Update for 2018.11.1

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
swupdate: ensure TARGET_CC is used for compiling/linking
2026-01-09 06:10:17 +03:00 · 2018-12-19 23:04:07 +01:00 · 2018-12-18 15:27:28 +01:00 · 2018-12-17 09:32:17 +01:00 · 2018-12-16 22:58:06 +01:00 · 2018-12-16 22:55:14 +01:00
68 changed files with 1007 additions and 80 deletions
--- a/23
+++ b/23
@@ -1,3 +1,26 @@
+2018.11.1, Released December 20th, 2018
+
+	Important / security related fixes.
+
+	defconfigs: Fixes for bananapi m2 ultra, ci20
+
+	Download wrapper: Fix for urlencode handling
+
+	Updated/fixed packages: asterisk, docker-compose,
+	docker-engine, dt-utils, gnutls, go, grub, libbsd, libcurl,
+	libpgpme, libiscsi, liblo, libmpd, libopenssl, liboping,
+	libpam-tacplus, libpjsip, linux-firmware, liquid-dsp,
+	lua-cqueue, luvi, lxc, lynx, nginx, nodejs, openzwave, php,
+	pps-tools, proftpd, prosody, sdl2_net, squashfs, swupdate,
+	uclibc, vtu, webkitgtk, wine, xen
+
+	New packages: docker-cli
+
+	Issues resolved (http://bugs.uclibc.org):
+
+	#11426: pps-tools bash dependency
+	#11536: dt-utils building fails with glibc 2.28
+
 2018.11, Released December 1st, 2018

 	Minor fixes.
--- a/Config.in.legacy
+++ b/Config.in.legacy
@@ -241,6 +241,15 @@ config BR2_PACKAGE_LIBNFTNL_XML
 ###############################################################################
 comment "Legacy options removed in 2018.08"

+config BR2_PACKAGE_DOCKER_ENGINE_STATIC_CLIENT
+	bool "docker-engine static client option renamed"
+	select BR2_LEGACY
+	select BR2_PACKAGE_DOCKER_CLI_STATIC
+	help
+	  BR2_PACKAGE_DOCKER_ENGINE_STATIC_CLIENT has been renamed to
+	  BR2_PACKAGE_DOCKER_CLI_STATIC, following the package split of
+	  docker-engine and docker-cli.
+
 config BR2_PACKAGE_XSERVER_XORG_SERVER_V_1_19
 	bool "Modular X.org server was updated to version 1.20.0"
 	select BR2_LEGACY
--- a/4
+++ b/4
@@ -92,9 +92,9 @@ all:
 .PHONY: all

 # Set and export the version string
-export BR2_VERSION := 2018.11
+export BR2_VERSION := 2018.11.1
 # Actual time the release is cut (for reproducible builds)
-BR2_VERSION_EPOCH = 1543701000
+BR2_VERSION_EPOCH = 1545257000

 # Save running make version since it's clobbered by the make package
 RUNNING_MAKE_VERSION := $(MAKE_VERSION)
--- a/board/ci20/patches/uboot/0001-mips-Remove-default-endiannes.patch
+++ b/board/ci20/patches/uboot/0001-mips-Remove-default-endiannes.patch
@@ -0,0 +1,66 @@
+From b3a1e97498e7987073775d49a703932c20f2df1d Mon Sep 17 00:00:00 2001
+From: Ezequiel Garcia <ezequiel@collabora.com>
+Date: Mon, 12 Nov 2018 14:04:46 -0300
+Subject: [PATCH] mips: Remove default endiannes
+
+Currently, trying to build ci20_mmc fails on little-endian
+toolchains. The problem seems to be that some targets don't
+have CONFIG_SYS_LITTLE_ENDIAN properly set, and therefore
+the default -EB switch is selected.
+
+Let's get rid of the default switch entirely, and fix this problem.
+While this may be a hack, it is a quick solution until
+U-Boot gets CI20 proper support.
+
+make ARCH=mips CROSS_COMPILE=mips-linux-gnu- ci20_mmc
+Configuring for ci20_mmc - Board: ci20, Options: SPL_MMC_SUPPORT,ENV_IS_IN_MMC
+make
+make[1]: Entering directory '/home/zeta/repos/u-boot-ci20'
+Generating include/autoconf.mk
+Generating include/autoconf.mk.dep
+mips-linux-gnu-gcc: error: may not use both -EB and -EL
+mips-linux-gnu-gcc: error: may not use both -EB and -EL
+Generating include/spl-autoconf.mk
+mips-linux-gnu-gcc: error: may not use both -EB and -EL
+Generating include/tpl-autoconf.mk
+mips-linux-gnu-gcc: error: may not use both -EB and -EL
+mips-linux-gnu-gcc -DDO_DEPS_ONLY \
+	-g  -Os   -ffunction-sections -fdata-sections -D__KERNEL__ -I/home/zeta/repos/u-boot-ci20/include -fno-builtin -ffreestanding -nostdinc -isystem /home/zeta/repos/buildroot/mips/output/host/opt/ext-toolchain/bin/../lib/gcc/mips-linux-gnu/5.3.0/include -pipe  -DCONFIG_MIPS -D__MIPS__ -G 0 -EB -msoft-float -fpic -mabicalls -march=mips32 -mabi=32 -DCONFIG_32BIT -mno-branch-likely -Wall -Wstrict-prototypes       \
+	-o lib/asm-offsets.s lib/asm-offsets.c -c -S
+if [ -f arch/mips/cpu/xburst/jz4780/asm-offsets.c ];then \
+	mips-linux-gnu-gcc -DDO_DEPS_ONLY \
+	-g  -Os   -ffunction-sections -fdata-sections -D__KERNEL__ -I/home/zeta/repos/u-boot-ci20/include -fno-builtin -ffreestanding -nostdinc -isystem /home/zeta/repos/buildroot/mips/output/host/opt/ext-toolchain/bin/../lib/gcc/mips-linux-gnu/5.3.0/include -pipe  -DCONFIG_MIPS -D__MIPS__ -G 0 -EB -msoft-float -fpic -mabicalls -march=mips32 -mabi=32 -DCONFIG_32BIT -mno-branch-likely -Wall -Wstrict-prototypes       \
+		-o arch/mips/cpu/xburst/jz4780/asm-offsets.s arch/mips/cpu/xburst/jz4780/asm-offsets.c -c -S; \
+else \
+	touch arch/mips/cpu/xburst/jz4780/asm-offsets.s; \
+fi
+mips-linux-gnu-gcc: error: may not use both -EB and -EL
+make[1]: *** [Makefile:747: lib/asm-offsets.s] Error 1
+make[1]: *** Waiting for unfinished jobs....
+make[1]: Leaving directory '/home/zeta/repos/u-boot-ci20'
+make: *** [.boards.depend:463: ci20_mmc] Error 2
+
+Signed-off-by: Ezequiel Garcia <ezequiel@collabora.com>
+---
+https://github.com/MIPS/CI20_u-boot/pull/19
+
+ arch/mips/config.mk | 3 ---
+ 1 file changed, 3 deletions(-)
+
+diff --git a/arch/mips/config.mk b/arch/mips/config.mk
+index c89279025507..43560abbc0e1 100644
+--- a/arch/mips/config.mk
+++ b/arch/mips/config.mk
+@@ -20,9 +20,6 @@ ifdef CONFIG_SYS_BIG_ENDIAN
+ ENDIANNESS := -EB
+ endif
+ 
+-# Default to EB if no endianess is configured
+-ENDIANNESS ?= -EB
+-
+ PLATFORM_CPPFLAGS += -DCONFIG_MIPS -D__MIPS__
+ 
+ #
+-- 
+2.19.1
+
--- a/boot/grub2/0001-x86-64-Treat-R_X86_64_PLT32-as-R_X86_64_PC32.patch
+++ b/boot/grub2/0001-x86-64-Treat-R_X86_64_PLT32-as-R_X86_64_PC32.patch
@@ -0,0 +1,74 @@
+From 842c390469e2c2e10b5aa36700324cd3bde25875 Mon Sep 17 00:00:00 2001
+From: "H.J. Lu" <hjl.tools@gmail.com>
+Date: Sat, 17 Feb 2018 06:47:28 -0800
+Subject: [PATCH] x86-64: Treat R_X86_64_PLT32 as R_X86_64_PC32
+
+Starting from binutils commit bd7ab16b4537788ad53521c45469a1bdae84ad4a:
+
+https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=bd7ab16b4537788ad53521c45469a1bdae84ad4a
+
+x86-64 assembler generates R_X86_64_PLT32, instead of R_X86_64_PC32, for
+32-bit PC-relative branches.  Grub2 should treat R_X86_64_PLT32 as
+R_X86_64_PC32.
+
+Signed-off-by: H.J. Lu <hjl.tools@gmail.com>
+Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
+Signed-off-by: Romain Naour <romain.naour@smile.fr>
+---
+ grub-core/efiemu/i386/loadcore64.c | 1 +
+ grub-core/kern/x86_64/dl.c         | 1 +
+ util/grub-mkimagexx.c              | 1 +
+ util/grub-module-verifier.c        | 1 +
+ 4 files changed, 4 insertions(+)
+
+diff --git a/grub-core/efiemu/i386/loadcore64.c b/grub-core/efiemu/i386/loadcore64.c
+index e49d0b6..18facf4 100644
+--- a/grub-core/efiemu/i386/loadcore64.c
+++ b/grub-core/efiemu/i386/loadcore64.c
+@@ -98,6 +98,7 @@ grub_arch_efiemu_relocate_symbols64 (grub_efiemu_segment_t segs,
+ 		    break;
+ 
+ 		  case R_X86_64_PC32:
+		  case R_X86_64_PLT32:
+ 		    err = grub_efiemu_write_value (addr,
+ 						   *addr32 + rel->r_addend
+ 						   + sym.off
+diff --git a/grub-core/kern/x86_64/dl.c b/grub-core/kern/x86_64/dl.c
+index 4406906..3a73e6e 100644
+--- a/grub-core/kern/x86_64/dl.c
+++ b/grub-core/kern/x86_64/dl.c
+@@ -70,6 +70,7 @@ grub_arch_dl_relocate_symbols (grub_dl_t mod, void *ehdr,
+ 	  break;
+ 
+ 	case R_X86_64_PC32:
+	case R_X86_64_PLT32:
+ 	  {
+ 	    grub_int64_t value;
+ 	    value = ((grub_int32_t) *addr32) + rel->r_addend + sym->st_value -
+diff --git a/util/grub-mkimagexx.c b/util/grub-mkimagexx.c
+index a2bb054..39d7efb 100644
+--- a/util/grub-mkimagexx.c
+++ b/util/grub-mkimagexx.c
+@@ -841,6 +841,7 @@ SUFFIX (relocate_addresses) (Elf_Ehdr *e, Elf_Shdr *sections,
+ 		  break;
+ 
+ 		case R_X86_64_PC32:
+		case R_X86_64_PLT32:
+ 		  {
+ 		    grub_uint32_t *t32 = (grub_uint32_t *) target;
+ 		    *t32 = grub_host_to_target64 (grub_target_to_host32 (*t32)
+diff --git a/util/grub-module-verifier.c b/util/grub-module-verifier.c
+index 9179285..a79271f 100644
+--- a/util/grub-module-verifier.c
+++ b/util/grub-module-verifier.c
+@@ -19,6 +19,7 @@ struct grub_module_verifier_arch archs[] = {
+       -1
+     }, (int[]){
+       R_X86_64_PC32,
+      R_X86_64_PLT32,
+       -1
+     }
+   },
+-- 
+2.7.4
+
--- a/configs/bananapi_m2_ultra_defconfig
+++ b/configs/bananapi_m2_ultra_defconfig
@@ -1,5 +1,6 @@
 BR2_arm=y
 BR2_cortex_a7=y
+BR2_PACKAGE_HOST_LINUX_HEADERS_CUSTOM_4_18=y
 BR2_TARGET_GENERIC_ISSUE="Welcome to Bananapi M2 Ultra"
 BR2_ROOTFS_POST_IMAGE_SCRIPT="support/scripts/genimage.sh"
 BR2_ROOTFS_POST_SCRIPT_ARGS="-c board/bananapi/bananapi-m2-ultra/genimage.cfg"
--- a/configs/ci20_defconfig
+++ b/configs/ci20_defconfig
@@ -27,6 +27,7 @@ BR2_TARGET_UBOOT_BOARDNAME="ci20_mmc"
 BR2_TARGET_UBOOT_CUSTOM_GIT=y
 BR2_TARGET_UBOOT_CUSTOM_REPO_URL="https://github.com/MIPS/CI20_u-boot"
 BR2_TARGET_UBOOT_CUSTOM_REPO_VERSION="dd3c1b95dac7d10b2ca5806f65e5c1050d7dd0fa"
+BR2_TARGET_UBOOT_PATCH="board/ci20/patches/uboot"
 BR2_TARGET_UBOOT_FORMAT_IMG=y
 BR2_TARGET_UBOOT_SPL=y
 BR2_TARGET_UBOOT_SPL_NAME="spl/u-boot-spl.bin"
--- a/linux/linux.hash
+++ b/linux/linux.hash
@@ -1,9 +1,9 @@
 # From https://www.kernel.org/pub/linux/kernel/v4.x/sha256sums.asc
 sha256 68ac319e0fb7edd6b6051541d9cf112cd4f77a29e16a69ae1e133ff51117f653  linux-4.18.20.tar.xz
 sha256 41026d713ba4f7a5e9d514b876ce4ed28a1d993c0c58b42b2a2597d6a0e83021  linux-4.16.18.tar.xz
-sha256 701728de924e0ec4a6b7cf59252011f8268a1b70aaf02b8487c1b2190feb3f20  linux-4.14.83.tar.xz
-sha256 f888aef58c2c4d82c81511ad6a4528ee9a8241bb96c05c65e71224988782f943  linux-4.9.140.tar.xz
-sha256 9bb4a1757e67dbd0923dbdf7e7e0baa9baa53ac942471d8fbb8d35dd5b313c10  linux-4.4.164.tar.xz
+sha256 da9260a9022b917733201b89b5314847cb3332c31e70acb5e9b547956c266e28  linux-4.14.86.tar.xz
+sha256 0eb76464a696675fd4f8762e390328a377e973bfa263b00544ca1b5b10ac2cbf  linux-4.9.143.tar.xz
+sha256 bf10effd995aa183b553cedd764c577137a9f97dc8709e2e1c04b1e0f4e6415a  linux-4.4.166.tar.xz
 sha256 6ad9389e55e0ea57768eae173747058a4487fa3630e10a7999cfec9f945e559c  linux-4.1.52.tar.xz
 # From https://www.kernel.org/pub/linux/kernel/v3.x/sha256sums.asc
 sha256 ad96d797571496c969aa71bf5d08e9d2a8c84458090d29a120f1b2981185a99e  linux-3.2.102.tar.xz
--- a/linux/linux.mk
+++ b/linux/linux.mk
@@ -311,6 +311,7 @@ define LINUX_KCONFIG_FIXUP_CMDS
 	# replaced later by the real cpio archive, and the kernel will be
 	# rebuilt using the linux-rebuild-with-initramfs target.
 	$(if $(BR2_TARGET_ROOTFS_INITRAMFS),
+		mkdir -p $(BINARIES_DIR)
 		touch $(BINARIES_DIR)/rootfs.cpio
 		$(call KCONFIG_SET_OPT,CONFIG_INITRAMFS_SOURCE,"$${BR_BINARIES_DIR}/rootfs.cpio",$(@D)/.config)
 		$(call KCONFIG_SET_OPT,CONFIG_INITRAMFS_ROOT_UID,0,$(@D)/.config)
--- a/package/Config.in
+++ b/package/Config.in
@@ -2106,6 +2106,7 @@ menu "System tools"
 	source "package/dcron/Config.in"
 	source "package/ddrescue/Config.in"
 	source "package/debianutils/Config.in"
+	source "package/docker-cli/Config.in"
 	source "package/docker-compose/Config.in"
 	source "package/docker-containerd/Config.in"
 	source "package/docker-engine/Config.in"
--- a/package/asterisk/asterisk.mk
+++ b/package/asterisk/asterisk.mk
@@ -242,7 +242,8 @@ else
 ASTERISK_CONF_OPTS += --without-speex  --without-speexdsp
 endif

