Update for 2020.11.1

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

CHANGES

@@ -1,3 +1,32 @@
+2020.11.1, released December 27th, 2020
+
+	Important / security related fixes.
+
+	Infrastructure:
+	- cmake: fix host ccache handling for CMake 3.19
+	- meson: Forcibly disable binary stripping for
+	  target builds, enable for host builds
+	- golang: Fix HOST / TARGET directories for per-package builds
+
+	Defconfigs: Beaglebone Qt5: Fix ti-sgx related issues
+
+	Updated/fixed packages: apitrace, arm-trusted-firmware,
+	ca-certificates, cryptopp, dhcpcd, dtv-scan-tables,
+	flare-engine, ghostscript, go, haproxy, imagemagick,
+	imx-gpu-viv, jasper, kismet, libcurl, libglib2, libhtp,
+	libopenssl, libressl, libuv, libuvw, lua, mbedtls, mongodb,
+	mutt, ncurses, netsnmp, nodejs, opencv3, openldap, opkg-utils,
+	paho-mqtt-c, python-crc16, python-lxml, python-pyparsing,
+	python-pyqt5, qt5base, rauc, shadowsocks-libev, sqlcipher,
+	suricata, ti-sgx-demos, tinycbor, uclibc-ng-test, unbound,
+	webkitgtk, wpewebkit, wireshark, x11vnc, xen,
+	xserver_xorg-server
+
+	Issues resolved (http://bugs.uclibc.org):
+
+	#13316: beaglebone_qt5_defconfig: PowerVR fails to start
+	#13416: dhcpcd start warning message: no such user dhcpcd
+
 2020.11, released December 2nd, 2020
 
 	Various fixes.

DEVELOPERS

@@ -1960,9 +1960,6 @@ F:	package/openjpeg/
 N:	Olivier Singla <olivier.singla@gmail.com>
 F:	package/shellinabox/
 
-N:	Owen Walpole <owen@walpole.dev>
-F:	package/parprouted/
-
 N:	Parnell Springmeyer <parnell@digitalmentat.com>
 F:	package/scrypt/
 
@@ -2496,9 +2493,6 @@ N:	Thomas Claveirole <thomas.claveirole@green-communications.fr>
 F:	package/fcgiwrap/
 F:	package/openlayers/
 
-N:	Thomas Davis <sunsetbrew@sunsetbrew.com>
-F:	package/civetweb/
-
 N:	Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
 F:	docs/manual/
 F:	package/cereal/

Makefile

@@ -92,9 +92,9 @@ all:
 .PHONY: all
 
 # Set and export the version string
-export BR2_VERSION := 2020.11
+export BR2_VERSION := 2020.11.1
 # Actual time the release is cut (for reproducible builds)
-BR2_VERSION_EPOCH = 1606948000
+BR2_VERSION_EPOCH = 1609079000
 
 # Save running make version since it's clobbered by the make package
 RUNNING_MAKE_VERSION := $(MAKE_VERSION)

board/beaglebone/readme.txt

@@ -7,7 +7,7 @@ Description
 This configuration will build a complete image for the beaglebone and
 the TI AM335x-EVM, the board type is identified by the on-board
 EEPROM. The configuration is based on the
-ti-processor-sdk-02.00.00.00. Device tree blobs for beaglebone
+ti-processor-sdk-06.01.00.08. Device tree blobs for beaglebone
 variants and the evm-sk are built too.
 
 For Qt5 support support use the beaglebone_qt5_defconfig.
@@ -43,10 +43,20 @@ output/images/
 To copy the image file to the sdcard use dd:
 $ dd if=output/images/sdcard.img of=/dev/XXX
 
+
+Running Qt5 hellowindow opengl demo:
+===================
+# export QT_QPA_EGLFS_KMS_CONFIG=/etc/qt5/eglfs_kms_cfg.json
+# export QT_QPA_PLATFORM=eglfs
+# export QT_QPA_EGLFS_INTEGRATION=none
+# /usr/lib/qt/examples/opengl/hellowindow/hellowindow
+
+
 Tested hardware
 ===============
 am335x-evm (rev. 1.1A)
 beagleboneblack (rev. A5A)
 beaglebone (rev. A6)
 
