Update for 2018.05.2

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

.gitlab-ci.yml

@@ -258,6 +258,7 @@ zynq_zybo_defconfig: *defconfig
 tests.boot.test_atf.TestATFAllwinner: *runtime_test
 tests.boot.test_atf.TestATFMarvell: *runtime_test
 tests.boot.test_atf.TestATFVexpress: *runtime_test
+tests.core.test_file_capabilities.TestFileCapabilities: *runtime_test
 tests.core.test_post_scripts.TestPostScripts: *runtime_test
 tests.core.test_rootfs_overlay.TestRootfsOverlay: *runtime_test
 tests.core.test_timezone.TestGlibcAllTimezone: *runtime_test

CHANGES

@@ -1,3 +1,61 @@
+2018.05.2, Released August 28th, 2018
+
+	Important / security related fixes.
+
+	Defconfigs: Raspberrypi2: Bump rootfs size, T7680: Fix
+	genimage.cfg issue, ARM Juno: Bump ATF to v1.3 to fix build
+	issue.
+
+	Updated/fixed packages: acl, attr, apache, bind,
+	boot-wrapper-aarch64, brltty, bzip2, chrony, crda, cryptsetup,
+	dahdi-tools, dmidecode, dropbear, eigen, ffmpeg, gawk, gcc,
+	ghostscript, gnutls, imx-gpu-viv, ipsec-tools, libarchive,
+	libfuse, libglib2, libopenssl, libselinux, libsoup, lighttpd,
+	linuxptp, lttng-modules, lttng-tools, lua-flu, lvm2, m4,
+	makedevs, mariadb, mbedtls, mesa3d-heders, mtd, ncurses,
+	nodejs, openssh, php, python-django, rauc, ruby, samba4,
+	stress-ng, ti-utils, uboot-tools, uclibc, vim, waylandpp,
+	wireless_tools, wireless-regdb, wireshark, wpa_supplicant,
+	xorriso, znc
+
+	Issues resolved (http://bugs.uclibc.org):
+
+	#10781: cryptsetup luksOpen container_file container causes..
+	#10986: Installing package attr when already supplied by..
+	#11191: xattr and check-package issue
+
+2018.05.1, Released July 20th, 2018
+
+	Important / security related fixes.
+
+	U-Boot: Ensure host version of ncurses is picked up and not
+	host-ncurses built by buildroot, as that otherwise causes
+	widechar/non-widechar conflicts and corrupted menuconfig
+	menus.
+
+	Linux: Enable CONFIG_PERF_EVENTS when perf is enabled.
+
+	Toolchain: ARC tools updated to arc-2018.03.
+
+	pkg-stats: Fix python 3.x compatibility.
+
+	dl-wrapper: Fix support for URIs containing '+', fix
+	no-check-hash for inferred site method.
+
+	Defconfigs: Raspberrypi3: Bump rootfs size, Minnowboard-max:
+	Support ethernet on Turbot variant.
+
+	Updated/fixed packages: audit, bind, btrfs-progs, cifs-utils,
+	clamav, collectd, coreutils, docker-containerd, dos2unix,
+	edid-decode, file, gcc, gdb, gnupg, gnupg2, heimdal, hidapi,
+	imagemagick, libcurl, libgcrypt, libglib2, liblogging,
+	libostree, libressl, libsoup, libv4l, libvncserver, libvorbis,
+	libwebsockets, libxslt, lm-sensors, mariadb, mpg123, ncurses,
+	network-manager, nodejs, patchelf, perl, php-amqp, pinentry,
+	pixiewps, qpdf, qt53d, qt5base, qt5charts, qt5script, redis,
+	systemd, triggerhappy, uboot, wireguard, wireless-regdb,
+	wireshark
+
 2018.05, Released June 1st, 2018
 
 	Minor fixes.

Makefile

@@ -87,9 +87,9 @@ all:
 .PHONY: all
 
 # Set and export the version string
-export BR2_VERSION := 2018.05
+export BR2_VERSION := 2018.05.2
 # Actual time the release is cut (for reproducible builds)
-BR2_VERSION_EPOCH = 1527884000
+BR2_VERSION_EPOCH = 1535466000
 
 # Save running make version since it's clobbered by the make package
 RUNNING_MAKE_VERSION := $(MAKE_VERSION)
@@ -1020,8 +1020,8 @@ help:
 	@echo '  silentoldconfig        - Same as oldconfig, but quietly, additionally update deps'
 	@echo '  olddefconfig           - Same as silentoldconfig but sets new symbols to their default value'
 	@echo '  randconfig             - New config with random answer to all options'
-	@echo '  defconfig              - New config with default answer to all options'
-	@echo '                             BR2_DEFCONFIG, if set, is used as input'
+	@echo '  defconfig              - New config with default answer to all options;'
+	@echo '                             BR2_DEFCONFIG, if set on the command line, is used as input'
 	@echo '  savedefconfig          - Save current config to BR2_DEFCONFIG (minimal config)'
 	@echo '  allyesconfig           - New config where all options are accepted with yes'
 	@echo '  allnoconfig            - New config where all options are answered with no'

board/minnowboard/linux.config

@@ -21,6 +21,7 @@ CONFIG_SATA_AHCI=y
 CONFIG_ATA_PIIX=y
 CONFIG_NETDEVICES=y
 CONFIG_R8169=y
+CONFIG_IGB=y
 CONFIG_INPUT_EVDEV=y
 CONFIG_SERIAL_8250=y
 CONFIG_SERIAL_8250_CONSOLE=y

board/technologic/ts7680/genimage.cfg

@@ -3,7 +3,7 @@ image sdcard.img {
 	}
 
 	partition unused {
-		size =  512B
+		size =  512
 	}
 
 	partition rootfs {

boot/boot-wrapper-aarch64/boot-wrapper-aarch64.mk

@@ -6,7 +6,7 @@
 
 BOOT_WRAPPER_AARCH64_VERSION = 4266507a84f8c06452109d38e0350d4759740694
 BOOT_WRAPPER_AARCH64_SITE = git://git.kernel.org/pub/scm/linux/kernel/git/mark/boot-wrapper-aarch64.git
-BOOT_WRAPPER_AARCH64_LICENSE = BSD3c
+BOOT_WRAPPER_AARCH64_LICENSE = BSD-3-Clause
 BOOT_WRAPPER_AARCH64_LICENSE_FILES = LICENSE.txt
 BOOT_WRAPPER_AARCH64_DEPENDENCIES = linux
 BOOT_WRAPPER_AARCH64_INSTALL_IMAGES = YES

boot/uboot/uboot.mk

@@ -211,7 +211,15 @@ endif # BR2_TARGET_UBOOT_USE_DEFCONFIG
 
 UBOOT_KCONFIG_FRAGMENT_FILES = $(call qstrip,$(BR2_TARGET_UBOOT_CONFIG_FRAGMENT_FILES))
 UBOOT_KCONFIG_EDITORS = menuconfig xconfig gconfig nconfig
-UBOOT_KCONFIG_OPTS = $(UBOOT_MAKE_OPTS)
+
+# UBOOT_MAKE_OPTS overrides HOSTCC / HOSTLDFLAGS to allow the build to
+# find our host-openssl. However, this triggers a bug in the kconfig
+# build script that causes it to build with /usr/include/ncurses.h
+# (which is typically wchar) but link with
+# $(HOST_DIR)/lib/libncurses.so (which is not).  We don't actually
+# need any host-package for kconfig, so remove the HOSTCC/HOSTLDFLAGS
+# override again.
+UBOOT_KCONFIG_OPTS = $(UBOOT_MAKE_OPTS) HOSTCC="$(HOSTCC)" HOSTLDFLAGS=""
 define UBOOT_HELP_CMDS
 	@echo '  uboot-menuconfig       - Run U-Boot menuconfig'
 	@echo '  uboot-savedefconfig    - Run U-Boot savedefconfig'

configs/arm_juno_defconfig

@@ -12,7 +12,7 @@ BR2_LINUX_KERNEL_INTREE_DTS_NAME="arm/juno arm/juno-r1 arm/juno-r2"
 BR2_TARGET_ARM_TRUSTED_FIRMWARE=y
 BR2_TARGET_ARM_TRUSTED_FIRMWARE_CUSTOM_GIT=y
 BR2_TARGET_ARM_TRUSTED_FIRMWARE_CUSTOM_REPO_URL="https://github.com/ARM-software/arm-trusted-firmware.git"
-BR2_TARGET_ARM_TRUSTED_FIRMWARE_CUSTOM_REPO_VERSION="v1.2"
+BR2_TARGET_ARM_TRUSTED_FIRMWARE_CUSTOM_REPO_VERSION="v1.3"
 BR2_TARGET_ARM_TRUSTED_FIRMWARE_PLATFORM="juno"
 BR2_TARGET_ARM_TRUSTED_FIRMWARE_FIP=y
 BR2_TARGET_ARM_TRUSTED_FIRMWARE_UBOOT_AS_BL33=y

configs/raspberrypi2_defconfig

@@ -30,6 +30,7 @@ BR2_PACKAGE_HOST_MTOOLS=y
 # Filesystem / image
 BR2_TARGET_ROOTFS_EXT2=y
 BR2_TARGET_ROOTFS_EXT2_4=y
+BR2_TARGET_ROOTFS_EXT2_SIZE="120M"
 # BR2_TARGET_ROOTFS_TAR is not set
 BR2_ROOTFS_POST_BUILD_SCRIPT="board/raspberrypi2/post-build.sh"
 BR2_ROOTFS_POST_IMAGE_SCRIPT="board/raspberrypi2/post-image.sh"

configs/raspberrypi3_defconfig

@@ -28,6 +28,7 @@ BR2_PACKAGE_HOST_MTOOLS=y
 # Filesystem / image
 BR2_TARGET_ROOTFS_EXT2=y
 BR2_TARGET_ROOTFS_EXT2_4=y
+BR2_TARGET_ROOTFS_EXT2_SIZE="120M"
 # BR2_TARGET_ROOTFS_TAR is not set
 BR2_ROOTFS_POST_BUILD_SCRIPT="board/raspberrypi3/post-build.sh"
 BR2_ROOTFS_POST_IMAGE_SCRIPT="board/raspberrypi3/post-image.sh"

configs/snps_archs38_hsdk_defconfig

@@ -13,7 +13,7 @@ BR2_SYSTEM_DHCP="eth0"
 # Kernel
 BR2_LINUX_KERNEL=y
 BR2_LINUX_KERNEL_CUSTOM_VERSION=y
-BR2_LINUX_KERNEL_CUSTOM_VERSION_VALUE="4.14.4"
+BR2_LINUX_KERNEL_CUSTOM_VERSION_VALUE="4.14.47"
 BR2_LINUX_KERNEL_DEFCONFIG="hsdk"
 BR2_LINUX_KERNEL_CONFIG_FRAGMENT_FILES="board/synopsys/hsdk/linux.fragment"
 

docs/manual/adding-packages-generic.txt

@@ -200,11 +200,24 @@ information is (assuming the package name is +libfoo+) :
   package. Note that if +HOST_LIBFOO_VERSION+ doesn't exist, it is
   assumed to be the same as +LIBFOO_VERSION+. It can also be a
   revision number or a tag for packages that are fetched directly
-  from their version control system. Do not use a branch name as
-  version; it does not work. Examples:
+  from their version control system. Examples:
   ** a version for a release tarball: +LIBFOO_VERSION = 0.1.2+
   ** a sha1 for a git tree: +LIBFOO_VERSION = cb9d6aa9429e838f0e54faa3d455bcbab5eef057+
   ** a tag for a git tree +LIBFOO_VERSION = v0.1.2+
++
+.Note:
+Using a branch name as +FOO_VERSION+ is not supported, because it does
+not and can not work as people would expect it should:
++
+  1. due to local caching, Buildroot will not re-fetch the repository,
+     so people who expect to be able to follow the remote repository
+     would be quite surprised and disappointed;
+  2. because two builds can never be perfectly simultaneous, and because
+     the remote repository may get new commits on the branch anytime,
+     two users, using the same Buildroot tree and building the same
+     configuration, may get different source, thus rendering the build
+     non reproducible, and people would be quite surprised and
+     disappointed.
 
 * +LIBFOO_SOURCE+ may contain the name of the tarball of the package,
   which Buildroot will use to download the tarball from

docs/manual/adding-packages-perl.txt

@@ -46,7 +46,7 @@ built.
 
 Most of these data can be retrieved from https://metacpan.org/.
 So, this file and the Config.in can be generated by running
-the script +supports/scripts/scancpan Foo-Bar+ in the Buildroot directory
+the script +utils/scancpan Foo-Bar+ in the Buildroot directory
 (or in a br2-external tree).
 This script creates a Config.in file and foo-bar.mk file for the
 requested package, and also recursively for all dependencies specified by

docs/manual/prerequisite.txt

@@ -23,8 +23,8 @@ between distributions).
 ** +make+ (version 3.81 or any later)
 ** +binutils+
 ** +build-essential+ (only for Debian based systems)
-** +gcc+ (version 2.95 or any later)
-** `g++` (version 2.95 or any later)
+** +gcc+ (version 4.4 or any later)
+** `g++` (version 4.4 or any later)
 ** +bash+
 ** +patch+
 ** +gzip+

linux/Config.in

@@ -33,7 +33,7 @@ config BR2_LINUX_KERNEL_LATEST_VERSION
 	bool "Latest version (4.16)"
 
 config BR2_LINUX_KERNEL_LATEST_CIP_VERSION
-	bool "Latest CIP SLTS version (v4.4.130-cip23)"
+	bool "Latest CIP SLTS version (v4.4.138-cip25)"
 	help
 	  CIP launched in the spring of 2016 to address the needs of
 	  organizations in industries such as power generation and
@@ -121,7 +121,7 @@ endif
 config BR2_LINUX_KERNEL_VERSION
 	string
 	default "4.16.13" if BR2_LINUX_KERNEL_LATEST_VERSION
-	default "v4.4.130-cip23" if BR2_LINUX_KERNEL_LATEST_CIP_VERSION
+	default "v4.4.138-cip25" if BR2_LINUX_KERNEL_LATEST_CIP_VERSION
 	default BR2_LINUX_KERNEL_CUSTOM_VERSION_VALUE \
 		if BR2_LINUX_KERNEL_CUSTOM_VERSION
 	default "custom" if BR2_LINUX_KERNEL_CUSTOM_TARBALL

linux/linux.mk

@@ -292,6 +292,8 @@ define LINUX_KCONFIG_FIXUP_CMDS
 		$(call KCONFIG_ENABLE_OPT,CONFIG_ENABLE_DEFAULT_TRACERS,$(@D)/.config)
 		$(call KCONFIG_ENABLE_OPT,CONFIG_PERF_EVENTS,$(@D)/.config)
 		$(call KCONFIG_ENABLE_OPT,CONFIG_FUNCTION_TRACER,$(@D)/.config))
+	$(if $(BR2_PACKAGE_LINUX_TOOLS_PERF),
+		$(call KCONFIG_ENABLE_OPT,CONFIG_PERF_EVENTS,$(@D)/.config))
 	$(if $(BR2_PACKAGE_SYSTEMD),
 		$(call KCONFIG_ENABLE_OPT,CONFIG_CGROUPS,$(@D)/.config)
 		$(call KCONFIG_ENABLE_OPT,CONFIG_INOTIFY_USER,$(@D)/.config)

package/Makefile.in

@@ -239,7 +239,7 @@ HOST_LDFLAGS  += -L$(HOST_DIR)/lib -Wl,-rpath,$(HOST_DIR)/lib
 # Exit code chooses option. "$$TMP" is can be used as temporary file and
 # is automatically cleaned up.
 try-run = $(shell set -e;               \
-	TMP="$$(tempfile)";             \
+	TMP="$$(mktemp)";               \
 	if ($(1)) >/dev/null 2>&1;      \
 	then echo "$(2)";               \
 	else echo "$(3)";               \

package/acl/0001-Build-with-old-GCC-versions.patch

@@ -0,0 +1,32 @@
+From a42519dceef0493ece45538375ae1791313f16d3 Mon Sep 17 00:00:00 2001
+From: Hollis Blanchard <hollis_blanchard@mentor.com>
+Date: Mon, 30 Jul 2018 14:29:46 -0700
+Subject: [PATCH] Remove pragmas inside functions
+
+GCC 4.4.7, as found in RHEL6, reports:
+    libacl/acl_from_text.c:307: error: #pragma GCC diagnostic not allowed inside functions
+
+Signed-off-by: Hollis Blanchard <hollis_blanchard@mentor.com>
+---
+ libacl/acl_from_text.c | 3 ---
+ 1 file changed, 3 deletions(-)
+
+diff --git a/libacl/acl_from_text.c b/libacl/acl_from_text.c
+index 09790c9..fb6bc07 100644
+--- a/libacl/acl_from_text.c
++++ b/libacl/acl_from_text.c
+@@ -304,11 +304,8 @@ parse_acl_entry(const char **text_p, acl_t *acl_p)
+ create_entry:
+ 	if (acl_create_entry(acl_p, &entry_d) != 0)
+ 		return -1;
+-#pragma GCC diagnostic push
+-#pragma GCC diagnostic ignored "-Waddress"
+ 	if (acl_copy_entry(entry_d, int2ext(&entry_obj)) != 0)
+ 		return -1;
+-#pragma GCC diagnostic pop
+ 	return 0;
+ 
+ fail:
+-- 
+2.13.0
+