-ifeq ($(BR2_PACKAGE_LIBSRTP),y)
+# asterisk needs an openssl-enabled libsrtp
+ifeq ($(BR2_PACKAGE_LIBSRTP)$(BR2_PACKAGE_OPENSSL)x$(BR2_STATIC_LIBS),yyx)
 ASTERISK_DEPENDENCIES += libsrtp
 ASTERISK_CONF_OPTS += --with-srtp
 else
--- a/package/docker-cli/Config.in
+++ b/package/docker-cli/Config.in
@@ -0,0 +1,25 @@
+config BR2_PACKAGE_DOCKER_CLI
+	bool "docker-cli"
+	depends on BR2_PACKAGE_HOST_GO_ARCH_SUPPORTS
+	depends on BR2_PACKAGE_HOST_GO_CGO_LINKING_SUPPORTS
+	depends on BR2_TOOLCHAIN_HAS_THREADS
+	help
+	  Docker is a platform to build, ship,
+	  and run applications as lightweight containers.
+
+	  https://github.com/docker/cli
+
+if BR2_PACKAGE_DOCKER_CLI
+
+config BR2_PACKAGE_DOCKER_CLI_STATIC
+	bool "build static client"
+	depends on !BR2_STATIC_LIBS
+	help
+	  Build a static docker client.
+
+endif
+
+comment "docker-cli needs a toolchain w/ threads"
+	depends on BR2_PACKAGE_HOST_GO_ARCH_SUPPORTS
+	depends on BR2_PACKAGE_HOST_GO_CGO_LINKING_SUPPORTS
+	depends on !BR2_TOOLCHAIN_HAS_THREADS
--- a/package/docker-cli/docker-cli.hash
+++ b/package/docker-cli/docker-cli.hash
@@ -0,0 +1,3 @@
+# Locally calculated
+sha256	3e578406dead2fc72c4b52f77db39dc779fa8b460352116c06f1ae29219bd8c2  docker-cli-v18.09.0.tar.gz
+sha256	2d81ea060825006fc8f3fe28aa5dc0ffeb80faf325b612c955229157b8c10dc0  LICENSE
--- a/package/docker-cli/docker-cli.mk
+++ b/package/docker-cli/docker-cli.mk
@@ -0,0 +1,31 @@
+################################################################################
+#
+# docker-cli
+#
+################################################################################
+
+DOCKER_CLI_VERSION = v18.09.0
+DOCKER_CLI_SITE = $(call github,docker,cli,$(DOCKER_CLI_VERSION))
+DOCKER_CLI_WORKSPACE = gopath
+
+DOCKER_CLI_LICENSE = Apache-2.0
+DOCKER_CLI_LICENSE_FILES = LICENSE
+
+DOCKER_CLI_DEPENDENCIES = host-pkgconf
+
+DOCKER_CLI_TAGS = autogen
+DOCKER_CLI_BUILD_TARGETS = cmd/docker
+
+DOCKER_CLI_LDFLAGS = \
+	-X github.com/docker/cli/cli.GitCommit=$(DOCKER_CLI_VERSION) \
+	-X github.com/docker/cli/cli.Version=$(DOCKER_CLI_VERSION)
+
+ifeq ($(BR2_PACKAGE_DOCKER_CLI_STATIC),y)
+DOCKER_CLI_LDFLAGS += -extldflags '-static'
+DOCKER_CLI_TAGS += osusergo netgo
+DOCKER_CLI_GO_ENV = CGO_ENABLED=no
+endif
+
+DOCKER_CLI_INSTALL_BINS = $(notdir $(DOCKER_CLI_BUILD_TARGETS))
+
+$(eval $(golang-package))
--- a/package/docker-compose/0001-setup.py-allow-all-recent-2.x-requests-releases.patch
+++ b/package/docker-compose/0001-setup.py-allow-all-recent-2.x-requests-releases.patch
@@ -0,0 +1,34 @@
+From a79152d1d621ea9d477ecc6862a03cae80b2425b Mon Sep 17 00:00:00 2001
+From: Peter Korsgaard <peter@korsgaard.com>
+Date: Sat, 15 Dec 2018 14:04:57 +0100
+Subject: [PATCH] setup.py: allow all recent 2.x requests releases
+
+Instead of having to update this for each new requests release.
+
+It it not quite clear why the restriction was added in the first place in
+commit b0480b4d04e (Bump SDK version to latest), but change it to simply
+disallow the upcoming 3.0 release to match what is done for the other
+modules.
+
+Submitted upstream: https://github.com/docker/compose/pull/6415
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+---
+ setup.py | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/setup.py b/setup.py
+index 96530726..3c8c7d0e 100644
+--- a/setup.py
+++ b/setup.py
+@@ -33,7 +33,7 @@ install_requires = [
+     'cached-property >= 1.2.0, < 2',
+     'docopt >= 0.6.1, < 0.7',
+     'PyYAML >= 3.10, < 4',
+-    'requests >= 2.6.1, != 2.11.0, != 2.12.2, != 2.18.0, < 2.19',
+    'requests >= 2.6.1, != 2.11.0, != 2.12.2, != 2.18.0, < 3.0',
+     'texttable >= 0.9.0, < 0.10',
+     'websocket-client >= 0.32.0, < 1.0',
+     'docker >= 3.1.4, < 4.0',
+-- 
+2.11.0
+
--- a/package/docker-engine/Config.in
+++ b/package/docker-engine/Config.in
@@ -26,12 +26,6 @@ config BR2_PACKAGE_DOCKER_ENGINE_DAEMON
 config BR2_PACKAGE_DOCKER_ENGINE_EXPERIMENTAL
 	bool "build experimental features"