+2020, Adam Duskett <aduskett@gmail.com>
 2016, Lothar Felten <lothar.felten@gmail.com>

board/beaglebone/rootfs_overlay/etc/qt5/eglfs_kms_cfg.json

@@ -0,0 +1,15 @@
+{
+  "device": "/dev/dri/card0",
+  "hwcursor": false,
+  "pbuffers": true,
+  "outputs": [
+    {
+      "name": "VGA1",
+      "mode": "off"
+    },
+    {
+      "name": "HDMI1",
+      "mode": "1024x768"
+    }
+  ]
+}

board/boundarydevices/common/readme.txt

@@ -40,3 +40,9 @@ Where 'sdX' is the device node of the uSD partition.
 To upgrade u-boot, cancel autoboot and type:
 
 > run upgradeu
+
+See Boundary Devices's buildroot-external-boundary project
+for additional and advanced defconfigs using Qt5, gstreamer,
+NXP proprietary packages with demo applications:
+
+https://github.com/boundarydevices/buildroot-external-boundary

boot/arm-trusted-firmware/arm-trusted-firmware.mk

@@ -100,6 +100,14 @@ ARM_TRUSTED_FIRMWARE_MAKE_OPTS += MV_DDR_PATH=$(MV_DDR_MARVELL_DIR)
 ARM_TRUSTED_FIRMWARE_DEPENDENCIES += mv-ddr-marvell
 endif
 
+ifeq ($(BR2_SSP_REGULAR),y)
+ARM_TRUSTED_FIRMWARE_MAKE_OPTS += ENABLE_STACK_PROTECTOR=default
+else ifeq ($(BR2_SSP_STRONG),y)
+ARM_TRUSTED_FIRMWARE_MAKE_OPTS += ENABLE_STACK_PROTECTOR=strong
+else ifeq ($(BR2_SSP_ALL),y)
+ARM_TRUSTED_FIRMWARE_MAKE_OPTS += ENABLE_STACK_PROTECTOR=all
+endif
+
 ARM_TRUSTED_FIRMWARE_MAKE_TARGETS = all
 
 ifeq ($(BR2_TARGET_ARM_TRUSTED_FIRMWARE_FIP),y)

configs/beaglebone_qt5_defconfig

@@ -20,11 +20,8 @@ BR2_PACKAGE_FBV=y
 BR2_PACKAGE_QT5=y
 BR2_PACKAGE_QT5BASE_EXAMPLES=y
 BR2_PACKAGE_QT5BASE_EGLFS=y
-BR2_PACKAGE_QT5BASE_DEFAULT_QPA="wayland"
+BR2_PACKAGE_QT5BASE_DEFAULT_QPA="eglfs"
 BR2_PACKAGE_QT5QUICKCONTROLS=y
-BR2_PACKAGE_QT5WAYLAND=y
-BR2_PACKAGE_QT5WAYLAND_COMPOSITOR=y
-BR2_PACKAGE_WESTON=y
 BR2_PACKAGE_TI_SGX_DEMOS=y
 BR2_PACKAGE_TI_SGX_KM=y
 BR2_PACKAGE_TI_SGX_UM=y

configs/chromebook_elm_defconfig

@@ -9,6 +9,9 @@ BR2_GLOBAL_PATCH_DIR="board/chromebook/elm/patches/"
 BR2_TARGET_ROOTFS_EXT2=y
 BR2_TARGET_ROOTFS_EXT2_4=y
 
+# Linux headers same as kernel (5.9 series)
+BR2_PACKAGE_HOST_LINUX_HEADERS_CUSTOM_5_9=y
+
 # Kernel
 BR2_LINUX_KERNEL=y
 BR2_LINUX_KERNEL_CUSTOM_VERSION=y

configs/nitrogen6x_defconfig

@@ -11,7 +11,6 @@ BR2_TARGET_GENERIC_GETTY_PORT="ttymxc1"
 BR2_ROOTFS_POST_BUILD_SCRIPT="board/boundarydevices/common/post-build.sh"
 BR2_ROOTFS_POST_IMAGE_SCRIPT="board/boundarydevices/common/post-image.sh"
 BR2_PACKAGE_HOST_GENIMAGE=y
-BR2_PACKAGE_HOST_UBOOT_TOOLS=y
 
