@ -12467,6 +12467,10 @@ xmlHaltParser(xmlParserCtxtPtr ctxt) {
+ 	ctxt->input->cur = BAD_CAST"";
+ 	ctxt->input->base = ctxt->input->cur;
+         ctxt->input->end = ctxt->input->cur;
++    if (ctxt->input->buf)
++        xmlBufEmpty (ctxt->input->buf->buffer);
++    else
++        ctxt->input->length = 0;
+     }
+ }
+ 
+-- 
+2.15.1
+

package/lightning/lightning.hash

@@ -1,2 +1,3 @@
 # Locally computed
-sha256	1fa3a2421852598b3162d6765645bb3cd0fccb5f0c105d0800c64c8428b749a6	lightning-2.1.0.tar.gz
+sha256	9b289ed1c977602f9282da507db2e980dcfb5207ee8bd2501536a6852a157a69	lightning-2.1.2.tar.gz
+sha256	a853c2ffec17057872340eee242ae4d96cbf2b520ae27d903e1b2fef1a5f9d1c	COPYING.LESSER

package/lightning/lightning.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-LIGHTNING_VERSION = 2.1.0
+LIGHTNING_VERSION = 2.1.2
 LIGHTNING_SITE = $(BR2_GNU_MIRROR)/lightning
 LIGHTNING_LICENSE = LGPL-3.0+
 LIGHTNING_LICENSE_FILES = COPYING.LESSER

package/linux-headers/Config.in.host

@@ -243,11 +243,11 @@ config BR2_DEFAULT_KERNEL_HEADERS
 	default "3.2.98"	if BR2_KERNEL_HEADERS_3_2
 	default "4.1.49"	if BR2_KERNEL_HEADERS_4_1
 	default "4.4.115"	if BR2_KERNEL_HEADERS_4_4
-	default "4.9.80"	if BR2_KERNEL_HEADERS_4_9
+	default "4.9.81"	if BR2_KERNEL_HEADERS_4_9
 	default "4.10.17"	if BR2_KERNEL_HEADERS_4_10
 	default "4.11.12"	if BR2_KERNEL_HEADERS_4_11
 	default "4.12.14"	if BR2_KERNEL_HEADERS_4_12
 	default "4.13.16"	if BR2_KERNEL_HEADERS_4_13
-	default "4.14.17"	if BR2_KERNEL_HEADERS_4_14
-	default "4.15.1"	if BR2_KERNEL_HEADERS_4_15
+	default "4.14.19"	if BR2_KERNEL_HEADERS_4_14
+	default "4.15.3"	if BR2_KERNEL_HEADERS_4_15
 	default BR2_DEFAULT_KERNEL_VERSION if BR2_KERNEL_HEADERS_VERSION

package/ltp-testsuite/ltp-testsuite.mk

@@ -40,6 +40,13 @@ else
 LTP_TESTSUITE_CONF_ENV += ac_cv_lib_cap_cap_compare=no
 endif
 
+# No explicit enable/disable options
+ifeq ($(BR2_PACKAGE_NUMACTL),y)
+LTP_TESTSUITE_DEPENDENCIES += numactl
+else
+LTP_TESTSUITE_CONF_ENV += have_numa_headers=no
+endif
+
 # ltp-testsuite uses <fts.h>, which isn't compatible with largefile
 # support.
 LTP_TESTSUITE_CFLAGS = $(filter-out -D_FILE_OFFSET_BITS=64,$(TARGET_CFLAGS))

package/mesa3d-demos/mesa3d-demos.mk

@@ -12,7 +12,6 @@ MESA3D_DEMOS_DEPENDENCIES = host-pkgconf
 MESA3D_DEMOS_LICENSE = MIT
 
 MESA3D_DEMOS_CONF_OPTS += \
-	--disable-osmesa \
 	--disable-gles1
 
 ifeq ($(BR2_PACKAGE_XORG7)$(BR2_PACKAGE_HAS_LIBGL),yy)

package/mesa3d-headers/mesa3d-headers.mk

@@ -12,7 +12,7 @@ endif
 
 # Not possible to directly refer to mesa3d variables, because of
 # first/second expansion trickery...
-MESA3D_HEADERS_VERSION = 17.3.3
+MESA3D_HEADERS_VERSION = 17.3.4
 MESA3D_HEADERS_SOURCE = mesa-$(MESA3D_HEADERS_VERSION).tar.xz
 MESA3D_HEADERS_SITE = https://mesa.freedesktop.org/archive
 MESA3D_HEADERS_LICENSE = MIT, SGI, Khronos