package/acl/0001-support-static-installation.patch

@@ -1,29 +0,0 @@
-Support installation of .a file when doing static linking
-
-When doing static linking (i.e ENABLE_SHARED != yes), the acl build
-logic wasn't installing any library at all, not even the .a file which
-is needed for static linking. This patch fixes that.
-
-Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
-
-Index: b/include/buildmacros
-===================================================================
---- a/include/buildmacros
-+++ b/include/buildmacros
-@@ -97,7 +97,15 @@
- 
- INSTALL_LTLIB_STATIC = \
- 	cd $(TOPDIR)/$(LIBNAME)/.libs; \
--	../$(INSTALL) -m 755 -d $(PKG_DEVLIB_DIR);
-+	../$(INSTALL) -m 755 -d $(PKG_DEVLIB_DIR); \
-+	../$(INSTALL) -m 644 -T old_lib $(LIBNAME).la $(PKG_DEVLIB_DIR); \
-+	../$(INSTALL) -m 644 $(LIBNAME).la $(PKG_DEVLIB_DIR)/$(LIBNAME).la ; \
-+	../$(INSTALL) -m 755 -d $(PKG_LIB_DIR); \
-+	../$(INSTALL) -T so_base $(LIBNAME).la $(PKG_LIB_DIR); \
-+	if test "x$(PKG_DEVLIB_DIR)" != "x$(PKG_LIB_DIR)" ; then \
-+	../$(INSTALL) -S $(PKG_DEVLIB_DIR)/$(LIBNAME).a $(PKG_LIB_DIR)/$(LIBNAME).a; \
-+	../$(INSTALL) -S $(PKG_DEVLIB_DIR)/$(LIBNAME).la $(PKG_LIB_DIR)/$(LIBNAME).la; \
-+	fi
- 
- INSTALL_MAN = \
- 	@for d in $(MAN_PAGES); do \

package/acl/0002-add-__acl_-prefixes-to-internal-symbols.patch

@@ -1,292 +0,0 @@
-From debbe4f7b591b3f35d0ed65c17fa81b196b2eb2d Mon Sep 17 00:00:00 2001
-From: Mike Frysinger <vapier@gentoo.org>
-Date: Tue, 12 Aug 2014 08:37:25 -0400
-Subject: [PATCH] add __acl_ prefixes to internal symbols
-
-When static linking libacl, people sometimes run into symbol collisions
-because their own code defines symbols like "quote".  So for acl internal
-symbols, use an __acl_ prefix.
-
-[Rahul Bedarkar: backported from upstream 
-  http://git.savannah.gnu.org/cgit/acl.git/commit/?id=a2c4d71c2e84419a49db503ed59de4d3d1dca7dd ]
-Signed-off-by: Rahul Bedarkar <rahul.bedarkar@imgtec.com>
----
- exports                    | 12 ++----------
- getfacl/getfacl.c          |  4 ++--
- include/misc.h             |  8 ++++----
- libacl/__acl_to_any_text.c |  4 ++--
- libacl/acl_from_text.c     |  4 ++--
- libmisc/high_water_alloc.c |  2 +-
- libmisc/next_line.c        |  6 +++---
- libmisc/quote.c            |  4 ++--
- libmisc/unquote.c          |  2 +-
- setfacl/parse.c            | 10 +++++-----
- setfacl/setfacl.c          |  4 ++--
- 11 files changed, 26 insertions(+), 34 deletions(-)
-
-diff --git a/exports b/exports
-index 7d8e69e..bf15d84 100644
---- a/exports
-+++ b/exports
-@@ -59,22 +59,14 @@ ACL_1.0 {
- 	acl_to_any_text;
- 
-     local:
--    	# Library internal stuff
-+	# Library internal stuff
- 	__new_var_obj_p;
- 	__new_obj_p_here;
- 	__free_obj_p;
- 	__check_obj_p;
- 	__ext2int_and_check;
--	__acl_reorder_entry_obj_p;
--	__acl_reorder_obj_p;
--	__acl_init_obj;
--	__acl_create_entry_obj;
--	__acl_free_acl_obj;
--	__acl_to_any_text;
-+	__acl_*;
- 	__apply_mask_to_mode;
--
--	quote;
--	unquote;
- };
- 
- ACL_1.1 {
-diff --git a/getfacl/getfacl.c b/getfacl/getfacl.c
-index f8eaf25..af9e225 100644
---- a/getfacl/getfacl.c
-+++ b/getfacl/getfacl.c
-@@ -90,7 +90,7 @@ int opt_numeric;  /* don't convert id's to symbolic names */
- 
- static const char *xquote(const char *str, const char *quote_chars)
- {
--	const char *q = quote(str, quote_chars);
-+	const char *q = __acl_quote(str, quote_chars);
- 	if (q == NULL) {
- 		fprintf(stderr, "%s: %s\n", progname, strerror(errno));
- 		exit(1);
-@@ -718,7 +718,7 @@ int main(int argc, char *argv[])
- 	do {
- 		if (optind == argc ||
- 		    strcmp(argv[optind], "-") == 0) {
--			while ((line = next_line(stdin)) != NULL) {
-+			while ((line = __acl_next_line(stdin)) != NULL) {
- 				if (*line == '\0')
- 					continue;
- 
-diff --git a/include/misc.h b/include/misc.h
-index 0c5fdcc..c25accf 100644
---- a/include/misc.h
-+++ b/include/misc.h
-@@ -15,9 +15,9 @@
-   along with this program.  If not, see <http://www.gnu.org/licenses/>.
-  */
- 
--extern int high_water_alloc(void **buf, size_t *bufsize, size_t newsize);
-+extern int __acl_high_water_alloc(void **buf, size_t *bufsize, size_t newsize);
- 
--extern const char *quote(const char *str, const char *quote_chars);
--extern char *unquote(char *str);
-+extern const char *__acl_quote(const char *str, const char *quote_chars);
-+extern char *__acl_unquote(char *str);
- 
--extern char *next_line(FILE *file);
-+extern char *__acl_next_line(FILE *file);
-diff --git a/libacl/__acl_to_any_text.c b/libacl/__acl_to_any_text.c
-index a4f9c34..19f1ccc 100644
---- a/libacl/__acl_to_any_text.c
-+++ b/libacl/__acl_to_any_text.c
-@@ -159,7 +159,7 @@ acl_entry_to_any_str(const acl_entry_t entry_d, char *text_p, ssize_t size,
- 				if (options & TEXT_NUMERIC_IDS)
- 					str = NULL;
- 				else
--					str = quote(user_name(
-+					str = __acl_quote(user_name(
- 						entry_obj_p->eid.qid), ":, \t\n\r");
- 				if (str != NULL) {
- 					strncpy(text_p, str, size);
-@@ -182,7 +182,7 @@ acl_entry_to_any_str(const acl_entry_t entry_d, char *text_p, ssize_t size,
- 				if (options & TEXT_NUMERIC_IDS)
- 					str = NULL;
- 				else
--					str = quote(group_name(
-+					str = __acl_quote(group_name(
- 						entry_obj_p->eid.qid), ":, \t\n\r");
- 				if (str != NULL) {
- 					strncpy(text_p, str, size);
-diff --git a/libacl/acl_from_text.c b/libacl/acl_from_text.c
-index 1e05322..f6165be 100644
---- a/libacl/acl_from_text.c
-+++ b/libacl/acl_from_text.c
-@@ -206,7 +206,7 @@ parse_acl_entry(const char **text_p, acl_t *acl_p)
- 			str = get_token(text_p);
- 			if (str) {
- 				entry_obj.etag = ACL_USER;
--				error = get_uid(unquote(str),
-+				error = get_uid(__acl_unquote(str),
- 						&entry_obj.eid.qid);
- 				free(str);
- 				if (error) {
-@@ -225,7 +225,7 @@ parse_acl_entry(const char **text_p, acl_t *acl_p)
- 			str = get_token(text_p);
- 			if (str) {
- 				entry_obj.etag = ACL_GROUP;
--				error = get_gid(unquote(str),
-+				error = get_gid(__acl_unquote(str),
- 						&entry_obj.eid.qid);
- 				free(str);
- 				if (error) {
-diff --git a/libmisc/high_water_alloc.c b/libmisc/high_water_alloc.c
-index c127dc1..951f4bb 100644
---- a/libmisc/high_water_alloc.c
-+++ b/libmisc/high_water_alloc.c
-@@ -21,7 +21,7 @@
- #include <stdlib.h>
- #include "misc.h"
- 
--int high_water_alloc(void **buf, size_t *bufsize, size_t newsize)
-+int __acl_high_water_alloc(void **buf, size_t *bufsize, size_t newsize)
- {
- #define CHUNK_SIZE	256
- 	/*
-diff --git a/libmisc/next_line.c b/libmisc/next_line.c
-index 0566d7a..126a364 100644
---- a/libmisc/next_line.c
-+++ b/libmisc/next_line.c
-@@ -23,7 +23,7 @@
- 
- #define LINE_SIZE getpagesize()
- 
--char *next_line(FILE *file)
-+char *__acl_next_line(FILE *file)
- {
- 	static char *line;
- 	static size_t line_size;
-@@ -31,7 +31,7 @@ char *next_line(FILE *file)
- 	int eol = 0;
- 
- 	if (!line) {
--		if (high_water_alloc((void **)&line, &line_size, LINE_SIZE))
-+		if (__acl_high_water_alloc((void **)&line, &line_size, LINE_SIZE))
- 			return NULL;
- 	}
- 	c = line;
-@@ -47,7 +47,7 @@ char *next_line(FILE *file)
- 		if (feof(file))
- 			break;
- 		if (!eol) {
--			if (high_water_alloc((void **)&line, &line_size,
-+			if (__acl_high_water_alloc((void **)&line, &line_size,
- 					     2 * line_size))
- 				return NULL;
- 			c = strrchr(line, '\0');
-diff --git a/libmisc/quote.c b/libmisc/quote.c
-index bf8f9eb..a28800c 100644
---- a/libmisc/quote.c
-+++ b/libmisc/quote.c
-@@ -23,7 +23,7 @@
- #include <string.h>
- #include "misc.h"
- 
--const char *quote(const char *str, const char *quote_chars)
-+const char *__acl_quote(const char *str, const char *quote_chars)
- {
- 	static char *quoted_str;
- 	static size_t quoted_str_len;
-@@ -40,7 +40,7 @@ const char *quote(const char *str, const char *quote_chars)
- 	if (nonpr == 0)
- 		return str;
- 
--	if (high_water_alloc((void **)&quoted_str, &quoted_str_len,
-+	if (__acl_high_water_alloc((void **)&quoted_str, &quoted_str_len,
- 			     (s - (unsigned char *)str) + nonpr * 3 + 1))
- 		return NULL;
- 	for (s = (unsigned char *)str, q = quoted_str; *s != '\0'; s++) {
-diff --git a/libmisc/unquote.c b/libmisc/unquote.c
-index bffebf9..4f4ce7c 100644
---- a/libmisc/unquote.c
-+++ b/libmisc/unquote.c
-@@ -22,7 +22,7 @@
- #include <ctype.h>
- #include "misc.h"
- 
--char *unquote(char *str)
-+char *__acl_unquote(char *str)
- {
- 	unsigned char *s, *t;
- 
-diff --git a/setfacl/parse.c b/setfacl/parse.c
-index e7e6add..7433459 100644
---- a/setfacl/parse.c
-+++ b/setfacl/parse.c
-@@ -226,7 +226,7 @@ user_entry:
- 			str = get_token(text_p);
- 			if (str) {
- 				cmd->c_tag = ACL_USER;
--				error = get_uid(unquote(str), &cmd->c_id);
-+				error = get_uid(__acl_unquote(str), &cmd->c_id);
- 				free(str);
- 				if (error) {
- 					*text_p = backup;
-@@ -245,7 +245,7 @@ user_entry:
- 			str = get_token(text_p);
- 			if (str) {
- 				cmd->c_tag = ACL_GROUP;
--				error = get_gid(unquote(str), &cmd->c_id); 
-+				error = get_gid(__acl_unquote(str), &cmd->c_id);
- 				free(str);
- 				if (error) {
- 					*text_p = backup;
-@@ -466,7 +466,7 @@ read_acl_comments(
- 		if (strncmp(cp, "file:", 5) == 0) {
- 			cp += 5;
- 			SKIP_WS(cp);
--			cp = unquote(cp);
-+			cp = __acl_unquote(cp);
- 			
- 			if (path_p) {
- 				if (*path_p)
-@@ -483,7 +483,7 @@ read_acl_comments(
- 			if (uid_p) {
- 				if (*uid_p != ACL_UNDEFINED_ID)
- 					goto fail;
--				if (get_uid(unquote(cp), uid_p) != 0)
-+				if (get_uid(__acl_unquote(cp), uid_p) != 0)
- 					continue;
- 			}
- 		} else if (strncmp(cp, "group:", 6) == 0) {
-@@ -493,7 +493,7 @@ read_acl_comments(
- 			if (gid_p) {
- 				if (*gid_p != ACL_UNDEFINED_ID)
- 					goto fail;
--				if (get_gid(unquote(cp), gid_p) != 0)
-+				if (get_gid(__acl_unquote(cp), gid_p) != 0)
- 					continue;
- 			}
- 		} else if (strncmp(cp, "flags:", 6) == 0) {
-diff --git a/setfacl/setfacl.c b/setfacl/setfacl.c
-index 81062a6..fb2d172 100644
---- a/setfacl/setfacl.c
-+++ b/setfacl/setfacl.c
-@@ -92,7 +92,7 @@ int promote_warning;
- 
- static const char *xquote(const char *str, const char *quote_chars)
- {
--	const char *q = quote(str, quote_chars);
-+	const char *q = __acl_quote(str, quote_chars);
- 	if (q == NULL) {
- 		fprintf(stderr, "%s: %s\n", progname, strerror(errno));
- 		exit(1);
-@@ -311,7 +311,7 @@ int next_file(const char *arg, seq_t seq)
- 	args.seq = seq;
- 
- 	if (strcmp(arg, "-") == 0) {
--		while ((line = next_line(stdin)))
-+		while ((line = __acl_next_line(stdin)))
- 			errors = walk_tree(line, walk_flags, 0, do_set, &args);
- 		if (!feof(stdin)) {
- 			fprintf(stderr, _("%s: Standard input: %s\n"),
--- 
-2.6.2
-

package/acl/0003-all-use-install-1-to-install-executables.patch

@@ -1,67 +0,0 @@
-From d3bd7b29b79147b4155e78a8ea06ded98b91f92a Mon Sep 17 00:00:00 2001
-From: "Yann E. MORIN" <yann.morin.1998@free.fr>
-Date: Tue, 8 May 2018 15:23:57 +0200
-Subject: [PATCH] all: use install(1) to install executables
-
-When the destination file already exists, the current install script
-will overwrite it with the new executable.
-
-However, when the existing executable is a symlink or hardlink to
-something else, like busybox, this effectively overwrites that something
-with the new executable, and thus replaces busybox and all its applets
-with the code for either of the three commands.
-
-We fix that by simply calling install(1). install(1) is sufficiently
-widespread that we don't bother checking for it, as tis is just a
-workaround while waiting for the version bump that will eventually fix
-it for good.
-
-Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
----
- chacl/Makefile   | 4 ++--
- getfacl/Makefile | 4 ++--
- setfacl/Makefile | 4 ++--
- 3 files changed, 6 insertions(+), 6 deletions(-)
-
-diff --git a/chacl/Makefile b/chacl/Makefile
-index 33858d6..c857329 100644
---- a/chacl/Makefile
-+++ b/chacl/Makefile
-@@ -30,6 +30,6 @@ default: $(LTCOMMAND)
- include $(BUILDRULES)
- 
- install: default
--	$(INSTALL) -m 755 -d $(PKG_BIN_DIR)
--	$(LTINSTALL) -m 755 $(LTCOMMAND) $(PKG_BIN_DIR)
-+	install -D -m 755 $(LTCOMMAND) $(PKG_BIN_DIR)/$(LTCOMMAND)
-+
- install-dev install-lib:
-diff --git a/getfacl/Makefile b/getfacl/Makefile
-index 7fbafda..8ac63e0 100644
---- a/getfacl/Makefile
-+++ b/getfacl/Makefile
-@@ -31,6 +31,6 @@ default: $(LTCOMMAND)
- include $(BUILDRULES)
- 
- install: default
--	$(INSTALL) -m 755 -d $(PKG_BIN_DIR)
--	$(LTINSTALL) -m 755 $(LTCOMMAND) $(PKG_BIN_DIR)
-+	install -D -m 755 $(LTCOMMAND) $(PKG_BIN_DIR)/$(LTCOMMAND)
-+
- install-dev install-lib:
-diff --git a/setfacl/Makefile b/setfacl/Makefile
-index c44e7c0..eea2ede 100644
---- a/setfacl/Makefile
-+++ b/setfacl/Makefile
-@@ -31,6 +31,6 @@ default: $(LTCOMMAND)
- include $(BUILDRULES)
- 
- install: default
--	$(INSTALL) -m 755 -d $(PKG_BIN_DIR)
--	$(LTINSTALL) -m 755 $(LTCOMMAND) $(PKG_BIN_DIR)
-+	install -D -m 755 $(LTCOMMAND) $(PKG_BIN_DIR)/$(LTCOMMAND)
-+
- install-dev install-lib:
--- 
-2.14.1
-

package/acl/acl.hash

@@ -1,2 +1,2 @@
 # Locally calculated after checking pgp signature
-sha256	179074bb0580c06c4b4137be4c5a92a701583277967acdb5546043c7874e0d23	acl-2.2.52.src.tar.gz
+sha256  06be9865c6f418d851ff4494e12406568353b891ffe1f596b34693c387af26c7  acl-2.2.53.tar.gz

package/acl/acl.mk

@@ -4,54 +4,18 @@
 #
 ################################################################################
 