 # filesystem
 BR2_TARGET_ROOTFS_EXT2=y

linux/Config.in

@@ -125,7 +125,7 @@ endif
 
 config BR2_LINUX_KERNEL_VERSION
 	string
-	default "5.9.11" if BR2_LINUX_KERNEL_LATEST_VERSION
+	default "5.9.14" if BR2_LINUX_KERNEL_LATEST_VERSION
 	default "4.19.152-cip37" if BR2_LINUX_KERNEL_LATEST_CIP_VERSION
 	default "4.19.152-cip37-rt16" if BR2_LINUX_KERNEL_LATEST_CIP_RT_VERSION
 	default BR2_LINUX_KERNEL_CUSTOM_VERSION_VALUE \

linux/linux.hash

@@ -1,12 +1,12 @@
 # From https://www.kernel.org/pub/linux/kernel/v5.x/sha256sums.asc
-sha256  5eb20a65a410669928f94b3975872e493fa6d0fe441c6a78b7564affa2a5d260  linux-5.9.11.tar.xz
+sha256  39fcfb41dcdf71b6b42b88eff3d8cedbe7523830ccae847f3914c0b97e1e6b49  linux-5.9.14.tar.xz
 sha256  4ab4a3f694b7b4cfbe78871eab34c8039ad33692144c45c669827a594da85534  linux-5.8.18.tar.xz
-sha256  49da425c1f3c530fd3ff31d85a0461f6b6dc6e459f7faf3eee23e49a98ce64c7  linux-5.4.80.tar.xz
+sha256  beec970bbb93de8ab839f27930f7ab00c7bd65af0ffa07a50e765affdc2561c6  linux-5.4.83.tar.xz
 # From https://www.kernel.org/pub/linux/kernel/v4.x/sha256sums.asc
-sha256  9e0bdebf18a12d0c899e5e4042e715e24a70ab0fd986a3f4c67c8ec2710bad97  linux-4.4.246.tar.xz
-sha256  49e266c7d72d388e8ce6aa486a1018cc0595ae1b9e99934bce5b484fd8dba9f5  linux-4.9.246.tar.xz
-sha256  cb02465cc8f1972cc14707b25d779c8668d220c39e68a24bb23afd4c58182b9c  linux-4.14.209.tar.xz
-sha256  18345206f9c61e8adafa5204d0ca0b8619f1d9aafd70cbd5cb0fbf1faf521585  linux-4.19.160.tar.xz
+sha256  e52a49ceb639d871478a143c314648c35e22222c317ecdf49866830fea5c3dfc  linux-4.4.248.tar.xz
+sha256  4687268061c9933c298b30d28e4bf1a30dfbab7c0da4bee194968e4f81ffeccf  linux-4.9.248.tar.xz
+sha256  0e1bc32c4842c3bbee3a15454408f528acd4d3c5e83312b93008d5ee2e9a0c79  linux-4.14.212.tar.xz
+sha256  3eeec4e5eb8a129be3536357ecb028fae7d82fac933dcfac0b6089ee398fc5fc  linux-4.19.163.tar.xz
 # Locally computed
 sha256  d2a06f52143deb929b8d513cf9afc9bd065951389a80fa70bc4d63025b5b3fb9  linux-cip-4.19.152-cip37.tar.gz
 sha256  bc1dacd3d0f526de3e8754a444e8e02a54521527af639ddb907cb35cda775a8c  linux-cip-4.19.152-cip37-rt16.tar.gz

