Update for 2017.02.2

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

CHANGES

@@ -1,3 +1,61 @@
+2017.02.2, Released May 1st, 2017
+
+	Important / security related fixes.
+
+	Use HTTPS for the Codesourcery external toolchains as the HTTP
+	URLs no longer work.
+
+	Updated/fixed packages: bind, busybox, dovecot, freetype,
+	ghostscript, glibc, granite, hiredis, icu, imagemagick,
+	gst-plugins-base, gst1-plugins-base, libcroco, libcurl, libnl,
+	libnspr, libnss, libsamplerate, libsndfile, libunwind,
+	minicom, mplayer, mpv, nodejs, python-django, python-pyyaml,
+	python-web2py, samba4, syslinux, systemd, tiff, trinity,
+	uboot, wireshark, xen
+
+	Issues resolved (http://bugs.buildroot.org):
+
+	#9791: Python searches for packages in the user site directory
+
+2017.02.1, Released April 4th, 2017
+
+	Important / security related fixes.
+
+	Fix a variable clashing issue in the mkusers script with
+	internal bash variables.
+
+	Improve external toolchain version detection.
+
+	Correct permissions for /dev/pts/ptmx when systemd is used
+	with recent glibc versions.
+
+	Fix python module name clash for graph-depends.
+
+	Fakeroot now links against libacl to fix issues on
+	distributions using acls.
+
+	Ensure that the git download infrastructure creates GNU format
+	tar files.
+
+	br2-external: Improve error reporting.
+
+	Updated/fixed packages: acl, apr, audiofile, busybox, cairo,
+	dbus-cpp, dbus-glib, dbus-triggerd, domoticz, elfutils,
+	fakeroot, filemq, fmc, gdb, git, gnutls, gst-ffmpeg,
+	gst1-plygins-bad, harfbuzz, htop, imagemagick, jasper, libcec,
+	libiio, libplatform, librsvg, libselinux, libsidplay2, libsoc,
+	libwebsockets, libxkbcommon, linux-firmware, logrotate,
+	lpt-testsuite, lttng-libust, mariadb, mbedtls, memcached,
+	mesa3d, mpd, mplayer, nbd, ncftp, ntp, openssh, opentyrian,
+	pcre, perl-gd, python, qt5base, rpi-userland, rpm, samba4,
+	skalibs, slang, sngrep, squashfs, syslog-ng, taglib,
+	tcpreplay, tor, upmpdcli, wget, wireshark,
+	xdriver_xf86-video-vmware, xlib_libXv, zmqpp
+
+	Issues resolved (http://bugs.buildroot.org):
+
+	#9456: mkusers script bash errors
+
 2017.02, Released February 28th, 2017
 
 	Minor fixes, mainly fixing autobuilder issues.

Makefile

@@ -86,9 +86,9 @@ else # umask / $(CURDIR) / $(O)
 all:
 
 # Set and export the version string
-export BR2_VERSION := 2017.02
+export BR2_VERSION := 2017.02.2
 # Actual time the release is cut (for reproducible builds)
-BR2_VERSION_EPOCH = 1488315000
+BR2_VERSION_EPOCH = 1493676000
 
 # Save running make version since it's clobbered by the make package
 RUNNING_MAKE_VERSION := $(MAKE_VERSION)

boot/syslinux/0001-bios-Fix-alignment-change-with-gcc-5.patch

@@ -1,16 +1,19 @@
-commit e5f2b577ded109291c9632dacb6eaa621d8a59fe
-Author: Sylvain Gault <sylvain.gault@gmail.com>
-Date:   Tue Sep 29 02:38:25 2015 +0200
+From da5cbd1a3b248f2d32281a1766a3d1414c0e8e03 Mon Sep 17 00:00:00 2001
+From: Sylvain Gault <sylvain.gault@gmail.com>
+Date: Tue, 29 Sep 2015 02:38:25 +0200
+Subject: [PATCH] bios: Fix alignment change with gcc 5
 
-    bios: Fix alignment change with gcc 5
-    
-    The section aligment specified in the ld scripts have to be greater or
-    equal to those in the .o files generated by gcc.
-    
-    Signed-off-by: Sylvain Gault <sylvain.gault@gmail.com>
-    Tested-by: poma <pomidorabelisima@gmail.com>
-    Signed-off-by: Paulo Alcantara <pcacjr@zytor.com>
-    Signed-off-by: Frank Hunleth <fhunleth@troodon-software.com>
+The section aligment specified in the ld scripts have to be greater or
+equal to those in the .o files generated by gcc.
+
+Signed-off-by: Sylvain Gault <sylvain.gault@gmail.com>
+Tested-by: poma <pomidorabelisima@gmail.com>
+Signed-off-by: Paulo Alcantara <pcacjr@zytor.com>
+Signed-off-by: Frank Hunleth <fhunleth@troodon-software.com>
+---
+ core/i386/syslinux.ld   | 6 +++---
+ core/x86_64/syslinux.ld | 6 +++---
+ 2 files changed, 6 insertions(+), 6 deletions(-)
 
 diff --git a/core/i386/syslinux.ld b/core/i386/syslinux.ld
 index 7b4e012..7390451 100644
@@ -74,3 +77,6 @@ index 1057112..bf815c4 100644
  	__bss_vma = .;
  	__bss_lma = .;		/* Dummy */
  	.bss (NOLOAD) : AT (__bss_lma) {
+-- 
+2.7.4
+

boot/syslinux/0002-Disable-PIE-to-avoid-FTBFS-on-amd64.patch

@@ -0,0 +1,30 @@
+From 250bf2c921713434627dc7bc8b0918fa0841f9b7 Mon Sep 17 00:00:00 2001
+From: Graham Inggs <ginggs@ubuntu.com>
+Date: Wed, 5 Apr 2017 22:03:12 +0200
+Subject: [PATCH] Disable PIE to avoid FTBFS on amd64
+
+gcc 6.x has PIE support enabled by default, which causes a build issue
+with syslinux. This patch disables PIE support in the relevant
+syslinux Makefile.
+
+Signed-off-by: Ryan Coe <bluemrp9@gmail.com>
+---
+ gpxe/src/Makefile | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/gpxe/src/Makefile b/gpxe/src/Makefile
+index cc91d78..077af64 100644
+--- a/gpxe/src/Makefile
++++ b/gpxe/src/Makefile
+@@ -4,7 +4,7 @@
+ #
+ 
+ CLEANUP		:=
+-CFLAGS		:=
++CFLAGS		:= -fno-PIE
+ ASFLAGS		:=
+ LDFLAGS		:=
+ MAKEDEPS	:= Makefile
+-- 
+2.7.4
+

boot/syslinux/0002-disable-pie.patch

@@ -1,22 +0,0 @@
-Description: Disable PIE to avoid FTBFS on amd64
-Bug-Ubuntu: https://bugs.launchpad.net/bugs/1579023
-Author: Graham Inggs <ginggs@ubuntu.com>
-Last-Update: 2016-05-06
-
-gcc 6.x has PIE support enabled by default, which causes a build issue
-with syslinux. This patch disables PIE support in the relevant
-syslinux Makefile.
-
-Signed-off-by: Ryan Coe <bluemrp9@gmail.com>
-
---- a/gpxe/src/Makefile
-+++ b/gpxe/src/Makefile
-@@ -4,7 +4,7 @@
- #
-
- CLEANUP		:=
--CFLAGS		:=
-+CFLAGS		:= -fno-PIE
- ASFLAGS		:=
- LDFLAGS		:=
- MAKEDEPS	:= Makefile

boot/syslinux/0003-Fix-ldlinux.elf-Not-enough-room-for-program-headers-.patch

@@ -0,0 +1,35 @@
+From 61de7762389d460da7ffdd644f50c60175cce23b Mon Sep 17 00:00:00 2001
+From: Steve McIntyre <93sam@debian.org>
+Date: Wed, 5 Apr 2017 22:09:37 +0200
+Subject: [PATCH] Fix 'ldlinux.elf: Not enough room for program headers, try
+ linking with -N'
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Fix for https://bugs.debian.org/846679: syslinux: FTBFS: ld:
+ldlinux.elf: Not enough room for program headers, try linking with -N
+
+https://bugs.debian.org/cgi-bin/bugreport.cgi?att=1;bug=846679;filename=syslinux_6.03%2Bdfsg-14.1.debdiff;msg=10
+
+Signed-off-by: Benoît Allard <benoit.allard@greenbone.net>
+---
+ core/Makefile | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/core/Makefile b/core/Makefile
+index ad0acb5..58a3545 100644
+--- a/core/Makefile
++++ b/core/Makefile
+@@ -165,7 +165,7 @@ LDSCRIPT = $(SRC)/$(ARCH)/syslinux.ld
+ 
+ %.elf: %.o $(LIBDEP) $(LDSCRIPT) $(AUXLIBS)
+ 	$(LD) $(LDFLAGS) -Bsymbolic $(LD_PIE) -E --hash-style=gnu -T $(LDSCRIPT) -M -o $@ $< \
+-		--start-group $(LIBS) $(subst $(*F).elf,lib$(*F).a,$@) --end-group \
++		--start-group $(LIBS) $(subst $(*F).elf,lib$(*F).a,$@) --end-group --no-dynamic-linker \
+ 		> $(@:.elf=.map)
+ 	$(OBJDUMP) -h $@ > $(@:.elf=.sec)
+ 	$(PERL) $(SRC)/lstadjust.pl $(@:.elf=.lsr) $(@:.elf=.sec) $(@:.elf=.lst)
+-- 
+2.7.4
+

boot/syslinux/0004-memdisk-Force-ld-output-format-to-32-bits.patch

@@ -0,0 +1,32 @@
+From c0287594239d5af2082cac20817f8e8b11a4b1b2 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Beno=C3=AEt=20Allard?= <benoit.allard@greenbone.net>
+Date: Wed, 5 Apr 2017 14:18:09 +0200
+Subject: [PATCH] memdisk: Force ld output format to 32-bits
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+On toolchains where the default output is x86_64, we need to be
+consistent with the other .o files
+
+Signed-off-by: Benoît Allard <benoit.allard@greenbone.net>
+---
+ memdisk/Makefile | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/memdisk/Makefile b/memdisk/Makefile
+index e6557d8..06613ff 100644
+--- a/memdisk/Makefile
++++ b/memdisk/Makefile
+@@ -78,7 +78,7 @@ memdisk16.o: memdisk16.asm
+ 	$(NASM) -f bin $(NASMOPT) $(NFLAGS) $(NINCLUDE) -o $@ -l $*.lst $<
+ 
+ memdisk_%.o: memdisk_%.bin
+-	$(LD) -r -b binary -o $@ $<
++	$(LD) --oformat elf32-i386 -r -b binary -o $@ $<
+ 
+ memdisk16.elf: $(OBJS16)
+ 	$(LD) -Ttext 0 -o $@ $^
+-- 
+2.7.4
+

boot/syslinux/0005-utils-Use-the-host-toolchain-to-build.patch

@@ -0,0 +1,60 @@
+From e000251144056c99e390a2a4449d06cbd2a19c0a Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Beno=C3=AEt=20Allard?= <benoit.allard@greenbone.net>
+Date: Wed, 5 Apr 2017 14:25:02 +0200
+Subject: [PATCH] utils: Use the host toolchain to build.
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The utilities are meant to run on the host machine, hence must be built using
+the host toolchain.
+
+Signed-off-by: Benoît Allard <benoit.allard@greenbone.net>
+---
+ utils/Makefile | 12 ++++++------
+ 1 file changed, 6 insertions(+), 6 deletions(-)
+
+diff --git a/utils/Makefile b/utils/Makefile
+index dfe6259..ac91aaa 100644
+--- a/utils/Makefile
++++ b/utils/Makefile
+@@ -17,8 +17,8 @@
+ VPATH = $(SRC)
+ include $(MAKEDIR)/syslinux.mk
+ 
+-CFLAGS   = $(GCCWARN) -Os -fomit-frame-pointer -D_FILE_OFFSET_BITS=64 -I$(SRC)
+-LDFLAGS  = -O2
++CFLAGS   = $(CFLAGS_FOR_BUILD) $(GCCWARN) -Os -fomit-frame-pointer -D_FILE_OFFSET_BITS=64 -I$(SRC)
++LDFLAGS  = $(LDFLAGS_FOR_BUILD) -O2
+ 
+ C_TARGETS	 = isohybrid gethostip memdiskfind
+ SCRIPT_TARGETS	 = mkdiskimage
+@@ -35,7 +35,7 @@ ISOHDPFX = $(addprefix $(OBJ)/,../mbr/isohdpfx.bin ../mbr/isohdpfx_f.bin \
+ all: $(TARGETS)
+ 
+ %.o: %.c
+-	$(CC) $(UMAKEDEPS) $(CFLAGS) -c -o $@ $<
++	$(CC_FOR_BUILD) $(UMAKEDEPS) $(CFLAGS) -c -o $@ $<
+ 
+ mkdiskimage: mkdiskimage.in ../mbr/mbr.bin bin2hex.pl
+ 	$(PERL) $(SRC)/bin2hex.pl < $(OBJ)/../mbr/mbr.bin | cat $(SRC)/mkdiskimage.in - > $@
+@@ -51,13 +51,13 @@ isohdpfx.c: $(ISOHDPFX) isohdpfxarray.pl
+ 	$(PERL) $(SRC)/isohdpfxarray.pl $(ISOHDPFX) > $@
+ 
+ isohybrid: isohybrid.o isohdpfx.o
+-	$(CC) $(LDFLAGS) -o $@ $^ -luuid
++	$(CC_FOR_BUILD) $(LDFLAGS) -o $@ $^ -luuid
+ 
+ gethostip: gethostip.o
+-	$(CC) $(LDFLAGS) -o $@ $^
++	$(CC_FOR_BUILD) $(LDFLAGS) -o $@ $^
+ 
+ memdiskfind: memdiskfind.o
+-	$(CC) $(LDFLAGS) -o $@ $^
++	$(CC_FOR_BUILD) $(LDFLAGS) -o $@ $^
+ 
+ tidy dist:
+ 	rm -f *.o .*.d isohdpfx.c
+-- 
+2.1.4
+

boot/syslinux/0006-lzo-Use-the-host-toolchain-for-prepcore.patch

@@ -0,0 +1,44 @@
+From 83e1f00990c25554723609bb549e18b987034317 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Beno=C3=AEt=20Allard?= <benoit.allard@greenbone.net>
+Date: Thu, 6 Apr 2017 09:43:46 +0200
+Subject: [PATCH] lzo: Use the host toolchain for prepcore
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Signed-off-by: Benoît Allard <benoit.allard@greenbone.net>
+---
+ lzo/Makefile | 7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/lzo/Makefile b/lzo/Makefile
+index 29f1fa6..c016e5a 100644
+--- a/lzo/Makefile
++++ b/lzo/Makefile
+@@ -11,10 +11,13 @@
+ ## -----------------------------------------------------------------------
+ 
+ VPATH = $(SRC)
+-include $(MAKEDIR)/build.mk
++include $(MAKEDIR)/syslinux.mk
+ 
+ INCLUDES += -I$(SRC)/include
+ 
++%.o: %.c
++	$(CC_FOR_BUILD) $(UMAKEDEPS) $(CFLAGS_FOR_BUILD) $(INCLUDES) -c -o $@ $<
++
+ LIBOBJS = $(patsubst %.c,%.o,$(subst $(SRC)/,,$(wildcard $(SRC)/src/*.c)))
+ LIB     = lzo.a
+ BINS    = prepcore
+@@ -30,7 +33,7 @@ $(LIB) : $(LIBOBJS)
+ 	$(RANLIB) $@
+ 
+ prepcore : prepcore.o $(LIB)
+-	$(CC) $(LDFLAGS) -o $@ $^ $(LIBS)
++	$(CC_FOR_BUILD) $(LDFLAGS_FOR_BUILD) -o $@ $^ $(LIBS)
+ 
+ tidy dist clean spotless:
+ 	rm -f $(BINS)
+-- 
+2.1.4
+

boot/syslinux/Config.in

@@ -1,12 +1,13 @@
 config BR2_TARGET_SYSLINUX
 	bool "syslinux"
 	depends on BR2_i386 || BR2_x86_64
-	select BR2_HOSTARCH_NEEDS_IA32_COMPILER
 	# Make sure at least one of the flavors is installed
 	select BR2_TARGET_SYSLINUX_ISOLINUX \
 		if !BR2_TARGET_SYSLINUX_PXELINUX && \
 		   !BR2_TARGET_SYSLINUX_MBR && \
 		   !BR2_TARGET_SYSLINUX_EFI
+	select BR2_PACKAGE_UTIL_LINUX
+	select BR2_PACKAGE_UTIL_LINUX_LIBUUID
 	help
 	  The syslinux bootloader for x86 systems.
 	  This includes: syslinux, pxelinux, extlinux.

boot/syslinux/syslinux.mk

@@ -13,7 +13,7 @@ SYSLINUX_LICENSE_FILES = COPYING
 
 SYSLINUX_INSTALL_IMAGES = YES
 
-SYSLINUX_DEPENDENCIES = host-nasm host-util-linux host-upx
+SYSLINUX_DEPENDENCIES = host-nasm host-upx util-linux
 
 ifeq ($(BR2_TARGET_SYSLINUX_LEGACY_BIOS),y)
 SYSLINUX_TARGET += bios
@@ -51,21 +51,36 @@ SYSLINUX_POST_PATCH_HOOKS += SYSLINUX_CLEANUP
 # and the internal zlib should take precedence so -I shouldn't
 # be used.
 define SYSLINUX_BUILD_CMDS
-	$(TARGET_MAKE_ENV) $(MAKE1) CC="$(HOSTCC) -idirafter $(HOST_DIR)/usr/include $(HOST_LDFLAGS)" \
-		AR="$(HOSTAR)" $(SYSLINUX_EFI_ARGS) -C $(@D) $(SYSLINUX_TARGET)
+	$(TARGET_MAKE_ENV) $(MAKE1) \
+		CC="$(TARGET_CC)" \
+		LD="$(TARGET_LD)" \
+		NASM="$(HOST_DIR)/usr/bin/nasm" \
+		CC_FOR_BUILD="$(HOSTCC)" \
+		CFLAGS_FOR_BUILD="$(HOST_CFLAGS)" \
+		LDFLAGS_FOR_BUILD="$(HOST_LDFLAGS)" \
+            $(SYSLINUX_EFI_ARGS) -C $(@D) $(SYSLINUX_TARGET)
 endef
 
 # While the actual bootloader is compiled for the target, several
 # utilities for installing the bootloader are meant for the host.
 # Repeat the target, otherwise syslinux will try to build everything
-# Repeat CC and AR, since syslinux really wants to check them at
-# install time
+# Repeat LD (and CC) as it happens that some binaries are linked at
+# install-time.
 define SYSLINUX_INSTALL_TARGET_CMDS
-	$(TARGET_MAKE_ENV) $(MAKE1) CC="$(HOSTCC) -idirafter $(HOST_DIR)/usr/include $(HOST_LDFLAGS)" \
-		AR="$(HOSTAR)" $(SYSLINUX_EFI_ARGS) INSTALLROOT=$(HOST_DIR) \
+	$(TARGET_MAKE_ENV) $(MAKE1) $(SYSLINUX_EFI_ARGS) INSTALLROOT=$(HOST_DIR) \
+		CC="$(TARGET_CC)" \
+		LD="$(TARGET_LD)" \
 		-C $(@D) $(SYSLINUX_TARGET) install
 endef
 
