Update for 2018.08.3

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

.gitlab-ci.yml

@@ -63,6 +63,11 @@ check-package:
             - output/build/packages-file-list.txt
 
 .runtime_test: &runtime_test
+    # Running the runtime tests for every push is too much, so limit to
+    # explicit triggers through the API.
+    only:
+        - triggers
+        - tags
     # Keep build directories so the rootfs can be an artifact of the job. The
     # runner will clean up those files for us.
     # Multiply every emulator timeout by 10 to avoid sporadic failures in

.gitlab-ci.yml.in

@@ -63,6 +63,11 @@ check-package:
             - output/build/packages-file-list.txt
 
 .runtime_test: &runtime_test
+    # Running the runtime tests for every push is too much, so limit to
+    # explicit triggers through the API.
+    only:
+        - triggers
+        - tags
     # Keep build directories so the rootfs can be an artifact of the job. The
     # runner will clean up those files for us.
     # Multiply every emulator timeout by 10 to avoid sporadic failures in

CHANGES

@@ -1,3 +1,102 @@
+2018.08.3, Released November 26th, 2018
+
+	Important / security related fixes.
+
+	fs: Drop intermediate tarball from the filesystem handling to
+	fix an issue with xattrs handling related to fakeroot. Ensure
+	tarball target includes xattrs.
+
+	download: Fix confusion in git submodule handling if dl/ is a
+	symlink.
+
+	toolchain: Only allow enabling stack protection on
+	architectures with control flow integrity (CFI) support. Only
+	allow FORTIFY_SOURCE support on gcc >= 6.
+
+	genrandconfig: Fix missing newline in BR2_WGET handling,
+	causing the following line to be ignored. This would affect
+	BR2_ENABLE_DEBUG, BR2_INIT_BUSYBOX, BR2_INIT_SYSTEMD,
+	BR2_ROOTFS_DEVICE_CREATION_DYNAMIC_EUDEV, BR2_STATIC_LIBS or
+	BR2_PACKAGE_PYTHON_PY_ONLY depending on the randomization.
+
+	show-build-order: Also include the dependencies of
+	rootfs-common.
+
+	Defconfigs: Fixes for Armadeus APF27, imx6sabre, Olimex A20
+	olinuxino lime legacy, Orangepi zero plus 2.
+
+	graph-depends: Fix for package names starting with a non-alpha
+	character.
+
+	Updated/fixed packages: attr, audit, bind, brotli, busybox,
+	dtc, easydbus, elfutils, flare-engine, flatcc, gauche, gcc,
+	giflib, gpsd, lcdproc, libcurl, libiscsi, libkcapi, libnfs,
+	libnspr, libnss, libsemanage, liburiparser, lighttpd,
+	lua-curl, mariadb, mmc, mosquitto, mysql, ncmpc, neardal,
+	netplug, network-manager, nfs-utils, nginx, openocd, openswan,
+	p11-kit, postgresql, prosody, qemu, qt, rpm, ruby, samba4,
+	squid, supertuxkart, systemd, tar, trace-cmd, traceroute,
+	twolame, uclibc, usb_modeswitch, vtun, webkitgtk, weston,
+	xdriver_xf86-video-geode, xlib_libfontenc, xserver_xorg-server
+
+	Issues resolved (http://bugs.uclibc.org):
+
+	#11086: download/git submodule breaks on symlinked dl folder
+	#11481: Docs: Is external.desc required?
+
+2018.08.2, Released October 25th, 2018
+
+	Important / security related fixes.
+
+	Workaround added for incompatibility issues between host-dtc
+	and older U-Boot and Linux kernel versions.
+
+	Detect and reject build paths containing '@', as this confuses
+	a number of packages, including GCC.
+
+	utils/get-developers: Add -e option for use with git
+	send-email.
+
+	utils/diffconfig: Make it work for (non-Buildroot) config
+	files not using the BR2_ prefix.
+
+	u-boot: Fix for environment image handling on big endian
+	systems.
+
+	Updated/fixed packages: binutils, ca-certificates,
+	cups-filters, dtc, erlang, file, freetype, gcc, git, gvfs,
+	jasper, leveldb, libarchive, libssh, live555, ljlinenoise,
+	mariadb, mongoose, netsnmp, nmap, nodejs, ntp, open-plc-utils,
+	poco, psmisc, ptpd2, python-enum34, qemu, qt, qt5base,
+	setools, spice, spice-protocol, tinc, ustr, wireshark,
+
+	Issues resolved (http://bugs.uclibc.org):
+
+	#11396: uboot environment image checksum invalid if target is big endian
+
+2018.08.1, Released October 7th, 2018
+
+	Important / security related fixes.
+
+	Add a number of patches to fix build errors for host utilities
+	on modern distributions using glibc-2.28.
+
+	mkusers: Ensure existing group members are preserved when a
+	group is reprocessed.
+
+	printvars: Fix issue with exceeding shell command line length
+	limits for certain setups.
+
+	Updated/fixed packages: acpid, android-tools, apache,
+	arp-scan, bandwidthd, bind, brltty, clamav, connman, cppcms,
+	domoticz, dtc, fio, gcc, gdb, ghostscript, gnupg, httpping,
+	igmpproxy, imlib2, ipsec-tools, libesmtp, libnfs, libxslt,
+	links, lua, mosquitto, nilfs-utils, ocrad, parted, php,
+	python-django, screen, shairport-sync, strongswan,
+	vboot-utils, webkitgtk, wireguard, x265 xen, xlib_libXdmcp,
+	xlib_libXfont, xlib_libXft, xlib_libxshmfence,
+	xutil_makedepend, zeromq
+
 2018.08, Released September 6th, 2018
 
 	Minor fixes.

Config.in

@@ -67,6 +67,9 @@ config BR2_HOST_GCC_AT_LEAST_8
 	default y if BR2_HOST_GCC_VERSION = "8"
 	select BR2_HOST_GCC_AT_LEAST_7
 
+# When adding new entries above, be sure to update
+# the HOSTCC_MAX_VERSION variable in the Makefile.
+
 # Hidden boolean selected by packages in need of Java in order to build
 # (example: kodi)
 config BR2_NEEDS_HOST_JAVA
@@ -809,6 +812,8 @@ config BR2_FORTIFY_SOURCE_NONE
 
 config BR2_FORTIFY_SOURCE_1
 	bool "Conservative"
+	# gcc bug https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61164
+	depends on !BR2_TOOLCHAIN_BUILDROOT || BR2_TOOLCHAIN_GCC_AT_LEAST_6
 	help
 	  This option sets _FORTIFY_SOURCE to 1 and only introduces
 	  checks that shouldn't change the behavior of conforming
@@ -816,6 +821,8 @@ config BR2_FORTIFY_SOURCE_1
 
 config BR2_FORTIFY_SOURCE_2
 	bool "Aggressive"
+	# gcc bug https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61164
+	depends on !BR2_TOOLCHAIN_BUILDROOT || BR2_TOOLCHAIN_GCC_AT_LEAST_6
 	help
 	  This option sets _FORTIFY_SOURCES to 2 and some more
 	  checking is added, but some conforming programs might fail.

Makefile

@@ -60,6 +60,11 @@ override O := $(patsubst %/,%,$(patsubst %.,%,$(O)))
 # avoid empty CANONICAL_O in case on non-existing entry.
 CANONICAL_O := $(shell mkdir -p $(O) >/dev/null 2>&1)$(realpath $(O))
 
+# gcc fails to build when the srcdir contains a '@'
+ifneq ($(findstring @,$(CANONICAL_O)),)
+$(error The build directory can not contain a '@')
+endif
+
 CANONICAL_CURDIR = $(realpath $(CURDIR))
 
 REQ_UMASK = 0022
@@ -87,9 +92,9 @@ all:
 .PHONY: all
 
 # Set and export the version string
-export BR2_VERSION := 2018.08
+export BR2_VERSION := 2018.08.3
 # Actual time the release is cut (for reproducible builds)
-BR2_VERSION_EPOCH = 1536263000
+BR2_VERSION_EPOCH = 1543269000
 
 # Save running make version since it's clobbered by the make package
 RUNNING_MAKE_VERSION := $(MAKE_VERSION)
@@ -346,8 +351,14 @@ export HOSTARCH := $(shell LC_ALL=C $(HOSTCC_NOCCACHE) -v 2>&1 | \
 	    -e 's/macppc/powerpc/' \
 	    -e 's/sh.*/sh/' )
 
-HOSTCC_VERSION := $(shell $(HOSTCC_NOCCACHE) --version | \
-	sed -n -r 's/^.* ([0-9]*)\.([0-9]*)\.([0-9]*)[ ]*.*/\1 \2/p')
+# When adding a new host gcc version in Config.in,
+# update the HOSTCC_MAX_VERSION variable:
+HOSTCC_MAX_VERSION := 8
+
+HOSTCC_VERSION := $(shell V=$$($(HOSTCC_NOCCACHE) --version | \
+	sed -n -r 's/^.* ([0-9]*)\.([0-9]*)\.([0-9]*)[ ]*.*/\1 \2/p'); \
+	[ "$${V%% *}" -le $(HOSTCC_MAX_VERSION) ] || V=$(HOSTCC_MAX_VERSION); \
+	printf "%s" "$${V}")
 
 # For gcc >= 5.x, we only need the major version.
 ifneq ($(firstword $(HOSTCC_VERSION)),4)
@@ -977,7 +988,8 @@ $(BUILD_DIR)/.br2-external.in: $(BUILD_DIR)
 # displayed.
 .PHONY: printvars
 printvars:
-	@:$(foreach V, \
+	@:
+	$(foreach V, \
 		$(sort $(if $(VARS),$(filter $(VARS),$(.VARIABLES)),$(.VARIABLES))), \
 		$(if $(filter-out environment% default automatic, \
 				$(origin $V)), \

board/freescale/imx6sabre/patches/uboot/0002-imx-Create-distinct-pre-processed-mkimage-config-fil.patch

@@ -0,0 +1,89 @@
+From 27a2cd6a1980adf3002412678c8fdec6528dc47d Mon Sep 17 00:00:00 2001
+From: Trent Piepho <tpiepho@impinj.com>
+Date: Fri, 6 Apr 2018 17:11:27 -0700
+Subject: [PATCH] imx: Create distinct pre-processed mkimage config files
+
+Each imx image is created by a separate sub-make and during this process
+the mkimage config file is run though cpp.
+
+The cpp output is to the same file no matter what imx image is being
+created.
+
+This means if two imx images are generated in parallel they will attempt
+to independently produce the same pre-processed mkimage config file at
+the same time.
+
+Avoid the problem by making the pre-processed config file name unique
+based on the imx image it will be used in.  This way each image will
+create a unique config file and they won't clobber each other when run
+in parallel.
+
+This should fixed the build bug referenced in b5b0e4e3 ("imximage:
+Remove failure when no IVT offset is found").
+
+Cc: Breno Lima <breno.lima@nxp.com>
+Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
+Cc: Fabio Estevam <fabio.estevam@nxp.com>
+Signed-off-by: Trent Piepho <tpiepho@impinj.com>
+Tested-by: Fabio Estevam <fabio.estevam@nxp.com>
+[fabio: Adapted to imx_v2017.03_4.9.11_1.0.0_ga]
+Signed-off-by: Fabio Estevam <festevam@gmail.com>
+---
+ arch/arm/imx-common/Makefile | 15 ++++++++-------
+ 1 file changed, 8 insertions(+), 7 deletions(-)
+
+diff --git a/arch/arm/imx-common/Makefile b/arch/arm/imx-common/Makefile
+index d862258..f1bae8d 100644
+--- a/arch/arm/imx-common/Makefile
++++ b/arch/arm/imx-common/Makefile
+@@ -69,9 +69,11 @@ endif
+ quiet_cmd_cpp_cfg = CFGS    $@
+       cmd_cpp_cfg = $(CPP) $(cpp_flags) -x c -o $@ $<
+ 
+-IMX_CONFIG = $(CONFIG_IMX_CONFIG:"%"=%).cfgtmp
++# mkimage source config file
++IMX_CONFIG = $(CONFIG_IMX_CONFIG:"%"=%)
+ 
+-$(IMX_CONFIG): %.cfgtmp: % FORCE
++# How to create a cpp processed config file, they all use the same source
++%.cfgout: $(IMX_CONFIG) FORCE
+ 	$(Q)mkdir -p $(dir $@)
+ 	$(call if_changed_dep,cpp_cfg)
+ 
+@@ -79,7 +81,7 @@ MKIMAGEFLAGS_u-boot.imx = -n $(filter-out $(PLUGIN).bin $< $(PHONY),$^) -T imxim
+ 	-e $(CONFIG_SYS_TEXT_BASE)
+ u-boot.imx: MKIMAGEOUTPUT = u-boot.imx.log
+ 
+-u-boot.imx: u-boot.bin $(IMX_CONFIG) $(PLUGIN).bin FORCE
++u-boot.imx: u-boot.bin u-boot.cfgout $(PLUGIN).bin FORCE
+ 	$(call if_changed,mkimage)
+ 
+ ifeq ($(CONFIG_OF_SEPARATE),y)
+@@ -87,16 +89,15 @@ MKIMAGEFLAGS_u-boot-dtb.imx = -n $(filter-out $(PLUGIN).bin $< $(PHONY),$^) -T i
+ 	-e $(CONFIG_SYS_TEXT_BASE)
+ u-boot-dtb.imx: MKIMAGEOUTPUT = u-boot-dtb.imx.log
+ 
+-u-boot-dtb.imx: u-boot-dtb.bin $(IMX_CONFIG) $(PLUGIN).bin FORCE
++u-boot-dtb.imx: u-boot-dtb.bin u-boot-dtb.cfgout $(PLUGIN).bin FORCE
+ 	$(call if_changed,mkimage)
+ endif
+ 
+ MKIMAGEFLAGS_SPL = -n $(filter-out $(PLUGIN).bin $< $(PHONY),$^) -T imximage \
+ 	-e $(CONFIG_SPL_TEXT_BASE)
+-
+ SPL: MKIMAGEOUTPUT = SPL.log
+ 
+-SPL: spl/u-boot-spl.bin $(IMX_CONFIG) $(PLUGIN).bin FORCE
++SPL: spl/u-boot-spl.bin spl/u-boot-spl.cfgout $(PLUGIN).bin FORCE
+ 	$(call if_changed,mkimage)
+ 
+ MKIMAGEFLAGS_u-boot.uim = -A arm -O U-Boot -a $(CONFIG_SYS_TEXT_BASE) \
+@@ -124,4 +125,4 @@ cmd_u-boot-nand-spl_imx = (printf '\000\000\000\000\106\103\102\040\001' && \
+ spl/u-boot-nand-spl.imx: SPL FORCE
+ 	$(call if_changed,u-boot-nand-spl_imx)
+ 
+-targets += $(addprefix ../../../,$(IMX_CONFIG) SPL u-boot.uim spl/u-boot-nand-spl.imx)
++targets += $(addprefix ../../../,SPL spl/u-boot-spl.cfgout u-boot-dtb.cfgout u-boot.cfgout u-boot.uim spl/u-boot-nand-spl.imx)
+-- 
+2.7.4
+

board/freescale/imx6sabre/patches/uboot/0002-imximage-Remove-failure-when-no-IVT-offset-is-found.patch

@@ -1,55 +0,0 @@
-From 24ba28680abe868e8db3442a9bf523ad3af1febd Mon Sep 17 00:00:00 2001
-From: Fabio Estevam <fabio.estevam@nxp.com>
-Date: Fri, 9 Mar 2018 08:25:00 -0300
-Subject: [PATCH] imximage: Remove failure when no IVT offset is found
-
-Sometimes imximage throws the following error:
-
-  CFGS    board/freescale/vf610twr/imximage.cfg.cfgtmp
-  CFGS    board/freescale/vf610twr/imximage.cfg.cfgtmp
-  MKIMAGE u-boot-dtb.imx
-Error: No BOOT_FROM tag in board/freescale/vf610twr/imximage.cfg.cfgtmp
-arch/arm/mach-imx/Makefile:100: recipe for target 'u-boot-dtb.imx' failed
-
-Later on, when running mkimage for the u-boot.imx it will succeed in
-finding the IVT offset.
-
-Looks like some race condition happening during parallel build when
-processing mkimage for u-boot-dtb.imx and u-boot.imx.
-
-A proper fix still needs to be implemented, but as a workaround let's
-remove the error when the IVT offset is not found.
-
-It is useful to have such message, especially during bring-up phase,
-but the build error that it causes is severe, so better avoid the
-build error for now.
-
-The error checking can be re-implemented later when we have a proper
-fix.
-
-Reported-by: Breno Lima <breno.lima@nxp.com>
-Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
-Signed-off-by: Fabio Estevam <fabio.estevam@nxp.com>
----
- tools/imximage.c | 5 -----
- 1 file changed, 5 deletions(-)
-
-diff --git a/tools/imximage.c b/tools/imximage.c
-index 0c43196..bef56f8 100644
---- a/tools/imximage.c
-+++ b/tools/imximage.c
-@@ -765,11 +765,6 @@ static uint32_t parse_cfg_file(struct imx_header *imxhdr, char *name)
- 	(*set_dcd_rst)(imxhdr, dcd_len, name, lineno);
- 	fclose(fd);
- 
--	/* Exit if there is no BOOT_FROM field specifying the flash_offset */
--	if (imximage_ivt_offset == FLASH_OFFSET_UNDEFINED) {
--		fprintf(stderr, "Error: No BOOT_FROM tag in %s\n", name);
--		exit(EXIT_FAILURE);
--	}
- 	return dcd_len;
- }
- 
--- 
-2.7.4
-

board/zynqmp/post-image.sh

@@ -5,7 +5,7 @@
 # devicetree listed in the config.
 
 FIRST_DT=$(sed -nr \
-               -e 's|^BR2_LINUX_KERNEL_INTREE_DTS_NAME="xilinx/([-_/[:alnum:]]*).*"$|\1|p' \
+               -e 's|^BR2_LINUX_KERNEL_INTREE_DTS_NAME="xilinx/([-_/[:alnum:]\\.]*).*"$|\1|p' \
                ${BR2_CONFIG})
 
 [ -z "${FIRST_DT}" ] || ln -fs ${FIRST_DT}.dtb ${BINARIES_DIR}/system.dtb

boot/at91bootstrap3/Config.in

@@ -10,6 +10,8 @@ config BR2_TARGET_AT91BOOTSTRAP3
 	  - Physical media algorithm such as DataFlash, NandFlash, NOR
 	    Flash...
 