package/apitrace/0003-CMakeLists.txt-respect-BUILD_TESTING-OFF.patch

@@ -0,0 +1,104 @@
+From 7f0f1e7e34f997eef697856804dd478b54bb365e Mon Sep 17 00:00:00 2001
+From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+Date: Tue, 22 Dec 2020 10:45:21 +0100
+Subject: [PATCH] CMakeLists.txt: respect BUILD_TESTING=OFF
+
+Allow the user to disable unit tests through BUILD_TESTING=OFF:
+https://cmake.org/cmake/help/latest/command/enable_testing.html
+
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+[Upstream status: https://github.com/apitrace/apitrace/pull/698]
+---
+ CMakeLists.txt           | 6 +++++-
+ gui/CMakeLists.txt       | 6 ++++--
+ lib/guids/CMakeLists.txt | 6 ++++--
+ lib/os/CMakeLists.txt    | 6 ++++--
+ lib/trace/CMakeLists.txt | 6 ++++--
+ 5 files changed, 21 insertions(+), 9 deletions(-)
+
+diff --git a/CMakeLists.txt b/CMakeLists.txt
+index 4a07f069..ee401887 100644
+--- a/CMakeLists.txt
++++ b/CMakeLists.txt
+@@ -41,6 +41,8 @@ option (ENABLE_FRAME_POINTER "Disable frame pointer omission" ON)
+ 
+ option (ENABLE_ASAN "Enable Address Sanitizer" OFF)
+ 
++option (BUILD_TESTING "Enable unit tests" ON)
++
+ option (ENABLE_TESTS "Enable additional tests" OFF)
+ 
+ if (ANDROID)
+@@ -433,7 +435,9 @@ endmacro ()
+ # which subdirectory they are declared
+ set (CMAKE_RUNTIME_OUTPUT_DIRECTORY ${CMAKE_BINARY_DIR})
+ 
+-enable_testing ()
++if (BUILD_TESTING)
++    enable_testing ()
++endif ()
+ if (CMAKE_CROSSCOMPILING)
+     add_custom_target (check)
+ elseif (DEFINED CMAKE_BUILD_TYPE)
+diff --git a/gui/CMakeLists.txt b/gui/CMakeLists.txt
+index 5baf3552..ad6ee501 100644
+--- a/gui/CMakeLists.txt
++++ b/gui/CMakeLists.txt
+@@ -13,8 +13,10 @@ add_library (qubjson STATIC
+     qubjson.cpp
+ )
+ 
+-add_gtest (qubjson_test qubjson_test.cpp)
+-target_link_libraries (qubjson_test qubjson)
++if (BUILD_TESTING)
++    add_gtest (qubjson_test qubjson_test.cpp)
++    target_link_libraries (qubjson_test qubjson)
++endif ()
+ 
+ set(qapitrace_SRCS
+    apisurface.cpp
+diff --git a/lib/guids/CMakeLists.txt b/lib/guids/CMakeLists.txt
+index ce0f86da..ea28a18f 100644
+--- a/lib/guids/CMakeLists.txt
++++ b/lib/guids/CMakeLists.txt
+@@ -5,5 +5,7 @@ add_library (guids STATIC
+     guids.hpp
+ )
+ 
+-add_gtest (guids_test guids_test.cpp)
+-target_link_libraries (guids_test guids)
++if (BUILD_TESTING)
++    add_gtest (guids_test guids_test.cpp)
++    target_link_libraries (guids_test guids)
++endif ()
+diff --git a/lib/os/CMakeLists.txt b/lib/os/CMakeLists.txt
+index 222411e0..b7134b57 100644
+--- a/lib/os/CMakeLists.txt
++++ b/lib/os/CMakeLists.txt
+@@ -36,5 +36,7 @@ if (APPLE)
+     )
+ endif ()
+ 
+-add_gtest (os_thread_test os_thread_test.cpp)
+-target_link_libraries (os_thread_test os)
++if (BUILD_TESTING)
++    add_gtest (os_thread_test os_thread_test.cpp)
++    target_link_libraries (os_thread_test os)
++endif ()
+diff --git a/lib/trace/CMakeLists.txt b/lib/trace/CMakeLists.txt
+index c68bd00f..d95df978 100644
+--- a/lib/trace/CMakeLists.txt
++++ b/lib/trace/CMakeLists.txt
+@@ -34,5 +34,7 @@ target_link_libraries (common
+     brotli_dec brotli_common
+ )
+ 
+-add_gtest (trace_parser_flags_test trace_parser_flags_test.cpp)
+-target_link_libraries (trace_parser_flags_test common)
++if (BUILD_TESTING)
++    add_gtest (trace_parser_flags_test trace_parser_flags_test.cpp)
++    target_link_libraries (trace_parser_flags_test common)
++endif ()
+-- 
+2.29.2
+

package/ca-certificates/ca-certificates.hash

@@ -1,6 +1,6 @@
 # hashes from: $(CA_CERTIFICATES_SITE)/ca-certificates_$(CA_CERTIFICATES_VERSION).dsc :
-sha1   47d4584eae85fc905e4994766eb3930a8a84e2e1                         ca-certificates_20190110.tar.xz
-sha256 ee4bf0f4c6398005f5b5ca4e0b87b82837ac5c3b0280a1cb3a63c47555c3a675 ca-certificates_20190110.tar.xz
+sha1  f17235bc9c3aec538065a655681815c242a6d7d5  ca-certificates_20200601.tar.xz
+sha256  43766d5a436519503dfd65ab83488ae33ab4d4ca3d0993797b58c92eb9ed4e63  ca-certificates_20200601.tar.xz
 
