Update for 2018.02

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
support/tests: enhance the runtime systemd tests
2026-01-11 14:10:13 +03:00 · 2018-03-04 22:28:34 +01:00 · 2018-03-04 21:10:23 +01:00 · 2018-03-04 20:35:30 +01:00 · 2018-03-04 20:34:10 +01:00 · 2018-03-04 18:36:11 +01:00
47 changed files with 641 additions and 91 deletions
--- a/21
+++ b/21
@@ -1,3 +1,24 @@
+2018.02, Released March 4th, 2018
+
+	Fixes all over the tree.
+
+	Issues with systemd with a readonly rootfs and DBus fixed.
+
+	Instructure:
+	- check-uniq-files: fix Python 2.6 compatibility.
+	- dependencies.sh: check for external argparse module for
+	  Python 2.6.
+	- Add infrastructure to detect and use a UTF-8 locale on the
+	  host, needed by systemd.
+
+	Update/fixed packages: clamav, dash, dhcp, dovecot, efl,
+	ffmpeg, libv4l, mono, mosquitto, php, postgresql, qt,
+	scanpypi, sdl2, systemd, tor, tvheadend, uboot, wavpack
+
+	Issues resolved (http://bugs.uclibc.org):
+
+	#10831: qemu_x86_64_defconfig build fails on linux-headers..
+
 2018.02-rc3, Released February 27th, 2018

 	Fixes all over the tree.
--- a/20
+++ b/20
@@ -87,9 +87,9 @@ all:
 .PHONY: all

 # Set and export the version string
-export BR2_VERSION := 2018.02-rc3
+export BR2_VERSION := 2018.02
 # Actual time the release is cut (for reproducible builds)
-BR2_VERSION_EPOCH = 1519768000
+BR2_VERSION_EPOCH = 1520198000

 # Save running make version since it's clobbered by the make package
 RUNNING_MAKE_VERSION := $(MAKE_VERSION)
@@ -363,6 +363,22 @@ ifneq ($(firstword $(HOSTCC_VERSION)),4)
 HOSTCC_VERSION := $(firstword $(HOSTCC_VERSION))
 endif

+ifeq ($(BR2_NEEDS_HOST_UTF8_LOCALE),y)
+# First, we try to use the user's configured locale (as that's the
+# language they'd expect messages to be displayed), then we favour
+# a non language-specific locale like C.UTF-8 if one is available,
+# so we sort with the C locale to get it at the top.
+# This is guaranteed to not be empty, because of the check in
+# support/dependencies/dependencies.sh
+HOST_UTF8_LOCALE := $(shell \
+			( echo $${LC_ALL:-$${LC_MESSAGES:-$${LANG}}}; \
+			  locale -a 2>/dev/null | LC_ALL=C sort \
+			) \
+			| grep -i -E 'utf-?8$$' \
+			| head -n 1)
+HOST_UTF8_LOCALE_ENV := LC_ALL=$(HOST_UTF8_LOCALE)
+endif
+
 # Make sure pkg-config doesn't look outside the buildroot tree
 HOST_PKG_CONFIG_PATH := $(PKG_CONFIG_PATH)
 unexport PKG_CONFIG_PATH
--- a/board/qemu/ppc64le-pseries/readme.txt
+++ b/board/qemu/ppc64le-pseries/readme.txt
@@ -1,8 +1,6 @@
 Run the emulation with:

-qemu-system-ppc64le -M pseries -nographic \
-		-kernel output/images/vmlinux \
-		-initrd output/images/rootfs.ext2
+qemu-system-ppc64 -M pseries -cpu POWER8 -m 256 -kernel output/images/vmlinux -append "console=hvc0 root=/dev/sda" -drive file=output/images/rootfs.ext2,if=scsi,index=0,format=raw -serial stdio -display curses

 The login prompt will appear in the terminal window.

--- a/boot/uboot/uboot.mk
+++ b/boot/uboot/uboot.mk
@@ -131,7 +131,7 @@ endif
 UBOOT_MAKE_OPTS += \
 	CROSS_COMPILE="$(TARGET_CROSS)" \
 	ARCH=$(UBOOT_ARCH) \
-	HOSTCC="$(HOSTCC) $(subst -I/,-idirafter /,$(subst -I /,-idirafter /,$(HOST_CFLAGS)))" \
+	HOSTCC="$(HOSTCC) $(subst -I/,-isystem /,$(subst -I /,-isystem /,$(HOST_CFLAGS)))" \
 	HOSTLDFLAGS="$(HOST_LDFLAGS)"

 ifeq ($(BR2_TARGET_UBOOT_NEEDS_ATF_BL31),y)
--- a/configs/qemu_x86_64_defconfig
+++ b/configs/qemu_x86_64_defconfig
@@ -9,8 +9,8 @@ BR2_TARGET_GENERIC_GETTY_PORT="tty1"
 BR2_TARGET_ROOTFS_EXT2=y
 # BR2_TARGET_ROOTFS_TAR is not set

-# Linux headers same as kernel, a 4.11 series
-BR2_PACKAGE_HOST_LINUX_HEADERS_CUSTOM_4_11=y
+# Linux headers same as kernel, a 4.15 series
+BR2_PACKAGE_HOST_LINUX_HEADERS_CUSTOM_4_15=y

 # Kernel
 BR2_LINUX_KERNEL=y
--- a/docs/website/download.html
+++ b/docs/website/download.html
@@ -8,40 +8,40 @@
    <div class="panel-heading">Download</div>
    <div class="panel-body">

-      <h3 style="text-align: center;">Latest long term support release: <b>2017.02.10</b></h3>
+      <h3 style="text-align: center;">Latest stable / long term support release: <b>2018.02</b></h3>

      <div class="row mt centered">
 	<div class="col-sm-6">
 	  <div class="flip-container center-block" ontouchstart="this.classList.toggle('hover');">
 	    <div class="flipper">
 	      <div class="front">
-		<a href="/downloads/buildroot-2017.02.10.tar.gz"><img src="images/zip.png" width="180" alt=""></a>
+		<a href="/downloads/buildroot-2018.02.tar.gz"><img src="images/zip.png" width="180" alt=""></a>
 	      </div>
 	      <div class="back">
-		<a href="/downloads/buildroot-2017.02.10.tar.gz"><img src="images/zip.png" width="180" alt=""></a>
+		<a href="/downloads/buildroot-2018.02.tar.gz"><img src="images/zip.png" width="180" alt=""></a>
 	      </div>
 	    </div>
 	  </div>
-	  <h3><a href="/downloads/buildroot-2017.02.10.tar.gz">buildroot-2017.02.10.tar.gz</a></h3>
-	  <p><a href="/downloads/buildroot-2017.02.10.tar.gz.sign">PGP signature</a></p>
+	  <h3><a href="/downloads/buildroot-2018.02.tar.gz">buildroot-2018.02.tar.gz</a></h3>
+	  <p><a href="/downloads/buildroot-2018.02.tar.gz.sign">PGP signature</a></p>
 	</div>
 	<div class="col-sm-6">
 	  <div class="flip-container center-block" ontouchstart="this.classList.toggle('hover');">
 	    <div class="flipper">
 	      <div class="front">
-		<a href="/downloads/buildroot-2017.02.10.tar.bz2"><img src="images/package.png" width="180" alt=""></a>
+		<a href="/downloads/buildroot-2018.02.tar.bz2"><img src="images/package.png" width="180" alt=""></a>
 	      </div>
 	      <div class="back">
-		<a href="/downloads/buildroot-2017.02.10.tar.bz2"><img src="images/package.png" width="180" alt=""></a>
+		<a href="/downloads/buildroot-2018.02.tar.bz2"><img src="images/package.png" width="180" alt=""></a>
 	      </div>
 	    </div>
 	  </div>