-ACL_VERSION = 2.2.52
-ACL_SOURCE = acl-$(ACL_VERSION).src.tar.gz
+ACL_VERSION = 2.2.53
 ACL_SITE = http://download.savannah.gnu.org/releases/acl
-ACL_INSTALL_STAGING = YES
-ACL_DEPENDENCIES = attr
-ACL_CONF_OPTS = --enable-gettext=no
 ACL_LICENSE = GPL-2.0+ (programs), LGPL-2.1+ (libraries)
 ACL_LICENSE_FILES = doc/COPYING doc/COPYING.LGPL
 
-# While the configuration system uses autoconf, the Makefiles are
-# hand-written and do not use automake. Therefore, we have to hack
-# around their deficiencies by:
-# - explicitly passing CFLAGS (LDFLAGS are passed on from configure,
-#   CFLAGS are not).
-# - explicitly passing the installation prefix, not using DESTDIR.
-
-ACL_MAKE_ENV = CFLAGS="$(TARGET_CFLAGS)"
-
-ACL_INSTALL_STAGING_OPTS = \
-	prefix=$(STAGING_DIR)/usr \
-	exec_prefix=$(STAGING_DIR)/usr \
-	PKG_DEVLIB_DIR=$(STAGING_DIR)/usr/lib \
-	install-dev install-lib
-
-ACL_INSTALL_TARGET_OPTS = \
-	prefix=$(TARGET_DIR)/usr \
-	exec_prefix=$(TARGET_DIR)/usr \
-	install install-lib
-
-# The libdir variable in libacl.la is empty, so let's fix it. This is
-# probably due to acl not using automake, and not doing fully the
-# right thing with libtool.
-define ACL_FIX_LIBTOOL_LA_LIBDIR
-	$(SED) "s,libdir=.*,libdir='$(STAGING_DIR)'," \
-		$(STAGING_DIR)/usr/lib/libacl.la
-endef
-
-ACL_POST_INSTALL_STAGING_HOOKS += ACL_FIX_LIBTOOL_LA_LIBDIR
-
+ACL_DEPENDENCIES = attr
 HOST_ACL_DEPENDENCIES = host-attr
-HOST_ACL_CONF_OPTS = --enable-gettext=no
-HOST_ACL_MAKE_ENV = CFLAGS="$(HOST_CFLAGS)"
-HOST_ACL_INSTALL_OPTS = \
-	prefix=$(HOST_DIR) \
-	exec_prefix=$(HOST_DIR) \
-	PKG_DEVLIB_DIR=$(HOST_DIR)/lib \
-	install-dev install-lib
-# For the host, libacl.la is correct, no fixup needed.
+
+ACL_INSTALL_STAGING = YES
+
+ACL_CONF_OPTS = --disable-nls
+HOST_ACL_CONF_OPTS = --disable-nls
 
 $(eval $(autotools-package))
 $(eval $(host-autotools-package))

package/apache/apache.hash

@@ -1,3 +1,4 @@
-# From http://archive.apache.org/dist/httpd/httpd-2.4.33.tar.bz2.sha256
-sha256 de02511859b00d17845b9abdd1f975d5ccb5d0b280c567da5bf2ad4b70846f05 httpd-2.4.33.tar.bz2
+# From http://archive.apache.org/dist/httpd/httpd-2.4.34.tar.bz2.sha256
+sha256 fa53c95631febb08a9de41fd2864cfff815cf62d9306723ab0d4b8d7aa1638f0 httpd-2.4.34.tar.bz2
+# Locally computed
 sha256 c49c0819a726b70142621715dae3159c47b0349c2bc9db079070f28dadac0229 LICENSE

package/apache/apache.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-APACHE_VERSION = 2.4.33
+APACHE_VERSION = 2.4.34
 APACHE_SOURCE = httpd-$(APACHE_VERSION).tar.bz2
 APACHE_SITE = http://archive.apache.org/dist/httpd
 APACHE_LICENSE = Apache-2.0

package/attr/0001-build-with-older-GCCs.patch

@@ -0,0 +1,87 @@
+From 3ac428794ea0f95c854166c9c0cffb0267c5e98b Mon Sep 17 00:00:00 2001
+From: Hollis Blanchard <hollis_blanchard@mentor.com>
+Date: Mon, 30 Jul 2018 14:17:21 -0700
+Subject: [PATCH] Remove messages in "deprecated" gcc attributes
+
+GCC versions up through 4.4.7 (which is used in RHEL 6) do not accept
+any argument for the deprecated attribute. GCC 4.5 and later say the
+"msg" argument is optional. We don't need the messages during
+Buildroot builds anyways.
+
+Signed-off-by: Hollis Blanchard <hollis_blanchard@mentor.com>
+---
+ include/attributes.h | 20 ++++++++++----------
+ 1 file changed, 10 insertions(+), 10 deletions(-)
+
+diff --git a/include/attributes.h b/include/attributes.h
+index 14beb8f..23c39c8 100644
+--- a/include/attributes.h
++++ b/include/attributes.h
+@@ -127,10 +127,10 @@ typedef struct attr_multiop {
+  */
+ EXPORT int attr_get (const char *__path, const char *__attrname,
+ 			char *__attrvalue, int *__valuelength, int __flags)
+-	__attribute__ ((deprecated ("Use getxattr or lgetxattr instead")));
++	__attribute__ ((deprecated));
+ EXPORT int attr_getf (int __fd, const char *__attrname, char *__attrvalue,
+ 			int *__valuelength, int __flags)
+-	__attribute__ ((deprecated ("Use fgetxattr instead")));
++	__attribute__ ((deprecated));
+ 
+ /*
+  * Set the value of an attribute, creating the attribute if necessary.
+@@ -139,11 +139,11 @@ EXPORT int attr_getf (int __fd, const char *__attrname, char *__attrvalue,
+ EXPORT int attr_set (const char *__path, const char *__attrname,
+ 			const char *__attrvalue, const int __valuelength,
+ 			int __flags)
+-	__attribute__ ((deprecated ("Use setxattr or lsetxattr instead")));
++	__attribute__ ((deprecated));
+ EXPORT int attr_setf (int __fd, const char *__attrname,
+ 			const char *__attrvalue, const int __valuelength,
+ 			int __flags)
+-	__attribute__ ((deprecated ("Use fsetxattr instead")));
++	__attribute__ ((deprecated));
+ 
+ /*
+  * Remove an attribute.
+@@ -151,9 +151,9 @@ EXPORT int attr_setf (int __fd, const char *__attrname,
+  */
+ EXPORT int attr_remove (const char *__path, const char *__attrname,
+ 			int __flags)
+-	__attribute__ ((deprecated ("Use removexattr or lremovexattr instead")));
++	__attribute__ ((deprecated));
+ EXPORT int attr_removef (int __fd, const char *__attrname, int __flags)
+-	__attribute__ ((deprecated ("Use fremovexattr instead")));
++	__attribute__ ((deprecated));
+ 
+ /*
+  * List the names and sizes of the values of all the attributes of an object.
+@@ -164,10 +164,10 @@ EXPORT int attr_removef (int __fd, const char *__attrname, int __flags)
+  */
+ EXPORT int attr_list(const char *__path, char *__buffer, const int __buffersize,
+ 		int __flags, attrlist_cursor_t *__cursor)
+-	__attribute__ ((deprecated ("Use listxattr or llistxattr instead")));
++	__attribute__ ((deprecated));
+ EXPORT int attr_listf(int __fd, char *__buffer, const int __buffersize,
+ 		int __flags, attrlist_cursor_t *__cursor)
+-	__attribute__ ((deprecated ("Use flistxattr instead")));
++	__attribute__ ((deprecated));
+ 
+ /*
+  * Operate on multiple attributes of the same object simultaneously.
+@@ -188,10 +188,10 @@ EXPORT int attr_listf(int __fd, char *__buffer, const int __buffersize,
+  */
+ EXPORT int attr_multi (const char *__path, attr_multiop_t *__oplist,
+ 			int __count, int __flags)
+-	__attribute__ ((deprecated ("Use getxattr, setxattr, listxattr, removexattr instead")));
++	__attribute__ ((deprecated));
+ EXPORT int attr_multif (int __fd, attr_multiop_t *__oplist,
+ 			int __count, int __flags)
+-	__attribute__ ((deprecated ("Use getxattr, setxattr, listxattr, removexattr instead")));
++	__attribute__ ((deprecated));
+ 
+ #ifdef __cplusplus
+ }
+-- 
+2.13.0
+

package/attr/0001-support-static-installation.patch

@@ -1,29 +0,0 @@
-Support installation of .a file when doing static linking
-
-When doing static linking (i.e ENABLE_SHARED != yes), the attr build
-logic wasn't installing any library at all, not even the .a file which
-is needed for static linking. This patch fixes that.
-
-Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
-
-Index: b/include/buildmacros
-===================================================================
---- a/include/buildmacros
-+++ b/include/buildmacros
-@@ -97,7 +97,15 @@
- 
- INSTALL_LTLIB_STATIC = \
- 	cd $(TOPDIR)/$(LIBNAME)/.libs; \
--	../$(INSTALL) -m 755 -d $(PKG_DEVLIB_DIR);
-+	../$(INSTALL) -m 755 -d $(PKG_DEVLIB_DIR); \
-+	../$(INSTALL) -m 644 -T old_lib $(LIBNAME).la $(PKG_DEVLIB_DIR); \
-+	../$(INSTALL) -m 644 $(LIBNAME).la $(PKG_DEVLIB_DIR)/$(LIBNAME).la ; \
-+	../$(INSTALL) -m 755 -d $(PKG_LIB_DIR); \
-+	../$(INSTALL) -T so_base $(LIBNAME).la $(PKG_LIB_DIR); \
-+	if test "x$(PKG_DEVLIB_DIR)" != "x$(PKG_LIB_DIR)" ; then \
-+	../$(INSTALL) -S $(PKG_DEVLIB_DIR)/$(LIBNAME).a $(PKG_LIB_DIR)/$(LIBNAME).a; \
-+	../$(INSTALL) -S $(PKG_DEVLIB_DIR)/$(LIBNAME).la $(PKG_LIB_DIR)/$(LIBNAME).la; \
-+	fi
- 
- INSTALL_MAN = \
- 	@for d in $(MAN_PAGES); do \

package/attr/0002-avoid-glibc-specific-decls-defines.patch

@@ -1,37 +0,0 @@
-From 667137acaffb8d0cc62b47821a67a52ba0637d5c Mon Sep 17 00:00:00 2001
-From: Mike Frysinger <vapier@gentoo.org>
-Date: Fri, 10 Jan 2014 13:56:37 +0000
-Subject: avoid glibc-specific DECLS defines
-
-This matches what we do in all the other headers.
-
-Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
----
-diff --git a/include/xattr.h b/include/xattr.h
-index 70a84be..070d7c5 100644
---- a/include/xattr.h
-+++ b/include/xattr.h
-@@ -30,8 +30,9 @@
- #define XATTR_CREATE  0x1       /* set value, fail if attr already exists */
- #define XATTR_REPLACE 0x2       /* set value, fail if attr does not exist */
- 
--
--__BEGIN_DECLS
-+#ifdef __cplusplus
-+extern "C" {
-+#endif
- 
- extern int setxattr (const char *__path, const char *__name,
- 		      const void *__value, size_t __size, int __flags) __THROW;
-@@ -58,6 +59,8 @@ extern int removexattr (const char *__path, const char *__name) __THROW;
- extern int lremovexattr (const char *__path, const char *__name) __THROW;
- extern int fremovexattr (int __filedes,   const char *__name) __THROW;
- 
--__END_DECLS
-+#ifdef __cplusplus
-+}
-+#endif
- 
- #endif	/* __XATTR_H__ */
---
-cgit v0.9.0.2

package/attr/0003-portability-fixes.patch

@@ -1,37 +0,0 @@
-From 92247401984dd9a80d9d0c8c030692323f980678 Mon Sep 17 00:00:00 2001
-From: Emmanuel Dreyfus <manu@netbsd.org>
-Date: Mon, 30 Jun 2014 13:06:05 +0000
-Subject: Portability fixes
-
-- <features.h>  is Linux specific
-- Define __THROW for non glibc based systems
-
-Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
----
-(limited to 'include/xattr.h')
-
-diff --git a/include/xattr.h b/include/xattr.h
-index 070d7c5..fd1f268 100644
---- a/include/xattr.h
-+++ b/include/xattr.h
-@@ -20,7 +20,18 @@
- #ifndef __XATTR_H__
- #define __XATTR_H__
- 
-+#if defined(linux)
- #include <features.h>
-+#endif
-+
-+/* Portability non glibc c++ build systems */
-+#ifndef __THROW
-+# if defined __cplusplus
-+#  define __THROW       throw ()
-+# else
-+#  define __THROW
-+# endif
-+#endif
- 
- #include <errno.h>
- #ifndef ENOATTR
---
-cgit v0.9.0.2

package/attr/0004-all-use-install-1-to-install-executables.patch

@@ -1,67 +0,0 @@
-From 4187e60ab52cac3ed36036a354977310dab68dcb Mon Sep 17 00:00:00 2001
-From: "Yann E. MORIN" <yann.morin.1998@free.fr>
-Date: Tue, 8 May 2018 15:16:10 +0200
-Subject: [PATCH] all: use install(1) to install executables
-
-When the destination file already exists, the current install script
-will overwrite it with the new executable.
-
-However, when the existing executable is a symlink or hardlink to
-something else, like busybox, this effectively overwrites that something
-with the new executable, and thus replaces busybox and all its applets
-with the code for either of the three commands.
-
-We fix that by simply calling install(1). install(1) is sufficiently
-widespread that we don't bother checking for it, as this is just a
-workaround while waiting for the version bump that will eventually fix
-it for good.
-
-Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
----
- attr/Makefile     | 4 ++--
- getfattr/Makefile | 4 ++--
- setfattr/Makefile | 4 ++--
- 3 files changed, 6 insertions(+), 6 deletions(-)
-
-diff --git a/attr/Makefile b/attr/Makefile
-index 1c467e8..326dd7e 100644
---- a/attr/Makefile
-+++ b/attr/Makefile
-@@ -29,6 +29,6 @@ default: $(LTCOMMAND)
- include $(BUILDRULES)
- 
- install: default
--	$(INSTALL) -m 755 -d $(PKG_BIN_DIR)
--	$(LTINSTALL) -m 755 $(LTCOMMAND) $(PKG_BIN_DIR)
-+	install -D -m 755 $(LTCOMMAND) $(PKG_BIN_DIR)/$(LTCOMMAND)
-+
- install-dev install-lib:
-diff --git a/getfattr/Makefile b/getfattr/Makefile
-index 91d3df2..f913172 100644
---- a/getfattr/Makefile
-+++ b/getfattr/Makefile
-@@ -30,6 +30,6 @@ default: $(LTCOMMAND)
- include $(BUILDRULES)
- 
- install: default
--	$(INSTALL) -m 755 -d $(PKG_BIN_DIR)
--	$(LTINSTALL) -m 755 $(LTCOMMAND) $(PKG_BIN_DIR)
-+	install -D -m 755 $(LTCOMMAND) $(PKG_BIN_DIR)/$(LTCOMMAND)
-+
- install-dev install-lib:
-diff --git a/setfattr/Makefile b/setfattr/Makefile
-index d55461b..26dc5d8 100644
---- a/setfattr/Makefile
-+++ b/setfattr/Makefile
-@@ -30,6 +30,6 @@ default: $(LTCOMMAND)
- include $(BUILDRULES)
- 
- install: default
--	$(INSTALL) -m 755 -d $(PKG_BIN_DIR)
--	$(LTINSTALL) -m 755 $(LTCOMMAND) $(PKG_BIN_DIR)
-+	install -D -m 755 $(LTCOMMAND) $(PKG_BIN_DIR)/$(LTCOMMAND)
-+
- install-dev install-lib:
--- 
-2.14.1
-

package/attr/attr.hash

@@ -1,2 +1,2 @@
 # Locally calculated after checking pgp signature
-sha256	25772f653ac5b2e3ceeb89df50e4688891e21f723c460636548971652af0a859	attr-2.4.47.src.tar.gz
+sha256  5ead72b358ec709ed00bbf7a9eaef1654baad937c001c044fe8b74c57f5324e7  attr-2.4.48.tar.gz

package/attr/attr.mk

@@ -4,43 +4,15 @@
 #
 ################################################################################
 
-ATTR_VERSION = 2.4.47
-ATTR_SOURCE = attr-$(ATTR_VERSION).src.tar.gz
+ATTR_VERSION = 2.4.48
 ATTR_SITE = http://download.savannah.gnu.org/releases/attr
-ATTR_INSTALL_STAGING = YES
-ATTR_CONF_OPTS = --enable-gettext=no
-HOST_ATTR_CONF_OPTS = --enable-gettext=no
 ATTR_LICENSE = GPL-2.0+ (programs), LGPL-2.1+ (libraries)
 ATTR_LICENSE_FILES = doc/COPYING doc/COPYING.LGPL
 
-# While the configuration system uses autoconf, the Makefiles are
-# hand-written and do not use automake. Therefore, we have to hack
-# around their deficiencies by passing installation paths.
-ATTR_INSTALL_STAGING_OPTS = \
-	prefix=$(STAGING_DIR)/usr \
-	exec_prefix=$(STAGING_DIR)/usr \
-	PKG_DEVLIB_DIR=$(STAGING_DIR)/usr/lib \
-	install-dev install-lib
+ATTR_INSTALL_STAGING = YES
 
-ATTR_INSTALL_TARGET_OPTS = \
-	prefix=$(TARGET_DIR)/usr \
-	exec_prefix=$(TARGET_DIR)/usr \
-	install install-lib
-
-HOST_ATTR_INSTALL_OPTS = \
-	prefix=$(HOST_DIR) \
-	exec_prefix=$(HOST_DIR) \
-	install-dev install-lib
-
-# The libdir variable in libattr.la is empty, so let's fix it. This is
-# probably due to attr not using automake, and not doing fully the
-# right thing with libtool.
-define ATTR_FIX_LIBTOOL_LA_LIBDIR
-	$(SED) "s,libdir=.*,libdir='$(STAGING_DIR)'," \
-		$(STAGING_DIR)/usr/lib/libattr.la
-endef
-
-ATTR_POST_INSTALL_STAGING_HOOKS += ATTR_FIX_LIBTOOL_LA_LIBDIR
+ATTR_CONF_OPTS = --disable-nls
+HOST_ATTR_CONF_OPTS = --disable-nls
 