+	  https://www.at91.com/linux4sam/bin/view/Linux4SAM/AT91Bootstrap
+
 if BR2_TARGET_AT91BOOTSTRAP3
 
 choice

boot/uboot/uboot.mk

@@ -263,7 +263,7 @@ define UBOOT_GENERATE_ENV_IMAGE
 		>$(@D)/buildroot-env.txt
 	$(HOST_DIR)/bin/mkenvimage -s $(BR2_TARGET_UBOOT_ENVIMAGE_SIZE) \
 		$(if $(BR2_TARGET_UBOOT_ENVIMAGE_REDUNDANT),-r) \
-		$(if $(filter BIG,$(BR2_ENDIAN)),-b) \
+		$(if $(filter "BIG",$(BR2_ENDIAN)),-b) \
 		-o $(BINARIES_DIR)/uboot-env.bin \
 		$(@D)/buildroot-env.txt
 endef
@@ -447,6 +447,9 @@ endif # BR2_TARGET_UBOOT_CUSTOM_GIT || BR2_TARGET_UBOOT_CUSTOM_HG
 endif # BR2_TARGET_UBOOT && BR_BUILDING
 
 ifeq ($(BR2_TARGET_UBOOT_BUILD_SYSTEM_LEGACY),y)
+UBOOT_DEPENDENCIES += \
+	$(BR2_BISON_HOST_DEPENDENCY) \
+	$(BR2_FLEX_HOST_DEPENDENCY)
 $(eval $(generic-package))
 else ifeq ($(BR2_TARGET_UBOOT_BUILD_SYSTEM_KCONFIG),y)
 UBOOT_MAKE_ENV = $(TARGET_MAKE_ENV)

boot/vexpress-firmware/Config.in

@@ -4,3 +4,5 @@ config BR2_TARGET_VEXPRESS_FIRMWARE
 	help
 	  Versatile Express firmware from ARM, with Linaro mods last
 	  change.
+
+	  https://git.linaro.org/arm/vexpress-firmware.git

boot/xloader/Config.in

@@ -5,6 +5,8 @@ config BR2_TARGET_XLOADER
 	  The x-loader bootloader. It is mainly used on OMAP-based
 	  platforms.
 
+	  http://omappedia.org/wiki/Linux_OMAP_Kernel_Main
+
 if BR2_TARGET_XLOADER
 config BR2_TARGET_XLOADER_BOARDNAME
 	string "x-loader board name"

configs/armadeus_apf27_defconfig

@@ -28,4 +28,7 @@ BR2_LINUX_KERNEL_INTREE_DTS_NAME="imx27-apf27dev"
 
 # U-boot
 BR2_TARGET_UBOOT=y
-BR2_TARGET_UBOOT_BOARDNAME="apf27"
+BR2_TARGET_UBOOT_BUILD_SYSTEM_KCONFIG=y
+BR2_TARGET_UBOOT_CUSTOM_VERSION=y
+BR2_TARGET_UBOOT_CUSTOM_VERSION_VALUE="2018.09"
+BR2_TARGET_UBOOT_BOARD_DEFCONFIG="apf27"

configs/at91sam9x5ek_dev_defconfig

@@ -59,7 +59,6 @@ BR2_PACKAGE_DTC_PROGRAMS=y
 BR2_PACKAGE_BLUEZ_UTILS=y
 BR2_PACKAGE_BRIDGE_UTILS=y
 BR2_PACKAGE_CAN_UTILS=y
-BR2_PACKAGE_DROPBEAR=y
 BR2_PACKAGE_ETHTOOL=y
 BR2_PACKAGE_IPERF=y
 BR2_PACKAGE_IPROUTE2=y

configs/at91sam9x5ek_mmc_dev_defconfig

@@ -62,7 +62,6 @@ BR2_PACKAGE_DTC_PROGRAMS=y
 BR2_PACKAGE_BLUEZ_UTILS=y
 BR2_PACKAGE_BRIDGE_UTILS=y
 BR2_PACKAGE_CAN_UTILS=y
-BR2_PACKAGE_DROPBEAR=y
 BR2_PACKAGE_ETHTOOL=y
 BR2_PACKAGE_IPERF=y
 BR2_PACKAGE_IPROUTE2=y

configs/atmel_sama5d27_som1_ek_mmc_dev_defconfig

@@ -51,7 +51,6 @@ BR2_PACKAGE_DTC_PROGRAMS=y
 BR2_PACKAGE_BLUEZ_UTILS=y
 BR2_PACKAGE_BRIDGE_UTILS=y
 BR2_PACKAGE_CAN_UTILS=y
-BR2_PACKAGE_DROPBEAR=y
 BR2_PACKAGE_ETHTOOL=y
 BR2_PACKAGE_IPERF=y
 BR2_PACKAGE_IPROUTE2=y

configs/atmel_sama5d2_xplained_mmc_dev_defconfig

@@ -65,7 +65,6 @@ BR2_PACKAGE_DTC_PROGRAMS=y
 BR2_PACKAGE_BLUEZ_UTILS=y
 BR2_PACKAGE_BRIDGE_UTILS=y
 BR2_PACKAGE_CAN_UTILS=y
-BR2_PACKAGE_DROPBEAR=y
 BR2_PACKAGE_ETHTOOL=y
 BR2_PACKAGE_IPERF=y
 BR2_PACKAGE_IPROUTE2=y

configs/atmel_sama5d3_xplained_dev_defconfig

@@ -61,7 +61,6 @@ BR2_PACKAGE_DTC_PROGRAMS=y
 BR2_PACKAGE_BLUEZ_UTILS=y
 BR2_PACKAGE_BRIDGE_UTILS=y
 BR2_PACKAGE_CAN_UTILS=y
-BR2_PACKAGE_DROPBEAR=y
 BR2_PACKAGE_ETHTOOL=y
 BR2_PACKAGE_IPERF=y
 BR2_PACKAGE_IPROUTE2=y

configs/atmel_sama5d3_xplained_mmc_dev_defconfig

@@ -64,7 +64,6 @@ BR2_PACKAGE_DTC_PROGRAMS=y
 BR2_PACKAGE_BLUEZ_UTILS=y
 BR2_PACKAGE_BRIDGE_UTILS=y
 BR2_PACKAGE_CAN_UTILS=y
-BR2_PACKAGE_DROPBEAR=y
 BR2_PACKAGE_ETHTOOL=y
 BR2_PACKAGE_IPERF=y
 BR2_PACKAGE_IPROUTE2=y

configs/atmel_sama5d4_xplained_dev_defconfig

@@ -62,7 +62,6 @@ BR2_PACKAGE_DTC_PROGRAMS=y
 BR2_PACKAGE_BLUEZ_UTILS=y
 BR2_PACKAGE_BRIDGE_UTILS=y
 BR2_PACKAGE_CAN_UTILS=y
-BR2_PACKAGE_DROPBEAR=y
 BR2_PACKAGE_ETHTOOL=y
 BR2_PACKAGE_IPERF=y
 BR2_PACKAGE_IPROUTE2=y

configs/atmel_sama5d4_xplained_mmc_dev_defconfig

@@ -65,7 +65,6 @@ BR2_PACKAGE_DTC_PROGRAMS=y
 BR2_PACKAGE_BLUEZ_UTILS=y
 BR2_PACKAGE_BRIDGE_UTILS=y
 BR2_PACKAGE_CAN_UTILS=y
-BR2_PACKAGE_DROPBEAR=y
 BR2_PACKAGE_ETHTOOL=y
 BR2_PACKAGE_IPERF=y
 BR2_PACKAGE_IPROUTE2=y

configs/imx6-sabresd_qt5_defconfig

@@ -43,6 +43,7 @@ BR2_LINUX_KERNEL_DEFCONFIG="imx_v6_v7"
 BR2_LINUX_KERNEL_DTS_SUPPORT=y
 BR2_LINUX_KERNEL_INTREE_DTS_NAME="imx6q-sabresd imx6dl-sabresd imx6qp-sabresd"
 BR2_LINUX_KERNEL_CONFIG_FRAGMENT_FILES="board/freescale/imx6-sabresd/linux_qt5.fragment"
+BR2_LINUX_KERNEL_NEEDS_HOST_OPENSSL=y
 
 # GL driver
 BR2_PACKAGE_MESA3D=y

configs/olimex_a20_olinuxino_lime_mali_defconfig

@@ -3,6 +3,9 @@ BR2_arm=y
 BR2_cortex_a7=y
 BR2_ARM_EABIHF=y
 
+# The old 3.4 kernel doesn't build with gcc >= 7.x
+BR2_GCC_VERSION_6_X=y
+
 # Linux headers same as kernel, a 3.4 series
 BR2_PACKAGE_HOST_LINUX_HEADERS_CUSTOM_3_4=y
 

configs/orangepi_zero_plus2_defconfig

@@ -21,6 +21,7 @@ BR2_TARGET_UBOOT_CUSTOM_VERSION=y
 BR2_TARGET_UBOOT_CUSTOM_VERSION_VALUE="2018.01"
 BR2_TARGET_UBOOT_BOARD_DEFCONFIG="orangepi_zero_plus2"
 BR2_TARGET_UBOOT_NEEDS_DTC=y
+BR2_TARGET_UBOOT_NEEDS_PYLIBFDT=y
 BR2_TARGET_UBOOT_NEEDS_ATF_BL31=y
 BR2_TARGET_UBOOT_FORMAT_CUSTOM=y
 BR2_TARGET_UBOOT_FORMAT_CUSTOM_NAME="u-boot.itb"

docs/manual/customize-directory-structure.txt

@@ -50,6 +50,7 @@ to you.
 |
 +-- Config.in (if using a br2-external tree)
 +-- external.mk (if using a br2-external tree)
++-- external.desc (if using a br2-external tree)
 ------
 
 Details on the files shown above are given further in this chapter.

fs/common.mk

@@ -40,46 +40,20 @@ define ROOTFS_REPRODUCIBLE
 endef
 endif
 
-ROOTFS_COMMON_TAR = $(FS_DIR)/rootfs.common.tar
-
-# Command to create the common tarball from the base target directory.
-define ROOTFS_COMMON_TAR_CMD
-	tar cf $(ROOTFS_COMMON_TAR) --numeric-owner \
-		--exclude=$(notdir $(TARGET_DIR_WARNING_FILE)) \
-		-C $(TARGET_DIR) .
-endef
-
-# Command to extract the common tarball into the per-rootfs target directory
-define ROOTFS_COMMON_UNTAR_CMD
-	mkdir -p $(TARGET_DIR)
-	tar xf $(ROOTFS_COMMON_TAR) -C $(TARGET_DIR)
-endef
-
-.PHONY: rootfs-common
-rootfs-common: $(ROOTFS_COMMON_TAR)
-
-# Emulate being in a filesystem, so that we can have our own TARGET_DIR.
-ROOTFS_COMMON_TARGET_DIR = $(FS_DIR)/target
-
 ROOTFS_COMMON_DEPENDENCIES = \
 	host-fakeroot host-makedevs \
 	$(if $(PACKAGES_USERS)$(ROOTFS_USERS_TABLES),host-mkpasswd)
 
-$(ROOTFS_COMMON_TAR): ROOTFS=COMMON
-$(ROOTFS_COMMON_TAR): FAKEROOT_SCRIPT=$(FS_DIR)/fakeroot.fs
-$(ROOTFS_COMMON_TAR): $(ROOTFS_COMMON_DEPENDENCIES) target-finalize
-	@$(call MESSAGE,"Generating common rootfs tarball")
+.PHONY: rootfs-common
+rootfs-common: $(ROOTFS_COMMON_DEPENDENCIES) target-finalize
+	@$(call MESSAGE,"Generating root filesystems common tables")
 	rm -rf $(FS_DIR)
 	mkdir -p $(FS_DIR)
-	rsync -auH $(BASE_TARGET_DIR)/ $(TARGET_DIR)
-	echo '#!/bin/sh' > $(FAKEROOT_SCRIPT)
-	echo "set -e" >> $(FAKEROOT_SCRIPT)
-	echo "chown -h -R 0:0 $(TARGET_DIR)" >> $(FAKEROOT_SCRIPT)
+
+	$(call PRINTF,$(PACKAGES_USERS)) >> $(USERS_TABLE)
 ifneq ($(ROOTFS_USERS_TABLES),)
 	cat $(ROOTFS_USERS_TABLES) >> $(USERS_TABLE)
 endif
-	$(call PRINTF,$(PACKAGES_USERS)) >> $(USERS_TABLE)
-	PATH=$(BR_PATH) $(TOPDIR)/support/scripts/mkusers $(USERS_TABLE) $(TARGET_DIR) >> $(FAKEROOT_SCRIPT)
 ifneq ($(ROOTFS_DEVICE_TABLES),)
 	cat $(ROOTFS_DEVICE_TABLES) > $(FULL_DEVICE_TABLE)
 ifeq ($(BR2_ROOTFS_DEVICE_CREATION_STATIC),y)
@@ -87,16 +61,6 @@ ifeq ($(BR2_ROOTFS_DEVICE_CREATION_STATIC),y)
 endif
 endif
 	$(call PRINTF,$(PACKAGES_PERMISSIONS_TABLE)) >> $(FULL_DEVICE_TABLE)
-	echo "$(HOST_DIR)/bin/makedevs -d $(FULL_DEVICE_TABLE) $(TARGET_DIR)" >> $(FAKEROOT_SCRIPT)
-	$(foreach s,$(call qstrip,$(BR2_ROOTFS_POST_FAKEROOT_SCRIPT)),\
-		echo "echo '$(TERM_BOLD)>>>   Executing fakeroot script $(s)$(TERM_RESET)'" >> $(FAKEROOT_SCRIPT); \
-		echo $(EXTRA_ENV) $(s) $(TARGET_DIR) $(BR2_ROOTFS_POST_SCRIPT_ARGS) >> $(FAKEROOT_SCRIPT)$(sep))
-	$(foreach hook,$(ROOTFS_PRE_CMD_HOOKS),\
-		$(call PRINTF,$($(hook))) >> $(FAKEROOT_SCRIPT)$(sep))
-	$(call PRINTF,$(ROOTFS_COMMON_TAR_CMD)) >> $(FAKEROOT_SCRIPT)
-	chmod a+x $(FAKEROOT_SCRIPT)
-	PATH=$(BR_PATH) $(HOST_DIR)/bin/fakeroot -- $(FAKEROOT_SCRIPT)
-	$(Q)rm -rf $(TARGET_DIR)
 
 rootfs-common-show-depends:
 	@echo $(ROOTFS_COMMON_DEPENDENCIES)
@@ -145,9 +109,23 @@ $$(BINARIES_DIR)/rootfs.$(1): $$(ROOTFS_$(2)_DEPENDENCIES)
 	@$$(call MESSAGE,"Generating root filesystem image rootfs.$(1)")
 	rm -rf $$(ROOTFS_$(2)_DIR)
 	mkdir -p $$(ROOTFS_$(2)_DIR)
+	rsync -auH \
+		--exclude=/$$(notdir $$(TARGET_DIR_WARNING_FILE)) \
+		$$(BASE_TARGET_DIR)/ \
+		$$(TARGET_DIR)
+
 	echo '#!/bin/sh' > $$(FAKEROOT_SCRIPT)
 	echo "set -e" >> $$(FAKEROOT_SCRIPT)
-	$$(call PRINTF,$$(ROOTFS_COMMON_UNTAR_CMD)) >> $$(FAKEROOT_SCRIPT)
+
+	echo "chown -h -R 0:0 $$(TARGET_DIR)" >> $$(FAKEROOT_SCRIPT)
+	PATH=$$(BR_PATH) $$(TOPDIR)/support/scripts/mkusers $$(USERS_TABLE) $$(TARGET_DIR) >> $$(FAKEROOT_SCRIPT)
+	echo "$$(HOST_DIR)/bin/makedevs -d $$(FULL_DEVICE_TABLE) $$(TARGET_DIR)" >> $$(FAKEROOT_SCRIPT)
+	$$(foreach s,$$(call qstrip,$$(BR2_ROOTFS_POST_FAKEROOT_SCRIPT)),\
+		echo "echo '$$(TERM_BOLD)>>>   Executing fakeroot script $$(s)$$(TERM_RESET)'" >> $$(FAKEROOT_SCRIPT); \
+		echo $$(EXTRA_ENV) $$(s) $$(TARGET_DIR) $$(BR2_ROOTFS_POST_SCRIPT_ARGS) >> $$(FAKEROOT_SCRIPT)$$(sep))
+	$$(foreach hook,$$(ROOTFS_PRE_CMD_HOOKS),\
+		$$(call PRINTF,$$($$(hook))) >> $$(FAKEROOT_SCRIPT)$$(sep))
+
 	$$(foreach hook,$$(ROOTFS_$(2)_PRE_GEN_HOOKS),\
 		$$(call PRINTF,$$($$(hook))) >> $$(FAKEROOT_SCRIPT)$$(sep))
 	$$(call PRINTF,$$(ROOTFS_REPRODUCIBLE)) >> $$(FAKEROOT_SCRIPT)
@@ -169,7 +147,7 @@ rootfs-$(1): $$(BINARIES_DIR)/rootfs.$(1)
 
 ifeq ($$(BR2_TARGET_ROOTFS_$(2)),y)
 TARGETS_ROOTFS += rootfs-$(1)
-PACKAGES += $$(filter-out rootfs-%,$$(ROOTFS_$(2)_DEPENDENCIES))
+PACKAGES += $$(filter-out rootfs-%,$$(ROOTFS_$(2)_DEPENDENCIES) $$(ROOTFS_COMMON_DEPENDENCIES))
 endif
 
 # Check for legacy POST_TARGETS rules

fs/tar/tar.mk

@@ -10,7 +10,7 @@ ROOTFS_TAR_DEPENDENCIES = $(BR2_TAR_HOST_DEPENDENCY)
 
 define ROOTFS_TAR_CMD
 	(cd $(TARGET_DIR); find -print0 | LC_ALL=C sort -z | \
-		tar $(TAR_OPTS) -cf $@ --null --no-recursion -T - --numeric-owner)
+		tar $(TAR_OPTS) -cf $@ --null --xattrs-include='*' --no-recursion -T - --numeric-owner)
 endef
 
 $(eval $(rootfs))

linux/linux.mk

@@ -309,6 +309,9 @@ define LINUX_KCONFIG_FIXUP_CMDS
 		$(call KCONFIG_ENABLE_OPT,CONFIG_DEVTMPFS_MOUNT,$(@D)/.config))
 	$(if $(BR2_ROOTFS_DEVICE_CREATION_DYNAMIC_EUDEV),
 		$(call KCONFIG_ENABLE_OPT,CONFIG_INOTIFY_USER,$(@D)/.config))
+	$(if $(BR2_PACKAGE_AUDIT),
+		$(call KCONFIG_ENABLE_OPT,CONFIG_NET,$(@D)/.config)
+		$(call KCONFIG_ENABLE_OPT,CONFIG_AUDIT,$(@D)/.config))
 	$(if $(BR2_PACKAGE_KTAP),
 		$(call KCONFIG_ENABLE_OPT,CONFIG_DEBUG_FS,$(@D)/.config)
 		$(call KCONFIG_ENABLE_OPT,CONFIG_ENABLE_DEFAULT_TRACERS,$(@D)/.config)
@@ -443,9 +446,7 @@ define LINUX_INSTALL_HOST_TOOLS
 	# Installing dtc (device tree compiler) as host tool, if selected
 	if grep -q "CONFIG_DTC=y" $(@D)/.config; then \
 		$(INSTALL) -D -m 0755 $(@D)/scripts/dtc/dtc $(HOST_DIR)/bin/linux-dtc ; \
-		if [ ! -e $(HOST_DIR)/bin/dtc ]; then \
-			ln -sf linux-dtc $(HOST_DIR)/bin/dtc ; \
-		fi \
+		$(if $(BR2_PACKAGE_HOST_DTC),,ln -sf linux-dtc $(HOST_DIR)/bin/dtc;) \
 	fi
 endef
 

package/acpid/acpid.mk

@@ -15,9 +15,15 @@ define ACPID_INSTALL_INIT_SYSV
 		$(TARGET_DIR)/etc/init.d/S02acpid
 endef
 