+# That 'syslinux' binary is an installer actually built for the target.
+# However, buildroot makes no usage of it, so better delete it than have it
+# installed at the wrong place
+define SYSLINUX_POST_INSTALL_CLEANUP
+	rm -rf $(HOST_DIR)/usr/bin/syslinux
+endef
+SYSLINUX_POST_INSTALL_TARGET_HOOKS += SYSLINUX_POST_INSTALL_CLEANUP
+
 SYSLINUX_IMAGES-$(BR2_TARGET_SYSLINUX_ISOLINUX) += bios/core/isolinux.bin
 SYSLINUX_IMAGES-$(BR2_TARGET_SYSLINUX_PXELINUX) += bios/core/pxelinux.bin
 SYSLINUX_IMAGES-$(BR2_TARGET_SYSLINUX_MBR) += bios/mbr/mbr.bin

boot/uboot/uboot.mk

@@ -293,7 +293,7 @@ endif # UBOOT_BOARD_NAME
 else ifeq ($(BR2_TARGET_UBOOT_BUILD_SYSTEM_KCONFIG),y)
 ifeq ($(BR2_TARGET_UBOOT_USE_DEFCONFIG),y)
 ifeq ($(call qstrip,$(BR2_TARGET_UBOOT_BOARD_DEFCONFIG)),)
-$(error No board defconfig name specified, check your BR2_TARGET_UBOOT_DEFCONFIG setting)
+$(error No board defconfig name specified, check your BR2_TARGET_UBOOT_BOARD_DEFCONFIG setting)
 endif # qstrip BR2_TARGET_UBOOT_BOARD_DEFCONFIG
 endif # BR2_TARGET_UBOOT_USE_DEFCONFIG
 ifeq ($(BR2_TARGET_UBOOT_USE_CUSTOM_CONFIG),y)

fs/iso9660/Config.in

@@ -3,7 +3,7 @@ config BR2_TARGET_ROOTFS_ISO9660
 	depends on (BR2_i386 || BR2_x86_64)
 	depends on BR2_LINUX_KERNEL
 	depends on BR2_TARGET_GRUB || \
-		BR2_TARGET_GRUB2 || \
+		BR2_TARGET_GRUB2_I386_PC || \
 		BR2_TARGET_SYSLINUX_ISOLINUX
 	select BR2_LINUX_KERNEL_INSTALL_TARGET \
 	       if (!BR2_TARGET_ROOTFS_ISO9660_INITRD && !BR2_TARGET_ROOTFS_INITRAMFS)
@@ -33,7 +33,7 @@ config BR2_TARGET_ROOTFS_ISO9660_GRUB
 
 config BR2_TARGET_ROOTFS_ISO9660_GRUB2
 	bool "grub2"
-	depends on BR2_TARGET_GRUB2
+	depends on BR2_TARGET_GRUB2_I386_PC
 	help
 	  Use Grub 2 as the bootloader for the ISO9660 image. Make
 	  sure to enable the 'iso9660' module in
@@ -82,7 +82,7 @@ config BR2_TARGET_ROOTFS_ISO9660_HYBRID
 
 endif
 
-comment "iso image needs a Linux kernel and one of grub, grub2 or isolinux to be built"
+comment "iso image needs a Linux kernel and one of grub, grub2 i386-pc or isolinux to be built"
 	depends on BR2_i386 || BR2_x86_64
 	depends on !BR2_LINUX_KERNEL || \
-		!(BR2_TARGET_GRUB || BR2_TARGET_GRUB2 || BR2_TARGET_SYSLINUX_ISOLINUX)
+		!(BR2_TARGET_GRUB || BR2_TARGET_GRUB2_I386_PC || BR2_TARGET_SYSLINUX_ISOLINUX)

package/acl/acl.mk

@@ -15,7 +15,13 @@ ACL_LICENSE_FILES = doc/COPYING doc/COPYING.LGPL
 
 # While the configuration system uses autoconf, the Makefiles are
 # hand-written and do not use automake. Therefore, we have to hack
-# around their deficiencies by passing installation paths.
+# around their deficiencies by:
+# - explicitly passing CFLAGS (LDFLAGS are passed on from configure,
+#   CFLAGS are not).
+# - explicitly passing the installation prefix, not using DESTDIR.
+
+ACL_MAKE_ENV = CFLAGS="$(TARGET_CFLAGS)"
+
 ACL_INSTALL_STAGING_OPTS = \
 	prefix=$(STAGING_DIR)/usr \
 	exec_prefix=$(STAGING_DIR)/usr \
@@ -37,4 +43,15 @@ endef
 
 ACL_POST_INSTALL_STAGING_HOOKS += ACL_FIX_LIBTOOL_LA_LIBDIR
 
+HOST_ACL_DEPENDENCIES = host-attr
+HOST_ACL_CONF_OPTS = --enable-gettext=no
+HOST_ACL_MAKE_ENV = CFLAGS="$(HOST_CFLAGS)"
+HOST_ACL_INSTALL_OPTS = \
+	prefix=$(HOST_DIR)/usr \
+	exec_prefix=$(HOST_DIR)/usr \
+	PKG_DEVLIB_DIR=$(HOST_DIR)/usr/lib \
+	install-dev install-lib
+# For the host, libacl.la is correct, no fixup needed.
+
 $(eval $(autotools-package))
+$(eval $(host-autotools-package))

package/apr/apr.mk

@@ -22,6 +22,7 @@ APR_CONF_ENV = \
 	apr_cv_mutex_robust_shared=no \
 	apr_cv_tcp_nodelay_with_cork=yes \
 	ac_cv_sizeof_struct_iovec=8 \
+	ac_cv_sizeof_pid_t=4 \
 	ac_cv_struct_rlimit=yes \
 	ac_cv_o_nonblock_inherited=no \
 	apr_cv_mutex_recursive=yes

package/audiofile/0003-Always-check-the-number-of-coefficients.patch

@@ -0,0 +1,36 @@
+From c48e4c6503f7dabd41f11d4c9c7b7f8960e7f2c0 Mon Sep 17 00:00:00 2001
+From: Antonio Larrosa <larrosa@kde.org>
+Date: Mon, 6 Mar 2017 12:51:22 +0100
+Subject: [PATCH] Always check the number of coefficients
+
+When building the library with NDEBUG, asserts are eliminated
+so it's better to always check that the number of coefficients
+is inside the array range.
+
+This fixes the 00191-audiofile-indexoob issue in #41
+
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+---
+ libaudiofile/WAVE.cpp | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/libaudiofile/WAVE.cpp b/libaudiofile/WAVE.cpp
+index 0e81cf7..61f9541 100644
+--- a/libaudiofile/WAVE.cpp
++++ b/libaudiofile/WAVE.cpp
+@@ -281,6 +281,12 @@ status WAVEFile::parseFormat(const Tag &id, uint32_t size)
+ 
+ 			/* numCoefficients should be at least 7. */
+ 			assert(numCoefficients >= 7 && numCoefficients <= 255);
++			if (numCoefficients < 7 || numCoefficients > 255)
++			{
++				_af_error(AF_BAD_HEADER,
++						"Bad number of coefficients");
++				return AF_FAIL;
++			}
+ 
+ 			m_msadpcmNumCoefficients = numCoefficients;
+ 
+-- 
+2.11.0
+

package/audiofile/0004-clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch

@@ -0,0 +1,39 @@
+From 25eb00ce913452c2e614548d7df93070bf0d066f Mon Sep 17 00:00:00 2001
+From: Antonio Larrosa <larrosa@kde.org>
+Date: Mon, 6 Mar 2017 18:02:31 +0100
+Subject: [PATCH] clamp index values to fix index overflow in IMA.cpp
+
+This fixes #33
+(also reported at https://bugzilla.opensuse.org/show_bug.cgi?id=1026981
+and https://blogs.gentoo.org/ago/2017/02/20/audiofile-global-buffer-overflow-in-decodesample-ima-cpp/)
+
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+---
+ libaudiofile/modules/IMA.cpp | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/libaudiofile/modules/IMA.cpp b/libaudiofile/modules/IMA.cpp
+index 7476d44..df4aad6 100644
+--- a/libaudiofile/modules/IMA.cpp
++++ b/libaudiofile/modules/IMA.cpp
+@@ -169,7 +169,7 @@ int IMA::decodeBlockWAVE(const uint8_t *encoded, int16_t *decoded)
+ 		if (encoded[1] & 0x80)
+ 			m_adpcmState[c].previousValue -= 0x10000;
+ 
+-		m_adpcmState[c].index = encoded[2];
++		m_adpcmState[c].index = clamp(encoded[2], 0, 88);
+ 
+ 		*decoded++ = m_adpcmState[c].previousValue;
+ 
+@@ -210,7 +210,7 @@ int IMA::decodeBlockQT(const uint8_t *encoded, int16_t *decoded)
+ 			predictor -= 0x10000;
+ 
+ 		state.previousValue = clamp(predictor, MIN_INT16, MAX_INT16);
+-		state.index = encoded[1] & 0x7f;
++		state.index = clamp(encoded[1] & 0x7f, 0, 88);
+ 		encoded += 2;
+ 
+ 		for (int n=0; n<m_framesPerPacket; n+=2)
+-- 
+2.11.0
+

package/audiofile/0005-Check-for-multiplication-overflow-in-sfconvert.patch

@@ -0,0 +1,72 @@
+From 7d65f89defb092b63bcbc5d98349fb222ca73b3c Mon Sep 17 00:00:00 2001
+From: Antonio Larrosa <larrosa@kde.org>
+Date: Mon, 6 Mar 2017 13:54:52 +0100
+Subject: [PATCH] Check for multiplication overflow in sfconvert
+
+Checks that a multiplication doesn't overflow when
+calculating the buffer size, and if it overflows,
+reduce the buffer size instead of failing.
+
+This fixes the 00192-audiofile-signintoverflow-sfconvert case
+in #41
+
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+---
+ sfcommands/sfconvert.c | 34 ++++++++++++++++++++++++++++++++--
+ 1 file changed, 32 insertions(+), 2 deletions(-)
+
+diff --git a/sfcommands/sfconvert.c b/sfcommands/sfconvert.c
+index 80a1bc4..970a3e4 100644
+--- a/sfcommands/sfconvert.c
++++ b/sfcommands/sfconvert.c
+@@ -45,6 +45,33 @@ void printusage (void);
+ void usageerror (void);
+ bool copyaudiodata (AFfilehandle infile, AFfilehandle outfile, int trackid);
+ 
++int firstBitSet(int x)
++{
++        int position=0;
++        while (x!=0)
++        {
++                x>>=1;
++                ++position;
++        }
++        return position;
++}
++
++#ifndef __has_builtin
++#define __has_builtin(x) 0
++#endif
++
++int multiplyCheckOverflow(int a, int b, int *result)
++{
++#if (defined __GNUC__ && __GNUC__ >= 5) || ( __clang__ && __has_builtin(__builtin_mul_overflow))
++	return __builtin_mul_overflow(a, b, result);
++#else
++	if (firstBitSet(a)+firstBitSet(b)>31) // int is signed, so we can't use 32 bits
++		return true;
++	*result = a * b;
++	return false;
++#endif
++}
++
+ int main (int argc, char **argv)
+ {
+ 	if (argc == 2)
+@@ -323,8 +350,11 @@ bool copyaudiodata (AFfilehandle infile, AFfilehandle outfile, int trackid)
+ {
+ 	int frameSize = afGetVirtualFrameSize(infile, trackid, 1);
+ 
+-	const int kBufferFrameCount = 65536;
+-	void *buffer = malloc(kBufferFrameCount * frameSize);
++	int kBufferFrameCount = 65536;
++	int bufferSize;
++	while (multiplyCheckOverflow(kBufferFrameCount, frameSize, &bufferSize))
++		kBufferFrameCount /= 2;
++	void *buffer = malloc(bufferSize);
+ 
+ 	AFframecount totalFrames = afGetFrameCount(infile, AF_DEFAULT_TRACK);
+ 	AFframecount totalFramesWritten = 0;
+-- 
+2.11.0
+

package/audiofile/0006-Actually-fail-when-error-occurs-in-parseFormat.patch

@@ -0,0 +1,42 @@
+From a2e9eab8ea87c4ffc494d839ebb4ea145eb9f2e6 Mon Sep 17 00:00:00 2001
+From: Antonio Larrosa <larrosa@kde.org>
+Date: Mon, 6 Mar 2017 18:59:26 +0100
+Subject: [PATCH] Actually fail when error occurs in parseFormat
+
+When there's an unsupported number of bits per sample or an invalid
+number of samples per block, don't only print an error message using
+the error handler, but actually stop parsing the file.
+
+This fixes #35 (also reported at
+https://bugzilla.opensuse.org/show_bug.cgi?id=1026983 and
+https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-imadecodeblockwave-ima-cpp/
+)
+
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+---
+ libaudiofile/WAVE.cpp | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/libaudiofile/WAVE.cpp b/libaudiofile/WAVE.cpp
+index 0e81cf7..d762249 100644
+--- a/libaudiofile/WAVE.cpp
++++ b/libaudiofile/WAVE.cpp
+@@ -326,6 +326,7 @@ status WAVEFile::parseFormat(const Tag &id, uint32_t size)
+ 			{
+ 				_af_error(AF_BAD_NOT_IMPLEMENTED,
+ 					"IMA ADPCM compression supports only 4 bits per sample");
++				return AF_FAIL;
+ 			}
+ 
+ 			int bytesPerBlock = (samplesPerBlock + 14) / 8 * 4 * channelCount;
+@@ -333,6 +334,7 @@ status WAVEFile::parseFormat(const Tag &id, uint32_t size)
+ 			{
+ 				_af_error(AF_BAD_CODEC_CONFIG,
+ 					"Invalid samples per block for IMA ADPCM compression");
++				return AF_FAIL;
+ 			}
+ 
+ 			track->f.sampleWidth = 16;
+-- 
+2.11.0
+

package/audiofile/0007-Check-for-multiplication-overflow-in-MSADPCM-decodeS.patch

@@ -0,0 +1,122 @@
+From beacc44eb8cdf6d58717ec1a5103c5141f1b37f9 Mon Sep 17 00:00:00 2001
+From: Antonio Larrosa <larrosa@kde.org>
+Date: Mon, 6 Mar 2017 13:43:53 +0100
+Subject: [PATCH] Check for multiplication overflow in MSADPCM decodeSample
+
+Check for multiplication overflow (using __builtin_mul_overflow
+if available) in MSADPCM.cpp decodeSample and return an empty
+decoded block if an error occurs.
+
+This fixes the 00193-audiofile-signintoverflow-MSADPCM case of #41
+
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+---
+ libaudiofile/modules/BlockCodec.cpp |  5 ++--
+ libaudiofile/modules/MSADPCM.cpp    | 47 +++++++++++++++++++++++++++++++++----
+ 2 files changed, 46 insertions(+), 6 deletions(-)
+
+diff --git a/libaudiofile/modules/BlockCodec.cpp b/libaudiofile/modules/BlockCodec.cpp
+index 45925e8..4731be1 100644
+--- a/libaudiofile/modules/BlockCodec.cpp
++++ b/libaudiofile/modules/BlockCodec.cpp
+@@ -52,8 +52,9 @@ void BlockCodec::runPull()
+ 	// Decompress into m_outChunk.
+ 	for (int i=0; i<blocksRead; i++)
+ 	{
+-		decodeBlock(static_cast<const uint8_t *>(m_inChunk->buffer) + i * m_bytesPerPacket,
+-			static_cast<int16_t *>(m_outChunk->buffer) + i * m_framesPerPacket * m_track->f.channelCount);
++		if (decodeBlock(static_cast<const uint8_t *>(m_inChunk->buffer) + i * m_bytesPerPacket,
++			static_cast<int16_t *>(m_outChunk->buffer) + i * m_framesPerPacket * m_track->f.channelCount)==0)
++			break;
+ 
+ 		framesRead += m_framesPerPacket;
+ 	}
+diff --git a/libaudiofile/modules/MSADPCM.cpp b/libaudiofile/modules/MSADPCM.cpp
+index 8ea3c85..ef9c38c 100644
+--- a/libaudiofile/modules/MSADPCM.cpp
++++ b/libaudiofile/modules/MSADPCM.cpp
+@@ -101,24 +101,60 @@ static const int16_t adaptationTable[] =
+ 	768, 614, 512, 409, 307, 230, 230, 230
+ };
+ 
++int firstBitSet(int x)
++{
++        int position=0;
++        while (x!=0)
++        {
++                x>>=1;
++                ++position;
++        }
++        return position;
++}
++
++#ifndef __has_builtin
++#define __has_builtin(x) 0
++#endif
++
++int multiplyCheckOverflow(int a, int b, int *result)
++{
++#if (defined __GNUC__ && __GNUC__ >= 5) || ( __clang__ && __has_builtin(__builtin_mul_overflow))
++	return __builtin_mul_overflow(a, b, result);
++#else
++	if (firstBitSet(a)+firstBitSet(b)>31) // int is signed, so we can't use 32 bits
++		return true;
++	*result = a * b;
++	return false;
++#endif
++}
++
++
+ // Compute a linear PCM value from the given differential coded value.
+ static int16_t decodeSample(ms_adpcm_state &state,
+-	uint8_t code, const int16_t *coefficient)
++	uint8_t code, const int16_t *coefficient, bool *ok=NULL)
+ {
+ 	int linearSample = (state.sample1 * coefficient[0] +
+ 		state.sample2 * coefficient[1]) >> 8;
++	int delta;
+ 
+ 	linearSample += ((code & 0x08) ? (code - 0x10) : code) * state.delta;
+ 
+ 	linearSample = clamp(linearSample, MIN_INT16, MAX_INT16);
+ 
+-	int delta = (state.delta * adaptationTable[code]) >> 8;
++	if (multiplyCheckOverflow(state.delta, adaptationTable[code], &delta))
++	{
++                if (ok) *ok=false;
++		_af_error(AF_BAD_COMPRESSION, "Error decoding sample");
++		return 0;
++	}
++	delta >>= 8;
+ 	if (delta < 16)
+ 		delta = 16;
+ 
+ 	state.delta = delta;
+ 	state.sample2 = state.sample1;
+ 	state.sample1 = linearSample;
++	if (ok) *ok=true;
+ 
+ 	return static_cast<int16_t>(linearSample);
+ }
+@@ -212,13 +248,16 @@ int MSADPCM::decodeBlock(const uint8_t *encoded, int16_t *decoded)
+ 	{
+ 		uint8_t code;
+ 		int16_t newSample;
++		bool ok;
+ 
+ 		code = *encoded >> 4;
+-		newSample = decodeSample(*state[0], code, coefficient[0]);
++		newSample = decodeSample(*state[0], code, coefficient[0], &ok);
++		if (!ok) return 0;
+ 		*decoded++ = newSample;
+ 
+ 		code = *encoded & 0x0f;
+-		newSample = decodeSample(*state[1], code, coefficient[1]);
++		newSample = decodeSample(*state[1], code, coefficient[1], &ok);
++		if (!ok) return 0;
+ 		*decoded++ = newSample;
+ 
+ 		encoded++;
+-- 
+2.11.0
+

package/bind/bind.hash

@@ -1,2 +1,2 @@
-# Verified from http://ftp.isc.org/isc/bind9/9.11.0-P3/bind-9.11.0-P3.tar.gz.sha256.asc
-sha256 0feee0374bcbdee73a9d4277f3c5007622279572d520d7c27a4b64015d8ca9e9  bind-9.11.0-P3.tar.gz
+# Verified from http://ftp.isc.org/isc/bind9/9.11.0-P5/bind-9.11.0-P5.tar.gz.sha256.asc
+sha256 1e283f0567b484687dfd7b936e26c9af4f64043daf73cbd8f3eb1122c9fb71f5  bind-9.11.0-P5.tar.gz

package/bind/bind.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-BIND_VERSION = 9.11.0-P3
+BIND_VERSION = 9.11.0-P5
 BIND_SITE = ftp://ftp.isc.org/isc/bind9/$(BIND_VERSION)
 # bind does not support parallel builds.
 BIND_MAKE = $(MAKE1)
@@ -29,7 +29,6 @@ BIND_CONF_OPTS = \
 	--enable-epoll \
 	--with-libtool \
 	--with-gssapi=no \
-	--enable-rrl \
 	--enable-filter-aaaa
 
 ifeq ($(BR2_PACKAGE_ZLIB),y)

package/busybox/mdev.conf

@@ -23,17 +23,17 @@ ttyS[0-9]*	root:root 660
 ttyUSB[0-9]*	root:root 660
 
 # alsa sound devices
-pcm.*		root:audio 660 =snd/
-control.*	root:audio 660 =snd/
-midi.*		root:audio 660 =snd/
-seq		root:audio 660 =snd/
-timer		root:audio 660 =snd/
+snd/pcm.*	root:audio 660
+snd/control.*	root:audio 660
+snd/midi.*	root:audio 660
+snd/seq		root:audio 660
+snd/timer	root:audio 660
 