 $(eval $(autotools-package))
 $(eval $(host-autotools-package))

package/audit/audit.mk

@@ -51,8 +51,8 @@ define AUDIT_INSTALL_INIT_SYSTEMD
 endef
 
 define AUDIT_INSTALL_CLEANUP
-	$(RM) -rf $(TARGET_DIR)/etc/rc.d
-	$(RM) -rf $(TARGET_DIR)/etc/sysconfig
+	$(RM) $(TARGET_DIR)/etc/rc.d/init.d/auditd
+	$(RM) $(TARGET_DIR)/etc/sysconfig/auditd
 endef
 AUDIT_POST_INSTALL_TARGET_HOOKS += AUDIT_INSTALL_CLEANUP
 

package/bind/bind.hash

@@ -1,3 +1,4 @@
-# Verified from http://ftp.isc.org/isc/bind9/9.11.2-P1/bind-9.11.2-P1.tar.gz.sha256.asc
-sha256 cec31548832fca3f85d95178d4019b7d702039e8595d4c93914feba337df1212 bind-9.11.2-P1.tar.gz
-sha256 d3906dfe153e2c48440d3ca1d5319f5e89b4b820cdfc5d0779c23d7ac2b175e9 COPYRIGHT
+# Verified from https://ftp.isc.org/isc/bind9/9.11.4-P1/bind-9.11.4-P1.tar.gz.asc
+# with key BE0E9748B718253A28BB89FFF1B11BF05CF02E57
+sha256 b0e0dc3c8bf26989b1cad53f90d44a48e39404afc68f65c45bae79b446f0fe23 bind-9.11.4-P1.tar.gz
+sha256 336f3c40e37a1a13690efb4c63e20908faa4c40498cc02f3579fb67d3a1933a5 COPYRIGHT

package/bind/bind.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-BIND_VERSION = 9.11.2-P1
+BIND_VERSION = 9.11.4-P1
 BIND_SITE = http://ftp.isc.org/isc/bind9/$(BIND_VERSION)
 # bind does not support parallel builds.
 BIND_MAKE = $(MAKE1)
@@ -33,7 +33,7 @@ BIND_CONF_OPTS = \
 	--enable-filter-aaaa
 
 ifeq ($(BR2_PACKAGE_ZLIB),y)
-BIND_CONF_OPTS += --with-zlib=$(STAGING_DIR)/usr/include
+BIND_CONF_OPTS += --with-zlib=$(STAGING_DIR)/usr
 BIND_DEPENDENCIES += zlib
 else
 BIND_CONF_OPTS += --without-zlib
@@ -61,7 +61,9 @@ BIND_CONF_ENV += \
 	ac_cv_func_EVP_sha512=yes
 BIND_CONF_OPTS += \
 	--with-openssl=$(STAGING_DIR)/usr LIBS="-lz" \
-	--with-ecdsa=yes
+	--with-ecdsa=yes \
+	--with-eddsa=no \
+	--with-aes=yes
 # GOST cipher support requires openssl extra engines
 ifeq ($(BR2_PACKAGE_OPENSSL_ENGINES),y)
 BIND_CONF_OPTS += --with-gost=yes

package/binutils/Config.in.host

@@ -26,7 +26,7 @@ endchoice
 
 config BR2_BINUTILS_VERSION
 	string
-	default "arc-2018.03-rc2"	if BR2_BINUTILS_VERSION_ARC
+	default "arc-2018.03"	if BR2_BINUTILS_VERSION_ARC
 	default "2.28.1"	if BR2_BINUTILS_VERSION_2_28_X
 	default "2.29.1"	if BR2_BINUTILS_VERSION_2_29_X
 	default "2.30"		if BR2_BINUTILS_VERSION_2_30_X

package/binutils/binutils.hash

@@ -4,4 +4,4 @@ sha512  d748d22306477d60d921078804d21943248c23fca0707aac9b016a352c01c75ca69e8262
 sha512  e747ea20d8d79fcd21b9d9f6695059caa7189d60f19256da398e34b789fea9a133c32b192e9693b5828d27683739b0198431bf8b3e39fb3b04884cf89d9aa839  binutils-2.30.tar.xz
 
 # Locally calculated (fetched from Github)
-sha512  c9d41001bd41d96f1cd78748c1e8df9715aab1158c0a1c9c90a2010e335c357d0d6816202b7fcf7c7d8d4a65e25920b0b35af6a59edd0d29fd9edddd8be95a48  binutils-arc-2018.03-rc2.tar.gz
+sha512  bea88164ed48733bad63393fe702e12e651efd113aa4f3fe2e253e05c4c1e5da20b5a99333f0b5528df6d32ce806f799211c568e1916845a87999901dde28817  binutils-arc-2018.03.tar.gz

package/binutils/binutils.mk

@@ -9,13 +9,13 @@
 BINUTILS_VERSION = $(call qstrip,$(BR2_BINUTILS_VERSION))
 ifeq ($(BINUTILS_VERSION),)
 ifeq ($(BR2_arc),y)
-BINUTILS_VERSION = arc-2018.03-rc2
+BINUTILS_VERSION = arc-2018.03
 else
 BINUTILS_VERSION = 2.29.1
 endif
 endif # BINUTILS_VERSION
 
-ifeq ($(BINUTILS_VERSION),arc-2018.03-rc2)
+ifeq ($(BINUTILS_VERSION),arc-2018.03)
 BINUTILS_SITE = $(call github,foss-for-synopsys-dwc-arc-processors,binutils-gdb,$(BINUTILS_VERSION))
 BINUTILS_SOURCE = binutils-$(BINUTILS_VERSION).tar.gz
 BINUTILS_FROM_GIT = y

package/brltty/0004-buildsys-fix-cross-compilation.patch

@@ -0,0 +1,41 @@
+From 088666535a045dae71bd2fcc6b3a1553023106ce Mon Sep 17 00:00:00 2001
+From: "Yann E. MORIN" <yann.morin.1998@free.fr>
+Date: Wed, 22 Aug 2018 10:10:19 +0200
+Subject: [PATCH] buildsys: fix cross-compilation
+
+Some identifiers for includes and libs paths may contain digit, e.g.
+X11_PACKAGE or ATSPI2_PACKAGE or GLIB2_PACKAGE...
+
+Also detect those identifiers when doing cros-compilation, so that the
+_FOR_BUILD variants are really created and do not clash with the target
+variants.
+
+Fixes:
+    http://autobuild.buildroot.org/results/a37/a37782b3cfc1a96cc129db8fade20a36a7b2d470/build-end.log
+    http://autobuild.buildroot.org/results/97e/97edc6a47d2140968e84b409cdc960604e5896f2/build-end.log
+    [...]
+
+Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
+---
+Upstram status: submitted
+https://github.com/brltty/brltty/pull/142
+---
+ mk4build | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/mk4build b/mk4build
+index db90c86a9..551283825 100755
+--- a/mk4build
++++ b/mk4build
+@@ -112,7 +112,7 @@ fi
+ 
+ sedScript="${outputName}.${sedExtension}"
+ sed -n -e '
+-s/^ *\([A-Za-z][A-Za-z_]*\) *=.*$/\1/
++s/^ *\([A-Za-z][A-Za-z0-9_]*\) *=.*$/\1/
+ t found
+ d
+ :found
+-- 
+2.14.1
+

package/btrfs-progs/0001-Makefile-install-static-library-and-headers-in-insta.patch

@@ -41,8 +41,8 @@ index 67fbc48..d9e34be 100644
  	$(LN_S) -f btrfs.static $(DESTDIR)$(bindir)/btrfsck.static
 +	$(INSTALL) -m755 -d $(DESTDIR)$(libdir)
 +	$(INSTALL) $(libs_static) $(DESTDIR)$(libdir)
-+	$(INSTALL) -m755 -d $(DESTDIR)$(incdir)
-+	$(INSTALL) -m644 $(libbtrfs_headers) $(DESTDIR)$(incdir)
++	$(INSTALL) -m755 -d $(DESTDIR)$(incdir)/btrfs
++	$(INSTALL) -m644 $(libbtrfs_headers) $(DESTDIR)$(incdir)/btrfs
  
  $(INSTALLDIRS):
  	@echo "Making install in $(patsubst install-%,%,$@)"

package/bzip2/Config.in

@@ -5,5 +5,3 @@ config BR2_PACKAGE_BZIP2
 	  It typically compresses files to within 10% to 15% of the best
 	  available techniques, while being around twice as fast at
 	  compression and six times faster at decompression.
-
-	  http://www.bzip.org

package/bzip2/bzip2.mk

@@ -5,7 +5,7 @@
 ################################################################################
 
 BZIP2_VERSION = 1.0.6
-BZIP2_SITE = http://www.bzip.org/$(BZIP2_VERSION)
+BZIP2_SITE = http://sources.buildroot.net
 BZIP2_INSTALL_STAGING = YES
 BZIP2_LICENSE = bzip2 license
 BZIP2_LICENSE_FILES = LICENSE

package/chrony/0002-util-fall-back-to-reading-dev-urandom-when-getrandom.patch

@@ -0,0 +1,42 @@
+From 7c5bd948bb7e21fa0ee22f29e97748b2d0360319 Mon Sep 17 00:00:00 2001
+From: Miroslav Lichvar <mlichvar@redhat.com>
+Date: Thu, 17 May 2018 14:16:58 +0200
+Subject: [PATCH] util: fall back to reading /dev/urandom when getrandom()
+ blocks
+
+With recent changes in the Linux kernel, the getrandom() system call may
+block for a long time after boot on machines that don't have enough
+entropy. It blocks the chronyd's initialization before it can detach
+from the terminal and may cause a chronyd service to fail to start due
+to a timeout.
+
+At least for now, enable the GRND_NONBLOCK flag to make the system call
+non-blocking and let the code fall back to reading /dev/urandom (which
+never blocks) if the system call failed with EAGAIN or any other error.
+
+This makes the start of chronyd non-deterministic with respect to files
+that it needs to open and possibly also makes it slightly easier to
+guess the transmit/receive timestamp in client requests until the
+urandom source is fully initialized.
+
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+---
+ util.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/util.c b/util.c
+index 4b3e455..76417d5 100644
+--- a/util.c
++++ b/util.c
+@@ -1224,7 +1224,7 @@ get_random_bytes_getrandom(char *buf, unsigned int len)
+       if (disabled)
+         break;
+ 
+-      if (getrandom(rand_buf, sizeof (rand_buf), 0) != sizeof (rand_buf)) {
++      if (getrandom(rand_buf, sizeof (rand_buf), GRND_NONBLOCK) != sizeof (rand_buf)) {
+         disabled = 1;
+         break;
+       }
+-- 
+2.11.0
+

package/cifs-utils/cifs-utils.mk

@@ -15,7 +15,7 @@ CIFS_UTILS_DEPENDENCIES = host-pkgconf
 
 # Let's disable PIE unconditionally. We want PIE to be enabled only by
 # the global BR2_RELRO_FULL option.
-CIFS_UTILS_CONF_OPTS = --disable-pie
+CIFS_UTILS_CONF_OPTS = --disable-pie --disable-man
 
 ifeq ($(BR2_PACKAGE_KEYUTILS),y)
 CIFS_UTILS_DEPENDENCIES += keyutils

package/clamav/clamav.hash

@@ -1,5 +1,5 @@
 # Locally calculated
-sha256 c5c5edaf75a3c53ac0f271148fd6447310bce53f448ec7e6205124a25918f65c  clamav-0.100.0.tar.gz
+sha256 84e026655152247de7237184ee13003701c40be030dd68e0316111049f58a59f  clamav-0.100.1.tar.gz
 sha256 0c4fd2fa9733fc9122503797648710851e4ee6d9e4969dd33fcbd8c63cd2f584  COPYING
 sha256 d72a145c90918184a05ef65a04c9e6f7466faa59bc1b82c8f6a8ddc7ddcb9bed  COPYING.bzip2
 sha256 dfb818a0d41411c6fb1c193c68b73018ceadd1994bda41ad541cbff292894bc6  COPYING.file

package/clamav/clamav.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-CLAMAV_VERSION = 0.100.0
+CLAMAV_VERSION = 0.100.1
 CLAMAV_SITE = https://www.clamav.net/downloads/production
 CLAMAV_LICENSE = GPL-2.0
 CLAMAV_LICENSE_FILES = COPYING COPYING.bzip2 COPYING.file COPYING.getopt \

package/collectd/collectd.hash

@@ -1,2 +1,6 @@
 # From https://collectd.org/files/SHA256SUM
 sha256	7edd3643c0842215553b2421d5456f4e9a8a58b07e216b40a7e8e91026d8e501	collectd-5.7.1.tar.bz2
+
+# Hash for license files
+sha256	ed0409b2b1c30566dab5fcdaf46ee70e140c99788e22f0267645a9357b476ae4	COPYING
+sha256	f18a0811fa0e220ccbc42f661545e77f0388631e209585ed582a1c693029c6aa	libltdl/COPYING.LIB

package/collectd/collectd.mk

@@ -9,8 +9,8 @@ COLLECTD_SITE = http://collectd.org/files
 COLLECTD_SOURCE = collectd-$(COLLECTD_VERSION).tar.bz2
 COLLECTD_CONF_ENV = ac_cv_lib_yajl_yajl_alloc=yes
 COLLECTD_INSTALL_STAGING = YES
-COLLECTD_LICENSE = GPL-2.0, LGPL-2.1
-COLLECTD_LICENSE_FILES = COPYING
+COLLECTD_LICENSE = MIT (daemon, plugins), GPL-2.0 (plugins), LGPL-2.1 (plugins)
+COLLECTD_LICENSE_FILES = COPYING libltdl/COPYING.LIB
 
 # These require unmet dependencies, are fringe, pointless or deprecated
 COLLECTD_PLUGINS_DISABLE = \

package/coreutils/coreutils.mk

@@ -120,7 +120,8 @@ define COREUTILS_CLEANUP
 	# link for archaic shells
 	ln -fs test $(TARGET_DIR)/usr/bin/[
 	# gnu thinks chroot is in bin, debian thinks it's in sbin
-	mv -f $(TARGET_DIR)/usr/bin/chroot $(TARGET_DIR)/usr/sbin/chroot
+	rm -f $(TARGET_DIR)/usr/bin/chroot
+	ln -sf ../bin/coreutils $(TARGET_DIR)/usr/sbin/chroot
 endef
 
 COREUTILS_POST_INSTALL_TARGET_HOOKS += COREUTILS_CLEANUP

package/crda/Config.in

@@ -15,7 +15,7 @@ config BR2_PACKAGE_CRDA
 	  query and apply the regulatory domain settings wireless
 	  devices may operate within for a given location.
 
