Update for 2017.08.2

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

CHANGES

@@ -1,3 +1,72 @@
+2017.08.2, Released November 28th, 2017
+
+	Important / security related fixes.
+
+	Qt: 5.6 version updated to 5.6.3.
+
+	Reproducible: Do not override SOURCE_DATE_EPOCH if already set
+	in the environment.
+
+	Makefiles: Workaround include order issues for certain make
+	versions by explicitly sorting the result of wildcard where it
+	matters.
+
+	Updated/fixed packages: apr, apr-util, arqp-standalone,
+	azure-iot-sdk-c, collectd, dvb-apps, ffmpeg, go-bootstrap,
+	google-breakpad, gstreamer, imagemagick, irssi, jimtcl,
+	kvm-unit-test, libcurl, libfastjson, libglib2, libidn,
+	libpjsip, libplist, localedef, lttng-tools, luajit, mesa3d,
+	moarvm, mp4v2, openssh, openssl, oracle-mysql, postgresql,
+	python3, python-pyqt5, qt, qt5base, qt5canvas3d,
+	qt5connectivity, qt5declarative, qt5engineio,
+	qt5graphicaleffects, qt5imageformats, qt5location,
+	qt5multimedia, qt5quickcontrols, qt5quickcontrols2, qt5script,
+	qt5sensors, qt5serialbus, qt5serialport, qt5svg, qt5tools,
+	qt5webchannel, qt5webkit, qt5websockets, qt5x11extras,
+	qt5xmlpatterns, quagga, redis, ruby, samba4, sdl2, snmppp,
+	swupdate, ti-gfx, uboot-tools, usb_modeswitch, vboot-utils,
+	webkitgtk, wget, wireshark, xapp_xdriinfo.
+
+	Issues resolved (http://bugs.buildroot.org):
+
+	10326: mesa3d package fails to build when BR2_SHARED_STATIC_LIBS=y
+	10361: python3 python-config script generates invalid includes
+	10501: host-localedef fails to compile on Ubuntu 17.10
+
+2017.08.1, Released October 23rd, 2017
+
+	Important / security related fixes.
+
+	Webkitgtk bumped to the 2.18.x series, fixing a large number
+	of security issues.
+
+	Defconfigs: galileo: fix ext4 related kernel config, bump
+	kernel for gcc 6.x compatibility, enable wchar support for
+	grub2. wandboard: correct rootfs offset
+
+	support: Ensure gzip compression level 6 is used for git
+	tarballs. check-bin-arch: Correctly handle (ignore) symbolic
+	links. check-rpath: Also handle PIE binaries
+
+	External toolchain: Correctly handle glibc Buildroot
+	toolchains built with merged /usr
+
+	musl: fix ARMv4 build with binutils 2.27.51+, fix for
+	CVE-2017-15650
+
+	Updated/fixed packages: apache, augeas, bind, bluez5_utils,
+	busybox, bzip2, cmake, dnsmasq, ejabberd, gcc, git, go, ffmpeg, file,
+	flashrom, gd, gdk-pixbug, gnupg2, hostapd, ifupdown-scripts,
+	imagemagick, iucode-tool, kernel-module-imx-gpu-viv, lame,
+	libarchive, libcurl, libffi, libidn, libmbim, libnspr, libnss,
+	libressl, librsync, libsoup, libxml2, libzip, mbedtls, musl,
+	netplug, nginx, openvpn, pkgconf, poppler, proxychains-ng,
+	qemu, qt, rpi-userland, syslog, ruby, samba4, softether,
+	sqlite, strongswan, subversion, supertuxkart, supervisor, tcpdump,
+	tor, unrar, urq, vboot-utils, webkitgtk, wpa_supplicant, xen,
+	xmlstarlet, xlib_libXfont, xlib_libXfont2,
+	xserver_xorg-server, zsh
+
 2017.08, Released September 1st, 2017
 
 	Minor fixes.

Config.in

@@ -458,7 +458,7 @@ choice
 config BR2_OPTIMIZE_0
 	bool "optimization level 0"
 	help
-	  Do not optimize. This is the default.
+	  Do not optimize.
 
 config BR2_OPTIMIZE_1
 	bool "optimization level 1"
@@ -525,6 +525,7 @@ config BR2_OPTIMIZE_S
 	  -falign-loops -falign-labels -freorder-blocks
 	  -freorder-blocks-and-partition -fprefetch-loop-arrays
 	  -ftree-vect-loop-version
+	  This is the default.
 
 endchoice
 
@@ -538,6 +539,7 @@ config BR2_GOOGLE_BREAKPAD_ENABLE
 	depends on BR2_TOOLCHAIN_HAS_THREADS
 	depends on (BR2_TOOLCHAIN_USES_GLIBC || BR2_TOOLCHAIN_USES_UCLIBC)
 	depends on BR2_PACKAGE_GOOGLE_BREAKPAD_ARCH_SUPPORTS
+	depends on BR2_PACKAGE_HOST_GOOGLE_BREAKPAD_ARCH_SUPPORTS
 	help
 	  This option will enable the use of google breakpad, a library
 	  and tool suite that allows you to distribute an application to

Makefile

@@ -87,9 +87,9 @@ all:
 .PHONY: all
 
 # Set and export the version string
-export BR2_VERSION := 2017.08
+export BR2_VERSION := 2017.08.2
 # Actual time the release is cut (for reproducible builds)
-BR2_VERSION_EPOCH = 1504300000
+BR2_VERSION_EPOCH = 1511938000
 
 # Save running make version since it's clobbered by the make package
 RUNNING_MAKE_VERSION := $(MAKE_VERSION)
@@ -254,7 +254,7 @@ export LANG = C
 export LC_ALL = C
 export GZIP = -n
 BR2_VERSION_GIT_EPOCH = $(shell GIT_DIR=$(TOPDIR)/.git $(GIT) log -1 --format=%at)
-export SOURCE_DATE_EPOCH = $(if $(wildcard $(TOPDIR)/.git),$(BR2_VERSION_GIT_EPOCH),$(BR2_VERSION_EPOCH))
+export SOURCE_DATE_EPOCH ?= $(if $(wildcard $(TOPDIR)/.git),$(BR2_VERSION_GIT_EPOCH),$(BR2_VERSION_EPOCH))
 DEPENDENCIES_HOST_PREREQ += host-fakedate
 endif
 
@@ -483,11 +483,13 @@ include system/system.mk
 include package/Makefile.in
 # arch/arch.mk.* must be after package/Makefile.in because it may need to
 # complement variables defined therein, like BR_NO_CHECK_HASH_FOR.
--include $(wildcard arch/arch.mk.*)
+-include $(sort $(wildcard arch/arch.mk.*))
 include support/dependencies/dependencies.mk
 
-include toolchain/*.mk
-include toolchain/*/*.mk
+PACKAGES += $(DEPENDENCIES_HOST_PREREQ)
+
+include $(sort $(wildcard toolchain/*.mk))
+include $(sort $(wildcard toolchain/*/*.mk))
 
 # Include the package override file if one has been provided in the
 # configuration.
@@ -542,7 +544,7 @@ endif
 
 .PHONY: dirs
 dirs: $(BUILD_DIR) $(STAGING_DIR) $(TARGET_DIR) \
-	$(HOST_DIR) $(HOST_DIR)/usr $(BINARIES_DIR)
+	$(HOST_DIR) $(HOST_DIR)/usr $(HOST_DIR)/lib $(BINARIES_DIR)
 
 $(BUILD_DIR)/buildroot-config/auto.conf: $(BR2_CONFIG)
 	$(MAKE1) $(EXTRAMAKEARGS) HOSTCC="$(HOSTCC_NOCCACHE)" HOSTCXX="$(HOSTCXX_NOCCACHE)" silentoldconfig
@@ -565,6 +567,13 @@ sdk: world
 $(HOST_DIR)/usr: $(HOST_DIR)
 	@ln -snf . $@
 
+$(HOST_DIR)/lib: $(HOST_DIR)
+	@mkdir -p $@
+	@case $(HOSTARCH) in \
+		(*64) ln -snf lib $(@D)/lib64;; \
+		(*)   ln -snf lib $(@D)/lib32;; \
+	esac
+
 # Populating the staging with the base directories is handled by the skeleton package
 $(STAGING_DIR):
 	@mkdir -p $(STAGING_DIR)
@@ -1100,7 +1109,7 @@ print-version:
 	./support/testing/run-tests -l 2>&1 | sed -r -e '/^test_run \((.*)\).*/!d; s//\1: *runtime_test/' | LC_ALL=C sort >> $@
 
 include docs/manual/manual.mk
--include $(foreach dir,$(BR2_EXTERNAL_DIRS),$(dir)/docs/*/*.mk)
+-include $(foreach dir,$(BR2_EXTERNAL_DIRS),$(sort $(wildcard $(dir)/docs/*/*.mk)))
 
 .PHONY: $(noconfig_targets)
 

board/intel/galileo/linux-3.14.config

@@ -28,7 +28,7 @@ CONFIG_EMBEDDED=y
 CONFIG_JUMP_LABEL=y
 CONFIG_MODULES=y
 CONFIG_MODULE_UNLOAD=y
-# CONFIG_LBDAF is not set
+CONFIG_LBDAF=y
 CONFIG_PARTITION_ADVANCED=y
 CONFIG_BSD_DISKLABEL=y
 # CONFIG_ZONE_DMA is not set

board/wandboard/genimage.cfg

@@ -26,6 +26,7 @@ image sdcard.img {
   partition rootfs {
     partition-type = 0x83
     image = "rootfs.ext4"
+    offset = 1M
     size = 512M
   }
 }

configs/galileo_defconfig

@@ -1,4 +1,6 @@
 BR2_x86_x1000=y
+# Needed for TARGET_GRUB2
+BR2_TOOLCHAIN_BUILDROOT_WCHAR=y
 # Linux headers same as kernel, a 3.14 series
 BR2_PACKAGE_HOST_LINUX_HEADERS_CUSTOM_3_14=y
 BR2_ROOTFS_DEVICE_CREATION_DYNAMIC_MDEV=y
@@ -10,7 +12,7 @@ BR2_ROOTFS_POST_IMAGE_SCRIPT="board/intel/galileo/post-image.sh"
 BR2_LINUX_KERNEL=y
 BR2_LINUX_KERNEL_CUSTOM_GIT=y
 BR2_LINUX_KERNEL_CUSTOM_REPO_URL="https://github.com/mdr78/Linux-x1000.git"
-BR2_LINUX_KERNEL_CUSTOM_REPO_VERSION="0feded4f96ddca9816c6c1b8a4780cb4065747b9"
+BR2_LINUX_KERNEL_CUSTOM_REPO_VERSION="8b3c9d8ce1656a26b1097d9091d53bfb39fef640"
 BR2_LINUX_KERNEL_USE_CUSTOM_CONFIG=y
 BR2_LINUX_KERNEL_CUSTOM_CONFIG_FILE="board/intel/galileo/linux-3.14.config"
 BR2_LINUX_KERNEL_INSTALL_TARGET=y

configs/minnowboard_max-graphical_defconfig

@@ -6,6 +6,8 @@ BR2_x86_atom=y
 BR2_PACKAGE_HOST_LINUX_HEADERS_CUSTOM_4_12=y
 BR2_TOOLCHAIN_BUILDROOT_LOCALE=y
 BR2_TOOLCHAIN_BUILDROOT_CXX=y
+# needed for TARGET_GRUB2
+BR2_TOOLCHAIN_BUILDROOT_WCHAR=y
 
 # System configuration
 BR2_ROOTFS_DEVICE_CREATION_DYNAMIC_EUDEV=y

docs/manual/customize-outside-br.txt

@@ -199,7 +199,7 @@ and to the kernel configuration file as follows (e.g. by running
 ----
 BR2_GLOBAL_PATCH_DIR=$(BR2_EXTERNAL_BAR_42_PATH)/patches/
 BR2_ROOTFS_OVERLAY=$(BR2_EXTERNAL_BAR_42_PATH)/board/<boardname>/overlay/
-BR2_LINUX_KERNEL_CUSTOM_CONFIG_FILE=$(BR2_EXTERNAL_BAR_42_FOO)/board/<boardname>/kernel.config
+BR2_LINUX_KERNEL_CUSTOM_CONFIG_FILE=$(BR2_EXTERNAL_BAR_42_PATH)/board/<boardname>/kernel.config
 ----
 
 ===== Example layout
@@ -263,7 +263,7 @@ illustration, of course):
   |     |BR2_GLOBAL_PATCH_DIR="$(BR2_EXTERNAL_BAR_42_PATH)/patches/"
   |     |BR2_ROOTFS_OVERLAY="$(BR2_EXTERNAL_BAR_42_PATH)/board/my-board/overlay/"
   |     |BR2_ROOTFS_POST_IMAGE_SCRIPT="$(BR2_EXTERNAL_BAR_42_PATH)/board/my-board/post-image.sh"
-  |     |BR2_LINUX_KERNEL_CUSTOM_CONFIG_FILE="$(BR2_EXTERNAL_BAR_42_FOO)/board/my-board/kernel.config"
+  |     |BR2_LINUX_KERNEL_CUSTOM_CONFIG_FILE="$(BR2_EXTERNAL_BAR_42_PATH)/board/my-board/kernel.config"
   |     `----
   |
   |- patches/linux/0001-some-change.patch

docs/manual/patch-policy.txt

@@ -19,9 +19,14 @@ global patch directory.
 ==== Downloaded
 
 If it is necessary to apply a patch that is available for download, then add it
-to the +<packagename>_PATCH+ variable. It is downloaded from the same site
-as the package itself. It can be a single patch, or a tarball containing a
-patch series.
+to the +<packagename>_PATCH+ variable. If an entry contains +://+,
+then Buildroot will assume it is a full URL and download the patch
+from this location. Otherwise, Buildroot will assume that the patch should be
+downloaded from +<packagename>_SITE+. It can be a single patch,
+or a tarball containing a patch series.
+
+Like for all downloads, a hash should be added to the +<packagename>.hash+
+file.
 
 This method is typically used for packages from Debian.
 

docs/manual/using-buildroot-development.txt

@@ -50,11 +50,11 @@ BUSYBOX_OVERRIDE_SRCDIR = /home/bob/busybox/
 When Buildroot finds that for a given package, an
 +<pkg>_OVERRIDE_SRCDIR+ has been defined, it will no longer attempt to
 download, extract and patch the package. Instead, it will directly use
-the source code available in in the specified directory and +make
-clean+ will not touch this directory. This allows to point Buildroot
-to your own directories, that can be managed by Git, Subversion, or
-any other version control system. To achieve this, Buildroot will use
-_rsync_ to copy the source code of the component from the specified
+the source code available in the specified directory and +make clean+
+will not touch this directory. This allows to point Buildroot to your
+own directories, that can be managed by Git, Subversion, or any other
+version control system. To achieve this, Buildroot will use _rsync_ to
+copy the source code of the component from the specified
 +<pkg>_OVERRIDE_SRCDIR+ to +output/build/<package>-custom/+.
 