package/mesa3d/mesa3d.hash

@@ -1,8 +1,8 @@
-# From https://lists.freedesktop.org/archives/mesa-announce/2018-January/000393.html
-md5 139b5f608b371c0d4395596162f88791  mesa-17.3.3.tar.xz
-sha1 346f7813f493b1daf9d9079826a13dbd722b86ab  mesa-17.3.3.tar.xz
-sha256 41bac5de0ef6adc1f41a1ec0f80c19e361298ce02fa81b5f9ba4fdca33a9379b  mesa-17.3.3.tar.xz
-sha512 7ac8ecdcf3b2b43239835bc2c5da7f2730f80a2db945fe00df03d1548920fbc074dd4806ddd345a1ce682fd29d75b2209ef81b6b06e657f9c8ae8622a34a03c1  mesa-17.3.3.tar.xz
+# From https://lists.freedesktop.org/archives/mesa-announce/2018-February/000400.html
+md5 f08eccad27f34366db1bb3997d288c2f  mesa-17.3.4.tar.xz
+sha1 bb9be653a26d89f3b6c4c00c64f4a5896d9d7f38  mesa-17.3.4.tar.xz
+sha256 71f995e233bc5df1a0dd46c980d1720106e7f82f02d61c1ca50854b5e02590d0  mesa-17.3.4.tar.xz
+sha512 8a077aa89b9d314188e62a215abe8e0db890afbbdd9c1ba9d214735d5304956b55723132f19e8a4ac3e3f404eca1dd9b5fbc936de9ac63d91562c0bc62708fe3  mesa-17.3.4.tar.xz
 # License
 sha256 630e75b4fdeb75ee2bf9e55db54dd1e3ff7353d52d9314ca8512bfd460f8e24c  docs/license.html
 sha256 a75ee0cec909515ff80a3ec07155b7fb0aafe8051abe1f0e45d5c4c5e2539366  docs/patents.txt

package/mesa3d/mesa3d.mk

@@ -5,7 +5,7 @@
 ################################################################################
 
 # When updating the version, please also update mesa3d-headers
-MESA3D_VERSION = 17.3.3
+MESA3D_VERSION = 17.3.4
 MESA3D_SOURCE = mesa-$(MESA3D_VERSION).tar.xz
 MESA3D_SITE = https://mesa.freedesktop.org/archive
 MESA3D_LICENSE = MIT, SGI, Khronos

package/mtools/Config.in.host

@@ -1,9 +1,9 @@
 config BR2_PACKAGE_HOST_MTOOLS
 	bool "host mtools"
 	help
-	  Mtools is a collection of utilities to access MS-DOS disks from
-	  Unix without mounting them. It supports Win'95 style long file
-	  names, OS/2 Xdf disks and 2m disks (store up to 1992k on a high
-	  density 3 1/2 disk).
+	  Mtools is a collection of utilities to access MS-DOS disks
+	  from Unix without mounting them. It supports Win'95 style long
+	  file names, OS/2 Xdf disks and 2m disks (store up to 1992k on
+	  a high density 3 1/2 disk).
 
 	  http://www.gnu.org/software/mtools/

package/nftables/0001-src-fix-build-with-older-glibc.patch

@@ -0,0 +1,38 @@
+From 381eaa40735385a1a60e5ab0a7daf4bb847fc2ab Mon Sep 17 00:00:00 2001
+From: Baruch Siach <baruch@tkos.co.il>
+Date: Fri, 9 Feb 2018 14:42:31 +0200
+Subject: [PATCH] src: fix build with older glibc
+
+glibc before 2.19 missed the definition of IPPROTO_MH. This leads to
+build failure:
+
+parser_bison.y: In function 'nft_parse':
+parser_bison.y:3793:21: error: 'IPPROTO_MH' undeclared (first use in this function)
+    | MH { $$ = IPPROTO_MH; }
+                     ^
+
+Since we have a local definition of IPPROTO_MH in headers.h use that to
+fix the build.
+
+Signed-off-by: Baruch Siach <baruch@tkos.co.il>
+---
+Upstream status: https://marc.info/?l=netfilter-devel&m=151818061103886&w=2
+
+ src/parser_bison.y | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/parser_bison.y b/src/parser_bison.y
+index 2e79109f4da3..578bfdc10429 100644
+--- a/src/parser_bison.y
++++ b/src/parser_bison.y
+@@ -29,6 +29,7 @@
+ #include <rule.h>
+ #include <statement.h>
+ #include <expression.h>
++#include <headers.h>
+ #include <utils.h>
+ #include <parser.h>
+ #include <erec.h>
+-- 
+2.15.1
+

package/omap-u-boot-utils/Config.in.host

@@ -3,7 +3,7 @@ config BR2_PACKAGE_HOST_OMAP_U_BOOT_UTILS
 	depends on BR2_arm || BR2_armeb
 	help
 	  U-Boot Utilities for Texas Instrument's OMAP platforms.
-	  This is a set of tools to control U-Boot from scripts, generate
-	  OMAP-specific signed image files and more.
+	  This is a set of tools to control U-Boot from scripts,
+	  generate OMAP-specific signed image files and more.
 
 	  https://github.com/nmenon/omap-u-boot-utils

package/open-lldp/0004-fixed-unknown-type-pid_t.patch

@@ -0,0 +1,41 @@
+From 41e9e6b5aa13d65480cc960a7f15f97d74d64090 Mon Sep 17 00:00:00 2001
+From: Laurent Charpentier <laurent_pubs@yahoo.com>
+Date: Mon, 22 Jan 2018 10:49:45 +0100
+Subject: [PATCH] fixed unknown type pid_t
+
+Fixed 'unknown type pid_t' gcc compile error in dcbtool_cmds.c and
+lldptool_cmds.c
+
+Signed-off-by: Laurent Charpentier <laurent_pubs@yahoo.com>
+---
+ dcbtool_cmds.c  | 1 +
+ lldptool_cmds.c | 1 +
+ 2 files changed, 2 insertions(+)
+
+diff --git a/dcbtool_cmds.c b/dcbtool_cmds.c
+index a5cd0fe..ee5c144 100644
+--- a/dcbtool_cmds.c
++++ b/dcbtool_cmds.c
+@@ -27,6 +27,7 @@
+ #include <stdlib.h>
+ #include <stdio.h>
+ #include <ctype.h>
++#include <sys/types.h>
+ #include "clif.h"
+ #include "dcbtool.h"
+ #include "lldp_dcbx_cmds.h"
+diff --git a/lldptool_cmds.c b/lldptool_cmds.c
+index daef8c8..c793e34 100644
+--- a/lldptool_cmds.c
++++ b/lldptool_cmds.c
+@@ -27,6 +27,7 @@
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <ctype.h>
++#include <sys/types.h>
+ #include "clif.h"
+ #include "dcb_types.h"
+ #include "lldptool.h"
+-- 
+2.14.3
+

package/php/php.mk

@@ -232,6 +232,11 @@ define PHP_DISABLE_PCRE_JIT
 	$(SED) '/^#define SUPPORT_JIT/d' $(@D)/ext/pcre/pcrelib/config.h
 endef
 
