Update for 2019.08.3

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

CHANGES

@@ -1,3 +1,115 @@
+2019.08.3, released December 7th, 2019
+
+	Important / security related fixes.
+
+	Infrastructure: Make HOST_<pkg>_DL_OPTS inherit from
+	<pkg>_DL_OPTS by default, just like it is done for a number of
+	other package variables
+
+	Add <pkg>_KEEP_PY_FILES to exclude specific python .py files
+	from the removal done by BR2_PACKAGE_PYTHON{,3}_PYC_ONLY for
+	the (rare) case where the .py files are needed at runtime
+	rather than .pyc.
+
+	Fix <pkg>-reconfigure handling for packages using the kconfig
+	infrastructure.
+
+	Toolchain: ensure external toolchain kernel headers version
+	check correctly stop the build on mismatch
+
+	Deconfigs: beaglebone: fix boot issue
+
+	Updated/fixed packages: am33x-cm3, asterisk, bind, chrony,
+	clamav, cmocka, collectd, connman, dhcp, dropwatch, faifa,
+	gettext-tiny, gob2, haproxy, intel-microcode, ipsec-tools,
+	jailhouse, jasper, jpeg-turbo, kodi, kvm-unit-tests, libftdi,
+	libftdi1, libnss, libressl, libstrophe, libsvgtiny, lvm2,
+	lzma, mariadb, minicom, mosquitto, neardal, ninja, nodejs,
+	oniguruma, openvmtools, oracle-mysql, perl-gdgraph,
+	perl-gdtextutil, php, postgresql, prosody, python-cchardet,
+	python-django, qt5wayland, rabbitmq, rauc, redis, rpcbind,
+	socat, spice, spice-protocol, tftpd, tiff, webkitgtk
+
+	New packages: libmspack
+
+	Issues resolved (http://bugs.uclibc.org):
+
+	#12166: Compiling nodejs for SAMA5D3 always crash with illegal inst..
+	#12171: Python-opencv needs config.py and config-3.7.py to run..
+	#12211: host-nodejs 10.15.3 package fail to build
+	#12316: tzdata fails to install with empty "default local time"
+
+2019.08.2, released November 9th, 2019
+
+	Important / security related fixes.
+
+	Toolchain: Also copy libssp.so for external toolchains if SSP
+	to handle toolchains providing SSP support in libssp rather
+	than in the C library
+
+	Download: Also use the package download method for extra
+	downloads from the same site, so it does not get confused by
+	URLs containing '+'
+
+	Fakeroot now works correctly under Microsoft Windows 10
+	Services for Linux, which does not provide SYSV IPC support
+
+	utils/test-pkg: ensure to exit with an error upon failure
+
+	Updated/fixed packages: asterisk, azmq, binutils,
+	cups-filters, domoticz, dtc, duma, elf2flt, eudev, exfat,
+	exfat-utils, fakeroot, fdk-aac, file, freerdp, gcc, gd,
+	ghostscript, go, gpsd, grpc, gst1-plugins-base, gvfs, icu,
+	intel-microcode, kvm-unit-tests, libfribidi, libnspr, libnss,
+	libopenssl, libpcap, libpciaccess, librsvg, libseccomp,
+	libsigrok, libtorrent, libunwind, libva, linux-tools,
+	lua-sdl2, lxc, minizip, mjpegtools, mongoose, mono, nbd,
+	nfs-utils, php, piglit, python, python-autobahn,
+	python-pysnmp-apps, python-tornado, python3, qemu, qt5base,
+	ruby, safeclib, samba4, sdl_mixer, sox, sudo, suricata,
+	systemd, tcpdump, unscd, util-linux, vdr-plugin-vnsiserver,
+	vtun, wireshark, xvisor, yaffs2utils
+
+	Issues resolved (http://bugs.uclibc.org):
+
+	#11366: [2018.08] SysV IPC not available for fakeroot on WSL
+	#12261: sudo versions prior to 1.8.28 are affected
+
+2019.08.1, released October 3rd, 2019
+
+	Important / security related fixes.
+
+	Defconfigs: AArch64-efi: Fix grub configuration, Beaglebone:
+	Use default console settings
+
+	Dependencies: Ensure host has JSON::PP perl module installed
+	if webkitgtk/wpewebkit packages are enabled as it is needed
+	during their build process.
+
+	Toolchain: Generate check-headers program under BUILD_DIR
+	rather than /tmp to fix issues with distributions mounting
+	/tmp noexec.
+
+	Updated/fixed packages: asterisk, augeas, axel, bind, bwm-ng,
+	cups, cups-filters, docker-cli, docker-engine, docker-proxy,
+	e2fsprogs, eudev, exim, expat, gcc, go, haveged, ifplugd, joe,
+	kf5-extra-cmake-modules, kf5-modemmanager-qt,
+	kf5-networkmanager-qt, libcamera, libcurl, libgcrypt,
+	libglib2, libgpg-error, libnspr, libnss, libopenssl,
+	logrotate, luksmeta, mariadb, mbedtls, mongodb, mosquitto,
+	ncurses, nfs-utils, nghttp2, nodejs, openvmtools, php,
+	protobuf, putty, qemu, samba4, snort, swupdate,
+	systemd-bootchart, thttpd, uclibc, unzip, util-linux,
+	wireshark
+
+	Issues resolved (http://bugs.uclibc.org):
+
+	#10806: Allow nfs-utils to use ipv6
+	#11781: mariadb build error
+	#12031: Build of cups-filters fails while linking, apparently due..
+	#12141: eudev package is missing "render" and "kvm" groups
+	#12241: Permission denied while running "make"
+
 2019.08, released September 1st, 2019
 
 	Various fixes.

Config.in

@@ -718,10 +718,15 @@ comment "Security Hardening Options"
 config BR2_PIC_PIE
 	bool "Build code with PIC/PIE"
 	depends on BR2_SHARED_LIBS
+	depends on BR2_TOOLCHAIN_SUPPORTS_PIE
 	help
 	  Generate Position-Independent Code (PIC) and link
 	  Position-Independent Executables (PIE).
 
+comment "PIC/PIE needs a toolchain w/ PIE"
+	depends on BR2_SHARED_LIBS
+	depends on !BR2_TOOLCHAIN_SUPPORTS_PIE
+
 choice
 	bool "Stack Smashing Protection"
 	default BR2_SSP_ALL if BR2_ENABLE_SSP # legacy
@@ -804,12 +809,16 @@ config BR2_RELRO_PARTIAL
 
 config BR2_RELRO_FULL
 	bool "Full"
+	depends on BR2_TOOLCHAIN_SUPPORTS_PIE
 	select BR2_PIC_PIE
 	help
 	  This option includes the partial configuration, but also marks
 	  the GOT as read-only at the cost of initialization time during
 	  program loading, i.e every time an executable is started.
 
+comment "RELRO Full needs a toolchain w/ PIE"
+	depends on !BR2_TOOLCHAIN_SUPPORTS_PIE
+
 endchoice
 
 comment "RELocation Read Only (RELRO) needs shared libraries"

DEVELOPERS

@@ -143,7 +143,6 @@ F:	package/ktap/
 N:	André Hentschel <nerv@dawncrow.de>
 F:	board/freescale/imx8qxpmek/
 F:	configs/freescale_imx8qxpmek_defconfig
-F:	package/azure-iot-sdk-c/
 F:	package/freescale-imx/imx-sc-firmware/
 F:	package/libkrb5/
 F:	package/openal/
@@ -225,13 +224,14 @@ F:	package/sqlcipher/
 F:	package/stress/
 
 N:	Asaf Kahlon <asafka7@gmail.com>
+F:	package/collectd/
 F:	package/libuv/
 F:	package/python*
 F:	package/spdlog/
 F:	package/uftp/
 F:	package/zeromq/
 
-N:	Ash Charles <ash.charles@savoirfairelinux.com>
+N:	Ash Charles <ashcharles@gmail.com>
 F:	package/pru-software-support/
 F:	package/ti-cgt-pru/
 
@@ -287,7 +287,6 @@ F:	package/alsa-utils/
 F:	package/apache/
 F:	package/apr/
 F:	package/apr-util/
-F:	package/asterisk/
 F:	package/bcg729/
 F:	package/bluez-tools/
 F:	package/boinc/
@@ -340,6 +339,7 @@ F:	package/libilbc/
 F:	package/libldns/
 F:	package/libmicrohttpd/
 F:	package/libminiupnpc/
+F:	package/libmspack/
 F:	package/libnatpmp/
 F:	package/libnpth/
 F:	package/libogg/
@@ -593,9 +593,6 @@ F:	package/log4cpp/
 N:	Daniel Nicoletti <dantti12@gmail.com>
 F:	package/cutelyst/
 
-N:	Daniel Nyström <daniel.nystrom@timeterminal.se>
-F:	package/e2tools/
-
 N:	Daniel Price <daniel.price@gmail.com>
 F:	package/nodejs/
 F:	package/redis/
@@ -872,7 +869,9 @@ F:	package/ser2net/
 
 N:	Francois Perrad <francois.perrad@gadz.org>
 F:	board/olimex/a20_olinuxino
+F:	board/olimex/imx233_olinuxino/
 F:	configs/olimex_a20_olinuxino_*
+F:	configs/olimex_imx233_olinuxino_defconfig
 F:	package/4th/
 F:	package/cgilua/
 F:	package/chipmunk/
@@ -955,7 +954,7 @@ F:	package/tesseract-ocr/
 F:	package/webp/
 F:	package/xapian/
 
-N:	Giulio Benetti <giulio.benetti@micronovasrl.com>
+N:	Giulio Benetti <giulio.benetti@benettiengineering.com>
 F:	package/minicom/
 F:	package/sunxi-mali-mainline/
 F:	package/sunxi-mali-mainline-driver/
@@ -1045,6 +1044,7 @@ F:	board/bananapi/
 F:	board/engicam/
 F:	board/friendlyarm/nanopi-a64/
 F:	board/friendlyarm/nanopi-neo2/
+F:	board/olimex/a33_olinuxino/
 F:	board/olimex/a64-olinuxino/
 F:	board/orangepi/orangepi-lite2/
 F:	board/orangepi/orangepi-one-plus
@@ -1065,6 +1065,7 @@ F:	configs/engicam_imx6ul_geam_defconfig
 F:	configs/engicam_imx6ul_isiot_defconfig
 F:	configs/friendlyarm_nanopi_a64_defconfig
 F:	configs/friendlyarm_nanopi_neo2_defconfig
+F:	configs/olimex_a33_olinuxino_defconfig
 F:	configs/olimex_a64_olinuxino_defconfig
 F:	configs/orangepi_lite2_defconfig
 F:	configs/orangepi_one_plus_defconfig
@@ -1211,10 +1212,6 @@ F:	package/phidgetwebservice/
 F:	package/rapidxml/
 F:	package/sphinxbase/
 
-N:	Jonathan Liu <net147@gmail.com>
-F:	package/python-meld3/
-F:	package/supervisor/
-
 N:	Jörg Krause <joerg.krause@embedded.rocks>
 F:	board/lemaker/bananapro/
 F:	configs/bananapro_defconfig
@@ -1285,9 +1282,6 @@ F:	package/python-pygame/
 N:	Julien Corjon <corjon.j@ecagroup.com>
 F:	package/qt5/
 
-N:	Julien Floret <julien.floret@6wind.com>
-F:	package/lldpd/
-
 N:	Julien Grossholtz <julien.grossholtz@openest.io>
 F:	package/paho-mqtt-c
 
@@ -1313,9 +1307,6 @@ F:	package/cpuload/
 F:	package/bwm-ng/
 F:	package/ramsmp/
 
-N:	Kevin Joly <kevin.joly@sensefly.com>
-F:	package/libgphoto2/
-
 N:	Kieran Bingham <kieran.bingham@ideasonboard.com>
 F:	package/libcamera/
 
@@ -1449,7 +1440,7 @@ F:	package/lynx/
 N:	Mario Rugiero <mrugiero@gmail.com>
 F:	package/ratpoison/
 
-N:	Mark Corbin <mark.corbin@embecosm.com>
+N:	Mark Corbin <mark@dibsco.co.uk>
 F:	arch/arch.mk.riscv
 F:	arch/Config.in.riscv
 F:	board/qemu/riscv32-virt/
@@ -1478,7 +1469,7 @@ F:	package/tslib/
 F:	package/x11r7/xdriver_xf86-input-tslib/
 F:	package/x11vnc/
 
-N:	Mathieu Audat <mathieu.audat@savoirfairelinux.com>
+N:	Mathieu Audat <mathieuaudat@gmail.com>
 F:	board/technologic/ts4900/
 F:	configs/ts4900_defconfig
 F:	package/ts4900-fpga/
@@ -1646,6 +1637,9 @@ F:	package/python-pyzmq/
 N:	Michael Trimarchi <michael@amarulasolutions.com>
 F:	package/python-spidev/
 
+N:	Michael Vetter <jubalh@iodoru.org>
+F:	package/jasper/
+
 N:	Michał Łyszczek <michal.lyszczek@bofc.pl>
 F:	board/altera/socrates_cyclone5/
 F:	board/pine64/rock64
@@ -1672,9 +1666,6 @@ N:	Mirza Krak <mirza.krak@northern.tech>
 F:	package/mender/
 F:	package/mender-artifact/
 
-N:	Morgan Delestre <m.delestre@sinters.fr>
-F:	package/monkey/
-
 N:	Murat Demirten <mdemirten@yh.com.tr>
 F:	package/jpeg-turbo/
 F:	package/libgeotiff/
@@ -1815,6 +1806,8 @@ F:	package/python-websocket-client/
 F:	package/sedutil/
 F:	package/tpm2-totp/
 F:	package/triggerhappy/
+F:	package/wireguard/
+F:	support/testing/tests/package/test_docker_compose.py
 
 N:	Peter Seiderer <ps.report@gmx.net>
 F:	board/raspberrypi/
@@ -1883,11 +1876,13 @@ F:	package/trace-cmd/
 
 N:	Pierre-Jean Texier <pjtexier@koncepto.io>
 F:	package/genimage/
+F:	package/haveged/
 F:	package/libarchive/
 F:	package/libevent/
 F:	package/libubootenv/
 F:	package/libxml2/
 F:	package/python-periphery/
+F:	package/sbc/
 F:	package/stunnel/
 
 N:	Pieter De Gendt <pieter.degendt@gmail.com>
@@ -1898,9 +1893,6 @@ F:	package/libdvbpsi/
 F:	package/mraa/
 F:	package/synergy/
 
-N:	Pranit Sirsat <Pranit.Sirsat@imgtec.com>
-F:	package/paho-mqtt-c/
-
 N:	Rafal Susz <rafal.susz@gmail.com>
 F:	board/avnet/s6lx9_microboard/
 F:	configs/s6lx9_microboard_defconfig
@@ -1919,7 +1911,7 @@ N:	Rahul Jain <rahul.jain@imgtec.com>
 F:	package/uhttpd/
 F:	package/ustream-ssl/
 
-N:	Refik Tuzakli <refik.tuzakli@savronik.com.tr>
+N:	Refik Tuzakli <tuzakli.refik@gmail.com>
 F:	package/paho-mqtt-cpp/
 
 N:	Rémi Rérolle <remi.rerolle@gmail.com>
@@ -1935,7 +1927,14 @@ N:	Ricardo Martincoski <ricardo.martincoski@datacom.com.br>
 F:	package/atop/
 
 N:	Ricardo Martincoski <ricardo.martincoski@gmail.com>
-F:	support/testing/
+F:	support/testing/infra/
+F:	support/testing/run-tests
+F:	support/testing/tests/core/test_file_capabilities.py
+F:	support/testing/tests/download/
+F:	support/testing/tests/package/*_python*.py
+F:	support/testing/tests/package/test_atop.py
+F:	support/testing/tests/package/test_syslog_ng.py
+F:	support/testing/tests/utils/test_check_package.py
 F:	utils/check-package
 F:	utils/checkpackagelib/
 
@@ -1962,6 +1961,8 @@ N:	Romain Naour <romain.naour@gmail.com>
 F:	package/aubio/
 F:	package/binutils/
 F:	package/bullet/
+F:	package/clang/
+F:	package/clinfo/
 F:	package/efl/
 F:	package/enet/
 F:	package/enlightenment/
@@ -1972,9 +1973,11 @@ F:	package/glibc/
 F:	package/irrlicht/
 F:	package/liblinear/
 F:	package/lensfun/
+F:	package/libclc/
 F:	package/libgta/
 F:	package/libspatialindex/
 F:	package/linux-syscall-support/
+F:	package/llvm/
 F:	package/lugaru/
 F:	package/mcelog/
 F:	package/mesa3d/
@@ -2093,10 +2096,6 @@ F:	package/tunctl/
 F:	package/ubus/
 F:	package/wolfssl/
 
-N:	Shyam Saini <shyam.saini@amarulasolutions.com>
-F:	board/olimex/a33_olinuxino/
-F:	configs/olimex_a33_olinuxino_defconfig
-
 N:	Simon Dawson <spdawson@gmail.com>
 F:	boot/at91bootstrap3/
 F:	package/cppzmq/
@@ -2319,7 +2318,7 @@ F:	package/pixz/
 N:	Vinicius Tinti <viniciustinti@gmail.com>
 F:	package/python-thrift/
 
-N:	Vivien Didelot <vivien.didelot@savoirfairelinux.com>
+N:	Vivien Didelot <vivien.didelot@gmail.com>
 F:	board/technologic/ts5500/
 F:	configs/ts5500_defconfig
 