+ifeq ($(BR2_INIT_SYSV)$(BR2_INIT_SYSTEMD),y)
+ACPID_POWEROFF_CMD = /sbin/shutdown -hP now
+else
+ACPID_POWEROFF_CMD = /sbin/poweroff
+endif
+
 define ACPID_SET_EVENTS
 	mkdir -p $(TARGET_DIR)/etc/acpi/events
-	printf "event=button[ /]power\naction=/sbin/poweroff\n" \
+	printf 'event=button[ /]power\naction=%s\n' '$(ACPID_POWEROFF_CMD)' \
 		>$(TARGET_DIR)/etc/acpi/events/powerbtn
 endef
 

package/android-tools/0008-Include-sysmacros.h-to-compile-with-glibc-2.28.patch

@@ -0,0 +1,42 @@
+usb_linux.c: fix minor()/major() build failure due to glibc 2.28
+
+glibc 2.28 no longer includes <sys/sysmacros.h> from <sys/types.h>,
+and therefore <sys/sysmacros.h> must be included explicitly when
+major()/minor() are used.
+
+This commit adds a patch to directly include <sys/sysmacros.h> into
+all usb_linux.c files where minor() and major() macros are used.
+
+diff -urpN host-android-tools-4.2.2+git20130218.orig/core/adb/usb_linux.c host-android-tools-4.2.2+git20130218/core/adb/usb_linux.c
+--- host-android-tools-4.2.2+git20130218.orig/core/adb/usb_linux.c	2013-02-18 15:49:03.000000000 +0100
++++ host-android-tools-4.2.2+git20130218/core/adb/usb_linux.c	2018-09-09 11:47:16.476292546 +0200
+@@ -20,6 +20,7 @@
+ #include <string.h>
+ 
+ #include <sys/ioctl.h>
++#include <sys/sysmacros.h>
+ #include <sys/types.h>
+ #include <sys/time.h>
+ #include <dirent.h>
+diff -urpN host-android-tools-4.2.2+git20130218.orig/core/adbd/usb_linux.c host-android-tools-4.2.2+git20130218/core/adbd/usb_linux.c
+--- host-android-tools-4.2.2+git20130218.orig/core/adbd/usb_linux.c	2018-09-09 02:32:57.154503866 +0200
++++ host-android-tools-4.2.2+git20130218/core/adbd/usb_linux.c	2018-09-09 11:47:28.148353880 +0200
+@@ -20,6 +20,7 @@
+ #include <string.h>
+ 
+ #include <sys/ioctl.h>
++#include <sys/sysmacros.h>
+ #include <sys/types.h>
+ #include <sys/time.h>
+ #include <dirent.h>
+diff -urpN host-android-tools-4.2.2+git20130218.orig/core/fastboot/usb_linux.c host-android-tools-4.2.2+git20130218/core/fastboot/usb_linux.c
+--- host-android-tools-4.2.2+git20130218.orig/core/fastboot/usb_linux.c	2013-02-18 15:49:03.000000000 +0100
++++ host-android-tools-4.2.2+git20130218/core/fastboot/usb_linux.c	2018-09-09 11:46:53.028169154 +0200
+@@ -33,6 +33,7 @@
+ 
+ #include <sys/ioctl.h>
+ #include <sys/stat.h>
++#include <sys/sysmacros.h>
+ #include <sys/types.h>
+ #include <dirent.h>
+ #include <fcntl.h>

package/android-tools/Config.in

@@ -15,6 +15,8 @@ config BR2_PACKAGE_ANDROID_TOOLS
 	  can be used to interact with target devices using of these
 	  protocols.
 
+	  https://wiki.debian.org/AndroidTools#Original_android-tools_package
+
 if BR2_PACKAGE_ANDROID_TOOLS
 
 # We need kernel headers that support the __SANE_USERSPACE_TYPES__

package/apache/apache.hash

@@ -1,4 +1,4 @@
-# From http://archive.apache.org/dist/httpd/httpd-2.4.34.tar.bz2.sha256
-sha256 fa53c95631febb08a9de41fd2864cfff815cf62d9306723ab0d4b8d7aa1638f0 httpd-2.4.34.tar.bz2
+# From http://archive.apache.org/dist/httpd/httpd-2.4.35.tar.bz2.sha256
+sha256 2607c6fdd4d12ac3f583127629291e9432b247b782396a563bec5678aae69b56 httpd-2.4.35.tar.bz2
 # Locally computed
 sha256 c49c0819a726b70142621715dae3159c47b0349c2bc9db079070f28dadac0229 LICENSE

package/apache/apache.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-APACHE_VERSION = 2.4.34
+APACHE_VERSION = 2.4.35
 APACHE_SOURCE = httpd-$(APACHE_VERSION).tar.bz2
 APACHE_SITE = http://archive.apache.org/dist/httpd
 APACHE_LICENSE = Apache-2.0

package/arp-scan/Config.in

@@ -7,4 +7,4 @@ config BR2_PACKAGE_ARP_SCAN
 	  arp-scan is a command-line tool that uses the ARP protocol to
 	  discover and fingerprint IP hosts on the local network.
 
-	  http://www.nta-monitor.com/wiki/index.php/Arp-scan_Documentation
+	  https://github.com/royhills/arp-scan

package/attr/0002-Switch-back-to-syscall.patch

@@ -0,0 +1,126 @@
+From 14adc898a36948267bfe5c63b399996879e94c98 Mon Sep 17 00:00:00 2001
+From: Andreas Gruenbacher <agruenba@redhat.com>
+Date: Fri, 17 Aug 2018 14:07:31 +0200
+Subject: Switch back to syscall()
+
+Switch back to syscall() for the *xattr system calls.  The current
+mechanism of forwarding those calls to glibc breaks libraries like
+libfakeroot (fakeroot) and libasan (the gcc address sanitizer; gcc
+-fsanitize=address).
+
+Those libraries provide wrappers for functions defined in other shared
+libraries, usually glibc, do their own processing, and forward calls to
+the original symbols looke dup via dlsym(RTLD_NEXT, "symbol_name").  In
+our case, dlsym returns the libattr_*xattr wrappers.  However, when our
+wrappers try calling glibc, they end up calling the libfakeroot /
+libasan wrappers instead because those override the original symbols =>
+recursion.
+
+The libattr_*xattr wrappers will only be used when symbols are looked up
+at runtime (dlopen / dlsym).  Programs linking against libattr will
+directly use the glibc provided symbols.  Therefore, the slightly worse
+performance of syscall() won't affect any of the "normal" users of
+libattr.
+
+[nicolas.cavallari: with uclibc-ng, the recursion always happen]
+Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
+---
+ libattr/syscalls.c | 26 ++++++++++++++------------
+ 1 file changed, 14 insertions(+), 12 deletions(-)
+
+diff --git a/libattr/syscalls.c b/libattr/syscalls.c
+index 3013aa0..721ad7f 100644
+--- a/libattr/syscalls.c
++++ b/libattr/syscalls.c
+@@ -22,6 +22,8 @@
+ 
+ #include "config.h"
+ 
++#include <unistd.h>
++#include <sys/syscall.h>
+ #include <sys/xattr.h>
+ 
+ #ifdef HAVE_VISIBILITY_ATTRIBUTE
+@@ -31,67 +33,67 @@
+ int libattr_setxattr(const char *path, const char *name,
+ 		     void *value, size_t size, int flags)
+ {
+-	return setxattr(path, name, value, size, flags);
++	return syscall(__NR_setxattr, path, name, value, size, flags);
+ }
+ 
+ int libattr_lsetxattr(const char *path, const char *name,
+ 		      void *value, size_t size, int flags)
+ {
+-	return lsetxattr(path, name, value, size, flags);
++	return syscall(__NR_lsetxattr, path, name, value, size, flags);
+ }
+ 
+ int libattr_fsetxattr(int filedes, const char *name,
+ 		      void *value, size_t size, int flags)
+ {
+-	return fsetxattr(filedes, name, value, size, flags);
++	return syscall(__NR_fsetxattr, filedes, name, value, size, flags);
+ }
+ 
+ ssize_t libattr_getxattr(const char *path, const char *name,
+ 			 void *value, size_t size)
+ {
+-	return getxattr(path, name, value, size);
++	return syscall(__NR_getxattr, path, name, value, size);
+ }
+ 
+ ssize_t libattr_lgetxattr(const char *path, const char *name,
+ 			  void *value, size_t size)
+ {
+-	return lgetxattr(path, name, value, size);
++	return syscall(__NR_lgetxattr, path, name, value, size);
+ }
+ 
+ ssize_t libattr_fgetxattr(int filedes, const char *name,
+ 			  void *value, size_t size)
+ {
+-	return fgetxattr(filedes, name, value, size);
++	return syscall(__NR_fgetxattr, filedes, name, value, size);
+ }
+ 
+ ssize_t libattr_listxattr(const char *path, char *list, size_t size)
+ {
+-	return listxattr(path, list, size);
++	return syscall(__NR_listxattr, path, list, size);
+ }
+ 
+ ssize_t libattr_llistxattr(const char *path, char *list, size_t size)
+ {
+-	return llistxattr(path, list, size);
++	return syscall(__NR_llistxattr, path, list, size);
+ }
+ 
+ ssize_t libattr_flistxattr(int filedes, char *list, size_t size)
+ {
+-	return flistxattr(filedes, list, size);
++	return syscall(__NR_flistxattr, filedes, list, size);
+ }
+ 
+ int libattr_removexattr(const char *path, const char *name)
+ {
+-	return removexattr(path, name);
++	return syscall(__NR_removexattr, path, name);
+ }
+ 
+ int libattr_lremovexattr(const char *path, const char *name)
+ {
+-	return lremovexattr(path, name);
++	return syscall(__NR_lremovexattr, path, name);
+ }
+ 
+ int libattr_fremovexattr(int filedes, const char *name)
+ {
+-	return fremovexattr(filedes, name);
++	return syscall(__NR_fremovexattr, filedes, name);
+ }
+ 
+ #ifdef HAVE_VISIBILITY_ATTRIBUTE
+-- 
+cgit v1.0-41-gc330
+

package/audit/0001-Fix-audispd-path-in-auditd.conf.patch

@@ -0,0 +1,32 @@
+From 6e1fd09f7bc131c8f16d9cc43e2455ba4650c651 Mon Sep 17 00:00:00 2001
+From: Carlos Santos <casantos@datacom.com.br>
+Date: Sat, 3 Nov 2018 08:25:58 -0300
+Subject: [PATCH] Fix audispd path in auditd.conf
+
+audispd is installed at /usr/sbin but the configuration file pointed
+to /sbin, causing auditd to fail on startup.
+
+This patch cannot be sent upstream because audispd does not exist
+anymore on the master branch (it was merged to auditd).
+
+Signed-off-by: Carlos Santos <casantos@datacom.com.br>
+---
+ init.d/auditd.conf | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/init.d/auditd.conf b/init.d/auditd.conf
+index 4dcda83..998904f 100644
+--- a/init.d/auditd.conf
++++ b/init.d/auditd.conf
+@@ -13,7 +13,7 @@ max_log_file = 8
+ num_logs = 5
+ priority_boost = 4
+ disp_qos = lossy
+-dispatcher = /sbin/audispd
++dispatcher = /usr/sbin/audispd
+ name_format = NONE
+ ##name = mydomain
+ max_log_file_action = ROTATE
+-- 
+2.17.1
+

package/audit/audit.hash

@@ -1,4 +1,4 @@
 #Locally computed
-sha256 67b59b2b77afee9ed87afa4d80ffc8e6f3a1f4bbedd5f2871f387c952147bcba audit-2.8.2.tar.gz
+sha256 a410694d09fc5708d980a61a5abcb9633a591364f1ecc7e97ad5daef9c898c38 audit-2.8.4.tar.gz
 sha256 32b1062f7da84967e7019d01ab805935caa7ab7321a7ced0e30ebe75e5df1670 COPYING
 sha256 f18a0811fa0e220ccbc42f661545e77f0388631e209585ed582a1c693029c6aa COPYING.LIB

package/audit/audit.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-AUDIT_VERSION = 2.8.2
+AUDIT_VERSION = 2.8.4
 AUDIT_SITE = http://people.redhat.com/sgrubb/audit
 AUDIT_LICENSE = GPL-2.0+ (programs), LGPL-2.1+ (libraries)
 AUDIT_LICENSE_FILES = COPYING COPYING.LIB
@@ -38,7 +38,7 @@ AUDIT_CONF_OPTS += --disable-systemd
 endif
 
 define AUDIT_INSTALL_INIT_SYSV
-	$(INSTALL) -D -m 755 package/audit/S01auditd $(TARGET_DIR)/etc/init.d/S01auditd
+	$(INSTALL) -D -m 755 package/audit/S02auditd $(TARGET_DIR)/etc/init.d/S02auditd
 endef
 
 define AUDIT_INSTALL_INIT_SYSTEMD

package/bandwidthd/Config.in

@@ -25,8 +25,10 @@ config BR2_PACKAGE_BANDWIDTHD
 	  available on github that works on making BandwidthD's build
 	  process more compatible with buildroot's.
 
-	  Upstream: http://bandwidthd.sourceforge.net/
-	  Github fork: http://github.com/nroach44/bandwidthd
+	  Upstream:
+	  http://bandwidthd.sourceforge.net/
+	  Github fork:
+	  http://github.com/nroach44/bandwidthd
 
 if BR2_PACKAGE_BANDWIDTHD
 

package/bind/0003-Rename-ptrsize-to-ptr_size.patch

@@ -1,74 +0,0 @@
-From 254dc19788ba2a03504fc6d1036fef477a60035f Mon Sep 17 00:00:00 2001
-From: Gustavo Zacarias <gustavo@zacarias.com.ar>
-Date: Fri, 22 Jan 2016 08:31:02 -0300
-Subject: [PATCH] Rename ptrsize to ptr_size
-
-This is to compensate for a uClibc mess caused by commit
-70a04a287a2875c82e6822c36e071afba5b63a62 where ptrsize is defined for
-mips, hence causing build breakage under certain conditions for programs
-that use this variable name.
-
-Status: definitely not upstreamable.
-
-Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
----
- lib/dns/rbt.c   | 6 +++---
- lib/dns/rbtdb.c | 4 ++--
- 2 files changed, 5 insertions(+), 5 deletions(-)
-
-diff --git a/lib/dns/rbt.c b/lib/dns/rbt.c
-index 86b5183..5fd55de 100644
---- a/lib/dns/rbt.c
-+++ b/lib/dns/rbt.c
-@@ -113,7 +113,7 @@ struct file_header {
- 	 * information about the system on which the map file was generated
- 	 * will be used to tell if we can load the map file or not
- 	 */
--	isc_uint32_t ptrsize;
-+	isc_uint32_t ptr_size;
- 	unsigned int bigendian:1;	/* big or little endian system */
- 	unsigned int rdataset_fixed:1;	/* compiled with --enable-rrset-fixed */
- 	unsigned int nodecount;		/* shadow from rbt structure */
-@@ -517,7 +517,7 @@ write_header(FILE *file, dns_rbt_t *rbt, isc_uint64_t first_node_offset,
- 	memmove(header.version1, FILE_VERSION, sizeof(header.version1));
- 	memmove(header.version2, FILE_VERSION, sizeof(header.version2));
- 	header.first_node_offset = first_node_offset;
--	header.ptrsize = (isc_uint32_t) sizeof(void *);
-+	header.ptr_size = (isc_uint32_t) sizeof(void *);
- 	header.bigendian = (1 == htonl(1)) ? 1 : 0;
- 
- #ifdef DNS_RDATASET_FIXED
-@@ -902,7 +902,7 @@ dns_rbt_deserialize_tree(void *base_address, size_t filesize,
- 	}
- #endif
- 
--	if (header->ptrsize != (isc_uint32_t) sizeof(void *)) {
-+	if (header->ptr_size != (isc_uint32_t) sizeof(void *)) {
- 		result = ISC_R_INVALIDFILE;
- 		goto cleanup;
- 	}
-diff --git a/lib/dns/rbtdb.c b/lib/dns/rbtdb.c
-index c7168cb..dbcf944 100644
---- a/lib/dns/rbtdb.c
-+++ b/lib/dns/rbtdb.c
-@@ -114,7 +114,7 @@ typedef struct rbtdb_file_header rbtdb_file_header_t;
- 
- struct rbtdb_file_header {
- 	char version1[32];
--	isc_uint32_t ptrsize;
-+	isc_uint32_t ptr_size;
- 	unsigned int bigendian:1;
- 	isc_uint64_t tree;
- 	isc_uint64_t nsec;
-@@ -7593,7 +7593,7 @@ rbtdb_write_header(FILE *rbtfile, off_t tree_location, off_t nsec_location,
- 	memset(&header, 0, sizeof(rbtdb_file_header_t));
- 	memmove(header.version1, FILE_VERSION, sizeof(header.version1));
- 	memmove(header.version2, FILE_VERSION, sizeof(header.version2));
--	header.ptrsize = (isc_uint32_t) sizeof(void *);
-+	header.ptr_size = (isc_uint32_t) sizeof(void *);
- 	header.bigendian = (1 == htonl(1)) ? 1 : 0;
- 	header.tree = (isc_uint64_t) tree_location;
- 	header.nsec = (isc_uint64_t) nsec_location;
--- 
-2.4.10
-

package/bind/bind.hash

@@ -1,4 +1,4 @@
-# Verified from https://ftp.isc.org/isc/bind9/9.11.4-P1/bind-9.11.4-P1.tar.gz.asc
+# Verified from https://ftp.isc.org/isc/bind9/9.11.5/bind-9.11.5.tar.gz.asc
 # with key BE0E9748B718253A28BB89FFF1B11BF05CF02E57
-sha256 b0e0dc3c8bf26989b1cad53f90d44a48e39404afc68f65c45bae79b446f0fe23 bind-9.11.4-P1.tar.gz
+sha256 a4cae11dad954bdd4eb592178f875bfec09fcc7e29fe0f6b7a4e5b5c6bc61322 bind-9.11.5.tar.gz
 sha256 336f3c40e37a1a13690efb4c63e20908faa4c40498cc02f3579fb67d3a1933a5 COPYRIGHT

package/bind/bind.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-BIND_VERSION = 9.11.4-P1
+BIND_VERSION = 9.11.5
 BIND_SITE = http://ftp.isc.org/isc/bind9/$(BIND_VERSION)
 # bind does not support parallel builds.
 BIND_MAKE = $(MAKE1)