-	  <h3><a href="/downloads/buildroot-2017.02.10.tar.bz2">buildroot-2017.02.10.tar.bz2</a></h3>
-	  <p><a href="/downloads/buildroot-2017.02.10.tar.bz2.sign">PGP signature</a></p>
+	  <h3><a href="/downloads/buildroot-2018.02.tar.bz2">buildroot-2018.02.tar.bz2</a></h3>
+	  <p><a href="/downloads/buildroot-2018.02.tar.bz2.sign">PGP signature</a></p>
 	</div>
      </div>
-
+<!--
      <h3 style="text-align: center;">Latest stable release: <b>2017.11.2</b></h3>

      <div class="row mt centered">
@@ -109,7 +109,7 @@
 	  <p><a href="/downloads/buildroot-2018.02-rc3.tar.bz2.sign">PGP signature</a></p>
 	</div>
      </div>
-
+-->
      This and earlier releases (and their PGP signatures) can always be downloaded from
      <a href="/downloads/">http://buildroot.net/downloads/</a>.
    </div>
--- a/docs/website/news.html
+++ b/docs/website/news.html
@@ -9,6 +9,27 @@
 <h2>News</h2>
 <ul class="timeline">

+  <li>
+    <div class="timeline-badge"><i class="glyphicon glyphicon-thumbs-up"></i></div>
+    <div class="timeline-panel">
+      <div class="timeline-heading">
+	<h4 class="timeline-title">2018.02 released</h4>
+	<p><small class="text-muted"><i class="glyphicon glyphicon-time"></i>4 March 2018</small></p>
+      </div>
+      <div class="timeline-body">
+	<p>The stable 2018.02 release is out - Thanks to everyone
+	  contributing and testing the release candidates. See the
+	  <a href="http://git.buildroot.net/buildroot/plain/CHANGES?id=2018.02">CHANGES</a>
+	  file for more details
+	  and go to the <a href="/downloads/">downloads page</a> to pick up the
+	  <a href="/downloads/buildroot-2018.02.tar.bz2">2018.02 release</a>.</p>
+
+	  <p>Notice that this is a long term support release which will be
+	  supported with security and other important fixes until February 2019.</p>
+      </div>
+    </div>
+  </li>
+
  <li class="timeline-inverted">
    <div class="timeline-badge"><i class="glyphicon glyphicon-thumbs-up"></i></div>
    <div class="timeline-panel">
--- a/linux/Config.in
+++ b/linux/Config.in
@@ -116,7 +116,7 @@ endif

 config BR2_LINUX_KERNEL_VERSION
 	string
-	default "4.15.6" if BR2_LINUX_KERNEL_LATEST_VERSION
+	default "4.15.7" if BR2_LINUX_KERNEL_LATEST_VERSION
 	default "v4.4.112-cip18" if BR2_LINUX_KERNEL_LATEST_CIP_VERSION
 	default BR2_LINUX_KERNEL_CUSTOM_VERSION_VALUE \
 		if BR2_LINUX_KERNEL_CUSTOM_VERSION
--- a/package/clamav/clamav.hash
+++ b/package/clamav/clamav.hash
@@ -1,5 +1,5 @@
 # Locally calculated
-sha256 00fa5292a6e00a3a4035b826267748965d5d2c4943d8ff417d740238263e8e84  clamav-0.99.3.tar.gz
+sha256 d72ac3273bde8d2e5e28ec9978373ee3ab4529fd868bc3fc4d2d2671228f2461  clamav-0.99.4.tar.gz
 sha256 0c4fd2fa9733fc9122503797648710851e4ee6d9e4969dd33fcbd8c63cd2f584  COPYING
 sha256 d72a145c90918184a05ef65a04c9e6f7466faa59bc1b82c8f6a8ddc7ddcb9bed  COPYING.bzip2
 sha256 dfb818a0d41411c6fb1c193c68b73018ceadd1994bda41ad541cbff292894bc6  COPYING.file
--- a/package/clamav/clamav.mk
+++ b/package/clamav/clamav.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################

-CLAMAV_VERSION = 0.99.3
+CLAMAV_VERSION = 0.99.4
 CLAMAV_SITE = https://www.clamav.net/downloads/production
 CLAMAV_LICENSE = GPL-2.0
 CLAMAV_LICENSE_FILES = COPYING COPYING.bzip2 COPYING.file COPYING.getopt \
--- a/package/dash/0002-histedit-fix-build-with-musl-libc.patch
+++ b/package/dash/0002-histedit-fix-build-with-musl-libc.patch
@@ -0,0 +1,35 @@
+From 2da5b72c704fed10f1b04b5432ac6b078d016fae Mon Sep 17 00:00:00 2001
+From: Baruch Siach <baruch@tkos.co.il>
+Date: Fri, 2 Mar 2018 08:25:36 +0200
+Subject: [PATCH] histedit: fix build with musl libc
+
+musl libc defines the optreset BSD extension only in getopt.h. This
+fixes the following build failure:
+
+histedit.c: In function 'histcmd':
+histedit.c:220:2: error: 'optreset' undeclared (first use in this function)
+  optreset = 1; optind = 1; /* initialize getopt */
+  ^~~~~~~~
+
+Signed-off-by: Baruch Siach <baruch@tkos.co.il>
+---
+Upstream status: https://www.mail-archive.com/dash@vger.kernel.org/msg01389.html
+
+ src/histedit.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/histedit.c b/src/histedit.c
+index 94465d785cc9..f5c90aba873b 100644
+--- a/src/histedit.c
+++ b/src/histedit.c
+@@ -39,6 +39,7 @@
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <unistd.h>
+#include <getopt.h>
+ /*
+  * Editline and history functions (and glue).
+  */
+-- 
+2.16.1
+
--- a/package/dash/dash.mk
+++ b/package/dash/dash.mk
@@ -10,8 +10,9 @@ DASH_LICENSE = BSD-3-Clause, GPL-2.0+ (mksignames.c)
 DASH_LICENSE_FILES = COPYING

 ifeq ($(BR2_PACKAGE_LIBEDIT),y)
-DASH_DEPENDENCIES += libedit
+DASH_DEPENDENCIES += libedit host-pkgconf
 DASH_CONF_OPTS += --with-libedit
+DASH_CONF_ENV += LIBS=`pkg-config --libs libedit`