@@ -2403,6 +2402,8 @@ F:	package/zisofs-tools/
 F:	support/download/
 
 N:	Yegor Yefremov <yegorslists@googlemail.com>
+F:	configs/beaglebone_defconfig
+F:	configs/beaglebone_qt5_defconfig
 F:	package/acl/
 F:	package/attr/
 F:	package/bluez_utils/
@@ -2411,6 +2412,7 @@ F:	package/bootstrap/
 F:	package/cannelloni/
 F:	package/can-utils/
 F:	package/circus/
+F:	package/dhcpcd/
 F:	package/feh/
 F:	package/giblib/
 F:	package/imlib2/
@@ -2427,6 +2429,7 @@ F:	package/libubox/
 F:	package/libuci/
 F:	package/linux-firmware/
 F:	package/modem-manager/
+F:	package/nftables/
 F:	package/nuttcp/
 F:	package/parted/
 F:	package/phytool/

Makefile

@@ -92,9 +92,9 @@ all:
 .PHONY: all
 
 # Set and export the version string
-export BR2_VERSION := 2019.08
+export BR2_VERSION := 2019.08.3
 # Actual time the release is cut (for reproducible builds)
-BR2_VERSION_EPOCH = 1567371000
+BR2_VERSION_EPOCH = 1575725000
 
 # Save running make version since it's clobbered by the make package
 RUNNING_MAKE_VERSION := $(MAKE_VERSION)

board/beaglebone/uEnv.txt

@@ -3,6 +3,9 @@ devtype=mmc
 bootdir=
 bootfile=zImage
 bootpartition=mmcblk0p2
+console=ttyS0,115200n8
+loadaddr=0x82000000
+fdtaddr=0x88000000
 set_mmc1=if test $board_name = A33515BB; then setenv bootpartition mmcblk1p2; fi
-set_bootargs=setenv bootargs console=ttyO0,115200n8 root=/dev/${bootpartition} rw rootfstype=ext4 rootwait
+set_bootargs=setenv bootargs console=${console} root=/dev/${bootpartition} rw rootfstype=ext4 rootwait
 uenvcmd=run set_mmc1; run set_bootargs;run loadimage;run loadfdt;printenv bootargs;bootz ${loadaddr} - ${fdtaddr}

board/freescale/imx6-sabresd/readme.txt

@@ -80,6 +80,7 @@ Running kmscube application:
 Running Qt5 Cinematic Demo:
 
 # export QT_QPA_EGLFS_KMS_CONFIG=/root/sabresd.json
+# export QT_QPA_EGLFS_ALWAYS_SET_MODE=1
 # /usr/share/Qt5/CinematicExperience/Qt5_CinematicExperience
 
 Running gl2mark benchmark:

boot/uboot/Config.in

@@ -487,8 +487,6 @@ menuconfig BR2_TARGET_UBOOT_ENVIMAGE
 
 	  The environment image will be called uboot-env.bin.
 
-	  Leave empty to generate image from compiled-in env.
-
 if BR2_TARGET_UBOOT_ENVIMAGE
 
 config BR2_TARGET_UBOOT_ENVIMAGE_SOURCE
@@ -500,6 +498,8 @@ config BR2_TARGET_UBOOT_ENVIMAGE_SOURCE
 
 	  Multiple source files are concatenated in the order listed.
 
+	  Leave empty to generate image from compiled-in env.
+
 config BR2_TARGET_UBOOT_ENVIMAGE_SIZE
 	string "Size of environment"
 	help

boot/uboot/uboot.mk

@@ -272,7 +272,7 @@ define UBOOT_BUILD_OMAP_IFT
 endef
 
 ifneq ($(BR2_TARGET_UBOOT_ENVIMAGE),)
-UBOOT_GENERATE_ENV_FILE=$(call qstrip,$(BR2_TARGET_UBOOT_ENVIMAGE_SOURCE))
+UBOOT_GENERATE_ENV_FILE = $(call qstrip,$(BR2_TARGET_UBOOT_ENVIMAGE_SOURCE))
 define UBOOT_GENERATE_ENV_IMAGE
 	$(if $(UBOOT_GENERATE_ENV_FILE), \
 		cat $(UBOOT_GENERATE_ENV_FILE), \

configs/aarch64_efi_defconfig

@@ -13,7 +13,7 @@ BR2_PACKAGE_HOST_GENIMAGE=y
 
 # Bootloader
 BR2_TARGET_GRUB2=y
-BR2_TARGET_GRUB2_AARCH64_EFI=y
+BR2_TARGET_GRUB2_ARM64_EFI=y
 
 # Filesystem / image
 BR2_TARGET_ROOTFS_EXT2=y

configs/beaglebone_defconfig

@@ -2,7 +2,6 @@ BR2_arm=y
 BR2_cortex_a8=y
 BR2_GLOBAL_PATCH_DIR="board/beaglebone/patches"
 BR2_PACKAGE_HOST_LINUX_HEADERS_CUSTOM_4_14=y
-BR2_TARGET_GENERIC_GETTY_PORT="ttyO0"
 BR2_ROOTFS_POST_IMAGE_SCRIPT="board/beaglebone/post-image.sh"
 BR2_LINUX_KERNEL=y
 BR2_LINUX_KERNEL_CUSTOM_GIT=y

docs/manual/adding-packages-cargo.txt

@@ -17,7 +17,7 @@ The +Config.in+ file of Cargo-based package 'foo' should contain:
 ---------------------------
 01: config BR2_PACKAGE_FOO
 02: 	bool "foo"
-03: 	depends on BR2_PACKAGE_HOST_RUSTC_ARCH_SUPPORTS
+03: 	depends on BR2_PACKAGE_HOST_RUSTC_TARGET_ARCH_SUPPORTS
 04: 	select BR2_PACKAGE_HOST_CARGO
 05: 	help
 06: 	  This is a comment that explains what foo is.

docs/manual/adding-packages-python.txt

@@ -67,9 +67,13 @@ Python build system, but are not Python modules, can freely choose
 their name (existing examples in Buildroot are +scons+ and
 +supervisor+).
 
-In their +Config.in+ file, they should depend on +BR2_PACKAGE_PYTHON+
-so that when Buildroot will enable Python 3 usage for modules, we will
-be able to enable Python modules progressively on Python 3.
+Packages that are only compatible with one version of Python (as in:
+Python 2 or Python 3) should depend on that version explicitely in
+their +Config.in+ file (+BR2_PACKAGE_PYTHON+ for Python 2,
++BR2_PACKAGE_PYTHON3+ for Python 3).  Packages that are compatible
+with both versions should not explicitely depend on them in their
++Config.in+ file, since that condition is already expressed for the
+whole "External python modules" menu.
 
 The main macro of the Python package infrastructure is
 +python-package+. It is similar to the +generic-package+ macro. It is

docs/manual/configure.txt

@@ -206,9 +206,9 @@ Buildroot or crosstool-NG.
 
 If you want to generate a custom toolchain for your project, that can
 be used as an external toolchain in Buildroot, our recommendation is
-definitely to build it with http://crosstool-ng.org[crosstool-NG]. We
-recommend to build the toolchain separately from Buildroot, and then
-_import_ it in Buildroot using the external toolchain backend.
+to build it either with Buildroot itself (see
+xref:build-toolchain-with-buildroot[]) or with
+http://crosstool-ng.org[crosstool-NG].
 
 Advantages of this backend:
 
@@ -223,7 +223,53 @@ Drawbacks of this backend:
 
 * If your pre-built external toolchain has a bug, may be hard to get a
   fix from the toolchain vendor, unless you build your external
-  toolchain by yourself using Crosstool-NG.
+  toolchain by yourself using Buildroot or Crosstool-NG.
+
+[[build-toolchain-with-buildroot]]
+==== Build an external toolchain with Buildroot
+
+The Buildroot internal toolchain option can be used to create an
+external toolchain. Here are a series of steps to build an internal
+toolchain and package it up for reuse by Buildroot itself (or other
+projects).
+
+Create a new Buildroot configuration, with the following details:
+
+* Select the appropriate *Target options* for your target CPU
+  architecture
+
+* In the *Toolchain* menu, keep the default of *Buildroot toolchain*
+  for *Toolchain type*, and configure your toolchain as desired
+
+* In the *System configuration* menu, select *None* as the *Init
+  system* and *none* as */bin/sh*
+
+* In the *Target packages* menu, disable *BusyBox*
+
+* In the *Filesystem images* menu, disable *tar the root filesystem*
+
+Then, we can trigger the build, and also ask Buildroot to generate a
+SDK. This will conveniently generate for us a tarball which contains
+our toolchain:
+
+-----
+make sdk
+-----
+
+This produces the SDK tarball in +$(O)/images+, with a name similar to
++arm-buildroot-linux-uclibcgnueabi_sdk-buildroot.tar.gz+. Save this
+tarball, as it is now the toolchain that you can re-use as an external
+toolchain in other Buildroot projects.
+
+In those other Buildroot projects, in the *Toolchain* menu:
+
+* Set *Toolchain type* to *External toolchain*
+
+* Set *Toolchain* to *Custom toolchain*
+
+* Set *Toolchain origin* to *Toolchain to be downloaded and installed*
+
+* Set *Toolchain URL* to +file:///path/to/your/sdk/tarball.tar.gz+
 
 ===== External toolchain wrapper
 

docs/manual/customize-outside-br.txt

@@ -246,6 +246,7 @@ illustration, of course):
   |
   |- external.mk
   |     |include $(sort $(wildcard $(BR2_EXTERNAL_BAR_42_PATH)/package/*/*.mk))
+  |     |include $(sort $(wildcard $(BR2_EXTERNAL_BAR_42_PATH)/toolchain/*/*.mk))
   |     |
   |     |flash-my-board:
   |     |    $(BR2_EXTERNAL_BAR_42_PATH)/board/my-board/flash-image \

docs/manual/quickstart.txt

@@ -87,15 +87,21 @@ This directory contains several subdirectories:
   target). This directory contains one subdirectory for each of these
   components.
 
-* +staging/+ which contains a hierarchy similar to a root filesystem
-  hierarchy. This directory contains the headers and libraries of the
-  cross-compilation toolchain and all the userspace packages selected
-  for the target. However, this directory is 'not' intended to be
-  the root filesystem for the target: it contains a lot of development
-  files, unstripped binaries and libraries that make it far too big
-  for an embedded system. These development files are used to compile
-  libraries and applications for the target that depend on other
-  libraries.
+* +host/+ contains both the tools built for the host, and the sysroot
+  of the target toolchain. The former is an installation of tools
+  compiled for the host that are needed for the proper execution of
+  Buildroot, including the cross-compilation toolchain. The latter
+  is a hierarchy similar to a root filesystem hierarchy. It contains
+  the headers and libraries of all user-space packages that provide
+  and install libraries used by other packages. However, this
+  directory is 'not' intended to be the root filesystem for the target:
+  it contains a lot of development files, unstripped binaries and
+  libraries that make it far too big for an embedded system. These
+  development files are used to compile libraries and applications for
+  the target that depend on other libraries.
+
+* +staging/+ is a symlink to the target toolchain sysroot inside
+  +host/+, which exists for backwards compatibility.
 
 * +target/+ which contains 'almost' the complete root filesystem for
   the target: everything needed is present except the device files in
@@ -111,10 +117,6 @@ This directory contains several subdirectories:
   development files (headers, etc.) are not present, the binaries are
   stripped.
 
-* +host/+ contains the installation of tools compiled for the host
-  that are needed for the proper execution of Buildroot, including the
-  cross-compilation toolchain.
-
 These commands, +make menuconfig|nconfig|gconfig|xconfig+ and +make+, are the
 basic ones that allow to easily and quickly generate images fitting
 your needs, with all the features and applications you enabled.

docs/manual/rebuilding-packages.txt

@@ -99,16 +99,20 @@ re-configure, re-compile and re-install this package from scratch. You
 can ask buildroot to do this with the +make <package>-dirclean+ command.
 
 On the other hand, if you only want to restart the build process of a
-package from its compilation step, you can run +make
-<package>-rebuild+, followed by +make+ or +make <package>+. It will
-restart the compilation and installation of the package, but not from
-scratch: it basically re-executes +make+ and +make install+
-inside the package, so it will only rebuild files that changed.
+package from its compilation step, you can run +make <package>-rebuild+. It
+will restart the compilation and installation of the package, but not from
+scratch: it basically re-executes +make+ and +make install+ inside the package,
+so it will only rebuild files that changed.
 
-If you want to restart the build process of a package from its
-configuration step, you can run +make <package>-reconfigure+, followed
-by +make+ or +make <package>+. It will restart the configuration,
-compilation and installation of the package.
+If you want to restart the build process of a package from its configuration
+step, you can run +make <package>-reconfigure+. It will restart the
+configuration, compilation and installation of the package.
+
+While +<package>-rebuild+ implies +<package>-reinstall+ and
++<package>-reconfigure+ implies +<package>-rebuild+, these targets as well
+as +<package>+ only act on the said package, and do not trigger re-creating
+the root filesystem image. If re-creating the root filesystem in necessary,
+one should in addition run +make+ or +make all+.
 
 Internally, Buildroot creates so-called _stamp files_ to keep track of
 which build steps have been completed for each package. They are

linux/Config.in

@@ -122,7 +122,7 @@ endif
 
 config BR2_LINUX_KERNEL_VERSION
 	string
-	default "5.2.11" if BR2_LINUX_KERNEL_LATEST_VERSION
+	default "5.2.21" if BR2_LINUX_KERNEL_LATEST_VERSION
 	default "v4.19.65-cip8" if BR2_LINUX_KERNEL_LATEST_CIP_VERSION
 	default BR2_LINUX_KERNEL_CUSTOM_VERSION_VALUE \
 		if BR2_LINUX_KERNEL_CUSTOM_VERSION

linux/linux.hash

@@ -1,8 +1,8 @@
 # From https://www.kernel.org/pub/linux/kernel/v5.x/sha256sums.asc
-sha256 0c2a831f993dc8a8a8e1ca4186b467de72ff173c6f5855e2aab70f6f7fb033f9  linux-5.2.11.tar.xz
+sha256 9a8ee3ff75dabffa76141c8dc7529dfbb3ca07888a3708a13f15b412268b3538  linux-5.2.21.tar.xz
 sha256 56495f82314f0dfb84a3fe7fad78e17be69c4fd36ef46f2452458b2fa1e341f6  linux-5.1.21.tar.xz
 # From https://www.kernel.org/pub/linux/kernel/v4.x/sha256sums.asc
-sha256 c091760b520a4e4a4c7034a8329cc2689a0ea3f81a377b694ed196d623e2d987  linux-4.19.69.tar.xz
-sha256 0bb9f0812326ec4554de1bea02628840e03b6664b5abfd9d8510049e43203a17  linux-4.14.141.tar.xz
-sha256 fe8a1ca080a462de6832762ba8b71410b828f0e52c1e11d3c46d83e9ac1e0a16  linux-4.9.190.tar.xz
-sha256 fec8c8549a3775b922cecad74a6409b33520a669d451dc51ad47d69c2543c2e5  linux-4.4.190.tar.xz
+sha256 5da5e16fe08fa506f8f74aa4f17be22b52c0f513e9a3f7e7ae22fc53597ad493  linux-4.4.206.tar.xz
+sha256 1df27899a9bc4dd874f3830ab9e7b638f0026dffd67a2e230444e5d2805ccad6  linux-4.9.206.tar.xz
+sha256 0d49ec72e273f6fc7462ad56849b2285f13fd5f4185e8f932a0074fc2eca1bb3  linux-4.14.158.tar.xz
+sha256 c1923b6bd166e6dd07be860c15f59e8273aaa8692bc2a1fce1d31b826b9b3fbe  linux-4.19.88.tar.xz

package/Config.in

@@ -1196,6 +1196,7 @@ endmenu
 
 menu "Compression and decompression"
 	source "package/libarchive/Config.in"
+	source "package/libmspack/Config.in"
 	source "package/libsquish/Config.in"
 	source "package/libzip/Config.in"
 	source "package/lzo/Config.in"

package/Config.in.host

@@ -17,6 +17,7 @@ menu "Host utilities"
 	source "package/dtc/Config.in.host"
 	source "package/e2fsprogs/Config.in.host"
 	source "package/e2tools/Config.in.host"
+	source "package/eudev/Config.in.host"
 	source "package/f2fs-tools/Config.in.host"
 	source "package/faketime/Config.in.host"
 	source "package/fatcat/Config.in.host"

package/am33x-cm3/0002-Makefile-unconditionally-disable-SSP.patch

@@ -0,0 +1,35 @@
+From 6c3b05b74ccd49d8ba246bfef0c2e549b9f2bf7b Mon Sep 17 00:00:00 2001
+From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+Date: Tue, 29 Oct 2019 16:14:18 +0100
+Subject: [PATCH] Makefile: unconditionally disable SSP
+
+Though -nostdlib is passed in $(CFLAGS), -fno-stack-protector must also be
+passed to avoid linking errors related to undefined references to
+'__stack_chk_guard' and '__stack_chk_fail' if toolchain enforces
+-fstack-protector.
+
+Fixes:
+ - http://autobuild.buildroot.net/results/3a3a21f3c35ea025e9b93e09c2454aed0ad31034
+
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+---
+ Makefile | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/Makefile b/Makefile
+index c3ec071..5226006 100644
+--- a/Makefile
++++ b/Makefile
+@@ -16,7 +16,8 @@ INCLUDES = $(SRCDIR)/include
+ CFLAGS =-march=armv7-m -mcpu=cortex-m3 -mthumb -nostdlib -Wall -Wundef \
+ 	-Werror-implicit-function-declaration -Wstrict-prototypes \
+ 	-Wdeclaration-after-statement -fno-delete-null-pointer-checks \
+-	-Wempty-body -fno-strict-overflow  -g -I$(INCLUDES) -O2
++	-Wempty-body -fno-strict-overflow -fno-stack-protector \
++	-g -I$(INCLUDES) -O2
+ LDFLAGS =-nostartfiles -fno-exceptions -Tfirmware.ld
+ 
+ EXECUTABLE=am335x-pm-firmware.elf
+-- 
+2.23.0
+

package/am33x-cm3/0003-Makefile-unconditionally-disable-PIE.patch

@@ -0,0 +1,33 @@
+From 0e8c3c4851ce64268a8ae1810ef72594251d917d Mon Sep 17 00:00:00 2001
+From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+Date: Sun, 10 Nov 2019 21:57:12 +0100
+Subject: [PATCH] Makefile: unconditionally disable PIE
+
+Though -nostdlib is passed in $(CFLAGS), -fno-pie must also be passed to
+avoid linking errors related to overlapping sections if toolchain
+enforces PIE.
+
+Fixes:
+ - http://autobuild.buildroot.org/results/418a40b995e91bc66e692dfbc4b0521db3fa5fbb
+
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+---
+ Makefile | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/Makefile b/Makefile
+index 5226006..fe3d844 100644
+--- a/Makefile
++++ b/Makefile
+@@ -17,7 +17,7 @@ CFLAGS =-march=armv7-m -mcpu=cortex-m3 -mthumb -nostdlib -Wall -Wundef \
+ 	-Werror-implicit-function-declaration -Wstrict-prototypes \
+ 	-Wdeclaration-after-statement -fno-delete-null-pointer-checks \
+ 	-Wempty-body -fno-strict-overflow -fno-stack-protector \
+-	-g -I$(INCLUDES) -O2
++	-fno-pie -g -I$(INCLUDES) -O2
+ LDFLAGS =-nostartfiles -fno-exceptions -Tfirmware.ld
+ 
+ EXECUTABLE=am335x-pm-firmware.elf
+-- 
+2.23.0
+

package/asterisk/asterisk.hash

@@ -1,5 +1,5 @@
 # Locally computed
-sha256  8cabb7a6ad2c35b7fb5c520977f2b2c18b471e5b825b65dc411744c6bed2b9f8  asterisk-16.4.1.tar.gz
+sha256  474cbc6f9dddee94616f8af8e097bc4d340dc9698c4165dc45be6e0be80ff725  asterisk-16.6.2.tar.gz
 