-config BR2_PACKAGE_DOCKER_ENGINE_STATIC_CLIENT
-	bool "build static client"
-	depends on !BR2_STATIC_LIBS
-	help
-	  Build a static docker client.
-
 if BR2_PACKAGE_DOCKER_ENGINE_DAEMON

 config BR2_PACKAGE_DOCKER_ENGINE_DRIVER_BTRFS
--- a/package/docker-engine/docker-engine.hash
+++ b/package/docker-engine/docker-engine.hash
@@ -1,2 +1,3 @@
 # Locally calculated
-sha256	4716df117d867b82ddab2e82395cd40aa3d0925a689eedcec8919729e4c9f121	docker-engine-v17.05.0-ce.tar.gz
+sha256	b5278b3f2b460ea61f47833abd2a844f348b4518e73f309294ad178c205a48e1  docker-engine-v18.09.0.tar.gz
+sha256	2d81ea060825006fc8f3fe28aa5dc0ffeb80faf325b612c955229157b8c10dc0  LICENSE
--- a/package/docker-engine/docker-engine.mk
+++ b/package/docker-engine/docker-engine.mk
@@ -4,25 +4,21 @@
 #
 ################################################################################

-DOCKER_ENGINE_VERSION = v17.05.0-ce
-DOCKER_ENGINE_COMMIT = 89658bed64c2a8fe05a978e5b87dbec409d57a0f
-DOCKER_ENGINE_SITE = $(call github,docker,docker,$(DOCKER_ENGINE_VERSION))
+DOCKER_ENGINE_VERSION = v18.09.0
+DOCKER_ENGINE_SITE = $(call github,docker,engine,$(DOCKER_ENGINE_VERSION))

 DOCKER_ENGINE_LICENSE = Apache-2.0
 DOCKER_ENGINE_LICENSE_FILES = LICENSE

-DOCKER_ENGINE_DEPENDENCIES = host-go host-pkgconf
+DOCKER_ENGINE_DEPENDENCIES = host-pkgconf
+DOCKER_ENGINE_SRC_SUBDIR = github.com/docker/docker

 DOCKER_ENGINE_LDFLAGS = \
 	-X main.GitCommit=$(DOCKER_ENGINE_VERSION) \
 	-X main.Version=$(DOCKER_ENGINE_VERSION)

-ifeq ($(BR2_PACKAGE_DOCKER_ENGINE_STATIC_CLIENT),y)
-DOCKER_ENGINE_LDFLAGS += -extldflags '-static'
-endif
-
 DOCKER_ENGINE_TAGS = cgo exclude_graphdriver_zfs autogen
-DOCKER_ENGINE_BUILD_TARGETS = cmd/docker
+DOCKER_ENGINE_BUILD_TARGETS = cmd/dockerd

 ifeq ($(BR2_PACKAGE_LIBSECCOMP),y)
 DOCKER_ENGINE_TAGS += seccomp
@@ -30,15 +26,9 @@ DOCKER_ENGINE_DEPENDENCIES += libseccomp
 endif

 ifeq ($(BR2_INIT_SYSTEMD),y)
-DOCKER_ENGINE_TAGS += journald
 DOCKER_ENGINE_DEPENDENCIES += systemd
+DOCKER_ENGINE_TAGS += systemd journald
 endif
-
-ifeq ($(BR2_PACKAGE_DOCKER_ENGINE_DAEMON),y)
-DOCKER_ENGINE_TAGS += daemon
-DOCKER_ENGINE_BUILD_TARGETS += cmd/dockerd
-endif
-
 ifeq ($(BR2_PACKAGE_DOCKER_ENGINE_EXPERIMENTAL),y)
 DOCKER_ENGINE_TAGS += experimental
 endif
@@ -65,7 +55,6 @@ DOCKER_ENGINE_INSTALL_BINS = $(notdir $(DOCKER_ENGINE_BUILD_TARGETS))

 define DOCKER_ENGINE_RUN_AUTOGEN
 	cd $(@D) && \
-		GITCOMMIT="$$(echo $(DOCKER_ENGINE_COMMIT) | head -c7)" \
 		BUILDTIME="$$(date)" \
 		VERSION="$(patsubst v%,%,$(DOCKER_ENGINE_VERSION))" \
 		PKG_CONFIG="$(PKG_CONFIG_HOST_BINARY)" $(TARGET_MAKE_ENV) \
@@ -74,8 +63,6 @@ endef

 DOCKER_ENGINE_POST_CONFIGURE_HOOKS += DOCKER_ENGINE_RUN_AUTOGEN

-ifeq ($(BR2_PACKAGE_DOCKER_ENGINE_DAEMON),y)
-
 define DOCKER_ENGINE_INSTALL_INIT_SYSTEMD
 	$(INSTALL) -D -m 0644 $(@D)/contrib/init/systemd/docker.service \
 		$(TARGET_DIR)/usr/lib/systemd/system/docker.service
@@ -90,6 +77,4 @@ define DOCKER_ENGINE_USERS
 	- - docker -1 * - - - Docker Application Container Framework
 endef

-endif
-
 $(eval $(golang-package))
--- a/package/dt-utils/0001-src-fix-compilation-for-glibc-version-2.27.9000-36.f.patch
+++ b/package/dt-utils/0001-src-fix-compilation-for-glibc-version-2.27.9000-36.f.patch
@@ -0,0 +1,75 @@
+From 1c80e31872aec9f2ef7eca6a52aa89c0ea759d8f Mon Sep 17 00:00:00 2001
+From: Enrico Joerns <ejo@pengutronix.de>
+Date: Wed, 5 Sep 2018 12:28:28 +0200
+Subject: [PATCH] src: fix compilation for glibc version 2.27.9000-36.fc29 and
+ newer
+
+As recent glibc versions (>= 2.27.9000-36.fc29) also define 'struct
+statx' which is also defined in linux/stat.h, compilation fails with
+error:
+
+| In file included from ../dt-utils-2018.05.0/src/crypto/digest.c:24:
+| [..]/usr/include/linux/stat.h:56:8: error: redefinition of 'struct statx_timestamp'
+|  struct statx_timestamp {
+|         ^~~~~~~~~~~~~~~
+| In file included from [..]/usr/include/sys/stat.h:446,
+|                  from ../dt-utils-2018.05.0/src/dt/common.h:15,
+|                  from ../dt-utils-2018.05.0/src/crypto/digest.c:19:
+| [..]/usr/include/bits/statx.h:25:8: note: originally defined here
+|  struct statx_timestamp
+|         ^~~~~~~~~~~~~~~
+| In file included from ../dt-utils-2018.05.0/src/crypto/digest.c:24:
+| [..]/usr/include/linux/stat.h:99:8: error: redefinition of 'struct statx'
+|  struct statx {
+|         ^~~~~
+| In file included from [..]/usr/include/sys/stat.h:446,
+|                  from ../dt-utils-2018.05.0/src/dt/common.h:15,
+|                  from ../dt-utils-2018.05.0/src/crypto/digest.c:19:
+| [..]/usr/include/bits/statx.h:36:8: note: originally defined here
+|  struct statx
+|         ^~~~~
+
+The linux/stat.h originates from the code that was copied from barebox
+but is not explicitly required to be linux/stat.h instead of sys/stat.h
+and we do not actually use struct statx.
+
+Thus it is safe to simply replace occurrences of linux/stat.h by
+sys/stat.h to fix compilation.
+
+Signed-off-by: Enrico Joerns <ejo@pengutronix.de>
+[Thomas: backport from upstream.]
+Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
+---
+ src/barebox-state/backend_storage.c | 2 +-
+ src/crypto/digest.c                 | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/barebox-state/backend_storage.c b/src/barebox-state/backend_storage.c
+index 53fe829..1052656 100644
+--- a/src/barebox-state/backend_storage.c
+++ b/src/barebox-state/backend_storage.c
+@@ -19,7 +19,7 @@
+ #include <linux/kernel.h>
+ #include <linux/list.h>
+ #include <linux/mtd/mtd-abi.h>
+-#include <linux/stat.h>
+#include <sys/stat.h>
+ #include <linux/fs.h>
+ #include <malloc.h>
+ #include <printk.h>
+diff --git a/src/crypto/digest.c b/src/crypto/digest.c
+index 7a8c3c0..8353412 100644
+--- a/src/crypto/digest.c
+++ b/src/crypto/digest.c
+@@ -21,7 +21,7 @@
+ #include <malloc.h>
+ #include <fs.h>
+ #include <fcntl.h>
+-#include <linux/stat.h>
+#include <sys/stat.h>
+ #include <errno.h>
+ #include <module.h>
+ #include <linux/err.h>
+-- 
+2.19.2
+
--- a/package/gnutls/gnutls.mk
+++ b/package/gnutls/gnutls.mk
@@ -95,4 +95,11 @@ else
 GNUTLS_CONF_OPTS += --without-zlib
 endif

+# Provide a default CA cert location
+ifeq ($(BR2_PACKAGE_P11_KIT),y)
+GNUTLS_CONF_OPTS += --with-default-trust-store-pkcs11=pkcs11:model=p11-kit-trust
+else ifeq ($(BR2_PACKAGE_CA_CERTIFICATES),y)
+GNUTLS_CONF_OPTS += --with-default-trust-store-file=/etc/ssl/certs/ca-certificates.crt
+endif
+
 $(eval $(autotools-package))
--- a/package/go/go.hash
+++ b/package/go/go.hash
@@ -1,3 +1,3 @@
 # From https://golang.org/dl/
-sha256	042fba357210816160341f1002440550e952eb12678f7c9e7e9d389437942550  go1.11.2.src.tar.gz
+sha256	4cfd42720a6b1e79a8024895fa6607b69972e8e32446df76d6ce79801bbadb15  go1.11.4.src.tar.gz
 sha256	2d36597f7117c38b006835ae7f537487207d8ec407aa9d9980794b2030cbc067  LICENSE
--- a/package/go/go.mk
+++ b/package/go/go.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################

-GO_VERSION = 1.11.2
+GO_VERSION = 1.11.4
 GO_SITE = https://storage.googleapis.com/golang
 GO_SOURCE = go$(GO_VERSION).src.tar.gz