package/binutils/2.27/0100-elf32-arm-no-data-fix.patch

@@ -1,22 +0,0 @@
-bfd/ChangeLog
-2016-08-23  Nick Clifton  <address@hidden>
-
-        * elf32-arm.c (elf32_arm_count_additional_relocs): Return zero if
-        there is no arm data associated with the section.
-
-[Thomas: taken from https://lists.gnu.org/archive/html/bug-binutils/2016-08/msg00165.html.]
-Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
-
-diff --git a/bfd/elf32-arm.c b/bfd/elf32-arm.c
-index 1eba21b..4478238 100644
---- a/bfd/elf32-arm.c
-+++ b/bfd/elf32-arm.c
-@@ -18688,7 +18688,7 @@ elf32_arm_count_additional_relocs (asection *sec)
- {
-   struct _arm_elf_section_data *arm_data;
-   arm_data = get_arm_elf_section_data (sec);
--  return arm_data->additional_reloc_count;
-+  return arm_data == NULL ? 0 : arm_data->additional_reloc_count;
- }
- 
- /* Called to set the sh_flags, sh_link and sh_info fields of OSECTION which

package/binutils/2.27/0120-sh-conf.patch

@@ -1,46 +0,0 @@
-From 1ceee199e9a32034c6def7700fdbb26335ca76a3 Mon Sep 17 00:00:00 2001
-From: Romain Naour <romain.naour@gmail.com>
-Date: Fri, 25 Dec 2015 11:38:13 +0100
-Subject: [PATCH] sh-conf
-
-Likewise, binutils has no idea about any of these new targets either, so we
-fix that up too.. now we're able to actually build a real toolchain for
-sh2a_nofpu- and other more ineptly named toolchains (and yes, there are more
-inept targets than that one, really. Go look, I promise).
-
-[Romain: rebase on top of 2.26]
-Signed-off-by: Romain Naour <romain.naour@gmail.com>
----
- configure    | 2 +-
- configure.ac | 2 +-
- 2 files changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/configure b/configure
-index 34b66f7..905bc7b 100755
---- a/configure
-+++ b/configure
-@@ -3939,7 +3939,7 @@ case "${target}" in
-   or1k*-*-*)
-     noconfigdirs="$noconfigdirs gdb"
-     ;;
--  sh-*-* | sh64-*-*)
-+  sh*-*-* | sh64-*-*)
-     case "${target}" in
-       sh*-*-elf)
-          ;;
-diff --git a/configure.ac b/configure.ac
-index 4977d97..1e69ee2 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -1276,7 +1276,7 @@ case "${target}" in
-   or1k*-*-*)
-     noconfigdirs="$noconfigdirs gdb"
-     ;;
--  sh-*-* | sh64-*-*)
-+  sh*-*-* | sh64-*-*)
-     case "${target}" in
-       sh*-*-elf)
-          ;;
--- 
-2.4.3
-

package/binutils/2.27/0130-tc-xtensa.c-fixup-xg_reverse_shift_count-typo.patch

@@ -1,33 +0,0 @@
-From 78fb7e37eb8bb08ae537d6c487996ff17c810332 Mon Sep 17 00:00:00 2001
-From: Trevor Saunders <tbsaunde+binutils@tbsaunde.org>
-Date: Mon, 26 Sep 2016 12:42:11 -0400
-Subject: [PATCH] tc-xtensa.c: fixup xg_reverse_shift_count typo
-
-gas/ChangeLog:
-
-2016-09-26  Trevor Saunders  <tbsaunde+binutils@tbsaunde.org>
-
-	* config/tc-xtensa.c (xg_reverse_shift_count): Pass cnt_arg instead of
-	cnt_argp to concat.
-
-Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
----
- gas/config/tc-xtensa.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/gas/config/tc-xtensa.c b/gas/config/tc-xtensa.c
-index d062044..ca261ae 100644
---- a/gas/config/tc-xtensa.c
-+++ b/gas/config/tc-xtensa.c
-@@ -2228,7 +2228,7 @@ xg_reverse_shift_count (char **cnt_argp)
-   cnt_arg = *cnt_argp;
- 
-   /* replace the argument with "31-(argument)" */
--  new_arg = concat ("31-(", cnt_argp, ")", (char *) NULL);
-+  new_arg = concat ("31-(", cnt_arg, ")", (char *) NULL);
- 
-   free (cnt_arg);
-   *cnt_argp = new_arg;
--- 
-2.1.4
-

package/binutils/2.27/0131-xtensa-fix-memory-corruption-by-broken-sysregs.patch

@@ -1,42 +0,0 @@
-From 3c8788dbb70b40e737d4b8e30cab81406e5c5091 Mon Sep 17 00:00:00 2001
-From: Max Filippov <jcmvbkbc@gmail.com>
-Date: Wed, 2 Aug 2017 00:36:05 -0700
-Subject: [PATCH] xtensa: fix memory corruption by broken sysregs
-
-In some xtensa configurations there may be system/user registers in
-xtensa-modules with negative index. ISA initialization for such config
-may clobber heap and result in program termination.
-Don't update lookup table entries for register with negative indices.
-They are not directly accessible via RSR/WSR/XSR or RUR/WUR, so this
-change should not affect processing of valid assembly/binary code.
-
-bfd/
-2017-08-02  Max Filippov  <jcmvbkbc@gmail.com>
-
-	* xtensa-isa.c (xtensa_isa_init): Don't update lookup table
-	entries for sysregs with negative indices.
-
-Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
----
-Backported from: d84ed528d4817b0ff854006b65a9f6ec75f0407a
-
- bfd/xtensa-isa.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/bfd/xtensa-isa.c b/bfd/xtensa-isa.c
-index 8da75bea8109..8c6ee88fdeae 100644
---- a/bfd/xtensa-isa.c
-+++ b/bfd/xtensa-isa.c
-@@ -292,7 +292,8 @@ xtensa_isa_init (xtensa_isa_status *errno_p, char **error_msg_p)
-       xtensa_sysreg_internal *sreg = &isa->sysregs[n];
-       is_user = sreg->is_user;
- 
--      isa->sysreg_table[is_user][sreg->number] = n;
-+      if (sreg->number >= 0)
-+	isa->sysreg_table[is_user][sreg->number] = n;
-     }
- 
-   /* Set up the interface lookup table.  */
--- 
-2.1.4
-

package/binutils/2.27/0300-ld-makefile.patch

@@ -1,41 +0,0 @@
-From d76a7549b43974fe8564971a3f40459bc495a8a7 Mon Sep 17 00:00:00 2001
-From: Romain Naour <romain.naour@gmail.com>
-Date: Fri, 25 Dec 2015 11:40:53 +0100
-Subject: [PATCH] ld-makefile
-
-[Romain: rebase on top of 2.26]
-Signed-off-by: Romain Naour <romain.naour@gmail.com>
----
- ld/Makefile.am | 2 +-
- ld/Makefile.in | 2 +-
- 2 files changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/ld/Makefile.am b/ld/Makefile.am
-index 0b3b049..3871c74 100644
---- a/ld/Makefile.am
-+++ b/ld/Makefile.am
-@@ -57,7 +57,7 @@ endif
- # We put the scripts in the directory $(scriptdir)/ldscripts.
- # We can't put the scripts in $(datadir) because the SEARCH_DIR
- # directives need to be different for native and cross linkers.
--scriptdir = $(tooldir)/lib
-+scriptdir = $(libdir)
- 
- EMUL = @EMUL@
- EMULATION_OFILES = @EMULATION_OFILES@
-diff --git a/ld/Makefile.in b/ld/Makefile.in
-index ed98f87..530e4c9 100644
---- a/ld/Makefile.in
-+++ b/ld/Makefile.in
-@@ -413,7 +413,7 @@ AM_CFLAGS = $(WARN_CFLAGS) $(ELF_CLFAGS)
- # We put the scripts in the directory $(scriptdir)/ldscripts.
- # We can't put the scripts in $(datadir) because the SEARCH_DIR
- # directives need to be different for native and cross linkers.
--scriptdir = $(tooldir)/lib
-+scriptdir = $(libdir)
- BASEDIR = $(srcdir)/..
- BFDDIR = $(BASEDIR)/bfd
- INCDIR = $(BASEDIR)/include
--- 
-2.4.3
-

package/binutils/2.27/0301-check-ldrunpath-length.patch

@@ -1,36 +0,0 @@
-From ebe1cba46df52d7bf86def3d681271fd05fb453b Mon Sep 17 00:00:00 2001
-From: Romain Naour <romain.naour@gmail.com>
-Date: Fri, 25 Dec 2015 11:41:47 +0100
-Subject: [PATCH] check-ldrunpath-length
-
-[Romain: rebase on top of 2.26]
-Signed-off-by: Romain Naour <romain.naour@gmail.com>
----
- ld/emultempl/elf32.em | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/ld/emultempl/elf32.em b/ld/emultempl/elf32.em
-index 0405d4f..efd3300 100644
---- a/ld/emultempl/elf32.em
-+++ b/ld/emultempl/elf32.em
-@@ -1242,6 +1242,8 @@ fragment <<EOF
- 	      && command_line.rpath == NULL)
- 	    {
- 	      lib_path = (const char *) getenv ("LD_RUN_PATH");
-+	      if ((lib_path) && (strlen (lib_path) == 0))
-+	      	lib_path = NULL;
- 	      if (gld${EMULATION_NAME}_search_needed (lib_path, &n,
- 						      force))
- 		break;
-@@ -1523,6 +1525,8 @@ gld${EMULATION_NAME}_before_allocation (void)
-   rpath = command_line.rpath;
-   if (rpath == NULL)
-     rpath = (const char *) getenv ("LD_RUN_PATH");
-+  if ((rpath) && (strlen (rpath) == 0))
-+  	rpath = NULL;
- 
-   for (abfd = link_info.input_bfds; abfd; abfd = abfd->link.next)
-     if (bfd_get_flavour (abfd) == bfd_target_elf_flavour)
--- 
-2.4.3
-

package/binutils/2.27/0500-add-sysroot-fix-from-bug-3049.patch

@@ -1,52 +0,0 @@
-From 30628870e583375f8927c04398c7219c6e9f703c Mon Sep 17 00:00:00 2001
-From: Romain Naour <romain.naour@gmail.com>
-Date: Fri, 25 Dec 2015 11:42:48 +0100
-Subject: [PATCH] add sysroot fix from bug #3049
-
-Always try to prepend the sysroot prefix to absolute filenames first.
-
-http://bugs.gentoo.org/275666
-http://sourceware.org/bugzilla/show_bug.cgi?id=10340
-
-Signed-off-by: Sven Rebhan <odinshorse@googlemail.com>
-[Romain: rebase on top of 2.26]
-Signed-off-by: Romain Naour <romain.naour@gmail.com>
----
- ld/ldfile.c | 11 +++++++++--
- 1 file changed, 9 insertions(+), 2 deletions(-)
-
-diff --git a/ld/ldfile.c b/ld/ldfile.c
-index 96f9ecc..1439309 100644
---- a/ld/ldfile.c
-+++ b/ld/ldfile.c
-@@ -335,18 +335,25 @@ ldfile_open_file_search (const char *arch,
-      directory first.  */
-   if (! entry->flags.maybe_archive)
-     {
--      if (entry->flags.sysrooted && IS_ABSOLUTE_PATH (entry->filename))
-+      /* For absolute pathnames, try to always open the file in the
-+	 sysroot first. If this fails, try to open the file at the
-+	 given location.  */
-+      entry->flags.sysrooted = is_sysrooted_pathname (entry->filename);
-+      if (!entry->flags.sysrooted && IS_ABSOLUTE_PATH (entry->filename)
-+	  && ld_sysroot)
- 	{
- 	  char *name = concat (ld_sysroot, entry->filename,
- 			       (const char *) NULL);
- 	  if (ldfile_try_open_bfd (name, entry))
- 	    {
- 	      entry->filename = name;
-+	      entry->flags.sysrooted = TRUE;
- 	      return TRUE;
- 	    }
- 	  free (name);
- 	}
--      else if (ldfile_try_open_bfd (entry->filename, entry))
-+
-+      if (ldfile_try_open_bfd (entry->filename, entry))
- 	return TRUE;
- 
-       if (IS_ABSOLUTE_PATH (entry->filename))
--- 
-2.4.3
-

package/binutils/2.27/0600-poison-system-directories.patch

@@ -1,306 +0,0 @@
-From be366461dd49e760440fb28eaee5164eb281adcc Mon Sep 17 00:00:00 2001
-From: Romain Naour <romain.naour@gmail.com>
-Date: Fri, 25 Dec 2015 11:45:38 +0100
-Subject: [PATCH] poison-system-directories
-
-Patch adapted to binutils 2.23.2 and extended to use
-BR_COMPILER_PARANOID_UNSAFE_PATH by Thomas Petazzoni.
-
-[Romain: rebase on top of 2.26]
-Signed-off-by: Romain Naour <romain.naour@gmail.com>
-[Gustavo: adapt to binutils 2.25]
-Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
-Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
-
-Upstream-Status: Inappropriate [distribution: codesourcery]
-
-Patch originally created by Mark Hatle, forward-ported to
-binutils 2.21 by Scott Garman.
-
-purpose:  warn for uses of system directories when cross linking
-
-Code Merged from Sourcery G++ binutils 2.19 - 4.4-277
-
-2008-07-02  Joseph Myers  <joseph@codesourcery.com>
-
-    ld/
-    * ld.h (args_type): Add error_poison_system_directories.
-    * ld.texinfo (--error-poison-system-directories): Document.
-    * ldfile.c (ldfile_add_library_path): Check
-    command_line.error_poison_system_directories.
-    * ldmain.c (main): Initialize
-    command_line.error_poison_system_directories.
-    * lexsup.c (enum option_values): Add
-    OPTION_ERROR_POISON_SYSTEM_DIRECTORIES.
-    (ld_options): Add --error-poison-system-directories.
-    (parse_args): Handle new option.
-
-2007-06-13  Joseph Myers  <joseph@codesourcery.com>
-
-    ld/
-    * config.in: Regenerate.
-    * ld.h (args_type): Add poison_system_directories.
-    * ld.texinfo (--no-poison-system-directories): Document.
-    * ldfile.c (ldfile_add_library_path): Check
-    command_line.poison_system_directories.
-    * ldmain.c (main): Initialize
-    command_line.poison_system_directories.
-    * lexsup.c (enum option_values): Add
-    OPTION_NO_POISON_SYSTEM_DIRECTORIES.
-    (ld_options): Add --no-poison-system-directories.
-    (parse_args): Handle new option.
-
-2007-04-20  Joseph Myers  <joseph@codesourcery.com>
-
-    Merge from Sourcery G++ binutils 2.17:
-
-    2007-03-20  Joseph Myers  <joseph@codesourcery.com>
-    Based on patch by Mark Hatle <mark.hatle@windriver.com>.
-    ld/
-    * configure.ac (--enable-poison-system-directories): New option.
-    * configure, config.in: Regenerate.
-    * ldfile.c (ldfile_add_library_path): If
-    ENABLE_POISON_SYSTEM_DIRECTORIES defined, warn for use of /lib,
-    /usr/lib, /usr/local/lib or /usr/X11R6/lib.
-
-Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
-Signed-off-by: Scott Garman <scott.a.garman@intel.com>
----
- ld/config.in    |  3 +++
- ld/configure    | 14 ++++++++++++++
- ld/configure.ac | 10 ++++++++++
- ld/ld.h         |  8 ++++++++
- ld/ld.texinfo   | 12 ++++++++++++
- ld/ldfile.c     | 17 +++++++++++++++++
- ld/ldlex.h      |  2 ++
- ld/ldmain.c     |  2 ++
- ld/lexsup.c     | 21 +++++++++++++++++++++
- 9 files changed, 89 insertions(+)
-
-diff --git a/ld/config.in b/ld/config.in
-index 276fb77..35c58eb 100644
---- a/ld/config.in
-+++ b/ld/config.in
-@@ -14,6 +14,9 @@
-    language is requested. */
- #undef ENABLE_NLS
- 
-+/* Define to warn for use of native system library directories */
-+#undef ENABLE_POISON_SYSTEM_DIRECTORIES
-+
- /* Additional extension a shared object might have. */
- #undef EXTRA_SHLIB_EXTENSION
- 
-diff --git a/ld/configure b/ld/configure
-index a446283..d1f9504 100755
---- a/ld/configure
-+++ b/ld/configure
-@@ -786,6 +786,7 @@ with_lib_path
- enable_targets
- enable_64_bit_bfd
- with_sysroot
-+enable_poison_system_directories
- enable_gold
- enable_got
- enable_compressed_debug_sections
-@@ -1442,6 +1443,8 @@ Optional Features:
-   --disable-largefile     omit support for large files
-   --enable-targets        alternative target configurations
-   --enable-64-bit-bfd     64-bit support (on hosts with narrower word sizes)
-+  --enable-poison-system-directories
-+                          warn for use of native system library directories
-   --enable-gold[=ARG]     build gold [ARG={default,yes,no}]
-   --enable-got=<type>     GOT handling scheme (target, single, negative,
-                           multigot)
-@@ -15491,7 +15494,18 @@ else
- fi
- 
- 
-+# Check whether --enable-poison-system-directories was given.
-+if test "${enable_poison_system_directories+set}" = set; then :
-+  enableval=$enable_poison_system_directories;
-+else
-+  enable_poison_system_directories=no
-+fi
-+
-+if test "x${enable_poison_system_directories}" = "xyes"; then
- 
-+$as_echo "#define ENABLE_POISON_SYSTEM_DIRECTORIES 1" >>confdefs.h
-+
-+fi
- 
- # Check whether --enable-got was given.
- if test "${enable_got+set}" = set; then :
-diff --git a/ld/configure.ac b/ld/configure.ac
-index 188172d..2cd8443 100644
---- a/ld/configure.ac
-+++ b/ld/configure.ac
-@@ -95,6 +95,16 @@ AC_SUBST(use_sysroot)
- AC_SUBST(TARGET_SYSTEM_ROOT)
- AC_SUBST(TARGET_SYSTEM_ROOT_DEFINE)
- 
-+AC_ARG_ENABLE([poison-system-directories],
-+         AS_HELP_STRING([--enable-poison-system-directories],
-+                [warn for use of native system library directories]),,
-+         [enable_poison_system_directories=no])
-+if test "x${enable_poison_system_directories}" = "xyes"; then
-+  AC_DEFINE([ENABLE_POISON_SYSTEM_DIRECTORIES],
-+       [1],
-+       [Define to warn for use of native system library directories])
-+fi
-+
- dnl Use --enable-gold to decide if this linker should be the default.
- dnl "install_as_default" is set to false if gold is the default linker.
- dnl "installed_linker" is the installed BFD linker name.
-diff --git a/ld/ld.h b/ld/ld.h
-index d84ec4e..3476b26 100644
---- a/ld/ld.h
-+++ b/ld/ld.h
-@@ -164,6 +164,14 @@ typedef struct {
-   /* If set, display the target memory usage (per memory region).  */
-   bfd_boolean print_memory_usage;
- 
-+  /* If TRUE (the default) warn for uses of system directories when
-+     cross linking.  */
-+  bfd_boolean poison_system_directories;
-+
-+  /* If TRUE (default FALSE) give an error for uses of system
-+     directories when cross linking instead of a warning.  */
-+  bfd_boolean error_poison_system_directories;
-+
-   /* Big or little endian as set on command line.  */
-   enum endian_enum endian;
- 
-diff --git a/ld/ld.texinfo b/ld/ld.texinfo
-index 1dd7492..fb1438e 100644
---- a/ld/ld.texinfo
-+++ b/ld/ld.texinfo
-@@ -2332,6 +2332,18 @@ string identifying the original linked file does not change.
- 
- Passing @code{none} for @var{style} disables the setting from any
- @code{--build-id} options earlier on the command line.
-+
-+@kindex --no-poison-system-directories
-+@item --no-poison-system-directories
-+Do not warn for @option{-L} options using system directories such as
-+@file{/usr/lib} when cross linking.  This option is intended for use
-+in chroot environments when such directories contain the correct
-+libraries for the target system rather than the host.
-+
-+@kindex --error-poison-system-directories
-+@item --error-poison-system-directories
-+Give an error instead of a warning for @option{-L} options using
-+system directories when cross linking.
- @end table
- 
- @c man end
-diff --git a/ld/ldfile.c b/ld/ldfile.c
-index 1439309..086b354 100644
---- a/ld/ldfile.c
-+++ b/ld/ldfile.c
-@@ -114,6 +114,23 @@ ldfile_add_library_path (const char *name, bfd_boolean cmdline)
-     new_dirs->name = concat (ld_sysroot, name + 1, (const char *) NULL);
-   else
-     new_dirs->name = xstrdup (name);
-+
-+#ifdef ENABLE_POISON_SYSTEM_DIRECTORIES
-+  if (command_line.poison_system_directories
-+  && ((!strncmp (name, "/lib", 4))
-+      || (!strncmp (name, "/usr/lib", 8))
-+      || (!strncmp (name, "/usr/local/lib", 14))
-+      || (!strncmp (name, "/usr/X11R6/lib", 14))))
-+   {
-+     if (command_line.error_poison_system_directories)
-+       einfo (_("%X%P: error: library search path \"%s\" is unsafe for "
-+            "cross-compilation\n"), name);
-+     else
-+       einfo (_("%P: warning: library search path \"%s\" is unsafe for "
-+            "cross-compilation\n"), name);
-+   }
-+#endif
-+
- }
- 
- /* Try to open a BFD for a lang_input_statement.  */
-diff --git a/ld/ldlex.h b/ld/ldlex.h
-index 6f11e7b..0ca3110 100644
---- a/ld/ldlex.h
-+++ b/ld/ldlex.h
-@@ -144,6 +144,8 @@ enum option_values
-   OPTION_PRINT_MEMORY_USAGE,
-   OPTION_REQUIRE_DEFINED_SYMBOL,
-   OPTION_ORPHAN_HANDLING,
-+  OPTION_NO_POISON_SYSTEM_DIRECTORIES,
-+  OPTION_ERROR_POISON_SYSTEM_DIRECTORIES,
- };
- 
- /* The initial parser states.  */
-diff --git a/ld/ldmain.c b/ld/ldmain.c
-index bb0b9cc..a23c56c 100644
---- a/ld/ldmain.c
-+++ b/ld/ldmain.c
-@@ -257,6 +257,8 @@ main (int argc, char **argv)
-   command_line.warn_mismatch = TRUE;
-   command_line.warn_search_mismatch = TRUE;
-   command_line.check_section_addresses = -1;
-+  command_line.poison_system_directories = TRUE;
-+  command_line.error_poison_system_directories = FALSE;
- 
-   /* We initialize DEMANGLING based on the environment variable
-      COLLECT_NO_DEMANGLE.  The gcc collect2 program will demangle the
-diff --git a/ld/lexsup.c b/ld/lexsup.c
-index 4cad209..be7d584 100644
---- a/ld/lexsup.c
-+++ b/ld/lexsup.c
-@@ -530,6 +530,14 @@ static const struct ld_option ld_options[] =
-   { {"orphan-handling", required_argument, NULL, OPTION_ORPHAN_HANDLING},
-     '\0', N_("=MODE"), N_("Control how orphan sections are handled."),
-     TWO_DASHES },
-+  { {"no-poison-system-directories", no_argument, NULL,
-+    OPTION_NO_POISON_SYSTEM_DIRECTORIES},
-+    '\0', NULL, N_("Do not warn for -L options using system directories"),
-+    TWO_DASHES },
-+  { {"error-poison-system-directories", no_argument, NULL,
-+    OPTION_ERROR_POISON_SYSTEM_DIRECTORIES},
-+    '\0', NULL, N_("Give an error for -L options using system directories"),
-+    TWO_DASHES },
- };
- 
- #define OPTION_COUNT ARRAY_SIZE (ld_options)
-@@ -542,6 +550,7 @@ parse_args (unsigned argc, char **argv)
-   int ingroup = 0;
-   char *default_dirlist = NULL;
-   char *shortopts;
-+  char *BR_paranoid_env;
-   struct option *longopts;
-   struct option *really_longopts;
-   int last_optind;
-@@ -1516,6 +1525,14 @@ parse_args (unsigned argc, char **argv)
-           }
-           break;
- 
-+	case OPTION_NO_POISON_SYSTEM_DIRECTORIES:
-+	  command_line.poison_system_directories = FALSE;
-+	  break;
-+
-+	case OPTION_ERROR_POISON_SYSTEM_DIRECTORIES:
-+	  command_line.error_poison_system_directories = TRUE;
-+	  break;
-+
- 	case OPTION_PUSH_STATE:
- 	  input_flags.pushed = xmemdup (&input_flags,
- 					sizeof (input_flags),
-@@ -1559,6 +1576,10 @@ parse_args (unsigned argc, char **argv)
-       command_line.soname = NULL;
-     }
- 
-+  BR_paranoid_env = getenv("BR_COMPILER_PARANOID_UNSAFE_PATH");
-+  if (BR_paranoid_env && strlen(BR_paranoid_env) > 0)
-+    command_line.error_poison_system_directories = TRUE;
-+
-   while (ingroup)
-     {
-       lang_leave_group ();
--- 
-2.4.3
-