 # Locally computed
-sha256 80fd11117df5543d5cf17bfd951b0ead213f7867d0b09f09c6d5a5eca3ff7422 debian/copyright
+sha256  e85e1bcad3a915dc7e6f41412bc5bdeba275cadd817896ea0451f2140a93967c  debian/copyright

package/ca-certificates/ca-certificates.mk

@@ -4,9 +4,9 @@
 #
 ################################################################################
 
-CA_CERTIFICATES_VERSION = 20190110
+CA_CERTIFICATES_VERSION = 20200601
 CA_CERTIFICATES_SOURCE = ca-certificates_$(CA_CERTIFICATES_VERSION).tar.xz
-CA_CERTIFICATES_SITE = http://snapshot.debian.org/archive/debian/20190513T145054Z/pool/main/c/ca-certificates
+CA_CERTIFICATES_SITE = http://snapshot.debian.org/archive/debian/20200602T145955Z/pool/main/c/ca-certificates
 CA_CERTIFICATES_DEPENDENCIES = host-openssl
 # ca-certificates can be built with either python 2 or python 3
 # but it must be at least python 2.7

package/cryptopp/cryptopp.hash

@@ -1,5 +1,5 @@
-# Hash from: https://www.cryptopp.com/release820.html:
-sha256  03f0e2242e11b9d19b28d0ec5a3fa8ed5cc7b27640e6bed365744f593e858058  cryptopp820.zip
+# Hash from: https://www.cryptopp.com/release830.html:
+sha512  ad5219a66c5924d330d3646d0ff996dd235006f6812074bc4eb9e8c662a4f000ba20449d377f24b133d19ce682f7b2a3b2eb4c08857ce0f5bb39743d1d425147  cryptopp830.zip
 
 # Hash for license file:
-sha256  f29d65ae3f0c8e327284f193524643ffb4d682fcca3e1740a5c6cbab0e720583  License.txt
+sha256  e668af8c73a38a66a1e8951d14ec24e7582fee5254dd6c3dae488a416d105d5f  License.txt

package/cryptopp/cryptopp.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-CRYPTOPP_VERSION = 8.2.0
+CRYPTOPP_VERSION = 8.3.0
 CRYPTOPP_SOURCE = cryptopp$(subst .,,$(CRYPTOPP_VERSION)).zip
 CRYPTOPP_SITE = https://cryptopp.com
 CRYPTOPP_LICENSE = BSL-1.0, BSD-3-Clause (CRYPTOGAMS), Public domain (ChaCha SSE2 and AVX)

package/dhcpcd/dhcpcd.mk

@@ -11,6 +11,18 @@ DHCPCD_DEPENDENCIES = host-pkgconf
 DHCPCD_LICENSE = BSD-2-Clause
 DHCPCD_LICENSE_FILES = LICENSE
 
+DHCPCD_CONFIG_OPTS = \
+	--libexecdir=/lib/dhcpcd \
+	--os=linux \
+	--privsepuser=dhcpcd
+
+ifeq ($(BR2_PACKAGE_HAS_UDEV),y)
+DHCPCD_CONFIG_OPTS += --with-udev
+DHCPCD_DEPENDENCIES += udev
+else
+DHCPCD_CONFIG_OPTS += --without-udev
+endif
+
 ifeq ($(BR2_STATIC_LIBS),y)
 DHCPCD_CONFIG_OPTS += --enable-static
 endif
@@ -20,16 +32,11 @@ DHCPCD_CONFIG_OPTS += --disable-fork --disable-privsep
 endif
 
 define DHCPCD_CONFIGURE_CMDS
-	(cd $(@D); \
-	$(TARGET_CONFIGURE_OPTS) ./configure \
-		--os=linux \
-		--libexecdir=/lib/dhcpcd \
-		$(DHCPCD_CONFIG_OPTS) )
+	(cd $(@D); $(TARGET_CONFIGURE_OPTS) ./configure $(DHCPCD_CONFIG_OPTS))
 endef
 
 define DHCPCD_BUILD_CMDS
-	$(TARGET_MAKE_ENV) $(MAKE) \
-		-C $(@D) all
+	$(TARGET_MAKE_ENV) $(MAKE) -C $(@D) all
 endef
 
 define DHCPCD_INSTALL_TARGET_CMDS
@@ -51,6 +58,10 @@ define DHCPCD_INSTALL_INIT_SYSTEMD
 endef
 endif
 
