Update for 2020.05-rc3

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

CHANGES

@@ -1,3 +1,84 @@
+2020.05-rc3, released May 29th, 2020
+
+	Fixes all over the tree.
+
+	Infrastructure: Support checking download hashes for packages
+	coming from Subversion.
+
+	Defconfigs: Increase boot partition size to 64MB for Freescale
+	boards to allow space for bigger kernels.
+
+	Updated/fixed packages: audit, bind, dovecot, efl, erlang,
+	ffmpeg, fio, gerbera, gnupg, leveldb, lrzip, ltrace, matio,
+	mesa3d, mp4v2, prosody, qemu, qt5declarative, speexdsp,
+	systemd, tremor, uboot-tools, unbound, wireshark
+
+	Removed packages: wiringpi
+
+	Issues resolved (http://bugs.uclibc.org):
+
+	#12361: Init system (systemd) kills login on Raspberry Pi Zero
+	#12686: recipe for target 'install_dev' failed (libcrypto.so..)
+
+2020.05-rc2, released May 22nd 2020
+
+	Fixes all over the tree.
+
+	U-Boot: Support building with Python 3.x instead of Python
+	2.x. Since U-Boot 2020.01, various U-Boot build scripts use
+	Python 3.x instead of Python 2.x, so add an option to pull in
+	host-python3 rather than host-python. Also fix a number of
+	defconfigs to use this new option.
+
+	Updated/fixed packages: apparmor, binutils, bison, brltty,
+	c-icap, cegui, checkpolicy, clamav, crda, cvs, docker-cli,
+	docker-engine, domoticz, elf2flt, exfatprogs, fakeroot,
+	ffmpeg, freerdp, gcc, glibc, gnuconfig, irrlicht, kmod,
+	libexif, libpam-tacplus, libssh2, libv4l, libvncserver,
+	localedef, lrzip, mariadb, matchbox, mbuffer, mesa3d,
+	mesa3d-headers, meson, netsniff-ng, openldap, openocd,
+	optee-os, p7zip, paho-mqtt-c, php, piglit, pigz,
+	python-argon2-cffi, python-attrs, python-future,
+	python-markdown, python-pycryptodomex, python-pyqt5, qt5base,
+	rpi-firmware, rustc, squashfs, squid, stella, suricata,
+	systemd, uacme, uclibc, util-linux, vboot-utils
+
+	New packages: python3-pyelftools
+
+	Removed packages: ezxml, mtdev2tuio, python-pycrypto
+
+	Issues resolved (http://bugs.uclibc.org):
+
+	#10551: PowerPC SPE and Musl
+	#12256: package tar is outdated (1.29 is 3 years old)
+	#12271: python-iptables runtime dependencies
+	#12321: host-generic-package: PKG_DL_OPTS not used for host package
+	#12391: CMake-based host package fails to include output/host/include
+	#12431: ethernet no detected on nanopi neo 2
+	#12521: RISCV RV32IA selected, RV64GC output
+	#12586: avahi failure
+	#12596: host-e2fsprogs: tune2fs incompatibility on older glibc..
+	#12611: ntp hash is not matching with upstream 4.2.8p13
+	#12626: PHP missing header files within 2020.02
+	#12631: glibc support Power-PC SPE
+	#12656: bison fails to relocate with relocate-sdk.sh
+	#12661: cups problems in buildroot
+	#12686: recipe for target 'install_dev' failed (libcrypto.so:..
+	#12691: host-rust build fails
+	#12761: Buildroot fails when building GCNano binaries for the STM..
+	#12786: Systemd spawns two getty processes when the getty port..
+	#12806: There are multiple issues in buildroot that faults cups..
+	#12826: nodejs-12.16.1: error: 'uv_sleep' was not declared in..
+	#12831: RPI-firmware package: DTB-overlay dependency
+	#12836: libunwind: package does not show up in menuconfig for..
+	#12841: util-linux/sfdisk 2.35.1 fails on sector-size header
+	#12866: should we be disabling bash executable path caching?
+	#12886: GMP built in wrong order (?)
+	#12891: QEMU, libvirt-bin, qemu-kvm Package Support required
+	#12901: GStreamer doesn't build on 2020-05 rc1 with GObject..
+	#12906: qt PrefixPath is wrong on 2020.05-rc1
+	#12921: nodejs-12.16.1: error: overriding 'virtual icu_65::..
+
 2020.05-rc1, released May 7th 2020
 
 	Addition of support for gobject-introspection: both the
@@ -77,6 +158,48 @@
 	#12796: Update OpenSSL to Version 1.1.1g to patch  CVE-2020-1967
 	#12811: bootstrap stuck and no login prompt
 
+2020.02.2, released May 12th, 2020
+
+	Important / security related fixes.
+
+	Musl: Disallow on PPC64 cores without AltiVec support
+	(E.G. e5500).
+
+	fs/cpio: Correctly handle booting with 'console='
+
+	release: Ensure temporary .br2-external.* files are not
+	included in the release tarball
+
+	Defconfigs: Fix various mistyped config options, or config
+	options where the dependencies were no longer met.
+
+	Updated/fixed packages: apache, azure-iot-sdk-c, binutils,
+	boinc, c-ares, cvs, docker-cli, docker-containerd,
+	docker-engine, domoticz, e2fsprogs, efl, evtest, exim, ffmpeg,
+	freerdp, gcc, gflags, glibc, gnuconfig, haproxy, imx-gpu-2d,
+	irrlicht, jpeg kodi-pvr-vuplus, libarchive, libcoap,
+	libfpm-extra, libglib2, libhtp, libid3tag, libinput, libmad,
+	libopenssl, libsepol, libssh, libv4l, libvncserver, libwpe,
+	localedef, mariadb, matchbox, mbedtls, mc, mesa3d-headers,
+	meson, midori, msgpack, netsnmp, nginx, ogre, openjdk,
+	openldap, openvpn, p7zip, paho-mqtt-c, php, polkit, python,
+	python-attrs, python-crossbar, python-dpkt, python-flask,
+	python-future, python-iptables, python-jedi, python-markdown2,
+	python3, qemu, qpdf, qt5, samba4, squashfs, squid, strongswan,
+	suricata, tzdata, util-linux, vlc, wget, webkitgtk,
+	wireguard-linux-compat, wireshark, wpebackend-fdo, wpewebkit,
+	zic
+
+	Issues resolved (http://bugs.uclibc.org):
+
+	#11866: initramfs file system fails to boot using Grub on EFI x86_64
+	#12271: python-iptables runtime dependencies
+	#12726: systemctl preset-all failed for ctrl-alt-del.target
+	#12751: OpenJdk package installation issues on target
+	#12796: Update OpenSSL to Version 1.1.1g to patch CVE-2020-1967
+	#12811: bootstrap stuck and no login prompt
+	#12841: util-linux/sfdisk 2.35.1 fails on sector-size header
+
 2020.02.1, released April 10th, 2020
 
 	Important / security related fixes.

Config.in.legacy

@@ -146,6 +146,36 @@ endif
 
 comment "Legacy options removed in 2020.05"
 
+config BR2_PACKAGE_WIRINGPI
+	bool "wiringpi package removed"
+	select BR2_LEGACY
+	help
+	  The author of wiringpi has deprecated the package, and
+	  completely removed the git tree that was serving the
+	  sources, with this message:
+	  Please look for alternatives for wiringPi
+
+config BR2_PACKAGE_PYTHON_PYCRYPTO
+	bool "python-pycrypto package removed"
+	select BR2_LEGACY
+	help
+	  This package has been removed, use python-pycryptodomex
+	  instead.
+
+config BR2_PACKAGE_MTDEV2TUIO
+	bool "mtdev2tuio package removed"
+	select BR2_LEGACY
+	help
+	  The mtdev2tuio package was removed as it breaks the builds
+	  every now and then and is not maintained upstream.
+
+config BR2_PACKAGE_EZXML
+	bool "ezxml package removed"
+	select BR2_LEGACY
+	help
+	  The ezXML package was removed as it is affected by several
+	  CVEs and is not maintained anymore (no release since 2006).
+
 config BR2_PACKAGE_COLLECTD_LVM
 	bool "lvm support in collectd was removed"
 	select BR2_LEGACY

DEVELOPERS

@@ -2058,7 +2058,6 @@ F:	package/postgresql/
 F:	package/qt5/
 F:	package/quotatool/
 F:	package/racehound/
-F:	package/wiringpi/
 
 N:	Peter Thompson <peter.macleod.thompson@gmail.com>
 F:	package/sdl2_gfx/
@@ -2250,7 +2249,6 @@ F:	package/davfs2/
 N:	Ryan Barnett <ryan.barnett@rockwellcollins.com>
 F:	package/atftp/
 F:	package/miraclecast/
-F:	package/python-pycrypto/
 F:	package/python-pysnmp/
 F:	package/python-pysnmp-mibs/
 F:	package/python-tornado/
@@ -2396,11 +2394,8 @@ F:	package/libscrypt/
 N:	Stephan Hoffmann <sho@relinux.de>
 F:	package/cache-calibrator/
 F:	package/gtest/
-F:	package/mtdev/
-F:	package/mtdev2tuio/
-
-N:	Stephan Hoffmann <stephan.hoffmann@ext.grandcentrix.net>
 F:	package/libhttpserver/
+F:	package/mtdev/
 
 N:	Steve Calfee <stevecalfee@gmail.com>
 F:	package/python-pymysql/

Makefile

@@ -92,9 +92,9 @@ all:
 .PHONY: all
 
 # Set and export the version string
-export BR2_VERSION := 2020.05-rc1
+export BR2_VERSION := 2020.05-rc3
 # Actual time the release is cut (for reproducible builds)
-BR2_VERSION_EPOCH = 1588882900
+BR2_VERSION_EPOCH = 1590784000
 
 # Save running make version since it's clobbered by the make package
 RUNNING_MAKE_VERSION := $(MAKE_VERSION)
@@ -1190,7 +1190,7 @@ release: OUT = buildroot-$(BR2_VERSION)
 release:
 	git archive --format=tar --prefix=$(OUT)/ HEAD > $(OUT).tar
 	$(MAKE) O=$(OUT) manual-html manual-text manual-pdf
-	$(MAKE) O=$(OUT) clean
+	$(MAKE) O=$(OUT) distclean
 	tar rf $(OUT).tar $(OUT)
 	gzip -9 -c < $(OUT).tar > $(OUT).tar.gz
 	bzip2 -9 -c < $(OUT).tar > $(OUT).tar.bz2

board/freescale/common/imx/genimage.cfg.template_imx8

@@ -14,7 +14,7 @@ image boot.vfat {
       %FILES%
     }
   }
-  size = 32M
+  size = 64M
 }
 
 image sdcard.img {

boot/optee-os/0001-scripts-pem_to_pub_c.py-sign.py-use-pycryptodomex.patch

@@ -0,0 +1,64 @@
+From 06e71feaeb08349abe56b50c3dfb08a8341cf55f Mon Sep 17 00:00:00 2001
+From: Romain Naour <romain.naour@gmail.com>
+Date: Sun, 26 Apr 2020 21:55:55 +0200
+Subject: [PATCH] scripts/pem_to_pub_c.py/sign.py: use pycryptodomex
+
+These scripts still use pycrypto.
+
+From [1]:
+"PyCryptodome is a fork of PyCrypto, which is not maintained any more
+(the last release dates back to 2013 [2]). It exposes almost the same
+API, but there are a few incompatibilities [3]."
+
+Don't use upstream commit since it also switches from the algorithm
+TEE_ALG_RSASSA_PKCS1_V1_5_SHA256 to TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256
+when replacing pycrypto to pycryptodomex [4].
+
+[1] https://github.com/OP-TEE/optee_os/commit/90ad2450436fdd9fc0d28a3f92f3fbcfd89a38f0
+[2] https://pypi.org/project/pycrypto/#history
+[3] https://pycryptodome.readthedocs.io/en/latest/src/vs_pycrypto.html
+[4] https://github.com/OP-TEE/optee_os/commit/ababd72d2fd76cb2ded8e202b49db28d6545f6eb
+
+Signed-off-by: Romain Naour <romain.naour@gmail.com>
+---
+ scripts/pem_to_pub_c.py | 4 ++--
+ scripts/sign.py         | 8 ++++----
+ 2 files changed, 6 insertions(+), 6 deletions(-)
+
+diff --git a/scripts/pem_to_pub_c.py b/scripts/pem_to_pub_c.py
+index 3a896a39..d3f0e500 100755
+--- a/scripts/pem_to_pub_c.py
++++ b/scripts/pem_to_pub_c.py
+@@ -21,8 +21,8 @@ def get_args():
+ 
+ def main():
+     import array
+-    from Crypto.PublicKey import RSA
+-    from Crypto.Util.number import long_to_bytes
++    from Cryptodome.PublicKey import RSA
++    from Cryptodome.Util.number import long_to_bytes
+ 
+     args = get_args()
+ 
+diff --git a/scripts/sign.py b/scripts/sign.py
+index 2939c591..80ce2e9f 100755
+--- a/scripts/sign.py
++++ b/scripts/sign.py
+@@ -121,10 +121,10 @@ def get_args(logger):
+ 
+ 
+ def main():
+-    from Crypto.Signature import PKCS1_v1_5
+-    from Crypto.Hash import SHA256
+-    from Crypto.PublicKey import RSA
+-    from Crypto.Util.number import ceil_div
++    from Cryptodome.Signature import PKCS1_v1_5
++    from Cryptodome.Hash import SHA256
++    from Cryptodome.PublicKey import RSA
++    from Cryptodome.Util.number import ceil_div
+     import base64
+     import logging
+     import os
+-- 
+2.25.3
+

boot/optee-os/optee-os.mk

@@ -21,7 +21,7 @@ else
 OPTEE_OS_SITE = $(call github,OP-TEE,optee_os,$(OPTEE_OS_VERSION))
 endif
 
-OPTEE_OS_DEPENDENCIES = host-openssl host-python-pycrypto host-python-pyelftools
+OPTEE_OS_DEPENDENCIES = host-openssl host-python-pycryptodomex host-python-pyelftools
 
 # On 64bit targets, OP-TEE OS can be built in 32bit mode, or
 # can be built in 64bit mode and support 32bit and 64bit

boot/uboot/Config.in

@@ -147,14 +147,45 @@ config BR2_TARGET_UBOOT_NEEDS_DTC
 	  Select this option if your U-Boot board configuration
 	  requires the Device Tree compiler to be available.
 
+config BR2_TARGET_UBOOT_NEEDS_PYTHON
+	bool
+
+choice
+	bool "U-Boot needs host Python"
+
+config BR2_TARGET_UBOOT_NEEDS_PYTHON_NONE
+	bool "no"
+	depends on !BR2_TARGET_UBOOT_NEEDS_PYTHON
+	help
+	  Select this option if U-Boot does not need any
+	  host python to build.
+
+config BR2_TARGET_UBOOT_NEEDS_PYTHON2
+	bool "python 2.x"
+	help
+	  Select this option if U-Boot needs a host Python 2.x
+	  interpreter. This is the case for some U-Boot
+	  configurations, prior to U-Boot 2020.01.
+
+config BR2_TARGET_UBOOT_NEEDS_PYTHON3
+	bool "python 3.x"
+	help
+	  Select this option if U-Boot needs a host Python 3.x
+	  interpreter. This is the case for some U-Boot
+	  configurations, after U-Boot 2020.01.
+
+endchoice
+
 config BR2_TARGET_UBOOT_NEEDS_PYLIBFDT
 	bool "U-Boot needs pylibfdt"
+	select BR2_TARGET_UBOOT_NEEDS_PYTHON
 	help
 	  Select this option if your U-Boot board configuration
 	  requires the Python libfdt library to be available.
 
 config BR2_TARGET_UBOOT_NEEDS_PYELFTOOLS
 	bool "U-Boot needs pyelftools"
+	select BR2_TARGET_UBOOT_NEEDS_PYTHON
 	help
 	  Select this option if your U-Boot board configuration
 	  requires the Python pyelftools library to be available.

boot/uboot/uboot.mk

@@ -159,12 +159,22 @@ ifeq ($(BR2_TARGET_UBOOT_NEEDS_DTC),y)
 UBOOT_DEPENDENCIES += host-dtc
 endif
 
+ifeq ($(BR2_TARGET_UBOOT_NEEDS_PYTHON2),y)
+UBOOT_DEPENDENCIES += host-python
+else ifeq ($(BR2_TARGET_UBOOT_NEEDS_PYTHON3),y)
+UBOOT_DEPENDENCIES += host-python3
+endif
+
 ifeq ($(BR2_TARGET_UBOOT_NEEDS_PYLIBFDT),y)
-UBOOT_DEPENDENCIES += host-python host-swig
+UBOOT_DEPENDENCIES += host-swig
 endif
 
 ifeq ($(BR2_TARGET_UBOOT_NEEDS_PYELFTOOLS),y)
+ifeq ($(BR2_TARGET_UBOOT_NEEDS_PYTHON2),y)
 UBOOT_DEPENDENCIES += host-python-pyelftools
+else ifeq ($(BR2_TARGET_UBOOT_NEEDS_PYTHON3),y)
+UBOOT_DEPENDENCIES += host-python3-pyelftools
+endif
 endif
 
 ifeq ($(BR2_TARGET_UBOOT_NEEDS_OPENSSL),y)

configs/beelink_gs1_defconfig

@@ -34,6 +34,7 @@ BR2_TARGET_UBOOT_CUSTOM_VERSION=y
 BR2_TARGET_UBOOT_CUSTOM_VERSION_VALUE="2020.01"
 BR2_TARGET_UBOOT_BOARD_DEFCONFIG="beelink_gs1"
 BR2_TARGET_UBOOT_NEEDS_DTC=y
+BR2_TARGET_UBOOT_NEEDS_PYTHON3=y
 BR2_TARGET_UBOOT_NEEDS_PYLIBFDT=y
 BR2_TARGET_UBOOT_NEEDS_ATF_BL31=y
 BR2_TARGET_UBOOT_SPL=y

configs/nanopi_neo4_defconfig

@@ -22,8 +22,7 @@ BR2_TARGET_UBOOT_CUSTOM_VERSION=y
 BR2_TARGET_UBOOT_CUSTOM_VERSION_VALUE="2020.01"
 BR2_TARGET_UBOOT_BOARD_DEFCONFIG="nanopi-neo4-rk3399"
 BR2_TARGET_UBOOT_NEEDS_DTC=y
-BR2_TARGET_UBOOT_NEEDS_PYLIBFDT=y
-BR2_TARGET_UBOOT_NEEDS_PYELFTOOLS=y
+BR2_TARGET_UBOOT_NEEDS_PYTHON3=y
 BR2_TARGET_UBOOT_NEEDS_ATF_BL31=y
 BR2_TARGET_UBOOT_NEEDS_ATF_BL31_ELF=y
 BR2_TARGET_UBOOT_FORMAT_CUSTOM=y

configs/olimex_a20_olinuxino_lime2_defconfig

@@ -46,6 +46,7 @@ BR2_TARGET_UBOOT_CUSTOM_VERSION=y
 BR2_TARGET_UBOOT_CUSTOM_VERSION_VALUE="2020.04"
 BR2_TARGET_UBOOT_BOARD_DEFCONFIG="A20-OLinuXino-Lime2"
 BR2_TARGET_UBOOT_NEEDS_DTC=y
+BR2_TARGET_UBOOT_NEEDS_PYTHON3=y
 BR2_TARGET_UBOOT_NEEDS_PYLIBFDT=y
 BR2_TARGET_UBOOT_FORMAT_BIN=y
 BR2_TARGET_UBOOT_SPL=y

configs/olimex_a20_olinuxino_lime_defconfig

@@ -46,6 +46,7 @@ BR2_TARGET_UBOOT_CUSTOM_VERSION=y
 BR2_TARGET_UBOOT_CUSTOM_VERSION_VALUE="2020.04"
 BR2_TARGET_UBOOT_BOARD_DEFCONFIG="A20-OLinuXino-Lime"
 BR2_TARGET_UBOOT_NEEDS_DTC=y
+BR2_TARGET_UBOOT_NEEDS_PYTHON3=y
 BR2_TARGET_UBOOT_NEEDS_PYLIBFDT=y
 BR2_TARGET_UBOOT_FORMAT_BIN=y
 BR2_TARGET_UBOOT_SPL=y

configs/raspberrypi3_64_defconfig

@@ -17,7 +17,6 @@ BR2_LINUX_KERNEL_DEFCONFIG="bcmrpi3"
 # Build the DTB from the kernel sources
 BR2_LINUX_KERNEL_DTS_SUPPORT=y
 BR2_LINUX_KERNEL_INTREE_DTS_NAME="broadcom/bcm2710-rpi-3-b broadcom/bcm2710-rpi-3-b-plus broadcom/bcm2837-rpi-3-b"
-BR2_LINUX_KERNEL_DTB_OVERLAY_SUPPORT=y
 
 BR2_LINUX_KERNEL_NEEDS_HOST_OPENSSL=y
 

configs/raspberrypi4_64_defconfig

@@ -17,7 +17,6 @@ BR2_LINUX_KERNEL_DEFCONFIG="bcm2711"
 # Build the DTB from the kernel sources
 BR2_LINUX_KERNEL_DTS_SUPPORT=y
 BR2_LINUX_KERNEL_INTREE_DTS_NAME="broadcom/bcm2711-rpi-4-b"
-BR2_LINUX_KERNEL_DTB_OVERLAY_SUPPORT=y
 
 BR2_LINUX_KERNEL_NEEDS_HOST_OPENSSL=y
 

configs/roc_pc_rk3399_defconfig

@@ -22,8 +22,7 @@ BR2_TARGET_UBOOT_CUSTOM_VERSION=y
 BR2_TARGET_UBOOT_CUSTOM_VERSION_VALUE="2020.01"
 BR2_TARGET_UBOOT_BOARD_DEFCONFIG="roc-pc-rk3399"
 BR2_TARGET_UBOOT_NEEDS_DTC=y
-BR2_TARGET_UBOOT_NEEDS_PYLIBFDT=y
-BR2_TARGET_UBOOT_NEEDS_PYELFTOOLS=y
+BR2_TARGET_UBOOT_NEEDS_PYTHON3=y
 BR2_TARGET_UBOOT_NEEDS_ATF_BL31=y
 BR2_TARGET_UBOOT_NEEDS_ATF_BL31_ELF=y
 BR2_TARGET_UBOOT_FORMAT_CUSTOM=y

docs/manual/manual.txt

@@ -66,6 +66,8 @@ include::contribute.txt[]
 
 include::developers.txt[]
 
+include::release-engineering.txt[]
+
 = Appendix
 
 include::appendix.txt[]

docs/manual/release-engineering.txt

@@ -0,0 +1,34 @@
+// -*- mode:doc; -*-
+// vim: set syntax=asciidoc:
+
+[[RELENG]]
+== Release Engineering
+=== Releases
+
+The Buildroot project makes quarterly releases with monthly bugfix
+releases.  The first release of each year is a long term support
+release, LTS.
+
+ - Quarterly releases: 2020.02, 2020.05, 2020.08, and 2020.11
+ - Bugfix releases: 2020.02.1, 2020.02.2, ...
+ - LTS releases: 2020.02, 2021.02, ...
+
+Releases are supported until the first bugfix release of the next
+release, e.g., 2020.05.x is EOL when 2020.08.1 is released.
+
+LTS releases are supported until the first bugfix release of the next
+LTS, e.g., 2020.02.x is supported until 2021.02.1 is released.
+
+=== Development
+
+Each release cycle consist of two months of development on the +master+
+branch and one month stabilization before the release is made.  During
+this phase no new features are added to +master+, only bugfixes.
+
+The stabilization phase starts with tagging +-rc1+, and every week until
+the release, another release candidate is tagged.
+
+To handle new features and version bumps during the stabilization phase,
+a +next+ branch may be created for these features.  Once the current
+release has been made, the +next+ branch is merged into +master+ and
+the development cycle for the next release continues there.