 # sha1 from: http://downloads.asterisk.org/pub/telephony/sounds/releases
 # sha256 locally computed
@@ -11,5 +11,5 @@ sha256  449fb810d16502c3052fedf02f7e77b36206ac5a145f3dacf4177843a2fcb538  asteri
 # License files, locally computed
 sha256  82af40ed7f49c08685360811993d9396320842f021df828801d733e8fdc0312f  COPYING
 sha256  ac5571f00e558e3b7c9b3f13f421b874cc12cf4250c4f70094c71544cf486312  main/sha1.c
-sha256  309462c10e84f46bda22032ebe6359f3e9e3e23afcf1fc2aaed5b59daf800d84  codecs/speex/speex_resampler.h
+sha256  6215e3ed73c3982a5c6701127d681ec0b9f1121ac78a28805bd93f93c3eb84c0  codecs/speex/speex_resampler.h
 sha256  1ca2c7a7a1ae7ccd75212a8c1e85dd9ec92bdbc9170aafd97ea60459387755fd  utils/db1-ast/include/db.h

package/asterisk/asterisk.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-ASTERISK_VERSION = 16.4.1
+ASTERISK_VERSION = 16.6.2
 # Use the github mirror: it's an official mirror maintained by Digium, and
 # provides tarballs, which the main Asterisk git tree (behind Gerrit) does not.
 ASTERISK_SITE = $(call github,asterisk,asterisk,$(ASTERISK_VERSION))

package/atk/Config.in

@@ -7,6 +7,8 @@ config BR2_PACKAGE_ATK
 	help
 	  The ATK accessibility toolkit, needed to build GTK+-2.x.
 
+	  https://gitlab.gnome.org/GNOME/atk
+
 comment "atk needs a toolchain w/ wchar, threads"
 	depends on BR2_USE_MMU
 	depends on !BR2_USE_WCHAR || !BR2_TOOLCHAIN_HAS_THREADS

package/augeas/augeas.mk

@@ -11,9 +11,6 @@ AUGEAS_LICENSE = LGPL-2.1+
 AUGEAS_LICENSE_FILES = COPYING
 AUGEAS_DEPENDENCIES = host-pkgconf readline libxml2
 
-# patching examples/Makefile.am, can be removed when updating from version 1.9.0
-AUGEAS_AUTORECONF = YES
-
 AUGEAS_CONF_OPTS = --disable-gnulib-tests
 
 # Remove the test lenses which occupy about 1.4 MB on the target

package/axel/axel.hash

@@ -1 +1 @@
-sha256 5c5c682617d498071ff9083029fcecc2c2fdeeedc366c35d2bdf8663355616cc  axel-2.17.5.tar.xz
+sha256 24ab549021bdfca01ad5e8e95b706869dd30fe9ab1043da4cbb9dff89edc267d  axel-2.17.6.tar.xz

package/axel/axel.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-AXEL_VERSION = 2.17.5
+AXEL_VERSION = 2.17.6
 AXEL_SITE = https://github.com/axel-download-accelerator/axel/releases/download/v$(AXEL_VERSION)
 AXEL_SOURCE = axel-$(AXEL_VERSION).tar.xz
 AXEL_LICENSE = GPL-2.0+

package/azmq/Config.in

@@ -20,7 +20,7 @@ config BR2_PACKAGE_AZMQ
 
 	  https://github.com/zeromq/azmq
 
-comment "azmq needs a toolchain w/ C++11, wchar and NTPL"
+comment "azmq needs a toolchain w/ C++11, wchar and NPTL"
 	depends on !(BR2_INSTALL_LIBSTDCPP && BR2_TOOLCHAIN_GCC_AT_LEAST_4_8 \
 		&& BR2_USE_WCHAR && BR2_TOOLCHAIN_HAS_THREADS_NPTL)
 

package/bcg729/Config.in

@@ -4,4 +4,4 @@ config BR2_PACKAGE_BCG729
 	  Bcg729 is an opensource implementation of both encoder and
 	  decoder of the ITU G729 Annex A/B speech codec.
 
-	  http://www.linphone.org/technical-corner/bcg729/overview
+	  https://www.linphone.org/technical-corner/bcg729

package/bind/0001-cross.patch

@@ -1,18 +1,23 @@
 Use host compiler to build 'gen' since it's run when building.
 
 Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
+[Fabrice: updated for 9.11.10]
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
 
 diff -Nura bind-9.5.1-P1/lib/dns/Makefile.in bind-9.5.1-P1.gencross/lib/dns/Makefile.in
 --- bind-9.5.1-P1/lib/dns/Makefile.in	2007-09-11 22:09:08.000000000 -0300
 +++ bind-9.5.1-P1.gencross/lib/dns/Makefile.in	2009-03-04 16:35:23.000000000 -0200
-@@ -160,8 +160,8 @@
- 	./gen -s ${srcdir} > code.h
+@@ -160,10 +160,8 @@
+ 	./gen -s ${srcdir} > code.h || { rm -f $@ ; exit 1; }
 
  gen: gen.c
 -	${BUILD_CC} ${BUILD_CFLAGS} -I${top_srcdir}/lib/isc/include \
--	${BUILD_CPPFLAGS} ${BUILD_LDFLAGS} -o $@ ${srcdir}/gen.c ${BUILD_LIBS}
+-	${LFS_CFLAGS} ${LFS_LDFLAGS} \
+-	${BUILD_CPPFLAGS} ${BUILD_LDFLAGS} -o $@ ${srcdir}/gen.c \
+-	${BUILD_LIBS} ${LFS_LIBS}
 +	${HOSTCC} ${HOST_CFLAGS} -I${top_srcdir}/lib/isc/include \
 +	${HOST_LDFLAGS} -o $@ ${srcdir}/gen.c
 
- rbtdb64.@O@: rbtdb.c
+ timestamp: include libdns.@A@
+ 	touch timestamp
 

package/bind/0002-Replace-atomic-operations-in-bin-named-client.c-with.patch

@@ -1,133 +0,0 @@
-From ef49780d30d3ddc5735cfc32561b678a634fa72f Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= <ondrej@sury.org>
-Date: Wed, 17 Apr 2019 15:22:27 +0200
-Subject: [PATCH] Replace atomic operations in bin/named/client.c with
- isc_refcount reference counting
-
-Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
----
- bin/named/client.c                     | 18 +++++++-----------
- bin/named/include/named/interfacemgr.h |  5 +++--
- bin/named/interfacemgr.c               |  7 +++++--
- 3 files changed, 15 insertions(+), 15 deletions(-)
-
-diff --git a/bin/named/client.c b/bin/named/client.c
-index 845326abc0..29fecadca8 100644
---- a/bin/named/client.c
-+++ b/bin/named/client.c
-@@ -402,12 +402,10 @@ tcpconn_detach(ns_client_t *client) {
- static void
- mark_tcp_active(ns_client_t *client, bool active) {
- 	if (active && !client->tcpactive) {
--		isc_atomic_xadd(&client->interface->ntcpactive, 1);
-+		isc_refcount_increment0(&client->interface->ntcpactive, NULL);
- 		client->tcpactive = active;
- 	} else if (!active && client->tcpactive) {
--		uint32_t old =
--			isc_atomic_xadd(&client->interface->ntcpactive, -1);
--		INSIST(old > 0);
-+		isc_refcount_decrement(&client->interface->ntcpactive, NULL);
- 		client->tcpactive = active;
- 	}
- }
-@@ -554,7 +552,7 @@ exit_check(ns_client_t *client) {
- 		if (client->mortal && TCP_CLIENT(client) &&
- 		    client->newstate != NS_CLIENTSTATE_FREED &&
- 		    !ns_g_clienttest &&
--		    isc_atomic_xadd(&client->interface->ntcpaccepting, 0) == 0)
-+		    isc_refcount_current(&client->interface->ntcpaccepting) == 0)
- 		{
- 			/* Nobody else is accepting */
- 			client->mortal = false;
-@@ -3328,7 +3326,6 @@ client_newconn(isc_task_t *task, isc_event_t *event) {
- 	isc_result_t result;
- 	ns_client_t *client = event->ev_arg;
- 	isc_socket_newconnev_t *nevent = (isc_socket_newconnev_t *)event;
--	uint32_t old;
- 
- 	REQUIRE(event->ev_type == ISC_SOCKEVENT_NEWCONN);
- 	REQUIRE(NS_CLIENT_VALID(client));
-@@ -3348,8 +3345,7 @@ client_newconn(isc_task_t *task, isc_event_t *event) {
- 	INSIST(client->naccepts == 1);
- 	client->naccepts--;
- 
--	old = isc_atomic_xadd(&client->interface->ntcpaccepting, -1);
--	INSIST(old > 0);
-+	isc_refcount_decrement(&client->interface->ntcpaccepting, NULL);
- 
- 	/*
- 	 * We must take ownership of the new socket before the exit
-@@ -3480,8 +3476,8 @@ client_accept(ns_client_t *client) {
- 		 * quota is tcp-clients plus the number of listening
- 		 * interfaces plus 1.)
- 		 */
--		exit = (isc_atomic_xadd(&client->interface->ntcpactive, 0) >
--			(client->tcpactive ? 1 : 0));
-+		exit = (isc_refcount_current(&client->interface->ntcpactive) >
-+			(client->tcpactive ? 1U : 0U));
- 		if (exit) {
- 			client->newstate = NS_CLIENTSTATE_INACTIVE;
- 			(void)exit_check(client);
-@@ -3539,7 +3535,7 @@ client_accept(ns_client_t *client) {
- 	 * listening for connections itself to prevent the interface
- 	 * going dead.
- 	 */
--	isc_atomic_xadd(&client->interface->ntcpaccepting, 1);
-+	isc_refcount_increment0(&client->interface->ntcpaccepting, NULL);
- }
- 
- static void
-diff --git a/bin/named/include/named/interfacemgr.h b/bin/named/include/named/interfacemgr.h
-index 3535ef22a8..6e10f210fd 100644
---- a/bin/named/include/named/interfacemgr.h
-+++ b/bin/named/include/named/interfacemgr.h
-@@ -45,6 +45,7 @@
- #include <isc/magic.h>
- #include <isc/mem.h>
- #include <isc/socket.h>
-+#include <isc/refcount.h>
- 
- #include <dns/result.h>
- 
-@@ -75,11 +76,11 @@ struct ns_interface {
- 						/*%< UDP dispatchers. */
- 	isc_socket_t *		tcpsocket;	/*%< TCP socket. */
- 	isc_dscp_t		dscp;		/*%< "listen-on" DSCP value */
--	int32_t			ntcpaccepting;	/*%< Number of clients
-+	isc_refcount_t		ntcpaccepting;	/*%< Number of clients
- 						     ready to accept new
- 						     TCP connections on this
- 						     interface */
--	int32_t			ntcpactive;	/*%< Number of clients
-+	isc_refcount_t		ntcpactive;	/*%< Number of clients
- 						     servicing TCP queries
- 						     (whether accepting or
- 						     connected) */
-diff --git a/bin/named/interfacemgr.c b/bin/named/interfacemgr.c
-index d9f6df5802..135533be6b 100644
---- a/bin/named/interfacemgr.c
-+++ b/bin/named/interfacemgr.c
-@@ -386,8 +386,8 @@ ns_interface_create(ns_interfacemgr_t *mgr, isc_sockaddr_t *addr,
- 	 * connections will be handled in parallel even though there is
- 	 * only one client initially.
- 	 */
--	ifp->ntcpaccepting = 0;
--	ifp->ntcpactive = 0;
-+	isc_refcount_init(&ifp->ntcpaccepting, 0);
-+	isc_refcount_init(&ifp->ntcpactive, 0);
- 
- 	ifp->nudpdispatch = 0;
- 
-@@ -618,6 +618,9 @@ ns_interface_destroy(ns_interface_t *ifp) {
- 
- 	ns_interfacemgr_detach(&ifp->mgr);
- 
-+	isc_refcount_destroy(&ifp->ntcpactive);
-+	isc_refcount_destroy(&ifp->ntcpaccepting);
-+
- 	ifp->magic = 0;
- 	isc_mem_put(mctx, ifp, sizeof(*ifp));
- }
--- 
-2.11.0
-

package/bind/0002-dlz_open_driver.c-fix-build-without-dlfcn.h.patch

@@ -1,28 +0,0 @@
-From 92b738a0fe8a7d65346de9e6dd7a8f135ee29765 Mon Sep 17 00:00:00 2001
-From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
-Date: Tue, 23 Apr 2019 22:45:25 +0200
-Subject: [PATCH] dlz_open_driver.c: fix build without dlfcn.h
-
-Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
-[Upstream status: https://gitlab.isc.org/isc-projects/bind9/issues/995]
----
- bin/named/unix/dlz_dlopen_driver.c | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/bin/named/unix/dlz_dlopen_driver.c b/bin/named/unix/dlz_dlopen_driver.c
-index 74d29ffa09..ab8a5c9493 100644
---- a/bin/named/unix/dlz_dlopen_driver.c
-+++ b/bin/named/unix/dlz_dlopen_driver.c
-@@ -14,7 +14,9 @@
- #include <inttypes.h>
- #include <stdlib.h>
- #include <string.h>
-+#if HAVE_DLFCN_H
- #include <dlfcn.h>
-+#endif
- 
- #include <dns/log.h>
- #include <dns/result.h>
--- 
-2.20.1
-

package/bind/Config.in

@@ -22,7 +22,7 @@ config BR2_PACKAGE_BIND
 	  intended to be linked with applications requiring name
 	  service.
 