 This mechanism is best used in conjunction with the +make

fs/common.mk

@@ -96,13 +96,13 @@ endif
 		echo "echo '$$(TERM_BOLD)>>>   Executing fakeroot script $$(s)$$(TERM_RESET)'" >> $$(FAKEROOT_SCRIPT); \
 		echo $$(s) $$(TARGET_DIR) $$(BR2_ROOTFS_POST_SCRIPT_ARGS) >> $$(FAKEROOT_SCRIPT)$$(sep))
 	$$(foreach hook,$$(ROOTFS_PRE_CMD_HOOKS),\
-		$$(call PRINTF,$$($$(hook))) >> $$(FAKEROOT_SCRIPT))
+		$$(call PRINTF,$$($$(hook))) >> $$(FAKEROOT_SCRIPT)$$(sep))
 ifeq ($$(BR2_REPRODUCIBLE),y)
 	echo "find $$(TARGET_DIR) -print0 | xargs -0 -r touch -hd @$$(SOURCE_DATE_EPOCH)" >> $$(FAKEROOT_SCRIPT)
 endif
 	$$(call PRINTF,$$(ROOTFS_$(2)_CMD)) >> $$(FAKEROOT_SCRIPT)
 	$$(foreach hook,$$(ROOTFS_POST_CMD_HOOKS),\
-		$$(call PRINTF,$$($$(hook))) >> $$(FAKEROOT_SCRIPT))
+		$$(call PRINTF,$$($$(hook))) >> $$(FAKEROOT_SCRIPT)$$(sep))
 	chmod a+x $$(FAKEROOT_SCRIPT)
 	PATH=$$(BR_PATH) $$(HOST_DIR)/bin/fakeroot -- $$(FAKEROOT_SCRIPT)
 	$$(INSTALL) -m 0644 support/misc/target-dir-warning.txt $$(TARGET_DIR_WARNING_FILE)

linux/Config.in

@@ -29,7 +29,7 @@ config BR2_LINUX_KERNEL_LATEST_VERSION
 	bool "Latest version (4.12.10)"
 
 config BR2_LINUX_KERNEL_LATEST_CIP_VERSION
-	bool "Latest CIP SLTS version (v4.4.75-cip6)"
+	bool "Latest CIP SLTS version (v4.4.83-cip8)"
 	help
 	  CIP launched in the spring of 2016 to address the needs of
 	  organizations in industries such as power generation and
@@ -117,7 +117,7 @@ endif
 config BR2_LINUX_KERNEL_VERSION
 	string
 	default "4.12.10" if BR2_LINUX_KERNEL_LATEST_VERSION
-	default "v4.4.75-cip6" if BR2_LINUX_KERNEL_LATEST_CIP_VERSION
+	default "v4.4.83-cip8" if BR2_LINUX_KERNEL_LATEST_CIP_VERSION
 	default BR2_LINUX_KERNEL_CUSTOM_VERSION_VALUE \
 		if BR2_LINUX_KERNEL_CUSTOM_VERSION
 	default "custom" if BR2_LINUX_KERNEL_CUSTOM_TARBALL

package/Config.in.host

@@ -17,6 +17,8 @@ menu "Host utilities"
 	source "package/genimage/Config.in.host"
 	source "package/genpart/Config.in.host"
 	source "package/go/Config.in.host"
+	source "package/go-bootstrap/Config.in.host"
+	source "package/google-breakpad/Config.in.host"
 	source "package/gptfdisk/Config.in.host"
 	source "package/imx-usb-loader/Config.in.host"
 	source "package/jq/Config.in.host"

package/apache/0003-CVS-2017-9798.patch

@@ -0,0 +1,30 @@
+core: Disallow Methods' registration at run time (.htaccess), they may
+be used only if registered at init time (httpd.conf).
+
+Calling ap_method_register() in children processes is not the right scope
+since it won't be shared for all requests.
+
+git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1807655 13f79535-47bb-0310-9956-ffa450edef68
+
+Fixes CVE-2017-9798: https://nvd.nist.gov/vuln/detail/CVE-2017-9798
+
+Downloaded from upstream repo:
+https://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/server/core.c?r1=1805223&r2=1807754&pathrev=1807754&view=patch
+
+Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
+
+--- a/server/core.c	2017/08/16 16:50:29	1805223
++++ b/server/core.c	2017/09/08 13:13:11	1807754
+@@ -2266,6 +2266,12 @@
+             /* method has not been registered yet, but resource restriction
+              * is always checked before method handling, so register it.
+              */
++            if (cmd->pool == cmd->temp_pool) {
++                /* In .htaccess, we can't globally register new methods. */
++                return apr_psprintf(cmd->pool, "Could not register method '%s' "
++                                   "for %s from .htaccess configuration",
++                                    method, cmd->cmd->name);
++            }
+             methnum = ap_method_register(cmd->pool,
+                                          apr_pstrdup(cmd->pool, method));
+         }

package/apr-util/apr-util.hash

@@ -1,2 +1,4 @@
-# From http://archive.apache.org/dist/apr/apr-util-1.5.4.tar.gz.sha1
-sha1	72cc3ac693b52fb831063d5c0de18723bc8e0095	apr-util-1.5.4.tar.gz
+# From http://www.apache.org/dist/apr/apr-util-1.6.1.tar.bz2.sha256
+sha256	d3e12f7b6ad12687572a3a39475545a072608f4ba03a6ce8a3778f607dd0035b	apr-util-1.6.1.tar.bz2
+# Locally calculated
+sha256	ef5609d18601645ad6fe22c6c122094be40e976725c1d0490778abacc836e7a2	LICENSE

package/apr-util/apr-util.mk

@@ -4,7 +4,8 @@
 #
 ################################################################################
 
-APR_UTIL_VERSION = 1.5.4
+APR_UTIL_VERSION = 1.6.1
+APR_UTIL_SOURCE = apr-util-$(APR_UTIL_VERSION).tar.bz2
 APR_UTIL_SITE = http://archive.apache.org/dist/apr
 APR_UTIL_LICENSE = Apache-2.0
 APR_UTIL_LICENSE_FILES = LICENSE

package/apr/apr.hash

@@ -1,2 +1,4 @@
-# From http://archive.apache.org/dist/apr/apr-1.6.2.tar.bz2.sha1
-sha1 01b0d4faa0194825e8e525b9ac7ccfb832471d50  apr-1.6.2.tar.bz2
+# From http://www.apache.org/dist/apr/apr-1.6.3.tar.bz2.sha256
+sha256 131f06d16d7aabd097fa992a33eec2b6af3962f93e6d570a9bd4d85e95993172  apr-1.6.3.tar.bz2
+# Locally calculated
+sha256 f854aeef66ecd55a126226e82b3f26793fc3b1c584647f6a0edc5639974c38ad  LICENSE

package/apr/apr.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-APR_VERSION = 1.6.2
+APR_VERSION = 1.6.3
 APR_SOURCE = apr-$(APR_VERSION).tar.bz2
 APR_SITE = http://archive.apache.org/dist/apr
 APR_LICENSE = Apache-2.0

package/argp-standalone/0003-fix_build_with_c99_compilers.patch

@@ -66,15 +66,3 @@ index e797b11..828f435 100644
  
  /* Internal routines.  */
  extern void _argp_fmtstream_update (argp_fmtstream_t __fs);
-@@ -216,7 +220,11 @@
- #endif
- 
- #ifndef ARGP_FS_EI
-+#if defined(__GNUC__) && !defined(__GNUC_STDC_INLINE__)
- #define ARGP_FS_EI extern inline
-+#else
-+#define ARGP_FS_EI inline
-+#endif
- #endif
- 
- ARGP_FS_EI size_t

package/argp-standalone/argp-standalone.mk

@@ -10,7 +10,7 @@ ARGP_STANDALONE_INSTALL_STAGING = YES
 ARGP_STANDALONE_LICENSE = LGPL-2.0+
 
 ARGP_STANDALONE_CONF_ENV = \
-	CFLAGS="$(TARGET_CFLAGS) -fPIC"
+	CFLAGS="$(TARGET_CFLAGS) -fPIC -fgnu89-inline"
 
 define ARGP_STANDALONE_INSTALL_STAGING_CMDS
 	$(INSTALL) -D $(@D)/libargp.a $(STAGING_DIR)/usr/lib/libargp.a

package/augeas/augeas.hash

@@ -1,2 +1,2 @@
 # Locally calculated
-sha256  515ce904138d99ff51d45ba7ed0d809bdee6c42d3bc538c8c820e010392d4cc5  augeas-1.8.0.tar.gz
+sha256  65cf75b5a573fee2a5c6c6e3c95cad05f0101e70d3f9db10d53f6cc5b11bc9f9  augeas-1.8.1.tar.gz

package/augeas/augeas.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-AUGEAS_VERSION = 1.8.0
+AUGEAS_VERSION = 1.8.1
 AUGEAS_SITE = http://download.augeas.net
 AUGEAS_INSTALL_STAGING = YES
 AUGEAS_LICENSE = LGPL-2.1+

package/azure-iot-sdk-c/Config.in

@@ -11,7 +11,7 @@ config BR2_PACKAGE_AZURE_IOT_SDK_C
 	  Microsoft Azure IoT Hub device SDK for C is used
 	  to connect devices running C code to Azure IoT Hub.
 
-	  https://docs.microsoft.com/nl-nl/azure/iot-hub/iot-hub-device-sdk-c-intro
+	  https://github.com/Azure/azure-iot-sdk-c
 
 comment "azure-iot-sdk-c needs a toolchain w/ C++ and NPTL"
 	depends on !BR2_INSTALL_LIBSTDCPP || !BR2_TOOLCHAIN_HAS_THREADS_NPTL

package/bind/bind.hash

@@ -1,3 +1,3 @@
-# Verified from http://ftp.isc.org/isc/bind9/9.11.1-P3/bind-9.11.1-P3.tar.gz.sha256.asc
-sha256 52426e75432e46996dc90f24fca027805a341c38fbbb022b60dc9acd2677ccf4 bind-9.11.1-P3.tar.gz
+# Verified from http://ftp.isc.org/isc/bind9/9.11.2/bind-9.11.2.tar.gz.sha256.asc
+sha256 7f46ad8620f7c3b0ac375d7a5211b15677708fda84ce25d7aeb7222fe2e3c77a bind-9.11.2.tar.gz
 sha256 d3906dfe153e2c48440d3ca1d5319f5e89b4b820cdfc5d0779c23d7ac2b175e9 COPYRIGHT

package/bind/bind.mk

@@ -4,8 +4,8 @@
 #
 ################################################################################
 
-BIND_VERSION = 9.11.1-P3
-BIND_SITE = ftp://ftp.isc.org/isc/bind9/$(BIND_VERSION)
+BIND_VERSION = 9.11.2
+BIND_SITE = http://ftp.isc.org/isc/bind9/$(BIND_VERSION)
 # bind does not support parallel builds.
 BIND_MAKE = $(MAKE1)
 BIND_INSTALL_STAGING = YES

package/bluez5_utils/bluez5_utils.hash

@@ -1,2 +1,2 @@
 # From https://www.kernel.org/pub/linux/bluetooth/sha256sums.asc:
-sha256 ddab3d3837c1afb8ae228a94ba17709a4650bd4db24211b6771ab735c8908e28  bluez-5.46.tar.xz
+sha256 cf75bf7cd5d564f21cc4a2bd01d5c39ce425397335fd47d9bbe43af0a58342c8  bluez-5.47.tar.xz

package/bluez5_utils/bluez5_utils.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-BLUEZ5_UTILS_VERSION = 5.46
+BLUEZ5_UTILS_VERSION = 5.47
 BLUEZ5_UTILS_SOURCE = bluez-$(BLUEZ5_UTILS_VERSION).tar.xz
 BLUEZ5_UTILS_SITE = $(BR2_KERNEL_MIRROR)/linux/bluetooth
 BLUEZ5_UTILS_INSTALL_STAGING = YES

package/busybox/0005-httpd-fix-handling-of-range-requests.patch

@@ -0,0 +1,27 @@
+From 2b400d9b2b7309d6e479102fc3ce646e893058a5 Mon Sep 17 00:00:00 2001
+From: Denys Vlasenko <vda.linux@googlemail.com>
+Date: Mon, 18 Sep 2017 13:09:11 +0200
+Subject: [PATCH] httpd: fix handling of range requests
+
+Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+---
+ networking/httpd.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/networking/httpd.c b/networking/httpd.c
+index e072f23c7..5e32fc936 100644
+--- a/networking/httpd.c
++++ b/networking/httpd.c
+@@ -2337,7 +2337,7 @@ static void handle_incoming_and_exit(const len_and_sockaddr *fromAddr)
+ 			if (STRNCASECMP(iobuf, "Range:") == 0) {
+ 				/* We know only bytes=NNN-[MMM] */
+ 				char *s = skip_whitespace(iobuf + sizeof("Range:")-1);
+-				if (is_prefixed_with(s, "bytes=") == 0) {
++				if (is_prefixed_with(s, "bytes=")) {
+ 					s += sizeof("bytes=")-1;
+ 					range_start = BB_STRTOOFF(s, &s, 10);
+ 					if (s[0] != '-' || range_start < 0) {
+-- 
+2.11.0
+

package/busybox/busybox.hash

@@ -1,3 +1,3 @@
-# From https://busybox.net/downloads/busybox-1.27.1.tar.bz2.sign
-md5	df7e45d07634c54ca16b9191635db9c6	busybox-1.27.1.tar.bz2
-sha1	a154f70a10fe39062b6fb00eaff5baf39db535ec	busybox-1.27.1.tar.bz2
+# From https://busybox.net/downloads/busybox-1.27.2.tar.bz2.sign
+md5	476186f4bab81781dab2369bfd42734e	busybox-1.27.2.tar.bz2
+sha1	11669e223cc38de646ce26080e91ca29b8d42ad9	busybox-1.27.2.tar.bz2

package/busybox/busybox.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-BUSYBOX_VERSION = 1.27.1
+BUSYBOX_VERSION = 1.27.2
 BUSYBOX_SITE = http://www.busybox.net/downloads
 BUSYBOX_SOURCE = busybox-$(BUSYBOX_VERSION).tar.bz2
 BUSYBOX_LICENSE = GPL-2.0

package/bzip2/bzip2.mk

@@ -12,13 +12,13 @@ BZIP2_LICENSE_FILES = LICENSE
 
 ifeq ($(BR2_STATIC_LIBS),)
 define BZIP2_BUILD_SHARED_CMDS
-	$(TARGET_MAKE_ENV)
+	$(TARGET_MAKE_ENV) \
 		$(MAKE) -C $(@D) -f Makefile-libbz2_so $(TARGET_CONFIGURE_OPTS)
 endef
 endif
 
 define BZIP2_BUILD_CMDS
-	$(TARGET_MAKE_ENV)
+	$(TARGET_MAKE_ENV) \
 		$(MAKE) -C $(@D) libbz2.a bzip2 bzip2recover $(TARGET_CONFIGURE_OPTS)
 	$(BZIP2_BUILD_SHARED_CMDS)
 endef

package/cmake/cmake.mk

@@ -46,6 +46,7 @@ define HOST_CMAKE_CONFIGURE_CMDS
 			-DCMAKE_C_FLAGS="$(HOST_CMAKE_CFLAGS)" \
 			-DCMAKE_CXX_FLAGS="$(HOST_CMAKE_CXXFLAGS)" \
 			-DCMAKE_EXE_LINKER_FLAGS="$(HOST_LDFLAGS)" \
+			-DCMAKE_USE_OPENSSL:BOOL=OFF \
 			-DBUILD_CursesDialog=OFF \
 	)
 endef

package/collectd/collectd.mk

@@ -24,9 +24,23 @@ COLLECTD_PLUGINS_DISABLE = \
 
 COLLECTD_CONF_ENV += LIBS="-lm"
 
+#
+# NOTE: There's also a third availible setting "intswap", which might
+# be needed on some old ARM hardware (see [2]), but is not being
+# accounted for as per discussion [1]
+#
+# [1] http://lists.busybox.net/pipermail/buildroot/2017-November/206100.html
+# [2] http://lists.busybox.net/pipermail/buildroot/2017-November/206251.html
+#
+ifeq ($(BR2_ENDIAN),"BIG")
+COLLECTD_FP_LAYOUT=endianflip
+else
+COLLECTD_FP_LAYOUT=nothing
+endif
+
 COLLECTD_CONF_OPTS += \
 	--with-nan-emulation \
-	--with-fp-layout=nothing \
+	--with-fp-layout=$(COLLECTD_FP_LAYOUT) \
 	--with-perl-bindings=no \
 	$(foreach p, $(COLLECTD_PLUGINS_DISABLE), --disable-$(p)) \
 	$(if $(BR2_PACKAGE_COLLECTD_AGGREGATION),--enable-aggregation,--disable-aggregation) \

package/dnsmasq/dnsmasq.hash

@@ -1,2 +1,6 @@
 # Locally calculated after checking pgp signature
-sha256	4b92698dee19ca0cb2a8f2e48f1d2dffd01a21eb15d1fbed4cf085630c8c9f96	dnsmasq-2.76.tar.xz
+# http://www.thekelleys.org.uk/dnsmasq/dnsmasq-2.78.tar.xz.asc
+sha256	89949f438c74b0c7543f06689c319484bd126cc4b1f8c745c742ab397681252b	dnsmasq-2.78.tar.xz
+# Locally calculated
+sha256	dcc100d4161cc0b7177545ab6e47216f84857cda3843847c792a25289852dcaa	COPYING
+sha256	8ceb4b9ee5adedde47b31e975c1d90c73ad27b6b165a1dcd80c7c545eb65b903	COPYING-v3

package/dnsmasq/dnsmasq.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-DNSMASQ_VERSION = 2.76
+DNSMASQ_VERSION = 2.78
 DNSMASQ_SOURCE = dnsmasq-$(DNSMASQ_VERSION).tar.xz
 DNSMASQ_SITE = http://thekelleys.org.uk/dnsmasq
 DNSMASQ_MAKE_ENV = $(TARGET_MAKE_ENV) CC="$(TARGET_CC)"
@@ -58,7 +58,7 @@ DNSMASQ_MAKE_OPTS += LIBS+="-ldl"
 endif
 
 define DNSMASQ_ENABLE_LUA
-	$(SED) 's/lua5.1/lua/g' $(DNSMASQ_DIR)/Makefile
+	$(SED) 's/lua5.2/lua/g' $(DNSMASQ_DIR)/Makefile
 	$(SED) 's^.*#define HAVE_LUASCRIPT.*^#define HAVE_LUASCRIPT^' \
 		$(DNSMASQ_DIR)/src/config.h
 endef

package/dvb-apps/dvb-apps.mk

@@ -15,6 +15,8 @@ DVB_APPS_DEPENDENCIES = libiconv
 DVB_APPS_LDLIBS += -liconv
 endif
 