docs/website/download.html

@@ -8,37 +8,37 @@
     <div class="panel-heading">Download</div>
     <div class="panel-body">
 
-      <h3 style="text-align: center;">Latest stable / long term support release: <b>2020.02.1</b></h3>
+      <h3 style="text-align: center;">Latest stable / long term support release: <b>2020.02.2</b></h3>
 
       <div class="row mt centered">
 	<div class="col-sm-6">
 	  <div class="flip-container center-block" ontouchstart="this.classList.toggle('hover');">
 	    <div class="flipper">
 	      <div class="front">
-		<a href="/downloads/buildroot-2020.02.1.tar.gz"><img src="images/zip.png" width="180" alt=""></a>
+		<a href="/downloads/buildroot-2020.02.2.tar.gz"><img src="images/zip.png" width="180" alt=""></a>
 	      </div>
 	      <div class="back">
-		<a href="/downloads/buildroot-2020.02.1.tar.gz"><img src="images/zip.png" width="180" alt=""></a>
+		<a href="/downloads/buildroot-2020.02.2.tar.gz"><img src="images/zip.png" width="180" alt=""></a>
 	      </div>
 	    </div>
 	  </div>
-	  <h3><a href="/downloads/buildroot-2020.02.1.tar.gz">buildroot-2020.02.1.tar.gz</a></h3>
-	  <p><a href="/downloads/buildroot-2020.02.1.tar.gz.sign">PGP signature</a></p>
+	  <h3><a href="/downloads/buildroot-2020.02.2.tar.gz">buildroot-2020.02.2.tar.gz</a></h3>
+	  <p><a href="/downloads/buildroot-2020.02.2.tar.gz.sign">PGP signature</a></p>
 	</div>
 	<div class="col-sm-6">
 	  <div class="flip-container center-block" ontouchstart="this.classList.toggle('hover');">
 	    <div class="flipper">
 	      <div class="front">
-		<a href="/downloads/buildroot-2020.02.1.tar.bz2"><img src="images/package.png" width="180" alt=""></a>
+		<a href="/downloads/buildroot-2020.02.2.tar.bz2"><img src="images/package.png" width="180" alt=""></a>
 	      </div>
 	      <div class="back">
-		<a href="/downloads/buildroot-2020.02.1.tar.bz2"><img src="images/package.png" width="180" alt=""></a>
+		<a href="/downloads/buildroot-2020.02.2.tar.bz2"><img src="images/package.png" width="180" alt=""></a>
 	      </div>
 	    </div>
 	  </div>
 
-	  <h3><a href="/downloads/buildroot-2020.02.1.tar.bz2">buildroot-2020.02.1.tar.bz2</a></h3>
-	  <p><a href="/downloads/buildroot-2020.02.1.tar.bz2.sign">PGP signature</a></p>
+	  <h3><a href="/downloads/buildroot-2020.02.2.tar.bz2">buildroot-2020.02.2.tar.bz2</a></h3>
+	  <p><a href="/downloads/buildroot-2020.02.2.tar.bz2.sign">PGP signature</a></p>
 	</div>
       </div>
 <!--
@@ -76,37 +76,37 @@
 	</div>
       </div>
 -->
-      <h3 style="text-align: center;">Latest release candidate: <b>2020.05-rc1</b></h3>
+      <h3 style="text-align: center;">Latest release candidate: <b>2020.05-rc3</b></h3>
       <div class="row mt centered">
 	<div class="col-sm-6">
 	  <div class="flip-container center-block" ontouchstart="this.classList.toggle('hover');">
 	    <div class="flipper">
 	      <div class="front">
-		<a href="/downloads/buildroot-2020.05-rc1.tar.gz"><img src="images/zip.png" width="180" alt=""></a>
+		<a href="/downloads/buildroot-2020.05-rc3.tar.gz"><img src="images/zip.png" width="180" alt=""></a>
 	      </div>
 	      <div class="back">
-		<a href="/downloads/buildroot-2020.05-rc1.tar.gz"><img src="images/zip.png" width="180" alt=""></a>
+		<a href="/downloads/buildroot-2020.05-rc3.tar.gz"><img src="images/zip.png" width="180" alt=""></a>
 	      </div>
 	    </div>
 	  </div>
 
-	  <h3><a href="/downloads/buildroot-2020.05-rc1.tar.gz">buildroot-2020.05-rc1.tar.gz</a></h3>
-	  <p><a href="/downloads/buildroot-2020.05-rc1.tar.gz.sign">PGP signature</a></p>
+	  <h3><a href="/downloads/buildroot-2020.05-rc3.tar.gz">buildroot-2020.05-rc3.tar.gz</a></h3>
+	  <p><a href="/downloads/buildroot-2020.05-rc3.tar.gz.sign">PGP signature</a></p>
 	</div>
 	<div class="col-sm-6">
 	  <div class="flip-container center-block" ontouchstart="this.classList.toggle('hover');">
 	    <div class="flipper">
 	      <div class="front">
-		<a href="/downloads/buildroot-2020.05-rc1.tar.bz2"><img src="images/package.png" width="180" alt=""></a>
+		<a href="/downloads/buildroot-2020.05-rc3.tar.bz2"><img src="images/package.png" width="180" alt=""></a>
 	      </div>
 	      <div class="back">
-		<a href="/downloads/buildroot-2020.05-rc1.tar.bz2"><img src="images/package.png" width="180" alt=""></a>
+		<a href="/downloads/buildroot-2020.05-rc3.tar.bz2"><img src="images/package.png" width="180" alt=""></a>
 	      </div>
 	    </div>
 	  </div>
 
-	  <h3><a href="/downloads/buildroot-2020.05-rc1.tar.bz2">buildroot-2020.05-rc1.tar.bz2</a></h3>
-	  <p><a href="/downloads/buildroot-2020.05-rc1.tar.bz2.sign">PGP signature</a></p>
+	  <h3><a href="/downloads/buildroot-2020.05-rc3.tar.bz2">buildroot-2020.05-rc3.tar.bz2</a></h3>
+	  <p><a href="/downloads/buildroot-2020.05-rc3.tar.bz2.sign">PGP signature</a></p>
 	</div>
       </div>
 

docs/website/news.html

@@ -9,6 +9,67 @@
 <h2>News</h2>
 <ul class="timeline">
 
+  <li class="timeline-inverted">
+    <div class="timeline-badge"><i class="glyphicon glyphicon-thumbs-up"></i></div>
+    <div class="timeline-panel">
+      <div class="timeline-heading">
+	<h4 class="timeline-title">2020.05-rc3 released</h4>
+	<p><small class="text-muted"><i class="glyphicon glyphicon-time"></i>29 May 2020</small></p>
+      </div>
+      <div class="timeline-body">
+        <p>Another week, another release candidate with more cleanups and build fixes. See the
+	  <a href="http://git.buildroot.net/buildroot/plain/CHANGES?id=2020.05-rc3">CHANGES</a>
+	  file for details.</p>
+
+	<p>Head to the <a href="/downloads/">downloads page</a> to pick up the
+	  <a href="/downloads/buildroot-2020.05-rc3.tar.bz2">2020.05-rc3
+	  release candidate</a>, and report any problems found to the
+	  <a href="support.html">mailing list</a> or
+	  <a href="https://bugs.buildroot.org">bug tracker</a>.</p>
+      </div>
+    </div>
+  </li>
+
+  <li>
+    <div class="timeline-badge"><i class="glyphicon glyphicon-thumbs-up"></i></div>
+    <div class="timeline-panel">
+      <div class="timeline-heading">
+	<h4 class="timeline-title">2020.05-rc2 released</h4>
+	<p><small class="text-muted"><i class="glyphicon glyphicon-time"></i>22 May 2020</small></p>
+      </div>
+      <div class="timeline-body">
+        <p>Another week, another release candidate with more cleanups and build fixes. See the
+	  <a href="http://git.buildroot.net/buildroot/plain/CHANGES?id=2020.05-rc2">CHANGES</a>
+	  file for details.</p>
+
+	<p>Head to the <a href="/downloads/">downloads page</a> to pick up the
+	  <a href="/downloads/buildroot-2020.05-rc2.tar.bz2">2020.05-rc2
+	  release candidate</a>, and report any problems found to the
+	  <a href="support.html">mailing list</a> or
+	  <a href="https://bugs.buildroot.org">bug tracker</a>.</p>
+      </div>
+    </div>
+  </li>
+
+  <li class="timeline-inverted">
+    <div class="timeline-badge"><i class="glyphicon glyphicon-thumbs-up"></i></div>
+    <div class="timeline-panel">
+      <div class="timeline-heading">
+	<h4 class="timeline-title">2020.02.2 released</h4>
+	<p><small class="text-muted"><i class="glyphicon glyphicon-time"></i>12 May 2020</small></p>
+      </div>
+      <div class="timeline-body">
+	<p>The 2020.02.2 bugfix release is out, fixing a number of important /
+	  security related issues discovered since the 2020.02.1 release. See the
+	  <a href="http://git.buildroot.net/buildroot/plain/CHANGES?id=2020.02.2">CHANGES</a>
+	  file for more details, read the
+	  <a href="http://lists.busybox.net/pipermail/buildroot/2020-May/282748.html">announcement</a>
+	  and go to the <a href="/downloads/">downloads page</a> to pick up the
+	  <a href="/downloads/buildroot-2020.02.2.tar.bz2">2020.02.2 release</a>.</p>
+      </div>
+    </div>
+  </li>
+
   <li>
     <div class="timeline-badge"><i class="glyphicon glyphicon-thumbs-up"></i></div>
     <div class="timeline-panel">

docs/website/sponsors.html

@@ -4,6 +4,46 @@
 <div class="row nh"><!-- current sponsor row -->
 <div class="col-lg-10 col-lg-offset-1 col-md-12 col-sm-12 col-xs-12">
 
+    <div class="panel panel-primary">
+    <div class="panel-heading">Current sponsors</div>
+    <div class="panel-body">
+
+      <div class="row">
+	<div class="col-sm-4">
+	  <div class="panel panel-default panel-sponsor">
+	    <div class="panel-body">
+	      <div class="col-sm-12" style="height: 150px;">
+		<a href="https://www.tap2open.com">
+		  <img class="img-responsive center-block" src="images/tap2open-logo.png"/>
+		</a>
+	      </div>
+	      <div class="col-sm-12" style="height: 150px;">
+	        <a href="https://www.tap2open.com">Tap2Open</a>
+	        financially sponsored the <a href="/association.html">Buildroot Association</a>
+	        in 2020.</div>
+	    </div>
+	  </div>
+	</div>
+
+	<div class="col-sm-4">
+	  <div class="panel panel-default panel-sponsor">
+	    <div class="panel-body">
+	      <div class="col-sm-12" style="height: 150px;">
+		<a href="http://www.logilin.fr">
+		  <img class="img-responsive center-block" src="images/logilin-logo.png"/>
+		</a>
+	      </div>
+	      <div class="col-sm-12" style="height: 150px;">
+		<a href="http://www.logilin.fr">Logilin</a>
+		financially sponsored the <a href="/association.html">Buildroot Association</a>
+		in 2020.</div>
+	    </div>
+	  </div>
+	</div>
+      </div>
+    </div>
+    </div>
+
   <div class="panel panel-primary">
     <div class="panel-heading">Sponsor of the Buildroot.org domain</div>
     <div class="panel-body">

linux/Config.in

@@ -30,7 +30,7 @@ config BR2_LINUX_KERNEL_LATEST_VERSION
 	bool "Latest version (5.6)"
 
 config BR2_LINUX_KERNEL_LATEST_CIP_VERSION
-	bool "Latest CIP SLTS version (4.19.98-cip19)"
+	bool "Latest CIP SLTS version (4.19.118-cip25)"
 	help
 	  CIP launched in the spring of 2016 to address the needs of
 	  organizations in industries such as power generation and
@@ -49,7 +49,7 @@ config BR2_LINUX_KERNEL_LATEST_CIP_VERSION
 	  https://www.cip-project.org
 
 config BR2_LINUX_KERNEL_LATEST_CIP_RT_VERSION
-	bool "Latest CIP RT SLTS version (4.19.98-cip19-rt7)"
+	bool "Latest CIP RT SLTS version (4.19.115-cip24-rt9)"
 	help
 	  Same as the CIP version, but this is the PREEMPT_RT realtime
 	  variant.
@@ -128,9 +128,9 @@ endif
 
 config BR2_LINUX_KERNEL_VERSION
 	string
-	default "5.6.7" if BR2_LINUX_KERNEL_LATEST_VERSION
-	default "4.19.98-cip19" if BR2_LINUX_KERNEL_LATEST_CIP_VERSION
-	default "4.19.98-cip19-rt7" if BR2_LINUX_KERNEL_LATEST_CIP_RT_VERSION
+	default "5.6.14" if BR2_LINUX_KERNEL_LATEST_VERSION
+	default "4.19.118-cip25" if BR2_LINUX_KERNEL_LATEST_CIP_VERSION
+	default "4.19.115-cip24-rt9" if BR2_LINUX_KERNEL_LATEST_CIP_RT_VERSION
 	default BR2_LINUX_KERNEL_CUSTOM_VERSION_VALUE \
 		if BR2_LINUX_KERNEL_CUSTOM_VERSION
 	default "custom" if BR2_LINUX_KERNEL_CUSTOM_TARBALL

linux/linux.hash

@@ -1,17 +1,17 @@
 # From https://www.kernel.org/pub/linux/kernel/v5.x/sha256sums.asc
-sha256  23a0420f29eacb66d71f86f64fbd35a1b6ff617d520e3e05f3e1f537d46692ca  linux-5.6.7.tar.xz
+sha256  33763f3541711e39fa743da45ff9512d54ade61406173f3d267ba4484cec7ea3  linux-5.6.14.tar.xz
 sha256  1448334371fb52f511255726832464d33877a210a7350260fb18eb225ae211eb  linux-5.5.19.tar.xz
-sha256  e16bd5f7284a80a41328bf712e1136b0adf5b71cc0bd263efa7cac75539806d4  linux-5.4.35.tar.xz
+sha256  4e431b7c0266a07b76fdb77f8917ad681f0fa34ffba0eb8a172b67f7ef57bc31  linux-5.4.42.tar.xz
 # From https://www.kernel.org/pub/linux/kernel/v4.x/sha256sums.asc
-sha256  4e98b51c2e3a8fd069dc941b9cb68594f84ea767c2927e93255e1151c5c2fdd6  linux-4.4.219.tar.xz
-sha256  6b17238cced3e1c2753d6d5b4f662bd347d4651f07c35506b849eb10aea7bc44  linux-4.9.219.tar.xz
-sha256  bcae0956baaeb55dab5bad0401873fbc5baaa7fbe957ea6d27a5ab241cec5ca2  linux-4.14.176.tar.xz
-sha256  89749365f9dafa6c62cc5e920a7e532ed4aad9ab766fb436423b153ffbc08c96  linux-4.19.118.tar.xz
+sha256  ef76687254eea1a379fbbf0b2b7fdde9450608e6402822d73873a352ecf568d1  linux-4.4.224.tar.xz
+sha256  df6d07e99513f9afadd7d44c471f44c56fccc9e4c984a1ba4b988f053a13c949  linux-4.9.224.tar.xz
+sha256  ab9bea577cfe59fb2f502ce4d6130bfb49163ef969364adc3d36a65721d64a4d  linux-4.14.181.tar.xz
+sha256  d5d9001879d7a77309dca203656490326d26b068b7b0b9d8003548dba8fdad00  linux-4.19.124.tar.xz
 # Locally computed
-sha256  18f9ddba0b777d1942d6c81877ba97c4bcd08488e2c409e57dcce866b9de5fc2  linux-cip-4.19.98-cip19.tar.gz
-sha256  7d5aeb67da41dc66ef28621ef994ef4403e8b1f5c3df38b1843da20972444280  linux-cip-4.19.98-cip19-rt7.tar.gz
+sha256  ea53913813cb5a9069608532b327de7a7ed0fdc8fed8c6f10cd55d1ac6a58ffb  linux-cip-4.19.118-cip25.tar.gz
+sha256  7f0a0db0e1cfb14053523f4432f1ad1468b5bd42305b44905c4b103466c8d655  linux-cip-4.19.115-cip24-rt9.tar.gz
 
 # Licenses hashes
-sha256  ee5808b032a67f587d3541099d46de34f5bec8cd5976114ba07f1299ee6001ff  COPYING
+sha256  fb5a425bd3b3cd6071a3a9aff9909a859e7c1158d54d32e07658398cd67eb6a0  COPYING
 sha256  f6b78c087c3ebdf0f3c13415070dd480a3f35d8fc76f3d02180a407c1c812f79  LICENSES/preferred/GPL-2.0
 sha256  8e378ab93586eb55135d3bc119cce787f7324f48394777d00c34fa3d0be3303f  LICENSES/exceptions/Linux-syscall-note

package/Config.in

@@ -1074,7 +1074,6 @@ menu "External python modules"
 	source "package/python-pycares/Config.in"
 	source "package/python-pycli/Config.in"
 	source "package/python-pycparser/Config.in"
-	source "package/python-pycrypto/Config.in"
 	source "package/python-pycryptodomex/Config.in"
 	source "package/python-pydal/Config.in"
 	source "package/python-pydantic/Config.in"
@@ -1523,7 +1522,6 @@ menu "Hardware handling"
 	source "package/pcsc-lite/Config.in"
 	source "package/tslib/Config.in"
 	source "package/urg/Config.in"
-	source "package/wiringpi/Config.in"
 endmenu
 
 menu "Javascript"
@@ -1562,7 +1560,6 @@ menu "JSON/XML"
 	source "package/benejson/Config.in"
 	source "package/cjson/Config.in"
 	source "package/expat/Config.in"
-	source "package/ezxml/Config.in"
 	source "package/jansson/Config.in"
 	source "package/jose/Config.in"
 	source "package/jsmn/Config.in"
@@ -1878,7 +1875,6 @@ endif
 	source "package/mpfr/Config.in"
 	source "package/mpir/Config.in"
 	source "package/msgpack/Config.in"
-	source "package/mtdev2tuio/Config.in"
 	source "package/musl-compat-headers/Config.in"
 	source "package/musl-fts/Config.in"
 	source "package/openblas/Config.in"

package/apparmor/0002-replace-deprecated-egrep-with-grep-e.patch

@@ -0,0 +1,28 @@
+From 5f46dedd6e8109d845af118b36039a5d7dd05af9 Mon Sep 17 00:00:00 2001
+From: Christian Boltz <apparmor@cboltz.de>
+Date: Mon, 18 Mar 2019 19:17:16 +0100
+Subject: [PATCH] replace deprecated egrep with grep -e
+
+(cherry picked from commit 5f46dedd6e8109d845af118b36039a5d7dd05af9)
+Signed-off-by: Christian Boltz <apparmor@cboltz.de>
+Signed-off-by: Adam Duskett <Aduskett@gmail.com>
+---
+ parser/rc.apparmor.functions | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/parser/rc.apparmor.functions b/parser/rc.apparmor.functions
+index 22e8367..f3108f8 100644
+--- a/parser/rc.apparmor.functions
++++ b/parser/rc.apparmor.functions
+@@ -129,7 +129,7 @@ skip_profile() {
+ 	     "${profile%.pacnew}" != "${profile}" ] ; then
+ 		return 2
+ 	fi
+-	if echo "${profile}" | egrep -q '^.+\.new-[0-9\.]+_[0-9]+$'; then
++	if echo "${profile}" | grep -E -q '^.+\.new-[0-9\.]+_[0-9]+$'; then
+ 		return 2
+ 	fi
+ 
+-- 
+2.26.2
+

package/apparmor/0003-fix-regex-in-rc.apparmor.functions-to-work-with-busy.patch

@@ -0,0 +1,37 @@
+From 12764faa0a01bcc4e0ffc92ce308985dbad0d954 Mon Sep 17 00:00:00 2001
+From: Adam Duskett <Aduskett@gmail.com>
+Date: Thu, 7 May 2020 18:25:29 -0700
+Subject: [PATCH] fix regex in rc.apparmor.functions to work with busybox
+
+The following regex string in rc.apparmor.functions
+"^/.*[ \t]+flags[ \t]*=[ \t]*\([ \t]*complain[ \t]*\)[ \t]+{" is broken due to
+the unescaped {. GNU grep ignores the error. However, the Busybox grep does
+not and throws the error "unescaped character {"
+
+Escape the "{" character to fix this issue.
+
+Note: Upstream has rewritten large sections of the rc.apparmor.functions file
+and the function this patch fixes will no longer be necessary after the next
+version is released.
+
+Signed-off-by: Adam Duskett <Aduskett@gmail.com>
+---
+ parser/rc.apparmor.functions | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/parser/rc.apparmor.functions b/parser/rc.apparmor.functions
+index f3108f8..db0697c 100644
+--- a/parser/rc.apparmor.functions
++++ b/parser/rc.apparmor.functions
+@@ -140,7 +140,7 @@ force_complain() {
+ 	local profile=$1
+ 
+ 	# if profile not in complain mode
+-	if ! egrep -q "^/.*[ \t]+flags[ \t]*=[ \t]*\([ \t]*complain[ \t]*\)[ \t]+{" $profile ; then
++	if ! grep -E -q "^/.*[ \t]+flags[ \t]*=[ \t]*\([ \t]*complain[ \t]*\)[ \t]+\{" $profile ; then
+ 		local link="${PROFILE_DIR}/force-complain/`basename ${profile}`"
+ 		if [ -e "$link" ] ; then
+ 			aa_log_warning_msg "found $link, forcing complain mode"
+-- 
+2.26.2
+

package/apparmor/Config.in

@@ -32,9 +32,11 @@ comment "utils need python3"
 config BR2_PACKAGE_APPARMOR_UTILS
 	bool "utils"
 	depends on BR2_PACKAGE_PYTHON3
+	select BR2_PACKAGE_BUSYBOX_SHOW_OTHERS # net-tools
+	select BR2_PACKAGE_NET_TOOLS # runtime (aa-unconfined)
 	select BR2_PACKAGE_PYTHON3_READLINE
 	help
-	  A set of utilities (written in pyhon):
+	  A set of utilities (written in python):
 	    aa-audit          aa-disable      aa-logprof
 	    aa-autodep        aa-easyprof     aa-mergeprof
 	    aa-cleanprof      aa-enforce      aa-status

package/apparmor/apparmor.mk

@@ -15,7 +15,7 @@ APPARMOR_LICENSE_FILES = LICENSE parser/COPYING.GPL
 APPARMOR_DEPENDENCIES = libapparmor
 