 # Enable line editing, Emacs style
 define DASH_INSTALL_PROFILE
--- a/package/dhcp/0003-Correct-buffer-overrun-in-pretty_print_option.patch
+++ b/package/dhcp/0003-Correct-buffer-overrun-in-pretty_print_option.patch
@@ -0,0 +1,59 @@
+From b8c29336bd5401a5f962bc6ddfa4ebb6f0274f3c Mon Sep 17 00:00:00 2001
+From: Thomas Markwalder <tmark@isc.org>
+Date: Sat, 10 Feb 2018 12:15:27 -0500
+Subject: [PATCH 1/2] Correct buffer overrun in pretty_print_option
+
+    Merges in rt47139.
+
+[baruch: drop RELNOTES and test; address CVE-2018-5732]
+Signed-off-by: Baruch Siach <baruch@tkos.co.il>
+---
+Upstream status: backported from commit c5931725b48
+---
+ common/options.c | 15 ++++++++++++---
+ 1 file changed, 12 insertions(+), 3 deletions(-)
+
+diff --git a/common/options.c b/common/options.c
+index 5547287fb6e5..2ed6b16c6412 100644
+--- a/common/options.c
+++ b/common/options.c
+@@ -1758,7 +1758,8 @@ format_min_length(format, oc)
+ 
+ 
+ /* Format the specified option so that a human can easily read it. */
+-
+/* Maximum pretty printed size */
+#define MAX_OUTPUT_SIZE 32*1024
+ const char *pretty_print_option (option, data, len, emit_commas, emit_quotes)
+ 	struct option *option;
+ 	const unsigned char *data;
+@@ -1766,8 +1767,9 @@ const char *pretty_print_option (option, data, len, emit_commas, emit_quotes)
+ 	int emit_commas;
+ 	int emit_quotes;
+ {
+-	static char optbuf [32768]; /* XXX */
+-	static char *endbuf = &optbuf[sizeof(optbuf)];
+	/* We add 128 byte pad so we don't have to add checks everywhere. */
+	static char optbuf [MAX_OUTPUT_SIZE + 128]; /* XXX */
+	static char *endbuf = optbuf + MAX_OUTPUT_SIZE;
+ 	int hunksize = 0;
+ 	int opthunk = 0;
+ 	int hunkinc = 0;
+@@ -2193,7 +2195,14 @@ const char *pretty_print_option (option, data, len, emit_commas, emit_quotes)
+ 				log_error ("Unexpected format code %c",
+ 					   fmtbuf [j]);
+ 			}
+
+ 			op += strlen (op);
+			if (op >= endbuf) {
+				log_error ("Option data exceeds"
+					   " maximum size %d", MAX_OUTPUT_SIZE);
+					   return ("<error>");
+			}
+
+ 			if (dp == data + len)
+ 				break;
+ 			if (j + 1 < numelem && comma != ':')
+-- 
+2.16.1
+
--- a/package/dhcp/0004-Corrected-refcnt-loss-in-option-parsing.patch
+++ b/package/dhcp/0004-Corrected-refcnt-loss-in-option-parsing.patch
@@ -0,0 +1,40 @@
+From 93b5b67dd31b9efcbfaabc2df1e1d9d164a5e04a Mon Sep 17 00:00:00 2001
+From: Thomas Markwalder <tmark@isc.org>
+Date: Fri, 9 Feb 2018 14:46:08 -0500
+Subject: [PATCH 2/2] Corrected refcnt loss in option parsing
+
+    Merges in 47140.
+
+[baruch: drop RELNOTES and tests; address CVE-2018-5733]
+Signed-off-by: Baruch Siach <baruch@tkos.co.il>
+---
+Upstream status: backported from commit 197b26f25309
+---
+ common/options.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/common/options.c b/common/options.c
+index 2ed6b16c6412..25b29a6be7bb 100644
+--- a/common/options.c
+++ b/common/options.c
+@@ -3,7 +3,7 @@
+    DHCP options parsing and reassembly. */
+ 
+ /*
+- * Copyright (c) 2004-2017 by Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (c) 2004-2018 by Internet Systems Consortium, Inc. ("ISC")
+  * Copyright (c) 1995-2003 by Internet Software Consortium
+  *
+  * Permission to use, copy, modify, and distribute this software for any
+@@ -177,6 +177,8 @@ int parse_option_buffer (options, buffer, length, universe)
+ 
+ 		/* If the length is outrageous, the options are bad. */
+ 		if (offset + len > length) {
+			/* Avoid reference count overflow */
+			option_dereference(&option, MDL);
+ 			reason = "option length exceeds option buffer length";
+ 		      bogus:
+ 			log_error("parse_option_buffer: malformed option "
+-- 
+2.16.1
+
--- a/package/dovecot/0002-lib-auth-Fix-memory-leak-in-auth_client_request_abor.patch
+++ b/package/dovecot/0002-lib-auth-Fix-memory-leak-in-auth_client_request_abor.patch
@@ -1,33 +0,0 @@
-From 1a29ed2f96da1be22fa5a4d96c7583aa81b8b060 Mon Sep 17 00:00:00 2001
-From: Timo Sirainen <timo.sirainen@dovecot.fi>
-Date: Mon, 18 Dec 2017 16:50:51 +0200
-Subject: [PATCH] lib-auth: Fix memory leak in auth_client_request_abort()
-
-This caused memory leaks when authentication was aborted. For example
-with IMAP:
-
-a AUTHENTICATE PLAIN
-*
-
-Broken by 9137c55411aa39d41c1e705ddc34d5bd26c65021
-
-Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
- src/lib-auth/auth-client-request.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/src/lib-auth/auth-client-request.c b/src/lib-auth/auth-client-request.c
-index 480fb42b3..046f7c307 100644
--- a/src/lib-auth/auth-client-request.c
-+++ b/src/lib-auth/auth-client-request.c
-@@ -186,6 +186,7 @@ void auth_client_request_abort(struct auth_client_request **_request)
- 
- 	auth_client_send_cancel(request->conn->client, request->id);
- 	call_callback(request, AUTH_REQUEST_STATUS_ABORT, NULL, NULL);
-+	pool_unref(&request->pool);
- }
- 
- unsigned int auth_client_request_get_id(struct auth_client_request *request)
-- 
-2.11.0
-
--- a/package/dovecot/dovecot.hash
+++ b/package/dovecot/dovecot.hash
@@ -1,5 +1,5 @@
 # Locally computed after checking signature
-sha256 fe1e3b78609a56ee22fc209077e4b75348fa1bbd54c46f52bde2472a4c4cee84  dovecot-2.2.33.2.tar.gz
+sha256 5e92a4325409e66b343f6aaa67174b8921ce83d0df792c6eeb0b7b7e2c808353  dovecot-2.2.34.tar.gz
 sha256 a363b132e494f662d98c820d1481297e6ae72f194c2c91b6c39e1518b86240a8  COPYING
 sha256 dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551  COPYING.LGPL
 sha256 52b8c95fabb19575281874b661ef7968ea47e8f5d74ba0dd40ce512e52b3fc97  COPYING.MIT
--- a/package/dovecot/dovecot.mk
+++ b/package/dovecot/dovecot.mk
@@ -5,7 +5,7 @@
 ################################################################################

 DOVECOT_VERSION_MAJOR = 2.2
-DOVECOT_VERSION = $(DOVECOT_VERSION_MAJOR).33.2
+DOVECOT_VERSION = $(DOVECOT_VERSION_MAJOR).34
 DOVECOT_SITE = http://www.dovecot.org/releases/$(DOVECOT_VERSION_MAJOR)
 DOVECOT_INSTALL_STAGING = YES
 DOVECOT_LICENSE = LGPL-2.1, MIT, Public Domain, BSD-3-Clause, Unicode-DFS-2015
--- a/package/efl/efl.hash
+++ b/package/efl/efl.hash
@@ -1,2 +1,10 @@
 # From https://download.enlightenment.org/rel/libs/efl/efl-1.20.6.tar.xz.sha256
 sha256	56c67ea77435753a4f324a0a13488ba58f4ed7eb35a97c1a354fdc79c39a32c1	efl-1.20.6.tar.xz
+sha256 d949e42ca8fd48d275c397c5fc2ac34c9b63ada715dcaf1a670e17bb62964341  COMPLIANCE
+sha256 1f0597d326e2fdb54aa2f0caec6d8bb0afb9941ef32475f017ed02ca214fcf37  COPYING
+sha256 781ee841d15835b393bfe7d4c6497dc1b05217479abd40daceaf7aa102a758e1  licenses/COPYING.BSD
+sha256 e60d07dfb2c5264f9f405fa52bf0d4f85429dd9ae1bc2ffcff8af1924ef720d1  licenses/COPYING.FTL
+sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643  licenses/COPYING.GPL
+sha256 89f79ccd2c35ba220ddeba70ee36ca867226c41fc210bc5e7f1e9032c5b16d5f  licenses/COPYING.LGPL
+sha256 2996a1c43ee757f9c997a829d82bdd584052323e73cf02ff8126c6fbd95c2d87  licenses/COPYING.NGINX-MIT
+sha256 48f124212f8fc024392a2d1d011fbb96c7ab8f89c0b72c671c33e9e1cb1d0790  licenses/COPYING.SMALL
--- a/package/efl/efl.mk
+++ b/package/efl/efl.mk
@@ -7,7 +7,7 @@
 EFL_VERSION = 1.20.6
 EFL_SOURCE = efl-$(EFL_VERSION).tar.xz
 EFL_SITE = http://download.enlightenment.org/rel/libs/efl
-EFL_LICENSE = BSD-2-Clause, LGPL-2.1+, GPL-2.0+
+EFL_LICENSE = BSD-2-Clause, LGPL-2.1+, GPL-2.0+, FTL, MIT
 EFL_LICENSE_FILES = \
 	COMPLIANCE \
 	COPYING \
@@ -15,6 +15,7 @@ EFL_LICENSE_FILES = \
 	licenses/COPYING.FTL \
 	licenses/COPYING.GPL \
 	licenses/COPYING.LGPL \
+	licenses/COPYING.NGINX-MIT \
 	licenses/COPYING.SMALL