-	  http://www.isc.org/sw/bind/
+	  https://www.isc.org/bind/
 
 if BR2_PACKAGE_BIND
 

package/bind/bind.hash

@@ -1,4 +1,4 @@
-# Verified from https://ftp.isc.org/isc/bind9/9.11.6-P1/bind-9.11.6-P1.tar.gz.asc
-# with key 156890685EA0DF6A1371EF2017CC5DB1F0088407
-sha256 58ace2abb4d048b67abcdef0649ecd6cbd3b0652734a41a1d34f942d5500f8ef bind-9.11.6-P1.tar.gz
+# Verified from https://ftp.isc.org/isc/bind9/9.11.13/bind-9.11.13.tar.gz.asc
+# with key AE3FAC796711EC59FC007AA474BB6B9A4CBB3D38
+sha256 fd3f3cc9fcfcdaa752db35eb24598afa1fdcc2509d3227fc90a8631b7b400f7d bind-9.11.13.tar.gz
 sha256 cd02c93b8dcda794f55dfd1231828d69633072a98eee4874f9cf732d22d9dcde COPYRIGHT

package/bind/bind.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-BIND_VERSION = 9.11.6-P1
+BIND_VERSION = 9.11.13
 BIND_SITE = https://ftp.isc.org/isc/bind9/$(BIND_VERSION)
 # bind does not support parallel builds.
 BIND_MAKE = $(MAKE1)

package/binutils/2.32/0006-or1k-Fix-incorrect-value-in-PLT-GOT-entries-causing-.patch

@@ -0,0 +1,46 @@
+From b17678f639f953d687d96cd52690e7cbfae50f91 Mon Sep 17 00:00:00 2001
+From: Stafford Horne <shorne@gmail.com>
+Date: Fri, 23 Aug 2019 22:25:55 +0900
+Subject: [PATCH] or1k: Fix incorrect value in PLT GOT entries, causing
+ infinite loop
+
+The PLT GOT entry should point to the first PLT entry which contains the
+runtime linker function.  It was pointing back to the symbol PLT entry
+causing an infinite loop.
+
+I found this when testing the OpenRISC glibc port which uses the runtime
+dynamic linker.  It seems other libc's we use so far have not been
+making use of the initial PLT GOT entries.
+
+bfd/ChangeLog:
+
+	* elf32-or1k.c (or1k_elf_finish_dynamic_symbol): Use correct value for
+	PLT GOT entries.
+
+(cherry picked from commit 09f7b0de537d465fc8ed9f9433e348c1bc78aab2)
+Signed-off-by: Romain Naour <romain.naour@gmail.com>
+---
+ bfd/elf32-or1k.c | 7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/bfd/elf32-or1k.c b/bfd/elf32-or1k.c
+index 2f200b197b8..32839cfa7b6 100644
+--- a/bfd/elf32-or1k.c
++++ b/bfd/elf32-or1k.c
+@@ -2379,8 +2379,11 @@ or1k_elf_finish_dynamic_symbol (bfd *output_bfd,
+       or1k_write_plt_entry (output_bfd, splt->contents + h->plt.offset,
+ 			    plt0, plt1, plt2, OR1K_JR(12));
+ 
+-      /* Fill in the entry in the global offset table.  */
+-      bfd_put_32 (output_bfd, plt_addr, sgot->contents + got_offset);
++      /* Fill in the entry in the global offset table.  We initialize it to
++	 point to the top of the plt.  This is done to lazy lookup the actual
++	 symbol as the first plt entry will be setup by libc to call the
++	 runtime dynamic linker.  */
++      bfd_put_32 (output_bfd, plt_base_addr, sgot->contents + got_offset);
+ 
+       /* Fill in the entry in the .rela.plt section.  */
+       rela.r_offset = got_addr;
+-- 
+2.23.0
+

package/bwm-ng/bwm-ng.mk

@@ -7,7 +7,7 @@
 BWM_NG_VERSION = f54b3fad2c80bfe63f920c9b5e7c1d80389c57ef
 BWM_NG_SITE = $(call github,vgropp,bwm-ng,$(BWM_NG_VERSION))
 BWM_NG_CONF_OPTS = --with-procnetdev --with-diskstats
-BWM_NG_LICENSE = GPL-2.0
+BWM_NG_LICENSE = GPL-2.0+
 BWM_NG_LICENSE_FILES = COPYING
 BWM_NG_AUTORECONF = YES
 

package/ca-certificates/Config.in

@@ -9,4 +9,4 @@ config BR2_PACKAGE_CA_CERTIFICATES
 	  Debian infrastructure and those shipped with Mozilla's
 	  browsers.
 
-	  http://anonscm.debian.org/gitweb/?p=collab-maint/ca-certificates.git
+	  https://salsa.debian.org/debian/ca-certificates

package/chrony/chrony.mk

@@ -13,6 +13,7 @@ CHRONY_CONF_OPTS = \
 	--host-system=Linux \
 	--host-machine=$(BR2_ARCH) \
 	--prefix=/usr \
+	--without-readline \
 	--without-tomcrypt
 
 ifeq ($(BR2_PACKAGE_LIBCAP),y)
@@ -34,10 +35,10 @@ else
 CHRONY_CONF_OPTS += --without-seccomp
 endif
 
-ifeq ($(BR2_PACKAGE_READLINE),y)
-CHRONY_DEPENDENCIES += readline
+ifeq ($(BR2_PACKAGE_LIBEDIT),y)
+CHRONY_DEPENDENCIES += libedit
 else
-CHRONY_CONF_OPTS += --disable-readline
+CHRONY_CONF_OPTS += --without-editline --disable-readline
 endif
 
 # If pps-tools is available, build it before so the package can use it

package/circus/Config.in

@@ -1,6 +1,6 @@
 config BR2_PACKAGE_CIRCUS
 	bool "circus"
-	depends on BR2_PACKAGE_PYTHON || BR2_PACKAGE_PYTHON3
+	depends on BR2_PACKAGE_PYTHON3 # python-tornado
 	depends on BR2_INSTALL_LIBSTDCPP # pyzmq -> zeromq
 	depends on BR2_TOOLCHAIN_HAS_THREADS # pyzmq -> zeromq
 	select BR2_PACKAGE_PYTHON_IOWAIT # runtime
@@ -14,6 +14,6 @@ config BR2_PACKAGE_CIRCUS
 
 	  https://circus.readthedocs.org/en/latest/
 
-comment "circus needs Python and a toolchain w/ C++, threads"
+comment "circus needs Python 3 and a toolchain w/ C++, threads"
 	depends on !BR2_INSTALL_LIBSTDCPP || !BR2_TOOLCHAIN_HAS_THREADS || \
-		!(BR2_PACKAGE_PYTHON || BR2_PACKAGE_PYTHON3)
+		!BR2_PACKAGE_PYTHON3

package/clamav/Config.in

@@ -4,6 +4,7 @@ config BR2_PACKAGE_CLAMAV
 	depends on BR2_TOOLCHAIN_HAS_THREADS
 	depends on BR2_USE_MMU # fork()
 	depends on BR2_USE_WCHAR
+	select BR2_PACKAGE_LIBMSPACK
 	select BR2_PACKAGE_LIBTOOL
 	select BR2_PACKAGE_OPENSSL
 	select BR2_PACKAGE_ZLIB

package/clamav/clamav.hash

@@ -1,5 +1,5 @@
 # Locally calculated
-sha256 0bf094f0919d158a578421d66bc2569c8c8181233ba162bb51722f98c802bccd  clamav-0.101.4.tar.gz
+sha256 04bc4af7aa61cd4ce419a1cfbf77605ee40128455c7627fe2725dd157392d58c  clamav-0.101.5.tar.gz
 sha256 0c4fd2fa9733fc9122503797648710851e4ee6d9e4969dd33fcbd8c63cd2f584  COPYING
 sha256 d72a145c90918184a05ef65a04c9e6f7466faa59bc1b82c8f6a8ddc7ddcb9bed  COPYING.bzip2
 sha256 dfb818a0d41411c6fb1c193c68b73018ceadd1994bda41ad541cbff292894bc6  COPYING.file

package/clamav/clamav.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-CLAMAV_VERSION = 0.101.4
+CLAMAV_VERSION = 0.101.5
 CLAMAV_SITE = https://www.clamav.net/downloads/production
 CLAMAV_LICENSE = GPL-2.0
 CLAMAV_LICENSE_FILES = COPYING COPYING.bzip2 COPYING.file COPYING.getopt \
@@ -12,6 +12,7 @@ CLAMAV_LICENSE_FILES = COPYING COPYING.bzip2 COPYING.file COPYING.getopt \
 	COPYING.unrar COPYING.zlib
 CLAMAV_DEPENDENCIES = \
 	host-pkgconf \
+	libmspack \
 	libtool \
 	openssl \
 	zlib \
@@ -32,6 +33,7 @@ CLAMAV_CONF_OPTS = \
 	--with-ltdl-include=$(STAGING_DIR)/usr/include \
 	--with-ltdl-lib=$(STAGING_DIR)/usr/lib \
 	--with-openssl=$(STAGING_DIR)/usr \
+	--with-system-libmspack=$(STAGING_DIR)/usr \
 	--with-zlib=$(STAGING_DIR)/usr \
 	--disable-zlib-vcheck \
 	--disable-rpath \

package/cmocka/0001-Don-t-redefine-uintptr_t.patch

@@ -0,0 +1,77 @@
+From 28ce16b29911e5adc60140b572dee177adc7a178 Mon Sep 17 00:00:00 2001
+From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+Date: Mon, 18 Nov 2019 18:56:46 +0100
+Subject: [PATCH] Don't redefine uintptr_t
+
+Add a call to check_type_size in ConfigureChecks.cmake and use it in
+include/cmocka.h to avoid the following redefinition error on riscv64:
+
+In file included from /data/buildroot/buildroot-test/instance-0/output/build/cmocka-1.1.5/src/cmocka.c:62:
+/data/buildroot/buildroot-test/instance-0/output/build/cmocka-1.1.5/include/cmocka.h:132:28: error: conflicting types for 'uintptr_t'
+       typedef unsigned int uintptr_t;
+                            ^~~~~~~~~
+In file included from /data/buildroot/buildroot-test/instance-0/output/host/riscv64-buildroot-linux-musl/sysroot/usr/include/stdint.h:20,
+                 from /data/buildroot/buildroot-test/instance-0/output/host/riscv64-buildroot-linux-musl/sysroot/usr/include/inttypes.h:9,
+                 from /data/buildroot/buildroot-test/instance-0/output/build/cmocka-1.1.5/src/cmocka.c:27:
+/data/buildroot/buildroot-test/instance-0/output/host/riscv64-buildroot-linux-musl/sysroot/usr/include/bits/alltypes.h:104:24: note: previous declaration of 'uintptr_t' was here
+ typedef unsigned _Addr uintptr_t;
+                        ^~~~~~~~~
+
+Fixes:
+ - http://autobuild.buildroot.org/results/30922c18150ea62aefe123d1b7cd1444efab963f
+
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
+[Retrieved from:
+https://gitlab.com/cmocka/cmocka/commit/28ce16b29911e5adc60140b572dee177adc7a178]
+---
+ ConfigureChecks.cmake | 3 +++
+ config.h.cmake        | 4 ++++
+ include/cmocka.h      | 2 +-
+ 3 files changed, 8 insertions(+), 1 deletion(-)
+
+diff --git a/ConfigureChecks.cmake b/ConfigureChecks.cmake
+index fe8da35..028774f 100644
+--- a/ConfigureChecks.cmake
++++ b/ConfigureChecks.cmake
+@@ -70,6 +70,9 @@ if (HAVE_TIME_H)
+     check_struct_has_member("struct timespec" tv_sec "time.h" HAVE_STRUCT_TIMESPEC)
+ endif (HAVE_TIME_H)
+ 
++# TYPES
++check_type_size(uintptr_t UINTPTR_T)
++
+ # FUNCTIONS
+ check_function_exists(calloc HAVE_CALLOC)
+ check_function_exists(exit HAVE_EXIT)
+diff --git a/config.h.cmake b/config.h.cmake
+index f8d79da..55fc69f 100644
+--- a/config.h.cmake
++++ b/config.h.cmake
+@@ -75,6 +75,10 @@
+ 
+ #cmakedefine HAVE_STRUCT_TIMESPEC 1
+ 
++/***************************** TYPES *****************************/
++
++#cmakedefine HAVE_UINTPTR_T 1
++
+ /*************************** FUNCTIONS ***************************/
+ 
+ /* Define to 1 if you have the `calloc' function. */
+diff --git a/include/cmocka.h b/include/cmocka.h
+index 3e923dd..0aa557e 100644
+--- a/include/cmocka.h
++++ b/include/cmocka.h
+@@ -120,7 +120,7 @@ typedef uintmax_t LargestIntegralType;
+     ((LargestIntegralType)(value))
+ 
+ /* Smallest integral type capable of holding a pointer. */
+-#if !defined(_UINTPTR_T) && !defined(_UINTPTR_T_DEFINED)
++#if !defined(_UINTPTR_T) && !defined(_UINTPTR_T_DEFINED) && !defined(HAVE_UINTPTR_T)
+ # if defined(_WIN32)
+     /* WIN32 is an ILP32 platform */
+     typedef unsigned int uintptr_t;
+-- 
+2.22.0
+

package/cog/Config.in

@@ -14,6 +14,8 @@ config BR2_PACKAGE_COG
 	  not provide any chrome, and is suitable to be used
 	  as a Web application container.
 
+	  https://github.com/Igalia/cog
+
 if BR2_PACKAGE_COG
 
 config BR2_PACKAGE_COG_PROGRAMS_HOME_URI

package/collectd/collectd.mk

@@ -192,7 +192,7 @@ COLLECTD_CONF_OPTS += --with-libpq=$(STAGING_DIR)/usr/bin/pg_config
 COLLECTD_CONF_ENV += LIBS="-lpthread -lm"
 endif
 ifeq ($(BR2_PACKAGE_YAJL),y)
-COLLECTD_CONF_OPTS += --with-yajl=$(STAGING_DIR)/usr
+COLLECTD_CONF_OPTS += --with-libyajl=$(STAGING_DIR)/usr
 endif
 
 # network can use libgcrypt

package/connman/connman.mk

@@ -39,6 +39,7 @@ define CONNMAN_INSTALL_INIT_SYSTEMD
 endef
 
 ifeq ($(BR2_PACKAGE_CONNMAN_CLIENT),y)
+CONNMAN_LICENSE += , GPL-2.0+ (client)
 CONNMAN_CONF_OPTS += --enable-client
 CONNMAN_DEPENDENCIES += readline
 

package/copas/Config.in

@@ -8,4 +8,4 @@ config BR2_PACKAGE_COPAS
 	  servers. But it also features timers and client support for
 	  http(s), ftp and smtp requests.
 
-	  http://www.keplerproject.org/copas/
+	  http://keplerproject.github.io/copas/

package/cups-filters/0001-Replace-relative-linking-with-absolute-linking.patch

@@ -1,46 +0,0 @@
-From c26b4c3550557442890f2f790d4f8b61a3734c1f Mon Sep 17 00:00:00 2001
-From: Olivier Schonken <olivier.schonken@gmail.com>
-Date: Thu, 8 Mar 2018 12:32:23 +0200
-Subject: [PATCH] install: don't use ln -r
-
-Oldish enterprise-class distributions have too old versions of
-coreutils, with ln not supporting -r.
-
-So we fake it.
-
-ln -r would create minimalist relative paths, but they are not
-trivial to generate. Instead, we always create paths relative to the
-root, i.e.:
-
-    ln -s -r /usr/bin/foo /usr/sbin/foo
-
-would create:  /usr/sbin/foo -> ../bin/foo
-while we do :  /usr/sbin/foo -> ../../usr/bin/foo
-
-Signed-off-by: Olivier Schonken <olivier.schonken@gmail.com>
----
- Makefile.am | 6 +++---
- 1 file changed, 3 insertions(+), 3 deletions(-)
-
-diff --git a/Makefile.am b/Makefile.am
-index d959227..b49914a 100644
---- a/Makefile.am
-+++ b/Makefile.am
-@@ -998,11 +998,11 @@ install-exec-hook:
- 	$(INSTALL) -d -m 755 $(DESTDIR)$(pkgfilterdir)
- 	$(INSTALL) -d -m 755 $(DESTDIR)$(pkgbackenddir)
- if ENABLE_FOOMATIC
--	$(LN_S) -r -f $(DESTDIR)$(pkgfilterdir)/foomatic-rip $(DESTDIR)$(bindir)
-+	$(LN_S) -f ../..$(pkgfilterdir)/foomatic-rip $(DESTDIR)$(bindir)
- endif
- if ENABLE_DRIVERLESS
--	$(LN_S) -r -f $(DESTDIR)$(pkgppdgendir)/driverless $(DESTDIR)$(bindir)
--	$(LN_S) -r -f $(DESTDIR)$(pkgppdgendir)/driverless $(DESTDIR)$(pkgbackenddir)
-+	$(LN_S) -f ../..$(pkgppdgendir)/driverless $(DESTDIR)$(bindir)
-+	$(LN_S) -f ../..$(pkgppdgendir)/driverless $(DESTDIR)$(pkgbackenddir)
- endif
- if ENABLE_BRAILLE
- 	$(LN_S) -f imagetobrf $(DESTDIR)$(pkgfilterdir)/imagetoubrl
--- 
-2.14.1
-

package/cups-filters/0001-install-support-old-ln-versions-without-the-r-option.patch