 APPARMOR_TOOLS = parser
-APPARMOR_MAKE_OPTS = USE_SYSTEM=1 DISTRO=unknown
+APPARMOR_MAKE_OPTS = USE_SYSTEM=1 DISTRO=unknown POD2MAN=true POD2HTML=true
 
 ifeq ($(BR2_PACKAGE_GETTEXT_PROVIDES_LIBINTL),y)
 APPARMOR_DEPENDENCIES += gettext

package/audit/0003-Header-definitions-need-to-be-external-when-building.patch

@@ -0,0 +1,28 @@
+From 017e6c6ab95df55f34e339d2139def83e5dada1f Mon Sep 17 00:00:00 2001
+From: Steve Grubb <sgrubb@redhat.com>
+Date: Fri, 10 Jan 2020 21:13:50 -0500
+Subject: [PATCH] Header definitions need to be external when building with
+ -fno-common (which is default in GCC 10) - Tony Jones
+
+Patch taken from upstream: https://github.com/linux-audit/audit-userspace/commit/017e6c6ab95df55f34e339d2139def83e5dada1f
+Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
+---
+ src/ausearch-common.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/ausearch-common.h b/src/ausearch-common.h
+index 6669203..3040547 100644
+--- a/src/ausearch-common.h
++++ b/src/ausearch-common.h
+@@ -50,7 +50,7 @@ extern pid_t event_pid;
+ extern int event_exact_match;
+ extern uid_t event_uid, event_euid, event_loginuid;
+ extern const char *event_tuid, *event_teuid, *event_tauid;
+-slist *event_node_list;
++extern slist *event_node_list;
+ extern const char *event_comm;
+ extern const char *event_filename;
+ extern const char *event_hostname;
+-- 
+2.20.1
+

package/bind/bind.hash

@@ -1,4 +1,4 @@
-# Verified from https://ftp.isc.org/isc/bind9/9.11.13/bind-9.11.13.tar.gz.asc
+# Verified from https://ftp.isc.org/isc/bind9/9.11.19/bind-9.11.19.tar.gz.asc
 # with key AE3FAC796711EC59FC007AA474BB6B9A4CBB3D38
-sha256 fd3f3cc9fcfcdaa752db35eb24598afa1fdcc2509d3227fc90a8631b7b400f7d bind-9.11.13.tar.gz
-sha256 cd02c93b8dcda794f55dfd1231828d69633072a98eee4874f9cf732d22d9dcde COPYRIGHT
+sha256  0dee554a4caa368948b32da9a0c97b516c19103bc13ff5b3762c5d8552f52329  bind-9.11.19.tar.gz
+sha256  da2aec2b7f6f0feb16bcb080e2c587375fd3195145f047e4d92d112f5b9db501  COPYRIGHT

package/bind/bind.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-BIND_VERSION = 9.11.13
+BIND_VERSION = 9.11.19
 BIND_SITE = https://ftp.isc.org/isc/bind9/$(BIND_VERSION)
 # bind does not support parallel builds.
 BIND_MAKE = $(MAKE1)

package/binutils/binutils.mk

@@ -112,6 +112,7 @@ endef
 ifneq ($(BR2_PACKAGE_BINUTILS_TARGET),y)
 define BINUTILS_INSTALL_TARGET_CMDS
 	$(TARGET_MAKE_ENV) $(MAKE) -C $(@D)/bfd DESTDIR=$(TARGET_DIR) install
+	$(TARGET_MAKE_ENV) $(MAKE) -C $(@D)/opcodes DESTDIR=$(TARGET_DIR) install
 	$(TARGET_MAKE_ENV) $(MAKE) -C $(@D)/libiberty DESTDIR=$(STAGING_DIR) install
 endef
 endif

package/bison/0001-src-make-path-to-m4-relocatable.patch

@@ -0,0 +1,70 @@
+From 50c8a3af1661c3950b9743d673fd46872860aa08 Mon Sep 17 00:00:00 2001
+From: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
+Date: Mon, 18 May 2020 07:53:20 +0200
+Subject: [PATCH] src: make path to m4 relocatable
+
+Commit a4ede8f85b0c9a254fcb01e5888cee1983095669 ("package: make bison
+a relocatable package") made Bison relocatable, but in fact it still
+contains one absolute reference: the M4 variable, which points to the
+M4 program. Let's fix that by using relocate().
+
+We don't use relocate2() to store the temporary buffer and re-use it,
+because m4path() is only called once.
+
+Upstream: submitted to the bison-patches@gnu.org mailing list
+https://lists.gnu.org/archive/html/bison-patches/2020-05/msg00078.html
+Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
+---
+ src/files.c  | 7 +++++++
+ src/files.h  | 3 +++
+ src/output.c | 2 +-
+ 3 files changed, 11 insertions(+), 1 deletion(-)
+
+diff --git a/src/files.c b/src/files.c
+index 71c10e34..b8b43230 100644
+--- a/src/files.c
++++ b/src/files.c
+@@ -421,6 +421,13 @@ pkgdatadir (void)
+     }
+ }
+ 
++char const *
++m4path (void)
++{
++  char const *m4 = getenv("M4");
++  return m4 ? m4 : relocate(M4);
++}
++
+ void
+ output_file_names_free (void)
+ {
+diff --git a/src/files.h b/src/files.h
+index 00814ad0..64b6f8b5 100644
+--- a/src/files.h
++++ b/src/files.h
+@@ -64,6 +64,9 @@ extern char *all_but_ext;
+ /* Where our data files are installed.  */
+ char const *pkgdatadir (void);
+ 
++/* Where the m4 program is installed.  */
++char const *m4path (void);
++
+ void compute_output_file_names (void);
+ void output_file_names_free (void);
+ 
+diff --git a/src/output.c b/src/output.c
+index 1871fd75..ebe75095 100644
+--- a/src/output.c
++++ b/src/output.c
+@@ -682,7 +682,7 @@ static void
+ output_skeleton (void)
+ {
+   /* Compute the names of the package data dir and skeleton files.  */
+-  char const *m4 = (m4 = getenv ("M4")) ? m4 : M4;
++  char const *m4 = m4path ();
+   char const *datadir = pkgdatadir ();
+   char *skeldir = xpath_join (datadir, "skeletons");
+   char *m4sugar = xpath_join (datadir, "m4sugar/m4sugar.m4");
+-- 
+2.26.2
+

package/bison/bison.mk

@@ -12,5 +12,6 @@ BISON_LICENSE_FILES = COPYING
 # parallel build issue in examples/c/reccalc/
 BISON_MAKE = $(MAKE1)
 HOST_BISON_DEPENDENCIES = host-m4
+HOST_BISON_CONF_OPTS = --enable-relocatable
 
 $(eval $(host-autotools-package))

package/brltty/brltty.mk

@@ -12,7 +12,11 @@ BRLTTY_INSTALL_TARGET_OPTS = INSTALL_ROOT=$(TARGET_DIR) install
 BRLTTY_LICENSE = LGPL-2.1+
 BRLTTY_LICENSE_FILES = LICENSE-LGPL README
 
-BRLTTY_DEPENDENCIES = $(TARGET_NLS_DEPENDENCIES) host-autoconf host-pkgconf \
+BRLTTY_DEPENDENCIES = \
+	$(TARGET_NLS_DEPENDENCIES) \
+	host-autoconf \
+	host-gawk \
+	host-pkgconf \
 	$(if $(BR2_PACKAGE_AT_SPI2_CORE),at-spi2-core)
 
 BRLTTY_CONF_ENV = \

package/c-ares/c-ares.hash

@@ -1,5 +1,5 @@
 # Locally calculated after checking pgp signature
-sha256  de058ad7c128156e2db6dc98b8a359924d6f210a1b99dd36ba15c8f839a83a89  c-ares-1.16.0.tar.gz
+sha256  d08312d0ecc3bd48eee0a4cc0d2137c9f194e0a28de2028928c0f6cae85f86ce  c-ares-1.16.1.tar.gz
 
 # Hash for license file
 sha256  db4eb63fe09daebdf57d3f79b091bb5ee5070c0d761040e83264e648d307af4c  LICENSE.md

package/c-ares/c-ares.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-C_ARES_VERSION = 1.16.0
+C_ARES_VERSION = 1.16.1
 C_ARES_SITE = http://c-ares.haxx.se/download
 C_ARES_INSTALL_STAGING = YES
 C_ARES_CONF_OPTS = --with-random=/dev/urandom

package/c-icap/0001-Required-fixes-to-compile-and-run-under-cygwin.patch

@@ -0,0 +1,391 @@
+From 1631a6c1f50e152b8a45d8279c96086e5636795b Mon Sep 17 00:00:00 2001
+From: Christos Tsantilas <christos@chtsanti.net>
+Date: Fri, 25 Jan 2019 06:42:22 -0800
+Subject: [PATCH] Required fixes to compile and run under cygwin
+
+[Retrieved (and backported) from:
+https://github.com/c-icap/c-icap-server/commit/1631a6c1f50e152b8a45d8279c96086e5636795b,
+which has the side effect of fixing the build with the musl C library]
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+---
+ Makefile.am                 |  2 +-
+ configure.ac                | 10 +++++++---
+ header.c                    | 34 ----------------------------------
+ include/header.h            |  8 --------
+ modules/Makefile.am         | 34 ++++++++++++++++++++--------------
+ modules/bdb_tables.c        | 17 +++++++++++++++--
+ modules/shared_cache.c      | 12 ++++++++++++
+ modules/sys_logger.c        | 13 +++++++++++++
+ services/echo/Makefile.am   | 10 ++++++++--
+ services/ex-206/Makefile.am | 10 ++++++++--
+ utils/c-icap-mkbdb.c        |  8 ++++----
+ 11 files changed, 88 insertions(+), 70 deletions(-)
+
+diff --git a/Makefile.am b/Makefile.am
+index 4c34033..ab80f4f 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -53,7 +53,7 @@ c_icap_SOURCES = aserver.c request.c cfg_param.c \
+ libicapapi_la_CFLAGS= $(INVISIBILITY_CFLAG) -I$(srcdir)/include/ -Iinclude/ @ZLIB_ADD_FLAG@ @OPENSSL_ADD_FLAG@ @BZLIB_ADD_FLAG@ @BROTLI_ADD_FLAG@ @PCRE_ADD_FLAG@ -DCI_BUILD_LIB
+ 
+ libicapapi_la_LIBADD = @ZLIB_ADD_LDADD@ @BZLIB_ADD_LDADD@ @BROTLI_ADD_LDADD@ @PCRE_ADD_LDADD@ @DL_ADD_FLAG@ @THREADS_LDADD@ @OPENSSL_ADD_LDADD@
+-libicapapi_la_LDFLAGS= -shared -version-info @CICAPLIB_VERSION@ @THREADS_LDFLAGS@
++libicapapi_la_LDFLAGS= -shared -version-info @CICAPLIB_VERSION@ @LIBS_LDFLAGS@ @THREADS_LDFLAGS@
+ 
+ export EXT_PROGRAMS_MKLIB = @ZLIB_LNDIR_LDADD@ @BZLIB_LNDIR_LDADD@ @BROTLI_LNDIR_LDADD@ @PCRE_LNDIR_LDADD@ @OPENSSL_LNDIR_LDADD@
+ 
+diff --git a/configure.ac b/configure.ac
+index 405571b..8059cb7 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -45,12 +45,14 @@ case "$host_os" in
+ 	CFLAGS="-D_REENTRANT $CFLAGS"
+ 	THREADS_LDADD="-lpthread"
+ 	THREADS_LDFLAGS=""
++	LIBS_LDFLAGS=""
+      ;;
+      solaris2.*)
+      	  CFLAGS="-D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS $CFLAGS"
+           LIBS="-lsocket -lnsl -lrt $LIBS"
+ 	  THREADS_LDADD="-lpthread"
+ 	  THREADS_LDFLAGS=""
++	  LIBS_LDFLAGS=""
+       ;;
+       freebsd5*)
+ ## If I understand how all those threading models works correctly
+@@ -69,6 +71,7 @@ case "$host_os" in
+       	CFLAGS="-pthread -D_THREAD_SAFE  $CFLAGS"
+ 	THREADS_LDADD="-XCClinker -lc_r"
+ 	THREADS_LDFLAGS=""
++	LIBS_LDFLAGS=""
+ ## FreeBSD has pthreads rwlocks from version 3 (I think)
+ #	AC_DEFINE(HAVE_PTHREADS_RWLOCK,1,[Define HAVE_PTHREADS_RWLOCK if pthreads library supports rwlocks])
+ ##   1:1 threads
+@@ -82,24 +85,28 @@ case "$host_os" in
+         CFLAGS="-D_THREAD_SAFE  $CFLAGS"
+         THREADS_LDADD="-XCClinker -lthr"
+         THREADS_LDFLAGS=""
++	LIBS_LDFLAGS=""
+       ;;
+ 
+       cygwin*)
+ 	CFLAGS="-D_REENTRANT $CFLAGS"
+ 	THREADS_LDADD="-lpthread"
+ 	THREADS_LDFLAGS="";
++	LIBS_LDFLAGS="-no-undefined"
+ 	iscygwin="yes"
+       ;;
+       *)
+       	CFLAGS="-D_REENTRANT $CFLAGS"
+ 	THREADS_LDADD="-lpthread"
+ 	THREADS_LDFLAGS=""
++	LIBS_LDFLAGS=""
+       ;;
+ esac
+ 
+ TEST_LIBS="$TEST_LIBS $THREADS_LDADD"
+ AC_SUBST(THREADS_LDADD)
+ AC_SUBST(THREADS_LDFLAGS)
++AC_SUBST(LIBS_LDFLAGS)
+ 
+ AC_DEFINE_UNQUOTED(C_ICAP_CONFIGURE_OPTIONS, "$ac_configure_args",
+                    [configure command line used to configure c-icap])
+@@ -984,9 +991,6 @@ LIBS="$LIBS $EXTRALIBS"
+ 
+ #Configure common flags
+ MODULES_LIBADD=""
+-if test a"$iscygwin" != a; then
+-     MODULES_LIBADD="-L../../ -licapapi"
+-fi
+ MODULES_CFLAGS="$INVISIBILITY_CFLAG -DCI_BUILD_MODULE"
+ AC_SUBST(MODULES_LIBADD)
+ AC_SUBST(MODULES_CFLAGS)
+diff --git a/header.c b/header.c
+index 807a2e0..266b958 100644
+--- a/header.c
++++ b/header.c
+@@ -110,21 +110,6 @@ const struct ci_error_code ci_error_codes[] = {
+     {505, "Unsupported version"}       /*ICAP version not supported by server. */
+ };
+ 
+-/*
+-#ifdef __CYGWIN__
+-int ci_error_code(int ec){
+-     return (ec >= EC_100 && ec < EC_MAX ? ci_error_codes[ec].code:1000);
+-}
+-
+-const char *unknownerrorcode = "UNKNOWN ERROR CODE";
+-
+-const char *ci_error_code_string(int ec){
+-     return (ec >= EC_100 && ec < EC_MAX?ci_error_codes[ec].str:unknownerrorcode);
+-}
+-#endif
+-*/
+-
+-
+ const char *ci_encaps_entities[] = {
+     "req-hdr",
+     "res-hdr",
+@@ -134,25 +119,6 @@ const char *ci_encaps_entities[] = {
+     "opt-body"
+ };
+ 
+-#ifdef __CYGWIN__
+-
+-const char *unknownentity = "UNKNOWN";
+-const char *unknownmethod = "UNKNOWN";
+-
+-const char *ci_method_string(int method)
+-{
+-    return (method <= ICAP_RESPMOD
+-            && method >= ICAP_OPTIONS ? CI_Methods[method] : unknownmethod);
+-}
+-
+-
+-const char *ci_encaps_entity_string(int e)
+-{
+-    return (e <= ICAP_OPT_BODY
+-            && e >= ICAP_REQ_HDR ? CI_EncapsEntities[e] : unknownentity);
+-}
+-#endif
+-
+ ci_headers_list_t *ci_headers_create()
+ {
+     ci_headers_list_t *h;
+diff --git a/include/header.h b/include/header.h
+index 4cab365..ed2de88 100644
+--- a/include/header.h
++++ b/include/header.h
+@@ -52,16 +52,8 @@ enum ci_encapsulated_entities {ICAP_REQ_HDR, ICAP_RES_HDR,
+                               };
+ CI_DECLARE_DATA extern const char *ci_encaps_entities[];
+ 
+-#ifdef __CYGWIN__
+-
+-const char *ci_encaps_entity_string(int e);
+-
+-#else
+-
+ #define ci_encaps_entity_string(e) (e <= ICAP_OPT_BODY && e >= ICAP_REQ_HDR?ci_encaps_entities[e]:"UNKNOWN")
+ 
+-#endif
+-
+ /**
+  \typedef ci_headers_list_t
+  \ingroup HEADERS
+diff --git a/modules/Makefile.am b/modules/Makefile.am
+index e6e9270..2d43a60 100644
+--- a/modules/Makefile.am
++++ b/modules/Makefile.am
+@@ -21,38 +21,44 @@ endif
+ 
+ AM_CPPFLAGS=-I$(top_srcdir)/ -I$(top_srcdir)/include/ -I$(top_builddir)/include/
+ 
+-sys_logger_la_LIBADD = @MODULES_LIBADD@
++if ISCYGWIN
++MODS_LIB_ADD=$(top_builddir)/libicapapi.la
++else
++MODS_LIB_ADD=
++endif
++
++sys_logger_la_LIBADD = $(MODS_LIB_ADD)
+ sys_logger_la_CFLAGS=  @MODULES_CFLAGS@ @OPENSSL_ADD_FLAG@
+-sys_logger_la_LDFLAGS= -module -avoid-version
++sys_logger_la_LDFLAGS= -module -avoid-version @LIBS_LDFLAGS@
+ sys_logger_la_SOURCES = sys_logger.c
+ 
+-dnsbl_tables_la_LIBADD = @MODULES_LIBADD@
++dnsbl_tables_la_LIBADD = $(MODS_LIB_ADD)
+ dnsbl_tables_la_CFLAGS=  @MODULES_CFLAGS@ @OPENSSL_ADD_FLAG@
+-dnsbl_tables_la_LDFLAGS= -module -avoid-version
++dnsbl_tables_la_LDFLAGS= -module -avoid-version @LIBS_LDFLAGS@
+ dnsbl_tables_la_SOURCES = dnsbl_tables.c
+ 
+-perl_handler_la_LIBADD = @MODULES_LIBADD@ @perllib@  -L@perlcore@ -lperl
++perl_handler_la_LIBADD = $(MODS_LIB_ADD) @perllib@  -L@perlcore@ -lperl
+ perl_handler_la_CFLAGS=  @MODULES_CFLAGS@ @perlccflags@ -I@perlcore@
+-perl_handler_la_LDFLAGS= -module -avoid-version @perlldflags@
++perl_handler_la_LDFLAGS= -module -avoid-version @LIBS_LDFLAGS@ @perlldflags@
+ perl_handler_la_SOURCES = perl_handler.c
+ 
+ 
+-bdb_tables_la_LIBADD = @MODULES_LIBADD@ @BDB_ADD_LDADD@
++bdb_tables_la_LIBADD = $(MODS_LIB_ADD) @BDB_ADD_LDADD@
+ bdb_tables_la_CFLAGS=  @MODULES_CFLAGS@ @BDB_ADD_FLAG@
+-bdb_tables_la_LDFLAGS= -module -avoid-version
++bdb_tables_la_LDFLAGS= -module -avoid-version @LIBS_LDFLAGS@
+ bdb_tables_la_SOURCES = bdb_tables.c
+ 
+-ldap_module_la_LIBADD = @MODULES_LIBADD@ @LDAP_ADD_LDADD@ $(top_builddir)/libicapapi.la
++ldap_module_la_LIBADD = $(MODS_LIB_ADD) @LDAP_ADD_LDADD@
+ ldap_module_la_CFLAGS=  @MODULES_CFLAGS@ @LDAP_ADD_FLAG@
+-ldap_module_la_LDFLAGS= -module -avoid-version
++ldap_module_la_LDFLAGS= -module -avoid-version @LIBS_LDFLAGS@
+ ldap_module_la_SOURCES = ldap_module.c
+ 
+-memcached_cache_la_LIBADD=  @MODULES_LIBADD@ @MEMCACHED_ADD_LDADD@
++memcached_cache_la_LIBADD=  $(MODS_LIB_ADD) @MEMCACHED_ADD_LDADD@
+ memcached_cache_la_CFLAGS=  @MODULES_CFLAGS@ @MEMCACHED_ADD_FLAG@
+-memcached_cache_la_LDFLAGS= -module -avoid-version
++memcached_cache_la_LDFLAGS= -module -avoid-version @LIBS_LDFLAGS@
+ memcached_cache_la_SOURCES= memcached.c
+ 
+-shared_cache_la_LIBADD= @MODULES_LIBADD@
++shared_cache_la_LIBADD= $(MODS_LIB_ADD)
+ shared_cache_la_CFLAGS= @OPENSSL_ADD_FLAG@
+-shared_cache_la_LDFLAGS= -module -avoid-version
++shared_cache_la_LDFLAGS= -module -avoid-version @LIBS_LDFLAGS@
+ shared_cache_la_SOURCES= shared_cache.c
+diff --git a/modules/bdb_tables.c b/modules/bdb_tables.c
+index b8459be..1e908a9 100644
+--- a/modules/bdb_tables.c
++++ b/modules/bdb_tables.c
+@@ -176,8 +176,8 @@ void *bdb_table_open(struct ci_lookup_table *table)
+ 
+     /*We can not fork a Berkeley DB table, so we have to
+       open bdb tables for every child, on childs start-up procedure*/
+-    register_command_extend("openBDBtable", CHILD_START_CMD, table,
+-                            command_real_open_table);
++    ci_command_register_action("openBDBtable", CHILD_START_CMD, table,
++			       command_real_open_table);
+ 
+     return table->data;
+ }
+@@ -257,3 +257,16 @@ void  bdb_table_release_result(struct ci_lookup_table *table,void **val)
+ {
+     ci_buffer_free(val);
+ }
++
++ #ifdef __CYGWIN__
++#include <w32api/windows.h>
++void ci_command_register_action(const char *name, int type, void *data,
++				void (*command_action) (const char *name, int type, void *data))
++ {
++   typedef void (*RA)(const char *, int, void *, void(*)(const char *, int, void *));
++   RA fn;
++   fn = (RA)GetProcAddress(GetModuleHandle(NULL), "ci_command_register_action");
++   if (fn)
++     (*fn)(name, type, data, command_action);
++ }
++#endif
+diff --git a/modules/shared_cache.c b/modules/shared_cache.c
+index 103b760..a79d51a 100644
+--- a/modules/shared_cache.c
++++ b/modules/shared_cache.c
+@@ -345,3 +345,15 @@ void ci_shared_cache_destroy(struct ci_cache *cache)
+         ci_shared_mem_detach(&data->id);
+ }
+ 
++#ifdef __CYGWIN__
++#include <w32api/windows.h>
++void ci_command_register_action(const char *name, int type, void *data,
++				void (*command_action) (const char *name, int type, void *data))
++ {
++   typedef void (*RA)(const char *, int, void *, void(*)(const char *, int, void *));
++   RA fn;
++   fn = (RA)GetProcAddress(GetModuleHandle(NULL), "ci_command_register_action");
++   if (fn)
++     (*fn)(name, type, data, command_action);
++ }
++#endif
+diff --git a/modules/sys_logger.c b/modules/sys_logger.c
+index 1c47753..1764b0d 100644
+--- a/modules/sys_logger.c
++++ b/modules/sys_logger.c
+@@ -60,7 +60,20 @@ int cfg_syslog_access(const char *directive, const char **argv, void *setdata);
+    functions declared in log.c. This file is not included in c-icap library
+    but defined in primary c-icap binary.
+ */
++#ifdef __CYGWIN__
++#include <w32api/windows.h>
++char *logformat_fmt(const char *name)
++{
++  typedef char* (*LF_FMT)(const char *);
++  LF_FMT fn;
++  fn = (LF_FMT)GetProcAddress(GetModuleHandle(NULL), "logformat_fmt");
++  if (fn)
++    return (*fn)(name);
++  return NULL;
++}
++#else
+ extern char *logformat_fmt(const char *name);
++#endif
+ 
+ /*Configuration Table .....*/
+ static struct ci_conf_entry conf_variables[] = {
+diff --git a/services/echo/Makefile.am b/services/echo/Makefile.am
+index 402c8f9..7d701b1 100644
+--- a/services/echo/Makefile.am
++++ b/services/echo/Makefile.am
+@@ -3,9 +3,15 @@ pkglib_LTLIBRARIES=srv_echo.la
+ 
+ AM_CPPFLAGS=-I$(top_srcdir)/ -I$(top_srcdir)/include/ -I$(top_builddir)/include/
+ 
+-srv_echo_la_LIBADD = @MODULES_LIBADD@
++if ISCYGWIN
++MODS_LIB_ADD=$(top_builddir)/libicapapi.la
++else
++MODS_LIB_ADD=
++endif
++
++srv_echo_la_LIBADD = $(MODS_LIB_ADD)
+ srv_echo_la_CFLAGS=  @MODULES_CFLAGS@ @OPENSSL_ADD_FLAG@
+-srv_echo_la_LDFLAGS= -module -avoid-version
++srv_echo_la_LDFLAGS= -module -avoid-version @LIBS_LDFLAGS@
+ srv_echo_la_SOURCES = srv_echo.c
+ 
+ 
+diff --git a/services/ex-206/Makefile.am b/services/ex-206/Makefile.am
+index 44bbf21..ff73399 100644
+--- a/services/ex-206/Makefile.am
++++ b/services/ex-206/Makefile.am
+@@ -3,8 +3,14 @@ pkglib_LTLIBRARIES=srv_ex206.la
+ 
+ AM_CPPFLAGS=-I$(top_srcdir)/ -I$(top_srcdir)/include/ -I$(top_builddir)/include/
+ 
+-srv_ex206_la_LIBADD = @MODULES_LIBADD@
++if ISCYGWIN
++MODS_LIB_ADD=$(top_builddir)/libicapapi.la
++else
++MODS_LIB_ADD=
++endif
++
++srv_ex206_la_LIBADD = $(MODS_LIB_ADD)
+ srv_ex206_la_CFLAGS=  @MODULES_CFLAGS@ @OPENSSL_ADD_FLAG@
+-srv_ex206_la_LDFLAGS= -module -avoid-version
++srv_ex206_la_LDFLAGS= -module -avoid-version @LIBS_LDFLAGS@
+ srv_ex206_la_SOURCES = srv_ex206.c
+ 
+diff --git a/utils/c-icap-mkbdb.c b/utils/c-icap-mkbdb.c
+index c29a46f..326ee1c 100644
+--- a/utils/c-icap-mkbdb.c
++++ b/utils/c-icap-mkbdb.c
+@@ -23,7 +23,7 @@ char *dbfile = NULL;
+ int DUMP_MODE = 0;
+ int VERSION_MODE = 0;
+ int USE_DBTREE = 0;
+-long int PAGE_SIZE;
++long int DB_PAGE_SIZE;
+ 
+ ci_mem_allocator_t *allocator = NULL;
+ int cfg_set_type(const char *directive, const char **argv, void *setdata);
+@@ -52,7 +52,7 @@ static struct ci_options_entry options[] = {
+         "The type of values"
+     },
+     {
+-        "-p", "page_size", &PAGE_SIZE, ci_cfg_size_long,
++        "-p", "page_size", &DB_PAGE_SIZE, ci_cfg_size_long,
+         "The page size to use for the database"
+     },
+     {
+@@ -107,8 +107,8 @@ int open_db(char *path)
+         return 0;
+     }
+ 
+-    if (PAGE_SIZE > 512 && PAGE_SIZE <= 64*1024)
+-        db->set_pagesize(db, (uint32_t)PAGE_SIZE);
++    if (DB_PAGE_SIZE > 512 && DB_PAGE_SIZE <= 64*1024)
++        db->set_pagesize(db, (uint32_t)DB_PAGE_SIZE);
+ 
+     if ((ret = db->open(db, NULL, path, NULL,
+                         (USE_DBTREE ? DB_BTREE : DB_HASH),