+define DHCPCD_USERS
+	dhcpcd -1 dhcpcd -1 * - - - dhcpcd user
+endef
+
 # NOTE: Even though this package has a configure script, it is not generated
 # using the autotools, so we have to use the generic package infrastructure.
 

package/dtv-scan-tables/dtv-scan-tables.mk

@@ -5,7 +5,7 @@
 ################################################################################
 
 DTV_SCAN_TABLES_VERSION = 6d019038cd04e837d9dd58701202c15924c1c654
-DTV_SCAN_TABLES_SITE = http://git.linuxtv.org/cgit.cgi/dtv-scan-tables.git
+DTV_SCAN_TABLES_SITE = https://git.linuxtv.org/dtv-scan-tables.git
 DTV_SCAN_TABLES_SITE_METHOD = git
 
 # This package only contains the transponders data. This is not a 'work'

package/flare-engine/Config.in

@@ -2,6 +2,7 @@ config BR2_PACKAGE_FLARE_ENGINE
 	bool "flare-engine"
 	depends on BR2_INSTALL_LIBSTDCPP
 	depends on !BR2_STATIC_LIBS # SDL2
+	select BR2_PACKAGE_LIBPNG # SDL2_IMAGE needs libpng support
 	select BR2_PACKAGE_SDL2
 	select BR2_PACKAGE_SDL2_IMAGE
 	select BR2_PACKAGE_SDL2_MIXER

package/freescale-imx/imx-gpu-viv/imx-gpu-viv.mk

@@ -108,6 +108,7 @@ define IMX_GPU_VIV_INSTALL_TARGET_CMDS
 	$(IMX_GPU_VIV_INSTALL_EXAMPLES)
 	$(IMX_GPU_VIV_INSTALL_GMEM_INFO)
 	cp -a $(@D)/gpu-core/usr/lib $(TARGET_DIR)/usr
+	$(INSTALL) -D -m 0644 $(@D)/gpu-core/etc/Vivante.icd $(TARGET_DIR)/etc/OpenCL/vendors/Vivante.icd
 	for lib in EGL GAL GLESv2 VDK; do \
 		for f in $(TARGET_DIR)/usr/lib/lib$${lib}-*.so; do \
 			case $$f in \

package/ghostscript/ghostscript.hash

@@ -1,5 +1,5 @@
-# From https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs9532/SHA512SUMS
-sha512  73aa6013aeecbd1345317a40349089a2f19a2205fc11b8ca0b619df1e91f2ca8b03efc09be9e079cb5ab8e1b838aa2236349cd1c177217c14308242f99138ae4  ghostscript-9.53.2.tar.gz
+# From https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs9533/SHA512SUMS
+sha512  c142ef9d83896aa8fd18c8e412220fe8f4950614be00d327d27ab051fe85e16524bf2ee00f46c2aca7a352ce47bc3acf2c4de0f7bbea7e4c55474b8af6cdc0a6  ghostscript-9.53.3.tar.gz
 
 # Hash for license file:
 sha256  6f852249f975287b3efd43a5883875e47fa9f3125e2f1b18b5c09517ac30ecf2  LICENSE

package/ghostscript/ghostscript.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-GHOSTSCRIPT_VERSION = 9.53.2
+GHOSTSCRIPT_VERSION = 9.53.3
 GHOSTSCRIPT_SITE = https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs$(subst .,,$(GHOSTSCRIPT_VERSION))
 GHOSTSCRIPT_LICENSE = AGPL-3.0
 GHOSTSCRIPT_LICENSE_FILES = LICENSE

package/go/go.hash

@@ -1,3 +1,3 @@
 # From https://golang.org/dl/
-sha256  c1076b90cf94b73ebed62a81d802cd84d43d02dea8c07abdc922c57a071c84f1  go1.15.5.src.tar.gz
+sha256  890bba73c5e2b19ffb1180e385ea225059eb008eb91b694875dd86ea48675817  go1.15.6.src.tar.gz
 sha256	2d36597f7117c38b006835ae7f537487207d8ec407aa9d9980794b2030cbc067  LICENSE

package/go/go.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-GO_VERSION = 1.15.5
+GO_VERSION = 1.15.6
 GO_SITE = https://storage.googleapis.com/golang
 GO_SOURCE = go$(GO_VERSION).src.tar.gz
 