 # input stuff
-event[0-9]+	root:root 640 =input/
-mice		root:root 640 =input/
-mouse[0-9]	root:root 640 =input/
-ts[0-9]		root:root 600 =input/
+input/event[0-9]+	root:root 640
+input/mice		root:root 640
+input/mouse[0-9]	root:root 640
+input/ts[0-9]		root:root 600
 
 # load modules
 $MODALIAS=.*	root:root 660 @modprobe "$MODALIAS"

package/cairo/cairo.mk

@@ -6,8 +6,8 @@
 
 CAIRO_VERSION = 1.14.8
 CAIRO_SOURCE = cairo-$(CAIRO_VERSION).tar.xz
-CAIRO_LICENSE = LGPLv2.1+
-CAIRO_LICENSE_FILES = COPYING
+CAIRO_LICENSE = LGPLv2.1 or MPLv1.1 (library)
+CAIRO_LICENSE_FILES = COPYING COPYING-LGPL-2.1 COPYING-MPL-1.1
 CAIRO_SITE = http://cairographics.org/releases
 CAIRO_INSTALL_STAGING = YES
 CAIRO_AUTORECONF = YES

package/dbus-cpp/0002-cross-compile-tools.patch

@@ -0,0 +1,34 @@
+tools: just do proper cross-compile
+
+Those tools are not used during the build; besides, they are installed.
+
+So they don't need to not be cross-compiled.
+
+Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
+
+---
+Upstream status: not submitted, upstream is dead.
+
+diff -durN dbus-cpp-0.9.0.orig/tools/Makefile.am dbus-cpp-0.9.0/tools/Makefile.am
+--- dbus-cpp-0.9.0.orig/tools/Makefile.am	2017-03-21 21:48:57.013409423 +0100
++++ dbus-cpp-0.9.0/tools/Makefile.am	2017-03-21 21:49:35.329979798 +0100
+@@ -1,7 +1,3 @@
+-# hacky, but ...
+-
+-CXX = $(CXX_FOR_BUILD)
+-
+ AM_CPPFLAGS = \
+ 	$(dbus_CFLAGS) \
+ 	$(xml_CFLAGS) \
+@@ -9,11 +3,7 @@
+ 	-I$(top_builddir)/include \
+ 	-Wall
+ 
+-if CROSS_COMPILING
+-libdbus_cxx_la = $(BUILD_LIBDBUS_CXX_DIR)/src/libdbus-c++-1.la
+-else
+ libdbus_cxx_la = $(top_builddir)/src/libdbus-c++-1.la
+-endif
+ 
+ bin_PROGRAMS = dbusxx-xml2cpp dbusxx-introspect
+ 

package/dbus-cpp/0002-cxxflags-ldflags-for-build.patch

@@ -1,32 +0,0 @@
-Use CXXFLAGS_FOR_BUILD and LDFLAGS_FOR_BUILD for the tools since expat
-may not be living in the default include & library path.
-
-Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
-
-diff -Nura libdbus-c++-0.9.0.orig/configure.ac libdbus-c++-0.9.0/configure.ac
---- libdbus-c++-0.9.0.orig/configure.ac	2014-01-05 15:28:03.653886567 -0300
-+++ libdbus-c++-0.9.0/configure.ac	2014-01-05 15:44:32.571172225 -0300
-@@ -65,7 +65,11 @@
- AC_PROG_CXX
- 
- CXX_FOR_BUILD=${CXX_FOR_BUILD-${CXX}}
-+CXXFLAGS_FOR_BUILD=${CXXFLAGS_FOR_BUILD-${CXXFLAGS}}
-+LDFLAGS_FOR_BUILD=${LDFLAGS_FOR_BUILD-${LDFLAGS}}
- AC_SUBST(CXX_FOR_BUILD)
-+AC_SUBST(CXXFLAGS_FOR_BUILD)
-+AC_SUBST(LDFLAGS_FOR_BUILD)
- 
- AM_PROG_LIBTOOL
- 
-diff -Nura libdbus-c++-0.9.0.orig/tools/Makefile.am libdbus-c++-0.9.0/tools/Makefile.am
---- libdbus-c++-0.9.0.orig/tools/Makefile.am	2014-01-05 15:28:03.652886535 -0300
-+++ libdbus-c++-0.9.0/tools/Makefile.am	2014-01-05 15:44:42.071482390 -0300
-@@ -1,6 +1,8 @@
- # hacky, but ...
- 
- CXX = $(CXX_FOR_BUILD)
-+CXXFLAGS = $(CXXFLAGS_FOR_BUILD)
-+LDFLAGS = $(LDFLAGS_FOR_BUILD)
- 
- AM_CPPFLAGS = \
- 	$(dbus_CFLAGS) \

package/dbus-glib/dbus-glib.mk

@@ -7,7 +7,7 @@
 DBUS_GLIB_VERSION = 0.108
 DBUS_GLIB_SITE = http://dbus.freedesktop.org/releases/dbus-glib
 DBUS_GLIB_INSTALL_STAGING = YES
-DBUS_GLIB_LICENSE = AFLv2.1, GPLv2+
+DBUS_GLIB_LICENSE = AFLv2.1 or GPLv2+
 DBUS_GLIB_LICENSE_FILES = COPYING
 
 DBUS_GLIB_CONF_ENV = \

package/dbus-triggerd/dbus-triggerd.mk

@@ -7,6 +7,7 @@
 DBUS_TRIGGERD_VERSION = ba3dbec805cb707c94c54de21666bf18b79bcc09
 DBUS_TRIGGERD_SITE = git://rg42.org/dbustriggerd.git
 DBUS_TRIGGERD_LICENSE = GPLv2+
+DBUS_TRIGGERD_LICENSE_FILES = dbus-triggerd.c
 DBUS_TRIGGERD_DEPENDENCIES = host-pkgconf dbus
 
 define DBUS_TRIGGERD_BUILD_CMDS

package/domoticz/domoticz.mk

@@ -18,6 +18,21 @@ DOMOTICZ_DEPENDENCIES = \
 	sqlite \
 	zlib
 
+# Fixes:
+# http://autobuild.buildroot.org/results/454c0ea393615bae2d1b44be9920f25b5c49fc33
+# There is an issue with powerpc64le and boost::uuids::random_generator on the
+# following line of code (from include/boost/uuid/seed_rng.hpp):
+# sha.process_bytes( (unsigned char const*)&std::rand, sizeof( void(*)() ) )
+# This line "inspects the first couple bytes (here eight) of the std::rand
+# function to seed some rng. Due to the implementation of process_bytes and
+# inlining happening, it seems that one of the loops therein uses &rand-1 as
+# some boundary, compiling with -O0 makes that reloc come out as 'rand + 0' and
+# the link will succeed."
+# See: https://bugzilla.suse.com/show_bug.cgi?id=955832#c7
+ifeq ($(BR2_powerpc64le),y)
+DOMOTICZ_CXXFLAGS += -O0
+endif
+
 # Due to the dependency on mosquitto, domoticz depends on
 # !BR2_STATIC_LIBS so set USE_STATIC_BOOST to OFF
 DOMOTICZ_CONF_OPTS += -DUSE_STATIC_BOOST=OFF
@@ -27,7 +42,8 @@ DOMOTICZ_CONF_OPTS += -DUSE_STATIC_BOOST=OFF
 DOMOTICZ_CONF_OPTS += \
 	-DUSE_BUILTIN_LUA=OFF \
 	-DUSE_BUILTIN_SQLITE=OFF \
-	-DUSE_BUILTIN_MQTT=OFF
+	-DUSE_BUILTIN_MQTT=OFF \
+	-DCMAKE_CXX_FLAGS="$(TARGET_CXXFLAGS) $(DOMOTICZ_CXXFLAGS)"
 
 ifeq ($(BR2_PACKAGE_LIBUSB),y)
 DOMOTICZ_DEPENDENCIES += libusb

package/dovecot/dovecot.hash

@@ -1,2 +1,2 @@
 # Locally computed after checking signature
-sha256 897f92a87cda4b27b243f8149ce0ba7b7e71a2be8fb7994eb0a025e54cde18e9  dovecot-2.2.27.tar.gz
+sha256 ccfa9ffb7eb91e9e87c21c108324b911250c9ffa838bffb64b1caafadcb0f388  dovecot-2.2.29.1.tar.gz

package/dovecot/dovecot.mk

@@ -5,7 +5,7 @@
 ################################################################################
 
 DOVECOT_VERSION_MAJOR = 2.2
-DOVECOT_VERSION = $(DOVECOT_VERSION_MAJOR).27
+DOVECOT_VERSION = $(DOVECOT_VERSION_MAJOR).29.1
 DOVECOT_SITE = http://www.dovecot.org/releases/$(DOVECOT_VERSION_MAJOR)
 DOVECOT_INSTALL_STAGING = YES
 DOVECOT_LICENSE = LGPLv2.1

package/elfutils/Config.in

@@ -22,7 +22,7 @@ config BR2_PACKAGE_ELFUTILS
 	  Note that this option only installs the libraries, and not
 	  the programs.
 
-	  https://fedorahosted.org/elfutils
+	  https://sourceware.org/elfutils/
 
 if BR2_PACKAGE_ELFUTILS
 

package/elfutils/elfutils.mk

@@ -6,7 +6,7 @@
 
 ELFUTILS_VERSION = 0.166
 ELFUTILS_SOURCE = elfutils-$(ELFUTILS_VERSION).tar.bz2
-ELFUTILS_SITE = https://fedorahosted.org/releases/e/l/elfutils/$(ELFUTILS_VERSION)
+ELFUTILS_SITE = https://sourceware.org/elfutils/ftp/$(ELFUTILS_VERSION)
 ELFUTILS_INSTALL_STAGING = YES
 ELFUTILS_LICENSE = GPLv2+ or LGPLv3+ (library)
 ELFUTILS_LICENSE_FILES = COPYING-GPLV2 COPYING-LGPLV3

package/fakeroot/fakeroot.mk

@@ -7,6 +7,8 @@
 FAKEROOT_VERSION = 1.20.2
 FAKEROOT_SOURCE = fakeroot_$(FAKEROOT_VERSION).orig.tar.bz2
 FAKEROOT_SITE = http://snapshot.debian.org/archive/debian/20141005T221953Z/pool/main/f/fakeroot
+
+HOST_FAKEROOT_DEPENDENCIES = host-acl
 # Force capabilities detection off
 # For now these are process capabilities (faked) rather than file
 # so they're of no real use

package/filemq/filemq.mk

@@ -11,8 +11,8 @@ FILEMQ_AUTORECONF = YES
 FILEMQ_CONF_ENV = filemq_have_asciidoc=no
 FILEMQ_INSTALL_STAGING = YES
 FILEMQ_DEPENDENCIES = czmq openssl zeromq
-FILEMQ_LICENSE = LGPLv3+ with exceptions
-FILEMQ_LICENSE_FILES = COPYING COPYING.LESSER
+FILEMQ_LICENSE = MPLv2.0
+FILEMQ_LICENSE_FILES = LICENSE
 
 define FILEMQ_CREATE_CONFIG_DIR
 	mkdir -p $(@D)/config

package/fmc/fmc.hash

@@ -1,2 +1,2 @@
-# Locally Computed
-sha256sum	a91e0c9b7c7f238634c64a755c05671f33f2acdb6ae2d09cad4d683b364ee8e4	fmc-fsl-sdk-v2.0.tar.gz
+# Locally calculated
+sha256	a91e0c9b7c7f238634c64a755c05671f33f2acdb6ae2d09cad4d683b364ee8e4	fmc-fsl-sdk-v2.0.tar.gz

package/freetype/0001-psaux-Better-protect-flex-handling.patch

@@ -0,0 +1,47 @@
+From f958c48ee431bef8d4d466b40c9cb2d4dbcb7791 Mon Sep 17 00:00:00 2001
+From: Werner Lemberg <wl@gnu.org>
+Date: Fri, 24 Mar 2017 09:15:10 +0100
+Subject: [PATCH] [psaux] Better protect `flex' handling.
+
+Reported as
+
+  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=935
+
+* src/psaux/t1decode.c (t1_decoder_parse_charstrings)
+<callothersubr>: Since there is not a single flex operator but a
+series of subroutine calls, malformed fonts can call arbitrary other
+operators after the start of a flex, possibly adding points.  For
+this reason we have to check the available number of points before
+inserting a point.
+
+Fixes CVE-2017-8105
+
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+---
+diff --git a/src/psaux/t1decode.c b/src/psaux/t1decode.c
+index af7b465e..7dd45135 100644
+--- a/src/psaux/t1decode.c
++++ b/src/psaux/t1decode.c
+@@ -780,10 +780,19 @@
+             /* point without adding any point to the outline    */
+             idx = decoder->num_flex_vectors++;
+             if ( idx > 0 && idx < 7 )
++            {
++              /* in malformed fonts it is possible to have other */
++              /* opcodes in the middle of a flex (which don't    */
++              /* increase `num_flex_vectors'); we thus have to   */
++              /* check whether we can add a point                */
++              if ( FT_SET_ERROR( t1_builder_check_points( builder, 1 ) ) )
++                goto Syntax_Error;
++
+               t1_builder_add_point( builder,
+                                     x,
+                                     y,
+                                     (FT_Byte)( idx == 3 || idx == 6 ) );
++            }
+           }
+           break;
+ 
+-- 
+2.11.0
+

package/freetype/0002-src-psaux-psobjs.c-t1_builder_close_contour-Add-safe.patch

@@ -0,0 +1,35 @@
+From 3774fc08b502c3e685afca098b6e8a195aded6a0 Mon Sep 17 00:00:00 2001
+From: Werner Lemberg <wl@gnu.org>
+Date: Sun, 26 Mar 2017 08:32:09 +0200
+Subject: [PATCH] * src/psaux/psobjs.c (t1_builder_close_contour): Add safety
+ guard.
+
+Reported as
+
+  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=941
+
+Fixes CVE-2017-8287
+
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+diff --git a/src/psaux/psobjs.c b/src/psaux/psobjs.c
+index d18e821a..0baf8368 100644
+--- a/src/psaux/psobjs.c
++++ b/src/psaux/psobjs.c
+@@ -1718,6 +1718,14 @@
+     first = outline->n_contours <= 1
+             ? 0 : outline->contours[outline->n_contours - 2] + 1;
+ 
++    /* in malformed fonts it can happen that a contour was started */
++    /* but no points were added                                    */
++    if ( outline->n_contours && first == outline->n_points )
++    {
++      outline->n_contours--;
++      return;
++    }
++
+     /* We must not include the last point in the path if it */
+     /* is located on the first point.                       */
+     if ( outline->n_points > 1 )
+-- 
+2.11.0
+

package/freetype/freetype.mk

@@ -10,7 +10,7 @@ FREETYPE_SITE = http://download.savannah.gnu.org/releases/freetype
 FREETYPE_INSTALL_STAGING = YES
 FREETYPE_MAKE_OPTS = CCexe="$(HOSTCC)"
 FREETYPE_LICENSE = Dual FTL/GPLv2+
-FREETYPE_LICENSE_FILES = docs/FTL.TXT docs/GPLv2.TXT
+FREETYPE_LICENSE_FILES = docs/LICENSE.TXT docs/FTL.TXT docs/GPLv2.TXT
 FREETYPE_DEPENDENCIES = host-pkgconf
 FREETYPE_CONFIG_SCRIPTS = freetype-config
 

package/gcc/arc-2016.09-release/895-arc-define-_REENTRANT-when-pthread-is-passed.patch

@@ -0,0 +1,34 @@
+From 4c6367c99461fdd7bd5613483f2582d7f08fba87 Mon Sep 17 00:00:00 2001
+From: Vlad Zakharov <vzakhar@synopsys.com>
+Date: Tue, 28 Feb 2017 17:41:11 +0300
+Subject: [PATCH] arc: define _REENTRANT when -pthread is passed
+
+The compiler is supposed to have the builtin defined _REENTRANT defined
+when -pthread is passed, which wasn't done on the ARC architecture.
+
+When _REENTRANT is not passed, the C library will not use reentrant
+functions, and the latest version of ax_pthread.m4 from the
+autoconf-archive will no longer detect that thread support is
+available (see https://savannah.gnu.org/patch/?8186).
+
+Signed-off-by: Vlad Zakharov <vzakhar@synopsys.com>
+Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
+---
+ gcc/config/arc/arc.h | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/gcc/config/arc/arc.h b/gcc/config/arc/arc.h
+index 611ef54..fdd4b5d 100644
+--- a/gcc/config/arc/arc.h
++++ b/gcc/config/arc/arc.h
+@@ -93,6 +93,7 @@ along with GCC; see the file COPYING3.  If not see
+ %{mdsp-packa:-D__Xdsp_packa} %{mcrc:-D__Xcrc} %{mdvbf:-D__Xdvbf} \
+ %{mtelephony:-D__Xtelephony} %{mxy:-D__Xxy} %{mmul64: -D__Xmult32} \
+ %{mlock:-D__Xlock} %{mswape:-D__Xswape} %{mrtsc:-D__Xrtsc} \
++%{pthread:-D_REENTRANT} \
+ %{mcpu=nps400:-D__NPS400__}"
+
+ #define CC1_SPEC "\
+--
+2.7.4
+

package/gdb/gdb.mk

@@ -67,13 +67,6 @@ GDB_DISABLE_BINUTILS_CONF_OPTS = \
 	--disable-ld \
 	--disable-gas
 
-# Starting with gdb 7.11, the bundled gnulib tries to use
-# rpl_gettimeofday (gettimeofday replacement) due to the code being
-# unable to determine if the replacement function should be used or
-# not when cross-compiling with uClibc or musl as C libraries. So use
-# gl_cv_func_gettimeofday_clobber=no to not use rpl_gettimeofday,
-# assuming musl and uClibc have a properly working gettimeofday
-# implementation.
 GDB_CONF_ENV = \
 	ac_cv_type_uintptr_t=yes \
 	gt_cv_func_gettext_libintl=yes \
@@ -83,8 +76,18 @@ GDB_CONF_ENV = \
 	bash_cv_must_reinstall_sighandlers=no \
 	bash_cv_func_sigsetjmp=present \
 	bash_cv_have_mbstate_t=yes \
-	gdb_cv_func_sigsetjmp=yes \
-	gl_cv_func_gettimeofday_clobber=no
+	gdb_cv_func_sigsetjmp=yes
+
+# Starting with gdb 7.11, the bundled gnulib tries to use
+# rpl_gettimeofday (gettimeofday replacement) due to the code being
+# unable to determine if the replacement function should be used or
+# not when cross-compiling with uClibc or musl as C libraries. So use
+# gl_cv_func_gettimeofday_clobber=no to not use rpl_gettimeofday,
+# assuming musl and uClibc have a properly working gettimeofday
+# implementation. It needs to be passed to GDB_MAKE_ENV and not
+# GDB_CONF_ENV, because otherwise it does not get passed to the
+# configure script of nested packages.
+GDB_MAKE_ENV = gl_cv_func_gettimeofday_clobber=no
 
