Update for 2020.08.2

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

CHANGES

@@ -1,8 +1,107 @@
+2020.08.2, released November 16th, 2020
+
+	Important / security related fixes.
+
+	Toolchain-wrapper: Pass -fno-tree-loop-distribute-patterns to
+	fix kernel build on microblaze with gcc 10.x when
+	optimizations are enabled.
+
+	Updated/fixed packages: apparmor, argp-standalone, asterisk,
+	bandwidthd, binutils, bitcoin, busybox, collectd, cryptsetup,
+	cups-filters, darkhttpd, davfs2, dvb-apps, docker-cli,
+	docker-containerd, docker-engine, dovecot-pigeonhole, elf2flt,
+	fastd, fbset, fbtft, freetype, gcc, ghostscript, grpc,
+	gst1-plugins-bad, jsoncpp, kernel-module-imx-gpu-viv,
+	keepalived, kmscube, libass, libexif, libiqrf,
+	libnetfilter_conntrack, libpam-tacplus, libraw,
+	linux-backports, linux-firmware, lzlib, mp4v2, netsnmp, nginx,
+	numactl, oniguruma, opencv3, openntpd, patchelf, php,
+	pistache, postgresql, python-pyqt5, qemu, qt5base, rauc,
+	redis, samba4, slirp, systemd, tcpdump, tinyproxy, tmux, tor,
+	waf, webkitgtk, wine, wireguard-linux-compat, wireshark,
+	wpewebkit, xen, xorriso, xvisor, zeromq, zxing-cpp
+
+	Issues resolved (http://bugs.uclibc.org):
+
+	#11931: Bugs in support/scripts/apply-patches.sh
+
+2020.08.1, released October 12th, 2020
+
+	Important / security related fixes.
+
+	Fixes for various compilation issues with GCC 10.x.
+
+	meson: Correct SDK cross-compilation.conf file when
+	per-package builds were used to build SDK.
+
+	systemd: Use /run rather than /var/run for PID files in units.
+
+	Toolchain: use Secure-PLT rather than BSS-PLT for PowerPC 32.
+
+	Fakeroot scripts (BR2_ROOTFS_POST_FAKEROOT_SCRIPT) are now run
+	after all finalization hooks (including pre-rootfs) to ensure
+	they can override any late configuration done by packages.
+
+	support/script/pycompile: Rework logic to ensure .pyc files
+	contain absolute target paths, fixing code inspection at
+	runtime when executed with cwd != '/'.
+
+	support/scripts/setlocalversion: Correct Mercurial output to
+	match behaviour with Git.
+
+	support/scripts/apply-patches.sh: Use patch
+	--no-backup-if-mismatch, so we no longer blindly have to
+	remove *.orig files after patching, fixing issues with
+	packages containing such files.
+
+	fs/jffs2: Now correcly handle xattrs
+
+	Updated/fixed packages: acpica, afboot-stm32, alsa-utils,
+	apparmor, bandwidthd, barebox, bash, bison, brotli,
+	cifs-utils, cups, dhcpcd, dhcpdump, docker-cli, docker-engine,
+	ecryptfs-utils, efl, fail2ban, fbterm, ffmpeg, fontconfig,
+	freetype, gcc, gdb, ghostscript, gnupg2, gnutls, go, gqview,
+	gst1-plugins-base, gst1-plugins-ugly, ipmitool, jbig2dec,
+	kexec, lcdproc, libcamera, libhtp, libnetconf2, libraw,
+	libssh, libxml2, libxml-parser-perl, libzip, linux-headers,
+	live555, localedef, ltp-testsuite, lua, matchbox, memcached,
+	memtester, mesa3d, meson, minidlna, mongodb, mongrel2, motion,
+	mraa, mtd, musepack, neardal, netatalk, netperf, netsniff-ng,
+	nginx, nodejs, nss-pam-ldapd, open-plc-utils, openswan,
+	opentyrian, openvmtools, php, postgresql, python,
+	python-aenum, python-cycler, python-engineio, python-fire,
+	python-pymodbus, python-scapy, python-semver,
+	python-sentry-sdk, python-socketio, python-texttable,
+	python-tinyrpc, python-txtorcon, python3, qt5base, quagga,
+	read-edid, redis, rsh-redone, runc, samba4, socketcand,
+	strace, supertux, suricata, systemd, ti-utils, trinity,
+	uclibc, usb_modeswitch, vlc, vsftpd, wampcc,
+	wayland-protocols, wireguard-linux-compat, wireshark, wlroots,
+	wolfssl, w_scan, xerces, xfsprogs, xdriver-xf86-video-ati,
+	xserver_xorg-server, ympd, zeromq, zlib-ng, zstd
+
+	Issues resolved (http://bugs.uclibc.org):
+
+	#12911: usb_modeswitch installation race condition
+	#13236: Can't compile linux 5.4.8 (with gcc 10 on host)
+
+2020.08, released September 1st, 2020
+
+	Various fixes.
+
+	Updated/fixed packages: am33x-cm3, avahi, bluez-tools,
+	busybox, chocolate-doom, collectd, dhcp, docker-cli, domoticz,
+	gobject-introspection, graphite2, haproxy, ibm-sw-tpm2,
+	imagemagick, libeXosip2, libressl, lxc, mbedtls, menu-cache,
+	mongodb, mosquitto, nvidia-driver, paho-mqtt-c, pixz,
+	postgresql, python-django, rtty, squid, stress-ng, systemd,
+	trousers, uclibc, wireshark, wolfssl, zbar
+
 2020.08-rc3, released August 28th, 2020
 
 	Fixes all over the tree.
 
-	Infrastructure: Ensure RPATH entries thay may be needed for
+	Infrastructure: Ensure RPATH entries that may be needed for
 	dlopen() are not dropped by patchelf.
 
 	Toolchain: Drop old GCC 6 based external Sourcery AMD64
@@ -57,7 +156,7 @@
 
 	#12876: nodejs fails to build when host-icu has been built before
 	#13111: python-gunicorn: missing dependency on python-setuptools
-	#12121: wpa_supplicant fails to build without libopenssl enabled
+	#13121: wpa_supplicant fails to build without libopenssl enabled
 	#13146: raspberrypi3_defconfig: "Inappropriate ioctl for device"..
 	#13156: package live555 new license
 	#13166: python-rpi-gpio: does not work against aarch64, unint..
@@ -116,6 +215,40 @@
 	#13081: host-e2fsprogs attempts to create udev  rules.d on build host if not exists
 	#13101: BR audit2allow support
 
+2020.05.2, released August 29th, 2020
+
+	Important / security related fixes.
+
+	Infrastructure: Ensure RPATH entries that may be needed for
+	dlopen() are not dropped by patchelf.
+
+	BR_VERSION_FULL/setlocalversion (used by make print-version
+	and /etc/os-release): Properly handle local git tags
+
+	Updated/fixed packages: apache, assimp, at91bootstrap3, bind,
+	boost, busybox, capnproto, cegui, chrony, collectd, cpio,
+	cryptsetup, cups, cvs, dbus, docker-engine, domoticz, dovecot,
+	dovecot-pigeonhole, dropbear, efl, elixir, f2fs-tools, ffmpeg,
+	gd, gdk-pixbuf, ghostscript, glibc, gnuradio, grub2,
+	gst1-plugins-bad, gstreamer1-editing-services, hostapd,
+	ibm-sw-tpm2, iputils, jasper, json-c, libcurl, libressl,
+	libwebsockets, linux, live555, mesa3d, mongodb, mosquitto,
+	mpv, nodejs, opencv, opencv3, openfpgaloader, openjpeg,
+	patchelf, perl, php, postgresql, prosody, python-django,
+	python-gunicorn, python-matplotlib, ripgrep, rtl8188eu,
+	rtl8821au, ruby, shadowsocks-libev, squid, systemd,
+	tpm2-abrmd, tpm2-tools, trousers, uboot, webkitgtk, wireshark,
+	wolfssl, wpa_supplicant, wpewebkit, xen, xlib_libX11,
+	xserver_xorg-server
+
+	Issues resolved (http://bugs.uclibc.org):
+
+	#12876: nodejs fails to build when host-icu has been built before
+	#13111: python-gunicorn: missing dependency on python-setuptools
+	#13121: wpa_supplicant fails to build without libopenssl enabled
+	#13141: Target-finalize fail with "depmod: ERROR: Bad version passed"
+	#13156: package live555 new license
+
 2020.05.1, released July 25th, 2020
 
 	Important / security related fixes.
@@ -347,6 +480,38 @@
 	#12796: Update OpenSSL to Version 1.1.1g to patch  CVE-2020-1967
 	#12811: bootstrap stuck and no login prompt
 
+2020.02.5, released August 29th, 2020
+
+	Important / security related fixes.
+
+	Infrastructure: Ensure RPATH entries that may be needed for
+	dlopen() are not dropped by patchelf.
+
+	BR_VERSION_FULL/setlocalversion (used by make print-version
+	and /etc/os-release): Properly handle local git tags
+
+	Updated/fixed packages: apache, at91bootstrap3, bind, boost,
+	busybox, capnproto, chrony, collectd, cpio, cryptsetup, cups,
+	cvs, dbus, docker-engine, domoticz, dovecot,
+	dovecot-pigeonhole, dropbear, efl, elixir, f2fs-tools, ffmpeg,
+	gd, gdk-pixbuf, ghostscript, glibc, grub2, gst1-plugins-bad,
+	hostapd, iputils, jasper, json-c, libcurl, libwebsockets,
+	linux, live555, mesa3d, mosquitto, mpv, nodejs, opencv,
+	opencv3, openjpeg, patchelf, perl, php, postgresql,
+	python-django, python-gunicorn, python-matplotlib, ripgrep,
+	rtl8188eu, rtl8821au, ruby, shadowsocks-libev, squid,
+	tpm2-abrmd, tpm2-tools, trousers, uacme, webkitgtk, wireshark,
+	wolfssl, wpa_supplicant, wpewebkit, xen, xlib_libX11,
+	xserver_xorg-server
+
+	Issues resolved (http://bugs.uclibc.org):
+
+	#12876: nodejs fails to build when host-icu has been built before
+	#13111: python-gunicorn: missing dependency on python-setuptools
+	#13121: wpa_supplicant fails to build without libopenssl enabled
+	#13141: Target-finalize fail with "depmod: ERROR: Bad version passed"
+	#13156: package live555 new license
+
 2020.02.4, released July 26th, 2020
 
 	Important / security related fixes.

DEVELOPERS

@@ -236,8 +236,9 @@ F:	package/pkg-golang.mk
 N:	Anthony Viallard <viallard@syscom-instruments.com>
 F:	package/gnuplot/
 
-N:	Antoine Ténart <antoine.tenart@bootlin.com>
-F:	package/wf111/
+N:	Antoine Tenart <atenart@kernel.org>
+F:	package/libselinux/
+F:	package/refpolicy/
 
 N:	Antony Pavlov <antonynpavlov@gmail.com>
 F:	package/lsscsi/
@@ -698,7 +699,7 @@ N:	Dominik Faessler <faessler@was.ch>
 F:	package/logsurfer/
 F:	package/python-id3/
 
-N:	Doug Kehn <rdkehn@yahoo.com>
+N:	Doug Kehn <rdkehn@gmail.com>
 F:	package/nss-pam-ldapd/
 F:	package/sp-oops-extract/
 F:	package/unscd/
@@ -1431,7 +1432,7 @@ F:	board/technologic/ts7680/
 F:	configs/ts7680_defconfig
 F:	package/paho-mqtt-c
 
-N:	Julien Olivain <juju@cotds.org>
+N:	Julien Olivain <ju.o@free.fr>
 F:	board/qmtech/zynq/
 F:	board/technexion/imx8mmpico/
 F:	board/technexion/imx8mpico/
@@ -1575,9 +1576,6 @@ F:	package/mpv/
 F:	package/rpi-firmware/
 F:	package/rpi-userland/
 
-N:	Mamatha Inamdar <mamatha4@linux.vnet.ibm.com>
-F:	package/nvme/
-
 N:	Manuel Vögele <develop@manuel-voegele.de>
 F:	package/python-pyqt5/
 F:	package/python-requests-toolbelt/
@@ -1913,6 +1911,7 @@ F:	package/tpm-tools/
 F:	package/trousers/
 
 N:	Norbert Lange <nolange79@gmail.com>
+F:	package/systemd/
 F:	package/tcf-agent/
 
 N:	Nylon Chen <nylon7@andestech.com>
@@ -2154,16 +2153,16 @@ N:	Rahul Jain <rahul.jain@imgtec.com>
 F:	package/uhttpd/
 F:	package/ustream-ssl/
 
-N:	Refik Tuzakli <tuzakli.refik@gmail.com>
-F:	package/freescale-imx/
-F:	package/paho-mqtt-cpp/
-
 N:	Ramon Fried <rfried.dev@gmail.com>
 F:	package/bitwise/
 
 N:	Raphaël Mélotte <raphael.melotte@essensium.com>
 F:	package/jbig2dec/
 
+N:	Refik Tuzakli <tuzakli.refik@gmail.com>
+F:	package/freescale-imx/
+F:	package/paho-mqtt-cpp/
+
 N:	Rémi Rérolle <remi.rerolle@gmail.com>
 F:	package/libfreeimage/
 
@@ -2254,6 +2253,7 @@ F:	package/davfs2/
 
 N:	Ryan Barnett <ryan.barnett@rockwellcollins.com>
 F:	package/atftp/
+F:	package/c-periphery/
 F:	package/miraclecast/
 F:	package/python-pysnmp/
 F:	package/python-pysnmp-mibs/
@@ -2261,11 +2261,6 @@ F:	package/python-tornado/
 F:	package/resiprocate/
 F:	package/websocketpp/
 
-N:	Ryan Coe <bluemrp9@gmail.com>
-F:	package/inadyn/
-F:	package/libite/
-F:	package/mariadb/
-
 N:	Ryan Wilkins <ryan@deadfrog.net>
 F:	package/biosdevname/
 
@@ -2572,9 +2567,6 @@ F:	package/waf/
 F:	support/testing/tests/package/test_crudini.py
 F:	support/testing/tests/package/test_redis.py
 
-N:	Trent Piepho <tpiepho@impinj.com>
-F:	package/libp11/
-
 N:	Tudor Holton <buildroot@tudorholton.com>
 F:	package/openjdk/
 
@@ -2625,6 +2617,8 @@ N:	Wade Berrier <wberrier@gmail.com>
 F:	package/ngrep/
 
 N:	Waldemar Brodkorb <wbx@openadk.org>
+F:	package/mksh/
+F:	package/ruby/
 F:	package/uclibc/
 F:	package/uclibc-ng-test/
 

Makefile

@@ -92,9 +92,9 @@ all:
 .PHONY: all
 
 # Set and export the version string
-export BR2_VERSION := 2020.08-rc3
+export BR2_VERSION := 2020.08.2
 # Actual time the release is cut (for reproducible builds)
-BR2_VERSION_EPOCH = 1598649000
+BR2_VERSION_EPOCH = 1602507000
 
 # Save running make version since it's clobbered by the make package
 RUNNING_MAKE_VERSION := $(MAKE_VERSION)
@@ -799,9 +799,9 @@ endif
 # counterparts are appropriately setup as symlinks ones to the others.
 ifeq ($(BR2_ROOTFS_MERGED_USR),y)
 
-	@$(foreach d, $(call qstrip,$(BR2_ROOTFS_OVERLAY)), \
-		$(call MESSAGE,"Sanity check in overlay $(d)"); \
-		not_merged_dirs="$$(support/scripts/check-merged-usr.sh $(d))"; \
+	$(foreach d, $(call qstrip,$(BR2_ROOTFS_OVERLAY)), \
+		@$(call MESSAGE,"Sanity check in overlay $(d)")$(sep) \
+		$(Q)not_merged_dirs="$$(support/scripts/check-merged-usr.sh $(d))"; \
 		test -n "$$not_merged_dirs" && { \
 			echo "ERROR: The overlay in $(d) is not" \
 				"using a merged /usr for the following directories:" \
@@ -811,20 +811,20 @@ ifeq ($(BR2_ROOTFS_MERGED_USR),y)
 
 endif # merged /usr
 
-	@$(foreach d, $(call qstrip,$(BR2_ROOTFS_OVERLAY)), \
-		$(call MESSAGE,"Copying overlay $(d)"); \
-		$(call SYSTEM_RSYNC,$(d),$(TARGET_DIR))$(sep))
+	$(foreach d, $(call qstrip,$(BR2_ROOTFS_OVERLAY)), \
+		@$(call MESSAGE,"Copying overlay $(d)")$(sep) \
+		$(Q)$(call SYSTEM_RSYNC,$(d),$(TARGET_DIR))$(sep))
 
-	$(if $(TARGET_DIR_FILES_LISTS), \
+	$(Q)$(if $(TARGET_DIR_FILES_LISTS), \
 		cat $(TARGET_DIR_FILES_LISTS)) > $(BUILD_DIR)/packages-file-list.txt
-	$(if $(HOST_DIR_FILES_LISTS), \
+	$(Q)$(if $(HOST_DIR_FILES_LISTS), \
 		cat $(HOST_DIR_FILES_LISTS)) > $(BUILD_DIR)/packages-file-list-host.txt
-	$(if $(STAGING_DIR_FILES_LISTS), \
+	$(Q)$(if $(STAGING_DIR_FILES_LISTS), \
 		cat $(STAGING_DIR_FILES_LISTS)) > $(BUILD_DIR)/packages-file-list-staging.txt
 
-	@$(foreach s, $(call qstrip,$(BR2_ROOTFS_POST_BUILD_SCRIPT)), \
-		$(call MESSAGE,"Executing post-build script $(s)"); \
-		$(EXTRA_ENV) $(s) $(TARGET_DIR) $(call qstrip,$(BR2_ROOTFS_POST_SCRIPT_ARGS))$(sep))
+	$(foreach s, $(call qstrip,$(BR2_ROOTFS_POST_BUILD_SCRIPT)), \
+		@$(call MESSAGE,"Executing post-build script $(s)")$(sep) \
+		$(Q)$(EXTRA_ENV) $(s) $(TARGET_DIR) $(call qstrip,$(BR2_ROOTFS_POST_SCRIPT_ARGS))$(sep))
 
 	touch $(TARGET_DIR)/usr
 

boot/afboot-stm32/0001-Pass-fno-builtin-to-fix-build-with-gcc-10.patch

@@ -0,0 +1,46 @@
+From 5448f328ff63a6ca4a64519c2f1dfc63a33df4b7 Mon Sep 17 00:00:00 2001
+From: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
+Date: Thu, 10 Sep 2020 11:37:33 +0200
+Subject: [PATCH] Pass -fno-builtin to fix build with gcc 10
+
+gcc 10, if it recognizes some hand-written code that looks like
+memcpy, will generate a call to memcpy().
+
+For example:
+
+        while (dst < &_end_data) {
+                *dst++ = *src++;
+        }
+
+gets recognized as such. However, in the context of bare-metal code,
+having a call to memcpy() in the C library doesn't work. So we fix
+that by disabling builtins.
+
+Fixes:
+
+/home/thomas/projets/buildroot/output/host/opt/ext-toolchain/bin/../arm-buildroot-uclinux-uclibcgnueabi/bin/ld.real: stm32f429i-disco.o: in function `reset':
+stm32f429i-disco.c:(.text.reset+0x1a): undefined reference to `memcpy'
+/home/thomas/projets/buildroot/output/host/opt/ext-toolchain/bin/../arm-buildroot-uclinux-uclibcgnueabi/bin/ld.real: stm32f429i-disco.c:(.text.reset+0x34): undefined reference to `memset'
+make[1]: *** [Makefile:26: stm32f429i-disco] Error 1
+
+Upstream: https://github.com/mcoquelin-stm32/afboot-stm32/pull/9
+Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
+---
+ Makefile | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/Makefile b/Makefile
+index f699176..1e8557d 100644
+--- a/Makefile
++++ b/Makefile
+@@ -13,6 +13,7 @@ DTB_ADDR?=0x08004000
+ CFLAGS := -mthumb -mcpu=cortex-m4
+ CFLAGS += -ffunction-sections -fdata-sections
+ CFLAGS += -Os -std=gnu99 -Wall
++CFLAGS += -fno-builtin
+ LINKERFLAGS := -nostartfiles --gc-sections
+ 
+ obj-y += gpio.o mpu.o qspi.o start_kernel.o
+-- 
+2.26.2
+

boot/barebox/barebox.mk

@@ -88,13 +88,6 @@ $(1)_KCONFIG_DEPENDENCIES = \
 	$(BR2_BISON_HOST_DEPENDENCY) \
 	$(BR2_FLEX_HOST_DEPENDENCY)
 