 EFL_INSTALL_STAGING = YES
--- a/package/ffmpeg/0002-ffmpeg-pthreads.patch
+++ b/package/ffmpeg/0002-ffmpeg-pthreads.patch
@@ -0,0 +1,34 @@
+From patchwork Wed Oct 25 13:32:36 2017
+Content-Type: text/plain; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 7bit
+Subject: [FFmpeg-devel] configure: v4l2_m2m depends on pthreads
+From: Mark Thompson <sw@jkqxz.net>
+X-Patchwork-Id: 5688
+Message-Id: <27e5b360-1210-d550-c8de-a761f8e9f326@jkqxz.net>
+To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
+Date: Wed, 25 Oct 2017 14:32:36 +0100
+
+Fixes build with --disable-pthreads.
+
+Downloaded from upstream patchworks:
+https://patchwork.ffmpeg.org/patch/5688/
+
+Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
+---
+ configure | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/configure b/configure
+index c86e578..76523c8 100755
+--- a/configure
+++ b/configure
+@@ -2780,7 +2780,7 @@ omx_rpi_select="omx"
+ qsvdec_select="qsv"
+ qsvenc_select="qsv"
+ vaapi_encode_deps="vaapi"
+-v4l2_m2m_deps_any="linux_videodev2_h"
+v4l2_m2m_deps="linux_videodev2_h pthreads"
+ 
+ hwupload_cuda_filter_deps="cuda"
+ scale_npp_filter_deps="cuda libnpp"
--- a/package/libv4l/0003-libdvbv5-add-optional-copy-of-TEMP_FAILURE_RETRY-mac.patch
+++ b/package/libv4l/0003-libdvbv5-add-optional-copy-of-TEMP_FAILURE_RETRY-mac.patch
@@ -0,0 +1,39 @@
+From abfe3e7b2b4af1de9b891f3a7a996b70533b0a27 Mon Sep 17 00:00:00 2001
+From: Peter Seiderer <ps.report@gmx.net>
+Date: Sun, 4 Mar 2018 09:07:51 +0100
+Subject: [PATCH] libdvbv5: add optional copy of TEMP_FAILURE_RETRY macro (fix
+ musl compile)
+
+Fixes:
+
+  ../../lib/libdvbv5/.libs/libdvbv5.so: undefined reference to `TEMP_FAILURE_RETRY'
+
+[Upstream: https://www.mail-archive.com/linux-media@vger.kernel.org/msg127134.html]
+Signed-off-by: Peter Seiderer <ps.report@gmx.net>
+---
+ lib/libdvbv5/dvb-dev-local.c | 9 +++++++++
+ 1 file changed, 9 insertions(+)
+
+diff --git a/lib/libdvbv5/dvb-dev-local.c b/lib/libdvbv5/dvb-dev-local.c
+index 8bc99d1..7a76d65 100644
+--- a/lib/libdvbv5/dvb-dev-local.c
+++ b/lib/libdvbv5/dvb-dev-local.c
+@@ -44,6 +44,15 @@
+ # define _(string) string
+ #endif
+ 
+/* taken from glibc unistd.h */
+#ifndef TEMP_FAILURE_RETRY
+#define TEMP_FAILURE_RETRY(expression) \
+    ({ long int __result;                                                     \
+       do __result = (long int) (expression);                                 \
+       while (__result == -1L && errno == EINTR);                             \
+       __result; })
+#endif
+
+ struct dvb_dev_local_priv {
+ 	dvb_dev_change_t notify_dev_change;
+ 
+-- 
+2.16.2
+
--- a/package/linux-headers/Config.in.host
+++ b/package/linux-headers/Config.in.host
@@ -242,12 +242,12 @@ config BR2_DEFAULT_KERNEL_HEADERS
 	string
 	default "3.2.99"	if BR2_KERNEL_HEADERS_3_2
 	default "4.1.49"	if BR2_KERNEL_HEADERS_4_1
-	default "4.4.118"	if BR2_KERNEL_HEADERS_4_4
-	default "4.9.84"	if BR2_KERNEL_HEADERS_4_9
+	default "4.4.119"	if BR2_KERNEL_HEADERS_4_4
+	default "4.9.86"	if BR2_KERNEL_HEADERS_4_9
 	default "4.10.17"	if BR2_KERNEL_HEADERS_4_10
 	default "4.11.12"	if BR2_KERNEL_HEADERS_4_11
 	default "4.12.14"	if BR2_KERNEL_HEADERS_4_12
 	default "4.13.16"	if BR2_KERNEL_HEADERS_4_13
-	default "4.14.22"	if BR2_KERNEL_HEADERS_4_14
-	default "4.15.6"	if BR2_KERNEL_HEADERS_4_15
+	default "4.14.24"	if BR2_KERNEL_HEADERS_4_14
+	default "4.15.7"	if BR2_KERNEL_HEADERS_4_15
 	default BR2_DEFAULT_KERNEL_VERSION if BR2_KERNEL_HEADERS_VERSION
--- a/package/mono/Config.in
+++ b/package/mono/Config.in
@@ -1,5 +1,11 @@
+config BR2_PACKAGE_HOST_MONO_ARCH_SUPPORTS
+	bool
+	default y if BR2_HOSTARCH = "x86_64"
+	default y if BR2_HOSTARCH = "x86"
+
 config BR2_PACKAGE_MONO_ARCH_SUPPORTS
 	bool
+	depends on BR2_PACKAGE_HOST_MONO_ARCH_SUPPORTS
 	default y if (BR2_arm || BR2_armeb || BR2_i386 || BR2_mips || \
 		      BR2_mipsel || BR2_powerpc || BR2_x86_64)

--- a/package/mosquitto/0001-websockets.c-unbreak-build-without-TLS.patch
+++ b/package/mosquitto/0001-websockets.c-unbreak-build-without-TLS.patch
@@ -0,0 +1,49 @@
+From 4822aa97da80a86033ec6e4a8b2f4ad0911235cf Mon Sep 17 00:00:00 2001
+From: Peter Korsgaard <peter@korsgaard.com>
+Date: Sat, 3 Mar 2018 11:04:47 +0100
+Subject: [PATCH] websockets.c: unbreak build without TLS
+
+Commit 7943072b1f3b (Fix use_identity_as_username not working on websockets
+clients) added code which unconditionally accesses mosq-ssl, breaking the
+build when TLS support is disabled.
+
+Fix it by guarding this logic inside #ifdef WITH_TLS.
+
+[Upstream: https://dev.eclipse.org/mhonarc/lists/mosquitto-dev/msg01813.html]
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+---
+ src/websockets.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/src/websockets.c b/src/websockets.c
+index d4d7961..a796f0a 100644
+--- a/src/websockets.c
+++ b/src/websockets.c
+@@ -201,12 +201,14 @@ static int callback_mqtt(struct libwebsocket_context *context,
+ 				mosq->ws_context = context;
+ #endif
+ 				mosq->wsi = wsi;
+#ifdef WITH_TLS
+ 				if(in){
+ 					mosq->ssl = (SSL *)in;
+ 					if(!mosq->listener->ssl_ctx){
+ 						mosq->listener->ssl_ctx = SSL_get_SSL_CTX(mosq->ssl);
+ 					}
+ 				}
+#endif
+ 				u->mosq = mosq;
+ 			}else{
+ 				return -1;
+@@ -240,7 +242,9 @@ static int callback_mqtt(struct libwebsocket_context *context,
+ 					mosq->pollfd_index = -1;
+ 				}
+ 				mosq->wsi = NULL;
+#ifdef WITH_TLS
+ 				mosq->ssl = NULL;
+#endif
+ 				do_disconnect(db, mosq);
+ 			}
+ 			break;
+-- 
+2.11.0
+
--- a/package/mosquitto/mosquitto.hash
+++ b/package/mosquitto/mosquitto.hash
@@ -1,5 +1,5 @@
-# From http://www.eclipse.org/downloads/download.php?file=/mosquitto/source/mosquitto-1.4.14.tar.gz
-sha512 dc75a971354f87deeb79f32435acfae9bc561a1a24a75ee4940a35176ff91758071930d2105d8dee2a090e07527dbfaa5692bece67e03cc87e8b4b8b46f846c2  mosquitto-1.4.14.tar.gz
+# Locally calculated after checking gpg signature
+sha256 7d3b3e245a3b4ec94b05678c8199c806359737949f4cfe0bf936184f6ca89a83  mosquitto-1.4.15.tar.gz