@@ -0,0 +1,214 @@
+From edd44df686b4ec983a327cabc5035106addb274f Mon Sep 17 00:00:00 2001
+From: Carlos Santos <unixmania@gmail.com>
+Date: Mon, 16 Sep 2019 22:22:37 -0300
+Subject: [PATCH] install: support old ln versions without the -r option
+
+Oldish enterprise-class Linux distributions have outdated versions of
+coreutils whose ln command do not support the -r option. Also non-Linux
+systems like FreeBSD don't support that option. Use a shell script that
+mimics the missing functionality.
+
+The script creates minimalist relative paths, like ln -r does, but in
+order to simplify the logic, it requires that the arguments be absolute
+paths and do not end with '/'. This is enough for our purposes.
+
+Add configuration logic to detect if ln supports the -r option, based on
+the logic used by Autoconf to check if ln supports the -s option.
+
+Signed-off-by: Carlos Santos <unixmania@gmail.com>
+---
+ Makefile.am     |  6 ++--
+ configure.ac    |  2 ++
+ ln-srf          | 49 ++++++++++++++++++++++++++
+ m4/ac_ln_srf.m4 | 91 +++++++++++++++++++++++++++++++++++++++++++++++++
+ 4 files changed, 145 insertions(+), 3 deletions(-)
+ create mode 100755 ln-srf
+ create mode 100644 m4/ac_ln_srf.m4
+
+diff --git a/Makefile.am b/Makefile.am
+index 76b81de5..beb2882e 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -988,11 +988,11 @@ install-exec-hook:
+ 	$(INSTALL) -d -m 755 $(DESTDIR)$(pkgfilterdir)
+ 	$(INSTALL) -d -m 755 $(DESTDIR)$(pkgbackenddir)
+ if ENABLE_FOOMATIC
+-	$(LN_S) -r -f $(DESTDIR)$(pkgfilterdir)/foomatic-rip $(DESTDIR)$(bindir)
++	$(LN_SRF) $(DESTDIR)$(pkgfilterdir)/foomatic-rip $(DESTDIR)$(bindir)
+ endif
+ if ENABLE_DRIVERLESS
+-	$(LN_S) -r -f $(DESTDIR)$(pkgppdgendir)/driverless $(DESTDIR)$(bindir)
+-	$(LN_S) -r -f $(DESTDIR)$(pkgppdgendir)/driverless $(DESTDIR)$(pkgbackenddir)
++	$(LN_SRF) $(DESTDIR)$(pkgppdgendir)/driverless $(DESTDIR)$(bindir)
++	$(LN_SRF) $(DESTDIR)$(pkgppdgendir)/driverless $(DESTDIR)$(pkgbackenddir)
+ endif
+ if ENABLE_BRAILLE
+ 	$(LN_S) -f imagetobrf $(DESTDIR)$(pkgfilterdir)/imagetoubrl
+diff --git a/configure.ac b/configure.ac
+index d5a539b6..fbcf829a 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -58,6 +58,8 @@ AM_ICONV
+ AC_PROG_CPP
+ AC_PROG_INSTALL
+ AC_PROG_LN_S
++AS_LN_SRF_PREPARE
++AC_PROG_LN_SRF
+ AC_PROG_MAKE_SET
+ AC_PROG_LIBTOOL
+ PKG_PROG_PKG_CONFIG([0.20])
+diff --git a/ln-srf b/ln-srf
+new file mode 100755
+index 00000000..f395a760
+--- /dev/null
++++ b/ln-srf
+@@ -0,0 +1,49 @@
++#!/bin/sh
++#
++# Author: Carlos Santos <unixmania@gmail.com>
++# This file is in public domain.
++#
++
++error() {
++	echo "$@" 1>&2
++	exit 1
++}
++
++src="$1"
++dst="$2"
++
++check_path() {
++	case "$2" in
++		*/../*|*/./*|*/.|*/..) error "$1 path '$2' must be absolute";;
++		*/) error "$1 path '$2' must not end with '/'";;
++		/?*) ;;
++		*) error "$1 path '$2' must start with '/'";;
++	esac
++}
++
++check_path "source" "$src"
++check_path "destination" "$dst"
++
++# strip leading '/'
++src=${src#/*}
++tmp=${dst#/*}
++
++s_prefix=${src%%/*}
++d_prefix=${tmp%%/*}
++
++# strip leading common
++while [ "$s_prefix" = "$d_prefix" ]; do
++	src="${src#$s_prefix/}"
++	tmp="${tmp#$d_prefix/}"
++	s_prefix=${src%%/*}
++	d_prefix=${tmp%%/*}
++done
++
++s_prefix="../"
++while [ -n "$d_prefix" ] && [ "$tmp" != "$d_prefix" ]; do
++	s_prefix="../$s_prefix"
++	tmp="${tmp#$d_prefix/}"
++	d_prefix=${tmp%%/*}
++done
++
++ln -s -f "$s_prefix$src" "$dst"
+diff --git a/m4/ac_ln_srf.m4 b/m4/ac_ln_srf.m4
+new file mode 100644
+index 00000000..204b3439
+--- /dev/null
++++ b/m4/ac_ln_srf.m4
+@@ -0,0 +1,91 @@
++# Adapted from Autoconf Version 2.63 (GPLv2).
++#
++# Copyright (C) 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008
++# Free Software Foundation, Inc.
++#
++# This program is free software: you can redistribute it and/or modify
++# it under the terms of the GNU General Public License as published by
++# the Free Software Foundation; either version 2, or (at your option)
++# any later version.
++#
++# This program is distributed in the hope that it will be useful,
++# but WITHOUT ANY WARRANTY; without even the implied warranty of
++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++# GNU General Public License for more details.
++#
++# You should have received a copy of the GNU General Public License
++# along with this program; if not, write to the Free Software
++# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
++# 02110-1301, USA.
++#
++# As a special exception, the Free Software Foundation gives unlimited
++# permission to copy, distribute and modify the configure scripts that
++# are the output of Autoconf.  You need not follow the terms of the GNU
++# General Public License when using or distributing such scripts, even
++# though portions of the text of Autoconf appear in them.  The GNU
++# General Public License (GPL) does govern all other use of the material
++# that constitutes the Autoconf program.
++#
++# Certain portions of the Autoconf source text are designed to be copied
++# (in certain cases, depending on the input) into the output of
++# Autoconf.  We call these the "data" portions.  The rest of the Autoconf
++# source text consists of comments plus executable code that decides which
++# of the data portions to output in any given case.  We call these
++# comments and executable code the "non-data" portions.  Autoconf never
++# copies any of the non-data portions into its output.
++#
++# This special exception to the GPL applies to versions of Autoconf
++# released by the Free Software Foundation.  When you make and
++# distribute a modified version of Autoconf, you may extend this special
++# exception to the GPL to apply to your modified version as well, *unless*
++# your modified version has the potential to copy into its output some
++# of the text that was the non-data portion of the version that you started
++# with.  (In other words, unless your change moves or copies text from
++# the non-data portions to the data portions.)  If your modification has
++# such potential, you must delete any notice of this special exception
++# to the GPL from your modified version.
++
++# AS_LN_SRF_PREPARE
++# ------------------------------------
++m4_defun([AS_LN_SRF_PREPARE],
++[rm -f conf$$ conf$$.exe conf$$.file
++if test -d conf$$.dir; then
++  rm -f conf$$.dir/conf$$.file
++else
++  rm -f conf$$.dir
++  mkdir conf$$.dir 2>/dev/null
++fi
++if (echo >conf$$.file) 2>/dev/null; then
++  if ln -s -r conf$$.file conf$$ 2>/dev/null; then
++    as_ln_srf='ln -s -r -f'
++  elif ln -s conf$$.file conf$$ 2>/dev/null; then
++    as_ln_srf='./ln-srf'
++    # ... but there are two gotchas:
++    # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail.
++    # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable.
++    # In both cases, we have to default to `cp -pRf'.
++    ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe ||
++      as_ln_srf='cp -pRf'
++  elif ln conf$$.file conf$$ 2>/dev/null; then
++    as_ln_srf=ln
++  else
++    as_ln_srf='cp -pRf'
++  fi
++else
++  as_ln_srf='cp -pRf'
++fi
++rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file
++rmdir conf$$.dir 2>/dev/null
++])# AS_LN_SRF_PREPARE
++
++# AC_PROG_LN_SRF
++# --------------------------------
++AC_DEFUN([AC_PROG_LN_SRF],
++[AC_MSG_CHECKING([whether ln -s -r -f works])
++AC_SUBST([LN_SRF], [$as_ln_srf])dnl
++if test "$LN_SRF" = "ln -s -r -f"; then
++  AC_MSG_RESULT([yes])
++else
++  AC_MSG_RESULT([no, using $LN_SRF])
++fi
++])# AC_PROG_LN_SRF
+-- 
+2.18.1
+

package/cups-filters/0002-filter-texttotext.c-link-with-libiconv-if-needed.patch

@@ -0,0 +1,122 @@
+From 734ef160b428c545d8c6ae16c4bfe3c036173aa4 Mon Sep 17 00:00:00 2001
+From: Carlos Santos <unixmania@gmail.com>
+Date: Sun, 21 Jul 2019 23:54:29 -0300
+Subject: [PATCH] filter/texttotext.c: link with libiconv if needed
+
+texttotext.c uses iconv so it should link with libiconv on platforms
+where it is a separate library (e.g. uClibc-ng without built-in NLS)
+otherwise texttotext fails to link:
+
+  CCLD     texttotext
+[...]/ld: texttotext-texttotext.o: in function `main':
+texttotext.c:(.text.startup+0xde0): undefined reference to `libiconv_open'
+[...]/ld: texttotext.c:(.text.startup+0xf9d): undefined reference to `libiconv'
+[...]/ld: texttotext.c:(.text.startup+0xfd6): undefined reference to `libiconv'
+[...]/ld: texttotext.c:(.text.startup+0x16c3): undefined reference to `libiconv_close'
+
+Modify autogen.sh to call autopoint, which adds the libiconv discovery.
+It also creates a "po" skeleton but we can discard it, since it is not
+really necessary.
+
+Fixes: https://bugs.busybox.net/show_bug.cgi?id=12031
+
+Signed-off-by: Carlos Santos <unixmania@gmail.com>
+---
+ Makefile.am  |  4 +++-
+ autogen.sh   | 17 +++++++++++++++++
+ configure.ac |  6 +++++-
+ 3 files changed, 25 insertions(+), 2 deletions(-)
+
+diff --git a/Makefile.am b/Makefile.am
+index 72e023ed..76b81de5 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -778,7 +778,7 @@ texttotext_SOURCES = \
+ 	filter/texttotext.c
+ EXTRA_texttotext_SOURCES = filter/strcasestr.c
+ texttotext_CFLAGS = $(CUPS_CFLAGS)
+-texttotext_LDADD = $(STRCASESTR) $(CUPS_LIBS)
++texttotext_LDADD = $(STRCASESTR) $(CUPS_LIBS) $(LIBICONV)
+ texttotext_DEPENDENCIES = $(STRCASESTR)
+ 
+ pdftops_SOURCES = \
+@@ -1049,3 +1049,5 @@ if ENABLE_BRAILLE
+ 	$(RM) $(DESTDIR)$(pkgfilterdir)/vectortoubrl
+ 	$(RM) $(DESTDIR)$(pkgfilterdir)/textbrftoindexv4
+ endif
++
++SUBDIRS =
+diff --git a/autogen.sh b/autogen.sh
+index 5462a323..cd7397a9 100755
+--- a/autogen.sh
++++ b/autogen.sh
+@@ -13,11 +13,22 @@ aclocal --version > /dev/null 2> /dev/null || {
+     echo "error: aclocal not found"
+     exit 1
+ }
++
+ automake --version > /dev/null 2> /dev/null || {
+     echo "error: automake not found"
+     exit 1
+ }
+ 
++autopoint --version > /dev/null 2> /dev/null || {
++    echo "error: autopoint not found"
++    exit 1
++}
++
++gettext --version > /dev/null 2> /dev/null || {
++    echo "error: gettext not found"
++    exit 1
++}
++
+ for i in $TESTLIBTOOLIZE; do
+ 	if which $i > /dev/null 2>&1; then
+ 		LIBTOOLIZE=$i
+@@ -39,6 +50,12 @@ fi
+ 
+ rm -rf autom4te*.cache
+ 
++autopoint --force || {
++    echo "error: autopoint failed"
++    exit 1
++}
++# autopoint is for libiconv discovery; we don't want the po directory
++rm -rf po
+ $LIBTOOLIZE --force --copy || {
+     echo "error: libtoolize failed"
+     exit 1
+diff --git a/configure.ac b/configure.ac
+index 607dc17a..d5a539b6 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -18,7 +18,7 @@ AC_CONFIG_MACRO_DIR([m4])
+ m4_include([m4/ac_define_dir.m4])
+ m4_include([m4/ax_compare_version.m4])
+ m4_include([m4/basic-directories.m4])
+-AM_INIT_AUTOMAKE([1.11 gnu dist-xz dist-bzip2])
++AM_INIT_AUTOMAKE([1.11 gnu dist-xz dist-bzip2 subdir-objects])
+ AM_SILENT_RULES([yes])
+ AC_LANG([C++])
+ AC_CONFIG_HEADERS([config.h])
+@@ -54,6 +54,7 @@ AC_PROG_CC
+ AC_PROG_CXX
+ AX_CXX_COMPILE_STDCXX([11],[noext],[mandatory])
+ AM_PROG_CC_C_O
++AM_ICONV
+ AC_PROG_CPP
+ AC_PROG_INSTALL
+ AC_PROG_LN_S
+@@ -61,6 +62,9 @@ AC_PROG_MAKE_SET
+ AC_PROG_LIBTOOL
+ PKG_PROG_PKG_CONFIG([0.20])
+ 
++AM_GNU_GETTEXT_VERSION([0.18.3])
++AM_GNU_GETTEXT([external])
++
+ # ========================================
+ # Specify the fontdir patch if not default
+ # ========================================
+-- 
+2.18.1
+

package/cups-filters/cups-filters.mk

@@ -8,7 +8,7 @@ CUPS_FILTERS_VERSION = 1.23.0
 CUPS_FILTERS_SITE = http://openprinting.org/download/cups-filters
 CUPS_FILTERS_LICENSE = GPL-2.0, GPL-2.0+, GPL-3.0, GPL-3.0+, LGPL-2, LGPL-2.1+, MIT, BSD-4-Clause
 CUPS_FILTERS_LICENSE_FILES = COPYING
-# 0001-Replace-relative-linking-with-absolute-linking.patch
+# 0001-install-support-old-ln-versions-without-the-r-option.patch
 CUPS_FILTERS_AUTORECONF = YES
 
 CUPS_FILTERS_DEPENDENCIES = cups libglib2 lcms2 qpdf fontconfig freetype jpeg
@@ -16,11 +16,30 @@ CUPS_FILTERS_DEPENDENCIES = cups libglib2 lcms2 qpdf fontconfig freetype jpeg
 CUPS_FILTERS_CONF_OPTS = --disable-imagefilters \
 	--disable-mutool \
 	--disable-foomatic \
+	--disable-braille \
 	--with-cups-config=$(STAGING_DIR)/usr/bin/cups-config \
 	--with-sysroot=$(STAGING_DIR) \
 	--with-pdftops=pdftops \
 	--with-jpeg
 
+# 0001-install-support-old-ln-versions-without-the-r-option.patch adds
+# a ln-srf script for older distributions, but GNU patch < 2.7 does
+# not handle the git patch permission extensions - So ensure it is
+# executable
+define CUPS_FILTERS_MAKE_LN_SRF_EXECUTABLE
+	chmod +x $(@D)/ln-srf
+endef
+
+CUPS_FILTERS_POST_PATCH_HOOKS += CUPS_FILTERS_MAKE_LN_SRF_EXECUTABLE
+
+# After 0002-filter-texttotext.c-link-with-libiconv-if-needed.patch autoreconf
+# needs config.rpath and ABOUT-NLS, which are not in v1.25.4 yet. Fake them.
+define CUPS_FILTERS_ADD_MISSING_FILE
+	touch $(@D)/config.rpath $(@D)/ABOUT-NLS
+endef
+
+CUPS_FILTERS_PRE_CONFIGURE_HOOKS = CUPS_FILTERS_ADD_MISSING_FILE
+
 ifeq ($(BR2_PACKAGE_LIBPNG),y)
 CUPS_FILTERS_CONF_OPTS += --with-png
 CUPS_FILTERS_DEPENDENCIES += libpng