-ifeq ($$(BR2_TARGET_$(1)_BAREBOXENV),y)
-define $(1)_BUILD_BAREBOXENV_CMDS
-	$$(TARGET_CC) $$(TARGET_CFLAGS) $$(TARGET_LDFLAGS) -o $$(@D)/bareboxenv \
-		$$(@D)/scripts/bareboxenv.c
-endef
-endif
-
 ifeq ($$(BR2_TARGET_$(1)_CUSTOM_ENV),y)
 $(1)_ENV_NAME = $$(notdir $$(call qstrip,\
 	$$(BR2_TARGET_$(1)_CUSTOM_ENV_PATH)))
@@ -109,12 +102,23 @@ endef
 endif
 
 ifneq ($$($(1)_CUSTOM_EMBEDDED_ENV_PATH),)
-define $(1)_KCONFIG_FIXUP_CMDS
+define $(1)_KCONFIG_FIXUP_CUSTOM_EMBEDDED_ENV_PATH
 	$$(call KCONFIG_ENABLE_OPT,CONFIG_DEFAULT_ENVIRONMENT)
 	$$(call KCONFIG_SET_OPT,CONFIG_DEFAULT_ENVIRONMENT_PATH,"$$($(1)_CUSTOM_EMBEDDED_ENV_PATH)")
 endef
 endif
 
+define $(1)_KCONFIG_FIXUP_BAREBOXENV
+	$$(if $$(BR2_TARGET_$(1)_BAREBOXENV),\
+		$$(call KCONFIG_ENABLE_OPT,CONFIG_BAREBOXENV_TARGET),\
+		$$(call KCONFIG_DISABLE_OPT,CONFIG_BAREBOXENV_TARGET))
+endef
+
+define $(1)_KCONFIG_FIXUP_CMDS
+	$$($(1)_KCONFIG_FIXUP_CUSTOM_EMBEDDED_ENV_PATH)
+	$$($(1)_KCONFIG_FIXUP_BAREBOXENV)
+endef
+
 define $(1)_BUILD_CMDS
 	$$($(1)_BUILD_BAREBOXENV_CMDS)
 	$$(TARGET_MAKE_ENV) $$(MAKE) $$($(1)_MAKE_FLAGS) -C $$(@D)
@@ -136,7 +140,7 @@ endef
 
 ifeq ($$(BR2_TARGET_$(1)_BAREBOXENV),y)
 define $(1)_INSTALL_TARGET_CMDS
-	cp $$(@D)/bareboxenv $$(TARGET_DIR)/usr/bin
+	cp $$(@D)/scripts/bareboxenv-target $$(TARGET_DIR)/usr/bin/bareboxenv
 endef
 endif
 

boot/uboot/uboot.mk

@@ -510,7 +510,7 @@ ifeq ($(call qstrip,$(BR2_TARGET_UBOOT_CUSTOM_REPO_URL)),)
 $(error No custom U-Boot repository URL specified. Check your BR2_TARGET_UBOOT_CUSTOM_REPO_URL setting)
 endif # qstrip BR2_TARGET_UBOOT_CUSTOM_CUSTOM_REPO_URL
 ifeq ($(call qstrip,$(BR2_TARGET_UBOOT_CUSTOM_REPO_VERSION)),)
-$(error No custom U-Boot repository URL specified. Check your BR2_TARGET_UBOOT_CUSTOM_REPO_VERSION setting)
+$(error No custom U-Boot repository version specified. Check your BR2_TARGET_UBOOT_CUSTOM_REPO_VERSION setting)
 endif # qstrip BR2_TARGET_UBOOT_CUSTOM_CUSTOM_REPO_VERSION
 endif # BR2_TARGET_UBOOT_CUSTOM_GIT || BR2_TARGET_UBOOT_CUSTOM_HG
 

docs/manual/adding-board-support.txt

@@ -10,9 +10,9 @@ that is known to work. You are welcome to add support for other boards
 to Buildroot too.
 
 To do so, you need to create a normal Buildroot configuration that
-builds a basic system for the hardware: toolchain, kernel, bootloader,
-filesystem and a simple BusyBox-only userspace. No specific package
-should be selected: the configuration should be as minimal as
+builds a basic system for the hardware: (internal) toolchain, kernel,
+bootloader, filesystem and a simple BusyBox-only userspace. No specific
+package should be selected: the configuration should be as minimal as
 possible, and should only build a working basic BusyBox system for the
 target platform. You can of course use more complicated configurations
 for your internal projects, but the Buildroot project will only
@@ -22,7 +22,17 @@ selections are highly application-specific.
 Once you have a known working configuration, run +make
 savedefconfig+. This will generate a minimal +defconfig+ file at the
 root of the Buildroot source tree. Move this file into the +configs/+
-directory, and rename it +<boardname>_defconfig+.
+directory, and rename it +<boardname>_defconfig+. If the configuration
+is a bit more complicated, it is nice to manually reformat it and
+separate it into sections, with a comment before each section. Typical
+sections are _Architecture_, _Toolchain options_ (typically just linux
+headers version), _Firmware_, _Bootloader_, _Kernel_, and _Filesystem_.
+
+Always use fixed versions or commit hashes for the different
+components, not the "latest" version. For example, set
++BR2_LINUX_KERNEL_CUSTOM_VERSION=y+ and
++BR2_LINUX_KERNEL_CUSTOM_VERSION_VALUE+ to the kernel version you tested
+with.
 
 It is recommended to use as much as possible upstream versions of the
 Linux kernel and bootloaders, and to use as much as possible default

docs/manual/contribute.txt

@@ -371,6 +371,37 @@ in the following cases:
 * whenever you feel it will help presenting your work, your choices,
   the review process, etc.
 
+==== Patches for maintenance branches
+
+When fixing bugs on a maintenance branch, bugs should be fixed on the
+master branch first. The commit log for such a patch may then contain a
+post-commit note specifying what branches are affected:
+
+----
+package/foo: fix stuff
+
+Signed-off-by: Your Real Name <your@email.address>
+---
+Backport to: 2020.02.x, 2020.05.x
+(2020.08.x not affected as the version was bumped)
+----
+
+Those changes will then be backported by a maintainer to the affected
+branches.
+
+However, some bugs may apply only to a specific release, for example
+because it is using an older version of a package. In that case, patches
+should be based off the maintenance branch, and the patch subject prefix
+must include the maintenance branch name (for example "[PATCH 2020.02.x]").
+This can be done with the +git format-patch+ flag +--subject-prefix+:
+
+---------------------
+$ git format-patch --subject-prefix "PATCH 2020.02.x" \
+    -M -s -o outgoing origin/2020.02.x
+---------------------
+
+Then send the patches with +git send-email+, as described above.
+
 ==== Patch revision changelog
 
 When improvements are requested, the new revision of each commit

docs/website/download.html

@@ -8,74 +8,74 @@
     <div class="panel-heading">Download</div>
     <div class="panel-body">
 
-      <h3 style="text-align: center;">Latest long term support release: <b>2020.02.4</b></h3>
+      <h3 style="text-align: center;">Latest long term support release: <b>2020.02.5</b></h3>
 
       <div class="row mt centered">
 	<div class="col-sm-6">
 	  <div class="flip-container center-block" ontouchstart="this.classList.toggle('hover');">
 	    <div class="flipper">
 	      <div class="front">
-		<a href="/downloads/buildroot-2020.02.4.tar.gz"><img src="images/zip.png" width="180" alt=""></a>
+		<a href="/downloads/buildroot-2020.02.5.tar.gz"><img src="images/zip.png" width="180" alt=""></a>
 	      </div>
 	      <div class="back">
-		<a href="/downloads/buildroot-2020.02.4.tar.gz"><img src="images/zip.png" width="180" alt=""></a>
+		<a href="/downloads/buildroot-2020.02.5.tar.gz"><img src="images/zip.png" width="180" alt=""></a>
 	      </div>
 	    </div>
 	  </div>
-	  <h3><a href="/downloads/buildroot-2020.02.4.tar.gz">buildroot-2020.02.4.tar.gz</a></h3>
-	  <p><a href="/downloads/buildroot-2020.02.4.tar.gz.sign">PGP signature</a></p>
+	  <h3><a href="/downloads/buildroot-2020.02.5.tar.gz">buildroot-2020.02.5.tar.gz</a></h3>
+	  <p><a href="/downloads/buildroot-2020.02.5.tar.gz.sign">PGP signature</a></p>
 	</div>
 	<div class="col-sm-6">
 	  <div class="flip-container center-block" ontouchstart="this.classList.toggle('hover');">
 	    <div class="flipper">
 	      <div class="front">
-		<a href="/downloads/buildroot-2020.02.4.tar.bz2"><img src="images/package.png" width="180" alt=""></a>
+		<a href="/downloads/buildroot-2020.02.5.tar.bz2"><img src="images/package.png" width="180" alt=""></a>
 	      </div>
 	      <div class="back">
-		<a href="/downloads/buildroot-2020.02.4.tar.bz2"><img src="images/package.png" width="180" alt=""></a>
+		<a href="/downloads/buildroot-2020.02.5.tar.bz2"><img src="images/package.png" width="180" alt=""></a>
 	      </div>
 	    </div>
 	  </div>
 
-	  <h3><a href="/downloads/buildroot-2020.02.4.tar.bz2">buildroot-2020.02.4.tar.bz2</a></h3>
-	  <p><a href="/downloads/buildroot-2020.02.4.tar.bz2.sign">PGP signature</a></p>
+	  <h3><a href="/downloads/buildroot-2020.02.5.tar.bz2">buildroot-2020.02.5.tar.bz2</a></h3>
+	  <p><a href="/downloads/buildroot-2020.02.5.tar.bz2.sign">PGP signature</a></p>
 	</div>
       </div>
 
-      <h3 style="text-align: center;">Latest stable release: <b>2020.05.1</b></h3>
+      <h3 style="text-align: center;">Latest stable release: <b>2020.08</b></h3>
 
       <div class="row mt centered">
 	<div class="col-sm-6">
 	  <div class="flip-container center-block" ontouchstart="this.classList.toggle('hover');">
 	    <div class="flipper">
 	      <div class="front">
-		<a href="/downloads/buildroot-2020.05.1.tar.gz"><img src="images/zip.png" width="180" alt=""></a>
+		<a href="/downloads/buildroot-2020.08.tar.gz"><img src="images/zip.png" width="180" alt=""></a>
 	      </div>
 	      <div class="back">
-		<a href="/downloads/buildroot-2020.05.1.tar.gz"><img src="images/zip.png" width="180" alt=""></a>
+		<a href="/downloads/buildroot-2020.08.tar.gz"><img src="images/zip.png" width="180" alt=""></a>
 	      </div>
 	    </div>
 	  </div>
-	  <h3><a href="/downloads/buildroot-2020.05.1.tar.gz">buildroot-2020.05.1.tar.gz</a></h3>
-	  <p><a href="/downloads/buildroot-2020.05.1.tar.gz.sign">PGP signature</a></p>
+	  <h3><a href="/downloads/buildroot-2020.08.tar.gz">buildroot-2020.08.tar.gz</a></h3>
+	  <p><a href="/downloads/buildroot-2020.08.tar.gz.sign">PGP signature</a></p>
 	</div>
 	<div class="col-sm-6">
 	  <div class="flip-container center-block" ontouchstart="this.classList.toggle('hover');">
 	    <div class="flipper">
 	      <div class="front">
-		<a href="/downloads/buildroot-2020.05.1.tar.bz2"><img src="images/package.png" width="180" alt=""></a>
+		<a href="/downloads/buildroot-2020.08.tar.bz2"><img src="images/package.png" width="180" alt=""></a>
 	      </div>
 	      <div class="back">
-		<a href="/downloads/buildroot-2020.05.1.tar.bz2"><img src="images/package.png" width="180" alt=""></a>
+		<a href="/downloads/buildroot-2020.08.tar.bz2"><img src="images/package.png" width="180" alt=""></a>
 	      </div>
 	    </div>
 	  </div>
 
-	  <h3><a href="/downloads/buildroot-2020.05.1.tar.bz2">buildroot-2020.05.1.tar.bz2</a></h3>
-	  <p><a href="/downloads/buildroot-2020.05.1.tar.bz2.sign">PGP signature</a></p>
+	  <h3><a href="/downloads/buildroot-2020.08.tar.bz2">buildroot-2020.08.tar.bz2</a></h3>
+	  <p><a href="/downloads/buildroot-2020.08.tar.bz2.sign">PGP signature</a></p>
 	</div>
       </div>
-
+<!--
       <h3 style="text-align: center;">Latest release candidate: <b>2020.08-rc3</b></h3>
       <div class="row mt centered">
 	<div class="col-sm-6">
@@ -109,7 +109,7 @@
 	  <p><a href="/downloads/buildroot-2020.08-rc3.tar.bz2.sign">PGP signature</a></p>
 	</div>
       </div>
-
+-->
       This and earlier releases (and their PGP signatures) can always be downloaded from
       <a href="/downloads/">http://buildroot.net/downloads/</a>.
     </div>

docs/website/news.html

@@ -9,6 +9,62 @@
 <h2>News</h2>
 <ul class="timeline">
 
+  <li class="timeline-inverted">
+    <div class="timeline-badge"><i class="glyphicon glyphicon-thumbs-up"></i></div>
+    <div class="timeline-panel">
+      <div class="timeline-heading">
+	<h4 class="timeline-title">2020.08 released</h4>
+	<p><small class="text-muted"><i class="glyphicon glyphicon-time"></i>1 September 2020</small></p>
+      </div>
+      <div class="timeline-body">
+	<p>The stable 2020.08 release is out - Thanks to everyone
+	  contributing and testing the release candidates. See the
+	  <a href="http://git.buildroot.net/buildroot/plain/CHANGES?id=2020.08">CHANGES</a>
+	  file for more details
+	  and go to the <a href="/downloads/">downloads page</a> to pick up the
+	  <a href="/downloads/buildroot-2020.08.tar.bz2">2020.08 release</a>.</p>
+      </div>
+    </div>
+  </li>
+
+  <li>
+    <div class="timeline-badge"><i class="glyphicon glyphicon-thumbs-up"></i></div>
+    <div class="timeline-panel">
+      <div class="timeline-heading">
+	<h4 class="timeline-title">2020.02.5 released</h4>
+	<p><small class="text-muted"><i class="glyphicon glyphicon-time"></i>29 august 2020</small></p>
+      </div>
+      <div class="timeline-body">
+	<p>The 2020.02.5 bugfix release is out, fixing a number of important /
+	  security related issues discovered since the 2020.02.4 release. See the
+	  <a href="http://git.buildroot.net/buildroot/plain/CHANGES?id=2020.02.5">CHANGES</a>
+	  file for more details, read the
+	  <a href="http://lists.busybox.net/pipermail/buildroot/2020-August/290497.html">announcement</a>
+	  and go to the <a href="/downloads/">downloads page</a> to pick up the
+	  <a href="/downloads/buildroot-2020.02.5.tar.bz2">2020.02.5 release</a>.</p>
+      </div>
+    </div>
+  </li>
+
+  <li class="timeline-inverted">
+    <div class="timeline-badge"><i class="glyphicon glyphicon-thumbs-up"></i></div>
+    <div class="timeline-panel">
+      <div class="timeline-heading">
+	<h4 class="timeline-title">2020.05.2 released</h4>
+	<p><small class="text-muted"><i class="glyphicon glyphicon-time"></i>29 August 2020</small></p>
+      </div>
+      <div class="timeline-body">
+	<p>The 2020.05.2 bugfix release is out, fixing a number of important /
+	  security related issues discovered since the 2020.05.1 release. See the
+	  <a href="http://git.buildroot.net/buildroot/plain/CHANGES?id=2020.05.2">CHANGES</a>
+	  file for more details, read the
+	  <a href="http://lists.busybox.net/pipermail/buildroot/2020-August/290474.html">announcement</a>
+	  and go to the <a href="/downloads/">downloads page</a> to pick up the
+	  <a href="/downloads/buildroot-2020.05.2.tar.bz2">2020.05.2 release</a>.</p>
+      </div>
+    </div>
+  </li>
+
   <li>
     <div class="timeline-badge"><i class="glyphicon glyphicon-thumbs-up"></i></div>
     <div class="timeline-panel">

fs/common.mk

@@ -163,11 +163,11 @@ $$(BINARIES_DIR)/$$(ROOTFS_$(2)_FINAL_IMAGE_NAME): $$(ROOTFS_$(2)_DEPENDENCIES)
 	echo "chown -h -R 0:0 $$(TARGET_DIR)" >> $$(FAKEROOT_SCRIPT)
 	PATH=$$(BR_PATH) $$(TOPDIR)/support/scripts/mkusers $$(ROOTFS_FULL_USERS_TABLE) $$(TARGET_DIR) >> $$(FAKEROOT_SCRIPT)
 	echo "$$(HOST_DIR)/bin/makedevs -d $$(ROOTFS_FULL_DEVICES_TABLE) $$(TARGET_DIR)" >> $$(FAKEROOT_SCRIPT)
+	$$(foreach hook,$$(ROOTFS_PRE_CMD_HOOKS),\
+		$$(call PRINTF,$$($$(hook))) >> $$(FAKEROOT_SCRIPT)$$(sep))
 	$$(foreach s,$$(call qstrip,$$(BR2_ROOTFS_POST_FAKEROOT_SCRIPT)),\
 		echo "echo '$$(TERM_BOLD)>>>   Executing fakeroot script $$(s)$$(TERM_RESET)'" >> $$(FAKEROOT_SCRIPT); \
 		echo $$(EXTRA_ENV) $$(s) $$(TARGET_DIR) $$(BR2_ROOTFS_POST_SCRIPT_ARGS) >> $$(FAKEROOT_SCRIPT)$$(sep))
-	$$(foreach hook,$$(ROOTFS_PRE_CMD_HOOKS),\
-		$$(call PRINTF,$$($$(hook))) >> $$(FAKEROOT_SCRIPT)$$(sep))
 
 	$$(foreach hook,$$(ROOTFS_$(2)_PRE_GEN_HOOKS),\
 		$$(call PRINTF,$$($$(hook))) >> $$(FAKEROOT_SCRIPT)$$(sep))

fs/cpio/init

@@ -1,4 +1,15 @@
 #!/bin/sh
 # devtmpfs does not get automounted for initramfs
 /bin/mount -t devtmpfs devtmpfs /dev
+
+# use the /dev/console device node from devtmpfs if possible to not
+# confuse glibc's ttyname_r().
+# This may fail (E.G. booted with console=), and errors from exec will
+# terminate the shell, so use a subshell for the test
+if (exec 0</dev/console) 2>/dev/null; then
+    exec 0</dev/console
+    exec 1>/dev/console
+    exec 2>/dev/console
+fi
+
 exec /sbin/init "$@"

fs/jffs2/jffs2.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-JFFS2_OPTS = -e $(BR2_TARGET_ROOTFS_JFFS2_EBSIZE)
+JFFS2_OPTS = -e $(BR2_TARGET_ROOTFS_JFFS2_EBSIZE) --with-xattr
 SUMTOOL_OPTS = -e $(BR2_TARGET_ROOTFS_JFFS2_EBSIZE)
 
 ifeq ($(BR2_TARGET_ROOTFS_JFFS2_PAD),y)

linux/Config.in

@@ -30,7 +30,7 @@ config BR2_LINUX_KERNEL_LATEST_VERSION
 	bool "Latest version (5.7)"
 
 config BR2_LINUX_KERNEL_LATEST_CIP_VERSION
-	bool "Latest CIP SLTS version (4.19.132-cip30)"
+	bool "Latest CIP SLTS version (4.19.152-cip37)"
 	help
 	  CIP launched in the spring of 2016 to address the needs of
 	  organizations in industries such as power generation and
@@ -43,13 +43,13 @@ config BR2_LINUX_KERNEL_LATEST_CIP_VERSION
 	  implementation of software building blocks that meet
 	  these requirements.
 