package/binutils/2.27/0900-Revert-part-Set-dynamic-tag-VMA-and-size-from-dynami.patch

@@ -1,36 +0,0 @@
-From c646b02fdcae5f37bd88f33a0c4683ef13ad5c82 Mon Sep 17 00:00:00 2001
-From: Alan Modra <amodra@gmail.com>
-Date: Mon, 31 Oct 2016 12:46:38 +1030
-Subject: [PATCH] Revert part "Set dynamic tag VMA and size from dynamic
- section when possible"
-
-	PR 20748
-	* elf32-microblaze.c (microblaze_elf_finish_dynamic_sections): Revert
-	2016-05-13 change.
-
-Signed-off-by: Alan Modra <amodra@gmail.com>
-Signed-off-by: Waldemar Brodkorb <wbx@uclibc-ng.org>
-
-diff --git a/bfd/elf32-microblaze.c b/bfd/elf32-microblaze.c
-index 477e7b3..5c66808 100644
---- a/bfd/elf32-microblaze.c
-+++ b/bfd/elf32-microblaze.c
-@@ -3396,13 +3396,13 @@ microblaze_elf_finish_dynamic_sections (bfd *output_bfd,
-             {
-               asection *s;
- 
--              s = bfd_get_linker_section (dynobj, name);
-+              s = bfd_get_section_by_name (output_bfd, name);
-               if (s == NULL)
-                 dyn.d_un.d_val = 0;
-               else
-                 {
-                   if (! size)
--                    dyn.d_un.d_ptr = s->output_section->vma + s->output_offset;
-+                    dyn.d_un.d_ptr = s->vma;
-                   else
-                     dyn.d_un.d_val = s->size;
-                 }
--- 
-2.1.4
-

package/binutils/2.27/0906-microblaze-pr21180.patch

@@ -1,33 +0,0 @@
-Fix ld segfault for microblaze when --gc-sections is used
-Upstream: pending
-https://sourceware.org/bugzilla/show_bug.cgi?id=21180
-
-Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
-
-diff -Nur binutils-2.27.orig/bfd/elf32-microblaze.c binutils-2.27/bfd/elf32-microblaze.c
---- binutils-2.27.orig/bfd/elf32-microblaze.c	2016-08-03 09:36:50.000000000 +0200
-+++ binutils-2.27/bfd/elf32-microblaze.c	2017-02-23 19:43:12.612313590 +0100
-@@ -3297,13 +3297,20 @@
- 	      || h->dynindx == -1))
-         {
-           asection *sec = h->root.u.def.section;
-+	  bfd_vma value;
-+
-+	  value = h->root.u.def.value;
-+	  if (sec->output_section != NULL)
-+	    /* PR 21180: If the output section is NULL, then the symbol is no
-+	       longer needed, and in theory the GOT entry is redundant.  But
-+	       it is too late to change our minds now...  */
-+	    value += sec->output_section->vma + sec->output_offset;
-+
-           microblaze_elf_output_dynamic_relocation (output_bfd,
-                                                     srela, srela->reloc_count++,
-                                                     /* symindex= */ 0,
-                                                     R_MICROBLAZE_REL, offset,
--                                                    h->root.u.def.value
--                                                    + sec->output_section->vma
--                                                    + sec->output_offset);
-+                                                    value);
-         }
-       else
-         {

package/binutils/2.27/0907-Automatically-enable-CRC-instructions-on-supported-A.patch

@@ -1,88 +0,0 @@
-From 29a4659015ca7044c2d425d32a0b828e0fbb5ac1 Mon Sep 17 00:00:00 2001
-From: Richard Earnshaw <Richard.Earnshaw@arm.com>
-Date: Wed, 7 Sep 2016 17:14:54 +0100
-Subject: [PATCH] Automatically enable CRC instructions on supported ARMv8-A
- CPUs.
-
-2016-09-07  Richard Earnshaw  <rearnsha@arm.com>
-
-	* opcode/arm.h (ARM_ARCH_V8A_CRC): New architecture.
-
-2016-09-07  Richard Earnshaw  <rearnsha@arm.com>
-
-	* config/tc-arm.c ((arm_cpus): Use ARM_ARCH_V8A_CRC for all
-	ARMv8-A CPUs except xgene1.
-
-Upstream: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=patch;h=27e5a270962fb92c07e7d476966ba380fa3bb68e
-Signed-off-by: Peter Seiderer <ps.report@gmx.net>
----
- gas/config/tc-arm.c  | 18 +++++++++---------
- include/opcode/arm.h |  2 ++
- 2 files changed, 11 insertions(+), 9 deletions(-)
-
-diff --git a/gas/config/tc-arm.c b/gas/config/tc-arm.c
-index 73d05316..7c86184d 100644
---- a/gas/config/tc-arm.c
-+++ b/gas/config/tc-arm.c
-@@ -25332,17 +25332,17 @@ static const struct arm_cpu_option_table arm_cpus[] =
- 								  "Cortex-A15"),
-   ARM_CPU_OPT ("cortex-a17",	ARM_ARCH_V7VE,   FPU_ARCH_NEON_VFP_V4,
- 								  "Cortex-A17"),
--  ARM_CPU_OPT ("cortex-a32",    ARM_ARCH_V8A,    FPU_ARCH_CRYPTO_NEON_VFP_ARMV8,
-+  ARM_CPU_OPT ("cortex-a32",    ARM_ARCH_V8A_CRC, FPU_ARCH_CRYPTO_NEON_VFP_ARMV8,
- 								  "Cortex-A32"),
--  ARM_CPU_OPT ("cortex-a35",    ARM_ARCH_V8A,    FPU_ARCH_CRYPTO_NEON_VFP_ARMV8,
-+  ARM_CPU_OPT ("cortex-a35",    ARM_ARCH_V8A_CRC, FPU_ARCH_CRYPTO_NEON_VFP_ARMV8,
- 								  "Cortex-A35"),
--  ARM_CPU_OPT ("cortex-a53",    ARM_ARCH_V8A,    FPU_ARCH_CRYPTO_NEON_VFP_ARMV8,
-+  ARM_CPU_OPT ("cortex-a53",    ARM_ARCH_V8A_CRC, FPU_ARCH_CRYPTO_NEON_VFP_ARMV8,
- 								  "Cortex-A53"),
--  ARM_CPU_OPT ("cortex-a57",    ARM_ARCH_V8A,    FPU_ARCH_CRYPTO_NEON_VFP_ARMV8,
-+  ARM_CPU_OPT ("cortex-a57",    ARM_ARCH_V8A_CRC, FPU_ARCH_CRYPTO_NEON_VFP_ARMV8,
- 								  "Cortex-A57"),
--  ARM_CPU_OPT ("cortex-a72",    ARM_ARCH_V8A,    FPU_ARCH_CRYPTO_NEON_VFP_ARMV8,
-+  ARM_CPU_OPT ("cortex-a72",    ARM_ARCH_V8A_CRC, FPU_ARCH_CRYPTO_NEON_VFP_ARMV8,
- 								  "Cortex-A72"),
--  ARM_CPU_OPT ("cortex-a73",    ARM_ARCH_V8A,    FPU_ARCH_CRYPTO_NEON_VFP_ARMV8,
-+  ARM_CPU_OPT ("cortex-a73",    ARM_ARCH_V8A_CRC, FPU_ARCH_CRYPTO_NEON_VFP_ARMV8,
- 								  "Cortex-A73"),
-   ARM_CPU_OPT ("cortex-r4",	ARM_ARCH_V7R,	 FPU_NONE,	  "Cortex-R4"),
-   ARM_CPU_OPT ("cortex-r4f",	ARM_ARCH_V7R,	 FPU_ARCH_VFP_V3D16,
-@@ -25361,10 +25361,10 @@ static const struct arm_cpu_option_table arm_cpus[] =
-   ARM_CPU_OPT ("cortex-m1",	ARM_ARCH_V6SM,	 FPU_NONE,	  "Cortex-M1"),
-   ARM_CPU_OPT ("cortex-m0",	ARM_ARCH_V6SM,	 FPU_NONE,	  "Cortex-M0"),
-   ARM_CPU_OPT ("cortex-m0plus",	ARM_ARCH_V6SM,	 FPU_NONE,	  "Cortex-M0+"),
--  ARM_CPU_OPT ("exynos-m1",	ARM_ARCH_V8A,	 FPU_ARCH_CRYPTO_NEON_VFP_ARMV8,
-+  ARM_CPU_OPT ("exynos-m1",	ARM_ARCH_V8A_CRC, FPU_ARCH_CRYPTO_NEON_VFP_ARMV8,
- 								  "Samsung " \
- 								  "Exynos M1"),
--  ARM_CPU_OPT ("qdf24xx",	ARM_ARCH_V8A,	 FPU_ARCH_CRYPTO_NEON_VFP_ARMV8,
-+  ARM_CPU_OPT ("qdf24xx",	ARM_ARCH_V8A_CRC, FPU_ARCH_CRYPTO_NEON_VFP_ARMV8,
- 								  "Qualcomm "
- 								  "QDF24XX"),
- 
-@@ -25389,7 +25389,7 @@ static const struct arm_cpu_option_table arm_cpus[] =
-   /* APM X-Gene family.  */
-   ARM_CPU_OPT ("xgene1",        ARM_ARCH_V8A,    FPU_ARCH_CRYPTO_NEON_VFP_ARMV8,
- 	                                                          "APM X-Gene 1"),
--  ARM_CPU_OPT ("xgene2",        ARM_ARCH_V8A,    FPU_ARCH_CRYPTO_NEON_VFP_ARMV8,
-+  ARM_CPU_OPT ("xgene2",        ARM_ARCH_V8A_CRC, FPU_ARCH_CRYPTO_NEON_VFP_ARMV8,
- 	                                                          "APM X-Gene 2"),
- 
-   { NULL, 0, ARM_ARCH_NONE, ARM_ARCH_NONE, NULL }
-diff --git a/include/opcode/arm.h b/include/opcode/arm.h
-index 60715cf8..feace5cd 100644
---- a/include/opcode/arm.h
-+++ b/include/opcode/arm.h
-@@ -263,6 +263,8 @@
- #define ARM_ARCH_V7M	ARM_FEATURE_CORE (ARM_AEXT_V7M, ARM_EXT2_V6T2_V8M)
- #define ARM_ARCH_V7EM	ARM_FEATURE_CORE (ARM_AEXT_V7EM, ARM_EXT2_V6T2_V8M)
- #define ARM_ARCH_V8A	ARM_FEATURE_CORE (ARM_AEXT_V8A, ARM_AEXT2_V8A)
-+#define ARM_ARCH_V8A_CRC ARM_FEATURE (ARM_AEXT_V8A, ARM_AEXT2_V8A, \
-+				      CRC_EXT_ARMV8)
- #define ARM_ARCH_V8_1A	ARM_FEATURE (ARM_AEXT_V8A, ARM_AEXT2_V8_1A,	\
- 				     CRC_EXT_ARMV8 | FPU_NEON_EXT_RDMA)
- #define ARM_ARCH_V8_2A	ARM_FEATURE (ARM_AEXT_V8A, ARM_AEXT2_V8_2A,	\
--- 
-2.11.0
-

package/binutils/Config.in.host

@@ -1,5 +1,11 @@
 comment "Binutils Options"
 
+config BR2_PACKAGE_HOST_BINUTILS_SUPPORTS_CFI
+	bool
+	default y
+	depends on !BR2_microblaze
+	depends on !(BR2_nios2 && (BR2_BINUTILS_VERSION_2_28_X || BR2_BINUTILS_VERSION_2_29_X))
+
 choice
 	prompt "Binutils Version"
 	default BR2_BINUTILS_VERSION_2_28_X if BR2_ARM_INSTRUCTIONS_THUMB

package/brltty/brltty.hash

@@ -1,3 +1,4 @@
 sha256 4ebf1df5922df0efccac4795f5bd1c514fc850348c34d9ec0868e2798b565a36 brltty-5.5.tar.xz
 sha256 91df39d1816bfb17a4dda2d3d2c83b1f6f2d38d53e53e41e8f97ad5ac46a0cad LICENSE-GPL
 sha256 d80c9d084ebfb50ea1ed91bfbc2410d6ce542097a32c43b00781b83adcb8c77f LICENSE-LGPL
+sha256 6ba58188449642de8adefd7adabb436185792c5c51a4b5d04650423c2151dc50 README

package/brltty/brltty.mk

@@ -9,7 +9,8 @@ BRLTTY_SOURCE = brltty-$(BRLTTY_VERSION).tar.xz
 BRLTTY_SITE = http://brltty.com/archive
 BRLTTY_INSTALL_STAGING_OPTS = INSTALL_ROOT=$(STAGING_DIR) install
 BRLTTY_INSTALL_TARGET_OPTS = INSTALL_ROOT=$(TARGET_DIR) install
-BRLTTY_LICENSE_FILES = LICENSE-GPL LICENSE-LGPL
+BRLTTY_LICENSE = GPL-2.0+, LGPL-2.1+ (data, client side)
+BRLTTY_LICENSE_FILES = LICENSE-GPL LICENSE-LGPL README
 