-	  http://linuxwireless.org/en/developers/Regulatory/CRDA
+	  https://wireless.wiki.kernel.org/en/developers/regulatory/crda
 
 comment "crda needs a toolchain w/ threads, dynamic library"
 	depends on !BR2_TOOLCHAIN_HAS_THREADS || BR2_STATIC_LIBS

package/cryptsetup/0001-Remove-json_object-typedef.patch

@@ -0,0 +1,46 @@
+From 567e7f8664c621f8aeaa95d9f4ab4b590574f572 Mon Sep 17 00:00:00 2001
+From: Baruch Siach <baruch@tkos.co.il>
+Date: Wed, 15 Aug 2018 14:13:46 +0300
+Subject: [PATCH] Remove json_object typedef
+
+The json-c header already defines the same typedef. While C11 allows
+typedef redefinition to the same type, older versions of gcc disallow
+that.
+
+In file included from lib/luks2/luks2_internal.h:32,
+                 from lib/luks2/luks2_disk_metadata.c:24:
+lib/luks2/luks2.h:86: error: redefinition of typedef 'json_object'
+
+Signed-off-by: Baruch Siach <baruch@tkos.co.il>
+---
+ lib/luks2/luks2.h | 1 -
+ lib/setup.c       | 1 +
+ 2 files changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/lib/luks2/luks2.h b/lib/luks2/luks2.h
+index ee57b41ba974..25e36190da45 100644
+--- a/lib/luks2/luks2.h
++++ b/lib/luks2/luks2.h
+@@ -83,7 +83,6 @@ struct luks2_hdr_disk {
+ /*
+  * LUKS2 header in-memory.
+  */
+-typedef struct json_object json_object;
+ struct luks2_hdr {
+ 	size_t		hdr_size;
+ 	uint64_t	seqid;
+diff --git a/lib/setup.c b/lib/setup.c
+index fddbe7ef7897..856f6e80f465 100644
+--- a/lib/setup.c
++++ b/lib/setup.c
+@@ -28,6 +28,7 @@
+ #include <sys/utsname.h>
+ #include <fcntl.h>
+ #include <errno.h>
++#include <json-c/json.h>
+ 
+ #include "libcryptsetup.h"
+ #include "luks.h"
+-- 
+2.18.0
+

package/cryptsetup/cryptsetup.hash

@@ -1,4 +1,4 @@
 # From https://www.kernel.org/pub/linux/utils/cryptsetup/v2.0/sha256sums.asc
-sha256 4f8105d7f3bf758d58da3058b3cbd66c0ca81492b2dafe8ae7c049cc9e939e97  cryptsetup-2.0.2.tar.xz
+sha256 4d6cca04c1f5ff4a68d045d190efb2623087eda0274ded92f92a4b6911e501d4  cryptsetup-2.0.3.tar.xz
 sha256 45670cce8b6a0ddd66c8016cd8ccef6cd71f35717cbacc7f1e895b3855207b33  COPYING
 sha256 8c33cc37871654ec7ed87e6fbb896c8cf33ef5ef05b1611a5aed857596ffafa5  COPYING.LGPL

package/cryptsetup/cryptsetup.mk

@@ -5,7 +5,7 @@
 ################################################################################
 
 CRYPTSETUP_VERSION_MAJOR = 2.0
-CRYPTSETUP_VERSION = $(CRYPTSETUP_VERSION_MAJOR).2
+CRYPTSETUP_VERSION = $(CRYPTSETUP_VERSION_MAJOR).3
 CRYPTSETUP_SOURCE = cryptsetup-$(CRYPTSETUP_VERSION).tar.xz
 CRYPTSETUP_SITE = $(BR2_KERNEL_MIRROR)/linux/utils/cryptsetup/v$(CRYPTSETUP_VERSION_MAJOR)
 CRYPTSETUP_DEPENDENCIES = lvm2 popt util-linux host-pkgconf json-c \
@@ -36,7 +36,8 @@ HOST_CRYPTSETUP_DEPENDENCIES = \
 	host-json-c \
 	host-openssl
 
-HOST_CRYPTSETUP_CONF_OPTS = --with-crypto-backend=openssl
+HOST_CRYPTSETUP_CONF_OPTS = --with-crypto_backend=openssl \
+	--disable-kernel_crypto
 
 $(eval $(autotools-package))
 $(eval $(host-autotools-package))

package/dahdi-tools/Config.in

@@ -15,9 +15,5 @@ config BR2_PACKAGE_DAHDI_TOOLS
 
 	  http://www.asterisk.org/downloads/dahdi
 
-# Two comments, otherwise it may not fit in menuconfig for narrow terminals
-comment "dahdi-tools needs a toolchain w/ threads"
+comment "dahdi-tools needs a toolchain w/ threads and a Linux kernel to be built"
 	depends on !BR2_TOOLCHAIN_HAS_THREADS || !BR2_LINUX_KERNEL
-
-comment "dahdi-tools needs a Linux kernel to be built"
-	depends on !BR2_LINUX_KERNEL

package/dmidecode/Config.in

@@ -1,6 +1,6 @@
 config BR2_PACKAGE_DMIDECODE
 	bool "dmidecode"
-	depends on BR2_i386 || BR2_x86_64
+	depends on BR2_aarch64 || BR2_i386 || BR2_x86_64
 	help
 	  Dmidecode reports information about your system's hardware
 	  as described in your system BIOS according to the SMBIOS/DMI

package/docker-containerd/docker-containerd.mk

@@ -21,6 +21,7 @@ DOCKER_CONTAINERD_INSTALL_BINS = containerd containerd-shim
 define DOCKER_CONTAINERD_INSTALL_SYMLINKS
 	ln -fs runc $(TARGET_DIR)/usr/bin/docker-runc
 	ln -fs containerd-shim $(TARGET_DIR)/usr/bin/docker-containerd-shim
+	ln -fs containerd $(TARGET_DIR)/usr/bin/docker-containerd
 endef
 
 DOCKER_CONTAINERD_POST_INSTALL_TARGET_HOOKS += DOCKER_CONTAINERD_INSTALL_SYMLINKS

package/dos2unix/dos2unix.mk

@@ -24,6 +24,10 @@ ifeq ($(BR2_USE_WCHAR),)
 DOS2UNIX_MAKE_OPTS += UCS=
 endif
 
+ifeq ($(BR2_STATIC_LIBS),y)
+DOS2UNIX_MAKE_OPTS += LDFLAGS_USER=-static
+endif
+
 define DOS2UNIX_BUILD_CMDS
 	$(TARGET_CONFIGURE_OPTS) $(MAKE) -C $(@D) $(DOS2UNIX_MAKE_OPTS)
 endef

package/dropbear/0002-Wait-to-fail-invalid-usernames.patch

@@ -0,0 +1,236 @@
+From 52adbb34c32d3e2e1bcdb941e20a6f81138b8248 Mon Sep 17 00:00:00 2001
+From: Matt Johnston <matt@ucc.asn.au>
+Date: Thu, 23 Aug 2018 23:43:12 +0800
+Subject: [PATCH] Wait to fail invalid usernames
+
+[hg: https://secure.ucc.asn.au/hg/dropbear/rev/5d2d1021ca00]
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+---
+ auth.h           |  6 +++---
+ svr-auth.c       | 19 +++++--------------
+ svr-authpam.c    | 26 ++++++++++++++++++++++----
+ svr-authpasswd.c | 27 ++++++++++++++-------------
+ svr-authpubkey.c | 11 ++++++++++-
+ 5 files changed, 54 insertions(+), 35 deletions(-)
+
+diff --git a/auth.h b/auth.h
+index da498f5..98f5468 100644
+--- a/auth.h
++++ b/auth.h
+@@ -37,9 +37,9 @@ void recv_msg_userauth_request(void);
+ void send_msg_userauth_failure(int partial, int incrfail);
+ void send_msg_userauth_success(void);
+ void send_msg_userauth_banner(const buffer *msg);
+-void svr_auth_password(void);
+-void svr_auth_pubkey(void);
+-void svr_auth_pam(void);
++void svr_auth_password(int valid_user);
++void svr_auth_pubkey(int valid_user);
++void svr_auth_pam(int valid_user);
+ 
+ #if DROPBEAR_SVR_PUBKEY_OPTIONS_BUILT
+ int svr_pubkey_allows_agentfwd(void);
+diff --git a/svr-auth.c b/svr-auth.c
+index c19c090..edde86b 100644
+--- a/svr-auth.c
++++ b/svr-auth.c
+@@ -149,10 +149,8 @@ void recv_msg_userauth_request() {
+ 		if (methodlen == AUTH_METHOD_PASSWORD_LEN &&
+ 				strncmp(methodname, AUTH_METHOD_PASSWORD,
+ 					AUTH_METHOD_PASSWORD_LEN) == 0) {
+-			if (valid_user) {
+-				svr_auth_password();
+-				goto out;
+-			}
++			svr_auth_password(valid_user);
++			goto out;
+ 		}
+ 	}
+ #endif
+@@ -164,10 +162,8 @@ void recv_msg_userauth_request() {
+ 		if (methodlen == AUTH_METHOD_PASSWORD_LEN &&
+ 				strncmp(methodname, AUTH_METHOD_PASSWORD,
+ 					AUTH_METHOD_PASSWORD_LEN) == 0) {
+-			if (valid_user) {
+-				svr_auth_pam();
+-				goto out;
+-			}
++			svr_auth_pam(valid_user);
++			goto out;
+ 		}
+ 	}
+ #endif
+@@ -177,12 +173,7 @@ void recv_msg_userauth_request() {
+ 	if (methodlen == AUTH_METHOD_PUBKEY_LEN &&
+ 			strncmp(methodname, AUTH_METHOD_PUBKEY,
+ 				AUTH_METHOD_PUBKEY_LEN) == 0) {
+-		if (valid_user) {
+-			svr_auth_pubkey();
+-		} else {
+-			/* pubkey has no failure delay */
+-			send_msg_userauth_failure(0, 0);
+-		}
++		svr_auth_pubkey(valid_user);
+ 		goto out;
+ 	}
+ #endif
+diff --git a/svr-authpam.c b/svr-authpam.c
+index 05e4f3e..d201bc9 100644
+--- a/svr-authpam.c
++++ b/svr-authpam.c
+@@ -178,13 +178,14 @@ pamConvFunc(int num_msg,
+  * Keyboard interactive would be a lot nicer, but since PAM is synchronous, it
+  * gets very messy trying to send the interactive challenges, and read the
+  * interactive responses, over the network. */
+-void svr_auth_pam() {
++void svr_auth_pam(int valid_user) {
+ 
+ 	struct UserDataS userData = {NULL, NULL};
+ 	struct pam_conv pamConv = {
+ 		pamConvFunc,
+ 		&userData /* submitted to pamvConvFunc as appdata_ptr */ 
+ 	};
++	const char* printable_user = NULL;
+ 
+ 	pam_handle_t* pamHandlep = NULL;
+ 
+@@ -204,12 +205,23 @@ void svr_auth_pam() {
+ 
+ 	password = buf_getstring(ses.payload, &passwordlen);
+ 
++	/* We run the PAM conversation regardless of whether the username is valid
++	in case the conversation function has an inherent delay.
++	Use ses.authstate.username rather than ses.authstate.pw_name.
++	After PAM succeeds we then check the valid_user flag too */
++
+ 	/* used to pass data to the PAM conversation function - don't bother with
+ 	 * strdup() etc since these are touched only by our own conversation
+ 	 * function (above) which takes care of it */
+-	userData.user = ses.authstate.pw_name;
++	userData.user = ses.authstate.username;
+ 	userData.passwd = password;
+ 
++	if (ses.authstate.pw_name) {
++		printable_user = ses.authstate.pw_name;
++	} else {
++		printable_user = "<invalid username>";
++	}
++
+ 	/* Init pam */
+ 	if ((rc = pam_start("sshd", NULL, &pamConv, &pamHandlep)) != PAM_SUCCESS) {
+ 		dropbear_log(LOG_WARNING, "pam_start() failed, rc=%d, %s", 
+@@ -242,7 +254,7 @@ void svr_auth_pam() {
+ 				rc, pam_strerror(pamHandlep, rc));
+ 		dropbear_log(LOG_WARNING,
+ 				"Bad PAM password attempt for '%s' from %s",
+-				ses.authstate.pw_name,
++				printable_user,
+ 				svr_ses.addrstring);
+ 		send_msg_userauth_failure(0, 1);
+ 		goto cleanup;
+@@ -253,12 +265,18 @@ void svr_auth_pam() {
+ 				rc, pam_strerror(pamHandlep, rc));
+ 		dropbear_log(LOG_WARNING,
+ 				"Bad PAM password attempt for '%s' from %s",
+-				ses.authstate.pw_name,
++				printable_user,
+ 				svr_ses.addrstring);
+ 		send_msg_userauth_failure(0, 1);
+ 		goto cleanup;
+ 	}
+ 
++	if (!valid_user) {
++		/* PAM auth succeeded but the username isn't allowed in for another reason
++		(checkusername() failed) */
++		send_msg_userauth_failure(0, 1);
++	}
++
+ 	/* successful authentication */
+ 	dropbear_log(LOG_NOTICE, "PAM password auth succeeded for '%s' from %s",
+ 			ses.authstate.pw_name,
+diff --git a/svr-authpasswd.c b/svr-authpasswd.c
+index bdee2aa..69c7d8a 100644
+--- a/svr-authpasswd.c
++++ b/svr-authpasswd.c
+@@ -48,22 +48,14 @@ static int constant_time_strcmp(const char* a, const char* b) {
+ 
+ /* Process a password auth request, sending success or failure messages as
+  * appropriate */
+-void svr_auth_password() {
++void svr_auth_password(int valid_user) {
+ 	
+ 	char * passwdcrypt = NULL; /* the crypt from /etc/passwd or /etc/shadow */
+ 	char * testcrypt = NULL; /* crypt generated from the user's password sent */
+-	char * password;
++	char * password = NULL;
+ 	unsigned int passwordlen;
+-
+ 	unsigned int changepw;
+ 
+-	passwdcrypt = ses.authstate.pw_passwd;
+-
+-#ifdef DEBUG_HACKCRYPT
+-	/* debugging crypt for non-root testing with shadows */
+-	passwdcrypt = DEBUG_HACKCRYPT;
+-#endif
+-
+ 	/* check if client wants to change password */
+ 	changepw = buf_getbool(ses.payload);
+ 	if (changepw) {
+@@ -73,12 +65,21 @@ void svr_auth_password() {
+ 	}
+ 
+ 	password = buf_getstring(ses.payload, &passwordlen);
+-
+-	/* the first bytes of passwdcrypt are the salt */
+-	testcrypt = crypt(password, passwdcrypt);
++	if (valid_user) {
++		/* the first bytes of passwdcrypt are the salt */
++		passwdcrypt = ses.authstate.pw_passwd;
++		testcrypt = crypt(password, passwdcrypt);
++	}
+ 	m_burn(password, passwordlen);
+ 	m_free(password);
+ 
++	/* After we have got the payload contents we can exit if the username
++	is invalid. Invalid users have already been logged. */
++	if (!valid_user) {
++		send_msg_userauth_failure(0, 1);
++		return;
++	}
++
+ 	if (testcrypt == NULL) {
+ 		/* crypt() with an invalid salt like "!!" */
+ 		dropbear_log(LOG_WARNING, "User account '%s' is locked",
+diff --git a/svr-authpubkey.c b/svr-authpubkey.c
+index aa6087c..ff481c8 100644
+--- a/svr-authpubkey.c
++++ b/svr-authpubkey.c
+@@ -79,7 +79,7 @@ static int checkfileperm(char * filename);
+ 
+ /* process a pubkey auth request, sending success or failure message as
+  * appropriate */
+-void svr_auth_pubkey() {
++void svr_auth_pubkey(int valid_user) {
+ 
+ 	unsigned char testkey; /* whether we're just checking if a key is usable */
+ 	char* algo = NULL; /* pubkey algo */
+@@ -102,6 +102,15 @@ void svr_auth_pubkey() {
+ 	keybloblen = buf_getint(ses.payload);
+ 	keyblob = buf_getptr(ses.payload, keybloblen);
+ 
++	if (!valid_user) {
++		/* Return failure once we have read the contents of the packet
++		required to validate a public key. 
++		Avoids blind user enumeration though it isn't possible to prevent
++		testing for user existence if the public key is known */
++		send_msg_userauth_failure(0, 0);
++		goto out;
++	}
++
+ 	/* check if the key is valid */
+ 	if (checkpubkey(algo, algolen, keyblob, keybloblen) == DROPBEAR_FAILURE) {
+ 		send_msg_userauth_failure(0, 0);
+-- 
+2.11.0
+

package/edid-decode/Config.in

@@ -3,4 +3,4 @@ config BR2_PACKAGE_EDID_DECODE
 	help
 	  Decode EDID data in human-readable format.
 
-	  http://cgit.freedesktop.org/xorg/app/edid-decode/
+	  https://git.linuxtv.org/edid-decode.git/

package/edid-decode/edid-decode.mk

@@ -5,7 +5,7 @@
 ################################################################################
 
 EDID_DECODE_VERSION = f56f329ed23a25d002352dedba1e8f092a47286f
-EDID_DECODE_SITE = git://anongit.freedesktop.org/git/xorg/app/edid-decode.git
+EDID_DECODE_SITE = git://linuxtv.org/edid-decode.git
 EDID_DECODE_LICENSE = MIT
 EDID_DECODE_LICENSE_FILES = edid-decode.c
 

package/efl/Config.in

@@ -97,6 +97,11 @@ config BR2_PACKAGE_EFL_LIBSNDFILE
 config BR2_PACKAGE_EFL_PULSEAUDIO
 	bool "Enable pulseaudio support (recommended)"
 	default y
+	depends on BR2_PACKAGE_PULSEAUDIO_HAS_ATOMIC
+	depends on BR2_USE_WCHAR
+	depends on BR2_TOOLCHAIN_HAS_THREADS
+	depends on !BR2_STATIC_LIBS
+	depends on BR2_USE_MMU
 	select BR2_PACKAGE_PULSEAUDIO
 	help
 	  The only audio output method supported by Ecore right now is

package/eigen/eigen.mk

@@ -23,7 +23,8 @@ endif
 # Generate the .pc file at build time
 define EIGEN_BUILD_CMDS
 	sed -r -e 's,^Version: .*,Version: $(EIGEN_VERSION),' \
-		-e 's,^Cflags: .*,Cflags: -I$(EIGEN_DEST_DIR),' \
+		-e 's,^Cflags: .*,Cflags: -I$$\{prefix\}/include/eigen3,' \
+		-e 's,^prefix.*,prefix=/usr,' \
 		$(@D)/eigen3.pc.in >$(@D)/eigen3.pc
 endef
 

package/espeak/Config.in

@@ -35,6 +35,7 @@ config BR2_PACKAGE_ESPEAK_AUDIO_BACKEND_ALSA
 
 config BR2_PACKAGE_ESPEAK_AUDIO_BACKEND_PULSEAUDIO
 	bool "pulseaudio"
+	depends on BR2_PACKAGE_PULSEAUDIO_HAS_ATOMIC
 	select BR2_PACKAGE_PULSEAUDIO
 
 endchoice

package/ffmpeg/ffmpeg.hash

@@ -1,5 +1,5 @@
 # Locally calculated
-sha256 2b92e9578ef8b3e49eeab229e69305f5f4cbc1fdaa22e927fc7fca18acccd740  ffmpeg-3.4.2.tar.xz
+sha256 386f7601e865df6bddde05bb6927119b5a853f0b92e2e9834f59c125a17d3fc6  ffmpeg-3.4.4.tar.xz
 sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643  COPYING.GPLv2
 sha256 b634ab5640e258563c536e658cad87080553df6f34f62269a21d554844e58bfe  COPYING.LGPLv2.1
 sha256 73d99bc83313fff665b426d6672b4e0479102bc402fe22314ac9ce94a38aa5ff  LICENSE.md

package/ffmpeg/ffmpeg.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-FFMPEG_VERSION = 3.4.2
+FFMPEG_VERSION = 3.4.4
 FFMPEG_SOURCE = ffmpeg-$(FFMPEG_VERSION).tar.xz
 FFMPEG_SITE = http://ffmpeg.org/releases
 FFMPEG_INSTALL_STAGING = YES
@@ -231,6 +231,13 @@ ifeq ($(BR2_PACKAGE_FFMPEG_GPL)$(BR2_PACKAGE_LIBEBUR128),yy)
 FFMPEG_DEPENDENCIES += libebur128
 endif
 