@@ -39,6 +39,10 @@ else ifeq ($(BR2_ARM_CPU_ARMV6),y)
 GO_GOARM = 6
 else ifeq ($(BR2_ARM_CPU_ARMV7A),y)
 GO_GOARM = 7
+else ifeq ($(BR2_ARM_CPU_ARMV8A),y)
+# Go doesn't support 32-bit GOARM=8 (https://github.com/golang/go/issues/29373)
+# but can still benefit from armv7 optimisations
+GO_GOARM = 7
 endif
 else ifeq ($(BR2_aarch64),y)
 GO_GOARCH = arm64
@@ -99,8 +103,8 @@ HOST_GO_HOST_ENV = \
 	$(HOST_GO_COMMON_ENV) \
 	GOARCH="" \
 	GOCACHE="$(HOST_GO_HOST_CACHE)" \
-	CC="$(HOST_CCNOCCACHE)" \
-	CXX="$(HOST_CXXNOCCACHE)" \
+	CC="$(HOSTCC_NOCCACHE)" \
+	CXX="$(HOSTCXX_NOCCACHE)" \
 	CGO_CFLAGS="$(HOST_CFLAGS)" \
 	CGO_CXXFLAGS="$(HOST_CXXFLAGS)" \
 	CGO_LDFLAGS="$(HOST_LDFLAGS)"

package/haproxy/haproxy.hash

@@ -1,5 +1,5 @@
-# From: http://www.haproxy.org/download/2.2/src/haproxy-2.2.4.tar.gz.sha256
-sha256  87a4d9d4ff8dc3094cb61bbed4a8eed2c40b5ac47b9604daebaf036d7b541be2  haproxy-2.2.4.tar.gz
+# From: http://www.haproxy.org/download/2.2/src/haproxy-2.2.6.tar.gz.sha256
+sha256  be1c6754cbaceafc4837e0c6036c7f81027a3992516435cbbbc5dc749bf5a087  haproxy-2.2.6.tar.gz
 # Locally computed:
 sha256  0717ca51fceaa25ac9e5ccc62e0c727dcf27796057201fb5fded56a25ff6ca28  LICENSE
 sha256  5df07007198989c622f5d41de8d703e7bef3d0e79d62e24332ee739a452af62a  doc/lgpl.txt

package/haproxy/haproxy.mk

@@ -5,7 +5,7 @@
 ################################################################################
 
 HAPROXY_VERSION_MAJOR = 2.2
-HAPROXY_VERSION = $(HAPROXY_VERSION_MAJOR).4
+HAPROXY_VERSION = $(HAPROXY_VERSION_MAJOR).6
 HAPROXY_SITE = http://www.haproxy.org/download/$(HAPROXY_VERSION_MAJOR)/src
 HAPROXY_LICENSE = GPL-2.0+ and LGPL-2.1+ with exceptions
 HAPROXY_LICENSE_FILES = LICENSE doc/lgpl.txt doc/gpl.txt

package/imagemagick/imagemagick.hash

@@ -1,3 +1,3 @@
 # Locally computed
-sha256  9f2b8b131222354b196c640fca4e53eb0bbf62246621b9d467f223366272d7a7  imagemagick-7.0.10-28.tar.gz
-sha256  e2d364de83dd9e7c866bd99ee7dac2fe92071fb70e9b187293353fb285cf09ac  LICENSE
+sha256  fa993169a06052267eaf81cf85bbf5a30c0bf243511017d986f47abbe65ff262  imagemagick-7.0.10-51.tar.gz
+sha256  7b43ee798e835f5e0dc03c92c52d288b46a771c4561d57ef2a9a8b2c76bf33cb  LICENSE

package/imagemagick/imagemagick.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-IMAGEMAGICK_VERSION = 7.0.10-28
+IMAGEMAGICK_VERSION = 7.0.10-51
 IMAGEMAGICK_SITE = $(call github,ImageMagick,ImageMagick,$(IMAGEMAGICK_VERSION))
 IMAGEMAGICK_LICENSE = Apache-2.0
 IMAGEMAGICK_LICENSE_FILES = LICENSE