package/cegui/cegui.mk

@@ -83,13 +83,6 @@ else
 CEGUI_CONF_OPTS += -DCEGUI_BUILD_XMLPARSER_TINYXML=OFF
 endif
 
-ifeq ($(BR2_PACKAGE_TINYXML2),y)
-CEGUI_DEPENDENCIES += tinyxml2
-CEGUI_CONF_OPTS += -DCEGUI_BUILD_XMLPARSER_TINYXML2=ON
-else
-CEGUI_CONF_OPTS += -DCEGUI_BUILD_XMLPARSER_TINYXML2=OFF
-endif
-
 ifeq ($(BR2_PACKAGE_LIBFREEIMAGE),y)
 CEGUI_DEPENDENCIES += libfreeimage
 CEGUI_CONF_OPTS += -DCEGUI_BUILD_IMAGECODEC_FREEIMAGE=ON

package/checkpolicy/0001-checkpolicy-remove-unused-te_assertions.patch

@@ -0,0 +1,45 @@
+From 4d330d0d3155211f119b3082f728ae42dcc01e96 Mon Sep 17 00:00:00 2001
+From: Ondrej Mosnacek <omosnace@redhat.com>
+Date: Thu, 23 Jan 2020 13:57:15 +0100
+Subject: [PATCH] checkpolicy: remove unused te_assertions
+
+This variable is declared in a header file, but never defined or used.
+The te_assert structure definition is only used in this declaration, so
+remove both.
+
+Upstream: https://github.com/SELinuxProject/selinux/commit/4d330d0d3155211f119b3082f728ae42dcc01e96#diff-daf264ea505347df0d59a3a97a07742e
+
+Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
+Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
+---
+ checkpolicy.h | 14 --------------
+ 1 file changed, 14 deletions(-)
+
+diff --git a/checkpolicy.h b/checkpolicy.h
+index 3868f1fa..f127687e 100644
+--- a/checkpolicy.h
++++ b/checkpolicy.h
+@@ -1,20 +1,6 @@
+ #ifndef _CHECKPOLICY_H_
+ #define _CHECKPOLICY_H_
+ 
+-#include <sepol/policydb/ebitmap.h>
+-
+-typedef struct te_assert {
+-	ebitmap_t stypes;
+-	ebitmap_t ttypes;
+-	ebitmap_t tclasses;
+-	int self;
+-	sepol_access_vector_t *avp;
+-	unsigned long line;
+-	struct te_assert *next;
+-} te_assert_t;
+-
+-te_assert_t *te_assertions;
+-
+ extern unsigned int policyvers;
+ 
+ #endif
+-- 
+2.17.1
+

package/clamav/clamav.hash

@@ -1,14 +1,14 @@
 # Locally calculated
-sha256 89fcdcc0eba329ca84d270df09d2bb89ae55f5024b0c3bddb817512fb2c907d3  clamav-0.102.2.tar.gz
-sha256 0c4fd2fa9733fc9122503797648710851e4ee6d9e4969dd33fcbd8c63cd2f584  COPYING
-sha256 d72a145c90918184a05ef65a04c9e6f7466faa59bc1b82c8f6a8ddc7ddcb9bed  COPYING.bzip2
-sha256 dfb818a0d41411c6fb1c193c68b73018ceadd1994bda41ad541cbff292894bc6  COPYING.file
-sha256 6dce638b76399e7521ad8e182d3e33e4496c85b3b69b6ff434b53017101e82ad  COPYING.getopt
-sha256 a9bdde5616ecdd1e980b44f360600ee8783b1f99b8cc83a2beb163a0a390e861  COPYING.LGPL
-sha256 e3a9b913515a42f8ff3ef1551c3a2cdba383c39ed959729e0e2911219496ad74  COPYING.llvm
-sha256 d96d71b66aa32c4a2d1619b9ca3347dafa9460bcf0fb5ac2408916067ad31dfc  COPYING.lzma
-sha256 accdcf2455c07b99abea59016b3663eaef926a92092d103bfaa25fed27cf6b24  COPYING.pcre
-sha256 e2c1395a3d9fea6d5d25847c9d783db6e2cc8b085b4025861f459139c5dfd90b  COPYING.regex
-sha256 1faccc6b5c7b958fb807a3f573d5be9bf7889fe898f7e0617c544b05a81bfd00  COPYING.unrar
-sha256 a20d6317c5384e8d4c05f9c31097878675d9429ec46090656166039cc10bc957  COPYING.YARA
-sha256 c2f77553f8d870c5635b0dace0519253233f172b33ce1fdf6578610706294eee  COPYING.zlib
+sha256  ed3050c4569989ee7ab54c7b87246b41ed808259632849be0706467442dc0693  clamav-0.102.3.tar.gz
+sha256  0c4fd2fa9733fc9122503797648710851e4ee6d9e4969dd33fcbd8c63cd2f584  COPYING
+sha256  d72a145c90918184a05ef65a04c9e6f7466faa59bc1b82c8f6a8ddc7ddcb9bed  COPYING.bzip2
+sha256  dfb818a0d41411c6fb1c193c68b73018ceadd1994bda41ad541cbff292894bc6  COPYING.file
+sha256  6dce638b76399e7521ad8e182d3e33e4496c85b3b69b6ff434b53017101e82ad  COPYING.getopt
+sha256  a9bdde5616ecdd1e980b44f360600ee8783b1f99b8cc83a2beb163a0a390e861  COPYING.LGPL
+sha256  e3a9b913515a42f8ff3ef1551c3a2cdba383c39ed959729e0e2911219496ad74  COPYING.llvm
+sha256  d96d71b66aa32c4a2d1619b9ca3347dafa9460bcf0fb5ac2408916067ad31dfc  COPYING.lzma
+sha256  accdcf2455c07b99abea59016b3663eaef926a92092d103bfaa25fed27cf6b24  COPYING.pcre
+sha256  e2c1395a3d9fea6d5d25847c9d783db6e2cc8b085b4025861f459139c5dfd90b  COPYING.regex
+sha256  1faccc6b5c7b958fb807a3f573d5be9bf7889fe898f7e0617c544b05a81bfd00  COPYING.unrar
+sha256  a20d6317c5384e8d4c05f9c31097878675d9429ec46090656166039cc10bc957  COPYING.YARA
+sha256  c2f77553f8d870c5635b0dace0519253233f172b33ce1fdf6578610706294eee  COPYING.zlib

package/clamav/clamav.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-CLAMAV_VERSION = 0.102.2
+CLAMAV_VERSION = 0.102.3
 CLAMAV_SITE = https://www.clamav.net/downloads/production
 CLAMAV_LICENSE = GPL-2.0
 CLAMAV_LICENSE_FILES = COPYING COPYING.bzip2 COPYING.file COPYING.getopt \

package/crda/0001-crda-support-python-3-in-utils-key2pub.py.patch

@@ -1,11 +1,11 @@
-From 4c346aa9e816bddfedc8ac99809fd1ed91bfc8ee Mon Sep 17 00:00:00 2001
+From 8228c484a1533ff904b276c342adcb6310abe272 Mon Sep 17 00:00:00 2001
 From: Taahir Ahmed <ahmed.taahir@gmail.com>
 Date: Wed, 30 Mar 2016 11:23:54 -0300
 Subject: [PATCH] crda: support python 3 in utils/key2pub.py
 
 utils/key2pub.py can now be run under either python 2.7 or python 3.x.
 This required some minor syntactical changes as well as switching from
-M2Crypto to pycrypto, since M2Crypto doesn't support python 3.x.
+M2Crypto to pycryptodomex, since M2Crypto doesn't support python 3.x.
 
 In addition, some errors in the generated source file keys-ssl.h are
 fixed:
@@ -17,12 +17,22 @@ fixed:
 
 [Gustavo: don't call /utils/key2pub.py since that doesn't compute]
 
+Use pycryptodomex insdead of pycrypto
+
+From [1]:
+"PyCryptodome is a fork of PyCrypto, which is not maintained any more
+(the last release dates back to 2013 [2]). It exposes almost the same
+API, but there are a few incompatibilities [3]."
+
+[1] https://github.com/OP-TEE/optee_os/commit/90ad2450436fdd9fc0d28a3f92f3fbcfd89a38f0
+[2] https://pypi.org/project/pycrypto/#history
+[3] https://pycryptodome.readthedocs.io/en/latest/src/vs_pycrypto.html
+
 Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
 [Rebased against crda-4.14]
 Signed-off-by: Peter Seiderer <ps.report@gmx.net>
----
-Status: submitted upstream by author but not (yet) accepted
-URL: http://www.spinics.net/lists/linux-wireless/msg138936.html
+[Romain: Use pycryptodomex]
+Signed-off-by: Romain Naour <romain.naour@gmail.com>
 ---
  Makefile         |   2 +-
  utils/key2pub.py | 146 ++++++++++++++++++++++++-----------------------
@@ -42,7 +52,7 @@ index a3ead30..8da38d0 100644
  $(LIBREG): regdb.h reglib.h reglib.c
  	$(NQ) '  CC  ' $@
 diff --git a/utils/key2pub.py b/utils/key2pub.py
-index 9bb04cd..9f92ebd 100755
+index 9bb04cd..8a0ba2a 100755
 --- a/utils/key2pub.py
 +++ b/utils/key2pub.py
 @@ -1,126 +1,128 @@
@@ -57,11 +67,11 @@ index 9bb04cd..9f92ebd 100755
 -       sys.stderr.write('Please install the "M2Crypto" Python module.\n')
 -       sys.stderr.write('On Debian GNU/Linux the package is called "python-m2crypto".\n')
 -       sys.exit(1)
-+    from Crypto.PublicKey import RSA
++    from Cryptodome.PublicKey import RSA
 +except ImportError as e:
-+    sys.stderr.write('ERROR: Failed to import the "Crypto.PublicKey" module: %s\n' % e.message)
-+    sys.stderr.write('Please install the "Crypto.PublicKey" Python module.\n')
-+    sys.stderr.write('On Debian GNU/Linux the package is called "python-crypto".\n')
++    sys.stderr.write('ERROR: Failed to import the "Cryptodome.PublicKey" module: %s\n' % e.message)
++    sys.stderr.write('Please install the "Cryptodome.PublicKey" Python module.\n')
++    sys.stderr.write('On Debian GNU/Linux the package is called "python-cryptodomex".\n')
 +    sys.exit(1)
 +
 +def bitwise_collect(value, radix_bits):
@@ -269,5 +279,5 @@ index 9bb04cd..9f92ebd 100755
  
  modes[mode][1](output, idx - 1)
 -- 
-2.18.0
+2.25.3
 

package/crda/crda.mk

@@ -6,7 +6,7 @@
 
 CRDA_VERSION = 4.14
 CRDA_SITE = https://git.kernel.org/pub/scm/linux/kernel/git/mcgrof/crda.git/snapshot
-CRDA_DEPENDENCIES = host-pkgconf host-python-pycrypto libnl libgcrypt
+CRDA_DEPENDENCIES = host-pkgconf host-python-pycryptodomex libnl libgcrypt
 CRDA_LICENSE = ISC
 CRDA_LICENSE_FILES = LICENSE
 

package/cvs/cvs.hash

@@ -1,3 +1,8 @@
 # From http://snapshot.debian.org/archive/debian/20141023T043132Z/pool/main/c/cvs/cvs_1.12.13-12%2Bsqueeze1.dsc
-sha256	b5961c2476b996e5758fa5e22b60af085adca41164cac0d8f68a1d3b49d4e4f1	cvs_1.12.13.orig.tar.gz
-sha256	d52a9232d9cf36302a150d782fc7e5b6f92f8115505ae8a7dc6acfc83e809d2f	cvs_1.12.13-12+squeeze1.diff.gz
+sha256  b5961c2476b996e5758fa5e22b60af085adca41164cac0d8f68a1d3b49d4e4f1  cvs_1.12.13.orig.tar.gz
+sha256  d52a9232d9cf36302a150d782fc7e5b6f92f8115505ae8a7dc6acfc83e809d2f  cvs_1.12.13-12+squeeze1.diff.gz
+
+# Hash for license files, locally computed
+sha256  569c5b876327d899cf444b2277fe910128a38ca71d90755fe4125dd44f8ece02  COPYING
+sha256  da0e282103fb508894e78db519aab255e36971ce0bc87de585e3b05014b83b1e  COPYING.LIB
+sha256  ee9a2fbdb626c0ac57fd8e569f357eb2e6d6c80cc6f41efa8bd126d5ea589d72  lib/glob-libc.h

package/cvs/cvs.mk

@@ -8,6 +8,8 @@ CVS_VERSION = 1.12.13
 CVS_SOURCE = cvs_$(CVS_VERSION).orig.tar.gz
 CVS_PATCH = cvs_$(CVS_VERSION)-12+squeeze1.diff.gz
 CVS_SITE = http://snapshot.debian.org/archive/debian/20141023T043132Z/pool/main/c/cvs
+CVS_LICENSE = GPL-1.0+, LGPL-2.0+, LGPL-2.1+ (glob)
+CVS_LICENSE_FILES = COPYING COPYING.LIB lib/glob-libc.h
 CVS_DEPENDENCIES = ncurses
 
 CVS_CONF_ENV = cvs_cv_func_printf_ptr=yes

package/docker-cli/docker-cli.hash

@@ -1,3 +1,3 @@
 # Locally calculated
-sha256	00d06baf4793794c0fd9ecad5b7e95aed6eb942f24c8b6e2d7c7f7564b9743ad  docker-cli-19.03.5.tar.gz
+sha256	36dd85273c95f4755e08b37ea9660a1bf5c315570b679a0ce268750ca1ed3801  docker-cli-19.03.8.tar.gz
 sha256	2d81ea060825006fc8f3fe28aa5dc0ffeb80faf325b612c955229157b8c10dc0  LICENSE

package/docker-cli/docker-cli.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-DOCKER_CLI_VERSION = 19.03.5
+DOCKER_CLI_VERSION = 19.03.8
 DOCKER_CLI_SITE = $(call github,docker,cli,v$(DOCKER_CLI_VERSION))
 DOCKER_CLI_WORKSPACE = gopath
 

package/docker-engine/docker-engine.hash

@@ -1,3 +1,3 @@
 # Locally calculated
-sha256	6621da5b75cecd1f6f57389a4611d3dd00eeedd8765db63ae5538122fdac27da  docker-engine-19.03.7.tar.gz
+sha256	13ec45ad45091111bd566aca9d81989b3f05e0625dab68d33c3ad81ff924172f  docker-engine-19.03.8.tar.gz
 sha256	7c87873291f289713ac5df48b1f2010eb6963752bbd6b530416ab99fc37914a8  LICENSE

package/docker-engine/docker-engine.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-DOCKER_ENGINE_VERSION = 19.03.7
+DOCKER_ENGINE_VERSION = 19.03.8
 DOCKER_ENGINE_SITE = $(call github,docker,engine,v$(DOCKER_ENGINE_VERSION))
 
 DOCKER_ENGINE_LICENSE = Apache-2.0

package/domoticz/domoticz.mk

@@ -38,6 +38,9 @@ DOMOTICZ_CONF_OPTS += \
 
 ifeq ($(BR2_PACKAGE_LIBUSB),y)
 DOMOTICZ_DEPENDENCIES += libusb
+DOMOTICZ_CONF_OPTS += -DWITH_LIBUSB=ON
+else
+DOMOTICZ_CONF_OPTS += -DWITH_LIBUSB=OFF
 endif
 
 ifeq ($(BR2_PACKAGE_OPENZWAVE),y)

package/dovecot/0001-byteorder.h-fix-uclibc-build.patch

@@ -1,32 +0,0 @@
-From 902917880ca29f1007750a70cf46e7246b2d0a2a Mon Sep 17 00:00:00 2001
-From: Josef 'Jeff' Sipek <jeff.sipek@dovecot.fi>
-Date: Tue, 14 Nov 2017 06:01:21 +0100
-Subject: [PATCH] byteorder.h: fix uclibc build
-
-Patch suggested on upstream mailinglist:
-https://www.dovecot.org/pipermail/dovecot/2017-November/110019.html
-
-Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
----
- src/lib/byteorder.h | 5 +++++
- 1 file changed, 5 insertions(+)
-
-diff --git a/src/lib/byteorder.h b/src/lib/byteorder.h
-index 2f5dc7c17..4ffe8da21 100644
---- a/src/lib/byteorder.h
-+++ b/src/lib/byteorder.h
-@@ -23,6 +23,11 @@
- #ifndef BYTEORDER_H
- #define BYTEORDER_H
- 
-+#undef bswap_8
-+#undef bswap_16
-+#undef bswap_32
-+#undef bswap_64
-+
- /*
-  * These prototypes exist to catch bugs in the code generating macros below.
-  */
--- 
-2.11.0
-

package/dovecot/0002-lib-ssl-iostream-Do-not-build-static-test-iostream-s.patch

@@ -1,30 +0,0 @@
-From 40851dc3471809cabe8cc3f9b71980f8d82344ae Mon Sep 17 00:00:00 2001
-From: Bernd Kuhls <bernd.kuhls@t-online.de>
-Date: Sat, 4 Jan 2020 14:39:39 +0100
-Subject: [PATCH] lib-ssl-iostream: Do not build static test-iostream-ssl
-
-Fixes broken static build:
-https://dovecot.org/pipermail/dovecot/2019-October/117326.html
-
-Patch sent upstream: https://github.com/dovecot/core/pull/111
-
-Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
----
- src/lib-ssl-iostream/Makefile.am | 1 -
- 1 file changed, 1 deletion(-)
-
-diff --git a/src/lib-ssl-iostream/Makefile.am b/src/lib-ssl-iostream/Makefile.am
-index 94ead5cec..5aaea5d51 100644
---- a/src/lib-ssl-iostream/Makefile.am
-+++ b/src/lib-ssl-iostream/Makefile.am
-@@ -46,7 +46,6 @@ test_libs = \
- 	../lib/liblib.la
- 
- test_iostream_ssl_SOURCES = test-iostream-ssl.c
--test_iostream_ssl_LDFLAGS = -static
- test_iostream_ssl_LDADD = $(test_libs) $(SSL_LIBS) $(DLLIB)
- test_iostream_ssl_DEPENDENCIES = $(test_libs)
- 
--- 
-2.20.1
-

package/dovecot/dovecot.hash

@@ -1,5 +1,5 @@
 # Locally computed after checking signature
-sha256 f89fb69423fc5bdc05955c8fc0607eab9e33511f9a643b721763db6156c49651  dovecot-2.3.9.3.tar.gz
-sha256 a363b132e494f662d98c820d1481297e6ae72f194c2c91b6c39e1518b86240a8  COPYING
-sha256 dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551  COPYING.LGPL
-sha256 52b8c95fabb19575281874b661ef7968ea47e8f5d74ba0dd40ce512e52b3fc97  COPYING.MIT
+sha256  6642e62f23b1b23cfac235007ca6e21cb67460cca834689fad450724456eb10c  dovecot-2.3.10.1.tar.gz
+sha256  a363b132e494f662d98c820d1481297e6ae72f194c2c91b6c39e1518b86240a8  COPYING
+sha256  dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551  COPYING.LGPL
+sha256  52b8c95fabb19575281874b661ef7968ea47e8f5d74ba0dd40ce512e52b3fc97  COPYING.MIT

package/dovecot/dovecot.mk

@@ -5,7 +5,7 @@
 ################################################################################
 