+ifeq ($(BR2_PACKAGE_LIBDRM),y)
+FFMPEG_CONF_OPTS += --enable-libdrm
+FFMPEG_DEPENDENCIES += libdrm
+else
+FFMPEG_CONF_OPTS += --disable-libdrm
+endif
+
 ifeq ($(BR2_PACKAGE_LIBOPENH264),y)
 FFMPEG_CONF_OPTS += --enable-libopenh264
 FFMPEG_DEPENDENCIES += libopenh264

package/file/0001-Avoid-reading-past-the-end-of-buffer-Rui-Reis.patch

@@ -0,0 +1,30 @@
+From a642587a9c9e2dd7feacdf513c3643ce26ad3c22 Mon Sep 17 00:00:00 2001
+From: Christos Zoulas <christos@zoulas.com>
+Date: Sat, 9 Jun 2018 16:00:06 +0000
+Subject: [PATCH] Avoid reading past the end of buffer (Rui Reis)
+
+[baruch: drop file version string update hunk]
+Signed-off-by: Baruch Siach <baruch@tkos.co.il>
+---
+Upstream status: commit a642587a9c9 in github mirror
+
+ src/readelf.c | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/src/readelf.c b/src/readelf.c
+index 79c83f9f5048..1f41b46113c3 100644
+--- a/src/readelf.c
++++ b/src/readelf.c
+@@ -842,7 +842,8 @@ do_core_note(struct magic_set *ms, unsigned char *nbuf, uint32_t type,
+ 
+ 				cname = (unsigned char *)
+ 				    &nbuf[doff + prpsoffsets(i)];
+-				for (cp = cname; *cp && isprint(*cp); cp++)
++				for (cp = cname; cp < nbuf + size && *cp
++				    && isprint(*cp); cp++)
+ 					continue;
+ 				/*
+ 				 * Linux apparently appends a space at the end
+-- 
+2.17.1
+

package/file/file.hash

@@ -1,2 +1,5 @@
 # Locally calculated
-sha256 8639dc4d1b21e232285cd483604afc4a6ee810710e00e579dbe9591681722b50  file-5.32.tar.gz
+sha256 1c52c8c3d271cd898d5511c36a68059cda94036111ab293f01f83c3525b737c6  file-5.33.tar.gz
+sha256 3c0ad13c36f891a9b4f951e59eb2fc108065a46f849697cc6fd3cdb41cc23a3d  COPYING
+sha256 d98ee4d8d95e7d021a5dfc41f137ecc3b624a7b98e8bd793130202d12a21ed57  src/mygetopt.h
+sha256 85e358d575ad4ac5b38b623a25b24246ccff3c7e680d930c0a9ff5228fe434b6  src/vasprintf.c

package/file/file.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-FILE_VERSION = 5.32
+FILE_VERSION = 5.33
 FILE_SITE = ftp://ftp.astron.com/pub/file
 FILE_DEPENDENCIES = host-file zlib
 HOST_FILE_DEPENDENCIES = host-zlib
@@ -13,5 +13,12 @@ FILE_INSTALL_STAGING = YES
 FILE_LICENSE = BSD-2-Clause, BSD-4-Clause (one file), BSD-3-Clause (one file)
 FILE_LICENSE_FILES = COPYING src/mygetopt.h src/vasprintf.c
 
+ifeq ($(BR2_PACKAGE_LIBSECCOMP),y)
+FILE_CONF_OPTS += --enable-libseccomp
+FILE_DEPENDENCIES += libseccomp
+else
+FILE_CONF_OPTS += --disable-libseccomp
+endif
+
 $(eval $(autotools-package))
 $(eval $(host-autotools-package))

package/freescale-imx/imx-gpu-viv/imx-gpu-viv.mk

@@ -65,7 +65,7 @@ endif
 ifeq ($(IMX_GPU_VIV_LIB_TARGET),x11)
 define IMX_GPU_VIV_FIXUP_PKGCONFIG
 	for lib in egl gbm glesv1_cm glesv2 vg; do \
-		ln -sf $${lib}_x11.pc $(@D)/gpu-core/usr/lib/pkgconfig/$${lib}.pc
+		ln -sf $${lib}_x11.pc $(@D)/gpu-core/usr/lib/pkgconfig/$${lib}.pc || exit 1; \
 	done
 endef
 endif

package/gawk/gawk.mk

@@ -39,7 +39,7 @@ endif
 HOST_GAWK_CONF_OPTS = --without-readline --without-mpfr
 
 define GAWK_CREATE_SYMLINK
-	ln -sf /usr/bin/gawk $(TARGET_DIR)/usr/bin/awk
+	ln -sf gawk $(TARGET_DIR)/usr/bin/awk
 endef
 
 GAWK_POST_INSTALL_TARGET_HOOKS += GAWK_CREATE_SYMLINK

package/gcc/6.4.0/0002-fix-building-on-ppc64.patch

@@ -0,0 +1,38 @@
+From 765527ad3725c5f3e82ab2b8e5031120b409983d Mon Sep 17 00:00:00 2001
+From: marxin <marxin@138bc75d-0d04-0410-961f-82ee72b054a4>
+Date: Fri, 15 Jun 2018 08:51:28 +0000
+Subject: [PATCH] Partial backport r256656
+
+2018-06-15  Martin Liska  <mliska@suse.cz>
+
+	Backport from mainline
+	2018-01-10  Kelvin Nilsen  <kelvin@gcc.gnu.org>
+
+	* lex.c (search_line_fast): Remove illegal coercion of an
+	unaligned pointer value to vector pointer type and replace with
+	use of __builtin_vec_vsx_ld () built-in function, which operates
+	on unaligned pointer values.
+
+
+git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/branches/gcc-6-branch@261621 138bc75d-0d04-0410-961f-82ee72b054a4
+Signed-off-by: Joel Stanley <joel@jms.id.au>
+---
+ libcpp/lex.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libcpp/lex.c b/libcpp/lex.c
+index e5a0397f3099..b789686f1c49 100644
+--- a/libcpp/lex.c
++++ b/libcpp/lex.c
+@@ -568,7 +568,7 @@ search_line_fast (const uchar *s, const uchar *end ATTRIBUTE_UNUSED)
+     {
+       vc m_nl, m_cr, m_bs, m_qm;
+ 
+-      data = *((const vc *)s);
++      data = __builtin_vec_vsx_ld (0, s);
+       s += 16;
+ 
+       m_nl = (vc) __builtin_vec_cmpeq(data, repl_nl);
+-- 
+2.17.1
+

package/gcc/6.4.0/871-xtensa-fix-PR-target-65416.patch

@@ -0,0 +1,101 @@
+From 87fda0741d210727672cba5e54a37a189e8ac04e Mon Sep 17 00:00:00 2001
+From: Max Filippov <jcmvbkbc@gmail.com>
+Date: Sun, 17 Jun 2018 21:18:39 -0700
+Subject: [PATCH] xtensa: fix PR target/65416
+
+The issue is caused by reordering of stack pointer update after stack
+space allocation with instructions that write to the allocated stack
+space. In windowed ABI register spill area for the previous call frame
+is located just below the stack pointer and may be reloaded back into
+the register file on movsp.
+Implement allocate_stack pattern for windowed ABI configuration and
+insert an instruction that prevents reordering of frame memory access
+and stack pointer update.
+
+gcc/
+2018-06-19  Max Filippov  <jcmvbkbc@gmail.com>
+
+	* config/xtensa/xtensa.md (UNSPEC_FRAME_BLOCKAGE): New unspec
+	constant.
+	(allocate_stack, frame_blockage, *frame_blockage): New patterns.
+
+Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
+Backported from: r261755
+---
+ gcc/config/xtensa/xtensa.md | 46 +++++++++++++++++++++++++++++++++++++++++++++
+ 1 file changed, 46 insertions(+)
+
+diff --git a/gcc/config/xtensa/xtensa.md b/gcc/config/xtensa/xtensa.md
+index 84967dbedc08..209f839cfb0f 100644
+--- a/gcc/config/xtensa/xtensa.md
++++ b/gcc/config/xtensa/xtensa.md
+@@ -38,6 +38,7 @@
+   (UNSPEC_MEMW		11)
+   (UNSPEC_LSETUP_START  12)
+   (UNSPEC_LSETUP_END    13)
++  (UNSPEC_FRAME_BLOCKAGE 14)
+ 
+   (UNSPECV_SET_FP	1)
+   (UNSPECV_ENTRY	2)
+@@ -1676,6 +1677,32 @@
+ 
+ ;; Miscellaneous instructions.
+ 
++;; In windowed ABI stack pointer adjustment must happen before any access
++;; to the space allocated on stack is allowed, otherwise register spill
++;; area may be clobbered.  That's what frame blockage is supposed to enforce.
++
++(define_expand "allocate_stack"
++  [(set (match_operand 0 "nonimmed_operand")
++        (minus (reg A1_REG) (match_operand 1 "add_operand")))
++   (set (reg A1_REG)
++        (minus (reg A1_REG) (match_dup 1)))]
++  "TARGET_WINDOWED_ABI"
++{
++  if (CONST_INT_P (operands[1]))
++    {
++      rtx neg_op0 = GEN_INT (-INTVAL (operands[1]));
++      emit_insn (gen_addsi3 (stack_pointer_rtx, stack_pointer_rtx, neg_op0));
++    }
++  else
++    {
++      emit_insn (gen_subsi3 (stack_pointer_rtx, stack_pointer_rtx,
++			     operands[1]));
++    }
++  emit_move_insn (operands[0], virtual_stack_dynamic_rtx);
++  emit_insn (gen_frame_blockage ());
++  DONE;
++})
++
+ (define_expand "prologue"
+   [(const_int 0)]
+   ""
+@@ -1767,6 +1794,25 @@
+   [(set_attr "length" "0")
+    (set_attr "type" "nop")])
+ 
++;; Do not schedule instructions accessing memory before this point.
++
++(define_expand "frame_blockage"
++  [(set (match_dup 0)
++        (unspec:BLK [(match_dup 1)] UNSPEC_FRAME_BLOCKAGE))]
++  ""
++{
++  operands[0] = gen_rtx_MEM (BLKmode, gen_rtx_SCRATCH (Pmode));
++  MEM_VOLATILE_P (operands[0]) = 1;
++  operands[1] = stack_pointer_rtx;
++})
++
++(define_insn "*frame_blockage"
++  [(set (match_operand:BLK 0 "" "")
++        (unspec:BLK [(match_operand:SI 1 "" "")] UNSPEC_FRAME_BLOCKAGE))]
++  ""
++  ""
++  [(set_attr "length" "0")])
++
+ (define_insn "trap"
+   [(trap_if (const_int 1) (const_int 0))]
+   ""
+-- 
+2.11.0
+

package/gcc/7.3.0/0002-fix-building-on-ppc64.patch

@@ -0,0 +1,40 @@
+From aa65a43516da1d48011ef621ed5988289711d99b Mon Sep 17 00:00:00 2001
+From: marxin <marxin@138bc75d-0d04-0410-961f-82ee72b054a4>
+Date: Fri, 29 Jun 2018 09:31:30 +0000
+Subject: [PATCH] Partial backport r256656
+
+2018-06-29  Martin Liska  <mliska@suse.cz>
+
+	Backport from mainline
+	2018-01-10  Kelvin Nilsen  <kelvin@gcc.gnu.org>
+
+	* lex.c (search_line_fast): Remove illegal coercion of an
+	unaligned pointer value to vector pointer type and replace with
+	use of __builtin_vec_vsx_ld () built-in function, which operates
+	on unaligned pointer values.
+
+git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/branches/gcc-6-branch@261621 138bc75d-0d04-0410-961f-82ee72b054a4
+
+
+git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/branches/gcc-7-branch@262243 138bc75d-0d04-0410-961f-82ee72b054a4
+Signed-off-by: Joel Stanley <joel@jms.id.au>
+---
+ libcpp/lex.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libcpp/lex.c b/libcpp/lex.c
+index 097c78002cbb..e0fb9e822c44 100644
+--- a/libcpp/lex.c
++++ b/libcpp/lex.c
+@@ -568,7 +568,7 @@ search_line_fast (const uchar *s, const uchar *end ATTRIBUTE_UNUSED)
+     {
+       vc m_nl, m_cr, m_bs, m_qm;
+ 
+-      data = *((const vc *)s);
++      data = __builtin_vec_vsx_ld (0, s);
+       s += 16;
+ 
+       m_nl = (vc) __builtin_vec_cmpeq(data, repl_nl);
+-- 
+2.17.1
+

package/gcc/7.3.0/0002-xtensa-fix-PR-target-65416.patch

@@ -0,0 +1,101 @@
+From 87fda0741d210727672cba5e54a37a189e8ac04e Mon Sep 17 00:00:00 2001
+From: Max Filippov <jcmvbkbc@gmail.com>
+Date: Sun, 17 Jun 2018 21:18:39 -0700
+Subject: [PATCH] xtensa: fix PR target/65416
+
+The issue is caused by reordering of stack pointer update after stack
+space allocation with instructions that write to the allocated stack
+space. In windowed ABI register spill area for the previous call frame
+is located just below the stack pointer and may be reloaded back into
+the register file on movsp.
+Implement allocate_stack pattern for windowed ABI configuration and
+insert an instruction that prevents reordering of frame memory access
+and stack pointer update.
+
+gcc/
+2018-06-19  Max Filippov  <jcmvbkbc@gmail.com>
+
+	* config/xtensa/xtensa.md (UNSPEC_FRAME_BLOCKAGE): New unspec
+	constant.
+	(allocate_stack, frame_blockage, *frame_blockage): New patterns.
+
+Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
+Backported from: r261755
+---
+ gcc/config/xtensa/xtensa.md | 46 +++++++++++++++++++++++++++++++++++++++++++++
+ 1 file changed, 46 insertions(+)
+
+diff --git a/gcc/config/xtensa/xtensa.md b/gcc/config/xtensa/xtensa.md
+index 84967dbedc08..209f839cfb0f 100644
+--- a/gcc/config/xtensa/xtensa.md
++++ b/gcc/config/xtensa/xtensa.md
+@@ -38,6 +38,7 @@
+   (UNSPEC_MEMW		11)
+   (UNSPEC_LSETUP_START  12)
+   (UNSPEC_LSETUP_END    13)
++  (UNSPEC_FRAME_BLOCKAGE 14)
+ 
+   (UNSPECV_SET_FP	1)
+   (UNSPECV_ENTRY	2)
+@@ -1676,6 +1677,32 @@
+ 
+ ;; Miscellaneous instructions.
+ 
++;; In windowed ABI stack pointer adjustment must happen before any access
++;; to the space allocated on stack is allowed, otherwise register spill
++;; area may be clobbered.  That's what frame blockage is supposed to enforce.
++
++(define_expand "allocate_stack"
++  [(set (match_operand 0 "nonimmed_operand")
++        (minus (reg A1_REG) (match_operand 1 "add_operand")))
++   (set (reg A1_REG)
++        (minus (reg A1_REG) (match_dup 1)))]
++  "TARGET_WINDOWED_ABI"
++{
++  if (CONST_INT_P (operands[1]))
++    {
++      rtx neg_op0 = GEN_INT (-INTVAL (operands[1]));
++      emit_insn (gen_addsi3 (stack_pointer_rtx, stack_pointer_rtx, neg_op0));
++    }
++  else
++    {
++      emit_insn (gen_subsi3 (stack_pointer_rtx, stack_pointer_rtx,
++			     operands[1]));
++    }
++  emit_move_insn (operands[0], virtual_stack_dynamic_rtx);
++  emit_insn (gen_frame_blockage ());
++  DONE;
++})
++
+ (define_expand "prologue"
+   [(const_int 0)]
+   ""
+@@ -1767,6 +1794,25 @@
+   [(set_attr "length" "0")
+    (set_attr "type" "nop")])
+ 
++;; Do not schedule instructions accessing memory before this point.
++
++(define_expand "frame_blockage"
++  [(set (match_dup 0)
++        (unspec:BLK [(match_dup 1)] UNSPEC_FRAME_BLOCKAGE))]
++  ""
++{
++  operands[0] = gen_rtx_MEM (BLKmode, gen_rtx_SCRATCH (Pmode));
++  MEM_VOLATILE_P (operands[0]) = 1;
++  operands[1] = stack_pointer_rtx;
++})
++
++(define_insn "*frame_blockage"
++  [(set (match_operand:BLK 0 "" "")
++        (unspec:BLK [(match_operand:SI 1 "" "")] UNSPEC_FRAME_BLOCKAGE))]
++  ""
++  ""
++  [(set_attr "length" "0")])
++
+ (define_insn "trap"
+   [(trap_if (const_int 1) (const_int 0))]
+   ""
+-- 
+2.11.0
+