 # License files
 sha256 cc77e25bafd40637b7084f04086d606f0a200051b61806f97c93405926670bc1  LICENSE.txt
--- a/package/mosquitto/mosquitto.mk
+++ b/package/mosquitto/mosquitto.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################

-MOSQUITTO_VERSION = 1.4.14
+MOSQUITTO_VERSION = 1.4.15
 MOSQUITTO_SITE = https://mosquitto.org/files/source
 MOSQUITTO_LICENSE = EPL-1.0 or EDLv1.0
 MOSQUITTO_LICENSE_FILES = LICENSE.txt epl-v10 edl-v10
--- a/package/php/php.hash
+++ b/package/php/php.hash
@@ -1,5 +1,5 @@
 # From http://php.net/downloads.php
-sha256 47d7607d38a1d565fc43ea942c92229a7cd165f156737f210937e375b243cb11  php-7.2.2.tar.xz
+sha256 b3a94f1b562f413c0b96f54bc309706d83b29ac65d9b172bc7ed9fb40a5e651f  php-7.2.3.tar.xz

 # License file
 sha256 00e567a8d50359d93ee1f9afdd9511277660c1e70a0cbf3229f84403aa9aebb1  LICENSE
--- a/package/php/php.mk
+++ b/package/php/php.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################

-PHP_VERSION = 7.2.2
+PHP_VERSION = 7.2.3
 PHP_SITE = http://www.php.net/distributions
 PHP_SOURCE = php-$(PHP_VERSION).tar.xz
 PHP_INSTALL_STAGING = YES
--- a/package/postgresql/postgresql.hash
+++ b/package/postgresql/postgresql.hash
@@ -1,5 +1,5 @@
-# From https://ftp.postgresql.org/pub/source/v10.2/postgresql-10.2.tar.bz2.sha256
-sha256	fe32009b62ddb97f7f014307ce9d0edb6972f5a698e63cb531088e147d145bad	postgresql-10.2.tar.bz2
+# From https://ftp.postgresql.org/pub/source/v10.3/postgresql-10.3.tar.bz2.sha256
+sha256	6ea268780ee35e88c65cdb0af7955ad90b7d0ef34573867f223f14e43467931a	postgresql-10.3.tar.bz2

 # License file, Locally calculated
 sha256	24cfc70cf16b3a23242c49ffce39510683bdd48cbedb8a46fe03976ee5f5c21e	COPYRIGHT
--- a/package/postgresql/postgresql.mk
+++ b/package/postgresql/postgresql.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################

-POSTGRESQL_VERSION = 10.2
+POSTGRESQL_VERSION = 10.3
 POSTGRESQL_SOURCE = postgresql-$(POSTGRESQL_VERSION).tar.bz2
 POSTGRESQL_SITE = http://ftp.postgresql.org/pub/source/v$(POSTGRESQL_VERSION)
 POSTGRESQL_LICENSE = PostgreSQL
--- a/package/qt/Config.in
+++ b/package/qt/Config.in
@@ -3,7 +3,7 @@ comment "qt needs a toolchain w/ C++, threads"
 	depends on !BR2_INSTALL_LIBSTDCPP || !BR2_TOOLCHAIN_HAS_THREADS

 menuconfig BR2_PACKAGE_QT
-	bool "Qt"
+	bool "Qt (obsolete)"
 	depends on BR2_USE_MMU # fork
 	depends on BR2_INSTALL_LIBSTDCPP
 	depends on BR2_TOOLCHAIN_HAS_THREADS
--- a/package/sdl2/sdl2.mk
+++ b/package/sdl2/sdl2.mk
@@ -38,7 +38,7 @@ else
 SDL2_CONF_OPTS += --disable-video-directfb
 endif

-ifeq ($(BR2_PACKAGE_RPI_USERLAND),y)
+ifeq ($(BR2_PACKAGE_SDL2_OPENGLES)$(BR2_PACKAGE_RPI_USERLAND),yy)
 SDL2_DEPENDENCIES += rpi-userland
 SDL2_CONF_OPTS += --enable-video-rpi
 else
--- a/package/skeleton-init-systemd/skeleton-init-systemd.mk
+++ b/package/skeleton-init-systemd/skeleton-init-systemd.mk
@@ -19,7 +19,6 @@ ifeq ($(BR2_TARGET_GENERIC_REMOUNT_ROOTFS_RW),y)

 define SKELETON_INIT_SYSTEMD_ROOT_RO_OR_RW
 	echo "/dev/root / auto rw 0 1" >$(TARGET_DIR)/etc/fstab
-	mkdir -p $(TARGET_DIR)/var
 endef

 else
@@ -31,16 +30,18 @@ else
 # back there by the tmpfiles.d mechanism.
 define SKELETON_INIT_SYSTEMD_ROOT_RO_OR_RW
 	mkdir -p $(TARGET_DIR)/etc/systemd/tmpfiles.d
-	mkdir -p $(TARGET_DIR)/usr/share/factory/var
-	ln -s usr/share/factory/var $(TARGET_DIR)/var
 	echo "/dev/root / auto ro 0 1" >$(TARGET_DIR)/etc/fstab
 	echo "tmpfs /var tmpfs mode=1777 0 0" >>$(TARGET_DIR)/etc/fstab
 endef

 define SKELETON_INIT_SYSTEMD_PRE_ROOTFS_VAR
-	rm -f $(TARGET_DIR)/var
-	mkdir $(TARGET_DIR)/var
-	for i in $(TARGET_DIR)/usr/share/factory/var/*; do \
+	rm -rf $(TARGET_DIR)/usr/share/factory/var
+	mv $(TARGET_DIR)/var $(TARGET_DIR)/usr/share/factory/var
+	mkdir -p $(TARGET_DIR)/var
+	for i in $(TARGET_DIR)/usr/share/factory/var/* \
+		 $(TARGET_DIR)/usr/share/factory/var/lib/* \
+		 $(TARGET_DIR)/usr/share/factory/var/lib/systemd/*; do \
+		[ -e "$${i}" ] || continue; \
 		j="$${i#$(TARGET_DIR)/usr/share/factory}"; \
 		if [ -L "$${i}" ]; then \
 			printf "L+! %s - - - - %s\n" \
@@ -56,7 +57,7 @@ SKELETON_INIT_SYSTEMD_ROOTFS_PRE_CMD_HOOKS += SKELETON_INIT_SYSTEMD_PRE_ROOTFS_V

 define SKELETON_INIT_SYSTEMD_POST_ROOTFS_VAR
 	rm -rf $(TARGET_DIR)/var
-	ln -s usr/share/factory/var $(TARGET_DIR)/var
+	mv $(TARGET_DIR)/usr/share/factory/var $(TARGET_DIR)/var
 endef
 SKELETON_INIT_SYSTEMD_ROOTFS_POST_CMD_HOOKS += SKELETON_INIT_SYSTEMD_POST_ROOTFS_VAR