+define PHP_DISABLE_VALGRIND
+	$(SED) '/^#define HAVE_VALGRIND/d' $(@D)/main/php_config.h
+endef
+PHP_POST_CONFIGURE_HOOKS += PHP_DISABLE_VALGRIND
+
 ### Use external PCRE if it's available
 ifeq ($(BR2_PACKAGE_PCRE),y)
 PHP_CONF_OPTS += --with-pcre-regex=$(STAGING_DIR)/usr

package/pkgconf/Config.in.host

@@ -1,9 +1,10 @@
 config BR2_PACKAGE_HOST_PKGCONF
 	bool "host pkgconf"
 	help
-	  pkgconf is a program which helps to configure compiler and linker
-	  flags for development frameworks. It is similar to pkg-config,
-	  but was written from scratch in the summer of 2011 to replace
-	  pkg-config, which now needs itself to build itself
+	  pkgconf is a program which helps to configure compiler and
+	  linker flags for development frameworks. It is similar to
+	  pkg-config, but was written from scratch in the summer of
+	  2011 to replace pkg-config, which now needs itself to build
+	  itself
 
 	  https://github.com/pkgconf/pkgconf

package/postgresql/postgresql.hash

@@ -1,5 +1,5 @@
-# From https://ftp.postgresql.org/pub/source/v10.1/postgresql-10.1.tar.bz2.sha256
-sha256	3ccb4e25fe7a7ea6308dea103cac202963e6b746697366d72ec2900449a5e713	postgresql-10.1.tar.bz2
+# From https://ftp.postgresql.org/pub/source/v10.2/postgresql-10.2.tar.bz2.sha256
+sha256	fe32009b62ddb97f7f014307ce9d0edb6972f5a698e63cb531088e147d145bad	postgresql-10.2.tar.bz2
 
 # License file, Locally calculated
-sha256	7dc8de32741ad1b03e21710771b55a1b9d460671d47f28a8840f917e38c66676	COPYRIGHT
+sha256	24cfc70cf16b3a23242c49ffce39510683bdd48cbedb8a46fe03976ee5f5c21e	COPYRIGHT

package/postgresql/postgresql.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-POSTGRESQL_VERSION = 10.1
+POSTGRESQL_VERSION = 10.2
 POSTGRESQL_SOURCE = postgresql-$(POSTGRESQL_VERSION).tar.bz2
 POSTGRESQL_SITE = http://ftp.postgresql.org/pub/source/v$(POSTGRESQL_VERSION)
 POSTGRESQL_LICENSE = PostgreSQL

package/pure-ftpd/Config.in

@@ -33,7 +33,7 @@ config BR2_PACKAGE_PURE_FTPD_QUOTAS
 config BR2_PACKAGE_PURE_FTPD_UPLOADSCRIPT
 	bool "uploadscript"
 	help
-	  Enable pure-upload script. Automatically run an external program
-	  after a successful upload.
+	  Enable pure-upload script. Automatically run an external
+	  program after a successful upload.
 
 endif

package/pwgen/Config.in.host

@@ -1,7 +1,7 @@
 config BR2_PACKAGE_HOST_PWGEN
 	bool "host pwgen"
 	help
-	  Pwgen is a small, GPL'ed password generator which creates passwords
-	  which can be easily memorized by a human.
+	  Pwgen is a small, GPL'ed password generator which creates
+	  passwords which can be easily memorized by a human.
 
 	  http://sourceforge.net/projects/pwgen/

package/python-crossbar/Config.in

@@ -4,6 +4,7 @@ config BR2_PACKAGE_PYTHON_CROSSBAR
 	# All the following dependencies are runtime dependencies
 	select BR2_PACKAGE_PYTHON_ATTRS
 	select BR2_PACKAGE_PYTHON_AUTOBAHN
+	select BR2_PACKAGE_PYTHON_BITSTRING
 	select BR2_PACKAGE_PYTHON_CONSTANTLY
 	select BR2_PACKAGE_PYTHON_CBOR
 	select BR2_PACKAGE_PYTHON_CLICK

package/qemu/Config.in.host

@@ -9,7 +9,8 @@ config BR2_PACKAGE_HOST_QEMU
 	select BR2_PACKAGE_HOST_QEMU_LINUX_USER_MODE \
 		if !BR2_PACKAGE_HOST_QEMU_SYSTEM_MODE
 	help
-	  QEMU is a generic and open source machine emulator and virtualizer.
+	  QEMU is a generic and open source machine emulator and
+	  virtualizer.
 