package/cups/0005-Use-GZIPPROG-instead-of-GZIP-to-avoid-install-issues.patch

@@ -1,301 +0,0 @@
-From f376c469919beeb3e75d40879dcda4288983e897 Mon Sep 17 00:00:00 2001
-From: Michael R Sweet <michael.r.sweet@gmail.com>
-Date: Wed, 12 Jun 2019 08:37:06 -0400
-Subject: [PATCH] Use GZIPPROG instead of GZIP to avoid install issues (Issue
- #5595)
-
-(cherry picked from commit 3676fc318a458f71df76620a7e66f5c5807cf9b1)
-
-Signed-off-by: Sam Bobroff <sbobroff@linux.ibm.com>
----
- Makedefs.in                   |  4 +--
- config-scripts/cups-common.m4 | 20 ++++++------
- configure                     | 59 ++++++++++++++++++-----------------
- 3 files changed, 42 insertions(+), 41 deletions(-)
-
-diff --git a/Makedefs.in b/Makedefs.in
-index f614c0c1d..8541b4976 100644
---- a/Makedefs.in
-+++ b/Makedefs.in
-@@ -1,7 +1,7 @@
- #
- # Common makefile definitions for CUPS.
- #
--# Copyright 2007-2018 by Apple Inc.
-+# Copyright 2007-2019 by Apple Inc.
- # Copyright 1997-2007 by Easy Software Products, all rights reserved.
- #
- # These coded instructions, statements, and computer programs are the
-@@ -29,7 +29,7 @@ CHMOD		=	@CHMOD@
- CXX		=	@LIBTOOL_CXX@ @CXX@
- DSO		=	@DSO@
- DSOXX		=	@DSOXX@
--GZIP		=	@GZIP@
-+GZIPPROG	=	@GZIPPROG@
- INSTALL		=	@INSTALL@
- LD		=	@LD@
- LD_CC		=	@LD_CC@
-diff --git a/config-scripts/cups-common.m4 b/config-scripts/cups-common.m4
-index a1185bccc..0859efe08 100644
---- a/config-scripts/cups-common.m4
-+++ b/config-scripts/cups-common.m4
-@@ -1,7 +1,7 @@
- dnl
- dnl Common configuration stuff for CUPS.
- dnl
--dnl Copyright 2007-2017 by Apple Inc.
-+dnl Copyright 2007-2019 by Apple Inc.
- dnl Copyright 1997-2007 by Easy Software Products, all rights reserved.
- dnl
- dnl These coded instructions, statements, and computer programs are the
-@@ -42,7 +42,11 @@ AC_PROG_CXX(clang++ c++ g++)
- AC_PROG_RANLIB
- AC_PATH_PROG(AR,ar)
- AC_PATH_PROG(CHMOD,chmod)
--AC_PATH_PROG(GZIP,gzip)
-+AC_PATH_PROG(GZIPPROG,gzip)
-+AC_MSG_CHECKING(for install-sh script)
-+INSTALL="`pwd`/install-sh"
-+AC_SUBST(INSTALL)
-+AC_MSG_RESULT(using $INSTALL)
- AC_PATH_PROG(LD,ld)
- AC_PATH_PROG(LN,ln)
- AC_PATH_PROG(MKDIR,mkdir)
-@@ -51,6 +55,7 @@ AC_PATH_PROG(RM,rm)
- AC_PATH_PROG(RMDIR,rmdir)
- AC_PATH_PROG(SED,sed)
- AC_PATH_PROG(XDGOPEN,xdg-open)
-+
- if test "x$XDGOPEN" = x; then
- 	CUPS_HTMLVIEW="htmlview"
- else
-@@ -58,11 +63,6 @@ else
- fi
- AC_SUBST(CUPS_HTMLVIEW)
- 
--AC_MSG_CHECKING(for install-sh script)
--INSTALL="`pwd`/install-sh"
--AC_SUBST(INSTALL)
--AC_MSG_RESULT(using $INSTALL)
--
- if test "x$AR" = x; then
- 	AC_MSG_ERROR([Unable to find required library archive command.])
- fi
-@@ -266,14 +266,14 @@ dnl ZLIB
- INSTALL_GZIP=""
- LIBZ=""
- AC_CHECK_HEADER(zlib.h,
--    AC_CHECK_LIB(z, gzgets,
-+    AC_CHECK_LIB(z, gzgets,[
- 	AC_DEFINE(HAVE_LIBZ)
- 	LIBZ="-lz"
- 	LIBS="$LIBS -lz"
- 	AC_CHECK_LIB(z, inflateCopy, AC_DEFINE(HAVE_INFLATECOPY))
--	if test "x$GZIP" != z; then
-+	if test "x$GZIPPROG" != x; then
- 		INSTALL_GZIP="-z"
--	fi))
-+	fi]))
- AC_SUBST(INSTALL_GZIP)
- AC_SUBST(LIBZ)
- 
-diff --git a/configure b/configure
-index 368906141..629fdddba 100755
---- a/configure
-+++ b/configure
-@@ -1,6 +1,6 @@
- #! /bin/sh
- # Guess values for system-dependent variables and create Makefiles.
--# Generated by GNU Autoconf 2.69 for CUPS 2.2.11.
-+# Generated by GNU Autoconf 2.69 for CUPS 2.2.12.
- #
- # Report bugs to <https://github.com/apple/cups/issues>.
- #
-@@ -580,8 +580,8 @@ MAKEFLAGS=
- # Identity of this package.
- PACKAGE_NAME='CUPS'
- PACKAGE_TARNAME='cups'
--PACKAGE_VERSION='2.2.11'
--PACKAGE_STRING='CUPS 2.2.11'
-+PACKAGE_VERSION='2.2.12'
-+PACKAGE_STRING='CUPS 2.2.12'
- PACKAGE_BUGREPORT='https://github.com/apple/cups/issues'
- PACKAGE_URL='https://www.cups.org/'
- 
-@@ -762,7 +762,6 @@ LIBPAPER
- LIBMALLOC
- PKGCONFIG
- INSTALLSTATIC
--INSTALL
- CUPS_HTMLVIEW
- XDGOPEN
- SED
-@@ -772,7 +771,8 @@ MV
- MKDIR
- LN
- LD
--GZIP
-+INSTALL
-+GZIPPROG
- CHMOD
- AR
- RANLIB
-@@ -1480,7 +1480,7 @@ if test "$ac_init_help" = "long"; then
-   # Omit some internal or obsolete options to make the list less imposing.
-   # This message is too long to be a string in the A/UX 3.1 sh.
-   cat <<_ACEOF
--\`configure' configures CUPS 2.2.11 to adapt to many kinds of systems.
-+\`configure' configures CUPS 2.2.12 to adapt to many kinds of systems.
- 
- Usage: $0 [OPTION]... [VAR=VALUE]...
- 
-@@ -1545,7 +1545,7 @@ fi
- 
- if test -n "$ac_init_help"; then
-   case $ac_init_help in
--     short | recursive ) echo "Configuration of CUPS 2.2.11:";;
-+     short | recursive ) echo "Configuration of CUPS 2.2.12:";;
-    esac
-   cat <<\_ACEOF
- 
-@@ -1726,7 +1726,7 @@ fi
- test -n "$ac_init_help" && exit $ac_status
- if $ac_init_version; then
-   cat <<\_ACEOF
--CUPS configure 2.2.11
-+CUPS configure 2.2.12
- generated by GNU Autoconf 2.69
- 
- Copyright (C) 2012 Free Software Foundation, Inc.
-@@ -2190,7 +2190,7 @@ cat >config.log <<_ACEOF
- This file contains any messages produced by compilers while
- running configure, to aid debugging if configure makes a mistake.
- 
--It was created by CUPS $as_me 2.2.11, which was
-+It was created by CUPS $as_me 2.2.12, which was
- generated by GNU Autoconf 2.69.  Invocation command line was
- 
-   $ $0 $@
-@@ -2711,7 +2711,7 @@ done
- ac_config_headers="$ac_config_headers config.h"
- 
- 
--CUPS_VERSION="2.2.11"
-+CUPS_VERSION="2.2.12"
- CUPS_REVISION=""
- CUPS_BUILD="cups-$CUPS_VERSION"
- 
-@@ -3948,12 +3948,12 @@ fi
- set dummy gzip; ac_word=$2
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
- $as_echo_n "checking for $ac_word... " >&6; }
--if ${ac_cv_path_GZIP+:} false; then :
-+if ${ac_cv_path_GZIPPROG+:} false; then :
-   $as_echo_n "(cached) " >&6
- else
--  case $GZIP in
-+  case $GZIPPROG in
-   [\\/]* | ?:[\\/]*)
--  ac_cv_path_GZIP="$GZIP" # Let the user override the test with a path.
-+  ac_cv_path_GZIPPROG="$GZIPPROG" # Let the user override the test with a path.
-   ;;
-   *)
-   as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-@@ -3963,7 +3963,7 @@ do
-   test -z "$as_dir" && as_dir=.
-     for ac_exec_ext in '' $ac_executable_extensions; do
-   if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
--    ac_cv_path_GZIP="$as_dir/$ac_word$ac_exec_ext"
-+    ac_cv_path_GZIPPROG="$as_dir/$ac_word$ac_exec_ext"
-     $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
-     break 2
-   fi
-@@ -3974,16 +3974,22 @@ IFS=$as_save_IFS
-   ;;
- esac
- fi
--GZIP=$ac_cv_path_GZIP
--if test -n "$GZIP"; then
--  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $GZIP" >&5
--$as_echo "$GZIP" >&6; }
-+GZIPPROG=$ac_cv_path_GZIPPROG
-+if test -n "$GZIPPROG"; then
-+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $GZIPPROG" >&5
-+$as_echo "$GZIPPROG" >&6; }
- else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
- $as_echo "no" >&6; }
- fi
- 
- 
-+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for install-sh script" >&5
-+$as_echo_n "checking for install-sh script... " >&6; }
-+INSTALL="`pwd`/install-sh"
-+
-+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: using $INSTALL" >&5
-+$as_echo "using $INSTALL" >&6; }
- # Extract the first word of "ld", so it can be a program name with args.
- set dummy ld; ac_word=$2
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-@@ -4304,6 +4310,7 @@ $as_echo "no" >&6; }
- fi
- 
- 
-+
- if test "x$XDGOPEN" = x; then
- 	CUPS_HTMLVIEW="htmlview"
- else
-@@ -4311,13 +4318,6 @@ else
- fi
- 
- 
--{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for install-sh script" >&5
--$as_echo_n "checking for install-sh script... " >&6; }
--INSTALL="`pwd`/install-sh"
--
--{ $as_echo "$as_me:${as_lineno-$LINENO}: result: using $INSTALL" >&5
--$as_echo "using $INSTALL" >&6; }
--
- if test "x$AR" = x; then
- 	as_fn_error $? "Unable to find required library archive command." "$LINENO" 5
- fi
-@@ -5718,7 +5718,8 @@ fi
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_z_gzgets" >&5
- $as_echo "$ac_cv_lib_z_gzgets" >&6; }
- if test "x$ac_cv_lib_z_gzgets" = xyes; then :
--  $as_echo "#define HAVE_LIBZ 1" >>confdefs.h
-+
-+	$as_echo "#define HAVE_LIBZ 1" >>confdefs.h
- 
- 	LIBZ="-lz"
- 	LIBS="$LIBS -lz"
-@@ -5763,7 +5764,7 @@ if test "x$ac_cv_lib_z_inflateCopy" = xyes; then :
- 
- fi
- 
--	if test "x$GZIP" != z; then
-+	if test "x$GZIPPROG" != x; then
- 		INSTALL_GZIP="-z"
- 	fi
- fi
-@@ -10832,7 +10833,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
- # report actual input values of CONFIG_FILES etc. instead of their
- # values after options handling.
- ac_log="
--This file was extended by CUPS $as_me 2.2.11, which was
-+This file was extended by CUPS $as_me 2.2.12, which was
- generated by GNU Autoconf 2.69.  Invocation command line was
- 
-   CONFIG_FILES    = $CONFIG_FILES
-@@ -10895,7 +10896,7 @@ _ACEOF
- cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
- ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
- ac_cs_version="\\
--CUPS config.status 2.2.11
-+CUPS config.status 2.2.12
- configured by $0, generated by GNU Autoconf 2.69,
-   with options \\"\$ac_cs_config\\"
- 
--- 
-2.21.0
-

package/cups/cups.hash

@@ -1,3 +1,3 @@
 # Locally calculated:
-sha256 f58010813fd6903f690cdb0c0b91e4d1bc9e5b9570c28734229ba3ed2908b76c  cups-2.2.11-source.tar.gz
+sha256 0f61ab449e4748a24c6ab355b481ff7691247a140d327b2b7526fce34b7f9aa8  cups-2.2.12-source.tar.gz
 sha256 6e0e0ffbde118aae709f7ef65590de9071e8b2cd322f84fd645c6b64f3cc452c  LICENSE.txt

package/cups/cups.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-CUPS_VERSION = 2.2.11
+CUPS_VERSION = 2.2.12
 CUPS_SOURCE = cups-$(CUPS_VERSION)-source.tar.gz
 CUPS_SITE = https://github.com/apple/cups/releases/download/v$(CUPS_VERSION)
 CUPS_LICENSE = GPL-2.0, LGPL-2.0

package/dhcp/dhcp.mk

@@ -10,6 +10,12 @@ DHCP_INSTALL_STAGING = YES
 DHCP_LICENSE = MPL-2.0
 DHCP_LICENSE_FILES = LICENSE
 DHCP_DEPENDENCIES = bind
+
+# use libtool-enabled configure.ac
+define DHCP_LIBTOOL_AUTORECONF
+	cp $(@D)/configure.ac+lt $(@D)/configure.ac
+endef
+
 DHCP_CONF_ENV = \
 	CPPFLAGS='-D_PATH_DHCPD_CONF=\"/etc/dhcp/dhcpd.conf\" \
 		-D_PATH_DHCLIENT_CONF=\"/etc/dhcp/dhclient.conf\"' \
@@ -33,6 +39,8 @@ ifeq ($(BR2_STATIC_LIBS),y)
 DHCP_CONF_ENV += LIBS="`$(STAGING_DIR)/usr/bin/bind9-config --libs bind9`"
 DHCP_CONF_OPTS += --disable-libtool
 else
+DHCP_POST_EXTRACT_HOOKS += DHCP_LIBTOOL_AUTORECONF
+DHCP_AUTORECONF = YES
 DHCP_CONF_OPTS += --enable-libtool
 endif
 

package/dmraid/Config.in

@@ -12,6 +12,8 @@ config BR2_PACKAGE_DMRAID
 	  dmraid uses the Linux device-mapper to create devices with
 	  respective mappings for the ATARAID sets discovered.
 
+	  http://people.redhat.com/~heinzm/sw/dmraid/
+
 comment "dmraid needs a toolchain w/ threads, dynamic library"
 	depends on BR2_USE_MMU
 	depends on BR2_STATIC_LIBS || !BR2_TOOLCHAIN_HAS_THREADS

package/docker-cli/docker-cli.hash

@@ -1,3 +1,3 @@
 # Locally calculated
-sha256  62e25a0935bee75f999fb95b224ad982054fc1adc4351ce98d704ec00114ce57  docker-cli-18.09.7.tar.gz
+sha256  cef3f9e8615cde906619f7ab021655a8b974d1b497ce0e5787b1afccbeabb08d  docker-cli-18.09.9.tar.gz
 sha256	2d81ea060825006fc8f3fe28aa5dc0ffeb80faf325b612c955229157b8c10dc0  LICENSE

package/docker-cli/docker-cli.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-DOCKER_CLI_VERSION = 18.09.7
+DOCKER_CLI_VERSION = 18.09.9
 DOCKER_CLI_SITE = $(call github,docker,cli,v$(DOCKER_CLI_VERSION))
 DOCKER_CLI_WORKSPACE = gopath
 

package/docker-engine/docker-engine.hash

@@ -1,3 +1,3 @@
 # Locally calculated
-sha256	b4f55831f5e7c5a92cd91f77aad1541ccd572eb18df2f44a01c372bceb3f9b6b  docker-engine-18.09.7.tar.gz
+sha256	fa3a9e998627418d648495d06d168c4d26ed07859c9370d5fddbfd29c26d8592  docker-engine-18.09.9.tar.gz
 sha256	2d81ea060825006fc8f3fe28aa5dc0ffeb80faf325b612c955229157b8c10dc0  LICENSE

package/docker-engine/docker-engine.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-DOCKER_ENGINE_VERSION = 18.09.7
+DOCKER_ENGINE_VERSION = 18.09.9
 DOCKER_ENGINE_SITE = $(call github,docker,engine,v$(DOCKER_ENGINE_VERSION))
 
 DOCKER_ENGINE_LICENSE = Apache-2.0

package/docker-proxy/docker-proxy.hash

@@ -1,2 +1,3 @@
 # Locally calculated
-sha256	2eee331b6ded567a36e7db708405b34032b93938682cf049025f48b96d755bf6	docker-proxy-7b2b1feb1de4817d522cc372af149ff48d25028e.tar.gz
+sha256	866c8d196b9396a383b437b0d775476459ed7c11f527c4f6bbf1fd08524b461d	docker-proxy-55685ba49593e67f5e1c8180539379b16736c25e.tar.gz
+sha256  cb5e8e7e5f4a3988e1063c142c60dc2df75605f4c46515e776e3aca6df976e14	LICENSE

package/docker-proxy/docker-proxy.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-DOCKER_PROXY_VERSION = 7b2b1feb1de4817d522cc372af149ff48d25028e
+DOCKER_PROXY_VERSION = 55685ba49593e67f5e1c8180539379b16736c25e
 DOCKER_PROXY_SITE = $(call github,docker,libnetwork,$(DOCKER_PROXY_VERSION))
 
 DOCKER_PROXY_LICENSE = Apache-2.0

package/domoticz/0003-CMakeLists.txt-add-c-argument-to-build-precompiled-h.patch

@@ -0,0 +1,34 @@
+From 17107b876fb308e3ef3e759ab90f3d8e4755cdc4 Mon Sep 17 00:00:00 2001
+From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+Date: Fri, 8 Nov 2019 14:17:58 +0100
+Subject: [PATCH] CMakeLists.txt: add -c argument to build precompiled headers
+
+Add "-c" argument when building precompiler headers as suggested
+by Arnout in https://patchwork.ozlabs.org/patch/1187328.
+
+This will fix the build with RELRO
+
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+[Retrieved from:
+https://github.com/domoticz/domoticz/commit/17107b876fb308e3ef3e759ab90f3d8e4755cdc4]
+---
+ CMakeLists.txt | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/CMakeLists.txt b/CMakeLists.txt
+index 32a0dd2a8c..010cdf2db8 100644
+--- a/CMakeLists.txt
++++ b/CMakeLists.txt
+@@ -277,10 +277,10 @@ MACRO(ADD_PRECOMPILED_HEADER _targetName _input)
+     ENDFOREACH(item)
+ 
+     SEPARATE_ARGUMENTS(_compiler_FLAGS)
+-    MESSAGE("${CMAKE_CXX_COMPILER} ${CMAKE_CXX_COMPILER_ARG1} ${_compiler_FLAGS} -x c++-header -o ${_output} ${_source}")
++    MESSAGE("${CMAKE_CXX_COMPILER} ${CMAKE_CXX_COMPILER_ARG1} ${_compiler_FLAGS} -x c++-header -c -o ${_output} ${_source}")
+     ADD_CUSTOM_COMMAND(
+       OUTPUT ${_output}
+-      COMMAND ${CMAKE_CXX_COMPILER} ${CMAKE_CXX_COMPILER_ARG1} ${_compiler_FLAGS} -x c++-header -o ${_output} ${_source}
++      COMMAND ${CMAKE_CXX_COMPILER} ${CMAKE_CXX_COMPILER_ARG1} ${_compiler_FLAGS} -x c++-header -c -o ${_output} ${_source}
+       DEPENDS ${_source} )
+     ADD_CUSTOM_TARGET(${_targetName}_gch DEPENDS ${_output})
+     ADD_DEPENDENCIES(${_targetName} ${_targetName}_gch)

package/doom-wad/Config.in

@@ -7,3 +7,5 @@ config BR2_PACKAGE_DOOM_WAD
 
 	  The wad file will be placed in the /usr/share/games/doom
 	  directory.
+
+	  https://doomwiki.org/wiki/DOOM1.WAD

package/dropwatch/dropwatch.mk

@@ -7,7 +7,9 @@
 DROPWATCH_VERSION = 1.5.1
 DROPWATCH_SITE = $(call github,nhorman,dropwatch,v$(DROPWATCH_VERSION))
 DROPWATCH_DEPENDENCIES = libnl readline host-pkgconf $(TARGET_NLS_DEPENDENCIES)
-DROPWATCH_LICENSE = GPL-2.0
+# Until upstream updates their tree with a proper license
+# blurb: https://github.com/nhorman/dropwatch/issues/14
+DROPWATCH_LICENSE = GPL-2.0+
 DROPWATCH_LICENSE_FILES = COPYING
 # From git
 DROPWATCH_AUTORECONF = YES

package/dtc/dtc.mk

@@ -10,8 +10,8 @@ DTC_SITE = https://www.kernel.org/pub/software/utils/dtc
 DTC_LICENSE = GPL-2.0+ or BSD-2-Clause (library)
 DTC_LICENSE_FILES = README.license GPL
 DTC_INSTALL_STAGING = YES
-DTC_DEPENDENCIES = host-bison host-flex
-HOST_DTC_DEPENDENCIES = host-bison host-flex
+DTC_DEPENDENCIES = host-bison host-flex host-pkgconf
+HOST_DTC_DEPENDENCIES = host-bison host-flex host-pkgconf
 