@@ -65,6 +66,8 @@ endif
 define SKELETON_INIT_SYSTEMD_INSTALL_TARGET_CMDS
 	mkdir -p $(TARGET_DIR)/home
 	mkdir -p $(TARGET_DIR)/srv
+	mkdir -p $(TARGET_DIR)/var
+	ln -s ../run $(TARGET_DIR)/var/run
 	$(SKELETON_INIT_SYSTEMD_ROOT_RO_OR_RW)
 endef

--- a/package/systemd/Config.in
+++ b/package/systemd/Config.in
@@ -27,6 +27,7 @@ menuconfig BR2_PACKAGE_SYSTEMD
 	select BR2_PACKAGE_BUSYBOX_SHOW_OTHERS # kmod-tools
 	select BR2_PACKAGE_KMOD_TOOLS
 	select BR2_TARGET_TZ_INFO
+	select BR2_NEEDS_HOST_UTF8_LOCALE
 	help
 	  systemd is a system and service manager for Linux,
 	  compatible with SysV and LSB init scripts. systemd provides
--- a/package/systemd/systemd.hash
+++ b/package/systemd/systemd.hash
@@ -2,4 +2,4 @@
 sha256	c83dabbe1c9de6b9db1dafdb7e04140c7d0535705c68842f6c0768653ba4913c	systemd-237.tar.gz
 sha256	ab15fd526bd8dd18a9e77ebc139656bf4d33e97fc7238cd11bf60e2b9b8666c6	LICENSE.GPL2
 sha256	dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551	LICENSE.LGPL2.1
-sha256	f6a739f5ee7f10df6467021066038297c0150ff680db9a4b9f60da53b11aa560	README
+sha256	9c7709aa401a41c4c3f33ea75c34ae5d5354d62c310c3391c2a5958952d8aadd	README
--- a/package/systemd/systemd.mk
+++ b/package/systemd/systemd.mk
@@ -343,6 +343,8 @@ SYSTEMD_POST_INSTALL_TARGET_HOOKS += \
 define SYSTEMD_USERS
 	- - input -1 * - - - Input device group
 	- - systemd-journal -1 * - - - Journal
+	- - render -1 * - - - DRI rendering nodes
+	- - kvm -1 * - - - kvm nodes
 	systemd-bus-proxy -1 systemd-bus-proxy -1 * - - - Proxy D-Bus messages to/from a bus
 	systemd-journal-gateway -1 systemd-journal-gateway -1 * /var/log/journal - - Journal Gateway
 	systemd-journal-remote -1 systemd-journal-remote -1 * /var/log/journal/remote - - Journal Remote
@@ -385,23 +387,25 @@ endef

 SYSTEMD_NINJA_OPTS = $(if $(VERBOSE),-v) -j$(PARALLEL_JOBS)

+SYSTEMD_ENV = $(TARGET_MAKE_ENV) $(HOST_UTF8_LOCALE_ENV)
+
 define SYSTEMD_CONFIGURE_CMDS
 	rm -rf $(@D)/build
 	mkdir -p $(@D)/build
-	$(TARGET_MAKE_ENV) meson $(SYSTEMD_CONF_OPTS) $(@D) $(@D)/build
+	$(SYSTEMD_ENV) meson $(SYSTEMD_CONF_OPTS) $(@D) $(@D)/build
 endef

 define SYSTEMD_BUILD_CMDS
-	$(TARGET_MAKE_ENV) ninja $(SYSTEMD_NINJA_OPTS) -C $(@D)/build
+	$(SYSTEMD_ENV) ninja $(SYSTEMD_NINJA_OPTS) -C $(@D)/build
 endef

 define SYSTEMD_INSTALL_TARGET_CMDS
-	$(TARGET_MAKE_ENV) DESTDIR=$(TARGET_DIR) ninja $(SYSTEMD_NINJA_OPTS) \
+	$(SYSTEMD_ENV) DESTDIR=$(TARGET_DIR) ninja $(SYSTEMD_NINJA_OPTS) \
 		-C $(@D)/build install
 endef

 define SYSTEMD_INSTALL_STAGING_CMDS
-	$(TARGET_MAKE_ENV) DESTDIR=$(STAGING_DIR) ninja $(SYSTEMD_NINJA_OPTS) \
+	$(SYSTEMD_ENV) DESTDIR=$(STAGING_DIR) ninja $(SYSTEMD_NINJA_OPTS) \
 		-C $(@D)/build install
 endef

--- a/package/tor/tor.hash
+++ b/package/tor/tor.hash
@@ -1,3 +1,3 @@
 # Locally computed
-sha256 6e1b04f7890e782fd56014a0de5075e4ab29b52a35d8bca1f6b80c93f58f3d26  tor-0.3.1.9.tar.gz
+sha256 c0e1a71e8e079ddd7951f846bcbd79d5e716b602faa5b890c70762fe95cd04e0  tor-0.3.1.10.tar.gz
 sha256 f9a4f724d8037711dde7d3f1d17094fb7d211545b3a3bbb1b03e769e13ca5608  LICENSE
--- a/package/tor/tor.mk
+++ b/package/tor/tor.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################

-TOR_VERSION = 0.3.1.9
+TOR_VERSION = 0.3.1.10
 TOR_SITE = https://dist.torproject.org
 TOR_LICENSE = BSD-3-Clause
 TOR_LICENSE_FILES = LICENSE
--- a/package/tvheadend/Config.in
+++ b/package/tvheadend/Config.in
@@ -1,10 +1,12 @@
 comment "tvheadend needs a toolchain w/ NPTL, headers >= 3.2, dynamic library"
+	depends on !BR2_microblazeel
 	depends on !BR2_TOOLCHAIN_HAS_THREADS_NPTL || \
 		!BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_2 || BR2_STATIC_LIBS
 	depends on BR2_TOOLCHAIN_HAS_SYNC_4