 	  This option builds an emulator for your selected architecture.
 

package/qt5/qt5.mk

@@ -11,7 +11,7 @@ else
 QT5_VERSION_MAJOR = 5.6
 QT5_VERSION = $(QT5_VERSION_MAJOR).3
 endif
-QT5_SITE = http://download.qt.io/official_releases/qt/$(QT5_VERSION_MAJOR)/$(QT5_VERSION)/submodules
+QT5_SITE = https://download.qt.io/official_releases/qt/$(QT5_VERSION_MAJOR)/$(QT5_VERSION)/submodules
 
 include $(sort $(wildcard package/qt5/*/*.mk))
 

package/qt5/qt53d/qt53d.mk

@@ -6,7 +6,7 @@
 
 QT53D_VERSION = $(QT5_VERSION)
 QT53D_SITE = $(QT5_SITE)
-QT53D_SOURCE = qt3d-opensource-src-$(QT5SVG_VERSION).tar.xz
+QT53D_SOURCE = qt3d-opensource-src-$(QT53D_VERSION).tar.xz
 QT53D_DEPENDENCIES = qt5base qt5declarative
 QT53D_INSTALL_STAGING = YES
 

package/qt5/qt5enginio/qt5enginio.hash

@@ -1,5 +1,5 @@
-# Hash from: http://download.qt.io/official_releases/qt/5.6/5.6.3/submodules/qtenginio-opensource-src-1.6.2.tar.xz.mirrorlist
-sha256 90ffc38d214a75ab0ef90a4760843f12bc073ae49c17de24c677d1d403bddcc3 qtenginio-opensource-src-1.6.2.tar.xz
+# Hash from: https://download.qt.io/official_releases/qt/5.6/5.6.3/submodules/qtenginio-opensource-src-1.6.3.tar.xz.mirrorlist
+sha256 d907060b355512ceb7a8c3f6980e3979c20d54320b6804303b6c5e8ed42d3912  qtenginio-opensource-src-1.6.3.tar.xz
 
 # Hashes for license files:
 sha256 245248009fd0af1725d183248380e476c1283383909358a13686606352bf2a17 LICENSE.GPLv3

package/qt5/qt5enginio/qt5enginio.mk

@@ -6,7 +6,7 @@
 
 # Qt5Enginio does not follow Qt versionning
 # see https://bugreports.qt.io/browse/QTBUG-50111
-QT5ENGINIO_VERSION = 1.6.2
+QT5ENGINIO_VERSION = 1.6.3
 QT5ENGINIO_SITE = $(QT5_SITE)
 QT5ENGINIO_SOURCE = qtenginio-opensource-src-$(QT5ENGINIO_VERSION).tar.xz
 QT5ENGINIO_DEPENDENCIES = openssl qt5base

package/qt5/qt5tools/qt5tools.mk

@@ -6,7 +6,7 @@
 
 QT5TOOLS_VERSION = $(QT5_VERSION)
 QT5TOOLS_SITE = $(QT5_SITE)
-QT5TOOLS_SOURCE = qttools-opensource-src-$(QT5BASE_VERSION).tar.xz
+QT5TOOLS_SOURCE = qttools-opensource-src-$(QT5TOOLS_VERSION).tar.xz
 
 QT5TOOLS_DEPENDENCIES = qt5base
 QT5TOOLS_INSTALL_STAGING = YES

package/qt5/qt5webengine/qt5webengine.mk

@@ -39,7 +39,7 @@ endef
 QT5WEBENGINE_PRE_CONFIGURE_HOOKS += QT5WEBENGINE_PYTHON2_SYMLINK
 
 define QT5WEBENGINE_CONFIGURE_CMDS
-	(cd $(@D); $(TARGET_MAKE_ENV) $(QT5WEBENGINE_ENV) $(HOST_DIR)/usr/bin/qmake $(QT5WEBENGINE_QMAKEFLAGS))
+	(cd $(@D); $(TARGET_MAKE_ENV) $(QT5WEBENGINE_ENV) $(HOST_DIR)/bin/qmake $(QT5WEBENGINE_QMAKEFLAGS))
 endef
 
 define QT5WEBENGINE_BUILD_CMDS

package/qt5/qt5webkit-examples/qt5webkit-examples.hash

@@ -1,5 +1,5 @@
-# Hash from: http://download.qt.io/community_releases/5.6/5.6.3/qtwebkit-examples-opensource-src-5.6.3.tar.xz.mirrorlist
+# Hash from: https://download.qt.io/community_releases/5.6/5.6.3/qtwebkit-examples-opensource-src-5.6.3.tar.xz.mirrorlist
 sha256 2d6ce7146298d03b443cca4390bbfee17c4c0b08a31efcbf9fe0732291a6169e qtwebkit-examples-opensource-src-5.6.3.tar.xz
 
-# Hash from: http://download.qt.io/official_releases/qt/5.9/5.9.1/submodules/qtwebkit-examples-opensource-src-5.9.1.tar.xz.mirrorlist
+# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.1/submodules/qtwebkit-examples-opensource-src-5.9.1.tar.xz.mirrorlist
 sha256 e4ce4de6b468243abad2baabbe8ddfb05d25b186529bfe88cb8662fc983f54d0 qtwebkit-examples-opensource-src-5.9.1.tar.xz

package/qt5/qt5webkit-examples/qt5webkit-examples.mk

@@ -7,10 +7,10 @@
 # no 5.9.2 package available, fall back to 5.9.1 version
 ifeq ($(BR2_PACKAGE_QT5_VERSION_LATEST),y)
 QT5WEBKIT_EXAMPLES_VERSION = 5.9.1
-QT5WEBKIT_EXAMPLES_SITE = http://download.qt.io/official_releases/qt/5.9/5.9.1/submodules
+QT5WEBKIT_EXAMPLES_SITE = https://download.qt.io/official_releases/qt/5.9/5.9.1/submodules
 else
 QT5WEBKIT_EXAMPLES_VERSION = $(QT5_VERSION)
-QT5WEBKIT_EXAMPLES_SITE = http://download.qt.io/community_releases/5.6/$(QT5_VERSION)
+QT5WEBKIT_EXAMPLES_SITE = https://download.qt.io/community_releases/5.6/$(QT5_VERSION)
 endif
 