 DOVECOT_VERSION_MAJOR = 2.3
-DOVECOT_VERSION = $(DOVECOT_VERSION_MAJOR).9.3
+DOVECOT_VERSION = $(DOVECOT_VERSION_MAJOR).10.1
 DOVECOT_SITE = https://dovecot.org/releases/$(DOVECOT_VERSION_MAJOR)
 DOVECOT_INSTALL_STAGING = YES
 DOVECOT_LICENSE = LGPL-2.1, MIT, Public Domain, BSD-3-Clause, Unicode-DFS-2015
@@ -14,8 +14,6 @@ DOVECOT_DEPENDENCIES = \
 	host-pkgconf \
 	$(if $(BR2_PACKAGE_LIBICONV),libiconv) \
 	openssl
-# 0002-lib-ssl-iostream-Do-not-build-static-test-iostream-s.patch
-DOVECOT_AUTORECONF = YES
 # add host-gettext for AM_ICONV macro
 DOVECOT_DEPENDENCIES += host-gettext
 

package/efl/0002-Fix-build-with-gcc-10-which-has-fno-common-enabled-b.patch

@@ -0,0 +1,222 @@
+From c245b576aad09ac5faeb800de7f7c4fef87c6363 Mon Sep 17 00:00:00 2001
+From: Tom Callaway <spot@fedoraproject.org>
+Date: Fri, 31 Jan 2020 12:40:45 +0000
+Subject: [PATCH] Fix build with gcc 10 (which has -fno-common enabled by
+ default).
+
+EFL failed to build from source in Fedora Rawhide as a result of the update to GCC 10. GCC 10 enables -fno-common by default, and this found three issues in EFL:
+
+  # The eina benchmark code defined int key_size in a header that was included in multiple places.
+  #/usr/bin/ld: bin/elementary/elementary_test-test_ui_clock.o:(.bss.dt1+0x0): multiple definition of `dt1'; bin/elementary/elementary_test-test_datetime.o:(.bss.dt1+0x0): first defined here
+ The elementary test code defines the "dt1", "dt2", "dt3" vars in two code files which are compiled together (but these variables do not appear to be used globally)
+  # The eio test code defines the "ee" var in two code files which are compiled together (but this variable does not appear to be used globally)
+
+I've fixed these issues and confirmed locally that the code builds again in Fedora.
+
+Reviewed-by: Marcel Hollerbach <mail@marcel-hollerbach.de>
+Differential Revision: https://phab.enlightenment.org/D11259
+
+Patch taken from upstream: https://github.com/Enlightenment/efl/commit/c245b576aad09ac5faeb800de7f7c4fef87c6363
+Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
+---
+ src/benchmarks/eina/eina_bench.h          |  2 +-
+ src/benchmarks/eina/eina_bench_crc_hash.c |  1 +
+ src/bin/elementary/test_ui_clock.c        | 90 +++++++++++------------
+ src/tests/eio/eio_test_map.c              | 10 +--
+ 4 files changed, 52 insertions(+), 51 deletions(-)
+
+diff --git a/src/benchmarks/eina/eina_bench.h b/src/benchmarks/eina/eina_bench.h
+index a38d70433e..747ac6f39f 100644
+--- a/src/benchmarks/eina/eina_bench.h
++++ b/src/benchmarks/eina/eina_bench.h
+@@ -21,7 +21,7 @@
+ 
+ #include "eina_benchmark.h"
+ 
+-int key_size;
++extern int key_size;
+ 
+ void eina_bench_hash(Eina_Benchmark *bench);
+ void eina_bench_crc_hash_short(Eina_Benchmark *bench);
+diff --git a/src/benchmarks/eina/eina_bench_crc_hash.c b/src/benchmarks/eina/eina_bench_crc_hash.c
+index b6734489a3..7750233ed4 100644
+--- a/src/benchmarks/eina/eina_bench_crc_hash.c
++++ b/src/benchmarks/eina/eina_bench_crc_hash.c
+@@ -26,6 +26,7 @@
+ uint64_t CityHash64(const char *buf, size_t len);
+ #endif
+ 
++int key_size;
+ char *key_str=NULL;
+ 
+ void repchar(int n)
+diff --git a/src/bin/elementary/test_ui_clock.c b/src/bin/elementary/test_ui_clock.c
+index 79e9074ead..9973b25cd3 100644
+--- a/src/bin/elementary/test_ui_clock.c
++++ b/src/bin/elementary/test_ui_clock.c
+@@ -6,7 +6,7 @@
+ 
+ /* A simple test, just displaying clock in its default format */
+ 
+-Evas_Object *dt1, *dt2, *dt3, *dt4;
++Evas_Object *uicdt1, *uicdt2, *uicdt3, *uicdt4;
+ 
+ static void
+ _changed_cb(void *data EINA_UNUSED, const Efl_Event *ev EINA_UNUSED)
+@@ -28,19 +28,19 @@ _bt_clicked(void *data EINA_UNUSED, const Efl_Event *ev)
+    new_time.tm_mday = 26;
+    new_time.tm_hour = 9;
+    new_time.tm_min = 0;
+-   efl_ui_clock_field_visible_set(dt1, EFL_UI_CLOCK_TYPE_HOUR, EINA_TRUE);
+-   efl_ui_clock_field_visible_set(dt1, EFL_UI_CLOCK_TYPE_MINUTE, EINA_TRUE);
+-   efl_ui_clock_field_visible_set(dt1, EFL_UI_CLOCK_TYPE_AMPM, EINA_TRUE);
+-   efl_ui_clock_field_visible_set(dt1, EFL_UI_CLOCK_TYPE_SECOND, EINA_TRUE);
+-   efl_ui_clock_field_visible_set(dt1, EFL_UI_CLOCK_TYPE_DAY, EINA_TRUE);
+-   efl_ui_clock_time_set(dt1, new_time);
+-
+-   elm_object_disabled_set(dt1, EINA_TRUE);
++   efl_ui_clock_field_visible_set(uicdt1, EFL_UI_CLOCK_TYPE_HOUR, EINA_TRUE);
++   efl_ui_clock_field_visible_set(uicdt1, EFL_UI_CLOCK_TYPE_MINUTE, EINA_TRUE);
++   efl_ui_clock_field_visible_set(uicdt1, EFL_UI_CLOCK_TYPE_AMPM, EINA_TRUE);
++   efl_ui_clock_field_visible_set(uicdt1, EFL_UI_CLOCK_TYPE_SECOND, EINA_TRUE);
++   efl_ui_clock_field_visible_set(uicdt1, EFL_UI_CLOCK_TYPE_DAY, EINA_TRUE);
++   efl_ui_clock_time_set(uicdt1, new_time);
++
++   elm_object_disabled_set(uicdt1, EINA_TRUE);
+    elm_object_disabled_set(ev->object, EINA_TRUE);
+ 
+-   efl_del(dt2);
+-   efl_del(dt3);
+-   dt2 = dt3 = NULL;
++   efl_del(uicdt2);
++   efl_del(uicdt3);
++   uicdt2 = uicdt3 = NULL;
+ }
+ 
+ void
+@@ -56,33 +56,33 @@ test_ui_clock(void *data EINA_UNUSED, Evas_Object *obj EINA_UNUSED, void *event_
+                 efl_content_set(win, efl_added),
+                 efl_gfx_hint_size_min_set(efl_added, EINA_SIZE2D(360, 240)));
+ 
+-   dt1 = efl_add(EFL_UI_CLOCK_CLASS, bx,
+-                 efl_gfx_hint_weight_set(efl_added, EVAS_HINT_EXPAND, EVAS_HINT_EXPAND),
+-                 efl_gfx_hint_fill_set(efl_added, EINA_TRUE, EINA_FALSE),
+-                 efl_ui_clock_field_visible_set(efl_added, EFL_UI_CLOCK_TYPE_HOUR, EINA_FALSE),
+-                 efl_ui_clock_field_visible_set(efl_added, EFL_UI_CLOCK_TYPE_MINUTE, EINA_FALSE),
+-                 efl_ui_clock_field_visible_set(efl_added, EFL_UI_CLOCK_TYPE_AMPM, EINA_FALSE),
+-                 efl_ui_clock_field_visible_set(efl_added, EFL_UI_CLOCK_TYPE_SECOND, EINA_FALSE),
+-                 efl_ui_clock_field_visible_set(efl_added, EFL_UI_CLOCK_TYPE_DAY, EINA_FALSE),
+-                 efl_ui_clock_pause_set(efl_added, EINA_TRUE),
+-                 efl_event_callback_add(efl_added, EFL_UI_CLOCK_EVENT_CHANGED, _changed_cb, NULL),
+-                 efl_pack(bx, efl_added));
+-
+-   dt2 = efl_add(EFL_UI_CLOCK_CLASS, bx,
+-                 efl_gfx_hint_weight_set(efl_added, EVAS_HINT_EXPAND, EVAS_HINT_EXPAND),
+-                 efl_gfx_hint_fill_set(efl_added, EINA_TRUE, EINA_FALSE),
+-                 efl_ui_clock_field_visible_set(efl_added, EFL_UI_CLOCK_TYPE_YEAR, EINA_FALSE),
+-                 efl_ui_clock_field_visible_set(efl_added, EFL_UI_CLOCK_TYPE_MONTH, EINA_FALSE),
+-                 efl_ui_clock_field_visible_set(efl_added, EFL_UI_CLOCK_TYPE_DATE, EINA_FALSE),
+-                 efl_ui_clock_field_visible_set(efl_added, EFL_UI_CLOCK_TYPE_SECOND, EINA_FALSE),
+-                 efl_ui_clock_pause_set(efl_added, EINA_TRUE),
+-                 efl_pack(bx, efl_added));
+-   elm_object_disabled_set(dt2, EINA_TRUE);
+-
+-   dt3 = efl_add(EFL_UI_CLOCK_CLASS, bx,
+-                 efl_gfx_hint_weight_set(efl_added, EVAS_HINT_EXPAND, EVAS_HINT_EXPAND),
+-                 efl_gfx_hint_fill_set(efl_added, EINA_TRUE, EINA_FALSE),
+-                 efl_pack(bx, efl_added));
++   uicdt1 = efl_add(EFL_UI_CLOCK_CLASS, bx,
++                    efl_gfx_hint_weight_set(efl_added, EVAS_HINT_EXPAND, EVAS_HINT_EXPAND),
++                    efl_gfx_hint_fill_set(efl_added, EINA_TRUE, EINA_FALSE),
++                    efl_ui_clock_field_visible_set(efl_added, EFL_UI_CLOCK_TYPE_HOUR, EINA_FALSE),
++                    efl_ui_clock_field_visible_set(efl_added, EFL_UI_CLOCK_TYPE_MINUTE, EINA_FALSE),
++                    efl_ui_clock_field_visible_set(efl_added, EFL_UI_CLOCK_TYPE_AMPM, EINA_FALSE),
++                    efl_ui_clock_field_visible_set(efl_added, EFL_UI_CLOCK_TYPE_SECOND, EINA_FALSE),
++                    efl_ui_clock_field_visible_set(efl_added, EFL_UI_CLOCK_TYPE_DAY, EINA_FALSE),
++                    efl_ui_clock_pause_set(efl_added, EINA_TRUE),
++                    efl_event_callback_add(efl_added, EFL_UI_CLOCK_EVENT_CHANGED, _changed_cb, NULL),
++                    efl_pack(bx, efl_added));
++
++   uicdt2 = efl_add(EFL_UI_CLOCK_CLASS, bx,
++                    efl_gfx_hint_weight_set(efl_added, EVAS_HINT_EXPAND, EVAS_HINT_EXPAND),
++                    efl_gfx_hint_fill_set(efl_added, EINA_TRUE, EINA_FALSE),
++                    efl_ui_clock_field_visible_set(efl_added, EFL_UI_CLOCK_TYPE_YEAR, EINA_FALSE),
++                    efl_ui_clock_field_visible_set(efl_added, EFL_UI_CLOCK_TYPE_MONTH, EINA_FALSE),
++                    efl_ui_clock_field_visible_set(efl_added, EFL_UI_CLOCK_TYPE_DATE, EINA_FALSE),
++                    efl_ui_clock_field_visible_set(efl_added, EFL_UI_CLOCK_TYPE_SECOND, EINA_FALSE),
++                    efl_ui_clock_pause_set(efl_added, EINA_TRUE),
++                    efl_pack(bx, efl_added));
++   elm_object_disabled_set(uicdt2, EINA_TRUE);
++
++   uicdt3 = efl_add(EFL_UI_CLOCK_CLASS, bx,
++                    efl_gfx_hint_weight_set(efl_added, EVAS_HINT_EXPAND, EVAS_HINT_EXPAND),
++                    efl_gfx_hint_fill_set(efl_added, EINA_TRUE, EINA_FALSE),
++                    efl_pack(bx, efl_added));
+ 
+    efl_add(EFL_UI_TEXTBOX_CLASS, bx,
+            efl_text_set(efl_added, "Editable Clock:"),
+@@ -92,12 +92,12 @@ test_ui_clock(void *data EINA_UNUSED, Evas_Object *obj EINA_UNUSED, void *event_
+            efl_gfx_hint_size_min_set(efl_added, EINA_SIZE2D(100, 25)),
+            efl_pack(bx, efl_added));
+ 
+-   dt4 = efl_add(EFL_UI_CLOCK_CLASS, bx,
+-                 efl_gfx_hint_weight_set(efl_added, EVAS_HINT_EXPAND, EVAS_HINT_EXPAND),
+-                 efl_gfx_hint_fill_set(efl_added, EINA_TRUE, EINA_FALSE),
+-                 efl_ui_clock_edit_mode_set(efl_added, EINA_TRUE),
+-                 efl_ui_clock_pause_set(efl_added, EINA_TRUE),
+-                 efl_pack(bx, efl_added));
++   uicdt4 = efl_add(EFL_UI_CLOCK_CLASS, bx,
++                    efl_gfx_hint_weight_set(efl_added, EVAS_HINT_EXPAND, EVAS_HINT_EXPAND),
++                    efl_gfx_hint_fill_set(efl_added, EINA_TRUE, EINA_FALSE),
++                    efl_ui_clock_edit_mode_set(efl_added, EINA_TRUE),
++                    efl_ui_clock_pause_set(efl_added, EINA_TRUE),
++                    efl_pack(bx, efl_added));
+ 
+    efl_add(EFL_UI_BUTTON_CLASS, win,
+            efl_text_set(efl_added, "Back to the future..."),
+diff --git a/src/tests/eio/eio_test_map.c b/src/tests/eio/eio_test_map.c
+index fdb0631a9d..f794f73d73 100644
+--- a/src/tests/eio/eio_test_map.c
++++ b/src/tests/eio/eio_test_map.c
+@@ -14,7 +14,7 @@
+ 
+ #include "eio_suite.h"
+ 
+-Eina_File *ee;
++Eina_File *eie;
+ 
+ static void
+ _done_cb(void *data EINA_UNUSED, Eio_File *handler EINA_UNUSED)
+@@ -25,7 +25,7 @@ _done_cb(void *data EINA_UNUSED, Eio_File *handler EINA_UNUSED)
+ static void
+ _open_cb(void *data EINA_UNUSED, Eio_File *handler EINA_UNUSED, Eina_File *ef)
+ {
+-   ee = ef;
++   eie = ef;
+    ecore_main_loop_quit();
+ }
+ 
+@@ -70,17 +70,17 @@ EFL_START_TEST(eio_test_map_simple)
+    ecore_main_loop_begin();
+    fail_if(!ef);
+ 
+-   ef = eio_file_map_all(ee, EINA_FILE_POPULATE, _filter_cb, _map_cb,
++   ef = eio_file_map_all(eie, EINA_FILE_POPULATE, _filter_cb, _map_cb,
+                     _error_cb, data);
+    ecore_main_loop_begin();
+    fail_if(!ef);
+ 
+-   ef = eio_file_map_new(ee, EINA_FILE_WILLNEED, 0, strlen(data), _filter_cb,
++   ef = eio_file_map_new(eie, EINA_FILE_WILLNEED, 0, strlen(data), _filter_cb,
+                          _map_cb, _error_cb, data);
+    ecore_main_loop_begin();
+    fail_if(!ef);
+ 
+-   ef = eio_file_close(ee, _done_cb, _error_cb, NULL);
++   ef = eio_file_close(eie, _done_cb, _error_cb, NULL);
+    ecore_main_loop_begin();
+    fail_if(!ef);
+ 
+-- 
+2.20.1
+

package/elf2flt/0002-elf2flt.c-add-new-relocation-types-for-xtensa.patch

@@ -0,0 +1,188 @@
+From d7eb73163bcea31168c438fc132a0967ac172e3d Mon Sep 17 00:00:00 2001
+From: Max Filippov <jcmvbkbc@gmail.com>
+Date: Thu, 7 May 2020 21:11:43 -0700
+Subject: [PATCH] elf2flt.c: add new relocation types for xtensa
+
+Xtensa have added new relocation types R_XTENSA_[NP]DIFF{8,16,32} with
+the same properties as the existing types R_XTENSA_DIFF{8,16,32}.
+Add them to the list of ignored relocation types.
+
+This fixes the following error when invoking elf2flt on xtensa binaries
+built with the recent binutils:
+
+  ERROR: reloc type R_XTENSA_PDIFF32 unsupported in this context
+
+Reported-by: Romain Naour <romain.naour@gmail.com>
+Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
+Backported from: d7eb73163bcea31168c438fc132a0967ac172e3d
+---
+ Makefile.in  |  3 ++-
+ configure    | 64 ++++++++++++++++++++++++++++++++++++++++++++++++++++
+ configure.ac | 14 ++++++++++++
+ elf2flt.c    |  8 +++++++
+ 4 files changed, 88 insertions(+), 1 deletion(-)
+
+diff --git a/Makefile.in b/Makefile.in
+index 52b3347d7f43..0529c7f0a25a 100644
+--- a/Makefile.in
++++ b/Makefile.in
+@@ -30,7 +30,8 @@ DEFS = @DEFS@ \
+ 	-DNO_GOT_CHECK=@got_check@ \
+ 	-DUSE_EMIT_RELOCS=@emit_relocs@ \
+ 	-DEMIT_CTOR_DTOR=@emit_ctor_dtor@ \
+-	-DALWAYS_RELOC_TEXT=@always_reloc_text@
++	-DALWAYS_RELOC_TEXT=@always_reloc_text@ \
++	-DHAVE_BFD_XTENSA_PDIFF_RELOCS=@HAVE_BFD_XTENSA_PDIFF_RELOCS@
+ EXEEXT = @EXEEXT@
+ OBJEXT = @OBJEXT@
+ 
+diff --git a/configure b/configure
+index bb8e33f9cb28..bca38c34247e 100755
+--- a/configure
++++ b/configure
+@@ -621,6 +621,7 @@ ac_includes_default="\
+ 
+ ac_subst_vars='LTLIBOBJS
+ LIBOBJS
++HAVE_BFD_XTENSA_PDIFF_RELOCS
+ SYMBOL_PREFIX
+ always_reloc_text
+ emit_ctor_dtor
+@@ -1729,6 +1730,52 @@ fi
+ 
+ } # ac_fn_c_try_link
+ 
++# ac_fn_c_check_decl LINENO SYMBOL VAR INCLUDES
++# ---------------------------------------------
++# Tests whether SYMBOL is declared in INCLUDES, setting cache variable VAR
++# accordingly.
++ac_fn_c_check_decl ()
++{
++  as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
++  as_decl_name=`echo $2|sed 's/ *(.*//'`
++  as_decl_use=`echo $2|sed -e 's/(/((/' -e 's/)/) 0&/' -e 's/,/) 0& (/g'`
++  { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $as_decl_name is declared" >&5
++$as_echo_n "checking whether $as_decl_name is declared... " >&6; }
++if eval \${$3+:} false; then :
++  $as_echo_n "(cached) " >&6
++else
++  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
++/* end confdefs.h.  */
++$4
++int
++main ()
++{
++#ifndef $as_decl_name
++#ifdef __cplusplus
++  (void) $as_decl_use;
++#else
++  (void) $as_decl_name;
++#endif
++#endif
++
++  ;
++  return 0;
++}
++_ACEOF
++if ac_fn_c_try_compile "$LINENO"; then :
++  eval "$3=yes"
++else
++  eval "$3=no"
++fi
++rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
++fi
++eval ac_res=\$$3
++	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
++$as_echo "$ac_res" >&6; }
++  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
++
++} # ac_fn_c_check_decl
++
+ # ac_fn_c_check_func LINENO FUNC VAR
+ # ----------------------------------
+ # Tests whether FUNC exists, setting the cache variable VAR accordingly
+@@ -4272,6 +4319,22 @@ $as_echo "#define const /**/" >>confdefs.h
+ fi
+ 
+ 
++HAVE_BFD_XTENSA_PDIFF_RELOCS=0
++case $target in
++	xtensa*)
++		OLD_CPPFLAGS=$CPPFLAGS
++		CPPFLAGS="-I$bfd_include_dir -I$binutils_include_dir $CPPFLAGS"
++		ac_fn_c_check_decl "$LINENO" "R_XTENSA_PDIFF8" "ac_cv_have_decl_R_XTENSA_PDIFF8" "#include \"bfd.h\"
++			       #include \"elf/xtensa.h\"
++"
++if test "x$ac_cv_have_decl_R_XTENSA_PDIFF8" = xyes; then :
++  HAVE_BFD_XTENSA_PDIFF_RELOCS=1
++fi
++
++		CPPFLAGS=$OLD_CPPFLAGS
++		;;
++esac
++
+ for ac_func in vprintf
+ do :
+   ac_fn_c_check_func "$LINENO" "vprintf" "ac_cv_func_vprintf"
+@@ -4333,6 +4396,7 @@ fi
+ 
+ 
+ 
++
+ ac_config_files="$ac_config_files ld-elf2flt.sh:ld-elf2flt.in Makefile elf2flt.ld"
+ 
+ cat >confcache <<\_ACEOF
+diff --git a/configure.ac b/configure.ac
+index d6b4119eb18a..19969b1045f6 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -202,6 +202,19 @@ AC_CHECK_HEADERS(fcntl.h unistd.h bfd.h)
+ dnl Checks for typedefs, structures, and compiler characteristics.
+ AC_C_CONST
+ 
++HAVE_BFD_XTENSA_PDIFF_RELOCS=0
++case $target in
++	xtensa*)
++		AS_VAR_COPY([OLD_CPPFLAGS], [CPPFLAGS])
++		AS_VAR_SET([CPPFLAGS], ["-I$bfd_include_dir -I$binutils_include_dir $CPPFLAGS"])
++		AC_CHECK_DECL([R_XTENSA_PDIFF8],
++			      [HAVE_BFD_XTENSA_PDIFF_RELOCS=1],,
++			      [#include "bfd.h"
++			       #include "elf/xtensa.h"])
++		AS_VAR_COPY([CPPFLAGS], [OLD_CPPFLAGS])
++		;;
++esac
++
+ dnl Checks for library functions.
+ AC_FUNC_VPRINTF
+ 
+@@ -235,6 +248,7 @@ AC_SUBST(emit_relocs)
+ AC_SUBST(emit_ctor_dtor)
+ AC_SUBST(always_reloc_text)
+ AC_SUBST(SYMBOL_PREFIX)
++AC_SUBST(HAVE_BFD_XTENSA_PDIFF_RELOCS)
+ 
+ AC_OUTPUT(ld-elf2flt.sh:ld-elf2flt.in Makefile elf2flt.ld)
+ 
+diff --git a/elf2flt.c b/elf2flt.c
+index b7c4a490df02..961534973f56 100644
+--- a/elf2flt.c
++++ b/elf2flt.c
+@@ -776,6 +776,14 @@ output_relocs (
+ 				case R_XTENSA_DIFF8:
+ 				case R_XTENSA_DIFF16:
+ 				case R_XTENSA_DIFF32:
++#if HAVE_BFD_XTENSA_PDIFF_RELOCS
++				case R_XTENSA_PDIFF8:
++				case R_XTENSA_PDIFF16:
++				case R_XTENSA_PDIFF32:
++				case R_XTENSA_NDIFF8:
++				case R_XTENSA_NDIFF16:
++				case R_XTENSA_NDIFF32:
++#endif
+ 				case R_XTENSA_32_PCREL:
+ 					continue;
+ 				case R_XTENSA_32:
+-- 
+2.20.1
+