--- a/package/libbsd/Config.in
+++ b/package/libbsd/Config.in
@@ -5,12 +5,12 @@ config BR2_PACKAGE_LIBBSD_ARCH_SUPPORTS
 	depends on !BR2_microblaze
 	depends on !BR2_arc
 	depends on !BR2_xtensa
+	# uClibc on noMMU doesn't provide __register_atfork()
+	depends on !(BR2_TOOLCHAIN_USES_UCLIBC && !BR2_USE_MMU)

 config BR2_PACKAGE_LIBBSD
 	bool "libbsd"
 	depends on BR2_PACKAGE_LIBBSD_ARCH_SUPPORTS
-	# uClibc on noMMU doesn't provide __register_atfork()
-	depends on !(BR2_TOOLCHAIN_USES_UCLIBC && !BR2_USE_MMU)
 	depends on BR2_TOOLCHAIN_HAS_THREADS
 	depends on BR2_USE_WCHAR
 	help
@@ -24,5 +24,4 @@ config BR2_PACKAGE_LIBBSD

 comment "libbsd needs a toolchain w/ threads, wchar"
 	depends on BR2_PACKAGE_LIBBSD_ARCH_SUPPORTS
-	depends on BR2_TOOLCHAIN_USES_UCLIBC && !BR2_USE_MMU
 	depends on !BR2_TOOLCHAIN_HAS_THREADS || !BR2_USE_WCHAR
--- a/package/libcurl/libcurl.mk
+++ b/package/libcurl/libcurl.mk
@@ -45,7 +45,8 @@ LIBCURL_CONF_ENV += LD_LIBRARY_PATH=$(if $(LD_LIBRARY_PATH),$(LD_LIBRARY_PATH):)
 LIBCURL_CONF_OPTS += --with-ssl=$(STAGING_DIR)/usr \
 	--with-ca-path=/etc/ssl/certs
 else ifeq ($(BR2_PACKAGE_GNUTLS),y)
-LIBCURL_CONF_OPTS += --with-gnutls=$(STAGING_DIR)/usr
+LIBCURL_CONF_OPTS += --with-gnutls=$(STAGING_DIR)/usr \
+	--with-ca-fallback
 LIBCURL_DEPENDENCIES += gnutls
 else ifeq ($(BR2_PACKAGE_LIBNSS),y)
 LIBCURL_CONF_OPTS += --with-nss=$(STAGING_DIR)/usr
--- a/package/libgpgme/libgpgme.mk
+++ b/package/libgpgme/libgpgme.mk
@@ -12,6 +12,7 @@ LIBGPGME_LICENSE_FILES = COPYING.LESSER
 LIBGPGME_INSTALL_STAGING = YES
 LIBGPGME_DEPENDENCIES = libassuan libgpg-error
 LIBGPGME_LANGUAGE_BINDINGS = cl
+LIBGPGME_CONFIG_SCRIPTS = gpgme-config

 LIBGPGME_CONF_OPTS = \
 	--with-gpg-error-prefix=$(STAGING_DIR)/usr \
--- a/package/libiscsi/libiscsi.mk
+++ b/package/libiscsi/libiscsi.mk
@@ -11,6 +11,8 @@ LIBISCSI_LICENSE_FILES = COPYING LICENCE-GPL-2.txt LICENCE-LGPL-2.1.txt
 LIBISCSI_INSTALL_STAGING = YES
 LIBISCSI_AUTORECONF = YES

+LIBISCSI_CONF_OPTS = --disable-werror --disable-manpages
+
 # We need to create the m4 directory to make autoreconf work properly.
 define LIBISCSI_CREATE_M4_DIR
 	mkdir -p $(@D)/m4
--- a/package/liblo/0002-src-server.c-fix-stringop-truncation-error.patch
+++ b/package/liblo/0002-src-server.c-fix-stringop-truncation-error.patch
@@ -0,0 +1,30 @@
+From c1b2fbd8d96d9b668a0b5e3c49c75c13cfe7d4ba Mon Sep 17 00:00:00 2001
+From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+Date: Sat, 15 Dec 2018 21:55:08 +0100
+Subject: [PATCH] src/server.c: fix stringop-truncation error
+
+Fixes:
+ - http://autobuild.buildroot.org/results/62896bd6a1a30facaffd07a7a763831996dc8ea0
+
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+[Upstream status: https://github.com/radarsat1/liblo/pull/70]
+---
+ src/server.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/server.c b/src/server.c
+index 6d1a9de..72aecc9 100644
+--- a/src/server.c
+++ b/src/server.c
+@@ -377,7 +377,7 @@ void lo_server_resolve_hostname(lo_server s)
+         gethostname(hostname, sizeof(hostname));
+         he = gethostbyname(hostname);
+         if (he) {
+-            strncpy(hostname, he->h_name, sizeof(hostname));
+            strncpy(hostname, he->h_name, sizeof(hostname) - 1);
+         }
+     }
+ 
+-- 
+2.14.1
+
--- a/package/libmpd/0001-Fix-build-on-archlinux-missing-include.patch
+++ b/package/libmpd/0001-Fix-build-on-archlinux-missing-include.patch
@@ -0,0 +1,24 @@
+From 4f946c01000fd97100e4a534b47f9c7ace0403df Mon Sep 17 00:00:00 2001
+From: QC <qball@gmpclient.org>
+Date: Thu, 9 Oct 2014 19:51:50 +0200
+Subject: [PATCH] Fix build on archlinux (missing include)
+
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+[Retrieved from:
+https://github.com/DaveDavenport/libmpd/commit/4f946c01000fd97100e4a534b47f9c7ace0403df]
+---
+ src/libmpd-internal.h | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/libmpd-internal.h b/src/libmpd-internal.h
+index c84c3a4..30cdc85 100644
+--- a/src/libmpd-internal.h
+++ b/src/libmpd-internal.h
+@@ -21,6 +21,7 @@
+ #define __MPD_INTERNAL_LIB_
+ 
+ #include "libmpdclient.h"
+#include <config.h>
+ struct _MpdData_real;
+ 
+ typedef struct _MpdData_real {
--- a/package/libopenssl/libopenssl.mk
+++ b/package/libopenssl/libopenssl.mk
@@ -5,7 +5,7 @@
 ################################################################################

 LIBOPENSSL_VERSION = 1.0.2q
-LIBOPENSSL_SITE = http://www.openssl.org/source
+LIBOPENSSL_SITE = https://www.openssl.org/source
 LIBOPENSSL_SOURCE = openssl-$(LIBOPENSSL_VERSION).tar.gz
 LIBOPENSSL_LICENSE = OpenSSL or SSLeay
 LIBOPENSSL_LICENSE_FILES = LICENSE
--- a/package/liboping/0001-ping_host_add-Decrease-buffer-size-to-make-GCC-s-truncation-check-happy.patch
+++ b/package/liboping/0001-ping_host_add-Decrease-buffer-size-to-make-GCC-s-truncation-check-happy.patch
@@ -0,0 +1,31 @@
+From 18ca43507b351f339ff23062541ee8d58e813a53 Mon Sep 17 00:00:00 2001
+From: Florian Forster <ff@octo.it>
+Date: Sun, 29 Jul 2018 14:34:19 +0200
+Subject: [PATCH] ping_host_add: Decrease buffer size to make GCC's truncation
+ check happy.
+
+Fixes: #38
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+[Retrieved from:
+https://github.com/octo/liboping/commit/18ca43507b351f339ff23062541ee8d58e813a53]
+---
+ src/liboping.c | 6 ++----
+ 1 file changed, 2 insertions(+), 4 deletions(-)
+
+diff --git a/src/liboping.c b/src/liboping.c
+index 5253e8c..2470988 100644
+--- a/src/liboping.c
+++ b/src/liboping.c
+@@ -1636,10 +1636,8 @@ int ping_host_add (pingobj_t *obj, const char *host)
+ 		}
+ 		else
+ 		{
+-			char errmsg[PING_ERRMSG_LEN];
+-
+-			snprintf (errmsg, PING_ERRMSG_LEN, "Unknown `ai_family': %i", ai_ptr->ai_family);
+-			errmsg[PING_ERRMSG_LEN - 1] = '\0';
+			char errmsg[64];
+			snprintf (errmsg, sizeof(errmsg), "Unknown `ai_family': %d", ai_ptr->ai_family);
+ 
+ 			dprintf ("%s", errmsg);
+ 			ping_set_error (obj, "getaddrinfo", errmsg);
--- a/package/libpam-tacplus/0002-Fix-compilation-of-tacc.c-with-GCC-8.patch
+++ b/package/libpam-tacplus/0002-Fix-compilation-of-tacc.c-with-GCC-8.patch
@@ -0,0 +1,39 @@
+From 4c9635b03d0acf140f65004be9d4822297ee5a35 Mon Sep 17 00:00:00 2001
+From: Carlos Santos <casantos@datacom.com.br>
+Date: Mon, 10 Dec 2018 17:27:16 -0200
+Subject: [PATCH] Fix compilation of tacc.c with GCC 8
+
+GCC 8 demands that the size of the string copied by strncpy be smaller
+than the size of the destination to keep space for the trailibg '\0':
+
+tacc.c:378:3: error: 'strncpy' specified bound 4 equals destination size [-Werror=stringop-truncation]
+   strncpy(utmpx.ut_id, tty + C_STRLEN("tty"), sizeof(utmpx.ut_id));
+
+Ensure that no more than sizeof(utmpx.ut_id) - 1 characters are copied
+and that a trailing '\0' is stored.
+
+Fixes:
+  http://autobuild.buildroot.net/results/da6d150e470046c03c5f7463de045604e15e4a30/
+
+Signed-off-by: Carlos Santos <casantos@datacom.com.br>
+---
+ tacc.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/tacc.c b/tacc.c
+index f61e2d7..3c1a40c 100644
+--- a/tacc.c
+++ b/tacc.c
+@@ -375,7 +375,8 @@ int main(int argc, char **argv) {
+ 		utmpx.ut_type = USER_PROCESS;
+ 		utmpx.ut_pid = getpid();
+ 		xstrcpy(utmpx.ut_line, tty, sizeof(utmpx.ut_line));
+-		strncpy(utmpx.ut_id, tty + C_STRLEN("tty"), sizeof(utmpx.ut_id));
+		strncpy(utmpx.ut_id, tty + C_STRLEN("tty"), sizeof(utmpx.ut_id) - 1);
+		utmpx.ut_id[sizeof(utmpx.ut_id) - 1] = '\0';
+ 		xstrcpy(utmpx.ut_host, "dialup", sizeof(utmpx.ut_host));
+ 		utmpx.ut_tv.tv_sec = tv.tv_sec;
+ 		utmpx.ut_tv.tv_usec = tv.tv_usec;
+-- 
+2.14.5
+
--- a/package/libpjsip/libpjsip.mk
+++ b/package/libpjsip/libpjsip.mk
@@ -26,9 +26,6 @@ LIBPJSIP_CONF_ENV = \

 LIBPJSIP_CONF_OPTS = \
 	--disable-sound \
-	--disable-gsm-codec \
-	--disable-speex-codec \
-	--disable-speex-aec \
 	--disable-resample \
 	--disable-video \
 	--disable-opencore-amr \
@@ -56,6 +53,16 @@ LIBPJSIP_CONF_OPTS = \
 # so we want to use it.
 LIBPJSIP_CONF_OPTS += --enable-epoll