 QT5WEBKIT_EXAMPLES_SOURCE = qtwebkit-examples-opensource-src-$(QT5WEBKIT_VERSION).tar.xz

package/qt5/qt5webkit/qt5webkit.hash

@@ -1,7 +1,7 @@
-# Hash from: http://download.qt.io/community_releases/5.6/5.6.3/qtwebkit-opensource-src-5.6.3.tar.xz.mirrorlist
+# Hash from: https://download.qt.io/community_releases/5.6/5.6.3/qtwebkit-opensource-src-5.6.3.tar.xz.mirrorlist
 sha256  098c6bb25798fbf1b619b540621287787064efc9b586d76ac0ce7e39b87a3896  qtwebkit-opensource-src-5.6.3.tar.xz
 
-# hash from: http://download.qt.io/official_releases/qt/5.9/5.9.1/submodules/qtwebkit-opensource-src-5.9.1.tar.xz.mirrorlist
+# hash from: https://download.qt.io/official_releases/qt/5.9/5.9.1/submodules/qtwebkit-opensource-src-5.9.1.tar.xz.mirrorlist
 sha256  28a560becd800a4229bfac317c2e5407cd3cc95308bc4c3ca90dba2577b052cf  qtwebkit-opensource-src-5.9.1.tar.xz
 
 # Hashes for license files:

package/qt5/qt5webkit/qt5webkit.mk

@@ -7,10 +7,10 @@
 # no 5.9.2 package available, fall back to 5.9.1 version
 ifeq ($(BR2_PACKAGE_QT5_VERSION_LATEST),y)
 QT5WEBKIT_VERSION = 5.9.1
-QT5WEBKIT_SITE = http://download.qt.io/official_releases/qt/5.9/5.9.1/submodules
+QT5WEBKIT_SITE = https://download.qt.io/official_releases/qt/5.9/5.9.1/submodules
 else
 QT5WEBKIT_VERSION = $(QT5_VERSION)
-QT5WEBKIT_SITE = http://download.qt.io/community_releases/5.6/$(QT5_VERSION)
+QT5WEBKIT_SITE = https://download.qt.io/community_releases/5.6/$(QT5_VERSION)
 endif
 
 QT5WEBKIT_SOURCE = qtwebkit-opensource-src-$(QT5WEBKIT_VERSION).tar.xz

package/rsync/0001-Check-fname-in-recv_files-sooner.patch

@@ -1,45 +0,0 @@
-From 3e06d40029cfdce9d0f73d87cfd4edaf54be9c51 Mon Sep 17 00:00:00 2001
-From: Jeriko One <jeriko.one@gmx.us>
-Date: Thu, 2 Nov 2017 23:44:19 -0700
-Subject: [PATCH] Check fname in recv_files sooner.
-
-Signed-off-by: Baruch Siach <baruch@tkos.co.il>
----
-Patch status: upstream commit 3e06d40029c
-
- receiver.c | 12 ++++++------
- 1 file changed, 6 insertions(+), 6 deletions(-)
-
-diff --git a/receiver.c b/receiver.c
-index baae3a919cdd..9fdafa152cb3 100644
---- a/receiver.c
-+++ b/receiver.c
-@@ -574,6 +574,12 @@ int recv_files(int f_in, int f_out, char *local_name)
- 			file = dir_flist->files[cur_flist->parent_ndx];
- 		fname = local_name ? local_name : f_name(file, fbuf);
- 
-+		if (daemon_filter_list.head
-+		    && check_filter(&daemon_filter_list, FLOG, fname, 0) < 0) {
-+			rprintf(FERROR, "attempt to hack rsync failed.\n");
-+			exit_cleanup(RERR_PROTOCOL);
-+		}
-+
- 		if (DEBUG_GTE(RECV, 1))
- 			rprintf(FINFO, "recv_files(%s)\n", fname);
- 
-@@ -645,12 +651,6 @@ int recv_files(int f_in, int f_out, char *local_name)
- 
- 		cleanup_got_literal = 0;
- 
--		if (daemon_filter_list.head
--		    && check_filter(&daemon_filter_list, FLOG, fname, 0) < 0) {
--			rprintf(FERROR, "attempt to hack rsync failed.\n");
--			exit_cleanup(RERR_PROTOCOL);
--		}
--
- 		if (read_batch) {
- 			int wanted = redoing
- 				   ? we_want_redo(ndx)
--- 
-2.15.0
-