 # The shared only build is not supported by gdb, so enable static build for
 # build-in libraries with --enable-static.

package/ghostscript/0003-Bug-697799-have-.eqproc-check-its-parameters.patch

@@ -0,0 +1,33 @@
+From 4f83478c88c2e05d6e8d79ca4557eb039354d2f3 Mon Sep 17 00:00:00 2001
+From: Chris Liddell <chris.liddell@artifex.com>
+Date: Thu, 27 Apr 2017 13:03:33 +0100
+Subject: [PATCH] Bug 697799: have .eqproc check its parameters
+
+The Ghostscript custom operator .eqproc was not check the number or type of
+the parameters it was given.
+
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+---
+ psi/zmisc3.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/psi/zmisc3.c b/psi/zmisc3.c
+index 54b304246..37293ff4b 100644
+--- a/psi/zmisc3.c
++++ b/psi/zmisc3.c
+@@ -56,6 +56,12 @@ zeqproc(i_ctx_t *i_ctx_p)
+     ref2_t stack[MAX_DEPTH + 1];
+     ref2_t *top = stack;
+ 
++    if (ref_stack_count(&o_stack) < 2)
++        return_error(gs_error_stackunderflow);
++    if (!r_is_array(op - 1) || !r_is_array(op)) {
++        return_error(gs_error_typecheck);
++    }
++
+     make_array(&stack[0].proc1, 0, 1, op - 1);
+     make_array(&stack[0].proc2, 0, 1, op);
+     for (;;) {
+-- 
+2.11.0
+

package/ghostscript/0004-Bug-697799-have-.rsdparams-check-its-parameters.patch

@@ -0,0 +1,62 @@
+From 04b37bbce174eed24edec7ad5b920eb93db4d47d Mon Sep 17 00:00:00 2001
+From: Chris Liddell <chris.liddell@artifex.com>
+Date: Thu, 27 Apr 2017 13:21:31 +0100
+Subject: [PATCH] Bug 697799: have .rsdparams check its parameters
+
+The Ghostscript internal operator .rsdparams wasn't checking the number or
+type of the operands it was being passed. Do so.
+
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+---
+ psi/zfrsd.c | 22 +++++++++++++++-------
+ 1 file changed, 15 insertions(+), 7 deletions(-)
+
+diff --git a/psi/zfrsd.c b/psi/zfrsd.c
+index 191107d8a..950588d69 100644
+--- a/psi/zfrsd.c
++++ b/psi/zfrsd.c
+@@ -49,13 +49,20 @@ zrsdparams(i_ctx_t *i_ctx_p)
+     ref *pFilter;
+     ref *pDecodeParms;
+     int Intent = 0;
+-    bool AsyncRead;
++    bool AsyncRead = false;
+     ref empty_array, filter1_array, parms1_array;
+     uint i;
+-    int code;
++    int code = 0;
++
++    if (ref_stack_count(&o_stack) < 1)
++        return_error(gs_error_stackunderflow);
++    if (!r_has_type(op, t_dictionary) && !r_has_type(op, t_null)) {
++        return_error(gs_error_typecheck);
++    }
+ 
+     make_empty_array(&empty_array, a_readonly);
+-    if (dict_find_string(op, "Filter", &pFilter) > 0) {
++    if (r_has_type(op, t_dictionary)
++        && dict_find_string(op, "Filter", &pFilter) > 0) {
+         if (!r_is_array(pFilter)) {
+             if (!r_has_type(pFilter, t_name))
+                 return_error(gs_error_typecheck);
+@@ -94,12 +101,13 @@ zrsdparams(i_ctx_t *i_ctx_p)
+                 return_error(gs_error_typecheck);
+         }
+     }
+-    code = dict_int_param(op, "Intent", 0, 3, 0, &Intent);
++    if (r_has_type(op, t_dictionary))
++        code = dict_int_param(op, "Intent", 0, 3, 0, &Intent);
+     if (code < 0 && code != gs_error_rangecheck) /* out-of-range int is ok, use 0 */
+         return code;
+-    if ((code = dict_bool_param(op, "AsyncRead", false, &AsyncRead)) < 0
+-        )
+-        return code;
++    if (r_has_type(op, t_dictionary))
++        if ((code = dict_bool_param(op, "AsyncRead", false, &AsyncRead)) < 0)
++            return code;
+     push(1);
+     op[-1] = *pFilter;
+     if (pDecodeParms)
+-- 
+2.11.0
+

package/git/git.mk

@@ -11,6 +11,10 @@ GIT_LICENSE = GPLv2, LGPLv2.1+
 GIT_LICENSE_FILES = COPYING LGPL-2.1
 GIT_DEPENDENCIES = zlib host-gettext
 
+ifeq ($(BR2_PACKAGE_GETTEXT),y)
+GIT_DEPENDENCIES += gettext
+endif
+
 ifeq ($(BR2_PACKAGE_OPENSSL),y)
 GIT_DEPENDENCIES += openssl
 GIT_CONF_OPTS += --with-openssl
@@ -19,8 +23,8 @@ else
 GIT_CONF_OPTS += --without-openssl
 endif
 
-ifeq ($(BR2_PACKAGE_PERL),y)
-GIT_DEPENDENCIES += perl
+ifeq ($(BR2_PACKAGE_PCRE),y)
+GIT_DEPENDENCIES += pcre
 GIT_CONF_OPTS += --with-libpcre
 else
 GIT_CONF_OPTS += --without-libpcre

package/glibc/2.23/0005-sh-Fix-building-with-gcc5-6.patch

@@ -0,0 +1,56 @@
+From dbb9ecfaac8db022292791936733e0841a0aa447 Mon Sep 17 00:00:00 2001
+From: Alexey Neyman <stilor@att.net>
+Date: Wed, 8 Feb 2017 16:00:57 -0200
+Subject: [PATCH] sh: Fix building with gcc5/6
+
+Build glibc for sh4-unknown-linux-gnu currently fails if one's
+using GCC5/6: in dl-conflict.c, the elf_machine_rela() function
+is called with NULL as its 3rd argument, sym. The implementation
+of that function in sysdeps/sh/dl-machine.h dereferences that pointer:
+
+const Elf32_Sym *const refsym = sym;
+...
+if (map == &GL(dl_rtld_map))
+  value -= map->l_addr + refsym->st_value + reloc->r_addend;
+
+GCC discovers a null pointer dereference, and in accordance with
+-fdelete-null-pointer-checks (which is enabled in -O2) replaces this
+code with a trap - which, as SH does not implement a trap pattern in
+GCC, evaluates to an abort() call. This abort() call pulls many more
+objects from libc_nonshared.a, eventually resulting in link failure
+due to multiple definitions for a number of symbols.
+
+As far as I see, the conditional before this code is always false in
+rtld: _dl_resolve_conflicts() is called with main_map as the first
+argument, not GL(_dl_rtld_map), but since that call is in yet another
+compilation unit, GCC does not know about it. Patch that wraps this
+conditional into !defined RESOLVE_CONFLICT_FIND_MAP attached.
+
+	* sysdeps/sh/dl-machine.h (elf_machine_rela): The condition
+	in R_SH_DIR32 case is always false when inlined from
+	dl-conflict.c. Ifdef out to prevent GCC from insertin an
+	abort() call.
+
+[Waldemar: backport of
+https://sourceware.org/git/?p=glibc.git;a=commit;h=d40dbe722f004f999b589de776f7e57e564dda01.]
+Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
+---
+ sysdeps/sh/dl-machine.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/sysdeps/sh/dl-machine.h b/sysdeps/sh/dl-machine.h
+index 5bb37d0..6509055 100644
+--- a/sysdeps/sh/dl-machine.h
++++ b/sysdeps/sh/dl-machine.h
+@@ -389,7 +389,7 @@ elf_machine_rela (struct link_map *map, const Elf32_Rela *reloc,
+ 	  break;
+ 	case R_SH_DIR32:
+ 	  {
+-#ifndef RTLD_BOOTSTRAP
++#if !defined RTLD_BOOTSTRAP && !defined RESOLVE_CONFLICT_FIND_MAP
+ 	   /* This is defined in rtld.c, but nowhere in the static
+ 	      libc.a; make the reference weak so static programs can
+ 	      still link.  This declaration cannot be done when
+-- 
+2.7.4
+

package/glibc/2.24/0001-sh-Fix-building-with-gcc5-6.patch

@@ -0,0 +1,56 @@
+From 98cadd4b9fa8e32d1d0dea8e46b5ba829af4e8a2 Mon Sep 17 00:00:00 2001
+From: Alexey Neyman <stilor@att.net>
+Date: Wed, 8 Feb 2017 16:00:57 -0200
+Subject: [PATCH] sh: Fix building with gcc5/6
+
+Build glibc for sh4-unknown-linux-gnu currently fails if one's
+using GCC5/6: in dl-conflict.c, the elf_machine_rela() function
+is called with NULL as its 3rd argument, sym. The implementation
+of that function in sysdeps/sh/dl-machine.h dereferences that pointer:
+
+const Elf32_Sym *const refsym = sym;
+...
+if (map == &GL(dl_rtld_map))
+  value -= map->l_addr + refsym->st_value + reloc->r_addend;
+
+GCC discovers a null pointer dereference, and in accordance with
+-fdelete-null-pointer-checks (which is enabled in -O2) replaces this
+code with a trap - which, as SH does not implement a trap pattern in
+GCC, evaluates to an abort() call. This abort() call pulls many more
+objects from libc_nonshared.a, eventually resulting in link failure
+due to multiple definitions for a number of symbols.
+
+As far as I see, the conditional before this code is always false in
+rtld: _dl_resolve_conflicts() is called with main_map as the first
+argument, not GL(_dl_rtld_map), but since that call is in yet another
+compilation unit, GCC does not know about it. Patch that wraps this
+conditional into !defined RESOLVE_CONFLICT_FIND_MAP attached.
+
+	* sysdeps/sh/dl-machine.h (elf_machine_rela): The condition
+	in R_SH_DIR32 case is always false when inlined from
+	dl-conflict.c. Ifdef out to prevent GCC from insertin an
+	abort() call.
+
+[Waldemar: backport of
+https://sourceware.org/git/?p=glibc.git;a=commit;h=d40dbe722f004f999b589de776f7e57e564dda01.]
+Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
+---
+ sysdeps/sh/dl-machine.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/sysdeps/sh/dl-machine.h b/sysdeps/sh/dl-machine.h
+index 5bb37d0..6509055 100644
+--- a/sysdeps/sh/dl-machine.h
++++ b/sysdeps/sh/dl-machine.h
+@@ -389,7 +389,7 @@ elf_machine_rela (struct link_map *map, const Elf32_Rela *reloc,
+ 	  break;
+ 	case R_SH_DIR32:
+ 	  {
+-#ifndef RTLD_BOOTSTRAP
++#if !defined RTLD_BOOTSTRAP && !defined RESOLVE_CONFLICT_FIND_MAP
+ 	   /* This is defined in rtld.c, but nowhere in the static
+ 	      libc.a; make the reference weak so static programs can
+ 	      still link.  This declaration cannot be done when
+-- 
+2.7.4
+

package/gnutls/gnutls.hash

@@ -1,2 +1,2 @@
 # Locally calculated after checking pgp signature
-sha256	0e97f243ae72b70307d684b84c7fe679385aa7a7a0e37e5be810193dcc17d4ff	gnutls-3.5.8.tar.xz
+sha256	af443e86ba538d4d3e37c4732c00101a492fe4b56a55f4112ff0ab39dbe6579d	gnutls-3.5.10.tar.xz

package/gnutls/gnutls.mk

@@ -5,7 +5,7 @@
 ################################################################################
 
 GNUTLS_VERSION_MAJOR = 3.5
-GNUTLS_VERSION = $(GNUTLS_VERSION_MAJOR).8
+GNUTLS_VERSION = $(GNUTLS_VERSION_MAJOR).10
 GNUTLS_SOURCE = gnutls-$(GNUTLS_VERSION).tar.xz
 GNUTLS_SITE = ftp://ftp.gnutls.org/gcrypt/gnutls/v$(GNUTLS_VERSION_MAJOR)
 GNUTLS_LICENSE = LGPLv2.1+ (core library), GPLv3+ (gnutls-openssl library)

package/granite/granite.hash

@@ -1,4 +1,4 @@
 # From https://launchpad.net/granite/0.4/0.4.0.1/+download/granite-0.4.0.1.tar.xz/+md5
-md5	db41150ca6e77162392362686e848086	granite-0.3.1.tar.xz
+md5	db41150ca6e77162392362686e848086	granite-0.4.0.1.tar.xz
 # Calculated based on the hash above
 sha256	95a142a8befeedc35a089d638e759b657905508dc3007036d6c1fa3efe94c4dd	granite-0.4.0.1.tar.xz

package/gstreamer/gst-ffmpeg/gst-ffmpeg.mk

@@ -80,6 +80,12 @@ else
 GST_FFMPEG_CONF_EXTRA_OPTS += --disable-altivec
 endif
 
+# libav configure script misdetects the VIS optimizations as being
+# available, so forcefully disable them.
+ifeq ($(BR2_sparc_v8)$(BR2_sparc_leon3),y)
+GST_FFMPEG_CONF_EXTRA_OPTS += --disable-vis
+endif
+
 ifeq ($(BR2_STATIC_LIBS),)
 GST_FFMPEG_CONF_EXTRA_OPTS += --enable-pic
 endif

package/gstreamer/gst-plugins-base/gst-plugins-base.mk

@@ -14,9 +14,9 @@ GST_PLUGINS_BASE_LICENSE_FILES = COPYING COPYING.LIB
 # freetype is only used by examples, but if it is not found
 # and the host has a freetype-config script, then the host
 # include dirs are added to the search path causing trouble
-GST_PLUGINS_BASE_CONF_ENV =
-		FT2_CONFIG=/bin/false \
-		ac_cv_header_stdint_t="stdint.h"
+GST_PLUGINS_BASE_CONF_ENV = \
+	FT2_CONFIG=/bin/false \
+	ac_cv_header_stdint_t="stdint.h"
 
 GST_PLUGINS_BASE_CONF_OPTS = \
 	--disable-examples \

package/gstreamer1/gst1-plugins-bad/Config.in

@@ -112,6 +112,7 @@ config BR2_PACKAGE_GST1_PLUGINS_BAD_LIB_OPENGL_WAYLAND
 	default y
 	depends on BR2_PACKAGE_GST1_PLUGINS_BAD_LIB_OPENGL_EGL
 	depends on BR2_PACKAGE_WAYLAND
+	select BR2_PACKAGE_WAYLAND_PROTOCOLS
 	select BR2_PACKAGE_GST1_PLUGINS_BAD_LIB_OPENGL_HAS_WINDOW
 
 comment "wayland needs the egl platform and the wayland package"
@@ -686,6 +687,7 @@ config BR2_PACKAGE_GST1_PLUGINS_BAD_PLUGIN_VOAACENC
 config BR2_PACKAGE_GST1_PLUGINS_BAD_PLUGIN_WAYLAND
 	bool "wayland"
 	depends on BR2_PACKAGE_WAYLAND
+	select BR2_PACKAGE_WAYLAND_PROTOCOLS
 	default y
 	help
 	  Wayland Video Sink

package/gstreamer1/gst1-plugins-bad/gst1-plugins-bad.mk

@@ -121,7 +121,7 @@ endif
 
 ifneq ($(BR2_PACKAGE_GST1_PLUGINS_BAD_LIB_OPENGL_WAYLAND)$(BR2_PACKAGE_GST1_PLUGINS_BAD_PLUGIN_WAYLAND),)
 GST1_PLUGINS_BAD_CONF_OPTS += --enable-wayland
-GST1_PLUGINS_BAD_DEPENDENCIES += wayland
+GST1_PLUGINS_BAD_DEPENDENCIES += wayland wayland-protocols
 else
 GST1_PLUGINS_BAD_CONF_OPTS += --disable-wayland
 endif

package/gstreamer1/gst1-plugins-base/gst1-plugins-base.mk

@@ -11,13 +11,6 @@ GST1_PLUGINS_BASE_INSTALL_STAGING = YES
 GST1_PLUGINS_BASE_LICENSE_FILES = COPYING.LIB
 GST1_PLUGINS_BASE_LICENSE = LGPLv2+, LGPLv2.1+
 
-# freetype is only used by examples, but if it is not found
-# and the host has a freetype-config script, then the host
-# include dirs are added to the search path causing trouble
-GST1_PLUGINS_BASE_CONF_ENV =
-	FT2_CONFIG=/bin/false \
-	ac_cv_header_stdint_t="stdint.h"
-
 # gio_unix_2_0 is only used for tests
 GST1_PLUGINS_BASE_CONF_OPTS = \
 	--disable-examples \

package/harfbuzz/harfbuzz.hash

@@ -1,2 +1,2 @@
-# From http://www.freedesktop.org/software/harfbuzz/release/harfbuzz-1.4.2.tar.bz2.sha256
-sha256	8f234dcfab000fdec24d43674fffa2fdbdbd654eb176afbde30e8826339cb7b3	harfbuzz-1.4.2.tar.bz2
+# From https://www.freedesktop.org/software/harfbuzz/release/harfbuzz-1.4.4.tar.bz2.sha256
+sha256	35d2f8ca476cbbec64ee824eca6b0209ff8db0334990b9f5af893b94f119d255	harfbuzz-1.4.4.tar.bz2

package/harfbuzz/harfbuzz.mk

@@ -4,8 +4,8 @@
 #
 ################################################################################
 
-HARFBUZZ_VERSION = 1.4.2
-HARFBUZZ_SITE = http://www.freedesktop.org/software/harfbuzz/release
+HARFBUZZ_VERSION = 1.4.4
+HARFBUZZ_SITE = https://www.freedesktop.org/software/harfbuzz/release
 HARFBUZZ_SOURCE = harfbuzz-$(HARFBUZZ_VERSION).tar.bz2
 HARFBUZZ_LICENSE = MIT, ISC (ucdn library)
 HARFBUZZ_LICENSE_FILES = COPYING src/hb-ucdn/COPYING

package/hiredis/hiredis.mk

@@ -4,7 +4,8 @@
 #
 ################################################################################
 
-HIREDIS_VERSION = v0.13.3
+HIREDIS_VERSION_MAJOR = 0.13
+HIREDIS_VERSION = v$(HIREDIS_VERSION_MAJOR).3
 HIREDIS_SITE = $(call github,redis,hiredis,$(HIREDIS_VERSION))
 HIREDIS_LICENSE = BSD-3c
 HIREDIS_LICENSE_FILES = COPYING
@@ -30,6 +31,26 @@ endef
 
 HIREDIS_INCLUDE_DIR = $(STAGING_DIR)/usr/include/hiredis
 
+ifeq ($(BR2_SHARED_LIBS),)
+define HIREDIS_INSTALL_STAGING_STATIC_LIB
+	$(INSTALL) -D -m 0755 $(@D)/libhiredis.a \
+		$(STAGING_DIR)/usr/lib/libhiredis.a
+endef
+endif
+
+ifeq ($(BR2_STATIC_LIBS),)
+define HIREDIS_INSTALL_STAGING_SHARED_LIB
+	$(INSTALL) -D -m 0755 $(@D)/libhiredis.so \
+		$(STAGING_DIR)/usr/lib/libhiredis.so.$(HIREDIS_VERSION_MAJOR)
+	ln -sf libhiredis.so.$(HIREDIS_VERSION_MAJOR) $(STAGING_DIR)/usr/lib/libhiredis.so
+endef
+define HIREDIS_INSTALL_TARGET_SHARED_LIB
+	$(INSTALL) -D -m 0755 $(@D)/libhiredis.so \
+		$(TARGET_DIR)/usr/lib/libhiredis.so.$(HIREDIS_VERSION_MAJOR)
+	ln -sf libhiredis.so.$(HIREDIS_VERSION_MAJOR) $(TARGET_DIR)/usr/lib/libhiredis.so
+endef
+endif
+
 # Do not call make install as this target will build shared and static libraries
 define HIREDIS_INSTALL_STAGING_CMDS
 	mkdir -p $(HIREDIS_INCLUDE_DIR)
@@ -37,12 +58,12 @@ define HIREDIS_INSTALL_STAGING_CMDS
 		$(@D)/adapters $(HIREDIS_INCLUDE_DIR)
 	$(INSTALL) -D -m 0644 $(@D)/hiredis.pc \
 		$(STAGING_DIR)/usr/lib/pkgconfig/hiredis.pc
-	$(INSTALL) -m 0644 -t $(STAGING_DIR)/usr/lib $(@D)/libhiredis*
+	$(HIREDIS_INSTALL_STAGING_STATIC_LIB)
+	$(HIREDIS_INSTALL_STAGING_SHARED_LIB)
 endef
 
 define HIREDIS_INSTALL_TARGET_CMDS
-	mkdir -p $(TARGET_DIR)/usr/lib
-	$(INSTALL) -m 0644 -t $(TARGET_DIR)/usr/lib $(@D)/libhiredis*
+	$(HIREDIS_INSTALL_TARGET_SHARED_LIB)
 endef
 