package/erlang/0003-ei_portio.h-avoid-ODR-violation-of-ei_default_socket.patch

@@ -0,0 +1,54 @@
+From de870d7f9f36b3e68f280057851a4585a67ab219 Mon Sep 17 00:00:00 2001
+From: Sergei Trofimovich <slyfox@gentoo.org>
+Date: Tue, 14 Jan 2020 23:15:01 +0000
+Subject: [PATCH] ei_portio.h: avoid ODR violation of
+ 'ei_default_socket_callbacks'
+
+Noticed as a build failure against fresh gcc-master:
+
+```
+LD otp/lib/erl_interface/bin/x86_64-unknown-linux-gnu/erl_call
+ld: otp/lib/erl_interface/obj/x86_64-unknown-linux-gnu/libei.a(eirecv.o):otp/lib/erl_interface/src/misc/ei_portio.h:50: multiple definition of `ei_default_socket_callbacks'; otp/lib/erl_interface/obj/x86_64-unknown-linux-gnu/libei.a(ei_connect.o):otp/lib/erl_interface/src/misc/ei_portio.h:50: first defined here
+ld: otp/lib/erl_interface/obj/x86_64-unknown-linux-gnu/libei.a(send.o):otp/lib/erl_interface/src/misc/ei_portio.h:50: multiple definition of `ei_default_socket_callbacks'; otp/lib/erl_interface/obj/x86_64-unknown-linux-gnu/libei.a(ei_connect.o):otp/lib/erl_interface/src/misc/ei_portio.h:50: first defined here
+ld: otp/lib/erl_interface/obj/x86_64-unknown-linux-gnu/libei.a(send_reg.o):otp/lib/erl_interface/src/misc/ei_portio.h:50: multiple definition of `ei_default_socket_callbacks'; otp/lib/erl_interface/obj/x86_64-unknown-linux-gnu/libei.a(ei_connect.o):otp/lib/erl_interface/src/misc/ei_portio.h:50: first defined here
+ld: otp/lib/erl_interface/obj/x86_64-unknown-linux-gnu/libei.a(epmd_port.o):otp/lib/erl_interface/src/misc/ei_portio.h:50: multiple definition of `ei_default_socket_callbacks'; otp/lib/erl_interface/obj/x86_64-unknown-linux-gnu/libei.a(ei_connect.o):otp/lib/erl_interface/src/misc/ei_portio.h:50: first defined here
+ld: otp/lib/erl_interface/obj/x86_64-unknown-linux-gnu/libei.a(ei_portio.o):otp/lib/erl_interface/src/misc/ei_portio.h:50: multiple definition of `ei_default_socket_callbacks'; otp/lib/erl_interface/obj/x86_64-unknown-linux-gnu/libei.a(ei_connect.o):otp/lib/erl_interface/src/misc/ei_portio.h:50: first defined here
+collect2: error: ld returned 1 exit status
+make[3]: *** [x86_64-unknown-linux-gnu/Makefile:669: otp/lib/erl_interface/bin/x86_64-unknown-linux-gnu/erl_call] Error 1
+```
+
+The failure looks legitimate: `ei_default_socket_callbacks` is a
+struct defined in 'ei_portio.h' and in 'ei_portio.c'.
+
+The change flips 'ei_portio.h' definition to declaration.
+
+gcc-10 will change the default from -fcommon to fno-common:
+https://gcc.gnu.org/PR85678.
+
+The error also happens if CFLAGS=-fno-common passed explicitly.
+
+Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
+
+Patch taken from upstream: https://github.com/erlang/otp/commit/de870d7f9f36b3e68f280057851a4585a67ab219
+Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
+---
+ lib/erl_interface/src/misc/ei_portio.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/lib/erl_interface/src/misc/ei_portio.h b/lib/erl_interface/src/misc/ei_portio.h
+index 84ebc5039a..5172d085b4 100644
+
+--- a/lib/erl_interface/src/misc/ei_portio.h
++++ b/lib/erl_interface/src/misc/ei_portio.h
+@@ -47,7 +47,7 @@ int ei_writev_fill_ctx_t__(ei_socket_callbacks *cbs, void *ctx, const struct iov
+ int ei_socket_callbacks_have_writev__(ei_socket_callbacks *cbs);
+ #endif
+ 
+-ei_socket_callbacks ei_default_socket_callbacks;
++extern ei_socket_callbacks ei_default_socket_callbacks;
+ 
+ #define EI_FD_AS_CTX__(FD)                                              \
+     ((void *) (long) (FD))
+-- 
+2.20.1
+

package/exfatprogs/0001-exfatprogs-add-missing-include-sys-types.h.patch

@@ -1,49 +0,0 @@
-From c00522e0a890265d18dcdc92738e524d48297ed5 Mon Sep 17 00:00:00 2001
-From: James Hilliard <james.hilliard1@gmail.com>
-Date: Fri, 17 Apr 2020 13:10:49 -0600
-Subject: [PATCH] exfatprogs: add missing #include <sys/types.h>
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Fixes:
-../include/libexfat.h:72:1: error: unknown type name ‘ssize_t’
- ssize_t exfat_read(int fd, void *buf, size_t size, off_t offset);
- ^
-../include/libexfat.h:72:52: error: unknown type name ‘off_t’
- ssize_t exfat_read(int fd, void *buf, size_t size, off_t offset);
-                                                    ^
-../include/libexfat.h:73:1: error: unknown type name ‘ssize_t’
- ssize_t exfat_write(int fd, void *buf, size_t size, off_t offset);
- ^
-../include/libexfat.h:73:53: error: unknown type name ‘off_t’
- ssize_t exfat_write(int fd, void *buf, size_t size, off_t offset);
-                                                     ^
-../include/libexfat.h:75:1: error: unknown type name ‘ssize_t’
- ssize_t exfat_utf16_enc(const char *in_str, __u16 *out_str, size_t out_size);
- ^
-../include/libexfat.h:76:1: error: unknown type name ‘ssize_t’
- ssize_t exfat_utf16_dec(const __u16 *in_str, size_t in_len,
- ^
-
-Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
-[Upstream status: https://github.com/exfatprogs/exfatprogs/pull/50]
----
- include/libexfat.h | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/include/libexfat.h b/include/libexfat.h
-index ed1fb4c..36c8bdd 100644
---- a/include/libexfat.h
-+++ b/include/libexfat.h
-@@ -6,6 +6,7 @@
- #ifndef _LIBEXFAT_H
- 
- #include <stdbool.h>
-+#include <sys/types.h>
- #include <wchar.h>
- 
- #define KB			(1024)
--- 
-2.20.1
-

package/exfatprogs/exfatprogs.hash

@@ -1,3 +1,3 @@
 # Locally calculated
-sha256  e7f14f32dd67601ff42717f432093a400de878774796f6f1684fb9dbf0d499e1  exfatprogs-1.0.2.tar.gz
+sha256  e73863d2f27901834e0dae678ecbb3d899e206d6036cca27d9b24b9479487f65  exfatprogs-1.0.3.tar.gz
 sha256  576540abf5e95029ad4ad90e32071385a5e95b2c30708c706116f3eb87b9a3de  COPYING

package/exfatprogs/exfatprogs.mk

@@ -4,11 +4,10 @@
 #
 ################################################################################
 
-EXFATPROGS_VERSION = 1.0.2
-EXFATPROGS_SITE = $(call github,exfatprogs,exfatprogs,$(EXFATPROGS_VERSION))
+EXFATPROGS_VERSION = 1.0.3
+EXFATPROGS_SITE = https://github.com/exfatprogs/exfatprogs/releases/download/$(EXFATPROGS_VERSION)
 EXFATPROGS_LICENSE = GPL-2.0+
 EXFATPROGS_LICENSE_FILES = COPYING
-EXFATPROGS_AUTORECONF = YES
 EXFATPROGS_DEPENDENCIES = host-pkgconf
 HOST_EXFATPROGS_DEPENDENCIES = host-pkgconf
 

package/ezxml/0001-allow-compiler-override.patch

@@ -1,17 +0,0 @@
-diff -urpN ezxml/GNUmakefile ezxml.patched/GNUmakefile
---- ezxml/GNUmakefile	2006-03-25 18:44:04.000000000 +0100
-+++ ezxml.patched/GNUmakefile	2008-02-24 13:57:37.000000000 +0100
-@@ -21,10 +21,10 @@
- # TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
- # SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
- 
--CC = gcc
--AR = ar
-+CC ?= gcc
-+AR ?= ar
- RM = rm -f
--CFLAGS = -Wall -O2
-+CFLAGS ?= -Wall -O2
- DEBUG_CFLAGS = -O0 -g
- OBJS = ezxml.o
- LIB = libezxml.a

package/ezxml/Config.in

@@ -1,7 +0,0 @@
-config BR2_PACKAGE_EZXML
-	bool "ezxml"
-	help
-	  ezXML is a XML parser C library that is simple and easy to
-	  use.
-
-	  http://ezxml.sf.net

package/ezxml/ezxml.hash

@@ -1,3 +0,0 @@
-# Locally computed:
-sha256  a68d52257dcb0ff2ad3d71c8c64311edb8030254bb8b581e229aeaba6231cdf9  ezxml-0.8.6.tar.gz
-sha256  e82e49402f6b21176c65eead46dbd39d8f7a3c28b052589d8b307dfc8f78a03f  license.txt

package/ezxml/ezxml.mk

@@ -1,35 +0,0 @@
-################################################################################
-#
-# ezxml
-#
-################################################################################
-
-EZXML_VERSION = 0.8.6
-EZXML_SITE = http://downloads.sourceforge.net/project/ezxml/ezXML/ezXML%20$(EZXML_VERSION)
-EZXML_INSTALL_STAGING = YES
-EZXML_LICENSE = MIT
-EZXML_LICENSE_FILES = license.txt
-
-EZXML_CFLAGS = $(TARGET_CFLAGS)
-
-# mmap code uses madvise which isn't available on nommu uClibc
-ifeq ($(BR2_USE_MMU),)
-EZXML_CFLAGS += -D EZXML_NOMMAP
-endif
-
-define EZXML_BUILD_CMDS
-	$(TARGET_MAKE_ENV) $(MAKE) -C $(@D) -f GNUmakefile \
-		CC="$(TARGET_CC)" CFLAGS="$(EZXML_CFLAGS)" AR=$(TARGET_AR)
-endef
-
-define EZXML_INSTALL_STAGING_CMDS
-	$(INSTALL) -D -m 0644 $(@D)/ezxml.h $(STAGING_DIR)/usr/include/ezxml.h
-	$(INSTALL) -D -m 0644 $(@D)/libezxml.a $(STAGING_DIR)/usr/lib/libezxml.a
-endef
-
-define EZXML_INSTALL_TARGET_CMDS
-	$(INSTALL) -D -m 0644 $(@D)/ezxml.h $(TARGET_DIR)/usr/include/ezxml.h
-	$(INSTALL) -D -m 0644 $(@D)/libezxml.a $(TARGET_DIR)/usr/lib/libezxml.a
-endef
-
-$(eval $(generic-package))

package/fakeroot/0004-Fix-forwarding-fchownat-fchmod-flags.patch

@@ -0,0 +1,28 @@
+Forward supported flags to fstatat, this fixes issues like
+using an empty path
+
+Upstream BR: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959876
+
+Signed-off-by: Norbert Lange <nolange79@gmail.com>
+
+diff -burN fakeroot-1.20.2.org/libfakeroot.c fakeroot-1.20.2/libfakeroot.c
+--- fakeroot-1.20.2.org/libfakeroot.c	2014-10-05 17:16:00.000000000 +0200
++++ fakeroot-1.20.2/libfakeroot.c	2020-05-10 22:24:18.896625085 +0200
+@@ -880,7 +880,7 @@
+   /* If AT_SYMLINK_NOFOLLOW is set in the fchownat call it should
+      be when we stat it. */
+   INT_STRUCT_STAT st;
+-  r=INT_NEXT_FSTATAT(dir_fd, path, &st, (flags & AT_SYMLINK_NOFOLLOW));
++  r=INT_NEXT_FSTATAT(dir_fd, path, &st, (flags & (AT_SYMLINK_NOFOLLOW | AT_EMPTY_PATH | AT_NO_AUTOMOUNT)));
+
+   if(r)
+     return(r);
+@@ -1017,7 +1017,7 @@
+
+   /* If AT_SYMLINK_NOFOLLOW is set in the fchownat call it should
+      be when we stat it. */
+-  r=INT_NEXT_FSTATAT(dir_fd, path, &st, flags & AT_SYMLINK_NOFOLLOW);
++  r=INT_NEXT_FSTATAT(dir_fd, path, &st, flags & (AT_SYMLINK_NOFOLLOW | AT_EMPTY_PATH | AT_NO_AUTOMOUNT));
+
+   if(r)
+     return(r);

package/ffmpeg/ffmpeg.hash

@@ -1,5 +1,5 @@
 # Locally calculated
-sha256 cb754255ab0ee2ea5f66f8850e1bd6ad5cac1cd855d0a2f4990fb8c668b0d29c  ffmpeg-4.2.2.tar.xz
-sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643  COPYING.GPLv2
-sha256 b634ab5640e258563c536e658cad87080553df6f34f62269a21d554844e58bfe  COPYING.LGPLv2.1
-sha256 cad1218c22121b169fb1380178ab7a0b33cb38a3ff6d3915b8533d1d954f3ce7  LICENSE.md
+sha256  9df6c90aed1337634c1fb026fb01c154c29c82a64ea71291ff2da9aacb9aad31  ffmpeg-4.2.3.tar.xz
+sha256  8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643  COPYING.GPLv2
+sha256  b634ab5640e258563c536e658cad87080553df6f34f62269a21d554844e58bfe  COPYING.LGPLv2.1
+sha256  cad1218c22121b169fb1380178ab7a0b33cb38a3ff6d3915b8533d1d954f3ce7  LICENSE.md

package/ffmpeg/ffmpeg.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-FFMPEG_VERSION = 4.2.2
+FFMPEG_VERSION = 4.2.3
 FFMPEG_SOURCE = ffmpeg-$(FFMPEG_VERSION).tar.xz
 FFMPEG_SITE = http://ffmpeg.org/releases
 FFMPEG_INSTALL_STAGING = YES

package/fio/0002-Makefile-fix-build-of-io_uring-on-sh4.patch

@@ -0,0 +1,33 @@
+From e1985f9097f37748efdc29239eb3fb6a00b12f27 Mon Sep 17 00:00:00 2001
+From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+Date: Sat, 23 May 2020 19:07:40 +0200
+Subject: [PATCH] Makefile: fix build of io_uring on sh4
+
+SuperH compile currently fails with:
+
+/usr/lfs/hdd_v1/rc-buildroot-test/scripts/instance-0/output-1/host/opt/ext-toolchain/bin/../lib/gcc/sh4-buildroot-linux-uclibc/8.3.0/../../../../sh4-buildroot-linux-uclibc/bin/ld: t/io_uring.o: in function `submitter_fn':
+/usr/lfs/hdd_v1/rc-buildroot-test/scripts/instance-0/output-1/build/fio-3.19/t/io_uring.c:131: undefined reference to `arch_flags'
+/usr/lfs/hdd_v1/rc-buildroot-test/scripts/instance-0/output-1/host/opt/ext-toolchain/bin/../lib/gcc/sh4-buildroot-linux-uclibc/8.3.0/../../../../sh4-buildroot-linux-uclibc/bin/ld: /usr/lfs/hdd_v1/rc-buildroot-test/scripts/instance-0/output-1/build/fio-3.19/t/io_uring.c:367: undefined reference to `arch_flags'
+collect2: error: ld returned 1 exit status
+
+Fix that by ensuring we have a stub arch.o with the necessary arch flags
+
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+[Retrieved from:
+https://github.com/axboe/fio/commit/e1985f9097f37748efdc29239eb3fb6a00b12f27]
+---
+ Makefile | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/Makefile b/Makefile
+index f1e984f5f..e39621954 100644
+--- a/Makefile
++++ b/Makefile
+@@ -283,6 +283,7 @@ T_PIPE_ASYNC_OBJS = t/read-to-pipe-async.o
+ T_PIPE_ASYNC_PROGS = t/read-to-pipe-async
+ 
+ T_IOU_RING_OBJS = t/io_uring.o
++T_IOU_RING_OBJS += t/arch.o
+ T_IOU_RING_PROGS = t/io_uring
+ 
+ T_MEMLOCK_OBJS = t/memlock.o

package/freerdp/0001-src-libuwac-uwac-os.c-fix-build-with-uclibc.patch

@@ -1,44 +0,0 @@
-From 39292268308a3fd6233c2863df22232725d22b3a Mon Sep 17 00:00:00 2001
-From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
-Date: Fri, 10 Apr 2020 08:49:22 +0200
-Subject: [PATCH] src/libuwac/uwac-os.c: fix build with uclibc
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-O_TMPFILE is used since version 2.0.0 and
-https://github.com/FreeRDP/FreeRDP/commit/52ef8079eae74dfe89e6779c873101843b8cc42b
-
-However, this will result in the following build failure on uclibc or
-uclibc-ng:
-
-/home/fabrice/buildroot/output/build/freerdp-2.0.0/uwac/libuwac/uwac-os.c:228:18: error: ‘O_TMPFILE’ undeclared (first use in this function); did you mean ‘EMFILE’?
-  fd = open(path, O_TMPFILE | O_RDWR | O_EXCL, 0600);
-                  ^~~~~~~~~
-                  EMFILE
-
-To fix this build failure, define O_TMPFILE if needed
-
-Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
-[Retrieved from:
-https://github.com/FreeRDP/FreeRDP/commit/39292268308a3fd6233c2863df22232725d22b3a]
----
- uwac/libuwac/uwac-os.c | 5 +++++
- 1 file changed, 5 insertions(+)
-
-diff --git a/uwac/libuwac/uwac-os.c b/uwac/libuwac/uwac-os.c
-index 799cdce9a5..4f8c8f5161 100644
---- a/uwac/libuwac/uwac-os.c
-+++ b/uwac/libuwac/uwac-os.c
-@@ -33,6 +33,11 @@
- #define USE_SHM
- #endif
- 
-+/* uClibc and uClibc-ng don't provide O_TMPFILE */
-+#ifndef O_TMPFILE
-+#define O_TMPFILE (020000000 | O_DIRECTORY)
-+#endif
-+
- #include <sys/types.h>
- #include <sys/socket.h>
- #ifdef USE_SHM

package/freerdp/freerdp.hash

@@ -1,5 +1,5 @@
-# From https://pub.freerdp.com/releases/freerdp-2.0.0.tar.gz.sha256
-sha256  4ee064e87486cb6fea85d5b6b606add9f02df25ce73f9818b49de75cebd7fedf  freerdp-2.0.0.tar.gz
+# From https://pub.freerdp.com/releases/freerdp-2.1.1.tar.gz.sha256
+sha256  6c6bf72fba1058ca6524c040d0825e4cdaa88682884a6c1c360e1cd5b8e21723  freerdp-2.1.1.tar.gz
 
 # Locally calculated
 sha256  cfc7749b96f63bd31c3c42b5c471bf756814053e847c10f3eb003417bc523d30  LICENSE

package/freerdp/freerdp.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-FREERDP_VERSION = 2.0.0
+FREERDP_VERSION = 2.1.1
 FREERDP_SITE = https://pub.freerdp.com/releases
 FREERDP_DEPENDENCIES = libglib2 openssl zlib
 FREERDP_LICENSE = Apache-2.0

package/gcc/gcc.mk

@@ -32,14 +32,6 @@ endef
 # Apply patches
 #
 
-ifeq ($(ARCH),powerpc)
-ifneq ($(BR2_SOFT_FLOAT),)
-define HOST_GCC_APPLY_POWERPC_PATCH
-	$(APPLY_PATCHES) $(@D) package/gcc/$(GCC_VERSION) 1000-powerpc-link-with-math-lib.patch.conditional
-endef
-endif
-endif
-
 # gcc is a special package, not named gcc, but gcc-initial and
 # gcc-final, but patches are nonetheless stored in package/gcc in the
 # tree, and potentially in BR2_GLOBAL_PATCH_DIR directories as well.

package/gerbera/0002-cmake-FindLibMagic-cmake-fix-static-linking.patch

@@ -0,0 +1,63 @@
+From 7fdcabd80c823694d190e5baa8c657ffcae5e777 Mon Sep 17 00:00:00 2001
+From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+Date: Fri, 31 Jan 2020 17:14:11 +0100
+Subject: [PATCH] cmake/FindLibMagic.cmake: fix static linking
+
+libmagic can optionally depends on xz (for lzma) or bzip2 since version
+5.38 and
+https://github.com/file/file/commit/b259a07ea95827f565faa20f0316e5b2704064f7
+so use pkg-config to retrieve those static dependencies and avoid the
+following build failure:
+
+[100%] Linking CXX executable gerbera
+/home/br-user/autobuild/run/instance-0/output-1/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-uclibcgnueabi/8.3.0/../../../../arm-buildroot-linux-uclibcgnueabi/bin/ld: /home/br-user/autobuild/run/instance-0/output-1/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libmagic.a(compress.o): in function `uncompressbuf':
+compress.c:(.text+0x69c): undefined reference to `BZ2_bzDecompressInit'
+/home/br-user/autobuild/run/instance-0/output-1/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-uclibcgnueabi/8.3.0/../../../../arm-buildroot-linux-uclibcgnueabi/bin/ld: compress.c:(.text+0x710): undefined reference to `BZ2_bzDecompress'
+/home/br-user/autobuild/run/instance-0/output-1/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-uclibcgnueabi/8.3.0/../../../../arm-buildroot-linux-uclibcgnueabi/bin/ld: compress.c:(.text+0x730): undefined reference to `BZ2_bzDecompressEnd'
+/home/br-user/autobuild/run/instance-0/output-1/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-uclibcgnueabi/8.3.0/../../../../arm-buildroot-linux-uclibcgnueabi/bin/ld: compress.c:(.text+0x7bc): undefined reference to `lzma_auto_decoder'
+/home/br-user/autobuild/run/instance-0/output-1/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-uclibcgnueabi/8.3.0/../../../../arm-buildroot-linux-uclibcgnueabi/bin/ld: compress.c:(.text+0x828): undefined reference to `lzma_code'
+/home/br-user/autobuild/run/instance-0/output-1/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-uclibcgnueabi/8.3.0/../../../../arm-buildroot-linux-uclibcgnueabi/bin/ld: compress.c:(.text+0x848): undefined reference to `lzma_end'
+
+It should be noted that libmagic.pc is not currently provided in the
+official file package (which provides libmagic), an issue has been
+opened to add libmagic.pc: https://bugs.astron.com/view.php?id=136
+
+Fixes:
+ - http://autobuild.buildroot.org/results/37b1ef54dc41100689f311fbc31fc9300dc6ae63
+
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+[Retrieved from:
+https://github.com/gerbera/gerbera/commit/7fdcabd80c823694d190e5baa8c657ffcae5e777]
+---
+ cmake/FindLibMagic.cmake | 15 +++++++++++++--
+ 1 file changed, 13 insertions(+), 2 deletions(-)
+
+diff --git a/cmake/FindLibMagic.cmake b/cmake/FindLibMagic.cmake
+index f68ab923..04995af4 100644
+--- a/cmake/FindLibMagic.cmake
++++ b/cmake/FindLibMagic.cmake
+@@ -1,11 +1,22 @@
+ INCLUDE (FindPackageHandleStandardArgs)
+ 
+-FIND_PATH(MAGIC_INCLUDE_DIR magic.h)
+-FIND_LIBRARY(MAGIC_LIBRARIES NAMES magic)
++find_package(PkgConfig QUIET)
++
++pkg_check_modules(PC_MAGIC QUIET libmagic)
++
++FIND_PATH(MAGIC_INCLUDE_DIR magic.h
++    HINTS ${PC_MAGIC_INCLUDEDIR} ${PC_MAGIC_INCLUDE_DIRS})
++FIND_LIBRARY(MAGIC_LIBRARIES NAMES magic
++    HINTS ${PC_MAGIC_LIBDIR} ${PC_MAGIC_LIBRARY_DIRS})
+ 
+ # handle the QUIETLY and REQUIRED arguments and set MAGIC_FOUND to TRUE
+ find_package_handle_standard_args(MAGIC DEFAULT_MSG MAGIC_LIBRARIES)
+ 
++if (MAGIC_FOUND)
++    set (MAGIC_LIBRARIES ${MAGIC_LIBRARY} ${PC_MAGIC_LIBRARIES})
++    set (MAGIC_INCLUDE_DIRS ${MAGIC_INCLUDE_DIR} )
++endif ()
++
+ MARK_AS_ADVANCED(
+     MAGIC_LIBRARIES
+     MAGIC_INCLUDE_DIRS )

package/glibc/2.30-67-g4748829f86a458b76642f3e98b1d80f7b868e427/glibc.hash

@@ -1,5 +1,5 @@
 # Locally calculated (fetched from Github)
-sha256  fe1ca8099bc2cda997d8a585f1a512e59df56c52c9c7363a4058da2725c8f4a9  glibc-2.30-20-g50f20fe506abb8853641006a7b90a81af21d7b91.tar.gz
+sha256  4462f56696332efbc5b0c2f86d7aa75a2a02c3d44bc4345fa42b5bab1225de5c  glibc-2.30-67-g4748829f86a458b76642f3e98b1d80f7b868e427.tar.gz
 