package/rsync/0002-Sanitize-xname-in-read_ndx_and_attrs.patch

@@ -1,39 +0,0 @@
-From 70aeb5fddd1b2f8e143276f8d5a085db16c593b9 Mon Sep 17 00:00:00 2001
-From: Jeriko One <jeriko.one@gmx.us>
-Date: Thu, 16 Nov 2017 17:05:42 -0800
-Subject: [PATCH] Sanitize xname in read_ndx_and_attrs.
-
-Signed-off-by: Baruch Siach <baruch@tkos.co.il>
----
-Patch status: upstream commit 70aeb5fddd
-
- rsync.c | 6 ++++++
- 1 file changed, 6 insertions(+)
-
-diff --git a/rsync.c b/rsync.c
-index b82e59881018..a0945ba4e7f5 100644
---- a/rsync.c
-+++ b/rsync.c
-@@ -49,6 +49,7 @@ extern int flist_eof;
- extern int file_old_total;
- extern int keep_dirlinks;
- extern int make_backups;
-+extern int sanitize_paths;
- extern struct file_list *cur_flist, *first_flist, *dir_flist;
- extern struct chmod_mode_struct *daemon_chmod_modes;
- #ifdef ICONV_OPTION
-@@ -396,6 +397,11 @@ int read_ndx_and_attrs(int f_in, int f_out, int *iflag_ptr, uchar *type_ptr,
- 	if (iflags & ITEM_XNAME_FOLLOWS) {
- 		if ((len = read_vstring(f_in, buf, MAXPATHLEN)) < 0)
- 			exit_cleanup(RERR_PROTOCOL);
-+
-+		if (sanitize_paths) {
-+			sanitize_path(buf, buf, "", 0, SP_DEFAULT);
-+			len = strlen(buf);
-+		}
- 	} else {
- 		*buf = '\0';
- 		len = -1;
--- 
-2.15.0
-

package/rsync/0003-Check-daemon-filter-against-fnamecmp-in-recv_files.patch

@@ -1,28 +0,0 @@
-From 5509597decdbd7b91994210f700329d8a35e70a1 Mon Sep 17 00:00:00 2001
-From: Jeriko One <jeriko.one@gmx.us>
-Date: Thu, 16 Nov 2017 17:26:03 -0800
-Subject: [PATCH] Check daemon filter against fnamecmp in recv_files().
-
-Signed-off-by: Baruch Siach <baruch@tkos.co.il>
----
-Patch status: upstream commit 5509597dec
-
- receiver.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/receiver.c b/receiver.c
-index 9fdafa152cb3..9c46242e013c 100644
---- a/receiver.c
-+++ b/receiver.c
-@@ -722,7 +722,7 @@ int recv_files(int f_in, int f_out, char *local_name)
- 				break;
- 			}
- 			if (!fnamecmp || (daemon_filter_list.head
--			  && check_filter(&daemon_filter_list, FLOG, fname, 0) < 0)) {
-+			  && check_filter(&daemon_filter_list, FLOG, fnamecmp, 0) < 0)) {
- 				fnamecmp = fname;
- 				fnamecmp_type = FNAMECMP_FNAME;
- 			}
--- 
-2.15.0
-

package/rsync/0004-Enforce-trailing-0-when-receiving-xattr-name-values.patch

@@ -1,33 +0,0 @@
-From 47a63d90e71d3e19e0e96052bb8c6b9cb140ecc1 Mon Sep 17 00:00:00 2001
-From: Wayne Davison <wayned@samba.org>
-Date: Sun, 5 Nov 2017 11:33:15 -0800
-Subject: [PATCH] Enforce trailing \0 when receiving xattr name values. Fixes
- bug 13112.
-
-Fixes CVE-2017-16548
-
-Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
----
-Patch status: upstream commit 47a63d90e7
-
- xattrs.c | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/xattrs.c b/xattrs.c
-index 68305d75..4867e6f5 100644
---- a/xattrs.c
-+++ b/xattrs.c
-@@ -824,6 +824,10 @@ void receive_xattr(int f, struct file_struct *file)
- 			out_of_memory("receive_xattr");
- 		name = ptr + dget_len + extra_len;
- 		read_buf(f, name, name_len);
-+		if (name_len < 1 || name[name_len-1] != '\0') {
-+			rprintf(FERROR, "Invalid xattr name received (missing trailing \\0).\n");
-+			exit_cleanup(RERR_FILEIO);
-+		}
- 		if (dget_len == datum_len)
- 			read_buf(f, ptr, dget_len);
- 		else {
--- 
-2.11.0
-

package/rsync/rsync.hash

@@ -1,2 +1,5 @@
 # Locally calculated after checking pgp signature
-sha256	ecfa62a7fa3c4c18b9eccd8c16eaddee4bd308a76ea50b5c02a5840f09c0a1c2	rsync-3.1.2.tar.gz
+# https://download.samba.org/pub/rsync/src/rsync-3.1.3.tar.gz.asc
+sha256	55cc554efec5fdaad70de921cd5a5eeb6c29a95524c715f3bbf849235b0800c0	rsync-3.1.3.tar.gz
+# Locally calculated
+sha256	8ceb4b9ee5adedde47b31e975c1d90c73ad27b6b165a1dcd80c7c545eb65b903	COPYING

package/rsync/rsync.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-RSYNC_VERSION = 3.1.2
+RSYNC_VERSION = 3.1.3
 RSYNC_SITE = http://rsync.samba.org/ftp/rsync/src
 RSYNC_LICENSE = GPL-3.0+
 RSYNC_LICENSE_FILES = COPYING

package/rust-bin/rust-bin.mk

@@ -11,22 +11,22 @@ RUST_BIN_LICENSE_FILES = LICENSE-APACHE LICENSE-MIT
 
 HOST_RUST_BIN_PROVIDES = host-rustc
 
-HOST_RUST_BIN_SOURCE = rustc-$(RUST_BIN_VERSION)-$(RUST_HOST_NAME).tar.xz
+HOST_RUST_BIN_SOURCE = rustc-$(RUST_BIN_VERSION)-$(RUSTC_HOST_NAME).tar.xz
 