 $(eval $(generic-package))

package/htop/htop.mk

@@ -8,7 +8,7 @@ HTOP_VERSION = 2.0.2
 HTOP_SITE = http://hisham.hm/htop/releases/$(HTOP_VERSION)
 HTOP_DEPENDENCIES = ncurses
 # Prevent htop build system from searching the host paths
-HTOP_CONF_ENV = HTOP_NCURSES_CONFIG_SCRIPT=$(STAGING_DIR)/usr/bin/ncurses5-config
+HTOP_CONF_ENV = HTOP_NCURSES_CONFIG_SCRIPT=$(STAGING_DIR)/usr/bin/$(NCURSES_CONFIG_SCRIPTS)
 HTOP_LICENSE = GPLv2
 HTOP_LICENSE_FILES = COPYING
 

package/icu/0006-utext-problems-with-handling-of-bad-utf8.patch

@@ -0,0 +1,173 @@
+ticket:12888 UText, problems with handling of bad UTF-8
+
+Fixes:
+
+CVE-2017-7867 - International Components for Unicode (ICU) for C/C++ before
+2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow
+related to the utf8TextAccess function in common/utext.cpp and the
+utext_setNativeIndex* function.
+
+CVE-2017-7868 - International Components for Unicode (ICU) for C/C++ before
+2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow
+related to the utf8TextAccess function in common/utext.cpp and the
+utext_moveIndex32* function.
+
+Upstream: http://bugs.icu-project.org/trac/changeset/39671
+
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+
+Index: /trunk/icu4c/source/common/utext.cpp
+===================================================================
+--- icu4c/source/common/utext.cpp	(revision 39670)
++++ icu4c/source/common/utext.cpp	(revision 39671)
+@@ -848,7 +848,13 @@
+ 
+ // Chunk size.
+-//     Must be less than 85, because of byte mapping from UChar indexes to native indexes.
+-//     Worst case is three native bytes to one UChar.  (Supplemenaries are 4 native bytes
+-//     to two UChars.)
++//     Must be less than 42  (256/6), because of byte mapping from UChar indexes to native indexes.
++//     Worst case there are six UTF-8 bytes per UChar.
++//         obsolete 6 byte form fd + 5 trails maps to fffd
++//         obsolete 5 byte form fc + 4 trails maps to fffd
++//         non-shortest 4 byte forms maps to fffd
++//         normal supplementaries map to a pair of utf-16, two utf8 bytes per utf-16 unit
++//     mapToUChars array size must allow for the worst case, 6.
++//     This could be brought down to 4, by treating fd and fc as pure illegal,
++//     rather than obsolete lead bytes. But that is not compatible with the utf-8 access macros.
+ //
+ enum { UTF8_TEXT_CHUNK_SIZE=32 };
+@@ -890,5 +896,5 @@
+                                                      //    one for a supplementary starting in the last normal position,
+                                                      //    and one for an entry for the buffer limit position.
+-    uint8_t   mapToUChars[UTF8_TEXT_CHUNK_SIZE*3+6]; // Map native offset from bufNativeStart to
++    uint8_t   mapToUChars[UTF8_TEXT_CHUNK_SIZE*6+6]; // Map native offset from bufNativeStart to
+                                                      //   correspoding offset in filled part of buf.
+     int32_t   align;
+@@ -1033,4 +1039,5 @@
+             u8b = (UTF8Buf *)ut->p;   // the current buffer
+             mapIndex = ix - u8b->toUCharsMapStart;
++            U_ASSERT(mapIndex < (int32_t)sizeof(UTF8Buf::mapToUChars));
+             ut->chunkOffset = u8b->mapToUChars[mapIndex] - u8b->bufStartIdx;
+             return TRUE;
+@@ -1299,4 +1306,8 @@
+         //   If index is at the end, there is no character there to look at.
+         if (ix != ut->b) {
++            // Note: this function will only move the index back if it is on a trail byte
++            //       and there is a preceding lead byte and the sequence from the lead 
++            //       through this trail could be part of a valid UTF-8 sequence
++            //       Otherwise the index remains unchanged.
+             U8_SET_CP_START(s8, 0, ix);
+         }
+@@ -1312,5 +1323,8 @@
+         uint8_t *mapToNative = u8b->mapToNative;
+         uint8_t *mapToUChars = u8b->mapToUChars;
+-        int32_t  toUCharsMapStart = ix - (UTF8_TEXT_CHUNK_SIZE*3 + 1);
++        int32_t  toUCharsMapStart = ix - sizeof(UTF8Buf::mapToUChars) + 1;
++        // Note that toUCharsMapStart can be negative. Happens when the remaining
++        // text from current position to the beginning is less than the buffer size.
++        // + 1 because mapToUChars must have a slot at the end for the bufNativeLimit entry.
+         int32_t  destIx = UTF8_TEXT_CHUNK_SIZE+2;   // Start in the overflow region
+                                                     //   at end of buffer to leave room
+@@ -1339,4 +1353,5 @@
+                 // Special case ASCII range for speed.
+                 buf[destIx] = (UChar)c;
++                U_ASSERT(toUCharsMapStart <= srcIx);
+                 mapToUChars[srcIx - toUCharsMapStart] = (uint8_t)destIx;
+                 mapToNative[destIx] = (uint8_t)(srcIx - toUCharsMapStart);
+@@ -1368,4 +1383,5 @@
+                     mapToUChars[sIx-- - toUCharsMapStart] = (uint8_t)destIx;
+                 } while (sIx >= srcIx);
++                U_ASSERT(toUCharsMapStart <= (srcIx+1));
+ 
+                 // Set native indexing limit to be the current position.
+@@ -1542,4 +1558,5 @@
+     U_ASSERT(index<=ut->chunkNativeLimit);
+     int32_t mapIndex = index - u8b->toUCharsMapStart;
++    U_ASSERT(mapIndex < (int32_t)sizeof(UTF8Buf::mapToUChars));
+     int32_t offset = u8b->mapToUChars[mapIndex] - u8b->bufStartIdx;
+     U_ASSERT(offset>=0 && offset<=ut->chunkLength);
+Index: /trunk/icu4c/source/test/intltest/utxttest.cpp
+===================================================================
+--- icu4c/source/test/intltest/utxttest.cpp	(revision 39670)
++++ icu4c/source/test/intltest/utxttest.cpp	(revision 39671)
+@@ -68,4 +68,6 @@
+         case 7: name = "Ticket12130";
+             if (exec) Ticket12130(); break;
++        case 8: name = "Ticket12888";
++            if (exec) Ticket12888(); break;
+         default: name = "";          break;
+     }
+@@ -1584,2 +1586,62 @@
+     utext_close(&ut);
+ }
++
++// Ticket 12888: bad handling of illegal utf-8 containing many instances of the archaic, now illegal,
++//               six byte utf-8 forms. Original implementation had an assumption that
++//               there would be at most three utf-8 bytes per UTF-16 code unit.
++//               The five and six byte sequences map to a single replacement character.
++
++void UTextTest::Ticket12888() {
++    const char *badString = 
++            "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
++            "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
++            "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
++            "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
++            "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
++            "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
++            "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
++            "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
++            "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
++            "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
++            "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
++            "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
++            "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
++            "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
++            "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
++            "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
++            "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
++            "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
++            "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80"
++            "\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80\xfd\x80\x80\x80\x80\x80";
++
++    UErrorCode status = U_ZERO_ERROR;
++    LocalUTextPointer ut(utext_openUTF8(NULL, badString, -1, &status));
++    TEST_SUCCESS(status);
++    for (;;) {
++        UChar32 c = utext_next32(ut.getAlias());
++        if (c == U_SENTINEL) {
++            break;
++        }
++    }
++    int32_t endIdx = utext_getNativeIndex(ut.getAlias());
++    if (endIdx != (int32_t)strlen(badString)) {
++        errln("%s:%d expected=%d, actual=%d", __FILE__, __LINE__, strlen(badString), endIdx);
++        return;
++    }
++
++    for (int32_t prevIndex = endIdx; prevIndex>0;) {
++        UChar32 c = utext_previous32(ut.getAlias());
++        int32_t currentIndex = utext_getNativeIndex(ut.getAlias());
++        if (c != 0xfffd) {
++            errln("%s:%d (expected, actual, index) = (%d, %d, %d)\n",
++                    __FILE__, __LINE__, 0xfffd, c, currentIndex);
++            break;
++        }
++        if (currentIndex != prevIndex - 6) {
++            errln("%s:%d: wrong index. Expected, actual = %d, %d",
++                    __FILE__, __LINE__, prevIndex - 6, currentIndex);
++            break;
++        }
++        prevIndex = currentIndex;
++    }
++}
+Index: /trunk/icu4c/source/test/intltest/utxttest.h
+===================================================================
+--- icu4c/source/test/intltest/utxttest.h	(revision 39670)
++++ icu4c/source/test/intltest/utxttest.h	(revision 39671)
+@@ -39,4 +39,5 @@
+     void Ticket10983();
+     void Ticket12130();
++    void Ticket12888();
+ 
+ private:

package/icu/icu.mk

@@ -8,7 +8,7 @@ ICU_VERSION = 58.2
 ICU_SOURCE = icu4c-$(subst .,_,$(ICU_VERSION))-src.tgz
 ICU_SITE = http://download.icu-project.org/files/icu4c/$(ICU_VERSION)
 ICU_LICENSE = ICU License
-ICU_LICENSE_FILES = license.html
+ICU_LICENSE_FILES = LICENSE
 
 ICU_DEPENDENCIES = host-icu
 ICU_INSTALL_STAGING = YES

package/imagemagick/0001-https-github.com-ImageMagick-ImageMagick-issues-415.patch

@@ -0,0 +1,52 @@
+From b218117cad34d39b9ffb587b45c71c5a49b12bde Mon Sep 17 00:00:00 2001
+From: Cristy <urban-warrior@imagemagick.org>
+Date: Fri, 31 Mar 2017 15:24:33 -0400
+Subject: [PATCH] https://github.com/ImageMagick/ImageMagick/issues/415
+
+Fixes CVE-2017-7606
+
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+---
+ coders/pnm.c | 2 +-
+ coders/rle.c | 5 +++--
+ 2 files changed, 4 insertions(+), 3 deletions(-)
+
+diff --git a/coders/pnm.c b/coders/pnm.c
+index 9a1221d79..c525ebb8f 100644
+--- a/coders/pnm.c
++++ b/coders/pnm.c
+@@ -1979,7 +1979,7 @@ static MagickBooleanType WritePNMImage(const ImageInfo *image_info,Image *image,
+                           pixel=ScaleQuantumToChar(GetPixelRed(image,p));
+                         else
+                           pixel=ScaleQuantumToAny(GetPixelRed(image,p),
+-                          max_value);
++                            max_value);
+                       }
+                     q=PopCharPixel((unsigned char) pixel,q);
+                     p+=GetPixelChannels(image);
+diff --git a/coders/rle.c b/coders/rle.c
+index 2318901ec..ec071dc7b 100644
+--- a/coders/rle.c
++++ b/coders/rle.c
+@@ -271,7 +271,8 @@ static Image *ReadRLEImage(const ImageInfo *image_info,ExceptionInfo *exception)
+         p=colormap;
+         for (i=0; i < (ssize_t) number_colormaps; i++)
+           for (x=0; x < (ssize_t) map_length; x++)
+-            *p++=(unsigned char) ScaleShortToQuantum(ReadBlobLSBShort(image));
++            *p++=(unsigned char) ScaleQuantumToChar(ScaleShortToQuantum(
++              ReadBlobLSBShort(image)));
+       }
+     if ((flags & 0x08) != 0)
+       {
+@@ -476,7 +477,7 @@ static Image *ReadRLEImage(const ImageInfo *image_info,ExceptionInfo *exception)
+               for (x=0; x < (ssize_t) number_planes; x++)
+               {
+                 ValidateColormapValue(image,(size_t) (x*map_length+
+-                    (*p & mask)),&index,exception);
++                  (*p & mask)),&index,exception);
+                 *p=colormap[(ssize_t) index];
+                 p++;
+               }
+-- 
+2.11.0
+

package/imagemagick/0001-png.c-unbreak-build-without-JPEG-support.patch

@@ -1,47 +0,0 @@
-From 5d0e9c53f49022df5154eb3c04900f48b1c6448e Mon Sep 17 00:00:00 2001
-From: Peter Korsgaard <peter@korsgaard.com>
-Date: Mon, 6 Feb 2017 17:39:31 +0100
-Subject: [PATCH] png.c: unbreak build without JPEG support
-
-Since commit a9e228f8ac26 (Implemented a private PNG caNv (canvas) chunk),
-PNGsLong gets called unconditionally, but it is only defined if JPEG
-support is enabled (which defines JNG_SUPPORTED), breaking the build:
-
-MagickCore/.libs/libMagickCore-7.Q16HDRI.a(MagickCore_libMagickCore_7_Q16HDRI_la-png.o): In function `WriteOnePNGImage':
-png.c:(.text+0x748d): undefined reference to `PNGsLong'
-png.c:(.text+0x74b7): undefined reference to `PNGsLong'
-
-For build log, see:
-http://autobuild.buildroot.net/results/d20/d20eecec8e7b947759185f77a6c8e610dd7393f3/build-end.log
-
-Fix it by unconditionally defining the helper function.
-
-Submitted-upstream: https://github.com/ImageMagick/ImageMagick/pull/373
-Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
----
- coders/png.c | 2 --
- 1 file changed, 2 deletions(-)
-
-diff --git a/coders/png.c b/coders/png.c
-index aebe59281..1328b1aab 100644
---- a/coders/png.c
-+++ b/coders/png.c
-@@ -1229,7 +1229,6 @@ static void PNGLong(png_bytep p,png_uint_32 value)
-   *p++=(png_byte) (value & 0xff);
- }
- 
--#if defined(JNG_SUPPORTED)
- static void PNGsLong(png_bytep p,png_int_32 value)
- {
-   *p++=(png_byte) ((value >> 24) & 0xff);
-@@ -1237,7 +1236,6 @@ static void PNGsLong(png_bytep p,png_int_32 value)
-   *p++=(png_byte) ((value >> 8) & 0xff);
-   *p++=(png_byte) (value & 0xff);
- }
--#endif
- 
- static void PNGShort(png_bytep p,png_uint_16 value)
- {
--- 
-2.11.0
-

package/imagemagick/imagemagick.hash

@@ -1,2 +1,2 @@
 # From http://www.imagemagick.org/download/releases/digest.rdf
-sha256 1ee004740b7ab47fff3c92ae4a89dcbd0181c4d5f31fcb7e3697412ea384a0da  ImageMagick-7.0.4-6.tar.xz
+sha256 4a1dde5bdfec0fc549955a051be25b7ff96dfb192060997699e43c7ce0f06ab2  ImageMagick-7.0.5-4.tar.xz

package/imagemagick/imagemagick.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-IMAGEMAGICK_VERSION = 7.0.4-6
+IMAGEMAGICK_VERSION = 7.0.5-4
 IMAGEMAGICK_SOURCE = ImageMagick-$(IMAGEMAGICK_VERSION).tar.xz
 IMAGEMAGICK_SITE = http://www.imagemagick.org/download/releases
 IMAGEMAGICK_LICENSE = Apache-2.0