 # Hashes for license files
 sha256  8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643  COPYING

package/glibc/glibc.mk

@@ -17,7 +17,7 @@ else
 # Generate version string using:
 #   git describe --match 'glibc-*' --abbrev=40 origin/release/MAJOR.MINOR/master | cut -d '-' -f 2-
 # When updating the version, please also update localedef
-GLIBC_VERSION = 2.30-20-g50f20fe506abb8853641006a7b90a81af21d7b91
+GLIBC_VERSION = 2.30-67-g4748829f86a458b76642f3e98b1d80f7b868e427
 # Upstream doesn't officially provide an https download link.
 # There is one (https://sourceware.org/git/glibc.git) but it's not reliable,
 # sometimes the connection times out. So use an unofficial github mirror.

package/gnupg/0001-build-Always-use-EXTERN_UNLESS_MAIN_MODULE-pattern.patch

@@ -0,0 +1,156 @@
+From 45ef4455a60929932d1499cf718c1c9f59af9f26 Mon Sep 17 00:00:00 2001
+From: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
+Date: Tue, 26 May 2020 22:57:05 +0200
+Subject: [PATCH] build: Always use EXTERN_UNLESS_MAIN_MODULE pattern
+
+This patch is loosely based on upstream commit
+6aff8a132815a84bab69401c1e7de96ec549fbf2 ("build: Always use
+EXTERN_UNLESS_MAIN_MODULE pattern."). However, this upstream commit
+applies to gnupg2, and the code base has changed quite significantly
+compared to gnupg 1.x, so upstream's patch cannot be applied
+as-is. The goal of the patch is to make sure each variable is only
+defined once, ass gcc 10 now default to -fno-common.
+
+Essentially, this patch mainly fixes the EXTERN_UNLESS_MAIN_MODULE
+define so that it really expands to "extern" when
+INCLUDED_BY_MAIN_MODULE is not defined, even on non-RiscOS
+systems. Contrary to upstream's patch we however do not factorize the
+multiple EXTERN_UNLESS_MAIN_MODULE definitions into a single place as
+it requires too many changes: instead we simply fix the few
+definitions of this macro.
+
+Once the macro is fixed, two places need to define
+INCLUDED_BY_MAIN_MODULE: tools/bftest.c and tools/mpicalc.c so that
+when they include the common headers, their variables are at least
+defined once.
+
+The iobuf.{c,h} case is handled differently: iobuf.h gains an
+unconditional "extern", with the variable being added to iobuf.c. This
+is identical to what upstream's
+6aff8a132815a84bab69401c1e7de96ec549fbf2 is doing.
+
+Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
+---
+ g10/options.h    | 3 +--
+ include/cipher.h | 2 +-
+ include/iobuf.h  | 9 +--------
+ include/memory.h | 2 +-
+ include/mpi.h    | 2 +-
+ tools/bftest.c   | 1 +
+ tools/mpicalc.c  | 1 +
+ util/iobuf.c     | 2 ++
+ 8 files changed, 9 insertions(+), 13 deletions(-)
+
+diff --git a/g10/options.h b/g10/options.h
+index 0ac6e7755..bae19e9e3 100644
+--- a/g10/options.h
++++ b/g10/options.h
+@@ -26,8 +26,7 @@
+ #include "packet.h"
+ 
+ #ifndef EXTERN_UNLESS_MAIN_MODULE
+-/* Norcraft can't cope with common symbols */
+-#if defined (__riscos__) && !defined (INCLUDED_BY_MAIN_MODULE)
++#if !defined (INCLUDED_BY_MAIN_MODULE)
+ #define EXTERN_UNLESS_MAIN_MODULE extern
+ #else
+ #define EXTERN_UNLESS_MAIN_MODULE
+diff --git a/include/cipher.h b/include/cipher.h
+index dd4af18cb..6ef6e6829 100644
+--- a/include/cipher.h
++++ b/include/cipher.h
+@@ -115,7 +115,7 @@ struct gcry_md_context {
+ typedef struct gcry_md_context *MD_HANDLE;
+ 
+ #ifndef EXTERN_UNLESS_MAIN_MODULE
+-#if defined (__riscos__) && !defined (INCLUDED_BY_MAIN_MODULE)
++#if !defined (INCLUDED_BY_MAIN_MODULE)
+ #define EXTERN_UNLESS_MAIN_MODULE extern
+ #else
+ #define EXTERN_UNLESS_MAIN_MODULE
+diff --git a/include/iobuf.h b/include/iobuf.h
+index 030f8c8e9..b4d26b7e1 100644
+--- a/include/iobuf.h
++++ b/include/iobuf.h
+@@ -69,14 +69,7 @@ struct iobuf_struct {
+     } unget;
+ };
+ 
+-#ifndef EXTERN_UNLESS_MAIN_MODULE
+-#if defined (__riscos__) && !defined (INCLUDED_BY_MAIN_MODULE)
+-#define EXTERN_UNLESS_MAIN_MODULE extern
+-#else
+-#define EXTERN_UNLESS_MAIN_MODULE 
+-#endif
+-#endif
+-EXTERN_UNLESS_MAIN_MODULE int iobuf_debug_mode;
++extern int iobuf_debug_mode;
+ 
+ void  iobuf_enable_special_filenames ( int yes );
+ int   iobuf_is_pipe_filename (const char *fname);
+diff --git a/include/memory.h b/include/memory.h
+index d414a9b2e..6698337e3 100644
+--- a/include/memory.h
++++ b/include/memory.h
+@@ -91,7 +91,7 @@ unsigned secmem_get_flags(void);
+ #define DBG_MEMSTAT   memory_stat_debug_mode
+ 
+ #ifndef EXTERN_UNLESS_MAIN_MODULE
+-#if defined (__riscos__) && !defined (INCLUDED_BY_MAIN_MODULE)
++#if !defined (INCLUDED_BY_MAIN_MODULE)
+ #define EXTERN_UNLESS_MAIN_MODULE extern
+ #else
+ #define EXTERN_UNLESS_MAIN_MODULE 
+diff --git a/include/mpi.h b/include/mpi.h
+index a4c16f5af..7a45ff805 100644
+--- a/include/mpi.h
++++ b/include/mpi.h
+@@ -36,7 +36,7 @@
+ #include "memory.h"
+ 
+ #ifndef EXTERN_UNLESS_MAIN_MODULE
+-#if defined (__riscos__) && !defined (INCLUDED_BY_MAIN_MODULE)
++#if !defined (INCLUDED_BY_MAIN_MODULE)
+ #define EXTERN_UNLESS_MAIN_MODULE extern
+ #else
+ #define EXTERN_UNLESS_MAIN_MODULE 
+diff --git a/tools/bftest.c b/tools/bftest.c
+index 8a1572c2b..5afd7e125 100644
+--- a/tools/bftest.c
++++ b/tools/bftest.c
+@@ -26,6 +26,7 @@
+ #include <fcntl.h>
+ #endif
+ 
++#define INCLUDED_BY_MAIN_MODULE
+ #include "util.h"
+ #include "cipher.h"
+ #include "i18n.h"
+diff --git a/tools/mpicalc.c b/tools/mpicalc.c
+index 46e5fc824..31acd82a4 100644
+--- a/tools/mpicalc.c
++++ b/tools/mpicalc.c
+@@ -31,6 +31,7 @@
+ #include <stdlib.h>
+ #include <ctype.h>
+ 
++#define INCLUDED_BY_MAIN_MODULE
+ #include "util.h"
+ #include "mpi.h"
+ #include "i18n.h"
+diff --git a/util/iobuf.c b/util/iobuf.c
+index c8442929a..0d9ee4cec 100644
+--- a/util/iobuf.c
++++ b/util/iobuf.c
+@@ -113,6 +113,8 @@ typedef struct {
+  static CLOSE_CACHE close_cache;
+ #endif
+ 
++int iobuf_debug_mode;
++
+ #ifdef _WIN32
+ typedef struct {
+     int sock;
+-- 
+2.26.2
+

package/irrlicht/irrlicht.mk

@@ -38,6 +38,13 @@ ifeq ($(BR2_STATIC_LIBS),)
 IRRLICHT_CONF_OPTS += sharedlib
 endif
 
+# Irrlicht fail to detect properly the NEON support on aarch64 or ARM with NEON FPU support.
+# While linking an application with libIrrlicht.so, we get an undefined reference to
+# png_init_filter_functions_neon.
+# Some files are missing in the libpng bundled in Irrlicht, in particular arm/arm_init.c,
+# so disable NEON support completely.
+IRRLICHT_CONF_OPTS += CPPFLAGS="$(TARGET_CPPFLAGS) -DPNG_ARM_NEON_OPT=0"
+
 define IRRLICHT_BUILD_CMDS
 	$(TARGET_MAKE_ENV)
 		$(MAKE) -C $(@D)/$(IRRLICHT_SUBDIR) $(IRRLICHT_CONF_OPTS)

package/kmod/kmod.mk

@@ -42,6 +42,13 @@ KMOD_DEPENDENCIES += xz
 KMOD_CONF_OPTS += --with-xz
 endif
 
+ifeq ($(BR2_PACKAGE_OPENSSL),y)
+KMOD_DEPENDENCIES += openssl
+KMOD_CONF_OPTS += --with-openssl
+else
+KMOD_CONF_OPTS += --without-openssl
+endif
+
 ifeq ($(BR2_PACKAGE_PYTHON)$(BR2_PACKAGE_PYTHON3),y)
 KMOD_DEPENDENCIES += $(if $(BR2_PACKAGE_PYTHON),python,python3)
 KMOD_CONF_OPTS += --enable-python

package/kvm-unit-tests/kvm-unit-tests.mk

@@ -5,7 +5,7 @@
 ################################################################################
 
 KVM_UNIT_TESTS_VERSION = kvm-unit-tests-20171020
-KVM_UNIT_TESTS_SITE = $(BR2_KERNEL_MIRROR)/scm/virt/kvm/kvm-unit-tests.git
+KVM_UNIT_TESTS_SITE = https://git.kernel.org/pub/scm/virt/kvm/kvm-unit-tests.git
 KVM_UNIT_TESTS_SITE_METHOD = git
 KVM_UNIT_TESTS_LICENSE = LGPL-2.0
 KVM_UNIT_TESTS_LICENSE_FILES = COPYRIGHT

package/kvmtool/kvmtool.mk

@@ -5,7 +5,7 @@
 ################################################################################
 
 KVMTOOL_VERSION = f77d646ba01d04be5aad9449ac00719c043fe36e
-KVMTOOL_SITE = $(BR2_KERNEL_MIRROR)/scm/linux/kernel/git/will/kvmtool.git
+KVMTOOL_SITE = https://git.kernel.org/pub/scm/linux/kernel/git/will/kvmtool.git
 KVMTOOL_SITE_METHOD = git
 KVMTOOL_DEPENDENCIES = \
 	$(if $(BR2_PACKAGE_BINUTILS),binutils) \

package/leveldb/0004-cmake-Use-find_package-to-find-Snappy.patch

@@ -0,0 +1,98 @@
+From 450c1d88b3e1af34614294830b4dc0612d198d26 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Pawe=C5=82=20Bylica?= <chfast@gmail.com>
+Date: Wed, 8 May 2019 10:42:03 +0200
+Subject: [PATCH] cmake: Use find_package() to find Snappy
+
+Upstream: https://github.com/google/leveldb/pull/686/commits/3e73a396a082efc76e065ae974fe18c3bb27219d
+[Thomas: this commit allows to fix the detection of the snappy library
+in static link configurations]
+Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
+---
+ CMakeLists.txt         | 12 ++++++++----
+ cmake/FindSnappy.cmake | 31 +++++++++++++++++++++++++++++++
+ 2 files changed, 39 insertions(+), 4 deletions(-)
+ create mode 100644 cmake/FindSnappy.cmake
+
+diff --git a/CMakeLists.txt b/CMakeLists.txt
+index 78fead6..2efccda 100644
+--- a/CMakeLists.txt
++++ b/CMakeLists.txt
+@@ -6,6 +6,9 @@ cmake_minimum_required(VERSION 3.9)
+ # Keep the version below in sync with the one in db.h
+ project(leveldb VERSION 1.22.0 LANGUAGES C CXX)
+ 
++# Include local CMake modules.
++list(APPEND CMAKE_MODULE_PATH ${CMAKE_CURRENT_SOURCE_DIR}/cmake)
++
+ # This project can use C11, but will gracefully decay down to C89.
+ set(CMAKE_C_STANDARD 11)
+ set(CMAKE_C_STANDARD_REQUIRED OFF)
+@@ -31,13 +34,14 @@ option(LEVELDB_INSTALL "Install LevelDB's header and library" ON)
+ include(TestBigEndian)
+ test_big_endian(LEVELDB_IS_BIG_ENDIAN)
+ 
++find_package(Snappy)
++
+ include(CheckIncludeFile)
+ check_include_file("unistd.h" HAVE_UNISTD_H)
+ 
+ include(CheckLibraryExists)
+ check_library_exists(atomic __atomic_fetch_add_4 "" HAVE_ATOMIC)
+ check_library_exists(crc32c crc32c_value "" HAVE_CRC32C)
+-check_library_exists(snappy snappy_compress "" HAVE_SNAPPY)
+ check_library_exists(tcmalloc malloc "" HAVE_TCMALLOC)
+ 
+ include(CheckCXXSymbolExists)
+@@ -276,9 +280,9 @@ endif(HAVE_ATOMIC)
+ if(HAVE_CRC32C)
+   target_link_libraries(leveldb crc32c)
+ endif(HAVE_CRC32C)
+-if(HAVE_SNAPPY)
+-  target_link_libraries(leveldb snappy)
+-endif(HAVE_SNAPPY)
++if(TARGET Snappy::snappy)
++  target_link_libraries(leveldb Snappy::snappy)
++endif()
+ if(HAVE_TCMALLOC)
+   target_link_libraries(leveldb tcmalloc)
+ endif(HAVE_TCMALLOC)
+diff --git a/cmake/FindSnappy.cmake b/cmake/FindSnappy.cmake
+new file mode 100644
+index 0000000..88c1de9
+--- /dev/null
++++ b/cmake/FindSnappy.cmake
+@@ -0,0 +1,31 @@
++# Copyright 2019 The LevelDB Authors. All rights reserved.
++# Use of this source code is governed by a BSD-style license that can be
++# found in the LICENSE file. See the AUTHORS file for names of contributors.
++
++find_library(SNAPPY_LIBRARY
++    NAMES snappy
++    HINTS ${SNAPPY_ROOT_DIR}/lib
++)
++
++find_path(SNAPPY_INCLUDE_DIR
++    NAMES snappy.h
++    HINTS ${SNAPPY_ROOT_DIR}/include
++)
++
++include(FindPackageHandleStandardArgs)
++find_package_handle_standard_args(Snappy DEFAULT_MSG SNAPPY_LIBRARY SNAPPY_INCLUDE_DIR)
++
++mark_as_advanced(SNAPPY_LIBRARY SNAPPY_INCLUDE_DIR)
++
++if(SNAPPY_FOUND)
++  set(HAVE_SNAPPY TRUE) # For compatibity with generating port_config.h.
++
++  # Add imported targets.
++  # Follow the package naming convetion 'Snappy::' from
++  # https://github.com/google/snappy/blob/master/CMakeLists.txt#L211.
++  add_library(Snappy::snappy UNKNOWN IMPORTED)
++  set_target_properties(Snappy::snappy PROPERTIES
++      IMPORTED_LOCATION ${SNAPPY_LIBRARY}
++      INTERFACE_INCLUDE_DIRECTORIES ${SNAPPY_INCLUDE_DIR}
++  )
++endif()
+-- 
+2.26.2
+

package/leveldb/Config.in

@@ -3,7 +3,6 @@ config BR2_PACKAGE_LEVELDB
 	depends on BR2_INSTALL_LIBSTDCPP
 	depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_8 # C++11
 	depends on BR2_TOOLCHAIN_HAS_THREADS
-	select BR2_PACKAGE_SNAPPY
 	help
 	  LevelDB is a fast key-value storage library written at Google
 	  that provides an ordered mapping from string keys to string

package/leveldb/leveldb.mk

@@ -9,9 +9,12 @@ LEVELDB_SITE = $(call github,google,leveldb,$(LEVELDB_VERSION))
 LEVELDB_LICENSE = BSD-3-Clause
 LEVELDB_LICENSE_FILES = LICENSE
 LEVELDB_INSTALL_STAGING = YES
-LEVELDB_DEPENDENCIES = snappy
 LEVELDB_CONF_OPTS = \
 	-DLEVELDB_BUILD_BENCHMARKS=OFF \
 	-DLEVELDB_BUILD_TESTS=OFF
 
+ifeq ($(BR2_PACKAGE_SNAPPY),y)
+LEVELDB_DEPENDENCIES += snappy
+endif
+
 $(eval $(cmake-package))

package/libexif/0001-fixes-some-not-all-buffer-overreads-during-decoding-.patch

@@ -1,65 +0,0 @@
-From 41bd04234b104312f54d25822f68738ba8d7133d Mon Sep 17 00:00:00 2001
-From: Marcus Meissner <marcus@jet.franken.de>
-Date: Tue, 25 Jul 2017 23:44:44 +0200
-Subject: [PATCH] fixes some (not all) buffer overreads during decoding pentax
- makernote entries.
-
-This should fix:
-https://sourceforge.net/p/libexif/bugs/125/ CVE-2016-6328
-
-Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
----
- libexif/pentax/mnote-pentax-entry.c | 16 +++++++++++++---
- 1 file changed, 13 insertions(+), 3 deletions(-)
-
-diff --git a/libexif/pentax/mnote-pentax-entry.c b/libexif/pentax/mnote-pentax-entry.c
-index d03d159..ea0429a 100644
---- a/libexif/pentax/mnote-pentax-entry.c
-+++ b/libexif/pentax/mnote-pentax-entry.c
-@@ -425,24 +425,34 @@ mnote_pentax_entry_get_value (MnotePentaxEntry *entry,
- 		case EXIF_FORMAT_SHORT:
- 		  {
- 			const unsigned char *data = entry->data;
--		  	size_t k, len = strlen(val);
-+		  	size_t k, len = strlen(val), sizeleft;
-+
-+			sizeleft = entry->size;
- 		  	for(k=0; k<entry->components; k++) {
-+				if (sizeleft < 2)
-+					break;
- 				vs = exif_get_short (data, entry->order);
- 				snprintf (val+len, maxlen-len, "%i ", vs);
- 				len = strlen(val);
- 				data += 2;
-+				sizeleft -= 2;
- 			}
- 		  }
- 		  break;
- 		case EXIF_FORMAT_LONG:
- 		  {
- 			const unsigned char *data = entry->data;
--		  	size_t k, len = strlen(val);
-+		  	size_t k, len = strlen(val), sizeleft;
-+
-+			sizeleft = entry->size;
- 		  	for(k=0; k<entry->components; k++) {
-+				if (sizeleft < 4)
-+					break;
- 				vl = exif_get_long (data, entry->order);
- 				snprintf (val+len, maxlen-len, "%li", (long int) vl);
- 				len = strlen(val);
- 				data += 4;
-+				sizeleft -= 4;
- 			}
- 		  }
- 		  break;
-@@ -455,5 +465,5 @@ mnote_pentax_entry_get_value (MnotePentaxEntry *entry,
- 		break;
- 	}
- 
--	return (val);
-+	return val;
- }
--- 
-2.20.1
-

package/libexif/0002-On-saving-makernotes-make-sure-the-makernote-contain.patch

@@ -1,41 +0,0 @@
-From c39acd1692023b26290778a02a9232c873f9d71a Mon Sep 17 00:00:00 2001
-From: Marcus Meissner <marcus@jet.franken.de>
-Date: Tue, 25 Jul 2017 23:38:56 +0200
-Subject: [PATCH] On saving makernotes, make sure the makernote container tags
- has a type with 1 byte components.
-
-Fixes (at least):
-	https://sourceforge.net/p/libexif/bugs/130
-	https://sourceforge.net/p/libexif/bugs/129
-
-CVE-2017-7544: libexif through 0.6.21 is vulnerable to out-of-bounds heap
-read vulnerability in exif_data_save_data_entry function in
-libexif/exif-data.c caused by improper length computation of the allocated
-data of an ExifMnote entry which can cause denial-of-service or possibly
-information disclosure.
-
-Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
----
- libexif/exif-data.c | 6 ++++++
- 1 file changed, 6 insertions(+)
-
-diff --git a/libexif/exif-data.c b/libexif/exif-data.c
-index 67df4db..91f4c33 100644
---- a/libexif/exif-data.c
-+++ b/libexif/exif-data.c
-@@ -255,6 +255,12 @@ exif_data_save_data_entry (ExifData *data, ExifEntry *e,
- 			exif_mnote_data_set_offset (data->priv->md, *ds - 6);
- 			exif_mnote_data_save (data->priv->md, &e->data, &e->size);
- 			e->components = e->size;
-+			if (exif_format_get_size (e->format) != 1) {
-+				/* e->format is taken from input code,
-+				 * but we need to make sure it is a 1 byte
-+				 * entity due to the multiplication below. */
-+				e->format = EXIF_FORMAT_UNDEFINED;
-+			}
- 		}
- 	}
- 
--- 
-2.20.1
-

package/libexif/0003-Reduce-maximum-recursion-depth-in-exif_data_load_dat.patch

@@ -1,30 +0,0 @@
-From 5d28011c40ec86cf52cffad541093d37c263898a Mon Sep 17 00:00:00 2001
-From: Dan Fandrich <dan@coneharvesters.com>
-Date: Fri, 20 Apr 2018 18:05:19 +0200
-Subject: [PATCH] Reduce maximum recursion depth in exif_data_load_data_content
-
-This only needs to be a small, single digit integer for normal files,
-and reducing the maximum closer to this reduces the time and space
-needed to detect pathological cases.
-
-Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
----
- libexif/exif-data.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/libexif/exif-data.c b/libexif/exif-data.c
-index 91f4c33..04cdda2 100644
---- a/libexif/exif-data.c
-+++ b/libexif/exif-data.c
-@@ -378,7 +378,7 @@ exif_data_load_data_content (ExifData *data, ExifIfd ifd,
- 	if ((((int)ifd) < 0) || ( ((int)ifd) >= EXIF_IFD_COUNT))
- 	  return;
- 
--	if (recursion_depth > 30) {
-+	if (recursion_depth > 12) {
- 		exif_log (data->priv->log, EXIF_LOG_CODE_CORRUPT_DATA, "ExifData",
- 			  "Deep recursion detected!");
- 		return;
--- 
-2.20.1
-