 BRLTTY_DEPENDENCIES = $(TARGET_NLS_DEPENDENCIES) host-autoconf host-pkgconf \
 	$(if $(BR2_PACKAGE_AT_SPI2_CORE),at-spi2-core)

package/brotli/0001-CMake-Allow-using-BUILD_SHARED_LIBS-to-choose-static.patch

@@ -1,4 +1,4 @@
-From b60b613e7c2c9bf7a142c3c486ac6e77ad93f5d1 Mon Sep 17 00:00:00 2001
+From 7289e5a378ba13801996a84d89d8fe95c3fc4c11 Mon Sep 17 00:00:00 2001
 From: Adrian Perez de Castro <aperez@igalia.com>
 Date: Mon, 26 Mar 2018 19:08:31 +0100
 Subject: [PATCH] CMake: Allow using BUILD_SHARED_LIBS to choose static/shared
@@ -27,7 +27,7 @@ Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
 Upstream-Status: Submitted [https://github.com/google/brotli/pull/655]
 
 diff --git a/CMakeLists.txt b/CMakeLists.txt
-index 99b9258..3867931 100644
+index fc45f80..3f87f13 100644
 --- a/CMakeLists.txt
 +++ b/CMakeLists.txt
 @@ -6,6 +6,8 @@ cmake_minimum_required(VERSION 2.8.6)
@@ -120,25 +120,25 @@ index 99b9258..3867931 100644
      DIRECTORY ${BROTLI_INCLUDE_DIRS}/brotli
      DESTINATION "${CMAKE_INSTALL_INCLUDEDIR}"
 diff --git a/c/fuzz/test_fuzzer.sh b/c/fuzz/test_fuzzer.sh
-index 5c754e1..e85e12f 100755
+index 9985194..4b99947 100755
 --- a/c/fuzz/test_fuzzer.sh
 +++ b/c/fuzz/test_fuzzer.sh
-@@ -14,12 +14,12 @@ mkdir bin
+@@ -13,12 +13,12 @@ mkdir bin
  cd bin
  
- cmake $BROTLI -DCMAKE_C_COMPILER="$CC" -DCMAKE_CXX_COMPILER="$CXX" \
+ cmake $BROTLI -DCMAKE_C_COMPILER="$CC" \
 -    -DBUILD_TESTING=OFF -DENABLE_SANITIZER=address
 -make -j$(nproc) brotlidec-static
 +    -DBUILD_TESTING=OFF -DBUILD_SHARED_LIBS=OFF -DENABLE_SANITIZER=address
 +make -j$(nproc) brotlidec
  
- ${CXX} -o run_decode_fuzzer -std=c++11 -fsanitize=address -I$SRC/include \
-     $SRC/fuzz/decode_fuzzer.cc $SRC/fuzz/run_decode_fuzzer.cc \
+ ${CC} -o run_decode_fuzzer -std=c99 -fsanitize=address -I$SRC/include \
+     $SRC/fuzz/decode_fuzzer.c $SRC/fuzz/run_decode_fuzzer.c \
 -    ./libbrotlidec-static.a ./libbrotlicommon-static.a
 +    ./libbrotlidec.a ./libbrotlicommon.a
  
  mkdir decode_corpora
  unzip $BROTLI/java/org/brotli/integration/fuzz_data.zip -d decode_corpora
 -- 
-2.16.3
+2.19.1
 

package/brotli/0001-Tell-CMake-to-not-check-for-a-C-compiler.patch

@@ -1,31 +0,0 @@
-From fea0b1e46c486225d57e730cc0f94fa06b5b93fc Mon Sep 17 00:00:00 2001
-From: Adrian Perez de Castro <aperez@igalia.com>
-Date: Mon, 26 Mar 2018 12:12:00 +0100
-Subject: [PATCH] Tell CMake to not check for a C++ compiler
-
-By default CMake checks both for C and C++ compilers, while the latter
-is not needed. Setting the list of languages to just "C" in the call to
-project() removes the unneeded check.
----
- CMakeLists.txt | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
-Upstream-Status: Submitted [https://github.com/google/brotli/pull/653]
-
-diff --git a/CMakeLists.txt b/CMakeLists.txt
-index 2dc7232..3fbcbfb 100644
---- a/CMakeLists.txt
-+++ b/CMakeLists.txt
-@@ -4,7 +4,7 @@
- # support 2.8.7.
- cmake_minimum_required(VERSION 2.8.6)
- 
--project(brotli)
-+project(brotli LANGUAGES C)
- 
- # If Brotli is being bundled in another project, we don't want to
- # install anything.  However, we want to let people override this, so
--- 
-2.16.3
-

package/brotli/brotli.hash

@@ -1,5 +1,5 @@
 # Locally generated:
-sha512  93adcf437d730ac403e444285ac8aefbb2c8a6b5e1b064e8ee33684c067287a8159e0ee73d2217c167881e87da73fa494792d963a15508fd42b2ac4a5b52823c  v1.0.3.tar.gz
+sha512  a82362aa36d2f2094bca0b2808d9de0d57291fb3a4c29d7c0ca0a37e73087ec5ac4df299c8c363e61106fccf2fe7f58b5cf76eb97729e2696058ef43b1d3930a  v1.0.7.tar.gz
 
 # Hash for license files:
 sha512  bae78184c2f50f86d8c727826d3982c469454c42b9af81f4ef007e39036434fa894cf5be3bf5fc65b7de2301f0a72d067a8186e303327db8a96bd14867e0a3a8  LICENSE

package/brotli/brotli.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-BROTLI_VERSION = 1.0.3
+BROTLI_VERSION = 1.0.7
 BROTLI_SOURCE = v$(BROTLI_VERSION).tar.gz
 BROTLI_SITE = https://github.com/google/brotli/archive
 BROTLI_LICENSE = MIT

package/busybox/0003-Revert-libbb-remove-unnecessary-variable-in-xmalloc_.patch

@@ -1,39 +0,0 @@
-From 0d598ab9f03dbf320f7b81c05e4a94cb303dfbc7 Mon Sep 17 00:00:00 2001
-From: Denys Vlasenko <vda.linux@googlemail.com>
-Date: Sun, 2 Sep 2018 18:35:29 +0200
-Subject: [PATCH] Revert "libbb: remove unnecessary variable in xmalloc_fgets"
-
-The variable is in fact necessary.
-
-    commit 2da9724b56169f00bd7fb6b9a11c9409a7620981
-    Author: Quentin Rameau <quinq@fifth.space>
-    Date:   Sun Apr 1 17:05:35 2018 +0200
-        libbb: remove unnecessary variable in xmalloc_fgets
-
-Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
-[Thomas De Schampheleire: added to unbreak 'head -n -1',
-see http://lists.busybox.net/pipermail/busybox/2018-August/086617.html ]
-Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
-
----
- libbb/get_line_from_file.c | 4 +++-
- 1 file changed, 3 insertions(+), 1 deletion(-)
-
-diff --git a/libbb/get_line_from_file.c b/libbb/get_line_from_file.c
-index f3d6c6203..49ef093c2 100644
---- a/libbb/get_line_from_file.c
-+++ b/libbb/get_line_from_file.c
-@@ -47,7 +47,9 @@ char* FAST_FUNC bb_get_chunk_from_file(FILE *file, size_t *end)
- /* Get line, including trailing \n if any */
- char* FAST_FUNC xmalloc_fgets(FILE *file)
- {
--	return bb_get_chunk_from_file(file, NULL);
-+	int i;
-+
-+	return bb_get_chunk_from_file(file, &i);
- }
- /* Get line.  Remove trailing \n */
- char* FAST_FUNC xmalloc_fgetline(FILE *file)
--- 
-2.16.4
-

package/busybox/busybox.hash

@@ -1,3 +1,3 @@
-# From https://busybox.net/downloads/busybox-1.29.2.tar.bz2.sha256
-sha256 67d2fa6e147a45875fe972de62d907ef866fe784c495c363bf34756c444a5d61  busybox-1.29.2.tar.bz2
+# From https://busybox.net/downloads/busybox-1.29.3.tar.bz2.sha256
+sha256 97648636e579462296478e0218e65e4bc1e9cd69089a3b1aeb810bff7621efb7  busybox-1.29.3.tar.bz2
 sha256 bbfc9843646d483c334664f651c208b9839626891d8f17604db2146962f43548  LICENSE

package/busybox/busybox.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-BUSYBOX_VERSION = 1.29.2
+BUSYBOX_VERSION = 1.29.3
 BUSYBOX_SITE = http://www.busybox.net/downloads
 BUSYBOX_SOURCE = busybox-$(BUSYBOX_VERSION).tar.bz2
 BUSYBOX_LICENSE = GPL-2.0

package/ca-certificates/ca-certificates.mk

@@ -16,7 +16,7 @@ CA_CERTIFICATES_LICENSE = GPL-2.0+ (script), MPL-2.0 (data)
 CA_CERTIFICATES_LICENSE_FILES = debian/copyright
 
 define CA_CERTIFICATES_BUILD_CMDS
-	$(TARGET_MAKE_ENV) $(MAKE) -C $(@D) all
+	$(TARGET_MAKE_ENV) $(MAKE) -C $(@D) clean all
 endef
 
 define CA_CERTIFICATES_INSTALL_TARGET_CMDS
@@ -31,13 +31,17 @@ define CA_CERTIFICATES_INSTALL_TARGET_CMDS
 	# Create symlinks to certificates under /etc/ssl/certs
 	# and generate the bundle
 	cd $(TARGET_DIR) ;\
-	for i in `find usr/share/ca-certificates -name "*.crt"` ; do \
+	for i in `find usr/share/ca-certificates -name "*.crt" | LC_COLLATE=C sort` ; do \
 		ln -sf ../../../$$i etc/ssl/certs/`basename $${i} .crt`.pem ;\
-		cat $$i >>etc/ssl/certs/ca-certificates.crt ;\
-	done
+		cat $$i ;\
+	done >$(@D)/ca-certificates.crt
 
 	# Create symlinks to the certificates by their hash values
 	$(HOST_DIR)/bin/c_rehash $(TARGET_DIR)/etc/ssl/certs
+
+	# Install the certificates bundle
+	$(INSTALL) -D -m 644 $(@D)/ca-certificates.crt \
+		$(TARGET_DIR)/etc/ssl/certs/ca-certificates.crt
 endef
 
 $(eval $(generic-package))

package/clamav/clamav.hash

@@ -1,5 +1,5 @@
 # Locally calculated
-sha256 84e026655152247de7237184ee13003701c40be030dd68e0316111049f58a59f  clamav-0.100.1.tar.gz
+sha256 4a2e4f0cd41e62adb5a713b4a1857c49145cd09a69957e6d946ecad575206dd6  clamav-0.100.2.tar.gz
 sha256 0c4fd2fa9733fc9122503797648710851e4ee6d9e4969dd33fcbd8c63cd2f584  COPYING
 sha256 d72a145c90918184a05ef65a04c9e6f7466faa59bc1b82c8f6a8ddc7ddcb9bed  COPYING.bzip2
 sha256 dfb818a0d41411c6fb1c193c68b73018ceadd1994bda41ad541cbff292894bc6  COPYING.file

package/clamav/clamav.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-CLAMAV_VERSION = 0.100.1
+CLAMAV_VERSION = 0.100.2
 CLAMAV_SITE = https://www.clamav.net/downloads/production
 CLAMAV_LICENSE = GPL-2.0
 CLAMAV_LICENSE_FILES = COPYING COPYING.bzip2 COPYING.file COPYING.getopt \

package/connman/Config.in

@@ -14,7 +14,7 @@ config BR2_PACKAGE_CONNMAN
 	  for managing internet connections within embedded devices
 	  running the Linux operating system.
 
-	  For more information, see https://01.org/connman
+	  https://01.org/connman
 
 if BR2_PACKAGE_CONNMAN
 

package/cppcms/cppcms.hash

@@ -3,3 +3,5 @@ sha1	15f21897c14acfd4b0c74622e49d95857f2fe939	cppcms-1.0.5.tar.bz2
 md5	d668c201dd31fff8090380ebdc0bcc2b	cppcms-1.0.5.tar.bz2
 # Locally computed:
 sha256	84b685977bca97c3e997497f227bd5906adb80555066d811a7046b01c2f51865	cppcms-1.0.5.tar.bz2
+sha256	2ff22bab712c46dbadf9bae0f759bbc95d5d87614cacb7ebc3d5a50910603d6a	COPYING.TXT
+sha256	70fbf0194bee0f444c57ecd47e7d976a3e5a890e4421a21aab49f2d214267e69	THIRD_PARTY_SOFTWARE.TXT

package/cppcms/cppcms.mk

@@ -6,8 +6,8 @@
 
 CPPCMS_VERSION = 1.0.5
 CPPCMS_SOURCE = cppcms-$(CPPCMS_VERSION).tar.bz2
-CPPCMS_LICENSE = LGPL-3.0
-CPPCMS_LICENSE_FILES = COPYING.TXT
+CPPCMS_LICENSE = LGPL-3.0, BSL-1.0 (boost), MIT (base64.cpp), Public Domain (json2.js), Zlib (md5)
+CPPCMS_LICENSE_FILES = COPYING.TXT THIRD_PARTY_SOFTWARE.TXT
 CPPCMS_SITE = http://downloads.sourceforge.net/project/cppcms/cppcms/$(CPPCMS_VERSION)
 CPPCMS_INSTALL_STAGING = YES
 CPPCMS_CXXFLAGS = $(TARGET_CXXFLAGS)

package/cups-filters/cups-filters.mk

@@ -8,7 +8,8 @@ CUPS_FILTERS_VERSION = 1.20.3
 CUPS_FILTERS_SITE = http://openprinting.org/download/cups-filters
 CUPS_FILTERS_LICENSE = GPL-2.0, GPL-2.0+, GPL-3.0, GPL-3.0+, LGPL-2, LGPL-2.1+, MIT, BSD-4-Clause
 CUPS_FILTERS_LICENSE_FILES = COPYING
-
+# 0001-Replace-relative-linking-with-absolute-linking.patch
+CUPS_FILTERS_AUTORECONF = YES
 CUPS_FILTERS_DEPENDENCIES = cups libglib2 lcms2 qpdf fontconfig freetype jpeg
 
 CUPS_FILTERS_CONF_OPTS = --disable-imagefilters \

package/domoticz/Config.in

@@ -3,6 +3,7 @@ config BR2_PACKAGE_DOMOTICZ
 	depends on BR2_USE_MMU # mosquitto
 	depends on BR2_TOOLCHAIN_HAS_SYNC_4 # mosquitto
 	depends on !BR2_STATIC_LIBS # mosquitto
+	depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_8 # sleep_for
 	# pthread_condattr_setclock
 	depends on BR2_TOOLCHAIN_HAS_THREADS_NPTL
 	depends on BR2_INSTALL_LIBSTDCPP
@@ -27,10 +28,11 @@ config BR2_PACKAGE_DOMOTICZ
 
 	  http://domoticz.com
 
-comment "domoticz needs lua >= 5.2 and a toolchain w/ C++, NPTL, wchar, dynamic library"
+comment "domoticz needs lua >= 5.2 and a toolchain w/ C++, gcc >= 4.8, NPTL, wchar, dynamic library"
 	depends on BR2_USE_MMU
 	depends on BR2_TOOLCHAIN_HAS_SYNC_4
 	depends on !BR2_INSTALL_LIBSTDCPP || \
+		!BR2_TOOLCHAIN_GCC_AT_LEAST_4_8 || \
 		!BR2_TOOLCHAIN_HAS_THREADS_NPTL || \
 		!BR2_USE_WCHAR || BR2_STATIC_LIBS || \
 		!(BR2_PACKAGE_LUA_5_2 || BR2_PACKAGE_LUA_5_3)

package/dtc/0001-Kill-bogus-TYPE_BLOB-marker-type.patch

@@ -0,0 +1,138 @@
+From 9619c8619c37b9aea98100bcc15c51a5642e877e Mon Sep 17 00:00:00 2001
+From: Greg Kurz <groug@kaod.org>
+Date: Thu, 30 Aug 2018 12:01:59 +0200
+Subject: [PATCH] Kill bogus TYPE_BLOB marker type
+
+Since commit 32b9c6130762 "Preserve datatype markers when emitting dts
+format", we no longer try to guess the value type. Instead, we reuse
+the type of the datatype markers when they are present, if the type
+is either TYPE_UINT* or TYPE_STRING.
+
+This causes 'dtc -I fs' to crash:
+
+Starting program: /root/dtc -q -f -O dts -I fs /proc/device-tree
+/dts-v1/;
+
+/ {
+
+Program received signal SIGSEGV, Segmentation fault.
+__strlen_power8 () at ../sysdeps/powerpc/powerpc64/power8/strlen.S:47
+47              ld      r12,0(r4)     /* Load doubleword from memory.  */
+(gdb) bt
+#0  __strlen_power8 () at ../sysdeps/powerpc/powerpc64/power8/strlen.S:47
+#1  0x00007ffff7de3d10 in __GI__IO_fputs (str=<optimized out>,
+    fp=<optimized out>) at iofputs.c:33
+#2  0x000000001000c7a0 in write_propval (prop=0x100525e0,
+    f=0x7ffff7f718a0 <_IO_2_1_stdout_>) at treesource.c:245
+
+The offending line is:
+
+                fprintf(f, "%s", delim_start[emit_type]);
+
+where emit_type is TYPE_BLOB and:
+
+static const char *delim_start[] = {
+        [TYPE_UINT8] = "[",
+        [TYPE_UINT16] = "/bits/ 16 <",
+        [TYPE_UINT32] = "<",
+        [TYPE_UINT64] = "/bits/ 64 <",
+        [TYPE_STRING] = "",
+};
+
+/* Data blobs */
+enum markertype {
+        TYPE_NONE,
+        REF_PHANDLE,
+        REF_PATH,
+        LABEL,
+        TYPE_UINT8,
+        TYPE_UINT16,
+        TYPE_UINT32,
+        TYPE_UINT64,
+        TYPE_BLOB,
+        TYPE_STRING,
+};
+
+Because TYPE_BLOB < TYPE_STRING and delim_start[] is a static array,
+delim_start[emit_type] is 0x0. The glibc usually prints out "(null)"
+when one passes 0x0 to %s, but it seems to call fputs() internally if
+the format is exactly "%s", hence the crash.
+
+TYPE_BLOB basically means the data comes from a file and we don't know
+its type. We don't care for the former, and the latter is TYPE_NONE.
+
+So let's drop TYPE_BLOB completely and use TYPE_NONE instead when reading
+the file. Then, try to guess the data type at emission time, like the
+code already does for refs and labels.
+
+Instead of adding yet another check for TYPE_NONE, an helper is introduced
+to check if the data marker has type information, ie, >= TYPE_UINT8.
+
+Fixes: 32b9c61307629ac76c6ac0bead6f926d579b3d2c
+Suggested-by: David Gibson <david@gibson.dropbear.id.au>
+Signed-off-by: Greg Kurz <groug@kaod.org>
+Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
+Signed-off-by: Joel Stanley <joel@jms.id.au>
+---
+ data.c       | 2 +-
+ dtc.h        | 1 -
+ treesource.c | 9 +++++++--
+ 3 files changed, 8 insertions(+), 4 deletions(-)
+
+diff --git a/data.c b/data.c
+index accdfaef6668..4a204145cc7b 100644
+--- a/data.c
++++ b/data.c
+@@ -95,7 +95,7 @@ struct data data_copy_file(FILE *f, size_t maxlen)
+ {
+ 	struct data d = empty_data;
+ 
+-	d = data_add_marker(d, TYPE_BLOB, NULL);
++	d = data_add_marker(d, TYPE_NONE, NULL);
+ 	while (!feof(f) && (d.len < maxlen)) {
+ 		size_t chunksize, ret;
+ 
+diff --git a/dtc.h b/dtc.h
+index 303c2a6a73b7..51c03ef64dbe 100644
+--- a/dtc.h
++++ b/dtc.h
+@@ -82,7 +82,6 @@ enum markertype {
+ 	TYPE_UINT16,
+ 	TYPE_UINT32,
+ 	TYPE_UINT64,
+-	TYPE_BLOB,
+ 	TYPE_STRING,
+ };
+ extern const char *markername(enum markertype markertype);
+diff --git a/treesource.c b/treesource.c
+index f99544d72344..53e62036ad0e 100644
+--- a/treesource.c
++++ b/treesource.c
+@@ -133,9 +133,14 @@ static void write_propval_int(FILE *f, const char *p, size_t len, size_t width)
+ 	}
+ }
+ 
++static bool has_data_type_information(struct marker *m)
++{
++	return m->type >= TYPE_UINT8;
++}
++
+ static struct marker *next_type_marker(struct marker *m)
+ {
+-	while (m && (m->type == LABEL || m->type == REF_PHANDLE || m->type == REF_PATH))
++	while (m && !has_data_type_information(m))
+ 		m = m->next;
+ 	return m;
+ }
+@@ -225,7 +230,7 @@ static void write_propval(FILE *f, struct property *prop)
+ 		size_t chunk_len;
+ 		const char *p = &prop->val.val[m->offset];
+ 
+-		if (m->type < TYPE_UINT8)
++		if (!has_data_type_information(m))
+ 			continue;
+ 
+ 		chunk_len = type_marker_length(m);
+-- 
+2.17.1
+