+DVB_APPS_MAKE_OPTS = PERL5LIB=$(@D)/util/scan
+
 ifeq ($(BR2_STATIC_LIBS),y)
 DVB_APPS_MAKE_OPTS += enable_shared=no
 else ifeq ($(BR2_SHARED_LIBS),y)
@@ -25,7 +27,7 @@ DVB_APPS_INSTALL_STAGING = YES
 
 define DVB_APPS_BUILD_CMDS
 	$(TARGET_CONFIGURE_OPTS) LDLIBS="$(DVB_APPS_LDLIBS)" \
-		$(MAKE) -C $(@D) CROSS_ROOT=$(STAGING_DIR) \
+		$(MAKE1) -C $(@D) CROSS_ROOT=$(STAGING_DIR) \
 		$(DVB_APPS_MAKE_OPTS)
 endef
 

package/ejabberd/ejabberd.mk

@@ -36,9 +36,9 @@ define EJABBERD_INSTALL_TARGET_CMDS
 	$(TARGET_MAKE_ENV) $(MAKE) DESTDIR=$(TARGET_DIR) install -C $(@D)
 endef
 
-# Delete HOST_DIR prefix from ERL path in ejabberctl script.
+# Replace HOST_DIR prefix to /usr in ERL path of ejabberctl script.
 define EJABBERD_FIX_EJABBERDCTL
-	$(SED) 's,ERL=$(HOST_DIR),ERL=,' '$(TARGET_DIR)/usr/sbin/ejabberdctl'
+	$(SED) 's,ERL=$(HOST_DIR),ERL=/usr,' '$(TARGET_DIR)/usr/sbin/ejabberdctl'
 endef
 
 EJABBERD_POST_INSTALL_TARGET_HOOKS += EJABBERD_FIX_EJABBERDCTL

package/ffmpeg/ffmpeg.hash

@@ -1,2 +1,2 @@
 # Locally calculated
-sha256 d2a9002cdc6b533b59728827186c044ad02ba64841f1b7cd6c21779875453a1e  ffmpeg-3.3.3.tar.xz
+sha256 98b97e1b908dfeb6aeb6d407e5a5eacdfc253a40c2d195f5867ed2d1d46ea957  ffmpeg-3.3.4.tar.xz

package/ffmpeg/ffmpeg.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-FFMPEG_VERSION = 3.3.3
+FFMPEG_VERSION = 3.3.4
 FFMPEG_SOURCE = ffmpeg-$(FFMPEG_VERSION).tar.xz
 FFMPEG_SITE = http://ffmpeg.org/releases
 FFMPEG_INSTALL_STAGING = YES

package/file/file.hash

@@ -1,2 +1,2 @@
 # Locally calculated
-sha256 09c588dac9cff4baa054f51a36141793bcf64926edc909594111ceae60fce4ee  file-5.31.tar.gz
+sha256 8639dc4d1b21e232285cd483604afc4a6ee810710e00e579dbe9591681722b50  file-5.32.tar.gz

package/file/file.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-FILE_VERSION = 5.31
+FILE_VERSION = 5.32
 FILE_SITE = ftp://ftp.astron.com/pub/file
 FILE_DEPENDENCIES = host-file zlib
 HOST_FILE_DEPENDENCIES = host-zlib

package/flashrom/flashrom.mk

@@ -12,7 +12,8 @@ FLASHROM_LICENSE = GPL-2.0+
 FLASHROM_LICENSE_FILES = COPYING
 
 define FLASHROM_BUILD_CMDS
-	$(TARGET_MAKE_ENV) $(MAKE) $(TARGET_CONFIGURE_OPTS) -C $(@D)
+	$(TARGET_MAKE_ENV) $(MAKE) $(TARGET_CONFIGURE_OPTS) \
+		CFLAGS="$(TARGET_CFLAGS) -DHAVE_STRNLEN" -C $(@D)
 endef
 
 define FLASHROM_INSTALL_TARGET_CMDS

package/freescale-imx/kernel-module-imx-gpu-viv/kernel-module-imx-gpu-viv.hash

@@ -1,2 +1,2 @@
 # locally computed
-sha256	0d45472a967d747bc1948b0332f77c8cd9f6ec1620b0922e82ca5ddd053b40ea  kernel-module-imx-gpu-viv-a05d9b23b9902f6ce87d23772de2fdb2ecfb37a7.tar.gz
+sha256	f18b826fd25328adf6b4405f48fdf0eaaddc77bb79c0dee76cd8c28aa8ffc078  kernel-module-imx-gpu-viv-a05d9b23b9902f6ce87d23772de2fdb2ecfb37a7.tar.gz

package/gcc/4.9.4/875-xtensa-fix-PR-target-82181.patch

@@ -0,0 +1,31 @@
+From 8dd3af97bb6ccb3dfd6cbe20c5a28ce80fcd0de7 Mon Sep 17 00:00:00 2001
+From: jcmvbkbc <jcmvbkbc@138bc75d-0d04-0410-961f-82ee72b054a4>
+Date: Mon, 11 Sep 2017 21:53:38 +0000
+Subject: [PATCH] xtensa: fix PR target/82181
+
+2017-09-11  Max Filippov  <jcmvbkbc@gmail.com>
+gcc/
+	Backport from mainline
+	* config/xtensa/xtensa.c (xtensa_mem_offset): Check that both
+	words of DImode object are reachable by xtensa_uimm8x4 access.
+
+Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
+---
+ gcc/config/xtensa/xtensa.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/gcc/config/xtensa/xtensa.c b/gcc/config/xtensa/xtensa.c
+index 3c0096113775..3eb4db85b971 100644
+--- a/gcc/config/xtensa/xtensa.c
++++ b/gcc/config/xtensa/xtensa.c
+@@ -612,6 +612,7 @@ xtensa_mem_offset (unsigned v, enum machine_mode mode)
+     case HImode:
+       return xtensa_uimm8x2 (v);
+ 
++    case DImode:
+     case DFmode:
+       return (xtensa_uimm8x4 (v) && xtensa_uimm8x4 (v + 4));
+ 
+-- 
+2.1.4
+

package/gcc/5.4.0/877-xtensa-fix-PR-target-82181.patch

@@ -0,0 +1,31 @@
+From 136e0f6b0c0acbe547894c6f8c855e3246c558b4 Mon Sep 17 00:00:00 2001
+From: jcmvbkbc <jcmvbkbc@138bc75d-0d04-0410-961f-82ee72b054a4>
+Date: Mon, 11 Sep 2017 21:53:38 +0000
+Subject: [PATCH] xtensa: fix PR target/82181
+
+2017-09-11  Max Filippov  <jcmvbkbc@gmail.com>
+gcc/
+	Backport from mainline
+	* config/xtensa/xtensa.c (xtensa_mem_offset): Check that both
+	words of DImode object are reachable by xtensa_uimm8x4 access.
+
+Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
+---
+ gcc/config/xtensa/xtensa.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/gcc/config/xtensa/xtensa.c b/gcc/config/xtensa/xtensa.c
+index 8e62d631bce0..a30aa1bcfc33 100644
+--- a/gcc/config/xtensa/xtensa.c
++++ b/gcc/config/xtensa/xtensa.c
+@@ -637,6 +637,7 @@ xtensa_mem_offset (unsigned v, machine_mode mode)
+     case HImode:
+       return xtensa_uimm8x2 (v);
+ 
++    case DImode:
+     case DFmode:
+       return (xtensa_uimm8x4 (v) && xtensa_uimm8x4 (v + 4));
+ 
+-- 
+2.1.4
+

package/gcc/6.4.0/870-xtensa-fix-PR-target-82181.patch

@@ -0,0 +1,31 @@
+From 3bc2ee6886f1619bc6a2257a0775142526b1a57a Mon Sep 17 00:00:00 2001
+From: jcmvbkbc <jcmvbkbc@138bc75d-0d04-0410-961f-82ee72b054a4>
+Date: Mon, 11 Sep 2017 21:53:38 +0000
+Subject: [PATCH] xtensa: fix PR target/82181
+
+2017-09-11  Max Filippov  <jcmvbkbc@gmail.com>
+gcc/
+	Backport from mainline
+	* config/xtensa/xtensa.c (xtensa_mem_offset): Check that both
+	words of DImode object are reachable by xtensa_uimm8x4 access.
+
+Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
+---
+ gcc/config/xtensa/xtensa.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/gcc/config/xtensa/xtensa.c b/gcc/config/xtensa/xtensa.c
+index 2bdf5ccef979..92fdeb08046d 100644
+--- a/gcc/config/xtensa/xtensa.c
++++ b/gcc/config/xtensa/xtensa.c
+@@ -601,6 +601,7 @@ xtensa_mem_offset (unsigned v, machine_mode mode)
+     case HImode:
+       return xtensa_uimm8x2 (v);
+ 
++    case DImode:
+     case DFmode:
+       return (xtensa_uimm8x4 (v) && xtensa_uimm8x4 (v + 4));
+ 
+-- 
+2.1.4
+

package/gcc/7.2.0/0870-xtensa-fix-PR-target-82181.patch

@@ -0,0 +1,31 @@
+From 3ed0c49a8d52e88648c7bb9f21a204b23595a6a9 Mon Sep 17 00:00:00 2001
+From: jcmvbkbc <jcmvbkbc@138bc75d-0d04-0410-961f-82ee72b054a4>
+Date: Mon, 11 Sep 2017 21:53:38 +0000
+Subject: [PATCH] xtensa: fix PR target/82181
+
+2017-09-11  Max Filippov  <jcmvbkbc@gmail.com>
+gcc/
+	Backport from mainline
+	* config/xtensa/xtensa.c (xtensa_mem_offset): Check that both
+	words of DImode object are reachable by xtensa_uimm8x4 access.
+
+Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
+---
+ gcc/config/xtensa/xtensa.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/gcc/config/xtensa/xtensa.c b/gcc/config/xtensa/xtensa.c
+index 25e4a2894c3b..8c404187107b 100644
+--- a/gcc/config/xtensa/xtensa.c
++++ b/gcc/config/xtensa/xtensa.c
+@@ -605,6 +605,7 @@ xtensa_mem_offset (unsigned v, machine_mode mode)
+     case HImode:
+       return xtensa_uimm8x2 (v);
+ 
++    case DImode:
+     case DFmode:
+       return (xtensa_uimm8x4 (v) && xtensa_uimm8x4 (v + 4));
+ 
+-- 
+2.1.4
+

package/gd/0001-gdlib-config.patch

@@ -1,32 +0,0 @@
-Fix gdlib-config
-
-Since the @LIBICONV@ macro doesn't get replaced at compile time, we
-end up installing an invalid gdlib-config: the gdlib-config --libs
-says that one should link against @LIBICONV@ which obviously doesn't
-work.
-
-Use the OpenWRT patch from
-https://dev.openwrt.org/browser/packages/libs/gd/patches/101-gdlib-config.patch
-
-Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
-
---- a/config/gdlib-config.in
-+++ b/config/gdlib-config.in
-@@ -71,7 +71,7 @@ while test $# -gt 0; do
- 	echo @LDFLAGS@
- 	;;
-     --libs)
--	echo -lgd @LIBS@ @LIBICONV@
-+	echo -lgd @LIBS@
- 	;;
-     --cflags|--includes)
- 	echo -I@includedir@
-@@ -84,7 +84,7 @@ while test $# -gt 0; do
- 	echo "includedir: $includedir"
- 	echo "cflags:     -I@includedir@"
- 	echo "ldflags:    @LDFLAGS@"
--	echo "libs:       @LIBS@ @LIBICONV@"
-+	echo "libs:       @LIBS@"
- 	echo "libdir:     $libdir"
- 	echo "features:   @FEATURES@"
- 	;;

package/gd/0002-gd_bmp-fix-build-with-uClibc.patch

@@ -1,50 +0,0 @@
-From ea2a03e983acf34a1320b460dcad43b7e0b0b14f Mon Sep 17 00:00:00 2001
-Message-Id: <ea2a03e983acf34a1320b460dcad43b7e0b0b14f.1397134306.git.baruch@tkos.co.il>
-From: Baruch Siach <baruch@tkos.co.il>
-Date: Thu, 10 Apr 2014 15:49:13 +0300
-Subject: [PATCH] gd_bmp: fix build with uClibc
-
-Some architectures (like ARM) don't have the long double variants of math
-functions under uClibc. Add a local ceill definition in this case.
-
-Patch status: reported upstream, 
-https://bitbucket.org/libgd/gd-libgd/issue/123/build-failure-agains-uclibc-arm
-
-Signed-off-by: Baruch Siach <baruch@tkos.co.il>
----
- src/gd_bmp.c | 12 ++++++++++++
- 1 file changed, 12 insertions(+)
-
-diff --git a/src/gd_bmp.c b/src/gd_bmp.c
-index 0fc021909f1b..11b3ec1baa01 100644
---- a/src/gd_bmp.c
-+++ b/src/gd_bmp.c
-@@ -25,6 +25,11 @@
- #include "gdhelpers.h"
- #include "bmp.h"
- 
-+#include <features.h>
-+#if defined (__UCLIBC__) && !defined(__UCLIBC_HAS_LONG_DOUBLE_MATH__)
-+#define NO_LONG_DOUBLE
-+#endif
-+
- static int compress_row(unsigned char *uncompressed_row, int length);
- static int build_rle_packet(unsigned char *row, int packet_type, int length, unsigned char *data);
- 
-@@ -42,6 +47,13 @@ static int bmp_read_rle(gdImagePtr im, gdIOCtxPtr infile, bmp_info_t *info);
- 
- #define BMP_DEBUG(s)
- 
-+#ifdef NO_LONG_DOUBLE
-+long double ceill(long double x)
-+{
-+	return (long double) ceil((double) x);
-+}
-+#endif
-+
- static int gdBMPPutWord(gdIOCtx *out, int w)
- {
- 	/* Byte order is little-endian */
--- 
-1.9.1
-

package/gd/gd.hash

@@ -1,2 +1,3 @@
 # Locally calculated
-sha256	137f13a7eb93ce72e32ccd7cebdab6874f8cf7ddf31d3a455a68e016ecd9e4e6	libgd-2.2.4.tar.xz
+sha256	8c302ccbf467faec732f0741a859eef4ecae22fea2d2ab87467be940842bde51	libgd-2.2.5.tar.xz
+sha256  d02dae2141d49b8a6b09b2b73e68a8f17d7bbeaaf02b3b841ee11fea2d9e328d	COPYING

package/gd/gd.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-GD_VERSION = 2.2.4
+GD_VERSION = 2.2.5
 GD_SOURCE = libgd-$(GD_VERSION).tar.xz
 GD_SITE = https://github.com/libgd/libgd/releases/download/gd-$(GD_VERSION)
 GD_INSTALL_STAGING = YES

package/gdk-pixbuf/gdk-pixbuf.hash

@@ -1,2 +1,4 @@
-# From http://ftp.gnome.org/pub/gnome/sources/gdk-pixbuf/2.36/gdk-pixbuf-2.36.6.sha256sum
-sha256 455eb90c09ed1b71f95f3ebfe1c904c206727e0eeb34fc94e5aaf944663a820c  gdk-pixbuf-2.36.6.tar.xz
+# From http://ftp.gnome.org/pub/gnome/sources/gdk-pixbuf/2.36/gdk-pixbuf-2.36.10.sha256sum
+sha256 f8f6fa896b89475c73b6e9e8d2a2b062fc359c4b4ccb8e96470d6ab5da949ace  gdk-pixbuf-2.36.10.tar.xz
+# Locally calculated
+sha256 d245807f90032872d1438d741ed21e2490e1175dc8aa3afa5ddb6c8e529b58e5  COPYING

package/gdk-pixbuf/gdk-pixbuf.mk

@@ -5,7 +5,7 @@
 ################################################################################
 
 GDK_PIXBUF_VERSION_MAJOR = 2.36
-GDK_PIXBUF_VERSION = $(GDK_PIXBUF_VERSION_MAJOR).6
+GDK_PIXBUF_VERSION = $(GDK_PIXBUF_VERSION_MAJOR).10
 GDK_PIXBUF_SOURCE = gdk-pixbuf-$(GDK_PIXBUF_VERSION).tar.xz
 GDK_PIXBUF_SITE = http://ftp.gnome.org/pub/gnome/sources/gdk-pixbuf/$(GDK_PIXBUF_VERSION_MAJOR)
 GDK_PIXBUF_LICENSE = LGPL-2.0+
@@ -20,6 +20,9 @@ GDK_PIXBUF_CONF_ENV = \
 	ac_cv_path_GLIB_GENMARSHAL=$(LIBGLIB2_HOST_BINARY) \
 	gio_can_sniff=no
 