package/jasper/0002-Fixed-bugs-due-to-uninitialized-data-in-the-JP2-deco.patch

@@ -0,0 +1,286 @@
+From e96fc4fdd525fa0ede28074a7e2b1caf94b58b0d Mon Sep 17 00:00:00 2001
+From: Michael Adams <mdadams@ece.uvic.ca>
+Date: Sat, 4 Mar 2017 14:43:24 -0800
+Subject: [PATCH] Fixed bugs due to uninitialized data in the JP2 decoder.
+ Also, added some comments marking I/O stream interfaces that probably need to
+ be changed (in the long term) to fix integer overflow problems.
+
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+---
+ src/libjasper/base/jas_stream.c | 18 +++++++++++++++++
+ src/libjasper/jp2/jp2_cod.c     | 44 ++++++++++++++++++++++++++++-------------
+ 2 files changed, 48 insertions(+), 14 deletions(-)
+
+diff --git a/src/libjasper/base/jas_stream.c b/src/libjasper/base/jas_stream.c
+index 327ee57..d70408f 100644
+--- a/src/libjasper/base/jas_stream.c
++++ b/src/libjasper/base/jas_stream.c
+@@ -664,6 +664,7 @@ int jas_stream_ungetc(jas_stream_t *stream, int c)
+ 	return 0;
+ }
+ 
++/* FIXME integral type */
+ int jas_stream_read(jas_stream_t *stream, void *buf, int cnt)
+ {
+ 	int n;
+@@ -690,6 +691,7 @@ int jas_stream_read(jas_stream_t *stream, void *buf, int cnt)
+ 	return n;
+ }
+ 
++/* FIXME integral type */
+ int jas_stream_write(jas_stream_t *stream, const void *buf, int cnt)
+ {
+ 	int n;
+@@ -742,6 +744,7 @@ int jas_stream_puts(jas_stream_t *stream, const char *s)
+ 	return 0;
+ }
+ 
++/* FIXME integral type */
+ char *jas_stream_gets(jas_stream_t *stream, char *buf, int bufsize)
+ {
+ 	int c;
+@@ -765,6 +768,7 @@ char *jas_stream_gets(jas_stream_t *stream, char *buf, int bufsize)
+ 	return buf;
+ }
+ 
++/* FIXME integral type */
+ int jas_stream_gobble(jas_stream_t *stream, int n)
+ {
+ 	int m;
+@@ -783,6 +787,7 @@ int jas_stream_gobble(jas_stream_t *stream, int n)
+ 	return n;
+ }
+ 
++/* FIXME integral type */
+ int jas_stream_pad(jas_stream_t *stream, int n, int c)
+ {
+ 	int m;
+@@ -885,6 +890,7 @@ long jas_stream_tell(jas_stream_t *stream)
+ * Buffer initialization code.
+ \******************************************************************************/
+ 
++/* FIXME integral type */
+ static void jas_stream_initbuf(jas_stream_t *stream, int bufmode, char *buf,
+   int bufsize)
+ {
+@@ -1060,6 +1066,7 @@ static int jas_strtoopenmode(const char *s)
+ 	return openmode;
+ }
+ 
++/* FIXME integral type */
+ int jas_stream_copy(jas_stream_t *out, jas_stream_t *in, int n)
+ {
+ 	int all;
+@@ -1085,6 +1092,7 @@ int jas_stream_copy(jas_stream_t *out, jas_stream_t *in, int n)
+ 	return 0;
+ }
+ 
++/* FIXME integral type */
+ long jas_stream_setrwcount(jas_stream_t *stream, long rwcnt)
+ {
+ 	int old;
+@@ -1094,6 +1102,7 @@ long jas_stream_setrwcount(jas_stream_t *stream, long rwcnt)
+ 	return old;
+ }
+ 
++/* FIXME integral type */
+ int jas_stream_display(jas_stream_t *stream, FILE *fp, int n)
+ {
+ 	unsigned char buf[16];
+@@ -1168,6 +1177,7 @@ long jas_stream_length(jas_stream_t *stream)
+ * Memory stream object.
+ \******************************************************************************/
+ 
++/* FIXME integral type */
+ static int mem_read(jas_stream_obj_t *obj, char *buf, int cnt)
+ {
+ 	ssize_t n;
+@@ -1209,6 +1219,7 @@ static int mem_resize(jas_stream_memobj_t *m, size_t bufsize)
+ 	return 0;
+ }
+ 
++/* FIXME integral type */
+ static int mem_write(jas_stream_obj_t *obj, char *buf, int cnt)
+ {
+ 	size_t n;
+@@ -1264,6 +1275,7 @@ static int mem_write(jas_stream_obj_t *obj, char *buf, int cnt)
+ 	return ret;
+ }
+ 
++/* FIXME integral type */
+ static long mem_seek(jas_stream_obj_t *obj, long offset, int origin)
+ {
+ 	jas_stream_memobj_t *m = (jas_stream_memobj_t *)obj;
+@@ -1310,6 +1322,7 @@ static int mem_close(jas_stream_obj_t *obj)
+ * File stream object.
+ \******************************************************************************/
+ 
++/* FIXME integral type */
+ static int file_read(jas_stream_obj_t *obj, char *buf, int cnt)
+ {
+ 	jas_stream_fileobj_t *fileobj;
+@@ -1318,6 +1331,7 @@ static int file_read(jas_stream_obj_t *obj, char *buf, int cnt)
+ 	return read(fileobj->fd, buf, cnt);
+ }
+ 
++/* FIXME integral type */
+ static int file_write(jas_stream_obj_t *obj, char *buf, int cnt)
+ {
+ 	jas_stream_fileobj_t *fileobj;
+@@ -1326,6 +1340,7 @@ static int file_write(jas_stream_obj_t *obj, char *buf, int cnt)
+ 	return write(fileobj->fd, buf, cnt);
+ }
+ 
++/* FIXME integral type */
+ static long file_seek(jas_stream_obj_t *obj, long offset, int origin)
+ {
+ 	jas_stream_fileobj_t *fileobj;
+@@ -1352,6 +1367,7 @@ static int file_close(jas_stream_obj_t *obj)
+ * Stdio file stream object.
+ \******************************************************************************/
+ 
++/* FIXME integral type */
+ static int sfile_read(jas_stream_obj_t *obj, char *buf, int cnt)
+ {
+ 	FILE *fp;
+@@ -1367,6 +1383,7 @@ static int sfile_read(jas_stream_obj_t *obj, char *buf, int cnt)
+ 	return result;
+ }
+ 
++/* FIXME integral type */
+ static int sfile_write(jas_stream_obj_t *obj, char *buf, int cnt)
+ {
+ 	FILE *fp;
+@@ -1377,6 +1394,7 @@ static int sfile_write(jas_stream_obj_t *obj, char *buf, int cnt)
+ 	return (n != JAS_CAST(size_t, cnt)) ? (-1) : cnt;
+ }
+ 
++/* FIXME integral type */
+ static long sfile_seek(jas_stream_obj_t *obj, long offset, int origin)
+ {
+ 	FILE *fp;
+diff --git a/src/libjasper/jp2/jp2_cod.c b/src/libjasper/jp2/jp2_cod.c
+index 7f3608a..8d98a2c 100644
+--- a/src/libjasper/jp2/jp2_cod.c
++++ b/src/libjasper/jp2/jp2_cod.c
+@@ -183,15 +183,28 @@ jp2_boxinfo_t jp2_boxinfo_unk = {
+ * Box constructor.
+ \******************************************************************************/
+ 
+-jp2_box_t *jp2_box_create(int type)
++jp2_box_t *jp2_box_create0()
+ {
+ 	jp2_box_t *box;
+-	jp2_boxinfo_t *boxinfo;
+-
+ 	if (!(box = jas_malloc(sizeof(jp2_box_t)))) {
+ 		return 0;
+ 	}
+ 	memset(box, 0, sizeof(jp2_box_t));
++	box->type = 0;
++	box->len = 0;
++	// Mark the box data as never having been constructed
++	// so that we will not errantly attempt to destroy it later.
++	box->ops = &jp2_boxinfo_unk.ops;
++	return box;
++}
++
++jp2_box_t *jp2_box_create(int type)
++{
++	jp2_box_t *box;
++	jp2_boxinfo_t *boxinfo;
++	if (!(box = jp2_box_create0())) {
++		return 0;
++	}
+ 	box->type = type;
+ 	box->len = 0;
+ 	if (!(boxinfo = jp2_boxinfolookup(type))) {
+@@ -248,14 +261,9 @@ jp2_box_t *jp2_box_get(jas_stream_t *in)
+ 	box = 0;
+ 	tmpstream = 0;
+ 
+-	if (!(box = jas_malloc(sizeof(jp2_box_t)))) {
++	if (!(box = jp2_box_create0())) {
+ 		goto error;
+ 	}
+-
+-	// Mark the box data as never having been constructed
+-	// so that we will not errantly attempt to destroy it later.
+-	box->ops = &jp2_boxinfo_unk.ops;
+-
+ 	if (jp2_getuint32(in, &len) || jp2_getuint32(in, &box->type)) {
+ 		goto error;
+ 	}
+@@ -263,10 +271,12 @@ jp2_box_t *jp2_box_get(jas_stream_t *in)
+ 	box->info = boxinfo;
+ 	box->len = len;
+ 	JAS_DBGLOG(10, (
+-	  "preliminary processing of JP2 box: type=%c%s%c (0x%08x); length=%d\n",
++	  "preliminary processing of JP2 box: "
++	  "type=%c%s%c (0x%08x); length=%"PRIuFAST32"\n",
+ 	  '"', boxinfo->name, '"', box->type, box->len
+ 	  ));
+ 	if (box->len == 1) {
++		JAS_DBGLOG(10, ("big length\n"));
+ 		if (jp2_getuint64(in, &extlen)) {
+ 			goto error;
+ 		}
+@@ -382,6 +392,7 @@ static int jp2_bpcc_getdata(jp2_box_t *box, jas_stream_t *in)
+ {
+ 	jp2_bpcc_t *bpcc = &box->data.bpcc;
+ 	unsigned int i;
++	bpcc->bpcs = 0;
+ 	bpcc->numcmpts = box->datalen;
+ 	if (!(bpcc->bpcs = jas_alloc2(bpcc->numcmpts, sizeof(uint_fast8_t)))) {
+ 		return -1;
+@@ -462,6 +473,7 @@ static int jp2_cdef_getdata(jp2_box_t *box, jas_stream_t *in)
+ 	jp2_cdef_t *cdef = &box->data.cdef;
+ 	jp2_cdefchan_t *chan;
+ 	unsigned int channo;
++	cdef->ents = 0;
+ 	if (jp2_getuint16(in, &cdef->numchans)) {
+ 		return -1;
+ 	}
+@@ -518,7 +530,9 @@ int jp2_box_put(jp2_box_t *box, jas_stream_t *out)
+ 	}
+ 
+ 	if (dataflag) {
+-		if (jas_stream_copy(out, tmpstream, box->len - JP2_BOX_HDRLEN(false))) {
++		if (jas_stream_copy(out, tmpstream, box->len -
++		  JP2_BOX_HDRLEN(false))) {
++			jas_eprintf("cannot copy box data\n");
+ 			goto error;
+ 		}
+ 		jas_stream_close(tmpstream);
+@@ -777,6 +791,7 @@ static int jp2_cmap_getdata(jp2_box_t *box, jas_stream_t *in)
+ 	jp2_cmap_t *cmap = &box->data.cmap;
+ 	jp2_cmapent_t *ent;
+ 	unsigned int i;
++	cmap->ents = 0;
+ 
+ 	cmap->numchans = (box->datalen) / 4;
+ 	if (!(cmap->ents = jas_alloc2(cmap->numchans, sizeof(jp2_cmapent_t)))) {
+@@ -835,6 +850,7 @@ static int jp2_pclr_getdata(jp2_box_t *box, jas_stream_t *in)
+ 	int_fast32_t x;
+ 
+ 	pclr->lutdata = 0;
++	pclr->bpc = 0;
+ 
+ 	if (jp2_getuint16(in, &pclr->numlutents) ||
+ 	  jp2_getuint8(in, &pclr->numchans)) {
+@@ -869,9 +885,9 @@ static int jp2_pclr_putdata(jp2_box_t *box, jas_stream_t *out)
+ #if 0
+ 	jp2_pclr_t *pclr = &box->data.pclr;
+ #endif
+-/* Eliminate warning about unused variable. */
+-box = 0;
+-out = 0;
++	/* Eliminate warning about unused variable. */
++	box = 0;
++	out = 0;
+ 	return -1;
+ }
+ 
+-- 
+2.11.0
+

package/jasper/0003-Added-a-check-in-the-JP2-encoder-to-ensure-that-the-.patch

@@ -0,0 +1,30 @@
+From 58ba0365d911b9f9dd68e9abf826682c0b4f2293 Mon Sep 17 00:00:00 2001
+From: Michael Adams <mdadams@ece.uvic.ca>
+Date: Mon, 6 Mar 2017 08:06:54 -0800
+Subject: [PATCH] Added a check in the JP2 encoder to ensure that the image to
+ be coded has at least one component.
+
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+---
+ src/libjasper/jp2/jp2_enc.c | 5 +++++
+ 1 files changed, 1 insertions(+), 0 deletions(-)
+
+diff --git a/src/libjasper/jp2/jp2_enc.c b/src/libjasper/jp2/jp2_enc.c
+index 9a5e106..af4d9a4 100644
+--- a/src/libjasper/jp2/jp2_enc.c
++++ b/src/libjasper/jp2/jp2_enc.c
+@@ -115,6 +115,11 @@ int jp2_encode(jas_image_t *image, jas_stream_t *out, const char *optstr)
+ 	iccstream = 0;
+ 	iccprof = 0;
+ 
++	if (jas_image_numcmpts(image) < 1) {
++		jas_eprintf("image must have at least one component\n");
++		goto error;
++	}
++
+ 	allcmptssame = 1;
+ 	sgnd = jas_image_cmptsgnd(image, 0);
+ 	prec = jas_image_cmptprec(image, 0);
+-- 
+2.11.0
+

package/libcec/libcec.hash

@@ -1,2 +1,2 @@
 # Locally computed
-sha256 b8b8dd31f3ebdd5472f03ab7d401600ea0d959b1288b9ca24bf457ef60e2ba27  libcec-4.0.2.tar.gz
+sha256  0f29d5a2d155b507807ba896bc3b3e50a0ab56bf8f543a2bf5c2798c790292b5  libcec-2c675dac48387c48c7f43c5d2547ef0c4ef5c7dd.tar.gz

package/libcec/libcec.mk

@@ -4,8 +4,8 @@
 #
 ################################################################################
 
-LIBCEC_VERSION = 4.0.2
-LIBCEC_SITE = $(call github,Pulse-Eight,libcec,libcec-$(LIBCEC_VERSION))
+LIBCEC_VERSION = 2c675dac48387c48c7f43c5d2547ef0c4ef5c7dd
+LIBCEC_SITE = $(call github,Pulse-Eight,libcec,$(LIBCEC_VERSION))
 LIBCEC_LICENSE = GPLv2+
 LIBCEC_LICENSE_FILES = COPYING
 

package/libcroco/0001-input-check-end-of-input-before-reading-a-byte.patch

@@ -0,0 +1,62 @@
+From 898e3a8c8c0314d2e6b106809a8e3e93cf9d4394 Mon Sep 17 00:00:00 2001
+From: Ignacio Casal Quinteiro <qignacio@amazon.com>
+Date: Sun, 16 Apr 2017 13:13:43 +0200
+Subject: [PATCH] input: check end of input before reading a byte
+
+Fixes CVE-2017-7960
+
+When reading bytes we weren't check that the index wasn't
+out of bound and this could produce an invalid read which
+could deal to a security bug.
+
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+---
+ src/cr-input.c | 11 +++++++++--
+ 1 file changed, 9 insertions(+), 2 deletions(-)
+
+diff --git a/src/cr-input.c b/src/cr-input.c
+index 49000b1..3b63a88 100644
+--- a/src/cr-input.c
++++ b/src/cr-input.c
+@@ -256,7 +256,7 @@ cr_input_new_from_uri (const gchar * a_file_uri, enum CREncoding a_enc)
+                  *we should  free buf here because it's own by CRInput.
+                  *(see the last parameter of cr_input_new_from_buf().
+                  */
+-                buf = NULL ;
++                buf = NULL;
+         }
+ 
+  cleanup:
+@@ -404,6 +404,8 @@ cr_input_get_nb_bytes_left (CRInput const * a_this)
+ enum CRStatus
+ cr_input_read_byte (CRInput * a_this, guchar * a_byte)
+ {
++        gulong nb_bytes_left = 0;
++
+         g_return_val_if_fail (a_this && PRIVATE (a_this)
+                               && a_byte, CR_BAD_PARAM_ERROR);
+ 
+@@ -413,6 +415,12 @@ cr_input_read_byte (CRInput * a_this, guchar * a_byte)
+         if (PRIVATE (a_this)->end_of_input == TRUE)
+                 return CR_END_OF_INPUT_ERROR;
+ 
++        nb_bytes_left = cr_input_get_nb_bytes_left (a_this);
++
++        if (nb_bytes_left < 1) {
++                return CR_END_OF_INPUT_ERROR;
++        }
++
+         *a_byte = PRIVATE (a_this)->in_buf[PRIVATE (a_this)->next_byte_index];
+ 
+         if (PRIVATE (a_this)->nb_bytes -
+@@ -477,7 +485,6 @@ cr_input_read_char (CRInput * a_this, guint32 * a_char)
+                 if (*a_char == '\n') {
+                         PRIVATE (a_this)->end_of_line = TRUE;
+                 }
+-
+         }
+ 
+         return status;
+-- 
+2.11.0
+

package/libcroco/0002-tknzr-support-only-max-long-rgb-values.patch

@@ -0,0 +1,46 @@
+From 9ad72875e9f08e4c519ef63d44cdbd94aa9504f7 Mon Sep 17 00:00:00 2001
+From: Ignacio Casal Quinteiro <qignacio@amazon.com>
+Date: Sun, 16 Apr 2017 13:56:09 +0200
+Subject: [PATCH] tknzr: support only max long rgb values
+
+Fixes CVE-2017-7961
+
+This fixes a possible out of bound when reading rgbs which
+are longer than the support MAXLONG
+
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+---
+ src/cr-tknzr.c | 10 ++++++++++
+ 1 file changed, 10 insertions(+)
+
+diff --git a/src/cr-tknzr.c b/src/cr-tknzr.c
+index 1a7cfeb..1548c35 100644
+--- a/src/cr-tknzr.c
++++ b/src/cr-tknzr.c
+@@ -1279,6 +1279,11 @@ cr_tknzr_parse_rgb (CRTknzr * a_this, CRRgb ** a_rgb)
+         status = cr_tknzr_parse_num (a_this, &num);
+         ENSURE_PARSING_COND ((status == CR_OK) && (num != NULL));
+ 
++        if (num->val > G_MAXLONG) {
++                status = CR_PARSING_ERROR;
++                goto error;
++        }
++
+         red = num->val;
+         cr_num_destroy (num);
+         num = NULL;
+@@ -1298,6 +1303,11 @@ cr_tknzr_parse_rgb (CRTknzr * a_this, CRRgb ** a_rgb)
+                 status = cr_tknzr_parse_num (a_this, &num);
+                 ENSURE_PARSING_COND ((status == CR_OK) && (num != NULL));
+ 
++                if (num->val > G_MAXLONG) {
++                        status = CR_PARSING_ERROR;
++                        goto error;
++                }
++
+                 PEEK_BYTE (a_this, 1, &next_bytes[0]);
+                 if (next_bytes[0] == '%') {
+                         SKIP_CHARS (a_this, 1);
+-- 
+2.11.0
+

package/libcurl/libcurl.hash

@@ -1,2 +1,2 @@
 # Locally calculated after checking pgp signature
-sha256 b2345a8bef87b4c229dedf637cb203b5e21db05e20277c8e1094f0d4da180801  curl-7.53.0.tar.bz2
+sha256 f50ebaf43c507fa7cc32be4b8108fa8bbd0f5022e90794388f3c7694a302ff06  curl-7.54.0.tar.bz2

package/libcurl/libcurl.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-LIBCURL_VERSION = 7.53.0
+LIBCURL_VERSION = 7.54.0
 LIBCURL_SOURCE = curl-$(LIBCURL_VERSION).tar.bz2
 LIBCURL_SITE = https://curl.haxx.se/download
 LIBCURL_DEPENDENCIES = host-pkgconf \

package/libiio/libiio.mk

@@ -14,6 +14,7 @@ LIBIIO_CONF_OPTS = -DENABLE_IPV6=ON \
 	-DWITH_LOCAL_BACKEND=$(if $(BR2_PACKAGE_LIBIIO_LOCAL_BACKEND),ON,OFF) \
 	-DWITH_NETWORK_BACKEND=$(if $(BR2_PACKAGE_LIBIIO_NETWORK_BACKEND),ON,OFF) \
 	-DWITH_MATLAB_BINDINGS_API=OFF \
+	-DMATLAB_BINDINGS=OFF \
 	-DINSTALL_UDEV_RULE=$(if $(BR2_PACKAGE_HAS_UDEV),ON,OFF) \
 	-DWITH_TESTS=$(if $(BR2_PACKAGE_LIBIIO_TESTS),ON,OFF) \
 	-DWITH_DOC=OFF

package/libnl/libnl.hash

@@ -1,2 +1,3 @@
 # From https://github.com/thom311/libnl/releases/download/libnl3_2_27/libnl-3.2.27.tar.gz.sha256sum
 sha256	4bbbf92b3c78a90f423cf96260bf419a28b75db8cced47051217a56795f58ec6	libnl-3.2.27.tar.gz
+sha256	b7bb929194eefc56c786a7e1ae5176b54713f9013ccec63760f232742ae80361	3e18948f17148e6a3c4255bdeaaf01ef6081ceeb.patch

package/libnl/libnl.mk

@@ -11,6 +11,8 @@ LIBNL_LICENSE_FILES = COPYING
 LIBNL_INSTALL_STAGING = YES
 LIBNL_DEPENDENCIES = host-bison host-flex
 
+LIBNL_PATCH = https://github.com/thom311/libnl/commit/3e18948f17148e6a3c4255bdeaaf01ef6081ceeb.patch
+
 ifeq ($(BR2_PACKAGE_LIBNL_TOOLS),y)
 LIBNL_CONF_OPTS += --enable-cli
 else

package/libnspr/0001-nios2.patch

@@ -3,14 +3,15 @@ Add Nios-II support
 [Gustavo: update for nspr 4.10.9]
 Signed-off-by: Ezequiel Garcia <ezequiel@vanguardiasur.com.ar>
 
-diff -Nura nspr-4.10.9.orig/nspr/pr/include/md/_linux.cfg nspr-4.10.9/nspr/pr/include/md/_linux.cfg
---- nspr-4.10.9.orig/nspr/pr/include/md/_linux.cfg	2015-10-03 08:11:43.229387215 -0300
-+++ nspr-4.10.9/nspr/pr/include/md/_linux.cfg	2015-10-03 08:11:55.277798841 -0300
+Index: b/nspr/pr/include/md/_linux.cfg
+===================================================================
+--- a/nspr/pr/include/md/_linux.cfg
++++ b/nspr/pr/include/md/_linux.cfg
 @@ -1017,6 +1017,51 @@
  #define PR_BYTES_PER_WORD_LOG2   2
  #define PR_BYTES_PER_DWORD_LOG2  3
  
-+#elif defined(nios2)
++#elif defined(__nios2__)
 +
 +#define IS_LITTLE_ENDIAN 1
 +#undef  IS_BIG_ENDIAN
@@ -58,14 +59,15 @@ diff -Nura nspr-4.10.9.orig/nspr/pr/include/md/_linux.cfg nspr-4.10.9/nspr/pr/in
  #else
  
  #error "Unknown CPU architecture"
-diff -Nura nspr-4.10.9.orig/nspr/pr/include/md/_linux.h nspr-4.10.9/nspr/pr/include/md/_linux.h
---- nspr-4.10.9.orig/nspr/pr/include/md/_linux.h	2015-10-03 08:11:43.229387215 -0300
-+++ nspr-4.10.9/nspr/pr/include/md/_linux.h	2015-10-03 08:12:22.474728003 -0300
+Index: b/nspr/pr/include/md/_linux.h
+===================================================================
+--- a/nspr/pr/include/md/_linux.h
++++ b/nspr/pr/include/md/_linux.h
 @@ -57,6 +57,8 @@
  #define _PR_SI_ARCHITECTURE "m32r"
  #elif defined(__or1k__)
  #define _PR_SI_ARCHITECTURE "or1k"
-+#elif defined(nios2)
++#elif defined(__nios2__)
 +#define _PR_SI_ARCHITECTURE "nios2"
  #else
  #error "Unknown CPU architecture"

package/libnspr/0002-microblaze.patch

@@ -3,9 +3,10 @@ Add Microblaze support
 [Gustavo: update for nspr 4.10.9]
 Signed-off-by: Spenser Gilliland <spenser@gillilanding.com>
 
-diff -Nura nspr-4.10.9.orig/nspr/pr/include/md/_linux.cfg nspr-4.10.9/nspr/pr/include/md/_linux.cfg
---- nspr-4.10.9.orig/nspr/pr/include/md/_linux.cfg	2015-10-03 08:13:11.845414714 -0300
-+++ nspr-4.10.9/nspr/pr/include/md/_linux.cfg	2015-10-03 08:13:20.435708195 -0300
+Index: b/nspr/pr/include/md/_linux.cfg
+===================================================================
+--- a/nspr/pr/include/md/_linux.cfg
++++ b/nspr/pr/include/md/_linux.cfg
 @@ -1062,6 +1062,56 @@
  #define PR_BYTES_PER_WORD_LOG2   2
  #define PR_BYTES_PER_DWORD_LOG2  3
@@ -63,18 +64,16 @@ diff -Nura nspr-4.10.9.orig/nspr/pr/include/md/_linux.cfg nspr-4.10.9/nspr/pr/in
  #else
  