package/dtc/0002-Fix-include-guards-for-older-kernel-u-boot-sources.patch

@@ -0,0 +1,46 @@
+From b1f8b84489c96465b63485b884238b61d31ca84d Mon Sep 17 00:00:00 2001
+From: Lothar Felten <lothar.felten@gmail.com>
+Date: Mon, 8 Oct 2018 13:29:44 +0200
+Subject: [PATCH 1/1] Fix include guards for older kernel/u-boot sources
+
+Linux kernels before 4.17 and U-Boot versions before 2018.07 use libfdt
+include guards with leading underscores.
+
+Those have been removed in dtc-1.4.7.
+
+This patch handles both include guard types and allows the compilation
+of older Linux kernel and u-boot sources.
+
+Signed-off-by: Lothar Felten <lothar.felten@gmail.com>
+---
+ libfdt/libfdt.h     | 4 ++++
+ libfdt/libfdt_env.h | 4 ++++
+ 2 files changed, 8 insertions(+)
+
+diff --git a/libfdt/libfdt.h b/libfdt/libfdt.h
+index 830b77e..bef4566 100644
+--- a/libfdt/libfdt.h
++++ b/libfdt/libfdt.h
+@@ -1,3 +1,7 @@
++#ifdef _LIBFDT_H
++#warning "Please consider updating your kernel and/or u-boot version"
++#define LIBFDT_H
++#endif
+ #ifndef LIBFDT_H
+ #define LIBFDT_H
+ /*
+diff --git a/libfdt/libfdt_env.h b/libfdt/libfdt_env.h
+index eb20538..6a61e6a 100644
+--- a/libfdt/libfdt_env.h
++++ b/libfdt/libfdt_env.h
+@@ -1,3 +1,7 @@
++#ifdef _LIBFDT_ENV_H
++#warning "Please consider updating your kernel and/or u-boot version"
++#define LIBFDT_ENV_H
++#endif
+ #ifndef LIBFDT_ENV_H
+ #define LIBFDT_ENV_H
+ /*
+-- 
+2.11.0
+

package/dtc/0003-checks-fix-simple-bus-compatible-matching.patch

@@ -0,0 +1,120 @@
+From 5277449e5fd13a2f3778ed3380ba157cb9d4ea55 Mon Sep 17 00:00:00 2001
+From: Rob Herring <robh@kernel.org>
+Date: Thu, 20 Sep 2018 14:30:03 -0700
+Subject: [PATCH] checks: fix simple-bus compatible matching
+
+Since commit 7975f6422260 ("Fix widespread incorrect use of strneq(),
+replace with new strprefixeq()") simple-bus checks have been silently
+skipped. The problem was 'end - str' is one more than the string length
+and the strnlen in strprefixeq fails. This can't be fixed simply by
+subtracting one as it is possible to have multiple '\0' at the end of
+the property. Fix this by making the 'compatible' property string list
+check a dependency, and then we can assume the property is null
+terminated and we can just use streq() for comparisons.
+
+Add some tests so the problem doesn't happen again.
+
+Fixes: 7975f6422260 ("Fix widespread incorrect use of strneq(), replace with new strprefixeq()")
+Reported-by: Kumar Gala <kumar.gala@linaro.org>
+Signed-off-by: Rob Herring <robh@kernel.org>
+Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
+[Backport from upstream commit e84742aa7b934cd6603e3a64f8c0966f683c5711]
+Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
+---
+ checks.c                                    |  5 +++--
+ tests/run_tests.sh                          |  4 ++++
+ tests/unit-addr-simple-bus-compatible.dts   | 18 ++++++++++++++++++
+ tests/unit-addr-simple-bus-reg-mismatch.dts | 18 ++++++++++++++++++
+ 4 files changed, 43 insertions(+), 2 deletions(-)
+ create mode 100644 tests/unit-addr-simple-bus-compatible.dts
+ create mode 100644 tests/unit-addr-simple-bus-reg-mismatch.dts
+
+diff --git a/checks.c b/checks.c
+index a2cc103..acf91c3 100644
+--- a/checks.c
++++ b/checks.c
+@@ -910,7 +910,7 @@ static bool node_is_compatible(struct node *node, const char *compat)
+ 
+ 	for (str = prop->val.val, end = str + prop->val.len; str < end;
+ 	     str += strnlen(str, end - str) + 1) {
+-		if (strprefixeq(str, end - str, compat))
++		if (streq(str, compat))
+ 			return true;
+ 	}
+ 	return false;
+@@ -921,7 +921,8 @@ static void check_simple_bus_bridge(struct check *c, struct dt_info *dti, struct
+ 	if (node_is_compatible(node, "simple-bus"))
+ 		node->bus = &simple_bus;
+ }
+-WARNING(simple_bus_bridge, check_simple_bus_bridge, NULL, &addr_size_cells);
++WARNING(simple_bus_bridge, check_simple_bus_bridge, NULL,
++	&addr_size_cells, &compatible_is_string_list);
+ 
+ static void check_simple_bus_reg(struct check *c, struct dt_info *dti, struct node *node)
+ {
+diff --git a/tests/run_tests.sh b/tests/run_tests.sh
+index 7348c9c..c4354d2 100755
+--- a/tests/run_tests.sh
++++ b/tests/run_tests.sh
+@@ -652,6 +652,10 @@ dtc_tests () {
+     check_tests pci-bridge-bad1.dts pci_bridge
+     check_tests pci-bridge-bad2.dts pci_bridge
+ 
++    check_tests unit-addr-simple-bus-reg-mismatch.dts simple_bus_reg
++    check_tests unit-addr-simple-bus-compatible.dts simple_bus_reg
++
++
+     # Check warning options
+     run_sh_test dtc-checkfails.sh address_cells_is_cell interrupt_cells_is_cell -n size_cells_is_cell -- -Wno_size_cells_is_cell -I dts -O dtb bad-ncells.dts
+     run_sh_test dtc-fails.sh -n test-warn-output.test.dtb -I dts -O dtb bad-ncells.dts
+diff --git a/tests/unit-addr-simple-bus-compatible.dts b/tests/unit-addr-simple-bus-compatible.dts
+new file mode 100644
+index 0000000..c8f9341
+--- /dev/null
++++ b/tests/unit-addr-simple-bus-compatible.dts
+@@ -0,0 +1,18 @@
++/dts-v1/;
++
++/ {
++	#address-cells = <1>;
++	#size-cells = <1>;
++
++	bus@10000000 {
++		#address-cells = <1>;
++		#size-cells = <1>;
++		compatible = "foo-bus", "simple-bus";
++		ranges = <0x0 0x10000000 0x10000>;
++
++		node@100 {
++			reg = <0x1000 1>;
++		};
++	};
++
++};
+diff --git a/tests/unit-addr-simple-bus-reg-mismatch.dts b/tests/unit-addr-simple-bus-reg-mismatch.dts
+new file mode 100644
+index 0000000..2823377
+--- /dev/null
++++ b/tests/unit-addr-simple-bus-reg-mismatch.dts
+@@ -0,0 +1,18 @@
++/dts-v1/;
++
++/ {
++	#address-cells = <1>;
++	#size-cells = <1>;
++
++	bus@10000000 {
++		#address-cells = <1>;
++		#size-cells = <1>;
++		compatible = "simple-bus";
++		ranges = <0x0 0x10000000 0x10000>;
++
++		node@100 {
++			reg = <0x1000 1>;
++		};
++	};
++
++};
+-- 
+2.19.1
+

package/easydbus/0001-easydbus-is-a-C-project-file.patch

@@ -0,0 +1,33 @@
+From a4bd47f593fbe55bd3ab17532e64be74aff5b29d Mon Sep 17 00:00:00 2001
+From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+Date: Sat, 17 Nov 2018 11:38:05 +0100
+Subject: [PATCH] easydbus is a C project file
+
+Specify that easydbus is a C project file otherwise build will fail if
+no C++ compiler is found by cmake
+
+Fixes:
+ - http://autobuild.buildroot.org/results/486c3cd98124e7415dee2fd1463bd5e0fcc9ba91
+
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+[Upstream status: https://github.com/mniestroj/easydbus/pull/2]
+---
+ CMakeLists.txt | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/CMakeLists.txt b/CMakeLists.txt
+index 58ccb2d..575eb24 100644
+--- a/CMakeLists.txt
++++ b/CMakeLists.txt
+@@ -5,7 +5,7 @@
+ #
+ 
+ cmake_minimum_required(VERSION 2.6)
+-project(easydbus)
++project(easydbus C)
+ 
+ add_definitions("-Wall -Wextra -Wno-unused-parameter")
+ set(CMAKE_C_FLAGS_RELEASE "-O2")
+-- 
+2.17.1
+

package/elfutils/elfutils.hash

@@ -1,5 +1,5 @@
-# From https://sourceware.org/elfutils/ftp/0.171/sha512.sum
-sha512 777be2d63ca9b11440bf358a33428d9ca974e2612a880934156c9f7194af596ed627c1ed2d48dbd47a3761c94913b8f39565f9dcb6b62c92bf229f04c96d5ee3  elfutils-0.171.tar.bz2
+# From https://sourceware.org/elfutils/ftp/0.174/sha512.sum
+sha512 696708309c2a9a076099748809ecdc0490f4a8a842b2efc1aae0d746e7c5a8b203743f5626739eff837216b0c052696516b2821f5d3cc3f2eef86597c96d42df  elfutils-0.174.tar.bz2
 # Locally calculated
 sha256 8ceb4b9ee5adedde47b31e975c1d90c73ad27b6b165a1dcd80c7c545eb65b903  COPYING
 sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643  COPYING-GPLV2

package/elfutils/elfutils.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-ELFUTILS_VERSION = 0.171
+ELFUTILS_VERSION = 0.174
 ELFUTILS_SOURCE = elfutils-$(ELFUTILS_VERSION).tar.bz2
 ELFUTILS_SITE = https://sourceware.org/elfutils/ftp/$(ELFUTILS_VERSION)
 ELFUTILS_INSTALL_STAGING = YES

package/erlang/Config.in

@@ -23,6 +23,7 @@ config BR2_PACKAGE_ERLANG
 	depends on !BR2_STATIC_LIBS
 	depends on BR2_TOOLCHAIN_HAS_THREADS
 	depends on BR2_PACKAGE_ERLANG_ARCH_SUPPORTS
+	select BR2_PACKAGE_ZLIB
 	help
 	  Erlang is a programming language used to build massively
 	  scalable soft real-time systems with requirements on high

package/erlang/erlang.mk

@@ -64,10 +64,9 @@ else
 ERLANG_CONF_OPTS += --without-odbc
 endif
 
-ifeq ($(BR2_PACKAGE_ZLIB),y)
+# Always use Buildroot's zlib
 ERLANG_CONF_OPTS += --enable-shared-zlib
 ERLANG_DEPENDENCIES += zlib
-endif
 
 # Remove source, example, gs and wx files from staging and target.
 ERLANG_REMOVE_PACKAGES = gs wx

package/file/file.mk

@@ -12,6 +12,7 @@ FILE_CONF_ENV = ac_cv_prog_cc_c99='-std=gnu99'
 FILE_INSTALL_STAGING = YES
 FILE_LICENSE = BSD-2-Clause, BSD-4-Clause (one file), BSD-3-Clause (one file)
 FILE_LICENSE_FILES = COPYING src/mygetopt.h src/vasprintf.c
+HOST_FILE_CONF_OPTS = --disable-libseccomp
 
 ifeq ($(BR2_PACKAGE_LIBSECCOMP),y)
 FILE_CONF_OPTS += --enable-libseccomp

package/fio/fio.hash

@@ -1,2 +1,4 @@
 # Locally computed
 sha256 1952db4d534221e6e8454f851dfcc38328b0ed4a3f499ea25a51ca2b5ccc8136  fio-fio-2.20.tar.gz
+sha256 204d8eff92f95aac4df6c8122bc1505f468f3a901e5a4cc08940e0ede1938994  COPYING
+sha256 8a240c1ad13d1fe3e58588643d81d0695899be4a669fe6d8fafa76ca6a89db2c  MORAL-LICENSE

package/fio/fio.mk

@@ -6,8 +6,8 @@
 
 FIO_VERSION = fio-2.20
 FIO_SITE = git://git.kernel.dk/fio.git
-FIO_LICENSE = GPL-2.0 + special obligations
-FIO_LICENSE_FILES = COPYING
+FIO_LICENSE = GPL-2.0
+FIO_LICENSE_FILES = COPYING MORAL-LICENSE
 
 ifeq ($(BR2_PACKAGE_LIBAIO),y)
 FIO_DEPENDENCIES += libaio

package/flare-engine/flare-engine.mk

@@ -14,4 +14,9 @@ FLARE_ENGINE_DEPENDENCIES += sdl2 sdl2_image sdl2_mixer sdl2_ttf
 # Don't use /usr/games and /usr/share/games
 FLARE_ENGINE_CONF_OPTS += -DBINDIR=bin -DDATADIR=share/flare
 
+# Don't use the default Debug type as it adds -pg (gprof)
+ifeq ($(BR2_ENABLE_DEBUG),y)
+FLARE_ENGINE_CONF_OPTS += -DCMAKE_BUILD_TYPE=RelWithDebInfo
+endif
+
 $(eval $(cmake-package))

package/flatcc/0001-CMakeLists.txt-conditionally-require-C-based-on-FLAT.patch

@@ -0,0 +1,56 @@
+From 878d51187bbc1ad490b4cd15e3741bc0bd11b6b2 Mon Sep 17 00:00:00 2001
+From: Joel Carlson <JoelsonCarl@gmail.com>
+Date: Thu, 6 Sep 2018 14:53:20 -0600
+Subject: [PATCH] CMakeLists.txt: conditionally require C++ based on
+ FLATCC_TEST (#94)
+
+C++ is only used when building the tests, so only include it as a
+language via project() when FLATCC_TEST is enabled. This allows
+toolchains that don't have C++ to build flatcc.
+
+Signed-off-by: Joel Carlson <JoelsonCarl@gmail.com>
+---
+Upstream commit 878d51187bbc1ad490b4cd15e3741bc0bd11b6b2
+---
+ CMakeLists.txt | 18 ++++++++++++------
+ 1 file changed, 12 insertions(+), 6 deletions(-)
+
+diff --git a/CMakeLists.txt b/CMakeLists.txt
+index b39a3d1..5df5161 100644
+--- a/CMakeLists.txt
++++ b/CMakeLists.txt
+@@ -4,7 +4,18 @@
+ #cmake_minimum_required (VERSION 2.8.11)
+ cmake_minimum_required (VERSION 2.8)
+ 
+-project (FlatCC C CXX)
++# Disable build of tests and samples. Due to custom build step
++# dependency on flatcc tool, some custom build configurations may
++# experience issues, and this option can then help.
++option(FLATCC_TEST "enable tests" ON)
++
++# Conditionally set project languages based on FLATCC_TEST, as C++ is
++# only necessary if building the tests.
++if (FLATCC_TEST)
++    project (FlatCC C CXX)
++else()
++    project (FlatCC C)
++endif()
+ 
+ #
+ # NOTE: when changing build options, clean the build using on of:
+@@ -35,11 +46,6 @@ option(FLATCC_RTONLY "enable build of runtime library only" OFF)
+ # cmake -DBUILD_SHARED_LIBS=on can override.
+ option(FLATCC_INSTALL "enable build of runtime library only" OFF)
+ 
+-# Disable build of tests and samples. Due to custom build step
+-# dependency on flatcc tool, some custom build configurations may
+-# experience issues, and this option can then help.
+-option(FLATCC_TEST "enable tests" ON)
+-
+ # Use with debug build with testing enabled only. Enables generation
+ # of coverage information during build and run. Adds target "coverage"
+ # which collects data and makes HTML report in build directory
+-- 
+2.7.4
+