 config BR2_PACKAGE_TVHEADEND
 	bool "tvheadend"
+	depends on !BR2_microblazeel # assertion failure in binutils
 	depends on !BR2_STATIC_LIBS # dladdr()
 	depends on BR2_TOOLCHAIN_HAS_THREADS_NPTL
 	depends on BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_2
--- a/package/wavpack/0002-issue-27-do-not-overwrite-stack-on-corrupt-RF64-file.patch
+++ b/package/wavpack/0002-issue-27-do-not-overwrite-stack-on-corrupt-RF64-file.patch
@@ -0,0 +1,118 @@
+From d5bf76b5a88d044a1be1d5656698e3ba737167e5 Mon Sep 17 00:00:00 2001
+From: David Bryant <david@wavpack.com>
+Date: Sun, 4 Feb 2018 11:28:15 -0800
+Subject: [PATCH] issue #27, do not overwrite stack on corrupt RF64 file
+
+Fixes CVE-2018-6767
+
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+---
+ cli/riff.c | 39 ++++++++++++++++++++++++++++++++-------
+ 1 file changed, 32 insertions(+), 7 deletions(-)
+
+diff --git a/cli/riff.c b/cli/riff.c
+index 8b1af45..de98c1e 100644
+--- a/cli/riff.c
+++ b/cli/riff.c
+@@ -42,6 +42,7 @@ typedef struct {
+ 
+ #pragma pack(pop)
+ 
+#define CS64ChunkFormat "4D"
+ #define DS64ChunkFormat "DDDL"
+ 
+ #define WAVPACK_NO_ERROR    0
+@@ -101,13 +102,13 @@ int ParseRiffHeaderConfig (FILE *infile, char *infilename, char *fourcc, Wavpack
+ 
+         if (!strncmp (chunk_header.ckID, "ds64", 4)) {
+             if (chunk_header.ckSize < sizeof (DS64Chunk) ||
+-                !DoReadFile (infile, &ds64_chunk, chunk_header.ckSize, &bcount) ||
+-                bcount != chunk_header.ckSize) {
+                !DoReadFile (infile, &ds64_chunk, sizeof (DS64Chunk), &bcount) ||
+                bcount != sizeof (DS64Chunk)) {
+                     error_line ("%s is not a valid .WAV file!", infilename);
+                     return WAVPACK_SOFT_ERROR;
+             }
+             else if (!(config->qmode & QMODE_NO_STORE_WRAPPER) &&
+-                !WavpackAddWrapper (wpc, &ds64_chunk, chunk_header.ckSize)) {
+                !WavpackAddWrapper (wpc, &ds64_chunk, sizeof (DS64Chunk))) {
+                     error_line ("%s", WavpackGetErrorMessage (wpc));
+                     return WAVPACK_SOFT_ERROR;
+             }
+@@ -315,10 +316,11 @@ int ParseRiffHeaderConfig (FILE *infile, char *infilename, char *fourcc, Wavpack
+ 
+ int WriteRiffHeader (FILE *outfile, WavpackContext *wpc, int64_t total_samples, int qmode)
+ {
+-    int do_rf64 = 0, write_junk = 1;
+    int do_rf64 = 0, write_junk = 1, table_length = 0;
+     ChunkHeader ds64hdr, datahdr, fmthdr;
+     RiffChunkHeader riffhdr;
+     DS64Chunk ds64_chunk;
+    CS64Chunk cs64_chunk;
+     JunkChunk junkchunk;
+     WaveHeader wavhdr;
+     uint32_t bcount;
+@@ -380,6 +382,7 @@ int WriteRiffHeader (FILE *outfile, WavpackContext *wpc, int64_t total_samples,
+     strncpy (riffhdr.formType, "WAVE", sizeof (riffhdr.formType));
+     total_riff_bytes = sizeof (riffhdr) + wavhdrsize + sizeof (datahdr) + ((total_data_bytes + 1) & ~(int64_t)1);
+     if (do_rf64) total_riff_bytes += sizeof (ds64hdr) + sizeof (ds64_chunk);
+    total_riff_bytes += table_length * sizeof (CS64Chunk);
+     if (write_junk) total_riff_bytes += sizeof (junkchunk);
+     strncpy (fmthdr.ckID, "fmt ", sizeof (fmthdr.ckID));
+     strncpy (datahdr.ckID, "data", sizeof (datahdr.ckID));
+@@ -394,11 +397,12 @@ int WriteRiffHeader (FILE *outfile, WavpackContext *wpc, int64_t total_samples,
+ 
+     if (do_rf64) {
+         strncpy (ds64hdr.ckID, "ds64", sizeof (ds64hdr.ckID));
+-        ds64hdr.ckSize = sizeof (ds64_chunk);
+        ds64hdr.ckSize = sizeof (ds64_chunk) + (table_length * sizeof (CS64Chunk));
+         CLEAR (ds64_chunk);
+         ds64_chunk.riffSize64 = total_riff_bytes;
+         ds64_chunk.dataSize64 = total_data_bytes;
+         ds64_chunk.sampleCount64 = total_samples;
+        ds64_chunk.tableLength = table_length;
+         riffhdr.ckSize = (uint32_t) -1;
+         datahdr.ckSize = (uint32_t) -1;
+         WavpackNativeToLittleEndian (&ds64hdr, ChunkHeaderFormat);
+@@ -409,6 +413,14 @@ int WriteRiffHeader (FILE *outfile, WavpackContext *wpc, int64_t total_samples,
+         datahdr.ckSize = (uint32_t) total_data_bytes;
+     }
+ 
+    // this "table" is just a dummy placeholder for testing (normally not written)
+
+    if (table_length) {
+        strncpy (cs64_chunk.ckID, "dmmy", sizeof (cs64_chunk.ckID));
+        cs64_chunk.chunkSize64 = 12345678;
+        WavpackNativeToLittleEndian (&cs64_chunk, CS64ChunkFormat);
+    }
+
+     // write the RIFF chunks up to just before the data starts
+ 
+     WavpackNativeToLittleEndian (&riffhdr, ChunkHeaderFormat);
+@@ -418,8 +430,21 @@ int WriteRiffHeader (FILE *outfile, WavpackContext *wpc, int64_t total_samples,
+ 
+     if (!DoWriteFile (outfile, &riffhdr, sizeof (riffhdr), &bcount) || bcount != sizeof (riffhdr) ||
+         (do_rf64 && (!DoWriteFile (outfile, &ds64hdr, sizeof (ds64hdr), &bcount) || bcount != sizeof (ds64hdr))) ||
+-        (do_rf64 && (!DoWriteFile (outfile, &ds64_chunk, sizeof (ds64_chunk), &bcount) || bcount != sizeof (ds64_chunk))) ||
+-        (write_junk && (!DoWriteFile (outfile, &junkchunk, sizeof (junkchunk), &bcount) || bcount != sizeof (junkchunk))) ||
+        (do_rf64 && (!DoWriteFile (outfile, &ds64_chunk, sizeof (ds64_chunk), &bcount) || bcount != sizeof (ds64_chunk)))) {
+            error_line ("can't write .WAV data, disk probably full!");
+            return FALSE;
+    }
+
+    // again, this is normally not written except for testing
+
+    while (table_length--)
+        if (!DoWriteFile (outfile, &cs64_chunk, sizeof (cs64_chunk), &bcount) || bcount != sizeof (cs64_chunk)) {
+            error_line ("can't write .WAV data, disk probably full!");
+            return FALSE;
+        }
+
+
+    if ((write_junk && (!DoWriteFile (outfile, &junkchunk, sizeof (junkchunk), &bcount) || bcount != sizeof (junkchunk))) ||
+         !DoWriteFile (outfile, &fmthdr, sizeof (fmthdr), &bcount) || bcount != sizeof (fmthdr) ||
+         !DoWriteFile (outfile, &wavhdr, wavhdrsize, &bcount) || bcount != wavhdrsize ||
+         !DoWriteFile (outfile, &datahdr, sizeof (datahdr), &bcount) || bcount != sizeof (datahdr)) {
+-- 
+2.11.0
+
--- a/package/wavpack/0003-issue-28-do-not-overwrite-heap-on-corrupt-DSDIFF-fil.patch
+++ b/package/wavpack/0003-issue-28-do-not-overwrite-heap-on-corrupt-DSDIFF-fil.patch
@@ -0,0 +1,38 @@
+From 36a24c7881427d2e1e4dc1cef58f19eee0d13aec Mon Sep 17 00:00:00 2001
+From: David Bryant <david@wavpack.com>
+Date: Sat, 10 Feb 2018 16:01:39 -0800
+Subject: [PATCH] issue #28, do not overwrite heap on corrupt DSDIFF file
+
+Fixes CVE-2018-7253
+
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+---
+ cli/dsdiff.c | 12 +++++++++++-
+ 1 file changed, 11 insertions(+), 1 deletion(-)
+
+diff --git a/cli/dsdiff.c b/cli/dsdiff.c
+index 410dc1c..c016df9 100644
+--- a/cli/dsdiff.c
+++ b/cli/dsdiff.c
+@@ -153,7 +153,17 @@ int ParseDsdiffHeaderConfig (FILE *infile, char *infilename, char *fourcc, Wavpa
+                 error_line ("dsdiff file version = 0x%08x", version);
+         }
+         else if (!strncmp (dff_chunk_header.ckID, "PROP", 4)) {
+-            char *prop_chunk = malloc ((size_t) dff_chunk_header.ckDataSize);
+            char *prop_chunk;
+
+            if (dff_chunk_header.ckDataSize < 4 || dff_chunk_header.ckDataSize > 1024) {
+                error_line ("%s is not a valid .DFF file!", infilename);
+                return WAVPACK_SOFT_ERROR;
+            }
+
+            if (debug_logging_mode)
+                error_line ("got PROP chunk of %d bytes total", (int) dff_chunk_header.ckDataSize);
+
+            prop_chunk = malloc ((size_t) dff_chunk_header.ckDataSize);
+ 
+             if (!DoReadFile (infile, prop_chunk, (uint32_t) dff_chunk_header.ckDataSize, &bcount) ||
+                 bcount != dff_chunk_header.ckDataSize) {
+-- 
+2.11.0
+
--- a/package/wavpack/0004-issue-28-fix-buffer-overflows-and-bad-allocs-on-corr.patch
+++ b/package/wavpack/0004-issue-28-fix-buffer-overflows-and-bad-allocs-on-corr.patch
@@ -0,0 +1,72 @@
+From 8e3fe45a7bac31d9a3b558ae0079e2d92a04799e Mon Sep 17 00:00:00 2001
+From: David Bryant <david@wavpack.com>
+Date: Sun, 11 Feb 2018 16:37:47 -0800
+Subject: [PATCH] issue #28, fix buffer overflows and bad allocs on corrupt CAF
+ files
+
+Fixes CVE-2018-7254
+
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+---
+ cli/caff.c | 30 +++++++++++++++++++++++-------
+ 1 file changed, 23 insertions(+), 7 deletions(-)
+
+diff --git a/cli/caff.c b/cli/caff.c
+index ae57c4b..6248a71 100644
+--- a/cli/caff.c
+++ b/cli/caff.c
+@@ -89,8 +89,8 @@ typedef struct
+ 
+ #define CAFChannelDescriptionFormat "LLLLL"
+ 
+-static const char TMH_full [] = { 1,2,3,13,9,10,5,6,12,14,15,16,17,9,4,18,7,8,19,20,21 };
+-static const char TMH_std [] = { 1,2,3,11,8,9,5,6,10,12,13,14,15,7,4,16 };
+static const char TMH_full [] = { 1,2,3,13,9,10,5,6,12,14,15,16,17,9,4,18,7,8,19,20,21,0 };
+static const char TMH_std [] = { 1,2,3,11,8,9,5,6,10,12,13,14,15,7,4,16,0 };
+ 
+ static struct {
+     uint32_t mChannelLayoutTag;     // Core Audio layout, 100 - 146 in high word, num channels in low word
+@@ -274,10 +274,19 @@ int ParseCaffHeaderConfig (FILE *infile, char *infilename, char *fourcc, Wavpack
+             }
+         }
+         else if (!strncmp (caf_chunk_header.mChunkType, "chan", 4)) {
+-            CAFChannelLayout *caf_channel_layout = malloc ((size_t) caf_chunk_header.mChunkSize);
+            CAFChannelLayout *caf_channel_layout;
+ 
+-            if (caf_chunk_header.mChunkSize < sizeof (CAFChannelLayout) ||
+-                !DoReadFile (infile, caf_channel_layout, (uint32_t) caf_chunk_header.mChunkSize, &bcount) ||
+            if (caf_chunk_header.mChunkSize < sizeof (CAFChannelLayout) || caf_chunk_header.mChunkSize > 1024) {
+                error_line ("this .CAF file has an invalid 'chan' chunk!");
+                return WAVPACK_SOFT_ERROR;
+            }
+
+            if (debug_logging_mode)
+                error_line ("'chan' chunk is %d bytes", (int) caf_chunk_header.mChunkSize);
+
+            caf_channel_layout = malloc ((size_t) caf_chunk_header.mChunkSize);
+
+            if (!DoReadFile (infile, caf_channel_layout, (uint32_t) caf_chunk_header.mChunkSize, &bcount) ||
+                 bcount != caf_chunk_header.mChunkSize) {
+                     error_line ("%s is not a valid .CAF file!", infilename);
+                     free (caf_channel_layout);
+@@ -495,8 +504,15 @@ int ParseCaffHeaderConfig (FILE *infile, char *infilename, char *fourcc, Wavpack
+         }
+         else {          // just copy unknown chunks to output file
+ 
+-            int bytes_to_copy = (uint32_t) caf_chunk_header.mChunkSize;
+-            char *buff = malloc (bytes_to_copy);
+            uint32_t bytes_to_copy = (uint32_t) caf_chunk_header.mChunkSize;
+            char *buff;
+
+            if (caf_chunk_header.mChunkSize < 0 || caf_chunk_header.mChunkSize > 1048576) {
+                error_line ("%s is not a valid .CAF file!", infilename);
+                return WAVPACK_SOFT_ERROR;
+            }
+
+            buff = malloc (bytes_to_copy);
+ 
+             if (debug_logging_mode)
+                 error_line ("extra unknown chunk \"%c%c%c%c\" of %d bytes",
+-- 
+2.11.0
+
--- a/support/dependencies/dependencies.sh
+++ b/support/dependencies/dependencies.sh
@@ -200,7 +200,7 @@ if grep ^BR2_NEEDS_HOST_UTF8_LOCALE=y $BR2_CONFIG > /dev/null; then
 		echo "You need locale support on your build machine to build a toolchain supporting locales"
 		exit 1 ;
 	fi
-	if ! locale -a | grep -q -i utf8$ ; then
+	if ! locale -a | grep -q -i -E 'utf-?8$' ; then
 		echo
 		echo "You need at least one UTF8 locale to build a toolchain supporting locales"
 		exit 1 ;
@@ -288,3 +288,8 @@ if [ -n "$missing_perl_modules" ] ; then
 	echo
 	exit 1
 fi
+
+if ! python -c "import argparse" > /dev/null 2>&1 ; then
+	echo "Your Python installation is not complete enough: argparse module is missing"
+	exit 1
+fi
--- a/support/misc/Vagrantfile
+++ b/support/misc/Vagrantfile
@@ -5,7 +5,7 @@
 ################################################################################