+ifeq ($(BR2_PACKAGE_LIBGSM),y)
+LIBPJSIP_CONF_OPTS += \
+	--enable-gsm-codec \
+	--with-external-gsm
+LIBPJSIP_DEPENDENCIES += libgsm
+else
+LIBPJSIP_CONF_OPTS += \
+	--disable-gsm-codec
+endif
+
 ifeq ($(BR2_PACKAGE_LIBOPENSSL),y)
 LIBPJSIP_DEPENDENCIES += libopenssl
 LIBPJSIP_CONF_OPTS += --with-ssl=$(STAGING_DIR)/usr
@@ -63,8 +70,23 @@ else
 LIBPJSIP_CONF_OPTS += --disable-ssl
 endif

+ifeq ($(BR2_PACKAGE_SPEEX)$(BR2_PACKAGE_SPEEXDSP),yy)
+LIBPJSIP_CONF_OPTS += \
+	--enable-speex-aec \
+	--enable-speex-codec \
+	--with-external-speex
+LIBPJSIP_DEPENDENCIES += speex speexdsp
+else
+LIBPJSIP_CONF_OPTS += \
+	--disable-speex-aec \
+	--disable-speex-codec
+endif
+
 ifeq ($(BR2_PACKAGE_UTIL_LINUX_LIBUUID),y)
 LIBPJSIP_DEPENDENCIES += util-linux
 endif

+# disable build of test binaries
+LIBPJSIP_MAKE_OPTS = lib
+
 $(eval $(autotools-package))
--- a/package/linux-firmware/linux-firmware.mk
+++ b/package/linux-firmware/linux-firmware.mk
@@ -383,7 +383,7 @@ endif

 ifeq ($(BR2_PACKAGE_LINUX_FIRMWARE_QLOGIC_4X),y)
 LINUX_FIRMWARE_FILES += \
-	qed/qed_init_values_zipped-8.33.11.0.bin
+	qed/qed_init_values_zipped-*.bin
 # No license file; the license is in the file WHENCE
 # which is installed unconditionally
 endif
--- a/package/linux-headers/Config.in.host
+++ b/package/linux-headers/Config.in.host
@@ -290,9 +290,9 @@ config BR2_DEFAULT_KERNEL_HEADERS
 	string
 	default "3.2.102"	if BR2_KERNEL_HEADERS_3_2
 	default "4.1.52"	if BR2_KERNEL_HEADERS_4_1
-	default "4.4.164"	if BR2_KERNEL_HEADERS_4_4
-	default "4.9.140"	if BR2_KERNEL_HEADERS_4_9
-	default "4.14.83"	if BR2_KERNEL_HEADERS_4_14
+	default "4.4.166"	if BR2_KERNEL_HEADERS_4_4
+	default "4.9.143"	if BR2_KERNEL_HEADERS_4_9
+	default "4.14.86"	if BR2_KERNEL_HEADERS_4_14
 	default "4.16.18"	if BR2_KERNEL_HEADERS_4_16
 	default "4.18.20"	if BR2_KERNEL_HEADERS_4_18
 	default BR2_DEFAULT_KERNEL_VERSION if BR2_KERNEL_HEADERS_VERSION
--- a/package/liquid-dsp/liquid-dsp.mk
+++ b/package/liquid-dsp/liquid-dsp.mk
@@ -32,6 +32,7 @@ endif
 # use FFTW instead of built-in FFT
 ifeq ($(BR2_PACKAGE_FFTW_PRECISION_SINGLE),y)
 LIQUID_DSP_LDFLAGS += -lfftw3f
+LIQUID_DSP_DEPENDENCIES += fftw
 endif

 # disable altivec, it has build issues
@@ -41,10 +42,12 @@ endif

 ifeq ($(BR2_PACKAGE_FFTW_PRECISION_DOUBLE),y)
 LIQUID_DSP_LDFLAGS += -lfftw3
+LIQUID_DSP_DEPENDENCIES += fftw
 endif

 ifeq ($(BR2_PACKAGE_FFTW_PRECISION_LONG_DOUBLE),y)
 LIQUID_DSP_LDFLAGS += -lfftw3l
+LIQUID_DSP_DEPENDENCIES += fftw
 endif

 LIQUID_DSP_CONF_OPTS += \
--- a/package/lua-cqueues/lua-cqueues.mk
+++ b/package/lua-cqueues/lua-cqueues.mk
@@ -8,7 +8,7 @@ LUA_CQUEUES_VERSION = rel-20161215
 LUA_CQUEUES_SITE = $(call github,wahern,cqueues,$(LUA_CQUEUES_VERSION))
 LUA_CQUEUES_LICENSE = MIT
 LUA_CQUEUES_LICENSE_FILES = LICENSE
-LUA_CQUEUES_DEPENDENCIES = luainterpreter openssl
+LUA_CQUEUES_DEPENDENCIES = luainterpreter openssl host-m4

 define LUA_CQUEUES_BUILD_CMDS
 	$(TARGET_MAKE_ENV) $(MAKE1) $(TARGET_CONFIGURE_OPTS) -C $(@D) \
--- a/package/luvi/0002-luvi-executable-needs-to-export-symbols.patch
+++ b/package/luvi/0002-luvi-executable-needs-to-export-symbols.patch
@@ -0,0 +1,53 @@
+From 1ea2c1e372ab59b9a633a51f0dcefc24328528f1 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?J=C3=B6rg=20Krause?= <joerg.krause@embedded.rocks>
+Date: Mon, 10 Sep 2018 08:18:38 +0200
+Subject: [PATCH] luvi executable needs to export symbols
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Using CMake 3.12 running luvi fails with:
+
+```
+[string "return require('init')(...)"]:1: module 'init' not found:
+	no field package.preload['init']
+	no file './init.lua'
+	no file '/usr/share/luajit-2.0.5/init.lua'
+	no file '/usr/local/share/lua/5.1/init.lua'
+	no file '/usr/local/share/lua/5.1/init/init.lua'
+	no file '/usr/share/lua/5.1/init.lua'
+	no file '/usr/share/lua/5.1/init/init.lua'
+	no file './init.so'
+	no file '/usr/local/lib/lua/5.1/init.so'
+	no file '/usr/lib/lua/5.1/init.so'
+	no file '/usr/local/lib/lua/5.1/loadall.so'
+```
+
+Looking at link.txt for the luvi executable shows that `-rdynamic` is
+not set anymore in CMake 3.12. This has the effect, that symbols are
+missing in the `.dynsym` section.
+
+Therefore, set `ENABLE_EXPORTS` to true which set `-rdynamic` explicitly.
+
+Upstream status: b8781653dcb8815a3019a77baf4f3b7f7a255ebe
+
+Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
+---
+ CMakeLists.txt | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/CMakeLists.txt b/CMakeLists.txt
+index e141f8e..8219d0b 100644
+--- a/CMakeLists.txt
+++ b/CMakeLists.txt
+@@ -158,6 +158,7 @@ if("${CMAKE_SYSTEM_NAME}" MATCHES "Linux")
+ endif()
+ 
+ target_link_libraries(luvi ${LUVI_LIBRARIES} ${EXTRA_LIBS} ${CMAKE_THREAD_LIBS_INIT})
+set_target_properties(luvi PROPERTIES ENABLE_EXPORTS ON)
+ 
+ ###############################################################################
+ ## Installation Targets
+-- 
+2.19.1
+
--- a/package/lxc/0001-stringutils-include-stdarg-for-va_list.patch
+++ b/package/lxc/0001-stringutils-include-stdarg-for-va_list.patch
@@ -0,0 +1,30 @@
+From b7df06ad14c04f18b7db5b64d5142b802bf64cb2 Mon Sep 17 00:00:00 2001
+From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+Date: Mon, 3 Dec 2018 22:18:16 +0100
+Subject: [PATCH] stringutils: include stdarg for va_list
+
+Fixes:
+ - http://autobuild.buildroot.org/results/0b90e7dca2984652842832a41abad93ac49a9b86
+
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+[Upstream status: https://github.com/lxc/lxc/commit/b7df06ad14c04f18b7db5b64d5142b802bf64cb2]
+---
+ src/lxc/string_utils.h | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/src/lxc/string_utils.h b/src/lxc/string_utils.h
+index 4065e4e6..d4e633cc 100644
+--- a/src/lxc/string_utils.h
+++ b/src/lxc/string_utils.h
+@@ -20,6 +20,8 @@
+ #ifndef __LXC_STRING_UTILS_H
+ #define __LXC_STRING_UTILS_H
+ 
+#include <stdarg.h>
+
+ #include "config.h"
+ 
+ #include "initutils.h"
+-- 
+2.14.1
+
--- a/package/lxc/0002-configure.ac-fix-build-without-stack-protector.patch
+++ b/package/lxc/0002-configure.ac-fix-build-without-stack-protector.patch
@@ -0,0 +1,37 @@
+From 3aa7271157d3c815a4426c1f8eaea2f3b6dafa6a Mon Sep 17 00:00:00 2001
+From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+Date: Tue, 4 Dec 2018 08:40:05 +0100
+Subject: [PATCH] configure.ac: fix build without stack-protector
+
+Compiler based hardening (including -fstack-protector-strong) are
+enabled since version 3.0.3 and
+https://github.com/lxc/lxc/commit/2268c27754152aa538db2c9e3753d72d19bcd17a
+
+However, some compilers could missed the needed library (-lssp or
+-lssp_nonshared) at linking step so use ax_check_link_flag instead of
+ax_check_compile_flag
+
+Fixes:
+ - http://autobuild.buildroot.org/results/0b90e7dca2984652842832a41abad93ac49a9b86
+
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+---
+ configure.ac | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/configure.ac b/configure.ac
+index 9a9adac3..032e4cfd 100644
+--- a/configure.ac
+++ b/configure.ac
+@@ -696,7 +696,7 @@ AX_CHECK_COMPILE_FLAG([-Wcast-align], [CFLAGS="$CFLAGS -Wcast-align"],,[-Werror]
+ AX_CHECK_COMPILE_FLAG([-Wstrict-prototypes], [CFLAGS="$CFLAGS -Wstrict-prototypes"],,[-Werror])
+ AX_CHECK_COMPILE_FLAG([-fno-strict-aliasing], [CFLAGS="$CFLAGS -fno-strict-aliasing"],,[-Werror])
+ AX_CHECK_COMPILE_FLAG([-fstack-clash-protection], [CFLAGS="$CFLAGS -fstack-clash-protection"],,[-Werror])
+-AX_CHECK_COMPILE_FLAG([-fstack-protector-strong], [CFLAGS="$CFLAGS -fstack-protector-strong"],,[-Werror])
+AX_CHECK_LINK_FLAG([-fstack-protector-strong], [CFLAGS="$CFLAGS -fstack-protector-strong"],,[-Werror])
+ AX_CHECK_COMPILE_FLAG([-g], [CFLAGS="$CFLAGS -g"],,[-Werror])
+ AX_CHECK_COMPILE_FLAG([--mcet -fcf-protection], [CFLAGS="$CFLAGS --mcet -fcf-protection"],,[-Werror])
+ AX_CHECK_COMPILE_FLAG([-Werror=implicit-function-declaration], [CFLAGS="$CFLAGS -Werror=implicit-function-declaration"],,[-Werror])
+-- 
+2.14.1
+
--- a/package/lxc/Config.in
+++ b/package/lxc/Config.in
@@ -4,6 +4,7 @@ config BR2_PACKAGE_LXC
 	depends on BR2_USE_MMU # fork()
 	# build system forcefully builds a shared library
 	depends on !BR2_STATIC_LIBS
+	depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_7 # C++11
 	depends on BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_0 # setns() system call
 	help
 	  Linux Containers (LXC), provides the ability to group and
@@ -13,8 +14,9 @@ config BR2_PACKAGE_LXC