+HOST_GDK_PIXBUF_CONF_ENV = \
+	gio_can_sniff=no
+
 GDK_PIXBUF_CONF_OPTS = --disable-glibtest
 
 ifneq ($(BR2_PACKAGE_LIBPNG),y)

package/git/git.hash

@@ -1,4 +1,4 @@
 # From: https://www.kernel.org/pub/software/scm/git/sha256sums.asc
-sha256 21c9e29caac86d244ac7af78bc3422746dabb903cb3952a1ceefd801020ad1a1  git-2.13.5.tar.xz
+sha256 bce97e403bea34f50378e90ade10c12666b2382cc247551b63dc5604e03b2523  git-2.13.6.tar.xz
 sha256 5b2198d1645f767585e8a88ac0499b04472164c0d2da22e75ecf97ef443ab32e  COPYING
 sha256 1922f45d2c49e390032c9c0ba6d7cac904087f7cec51af30c2b2ad022ce0e76a  LGPL-2.1

package/git/git.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-GIT_VERSION = 2.13.5
+GIT_VERSION = 2.13.6
 GIT_SOURCE = git-$(GIT_VERSION).tar.xz
 GIT_SITE = $(BR2_KERNEL_MIRROR)/software/scm/git
 GIT_LICENSE = GPL-2.0, LGPL-2.1+

package/gnupg2/gnupg2.mk

@@ -42,10 +42,10 @@ else
 GNUPG2_CONF_OPTS += --disable-gnutls
 endif
 
-ifeq ($(BR2_PACKAGE_LIBUSB_COMPAT),y)
+ifeq ($(BR2_PACKAGE_LIBUSB),y)
 GNUPG2_CONF_ENV += CPPFLAGS="$(TARGET_CPPFLAGS) -I$(STAGING_DIR)/usr/include/libusb-1.0"
 GNUPG2_CONF_OPTS += --enable-ccid-driver
-GNUPG2_DEPENDENCIES += libusb-compat
+GNUPG2_DEPENDENCIES += libusb
 else
 GNUPG2_CONF_OPTS += --disable-ccid-driver
 endif

package/go-bootstrap/Config.in.host

@@ -0,0 +1,7 @@
+config BR2_PACKAGE_HOST_GO_BOOTSTRAP_ARCH_SUPPORTS
+	bool
+	# See src/cmd/dist/unix.c for the list of support
+	# architectures
+	default y if BR2_HOSTARCH = "x86"
+	default y if BR2_HOSTARCH = "x86_64"
+	default y if BR2_HOSTARCH = "arm"

package/go/Config.in.host

@@ -1,6 +1,7 @@
 config BR2_PACKAGE_HOST_GO_ARCH_SUPPORTS
 	bool
 	default y
+	depends on BR2_PACKAGE_HOST_GO_BOOTSTRAP_ARCH_SUPPORTS
 	depends on (BR2_arm && BR2_TOOLCHAIN_SUPPORTS_PIE) || BR2_aarch64 \
 		|| BR2_i386 || BR2_x86_64 || BR2_powerpc64le \
 		|| BR2_mips64 || BR2_mips64el

package/go/go.mk

@@ -52,7 +52,7 @@ HOST_GO_TARGET_ENV = \
 # set, build in cgo support for any go programs that may need it.  Note that
 # any target package needing cgo support must include
 # 'depends on BR2_TOOLCHAIN_HAS_THREADS' in its config file.
-ifeq (BR2_TOOLCHAIN_HAS_THREADS,y)
+ifeq ($(BR2_TOOLCHAIN_HAS_THREADS),y)
 HOST_GO_CGO_ENABLED = 1
 else
 HOST_GO_CGO_ENABLED = 0
@@ -74,8 +74,8 @@ HOST_GO_MAKE_ENV = \
 	GOARCH=$(GO_GOARCH) \
 	$(if $(GO_GOARM),GOARM=$(GO_GOARM)) \
 	GOOS=linux \
-	CGO_ENABLED=$(HOST_GO_CGO_ENABLED) \
-	CC=$(HOSTCC_NOCCACHE)
+	CC=$(HOSTCC_NOCCACHE) \
+	CXX=$(HOSTCXX_NOCCACHE)
 
 HOST_GO_TARGET_CC = \
 	CC_FOR_TARGET="$(TARGET_CC)" \
@@ -83,16 +83,18 @@ HOST_GO_TARGET_CC = \
 
 HOST_GO_HOST_CC = \
 	CC_FOR_TARGET=$(HOSTCC_NOCCACHE) \
-	CXX_FOR_TARGET=$(HOSTCC_NOCCACHE)
+	CXX_FOR_TARGET=$(HOSTCXX_NOCCACHE)
 
 HOST_GO_TMP = $(@D)/host-go-tmp
 
 define HOST_GO_BUILD_CMDS
-	cd $(@D)/src && $(HOST_GO_MAKE_ENV) $(HOST_GO_HOST_CC) ./make.bash
+	cd $(@D)/src && \
+		$(HOST_GO_MAKE_ENV) $(HOST_GO_HOST_CC) CGO_ENABLED=0 ./make.bash
 	mkdir -p $(HOST_GO_TMP)
 	mv $(@D)/pkg/tool $(HOST_GO_TMP)/
 	mv $(@D)/bin/ $(HOST_GO_TMP)/
-	cd $(@D)/src && $(HOST_GO_MAKE_ENV) $(HOST_GO_TARGET_CC) ./make.bash
+	cd $(@D)/src && \
+		$(HOST_GO_MAKE_ENV) $(HOST_GO_TARGET_CC) CGO_ENABLED=$(HOST_GO_CGO_ENABLED) ./make.bash
 endef
 
 define HOST_GO_INSTALL_CMDS

package/google-breakpad/0002-Replace-remaining-references-to-struct-ucontext-with.patch

@@ -0,0 +1,257 @@
+From 7975a962e1d6dbad5a46792a54e647abd7caf5f1 Mon Sep 17 00:00:00 2001
+From: Mark Mentovai <mark@chromium.org>
+Date: Tue, 19 Sep 2017 22:48:30 -0400
+Subject: [PATCH] Replace remaining references to 'struct ucontext' with
+ 'ucontext_t'
+
+This relands
+https://chromium.googlesource.com/breakpad/breakpad/src/+/e3035bc406cee8a4d765e59ad46eb828705f17f4,
+which was accidentally committed to breakpad/breakpad/src, the read-only
+mirror of src in breakpad/breakpad. (Well, it should have been
+read-only.) See https://crbug.com/766164.
+
+This fixes issues with glibc-2.26.
+
+See https://bugs.gentoo.org/show_bug.cgi?id=628782 ,
+https://sourceware.org/git/?p=glibc.git;h=251287734e89a52da3db682a8241eb6bccc050c9 , and
+https://sourceware.org/ml/libc-alpha/2017-08/msg00010.html for context.
+Change-Id: Id66f474d636dd2afa450bab925c5514a800fdd6f
+Reviewed-on: https://chromium-review.googlesource.com/674304
+Reviewed-by: Mark Mentovai <mark@chromium.org>
+
+(cherry picked from commit bddcc58860f522a0d4cbaa7e9d04058caee0db9d)
+[Romain: backport from upstream]
+Signed-off-by: Romain Naour <romain.naour@gmail.com>
+---
+ .../linux/dump_writer_common/ucontext_reader.cc    | 32 +++++++++++-----------
+ .../linux/dump_writer_common/ucontext_reader.h     | 14 +++++-----
+ src/client/linux/handler/exception_handler.cc      | 10 +++----
+ src/client/linux/handler/exception_handler.h       |  6 ++--
+ .../linux/microdump_writer/microdump_writer.cc     |  2 +-
+ .../linux/minidump_writer/minidump_writer.cc       |  2 +-
+ 6 files changed, 33 insertions(+), 33 deletions(-)
+
+diff --git a/src/client/linux/dump_writer_common/ucontext_reader.cc b/src/client/linux/dump_writer_common/ucontext_reader.cc
+index c80724d..052ce37 100644
+--- a/src/client/linux/dump_writer_common/ucontext_reader.cc
++++ b/src/client/linux/dump_writer_common/ucontext_reader.cc
+@@ -36,19 +36,19 @@ namespace google_breakpad {
+ 
+ // Minidump defines register structures which are different from the raw
+ // structures which we get from the kernel. These are platform specific
+-// functions to juggle the ucontext and user structures into minidump format.
++// functions to juggle the ucontext_t and user structures into minidump format.
+ 
+ #if defined(__i386__)
+ 
+-uintptr_t UContextReader::GetStackPointer(const struct ucontext* uc) {
++uintptr_t UContextReader::GetStackPointer(const ucontext_t* uc) {
+   return uc->uc_mcontext.gregs[REG_ESP];
+ }
+ 
+-uintptr_t UContextReader::GetInstructionPointer(const struct ucontext* uc) {
++uintptr_t UContextReader::GetInstructionPointer(const ucontext_t* uc) {
+   return uc->uc_mcontext.gregs[REG_EIP];
+ }
+ 
+-void UContextReader::FillCPUContext(RawContextCPU *out, const ucontext *uc,
++void UContextReader::FillCPUContext(RawContextCPU *out, const ucontext_t *uc,
+                                     const struct _libc_fpstate* fp) {
+   const greg_t* regs = uc->uc_mcontext.gregs;
+ 
+@@ -88,15 +88,15 @@ void UContextReader::FillCPUContext(RawContextCPU *out, const ucontext *uc,
+ 
+ #elif defined(__x86_64)
+ 
+-uintptr_t UContextReader::GetStackPointer(const struct ucontext* uc) {
++uintptr_t UContextReader::GetStackPointer(const ucontext_t* uc) {
+   return uc->uc_mcontext.gregs[REG_RSP];
+ }
+ 
+-uintptr_t UContextReader::GetInstructionPointer(const struct ucontext* uc) {
++uintptr_t UContextReader::GetInstructionPointer(const ucontext_t* uc) {
+   return uc->uc_mcontext.gregs[REG_RIP];
+ }
+ 
+-void UContextReader::FillCPUContext(RawContextCPU *out, const ucontext *uc,
++void UContextReader::FillCPUContext(RawContextCPU *out, const ucontext_t *uc,
+                                     const struct _libc_fpstate* fpregs) {
+   const greg_t* regs = uc->uc_mcontext.gregs;
+ 
+@@ -145,15 +145,15 @@ void UContextReader::FillCPUContext(RawContextCPU *out, const ucontext *uc,
+ 
+ #elif defined(__ARM_EABI__)
+ 
+-uintptr_t UContextReader::GetStackPointer(const struct ucontext* uc) {
++uintptr_t UContextReader::GetStackPointer(const ucontext_t* uc) {
+   return uc->uc_mcontext.arm_sp;
+ }
+ 
+-uintptr_t UContextReader::GetInstructionPointer(const struct ucontext* uc) {
++uintptr_t UContextReader::GetInstructionPointer(const ucontext_t* uc) {
+   return uc->uc_mcontext.arm_pc;
+ }
+ 
+-void UContextReader::FillCPUContext(RawContextCPU *out, const ucontext *uc) {
++void UContextReader::FillCPUContext(RawContextCPU *out, const ucontext_t *uc) {
+   out->context_flags = MD_CONTEXT_ARM_FULL;
+ 
+   out->iregs[0] = uc->uc_mcontext.arm_r0;
+@@ -184,15 +184,15 @@ void UContextReader::FillCPUContext(RawContextCPU *out, const ucontext *uc) {
+ 
+ #elif defined(__aarch64__)
+ 
+-uintptr_t UContextReader::GetStackPointer(const struct ucontext* uc) {
++uintptr_t UContextReader::GetStackPointer(const ucontext_t* uc) {
+   return uc->uc_mcontext.sp;
+ }
+ 
+-uintptr_t UContextReader::GetInstructionPointer(const struct ucontext* uc) {
++uintptr_t UContextReader::GetInstructionPointer(const ucontext_t* uc) {
+   return uc->uc_mcontext.pc;
+ }
+ 
+-void UContextReader::FillCPUContext(RawContextCPU *out, const ucontext *uc,
++void UContextReader::FillCPUContext(RawContextCPU *out, const ucontext_t *uc,
+                                     const struct fpsimd_context* fpregs) {
+   out->context_flags = MD_CONTEXT_ARM64_FULL;
+ 
+@@ -210,15 +210,15 @@ void UContextReader::FillCPUContext(RawContextCPU *out, const ucontext *uc,
+ 
+ #elif defined(__mips__)
+ 
+-uintptr_t UContextReader::GetStackPointer(const struct ucontext* uc) {
++uintptr_t UContextReader::GetStackPointer(const ucontext_t* uc) {
+   return uc->uc_mcontext.gregs[MD_CONTEXT_MIPS_REG_SP];
+ }
+ 
+-uintptr_t UContextReader::GetInstructionPointer(const struct ucontext* uc) {
++uintptr_t UContextReader::GetInstructionPointer(const ucontext_t* uc) {
+   return uc->uc_mcontext.pc;
+ }
+ 
+-void UContextReader::FillCPUContext(RawContextCPU *out, const ucontext *uc) {
++void UContextReader::FillCPUContext(RawContextCPU *out, const ucontext_t *uc) {
+ #if _MIPS_SIM == _ABI64
+   out->context_flags = MD_CONTEXT_MIPS64_FULL;
+ #elif _MIPS_SIM == _ABIO32
+diff --git a/src/client/linux/dump_writer_common/ucontext_reader.h b/src/client/linux/dump_writer_common/ucontext_reader.h
+index b6e77b4..2de80b7 100644
+--- a/src/client/linux/dump_writer_common/ucontext_reader.h
++++ b/src/client/linux/dump_writer_common/ucontext_reader.h
+@@ -39,23 +39,23 @@
+ 
+ namespace google_breakpad {
+ 
+-// Wraps platform-dependent implementations of accessors to ucontext structs.
++// Wraps platform-dependent implementations of accessors to ucontext_t structs.
+ struct UContextReader {
+-  static uintptr_t GetStackPointer(const struct ucontext* uc);
++  static uintptr_t GetStackPointer(const ucontext_t* uc);
+ 
+-  static uintptr_t GetInstructionPointer(const struct ucontext* uc);
++  static uintptr_t GetInstructionPointer(const ucontext_t* uc);
+ 
+-  // Juggle a arch-specific ucontext into a minidump format
++  // Juggle a arch-specific ucontext_t into a minidump format
+   //   out: the minidump structure
+   //   info: the collection of register structures.
+ #if defined(__i386__) || defined(__x86_64)
+-  static void FillCPUContext(RawContextCPU *out, const ucontext *uc,
++  static void FillCPUContext(RawContextCPU *out, const ucontext_t *uc,
+                              const struct _libc_fpstate* fp);
+ #elif defined(__aarch64__)
+-  static void FillCPUContext(RawContextCPU *out, const ucontext *uc,
++  static void FillCPUContext(RawContextCPU *out, const ucontext_t *uc,
+                              const struct fpsimd_context* fpregs);
+ #else
+-  static void FillCPUContext(RawContextCPU *out, const ucontext *uc);
++  static void FillCPUContext(RawContextCPU *out, const ucontext_t *uc);
+ #endif
+ };
+ 
+diff --git a/src/client/linux/handler/exception_handler.cc b/src/client/linux/handler/exception_handler.cc
+index b63f973..3d809b8 100644
+--- a/src/client/linux/handler/exception_handler.cc
++++ b/src/client/linux/handler/exception_handler.cc
+@@ -439,9 +439,9 @@ bool ExceptionHandler::HandleSignal(int sig, siginfo_t* info, void* uc) {
+   // Fill in all the holes in the struct to make Valgrind happy.
+   memset(&g_crash_context_, 0, sizeof(g_crash_context_));
+   memcpy(&g_crash_context_.siginfo, info, sizeof(siginfo_t));
+-  memcpy(&g_crash_context_.context, uc, sizeof(struct ucontext));
++  memcpy(&g_crash_context_.context, uc, sizeof(ucontext_t));
+ #if defined(__aarch64__)
+-  struct ucontext* uc_ptr = (struct ucontext*)uc;
++  ucontext_t* uc_ptr = (ucontext_t*)uc;
+   struct fpsimd_context* fp_ptr =
+       (struct fpsimd_context*)&uc_ptr->uc_mcontext.__reserved;
+   if (fp_ptr->head.magic == FPSIMD_MAGIC) {
+@@ -450,9 +450,9 @@ bool ExceptionHandler::HandleSignal(int sig, siginfo_t* info, void* uc) {
+   }
+ #elif !defined(__ARM_EABI__) && !defined(__mips__)
+   // FP state is not part of user ABI on ARM Linux.
+-  // In case of MIPS Linux FP state is already part of struct ucontext
++  // In case of MIPS Linux FP state is already part of ucontext_t
+   // and 'float_state' is not a member of CrashContext.
+-  struct ucontext* uc_ptr = (struct ucontext*)uc;
++  ucontext_t* uc_ptr = (ucontext_t*)uc;
+   if (uc_ptr->uc_mcontext.fpregs) {
+     memcpy(&g_crash_context_.float_state, uc_ptr->uc_mcontext.fpregs,
+            sizeof(g_crash_context_.float_state));
+@@ -476,7 +476,7 @@ bool ExceptionHandler::SimulateSignalDelivery(int sig) {
+   // ExceptionHandler::HandleSignal().
+   siginfo.si_code = SI_USER;
+   siginfo.si_pid = getpid();
+-  struct ucontext context;
++  ucontext_t context;
+   getcontext(&context);
+   return HandleSignal(sig, &siginfo, &context);
+ }
+diff --git a/src/client/linux/handler/exception_handler.h b/src/client/linux/handler/exception_handler.h
+index 591c310..42f4055 100644
+--- a/src/client/linux/handler/exception_handler.h
++++ b/src/client/linux/handler/exception_handler.h
+@@ -191,11 +191,11 @@ class ExceptionHandler {
+   struct CrashContext {
+     siginfo_t siginfo;
+     pid_t tid;  // the crashing thread.
+-    struct ucontext context;
++    ucontext_t context;
+ #if !defined(__ARM_EABI__) && !defined(__mips__)
+     // #ifdef this out because FP state is not part of user ABI for Linux ARM.
+-    // In case of MIPS Linux FP state is already part of struct
+-    // ucontext so 'float_state' is not required.
++    // In case of MIPS Linux FP state is already part of ucontext_t so
++    // 'float_state' is not required.
+     fpstate_t float_state;
+ #endif
+   };
+diff --git a/src/client/linux/microdump_writer/microdump_writer.cc b/src/client/linux/microdump_writer/microdump_writer.cc
+index 6f5b435..a508667 100644
+--- a/src/client/linux/microdump_writer/microdump_writer.cc
++++ b/src/client/linux/microdump_writer/microdump_writer.cc
+@@ -571,7 +571,7 @@ class MicrodumpWriter {
+ 
+   void* Alloc(unsigned bytes) { return dumper_->allocator()->Alloc(bytes); }
+ 
+-  const struct ucontext* const ucontext_;
++  const ucontext_t* const ucontext_;
+ #if !defined(__ARM_EABI__) && !defined(__mips__)
+   const google_breakpad::fpstate_t* const float_state_;
+ #endif
+diff --git a/src/client/linux/minidump_writer/minidump_writer.cc b/src/client/linux/minidump_writer/minidump_writer.cc
+index 86009b9..f2aec73 100644
+--- a/src/client/linux/minidump_writer/minidump_writer.cc
++++ b/src/client/linux/minidump_writer/minidump_writer.cc
+@@ -1248,7 +1248,7 @@ class MinidumpWriter {
+   const int fd_;  // File descriptor where the minidum should be written.
+   const char* path_;  // Path to the file where the minidum should be written.
+ 
+-  const struct ucontext* const ucontext_;  // also from the signal handler
++  const ucontext_t* const ucontext_;  // also from the signal handler
+ #if !defined(__ARM_EABI__) && !defined(__mips__)
+   const google_breakpad::fpstate_t* const float_state_;  // ditto
+ #endif
+-- 
+2.9.5
+