 HOST_RUST_BIN_EXTRA_DOWNLOADS = \
-	rust-std-$(RUST_BIN_VERSION)-$(RUST_HOST_NAME).tar.xz \
-	rust-std-$(RUST_BIN_VERSION)-$(RUST_TARGET_NAME).tar.xz
+	rust-std-$(RUST_BIN_VERSION)-$(RUSTC_HOST_NAME).tar.xz \
+	rust-std-$(RUST_BIN_VERSION)-$(RUSTC_TARGET_NAME).tar.xz
 
-HOST_RUST_BIN_LIBSTD_HOST_PREFIX = rust-std-$(RUST_BIN_VERSION)-$(RUST_HOST_NAME)/rust-std-$(RUST_HOST_NAME)
+HOST_RUST_BIN_LIBSTD_HOST_PREFIX = rust-std-$(RUST_BIN_VERSION)-$(RUSTC_HOST_NAME)/rust-std-$(RUSTC_HOST_NAME)
 
 define HOST_RUST_BIN_LIBSTD_EXTRACT
 	mkdir -p $(@D)/std
 	$(foreach f,$(HOST_RUST_BIN_EXTRA_DOWNLOADS), \
 		$(call suitable-extractor,$(f)) $(DL_DIR)/$(f) | \
 			$(TAR) -C $(@D)/std $(TAR_OPTIONS) -
-        )
+	)
 	cd $(@D)/rustc/lib/rustlib; \
-		ln -sf ../../../std/$(HOST_RUST_BIN_LIBSTD_HOST_PREFIX)/lib/rustlib/$(RUST_HOST_NAME)
+		ln -sf ../../../std/$(HOST_RUST_BIN_LIBSTD_HOST_PREFIX)/lib/rustlib/$(RUSTC_HOST_NAME)
 endef
 
 HOST_RUST_BIN_POST_EXTRACT_HOOKS += HOST_RUST_BIN_LIBSTD_EXTRACT
@@ -42,12 +42,12 @@ define HOST_RUST_BIN_INSTALL_RUSTC
 endef
 
 define HOST_RUST_BIN_INSTALL_LIBSTD_HOST
-	(cd $(@D)/std/rust-std-$(RUST_BIN_VERSION)-$(RUST_HOST_NAME); \
+	(cd $(@D)/std/rust-std-$(RUST_BIN_VERSION)-$(RUSTC_HOST_NAME); \
 		./install.sh $(HOST_RUST_BIN_INSTALL_OPTS))
 endef
 
 define HOST_RUST_BIN_INSTALL_LIBSTD_TARGET
-	(cd $(@D)/std/rust-std-$(RUST_BIN_VERSION)-$(RUST_TARGET_NAME); \
+	(cd $(@D)/std/rust-std-$(RUST_BIN_VERSION)-$(RUSTC_TARGET_NAME); \
 		./install.sh $(HOST_RUST_BIN_INSTALL_OPTS))
 endef
 endif

package/rust/rust.mk

@@ -48,7 +48,7 @@ HOST_RUST_POST_EXTRACT_HOOKS += HOST_RUST_EXCLUDE_ORIG_FILES
 define HOST_RUST_CONFIGURE_CMDS
 	( \
 		echo '[build]'; \
-		echo 'target = ["$(RUST_TARGET_NAME)"]'; \
+		echo 'target = ["$(RUSTC_TARGET_NAME)"]'; \
 		echo 'cargo = "$(HOST_CARGO_BIN_DIR)/cargo/bin/cargo"'; \
 		echo 'rustc = "$(HOST_RUST_BIN_DIR)/rustc/bin/rustc"'; \
 		echo 'python = "$(HOST_DIR)/bin/python2"'; \
@@ -61,7 +61,7 @@ define HOST_RUST_CONFIGURE_CMDS
 		echo 'prefix = "$(HOST_DIR)"'; \
 		echo '[rust]'; \
 		echo 'use-jemalloc = $(HOST_RUST_JEMALLOC_ENABLED)'; \
-		echo '[target.$(RUST_TARGET_NAME)]'; \
+		echo '[target.$(RUSTC_TARGET_NAME)]'; \
 		echo 'cc = "$(TARGET_CROSS)gcc"'; \
 		echo $(HOST_RUST_JEMALLOC_CONF); \
 	) > $(@D)/config.toml

package/rustc/Config.in.host

@@ -1,6 +1,5 @@
 config BR2_PACKAGE_HOST_RUSTC_ARCH_SUPPORTS
 	bool
-	depends on BR2_HOSTARCH = "x86_64" || BR2_HOSTARCH = "x86"
 	# The pre-built Rust standard library is only available for the
 	# following architectures/ABIs, and is built against glibc.
 	default y if BR2_i386
@@ -12,6 +11,7 @@ config BR2_PACKAGE_HOST_RUSTC_ARCH_SUPPORTS
 	default y if (BR2_mips64 || BR2_mips64el) && !BR2_MIPS_CPU_MIPS64R6 \
 		&& BR2_MIPS_NABI64
 	depends on BR2_TOOLCHAIN_USES_GLIBC
+	depends on BR2_HOSTARCH = "x86_64" || BR2_HOSTARCH = "x86"
 
 config BR2_PACKAGE_HOST_RUSTC_ARCH
 	string
@@ -76,4 +76,3 @@ config BR2_PACKAGE_PROVIDES_HOST_RUSTC
 	default "host-rust-bin" if BR2_PACKAGE_HOST_RUST_BIN
 
 endif
-

package/rustc/rustc.mk

@@ -7,7 +7,7 @@
 RUSTC_ARCH = $(call qstrip,$(BR2_PACKAGE_HOST_RUSTC_ARCH))
 RUSTC_ABI = $(call qstrip,$(BR2_PACKAGE_HOST_RUSTC_ABI))
 