 	  https://linuxcontainers.org/

-comment "lxc needs a toolchain w/ threads, headers >= 3.0, dynamic library"
+comment "lxc needs a toolchain w/ threads, headers >= 3.0, dynamic library, gcc >= 4.7"
 	depends on BR2_USE_MMU
 	depends on !BR2_TOOLCHAIN_HAS_THREADS \
+		|| !BR2_TOOLCHAIN_GCC_AT_LEAST_4_7 \
 		|| !BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_0 \
 		|| BR2_STATIC_LIBS
--- a/package/lxc/lxc.hash
+++ b/package/lxc/lxc.hash
@@ -1,3 +1,3 @@
 # Locally calculated
-sha256	45986c49be1c048fa127bd3e7ea1bd3347e25765c008a09a2e4c233151a2d5db	lxc-3.0.1.tar.gz
+sha256	620cb832cc02c63bf4d330657bf6176544e145da281ee384a34d689635a19841	lxc-3.0.3.tar.gz
 sha256	dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551	COPYING
--- a/package/lxc/lxc.mk
+++ b/package/lxc/lxc.mk
@@ -4,12 +4,14 @@
 #
 ################################################################################

-LXC_VERSION = 3.0.1
+LXC_VERSION = 3.0.3
 LXC_SITE = https://linuxcontainers.org/downloads/lxc
 LXC_LICENSE = LGPL-2.1+
 LXC_LICENSE_FILES = COPYING
 LXC_DEPENDENCIES = host-pkgconf
 LXC_INSTALL_STAGING = YES
+# We're patching configure.ac
+LXC_AUTORECONF = YES

 LXC_CONF_OPTS = --disable-apparmor --with-distro=buildroot \
 	--disable-werror \
--- a/package/lynx/lynx.mk
+++ b/package/lynx/lynx.mk
@@ -10,7 +10,7 @@ LYNX_SITE = ftp://ftp.invisible-island.net/lynx/tarballs
 LYNX_LICENSE = GPL-2.0
 LYNX_LICENSE_FILES = COPYING

-LYNX_DEPENDENCIES = $(TARGET_NLS_DEPENDENCIES)
+LYNX_DEPENDENCIES = host-pkgconf $(TARGET_NLS_DEPENDENCIES)

 ifeq ($(BR2_PACKAGE_NCURSES),y)
 LYNX_DEPENDENCIES += ncurses
--- a/package/minizip/Config.in
+++ b/package/minizip/Config.in
@@ -1,7 +1,6 @@
 config BR2_PACKAGE_MINIZIP
 	bool "minizip"
 	depends on BR2_PACKAGE_LIBBSD_ARCH_SUPPORTS
-	depends on !(BR2_TOOLCHAIN_USES_UCLIBC && !BR2_USE_MMU) # libbsd
 	depends on BR2_TOOLCHAIN_HAS_THREADS # libbsd
 	depends on BR2_USE_WCHAR # libbsd
 	select BR2_PACKAGE_LIBBSD
@@ -20,5 +19,4 @@ config BR2_PACKAGE_MINIZIP_DEMOS

 comment "minizip needs a toolchain w/ threads, wchar"
 	depends on BR2_PACKAGE_LIBBSD_ARCH_SUPPORTS
-	depends on BR2_TOOLCHAIN_USES_UCLIBC && !BR2_USE_MMU
 	depends on !BR2_TOOLCHAIN_HAS_THREADS || !BR2_USE_WCHAR
--- a/package/nginx/nginx.hash
+++ b/package/nginx/nginx.hash
@@ -1,4 +1,4 @@
 # Locally calculated after checking pgp signature
-sha256	a3d8c67c2035808c7c0d475fffe263db8c353b11521aa7ade468b780ed826cc6	nginx-1.15.6.tar.gz
+sha256	8f22ea2f6c0e0a221b6ddc02b6428a3ff708e2ad55f9361102b1c9f4142bdf93	nginx-1.15.7.tar.gz
 # License files, locally calculated
 sha256	e18f05bcaad47528f8b21861d4a0fb9815ca1bbb4be946c51a51d36623758bcc	LICENSE
--- a/package/nginx/nginx.mk
+++ b/package/nginx/nginx.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################

-NGINX_VERSION = 1.15.6
+NGINX_VERSION = 1.15.7
 NGINX_SITE = http://nginx.org/download
 NGINX_LICENSE = BSD-2-Clause
 NGINX_LICENSE_FILES = LICENSE
--- a/package/nodejs/nodejs.hash
+++ b/package/nodejs/nodejs.hash
@@ -1,5 +1,5 @@
-# From https://nodejs.org/dist/v8.12.0/SHASUMS256.txt
-sha256 5a9dff58016c18fb4bf902d963b124ff058a550ebcd9840c677757387bce419a  node-v8.12.0.tar.xz
+# From https://nodejs.org/dist/v8.14.0/SHASUMS256.txt
+sha256 8ce252913c9f6aaa9871f2d9661b6e54858dae2f0064bd3c624676edb09083c4  node-v8.14.0.tar.xz

 # Hash for license file
 sha256 b87be6c1479ed977481115869c2dd8b6d59e5ea55aa09939d6c898242121b2f5  LICENSE
--- a/package/nodejs/nodejs.mk
+++ b/package/nodejs/nodejs.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################

-NODEJS_VERSION = 8.12.0
+NODEJS_VERSION = 8.14.0
 NODEJS_SOURCE = node-v$(NODEJS_VERSION).tar.xz
 NODEJS_SITE = http://nodejs.org/dist/v$(NODEJS_VERSION)
 NODEJS_DEPENDENCIES = host-python host-nodejs c-ares \
--- a/package/openzwave/0004-Fix-compilation-error-in-regards-to-Werror-restrict.patch
+++ b/package/openzwave/0004-Fix-compilation-error-in-regards-to-Werror-restrict.patch
@@ -0,0 +1,39 @@
+From 14164e9920ce3482747483fc16654c82d3ce445f Mon Sep 17 00:00:00 2001
+From: pipiche38 <pipiche38@users.noreply.github.com>
+Date: Fri, 8 Jun 2018 15:13:39 +0200
+Subject: [PATCH] Fix compilation error in regards to -Werror=restrict
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+/usr/share/domoticz/open-zwave/cpp/src/command_classes/DoorLockLogging.cpp: In member function <20>virtual bool OpenZWave::DoorLockLogging::HandleMsg(const uint8*, uint32, uint32)<29>:
+/usr/share/domoticz/open-zwave/cpp/src/command_classes/DoorLockLogging.cpp:312:15: error: passing argument 1 to restrict-qualified parameter aliases with argument 4 [-Werror=restrict]
+      snprintf(usercode, sizeof(usercode), "%s %d", usercode, (int)_data[12+i]);
+               ^~~~~~~~                             ~~~~~~~~
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+[Retrieved from:
+https://github.com/OpenZWave/open-zwave/commit/14164e9920ce3482747483fc16654c82d3ce445f]
+---
+ cpp/src/command_classes/DoorLockLogging.cpp | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/cpp/src/command_classes/DoorLockLogging.cpp b/cpp/src/command_classes/DoorLockLogging.cpp
+index c235a8497..418f61b7d 100644
+--- a/cpp/src/command_classes/DoorLockLogging.cpp
+++ b/cpp/src/command_classes/DoorLockLogging.cpp
+@@ -304,12 +304,13 @@ bool DoorLockLogging::HandleMsg
+ 			}
+ 			uint8 userid = (_data[10]);
+ 			uint8 usercodelength = (_data[11]);
+-			char usercode[254];
+			char usercode[254], tmpusercode[254];
+ 			snprintf(usercode, sizeof(usercode), "UserCode:");
+ 			if (usercodelength > 0)
+ 				for (int i = 0; i < usercodelength; i++ )
+ 				{
+-					snprintf(usercode, sizeof(usercode), "%s %d", usercode, (int)_data[12+i]);
+					strncpy(tmpusercode, usercode, sizeof(tmpusercode));
+                                        snprintf(usercode, sizeof(usercode), "%s %d", tmpusercode, (int)_data[12+i]);
+ 				}
+ 
+ 			if (valid) {
--- a/package/php/php.hash
+++ b/package/php/php.hash
@@ -1,5 +1,5 @@
 # From http://php.net/downloads.php
-sha256 989c04cc879ee71a5e1131db867f3c5102f1f7565f805e2bb8bde33f93147fe1  php-7.2.12.tar.xz
+sha256 14b0429abdb46b65c843e5882c9a8c46b31dfbf279c747293b8ab950c2644a4b  php-7.2.13.tar.xz

 # License file
 sha256 f689b8fa63bea7950ce6a21bf52ed88ea0d77673ee76e6de12f51191174d91b8  LICENSE
--- a/package/php/php.mk
+++ b/package/php/php.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################

-PHP_VERSION = 7.2.12
+PHP_VERSION = 7.2.13
 PHP_SITE = http://www.php.net/distributions
 PHP_SOURCE = php-$(PHP_VERSION).tar.xz
 PHP_INSTALL_STAGING = YES
--- a/package/pps-tools/pps-tools.hash
+++ b/package/pps-tools/pps-tools.hash
@@ -1,2 +1,2 @@
 # Locally calculated
-sha256 eee0a76118cf11d94f575ee43804a6991379f2c734b400ba01ac4811d0498e97  pps-tools-47333f24af878f67ce48022e8af16419713aa1ac.tar.gz
+sha256 1168f1474235017af413afdb07288303ad7a7b12a0282f3bf9ed0e22fe0d7d2e  pps-tools-e2b25049df9a4da28168b7378016f1650d0dfa6b.tar.gz
--- a/package/pps-tools/pps-tools.mk
+++ b/package/pps-tools/pps-tools.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################

-PPS_TOOLS_VERSION = 47333f24af878f67ce48022e8af16419713aa1ac
+PPS_TOOLS_VERSION = e2b25049df9a4da28168b7378016f1650d0dfa6b
 PPS_TOOLS_SITE = $(call github,ago,pps-tools,$(PPS_TOOLS_VERSION))
 PPS_TOOLS_INSTALL_STAGING = YES
 PPS_TOOLS_LICENSE = GPL-2.0+
--- a/package/proftpd/Config.in
+++ b/package/proftpd/Config.in
@@ -29,12 +29,12 @@ config BR2_PACKAGE_PROFTPD_MOD_SFTP
 config BR2_PACKAGE_PROFTPD_MOD_SQL
 	bool "mod_sql support"
 	help
-	  Compile ProFTPD with mode_sql support.
+	  Compile ProFTPD with mod_sql support.