-	  The CIP community plans to maintain 4.4 for security and
+	  The CIP community plans to maintain 4.19 for security and
 	  bug fixes for more than 10 years.
 
 	  https://www.cip-project.org
 
 config BR2_LINUX_KERNEL_LATEST_CIP_RT_VERSION
-	bool "Latest CIP RT SLTS version (4.19.132-cip30-rt12)"
+	bool "Latest CIP RT SLTS version (4.19.152-cip37-rt16)"
 	help
 	  Same as the CIP version, but this is the PREEMPT_RT realtime
 	  variant.
@@ -125,8 +125,8 @@ endif
 config BR2_LINUX_KERNEL_VERSION
 	string
 	default "5.7.19" if BR2_LINUX_KERNEL_LATEST_VERSION
-	default "4.19.132-cip30" if BR2_LINUX_KERNEL_LATEST_CIP_VERSION
-	default "4.19.132-cip30-rt12" if BR2_LINUX_KERNEL_LATEST_CIP_RT_VERSION
+	default "4.19.152-cip37" if BR2_LINUX_KERNEL_LATEST_CIP_VERSION
+	default "4.19.152-cip37-rt16" if BR2_LINUX_KERNEL_LATEST_CIP_RT_VERSION
 	default BR2_LINUX_KERNEL_CUSTOM_VERSION_VALUE \
 		if BR2_LINUX_KERNEL_CUSTOM_VERSION
 	default "custom" if BR2_LINUX_KERNEL_CUSTOM_TARBALL

linux/linux.hash

@@ -1,14 +1,14 @@
 # From https://www.kernel.org/pub/linux/kernel/v5.x/sha256sums.asc
 sha256  419c6248b9ae4dfead4599787aecbfd202e88bc4124523adfa6dd2d642b99fe7  linux-5.7.19.tar.xz
-sha256  86f13d050f6389c5a1727fa81510ee8eceac795297bc584f443354609617fea4  linux-5.4.61.tar.xz
+sha256  a3e03e6970240dddc8174bf9f49b56d774c40125eabe1582d2ebe85b01addbf7  linux-5.4.77.tar.xz
 # From https://www.kernel.org/pub/linux/kernel/v4.x/sha256sums.asc
-sha256  6994dda988e9fb7f5661cf80ff42039016cb0044acd39f830937ba0220296388  linux-4.4.234.tar.xz
-sha256  756f8544d261e8117716c911261690e4fb5491e14c1f4612c83e0986453782e3  linux-4.9.234.tar.xz
-sha256  394f28798670240baacd9e2cce521fbd79f8da5e1fc191695b0e11381445a021  linux-4.14.195.tar.xz
-sha256  6912db1c242d72ce9c8d4ff71982ac935d97690822af5c1c6ec22412b31667a4  linux-4.19.142.tar.xz
+sha256  95de46b6bd72f66169629eb0e343b005778539864598eae76c3ca999645d58b5  linux-4.4.243.tar.xz
+sha256  d3aa189ca7fcc6e52d6c0333a0d7acd8789e9a492b32dbf9476e926ffaa73984  linux-4.9.243.tar.xz
+sha256  1c233efaa5063983293a02d4692acc9ced9c03e18857364855d4f612347086ac  linux-4.14.206.tar.xz
+sha256  76dca365255c1a13778c3b24f0eae14f4e66bc12fe79f5e6592b116fc57ef755  linux-4.19.157.tar.xz
 # Locally computed
-sha256  c20f9014b89ea3e27f55f1d407aa5a4724ed38ac520c197291e9d644f164c43a  linux-cip-4.19.132-cip30.tar.gz
-sha256  81dd791d9ad6c3fddaeaffc6d7d8df0e13831283a5fe494c437ac7820d79ca39  linux-cip-4.19.132-cip30-rt12.tar.gz
+sha256  d2a06f52143deb929b8d513cf9afc9bd065951389a80fa70bc4d63025b5b3fb9  linux-cip-4.19.152-cip37.tar.gz
+sha256  bc1dacd3d0f526de3e8754a444e8e02a54521527af639ddb907cb35cda775a8c  linux-cip-4.19.152-cip37-rt16.tar.gz
 
 # Licenses hashes
 sha256  fb5a425bd3b3cd6071a3a9aff9909a859e7c1158d54d32e07658398cd67eb6a0  COPYING

linux/linux.mk

@@ -491,7 +491,8 @@ endef
 # Run depmod in a target-finalize hook, to encompass modules installed by
 # packages.
 define LINUX_RUN_DEPMOD
-	if grep -q "CONFIG_MODULES=y" $(LINUX_DIR)/.config; then \
+	if test -d $(TARGET_DIR)/lib/modules/$(LINUX_VERSION_PROBED) \
+		&& grep -q "CONFIG_MODULES=y" $(LINUX_DIR)/.config; then \
 		$(HOST_DIR)/sbin/depmod -a -b $(TARGET_DIR) $(LINUX_VERSION_PROBED); \
 	fi
 endef

package/acpica/acpica.hash

@@ -1,3 +1,3 @@
 # locally computed hash
-sha256  ad8a7b1571ec94d8c1837cf0c89ff33ea820780362fbb3e26adbde96beed5205  acpica-unix2-20200528.tar.gz
+sha256  8a49904744a8159b7f325ed941b56968ba37a0371c634036628064f97538de4b  acpica-unix2-20200717.tar.gz
 sha256  cb17c679d3291eba1a70a1336062fb07eec2e839b0821b443b24f41de18c5218  source/include/acpi.h

package/acpica/acpica.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-ACPICA_VERSION = 20200528
+ACPICA_VERSION = 20200717
 ACPICA_SOURCE = acpica-unix2-$(ACPICA_VERSION).tar.gz
 ACPICA_SITE = https://acpica.org/sites/acpica/files
 ACPICA_LICENSE = BSD-3-Clause or GPL-2.0

package/alsa-utils/alsa-utils.mk

@@ -86,10 +86,10 @@ define ALSA_UTILS_INSTALL_INIT_SYSTEMD
 		$(TARGET_DIR)/usr/lib/systemd/system/alsa-restore.service
 	$(INSTALL) -D -m 0644 $(@D)/alsactl/alsa-state.service \
 		$(TARGET_DIR)/usr/lib/systemd/system/alsa-state.service
-	mkdir $(TARGET_DIR)/usr/lib/systemd/system/alsa-restore.service.d
+	$(INSTALL) -d -m 0755 $(TARGET_DIR)/usr/lib/systemd/system/alsa-restore.service.d
 	printf '[Install]\nWantedBy=multi-user.target\n' \
 		>$(TARGET_DIR)/usr/lib/systemd/system/alsa-restore.service.d/buildroot-enable.conf
-	mkdir $(TARGET_DIR)/usr/lib/systemd/system/alsa-state.service.d
+	$(INSTALL) -d -m 0755 $(TARGET_DIR)/usr/lib/systemd/system/alsa-state.service.d
 	printf '[Install]\nWantedBy=multi-user.target\n' \
 		>$(TARGET_DIR)/usr/lib/systemd/system/alsa-state.service.d/buildroot-enable.conf;
 endef

package/am33x-cm3/0004-Makefile-add-fno-builtin.patch

@@ -0,0 +1,41 @@
+From 25fc567ba8a0cd199e48bfa82863247d953784ea Mon Sep 17 00:00:00 2001
+From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+Date: Sun, 30 Aug 2020 20:59:29 +0200
+Subject: [PATCH] Makefile: add -fno-builtin
+
+Build with gcc 10 fails on:
+
+/srv/storage/autobuild/run/instance-2/output-1/host/lib/gcc/arm-buildroot-linux-gnueabihf/10.2.0/../../../../arm-buildroot-linux-gnueabihf/bin/ld: src/foundation/startup.o: in function `reset_handler':
+/srv/storage/autobuild/run/instance-2/output-1/build/am33x-cm3-11107db2f1e9e58ee75d4fe9cc38423c9a6e4365/src/foundation/startup.c:177: undefined reference to `memcpy'
+
+This is due to the fact that gcc 10 replaces the following statement by
+a memcpy call:
+
+*puldest++ = *pulsrc++;
+
+To fix this build failure, add -fno-builtin
+
+Fixes:
+ - http://autobuild.buildroot.org/results/a991e6efa012df518ff1bb35017ad2c96c8feedc
+
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+---
+ Makefile | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/Makefile b/Makefile
+index fe3d844..fa24d4b 100644
+--- a/Makefile
++++ b/Makefile
+@@ -17,7 +17,7 @@ CFLAGS =-march=armv7-m -mcpu=cortex-m3 -mthumb -nostdlib -Wall -Wundef \
+ 	-Werror-implicit-function-declaration -Wstrict-prototypes \
+ 	-Wdeclaration-after-statement -fno-delete-null-pointer-checks \
+ 	-Wempty-body -fno-strict-overflow -fno-stack-protector \
+-	-fno-pie -g -I$(INCLUDES) -O2
++	-fno-pie -fno-builtin -g -I$(INCLUDES) -O2
+ LDFLAGS =-nostartfiles -fno-exceptions -Tfirmware.ld
+ 
+ EXECUTABLE=am335x-pm-firmware.elf
+-- 
+2.28.0
+

package/apparmor/apparmor.mk

@@ -53,6 +53,15 @@ ifeq ($(BR2_PACKAGE_APACHE),y)
 APPARMOR_DEPENDENCIES += apache
 APPARMOR_TOOLS += changehat/mod_apparmor
 APPARMOR_MAKE_OPTS += APXS=$(STAGING_DIR)/usr/bin/apxs
+
+ifeq ($(BR2_PER_PACKAGE_DIRECTORIES),y)
+define APPARMOR_FIXUP_APXS
+	$(SED) "s@$(PER_PACKAGE_DIR)/[^/]\+/@$(PER_PACKAGE_DIR)/apparmor/@g" \
+		$(STAGING_DIR)/usr/bin/apxs \
+		$(STAGING_DIR)/usr/build/config_vars.mk
+endef
+APPARMOR_POST_CONFIGURE_HOOKS += APPARMOR_FIXUP_APXS
+endif
 endif
 
 define APPARMOR_BUILD_CMDS
@@ -79,7 +88,7 @@ endef
 define APPARMOR_INSTALL_INIT_SYSTEMD
 	$(INSTALL) -D -m 0755 $(@D)/parser/apparmor.systemd \
 		$(TARGET_DIR)/lib/apparmor/apparmor.systemd
-	$(INSTALL) -D -m 0755 $(@D)/parser/apparmor.service \
+	$(INSTALL) -D -m 0644 $(@D)/parser/apparmor.service \
 		$(TARGET_DIR)/usr/lib/systemd/system/apparmor.service
 endef
 

package/argp-standalone/argp-standalone.hash

@@ -1,2 +1,5 @@
 # Locally calculated after checking pgp signature
-sha256	dec79694da1319acd2238ce95df57f3680fea2482096e483323fddf3d818d8be  argp-standalone-1.3.tar.gz
+sha256  dec79694da1319acd2238ce95df57f3680fea2482096e483323fddf3d818d8be  argp-standalone-1.3.tar.gz
+
+# License file
+sha256  bbb8919aa520069b0234faf5e83a94052d278419ffe97ca8e843ecc9b212d1ab  argp.h

package/argp-standalone/argp-standalone.mk

@@ -8,6 +8,7 @@ ARGP_STANDALONE_VERSION = 1.3
 ARGP_STANDALONE_SITE = http://www.lysator.liu.se/~nisse/archive
 ARGP_STANDALONE_INSTALL_STAGING = YES
 ARGP_STANDALONE_LICENSE = LGPL-2.0+
+ARGP_STANDALONE_LICENSE_FILES = argp.h
 
 ARGP_STANDALONE_CONF_ENV = \
 	CFLAGS="$(TARGET_CFLAGS) -fPIC -fgnu89-inline"

package/asterisk/asterisk.hash

@@ -1,5 +1,5 @@
 # Locally computed
-sha256  f0ba5e3c4ef46f6657dd3a7167190f9b6cd6bbf4af09ecc291a9d5868b477609  asterisk-16.10.0.tar.gz
+sha256  226eaef400d2d335ce29d7b3c8aca8dfdfc5e854c215e0c47615c095ced12171  asterisk-16.14.1.tar.gz
 
 # sha1 from: http://downloads.asterisk.org/pub/telephony/sounds/releases
 # sha256 locally computed
@@ -12,4 +12,4 @@ sha256  449fb810d16502c3052fedf02f7e77b36206ac5a145f3dacf4177843a2fcb538  asteri
 sha256  82af40ed7f49c08685360811993d9396320842f021df828801d733e8fdc0312f  COPYING
 sha256  ac5571f00e558e3b7c9b3f13f421b874cc12cf4250c4f70094c71544cf486312  main/sha1.c
 sha256  6215e3ed73c3982a5c6701127d681ec0b9f1121ac78a28805bd93f93c3eb84c0  codecs/speex/speex_resampler.h
-sha256  1ca2c7a7a1ae7ccd75212a8c1e85dd9ec92bdbc9170aafd97ea60459387755fd  utils/db1-ast/include/db.h
+sha256  ea69cc96ab8a779c180a362377caeada71926897d1b55b980f04d74ba5aaa388  utils/db1-ast/include/db.h

package/asterisk/asterisk.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-ASTERISK_VERSION = 16.10.0
+ASTERISK_VERSION = 16.14.1
 # Use the github mirror: it's an official mirror maintained by Digium, and
 # provides tarballs, which the main Asterisk git tree (behind Gerrit) does not.
 ASTERISK_SITE = $(call github,asterisk,asterisk,$(ASTERISK_VERSION))

package/avahi/avahi.mk

@@ -35,6 +35,7 @@ AVAHI_CONF_OPTS = \
 	--disable-mono \
 	--disable-monodoc \
 	--disable-stack-protector \
+	--disable-introspection \
 	--with-distro=none \
 	--disable-manpages \
 	$(if $(BR2_PACKAGE_AVAHI_AUTOIPD),--enable,--disable)-autoipd \

package/bandwidthd/bandwidthd.hash

@@ -1,2 +1,3 @@
 # Locally calculated
-sha256 0270d0def6cc53c8d47d59a9dd093d51fbca1620adeef85c15e35a32010e26ab  bandwidthd-2.0.1-auto-r11.tar.gz
+sha256  0270d0def6cc53c8d47d59a9dd093d51fbca1620adeef85c15e35a32010e26ab  bandwidthd-2.0.1-auto-r11.tar.gz
+sha256  58573c40770e0c0b91f3eef8192952832321a344f66a4fb2d966095cbbfc86c2  README

package/bandwidthd/bandwidthd.mk

@@ -10,6 +10,7 @@ BANDWIDTHD_SITE = $(call github,nroach44,bandwidthd,v$(BANDWIDTHD_VERSION))
 # Specified as "any version of the GPL that is current as of your
 # download" by upstream.
 BANDWIDTHD_LICENSE = GPL
+BANDWIDTHD_LICENSE_FILES = README
 
 BANDWIDTHD_DEPENDENCIES = gd libpng libpcap host-pkgconf
 

package/bandwidthd/bandwidthd.service

@@ -5,7 +5,7 @@ After=network.target
 [Service]
 Type=forking
 ExecStart=/usr/bin/bandwidthd
-PIDFile=/var/run/bandwidthd.pid
+PIDFile=/run/bandwidthd.pid
 
 [Install]
 WantedBy=multi-user.target

package/bash/0017-bash50-017.patch

@@ -0,0 +1,293 @@
+From https://ftp.gnu.org/gnu/bash/bash-5.0-patches/bash55-017
+
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+
+			     BASH PATCH REPORT
+			     =================
+
+Bash-Release:	5.0
+Patch-ID:	bash50-017
+
+Bug-Reported-by:	Valentin Lab <valentin.lab@kalysto.org>
+Bug-Reference-ID:	<ab981b9c-60a5-46d0-b7e6-a6d88b80df50@kalysto.org>
+Bug-Reference-URL:	https://lists.gnu.org/archive/html/bug-bash/2020-03/msg00062.html
+
+Bug-Description:
+
+There were cases where patch 16 reaped process substitution file descriptors
+(or FIFOs) and processes to early. This is a better fix for the problem that
+bash50-016 attempted to solve.
+
+Patch (apply with `patch -p0'):
+
+*** bash-5.0-patched/subst.c	2019-08-29 11:16:49.000000000 -0400
+--- b/subst.c	2020-04-02 16:24:19.000000000 -0400
+***************
+*** 5337,5341 ****
+  }
+  
+! char *
+  copy_fifo_list (sizep)
+       int *sizep;
+--- b/5337,5341 ----
+  }
+  
+! void *
+  copy_fifo_list (sizep)
+       int *sizep;
+***************
+*** 5343,5347 ****
+    if (sizep)
+      *sizep = 0;
+!   return (char *)NULL;
+  }
+  
+--- b/5343,5347 ----
+    if (sizep)
+      *sizep = 0;
+!   return (void *)NULL;
+  }
+  
+***************
+*** 5409,5414 ****
+  	if (fifo_list[i].file)
+  	  {
+! 	    fifo_list[j].file = fifo_list[i].file;
+! 	    fifo_list[j].proc = fifo_list[i].proc;
+  	    j++;
+  	  }
+--- b/5409,5419 ----
+  	if (fifo_list[i].file)
+  	  {
+! 	    if (i != j)
+! 	      {
+! 		fifo_list[j].file = fifo_list[i].file;
+! 		fifo_list[j].proc = fifo_list[i].proc;
+! 		fifo_list[i].file = (char *)NULL;
+! 		fifo_list[i].proc = 0;
+! 	      }
+  	    j++;
+  	  }
+***************
+*** 5426,5433 ****
+  void
+  close_new_fifos (list, lsize)
+!      char *list;
+       int lsize;
+  {
+    int i;
+  
+    if (list == 0)
+--- b/5431,5439 ----
+  void
+  close_new_fifos (list, lsize)
+!      void *list;
+       int lsize;
+  {
+    int i;
++   char *plist;
+  
+    if (list == 0)
+***************
+*** 5437,5442 ****
+      }
+  
+!   for (i = 0; i < lsize; i++)
+!     if (list[i] == 0 && i < fifo_list_size && fifo_list[i].proc != -1)
+        unlink_fifo (i);
+  
+--- b/5443,5448 ----
+      }
+  
+!   for (plist = (char *)list, i = 0; i < lsize; i++)
+!     if (plist[i] == 0 && i < fifo_list_size && fifo_list[i].proc != -1)
+        unlink_fifo (i);
+  
+***************
+*** 5560,5568 ****
+  }
+  
+! char *
+  copy_fifo_list (sizep)
+       int *sizep;
+  {
+!   char *ret;
+  
+    if (nfds == 0 || totfds == 0)
+--- b/5566,5574 ----
+  }
+  
+! void *
+  copy_fifo_list (sizep)
+       int *sizep;
+  {
+!   void *ret;
+  
+    if (nfds == 0 || totfds == 0)
+***************
+*** 5570,5579 ****
+        if (sizep)
+  	*sizep = 0;
+!       return (char *)NULL;
+      }
+  
+    if (sizep)
+      *sizep = totfds;
+!   ret = (char *)xmalloc (totfds * sizeof (pid_t));
+    return (memcpy (ret, dev_fd_list, totfds * sizeof (pid_t)));
+  }
+--- b/5576,5585 ----
+        if (sizep)
+  	*sizep = 0;
+!       return (void *)NULL;
+      }
+  
+    if (sizep)
+      *sizep = totfds;
+!   ret = xmalloc (totfds * sizeof (pid_t));
+    return (memcpy (ret, dev_fd_list, totfds * sizeof (pid_t)));
+  }
+***************
+*** 5648,5655 ****
+  void
+  close_new_fifos (list, lsize)
+!      char *list;
+       int lsize;
+  {
+    int i;
+  
+    if (list == 0)
+--- b/5654,5662 ----
+  void
+  close_new_fifos (list, lsize)
+!      void *list;
+       int lsize;
+  {
+    int i;
++   pid_t *plist;
+  
+    if (list == 0)
+***************
+*** 5659,5664 ****
+      }
+  
+!   for (i = 0; i < lsize; i++)
+!     if (list[i] == 0 && i < totfds && dev_fd_list[i])
+        unlink_fifo (i);
+  
+--- b/5666,5671 ----
+      }
+  
+!   for (plist = (pid_t *)list, i = 0; i < lsize; i++)
+!     if (plist[i] == 0 && i < totfds && dev_fd_list[i])
+        unlink_fifo (i);
+  
+*** bash-5.0-patched/subst.h	2018-10-21 18:46:09.000000000 -0400
+--- b/subst.h	2020-04-02 16:29:28.000000000 -0400
+***************
+*** 274,280 ****
+  extern void unlink_fifo __P((int));
+  
+! extern char *copy_fifo_list __P((int *));
+! extern void unlink_new_fifos __P((char *, int));
+! extern void close_new_fifos __P((char *, int));
+  
+  extern void clear_fifo_list __P((void));
+--- b/274,279 ----
+  extern void unlink_fifo __P((int));
+  
+! extern void *copy_fifo_list __P((int *));
+! extern void close_new_fifos __P((void *, int));
+  
+  extern void clear_fifo_list __P((void));
+*** bash-5.0-patched/execute_cmd.c	2020-02-06 20:16:48.000000000 -0500
+--- b/execute_cmd.c	2020-04-02 17:00:10.000000000 -0400
+***************
+*** 565,569 ****
+  #if defined (PROCESS_SUBSTITUTION)
+    volatile int ofifo, nfifo, osize, saved_fifo;
+!   volatile char *ofifo_list;
+  #endif
+  
+--- b/565,569 ----
+  #if defined (PROCESS_SUBSTITUTION)
+    volatile int ofifo, nfifo, osize, saved_fifo;
+!   volatile void *ofifo_list;
+  #endif
+  
+***************
+*** 751,760 ****
+  #  endif
+  
+!   if (variable_context != 0)	/* XXX - also if sourcelevel != 0? */
+      {
+        ofifo = num_fifos ();
+        ofifo_list = copy_fifo_list ((int *)&osize);
+        begin_unwind_frame ("internal_fifos");
+!       add_unwind_protect (xfree, ofifo_list);
+        saved_fifo = 1;
+      }
+--- b/751,762 ----
+  #  endif
+  
+!   /* XXX - also if sourcelevel != 0? */
+!   if (variable_context != 0)
+      {
+        ofifo = num_fifos ();
+        ofifo_list = copy_fifo_list ((int *)&osize);
+        begin_unwind_frame ("internal_fifos");
+!       if (ofifo_list)
+! 	add_unwind_protect (xfree, ofifo_list);
+        saved_fifo = 1;
+      }
+***************
+*** 1100,1123 ****
+        nfifo = num_fifos ();
+        if (nfifo > ofifo)
+! 	close_new_fifos ((char *)ofifo_list, osize);
+        free ((void *)ofifo_list);
+        discard_unwind_frame ("internal_fifos");
+      }
+- # if defined (HAVE_DEV_FD)
+-   /* Reap process substitutions at the end of loops */
+-   switch (command->type)
+-     {
+-     case cm_while:
+-     case cm_until:
+-     case cm_for:
+-     case cm_group:
+- #    if defined (ARITH_FOR_COMMAND)
+-     case cm_arith_for:
+- #    endif
+-       reap_procsubs ();
+-     default:
+-       break;
+-     }
+- #  endif /* HAVE_DEV_FD */
+  #endif
+  
+--- b/1102,1109 ----
+        nfifo = num_fifos ();
+        if (nfifo > ofifo)
+! 	close_new_fifos ((void *)ofifo_list, osize);
+        free ((void *)ofifo_list);
+        discard_unwind_frame ("internal_fifos");
+      }
+  #endif
+  
+
+*** bash-5.0/patchlevel.h	2016-06-22 14:51:03.000000000 -0400
+--- b/patchlevel.h	2016-10-01 11:01:28.000000000 -0400
+***************
+*** 26,30 ****
+     looks for to find the patch level (for the sccs version string). */
+  
+! #define PATCHLEVEL 16
+  
+  #endif /* _PATCHLEVEL_H_ */
+--- b/26,30 ----
+     looks for to find the patch level (for the sccs version string). */
+  
+! #define PATCHLEVEL 17
+  
+  #endif /* _PATCHLEVEL_H_ */