  #error "Unknown CPU architecture"
-diff -Nura nspr-4.10.9.orig/nspr/pr/include/md/_linux.h nspr-4.10.9/nspr/pr/include/md/_linux.h
---- nspr-4.10.9.orig/nspr/pr/include/md/_linux.h	2015-10-03 08:13:11.845414714 -0300
-+++ nspr-4.10.9/nspr/pr/include/md/_linux.h	2015-10-03 08:14:53.351882603 -0300
-@@ -57,8 +57,11 @@
+Index: b/nspr/pr/include/md/_linux.h
+===================================================================
+--- a/nspr/pr/include/md/_linux.h
++++ b/nspr/pr/include/md/_linux.h
+@@ -57,6 +57,8 @@
  #define _PR_SI_ARCHITECTURE "m32r"
  #elif defined(__or1k__)
  #define _PR_SI_ARCHITECTURE "or1k"
 +#elif defined(__microblaze__)
 +#define _PR_SI_ARCHITECTURE "microblaze"
- #elif defined(nios2)
+ #elif defined(__nios2__)
  #define _PR_SI_ARCHITECTURE "nios2"
-+#elif defined(nios2)
  #else
- #error "Unknown CPU architecture"
- #endif

package/libnspr/libnspr.hash

@@ -1,2 +1,2 @@
-# From https://ftp.mozilla.org/pub/mozilla.org/nspr/releases/v4.13.1/src/SHA256SUMS
-sha256	5e4c1751339a76e7c772c0c04747488d7f8c98980b434dc846977e43117833ab	nspr-4.13.1.tar.gz
+# From https://ftp.mozilla.org/pub/nspr/releases/v4.14/src/SHA256SUMS
+sha256	64fc18826257403a9132240aa3c45193d577a84b08e96f7e7770a97c074d17d5	nspr-4.14.tar.gz

package/libnspr/libnspr.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-LIBNSPR_VERSION = 4.13.1
+LIBNSPR_VERSION = 4.14
 LIBNSPR_SOURCE = nspr-$(LIBNSPR_VERSION).tar.gz
 LIBNSPR_SITE = https://ftp.mozilla.org/pub/mozilla.org/nspr/releases/v$(LIBNSPR_VERSION)/src
 LIBNSPR_SUBDIR = nspr

package/libnss/0001-cross-compile.patch

@@ -1,48 +0,0 @@
-This patch allows us to set a value for the cross compiler via TARGETCC without
-setting CC on the command line. CC is used for host tools as well as cross
-compiled code so we cannot define it on the command line without breaking
-the host tools build.
-
-[Gustavo: update for nss 3.16.1]
-[baruch: add OPTIMIZER handling]
-Signed-off-by: Will Newton <will.newton@imgtec.com>
-
-diff -Nuar nss-3.16.1-orig/nss/coreconf/Linux.mk nss-3.16.1/nss/coreconf/Linux.mk
---- nss-3.16.1-orig/nss/coreconf/Linux.mk	2014-05-02 06:27:18.000000000 +0300
-+++ nss-3.16.1/nss/coreconf/Linux.mk	2014-07-01 02:38:18.701480512 +0300
-@@ -16,9 +16,13 @@
- 	IMPL_STRATEGY = _PTH
- endif
- 
--CC			= gcc
--CCC			= g++
--RANLIB			= ranlib
-+TARGETCC		= gcc
-+TARGETCCC		= g++
-+TARGETRANLIB		= ranlib
-+
-+CC			= $(TARGETCC)
-+CCC			= $(TARGETCCC)
-+RANLIB			= $(TARGETRANLIB)
- 
- DEFAULT_COMPILER = gcc
- 
-@@ -125,6 +129,7 @@
- endif
- endif
- 
-+OPTIMIZER = $(TARGET_OPTIMIZER)
- 
- ifeq ($(USE_PTHREADS),1)
- OS_PTHREAD = -lpthread 
-diff -Nuar nss-3.16.1-orig/nss/coreconf/nsinstall/Makefile nss-3.16.1/nss/coreconf/nsinstall/Makefile
---- nss-3.16.1-orig/nss/coreconf/nsinstall/Makefile	2014-05-02 06:27:18.000000000 +0300
-+++ nss-3.16.1/nss/coreconf/nsinstall/Makefile	2014-07-01 02:38:48.102185011 +0300
-@@ -31,6 +31,7 @@
- 
- ifdef NATIVE_FLAGS
- OS_CFLAGS=$(NATIVE_FLAGS)
-+OPTIMIZER=
- endif
- 
- include $(DEPTH)/coreconf/rules.mk

package/libnss/0003-it-uninitialized-fix.patch

@@ -1,24 +0,0 @@
-# HG changeset patch
-# User catdesk <catdesk@tuta.io>
-# Date 1477710600 -7200
-#      Sat Oct 29 05:10:00 2016 +0200
-# Node ID b9ef971b94ab110302d49255339077bc1b4aed7f
-# Parent  eb8c96563cd70aa69d48b01516085f7d2fb46178
-Bug 1313846 - Declare 'it = NULL' earlier. r=franziskus
-
-[Thomas: patch taken from upstream mercurial repository, revision
-12791.]
-Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
-
-diff -r eb8c96563cd7 -r b9ef971b94ab lib/jar/jarfile.c
---- a/nss/lib/jar/jarfile.c	Mon Oct 31 17:31:20 2016 +0100
-+++ b/nss/lib/jar/jarfile.c	Sat Oct 29 05:10:00 2016 +0200
-@@ -657,7 +657,7 @@
- jar_listzip(JAR *jar, JAR_FILE fp)
- {
-     ZZLink *ent;
--    JAR_Item *it;
-+    JAR_Item *it = NULL;
-     JAR_Physical *phy = NULL;
-     struct ZipLocal *Local = PORT_ZNew(struct ZipLocal);
-     struct ZipCentral *Central = PORT_ZNew(struct ZipCentral);

package/libnss/libnss.hash

@@ -1,2 +1,2 @@
-# From https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_27_2_RTM/src/SHA256SUMS
-sha256	dc8ac8524469d0230274fd13a53fdcd74efe4aa67205dde1a4a92be87dc28524	nss-3.27.2.tar.gz
+# From https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_30_2_RTM/src/SHA256SUMS
+sha256	0d4a77ff26bcee79fa8afe0125e0df6ae9e798b6b36782fa29e28febf7cfce24	nss-3.30.2.tar.gz

package/libnss/libnss.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-LIBNSS_VERSION = 3.27.2
+LIBNSS_VERSION = 3.30.2
 LIBNSS_SOURCE = nss-$(LIBNSS_VERSION).tar.gz
 LIBNSS_SITE = https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_$(subst .,_,$(LIBNSS_VERSION))_RTM/src
 LIBNSS_DISTDIR = dist
@@ -33,9 +33,6 @@ LIBNSS_BUILD_VARS = \
 	NSS_USE_SYSTEM_SQLITE=1 \
 	NSS_ENABLE_ECC=1 \
 	NATIVE_CC="$(HOSTCC)" \
-	TARGETCC="$(TARGET_CC)" \
-	TARGETCCC="$(TARGET_CXX)" \
-	TARGETRANLIB="$(TARGET_RANLIB)" \
 	OS_ARCH="Linux" \
 	OS_RELEASE="2.6" \
 	OS_TEST="$(ARCH)"
@@ -55,17 +52,16 @@ endif
 endif
 
 define LIBNSS_BUILD_CMDS
-	$(TARGET_MAKE_ENV) $(MAKE1) -C $(@D)/nss coreconf \
+	$(TARGET_CONFIGURE_OPTS) $(MAKE1) -C $(@D)/nss coreconf \
 		SOURCE_MD_DIR=$(@D)/$(LIBNSS_DISTDIR) \
 		DIST=$(@D)/$(LIBNSS_DISTDIR) \
 		CHECKLOC= \
 		$(LIBNSS_BUILD_VARS)
-	$(TARGET_MAKE_ENV) $(MAKE1) -C $(@D)/nss lib/dbm all \
+	$(TARGET_CONFIGURE_OPTS) $(MAKE1) -C $(@D)/nss lib/dbm all \
 		SOURCE_MD_DIR=$(@D)/$(LIBNSS_DISTDIR) \
 		DIST=$(@D)/$(LIBNSS_DISTDIR) \
 		CHECKLOC= \
-		$(LIBNSS_BUILD_VARS) TARGET_OPTIMIZER="$(TARGET_CFLAGS)" \
-		NATIVE_FLAGS="$(HOST_CFLAGS)"
+		$(LIBNSS_BUILD_VARS) NATIVE_FLAGS="$(HOST_CFLAGS)"
 endef
 
 define LIBNSS_INSTALL_STAGING_CMDS

package/libplatform/0001-p8-platform-config-fix-lookup-paths.patch

@@ -1,38 +0,0 @@
-From 01b5478638c705af29f09ad4ed70289f70a21dcf Mon Sep 17 00:00:00 2001
-From: "Yann E. MORIN" <yann.morin.1998@free.fr>
-Date: Mon, 6 Feb 2017 14:04:47 +0100
-Subject: [PATCH] p8-platform-config: fix lookup paths
-
-Use the proper methods to find the headers and the library.
-
-Signed-off-by: Samuel Martin <s.martin49@gmail.com>
-Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
----
- p8-platform-config.cmake.in | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/p8-platform-config.cmake.in b/p8-platform-config.cmake.in
-index 47f30f1..f59418d 100644
---- a/p8-platform-config.cmake.in
-+++ b/p8-platform-config.cmake.in
-@@ -10,7 +10,7 @@
- #
- # propagate these properties from one build system to the other
- set (p8-platform_VERSION "@p8-platform_VERSION_MAJOR@.@p8-platform_VERSION_MINOR@")
--set (p8-platform_INCLUDE_DIRS @p8-platform_INCLUDE_DIRS@ @CMAKE_INSTALL_PREFIX@/include)
-+find_path (p8-platform_INCLUDE_DIRS p8-platform/os.h)
- set (p8-platform_LIBRARY_DIRS "@CMAKE_LIBRARY_OUTPUT_DIRECTORY@")
- set (p8-platform_LINKER_FLAGS "@p8-platform_LINKER_FLAGS@")
- set (p8-platform_CONFIG_VARS "@p8-platform_CONFIG_VARS@")
-@@ -19,7 +19,7 @@ set (p8-platform_CONFIG_VARS "@p8-platform_CONFIG_VARS@")
- if(WIN32)
-   set (p8-platform_LIBRARY "@CMAKE_INSTALL_PREFIX@/@CMAKE_INSTALL_LIBDIR@/p8-platform.lib")
- else(WIN32)
--  set (p8-platform_LIBRARY "-L@CMAKE_INSTALL_PREFIX@/@CMAKE_INSTALL_LIBDIR@ -lp8-platform")
-+  find_library (p8-platform_LIBRARY p8-platform)
- endif(WIN32)
- set (p8-platform_LIBRARIES ${p8-platform_LIBRARY} "@p8-platform_LIBRARIES@")
- mark_as_advanced (p8-platform_LIBRARY)
--- 
-2.7.4
-

package/libplatform/0001-platform-config.cmake-fix-paths-for-cross-compilatio.patch

@@ -0,0 +1,40 @@
+From 65ba437ed5514dd5762a796d349ed5db49e40fe7 Mon Sep 17 00:00:00 2001
+From: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
+Date: Wed, 29 Jul 2015 21:26:16 +0200
+Subject: [PATCH] platform-config.cmake: fix paths for cross-compilation
+
+Headers and library paths in platform-config.cmake must take into
+account ${CMAKE_FIND_ROOT_PATH} to work in cross-compilation.
+
+Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
+---
+ platform-config.cmake.in | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/platform-config.cmake.in b/platform-config.cmake.in
+index 7fe35fe..78b5085 100644
+--- a/platform-config.cmake.in
++++ b/platform-config.cmake.in
+@@ -10,16 +10,16 @@
+ #
+ # propagate these properties from one build system to the other
+ set (platform_VERSION "@platform_VERSION_MAJOR@.@platform_VERSION_MINOR@")
+-set (platform_INCLUDE_DIRS @platform_INCLUDE_DIRS@ @CMAKE_INSTALL_PREFIX@/include)
++set (platform_INCLUDE_DIRS ${CMAKE_FIND_ROOT_PATH}/@platform_INCLUDE_DIRS@ ${CMAKE_FIND_ROOT_PATH}/@CMAKE_INSTALL_PREFIX@/include)
+ set (platform_LIBRARY_DIRS "@CMAKE_LIBRARY_OUTPUT_DIRECTORY@")
+ set (platform_LINKER_FLAGS "@platform_LINKER_FLAGS@")
+ set (platform_CONFIG_VARS "@platform_CONFIG_VARS@")
+ 
+ # libraries come from the build tree where this file was generated
+ if(WIN32)
+-  set (platform_LIBRARY "@CMAKE_INSTALL_PREFIX@/@CMAKE_INSTALL_LIBDIR@/platform.lib")
++  set (platform_LIBRARY "${CMAKE_FIND_ROOT_PATH}/@CMAKE_INSTALL_PREFIX@/@CMAKE_INSTALL_LIBDIR@/platform.lib")
+ else(WIN32)
+-  set (platform_LIBRARY "-L@CMAKE_INSTALL_PREFIX@/@CMAKE_INSTALL_LIBDIR@ -lplatform")
++  set (platform_LIBRARY "-L${CMAKE_FIND_ROOT_PATH}/@CMAKE_INSTALL_PREFIX@/@CMAKE_INSTALL_LIBDIR@ -lplatform")
+ endif(WIN32)
+ set (platform_LIBRARIES ${platform_LIBRARY} "@platform_LIBRARIES@")
+ mark_as_advanced (platform_LIBRARY)
+-- 
+2.5.0
+

package/libplatform/libplatform.hash

@@ -1,2 +1,2 @@
 # Locally computed
-sha256 88711f1b949285867538a0b2e4189532778e1515325dfa1851eae9d18b6affd9  libplatform-2.1.0.tar.gz
+sha256  3603ead8b16a48cb35b1e6dea330a693f10552b1a6ea036c5db9ec248cd8baf5  libplatform-feafe68e3e0b02c3261aefb3d711863ef6fadd38.tar.gz

package/libplatform/libplatform.mk

@@ -4,10 +4,10 @@
 #
 ################################################################################
 
-LIBPLATFORM_VERSION = 2.1.0
-LIBPLATFORM_SITE = $(call github,Pulse-Eight,platform,p8-platform-$(LIBPLATFORM_VERSION))
-LIBPLATFORM_LICENSE = GPLv2+
-LIBPLATFORM_LICENSE_FILES = src/os.h
+LIBPLATFORM_VERSION = feafe68e3e0b02c3261aefb3d711863ef6fadd38
+LIBPLATFORM_SITE = $(call github,Pulse-Eight,platform,$(LIBPLATFORM_VERSION))
+LIBPLATFORM_LICENSE = GPLv2+, PHP license v3.01
+LIBPLATFORM_LICENSE_FILES = src/os.h src/util/fstrcmp.c
 LIBPLATFORM_INSTALL_STAGING = YES
 
 $(eval $(cmake-package))

package/librsvg/librsvg.mk

@@ -9,7 +9,7 @@ LIBRSVG_VERSION = $(LIBRSVG_VERSION_MAJOR).16
 LIBRSVG_SITE = http://ftp.gnome.org/pub/gnome/sources/librsvg/$(LIBRSVG_VERSION_MAJOR)
 LIBRSVG_SOURCE = librsvg-$(LIBRSVG_VERSION).tar.xz
 LIBRSVG_INSTALL_STAGING = YES
-LIBRSVG_CONF_OPTS = --disable-tools --enable-introspection=no
+LIBRSVG_CONF_OPTS = --disable-pixbuf-loader --disable-tools --enable-introspection=no
 HOST_LIBRSVG_CONF_OPTS = --enable-introspection=no
 LIBRSVG_DEPENDENCIES = cairo host-gdk-pixbuf gdk-pixbuf libcroco libglib2 libxml2 pango \
 	$(if $(BR2_PACKAGE_LIBGTK3),libgtk3)

package/libsamplerate/libsamplerate.hash

@@ -1,2 +1,2 @@
 # Locally calculated after checking pgp signature
-sha256	93b54bdf46d5e6d2354b7034395fe329c222a966790de34520702bb9642f1c06	libsamplerate-0.1.8.tar.gz
+sha256  0a7eb168e2f21353fb6d84da152e4512126f7dc48ccb0be80578c565413444c1  libsamplerate-0.1.9.tar.gz

package/libsamplerate/libsamplerate.mk

@@ -4,12 +4,12 @@
 #
 ################################################################################
 
-LIBSAMPLERATE_VERSION = 0.1.8
+LIBSAMPLERATE_VERSION = 0.1.9
 LIBSAMPLERATE_SITE = http://www.mega-nerd.com/SRC
 LIBSAMPLERATE_INSTALL_STAGING = YES
 LIBSAMPLERATE_DEPENDENCIES = host-pkgconf
 LIBSAMPLERATE_CONF_OPTS = --disable-fftw --program-transform-name=''
-LIBSAMPLERATE_LICENSE = Dual GPLv2+ / libsamplerate commercial use license
+LIBSAMPLERATE_LICENSE = BSD-2c
 LIBSAMPLERATE_LICENSE_FILES = COPYING
 
 ifeq ($(BR2_PACKAGE_LIBSNDFILE),y)

package/libselinux/libselinux.mk

@@ -46,12 +46,10 @@ HOST_LIBSELINUX_DEPENDENCIES = \
 
 ifeq ($(BR2_PACKAGE_PYTHON3),y)
 HOST_LIBSELINUX_DEPENDENCIES += host-python3
-HOST_LIBSELINUX_PYTHONLIBDIR = -L$(HOST_DIR)/usr/lib/python$(PYTHON3_VERSION_MAJOR)/
 HOST_LIBSELINUX_PYINC = -I$(HOST_DIR)/usr/include/python$(PYTHON3_VERSION_MAJOR)m/
 HOST_LIBSELINUX_PYLIBVER = python$(PYTHON3_VERSION_MAJOR)
 else
 HOST_LIBSELINUX_DEPENDENCIES += host-python
-HOST_LIBSELINUX_PYTHONLIBDIR = -L$(HOST_DIR)/usr/lib/python$(PYTHON_VERSION_MAJOR)/
 HOST_LIBSELINUX_PYINC = -I$(HOST_DIR)/usr/include/python$(PYTHON_VERSION_MAJOR)/
 HOST_LIBSELINUX_PYLIBVER = python$(PYTHON_VERSION_MAJOR)
 endif
@@ -60,8 +58,7 @@ HOST_LIBSELINUX_MAKE_OPTS = \
 	$(HOST_CONFIGURE_OPTS) \
 	LDFLAGS="$(HOST_LDFLAGS) -lpcre -lpthread" \
 	PYINC="$(HOST_LIBSELINUX_PYINC)" \
-	PYTHONLIBDIR="$(HOST_LIBSELINUX_PYTHONLIBDIR)" \
-	PYLIBVER="$(HOST_LIBSELINUX_PYLIBVER)" \
+	PYSITEDIR="$(HOST_DIR)/usr/lib/$(HOST_LIBSELINUX_PYLIBVER)/site-packages" \
 	SWIG_LIB="$(HOST_DIR)/usr/share/swig/$(SWIG_VERSION)/"
 
 define HOST_LIBSELINUX_BUILD_CMDS

package/libsidplay2/0001-sidplay2-libs-2.1.1.patch

@@ -1,93 +1,30 @@
-Various fixes to compile libsidplay2 with newer gcc compilers
+From 38493fceb39ac33e12c9c69d78f5584413b479f4 Mon Sep 17 00:00:00 2001
+From: Bernd Kuhls <bernd.kuhls@t-online.de>
+Date: Wed, 1 Mar 2017 10:03:40 +0100
+Subject: [PATCH] Various fixes to compile libsidplay2 with newer gcc compilers
 
 Downloaded from
 http://tsubasa.googlecode.com/svn/trunk/tsubasa/sidplay2-libs/sidplay2-libs-2.1.1.diff
 
 Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
+[Thomas: adjusted to avoid the need to autoreconf, which doesn't work
+properly on this package.]
+Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
+---
+ builders/hardsid-builder/src/hardsid-builder.cpp |  1 +
+ builders/resid-builder/src/resid-builder.cpp     |  1 +
+ builders/resid-builder/src/resid.cpp             |  1 +
+ configure                                        |  2 +-
+ libsidplay/configure                             |  5 +++--
+ libsidplay/include/sidplay/SmartPtr.h            | 28 ++++++++++++------------
+ libsidplay/include/sidplay/sidendian.h           | 18 +++++++++------
+ libsidutils/include/sidplay/utils/SidUsage.h     |  2 +-
+ 8 files changed, 33 insertions(+), 25 deletions(-)
 
---- sidplay-libs-2.1.1.orig/Makefile.in
-+++ sidplay-libs-2.1.1/Makefile.in
-@@ -1,4 +1,4 @@
--# Makefile.in generated by automake 1.8.4 from Makefile.am.
-+# Makefile.in generated by automake 1.8.5 from Makefile.am.
- # @configure_input@
- 
- # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-@@ -253,7 +253,7 @@
- 	fi; \
- 	list='$(SUBDIRS)'; for subdir in $$list; do \
- 	  if test "$$subdir" = .; then :; else \
--	    test -f $$subdir/TAGS && \
-+	    test ! -f $$subdir/TAGS || \
- 	      tags="$$tags $$include_option=$$here/$$subdir/TAGS"; \
- 	  fi; \
- 	done; \
-@@ -264,7 +264,7 @@
- 	  $(AWK) '    { files[$$0] = 1; } \
- 	       END { for (i in files) print i; }'`; \
- 	if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
--	  test -z "$$unique" && unique=$$empty_fix; \
-+	  test -n "$$unique" || unique=$$empty_fix; \
- 	  $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
- 	    $$tags $$unique; \
- 	fi
---- sidplay-libs-2.1.1.orig/aclocal.m4
-+++ sidplay-libs-2.1.1/aclocal.m4
-@@ -1,4 +1,4 @@
--# generated automatically by aclocal 1.8.4 -*- Autoconf -*-
-+# generated automatically by aclocal 1.8.5 -*- Autoconf -*-
- 
- # Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004
- # Free Software Foundation, Inc.
-@@ -40,7 +40,7 @@
- # Call AM_AUTOMAKE_VERSION so it can be traced.
- # This function is AC_REQUIREd by AC_INIT_AUTOMAKE.
- AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION],
--	 [AM_AUTOMAKE_VERSION([1.8.4])])
-+	 [AM_AUTOMAKE_VERSION([1.8.5])])
- 
- # AM_AUX_DIR_EXPAND
- 
---- sidplay-libs-2.1.1.orig/builders/Makefile.in
-+++ sidplay-libs-2.1.1/builders/Makefile.in
-@@ -1,4 +1,4 @@
--# Makefile.in generated by automake 1.8.4 from Makefile.am.
-+# Makefile.in generated by automake 1.8.5 from Makefile.am.
- # @configure_input@
- 
- # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-@@ -130,9 +130,9 @@
- 	      exit 1;; \
- 	  esac; \
- 	done; \
--	echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu  builders/Makefile'; \
-+	echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign  builders/Makefile'; \
- 	cd $(top_srcdir) && \
--	  $(AUTOMAKE) --gnu  builders/Makefile
-+	  $(AUTOMAKE) --foreign  builders/Makefile
- .PRECIOUS: Makefile
- Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
- 	@case '$?' in \
-@@ -234,7 +234,7 @@
- 	fi; \
- 	list='$(SUBDIRS)'; for subdir in $$list; do \
- 	  if test "$$subdir" = .; then :; else \
--	    test -f $$subdir/TAGS && \
-+	    test ! -f $$subdir/TAGS || \
- 	      tags="$$tags $$include_option=$$here/$$subdir/TAGS"; \
- 	  fi; \
- 	done; \
-@@ -245,7 +245,7 @@
- 	  $(AWK) '    { files[$$0] = 1; } \
- 	       END { for (i in files) print i; }'`; \
- 	if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
--	  test -z "$$unique" && unique=$$empty_fix; \
-+	  test -n "$$unique" || unique=$$empty_fix; \
- 	  $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
- 	    $$tags $$unique; \
- 	fi
---- sidplay-libs-2.1.1.orig/builders/hardsid-builder/src/hardsid-builder.cpp
-+++ sidplay-libs-2.1.1/builders/hardsid-builder/src/hardsid-builder.cpp
+diff --git a/builders/hardsid-builder/src/hardsid-builder.cpp b/builders/hardsid-builder/src/hardsid-builder.cpp
+index f54d0a9..9375e40 100644
+--- a/builders/hardsid-builder/src/hardsid-builder.cpp
++++ b/builders/hardsid-builder/src/hardsid-builder.cpp
 @@ -47,6 +47,7 @@
   ***************************************************************************/
  
@@ -96,8 +33,10 @@ Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
  #include "config.h"
  
  #ifdef HAVE_EXCEPTIONS
---- sidplay-libs-2.1.1.orig/builders/resid-builder/src/resid-builder.cpp
-+++ sidplay-libs-2.1.1/builders/resid-builder/src/resid-builder.cpp
+diff --git a/builders/resid-builder/src/resid-builder.cpp b/builders/resid-builder/src/resid-builder.cpp
+index e6e4eaa..4c7650f 100644
+--- a/builders/resid-builder/src/resid-builder.cpp
++++ b/builders/resid-builder/src/resid-builder.cpp
 @@ -37,6 +37,7 @@
   ***************************************************************************/
  
@@ -106,8 +45,10 @@ Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
  
  #include "config.h"
  #ifdef HAVE_EXCEPTIONS
---- sidplay-libs-2.1.1.orig/builders/resid-builder/src/resid.cpp
-+++ sidplay-libs-2.1.1/builders/resid-builder/src/resid.cpp
+diff --git a/builders/resid-builder/src/resid.cpp b/builders/resid-builder/src/resid.cpp
+index 8c27850..d3123c5 100644
+--- a/builders/resid-builder/src/resid.cpp
++++ b/builders/resid-builder/src/resid.cpp
 @@ -16,6 +16,7 @@
   *                                                                         *
   ***************************************************************************/
@@ -116,9 +57,11 @@ Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
  #include "config.h"
  
  #ifdef HAVE_EXCEPTIONS
---- sidplay-libs-2.1.1.orig/configure.ac
-+++ sidplay-libs-2.1.1/configure.ac
-@@ -2,7 +2,7 @@
+diff --git a/configure b/configure
+index 1200eaf..77948b4 100755
+--- a/configure
++++ b/configure
+@@ -1227,7 +1227,7 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu
  
  #Variables
  pwd=`pwd`
@@ -126,19 +69,28 @@ Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
 +builders='${libdir}'/
  ac_configure_args="$ac_configure_args --disable-library-checks"
  
- AC_CONFIG_AUX_DIR(unix)
-@@ -11,7 +11,7 @@
- 
- hardsid=false
- case "$host" in
--    *linux*) hardsid=true
-+    *linux*|*-k*bsd*-gnu) hardsid=true
-         ;;
- esac
- AM_CONDITIONAL(HARDSID, test x$hardsid = xtrue)
---- sidplay-libs-2.1.1.orig/libsidplay/include/sidplay/SmartPtr.h
-+++ sidplay-libs-2.1.1/libsidplay/include/sidplay/SmartPtr.h
-@@ -17,16 +17,16 @@
+ ac_aux_dir=
+diff --git a/libsidplay/configure b/libsidplay/configure
+index 05a8ea6..3d93956 100755
+--- a/libsidplay/configure
++++ b/libsidplay/configure
+@@ -23466,8 +23466,9 @@ _ACEOF
+ cat confdefs.h >>conftest.$ac_ext
+ cat >>conftest.$ac_ext <<_ACEOF
+ /* end confdefs.h.  */
+-#include <fstream.h>
+-             #include <iomanip.h>
++#include <fstream>
++             #include <iomanip>
++             using namespace std;
+ int
+ main ()
+ {
+diff --git a/libsidplay/include/sidplay/SmartPtr.h b/libsidplay/include/sidplay/SmartPtr.h
+index c0cbb1a..15efd10 100644
+--- a/libsidplay/include/sidplay/SmartPtr.h
++++ b/libsidplay/include/sidplay/SmartPtr.h
+@@ -17,16 +17,16 @@ class SmartPtrBase_sidtt
  		doFree = bufOwner;
  		if ( bufferLen >= 1 )
  		{
@@ -162,7 +114,7 @@ Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
  		}
  	}
  	
-@@ -211,16 +211,16 @@
+@@ -211,16 +211,16 @@ class SmartPtr_sidtt : public SmartPtrBase_sidtt<T>
  	{
  		if ( bufferLen >= 1 )
  		{
@@ -186,8 +138,10 @@ Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
  		}
  	}
  };
---- sidplay-libs-2.1.1.orig/libsidplay/include/sidplay/sidendian.h
-+++ sidplay-libs-2.1.1/libsidplay/include/sidplay/sidendian.h
+diff --git a/libsidplay/include/sidplay/sidendian.h b/libsidplay/include/sidplay/sidendian.h
+index 9fa8582..6115282 100644
+--- a/libsidplay/include/sidplay/sidendian.h
++++ b/libsidplay/include/sidplay/sidendian.h
 @@ -16,6 +16,10 @@
   ***************************************************************************/
  /***************************************************************************
@@ -199,7 +153,7 @@ Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
   *  Revision 1.5  2001/07/03 22:44:13  s_a_white
   *  Added endian_16 to convert a 16 bit value to an array of 8s.
   *
-@@ -141,7 +145,7 @@
+@@ -141,7 +145,7 @@ inline void endian_16swap8 (uint_least16_t &word)
  // Convert high-byte and low-byte to 16-bit word.
  inline uint_least16_t endian_16 (uint8_t hi, uint8_t lo)
  {
@@ -208,7 +162,7 @@ Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
      endian_16lo8 (word, lo);
      endian_16hi8 (word, hi);
      return word;
-@@ -165,7 +169,7 @@
+@@ -165,7 +169,7 @@ inline void endian_16 (uint8_t ptr[2], uint_least16_t word)
  
  inline void endian_16 (char ptr[2], uint_least16_t word)
  {
@@ -217,7 +171,7 @@ Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
  }
  
  // Convert high-byte and low-byte to 16-bit little endian word.
-@@ -334,7 +338,7 @@
+@@ -334,7 +338,7 @@ inline void endian_32swap16 (uint_least32_t &dword)
  // Swap word endian.
  inline void endian_32swap8 (uint_least32_t &dword)
  {
@@ -226,7 +180,7 @@ Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
      lo = endian_32lo16 (dword);
      hi = endian_32hi16 (dword);
      endian_16swap8 (lo);
-@@ -346,8 +350,8 @@
+@@ -346,8 +350,8 @@ inline void endian_32swap8 (uint_least32_t &dword)
  // Convert high-byte and low-byte to 32-bit word.
  inline uint_least32_t endian_32 (uint8_t hihi, uint8_t hilo, uint8_t hi, uint8_t lo)
  {
@@ -237,7 +191,7 @@ Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
      endian_32lo8  (dword, lo);
      endian_32hi8  (dword, hi);
      endian_16lo8  (word,  hilo);
-@@ -374,7 +378,7 @@
+@@ -374,7 +378,7 @@ inline void endian_little32 (uint8_t ptr[4], uint_least32_t dword)
      defined(SID_WORDS_LITTLEENDIAN)
      *((uint_least32_t *) ptr) = dword;
  #else
@@ -246,7 +200,7 @@ Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
      ptr[0] = endian_32lo8  (dword);
      ptr[1] = endian_32hi8  (dword);
      word   = endian_32hi16 (dword);
-@@ -401,7 +405,7 @@
+@@ -401,7 +405,7 @@ inline void endian_big32 (uint8_t ptr[4], uint_least32_t dword)
      defined(SID_WORDS_BIGENDIAN)
      *((uint_least32_t *) ptr) = dword;
  #else
@@ -255,72 +209,11 @@ Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
      word   = endian_32hi16 (dword);
      ptr[1] = endian_16lo8  (word);
      ptr[0] = endian_16hi8  (word);
---- sidplay-libs-2.1.1.orig/libsidplay/unix/config.h.in
-+++ sidplay-libs-2.1.1/libsidplay/unix/config.h.in
-@@ -72,22 +72,22 @@
- /* Define to the version of this package. */
- #undef PACKAGE_VERSION
- 
--/* The size of a `char', as computed by sizeof. */
-+/* The size of `char', as computed by sizeof. */
- #undef SIZEOF_CHAR
- 
--/* The size of a `int', as computed by sizeof. */
-+/* The size of `int', as computed by sizeof. */
- #undef SIZEOF_INT
- 
- /* The number of bytes in type long */
- #undef SIZEOF_LONG
- 
--/* The size of a `long int', as computed by sizeof. */
-+/* The size of `long int', as computed by sizeof. */
- #undef SIZEOF_LONG_INT
- 
- /* The number of bytes in type short */
- #undef SIZEOF_SHORT
- 
--/* The size of a `short int', as computed by sizeof. */
-+/* The size of `short int', as computed by sizeof. */
- #undef SIZEOF_SHORT_INT
- 
- /* The number of bytes in type void* */
---- sidplay-libs-2.1.1.orig/libsidplay/unix/my_macros.m4
-+++ sidplay-libs-2.1.1/libsidplay/unix/my_macros.m4
-@@ -105,8 +105,9 @@
-     AC_CACHE_VAL(test_cv_have_ios_openmode,
-     [
-         AC_TRY_COMPILE(
--            [#include <fstream.h>
--             #include <iomanip.h>],
-+            [#include <fstream>
-+             #include <iomanip>
-+	     using namespace std;],
-             [ios::openmode myTest = ios::in;],
-             [test_cv_have_ios_openmode=yes],
-             [test_cv_have_ios_openmode=no]
---- sidplay-libs-2.1.1.orig/libsidplay/unix/sidint.h
-+++ sidplay-libs-2.1.1/libsidplay/unix/sidint.h
-@@ -0,0 +1,17 @@
-+#ifndef _UNIX_SIDINT_H
-+#define _UNIX_SIDINT_H 1
-+#ifndef _GENERATED_STDINT_H
-+#define _GENERATED_STDINT_H "libsidplay 2.1.1"
-+/* generated using a gnu compiler version gcc (Debian 4.3-20080219-1) 4.3.0 20080219 (prerelease) [gcc-4_3-branch revision 132456] Copyright (C) 2007 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. */
-+
-+#include <stdint.h>
-+
-+
-+/* system headers have good uint64_t */
-+#ifndef _HAVE_UINT64_T
-+#define _HAVE_UINT64_T
-+#endif
-+
-+  /* once */
-+#endif
-+#endif
---- sidplay-libs-2.1.1.orig/libsidutils/include/sidplay/utils/SidUsage.h
-+++ sidplay-libs-2.1.1/libsidutils/include/sidplay/utils/SidUsage.h
-@@ -33,7 +33,7 @@
+diff --git a/libsidutils/include/sidplay/utils/SidUsage.h b/libsidutils/include/sidplay/utils/SidUsage.h
+index 2afb0f3..0496eea 100755
+--- a/libsidutils/include/sidplay/utils/SidUsage.h
++++ b/libsidutils/include/sidplay/utils/SidUsage.h
+@@ -33,7 +33,7 @@ struct sid2_usage_t: public sid_usage_t
      uint_least16_t length;  // usage scan length
  
      // Copy common parts of basic usage to extended usage.
@@ -329,3 +222,6 @@ Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
      {
          *((sid_usage_t *) this) = usage;
          return *this;
+-- 
+2.7.4
+

package/libsidplay2/libsidplay2.mk

@@ -9,7 +9,6 @@ LIBSIDPLAY2_SOURCE = sidplay-libs-$(LIBSIDPLAY2_VERSION).tar.gz
 LIBSIDPLAY2_SITE = http://downloads.sourceforge.net/project/sidplay2/sidplay2/sidplay-libs-$(LIBSIDPLAY2_VERSION)
 LIBSIDPLAY2_LICENSE = GPLv2+
 LIBSIDPLAY2_LICENSE_FILES = libsidplay/COPYING
-LIBSIDPLAY2_AUTORECONF = YES
 LIBSIDPLAY2_INSTALL_STAGING = YES
 
 $(eval $(autotools-package))

package/libsndfile/0001-srconly.patch

@@ -1,17 +0,0 @@
----
- Makefile.in |    2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-Index: libsndfile-1.0.18/Makefile.in
-===================================================================
---- libsndfile-1.0.18.orig/Makefile.in
-+++ libsndfile-1.0.18/Makefile.in
-@@ -260,7 +260,7 @@
- top_srcdir = @top_srcdir@
- DISTCHECK_CONFIGURE_FLAGS = --enable-gcc-werror
- @BUILD_OCTAVE_MOD_TRUE@octave_dir = Octave
--SUBDIRS = M4 man doc Win32 src $(octave_dir) examples regtest tests programs
-+SUBDIRS = src
- DIST_SUBDIRS = M4 man doc Win32 src Octave examples regtest tests programs
- EXTRA_DIST = libsndfile.spec.in sndfile.pc.in Mingw-make-dist.sh
- pkgconfigdir = $(libdir)/pkgconfig

package/libsndfile/libsndfile.hash

@@ -1,2 +1,2 @@
 # Locally calculated after checking pgp signature
-sha256	a391952f27f4a92ceb2b4c06493ac107896ed6c76be9a613a4731f076d30fac0	libsndfile-1.0.27.tar.gz
+sha256	1ff33929f042fa333aed1e8923aa628c3ee9e1eb85512686c55092d1e5a9dfa9	libsndfile-1.0.28.tar.gz

package/libsndfile/libsndfile.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-LIBSNDFILE_VERSION = 1.0.27
+LIBSNDFILE_VERSION = 1.0.28
 LIBSNDFILE_SITE = http://www.mega-nerd.com/libsndfile/files
 LIBSNDFILE_INSTALL_STAGING = YES
 LIBSNDFILE_LICENSE = LGPLv2.1+
@@ -13,6 +13,7 @@ LIBSNDFILE_LICENSE_FILES = COPYING
 LIBSNDFILE_CONF_OPTS = \
 	--disable-sqlite \
 	--disable-alsa \
-	--disable-external-libs
+	--disable-external-libs \
+	--disable-full-suite
 
 $(eval $(autotools-package))

package/libsoc/libsoc.mk

@@ -10,6 +10,7 @@ LIBSOC_LICENSE = LGPLv2.1
 LIBSOC_LICENSE_FILES = LICENCE
 LIBSOC_AUTORECONF = YES
 LIBSOC_INSTALL_STAGING = YES
+LIBSOC_DEPENDENCIES = host-pkgconf
 
 # Install Python 2 bindings
 ifeq ($(BR2_PACKAGE_PYTHON),y)

package/libunwind/Config.in

@@ -15,7 +15,7 @@ config BR2_PACKAGE_LIBUNWIND_ARCH_SUPPORTS
 		 BR2_mips64el || BR2_powerpc || BR2_sh || BR2_i386 || BR2_x86_64)
 	default y if BR2_TOOLCHAIN_USES_UCLIBC && \
 		(((BR2_arm || BR2_armeb) && BR2_ARM_CPU_HAS_ARM) || \
-		 BR2_i386 || BR2_mips || BR2_mipsel || \
+		 BR2_mips || BR2_mipsel || \
 		 BR2_mips64 || BR2_mips64el || BR2_x86_64)
 	default y if BR2_TOOLCHAIN_USES_MUSL && \
 		(((BR2_arm || BR2_armeb) && BR2_ARM_CPU_HAS_ARM) || \

package/libwebsockets/libwebsockets.hash

@@ -1,2 +1,3 @@
 # Locally computed:
-sha256  bcc96aaa609daae4d3f7ab1ee480126709ef4f6a8bf9c85de40aae48e38cce66  libwebsockets-v2.1.0.tar.gz
+sha256	96183cbdfcd6e6a3d9465e854a924b7bfde6c8c6d3384d6159ad797c2e823b4d  libwebsockets-v2.1.1.tar.gz
+sha256	49ae9f959394686d469f960951ece3ad1101655afe64df28ea5b1a61c1d124f0  f9f5a5760782b68fba190fb46d306f7c08f027c0.patch