 config BR2_PACKAGE_PROFTPD_MOD_QUOTATAB
 	bool "mod_quotatab support"
 	help
-	  Compile ProFTPD with mode_quotatab support. This module
+	  Compile ProFTPD with mod_quotatab support. This module
 	  is required in order to support quota tables:
 	        1. mod_quotatab_file
 	        2. mod_quotatab_ldap
--- a/package/prosody/Config.in
+++ b/package/prosody/Config.in
@@ -2,7 +2,9 @@ config BR2_PACKAGE_PROSODY
 	bool "prosody"
 	depends on BR2_USE_MMU # fork
 	depends on BR2_PACKAGE_HAS_LUAINTERPRETER
+	depends on !BR2_PACKAGE_LUA_5_3
 	depends on !BR2_STATIC_LIBS # luaexpat, luasec, luasocket, luafilesystem
+	select BR2_PACKAGE_LUABITOP if !BR2_PACKAGE_LUAJIT # runtime
 	select BR2_PACKAGE_LUAEXPAT # runtime
 	select BR2_PACKAGE_LUASEC # runtime
 	select BR2_PACKAGE_LUASOCKET # runtime
@@ -19,3 +21,6 @@ config BR2_PACKAGE_PROSODY
 comment "prosody needs the lua interpreter, dynamic library"
 	depends on !BR2_PACKAGE_HAS_LUAINTERPRETER || BR2_STATIC_LIBS
 	depends on BR2_USE_MMU
+
+comment "prosody needs a Lua 5.1/5.2 interpreter"
+	depends on BR2_PACKAGE_LUA_5_3
--- a/package/sdl2_net/sdl2_net.mk
+++ b/package/sdl2_net/sdl2_net.mk
@@ -10,6 +10,6 @@ SDL2_NET_SITE = http://www.libsdl.org/projects/SDL_net/release
 SDL2_NET_LICENSE = Zlib
 SDL2_NET_LICENSE_FILES = COPYING.txt
 SDL2_NET_INSTALL_STAGING = YES
-SDL2_NET_DEPENDENCIES = sdl2
+SDL2_NET_DEPENDENCIES = sdl2 host-pkgconf

 $(eval $(autotools-package))
--- a/package/squashfs/Config.in
+++ b/package/squashfs/Config.in
@@ -2,7 +2,13 @@ config BR2_PACKAGE_SQUASHFS
 	bool "squashfs"
 	depends on BR2_TOOLCHAIN_HAS_THREADS
 	depends on BR2_USE_MMU # fork()
-	select BR2_PACKAGE_SQUASHFS_GZIP if !(BR2_PACKAGE_SQUASHFS_LZMA || BR2_PACKAGE_SQUASHFS_LZO)
+	# ensure at least on compression backend (defaults to gzip)
+	select BR2_PACKAGE_SQUASHFS_GZIP if !( \
+	       BR2_PACKAGE_SQUASHFS_LZ4 || \
+	       BR2_PACKAGE_SQUASHFS_LZMA || \
+	       BR2_PACKAGE_SQUASHFS_LZO || \
+	       BR2_PACKAGE_SQUASHFS_XZ || \
+	       BR2_PACKAGE_SQUASHFS_ZSTD)
 	help
 	  Tools to generate SquashFS filesystems.

--- a/package/swupdate/swupdate.hash
+++ b/package/swupdate/swupdate.hash
@@ -1,2 +1,3 @@
 # Locally calculated
-sha256  19156bb30c3517a0ff9c918a38062df3cfa70f02f8162da4971a2f47d108688e  swupdate-2018.03.tar.gz
+sha256  a65884ca18523cde1b0744d952d6f91462dbd4ad07941305f5684c6d4ec833dc  swupdate-2018.11.tar.gz
+sha256  dcc100d4161cc0b7177545ab6e47216f84857cda3843847c792a25289852dcaa  COPYING
--- a/package/swupdate/swupdate.mk
+++ b/package/swupdate/swupdate.mk
@@ -4,11 +4,16 @@
 #
 ################################################################################

-SWUPDATE_VERSION = 2018.03
+SWUPDATE_VERSION = 2018.11
 SWUPDATE_SITE = $(call github,sbabic,swupdate,$(SWUPDATE_VERSION))
 SWUPDATE_LICENSE = GPL-2.0+, LGPL-2.1+, MIT
 SWUPDATE_LICENSE_FILES = COPYING

+# swupdate uses $CROSS-cc instead of $CROSS-gcc, which is not
+# available in all external toolchains, and use CC for linking. Ensure
+# TARGET_CC is used for both.
+SWUPDATE_MAKE_ENV = CC="$(TARGET_CC)" LD="$(TARGET_CC)"
+
 # swupdate bundles its own version of mongoose (version 6.11)