package/bash/0018-bash50-018.patch

@@ -0,0 +1,49 @@
+From https://ftp.gnu.org/gnu/bash/bash-5.0-patches/bash55-018
+
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+
+			     BASH PATCH REPORT
+			     =================
+
+Bash-Release:	5.0
+Patch-ID:	bash50-018
+
+Bug-Reported-by:	oguzismailuysal@gmail.com
+Bug-Reference-ID:
+Bug-Reference-URL:	https://lists.gnu.org/archive/html/bug-bash/2019-10/msg00098.html
+
+Bug-Description:
+
+In certain cases, bash does not perform quoted null removal on patterns
+that are used as part of word expansions such as ${parameter##pattern}, so
+empty patterns are treated as non-empty.
+
+Patch (apply with `patch -p0'):
+
+*** bash-5.0.17/subst.c	2020-04-02 17:14:58.000000000 -0400
+--- b/subst.c	2020-07-09 15:28:19.000000000 -0400
+***************
+*** 5113,5116 ****
+--- b/5113,5118 ----
+  				      (int *)NULL, (int *)NULL)
+  	     : (WORD_LIST *)0;
++   if (l)
++     word_list_remove_quoted_nulls (l);
+    pat = string_list (l);
+    dispose_words (l);
+
+*** bash-5.0/patchlevel.h	2016-06-22 14:51:03.000000000 -0400
+--- b/patchlevel.h	2016-10-01 11:01:28.000000000 -0400
+***************
+*** 26,30 ****
+     looks for to find the patch level (for the sccs version string). */
+  
+! #define PATCHLEVEL 17
+  
+  #endif /* _PATCHLEVEL_H_ */
+--- b/26,30 ----
+     looks for to find the patch level (for the sccs version string). */
+  
+! #define PATCHLEVEL 18
+  
+  #endif /* _PATCHLEVEL_H_ */

package/binutils/binutils.mk

@@ -93,6 +93,7 @@ HOST_BINUTILS_CONF_OPTS = \
 	--enable-static \
 	--with-sysroot=$(STAGING_DIR) \
 	--enable-poison-system-directories \
+	--without-debuginfod \
 	$(BINUTILS_DISABLE_GDB_CONF_OPTS) \
 	$(BINUTILS_EXTRA_CONFIG_OPTIONS)
 

package/bison/bison.mk

@@ -13,5 +13,6 @@ BISON_LICENSE_FILES = COPYING
 BISON_MAKE = $(MAKE1)
 HOST_BISON_DEPENDENCIES = host-m4
 HOST_BISON_CONF_OPTS = --enable-relocatable
+HOST_BISON_CONF_ENV = ac_cv_libtextstyle=no
 
 $(eval $(host-autotools-package))

package/bitcoin/0001-src-randomenv.cpp-fix-build-on-uclibc.patch

@@ -0,0 +1,48 @@
+From 330cb33985d0ce97c20f4a0f0bbda0fbffe098d4 Mon Sep 17 00:00:00 2001
+From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+Date: Mon, 9 Nov 2020 21:18:40 +0100
+Subject: [PATCH] src/randomenv.cpp: fix build on uclibc
+
+Check for HAVE_STRONG_GETAUXVAL or HAVE_WEAK_GETAUXVAL before using
+getauxval to avoid a build failure on uclibc
+
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+[Upstream status: https://github.com/bitcoin/bitcoin/pull/20358]
+---
+ src/randomenv.cpp | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/src/randomenv.cpp b/src/randomenv.cpp
+index 07122b7f6..5e07c3db4 100644
+--- a/src/randomenv.cpp
++++ b/src/randomenv.cpp
+@@ -53,7 +53,7 @@
+ #include <sys/vmmeter.h>
+ #endif
+ #endif
+-#ifdef __linux__
++#if defined(HAVE_STRONG_GETAUXVAL) || defined(HAVE_WEAK_GETAUXVAL)
+ #include <sys/auxv.h>
+ #endif
+ 
+@@ -326,7 +326,7 @@ void RandAddStaticEnv(CSHA512& hasher)
+     // Bitcoin client version
+     hasher << CLIENT_VERSION;
+ 
+-#ifdef __linux__
++#if defined(HAVE_STRONG_GETAUXVAL) || defined(HAVE_WEAK_GETAUXVAL)
+     // Information available through getauxval()
+ #  ifdef AT_HWCAP
+     hasher << getauxval(AT_HWCAP);
+@@ -346,7 +346,7 @@ void RandAddStaticEnv(CSHA512& hasher)
+     const char* exec_str = (const char*)getauxval(AT_EXECFN);
+     if (exec_str) hasher.Write((const unsigned char*)exec_str, strlen(exec_str) + 1);
+ #  endif
+-#endif // __linux__
++#endif // HAVE_STRONG_GETAUXVAL || HAVE_WEAK_GETAUXVAL
+ 
+ #ifdef HAVE_GETCPUID
+     AddAllCPUID(hasher);
+-- 
+2.28.0
+

package/bitcoin/Config.in

@@ -18,9 +18,6 @@ config BR2_PACKAGE_BITCOIN
 	select BR2_PACKAGE_BOOST_SYSTEM
 	select BR2_PACKAGE_BOOST_FILESYSTEM
 	select BR2_PACKAGE_BOOST_THREAD
-	select BR2_PACKAGE_BOOST_CHRONO
-	select BR2_PACKAGE_BOOST_PROGRAM_OPTIONS
-	select BR2_PACKAGE_OPENSSL
 	select BR2_PACKAGE_LIBEVENT
 	help
 	  Bitcoin Core is an open source project which maintains and

package/bitcoin/bitcoin.hash

@@ -1,5 +1,5 @@
-# From https://bitcoincore.org/bin/bitcoin-core-0.19.0.1/SHA256SUMS.asc
-sha256 7ac9f972249a0a16ed01352ca2a199a5448fe87a4ea74923404a40b4086de284  bitcoin-0.19.0.1.tar.gz
+# From https://bitcoincore.org/bin/bitcoin-core-0.20.1/SHA256SUMS.asc
+sha256  4bbd62fd6acfa5e9864ebf37a24a04bc2dcfe3e3222f056056288d854c53b978  bitcoin-0.20.1.tar.gz
 
 # Hash for license file
-sha256 9a0f75d688e9cf5c69d3efdaa2a83af496700d252b212ec6a72f7784b47fed0c  COPYING
+sha256  96fe807030b21f88305adc32af62f9aa19915f2783509fd6f52aea02cf83f644  COPYING

package/bitcoin/bitcoin.mk

@@ -4,12 +4,13 @@
 #
 ################################################################################
 
-BITCOIN_VERSION = 0.19.0.1
+BITCOIN_VERSION = 0.20.1
 BITCOIN_SITE = https://bitcoincore.org/bin/bitcoin-core-$(BITCOIN_VERSION)
 BITCOIN_AUTORECONF = YES
 BITCOIN_LICENSE = MIT
 BITCOIN_LICENSE_FILES = COPYING
-BITCOIN_DEPENDENCIES = host-pkgconf boost openssl libevent
+BITCOIN_DEPENDENCIES = host-pkgconf boost libevent
+BITCOIN_MAKE_ENV = BITCOIN_GENBUILD_NO_GIT=1
 BITCOIN_CONF_OPTS = \
 	--disable-bench \
 	--disable-wallet \

package/bluez-tools/0001-fix-gcc-10-compile.patch

@@ -0,0 +1,46 @@
+From 687105d611b38961f390f0a328f9cfa3b93aeb18 Mon Sep 17 00:00:00 2001
+From: Leigh Scott <leigh123linux@gmail.com>
+Date: Tue, 28 Jan 2020 22:46:37 +0000
+Subject: [PATCH] fix gcc-10 compile
+
+[Retrieved from:
+https://github.com/khvzak/bluez-tools/pull/34/commits/687105d611b38961f390f0a328f9cfa3b93aeb18]
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+---
+ src/lib/agent-helper.c | 2 ++
+ src/lib/agent-helper.h | 4 ++--
+ 2 files changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/src/lib/agent-helper.c b/src/lib/agent-helper.c
+index bf50bcc..2b94100 100644
+--- a/src/lib/agent-helper.c
++++ b/src/lib/agent-helper.c
+@@ -33,6 +33,8 @@
+ 
+ #include "agent-helper.h"
+ 
++gboolean agent_need_unregister;
++
+ static const gchar *_bt_agent_introspect_xml = "<node name=\"/org/blueztools\">\n\t<interface name=\"org.bluez.Agent1\">\n\t\t<method name=\"Release\">\n\t\t</method>\n\t\t<method name=\"RequestPinCode\">\n\t\t\t<arg name=\"device\" direction=\"in\" type=\"o\"/>\n\t\t\t<arg name=\"pincode\" direction=\"out\" type=\"s\"/>\n\t\t</method>\n\t\t<method name=\"DisplayPinCode\">\n\t\t\t<arg name=\"device\" direction=\"in\" type=\"o\"/>\n\t\t\t<arg name=\"pincode\" direction=\"in\" type=\"s\"/>\n\t\t</method>\n\t\t<method name=\"RequestPasskey\">\n\t\t\t<arg name=\"device\" direction=\"in\" type=\"o\"/>\n\t\t\t<arg name=\"passkey\" direction=\"out\" type=\"u\"/>\n\t\t</method>\n\t\t<method name=\"DisplayPasskey\">\n\t\t\t<arg name=\"device\" direction=\"in\" type=\"o\"/>\n\t\t\t<arg name=\"passkey\" direction=\"in\" type=\"u\"/>\n\t\t\t<arg name=\"entered\" direction=\"in\" type=\"q\"/>\n\t\t</method>\n\t\t<method name=\"RequestConfirmation\">\n\t\t\t<arg name=\"device\" direction=\"in\" type=\"o\"/>\n\t\t\t<arg name=\"passkey\" direction=\"in\" type=\"u\"/>\n\t\t</method>\n\t\t<method name=\"RequestAuthorization\">\n\t\t\t<arg name=\"device\" direction=\"in\" type=\"o\"/>\n\t\t</method>\n\t\t<method name=\"AuthorizeService\">\n\t\t\t<arg name=\"device\" direction=\"in\" type=\"o\"/>\n\t\t\t<arg name=\"uuid\" direction=\"in\" type=\"s\"/>\n\t\t</method>\n\t\t<method name=\"Cancel\">\n\t\t</method>\n\t</interface>\n</node>\n";
+ static guint _bt_agent_registration_id = 0;
+ static GHashTable *_pin_hash_table = NULL;
+diff --git a/src/lib/agent-helper.h b/src/lib/agent-helper.h
+index 8e1cc85..9a952c4 100644
+--- a/src/lib/agent-helper.h
++++ b/src/lib/agent-helper.h
+@@ -35,7 +35,7 @@ extern "C" {
+ #define AGENT_DBUS_INTERFACE "org.bluez.Agent1"
+ #define AGENT_PATH "/org/blueztools"
+ 
+-gboolean agent_need_unregister;
++extern gboolean agent_need_unregister;
+ 
+ void register_agent_callbacks(gboolean interactive_console, GHashTable *pin_dictonary, gpointer main_loop_object, GError **error);
+ void unregister_agent_callbacks(GError **error);
+@@ -44,4 +44,4 @@ void unregister_agent_callbacks(GError **error);
+ }
+ #endif
+ 
+-#endif /* __AGENT_HELPER_H */
+\ No newline at end of file
++#endif /* __AGENT_HELPER_H */

package/brotli/0001-CMake-Allow-using-BUILD_SHARED_LIBS-to-choose-static.patch

@@ -1,6 +1,6 @@
-From 7289e5a378ba13801996a84d89d8fe95c3fc4c11 Mon Sep 17 00:00:00 2001
+From 6cb16322decd643fed9de332d9cda77f7738b7af Mon Sep 17 00:00:00 2001
 From: Adrian Perez de Castro <aperez@igalia.com>
-Date: Mon, 26 Mar 2018 19:08:31 +0100
+Date: Mon, 7 Sep 2020 12:14:22 +0300
 Subject: [PATCH] CMake: Allow using BUILD_SHARED_LIBS to choose static/shared
  libs
 
@@ -18,16 +18,16 @@ This way, the following will both work as expected:
 
 This is helpful for distributions which need (or want) to build only
 static libraries.
----
- CMakeLists.txt        | 42 ++++++++++++++----------------------------
- c/fuzz/test_fuzzer.sh |  6 +++---
- 2 files changed, 17 insertions(+), 31 deletions(-)
 
 Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
-Upstream-Status: Submitted [https://github.com/google/brotli/pull/655]
+[Upstream status: https://github.com/google/brotli/pull/655]
+---
+ CMakeLists.txt        | 46 ++++++++++++++-----------------------------
+ c/fuzz/test_fuzzer.sh |  6 +++---
+ 2 files changed, 18 insertions(+), 34 deletions(-)
 
 diff --git a/CMakeLists.txt b/CMakeLists.txt
-index fc45f80..3f87f13 100644
+index 4ff3401..f889311 100644
 --- a/CMakeLists.txt
 +++ b/CMakeLists.txt
 @@ -6,6 +6,8 @@ cmake_minimum_required(VERSION 2.8.6)
@@ -36,10 +36,10 @@ index fc45f80..3f87f13 100644
  
 +option(BUILD_SHARED_LIBS "Build shared libraries" ON)
 +
- # If Brotli is being bundled in another project, we don't want to
- # install anything.  However, we want to let people override this, so
- # we'll use the BROTLI_BUNDLED_MODE variable to let them do that; just
-@@ -114,10 +116,6 @@ set(BROTLI_LIBRARIES_CORE brotlienc brotlidec brotlicommon)
+ if(NOT CMAKE_BUILD_TYPE AND NOT CMAKE_CONFIGURATION_TYPES)
+   message(STATUS "Setting build type to Release as none was specified.")
+   set(CMAKE_BUILD_TYPE "Release" CACHE STRING "Choose the type of build." FORCE)
+@@ -137,10 +139,6 @@ set(BROTLI_LIBRARIES_CORE brotlienc brotlidec brotlicommon)
  set(BROTLI_LIBRARIES ${BROTLI_LIBRARIES_CORE} ${LIBM_LIBRARY})
  mark_as_advanced(BROTLI_LIBRARIES)
  
@@ -50,14 +50,20 @@ index fc45f80..3f87f13 100644
  if(${CMAKE_SYSTEM_NAME} MATCHES "Linux")
    add_definitions(-DOS_LINUX)
  elseif(${CMAKE_SYSTEM_NAME} MATCHES "FreeBSD")
-@@ -137,24 +135,22 @@ endfunction()
- transform_sources_list("scripts/sources.lst" "${CMAKE_CURRENT_BINARY_DIR}/sources.lst.cmake")
+@@ -161,29 +159,25 @@ transform_sources_list("scripts/sources.lst" "${CMAKE_CURRENT_BINARY_DIR}/source
  include("${CMAKE_CURRENT_BINARY_DIR}/sources.lst.cmake")
  
--add_library(brotlicommon SHARED ${BROTLI_COMMON_C})
--add_library(brotlidec SHARED ${BROTLI_DEC_C})
--add_library(brotlienc SHARED ${BROTLI_ENC_C})
--
+ if(BROTLI_EMSCRIPTEN)
+-  set(BROTLI_SHARED_LIBS "")
+-else()
+-  set(BROTLI_SHARED_LIBS brotlicommon brotlidec brotlienc)
+-  add_library(brotlicommon SHARED ${BROTLI_COMMON_C})
+-  add_library(brotlidec SHARED ${BROTLI_DEC_C})
+-  add_library(brotlienc SHARED ${BROTLI_ENC_C})
++  set(BUILD_SHARED_LIBS OFF)
+ endif()
+ 
+-set(BROTLI_STATIC_LIBS brotlicommon-static brotlidec-static brotlienc-static)
 -add_library(brotlicommon-static STATIC ${BROTLI_COMMON_C})
 -add_library(brotlidec-static STATIC ${BROTLI_DEC_C})
 -add_library(brotlienc-static STATIC ${BROTLI_ENC_C})
@@ -68,27 +74,27 @@ index fc45f80..3f87f13 100644
  # Older CMake versions does not understand INCLUDE_DIRECTORIES property.
  include_directories(${BROTLI_INCLUDE_DIRS})
  
+-foreach(lib IN LISTS BROTLI_SHARED_LIBS)
+-  target_compile_definitions(${lib} PUBLIC "BROTLI_SHARED_COMPILATION" )
+-  string(TOUPPER "${lib}" LIB)
+-  set_target_properties (${lib} PROPERTIES DEFINE_SYMBOL "${LIB}_SHARED_COMPILATION")
+-endforeach()
 +if(BUILD_SHARED_LIBS)
 +  foreach(lib brotlicommon brotlidec brotlienc)
 +    target_compile_definitions(${lib} PUBLIC "BROTLI_SHARED_COMPILATION" )
 +    string(TOUPPER "${lib}" LIB)
-+    set_target_properties (${lib} PROPERTIES DEFINE_SYMBOL "${LIB}_SHARED_COMPILATION" )
++    set_target_properties (${lib} PROPERTIES DEFINE_SYMBOL "${LIB}_SHARED_COMPILATION")
 +  endforeach()
 +endif()
-+
- foreach(lib brotlicommon brotlidec brotlienc)
--  target_compile_definitions(${lib} PUBLIC "BROTLI_SHARED_COMPILATION" )
--  string(TOUPPER "${lib}" LIB)
--  set_target_properties (${lib} PROPERTIES DEFINE_SYMBOL "${LIB}_SHARED_COMPILATION" )
--endforeach()
--
--foreach(lib brotlicommon brotlidec brotlienc brotlicommon-static brotlidec-static brotlienc-static)
+ 
+-foreach(lib IN LISTS BROTLI_SHARED_LIBS BROTLI_STATIC_LIBS)
++foreach(lib brotlicommon brotlidec brotlienc)
    target_link_libraries(${lib} ${LIBM_LIBRARY})
    set_property(TARGET ${lib} APPEND PROPERTY INCLUDE_DIRECTORIES ${BROTLI_INCLUDE_DIRS})
    set_target_properties(${lib} PROPERTIES
-@@ -167,9 +163,6 @@ endforeach()
- target_link_libraries(brotlidec brotlicommon)
+@@ -200,9 +194,6 @@ target_link_libraries(brotlidec brotlicommon)
  target_link_libraries(brotlienc brotlicommon)
+ endif()
  
 -target_link_libraries(brotlidec-static brotlicommon-static)
 -target_link_libraries(brotlienc-static brotlicommon-static)
@@ -96,7 +102,7 @@ index fc45f80..3f87f13 100644
  # For projects stuck on older versions of CMake, this will set the
  # BROTLI_INCLUDE_DIRS and BROTLI_LIBRARIES variables so they still
  # have a relatively easy way to use Brotli:
-@@ -183,7 +176,7 @@ endif()
+@@ -216,7 +207,7 @@ endif()
  
  # Build the brotli executable
  add_executable(brotli ${BROTLI_CLI_C})
@@ -104,8 +110,8 @@ index fc45f80..3f87f13 100644
 +target_link_libraries(brotli ${BROTLI_LIBRARIES})
  
  # Installation
- if(NOT BROTLI_BUNDLED_MODE)
-@@ -199,13 +192,6 @@ if(NOT BROTLI_BUNDLED_MODE)
+ if(NOT BROTLI_EMSCRIPTEN)
+@@ -233,13 +224,6 @@ if(NOT BROTLI_BUNDLED_MODE)
      RUNTIME DESTINATION "${CMAKE_INSTALL_BINDIR}"
    )
  