package/libexif/0004-Improve-deep-recursion-detection-in-exif_data_load_d.patch

@@ -1,120 +0,0 @@
-From 6aa11df549114ebda520dde4cdaea2f9357b2c89 Mon Sep 17 00:00:00 2001
-From: Dan Fandrich <dan@coneharvesters.com>
-Date: Fri, 12 Oct 2018 16:01:45 +0200
-Subject: [PATCH] Improve deep recursion detection in
- exif_data_load_data_content.
-
-The existing detection was still vulnerable to pathological cases
-causing DoS by wasting CPU. The new algorithm takes the number of tags
-into account to make it harder to abuse by cases using shallow recursion
-but with a very large number of tags.  This improves on commit 5d28011c
-which wasn't sufficient to counter this kind of case.
-
-The limitation in the previous fix was discovered by Laurent Delosieres,
-Secunia Research at Flexera (Secunia Advisory SA84652) and is assigned
-the identifier CVE-2018-20030.
-
-[Peter: drop NEWS change]
-Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
----
- libexif/exif-data.c | 45 +++++++++++++++++++++++++++++++++++++--------
- 1 file changed, 37 insertions(+), 8 deletions(-)
-
-diff --git a/libexif/exif-data.c b/libexif/exif-data.c
-index e35403d..a6f9c94 100644
---- a/libexif/exif-data.c
-+++ b/libexif/exif-data.c
-@@ -35,6 +35,7 @@
- #include <libexif/olympus/exif-mnote-data-olympus.h>
- #include <libexif/pentax/exif-mnote-data-pentax.h>
- 
-+#include <math.h>
- #include <stdlib.h>
- #include <stdio.h>
- #include <string.h>
-@@ -350,6 +351,20 @@ if (data->ifd[(i)]->count) {				\
- 	break;						\
- }
- 
-+/*! Calculate the recursion cost added by one level of IFD loading.
-+ *
-+ * The work performed is related to the cost in the exponential relation
-+ *   work=1.1**cost
-+ */
-+static unsigned int
-+level_cost(unsigned int n)
-+{
-+    static const double log_1_1 = 0.09531017980432493;
-+
-+	/* Adding 0.1 protects against the case where n==1 */
-+	return ceil(log(n + 0.1)/log_1_1);
-+}
-+
- /*! Load data for an IFD.
-  *
-  * \param[in,out] data #ExifData
-@@ -357,13 +372,13 @@ if (data->ifd[(i)]->count) {				\
-  * \param[in] d pointer to buffer containing raw IFD data
-  * \param[in] ds size of raw data in buffer at \c d
-  * \param[in] offset offset into buffer at \c d at which IFD starts
-- * \param[in] recursion_depth number of times this function has been
-- * recursively called without returning
-+ * \param[in] recursion_cost factor indicating how expensive this recursive
-+ * call could be
-  */
- static void
- exif_data_load_data_content (ExifData *data, ExifIfd ifd,
- 			     const unsigned char *d,
--			     unsigned int ds, unsigned int offset, unsigned int recursion_depth)
-+			     unsigned int ds, unsigned int offset, unsigned int recursion_cost)
- {
- 	ExifLong o, thumbnail_offset = 0, thumbnail_length = 0;
- 	ExifShort n;
-@@ -378,9 +393,20 @@ exif_data_load_data_content (ExifData *data, ExifIfd ifd,
- 	if ((((int)ifd) < 0) || ( ((int)ifd) >= EXIF_IFD_COUNT))
- 	  return;
- 
--	if (recursion_depth > 12) {
-+	if (recursion_cost > 170) {
-+		/*
-+		 * recursion_cost is a logarithmic-scale indicator of how expensive this
-+		 * recursive call might end up being. It is an indicator of the depth of
-+		 * recursion as well as the potential for worst-case future recursive
-+		 * calls. Since it's difficult to tell ahead of time how often recursion
-+		 * will occur, this assumes the worst by assuming every tag could end up
-+		 * causing recursion.
-+		 * The value of 170 was chosen to limit typical EXIF structures to a
-+		 * recursive depth of about 6, but pathological ones (those with very
-+		 * many tags) to only 2.
-+		 */
- 		exif_log (data->priv->log, EXIF_LOG_CODE_CORRUPT_DATA, "ExifData",
--			  "Deep recursion detected!");
-+			  "Deep/expensive recursion detected!");
- 		return;
- 	}
- 
-@@ -422,15 +448,18 @@ exif_data_load_data_content (ExifData *data, ExifIfd ifd,
- 			switch (tag) {
- 			case EXIF_TAG_EXIF_IFD_POINTER:
- 				CHECK_REC (EXIF_IFD_EXIF);
--				exif_data_load_data_content (data, EXIF_IFD_EXIF, d, ds, o, recursion_depth + 1);
-+				exif_data_load_data_content (data, EXIF_IFD_EXIF, d, ds, o,
-+					recursion_cost + level_cost(n));
- 				break;
- 			case EXIF_TAG_GPS_INFO_IFD_POINTER:
- 				CHECK_REC (EXIF_IFD_GPS);
--				exif_data_load_data_content (data, EXIF_IFD_GPS, d, ds, o, recursion_depth + 1);
-+				exif_data_load_data_content (data, EXIF_IFD_GPS, d, ds, o,
-+					recursion_cost + level_cost(n));
- 				break;
- 			case EXIF_TAG_INTEROPERABILITY_IFD_POINTER:
- 				CHECK_REC (EXIF_IFD_INTEROPERABILITY);
--				exif_data_load_data_content (data, EXIF_IFD_INTEROPERABILITY, d, ds, o, recursion_depth + 1);
-+				exif_data_load_data_content (data, EXIF_IFD_INTEROPERABILITY, d, ds, o,
-+					recursion_cost + level_cost(n));
- 				break;
- 			case EXIF_TAG_JPEG_INTERCHANGE_FORMAT:
- 				thumbnail_offset = o;
--- 
-2.20.1
-

package/libexif/0005-fix-CVE-2019-9278.patch

@@ -1,90 +0,0 @@
-From 75aa73267fdb1e0ebfbc00369e7312bac43d0566 Mon Sep 17 00:00:00 2001
-From: Marcus Meissner <meissner@suse.de>
-Date: Sat, 18 Jan 2020 09:29:42 +0100
-Subject: [PATCH] fix CVE-2019-9278
-
-avoid the use of unsafe integer overflow checking constructs (unsigned integer operations cannot overflow, so "u1 + u2 > u1" can be optimized away)
-
-check for the actual sizes, which should also handle the overflows
-document other places google patched, but do not seem relevant due to other restrictions
-
-fixes https://github.com/libexif/libexif/issues/26
-
-Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
----
- libexif/exif-data.c | 28 ++++++++++++++++++----------
- 1 file changed, 18 insertions(+), 10 deletions(-)
-
-diff --git a/libexif/exif-data.c b/libexif/exif-data.c
-index a6f9c94..6332cd1 100644
---- a/libexif/exif-data.c
-+++ b/libexif/exif-data.c
-@@ -192,9 +192,15 @@ exif_data_load_data_entry (ExifData *data, ExifEntry *entry,
- 		doff = offset + 8;
- 
- 	/* Sanity checks */
--	if ((doff + s < doff) || (doff + s < s) || (doff + s > size)) {
-+	if (doff >= size) {
- 		exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData",
--				  "Tag data past end of buffer (%u > %u)", doff+s, size);	
-+				  "Tag starts past end of buffer (%u > %u)", doff, size);
-+		return 0;
-+	}
-+
-+	if (s > size - doff) {
-+		exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData",
-+				  "Tag data goes past end of buffer (%u > %u)", doff+s, size);
- 		return 0;
- 	}
- 
-@@ -315,13 +321,14 @@ exif_data_load_data_thumbnail (ExifData *data, const unsigned char *d,
- 			       unsigned int ds, ExifLong o, ExifLong s)
- {
- 	/* Sanity checks */
--	if ((o + s < o) || (o + s < s) || (o + s > ds) || (o > ds)) {
--		exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData",
--			  "Bogus thumbnail offset (%u) or size (%u).",
--			  o, s);
-+	if (o >= ds) {
-+		exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData", "Bogus thumbnail offset (%u).", o);
-+		return;
-+	}
-+	if (s > ds - o) {
-+		exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData", "Bogus thumbnail size (%u), max would be %u.", s, ds-o);
- 		return;
- 	}
--
- 	if (data->data) 
- 		exif_mem_free (data->priv->mem, data->data);
- 	if (!(data->data = exif_data_alloc (data, s))) {
-@@ -947,7 +954,7 @@ exif_data_load_data (ExifData *data, const unsigned char *d_orig,
- 	exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData", 
- 		  "IFD 0 at %i.", (int) offset);
- 
--	/* Sanity check the offset, being careful about overflow */
-+	/* ds is restricted to 16 bit above, so offset is restricted too, and offset+8 should not overflow. */
- 	if (offset > ds || offset + 6 + 2 > ds)
- 		return;
- 
-@@ -956,6 +963,7 @@ exif_data_load_data (ExifData *data, const unsigned char *d_orig,
- 
- 	/* IFD 1 offset */
- 	n = exif_get_short (d + 6 + offset, data->priv->order);
-+	/* offset < 2<<16, n is 16 bit at most, so this op will not overflow */
- 	if (offset + 6 + 2 + 12 * n + 4 > ds)
- 		return;
- 
-@@ -964,8 +972,8 @@ exif_data_load_data (ExifData *data, const unsigned char *d_orig,
- 		exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData",
- 			  "IFD 1 at %i.", (int) offset);
- 
--		/* Sanity check. */
--		if (offset > ds || offset + 6 > ds) {
-+		/* Sanity check. ds is ensured to be above 6 above, offset is 16bit */
-+		if (offset > ds - 6) {
- 			exif_log (data->priv->log, EXIF_LOG_CODE_CORRUPT_DATA,
- 				  "ExifData", "Bogus offset of IFD1.");
- 		} else {
--- 
-2.20.1
-

package/libexif/Config.in

@@ -6,4 +6,4 @@ config BR2_PACKAGE_LIBEXIF
 	  image. The EXIF library allows you to parse an EXIF file
 	  and read the data from those tags.
 
-	  http://libexif.sf.net
+	  https://libexif.github.io

package/libexif/libexif.hash

@@ -1,3 +1,3 @@
 # Locally computed:
-sha256  16cdaeb62eb3e6dfab2435f7d7bccd2f37438d21c5218ec4e58efa9157d4d41a  libexif-0.6.21.tar.bz2
+sha256  5048f1c8fc509cc636c2f97f4b40c293338b6041a5652082d5ee2cf54b530c56  libexif-0.6.22.tar.xz
 sha256  36b6d3fa47916943fd5fec313c584784946047ec1337a78b440e5992cb595f89  COPYING

package/libexif/libexif.mk

@@ -4,21 +4,13 @@
 #
 ################################################################################
 
-LIBEXIF_VERSION = 0.6.21
-LIBEXIF_SOURCE = libexif-$(LIBEXIF_VERSION).tar.bz2
-LIBEXIF_SITE = http://downloads.sourceforge.net/project/libexif/libexif/$(LIBEXIF_VERSION)
+LIBEXIF_VERSION = 0.6.22
+LIBEXIF_SOURCE = libexif-$(LIBEXIF_VERSION).tar.xz
+LIBEXIF_SITE = \
+	https://github.com/libexif/libexif/releases/download/libexif-$(subst .,_,$(LIBEXIF_VERSION))-release
 LIBEXIF_INSTALL_STAGING = YES
 LIBEXIF_DEPENDENCIES = host-pkgconf
 LIBEXIF_LICENSE = LGPL-2.1+
 LIBEXIF_LICENSE_FILES = COPYING
 
-# 0001-fixes-some-not-all-buffer-overreads-during-decoding-.patch
-LIBEXIF_IGNORE_CVES += CVE-2016-6328
-# 0002-On-saving-makernotes-make-sure-the-makernote-contain.patch
-LIBEXIF_IGNORE_CVES += CVE-2017-7544
-# 0004-Improve-deep-recursion-detection-in-exif_data_load_d.patch
-LIBEXIF_IGNORE_CVES += CVE-2018-20030
-# 0005-fix-CVE-2019-9278.patch
-LIBEXIF_IGNORE_CVES += CVE-2019-9278
-
 $(eval $(autotools-package))

package/libpam-tacplus/0004-fix-build-failure-when-time_t-is-64-bits.patch

@@ -0,0 +1,80 @@
+From 74a6cc484a83270273b373da17c05c1e394d3dd9 Mon Sep 17 00:00:00 2001
+From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+Date: Sun, 17 May 2020 21:55:11 +0200
+Subject: [PATCH] fix build failure when time_t is 64 bits
+
+Build can fail if time_t is 64 bits and not 32 bits because of the
+following warning (which results in a build failure due to -Werror):
+
+tacc.c: In function 'main':
+tacc.c:346:25: error: format '%lu' expects argument of type 'long unsigned int', but argument 3 has type 'time_t' {aka 'long long int'} [-Werror=format=]
+         sprintf(buf, "%lu", time(0));
+                       ~~^   ~~~~~~~
+                       %llu
+
+Instead of casting time_t to unsigned long as already done in
+pam_tacplus.c, use strftime which seems the right approach to
+convert time_t into a string. While at it, also update pam_tacplus.c.
+
+Fixes:
+ - http://autobuild.buildroot.org/results/874433d8cb30d21332f23024081a8b6d7b3254ae
+
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+[Retrieved from:
+https://github.com/kravietz/pam_tacplus/commit/74a6cc484a83270273b373da17c05c1e394d3dd9]
+---
+ pam_tacplus.c |  6 +++++-
+ tacc.c        | 12 ++++++++++--
+ 2 files changed, 15 insertions(+), 3 deletions(-)
+
+diff --git a/pam_tacplus.c b/pam_tacplus.c
+index 7d8bb5f..a0cb83d 100644
+--- a/pam_tacplus.c
++++ b/pam_tacplus.c
+@@ -86,10 +86,14 @@ int _pam_send_account(int tac_fd, int type, const char *user, char *tty,
+ 	char buf[64];
+ 	struct tac_attrib *attr;
+ 	int retval;
++	time_t t;
++	struct tm tm;
+ 
+ 	attr = (struct tac_attrib *) xcalloc(1, sizeof(struct tac_attrib));
+ 
+-	sprintf(buf, "%lu", (unsigned long) time(NULL));
++	t = time(NULL);
++	gmtime_r(&t, &tm);
++	strftime(buf, sizeof(buf), "%s", &tm);
+ 
+ 	if (type == TAC_PLUS_ACCT_FLAG_START) {
+ 		tac_add_attrib(&attr, "start_time", buf);
+diff --git a/tacc.c b/tacc.c
+index ef9d081..affc649 100644
+--- a/tacc.c
++++ b/tacc.c
+@@ -342,8 +342,12 @@ int main(int argc, char **argv) {
+     if (do_account) {
+         /* start accounting */
+         struct tac_attrib *attr = NULL;
++        time_t t;
++        struct tm tm;
+ 
+-        sprintf(buf, "%lu", time(0));
++        t = time(0);
++        gmtime_r(&t, &tm);
++        strftime(buf, sizeof(buf), "%s", &tm);
+         tac_add_attrib(&attr, "start_time", buf);
+ 
+         // this is not crypto but merely an identifier
+@@ -452,7 +456,11 @@ int main(int argc, char **argv) {
+     if (do_account) {
+         /* stop accounting */
+         struct tac_attrib *attr = NULL;
+-        sprintf(buf, "%lu", time(0));
++        time_t t;
++        struct tm tm;
++        t = time(0);
++        gmtime_r(&t, &tm);
++        strftime(buf, sizeof(buf), "%s", &tm);
+         tac_add_attrib(&attr, "stop_time", buf);
+         sprintf(buf, "%hu", task_id);
+         tac_add_attrib(&attr, "task_id", buf);

package/libssh2/libssh2.mk

@@ -14,7 +14,7 @@ LIBSSH2_CONF_OPTS = --disable-examples-build
 # 0003-packet-c-improve-message-parsing.patch
 LIBSSH2_IGNORE_CVES += CVE-2019-17498
 
-# building from a git clone
+# patch touching configure.ac and acinclude.m4
 LIBSSH2_AUTORECONF = YES
 
 ifeq ($(BR2_PACKAGE_LIBSSH2_MBEDTLS),y)

package/libv4l/0002-keytable-use-input_event-properly.patch

@@ -0,0 +1,36 @@
+From a84fc5d02ffd7119b3e38b72339f5760991d14da Mon Sep 17 00:00:00 2001
+From: Rosen Penev <rosenp@gmail.com>
+Date: Mon, 30 Mar 2020 14:24:34 -0700
+Subject: [PATCH] keytable: use input_event properly
+
+It does not use time_t under musl when time_t is 64-bit. The struct has
+compatibility defines. Instead of using time_t directly, use those
+defines.
+
+Fixes compilation under musl 1.2.0 under 32-bit OSes.
+
+Signed-off-by: Rosen Penev <rosenp@gmail.com>
+Signed-off-by: Sean Young <sean@mess.org>
+
+[Upstream: https://git.linuxtv.org/v4l-utils.git/patch/?id=38f4ce74275ae4625463f7eec78764715a0b6246]
+Signed-off-by: Peter Seiderer <ps.report@gmx.net>
+---
+ utils/keytable/keytable.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/utils/keytable/keytable.c b/utils/keytable/keytable.c
+index 6cb0217..318c064 100644
+--- a/utils/keytable/keytable.c
++++ b/utils/keytable/keytable.c
+@@ -1533,7 +1533,7 @@ static void test_event(struct rc_device *rc_dev, int fd)
+ 
+ 		for (i = 0; i < rd / sizeof(struct input_event); i++) {
+ 			printf(_("%ld.%06ld: event type %s(0x%02x)"),
+-				ev[i].time.tv_sec, ev[i].time.tv_usec,
++				ev[i].input_event_sec, ev[i].input_event_usec,
+ 				get_event_name(events_type, ev[i].type), ev[i].type);
+ 
+ 			switch (ev[i].type) {
+-- 
+2.26.2
+

package/libv4l/0003-keytable-add-compatibility-for-input_event_sec.patch

@@ -0,0 +1,35 @@
+From 986345e5673b1e68db513a4f72e6e79c74512a3b Mon Sep 17 00:00:00 2001
+From: Rosen Penev <rosenp@gmail.com>
+Date: Tue, 7 Apr 2020 18:13:44 -0700
+Subject: [PATCH] keytable: add compatibility for input_event_sec
+
+Linux 4.16 added support for this macro. When it is not available,
+define it back to the previous value.
+
+Signed-off-by: Rosen Penev <rosenp@gmail.com>
+Signed-off-by: Sean Young <sean@mess.org>
+
+[Upstream: https://git.linuxtv.org/v4l-utils.git/patch/?id=8b7e6ce9367fe09ca9398b5f3cc75bba2598b162]
+Signed-off-by: Peter Seiderer <ps.report@gmx.net>
+---
+ utils/keytable/keytable.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/utils/keytable/keytable.c b/utils/keytable/keytable.c
+index 318c064..705867c 100644
+--- a/utils/keytable/keytable.c
++++ b/utils/keytable/keytable.c
+@@ -62,6 +62,10 @@ struct input_keymap_entry_v2 {
+ 	u_int8_t  scancode[32];
+ };
+ 
++#ifndef input_event_sec
++#define input_event_sec time.tv_sec
++#define input_event_usec time.tv_usec
++#endif
+ 
+ #define IR_PROTOCOLS_USER_DIR IR_KEYTABLE_USER_DIR "/protocols"
+ #define IR_PROTOCOLS_SYSTEM_DIR IR_KEYTABLE_SYSTEM_DIR "/protocols"
+-- 
+2.26.2
+

package/libvncserver/0006-libvncclient-cursor-limit-width-height-input-values.patch

@@ -0,0 +1,40 @@
+From 54220248886b5001fbbb9fa73c4e1a2cb9413fed Mon Sep 17 00:00:00 2001
+From: Christian Beier <dontmind@freeshell.org>
+Date: Sun, 17 Nov 2019 17:18:35 +0100
+Subject: [PATCH] libvncclient/cursor: limit width/height input values
+
+Avoids a possible heap overflow reported by Pavel Cheremushkin
+<Pavel.Cheremushkin@kaspersky.com>.
+
+re #275
+
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+[Retrieved from:
+https://github.com/LibVNC/libvncserver/commit/54220248886b5001fbbb9fa73c4e1a2cb9413fed]
+---
+ libvncclient/cursor.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/libvncclient/cursor.c b/libvncclient/cursor.c
+index 67f45726..40ffb3b0 100644
+--- a/libvncclient/cursor.c
++++ b/libvncclient/cursor.c
+@@ -28,6 +28,8 @@
+ #define OPER_SAVE     0
+ #define OPER_RESTORE  1
+ 
++#define MAX_CURSOR_SIZE 1024
++
+ #define RGB24_TO_PIXEL(bpp,r,g,b)                                       \
+    ((((uint##bpp##_t)(r) & 0xFF) * client->format.redMax + 127) / 255             \
+     << client->format.redShift |                                              \
+@@ -54,6 +56,9 @@ rfbBool HandleCursorShape(rfbClient* client,int xhot, int yhot, int width, int h
+   if (width * height == 0)
+     return TRUE;
+ 
++  if (width >= MAX_CURSOR_SIZE || height >= MAX_CURSOR_SIZE)
++    return FALSE;
++
+   /* Allocate memory for pixel data and temporary mask data. */
+   if(client->rcSource)
+     free(client->rcSource);

package/libvncserver/libvncserver.mk

@@ -19,6 +19,9 @@ LIBVNCSERVER_IGNORE_CVES += CVE-2018-20750
 # 0004-rfbserver-don-t-leak-stack-memory-to-the-remote.patch
 LIBVNCSERVER_IGNORE_CVES += CVE-2019-15681
 
+# 0006-libvncclient-cursor-limit-width-height-input-values.patch
+LIBVNCSERVER_IGNORE_CVES += CVE-2019-20788
+
 # only used for examples
 LIBVNCSERVER_CONF_OPTS += \
 	-DWITH_FFMPEG=OFF \

package/linux-headers/Config.in.host

@@ -334,13 +334,13 @@ endchoice
 
 config BR2_DEFAULT_KERNEL_HEADERS
 	string
-	default "4.4.219"	if BR2_KERNEL_HEADERS_4_4
-	default "4.9.219"	if BR2_KERNEL_HEADERS_4_9
-	default "4.14.176"	if BR2_KERNEL_HEADERS_4_14
-	default "4.19.118"	if BR2_KERNEL_HEADERS_4_19
-	default "5.4.35"	if BR2_KERNEL_HEADERS_5_4
+	default "4.4.224"	if BR2_KERNEL_HEADERS_4_4
+	default "4.9.224"	if BR2_KERNEL_HEADERS_4_9
+	default "4.14.181"	if BR2_KERNEL_HEADERS_4_14
+	default "4.19.124"	if BR2_KERNEL_HEADERS_4_19
+	default "5.4.42"	if BR2_KERNEL_HEADERS_5_4
 	default "5.5.19"	if BR2_KERNEL_HEADERS_5_5
-	default "5.6.7"		if BR2_KERNEL_HEADERS_5_6
+	default "5.6.14"	if BR2_KERNEL_HEADERS_5_6
 	default BR2_DEFAULT_KERNEL_VERSION if BR2_KERNEL_HEADERS_VERSION
 	default "custom"	if BR2_KERNEL_HEADERS_CUSTOM_TARBALL
 	default BR2_KERNEL_HEADERS_CUSTOM_REPO_VERSION \