 DTC_MAKE_OPTS = \
 	PREFIX=/usr \
@@ -25,7 +25,7 @@ HOST_DTC_MAKE_OPTS = \
 	NO_YAML=1
 
 ifeq ($(BR2_PACKAGE_LIBYAML),y)
-DTC_DEPENDENCIES += host-pkgconf libyaml
+DTC_DEPENDENCIES += libyaml
 else
 DTC_MAKE_OPTS += NO_YAML=1
 endif

package/duma/0004-Fix-build-with-latest-glibc.patch

@@ -0,0 +1,22 @@
+Fix build with latest glibc
+
+Fixes:
+ - http://autobuild.buildroot.net/results/c7de1a1d01edced2098a804ad87dcb67b5dc6832
+
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+
+diff -durN duma_2_5_15.orig/print.c duma_2_5_15/print.c
+--- duma_2_5_15.orig/print.c	2019-10-28 10:21:14.080149620 +0100
++++ duma_2_5_15/print.c	2019-10-28 10:22:01.256151561 +0100
+@@ -326,9 +326,9 @@
+   if(DUMA_OUTPUT_FILE != NULL)
+   {
+ #if defined(WIN32) && !defined(__CYGWIN__)
+-    fd = _open(DUMA_OUTPUT_FILE, _O_APPEND|_O_CREAT|_O_WRONLY);
++    fd = _open(DUMA_OUTPUT_FILE, _O_APPEND|_O_CREAT|_O_WRONLY, 0600);
+ #else
+-    fd = open(DUMA_OUTPUT_FILE, O_APPEND|O_CREAT|O_WRONLY);
++    fd = open(DUMA_OUTPUT_FILE, O_APPEND|O_CREAT|O_WRONLY, 0600);
+ #endif
+     if ( fd >= 0 )
+     {

package/e2fsprogs/e2fsprogs.hash

@@ -1,5 +1,5 @@
-# From https://www.kernel.org/pub/linux/kernel/people/tytso/e2fsprogs/v1.45.2/sha256sums.asc
-sha256 4952c9ae91e36d762e13cc5b9e8f7eeb5453e4aee4cd9b7402e73f2d4e65e009  e2fsprogs-1.45.2.tar.xz
+# https://mirrors.edge.kernel.org/pub/linux/kernel/people/tytso/e2fsprogs/v1.45.4/sha256sums.asc
+sha256 65faf6b590ca1da97440d6446bd11de9e0914b42553740ba5d9d2a796fa0dc02  e2fsprogs-1.45.4.tar.xz
 # Locally calculated
 sha256 5da5ef153e559c1d990d4c3eedbedd4442db892d37eae1f35fff069de8ec9020  NOTICE
 sha256 032989b508f1a72ebee5b3417e55d06d473f9ee203e45ab11864a7e49cdec63d  lib/ss/mit-sipb-copyright.h

package/e2fsprogs/e2fsprogs.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-E2FSPROGS_VERSION = 1.45.2
+E2FSPROGS_VERSION = 1.45.4
 E2FSPROGS_SOURCE = e2fsprogs-$(E2FSPROGS_VERSION).tar.xz
 E2FSPROGS_SITE = $(BR2_KERNEL_MIRROR)/linux/kernel/people/tytso/e2fsprogs/v$(E2FSPROGS_VERSION)
 E2FSPROGS_LICENSE = GPL-2.0, MIT-like with advertising clause (libss and libet)

package/elf2flt/0002-elf2flt-fix-relocations-for-read-only-data.patch

@@ -0,0 +1,58 @@
+From 6006e8d789f7a1129414fb3a8c930b094af0cafa Mon Sep 17 00:00:00 2001
+From: Greg Ungerer <gerg@kernel.org>
+Date: Wed, 6 Nov 2019 21:19:24 +0100
+Subject: [PATCH] elf2flt: fix relocations for read-only data
+
+Readonly data sections are mapped into the "text" section in the
+elf2flt.ld linker script. The relocation generation code is not handling
+that case properly though, and is actually mapping any data section type
+into the "data" section of the target binary.
+
+This problem case has been detected with elf2flt core dumping when used
+with binutils-2.33.1 (on ARM architecture targets). See thread at:
+
+   https://sourceware.org/ml/binutils/2019-10/msg00132.html
+
+Tested by Christophe Priouzeau [1]
+
+* binutils 2.33.1
+* buildroot 2019.11-rc1
+* patch on top of elf2flt (patch available on this thread)
+* configuration: stm32f469-disco with initramfs configuration on buildroot
+
+Result:
+Build: OK, all the binaries are generated
+Runtime test on stm32f469-disco: OK
+
+[1] https://github.com/uclinux-dev/elf2flt/issues/12
+
+Signed-off-by: Greg Ungerer <gerg@kernel.org>
+Signed-off-by: Romain Naour <romain.naour@smile.fr>
+Cc: Christophe Priouzeau <christophe.priouzeau@st.com>
+---
+ elf2flt.c | 8 +++++---
+ 1 file changed, 5 insertions(+), 3 deletions(-)
+
+diff --git a/elf2flt.c b/elf2flt.c
+index 67f720a..8973cef 100644
+--- a/elf2flt.c
++++ b/elf2flt.c
+@@ -418,10 +418,12 @@ output_relocs (
+ //		continue;
+ 
+ 	/*
+-	 *	Only relocate things in the data sections if we are PIC/GOT.
+-	 *	otherwise do text as well
++	 * Only relocate things in the writable data sections if we are PIC/GOT.
++	 * Otherwise do text (and read only data) as well.
+ 	 */
+-	if ((!pic_with_got || ALWAYS_RELOC_TEXT) && (a->flags & SEC_CODE))
++	if ((!pic_with_got || ALWAYS_RELOC_TEXT) &&
++	    ((a->flags & SEC_CODE) ||
++	    ((a->flags & (SEC_DATA | SEC_READONLY)) == (SEC_DATA | SEC_READONLY))))
+ 		sectionp = text + (a->vma - text_vma);
+ 	else if (a->flags & SEC_DATA)
+ 		sectionp = data + (a->vma - data_vma);
+-- 
+2.21.0
+

package/elf2flt/Config.in.host

@@ -9,3 +9,5 @@ config BR2_PACKAGE_HOST_ELF2FLT
 
 	  This option compiles the required tools and makes the required
 	  modifications on your toolchain (linker).
+
+	  https://github.com/uclinux-dev/elf2flt

package/eudev/Config.in

@@ -29,8 +29,9 @@ config BR2_PACKAGE_EUDEV_RULES_GEN
 config BR2_PACKAGE_EUDEV_ENABLE_HWDB
 	bool "enable hwdb installation"
 	default y
+	select BR2_PACKAGE_HOST_EUDEV # for udevadm, during target-finalize
 	help
-	  Enables hardware database installation to /etc/udev/hwdb.d
+	  Enables hardware database installation to /etc/udev/hwdb.bin
 
 endif
 

package/eudev/Config.in.host

@@ -0,0 +1,3 @@
+# Select this if you need host eudev tools (e.g. udevadm)
+config BR2_PACKAGE_HOST_EUDEV
+	bool

package/eudev/eudev.mk

@@ -51,6 +51,44 @@ endef
 # Required by default rules for input devices
 define EUDEV_USERS
 	- - input -1 * - - - Input device group
+	- - render -1 * - - - DRI rendering nodes
+	- - kvm -1 * - - - kvm nodes
 endef
 
+HOST_EUDEV_DEPENDENCIES = host-gperf host-pkgconf
+
+HOST_EUDEV_SYSCONFDIR = $(if $(BR2_PACKAGE_SYSTEMD),/usr/lib,/etc)
+HOST_EUDEV_CONF_OPTS = \
+	--prefix=/usr \
+	--sbindir=/sbin \
+	--libexecdir=/lib \
+	--with-rootlibdir=/lib \
+	--sysconfdir=$(HOST_EUDEV_SYSCONFDIR) \
+	--disable-blkid \
+	--disable-introspection \
+	--disable-kmod \
+	--disable-manpages \
+	--disable-rule-generator \
+	--disable-selinux \
+	--enable-hwdb
+
+define HOST_EUDEV_INSTALL_CMDS
+	$(INSTALL) -D -m 0755 $(@D)/src/udev/udevadm \
+		$(HOST_DIR)/bin/udevadm
+endef
+
+define HOST_EUDEV_BUILD_HWDB
+	$(HOST_DIR)/bin/udevadm hwdb --update --root $(TARGET_DIR)
+endef
+HOST_EUDEV_TARGET_FINALIZE_HOOKS += HOST_EUDEV_BUILD_HWDB
+
+# Note: this will run in the filesystem context, so will use a copy
+# of tharget/, not the real one, so the files are still available on
+# re-builds (foo-rebuild, etc...)
+define HOST_EUDEV_RM_HWDB_SRC
+	rm -rf $(TARGET_DIR)/$(HOST_EUDEV_SYSCONFDIR)/udev/hwdb.d/
+endef
+HOST_EUDEV_ROOTFS_PRE_CMD_HOOKS += HOST_EUDEV_RM_HWDB_SRC
+
 $(eval $(autotools-package))
+$(eval $(host-autotools-package))

package/exfat-utils/exfat-utils.mk

@@ -9,4 +9,6 @@ EXFAT_UTILS_SITE = https://github.com/relan/exfat/releases/download/v$(EXFAT_UTI
 EXFAT_UTILS_LICENSE = GPL-3.0+
 EXFAT_UTILS_LICENSE_FILES = COPYING
 
+EXFAT_UTILS_CONF_OPTS += --exec-prefix=/
+
 $(eval $(autotools-package))

package/exfat/exfat.mk

@@ -12,4 +12,6 @@ EXFAT_LICENSE = GPL-3.0+
 EXFAT_LICENSE_FILES = COPYING
 EXFAT_CFLAGS = $(TARGET_CFLAGS) -std=c99
 
+EXFAT_CONF_OPTS += --exec-prefix=/
+
 $(eval $(autotools-package))

package/exim/0006-Fix-buffer-overflow-in-string_vformat.patch

@@ -0,0 +1,44 @@
+From 478effbfd9c3cc5a627fc671d4bf94d13670d65f Mon Sep 17 00:00:00 2001
+From: Jeremy Harris <jgh146exb@wizmail.org>
+Date: Fri, 27 Sep 2019 12:21:49 +0100
+Subject: [PATCH] Fix buffer overflow in string_vformat.  Bug 2449
+
+Fixes CVE-2019-16928:
+https://lists.exim.org/lurker/message/20190928.003428.2b4c81a7.en.html
+
+Downloaded from upstream commit
+https://git.exim.org/exim.git/patch/478effbfd9c3cc5a627fc671d4bf94d13670d65f
+
+[adjusted patch of string.c and removed patches for test/]
+Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
+---
+ src/string.c             |  4 ++--
+ scripts/0000-Basic/0214 | 11 +++++++++++
+ stdout/0214             |  7 +++++++
+ 3 files changed, 20 insertions(+), 2 deletions(-)
+
+diff --git a/src/src/string.c b/src/src/string.c
+index c6549bf..3445f8a 100644
+--- a/src/string.c
++++ b/src/string.c
+@@ -1132,7 +1132,7 @@ store_reset(g->s + (g->size = g->ptr + 1));
+ Arguments:
+   g		the growable-string
+   p		current end of data
+-  count		amount to grow by
++  count		amount to grow by, offset from p
+ */
+ 
+ static void
+@@ -1590,7 +1590,7 @@ while (*fp)
+ 	}
+       else if (g->ptr >= lim - width)
+ 	{
+-	gstring_grow(g, g->ptr, width - (lim - g->ptr));
++	gstring_grow(g, g->ptr, width);
+ 	lim = g->size - 1;
+ 	gp = CS g->s + g->ptr;
+ 	}
+-- 
+1.9.1
+

package/exim/exim.hash

@@ -1,3 +1,3 @@
 # Locally calculated after checking pgp signature
-sha256 2c64a871dd7ac464c14df8eb0dcf5cf766b46fff5af0316aaa4bf0268dde24b4  exim-4.92.1.tar.xz
+sha256 01d7ae481d03ff408f8e54fd9b250324ea5ddabc83b1db32917c7f27a096a654  exim-4.92.2.tar.xz
 sha256 49240db527b7e55b312a46fc59794fde5dd006422e422257f4f057bfd27b3c8f  LICENCE

package/exim/exim.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-EXIM_VERSION = 4.92.1
+EXIM_VERSION = 4.92.2
 EXIM_SOURCE = exim-$(EXIM_VERSION).tar.xz
 EXIM_SITE = https://ftp.exim.org/pub/exim/exim4
 EXIM_LICENSE = GPL-2.0+

package/expat/expat.hash

@@ -1,7 +1,7 @@
-# From https://sourceforge.net/projects/expat/files/expat/2.2.7/
-md5	72f36b87cdb478aba1e78473393766aa		expat-2.2.7.tar.bz2
-sha1	9c8a268211e3f1ae31c4d550e5be7708973ec6a6	expat-2.2.7.tar.bz2
+# From https://sourceforge.net/projects/expat/files/expat/2.2.8/
+md5	cdf54239f892fc7914957f10de1e1c70		expat-2.2.8.tar.xz
+sha1	500a848d7085df06020a86bf64c5f71c0052a080	expat-2.2.8.tar.xz
 
 # Locally calculated
-sha256	cbc9102f4a31a8dafd42d642e9a3aa31e79a0aedaa1f6efd2795ebc83174ec18	expat-2.2.7.tar.bz2
+sha256	61caa81a49d858afb2031c7b1a25c97174e7f2009aa1ec4e1ffad2316b91779b	expat-2.2.8.tar.xz
 sha256	46336ab2fec900803e2f1a4253e325ac01d998efb09bc6906651f7259e636f76	COPYING

package/expat/expat.mk

@@ -4,9 +4,9 @@
 #
 ################################################################################
 
-EXPAT_VERSION = 2.2.7
+EXPAT_VERSION = 2.2.8
 EXPAT_SITE = http://downloads.sourceforge.net/project/expat/expat/$(EXPAT_VERSION)
-EXPAT_SOURCE = expat-$(EXPAT_VERSION).tar.bz2
+EXPAT_SOURCE = expat-$(EXPAT_VERSION).tar.xz
 EXPAT_INSTALL_STAGING = YES
 EXPAT_DEPENDENCIES = host-pkgconf
 HOST_EXPAT_DEPENDENCIES = host-pkgconf

package/faifa/0003-Makefile.in-fix-asbolute-symlink-of-libfaifa.so.patch

@@ -0,0 +1,32 @@
+From d16abf61049947c451a6411a13fc15dda32feb47 Mon Sep 17 00:00:00 2001
+From: Florian Fainelli <f.fainelli@gmail.com>
+Date: Sat, 6 Sep 2014 11:23:02 -0700
+Subject: [PATCH] Makefile.in: fix asbolute symlink of libfaifa.so
+
+Fixes #7
+
+Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
+[Upstream: da2e279fd736d05bcd0ee6e4609c44fece017ba8]
+Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
+---
+ Makefile.in | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/Makefile.in b/Makefile.in
+index ba65bee..9dec7ee 100644
+--- a/Makefile.in
++++ b/Makefile.in
+@@ -98,9 +98,9 @@ install: installman strip
+ 	$(INSTALL) -m0755 hpav_cfg $(DESTDIR)$(sbindir)
+ 	$(INSTALL) -d $(DESTDIR)$(libdir)
+ 	$(INSTALL) -m0644 $(LIB_SONAME) $(DESTDIR)$(libdir)
+-	ln -sf $(DESTDIR)$(libdir)/$(LIB_SONAME) $(DESTDIR)$(libdir)/$(LIB_SHARED_SO)
+ 	$(INSTALL) -d $(DESTDIR)$(includedir)/faifa
+ 	cp $(HEADERS) $(DESTDIR)$(includedir)/faifa
++	cd $(DESTDIR)$(libdir) && ln -sf $(LIB_SONAME) $(LIB_SHARED_SO)
+ 
+ strip:
+ 	$(STRIP) $(APP)
+-- 
+2.23.0
+

package/faifa/Config.in

@@ -10,7 +10,7 @@ config BR2_PACKAGE_FAIFA
 	  Intellon-specific management and control frames as well as
 	  standard management frames.
 