package/google-breakpad/Config.in

@@ -12,6 +12,7 @@ config BR2_PACKAGE_GOOGLE_BREAKPAD
 	depends on BR2_TOOLCHAIN_HAS_THREADS
 	depends on (BR2_TOOLCHAIN_USES_GLIBC || BR2_TOOLCHAIN_USES_UCLIBC)
 	depends on BR2_PACKAGE_GOOGLE_BREAKPAD_ARCH_SUPPORTS
+	depends on BR2_PACKAGE_HOST_GOOGLE_BREAKPAD_ARCH_SUPPORTS
 	select BR2_PACKAGE_LINUX_SYSCALL_SUPPORT
 	help
 	  Google-Breakpad is a library and tool suite that allows you
@@ -36,6 +37,7 @@ config BR2_PACKAGE_GOOGLE_BREAKPAD
 
 comment "google-breakpad requires a glibc or uClibc toolchain w/ wchar, thread, C++, gcc >= 4.8"
 	depends on BR2_PACKAGE_GOOGLE_BREAKPAD_ARCH_SUPPORTS
+	depends on BR2_PACKAGE_HOST_GOOGLE_BREAKPAD_ARCH_SUPPORTS
 	depends on !BR2_INSTALL_LIBSTDCPP || !BR2_USE_WCHAR || \
 		!BR2_TOOLCHAIN_HAS_THREADS || \
 		!(BR2_TOOLCHAIN_USES_GLIBC || BR2_TOOLCHAIN_USES_UCLIBC) || \

package/google-breakpad/Config.in.host

@@ -0,0 +1,8 @@
+config BR2_PACKAGE_HOST_GOOGLE_BREAKPAD_ARCH_SUPPORTS
+	bool
+	default y if BR2_HOSTARCH = "x86_64"
+	default y if BR2_HOSTARCH = "x86"
+	default y if BR2_HOSTARCH = "arm"
+	default y if BR2_HOSTARCH = "aarch64"
+	default y if BR2_HOSTARCH = "mips"
+	default y if BR2_HOSTARCH = "mipsel"

package/gstreamer/gstreamer.mk

@@ -1 +1 @@
-include package/gstreamer/*/*.mk
+include $(sort $(wildcard package/gstreamer/*/*.mk))

package/gstreamer/gstreamer/Config.in

@@ -1,12 +1,14 @@
-comment "gstreamer 0.10 needs a toolchain w/ wchar, threads"
+comment "gstreamer 0.10 needs a toolchain w/ wchar, threads, dynamic library"
 	depends on BR2_USE_MMU
-	depends on !BR2_USE_WCHAR || !BR2_TOOLCHAIN_HAS_THREADS
+	depends on !BR2_USE_WCHAR || !BR2_TOOLCHAIN_HAS_THREADS || \
+		BR2_STATIC_LIBS
 
 config BR2_PACKAGE_GSTREAMER
 	bool "gstreamer 0.10"
 	depends on BR2_USE_WCHAR # glib2
 	depends on BR2_TOOLCHAIN_HAS_THREADS # glib2
 	depends on BR2_USE_MMU # glib2
+	depends on !BR2_STATIC_LIBS
 	select BR2_PACKAGE_LIBGLIB2
 	help
 	  GStreamer is an open source multimedia framework.

package/gstreamer1/gstreamer1.mk

@@ -1 +1 @@
-include package/gstreamer1/*/*.mk
+include $(sort $(wildcard package/gstreamer1/*/*.mk))

package/hostapd/Config.in

@@ -10,7 +10,7 @@ config BR2_PACKAGE_HOSTAPD
 	  IEEE 802.1X/WPA/WPA2/EAP authenticators, RADIUS client,
 	  EAP server and RADIUS authentication server.
 
-	  http://hostap.epitest.fi/
+	  http://w1.fi/hostapd/
 
 if BR2_PACKAGE_HOSTAPD
 

package/hostapd/hostapd.hash

@@ -1,2 +1,4 @@
 # Locally calculated
 sha256  01526b90c1d23bec4b0f052039cc4456c2fd19347b4d830d1d58a0a6aea7117d  hostapd-2.6.tar.gz
+sha256  529113cc81256c6178f3c1cf25dd8d3f33e6d770e4a180bd31c6ab7e4917f40b  rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
+sha256  147c8abe07606905d16404fb2d2c8849796ca7c85ed8673c09bb50038bcdeb9e  rebased-v2.6-0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch

package/hostapd/hostapd.mk

@@ -5,7 +5,10 @@
 ################################################################################
 
 HOSTAPD_VERSION = 2.6
-HOSTAPD_SITE = http://hostap.epitest.fi/releases
+HOSTAPD_SITE = http://w1.fi/releases
+HOSTAPD_PATCH = \
+	http://w1.fi/security/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch \
+	http://w1.fi/security/2017-1/rebased-v2.6-0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch
 HOSTAPD_SUBDIR = hostapd
 HOSTAPD_CONFIG = $(HOSTAPD_DIR)/$(HOSTAPD_SUBDIR)/.config
 HOSTAPD_DEPENDENCIES = host-pkgconf libnl

package/ifupdown-scripts/ifupdown-scripts.mk

@@ -31,7 +31,7 @@ endif
 
 define IFUPDOWN_SCRIPTS_INSTALL_TARGET_CMDS
 	mkdir -p $(TARGET_DIR)/etc/network
-	cp -a $(IFUPDOWN_SCRIPTS_PKGDIR)/network/* $(TARGET_DIR)/etc/network
+	$(call SYSTEM_RSYNC,$(IFUPDOWN_SCRIPTS_PKGDIR)/network,$(TARGET_DIR)/etc/network)
 	$(IFUPDOWN_SCRIPTS_LOCALHOST)
 	$(IFUPDOWN_SCRIPTS_DHCP)
 endef

package/imagemagick/imagemagick.hash

@@ -1,2 +1,2 @@
 # Locally computed
-sha256 3a6b21352ed0eb984bdbd0943471df8605b978b527125921e97e5b404f2bee3a  7.0.6-0.tar.gz
+sha256 924d1161ed2399bcb72f98419072b3130a466e07d9a6fce43d27458ffa907ffa  7.0.7-10.tar.gz

package/imagemagick/imagemagick.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-IMAGEMAGICK_VERSION = 7.0.6-0
+IMAGEMAGICK_VERSION = 7.0.7-10
 IMAGEMAGICK_SOURCE = $(IMAGEMAGICK_VERSION).tar.gz
 IMAGEMAGICK_SITE = https://github.com/ImageMagick/ImageMagick/archive
 IMAGEMAGICK_LICENSE = Apache-2.0

package/irssi/irssi.hash

@@ -1,2 +1,4 @@
 # Locally calculated after checking pgp signature
-sha256	b85c07dbafe178213eccdc69f5f8f0ac024dea01c67244668f91ec1c06b986ca	irssi-1.0.4.tar.xz
+sha256	c2556427e12eb06cabfed40839ac6f57eb8b1aa6365fab6dfcd331b7a04bb914  irssi-1.0.5.tar.xz
+# Locally calculated
+sha256	a1a27cb2ecee8d5378fbb3562f577104a445d6d66fee89286e16758305e63e2b  COPYING

package/irssi/irssi.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-IRSSI_VERSION = 1.0.4
+IRSSI_VERSION = 1.0.5
 IRSSI_SOURCE = irssi-$(IRSSI_VERSION).tar.xz
 # Do not use the github helper here. The generated tarball is *NOT* the
 # same as the one uploaded by upstream for the release.

package/iucode-tool/iucode-tool.hash

@@ -1,2 +1,3 @@
 # Locally computed
-sha256	33271652032f20f866a212bc98ea01a8db65c4ac839fa820aa23da974fd6ff62	iucode-tool_1.5.tar.xz
+sha256 9810daf925b8a9ca244adc4e1916bcab65601c9ebe87e91c2281f78055982971  iucode-tool_2.2.tar.xz
+sha256 ab15fd526bd8dd18a9e77ebc139656bf4d33e97fc7238cd11bf60e2b9b8666c6  COPYING

package/iucode-tool/iucode-tool.mk

@@ -4,11 +4,10 @@
 #
 ################################################################################
 
-IUCODE_TOOL_VERSION = 1.5
+IUCODE_TOOL_VERSION = 2.2
 IUCODE_TOOL_SOURCE = iucode-tool_$(IUCODE_TOOL_VERSION).tar.xz
 IUCODE_TOOL_SITE = https://gitlab.com/iucode-tool/releases/raw/master
 ifeq ($(BR2_PACKAGE_ARGP_STANDALONE),y)
-IUCODE_TOOL_CONF_ENV = LIBS="-largp"
 IUCODE_TOOL_DEPENDENCIES = argp-standalone
 endif
 IUCODE_TOOL_LICENSE = GPL-2.0+

package/jimtcl/jimtcl.mk

@@ -38,10 +38,18 @@ define JIMTCL_INSTALL_LIB
 endef
 endif
 
+# build system doesn't use autotools, but does use an old version of
+# gnuconfig which doesn't know all the architectures supported by
+# Buildroot, so update config.guess / config.sub like we do in
+# pkg-autotools.mk
+JIMTCL_POST_PATCH_HOOKS += UPDATE_CONFIG_HOOK
+
 define JIMTCL_CONFIGURE_CMDS
 	(cd $(@D); \
 		$(TARGET_CONFIGURE_OPTS) CCACHE=none \
 		./configure --prefix=/usr \
+		--host=$(GNU_TARGET_NAME) \
+		--build=$(GNU_HOST_NAME) \
 		$(JIMTCL_SHARED) \
 	)
 endef

package/kvm-unit-tests/Config.in

@@ -15,6 +15,7 @@ config BR2_PACKAGE_KVM_UNIT_TESTS
 	# x86-64 we use the host gcc (see .mk file for details)
 	depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_5 || !BR2_i386
 	depends on BR2_HOST_GCC_AT_LEAST_4_5 || !BR2_x86_64
+	depends on BR2_HOSTARCH = "x86_64" || !BR2_x86_64
 	select BR2_HOSTARCH_NEEDS_IA32_COMPILER if BR2_x86_64=y
 	help
 	  kvm-unit-tests is a project as old as KVM. As its name

package/lame/0001-configure.patch

@@ -1,69 +0,0 @@
-Various patches to fix autoreconf errors.
-
-All patches besides
-- AM_ICONV in configure.in
-are already applied upstream:
-http://lame.cvs.sourceforge.net/viewvc/lame/lame/configure.in?r1=1.145&r2=1.146
-http://lame.cvs.sourceforge.net/viewvc/lame/lame/doc/html/Makefile.am?r1=1.8&r2=1.9
-http://lame.cvs.sourceforge.net/viewvc/lame/lame/doc/man/Makefile.am?r1=1.1&r2=1.2
-
-libmp3lame/i386/Makefile.am patch ported from Debian
-http://anonscm.debian.org/cgit/pkg-multimedia/lame.git/tree/debian/patches/ansi2knr2devnull.patch
-
-Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
-
-diff -uNr lame-3.99.5.org/configure.in lame-3.99.5/configure.in
---- lame-3.99.5.org/configure.in	2012-02-28 19:50:27.000000000 +0100
-+++ lame-3.99.5/configure.in	2015-04-11 11:36:15.464835008 +0200
-@@ -77,9 +77,6 @@
- 	AC_MSG_RESULT(${GCC_version})
- fi
- 
--dnl more automake stuff
--AM_C_PROTOTYPES
--
- AC_CHECK_HEADER(dmalloc.h)
- if test "${ac_cv_header_dmalloc_h}" = "yes"; then
- 	AM_WITH_DMALLOC
-@@ -376,8 +373,6 @@
- AC_CHECK_LIB(curses, initscr, HAVE_TERMCAP="curses")
- AC_CHECK_LIB(ncurses, initscr, HAVE_TERMCAP="ncurses")
- 
--AM_ICONV
-- 
- dnl math lib
- AC_CHECK_LIB(m, cos, USE_LIBM="-lm")
- dnl free fast math library
-diff -uNr lame-3.99.5.org/doc/html/Makefile.am lame-3.99.5/doc/html/Makefile.am
---- lame-3.99.5.org/doc/html/Makefile.am	2010-09-30 22:58:40.000000000 +0200
-+++ lame-3.99.5/doc/html/Makefile.am	2015-04-11 11:37:02.880239754 +0200
-@@ -1,6 +1,6 @@
- ## $Id: Makefile.am,v 1.7 2010/09/30 20:58:40 jaz001 Exp $
- 
--AUTOMAKE_OPTIONS = foreign ansi2knr
-+AUTOMAKE_OPTIONS = foreign
- 
- docdir = $(datadir)/doc
- pkgdocdir = $(docdir)/$(PACKAGE)
-diff -uNr lame-3.99.5.org/doc/man/Makefile.am lame-3.99.5/doc/man/Makefile.am
---- lame-3.99.5.org/doc/man/Makefile.am	2000-10-22 13:39:44.000000000 +0200
-+++ lame-3.99.5/doc/man/Makefile.am	2015-04-11 11:37:08.704167318 +0200
-@@ -1,6 +1,6 @@
- ## $Id: Makefile.am,v 1.1 2000/10/22 11:39:44 aleidinger Exp $
- 
--AUTOMAKE_OPTIONS = foreign ansi2knr
-+AUTOMAKE_OPTIONS = foreign
- 
- man_MANS = lame.1
- EXTRA_DIST = ${man_MANS}
-diff -uNr lame-3.99.5.org/libmp3lame/i386/Makefile.am lame-3.99.5/libmp3lame/i386/Makefile.am
---- lame-3.99.5.org/libmp3lame/i386/Makefile.am	2011-04-04 11:42:34.000000000 +0200
-+++ lame-3.99.5/libmp3lame/i386/Makefile.am	2015-04-11 11:37:35.191833351 +0200
-@@ -1,6 +1,6 @@
- ## $Id: Makefile.am,v 1.26 2011/04/04 09:42:34 aleidinger Exp $
- 
--AUTOMAKE_OPTIONS = foreign $(top_srcdir)/ansi2knr
-+AUTOMAKE_OPTIONS = foreign
- 
- DEFS = @DEFS@ @CONFIG_DEFS@
- 