@@ -119,26 +125,6 @@ index fc45f80..3f87f13 100644
    install(
      DIRECTORY ${BROTLI_INCLUDE_DIRS}/brotli
      DESTINATION "${CMAKE_INSTALL_INCLUDEDIR}"
-diff --git a/c/fuzz/test_fuzzer.sh b/c/fuzz/test_fuzzer.sh
-index 9985194..4b99947 100755
---- a/c/fuzz/test_fuzzer.sh
-+++ b/c/fuzz/test_fuzzer.sh
-@@ -13,12 +13,12 @@ mkdir bin
- cd bin
- 
- cmake $BROTLI -DCMAKE_C_COMPILER="$CC" \
--    -DBUILD_TESTING=OFF -DENABLE_SANITIZER=address
--make -j$(nproc) brotlidec-static
-+    -DBUILD_TESTING=OFF -DBUILD_SHARED_LIBS=OFF -DENABLE_SANITIZER=address
-+make -j$(nproc) brotlidec
- 
- ${CC} -o run_decode_fuzzer -std=c99 -fsanitize=address -I$SRC/include \
-     $SRC/fuzz/decode_fuzzer.c $SRC/fuzz/run_decode_fuzzer.c \
--    ./libbrotlidec-static.a ./libbrotlicommon-static.a
-+    ./libbrotlidec.a ./libbrotlicommon.a
- 
- mkdir decode_corpora
- unzip $BROTLI/java/org/brotli/integration/fuzz_data.zip -d decode_corpora
 -- 
-2.19.1
+2.28.0
 

package/brotli/0002-Revert-Add-runtime-linker-path-to-pkg-config-files.patch

@@ -0,0 +1,51 @@
+From 09b0992b6acb7faa6fd3b23f9bc036ea117230fc Mon Sep 17 00:00:00 2001
+From: Eugene Kliuchnikov <eustas.ru@gmail.com>
+Date: Wed, 2 Sep 2020 11:38:26 +0200
+Subject: [PATCH] Revert "Add runtime linker path to pkg-config files (#740)"
+ (#838)
+
+This reverts commit 31754d4ffce14153b5c2addf7a11019ec23f51c1.
+[Retrieved from:
+https://github.com/google/brotli/commit/09b0992b6acb7faa6fd3b23f9bc036ea117230fc]
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+---
+ scripts/libbrotlicommon.pc.in | 2 +-
+ scripts/libbrotlidec.pc.in    | 2 +-
+ scripts/libbrotlienc.pc.in    | 2 +-
+ 3 files changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/scripts/libbrotlicommon.pc.in b/scripts/libbrotlicommon.pc.in
+index 10ca969e..2a8cf7a3 100644
+--- a/scripts/libbrotlicommon.pc.in
++++ b/scripts/libbrotlicommon.pc.in
+@@ -7,5 +7,5 @@ Name: libbrotlicommon
+ URL: https://github.com/google/brotli
+ Description: Brotli common dictionary library
+ Version: @PACKAGE_VERSION@
+-Libs: -L${libdir} -R${libdir} -lbrotlicommon
++Libs: -L${libdir} -lbrotlicommon
+ Cflags: -I${includedir}
+diff --git a/scripts/libbrotlidec.pc.in b/scripts/libbrotlidec.pc.in
+index e7c3124f..6f8ef2e4 100644
+--- a/scripts/libbrotlidec.pc.in
++++ b/scripts/libbrotlidec.pc.in
+@@ -7,6 +7,6 @@ Name: libbrotlidec
+ URL: https://github.com/google/brotli
+ Description: Brotli decoder library
+ Version: @PACKAGE_VERSION@
+-Libs: -L${libdir} -R${libdir} -lbrotlidec
++Libs: -L${libdir} -lbrotlidec
+ Requires.private: libbrotlicommon >= 1.0.2
+ Cflags: -I${includedir}
+diff --git a/scripts/libbrotlienc.pc.in b/scripts/libbrotlienc.pc.in
+index 4dd0811b..2098afe2 100644
+--- a/scripts/libbrotlienc.pc.in
++++ b/scripts/libbrotlienc.pc.in
+@@ -7,6 +7,6 @@ Name: libbrotlienc
+ URL: https://github.com/google/brotli
+ Description: Brotli encoder library
+ Version: @PACKAGE_VERSION@
+-Libs: -L${libdir} -R${libdir} -lbrotlienc
++Libs: -L${libdir} -lbrotlienc
+ Requires.private: libbrotlicommon >= 1.0.2
+ Cflags: -I${includedir}

package/brotli/brotli.hash

@@ -1,5 +1,5 @@
 # Locally generated:
-sha512  a82362aa36d2f2094bca0b2808d9de0d57291fb3a4c29d7c0ca0a37e73087ec5ac4df299c8c363e61106fccf2fe7f58b5cf76eb97729e2696058ef43b1d3930a  v1.0.7.tar.gz
+sha512  b8e2df955e8796ac1f022eb4ebad29532cb7e3aa6a4b6aee91dbd2c7d637eee84d9a144d3e878895bb5e62800875c2c01c8f737a1261020c54feacf9f676b5f5  v1.0.9.tar.gz
 
 # Hash for license files:
 sha512  bae78184c2f50f86d8c727826d3982c469454c42b9af81f4ef007e39036434fa894cf5be3bf5fc65b7de2301f0a72d067a8186e303327db8a96bd14867e0a3a8  LICENSE

package/brotli/brotli.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-BROTLI_VERSION = 1.0.7
+BROTLI_VERSION = 1.0.9
 BROTLI_SOURCE = v$(BROTLI_VERSION).tar.gz
 BROTLI_SITE = https://github.com/google/brotli/archive
 BROTLI_LICENSE = MIT

package/busybox/0008-hwclock-Fix-settimeofday-for-glibc-v2.31.patch

@@ -0,0 +1,63 @@
+From b226d7730b2c4ca73fc569b404cd6adff1c5b05f Mon Sep 17 00:00:00 2001
+From: Eddie James <eajames@linux.ibm.com>
+Date: Mon, 10 Aug 2020 09:59:02 -0500
+Subject: [PATCH] hwclock: Fix settimeofday for glibc v2.31+
+
+The glibc implementation changed for settimeofday, resulting in "invalid
+argument" error when attempting to set both timezone and time with a single
+call. Fix this by calling settimeofday twice
+
+Signed-off-by: Eddie James <eajames@linux.ibm.com>
+Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
+
+(cherry picked from commit 1a5d6fcbb5e606ab4acdf22afa26361a25f1d43b)
+(Klaus: use bb_perror_msg_and_die() instead of
+bb_simple_perror_msg_and_die() for 1_31_1 backport)
+Signed-off-by: Klaus Heinrich Kiwi <klaus@linux.vnet.ibm.com>
+---
+ util-linux/hwclock.c | 14 +++++++++++---
+ 1 file changed, 11 insertions(+), 3 deletions(-)
+
+diff --git a/util-linux/hwclock.c b/util-linux/hwclock.c
+index 29f51021e..d2c68efbe 100644
+--- a/util-linux/hwclock.c
++++ b/util-linux/hwclock.c
+@@ -122,16 +122,20 @@ static void to_sys_clock(const char **pp_rtcname, int utc)
+ 	struct timeval tv;
+ 	struct timezone tz;
+ 
+-	tz.tz_minuteswest = timezone/60;
++	tz.tz_minuteswest = timezone / 60;
+ 	/* ^^^ used to also subtract 60*daylight, but it's wrong:
+ 	 * daylight!=0 means "this timezone has some DST
+ 	 * during the year", not "DST is in effect now".
+ 	 */
+ 	tz.tz_dsttime = 0;
+ 
++	/* glibc v2.31+ returns an error if both args are non-NULL */
++	if (settimeofday(NULL, &tz))
++		bb_perror_msg_and_die("settimeofday");
++
+ 	tv.tv_sec = read_rtc(pp_rtcname, NULL, utc);
+ 	tv.tv_usec = 0;
+-	if (settimeofday(&tv, &tz))
++	if (settimeofday(&tv, NULL))
+ 		bb_perror_msg_and_die("settimeofday");
+ }
+ 
+@@ -283,7 +287,11 @@ static void set_system_clock_timezone(int utc)
+ 	gettimeofday(&tv, NULL);
+ 	if (!utc)
+ 		tv.tv_sec += tz.tz_minuteswest * 60;
+-	if (settimeofday(&tv, &tz))
++
++	/* glibc v2.31+ returns an error if both args are non-NULL */
++	if (settimeofday(NULL, &tz))
++		bb_perror_msg_and_die("settimeofday");
++	if (settimeofday(&tv, NULL))
+ 		bb_perror_msg_and_die("settimeofday");
+ }
+ 
+-- 
+2.17.1
+

package/busybox/busybox.hash

@@ -1,4 +1,5 @@
 # From https://busybox.net/downloads/busybox-1.31.1.tar.bz2.sha256
-sha256 d0f940a72f648943c1f2211e0e3117387c31d765137d92bd8284a3fb9752a998  busybox-1.31.1.tar.bz2
+sha256  d0f940a72f648943c1f2211e0e3117387c31d765137d92bd8284a3fb9752a998  busybox-1.31.1.tar.bz2
 # Locally computed
-sha256 bbfc9843646d483c334664f651c208b9839626891d8f17604db2146962f43548  LICENSE
+sha256  bbfc9843646d483c334664f651c208b9839626891d8f17604db2146962f43548  LICENSE
+sha256  b5a136ed67798e51fe2e0ca0b2a21cb01b904ff0c9f7d563a6292e276607e58f  archival/libarchive/bz/LICENSE

package/busybox/busybox.mk

@@ -7,8 +7,8 @@
 BUSYBOX_VERSION = 1.31.1
 BUSYBOX_SITE = http://www.busybox.net/downloads
 BUSYBOX_SOURCE = busybox-$(BUSYBOX_VERSION).tar.bz2
-BUSYBOX_LICENSE = GPL-2.0
-BUSYBOX_LICENSE_FILES = LICENSE
+BUSYBOX_LICENSE = GPL-2.0, bzip2-1.0.4
+BUSYBOX_LICENSE_FILES = LICENSE archival/libarchive/bz/LICENSE
 
 define BUSYBOX_HELP_CMDS
 	@echo '  busybox-menuconfig     - Run BusyBox menuconfig'

package/busybox/udhcpc.script

@@ -42,19 +42,19 @@ case "$1" in
 		rm -f $TMPFILE
 
 		if [ -x /usr/sbin/avahi-autoipd ]; then
-			/usr/sbin/avahi-autoipd -k $interface
+			/usr/sbin/avahi-autoipd -c $interface && /usr/sbin/avahi-autoipd -k $interface
 		fi
 		;;
 
 	leasefail|nak)
 		if [ -x /usr/sbin/avahi-autoipd ]; then
-			/usr/sbin/avahi-autoipd -wD $interface --no-chroot
+			/usr/sbin/avahi-autoipd -c $interface || /usr/sbin/avahi-autoipd -wD $interface --no-chroot
 		fi
 		;;
 
 	renew|bound)
 		if [ -x /usr/sbin/avahi-autoipd ]; then
-			/usr/sbin/avahi-autoipd -k $interface
+			/usr/sbin/avahi-autoipd -c $interface && /usr/sbin/avahi-autoipd -k $interface
 		fi
 		/sbin/ifconfig $interface $ip $BROADCAST $NETMASK
 		if [ -n "$ipv6" ] ; then

package/chocolate-doom/0001-Remove-redundant-demoextend-definition.patch

@@ -0,0 +1,29 @@
+From a8fd4b1f563d24d4296c3e8225c8404e2724d4c2 Mon Sep 17 00:00:00 2001
+From: Jordan Christiansen <xordspar0@gmail.com>
+Date: Sun, 15 Mar 2020 16:55:33 -0500
+Subject: [PATCH] Remove redundant demoextend definition
+
+GCC 10 enables -fno-common by default, which causes the linker to fail when
+there are multple definitions of a global variable.
+
+See https://gcc.gnu.org/gcc-10/porting_to.html
+
+[Retrieved from:
+https://github.com/chocolate-doom/chocolate-doom/commit/a8fd4b1f563d24d4296c3e8225c8404e2724d4c2]
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+---
+ src/hexen/mn_menu.c | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/src/hexen/mn_menu.c b/src/hexen/mn_menu.c
+index 059f45b3e..a97b7fcd1 100644
+--- a/src/hexen/mn_menu.c
++++ b/src/hexen/mn_menu.c
+@@ -131,7 +131,6 @@ boolean MenuActive;
+ int InfoType;
+ int messageson = true;
+ boolean mn_SuicideConsole;
+-boolean demoextend; // from h2def.h
+ 
+ // PRIVATE DATA DEFINITIONS ------------------------------------------------
+ 

package/cifs-utils/cifs-utils.hash

@@ -1,5 +1,5 @@
 # Locally calculated after checking pgp signature
-sha256  92fc29c8e9039637f3344267500f1fa381e2cccd7d10142f0c1676fa575904a7  cifs-utils-6.10.tar.bz2
+sha256  b859239a3f204f8220d3e54ed43bf8109e1ef202042dd87ba87492f8878728d9  cifs-utils-6.11.tar.bz2
 
 # Hash for license file:
 sha256  8ceb4b9ee5adedde47b31e975c1d90c73ad27b6b165a1dcd80c7c545eb65b903  COPYING

package/cifs-utils/cifs-utils.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-CIFS_UTILS_VERSION = 6.10
+CIFS_UTILS_VERSION = 6.11
 CIFS_UTILS_SOURCE = cifs-utils-$(CIFS_UTILS_VERSION).tar.bz2
 CIFS_UTILS_SITE = http://ftp.samba.org/pub/linux-cifs/cifs-utils
 CIFS_UTILS_LICENSE = GPL-3.0+

package/collectd/Config.in

@@ -571,6 +571,7 @@ comment "Select at least one for collectd to be useful"
 
 config BR2_PACKAGE_COLLECTD_AMQP
 	bool "amqp"
+	select BR2_PACKAGE_OPENSSL # needs rabbitmq-c with ssl support
 	select BR2_PACKAGE_RABBITMQ_C
 	help
 	  Send/receive values via the Advanced Message Queuing Protocol
@@ -607,7 +608,6 @@ comment "grpc needs a toolchain w/ C++, gcc >= 4.8"
 
 config BR2_PACKAGE_COLLECTD_MQTT
 	bool "mqtt"
-	depends on BR2_TOOLCHAIN_HAS_SYNC_4 # mosquitto
 	select BR2_PACKAGE_MOSQUITTO
 	help
 	  Sends metrics to and/or receives metrics from an MQTT broker.

package/cryptsetup/cryptsetup.hash

@@ -1,4 +1,4 @@
 # From https://www.kernel.org/pub/linux/utils/cryptsetup/v2.3/sha256sums.asc
-sha256  3bca4ffe39e2f94cef50f6ea65acb873a6dbce5db34fc6bcefe38b6d095e82df  cryptsetup-2.3.3.tar.xz
+sha256  9d16eebb96b53b514778e813019b8dd15fea9fec5aafde9fae5febf59df83773  cryptsetup-2.3.4.tar.xz
 sha256  45670cce8b6a0ddd66c8016cd8ccef6cd71f35717cbacc7f1e895b3855207b33  COPYING
 sha256  8c33cc37871654ec7ed87e6fbb896c8cf33ef5ef05b1611a5aed857596ffafa5  COPYING.LGPL

package/cryptsetup/cryptsetup.mk

@@ -5,7 +5,7 @@
 ################################################################################
 
 CRYPTSETUP_VERSION_MAJOR = 2.3
-CRYPTSETUP_VERSION = $(CRYPTSETUP_VERSION_MAJOR).3
+CRYPTSETUP_VERSION = $(CRYPTSETUP_VERSION_MAJOR).4
 CRYPTSETUP_SOURCE = cryptsetup-$(CRYPTSETUP_VERSION).tar.xz
 CRYPTSETUP_SITE = $(BR2_KERNEL_MIRROR)/linux/utils/cryptsetup/v$(CRYPTSETUP_VERSION_MAJOR)
 CRYPTSETUP_DEPENDENCIES = lvm2 popt util-linux host-pkgconf json-c libargon2 \

package/cups-filters/S82cups-browsed

@@ -6,7 +6,7 @@ PIDFILE="/var/run/$DAEMON.pid"
 start() {
 	printf 'Starting %s: ' "$DAEMON"
 	# shellcheck disable=SC2086 # we need the word splitting
-	start-stop-daemon -b -m -S -q -p "$PIDFILE" -x "/sbin/$DAEMON" \
+	start-stop-daemon -b -m -S -q -p "$PIDFILE" -x "/usr/sbin/$DAEMON" \
 		-- -c /etc/cups/cups-browsed.conf
 	status=$?
 	if [ "$status" -eq 0 ]; then

package/cups/70-usb-printers.rules

@@ -0,0 +1,3 @@
+# Allow USB printers in the lp group
+# Match rules converted from usblp.c driver's usblp_ids
+ACTION=="add", SUBSYSTEM=="usb", ATTR{bInterfaceClass}=="07", ATTR{bInterfaceSubClass}=="01", GROUP="lp"

package/cups/cups.mk

@@ -22,6 +22,9 @@ CUPS_CONF_OPTS = \
 	--disable-gssapi \
 	--disable-pam \
 	--libdir=/usr/lib \
+	--with-cups-user=lp \
+	--with-cups-group=lp \
+	--with-system-groups="lpadmin sys root" \
 	--without-rcdir
 CUPS_CONFIG_SCRIPTS = cups-config
 CUPS_DEPENDENCIES = \
@@ -72,9 +75,25 @@ else
 CUPS_CONF_OPTS += --disable-avahi
 endif
 
+ifeq ($(BR2_PACKAGE_HAS_UDEV),y)
+define CUPS_INSTALL_UDEV_RULES
+	$(INSTALL) -D -m 0644 package/cups/70-usb-printers.rules \
+		$(TARGET_DIR)/lib/udev/rules.d/70-usb-printers.rules
+endef
+
+CUPS_POST_INSTALL_TARGET_HOOKS += CUPS_INSTALL_UDEV_RULES
+endif
+
 define CUPS_INSTALL_INIT_SYSV
 	$(INSTALL) -D -m 0755 package/cups/S81cupsd \
 		$(TARGET_DIR)/etc/init.d/S81cupsd
 endef
 
+# lp user is needed to run cups spooler
+# lpadmin group membership grants administrative privileges
+define CUPS_USERS
+	lp -1 lp -1 * /var/spool/lpd /bin/false - lp
+	- - lpadmin -1 * - - - Printers admin group.
+endef
+
 $(eval $(autotools-package))

package/darkhttpd/darkhttpd.hash

@@ -1,2 +1,3 @@
 # Locally generated
-sha256 a50417b622b32b5f421b3132cb94ebeff04f02c5fb87fba2e31147d23de50505 darkhttpd-1.12.tar.bz2
+sha256  a50417b622b32b5f421b3132cb94ebeff04f02c5fb87fba2e31147d23de50505  darkhttpd-1.12.tar.bz2
+sha256  6e1a2e45d8dd3c8835222e3c82e5cccde8e60f02d55555910e18715ec5dc6d04  darkhttpd.c

package/darkhttpd/darkhttpd.mk

@@ -8,6 +8,7 @@ DARKHTTPD_VERSION = 1.12
 DARKHTTPD_SITE = https://unix4lyfe.org/darkhttpd
 DARKHTTPD_SOURCE = darkhttpd-$(DARKHTTPD_VERSION).tar.bz2
 DARKHTTPD_LICENSE = MIT
+DARKHTTPD_LICENSE_FILES = darkhttpd.c
 
 define DARKHTTPD_BUILD_CMDS
 	$(TARGET_CONFIGURE_OPTS) $(MAKE) -C $(@D)

package/davfs2/davfs2.mk

@@ -18,4 +18,8 @@ DAVFS2_CONF_ENV += \
 	ac_cv_path_NEON_CONFIG=$(STAGING_DIR)/usr/bin/neon-config \
 	LIBS=$(TARGET_NLS_LIBS)
 