-	  https://dev.open-plc.org
+	  https://github.com/ffainelli/faifa
 
 comment "faifa needs a toolchain w/ dynamic library, threads"
 	depends on BR2_STATIC_LIBS || !BR2_TOOLCHAIN_HAS_THREADS

package/fakeroot/0002-communicate-check-return-status-of-msgrcv.patch

@@ -1,7 +1,7 @@
 From a853f21633693f9eefc4949660253a5328d2d2f3 Mon Sep 17 00:00:00 2001
 From: "Yann E. MORIN" <yann.morin.1998@free.fr>
 Date: Sun, 13 Aug 2017 23:21:54 +0200
-Subject: [PATCH 1/1] communicate: check return status of msgrcv()
+Subject: [PATCH] communicate: check return status of msgrcv()
 
 msgrcv can return with -1 to indicate an error condition.
 One such error is to have been interrupted by a signal.

package/fakeroot/0003-Select-TCP-when-lack-of-SYSV-IPC.patch

@@ -0,0 +1,77 @@
+From 8e9a7a8c72a9fe407d296ec0ffeb56b2cd271959 Mon Sep 17 00:00:00 2001
+From: Matt Weber <matthew.weber@rockwellcollins.com>
+Date: Mon, 16 Sep 2019 22:00:29 -0500
+Subject: [PATCH] Select TCP when lack of SYSV IPC
+
+Update to add a configure test to build and install the TCP IPC version
+when detecting SYSV IPC MsgQ support isn't available.
+
+The issue was initially discovered on Windows Services for Linux
+(WSL1.0). WSL does have some SysV IPC, but no message Q's, which is
+required by fakeroot/faked by default.
+
+Fixes:
+https://github.com/Microsoft/WSL/issues/2465
+
+Additional bug reports:
+https://bugs.busybox.net/show_bug.cgi?id=11366
+
+Upstream:
+https://salsa.debian.org/clint/fakeroot/merge_requests/2
+
+Signed-off-by: Jean-Francois Doyon <jfdoyon@gmail.com>
+Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
+---
+ configure.ac | 36 ++++++++++++++++++++++++++++++++++++
+ 1 file changed, 36 insertions(+)
+
+diff --git a/configure.ac b/configure.ac
+index a9189e6..1650f77 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -25,6 +25,42 @@ AC_CACHE_CHECK([which IPC method to use],
+ 	       [ac_cv_use_ipc],
+ 	       [ac_cv_use_ipc=sysv])
+ 
++if test $ac_cv_use_ipc = "sysv"; then
++  AC_MSG_CHECKING([whether SysV IPC message queues are actually working on the host])
++
++  AC_LANG_PUSH(C)
++  AC_TRY_RUN([
++#include <stdlib.h>
++#include <sys/types.h>
++#include <sys/ipc.h>
++#include <sys/msg.h>
++#include <time.h>
++#include <unistd.h>
++
++int main() {
++
++  srandom(time(NULL)+getpid()*33151);
++  key_t msg_key = random();
++  int msg_get = msgget(msg_key, IPC_CREAT|0600);
++
++  if (msg_get==-1) {
++    return 1;
++  } else {
++    msgctl(msg_get, IPC_RMID, NULL);
++    return 0;
++  }
++
++}], [ac_cv_use_ipc=sysv], [ac_cv_use_ipc=tcp])
++
++  if test $ac_cv_use_ipc = "tcp"; then
++    AC_MSG_RESULT([No, using TCP])
++  else
++    AC_MSG_RESULT([Yes])
++  fi
++
++  AC_LANG_POP(C)
++fi
++
+ AC_ARG_WITH([dbformat],
+ 	    AS_HELP_STRING([--with-dbformat@<:@=DBFORMAT@:>@],
+ 			   [database format to use: either inode (default) or path]),
+-- 
+2.17.1
+

package/fakeroot/fakeroot.mk

@@ -15,8 +15,14 @@ HOST_FAKEROOT_DEPENDENCIES = host-acl
 HOST_FAKEROOT_CONF_ENV = \
 	ac_cv_header_sys_capability_h=no \
 	ac_cv_func_capset=no
-
+# 0003-Select-TCP-when-lack-of-SYSV-IPC.patch touches configure.ac
+HOST_FAKEROOT_AUTORECONF = YES
 FAKEROOT_LICENSE = GPL-3.0+
 FAKEROOT_LICENSE_FILES = COPYING
 
+define HOST_FAKEROOT_BUILD_AUX
+	mkdir -p $(@D)/build-aux
+endef
+HOST_FAKEROOT_POST_PATCH_HOOKS += HOST_FAKEROOT_BUILD_AUX
+
 $(eval $(host-autotools-package))

package/fastd/Config.in

@@ -9,7 +9,7 @@ config BR2_PACKAGE_FASTD
 	help
 	  Fast and Secure Tunneling Daemon
 
-	  https://projects.universe-factory.net/projects/fastd/wiki
+	  https://github.com/NeoRaider/fastd/wiki
 
 if BR2_PACKAGE_FASTD
 

package/fdk-aac/fdk-aac.hash

@@ -1,6 +1,6 @@
 # From https://sourceforge.net/projects/opencore-amr/files/fdk-aac/
-sha1 30439757fe5bbc8bccedcc8e51668b74db7322c7  fdk-aac-2.0.0.tar.gz
-md5 8ccebea4fc5c9d40fff8f72bf68a6e50  fdk-aac-2.0.0.tar.gz
+sha1 575e90e85321c5be44dcf743a40ea57ab0835928  fdk-aac-2.0.1.tar.gz
+md5 e8b0b38e837df455b8a1ba75417ff0ad  fdk-aac-2.0.1.tar.gz
 # Locally computed:
-sha256 f7d6e60f978ff1db952f7d5c3e96751816f5aef238ecf1d876972697b85fd96c  fdk-aac-2.0.0.tar.gz
+sha256 840133aa9412153894af03b27b03dde1188772442c316a4ce2a24ed70093f271  fdk-aac-2.0.1.tar.gz
 sha256 95ec80da40b4af12ad4c4f3158c9cfb80f2479f3246e4260cb600827cc8c7836  NOTICE

package/fdk-aac/fdk-aac.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-FDK_AAC_VERSION = 2.0.0
+FDK_AAC_VERSION = 2.0.1
 FDK_AAC_SITE = http://downloads.sourceforge.net/project/opencore-amr/fdk-aac
 FDK_AAC_LICENSE = fdk-aac license
 FDK_AAC_LICENSE_FILES = NOTICE

package/file/0001-Detect-multiplication-overflow-when-computing-sector.patch

@@ -0,0 +1,68 @@
+From 06de62c022138f63de9bcd04074491945eaa8662 Mon Sep 17 00:00:00 2001
+From: Christos Zoulas <christos@zoulas.com>
+Date: Fri, 23 Aug 2019 14:29:14 +0000
+Subject: [PATCH] Detect multiplication overflow when computing sector position
+ (found by oss-fuzz)
+
+Fixes CVE-2019-18218
+
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+---
+ src/cdf.c | 20 +++++++++++++++++---
+ 1 file changed, 17 insertions(+), 3 deletions(-)
+
+diff --git a/src/cdf.c b/src/cdf.c
+index 556a3ff8..9d639674 100644
+--- a/src/cdf.c
++++ b/src/cdf.c
+@@ -35,7 +35,7 @@
+ #include "file.h"
+ 
+ #ifndef lint
+-FILE_RCSID("@(#)$File: cdf.c,v 1.114 2019/02/20 02:35:27 christos Exp $")
++FILE_RCSID("@(#)$File: cdf.c,v 1.115 2019/08/23 14:29:14 christos Exp $")
+ #endif
+ 
+ #include <assert.h>
+@@ -53,6 +53,10 @@ FILE_RCSID("@(#)$File: cdf.c,v 1.114 2019/02/20 02:35:27 christos Exp $")
+ #define EFTYPE EINVAL
+ #endif
+ 
++#ifndef SIZE_T_MAX
++#define SIZE_T_MAX CAST(size_t, ~0ULL)
++#endif
++
+ #include "cdf.h"
+ 
+ #ifdef CDF_DEBUG
+@@ -405,7 +409,12 @@ cdf_read_sector(const cdf_info_t *info, void *buf, size_t offs, size_t len,
+     const cdf_header_t *h, cdf_secid_t id)
+ {
+ 	size_t ss = CDF_SEC_SIZE(h);
+-	size_t pos = CDF_SEC_POS(h, id);
++	size_t pos;
++
++	if (SIZE_T_MAX / ss < CAST(size_t, id))
++		return -1;
++
++	pos = CDF_SEC_POS(h, id);
+ 	assert(ss == len);
+ 	return cdf_read(info, CAST(off_t, pos), RCAST(char *, buf) + offs, len);
+ }
+@@ -415,7 +424,12 @@ cdf_read_short_sector(const cdf_stream_t *sst, void *buf, size_t offs,
+     size_t len, const cdf_header_t *h, cdf_secid_t id)
+ {
+ 	size_t ss = CDF_SHORT_SEC_SIZE(h);
+-	size_t pos = CDF_SHORT_SEC_POS(h, id);
++	size_t pos;
++
++	if (SIZE_T_MAX / ss < CAST(size_t, id))
++		return -1;
++
++	pos = CDF_SHORT_SEC_POS(h, id);
+ 	assert(ss == len);
+ 	if (pos + len > CDF_SEC_SIZE(h) * sst->sst_len) {
+ 		DPRINTF(("Out of bounds read %" SIZE_T_FORMAT "u > %"
+-- 
+2.20.1
+

package/file/0002-Limit-the-number-of-elements-in-a-vector-found-by-os.patch

@@ -0,0 +1,62 @@
+From 46a8443f76cec4b41ec736eca396984c74664f84 Mon Sep 17 00:00:00 2001
+From: Christos Zoulas <christos@zoulas.com>
+Date: Mon, 26 Aug 2019 14:31:39 +0000
+Subject: [PATCH] Limit the number of elements in a vector (found by oss-fuzz)
+
+Fixes CVE-2019-18218
+
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+---
+ src/cdf.c | 9 ++++-----
+ src/cdf.h | 1 +
+ 2 files changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/src/cdf.c b/src/cdf.c
+index 9d639674..bb81d637 100644
+--- a/src/cdf.c
++++ b/src/cdf.c
+@@ -35,7 +35,7 @@
+ #include "file.h"
+ 
+ #ifndef lint
+-FILE_RCSID("@(#)$File: cdf.c,v 1.115 2019/08/23 14:29:14 christos Exp $")
++FILE_RCSID("@(#)$File: cdf.c,v 1.116 2019/08/26 14:31:39 christos Exp $")
+ #endif
+ 
+ #include <assert.h>
+@@ -1027,8 +1027,9 @@ cdf_read_property_info(const cdf_stream_t *sst, const cdf_header_t *h,
+ 				goto out;
+ 			}
+ 			nelements = CDF_GETUINT32(q, 1);
+-			if (nelements == 0) {
+-				DPRINTF(("CDF_VECTOR with nelements == 0\n"));
++			if (nelements > CDF_ELEMENT_LIMIT || nelements == 0) {
++				DPRINTF(("CDF_VECTOR with nelements == %"
++				    SIZE_T_FORMAT "u\n", nelements));
+ 				goto out;
+ 			}
+ 			slen = 2;
+@@ -1070,8 +1071,6 @@ cdf_read_property_info(const cdf_stream_t *sst, const cdf_header_t *h,
+ 					goto out;
+ 				inp += nelem;
+ 			}
+-			DPRINTF(("nelements = %" SIZE_T_FORMAT "u\n",
+-			    nelements));
+ 			for (j = 0; j < nelements && i < sh.sh_properties;
+ 			    j++, i++)
+ 			{
+diff --git a/src/cdf.h b/src/cdf.h
+index 2f7e554b..05056668 100644
+--- a/src/cdf.h
++++ b/src/cdf.h
+@@ -48,6 +48,7 @@
+ typedef int32_t cdf_secid_t;
+ 
+ #define CDF_LOOP_LIMIT					10000
++#define CDF_ELEMENT_LIMIT				100000
+ 
+ #define CDF_SECID_NULL					0
+ #define CDF_SECID_FREE					-1
+-- 
+2.20.1
+

package/file/file.hash

@@ -1,7 +1,7 @@
 # Locally calculated after verifying signature
-# ftp://ftp.astron.com/pub/file/file-5.36.tar.gz.asc
+# ftp://ftp.astron.com/pub/file/file-5.37.tar.gz.asc
 # using key BE04995BA8F90ED0C0C176C471112AB16CB33B3A
-sha256 fb608290c0fd2405a8f63e5717abf6d03e22e183fb21884413d1edd918184379  file-5.36.tar.gz
+sha256 e9c13967f7dd339a3c241b7710ba093560b9a33013491318e88e6b8b57bae07f  file-5.37.tar.gz
 sha256 0bfa856a9930bddadbef95d1be1cf4e163c0be618e76ea3275caaf255283e274  COPYING
 sha256 4ccb60d623884ef637af4a5bc16b2cb350163e2135e967655837336019a64462  src/mygetopt.h
 sha256 7ac061e1a1c840c4dfa0573aec6f3497676c9295b5ec4190d3576646eb1646bf  src/vasprintf.c

package/file/file.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-FILE_VERSION = 5.36
+FILE_VERSION = 5.37
 FILE_SITE = ftp://ftp.astron.com/pub/file
 FILE_DEPENDENCIES = host-file zlib
 HOST_FILE_DEPENDENCIES = host-zlib

package/flashbench/Config.in

@@ -7,4 +7,4 @@ config BR2_PACKAGE_FLASHBENCH
 	  SD cards and other media for the Linaro flash memory
 	  survey.
 
-	  https://wiki.linaro.org/WorkingGroups/KernelConsolidation/Projects/FlashCardSurvey
+	  https://git.linaro.org/people/arnd.bergmann/flashbench.git

package/fmt/Config.in

@@ -7,5 +7,7 @@ config BR2_PACKAGE_FMT
 	  used as a safe alternative to printf or as a fast alternative
 	  to IOStreams.
 
+	  https://fmt.dev
+
 comment "fmt needs a toolchain w/ C++, wchar"
 	depends on !BR2_INSTALL_LIBSTDCPP || !BR2_USE_WCHAR

package/freerdp/freerdp.mk

@@ -50,10 +50,10 @@ FREERDP_CONF_OPTS += -DWITH_ALSA=OFF
 endif
 
 ifeq ($(BR2_PACKAGE_PULSEAUDIO),y)
-FREERDP_CONF_OPTS += -DWITH_PULSEAUDIO=ON
+FREERDP_CONF_OPTS += -DWITH_PULSE=ON
 FREERDP_DEPENDENCIES += pulseaudio
 else
-FREERDP_CONF_OPTS += -DWITH_PULSEAUDIO=OFF
+FREERDP_CONF_OPTS += -DWITH_PULSE=OFF
 endif
 
 # For the systemd journal

package/fswebcam/Config.in

@@ -15,7 +15,7 @@ config BR2_PACKAGE_FSWEBCAM
 	  stdio where it can be piped to something like ncftpput or
 	  scp.
 
-	  http://www.firestorm.cx/fswebcam/
+	  https://www.sanslogic.co.uk/fswebcam/
 
 comment "fswebcam needs a toolchain w/ dynamic library"
 	depends on BR2_USE_MMU

package/gcc/7.4.0/1002-xtensa-backport-fix-for-PR-target-90922.patch

@@ -0,0 +1,43 @@
+From a592242578e573778241cae6d3928c064dcdfda4 Mon Sep 17 00:00:00 2001
+From: jcmvbkbc <jcmvbkbc@138bc75d-0d04-0410-961f-82ee72b054a4>
+Date: Tue, 18 Jun 2019 22:19:12 +0000
+Subject: [PATCH] xtensa: fix for PR target/90922
+
+Stack pointer adjustment code in prologue missed a case of no
+callee-saved registers and a stack frame size bigger than 128 bytes.
+Handle that case.
+
+This fixes the following gcc tests with call0 ABI:
+  gcc.c-torture/execute/stdarg-2.c
+  gcc.dg/torture/pr55882.c
+  gcc.dg/torture/pr57569.c
+
+gcc/
+2019-06-18  Max Filippov  <jcmvbkbc@gmail.com>
+
+	* config/xtensa/xtensa.c (xtensa_expand_prologue): Add stack
+	pointer adjustment for the case of no callee-saved registers and
+	stack frame bigger than 128 bytes.
+
+Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
+---
+ gcc/config/xtensa/xtensa.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/gcc/config/xtensa/xtensa.c b/gcc/config/xtensa/xtensa.c
+index 19bd616d67f6..ee5612441e25 100644
+--- a/gcc/config/xtensa/xtensa.c
++++ b/gcc/config/xtensa/xtensa.c
+@@ -2802,7 +2802,8 @@ xtensa_expand_prologue (void)
+ 			    gen_rtx_SET (mem, reg));
+ 	    }
+ 	}
+-      if (total_size > 1024)
++      if (total_size > 1024
++	  || (!callee_save_size && total_size > 128))
+ 	{
+ 	  rtx tmp_reg = gen_rtx_REG (Pmode, A9_REG);
+ 	  emit_move_insn (tmp_reg, GEN_INT (total_size -
+-- 
+2.11.0
+