package/lame/0002-gtk1-ac-directives.patch

@@ -1,210 +0,0 @@
-Include GTK-1 autoconf directives in build system.
-Applied-Upstream: http://lame.cvs.sf.net/viewvc/lame/lame/acinclude.m4?r1=1.5&r2=1.6
-
-Downloaded from
-http://lame.cvs.sf.net/viewvc/lame/lame/acinclude.m4?r1=1.5&r2=1.6&view=patch
-
-to fix autoreconf.
-
-Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
-
---- a/acinclude.m4	2006/12/21 09:03:03	1.5
-+++ b/acinclude.m4	2012/06/18 20:51:05	1.6
-@@ -85,4 +85,197 @@
- [AC_MSG_WARN(can't check for IEEE854 compliant 80 bit floats)]
- )])]) # alex_IEEE854_FLOAT80
- 
-+# Configure paths for GTK+
-+# Owen Taylor     97-11-3
- 
-+dnl AM_PATH_GTK([MINIMUM-VERSION, [ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND [, MODULES]]]])
-+dnl Test for GTK, and define GTK_CFLAGS and GTK_LIBS
-+dnl
-+AC_DEFUN([AM_PATH_GTK],
-+[dnl
-+dnl Get the cflags and libraries from the gtk-config script
-+dnl
-+AC_ARG_WITH(gtk-prefix,[  --with-gtk-prefix=PFX   Prefix where GTK is installed (optional)],
-+            gtk_config_prefix="$withval", gtk_config_prefix="")
-+AC_ARG_WITH(gtk-exec-prefix,[  --with-gtk-exec-prefix=PFX Exec prefix where GTK is installed (optional)],
-+            gtk_config_exec_prefix="$withval", gtk_config_exec_prefix="")
-+AC_ARG_ENABLE(gtktest, [  --disable-gtktest       Do not try to compile and run a test GTK program],
-+        , enable_gtktest=yes)
-+
-+  for module in . $4
-+  do
-+      case "$module" in
-+         gthread)
-+             gtk_config_args="$gtk_config_args gthread"
-+         ;;
-+      esac
-+  done
-+
-+  if test x$gtk_config_exec_prefix != x ; then
-+     gtk_config_args="$gtk_config_args --exec-prefix=$gtk_config_exec_prefix"
-+     if test x${GTK_CONFIG+set} != xset ; then
-+        GTK_CONFIG=$gtk_config_exec_prefix/bin/gtk-config
-+     fi
-+  fi
-+  if test x$gtk_config_prefix != x ; then
-+     gtk_config_args="$gtk_config_args --prefix=$gtk_config_prefix"
-+     if test x${GTK_CONFIG+set} != xset ; then
-+        GTK_CONFIG=$gtk_config_prefix/bin/gtk-config
-+     fi
-+  fi
-+
-+  AC_PATH_PROG(GTK_CONFIG, gtk-config, no)
-+  min_gtk_version=ifelse([$1], ,0.99.7,$1)
-+  AC_MSG_CHECKING(for GTK - version >= $min_gtk_version)
-+  no_gtk=""
-+  if test "$GTK_CONFIG" = "no" ; then
-+    no_gtk=yes
-+  else
-+    GTK_CFLAGS=`$GTK_CONFIG $gtk_config_args --cflags`
-+    GTK_LIBS=`$GTK_CONFIG $gtk_config_args --libs`
-+    gtk_config_major_version=`$GTK_CONFIG $gtk_config_args --version | \
-+           sed 's/\([[0-9]]*\).\([[0-9]]*\).\([[0-9]]*\)/\1/'`
-+    gtk_config_minor_version=`$GTK_CONFIG $gtk_config_args --version | \
-+           sed 's/\([[0-9]]*\).\([[0-9]]*\).\([[0-9]]*\)/\2/'`
-+    gtk_config_micro_version=`$GTK_CONFIG $gtk_config_args --version | \
-+           sed 's/\([[0-9]]*\).\([[0-9]]*\).\([[0-9]]*\)/\3/'`
-+    if test "x$enable_gtktest" = "xyes" ; then
-+      ac_save_CFLAGS="$CFLAGS"
-+      ac_save_LIBS="$LIBS"
-+      CFLAGS="$CFLAGS $GTK_CFLAGS"
-+      LIBS="$GTK_LIBS $LIBS"
-+dnl
-+dnl Now check if the installed GTK is sufficiently new. (Also sanity
-+dnl checks the results of gtk-config to some extent
-+dnl
-+      rm -f conf.gtktest
-+      AC_TRY_RUN([
-+#include <gtk/gtk.h>
-+#include <stdio.h>
-+#include <stdlib.h>
-+
-+int
-+main ()
-+{
-+  int major, minor, micro;
-+  char *tmp_version;
-+
-+  system ("touch conf.gtktest");
-+
-+  /* HP/UX 9 (%@#!) writes to sscanf strings */
-+  tmp_version = g_strdup("$min_gtk_version");
-+  if (sscanf(tmp_version, "%d.%d.%d", &major, &minor, &micro) != 3) {
-+     printf("%s, bad version string\n", "$min_gtk_version");
-+     exit(1);
-+   }
-+
-+  if ((gtk_major_version != $gtk_config_major_version) ||
-+      (gtk_minor_version != $gtk_config_minor_version) ||
-+      (gtk_micro_version != $gtk_config_micro_version))
-+    {
-+      printf("\n*** 'gtk-config --version' returned %d.%d.%d, but GTK+ (%d.%d.%d)\n",
-+             $gtk_config_major_version, $gtk_config_minor_version, $gtk_config_micro_version,
-+             gtk_major_version, gtk_minor_version, gtk_micro_version);
-+      printf ("*** was found! If gtk-config was correct, then it is best\n");
-+      printf ("*** to remove the old version of GTK+. You may also be able to fix the error\n");
-+      printf("*** by modifying your LD_LIBRARY_PATH enviroment variable, or by editing\n");
-+      printf("*** /etc/ld.so.conf. Make sure you have run ldconfig if that is\n");
-+      printf("*** required on your system.\n");
-+      printf("*** If gtk-config was wrong, set the environment variable GTK_CONFIG\n");
-+      printf("*** to point to the correct copy of gtk-config, and remove the file config.cache\n");
-+      printf("*** before re-running configure\n");
-+    }
-+#if defined (GTK_MAJOR_VERSION) && defined (GTK_MINOR_VERSION) && defined (GTK_MICRO_VERSION)
-+  else if ((gtk_major_version != GTK_MAJOR_VERSION) ||
-+     (gtk_minor_version != GTK_MINOR_VERSION) ||
-+           (gtk_micro_version != GTK_MICRO_VERSION))
-+    {
-+      printf("*** GTK+ header files (version %d.%d.%d) do not match\n",
-+       GTK_MAJOR_VERSION, GTK_MINOR_VERSION, GTK_MICRO_VERSION);
-+      printf("*** library (version %d.%d.%d)\n",
-+       gtk_major_version, gtk_minor_version, gtk_micro_version);
-+    }
-+#endif /* defined (GTK_MAJOR_VERSION) ... */
-+  else
-+    {
-+      if ((gtk_major_version > major) ||
-+        ((gtk_major_version == major) && (gtk_minor_version > minor)) ||
-+        ((gtk_major_version == major) && (gtk_minor_version == minor) && (gtk_micro_version >= micro)))
-+      {
-+        return 0;
-+       }
-+     else
-+      {
-+        printf("\n*** An old version of GTK+ (%d.%d.%d) was found.\n",
-+               gtk_major_version, gtk_minor_version, gtk_micro_version);
-+        printf("*** You need a version of GTK+ newer than %d.%d.%d. The latest version of\n",
-+         major, minor, micro);
-+        printf("*** GTK+ is always available from ftp://ftp.gtk.org.\n");
-+        printf("***\n");
-+        printf("*** If you have already installed a sufficiently new version, this error\n");
-+        printf("*** probably means that the wrong copy of the gtk-config shell script is\n");
-+        printf("*** being found. The easiest way to fix this is to remove the old version\n");
-+        printf("*** of GTK+, but you can also set the GTK_CONFIG environment to point to the\n");
-+        printf("*** correct copy of gtk-config. (In this case, you will have to\n");
-+        printf("*** modify your LD_LIBRARY_PATH enviroment variable, or edit /etc/ld.so.conf\n");
-+        printf("*** so that the correct libraries are found at run-time))\n");
-+      }
-+    }
-+  return 1;
-+}
-+],, no_gtk=yes,[echo $ac_n "cross compiling; assumed OK... $ac_c"])
-+       CFLAGS="$ac_save_CFLAGS"
-+       LIBS="$ac_save_LIBS"
-+     fi
-+  fi
-+  if test "x$no_gtk" = x ; then
-+     AC_MSG_RESULT(yes)
-+     ifelse([$2], , :, [$2])
-+  else
-+     AC_MSG_RESULT(no)
-+     if test "$GTK_CONFIG" = "no" ; then
-+       echo "*** The gtk-config script installed by GTK could not be found"
-+       echo "*** If GTK was installed in PREFIX, make sure PREFIX/bin is in"
-+       echo "*** your path, or set the GTK_CONFIG environment variable to the"
-+       echo "*** full path to gtk-config."
-+     else
-+       if test -f conf.gtktest ; then
-+        :
-+       else
-+          echo "*** Could not run GTK test program, checking why..."
-+          CFLAGS="$CFLAGS $GTK_CFLAGS"
-+          LIBS="$LIBS $GTK_LIBS"
-+          AC_TRY_LINK([
-+#include <gtk/gtk.h>
-+#include <stdio.h>
-+],      [ return ((gtk_major_version) || (gtk_minor_version) || (gtk_micro_version)); ],
-+        [ echo "*** The test program compiled, but did not run. This usually means"
-+          echo "*** that the run-time linker is not finding GTK or finding the wrong"
-+          echo "*** version of GTK. If it is not finding GTK, you'll need to set your"
-+          echo "*** LD_LIBRARY_PATH environment variable, or edit /etc/ld.so.conf to point"
-+          echo "*** to the installed location  Also, make sure you have run ldconfig if that"
-+          echo "*** is required on your system"
-+    echo "***"
-+          echo "*** If you have an old version installed, it is best to remove it, although"
-+          echo "*** you may also be able to get things to work by modifying LD_LIBRARY_PATH"
-+          echo "***"
-+          echo "*** If you have a RedHat 5.0 system, you should remove the GTK package that"
-+          echo "*** came with the system with the command"
-+          echo "***"
-+          echo "***    rpm --erase --nodeps gtk gtk-devel" ],
-+        [ echo "*** The test program failed to compile or link. See the file config.log for the"
-+          echo "*** exact error that occured. This usually means GTK was incorrectly installed"
-+          echo "*** or that you have moved GTK since it was installed. In the latter case, you"
-+          echo "*** may want to edit the gtk-config script: $GTK_CONFIG" ])
-+          CFLAGS="$ac_save_CFLAGS"
-+          LIBS="$ac_save_LIBS"
-+       fi
-+     fi
-+     GTK_CFLAGS=""
-+     GTK_LIBS=""
-+     ifelse([$3], , :, [$3])
-+  fi
-+  AC_SUBST(GTK_CFLAGS)
-+  AC_SUBST(GTK_LIBS)
-+  rm -f conf.gtktest
-+])

package/lame/0003-msse.patch

@@ -1,24 +0,0 @@
-Fix compile on 32bit Intel
-
-Downloaded from
-http://anonscm.debian.org/cgit/pkg-multimedia/lame.git/tree/debian/patches/msse.patch
-
-Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
-
-Description: Build xmm_quantize_sub.c with -msse
-Author: Sebastian Ramacher <sramacher@debian.org>
-Bug: http://sourceforge.net/p/lame/bugs/443/
-Bug-Debian: https://bugs.debian.org/760047
-Forwarded: http://sourceforge.net/p/lame/bugs/443/
-Last-Update: 2014-08-31
-
---- lame-3.99.5+repack1.orig/libmp3lame/vector/Makefile.am
-+++ lame-3.99.5+repack1/libmp3lame/vector/Makefile.am
-@@ -20,6 +20,7 @@ xmm_sources = xmm_quantize_sub.c
- 
- if WITH_XMM
- liblamevectorroutines_la_SOURCES = $(xmm_sources)
-+liblamevectorroutines_la_CFLAGS = -msse
- endif
- 
- noinst_HEADERS = lame_intrin.h

package/lame/lame.hash

@@ -1,2 +1,3 @@
 # Locally computed:
-sha256  24346b4158e4af3bd9f2e194bb23eb473c75fb7377011523353196b19b9a23ff  lame-3.99.5.tar.gz
+sha256  ddfe36cab873794038ae2c1210557ad34857a4b6bdc515785d1da9e175b1da1e  lame-3.100.tar.gz
+sha256  bfe4a52dc4645385f356a8e83cc54216a293e3b6f1cb4f79f5fc0277abf937fd  COPYING

package/lame/lame.mk

@@ -4,11 +4,9 @@
 #
 ################################################################################
 
-LAME_VERSION_MAJOR = 3.99
-LAME_VERSION = $(LAME_VERSION_MAJOR).5
-LAME_SITE = http://downloads.sourceforge.net/project/lame/lame/$(LAME_VERSION_MAJOR)
+LAME_VERSION = 3.100
+LAME_SITE = http://downloads.sourceforge.net/project/lame/lame/$(LAME_VERSION)
 LAME_DEPENDENCIES = host-pkgconf
-LAME_AUTORECONF = YES
 LAME_INSTALL_STAGING = YES
 LAME_CONF_ENV = GTK_CONFIG=/bin/false
 LAME_CONF_OPTS = --enable-dynamic-frontends

package/libarchive/0001-Do-something-sensible-for-empty-strings-to-make-fuzz.patch