+define DAVFS2_USERS
+	davfs2 -1 davfs2 -1 * - - - davfs user
+endef
+
 $(eval $(autotools-package))

package/dhcp/0001-WIP-Resolve-ISC-DHCP-does-not-build-with-gcc10.patch

@@ -0,0 +1,121 @@
+From 129b7e402bd6e7278854e5a8935fce460552b5f4 Mon Sep 17 00:00:00 2001
+From: Thomas Markwalder <tmark@isc.org>
+Date: Thu, 30 Jul 2020 10:01:36 -0400
+Subject: [PATCH] [#117] Fixed gcc 10 compilation issues
+
+client/dhclient.c
+relay/dhcrelay.c
+    extern'ed local_port,remote_port
+
+common/discover.c
+    init local_port,remote_port to 0
+
+server/mdb.c
+    extern'ed dhcp_type_host
+
+server/mdb6.c
+    create_prefix6() - eliminated memcpy string overflow error
+
+[Retrieved from:
+https://gitlab.isc.org/isc-projects/dhcp/-/merge_requests/60/diffs?commit_id=129b7e402bd6e7278854e5a8935fce460552b5f4]
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+---
+ RELNOTES          | 5 +++++
+ client/dhclient.c | 5 +++--
+ common/discover.c | 4 ++--
+ relay/dhcrelay.c  | 4 ++--
+ server/mdb.c      | 2 +-
+ server/mdb6.c     | 2 +-
+ 6 files changed, 14 insertions(+), 8 deletions(-)
+
+diff --git a/RELNOTES b/RELNOTES
+index 9d0a0414..6919dba7 100644
+--- a/RELNOTES
++++ b/RELNOTES
+@@ -103,6 +103,11 @@ ISC DHCP is open source software maintained by Internet Systems
+ Consortium.  This product includes cryptographic software written
+ by Eric Young (eay@cryptsoft.com).
+ 
++		Changes since 4.4.2 (Bug Fixes)
++
++- Minor corrections to allow compilation under gcc 10.
++  [Gitlab #117]
++
+ 		Changes since 4.4.2b1 (Bug Fixes)
+ 
+ - Added a clarification on DHCPINFORMs and server authority to
+diff --git a/client/dhclient.c b/client/dhclient.c
+index 189e5270..7a7837cb 100644
+--- a/client/dhclient.c
++++ b/client/dhclient.c
+@@ -83,8 +83,9 @@ static const char message [] = "Internet Systems Consortium DHCP Client";
+ static const char url [] = "For info, please visit https://www.isc.org/software/dhcp/";
+ #endif /* UNIT_TEST */
+ 
+-u_int16_t local_port = 0;
+-u_int16_t remote_port = 0;
++extern u_int16_t local_port;
++extern u_int16_t remote_port;
++
+ #if defined(DHCPv6) && defined(DHCP4o6)
+ int dhcp4o6_state = -1; /* -1 = stopped, 0 = polling, 1 = started */
+ #endif
+diff --git a/common/discover.c b/common/discover.c
+index ca4f4d55..22f09767 100644
+--- a/common/discover.c
++++ b/common/discover.c
+@@ -45,8 +45,8 @@ struct interface_info *fallback_interface = 0;
+ 
+ int interfaces_invalidated;
+ int quiet_interface_discovery;
+-u_int16_t local_port;
+-u_int16_t remote_port;
++u_int16_t local_port = 0;
++u_int16_t remote_port = 0;
+ u_int16_t relay_port = 0;
+ int dhcpv4_over_dhcpv6 = 0;
+ int (*dhcp_interface_setup_hook) (struct interface_info *, struct iaddr *);
+diff --git a/relay/dhcrelay.c b/relay/dhcrelay.c
+index 883d5058..7211e3bb 100644
+--- a/relay/dhcrelay.c
++++ b/relay/dhcrelay.c
+@@ -95,8 +95,8 @@ enum { forward_and_append,	/* Forward and append our own relay option. */
+        forward_untouched,	/* Forward without changes. */
+        discard } agent_relay_mode = forward_and_replace;
+ 
+-u_int16_t local_port;
+-u_int16_t remote_port;
++extern u_int16_t local_port;
++extern u_int16_t remote_port;
+ 
+ /* Relay agent server list. */
+ struct server_list {
+diff --git a/server/mdb.c b/server/mdb.c
+index ff8a707f..8266d764 100644
+--- a/server/mdb.c
++++ b/server/mdb.c
+@@ -67,7 +67,7 @@ static host_id_info_t *host_id_info = NULL;
+ 
+ int numclasseswritten;
+ 
+-omapi_object_type_t *dhcp_type_host;
++extern omapi_object_type_t *dhcp_type_host;
+ 
+ isc_result_t enter_class(cd, dynamicp, commit)
+ 	struct class *cd;
+diff --git a/server/mdb6.c b/server/mdb6.c
+index da7baf6e..ebe01e56 100644
+--- a/server/mdb6.c
++++ b/server/mdb6.c
+@@ -1945,7 +1945,7 @@ create_prefix6(struct ipv6_pool *pool, struct iasubopt **pref,
+ 		}
+ 		new_ds.data = new_ds.buffer->data;
+ 		memcpy(new_ds.buffer->data, ds.data, ds.len);
+-		memcpy(new_ds.buffer->data + ds.len, &tmp, sizeof(tmp));
++		memcpy(&new_ds.buffer->data[0] + ds.len, &tmp, sizeof(tmp));
+ 		data_string_forget(&ds, MDL);
+ 		data_string_copy(&ds, &new_ds, MDL);
+ 		data_string_forget(&new_ds, MDL);
+-- 
+GitLab
+

package/dhcpcd/dhcpcd.service

@@ -5,7 +5,7 @@ After=network.target
 [Service]
 Type=forking
 EnvironmentFile=-/etc/default/dhcpcd
-PIDFile=/var/run/dhcpcd.pid
+PIDFile=/run/dhcpcd.pid
 ExecStart=/sbin/dhcpcd $DAEMON_ARGS
 Restart=always
 

package/dhcpdump/dhcpdump.mk

@@ -20,7 +20,7 @@ DHCPDUMP_CFLAGS = $(TARGET_CFLAGS) -DHAVE_STRSEP
 
 define DHCPDUMP_BUILD_CMDS
 	$(TARGET_MAKE_ENV) $(MAKE) -C $(@D) CC="$(TARGET_CC) $(DHCPDUMP_CFLAGS) \
-		-D_GNU_SOURCE" LIBS="$(DHCPDUMP_LIBS)"
+		-D_GNU_SOURCE" LIBS="$(DHCPDUMP_LIBS)" dhcpdump
 endef
 
 define DHCPDUMP_INSTALL_TARGET_CMDS

package/docker-cli/docker-cli.hash

@@ -1,3 +1,3 @@
 # Locally calculated
-sha256	a5b1d6c5766f77896273e864a448a7f0ea4055bb52f50f884f14ad6ef0d5fdb4  docker-cli-19.03.11.tar.gz
+sha256	21b88a00e8f7a3194c0ae1de5a31e3e1728ef6aa2804158dcb502a8b5fd6ae2b  docker-cli-19.03.13.tar.gz
 sha256	2d81ea060825006fc8f3fe28aa5dc0ffeb80faf325b612c955229157b8c10dc0  LICENSE

package/docker-cli/docker-cli.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-DOCKER_CLI_VERSION = 19.03.11
+DOCKER_CLI_VERSION = 19.03.13
 DOCKER_CLI_SITE = $(call github,docker,cli,v$(DOCKER_CLI_VERSION))
 DOCKER_CLI_WORKSPACE = gopath
 
@@ -17,8 +17,8 @@ DOCKER_CLI_TAGS = autogen
 DOCKER_CLI_BUILD_TARGETS = cmd/docker
 
 DOCKER_CLI_LDFLAGS = \
-	-X github.com/docker/cli/cli.GitCommit=$(DOCKER_CLI_VERSION) \
-	-X github.com/docker/cli/cli.Version=$(DOCKER_CLI_VERSION)
+	-X github.com/docker/cli/cli/version.GitCommit=$(DOCKER_CLI_VERSION) \
+	-X github.com/docker/cli/cli/version.Version=$(DOCKER_CLI_VERSION)
 
 ifeq ($(BR2_PACKAGE_DOCKER_CLI_STATIC),y)
 DOCKER_CLI_LDFLAGS += -extldflags '-static'

package/docker-containerd/docker-containerd.hash

@@ -1,3 +1,3 @@
 # Computed locally
-sha256	0811057ab67b78ce911416e793edaeb14b3f1e105d67b8e67b6302e0eab572e4  docker-containerd-1.2.13.tar.gz
-sha256 4bbe3b885e8cd1907ab4cf9a41e862e74e24b5422297a4f2fe524e6a30ada2b4  LICENSE
+sha256	80ea55655612d7d9f9e8e10df5993a3636b088390e1a372962687d70ef265d97  docker-containerd-1.2.14.tar.gz
+sha256  4bbe3b885e8cd1907ab4cf9a41e862e74e24b5422297a4f2fe524e6a30ada2b4  LICENSE

package/docker-containerd/docker-containerd.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-DOCKER_CONTAINERD_VERSION = 1.2.13
+DOCKER_CONTAINERD_VERSION = 1.2.14
 DOCKER_CONTAINERD_SITE = $(call github,containerd,containerd,v$(DOCKER_CONTAINERD_VERSION))
 DOCKER_CONTAINERD_LICENSE = Apache-2.0
 DOCKER_CONTAINERD_LICENSE_FILES = LICENSE

package/docker-engine/docker-engine.hash

@@ -1,3 +1,3 @@
 # Locally calculated
-sha256	5ff62d7b3638a275b2c459e53a4d1a7a8fb03dde8305defcd55e05e059e5618d  docker-engine-19.03.11.tar.gz
+sha256	f43331fef1d24e31f43392fc1fed72b48fc17fd432d341d6eb1f68ca11383406  docker-engine-19.03.13.tar.gz
 sha256	7c87873291f289713ac5df48b1f2010eb6963752bbd6b530416ab99fc37914a8  LICENSE

package/docker-engine/docker-engine.mk

@@ -4,8 +4,8 @@
 #
 ################################################################################
 
-DOCKER_ENGINE_VERSION = 19.03.11
-DOCKER_ENGINE_SITE = $(call github,docker,engine,v$(DOCKER_ENGINE_VERSION))
+DOCKER_ENGINE_VERSION = 19.03.13
+DOCKER_ENGINE_SITE = $(call github,moby,moby,v$(DOCKER_ENGINE_VERSION))
 
 DOCKER_ENGINE_LICENSE = Apache-2.0
 DOCKER_ENGINE_LICENSE_FILES = LICENSE

package/domoticz/Config.in

@@ -1,11 +1,10 @@
 config BR2_PACKAGE_DOMOTICZ
 	bool "domoticz"
-	depends on BR2_USE_MMU # mosquitto
-	depends on BR2_TOOLCHAIN_HAS_SYNC_4 # mosquitto
-	depends on !BR2_STATIC_LIBS # mosquitto
+	depends on BR2_USE_MMU # fork()
+	depends on !BR2_STATIC_LIBS
 	depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_8 # sleep_for
 	# pthread_condattr_setclock
-	depends on BR2_TOOLCHAIN_HAS_THREADS_NPTL
+	depends on BR2_TOOLCHAIN_HAS_THREADS_NPTL # mosquitto
 	depends on BR2_INSTALL_LIBSTDCPP
 	depends on BR2_USE_WCHAR
 	depends on BR2_PACKAGE_LUA_5_3
@@ -31,7 +30,6 @@ config BR2_PACKAGE_DOMOTICZ
 
 comment "domoticz needs lua 5.3 and a toolchain w/ C++, gcc >= 4.8, NPTL, wchar, dynamic library"
 	depends on BR2_USE_MMU
-	depends on BR2_TOOLCHAIN_HAS_SYNC_4
 	depends on !BR2_INSTALL_LIBSTDCPP || \
 		!BR2_TOOLCHAIN_GCC_AT_LEAST_4_8 || \
 		!BR2_TOOLCHAIN_HAS_THREADS_NPTL || \

package/dovecot-pigeonhole/dovecot-pigeonhole.mk

@@ -13,4 +13,12 @@ DOVECOT_PIGEONHOLE_DEPENDENCIES = dovecot
 
 DOVECOT_PIGEONHOLE_CONF_OPTS = --with-dovecot=$(STAGING_DIR)/usr/lib
 
+ifeq ($(BR2_PER_PACKAGE_DIRECTORIES),y)
+define DOVECOT_PIGEONHOLE_FIXUP_DOVECOT_CONFIG
+	$(SED) 's,$(PER_PACKAGE_DIR)/dovecot/,$(PER_PACKAGE_DIR)/dovecot-pigeonhole/,g' \
+		$(STAGING_DIR)/usr/lib/dovecot-config
+endef
+DOVECOT_PIGEONHOLE_PRE_CONFIGURE_HOOKS = DOVECOT_PIGEONHOLE_FIXUP_DOVECOT_CONFIG
+endif
+
 $(eval $(autotools-package))

package/dvb-apps/0006-fix-glibc-2.31.patch

@@ -0,0 +1,21 @@
+dvbdate: fix compilation error with glibc 2.31
+
+as stime func doesn't exists anymore in newer versions of glibc >= 2.31 due
+to obseletion, a replacment with clock_settime is inorder to fix the issue.
+
+Signed-off-by: Dagg Stompler <daggs@gmx.com>
+
+--- a/util/dvbdate/dvbdate.c
++++ b/util/dvbdate/dvbdate.c
+@@ -309,7 +309,10 @@
+  */
+ int set_time(time_t * new_time)
+ {
+-	if (stime(new_time)) {
++	struct timespec s = {0};
++	s.tv_sec = new_time;
++
++	if (clock_settime(CLOCK_REALTIME, &s)) {
+ 		perror("Unable to set time");
+ 		return -1;
+ 	}

package/ecryptfs-utils/ecryptfs-utils.mk

@@ -15,6 +15,7 @@ ECRYPTFS_UTILS_CONF_OPTS = --disable-pywrap
 
 #Needed for build system to find pk11func.h and libnss3.so
 ECRYPTFS_UTILS_CONF_ENV = \
+	ac_cv_path_POD2MAN=true \
 	NSS_CFLAGS="-I$(STAGING_DIR)/usr/include/nss -I$(STAGING_DIR)/usr/include/nspr" \
 	NSS_LIBS="-lnss3"
 

package/efl/Config.in

@@ -1,7 +1,7 @@
 config BR2_PACKAGE_EFL
 	bool "efl"
-	 # g++ issue with 4.4.5, tested with g++ 4.7.2
-	depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_7
+	depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_9 # C++11
+	depends on BR2_HOST_GCC_AT_LEAST_4_9 # host-efl
 	depends on BR2_INSTALL_LIBSTDCPP
 	depends on BR2_TOOLCHAIN_HAS_THREADS # untested without threads
 	depends on BR2_USE_MMU
@@ -280,8 +280,9 @@ comment "SVG loader needs a toolchain w/ gcc >= 4.8"
 
 endif # BR2_PACKAGE_EFL
 
-comment "efl needs a toolchain w/ C++, dynamic library, gcc >= 4.7, threads, wchar"
+comment "efl needs a toolchain w/ C++, dynamic library, gcc >= 4.9, host gcc >= 4.9, threads, wchar"
 	depends on !BR2_INSTALL_LIBSTDCPP \
-		|| !BR2_TOOLCHAIN_GCC_AT_LEAST_4_7 \
-		|| BR2_STATIC_LIBS || !BR2_TOOLCHAIN_HAS_THREADS || !BR2_USE_WCHAR
+		|| !BR2_TOOLCHAIN_GCC_AT_LEAST_4_9 \
+		|| !BR2_HOST_GCC_AT_LEAST_4_9 || BR2_STATIC_LIBS \
+		|| !BR2_TOOLCHAIN_HAS_THREADS || !BR2_USE_WCHAR
 	depends on BR2_USE_MMU