package/gcc/7.3.0/1000-arm-PR-target-81497-Fix-arm_acle.h-for-C.patch

@@ -0,0 +1,324 @@
+From 1a259ac3e39bf87e6e6a5eface8b0ebc6b2a0dfe Mon Sep 17 00:00:00 2001
+From: ktkachov <ktkachov@138bc75d-0d04-0410-961f-82ee72b054a4>
+Date: Tue, 5 Jun 2018 09:50:16 +0000
+Subject: [PATCH] [arm] PR target/81497: Fix arm_acle.h for C++
+MIME-Version: 1.0
+Content-Type: text/plain; charset=utf-8
+Content-Transfer-Encoding: 8bit
+
+When trying to compile something with arm_acle.h using G++ we get a number of nasty errors:
+arm_acle.h:48:49: error: invalid conversion from ‘const void*’ to ‘const int*’ [-fpermissive]
+    return __builtin_arm_ldc (__coproc, __CRd, __p);
+
+This is because the intrinsics that are supposed to be void return the "result" of their builtin,
+which is void. C lets that slide but C++ complains.
+
+After fixing that we run into further errors:
+arm_acle.h:48:46: error: invalid conversion from 'const void*' to 'const int*' [-fpermissive]
+    return __builtin_arm_ldc (__coproc, __CRd, __p);
+                                               ^~~
+Because the pointer arguments in these intrinsics are void pointers but the builtin
+expects int pointers. So this patch introduces new qualifiers for void pointers and their
+const-qualified versions and uses that in the specification of these intrinsics.
+
+This gives us the opportunity of creating an arm subdirectory in g++.dg and inaugurates it
+with the first arm-specific C++ tests (in that directory).
+
+
+	PR target/81497
+	* config/arm/arm-builtins.c (arm_type_qualifiers): Add
+	qualifier_void_pointer and qualifier_const_void_pointer.
+	(arm_ldc_qualifiers, arm_stc_qualifiers): Use the above.
+	(arm_init_builtins): Handle the above.
+	* config/arm/arm_acle.h (__arm_cdp, __arm_ldc, __arm_ldcl, __arm_stc,
+	__arm_stcl, __arm_mcr, __arm_cdp2, __arm_ldc2, __arm_ldcl2, __arm_stc2,
+	__arm_stcl2,__arm_mcr2, __arm_mcrr, __arm_mcrr2): Remove return for
+	void intrinsics.
+
+	* g++.target/arm/arm.exp: New file.
+	* g++.target/arm/pr81497.C: Likewise.
+
+
+git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/trunk@261191 138bc75d-0d04-0410-961f-82ee72b054a4
+Upstream-Status: Merged (gcc-8-branch)
+Signed-off-by: Gaël PORTAY <gael.portay@savoirfairelinux.com>
+[gportay: drop gcc/{,testsuite/}ChangeLog changes]
+---
+ gcc/config/arm/arm-builtins.c          | 42 +++++++++++++---------
+ gcc/config/arm/arm_acle.h              | 28 +++++++--------
+ gcc/testsuite/g++.target/arm/arm.exp   | 50 ++++++++++++++++++++++++++
+ gcc/testsuite/g++.target/arm/pr81497.C |  9 +++++
+ 4 files changed, 99 insertions(+), 30 deletions(-)
+ create mode 100644 gcc/testsuite/g++.target/arm/arm.exp
+ create mode 100644 gcc/testsuite/g++.target/arm/pr81497.C
+
+diff --git a/gcc/config/arm/arm-builtins.c b/gcc/config/arm/arm-builtins.c
+index 7fde7a04672..183a7b907f6 100644
+--- a/gcc/config/arm/arm-builtins.c
++++ b/gcc/config/arm/arm-builtins.c
+@@ -78,7 +78,11 @@ enum arm_type_qualifiers
+   /* Lane indices - must be within range of previous argument = a vector.  */
+   qualifier_lane_index = 0x200,
+   /* Lane indices for single lane structure loads and stores.  */
+-  qualifier_struct_load_store_lane_index = 0x400
++  qualifier_struct_load_store_lane_index = 0x400,
++  /* A void pointer.  */
++  qualifier_void_pointer = 0x800,
++  /* A const void pointer.  */
++  qualifier_const_void_pointer = 0x802
+ };
+ 
+ /*  The qualifier_internal allows generation of a unary builtin from
+@@ -202,7 +206,7 @@ arm_cdp_qualifiers[SIMD_MAX_BUILTIN_ARGS]
+ static enum arm_type_qualifiers
+ arm_ldc_qualifiers[SIMD_MAX_BUILTIN_ARGS]
+   = { qualifier_void, qualifier_unsigned_immediate,
+-      qualifier_unsigned_immediate, qualifier_const_pointer };
++      qualifier_unsigned_immediate, qualifier_const_void_pointer };
+ #define LDC_QUALIFIERS \
+   (arm_ldc_qualifiers)
+ 
+@@ -210,7 +214,7 @@ arm_ldc_qualifiers[SIMD_MAX_BUILTIN_ARGS]
+ static enum arm_type_qualifiers
+ arm_stc_qualifiers[SIMD_MAX_BUILTIN_ARGS]
+   = { qualifier_void, qualifier_unsigned_immediate,
+-      qualifier_unsigned_immediate, qualifier_pointer };
++      qualifier_unsigned_immediate, qualifier_void_pointer };
+ #define STC_QUALIFIERS \
+   (arm_stc_qualifiers)
+ 
+@@ -1095,19 +1099,25 @@ arm_init_builtin (unsigned int fcode, arm_builtin_datum *d,
+       if (qualifiers & qualifier_pointer && VECTOR_MODE_P (op_mode))
+ 	op_mode = GET_MODE_INNER (op_mode);
+ 
+-      eltype = arm_simd_builtin_type
+-	(op_mode,
+-	 (qualifiers & qualifier_unsigned) != 0,
+-	 (qualifiers & qualifier_poly) != 0);
+-      gcc_assert (eltype != NULL);
+-
+-      /* Add qualifiers.  */
+-      if (qualifiers & qualifier_const)
+-	eltype = build_qualified_type (eltype, TYPE_QUAL_CONST);
+-
+-      if (qualifiers & qualifier_pointer)
+-	eltype = build_pointer_type (eltype);
+-
++      /* For void pointers we already have nodes constructed by the midend.  */
++      if (qualifiers & qualifier_void_pointer)
++	eltype = qualifiers & qualifier_const
++		 ? const_ptr_type_node : ptr_type_node;
++      else
++	{
++	  eltype
++	    = arm_simd_builtin_type (op_mode,
++				     (qualifiers & qualifier_unsigned) != 0,
++				     (qualifiers & qualifier_poly) != 0);
++	  gcc_assert (eltype != NULL);
++
++	  /* Add qualifiers.  */
++	  if (qualifiers & qualifier_const)
++	    eltype = build_qualified_type (eltype, TYPE_QUAL_CONST);
++
++	  if (qualifiers & qualifier_pointer)
++	    eltype = build_pointer_type (eltype);
++	}
+       /* If we have reached arg_num == 0, we are at a non-void
+ 	 return type.  Otherwise, we are still processing
+ 	 arguments.  */
+diff --git a/gcc/config/arm/arm_acle.h b/gcc/config/arm/arm_acle.h
+index 9a2f0ba30dc..c0f6ea2d156 100644
+--- a/gcc/config/arm/arm_acle.h
++++ b/gcc/config/arm/arm_acle.h
+@@ -38,35 +38,35 @@ __arm_cdp (const unsigned int __coproc, const unsigned int __opc1,
+ 	   const unsigned int __CRd, const unsigned int __CRn,
+ 	   const unsigned int __CRm, const unsigned int __opc2)
+ {
+-  return __builtin_arm_cdp (__coproc, __opc1, __CRd, __CRn, __CRm, __opc2);
++  __builtin_arm_cdp (__coproc, __opc1, __CRd, __CRn, __CRm, __opc2);
+ }
+ 
+ __extension__ static __inline void __attribute__ ((__always_inline__))
+ __arm_ldc (const unsigned int __coproc, const unsigned int __CRd,
+ 	   const void * __p)
+ {
+-  return __builtin_arm_ldc (__coproc, __CRd, __p);
++  __builtin_arm_ldc (__coproc, __CRd, __p);
+ }
+ 
+ __extension__ static __inline void __attribute__ ((__always_inline__))
+ __arm_ldcl (const unsigned int __coproc, const unsigned int __CRd,
+ 	    const void * __p)
+ {
+-  return __builtin_arm_ldcl (__coproc, __CRd, __p);
++  __builtin_arm_ldcl (__coproc, __CRd, __p);
+ }
+ 
+ __extension__ static __inline void __attribute__ ((__always_inline__))
+ __arm_stc (const unsigned int __coproc, const unsigned int __CRd,
+ 	   void * __p)
+ {
+-  return __builtin_arm_stc (__coproc, __CRd, __p);
++  __builtin_arm_stc (__coproc, __CRd, __p);
+ }
+ 
+ __extension__ static __inline void __attribute__ ((__always_inline__))
+ __arm_stcl (const unsigned int __coproc, const unsigned int __CRd,
+ 	    void * __p)
+ {
+-  return __builtin_arm_stcl (__coproc, __CRd, __p);
++  __builtin_arm_stcl (__coproc, __CRd, __p);
+ }
+ 
+ __extension__ static __inline void __attribute__ ((__always_inline__))
+@@ -74,7 +74,7 @@ __arm_mcr (const unsigned int __coproc, const unsigned int __opc1,
+ 	   uint32_t __value, const unsigned int __CRn, const unsigned int __CRm,
+ 	   const unsigned int __opc2)
+ {
+-  return __builtin_arm_mcr (__coproc, __opc1, __value, __CRn, __CRm, __opc2);
++  __builtin_arm_mcr (__coproc, __opc1, __value, __CRn, __CRm, __opc2);
+ }
+ 
+ __extension__ static __inline uint32_t __attribute__ ((__always_inline__))
+@@ -90,35 +90,35 @@ __arm_cdp2 (const unsigned int __coproc, const unsigned int __opc1,
+ 	    const unsigned int __CRd, const unsigned int __CRn,
+ 	    const unsigned int __CRm, const unsigned int __opc2)
+ {
+-  return __builtin_arm_cdp2 (__coproc, __opc1, __CRd, __CRn, __CRm, __opc2);
++  __builtin_arm_cdp2 (__coproc, __opc1, __CRd, __CRn, __CRm, __opc2);
+ }
+ 
+ __extension__ static __inline void __attribute__ ((__always_inline__))
+ __arm_ldc2 (const unsigned int __coproc, const unsigned int __CRd,
+ 	    const void * __p)
+ {
+-  return __builtin_arm_ldc2 (__coproc, __CRd, __p);
++  __builtin_arm_ldc2 (__coproc, __CRd, __p);
+ }
+ 
+ __extension__ static __inline void __attribute__ ((__always_inline__))
+ __arm_ldc2l (const unsigned int __coproc, const unsigned int __CRd,
+ 	     const void * __p)
+ {
+-  return __builtin_arm_ldc2l (__coproc, __CRd, __p);
++  __builtin_arm_ldc2l (__coproc, __CRd, __p);
+ }
+ 
+ __extension__ static __inline void __attribute__ ((__always_inline__))
+ __arm_stc2 (const unsigned int __coproc, const unsigned int __CRd,
+ 	    void * __p)
+ {
+-  return __builtin_arm_stc2 (__coproc, __CRd, __p);
++  __builtin_arm_stc2 (__coproc, __CRd, __p);
+ }
+ 
+ __extension__ static __inline void __attribute__ ((__always_inline__))
+ __arm_stc2l (const unsigned int __coproc, const unsigned int __CRd,
+ 	     void * __p)
+ {
+-  return __builtin_arm_stc2l (__coproc, __CRd, __p);
++  __builtin_arm_stc2l (__coproc, __CRd, __p);
+ }
+ 
+ __extension__ static __inline void __attribute__ ((__always_inline__))
+@@ -126,7 +126,7 @@ __arm_mcr2 (const unsigned int __coproc, const unsigned int __opc1,
+ 	    uint32_t __value, const unsigned int __CRn,
+ 	    const unsigned int __CRm, const unsigned int __opc2)
+ {
+-  return __builtin_arm_mcr2 (__coproc, __opc1, __value, __CRn, __CRm, __opc2);
++  __builtin_arm_mcr2 (__coproc, __opc1, __value, __CRn, __CRm, __opc2);
+ }
+ 
+ __extension__ static __inline uint32_t __attribute__ ((__always_inline__))
+@@ -143,7 +143,7 @@ __extension__ static __inline void __attribute__ ((__always_inline__))
+ __arm_mcrr (const unsigned int __coproc, const unsigned int __opc1,
+ 	    uint64_t __value, const unsigned int __CRm)
+ {
+-  return __builtin_arm_mcrr (__coproc, __opc1, __value, __CRm);
++  __builtin_arm_mcrr (__coproc, __opc1, __value, __CRm);
+ }
+ 
+ __extension__ static __inline uint64_t __attribute__ ((__always_inline__))
+@@ -159,7 +159,7 @@ __extension__ static __inline void __attribute__ ((__always_inline__))
+ __arm_mcrr2 (const unsigned int __coproc, const unsigned int __opc1,
+ 	    uint64_t __value, const unsigned int __CRm)
+ {
+-  return __builtin_arm_mcrr2 (__coproc, __opc1, __value, __CRm);
++  __builtin_arm_mcrr2 (__coproc, __opc1, __value, __CRm);
+ }
+ 
+ __extension__ static __inline uint64_t __attribute__ ((__always_inline__))
+diff --git a/gcc/testsuite/g++.target/arm/arm.exp b/gcc/testsuite/g++.target/arm/arm.exp
+new file mode 100644
+index 00000000000..1a169d2f220
+--- /dev/null
++++ b/gcc/testsuite/g++.target/arm/arm.exp
+@@ -0,0 +1,50 @@
++#  Specific regression driver for arm.
++#  Copyright (C) 2009-2018 Free Software Foundation, Inc.
++#
++#  This file is part of GCC.
++#
++#  GCC is free software; you can redistribute it and/or modify it
++#  under the terms of the GNU General Public License as published by
++#  the Free Software Foundation; either version 3, or (at your option)
++#  any later version.
++#
++#  GCC is distributed in the hope that it will be useful, but
++#  WITHOUT ANY WARRANTY; without even the implied warranty of
++#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
++#  General Public License for more details.
++#
++#  You should have received a copy of the GNU General Public License
++#  along with GCC; see the file COPYING3.  If not see
++#  <http://www.gnu.org/licenses/>.  */
++
++# GCC testsuite that uses the `dg.exp' driver.
++
++# Exit immediately if this isn't an arm target.
++if {![istarget arm*-*-*] } then {
++  return
++}
++
++# Load support procs.
++load_lib g++-dg.exp
++
++global DEFAULT_CXXFLAGS
++if ![info exists DEFAULT_CXXFLAGS] then {
++    set DEFAULT_CXXFLAGS " -pedantic-errors"
++}
++
++
++global dg_runtest_extra_prunes
++set dg_runtest_extra_prunes ""
++lappend dg_runtest_extra_prunes "warning: switch -m(cpu|arch)=.* conflicts with -m(cpu|arch)=.* switch"
++
++# Initialize `dg'.
++dg-init
++
++# Main loop.
++dg-runtest [lsort [glob -nocomplain $srcdir/$subdir/*.C]] \
++        "" $DEFAULT_CXXFLAGS
++
++# All done.
++set dg_runtest_extra_prunes ""
++dg-finish
++
+diff --git a/gcc/testsuite/g++.target/arm/pr81497.C b/gcc/testsuite/g++.target/arm/pr81497.C
+new file mode 100644
+index 00000000000..0519a3a3045
+--- /dev/null
++++ b/gcc/testsuite/g++.target/arm/pr81497.C
+@@ -0,0 +1,9 @@
++/* { dg-do compile } */
++/* { dg-require-effective-target arm_thumb2_ok } */
++
++#include <arm_acle.h>
++
++int main ()
++{
++  return 0;
++}
+-- 
+2.17.1
+

package/gcc/Config.in.host

@@ -73,7 +73,7 @@ config BR2_GCC_VERSION
 	default "5.5.0"     if BR2_GCC_VERSION_5_X
 	default "6.4.0"     if BR2_GCC_VERSION_6_X
 	default "7.3.0"     if BR2_GCC_VERSION_7_X
-	default "arc-2018.03-rc2" if BR2_GCC_VERSION_ARC
+	default "arc-2018.03" if BR2_GCC_VERSION_ARC
 	default "or1k-musl-5.4.0-20170218" if BR2_GCC_VERSION_OR1K
 
 config BR2_EXTRA_GCC_CONFIG_OPTIONS

package/gcc/gcc.hash

@@ -8,6 +8,6 @@ sha512  02c60e54527c7adf584798d5251f8a0b80c93d5deafce82501b2c28e6692e0bd783927bb
 sha512  ad41a7e4584e40e92cdf860bc0288500fbaf5dfb7e8c3fcabe9eba809c87bcfa85b46c19c19921b0cdf6d05483faede8287bb9ea120c0d1559449a70e602c8d4  gcc-7.3.0.tar.xz
 