@@ -0,0 +1,42 @@
+From fa7438a0ff4033e4741c807394a9af6207940d71 Mon Sep 17 00:00:00 2001
+From: Joerg Sonnenberger <joerg@bec.de>
+Date: Tue, 5 Sep 2017 18:12:19 +0200
+Subject: [PATCH] Do something sensible for empty strings to make fuzzers
+ happy.
+
+Signed-off-by: Baruch Siach <baruch@tkos.co.il>
+---
+Upstream status: commit fa7438a0ff
+
+ libarchive/archive_read_support_format_xar.c | 8 +++++++-
+ 1 file changed, 7 insertions(+), 1 deletion(-)
+
+diff --git a/libarchive/archive_read_support_format_xar.c b/libarchive/archive_read_support_format_xar.c
+index 7a22beb9d8e4..93eeacc5e6eb 100644
+--- a/libarchive/archive_read_support_format_xar.c
++++ b/libarchive/archive_read_support_format_xar.c
+@@ -1040,6 +1040,9 @@ atol10(const char *p, size_t char_cnt)
+ 	uint64_t l;
+ 	int digit;
+ 
++	if (char_cnt == 0)
++		return (0);
++
+ 	l = 0;
+ 	digit = *p - '0';
+ 	while (digit >= 0 && digit < 10  && char_cnt-- > 0) {
+@@ -1054,7 +1057,10 @@ atol8(const char *p, size_t char_cnt)
+ {
+ 	int64_t l;
+ 	int digit;
+-        
++
++	if (char_cnt == 0)
++		return (0);
++
+ 	l = 0;
+ 	while (char_cnt-- > 0) {
+ 		if (*p >= '0' && *p <= '7')
+-- 
+2.14.1
+

package/libarchive/libarchive.hash

@@ -1,2 +1,2 @@
 # Locally computed:
-sha256  72ee1a4e3fd534525f13a0ba1aa7b05b203d186e0c6072a8a4738649d0b3cfd2  libarchive-3.2.1.tar.gz
+sha256  ed2dbd6954792b2c054ccf8ec4b330a54b85904a80cef477a1c74643ddafa0ce  libarchive-3.3.2.tar.gz

package/libarchive/libarchive.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-LIBARCHIVE_VERSION = 3.2.1
+LIBARCHIVE_VERSION = 3.3.2
 LIBARCHIVE_SITE = http://www.libarchive.org/downloads
 LIBARCHIVE_INSTALL_STAGING = YES
 LIBARCHIVE_LICENSE = BSD-2-Clause, BSD-3-Clause

package/libcurl/0001-curl-system.h-support-more-architectures.patch

@@ -1,47 +0,0 @@
-From 7d84bd820ef412d251b643a4faced105668f4ebd Mon Sep 17 00:00:00 2001
-From: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
-Date: Fri, 11 Aug 2017 18:52:37 +0200
-Subject: [PATCH] curl/system.h: support more architectures
-
-The long list of architectures in include/curl/system.h is annoying to
-maintain, and needs to be extended for each and every architecture to
-support.
-
-Instead, let's rely on the __SIZEOF_LONG__ define of the gcc compiler
-(we are in the GNUC condition anyway), which tells us if long is 4
-bytes or 8 bytes.
-
-This fixes the build of libcurl 7.55.0 on architectures such as
-OpenRISC or ARC.
-
-Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
----
- include/curl/system.h | 5 +++--
- 1 file changed, 3 insertions(+), 2 deletions(-)
-
-diff --git a/include/curl/system.h b/include/curl/system.h
-index 79abf8f..0e13075 100644
---- a/include/curl/system.h
-+++ b/include/curl/system.h
-@@ -403,7 +403,7 @@
- #  if !defined(__LP64__) && (defined(__ILP32__) || \
-       defined(__i386__) || defined(__ppc__) || defined(__arm__) || \
-       defined(__sparc__) || defined(__mips__) || defined(__sh__) || \
--      defined(__XTENSA__))
-+      defined(__XTENSA__) || (defined(__SIZEOF_LONG__) && __SIZEOF_LONG__ == 4))
- #    define CURL_SIZEOF_LONG           4
- #    define CURL_TYPEOF_CURL_OFF_T     long long
- #    define CURL_FORMAT_CURL_OFF_T     "lld"
-@@ -412,7 +412,8 @@
- #    define CURL_SUFFIX_CURL_OFF_T     LL
- #    define CURL_SUFFIX_CURL_OFF_TU    ULL
- #  elif defined(__LP64__) || \
--        defined(__x86_64__) || defined(__ppc64__) || defined(__sparc64__)
-+        defined(__x86_64__) || defined(__ppc64__) || defined(__sparc64__) || \
-+        (defined(__SIZEOF_LONG__) && __SIZEOF_LONG__ == 8)
- #    define CURL_SIZEOF_LONG           8
- #    define CURL_TYPEOF_CURL_OFF_T     long
- #    define CURL_FORMAT_CURL_OFF_T     "ld"
--- 
-2.9.4
-

package/libcurl/libcurl.hash

@@ -1,3 +1,4 @@
 # Locally calculated after checking pgp signature
-# https://curl.haxx.se/download/curl-7.55.0.tar.xz.asc
-sha256 cdd58522f8607fd4e871df79d73acb3155075e2134641e5adab12a0962df059d  curl-7.55.0.tar.xz
+# https://curl.haxx.se/download/curl-7.56.1.tar.xz.asc
+sha256 8eed282cf3a0158d567a0feaa3c4619e8e847970597b5a2c81879e8f0d1a39d1  curl-7.56.1.tar.xz
+sha256 cbcf511f5702f7baf5424193a792bc9c18fab22bcbec2e6a587598389dc632c2  COPYING

package/libcurl/libcurl.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-LIBCURL_VERSION = 7.55.0
+LIBCURL_VERSION = 7.56.1
 LIBCURL_SOURCE = curl-$(LIBCURL_VERSION).tar.xz
 LIBCURL_SITE = https://curl.haxx.se/download
 LIBCURL_DEPENDENCIES = host-pkgconf \
@@ -22,6 +22,12 @@ LIBCURL_INSTALL_STAGING = YES
 LIBCURL_CONF_OPTS = --disable-manual --disable-ntlm-wb \
 	--enable-hidden-symbols --with-random=/dev/urandom --disable-curldebug
 
+ifeq ($(BR2_TOOLCHAIN_HAS_THREADS),y)
+LIBCURL_CONF_OPTS += --enable-threaded-resolver
+else
+LIBCURL_CONF_OPTS += --disable-threaded-resolver
+endif
+
 ifeq ($(BR2_PACKAGE_LIBCURL_VERBOSE),y)
 LIBCURL_CONF_OPTS += --enable-verbose
 else

package/libfastjson/libfastjson.mk

@@ -7,6 +7,7 @@
 LIBFASTJSON_VERSION = v0.99.4
 LIBFASTJSON_SITE = $(call github,rsyslog,libfastjson,$(LIBFASTJSON_VERSION))
 LIBFASTJSON_INSTALL_STAGING = YES
+LIBFASTJSON_CONF_ENV = ac_cv_prog_cc_c99='-std=gnu99'
 # From git
 LIBFASTJSON_AUTORECONF = YES
 LIBFASTJSON_LICENSE = MIT

package/libffi/0005-mips-use-__linux__-and-not-linux.patch

@@ -0,0 +1,37 @@
+From 1f43e5edfd91bee80e518432b80db01f1bf226e3 Mon Sep 17 00:00:00 2001
+From: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
+Date: Sun, 22 Oct 2017 15:02:11 +0200
+Subject: [PATCH] mips: use __linux__ and not linux
+
+The "linux" symbol is not POSIX compliant [1], and therefore not
+defined when building with -std=c99. Due to this, the linux
+conditional block doesn't get used on Linux when building Python 3.x
+(which is built with -std=c99). To fix this, we use the POSIX
+compliant __linux__ symbol, which is defined when -std=c99 is used.
+
+This fixes the build of Python 3.x on MIPS/musl configuration, as it
+makes sures that <asm/sgidefs.h> gets included and not <sgidefs.h>.
+
+[1] https://sourceforge.net/p/predef/wiki/OperatingSystems/
+
+Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
+---
+ src/mips/ffitarget.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/mips/ffitarget.h b/src/mips/ffitarget.h
+index 717d659..6faa358 100644
+--- a/src/mips/ffitarget.h
++++ b/src/mips/ffitarget.h
+@@ -32,7 +32,7 @@
+ #error "Please do not include ffitarget.h directly into your source.  Use ffi.h instead."
+ #endif
+ 
+-#ifdef linux
++#ifdef __linux__
+ # include <asm/sgidefs.h>
+ #elif defined(__rtems__)
+ /*
+-- 
+2.13.6
+

package/libglib2/libglib2.mk

@@ -10,6 +10,8 @@ LIBGLIB2_SOURCE = glib-$(LIBGLIB2_VERSION).tar.xz
 LIBGLIB2_SITE = http://ftp.gnome.org/pub/gnome/sources/glib/$(LIBGLIB2_VERSION_MAJOR)
 LIBGLIB2_LICENSE = LGPL-2.0+
 LIBGLIB2_LICENSE_FILES = COPYING
+# 0002-disable-tests.patch
+LIBGLIB2_AUTORECONF = YES
 
 LIBGLIB2_INSTALL_STAGING = YES
 LIBGLIB2_INSTALL_STAGING_OPTS = DESTDIR=$(STAGING_DIR) LDFLAGS=-L$(STAGING_DIR)/usr/lib install

package/libidn/0001-lib-punycode.c-decode_digit-Fix-integer-overflow.patch

@@ -0,0 +1,36 @@
+From e9e81b8063b095b02cf104bb992fa9bf9515b9d8 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Tim=20R=C3=BChsen?= <tim.ruehsen@gmx.de>
+Date: Fri, 1 Sep 2017 10:04:48 +0200
+Subject: [PATCH] lib/punycode.c (decode_digit): Fix integer overflow
+
+This fix is a backport from libidn2 and addresses
+CVE-2017-14062.
+
+Signed-off-by: Baruch Siach <baruch@tkos.co.il>
+---
+Upstream status: commit e9e81b8063b095
+
+ lib/punycode.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/lib/punycode.c b/lib/punycode.c
+index 86819a7deb85..49250a13e2cc 100644
+--- a/lib/punycode.c
++++ b/lib/punycode.c
+@@ -88,10 +88,10 @@ enum
+ /* point (for use in representing integers) in the range 0 to */
+ /* base-1, or base if cp does not represent a value.          */
+ 
+-static punycode_uint
+-decode_digit (punycode_uint cp)
++static unsigned
++decode_digit (int cp)
+ {
+-  return cp - 48 < 10 ? cp - 22 : cp - 65 < 26 ? cp - 65 :
++  return (unsigned) cp - 48 < 10 ? cp - 22 : cp - 65 < 26 ? cp - 65 :
+     cp - 97 < 26 ? cp - 97 : base;
+ }
+ 
+-- 
+2.14.1
+