package/elf2flt/0003-elf2flt-handle-binutils-2.34.patch

@@ -0,0 +1,377 @@
+From 26165906f85d82f0a4456f34b5c60fcaaef48535 Mon Sep 17 00:00:00 2001
+From: Romain Naour <romain.naour@smile.fr>
+Date: Wed, 5 Feb 2020 10:31:32 +0100
+Subject: [PATCH] elf2flt: handle binutils >= 2.34
+
+The latest Binutils release (2.34) is not compatible with elf2flt due
+to a change in bfd_section_* macros [1]. The issue has been reported
+to the Binutils mailing list but Alan Modra recommend to bundle
+libbfd library sources into each projects using it [2]. That's
+because the API is not stable over the time without any backward
+compatibility guaranties.
+
+On the other hand, the elf2flt tools needs to support modified
+version of binutils for specific arch/target [3].
+
+Add two tests in the configure script to detect this API change
+in order to support binutils < 2.34 and binutils >= 2.34.
+
+Upstream status: [4]
+
+[1] https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=fd3619828e94a24a92cddec42cbc0ab33352eeb4
+[2] https://sourceware.org/ml/binutils/2020-02/msg00044.html
+[3] https://github.com/uclinux-dev/elf2flt/issues/14
+[4] https://github.com/uclinux-dev/elf2flt/pull/15
+
+Signed-off-by: Romain Naour <romain.naour@smile.fr>
+---
+ configure.ac | 16 +++++++++++
+ elf2flt.c    | 81 +++++++++++++++++++++++++++++-----------------------
+ 2 files changed, 61 insertions(+), 36 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index e82eb1d..cf7dea8 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -229,6 +229,22 @@ AC_CHECK_FUNCS([ \
+ 	strsignal \
+ ])
+ 
++dnl Various bfd section macros and functions like bfd_section_size() have been
++dnl modified starting with binutils >= 2.34.
++dnl Check if the prototypes take a bfd argument.
++if test "$binutils_build_dir" != "NONE"; then
++    CFLAGS="-I$binutils_include_dir -I$bfd_include_dir $CFLAGS"
++fi
++
++AC_TRY_COMPILE([#include <bfd.h>],
++ [const asection *sec; bfd_section_size(sec);],
++ bfd_section_api_takes_bfd=no,
++ bfd_section_api_takes_bfd=yes)
++if test "$bfd_section_api_takes_bfd" = "yes" ; then
++  AC_DEFINE(HAVE_BFD_SECTION_API_TAKES_BFD, 1,
++   [define to 1 for binutils < 2.34])
++fi
++
+ if test "$GCC" = yes ; then
+ 	CFLAGS="-Wall $CFLAGS"
+ 	if test "$werror" = 1 ; then
+diff --git a/elf2flt.c b/elf2flt.c
+index b93aecd..3bcf4fe 100644
+--- a/elf2flt.c
++++ b/elf2flt.c
+@@ -149,6 +149,17 @@ const char *elf2flt_progname;
+ #define O_BINARY 0
+ #endif
+ 
++/*
++ * The bfd parameter isn't actually used by any of the bfd_section funcs and
++ * have been removed since binutils 2.34.
++ */
++#ifdef HAVE_BFD_SECTION_API_TAKES_BFD
++#define elf2flt_bfd_section_size(s) bfd_section_size(NULL, s)
++#define elf2flt_bfd_section_vma(s)  bfd_section_vma(NULL, s)
++#else
++#define elf2flt_bfd_section_size(s) bfd_section_size(s)
++#define elf2flt_bfd_section_vma(s)  bfd_section_vma(s)
++#endif
+ 
+ /* Extra output when running.  */
+ static int verbose = 0;
+@@ -323,10 +334,8 @@ compare_relocs (const void *pa, const void *pb)
+ 	else if (!rb->sym_ptr_ptr || !*rb->sym_ptr_ptr)
+ 		return 1;
+ 
+-	a_vma = bfd_section_vma(compare_relocs_bfd,
+-				(*(ra->sym_ptr_ptr))->section);
+-	b_vma = bfd_section_vma(compare_relocs_bfd,
+-				(*(rb->sym_ptr_ptr))->section);
++	a_vma = elf2flt_bfd_section_vma((*(ra->sym_ptr_ptr))->section);
++	b_vma = elf2flt_bfd_section_vma((*(rb->sym_ptr_ptr))->section);
+ 	va = (*(ra->sym_ptr_ptr))->value + a_vma + ra->addend;
+ 	vb = (*(rb->sym_ptr_ptr))->value + b_vma + rb->addend;
+ 	return va - vb;
+@@ -403,7 +412,7 @@ output_relocs (
+   }
+ 
+   for (a = abs_bfd->sections; (a != (asection *) NULL); a = a->next) {
+-  	section_vma = bfd_section_vma(abs_bfd, a);
++	section_vma = elf2flt_bfd_section_vma(a);
+ 
+ 	if (verbose)
+ 		printf("SECTION: %s [%p]: flags=0x%x vma=0x%"PRIx32"\n",
+@@ -442,7 +451,7 @@ output_relocs (
+ 	  continue;
+ 	if (verbose)
+ 	  printf(" RELOCS: %s [%p]: flags=0x%x vma=0x%"BFD_VMA_FMT"x\n",
+-			r->name, r, r->flags, bfd_section_vma(abs_bfd, r));
++			r->name, r, r->flags, elf2flt_bfd_section_vma(r));
+   	if ((r->flags & SEC_RELOC) == 0)
+   	  continue;
+ 	relsize = bfd_get_reloc_upper_bound(rel_bfd, r);
+@@ -694,7 +703,7 @@ output_relocs (
+ 				case R_BFIN_RIMM16:
+ 				case R_BFIN_LUIMM16:
+ 				case R_BFIN_HUIMM16:
+-				    sym_vma = bfd_section_vma(abs_bfd, sym_section);
++				    sym_vma = elf2flt_bfd_section_vma(sym_section);
+ 				    sym_addr += sym_vma + q->addend;
+ 
+ 				    if (weak_und_symbol(sym_section->name, (*(q->sym_ptr_ptr))))
+@@ -727,7 +736,7 @@ output_relocs (
+ 				    break;
+ 
+ 				case R_BFIN_BYTE4_DATA:
+-				    sym_vma = bfd_section_vma(abs_bfd, sym_section);
++				    sym_vma = elf2flt_bfd_section_vma(sym_section);
+ 				    sym_addr += sym_vma + q->addend;
+ 
+ 				    if (weak_und_symbol (sym_section->name, (*(q->sym_ptr_ptr))))
+@@ -885,7 +894,7 @@ output_relocs (
+ #if defined(TARGET_m68k)
+ 				case R_68K_32:
+ 					relocation_needed = 1;
+-					sym_vma = bfd_section_vma(abs_bfd, sym_section);
++					sym_vma = elf2flt_bfd_section_vma(sym_section);
+ 					sym_addr += sym_vma + q->addend;
+ 					break;
+ 				case R_68K_PC16:
+@@ -910,7 +919,7 @@ output_relocs (
+ 							q->address, sym_addr,
+ 							(*p)->howto->rightshift,
+ 							*(uint32_t *)r_mem);
+-					sym_vma = bfd_section_vma(abs_bfd, sym_section);
++					sym_vma = elf2flt_bfd_section_vma(sym_section);
+ 					sym_addr += sym_vma + q->addend;
+ 					break;
+ 				case R_ARM_GOT32:
+@@ -938,7 +947,7 @@ output_relocs (
+ #ifdef TARGET_v850
+ 				case R_V850_ABS32:
+ 					relocation_needed = 1;
+-					sym_vma = bfd_section_vma(abs_bfd, sym_section);
++					sym_vma = elf2flt_bfd_section_vma(sym_section);
+ 					sym_addr += sym_vma + q->addend;
+ 					break;
+ 				case R_V850_ZDA_16_16_OFFSET:
+@@ -960,7 +969,7 @@ output_relocs (
+ 					sym_addr = (*(q->sym_ptr_ptr))->value;
+ 					q->address -= 1;
+ 					r_mem -= 1; /* tracks q->address */
+-					sym_vma = bfd_section_vma(abs_bfd, sym_section);
++					sym_vma = elf2flt_bfd_section_vma(sym_section);
+ 					sym_addr += sym_vma + q->addend;
+ 					sym_addr |= (*(unsigned char *)r_mem<<24);
+ 					break;
+@@ -973,7 +982,7 @@ output_relocs (
+ 					/* Absolute symbol done not relocation */
+ 					relocation_needed = !bfd_is_abs_section(sym_section);
+ 					sym_addr = (*(q->sym_ptr_ptr))->value;
+-					sym_vma = bfd_section_vma(abs_bfd, sym_section);
++					sym_vma = elf2flt_bfd_section_vma(sym_section);
+ 					sym_addr += sym_vma + q->addend;
+ 					break;
+ 				case R_H8_DIR32:
+@@ -986,7 +995,7 @@ output_relocs (
+ 					}
+ 					relocation_needed = 1;
+ 					sym_addr = (*(q->sym_ptr_ptr))->value;
+-					sym_vma = bfd_section_vma(abs_bfd, sym_section);
++					sym_vma = elf2flt_bfd_section_vma(sym_section);
+ 					sym_addr += sym_vma + q->addend;
+ 					break;
+ 				case R_H8_PCREL16:
+@@ -1012,7 +1021,7 @@ output_relocs (
+ #ifdef TARGET_microblaze
+ 				case R_MICROBLAZE_64:
+ 					/* work out the relocation */
+-					sym_vma = bfd_section_vma(abs_bfd, sym_section);
++					sym_vma = elf2flt_bfd_section_vma(sym_section);
+ 					sym_addr += sym_vma + q->addend;
+ 					/* Write relocated pointer back */
+ 					r_mem[2] = (sym_addr >> 24) & 0xff;
+@@ -1026,7 +1035,7 @@ output_relocs (
+ 					pflags = 0x80000000;
+ 					break;
+ 				case R_MICROBLAZE_32:
+-					sym_vma = bfd_section_vma(abs_bfd, sym_section);
++					sym_vma = elf2flt_bfd_section_vma(sym_section);
+ 					sym_addr += sym_vma + q->addend;
+ 					relocation_needed = 1;
+ 					break;
+@@ -1058,7 +1067,7 @@ output_relocs (
+ 				case R_NIOS2_BFD_RELOC_32:
+ 					relocation_needed = 1;
+ 					pflags = (FLAT_NIOS2_R_32 << 28);
+-					sym_vma = bfd_section_vma(abs_bfd, sym_section);
++					sym_vma = elf2flt_bfd_section_vma(sym_section);
+ 					sym_addr += sym_vma + q->addend;
+ 					/* modify target, in target order */
+ 					*(unsigned long *)r_mem = htoniosl(sym_addr);
+@@ -1068,7 +1077,7 @@ output_relocs (
+ 					unsigned long exist_val;
+ 					relocation_needed = 1;
+ 					pflags = (FLAT_NIOS2_R_CALL26 << 28);
+-					sym_vma = bfd_section_vma(abs_bfd, sym_section);
++					sym_vma = elf2flt_bfd_section_vma(sym_section);
+ 					sym_addr += sym_vma + q->addend;
+ 					
+ 					/* modify target, in target order */
+@@ -1099,7 +1108,7 @@ output_relocs (
+ 								? FLAT_NIOS2_R_HIADJ_LO : FLAT_NIOS2_R_HI_LO;
+ 							pflags <<= 28;
+ 						
+-							sym_vma = bfd_section_vma(abs_bfd, sym_section);
++							sym_vma = elf2flt_bfd_section_vma(sym_section);
+ 							sym_addr += sym_vma + q->addend;
+ 
+ 							/* modify high 16 bits, in target order */
+@@ -1132,7 +1141,7 @@ output_relocs (
+ 						goto NIOS2_RELOC_ERR;
+ 					}
+ 					/* _gp holds a absolute value, otherwise the ld cannot generate correct code */
+-					sym_vma = bfd_section_vma(abs_bfd, sym_section);
++					sym_vma = elf2flt_bfd_section_vma(sym_section);
+ 					//printf("sym=%x, %d, _gp=%x, %d\n", sym_addr+sym_vma, sym_addr+sym_vma, gp, gp);
+ 					sym_addr += sym_vma + q->addend;
+ 					sym_addr -= gp;
+@@ -1213,7 +1222,7 @@ NIOS2_RELOC_ERR:
+ 				case R_SPARC_32:
+ 				case R_SPARC_UA32:
+ 					relocation_needed = 1;
+-					sym_vma = bfd_section_vma(abs_bfd, sym_section);
++					sym_vma = elf2flt_bfd_section_vma(sym_section);
+ 					sym_addr += sym_vma + q->addend;
+ 					break;
+ 				case R_SPARC_PC22:
+@@ -1232,7 +1241,7 @@ NIOS2_RELOC_ERR:
+ 				case R_SPARC_HI22:
+ 					relocation_needed = 1;
+ 					pflags = 0x80000000;
+-					sym_vma = bfd_section_vma(abs_bfd, sym_section);
++					sym_vma = elf2flt_bfd_section_vma(sym_section);
+ 					sym_addr += sym_vma + q->addend;
+ 					sym_addr |= (
+ 						htonl(*(uint32_t *)r_mem)
+@@ -1242,7 +1251,7 @@ NIOS2_RELOC_ERR:
+ 				case R_SPARC_LO10:
+ 					relocation_needed = 1;
+ 					pflags = 0x40000000;
+-					sym_vma = bfd_section_vma(abs_bfd, sym_section);
++					sym_vma = elf2flt_bfd_section_vma(sym_section);
+ 					sym_addr += sym_vma + q->addend;
+ 					sym_addr &= 0x000003ff;
+ 					sym_addr |= (
+@@ -1256,7 +1265,7 @@ NIOS2_RELOC_ERR:
+ #ifdef TARGET_sh
+ 				case R_SH_DIR32:
+ 					relocation_needed = 1;
+-					sym_vma = bfd_section_vma(abs_bfd, sym_section);
++					sym_vma = elf2flt_bfd_section_vma(sym_section);
+ 					sym_addr += sym_vma + q->addend;
+ 					break;
+ 				case R_SH_REL32:
+@@ -1288,7 +1297,7 @@ NIOS2_RELOC_ERR:
+ 				case R_E1_CONST31:
+ 						relocation_needed = 1;
+ 						DBG_E1("Handling Reloc <CONST31>\n");
+-						sec_vma = bfd_section_vma(abs_bfd, sym_section);
++						sec_vma = elf2flt_bfd_section_vma(sym_section);
+ 						DBG_E1("sec_vma : [0x%x], sym_addr : [0x%x], q->address : [0x%x]\n",
+ 										sec_vma, sym_addr, q->address);
+ 						sym_addr = sec_vma + sym_addr;
+@@ -1303,7 +1312,7 @@ NIOS2_RELOC_ERR:
+ 						relocation_needed = 0;
+ 						DBG_E1("Handling Reloc <CONST31_PCREL>\n");
+ 						DBG_E1("DONT RELOCATE AT LOADING\n");
+-						sec_vma = bfd_section_vma(abs_bfd, sym_section);
++						sec_vma = elf2flt_bfd_section_vma(sym_section);
+ 						DBG_E1("sec_vma : [0x%x], sym_addr : [0x%x], q->address : [0x%x]\n",
+ 										sec_vma, sym_addr, q->address);
+ 						sym_addr =  sec_vma + sym_addr;
+@@ -1330,7 +1339,7 @@ NIOS2_RELOC_ERR:
+ 						relocation_needed = 0;
+ 						DBG_E1("Handling Reloc <DIS29W_PCREL>\n");
+ 						DBG_E1("DONT RELOCATE AT LOADING\n");
+-						sec_vma = bfd_section_vma(abs_bfd, sym_section);
++						sec_vma = elf2flt_bfd_section_vma(sym_section);
+ 						DBG_E1("sec_vma : [0x%x], sym_addr : [0x%x], q->address : [0x%x]\n",
+ 										sec_vma, sym_addr, q->address);
+ 						sym_addr =  sec_vma + sym_addr;
+@@ -1363,7 +1372,7 @@ NIOS2_RELOC_ERR:
+ 						DBG_E1("Handling Reloc <DIS29B>\n");
+ DIS29_RELOCATION:
+ 						relocation_needed = 1;
+-						sec_vma = bfd_section_vma(abs_bfd, sym_section);
++						sec_vma = elf2flt_bfd_section_vma(sym_section);
+ 						DBG_E1("sec_vma : [0x%x], sym_addr : [0x%08x]\n",
+ 										sec_vma, sym_addr);
+ 						sym_addr =  sec_vma + sym_addr;
+@@ -1380,7 +1389,7 @@ DIS29_RELOCATION:
+ 						relocation_needed = 0;
+ 						DBG_E1("Handling Reloc <IMM32_PCREL>\n");
+ 						DBG_E1("DONT RELOCATE AT LOADING\n");
+-						sec_vma = bfd_section_vma(abs_bfd, sym_section);
++						sec_vma = elf2flt_bfd_section_vma(sym_section);
+ 						DBG_E1("sec_vma : [0x%x], sym_addr : [0x%x]\n",
+ 										sec_vma, sym_addr);
+ 						sym_addr =  sec_vma + sym_addr;
+@@ -1406,7 +1415,7 @@ DIS29_RELOCATION:
+ 				case R_E1_IMM32:
+ 						relocation_needed = 1;
+ 						DBG_E1("Handling Reloc <IMM32>\n");
+-						sec_vma = bfd_section_vma(abs_bfd, sym_section);
++						sec_vma = elf2flt_bfd_section_vma(sym_section);
+ 						DBG_E1("sec_vma : [0x%x], sym_addr : [0x%x]\n",
+ 										sec_vma, sym_addr);
+ 						sym_addr =  sec_vma + sym_addr;
+@@ -1422,7 +1431,7 @@ DIS29_RELOCATION:
+ 				case R_E1_WORD:
+ 						relocation_needed = 1;
+ 						DBG_E1("Handling Reloc <WORD>\n");
+-						sec_vma = bfd_section_vma(abs_bfd, sym_section);
++						sec_vma = elf2flt_bfd_section_vma(sym_section);
+ 						DBG_E1("sec_vma : [0x%x], sym_addr : [0x%x]\n",
+ 										sec_vma, sym_addr);
+ 						sym_addr =  sec_vma + sym_addr;
+@@ -1449,7 +1458,7 @@ DIS29_RELOCATION:
+ 			}
+ 
+ 			sprintf(&addstr[0], "+0x%lx", sym_addr - (*(q->sym_ptr_ptr))->value -
+-					 bfd_section_vma(abs_bfd, sym_section));
++					 elf2flt_bfd_section_vma(sym_section));
+ 
+ 
+ 			/*
+@@ -1887,8 +1896,8 @@ int main(int argc, char *argv[])
+     } else
+       continue;
+ 
+-    sec_size = bfd_section_size(abs_bfd, s);
+-    sec_vma  = bfd_section_vma(abs_bfd, s);
++    sec_size = elf2flt_bfd_section_size(s);
++    sec_vma  = elf2flt_bfd_section_vma(s);
+ 
+     if (sec_vma < *vma) {
+       if (*len > 0)
+@@ -1913,7 +1922,7 @@ int main(int argc, char *argv[])
+     if (s->flags & SEC_CODE) 
+       if (!bfd_get_section_contents(abs_bfd, s,
+ 				   text + (s->vma - text_vma), 0,
+-				   bfd_section_size(abs_bfd, s)))
++				   elf2flt_bfd_section_size(s)))
+       {
+ 	fatal("read error section %s", s->name);
+       }
+@@ -1939,7 +1948,7 @@ int main(int argc, char *argv[])
+     if (s->flags & SEC_DATA) 
+       if (!bfd_get_section_contents(abs_bfd, s,
+ 				   data + (s->vma - data_vma), 0,
+-				   bfd_section_size(abs_bfd, s)))
++				   elf2flt_bfd_section_size(s)))
+       {
+ 	fatal("read error section %s", s->name);
+       }
+-- 
+2.25.4
+

package/elf2flt/elf2flt.mk

@@ -11,6 +11,9 @@ ELF2FLT_LICENSE_FILES = LICENSE.TXT
 
 HOST_ELF2FLT_DEPENDENCIES = host-binutils host-zlib
 
+# 0003-elf2flt-handle-binutils-2.34.patch
+HOST_ELF2FLT_AUTORECONF = YES
+
 # It is not exactly a host variant, but more a cross variant, which is
 # why we pass a special --target option.
 HOST_ELF2FLT_CONF_OPTS = \

package/fail2ban/fail2ban.mk

@@ -27,6 +27,13 @@ define FAIL2BAN_FIX_DEFAULT_CONFIG
 endef
 FAIL2BAN_POST_INSTALL_TARGET_HOOKS += FAIL2BAN_FIX_DEFAULT_CONFIG
 
+# fail2ban-python points to host python
+define FAIL2BAN_FIX_FAIL2BAN_PYTHON_SYMLINK
+	ln -snf $(if $(BR2_PACKAGE_PYTHON),python,python3) \
+		$(TARGET_DIR)/usr/bin/fail2ban-python
+endef
+FAIL2BAN_POST_INSTALL_TARGET_HOOKS += FAIL2BAN_FIX_FAIL2BAN_PYTHON_SYMLINK
+
 define FAIL2BAN_INSTALL_INIT_SYSV
 	$(INSTALL) -D -m 755 package/fail2ban/S60fail2ban \
 		$(TARGET_DIR)/etc/init.d/S60fail2ban

package/fastd/0002-receive-fix-buffer-leak-when-receiving-invalid-packets.patch

@@ -0,0 +1,45 @@
+From 737925113363b6130879729cdff9ccc46c33eaea Mon Sep 17 00:00:00 2001
+From: Matthias Schiffer <mschiffer@universe-factory.net>
+Date: Mon, 19 Oct 2020 21:08:16 +0200
+Subject: [PATCH] receive: fix buffer leak when receiving invalid packets
+
+For fastd versions before v20, this was just a memory leak (which could
+still be used for DoS, as it's remotely triggerable). With the new
+buffer management of fastd v20, this will trigger an assertion failure
+instead as soon as the buffer pool is empty.
+
+[Retrieved from:
+https://github.com/NeoRaider/fastd/commit/737925113363b6130879729cdff9ccc46c33eaea]
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+---
+ src/receive.c | 10 ++++++++++
+ 1 file changed, 10 insertions(+)
+
+diff --git a/src/receive.c b/src/receive.c
+index 043c9f2..6bca9f4 100644
+--- a/src/receive.c
++++ b/src/receive.c
+@@ -169,6 +169,11 @@ static inline void handle_socket_receive_known(
+ 
+ 	case PACKET_HANDSHAKE:
+ 		fastd_handshake_handle(sock, local_addr, remote_addr, peer, buffer);
++		break;
++
++	default:
++		fastd_buffer_free(buffer);
++		pr_debug("received packet with invalid type from %P[%I]", peer, remote_addr);
+ 	}
+ }
+ 
+@@ -195,6 +200,11 @@ static inline void handle_socket_receive_unknown(
+ 
+ 	case PACKET_HANDSHAKE:
+ 		fastd_handshake_handle(sock, local_addr, remote_addr, NULL, buffer);
++		break;
++
++	default:
++		fastd_buffer_free(buffer);
++		pr_debug("received packet with invalid type from unknown address %I", remote_addr);
+ 	}
+ }
+ 

package/fastd/Config.in

@@ -6,7 +6,6 @@ config BR2_PACKAGE_FASTD
 	select BR2_PACKAGE_LIBUECC
 	select BR2_PACKAGE_LIBSODIUM
 	select BR2_PACKAGE_LIBSODIUM_FULL
-	select BR2_PACKAGE_LIBCAP
 	help
 	  Fast and Secure Tunneling Daemon
 

package/fastd/fastd.mk

@@ -10,7 +10,17 @@ FASTD_SOURCE = fastd-$(FASTD_VERSION).tar.xz
 FASTD_LICENSE = BSD-2-Clause
 FASTD_LICENSE_FILES = COPYRIGHT
 FASTD_CONF_OPTS = -DENABLE_LIBSODIUM=ON
-FASTD_DEPENDENCIES = host-bison host-pkgconf libuecc libsodium libcap
+FASTD_DEPENDENCIES = host-bison host-pkgconf libuecc libsodium
+
+# 0002-receive-fix-buffer-leak-when-receiving-invalid-packets.patch
+FASTD_IGNORE_CVES += CVE-2020-27638
+
+ifeq ($(BR2_PACKAGE_LIBCAP),y)
+FASTD_CONF_OPTS += -DWITH_CAPABILITIES=ON
+FASTD_DEPENDENCIES += libcap
+else
+FASTD_CONF_OPTS += -DWITH_CAPABILITIES=OFF
+endif
 
 ifeq ($(BR2_PACKAGE_OPENSSL),y)
 FASTD_CONF_OPTS += -DENABLE_OPENSSL=ON

package/fbset/fbset.hash

@@ -1,2 +1,3 @@
 # Locally calculated
-sha256	40ff4ab0247b75138a0887ed40f81c1a6184f340b77126c16d074b1075b41c20	fbset-2.1.tar.gz
+sha256  40ff4ab0247b75138a0887ed40f81c1a6184f340b77126c16d074b1075b41c20  fbset-2.1.tar.gz
+sha256  c3285709a0840899a789faefae1704e87f96f757e905a38a1931a9d4fde95ddd  fbset.c

package/fbset/fbset.mk

@@ -8,6 +8,7 @@ FBSET_VERSION = 2.1
 FBSET_SITE = http://users.telenet.be/geertu/Linux/fbdev
 FBSET_DEPENDENCIES = host-bison host-flex
 FBSET_LICENSE = GPL-2.0
+FBSET_LICENSE_FILES = fbset.c
 
 define FBSET_BUILD_CMDS
 	$(MAKE1) $(TARGET_CONFIGURE_OPTS) -C $(@D)

package/fbterm/fbterm.mk

@@ -10,12 +10,6 @@ FBTERM_LICENSE = GPL-2.0+
 FBTERM_LICENSE_FILES = COPYING
 FBTERM_DEPENDENCIES = fontconfig liberation
 
-ifeq ($(BR2_STATIC_LIBS)$(BR2_TOOLCHAIN_HAS_THREADS),yy)
-# fontconfig uses pthreads if available, but fbterm forgets to link
-# with it breaking static builds
-FBTERM_CONF_ENV += LIBS='-lpthread'
-endif
-
 ifeq ($(BR2_PACKAGE_GPM),y)
 FBTERM_DEPENDENCIES += gpm
 FBTERM_CONF_OPTS += --enable-gpm

package/fbtft/fbtft.hash

@@ -1,2 +1,3 @@
 # locally computed
 sha256  0e81de89fdd7ab810716fc0549e767527f342e829309dee5c2cca1e9d1728770  fbtft-274035404701245e7491c0c6471c5b72ade4d491.tar.gz
+sha256  a9ca80d65a5ef10fe614a6c1e8c8d4d3b96637e8855a96c7cf0fa438526097a7  fbtft-core.c

package/fbtft/fbtft.mk

@@ -7,5 +7,6 @@
 FBTFT_VERSION = 274035404701245e7491c0c6471c5b72ade4d491
 FBTFT_SITE = $(call github,notro,fbtft,$(FBTFT_VERSION))
 FBTFT_LICENSE = GPL-2.0
+FBTFT_LICENSE_FILES = fbtft-core.c
 