 # Buildroot version to use
-RELEASE='2017.11'
+RELEASE='2018.02'

 ### Change here for more memory/cores ###
 VM_MEMORY=2048
--- a/support/scripts/check-uniq-files
+++ b/support/scripts/check-uniq-files
@@ -5,7 +5,7 @@ import csv
 import argparse
 from collections import defaultdict

-warn = 'Warning: {} file "{}" is touched by more than one package: {}\n'
+warn = 'Warning: {0} file "{1}" is touched by more than one package: {2}\n'


 def main():
--- a/support/testing/tests/init/test_systemd.py
+++ b/support/testing/tests/init/test_systemd.py
@@ -21,6 +21,18 @@ class InitSystemSystemdBase(InitSystemBase):
    def check_init(self):
        super(InitSystemSystemdBase, self).check_init("/lib/systemd/systemd")

+        # Test all units are OK
+        output, _ = self.emulator.run("systemctl --no-pager --failed --no-legend")
+        self.assertEqual(len(output), 0)
+
+        # Test we can reach the DBus daemon
+        _, exit_code = self.emulator.run("busctl --no-pager")
+        self.assertEqual(exit_code, 0)
+
+        # Test we can read at least one line from the journal
+        output, _ = self.emulator.run("journalctl --no-pager --lines 1 --quiet")
+        self.assertEqual(len(output), 1)
+

 class TestInitSystemSystemdRoNetworkd(InitSystemSystemdBase):
    config = InitSystemSystemdBase.config + \
--- a/utils/scanpypi
+++ b/utils/scanpypi
@@ -207,7 +207,7 @@ class BuildrootPackage():
        else:
            if download.__class__ == urllib2.HTTPError:
                raise download
-            raise DownloadFailed('Failed to downloas package {pkg}'
+            raise DownloadFailed('Failed to download package {pkg}'
                                 .format(pkg=self.real_name))
        self.filename = self.used_url['filename']
        self.url = self.used_url['url']