-RUST_TARGET_NAME = $(RUSTC_ARCH)-unknown-linux-gnu$(RUSTC_ABI)
+RUSTC_TARGET_NAME = $(RUSTC_ARCH)-unknown-linux-gnu$(RUSTC_ABI)
 
 ifeq ($(HOSTARCH),x86)
 RUSTC_HOST_ARCH = i686
@@ -15,6 +15,6 @@ else
 RUSTC_HOST_ARCH = $(HOSTARCH)
 endif
 
-RUST_HOST_NAME = $(RUSTC_HOST_ARCH)-unknown-linux-gnu
+RUSTC_HOST_NAME = $(RUSTC_HOST_ARCH)-unknown-linux-gnu
 
 $(eval $(host-virtual-package))

package/systemd/systemd.mk

@@ -287,10 +287,10 @@ SYSTEMD_CONF_OPTS += -Dnetworkd=false
 endif
 
 ifeq ($(BR2_PACKAGE_SYSTEMD_RESOLVED),y)
-SYSTEMD_CONF_OPTS += -Dresolved=true
+SYSTEMD_CONF_OPTS += -Dresolve=true
 SYSTEMD_RESOLVED_USER = systemd-resolve -1 systemd-resolve -1 * - - - Network Name Resolution Manager
 else
-SYSTEMD_CONF_OPTS += -Dresolved=false
+SYSTEMD_CONF_OPTS += -Dresolve=false
 endif
 
 ifeq ($(BR2_PACKAGE_SYSTEMD_TIMESYNCD),y)

package/tegrarcm/Config.in.host

@@ -2,7 +2,7 @@ config BR2_PACKAGE_HOST_TEGRARCM
 	bool "host tegrarcm"
 	depends on BR2_arm || BR2_armeb
 	help
-	  This program is used to send code to a Tegra device in recovery
-	  mode.
+	  This program is used to send code to a Tegra device in
+	  recovery mode.
 
 	  https://github.com/NVIDIA/tegrarcm

support/dependencies/dependencies.sh

@@ -249,6 +249,14 @@ if grep -q ^BR2_HOSTARCH_NEEDS_IA32_COMPILER=y $BR2_CONFIG ; then
 		echo "For other distributions, refer to their documentation."
 		exit 1
 	fi
+
+	if ! echo "int main(void) {}" | g++ -m32 -x c++ - -o /dev/null 2>/dev/null; then
+		echo
+		echo "Your Buildroot configuration needs a compiler capable of building 32 bits binaries."
+		echo "If you're running a Debian/Ubuntu distribution, install the g++-multilib package."
+		echo "For other distributions, refer to their documentation."
+		exit 1
+	fi
 fi
 
 # Check that the Perl installation is complete enough for Buildroot.

support/docker/Dockerfile

@@ -22,7 +22,7 @@ COPY apt-sources.list /etc/apt/sources.list
 RUN dpkg --add-architecture i386 && \
     apt-get update -y && \
     apt-get install -y --no-install-recommends \
-        build-essential cmake libc6:i386 gcc-multilib \
+        build-essential cmake libc6:i386 g++-multilib \
         bc ca-certificates file locales rsync \
         cvs bzr git mercurial subversion wget \
         cpio unzip \

support/testing/tests/package/test_rust.py

@@ -53,12 +53,6 @@ class TestRustBase(infra.basetest.BRTest):
         self.b.build()
         shutil.rmtree(workdir)
 
-    def test_run(self):
-        self.build_test_prog()
-        self.login()
-        _, exit_code = self.emulator.run(self.crate)
-        self.assertEqual(exit_code, 0)
-
 
 class TestRustBin(TestRustBase):
     config = \
@@ -82,6 +76,12 @@ class TestRustBin(TestRustBase):
              BR2_PACKAGE_HOST_RUSTC=y
              """
 
+    def test_run(self):
+        self.build_test_prog()
+        self.login()
+        _, exit_code = self.emulator.run(self.crate)
+        self.assertEqual(exit_code, 0)
+
 
 class TestRust(TestRustBase):
     config = \
@@ -105,3 +105,9 @@ class TestRust(TestRustBase):
              BR2_PACKAGE_HOST_RUSTC=y
              BR2_PACKAGE_HOST_RUST=y
              """
+
+    def test_run(self):
+        self.build_test_prog()
+        self.login()
+        _, exit_code = self.emulator.run(self.crate)
+        self.assertEqual(exit_code, 0)

utils/genrandconfig

@@ -401,7 +401,8 @@ def gen_config(args):
     subprocess.check_call(["make", "O=%s" % args.outputdir, "-C", args.buildrootdir,
                            "savedefconfig"])
 
-    return 0
+    return subprocess.call(["make", "O=%s" % args.outputdir, "-C", args.buildrootdir,
+                            "core-dependencies"])
 
 
 if __name__ == '__main__':