 $(eval $(generic-package))

package/ffmpeg/0002-configure-use-require_pkg_config-to-check-for-wavpac.patch

@@ -0,0 +1,31 @@
+From a507a9cd6525d5b3a1eea32e25a139b4023800a2 Mon Sep 17 00:00:00 2001
+From: Bernd Kuhls <bernd.kuhls@t-online.de>
+Date: Sun, 20 Sep 2020 13:48:00 +0200
+Subject: [PATCH] configure: use require_pkg_config to check for wavpack
+
+Fixes static builds with toolchains needing "-lm" for math functions.
+
+Patch sent upstream:
+http://ffmpeg.org/pipermail/ffmpeg-devel/2020-September/270127.html
+
+Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
+---
+ configure | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/configure b/configure
+index 5d68695192..4e6c6edd30 100755
+--- a/configure
++++ b/configure
+@@ -6438,7 +6438,7 @@ enabled libvpx            && {
+     fi
+ }
+ 
+-enabled libwavpack        && require libwavpack wavpack/wavpack.h WavpackOpenFileOutput  -lwavpack
++enabled libwavpack        && require_pkg_config libwavpack wavpack "wavpack/wavpack.h" WavpackOpenFileOutput
+ enabled libwebp           && {
+     enabled libwebp_encoder      && require_pkg_config libwebp "libwebp >= 0.2.0" webp/encode.h WebPGetEncoderVersion
+     enabled libwebp_anim_encoder && check_pkg_config libwebp_anim_encoder "libwebpmux >= 0.4.0" webp/mux.h WebPAnimEncoderOptionsInit; }
+-- 
+2.27.0
+

package/fontconfig/0002-add-pthread-as-a-dependency-of-a-static-lib.patch

@@ -0,0 +1,44 @@
+From 40ec04a8bf36dd8d0aa3da98b167792ce2dcd114 Mon Sep 17 00:00:00 2001
+From: Silvan Scherrer <silvan.scherrer@aroa.ch>
+Date: Sun, 20 Sep 2020 12:52:08 +0200
+Subject: [PATCH] add pthread as a dependency of a static lib
+
+Downloaded from https://trac.netlabs.org/ports/changeset/2220
+
+Patch sent upstream:
+https://gitlab.freedesktop.org/fontconfig/fontconfig/-/merge_requests/121
+
+Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
+---
+ configure.ac     | 2 ++
+ fontconfig.pc.in | 4 ++--
+ 2 files changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index f3189a7..594d6fd 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -690,6 +690,8 @@ fi
+ have_pthread=false
+ if test "$os_win32" = no; then
+ 	AX_PTHREAD([have_pthread=true])
++	AC_SUBST(PTHREAD_CFLAGS)
++	AC_SUBST(PTHREAD_LIBS)
+ fi
+ if $have_pthread; then
+ 	LIBS="$PTHREAD_LIBS $LIBS"
+diff --git a/fontconfig.pc.in b/fontconfig.pc.in
+index 61b35fb..f823bac 100644
+--- a/fontconfig.pc.in
++++ b/fontconfig.pc.in
+@@ -14,5 +14,5 @@ Version: @VERSION@
+ Requires: @PKGCONFIG_REQUIRES@
+ Requires.private: @PKGCONFIG_REQUIRES_PRIVATELY@
+ Libs: -L${libdir} -lfontconfig
+-Libs.private: @ICONV_LIBS@ @PKG_EXPAT_LIBS@
+-Cflags: -I${includedir} @ICONV_CFLAGS@ @PKG_EXPAT_CFLAGS@
++Libs.private: @ICONV_LIBS@ @PKG_EXPAT_LIBS@ @PTHREAD_LIBS@
++Cflags: -I${includedir} @ICONV_CFLAGS@ @PKG_EXPAT_CFLAGS@ @PTHREAD_CFLAGS@
+-- 
+2.27.0
+

package/fontconfig/fontconfig.mk

@@ -7,6 +7,8 @@
 FONTCONFIG_VERSION = 2.13.1
 FONTCONFIG_SITE = http://fontconfig.org/release
 FONTCONFIG_SOURCE = fontconfig-$(FONTCONFIG_VERSION).tar.bz2
+# 0002-add-pthread-as-a-dependency-of-a-static-lib.patch
+FONTCONFIG_AUTORECONF = YES
 FONTCONFIG_INSTALL_STAGING = YES
 FONTCONFIG_DEPENDENCIES = freetype expat host-pkgconf host-gperf util-linux
 HOST_FONTCONFIG_DEPENDENCIES = \

package/freescale-imx/kernel-module-imx-gpu-viv/kernel-module-imx-gpu-viv.mk

@@ -16,7 +16,7 @@ KERNEL_MODULE_IMX_GPU_VIV_MODULE_MAKE_OPTS = \
 
 KERNEL_MODULE_IMX_GPU_VIV_MODULE_SUBDIRS = kernel-module-imx-gpu-viv-src
 
-define KERNEL_MODULE_IMX_GPU_VIV_MODULE_LINUX_CONFIG_FIXUPS
+define KERNEL_MODULE_IMX_GPU_VIV_LINUX_CONFIG_FIXUPS
 	$(call KCONFIG_DISABLE_OPT,CONFIG_MXC_GPU_VIV)
 endef
 

package/freetype/freetype.hash

@@ -1,9 +1,8 @@
-# From https://sourceforge.net/projects/freetype/files/freetype2/2.10.2/
-md5  7c0d5a39f232d7eb9f9d7da76bf08074  freetype-2.10.2.tar.xz
-sha1  b074d5c34dc0e3cc150be6e7aa6b07c9ec4ed875  freetype-2.10.2.tar.xz
+# From https://sourceforge.net/projects/freetype/files/freetype2/2.10.4/
+sha1  0181862673f7216ad2b5074f95fc131209e30b27  freetype-2.10.4.tar.xz
 
 # Locally calculated
-sha256  1543d61025d2e6312e0a1c563652555f17378a204a61e99928c9fcef030a2d8b  freetype-2.10.2.tar.xz
+sha256  86a854d8905b19698bbc8f23b860bc104246ce4854dcea8e3b0fb21284f75784  freetype-2.10.4.tar.xz
 sha256  fd056de4196903a676208ef58cfddafc7d583d1f28fa2e44c309cf84a59e62fb  docs/LICENSE.TXT
 sha256  08c135755dd589039470f1fdbb400daaabaaa50d0b366d19cebff4d22986baa1  docs/FTL.TXT
 sha256  c4120c6752c910c299e3bd9cb3a46ff262c268303ca2069b61f92f10a5656c18  docs/GPLv2.TXT

package/freetype/freetype.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-FREETYPE_VERSION = 2.10.2
+FREETYPE_VERSION = 2.10.4
 FREETYPE_SOURCE = freetype-$(FREETYPE_VERSION).tar.xz
 FREETYPE_SITE = http://download.savannah.gnu.org/releases/freetype
 FREETYPE_INSTALL_STAGING = YES
@@ -14,8 +14,17 @@ FREETYPE_LICENSE_FILES = docs/LICENSE.TXT docs/FTL.TXT docs/GPLv2.TXT
 FREETYPE_DEPENDENCIES = host-pkgconf
 FREETYPE_CONFIG_SCRIPTS = freetype-config
 
+# harfbuzz already depends on freetype so disable harfbuzz in freetype to avoid
+# a circular dependency
+FREETYPE_CONF_OPTS = --without-harfbuzz
+
 HOST_FREETYPE_DEPENDENCIES = host-pkgconf
-HOST_FREETYPE_CONF_OPTS = --without-zlib --without-bzip2 --without-png
+HOST_FREETYPE_CONF_OPTS = \
+	--without-brotli \
+	--without-bzip2 \
+	--without-harfbuzz \
+	--without-png \
+	--without-zlib
 
 # since 2.9.1 needed for freetype-config install
 FREETYPE_CONF_OPTS += --enable-freetype-config
@@ -28,6 +37,13 @@ else
 FREETYPE_CONF_OPTS += --without-zlib
 endif
 
+ifeq ($(BR2_PACKAGE_BROTLI),y)
+FREETYPE_DEPENDENCIES += brotli
+FREETYPE_CONF_OPTS += --with-brotli
+else
+FREETYPE_CONF_OPTS += --without-brotli
+endif
+
 ifeq ($(BR2_PACKAGE_BZIP2),y)
 FREETYPE_DEPENDENCIES += bzip2
 FREETYPE_CONF_OPTS += --with-bzip2
@@ -37,9 +53,7 @@ endif
 
 ifeq ($(BR2_PACKAGE_LIBPNG),y)
 FREETYPE_DEPENDENCIES += libpng
-FREETYPE_CONF_OPTS += LIBPNG_CFLAGS="`$(STAGING_DIR)/usr/bin/libpng-config --cflags`" \
-	LIBPNG_LDFLAGS="`$(STAGING_DIR)/usr/bin/libpng-config --ldflags`"
-FREETYPE_LIBPNG_LIBS = "`$(STAGING_DIR)/usr/bin/libpng-config --libs`"
+FREETYPE_CONF_OPTS += --with-png
 else
 FREETYPE_CONF_OPTS += --without-png
 endif
@@ -52,14 +66,5 @@ define FREETYPE_FIX_CONFIG_FILE
 endef
 FREETYPE_POST_INSTALL_STAGING_HOOKS += FREETYPE_FIX_CONFIG_FILE
 
-# libpng isn't included in freetype-config & freetype2.pc :-/
-define FREETYPE_FIX_CONFIG_FILE_LIBS
-	$(SED) "s,^Libs.private:,& $(FREETYPE_LIBPNG_LIBS)," \
-		$(STAGING_DIR)/usr/lib/pkgconfig/freetype2.pc
-	$(SED) "s,-lfreetype,& $(FREETYPE_LIBPNG_LIBS)," \
-		$(STAGING_DIR)/usr/bin/freetype-config
-endef
-FREETYPE_POST_INSTALL_STAGING_HOOKS += FREETYPE_FIX_CONFIG_FILE_LIBS
-
 $(eval $(autotools-package))
 $(eval $(host-autotools-package))

package/gcc/gcc.mk

@@ -98,6 +98,12 @@ ifeq ($(BR2_ENABLE_DEBUG),y)
 GCC_COMMON_TARGET_CFLAGS += -Wno-error
 endif
 
+# Make sure libgcc & libstdc++ always get built with -matomic on ARC700
+ifeq ($(GCC_TARGET_CPU):$(BR2_ARC_ATOMIC_EXT),arc700:y)
+GCC_COMMON_TARGET_CFLAGS += -matomic
+GCC_COMMON_TARGET_CXXFLAGS += -matomic
+endif
+
 # Propagate options used for target software building to GCC target libs
 HOST_GCC_COMMON_CONF_ENV += CFLAGS_FOR_TARGET="$(GCC_COMMON_TARGET_CFLAGS)"
 HOST_GCC_COMMON_CONF_ENV += CXXFLAGS_FOR_TARGET="$(GCC_COMMON_TARGET_CXXFLAGS)"
@@ -116,7 +122,7 @@ endif
 ifeq ($(BR2_USE_WCHAR)$(BR2_TOOLCHAIN_HAS_LIBQUADMATH),yy)
 HOST_GCC_COMMON_CONF_OPTS += --enable-libquadmath
 else
-HOST_GCC_COMMON_CONF_OPTS += --disable-libquadmath
+HOST_GCC_COMMON_CONF_OPTS += --disable-libquadmath --disable-libquadmath-support
 endif
 
 # Disable libsanitizer due to a build issue with gcc 7.5 and glibc 2.31.
@@ -141,6 +147,14 @@ ifeq ($(BR2_sparc)$(BR2_sparc64),y)
 HOST_GCC_COMMON_CONF_OPTS += --disable-libsanitizer
 endif
 
+# The logic in libbacktrace/configure.ac to detect if __sync builtins
+# are available assumes they are as soon as target_subdir is not
+# empty, i.e when cross-compiling. However, some platforms do not have
+# __sync builtins, so help the configure script a bit.
+ifeq ($(BR2_TOOLCHAIN_HAS_SYNC_4),)
+HOST_GCC_COMMON_CONF_ENV += target_configargs="libbacktrace_cv_sys_sync=no"
+endif
+
 # TLS support is not needed on uClibc/no-thread and
 # uClibc/linux-threads, otherwise, for all other situations (glibc,
 # musl and uClibc/NPTL), we need it.
@@ -223,6 +237,13 @@ HOST_GCC_COMMON_CONF_OPTS += \
 	--with-long-double-128
 endif
 
+# Set default to Secure-PLT to prevent run-time
+# generation of PLT stubs (supports RELRO and
+# SELinux non-exemem capabilities)
+ifeq ($(BR2_powerpc),y)
+HOST_GCC_COMMON_CONF_OPTS += --enable-secureplt
+endif
+
 # PowerPC64 big endian by default uses the elfv1 ABI, and PowerPC 64
 # little endian by default uses the elfv2 ABI. However, musl has
 # decided to use the elfv2 ABI for both, so we force the elfv2 ABI for
@@ -271,11 +292,6 @@ HOST_GCC_COMMON_CCACHE_HASH_FILES += \
 ifeq ($(BR2_xtensa),y)
 HOST_GCC_COMMON_CCACHE_HASH_FILES += $(ARCH_XTENSA_OVERLAY_TAR)
 endif
-ifeq ($(ARCH),powerpc)
-ifneq ($(BR2_SOFT_FLOAT),)
-HOST_GCC_COMMON_CCACHE_HASH_FILES += package/gcc/$(GCC_VERSION)/1000-powerpc-link-with-math-lib.patch.conditional
-endif
-endif
 
 # _CONF_OPTS contains some references to the absolute path of $(HOST_DIR)
 # and a reference to the Buildroot git revision (BR2_VERSION_FULL),

package/gdb/gdb.mk

@@ -69,7 +69,8 @@ GDB_DISABLE_BINUTILS_CONF_OPTS = \
 	--disable-binutils \
 	--disable-install-libbfd \
 	--disable-ld \
-	--disable-gas
+	--disable-gas \
+	--disable-gprof
 
 GDB_CONF_ENV = \
 	ac_cv_type_uintptr_t=yes \

package/ghostscript/0001-Fix-cross-compilation-issue.patch

@@ -1,36 +0,0 @@
-From 5fed765abb8ff07c381cc3ebb9367e9560f7a658 Mon Sep 17 00:00:00 2001
-From: Bernd Kuhls <bernd.kuhls@t-online.de>
-Date: Mon, 20 Mar 2017 23:43:03 +0100
-Subject: [PATCH] Fix cross compilation issue
-
-Without this patch unsafe paths are used:
-x86_64-linux-gcc: ERROR: unsafe header/library path used in cross-compilation: '/libtiff'
-
-Downloaded from
-http://bugs.ghostscript.com/show_bug.cgi?id=696508#c3
-
-Slightly updated to work with 9.23
-
-Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
-Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
----
- configure.ac | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/configure.ac b/configure.ac
-index d0f62d7..0d49344 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -1173,7 +1173,7 @@ XPSWRITEDEVICE=''
- 
- 
- LIBTIFFDIR='src'
--LIBTIFFCONFDIR=''
-+LIBTIFFCONFDIR='src'
- TIFFCFLAGS=''
- 
- TIFFDEVS_ALL='tiffs tiff12nc tiff24nc tiff48nc tiff32nc tiff64nc tiffcrle tifflzw tiffpack tiffgray tiffsep tiffsep1 tiffscaled tiffscaled4 tiffscaled8 tiffscaled24 tiffscaled32'
- FAX_DEVS_ALL='cfax dfaxlow dfaxhigh fax faxg3 faxg32d faxg4 tiffg3 tiffg32d tiffg4 tfax'
--- 
-2.7.4
-

package/ghostscript/0001-bug-702985-drop-use-of-FT_CALLBACK_DEF.patch

@@ -0,0 +1,55 @@
+From 41ef9a0bc36b9db7115fbe9623f989bfb47bbade Mon Sep 17 00:00:00 2001
+From: Chris Liddell <chris.liddell@artifex.com>
+Date: Tue, 20 Oct 2020 09:49:45 +0100
+Subject: [PATCH] Bug 702985: drop use of FT_CALLBACK_DEF() def
+
+From 2.10.3, Freetype disappeared the FT_CALLBACK_DEF() macro, which is what
+we used when defining our callbacks from Freetype.
+
+No guidance forthcoming from the Freetype developer who made those changes,
+so change to explicitly declaring the callbacks file static.
+
+Should fix the reported build failures.
+
+Downloaded from upstream commit:
+https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=41ef9a0bc36b
+
+Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
+---
+ base/fapi_ft.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/base/fapi_ft.c b/base/fapi_ft.c
+index 65fa6dcf4..21aef2f06 100644
+--- a/base/fapi_ft.c
++++ b/base/fapi_ft.c
+@@ -125,7 +125,7 @@ static void
+ delete_inc_int_info(gs_fapi_server * a_server,
+                     FT_IncrementalRec * a_inc_int_info);
+ 
+-FT_CALLBACK_DEF(void *)
++static void *
+ FF_alloc(FT_Memory memory, long size)
+ {
+     gs_memory_t *mem = (gs_memory_t *) memory->user;
+@@ -133,7 +133,7 @@ FF_alloc(FT_Memory memory, long size)
+     return (gs_malloc(mem, size, 1, "FF_alloc"));
+ }
+ 
+-FT_CALLBACK_DEF(void *)
++static void *
+     FF_realloc(FT_Memory memory, long cur_size, long new_size, void *block)
+ {
+     gs_memory_t *mem = (gs_memory_t *) memory->user;
+@@ -153,7 +153,7 @@ FT_CALLBACK_DEF(void *)
+     return (tmp);
+ }
+ 
+-FT_CALLBACK_DEF(void)
++static void
+     FF_free(FT_Memory memory, void *block)
+ {
+     gs_memory_t *mem = (gs_memory_t *) memory->user;
+-- 
+2.17.1
+

package/ghostscript/ghostscript.hash

@@ -1,5 +1,5 @@
-# From https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs952/SHA512SUMS
-sha512  4c4a33884e1138bad553eee61fac1a72158297ad5c2ce46a4b36150848dea8158affaf2b902f4ff03e4f72ebc8154c198b618112624f409230a610b7648faa67  ghostscript-9.52.tar.xz
+# From https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs9532/SHA512SUMS
+sha512  73aa6013aeecbd1345317a40349089a2f19a2205fc11b8ca0b619df1e91f2ca8b03efc09be9e079cb5ab8e1b838aa2236349cd1c177217c14308242f99138ae4  ghostscript-9.53.2.tar.gz
 
 # Hash for license file:
 sha256  6f852249f975287b3efd43a5883875e47fa9f3125e2f1b18b5c09517ac30ecf2  LICENSE

package/ghostscript/ghostscript.mk

@@ -4,13 +4,10 @@
 #
 ################################################################################
 
-GHOSTSCRIPT_VERSION = 9.52
+GHOSTSCRIPT_VERSION = 9.53.2
 GHOSTSCRIPT_SITE = https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs$(subst .,,$(GHOSTSCRIPT_VERSION))
-GHOSTSCRIPT_SOURCE = ghostscript-$(GHOSTSCRIPT_VERSION).tar.xz
 GHOSTSCRIPT_LICENSE = AGPL-3.0
 GHOSTSCRIPT_LICENSE_FILES = LICENSE
-# 0001-Fix-cross-compilation-issue.patch
-GHOSTSCRIPT_AUTORECONF = YES
 GHOSTSCRIPT_DEPENDENCIES = \
 	host-lcms2 \
 	host-libjpeg \

package/gnupg2/gnupg2.hash

@@ -1,7 +1,7 @@
-# From https://lists.gnupg.org/pipermail/gnupg-announce/2020q3/000446.html
-sha1  4af4c6fe5f9dd7d866243f715b32775500468943  gnupg-2.2.21.tar.bz2
+# From https://lists.gnupg.org/pipermail/gnupg-announce/2020q3/000448.html
+sha1   bd949b4af7426e4afc13667d678503063c6aa4b5 gnupg-2.2.23.tar.bz2
 # Calculated based on the hash above and signature
-# https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.2.21.tar.bz2.sig
+# https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.2.23.tar.bz2.sig
 # using key D8692123C4065DEA5E0F3AB5249B39D24F25E3B6
-sha256  61e83278fb5fa7336658a8b73ab26f379d41275bb1c7c6e694dd9f9a6e8e76ec  gnupg-2.2.21.tar.bz2
+sha256  10b55e49d78b3e49f1edb58d7541ecbdad92ddaeeb885b6f486ed23d1cd1da5c  gnupg-2.2.23.tar.bz2
 sha256  bc2d6664f6276fa0a72d57633b3ae68dc7dcb677b71018bf08c8e93e509f1357  COPYING

package/gnupg2/gnupg2.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-GNUPG2_VERSION = 2.2.21
+GNUPG2_VERSION = 2.2.23
 GNUPG2_SOURCE = gnupg-$(GNUPG2_VERSION).tar.bz2
 GNUPG2_SITE = https://gnupg.org/ftp/gcrypt/gnupg
 GNUPG2_LICENSE = GPL-3.0+

package/gnutls/gnutls.hash

@@ -1,6 +1,6 @@
 # Locally calculated after checking pgp signature
-# https://www.gnupg.org/ftp/gcrypt/gnutls/v3.6/gnutls-3.6.14.tar.xz.sig
-sha256  5630751adec7025b8ef955af4d141d00d252a985769f51b4059e5affa3d39d63  gnutls-3.6.14.tar.xz
+# https://www.gnupg.org/ftp/gcrypt/gnutls/v3.6/gnutls-3.6.15.tar.xz.sig
+sha256  0ea8c3283de8d8335d7ae338ef27c53a916f15f382753b174c18b45ffd481558  gnutls-3.6.15.tar.xz
 # Locally calculated
 sha256  e79e9c8a0c85d735ff98185918ec94ed7d175efc377012787aebcf3b80f0d90b  doc/COPYING
 sha256  6095e9ffa777dd22839f7801aa845b31c9ed07f3d6bf8a26dc5d2dec8ccc0ef3  doc/COPYING.LESSER