 # Locally calculated (fetched from Github)
-sha512  a0faf2bb34f6c72b6460c6432639d89915cfc63456cfdf016896b3ef075655b2e9f26e745d841bbc38e776bc7a3729359cca88f1e4fb83489fa6775a3ccb55b8  gcc-arc-2018.03-rc2.tar.gz
+sha512  7c6555d629957d154c9c0524fc2c82301c9ab9192f5b9175c47b1f2dde298ac032e86360d91866c3c4d001cf8e191a90dc88f3c900ebfc367c5888ab7bf2ce79  gcc-arc-2018.03.tar.gz
 # Locally calculated (fetched from Github)
 sha512  2de7cf47333a4092b02d3bb98f4206f14966f1d139a724d09cf3b22f8a43ae0c704f33e6477d6367a03c29b265480dc900169e9d417006c5d46f0ae446b8c6f1  gcc-or1k-musl-5.4.0-20170218.tar.gz

package/gdb/7.12.1/0007-gdbserver-fix-build-for-m68k.patch

@@ -0,0 +1,62 @@
+From 80c60ea9fb3634272a98ec526eabff25f5255bae Mon Sep 17 00:00:00 2001
+From: Romain Naour <romain.naour@gmail.com>
+Date: Fri, 22 Jun 2018 22:40:26 +0200
+Subject: [PATCH] gdbserver: fix build for m68k
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+As for strace [1], when <sys/reg.h> is included after <linux/ptrace.h>,
+the build fails on m68k with the following diagnostics:
+
+In file included from ./../nat/linux-ptrace.h:28:0,
+                 from linux-low.h:27,
+                 from linux-m68k-low.c:20:
+[...]/usr/include/sys/reg.h:26:3: error: expected identifier before numeric constant
+   PT_D1 = 0,
+   ^
+[...]usr/include/sys/reg.h:26:3: error: expected « } » before numeric constant
+[...]usr/include/sys/reg.h:26:3: error: expected unqualified-id before numeric constant
+In file included from linux-m68k-low.c:27:0:
+[...]usr/include/sys/reg.h:99:1: error: expected declaration before « } » token
+ };
+ ^
+
+Fix this by moving <sys/reg.h> on top of "linux-low.h".
+
+[1] https://github.com/strace/strace/commit/6ebf6c4f9e5ebca123a5b5f24afe67cf0473cf92
+
+Signed-off-by: Romain Naour <romain.naour@gmail.com>
+---
+ gdb/gdbserver/linux-m68k-low.c | 9 +++++----
+ 1 file changed, 5 insertions(+), 4 deletions(-)
+
+diff --git a/gdb/gdbserver/linux-m68k-low.c b/gdb/gdbserver/linux-m68k-low.c
+index 5594f10f927..19b4ef7b259 100644
+--- a/gdb/gdbserver/linux-m68k-low.c
++++ b/gdb/gdbserver/linux-m68k-low.c
+@@ -17,16 +17,17 @@
+    along with this program.  If not, see <http://www.gnu.org/licenses/>.  */
+ 
+ #include "server.h"
++
++#ifdef HAVE_SYS_REG_H
++#include <sys/reg.h>
++#endif
++
+ #include "linux-low.h"
+ 
+ /* Defined in auto-generated file reg-m68k.c.  */
+ void init_registers_m68k (void);
+ extern const struct target_desc *tdesc_m68k;
+ 
+-#ifdef HAVE_SYS_REG_H
+-#include <sys/reg.h>
+-#endif
+-
+ #define m68k_num_regs 29
+ #define m68k_num_gregs 18
+ 
+-- 
+2.14.4
+

package/gdb/8.0.1/0005-gdbserver-fix-build-for-m68k.patch

@@ -0,0 +1,62 @@
+From 80c60ea9fb3634272a98ec526eabff25f5255bae Mon Sep 17 00:00:00 2001
+From: Romain Naour <romain.naour@gmail.com>
+Date: Fri, 22 Jun 2018 22:40:26 +0200
+Subject: [PATCH] gdbserver: fix build for m68k
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+As for strace [1], when <sys/reg.h> is included after <linux/ptrace.h>,
+the build fails on m68k with the following diagnostics:
+
+In file included from ./../nat/linux-ptrace.h:28:0,
+                 from linux-low.h:27,
+                 from linux-m68k-low.c:20:
+[...]/usr/include/sys/reg.h:26:3: error: expected identifier before numeric constant
+   PT_D1 = 0,
+   ^
+[...]usr/include/sys/reg.h:26:3: error: expected « } » before numeric constant
+[...]usr/include/sys/reg.h:26:3: error: expected unqualified-id before numeric constant
+In file included from linux-m68k-low.c:27:0:
+[...]usr/include/sys/reg.h:99:1: error: expected declaration before « } » token
+ };
+ ^
+
+Fix this by moving <sys/reg.h> on top of "linux-low.h".
+
+[1] https://github.com/strace/strace/commit/6ebf6c4f9e5ebca123a5b5f24afe67cf0473cf92
+
+Signed-off-by: Romain Naour <romain.naour@gmail.com>
+---
+ gdb/gdbserver/linux-m68k-low.c | 9 +++++----
+ 1 file changed, 5 insertions(+), 4 deletions(-)
+
+diff --git a/gdb/gdbserver/linux-m68k-low.c b/gdb/gdbserver/linux-m68k-low.c
+index 5594f10f927..19b4ef7b259 100644
+--- a/gdb/gdbserver/linux-m68k-low.c
++++ b/gdb/gdbserver/linux-m68k-low.c
+@@ -17,16 +17,17 @@
+    along with this program.  If not, see <http://www.gnu.org/licenses/>.  */
+ 
+ #include "server.h"
++
++#ifdef HAVE_SYS_REG_H
++#include <sys/reg.h>
++#endif
++
+ #include "linux-low.h"
+ 
+ /* Defined in auto-generated file reg-m68k.c.  */
+ void init_registers_m68k (void);
+ extern const struct target_desc *tdesc_m68k;
+ 
+-#ifdef HAVE_SYS_REG_H
+-#include <sys/reg.h>
+-#endif
+-
+ #define m68k_num_regs 29
+ #define m68k_num_gregs 18
+ 
+-- 
+2.14.4
+

package/gdb/Config.in

@@ -10,10 +10,16 @@ comment "gdb/gdbserver needs a toolchain w/ threads, threads debug"
 	depends on BR2_PACKAGE_GDB_ARCH_SUPPORTS
 	depends on !BR2_TOOLCHAIN_HAS_THREADS || !BR2_TOOLCHAIN_HAS_THREADS_DEBUG
 
+comment "gdb/gdbserver >= 8.x needs a toolchain w/ C++, gcc >= 4.8"
+	depends on BR2_PACKAGE_GDB_NEEDS_CXX11
+	depends on !BR2_INSTALL_LIBSTDCPP || !BR2_TOOLCHAIN_GCC_AT_LEAST_4_8
+
 config BR2_PACKAGE_GDB
 	bool "gdb"
 	depends on BR2_TOOLCHAIN_HAS_THREADS && BR2_TOOLCHAIN_HAS_THREADS_DEBUG
 	depends on BR2_PACKAGE_GDB_ARCH_SUPPORTS
+	depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_8 || !BR2_PACKAGE_GDB_NEEDS_CXX11
+	depends on BR2_INSTALL_LIBSTDCPP || !BR2_PACKAGE_GDB_NEEDS_CXX11
 	# When the external toolchain gdbserver is copied to the
 	# target, we don't allow building a separate gdbserver. The
 	# one from the external toolchain should be used.

package/gdb/Config.in.host

@@ -3,7 +3,6 @@ config BR2_PACKAGE_HOST_GDB_ARCH_SUPPORTS
 	default y
 	# The ARC version needs C++11, thus gcc >= 4.8, like gdb-8.0.x
 	depends on BR2_HOST_GCC_AT_LEAST_4_8 || !BR2_arc
-	depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_8 || !BR2_arc
 	depends on !((BR2_arm || BR2_armeb) && BR2_BINFMT_FLAT)
 	depends on !BR2_microblaze
 	depends on !BR2_nios2
@@ -63,18 +62,29 @@ config BR2_GDB_VERSION_7_12
 config BR2_GDB_VERSION_8_0
 	bool "gdb 8.0.x"
 	# Needs a C++11 compiler
-	depends on BR2_INSTALL_LIBSTDCPP
 	depends on BR2_HOST_GCC_AT_LEAST_4_8
-	depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_8
 
 endchoice
 
 endif
 
+# Tells whether the currently selected gdb version requires C++11
+# support in the toolchain. When host-gdb is not enabled, the target
+# gdb built is 7.11, which doesn't require C++11 support. So it's only
+# if host-gdb is built, with the version set to 8.0 that C++11 support
+# is needed in the toolchain to build gdb for the target.
+#
+# Even though this option is related to target gdb dependencies, we
+# keep it next to the BR2_GDB_VERSION so that they are kept in sync.
+config BR2_PACKAGE_GDB_NEEDS_CXX11
+	bool
+	default y if BR2_GDB_VERSION_8_0
+	default y if BR2_arc
+
 # If cross-gdb is not enabled, the latest working version is chosen.
 config BR2_GDB_VERSION
 	string
-	default "arc-2018.03-rc2-gdb" if BR2_arc
+	default "arc-2018.03-gdb" if BR2_arc
 	default "7.10.1"   if BR2_GDB_VERSION_7_10
 	default "7.11.1"   if BR2_GDB_VERSION_7_11 || !BR2_PACKAGE_HOST_GDB
 	default "7.12.1"   if BR2_GDB_VERSION_7_12

package/gdb/gdb.hash

@@ -5,4 +5,4 @@ sha512  0ac8d0a495103611ef41167a08313a010dce6ca4c6d827cbe8558a0c1a1a8a6bfa53f1b7
 sha512  5eb328910033f0918058be2f92caebf1e8dfc6caa3c730d99d621627e53de3c1b43761c2f683d53555893253c2f06768cbf56cdea051a3d291ffb6cfae87b5e1	gdb-8.0.1.tar.xz
 
 # Locally calculated (fetched from Github)
-sha512  0c58dd3e8fff8b51a459aba78f4acd1beaa3427e00a63a7242827f22c6af157e4aea91ab754cdc021e0075a5bf2b70df903dba67dbff2415fd0f82c8aab99087 	gdb-arc-2018.03-rc2-gdb.tar.gz
+sha512  b17e4066730491f6a75b00eab78012f67cc445fe95ecd82c06cda7c1255190e6c471ac89b92f2fcdba4790b0046756b9cecf1f827537afcb44e1e578345852ad 	gdb-arc-2018.03-gdb.tar.gz

package/ghostscript/ghostscript.mk

@@ -40,7 +40,7 @@ GHOSTSCRIPT_CONF_OPTS = \
 	--disable-compile-inits \
 	--disable-cups \
 	--enable-fontconfig \
-	--with-fontpath=$(GHOSTSCRIPT_FONTS_TARGET_DIR) \
+	--with-fontpath=/usr/share/fonts \
 	--enable-freetype \
 	--disable-gtk \
 	--without-jbig2dec \

package/glibc/glibc.hash

@@ -1,7 +1,7 @@
 # Locally calculated (fetched from Github)
 sha256  33189b3f10c88730a1f686fac794bc01f31765f12ffd75bc5e8a0f2a690d217a     glibc-glibc-2.27-57-g6c99e37f6fb640a50a3113b2dbee5d5389843c1e.tar.gz
 # Locally calculated (fetched from Github)
-sha256  ddc63360393ab88ab6a4a0c81d33481f34c5a9ebd758eec2e6bb35385058b4cb     glibc-arc-2018.03-rc2.tar.gz
+sha256  e08ab67b2db2d0f0e8f3311d23c54fb8f6d4c1ef6fa0b4047fd5da400e3ce9de     glibc-arc-2018.03-release.tar.gz
 
 sha256  8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643  COPYING
 sha256  dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551  COPYING.LIB

package/glibc/glibc.mk

@@ -5,7 +5,7 @@
 ################################################################################
 
 ifeq ($(BR2_arc),y)
-GLIBC_VERSION =  arc-2018.03-rc2
+GLIBC_VERSION =  arc-2018.03-release
 GLIBC_SITE = $(call github,foss-for-synopsys-dwc-arc-processors,glibc,$(GLIBC_VERSION))
 else
 # Generate version string using:

package/gnupg/gnupg.hash

@@ -1,3 +1,3 @@
 # Locally computed based on signature
-# https://gnupg.org/ftp/gcrypt/gnupg/gnupg-1.4.22.tar.bz2.sig
-sha256	9594a24bec63a21568424242e3f198b9d9828dea5ff0c335e47b06f835f930b4	gnupg-1.4.22.tar.bz2
+# https://gnupg.org/ftp/gcrypt/gnupg/gnupg-1.4.23.tar.bz2.sig
+sha256	c9462f17e651b6507848c08c430c791287cd75491f8b5a8b50c6ed46b12678ba	gnupg-1.4.23.tar.bz2

package/gnupg/gnupg.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-GNUPG_VERSION = 1.4.22
+GNUPG_VERSION = 1.4.23
 GNUPG_SOURCE = gnupg-$(GNUPG_VERSION).tar.bz2
 GNUPG_SITE = https://gnupg.org/ftp/gcrypt/gnupg
 GNUPG_LICENSE = GPL-3.0+

package/gnupg2/gnupg2.hash

@@ -1,6 +1,6 @@
-# From https://lists.gnupg.org/pipermail/gnupg-announce/2018q2/000424.html
-sha1 e222cda63409a86992369df8976f6c7511e10ea0  gnupg-2.2.7.tar.bz2
+# From https://lists.gnupg.org/pipermail/gnupg-announce/2018q2/000425.html
+sha1 d87553a125832ea90e8aeb3ceeecf24f88de56fb  gnupg-2.2.8.tar.bz2
 # Calculated based on the hash above and signature
-# https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.2.7.tar.bz2.sig
-sha256 d95b361ee6ef7eff86af40c8c72bf9313736ac9f7010d6604d78bf83818e976e  gnupg-2.2.7.tar.bz2
+# https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.2.8.tar.bz2.sig
+sha256 777b4cb8ced21965a5053d4fa20fe11484f0a478f3d011cef508a1a49db50dcd  gnupg-2.2.8.tar.bz2
 sha256 bc2d6664f6276fa0a72d57633b3ae68dc7dcb677b71018bf08c8e93e509f1357  COPYING

package/gnupg2/gnupg2.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-GNUPG2_VERSION = 2.2.7
+GNUPG2_VERSION = 2.2.8
 GNUPG2_SOURCE = gnupg-$(GNUPG2_VERSION).tar.bz2
 GNUPG2_SITE = https://gnupg.org/ftp/gcrypt/gnupg
 GNUPG2_LICENSE = GPL-3.0+

package/gnutls/gnutls.hash

@@ -1,6 +1,6 @@
 # Locally calculated after checking pgp signature
-# https://www.gnupg.org/ftp/gcrypt/gnutls/v3.5/gnutls-3.5.18.tar.xz.sig
-sha256	ae2248d9e78747cf9c469dde81ff8f90b56838b707a0637f3f7d4eee90e80234	gnutls-3.5.18.tar.xz
+# https://www.gnupg.org/ftp/gcrypt/gnutls/v3.5/gnutls-3.5.19.tar.xz.sig
+sha256	1936eb64f03aaefd6eb16cef0567457777618573826b94d03376bb6a4afadc44	gnutls-3.5.19.tar.xz
 # Locally calculated
 sha256	8ceb4b9ee5adedde47b31e975c1d90c73ad27b6b165a1dcd80c7c545eb65b903	doc/COPYING
 sha256	6095e9ffa777dd22839f7801aa845b31c9ed07f3d6bf8a26dc5d2dec8ccc0ef3	doc/COPYING.LESSER

package/gnutls/gnutls.mk

@@ -5,7 +5,7 @@
 ################################################################################
 
 GNUTLS_VERSION_MAJOR = 3.5
-GNUTLS_VERSION = $(GNUTLS_VERSION_MAJOR).18
+GNUTLS_VERSION = $(GNUTLS_VERSION_MAJOR).19
 GNUTLS_SOURCE = gnutls-$(GNUTLS_VERSION).tar.xz
 GNUTLS_SITE = https://www.gnupg.org/ftp/gcrypt/gnutls/v$(GNUTLS_VERSION_MAJOR)
 GNUTLS_LICENSE = LGPL-2.1+ (core library), GPL-3.0+ (gnutls-openssl library)

package/gstreamer/gst-plugins-good/Config.in

@@ -205,11 +205,14 @@ config BR2_PACKAGE_GST_PLUGINS_GOOD_PLUGIN_PULSE
 	depends on BR2_TOOLCHAIN_HAS_THREADS # pulseaudio
 	depends on BR2_USE_MMU # pulseaudio
 	depends on !BR2_STATIC_LIBS # pulseaudio
+	depends on BR2_USE_WCHAR # pulseaudio
+	depends on BR2_PACKAGE_PULSEAUDIO_HAS_ATOMIC # pulseaudio
 	select BR2_PACKAGE_PULSEAUDIO
 
-comment "pulseaudio support needs a toolchain w/ threads, dynamic library"
+comment "pulseaudio support needs a toolchain w/ threads, wchar, dynamic library"
 	depends on BR2_USE_MMU
-	depends on !BR2_TOOLCHAIN_HAS_THREADS || BR2_STATIC_LIBS
+	depends on BR2_PACKAGE_PULSEAUDIO_HAS_ATOMIC
+	depends on !BR2_TOOLCHAIN_HAS_THREADS || BR2_STATIC_LIBS || !BR2_USE_WCHAR
 
 config BR2_PACKAGE_GST_PLUGINS_GOOD_PLUGIN_SOUPHTTPSRC
 	bool "souphttpsrc (http client)"

package/gstreamer1/gst1-plugins-good/Config.in

@@ -321,13 +321,16 @@ config BR2_PACKAGE_GST1_PLUGINS_GOOD_PLUGIN_PULSE
 	depends on BR2_TOOLCHAIN_HAS_THREADS # pulseaudio
 	depends on BR2_USE_MMU # pulseaudio
 	depends on !BR2_STATIC_LIBS # pulseaudio
+	depends on BR2_USE_WCHAR # pulseaudio
+	depends on BR2_PACKAGE_PULSEAUDIO_HAS_ATOMIC # pulseaudio
 	select BR2_PACKAGE_PULSEAUDIO
 	help
 	  PulseAudio plugin library
 
-comment "pulseaudio support needs a toolchain w/ threads, dynamic library"
+comment "pulseaudio support needs a toolchain w/ threads, wchar, dynamic library"
 	depends on BR2_USE_MMU
-	depends on !BR2_TOOLCHAIN_HAS_THREADS || BR2_STATIC_LIBS
+	depends on BR2_PACKAGE_PULSEAUDIO_HAS_ATOMIC
+	depends on !BR2_TOOLCHAIN_HAS_THREADS || BR2_STATIC_LIBS || !BR2_USE_WCHAR
 
 config BR2_PACKAGE_GST1_PLUGINS_GOOD_PLUGIN_SOUPHTTPSRC
 	bool "souphttpsrc (http client)"