 ifeq ($(BR2_PACKAGE_JSON_C),y)
--- a/package/uclibc/0002-xtensa-add-custom-bits-poll.h.patch
+++ b/package/uclibc/0002-xtensa-add-custom-bits-poll.h.patch
@@ -0,0 +1,93 @@
+From 0cae9700a4a421dc22c80d205fbae4d01fdd1356 Mon Sep 17 00:00:00 2001
+From: Max Filippov <jcmvbkbc@gmail.com>
+Date: Wed, 12 Dec 2018 06:58:01 -0800
+Subject: [PATCH] xtensa: add custom bits/poll.h
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Definitions of POLLWRNORM, POLLWRBAND and POLLREMOVE in xtensa linux
+kernel are non-standard. Provide bits/poll.h with correct values for
+these constants.
+
+This fixes the following strace build errors:
+
+  In file included from xlat/pollflags.h:4:0,
+                   from poll.c:34:
+  ./static_assert.h:40:24: error: static assertion failed: "POLLWRBAND != 0x0100"
+   # define static_assert _Static_assert
+                          ^
+  xlat/pollflags.h:75:1: note: in expansion of macro ‘static_assert’
+   static_assert((POLLWRBAND) == (0x0100), "POLLWRBAND != 0x0100");
+   ^~~~~~~~~~~~~
+  ./static_assert.h:40:24: error: static assertion failed: "POLLREMOVE != 0x0800"
+   # define static_assert _Static_assert
+                          ^
+  xlat/pollflags.h:117:1: note: in expansion of macro ‘static_assert’
+   static_assert((POLLREMOVE) == (0x0800), "POLLREMOVE != 0x0800");
+   ^~~~~~~~~~~~~
+
+Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
+---
+ libc/sysdeps/linux/xtensa/bits/poll.h | 49 +++++++++++++++++++++++++++++++++++
+ 1 file changed, 49 insertions(+)
+ create mode 100644 libc/sysdeps/linux/xtensa/bits/poll.h
+
+diff --git a/libc/sysdeps/linux/xtensa/bits/poll.h b/libc/sysdeps/linux/xtensa/bits/poll.h
+new file mode 100644
+index 000000000000..4588cc326006
+--- /dev/null
+++ b/libc/sysdeps/linux/xtensa/bits/poll.h
+@@ -0,0 +1,49 @@
+/* Copyright (C) 1997, 2001, 2006 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <http://www.gnu.org/licenses/>.  */
+
+#ifndef _SYS_POLL_H
+# error "Never use <bits/poll.h> directly; include <sys/poll.h> instead."
+#endif
+
+/* Event types that can be polled for.  These bits may be set in `events'
+   to indicate the interesting event types; they will appear in `revents'
+   to indicate the status of the file descriptor.  */
+#define POLLIN		0x001		/* There is data to read.  */
+#define POLLPRI		0x002		/* There is urgent data to read.  */
+#define POLLOUT		0x004		/* Writing now will not block.  */
+
+#ifdef __USE_XOPEN
+/* These values are defined in XPG4.2.  */
+# define POLLRDNORM	0x040		/* Normal data may be read.  */
+# define POLLRDBAND	0x080		/* Priority data may be read.  */
+# define POLLWRNORM	POLLOUT		/* Writing now will not block.  */
+# define POLLWRBAND	0x100		/* Priority data may be written.  */
+#endif
+
+#ifdef __USE_GNU
+/* These are extensions for Linux.  */
+# define POLLMSG	0x400
+# define POLLREMOVE	0x800
+# define POLLRDHUP	0x2000
+#endif
+
+/* Event types always implicitly polled for.  These bits need not be set in
+   `events', but they will appear in `revents' to indicate the status of
+   the file descriptor.  */
+#define POLLERR		0x008		/* Error condition.  */
+#define POLLHUP		0x010		/* Hung up.  */
+#define POLLNVAL	0x020		/* Invalid polling request.  */
+-- 
+2.11.0
+
--- a/package/uclibc/0005-statfs.h-sync-generic-header-with-glibc.patch
+++ b/package/uclibc/0005-statfs.h-sync-generic-header-with-glibc.patch
@@ -0,0 +1,169 @@
+From 8a73a967e18c55199785bae0f22dc94d9b2f8985 Mon Sep 17 00:00:00 2001
+From: Waldemar Brodkorb <wbrodkorb@conet.de>
+Date: Tue, 27 Nov 2018 15:41:37 +0100
+Subject: [PATCH] statfs.h: sync generic header with glibc
+
+Fix issues with aarch64 and df with mismatching header between kernel
+and libc.
+
+Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
+---
+ .../linux/common-generic/bits/statfs.h        | 84 +++++++++----------
+ libc/sysdeps/linux/common/fstatfs.c           |  9 --
+ libc/sysdeps/linux/common/statfs.c            | 10 ---
+ 3 files changed, 40 insertions(+), 63 deletions(-)
+
+diff --git a/libc/sysdeps/linux/common-generic/bits/statfs.h b/libc/sysdeps/linux/common-generic/bits/statfs.h
+index a2767b49a..23519a57e 100644
+--- a/libc/sysdeps/linux/common-generic/bits/statfs.h
+++ b/libc/sysdeps/linux/common-generic/bits/statfs.h
+@@ -11,65 +11,61 @@
+ #include <endian.h>
+ #include <bits/align64bit.h>
+ #include <bits/types.h>
+#include <bits/wordsize.h>
+ 
+/* 64-bit libc uses the kernel's 'struct statfs', accessed via the
+   statfs() syscall; 32-bit libc uses the kernel's 'struct statfs64'
+   and accesses it via the statfs64() syscall.  All the various
+   APIs offered by libc use the kernel shape for their struct statfs
+   structure; the only difference is that 32-bit programs not
+   using __USE_FILE_OFFSET64 only see the low 32 bits of some
+   of the fields (the __fsblkcnt_t and __fsfilcnt_t fields).  */
+
+#if defined __USE_FILE_OFFSET64
+# define __field64(type, type64, name) type64 name
+#elif __WORDSIZE == 64
+# define __field64(type, type64, name) type name
+#elif __BYTE_ORDER == __LITTLE_ENDIAN
+# define __field64(type, type64, name) \
+  type name __attribute__((__aligned__ (__alignof__ (type64)))); int __##name##_pad
+#else
+# define __field64(type, type64, name) \
+  int __##name##_pad __attribute__((__aligned__ (__alignof__ (type64)))); type name
+#endif
+ 
+ struct statfs
+   {
+-    __U32_TYPE f_type;
+-    __U32_TYPE f_bsize;
+-#ifndef __USE_FILE_OFFSET64
+-# if __BYTE_ORDER == __LITTLE_ENDIAN
+-    __U32_TYPE f_blocks;
+-    __U32_TYPE __pad1;
+-    __U32_TYPE f_bfree;
+-    __U32_TYPE __pad2;
+-    __U32_TYPE f_bavail;
+-    __U32_TYPE __pad3;
+-    __U32_TYPE f_files;
+-    __U32_TYPE __pad4;
+-    __U32_TYPE f_ffree;
+-    __U32_TYPE __pad5;
+-# else
+-    __U32_TYPE __pad1;
+-    __U32_TYPE f_blocks;
+-    __U32_TYPE __pad2;
+-    __U32_TYPE f_bfree;
+-    __U32_TYPE __pad3;
+-    __U32_TYPE f_bavail;
+-    __U32_TYPE __pad4;
+-    __U32_TYPE f_files;
+-    __U32_TYPE __pad5;
+-    __U32_TYPE f_ffree;
+-# endif /* __LITTLE_ENDIAN */
+-#else
+-    __U64_TYPE f_blocks;
+-    __U64_TYPE f_bfree;
+-    __U64_TYPE f_bavail;
+-    __U64_TYPE f_files;
+-    __U64_TYPE f_ffree;
+-#endif /* __USE_FILE_OFFSET64 */
+    __SWORD_TYPE f_type;
+    __SWORD_TYPE f_bsize;
+    __field64(__fsblkcnt_t, __fsblkcnt64_t, f_blocks);
+    __field64(__fsblkcnt_t, __fsblkcnt64_t, f_bfree);
+    __field64(__fsblkcnt_t, __fsblkcnt64_t, f_bavail);
+    __field64(__fsfilcnt_t, __fsfilcnt64_t, f_files);
+    __field64(__fsfilcnt_t, __fsfilcnt64_t, f_ffree);
+     __fsid_t f_fsid;
+-    __U32_TYPE f_namelen;
+-    __U32_TYPE f_frsize;
+-    __U32_TYPE f_flags;
+-    __U32_TYPE f_spare[4];
+-  } __ARCH_64BIT_ALIGNMENT__;
+    __SWORD_TYPE f_namelen;
+    __SWORD_TYPE f_frsize;
+    __SWORD_TYPE f_flags;
+    __SWORD_TYPE f_spare[4];
+  };
+
+#undef __field64
+ 
+ #ifdef __USE_LARGEFILE64
+ struct statfs64
+   {
+-    __U32_TYPE f_type;
+-    __U32_TYPE f_bsize;
+    __SWORD_TYPE f_type;
+    __SWORD_TYPE f_bsize;
+     __U64_TYPE f_blocks;
+     __U64_TYPE f_bfree;
+     __U64_TYPE f_bavail;
+     __U64_TYPE f_files;
+     __U64_TYPE f_ffree;
+     __fsid_t f_fsid;
+-    __U32_TYPE f_namelen;
+-    __U32_TYPE f_frsize;
+-    __U32_TYPE f_flags;
+-    __U32_TYPE f_spare[4];
+    __SWORD_TYPE f_namelen;
+    __SWORD_TYPE f_frsize;
+    __SWORD_TYPE f_flags;
+    __SWORD_TYPE f_spare[4];
+   };
+ #endif
+ 
+diff --git a/libc/sysdeps/linux/common/fstatfs.c b/libc/sysdeps/linux/common/fstatfs.c
+index fcb0820eb..0b2709ce3 100644
+--- a/libc/sysdeps/linux/common/fstatfs.c
+++ b/libc/sysdeps/linux/common/fstatfs.c
+@@ -30,15 +30,6 @@ _syscall2(int, __libc_fstatfs, int, fd, struct statfs *, buf)
+ int __libc_fstatfs (int __fildes, struct statfs *__buf)
+ {
+ 	int err = INLINE_SYSCALL(fstatfs64, 3, __fildes, sizeof(*__buf), __buf);
+-
+-	if (err == 0) {
+-		/* Did we overflow? */
+-		if (__buf->__pad1 || __buf->__pad2 || __buf->__pad3 ||
+-		    __buf->__pad4 || __buf->__pad5) {
+-			__set_errno(EOVERFLOW);
+-			return -1;
+-		}
+-	}
+ 	return err;
+ };
+ /* Redefined fstatfs because we need it for backwards compatibility */
+diff --git a/libc/sysdeps/linux/common/statfs.c b/libc/sysdeps/linux/common/statfs.c
+index ab9ec0e56..2990ff3e2 100644
+--- a/libc/sysdeps/linux/common/statfs.c
+++ b/libc/sysdeps/linux/common/statfs.c
+@@ -18,16 +18,6 @@ extern __typeof(statfs) __libc_statfs attribute_hidden;
+ int __libc_statfs(const char *path, struct statfs *buf)
+ {
+ 	int err = INLINE_SYSCALL(statfs64, 3, path, sizeof(*buf), buf);
+-
+-	if (err == 0) {
+-		/* Did we overflow? */
+-		if (buf->__pad1 || buf->__pad2 || buf->__pad3 ||
+-		    buf->__pad4 || buf->__pad5) {
+-			__set_errno(EOVERFLOW);
+-			return -1;
+-		}
+-	}
+-
+ 	return err;
+ }
+ # if defined __UCLIBC_LINUX_SPECIFIC__ || defined __UCLIBC_HAS_THREADS_NATIVE__
+-- 
+2.19.1
+
--- a/package/vte/Config.in
+++ b/package/vte/Config.in
@@ -4,6 +4,7 @@ config BR2_PACKAGE_VTE
 	depends on BR2_TOOLCHAIN_HAS_THREADS
 	depends on BR2_USE_MMU
 	depends on BR2_INSTALL_LIBSTDCPP
+	depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_8 # C++11
 	depends on BR2_TOOLCHAIN_HAS_SYNC_4
 	depends on BR2_PACKAGE_HAS_LIBEGL_WAYLAND || \
 		BR2_PACKAGE_HAS_LIBGL
@@ -20,11 +21,12 @@ config BR2_PACKAGE_VTE

 	  http://github.com/GNOME/vte

-comment "vte needs a toolchain w/ wchar, threads, C++"
+comment "vte needs a toolchain w/ wchar, threads, C++, gcc >= 4.8"
 	depends on BR2_USE_MMU
 	depends on BR2_TOOLCHAIN_HAS_SYNC_4
 	depends on !BR2_USE_WCHAR || !BR2_INSTALL_LIBSTDCPP || \
-		!BR2_TOOLCHAIN_HAS_THREADS
+		!BR2_TOOLCHAIN_HAS_THREADS || \
+		!BR2_TOOLCHAIN_GCC_AT_LEAST_4_8

 comment "vte needs an OpenGL or an OpenGL-EGL/wayland backend"
 	depends on BR2_USE_MMU
--- a/package/webkitgtk/webkitgtk.hash
+++ b/package/webkitgtk/webkitgtk.hash
@@ -1,7 +1,7 @@
-# From https://webkitgtk.org/releases/webkitgtk-2.22.4.tar.xz.sums
-md5 9f08d09cfc21c761a431a545549f301a webkitgtk-2.22.4.tar.xz
-sha1 adf857c8a8b8fb79ba9b01bbe4b454956e633952 webkitgtk-2.22.4.tar.xz
-sha256 fab5be2883802352ae0e735dd1eff4bc18abaff7ac78689cec72eb2f611943b8 webkitgtk-2.22.4.tar.xz
+# From https://webkitgtk.org/releases/webkitgtk-2.22.5.tar.xz.sums
+md5 96a731522b800f38e70f85c22f8de477 webkitgtk-2.22.5.tar.xz
+sha1 809b067a1672a81a4ce31363a0872c668cc72953 webkitgtk-2.22.5.tar.xz
+sha256 99d3863f418a7c3a3e37e5062950dbf2d91fb106ec1633459b0ef6f2d5f6cb13 webkitgtk-2.22.5.tar.xz

 # Hashes for license files:
 sha256 0b5d3a7cc325942567373b0ecd757d07c132e0ebd7c97bfc63f7e1a76094edb4 Source/WebCore/LICENSE-APPLE
--- a/package/webkitgtk/webkitgtk.mk
+++ b/package/webkitgtk/webkitgtk.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################

-WEBKITGTK_VERSION = 2.22.4
+WEBKITGTK_VERSION = 2.22.5
 WEBKITGTK_SITE = http://www.webkitgtk.org/releases
 WEBKITGTK_SOURCE = webkitgtk-$(WEBKITGTK_VERSION).tar.xz
 WEBKITGTK_INSTALL_STAGING = YES
--- a/package/wine/wine.mk
+++ b/package/wine/wine.mk
@@ -10,6 +10,7 @@ WINE_SITE = https://dl.winehq.org/wine/source/3.0
 WINE_LICENSE = LGPL-2.1+
 WINE_LICENSE_FILES = COPYING.LIB LICENSE
 WINE_DEPENDENCIES = host-bison host-flex host-wine
+HOST_WINE_DEPENDENCIES = host-bison host-flex

 # Wine needs its own directory structure and tools for cross compiling
 WINE_CONF_OPTS = \
--- a/package/xen/xen.hash
+++ b/package/xen/xen.hash
@@ -1,3 +1,3 @@
 # Locally computed
-sha256 826e3a9f6d0eac94a825d272cc2c1294e22640ae75af906eb13920f9ad667643 xen-4.11.0.tar.gz
+sha256 be88cb2443761990efc1070d9718016561fe19066af232f9bfae572922897e59 xen-4.11.1.tar.gz
 sha256 dba0d79260259c013c52e5d4daeaea564a2fbb9ff7fc6778c377a401ec3898de COPYING
--- a/package/xen/xen.mk
+++ b/package/xen/xen.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################

-XEN_VERSION = 4.11.0
+XEN_VERSION = 4.11.1
 XEN_SITE = https://downloads.xenproject.org/release/xen/$(XEN_VERSION)
 XEN_LICENSE = GPL-2.0
 XEN_LICENSE_FILES = COPYING
--- a/support/download/dl-wrapper
+++ b/support/download/dl-wrapper
@@ -93,7 +93,7 @@ main() {
        esac
        uri=${uri#*+}

-        urlencode=${backend#*|}
+        urlencode=${backend_urlencode#*|}
        # urlencode must be "urlencode"
        [ "${urlencode}" != "urlencode" ] && urlencode=""