package/flatcc/0001-Remove-strncpy-gcc-8-warning-add-flatbuffers_type_ha.patch

@@ -1,138 +0,0 @@
-From c0df0b6fca4fa6bca114bba4df74f1b4e53124c0 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Mikkel=20Fahn=C3=B8e=20J=C3=B8rgensen?= <mikkel@dvide.com>
-Date: Sat, 9 Jun 2018 11:10:24 +0200
-Subject: [PATCH] Remove strncpy gcc-8 warning, add
- flatbuffers_type_hash_from_string
-
-[baruch: drop CHANGELOG hunk]
-Signed-off-by: Baruch Siach <baruch@tkos.co.il>
----
-Upstream status: commit c0df0b6fca4
-
- include/flatcc/flatcc_identifier.h            | 21 +++++++++++++++++++
- .../reflection/flatbuffers_common_reader.h    |  4 +---
- src/compiler/codegen_c_reader.c               |  4 +---
- src/runtime/json_printer.c                    |  7 +++++--
- src/runtime/verifier.c                        |  5 ++---
- 6 files changed, 32 insertions(+), 11 deletions(-)
-
-diff --git a/include/flatcc/flatcc_identifier.h b/include/flatcc/flatcc_identifier.h
-index cd918cb42b48..31af3074f4db 100644
---- a/include/flatcc/flatcc_identifier.h
-+++ b/include/flatcc/flatcc_identifier.h
-@@ -77,6 +77,27 @@ static inline flatbuffers_thash_t flatbuffers_type_hash_from_identifier(const fl
-         (uint32_t)p[0] + (((uint32_t)p[1]) << 8) + (((uint32_t)p[2]) << 16) + (((uint32_t)p[3]) << 24) : 0;
- }
- 
-+/*
-+ * Convert a null terminated string identifier like "MONS" or "X" into a
-+ * native type hash identifier, usually for comparison. This will not
-+ * work with type hash strings because they can contain null bytes.
-+ */
-+static inline flatbuffers_thash_t flatbuffers_type_hash_from_string(const char *identifier)
-+{
-+    flatbuffers_thash_t h = 0;
-+    const uint8_t *p = (const uint8_t *)identifier;
-+
-+    if (!p[0]) return h;
-+    h += p[0];
-+    if (!p[1]) return h;
-+    h += p[1] << 8;
-+    if (!p[2]) return h;
-+    h += p[2] << 16;
-+    /* No need to test for termination here. */
-+    h += p[3] << 24;
-+    return h;
-+}
-+
- /*
-  * Computes the little endian wire format of the type hash. It can be
-  * used as a file identifer argument to various flatcc buffer calls.
-diff --git a/include/flatcc/reflection/flatbuffers_common_reader.h b/include/flatcc/reflection/flatbuffers_common_reader.h
-index dee44ad653f1..9604052685f6 100644
---- a/include/flatcc/reflection/flatbuffers_common_reader.h
-+++ b/include/flatcc/reflection/flatbuffers_common_reader.h
-@@ -464,9 +464,7 @@ static inline T N ## _ ## NK (N ## _struct_t t__tmp) { return t__tmp ? &(t__tmp-
- /* If fid is null, the function returns true without testing as buffer is not expected to have any id. */
- static inline int flatbuffers_has_identifier(const void *buffer, const char *fid)
- { flatbuffers_thash_t id, id2 = 0; if (fid == 0) { return 1; };
--  strncpy((char *)&id2, fid, sizeof(id2));
--  /* Identifier strings are always considered little endian. */
--  id2 = __flatbuffers_thash_cast_from_le(id2);
-+  id2 = flatbuffers_type_hash_from_string(fid);
-   id = __flatbuffers_thash_read_from_pe(((flatbuffers_uoffset_t *)buffer) + 1);
-   return id2 == 0 || id == id2; }
- static inline int flatbuffers_has_type_hash(const void *buffer, flatbuffers_thash_t thash)
-diff --git a/src/compiler/codegen_c_reader.c b/src/compiler/codegen_c_reader.c
-index e3df74754344..559731050a15 100644
---- a/src/compiler/codegen_c_reader.c
-+++ b/src/compiler/codegen_c_reader.c
-@@ -748,9 +748,7 @@ static void gen_helpers(fb_output_t *out)
-             "/* If fid is null, the function returns true without testing as buffer is not expected to have any id. */\n"
-             "static inline int %shas_identifier(const void *buffer, const char *fid)\n"
-             "{ %sthash_t id, id2 = 0; if (fid == 0) { return 1; };\n"
--            "  strncpy((char *)&id2, fid, sizeof(id2));\n"
--            "  /* Identifier strings are always considered little endian. */\n"
--            "  id2 = __%sthash_cast_from_le(id2);\n"
-+            "  id2 = %stype_hash_from_string(fid);\n"
-             "  id = __%sthash_read_from_pe(((%suoffset_t *)buffer) + 1);\n"
-             "  return id2 == 0 || id == id2; }\n"
-             "static inline int %shas_type_hash(const void *buffer, %sthash_t thash)\n"
-diff --git a/src/runtime/json_printer.c b/src/runtime/json_printer.c
-index 8fe248331f43..bc86d21f8f9d 100644
---- a/src/runtime/json_printer.c
-+++ b/src/runtime/json_printer.c
-@@ -20,6 +20,7 @@
- 
- #include "flatcc/flatcc_flatbuffers.h"
- #include "flatcc/flatcc_json_printer.h"
-+#include "flatcc/flatcc_identifier.h"
- 
- #include "flatcc/portable/pprintint.h"
- #include "flatcc/portable/pprintfp.h"
-@@ -1008,6 +1009,9 @@ void flatcc_json_printer_struct_field(flatcc_json_printer_t *ctx,
- /*
-  * Make sure the buffer identifier is valid before assuming the rest of
-  * the buffer is sane.
-+ * NOTE: this won't work with type hashes because these can contain
-+ * nulls in the fid string. In this case use null as fid to disable
-+ * check.
-  */
- static int accept_header(flatcc_json_printer_t * ctx,
-         const void *buf, size_t bufsiz, const char *fid)
-@@ -1020,8 +1024,7 @@ static int accept_header(flatcc_json_printer_t * ctx,
-         return 0;
-     }
-     if (fid != 0) {
--        strncpy((char *)&id2, fid, FLATBUFFERS_IDENTIFIER_SIZE);
--        id2 = __flatbuffers_thash_cast_from_le(id2);
-+        id2 = flatbuffers_type_hash_from_string(fid);
-         id = __flatbuffers_thash_read_from_pe((uint8_t *)buf + offset_size);
-         if (!(id2 == 0 || id == id2)) {
-             RAISE_ERROR(bad_input);
-diff --git a/src/runtime/verifier.c b/src/runtime/verifier.c
-index 68dbc1b6fb0b..3b7c68cca4d7 100644
---- a/src/runtime/verifier.c
-+++ b/src/runtime/verifier.c
-@@ -10,6 +10,7 @@
- #include "flatcc/flatcc_rtconfig.h"
- #include "flatcc/flatcc_flatbuffers.h"
- #include "flatcc/flatcc_verifier.h"
-+#include "flatcc/flatcc_identifier.h"
- 
- /* Customization for testing. */
- #if FLATCC_DEBUG_VERIFY
-@@ -110,9 +111,7 @@ static inline uoffset_t read_uoffset(const void *p, uoffset_t base)
- 
- static inline thash_t read_thash_identifier(const char *identifier)
- {
--    flatbuffers_thash_t id = 0;
--    strncpy((char *)&id, identifier, sizeof(id));
--    return __flatbuffers_thash_cast_from_le(id);
-+    return flatbuffers_type_hash_from_string(identifier);
- }
- 
- static inline thash_t read_thash(const void *p, uoffset_t base)
--- 
-2.17.1
-

package/flatcc/flatcc.hash

@@ -1,2 +1,3 @@
 # Locally calculated
-sha256	8c4560ca32e3c555716d9363bed469e2c60e0f443ec32bc08e7abfe681e25ca9  flatcc-v0.5.1.tar.gz
+sha256	02dac93d3daf8d0a290aa8711a9b8a53f047436ec5331adb1972389061ec6615  flatcc-v0.5.2.tar.gz
+sha256	c8f0d9c1f92c658d87ebd854ee7447a3d3912d2c3a5c78c117787be5d5da8af3  LICENSE

package/flatcc/flatcc.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-FLATCC_VERSION = v0.5.1
+FLATCC_VERSION = v0.5.2
 FLATCC_SITE = $(call github,dvidelabs,flatcc,$(FLATCC_VERSION))
 FLATCC_LICENSE = Apache-2.0
 FLATCC_LICENSE_FILES = LICENSE
@@ -19,8 +19,9 @@ HOST_FLATCC_CONF_OPTS += -DFLATCC_TEST=OFF
 FLATCC_CONF_OPTS += -DFLATCC_INSTALL=ON
 HOST_FLATCC_CONF_OPTS += -DFLATCC_INSTALL=ON
 
+# compiler is named flatcc or flatcc_d depending on BR2_ENABLE_DEBUG value
 define FLATCC_TARGET_REMOVE_FLATCC_COMPILER
-	rm $(TARGET_DIR)/usr/bin/flatcc
+	rm $(TARGET_DIR)/usr/bin/flatcc*
 endef
 
 FLATCC_POST_INSTALL_TARGET_HOOKS += FLATCC_TARGET_REMOVE_FLATCC_COMPILER

package/freetype/freetype.mk

@@ -17,19 +17,6 @@ FREETYPE_CONFIG_SCRIPTS = freetype-config
 HOST_FREETYPE_DEPENDENCIES = host-pkgconf
 HOST_FREETYPE_CONF_OPTS = --without-zlib --without-bzip2 --without-png
 
-# Regen required because the tarball ships with an experimental ltmain.sh
-# that can't be patched by our infra.
-# autogen.sh is because autotools stuff lives in other directories and
-# even AUTORECONF with _OPTS doesn't do it properly.
-# POST_PATCH is because we still need to patch libtool after the regen.
-define FREETYPE_RUN_AUTOGEN
-	cd $(@D) && PATH=$(BR_PATH) ./autogen.sh
-endef
-FREETYPE_POST_PATCH_HOOKS += FREETYPE_RUN_AUTOGEN
-HOST_FREETYPE_POST_PATCH_HOOKS += FREETYPE_RUN_AUTOGEN
-FREETYPE_DEPENDENCIES += host-automake host-autoconf host-libtool
-HOST_FREETYPE_DEPENDENCIES += host-automake host-autoconf host-libtool
-
 ifeq ($(BR2_PACKAGE_ZLIB),y)
 FREETYPE_DEPENDENCIES += zlib
 FREETYPE_CONF_OPTS += --with-zlib
@@ -72,8 +59,3 @@ FREETYPE_POST_INSTALL_STAGING_HOOKS += FREETYPE_FIX_CONFIG_FILE_LIBS
 
 $(eval $(autotools-package))
 $(eval $(host-autotools-package))
-
-# freetype-patch and host-freetype-patch use autogen.sh so add
-# host-automake as a order-only-prerequisite because it is a phony
-# target.
-$(FREETYPE_TARGET_PATCH) $(HOST_FREETYPE_TARGET_PATCH): | host-automake

package/gauche/0004-rfc-needs-srfi.patch

@@ -0,0 +1,35 @@
+From 33ba5e73ec09f1308f897128334e955debd9ea43 Mon Sep 17 00:00:00 2001
+From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+Date: Wed, 21 Nov 2018 08:58:25 +0100
+Subject: [PATCH] rfc: needs srfi
+
+ext/rfc needs srfi-19 since version 0.9.5 and
+https://github.com/shirok/Gauche/commit/bd22bc82361c5eeb5d3b58c3836236566746bb96
+
+So add a dependency on srfi for rfc target in Makefile.in
+
+Fixes:
+ - http://autobuild.buildroot.org/results/f4935e29ce6aaebdaa47d46c56120b7e97145d1b
+
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+[Upstream status: https://github.com/shirok/Gauche/pull/397]
+---
+ ext/Makefile.in | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/ext/Makefile.in b/ext/Makefile.in
+index 57ddf457e..de8d59a4d 100644
+--- a/ext/Makefile.in
++++ b/ext/Makefile.in
+@@ -54,7 +54,7 @@ bcrypt: mt-random
+ 
+ dbm : threads
+ 
+-rfc: gauche util
++rfc: gauche srfi util
+ 
+ test : check
+ 
+-- 
+2.14.1
+

package/gcc/6.4.0/0004-gcc-xtensa-don-t-force-PIC-for-uclinux-target.patch

@@ -0,0 +1,41 @@
+From 960a2552f7b418134cdf7a31e96023a3811b98dd Mon Sep 17 00:00:00 2001
+From: Max Filippov <jcmvbkbc@gmail.com>
+Date: Sun, 4 Nov 2018 23:55:59 -0800
+Subject: [PATCH] gcc: xtensa: don't force PIC for uclinux target
+
+xtensa-uclinux uses bFLT executable file format that cannot relocate
+fields representing offsets from data to code. C++ objects built as PIC
+use offsets to encode FDE structures. As a result C++ exception handling
+doesn't work correctly on xtensa-uclinux. Don't use PIC by default on
+xtensa-uclinux.
+
+gcc/
+2018-11-05  Max Filippov  <jcmvbkbc@gmail.com>
+
+	* config/xtensa/uclinux.h (XTENSA_ALWAYS_PIC): Change to 0.
+
+Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
+---
+Backported from: r265823
+
+ gcc/config/xtensa/uclinux.h | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/gcc/config/xtensa/uclinux.h b/gcc/config/xtensa/uclinux.h
+index ba26187c8f7a..c7743df9d97c 100644
+--- a/gcc/config/xtensa/uclinux.h
++++ b/gcc/config/xtensa/uclinux.h
+@@ -59,8 +59,8 @@ along with GCC; see the file COPYING3.  If not see
+ #undef LOCAL_LABEL_PREFIX
+ #define LOCAL_LABEL_PREFIX	"."
+ 
+-/* Always enable "-fpic" for Xtensa Linux.  */
+-#define XTENSA_ALWAYS_PIC 1
++/* Don't enable "-fpic" for Xtensa uclinux.  */
++#define XTENSA_ALWAYS_PIC 0
+ 
+ #undef TARGET_LIBC_HAS_FUNCTION
+ #define TARGET_LIBC_HAS_FUNCTION no_c99_libc_has_function
+-- 
+2.11.0
+

package/gcc/7.3.0/0005-gcc-xtensa-don-t-force-PIC-for-uclinux-target.patch

@@ -0,0 +1,41 @@
+From 960a2552f7b418134cdf7a31e96023a3811b98dd Mon Sep 17 00:00:00 2001
+From: Max Filippov <jcmvbkbc@gmail.com>
+Date: Sun, 4 Nov 2018 23:55:59 -0800
+Subject: [PATCH] gcc: xtensa: don't force PIC for uclinux target
+
+xtensa-uclinux uses bFLT executable file format that cannot relocate
+fields representing offsets from data to code. C++ objects built as PIC
+use offsets to encode FDE structures. As a result C++ exception handling
+doesn't work correctly on xtensa-uclinux. Don't use PIC by default on
+xtensa-uclinux.
+
+gcc/
+2018-11-05  Max Filippov  <jcmvbkbc@gmail.com>
+
+	* config/xtensa/uclinux.h (XTENSA_ALWAYS_PIC): Change to 0.
+
+Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
+---
+Backported from: r265823
+
+ gcc/config/xtensa/uclinux.h | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/gcc/config/xtensa/uclinux.h b/gcc/config/xtensa/uclinux.h
+index ba26187c8f7a..c7743df9d97c 100644
+--- a/gcc/config/xtensa/uclinux.h
++++ b/gcc/config/xtensa/uclinux.h
+@@ -59,8 +59,8 @@ along with GCC; see the file COPYING3.  If not see
+ #undef LOCAL_LABEL_PREFIX
+ #define LOCAL_LABEL_PREFIX	"."
+ 
+-/* Always enable "-fpic" for Xtensa Linux.  */
+-#define XTENSA_ALWAYS_PIC 1
++/* Don't enable "-fpic" for Xtensa uclinux.  */
++#define XTENSA_ALWAYS_PIC 0
+ 
+ #undef TARGET_LIBC_HAS_FUNCTION
+ #define TARGET_LIBC_HAS_FUNCTION no_c99_libc_has_function
+-- 
+2.11.0
+

package/gcc/8.2.0/0005-gcc-xtensa-don-t-force-PIC-for-uclinux-target.patch

@@ -0,0 +1,41 @@
+From 960a2552f7b418134cdf7a31e96023a3811b98dd Mon Sep 17 00:00:00 2001
+From: Max Filippov <jcmvbkbc@gmail.com>
+Date: Sun, 4 Nov 2018 23:55:59 -0800
+Subject: [PATCH] gcc: xtensa: don't force PIC for uclinux target
+
+xtensa-uclinux uses bFLT executable file format that cannot relocate
+fields representing offsets from data to code. C++ objects built as PIC
+use offsets to encode FDE structures. As a result C++ exception handling
+doesn't work correctly on xtensa-uclinux. Don't use PIC by default on
+xtensa-uclinux.
+
+gcc/
+2018-11-05  Max Filippov  <jcmvbkbc@gmail.com>
+
+	* config/xtensa/uclinux.h (XTENSA_ALWAYS_PIC): Change to 0.
+
+Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
+---
+Backported from: r265823
+
+ gcc/config/xtensa/uclinux.h | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/gcc/config/xtensa/uclinux.h b/gcc/config/xtensa/uclinux.h
+index ba26187c8f7a..c7743df9d97c 100644
+--- a/gcc/config/xtensa/uclinux.h
++++ b/gcc/config/xtensa/uclinux.h
+@@ -59,8 +59,8 @@ along with GCC; see the file COPYING3.  If not see
+ #undef LOCAL_LABEL_PREFIX
+ #define LOCAL_LABEL_PREFIX	"."
+ 
+-/* Always enable "-fpic" for Xtensa Linux.  */
+-#define XTENSA_ALWAYS_PIC 1
++/* Don't enable "-fpic" for Xtensa uclinux.  */
++#define XTENSA_ALWAYS_PIC 0
+ 
+ #undef TARGET_LIBC_HAS_FUNCTION
+ #define TARGET_LIBC_HAS_FUNCTION no_c99_libc_has_function
+-- 
+2.11.0
+

package/gcc/Config.in.host

@@ -32,6 +32,8 @@ config BR2_GCC_VERSION_4_9_X
 	depends on !(BR2_TOOLCHAIN_USES_MUSL && (BR2_mips64 || BR2_mips64el))
 	# glibc >= 2.26 needs gcc >= 6.2
 	depends on !(BR2_TOOLCHAIN_USES_GLIBC && BR2_powerpc64le)
+	# glibc >= 2.27 needs gcc >= 5
+	depends on !(BR2_TOOLCHAIN_USES_GLIBC && (BR2_aarch64 || BR2_aarch64_be))
 	select BR2_TOOLCHAIN_GCC_AT_LEAST_4_9
 
 config BR2_GCC_VERSION_5_X

package/gcc/gcc-final/gcc-final.mk

@@ -81,6 +81,11 @@ ifeq ($(BR2_sparc),y)
 HOST_GCC_FINAL_CONF_OPTS += --disable-libcilkrts
 endif
 
+# Pthreads are required to build libcilkrts
+ifeq ($(BR2_PTHREADS_NONE),y)
+HOST_GCC_FINAL_CONF_OPTS += --disable-libcilkrts
+endif
+
 # Disable shared libs like libstdc++ if we do static since it confuses linking
 # In that case also disable libcilkrts as there is no static version
 ifeq ($(BR2_STATIC_LIBS),y)