package/libidn/0002-Update-intprops.h-for-gcc-7-compatibility.patch

@@ -0,0 +1,333 @@
+From bd705da12e244dda18474a54a2942591e5ef5148 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Tim=20R=C3=BChsen?= <tim.ruehsen@gmx.de>
+Date: Wed, 1 Feb 2017 10:44:36 +0100
+Subject: [PATCH] Update intprops.h for gcc-7 compatibility
+
+[Backport from upstream commit 230930b3bc3e431b819eb45420cb42475d83ca93.]
+Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
+---
+ gl/intprops.h          | 65 ++++++++++++++++++++++++++++++--------------------
+ lib/gltests/intprops.h | 65 ++++++++++++++++++++++++++++++--------------------
+ 2 files changed, 78 insertions(+), 52 deletions(-)
+
+diff --git a/gl/intprops.h b/gl/intprops.h
+index e1fce5c9..eb06b691 100644
+--- a/gl/intprops.h
++++ b/gl/intprops.h
+@@ -1,18 +1,18 @@
+ /* intprops.h -- properties of integer types
+ 
+-   Copyright (C) 2001-2016 Free Software Foundation, Inc.
++   Copyright (C) 2001-2017 Free Software Foundation, Inc.
+ 
+    This program is free software: you can redistribute it and/or modify it
+-   under the terms of the GNU General Public License as published
+-   by the Free Software Foundation; either version 3 of the License, or
++   under the terms of the GNU Lesser General Public License as published
++   by the Free Software Foundation; either version 2.1 of the License, or
+    (at your option) any later version.
+ 
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+-   GNU General Public License for more details.
++   GNU Lesser General Public License for more details.
+ 
+-   You should have received a copy of the GNU General Public License
++   You should have received a copy of the GNU Lesser General Public License
+    along with this program.  If not, see <http://www.gnu.org/licenses/>.  */
+ 
+ /* Written by Paul Eggert.  */
+@@ -47,12 +47,16 @@
+ 
+ /* Minimum and maximum values for integer types and expressions.  */
+ 
++/* The width in bits of the integer type or expression T.
++   Padding bits are not supported; this is checked at compile-time below.  */
++#define TYPE_WIDTH(t) (sizeof (t) * CHAR_BIT)
++
+ /* The maximum and minimum values for the integer type T.  */
+ #define TYPE_MINIMUM(t) ((t) ~ TYPE_MAXIMUM (t))
+ #define TYPE_MAXIMUM(t)                                                 \
+   ((t) (! TYPE_SIGNED (t)                                               \
+         ? (t) -1                                                        \
+-        : ((((t) 1 << (sizeof (t) * CHAR_BIT - 2)) - 1) * 2 + 1)))
++        : ((((t) 1 << (TYPE_WIDTH (t) - 2)) - 1) * 2 + 1)))
+ 
+ /* The maximum and minimum values for the type of the expression E,
+    after integer promotion.  E should not have side effects.  */
+@@ -65,7 +69,13 @@
+    ? _GL_SIGNED_INT_MAXIMUM (e)                                         \
+    : _GL_INT_NEGATE_CONVERT (e, 1))
+ #define _GL_SIGNED_INT_MAXIMUM(e)                                       \
+-  (((_GL_INT_CONVERT (e, 1) << (sizeof ((e) + 0) * CHAR_BIT - 2)) - 1) * 2 + 1)
++  (((_GL_INT_CONVERT (e, 1) << (TYPE_WIDTH ((e) + 0) - 2)) - 1) * 2 + 1)
++
++/* Work around OpenVMS incompatibility with C99.  */
++#if !defined LLONG_MAX && defined __INT64_MAX
++# define LLONG_MAX __INT64_MAX
++# define LLONG_MIN __INT64_MIN
++#endif
+ 
+ /* This include file assumes that signed types are two's complement without
+    padding bits; the above macros have undefined behavior otherwise.
+@@ -84,10 +94,15 @@ verify (TYPE_MAXIMUM (long int) == LONG_MAX);
+ verify (TYPE_MINIMUM (long long int) == LLONG_MIN);
+ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX);
+ #endif
++/* Similarly, sanity-check one ISO/IEC TS 18661-1:2014 macro if defined.  */
++#ifdef UINT_WIDTH
++verify (TYPE_WIDTH (unsigned int) == UINT_WIDTH);
++#endif
+ 
+ /* Does the __typeof__ keyword work?  This could be done by
+    'configure', but for now it's easier to do it by hand.  */
+-#if (2 <= __GNUC__ || defined __IBM__TYPEOF__ \
++#if (2 <= __GNUC__ \
++     || (1210 <= __IBMC__ && defined __IBM__TYPEOF__) \
+      || (0x5110 <= __SUNPRO_C && !__STDC__))
+ # define _GL_HAVE___TYPEOF__ 1
+ #else
+@@ -116,8 +131,7 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX);
+    signed, this macro may overestimate the true bound by one byte when
+    applied to unsigned types of size 2, 4, 16, ... bytes.  */
+ #define INT_STRLEN_BOUND(t)                                     \
+-  (INT_BITS_STRLEN_BOUND (sizeof (t) * CHAR_BIT                 \
+-                          - _GL_SIGNED_TYPE_OR_EXPR (t))        \
++  (INT_BITS_STRLEN_BOUND (TYPE_WIDTH (t) - _GL_SIGNED_TYPE_OR_EXPR (t)) \
+    + _GL_SIGNED_TYPE_OR_EXPR (t))
+ 
+ /* Bound on buffer size needed to represent an integer type or expression T,
+@@ -222,20 +236,23 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX);
+    ? (a) < (min) >> (b)                                 \
+    : (max) >> (b) < (a))
+ 
+-/* True if __builtin_add_overflow (A, B, P) works when P is null.  */
+-#define _GL_HAS_BUILTIN_OVERFLOW_WITH_NULL (7 <= __GNUC__)
++/* True if __builtin_add_overflow (A, B, P) works when P is non-null.  */
++#define _GL_HAS_BUILTIN_OVERFLOW (5 <= __GNUC__)
++
++/* True if __builtin_add_overflow_p (A, B, C) works.  */
++#define _GL_HAS_BUILTIN_OVERFLOW_P (7 <= __GNUC__)
+ 
+ /* The _GL*_OVERFLOW macros have the same restrictions as the
+    *_RANGE_OVERFLOW macros, except that they do not assume that operands
+    (e.g., A and B) have the same type as MIN and MAX.  Instead, they assume
+    that the result (e.g., A + B) has that type.  */
+-#if _GL_HAS_BUILTIN_OVERFLOW_WITH_NULL
+-# define _GL_ADD_OVERFLOW(a, b, min, max)
+-   __builtin_add_overflow (a, b, (__typeof__ ((a) + (b)) *) 0)
+-# define _GL_SUBTRACT_OVERFLOW(a, b, min, max)
+-   __builtin_sub_overflow (a, b, (__typeof__ ((a) - (b)) *) 0)
+-# define _GL_MULTIPLY_OVERFLOW(a, b, min, max)
+-   __builtin_mul_overflow (a, b, (__typeof__ ((a) * (b)) *) 0)
++#if _GL_HAS_BUILTIN_OVERFLOW_P
++# define _GL_ADD_OVERFLOW(a, b, min, max)                               \
++   __builtin_add_overflow_p (a, b, (__typeof__ ((a) + (b))) 0)
++# define _GL_SUBTRACT_OVERFLOW(a, b, min, max)                          \
++   __builtin_sub_overflow_p (a, b, (__typeof__ ((a) - (b))) 0)
++# define _GL_MULTIPLY_OVERFLOW(a, b, min, max)                          \
++   __builtin_mul_overflow_p (a, b, (__typeof__ ((a) * (b))) 0)
+ #else
+ # define _GL_ADD_OVERFLOW(a, b, min, max)                                \
+    ((min) < 0 ? INT_ADD_RANGE_OVERFLOW (a, b, min, max)                  \
+@@ -315,7 +332,7 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX);
+   _GL_BINARY_OP_OVERFLOW (a, b, _GL_ADD_OVERFLOW)
+ #define INT_SUBTRACT_OVERFLOW(a, b) \
+   _GL_BINARY_OP_OVERFLOW (a, b, _GL_SUBTRACT_OVERFLOW)
+-#if _GL_HAS_BUILTIN_OVERFLOW_WITH_NULL
++#if _GL_HAS_BUILTIN_OVERFLOW_P
+ # define INT_NEGATE_OVERFLOW(a) INT_SUBTRACT_OVERFLOW (0, a)
+ #else
+ # define INT_NEGATE_OVERFLOW(a) \
+@@ -349,10 +366,6 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX);
+ #define INT_MULTIPLY_WRAPV(a, b, r) \
+   _GL_INT_OP_WRAPV (a, b, r, *, __builtin_mul_overflow, INT_MULTIPLY_OVERFLOW)
+ 
+-#ifndef __has_builtin
+-# define __has_builtin(x) 0
+-#endif
+-
+ /* Nonzero if this compiler has GCC bug 68193 or Clang bug 25390.  See:
+    https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68193
+    https://llvm.org/bugs/show_bug.cgi?id=25390
+@@ -369,7 +382,7 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX);
+    the operation.  BUILTIN is the builtin operation, and OVERFLOW the
+    overflow predicate.  Return 1 if the result overflows.  See above
+    for restrictions.  */
+-#if 5 <= __GNUC__ || __has_builtin (__builtin_add_overflow)
++#if _GL_HAS_BUILTIN_OVERFLOW
+ # define _GL_INT_OP_WRAPV(a, b, r, op, builtin, overflow) builtin (a, b, r)
+ #elif 201112 <= __STDC_VERSION__ && !_GL__GENERIC_BOGUS
+ # define _GL_INT_OP_WRAPV(a, b, r, op, builtin, overflow) \
+@@ -412,7 +425,7 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX);
+ # else
+ #  define _GL_INT_OP_WRAPV_LONGISH(a, b, r, op, overflow) \
+     _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned long int, \
+-                     long int, LONG_MIN, LONG_MAX))
++                     long int, LONG_MIN, LONG_MAX)
+ # endif
+ #endif
+ 
+diff --git a/lib/gltests/intprops.h b/lib/gltests/intprops.h
+index e1fce5c9..eb06b691 100644
+--- a/lib/gltests/intprops.h
++++ b/lib/gltests/intprops.h
+@@ -1,18 +1,18 @@
+ /* intprops.h -- properties of integer types
+ 
+-   Copyright (C) 2001-2016 Free Software Foundation, Inc.
++   Copyright (C) 2001-2017 Free Software Foundation, Inc.
+ 
+    This program is free software: you can redistribute it and/or modify it
+-   under the terms of the GNU General Public License as published
+-   by the Free Software Foundation; either version 3 of the License, or
++   under the terms of the GNU Lesser General Public License as published
++   by the Free Software Foundation; either version 2.1 of the License, or
+    (at your option) any later version.
+ 
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+-   GNU General Public License for more details.
++   GNU Lesser General Public License for more details.
+ 
+-   You should have received a copy of the GNU General Public License
++   You should have received a copy of the GNU Lesser General Public License
+    along with this program.  If not, see <http://www.gnu.org/licenses/>.  */
+ 
+ /* Written by Paul Eggert.  */
+@@ -47,12 +47,16 @@
+ 
+ /* Minimum and maximum values for integer types and expressions.  */
+ 
++/* The width in bits of the integer type or expression T.
++   Padding bits are not supported; this is checked at compile-time below.  */
++#define TYPE_WIDTH(t) (sizeof (t) * CHAR_BIT)
++
+ /* The maximum and minimum values for the integer type T.  */
+ #define TYPE_MINIMUM(t) ((t) ~ TYPE_MAXIMUM (t))
+ #define TYPE_MAXIMUM(t)                                                 \
+   ((t) (! TYPE_SIGNED (t)                                               \
+         ? (t) -1                                                        \
+-        : ((((t) 1 << (sizeof (t) * CHAR_BIT - 2)) - 1) * 2 + 1)))
++        : ((((t) 1 << (TYPE_WIDTH (t) - 2)) - 1) * 2 + 1)))
+ 
+ /* The maximum and minimum values for the type of the expression E,
+    after integer promotion.  E should not have side effects.  */
+@@ -65,7 +69,13 @@
+    ? _GL_SIGNED_INT_MAXIMUM (e)                                         \
+    : _GL_INT_NEGATE_CONVERT (e, 1))
+ #define _GL_SIGNED_INT_MAXIMUM(e)                                       \
+-  (((_GL_INT_CONVERT (e, 1) << (sizeof ((e) + 0) * CHAR_BIT - 2)) - 1) * 2 + 1)
++  (((_GL_INT_CONVERT (e, 1) << (TYPE_WIDTH ((e) + 0) - 2)) - 1) * 2 + 1)
++
++/* Work around OpenVMS incompatibility with C99.  */
++#if !defined LLONG_MAX && defined __INT64_MAX
++# define LLONG_MAX __INT64_MAX
++# define LLONG_MIN __INT64_MIN
++#endif
+ 
+ /* This include file assumes that signed types are two's complement without
+    padding bits; the above macros have undefined behavior otherwise.
+@@ -84,10 +94,15 @@ verify (TYPE_MAXIMUM (long int) == LONG_MAX);
+ verify (TYPE_MINIMUM (long long int) == LLONG_MIN);
+ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX);
+ #endif
++/* Similarly, sanity-check one ISO/IEC TS 18661-1:2014 macro if defined.  */
++#ifdef UINT_WIDTH
++verify (TYPE_WIDTH (unsigned int) == UINT_WIDTH);
++#endif
+ 
+ /* Does the __typeof__ keyword work?  This could be done by
+    'configure', but for now it's easier to do it by hand.  */
+-#if (2 <= __GNUC__ || defined __IBM__TYPEOF__ \
++#if (2 <= __GNUC__ \
++     || (1210 <= __IBMC__ && defined __IBM__TYPEOF__) \
+      || (0x5110 <= __SUNPRO_C && !__STDC__))
+ # define _GL_HAVE___TYPEOF__ 1
+ #else
+@@ -116,8 +131,7 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX);
+    signed, this macro may overestimate the true bound by one byte when
+    applied to unsigned types of size 2, 4, 16, ... bytes.  */
+ #define INT_STRLEN_BOUND(t)                                     \
+-  (INT_BITS_STRLEN_BOUND (sizeof (t) * CHAR_BIT                 \
+-                          - _GL_SIGNED_TYPE_OR_EXPR (t))        \
++  (INT_BITS_STRLEN_BOUND (TYPE_WIDTH (t) - _GL_SIGNED_TYPE_OR_EXPR (t)) \
+    + _GL_SIGNED_TYPE_OR_EXPR (t))
+ 
+ /* Bound on buffer size needed to represent an integer type or expression T,
+@@ -222,20 +236,23 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX);
+    ? (a) < (min) >> (b)                                 \
+    : (max) >> (b) < (a))
+ 
+-/* True if __builtin_add_overflow (A, B, P) works when P is null.  */
+-#define _GL_HAS_BUILTIN_OVERFLOW_WITH_NULL (7 <= __GNUC__)
++/* True if __builtin_add_overflow (A, B, P) works when P is non-null.  */
++#define _GL_HAS_BUILTIN_OVERFLOW (5 <= __GNUC__)
++
++/* True if __builtin_add_overflow_p (A, B, C) works.  */
++#define _GL_HAS_BUILTIN_OVERFLOW_P (7 <= __GNUC__)
+ 
+ /* The _GL*_OVERFLOW macros have the same restrictions as the
+    *_RANGE_OVERFLOW macros, except that they do not assume that operands
+    (e.g., A and B) have the same type as MIN and MAX.  Instead, they assume
+    that the result (e.g., A + B) has that type.  */
+-#if _GL_HAS_BUILTIN_OVERFLOW_WITH_NULL
+-# define _GL_ADD_OVERFLOW(a, b, min, max)
+-   __builtin_add_overflow (a, b, (__typeof__ ((a) + (b)) *) 0)
+-# define _GL_SUBTRACT_OVERFLOW(a, b, min, max)
+-   __builtin_sub_overflow (a, b, (__typeof__ ((a) - (b)) *) 0)
+-# define _GL_MULTIPLY_OVERFLOW(a, b, min, max)
+-   __builtin_mul_overflow (a, b, (__typeof__ ((a) * (b)) *) 0)
++#if _GL_HAS_BUILTIN_OVERFLOW_P
++# define _GL_ADD_OVERFLOW(a, b, min, max)                               \
++   __builtin_add_overflow_p (a, b, (__typeof__ ((a) + (b))) 0)
++# define _GL_SUBTRACT_OVERFLOW(a, b, min, max)                          \
++   __builtin_sub_overflow_p (a, b, (__typeof__ ((a) - (b))) 0)
++# define _GL_MULTIPLY_OVERFLOW(a, b, min, max)                          \
++   __builtin_mul_overflow_p (a, b, (__typeof__ ((a) * (b))) 0)
+ #else
+ # define _GL_ADD_OVERFLOW(a, b, min, max)                                \
+    ((min) < 0 ? INT_ADD_RANGE_OVERFLOW (a, b, min, max)                  \
+@@ -315,7 +332,7 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX);
+   _GL_BINARY_OP_OVERFLOW (a, b, _GL_ADD_OVERFLOW)
+ #define INT_SUBTRACT_OVERFLOW(a, b) \
+   _GL_BINARY_OP_OVERFLOW (a, b, _GL_SUBTRACT_OVERFLOW)
+-#if _GL_HAS_BUILTIN_OVERFLOW_WITH_NULL
++#if _GL_HAS_BUILTIN_OVERFLOW_P
+ # define INT_NEGATE_OVERFLOW(a) INT_SUBTRACT_OVERFLOW (0, a)
+ #else
+ # define INT_NEGATE_OVERFLOW(a) \
+@@ -349,10 +366,6 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX);
+ #define INT_MULTIPLY_WRAPV(a, b, r) \
+   _GL_INT_OP_WRAPV (a, b, r, *, __builtin_mul_overflow, INT_MULTIPLY_OVERFLOW)
+ 
+-#ifndef __has_builtin
+-# define __has_builtin(x) 0
+-#endif
+-
+ /* Nonzero if this compiler has GCC bug 68193 or Clang bug 25390.  See:
+    https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68193
+    https://llvm.org/bugs/show_bug.cgi?id=25390
+@@ -369,7 +382,7 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX);
+    the operation.  BUILTIN is the builtin operation, and OVERFLOW the
+    overflow predicate.  Return 1 if the result overflows.  See above
+    for restrictions.  */
+-#if 5 <= __GNUC__ || __has_builtin (__builtin_add_overflow)
++#if _GL_HAS_BUILTIN_OVERFLOW
+ # define _GL_INT_OP_WRAPV(a, b, r, op, builtin, overflow) builtin (a, b, r)
+ #elif 201112 <= __STDC_VERSION__ && !_GL__GENERIC_BOGUS
+ # define _GL_INT_OP_WRAPV(a, b, r, op, builtin, overflow) \
+@@ -412,7 +425,7 @@ verify (TYPE_MAXIMUM (long long int) == LLONG_MAX);
+ # else
+ #  define _GL_INT_OP_WRAPV_LONGISH(a, b, r, op, overflow) \
+     _GL_INT_OP_CALC (a, b, r, op, overflow, unsigned long int, \
+-                     long int, LONG_MIN, LONG_MAX))
++                     long int, LONG_MIN, LONG_MAX)
+ # endif
+ #endif
+ 
+-- 
+2.13.6
+

package/libidn/libidn.mk

@@ -7,11 +7,13 @@
 LIBIDN_VERSION = 1.33
 LIBIDN_SITE = $(BR2_GNU_MIRROR)/libidn
 LIBIDN_INSTALL_STAGING = YES
-LIBIDN_CONF_ENV = EMACS="no"
+LIBIDN_CONF_ENV = EMACS="no" MAKEINFO=true
 LIBIDN_CONF_OPTS = --disable-java --enable-csharp=no
 LIBIDN_DEPENDENCIES = host-pkgconf $(TARGET_NLS_DEPENDENCIES) $(if $(BR2_PACKAGE_LIBICONV),libiconv)
 LIBIDN_LICENSE = GPL-2.0+, GPL-3.0+, LGPL-3.0+
 LIBIDN_LICENSE_FILES = COPYINGv2 COPYINGv3 COPYING.LESSERv3
+# lib/punycode.c patch triggers reconf in doc/
+LIBIDN_AUTORECONF = YES
 
 define LIBIDN_REMOVE_BINARY
 	rm -f $(TARGET_DIR)/usr/bin/idn

package/libmbim/Config.in

@@ -2,6 +2,7 @@ config BR2_PACKAGE_LIBMBIM
 	bool "libmbim"
 	depends on BR2_USE_WCHAR # libglib2
 	depends on BR2_TOOLCHAIN_HAS_THREADS # libglib2
+	depends on BR2_USE_MMU # libglib2
 	depends on BR2_PACKAGE_HAS_UDEV
 	select BR2_PACKAGE_LIBGUDEV
 	select BR2_PACKAGE_LIBGLIB2
@@ -13,5 +14,6 @@ config BR2_PACKAGE_LIBMBIM
 	  http://www.freedesktop.org/wiki/Software/libmbim/
 
 comment "libmbim needs udev /dev management and a toolchain w/ wchar, threads"
+	depends on BR2_USE_MMU
 	depends on !BR2_USE_WCHAR || !BR2_TOOLCHAIN_HAS_THREADS || \
 		!BR2_PACKAGE_HAS_UDEV

package/libnspr/libnspr.hash

@@ -1,2 +1,4 @@
-# From https://ftp.mozilla.org/pub/nspr/releases/v4.15/src/SHA256SUMS
-sha256	27dde06bc3d0c88903a20d6ad807361a912cfb624ca0ab4efb10fc50b19e2d80	nspr-4.15.tar.gz
+# From https://ftp.mozilla.org/pub/nspr/releases/v4.17/src/SHA256SUMS
+sha256	590a0aea29412ae22d7728038c21ef2ab42646e48172a47d2e4bb782846d1095  nspr-4.17.tar.gz
+# Locally calculated
+sha256	fab3dd6bdab226f1c08630b1dd917e11fcb4ec5e1e020e2c16f83a0a13863e85  nspr/LICENSE

package/libnspr/libnspr.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-LIBNSPR_VERSION = 4.15
+LIBNSPR_VERSION = 4.17
 LIBNSPR_SOURCE = nspr-$(LIBNSPR_VERSION).tar.gz
 LIBNSPR_SITE = https://ftp.mozilla.org/pub/mozilla.org/nspr/releases/v$(LIBNSPR_VERSION)/src
 LIBNSPR_SUBDIR = nspr

package/libnss/libnss.hash

@@ -1,2 +1,4 @@
-# From https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_31_RTM/src/SHA256SUMS
-sha256	e90561256a3271486162c1fbe8d614d118c333d36a4455be2af8688bd420a65d	nss-3.31.tar.gz
+# From https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_33_RTM/src/SHA256SUMS
+sha256	98f0dabd36408e83dd3a11727336cc3cdfee4cbdd9aede2b2831eb2389c284e4  nss-3.33.tar.gz
+# Locally calculated
+sha256	a20c1a32d1f8102432360b42e932869f7c11c7cdbacf9cac554c422132af47f4  nss/COPYING

package/libnss/libnss.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-LIBNSS_VERSION = 3.31
+LIBNSS_VERSION = 3.33
 LIBNSS_SOURCE = nss-$(LIBNSS_VERSION).tar.gz
 LIBNSS_SITE = https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_$(subst .,_,$(LIBNSS_VERSION))_RTM/src
 LIBNSS_DISTDIR = dist

package/libpjsip/0001-Fixed-possible-function-name-clash.patch

@@ -0,0 +1,26 @@
+Re #2059 (misc): Fixed possible function name clash with md5 due to non-static function.
+
+Backported from: https://trac.pjsip.org/repos/changeset/5688
+Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
+
+Index: pjlib-util/src/pjlib-util/md5.c
+===================================================================
+diff --git a/pjproject/pjlib-util/src/pjlib-util/md5.c b/pjproject/pjlib-util/src/pjlib-util/md5.c
+--- a/pjlib-util/src/pjlib-util/md5.c	(revision 5687)
++++ b/pjlib-util/src/pjlib-util/md5.c	(revision 5688)
+@@ -29,13 +29,13 @@
+ #ifndef HIGHFIRST
+ #define byteReverse(buf, len)	/* Nothing */
+ #else
+-void byteReverse(unsigned char *buf, unsigned longs);
++static void byteReverse(unsigned char *buf, unsigned longs);
+ 
+ #ifndef ASM_MD5
+ /*
+  * Note: this code is harmless on little-endian machines.
+  */
+-void byteReverse(unsigned char *buf, unsigned longs)
++static void byteReverse(unsigned char *buf, unsigned longs)
+ {
+     pj_uint32_t t;
+     do {