package/jasper/jasper.hash

@@ -1,3 +1,3 @@
 # Locally calculated
-sha256  afc4166bff29b8a0dc46ed5e8d6a208d7976fccfd0b1146e3400c8b2948794a2  jasper-2.0.22.tar.gz
+sha256  20facc904bd9d38c20e0c090b1be3ae02ae5b2703b803013be2ecad586a18927  jasper-2.0.23.tar.gz
 sha256  4ad1bb42aff888c4403d792e6e2c5f1716d6c279fea70b296333c9d577d30b81  LICENSE

package/jasper/jasper.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-JASPER_VERSION = 2.0.22
+JASPER_VERSION = 2.0.23
 JASPER_SITE = $(call github,jasper-software,jasper,version-$(JASPER_VERSION))
 JASPER_INSTALL_STAGING = YES
 JASPER_LICENSE = JasPer-2.0

package/kismet/0001-configure.ac-don-t-override-LDFLAGS-with-CPPFLAGS.patch

@@ -0,0 +1,44 @@
+From e70968bcbca86dd448d619c40cdeaae8b7dcee98 Mon Sep 17 00:00:00 2001
+From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+Date: Tue, 24 Nov 2020 23:01:55 +0100
+Subject: [PATCH] configure.ac: don't override LDFLAGS with CPPFLAGS
+
+Don't override LDFLAGS with CPPFLAGS to avoid a build failure when
+building statically with uclibc due to -static keyword being lost:
+
+/home/buildroot/autobuild/run/instance-3/output-1/host/bin/xtensa-buildroot-linux-uclibc-gcc -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -o kismet_cap_linux_wifi ../interface_control.c.o ../wifi_ht_channels.c.o linux_wireless_control.c.o linux_netlink_control.c.o linux_nexmon_control.c.o linux_wireless_rfkill.c.o capture_linux_wifi.c.o ../libkismetdatasource.a -L/home/buildroot/autobuild/run/instance-3/output-1/host/bin/../xtensa-buildroot-linux-uclibc/sysroot/usr/lib -lpcap -L/home/buildroot/autobuild/run/instance-3/output-1/host/bin/../xtensa-buildroot-linux-uclibc/sysroot/home/buildroot/autobuild/run/instance-3/output-1/host/xtensa-buildroot-linux-uclibc/sysroot/usr/lib/.libs -lnl-genl-3 -lnl-3   -L/home/buildroot/autobuild/run/instance-3/output-1/host/bin/../xtensa-buildroot-linux-uclibc/sysroot/usr/lib -lpthread -lnl-genl-3 -lnl-3 -lpthread   -lpthread -L/home/buildroot/autobuild/run/instance-3/output-1/host/bin/../xtensa-buildroot-linux-uclibc/sysroot/usr/lib -lprotobuf-c  -lm
+/home/buildroot/autobuild/run/instance-3/output-1/host/lib/gcc/xtensa-buildroot-linux-uclibc/9.3.0/../../../../xtensa-buildroot-linux-uclibc/bin/ld: /home/buildroot/autobuild/run/instance-3/output-1/host/lib/gcc/xtensa-buildroot-linux-uclibc/9.3.0/libgcc.a(unwind-dw2-fde-dip.o): in function `_Unwind_Find_registered_FDE':
+/home/buildroot/autobuild/run/instance-3/output-1/build/host-gcc-final-9.3.0/build/xtensa-buildroot-linux-uclibc/libgcc/../../../libgcc/unwind-dw2-fde.c:1040: undefined reference to `dl_iterate_phdr'
+collect2: error: ld returned 1 exit status
+
+To fix this build failure, just drop OCPPFLAGS and OLDFLAGS which are
+not used anymore
+
+Fixes:
+ - http://autobuild.buildroot.org/results/b859eb3850c0beb23e18010dc2f07cd0f5c14440
+
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+[Upstream status: https://github.com/kismetwireless/kismet/pull/326 (merged)]
+---
+ configure.ac | 5 -----
+ 1 file changed, 5 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index aab47fb0..4df37a29 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -619,11 +619,6 @@ else
+     AC_MSG_RESULT([no])
+ fi
+ 
+-OCPPFLAGS=$CPPFLAGS
+-CPPFLAGS="$CPPFLAGS"
+-OLDFLAGS=$LDFLAGS
+-LDFLAGS="$CPPFLAGS"
+-
+ # Do we need libm for math functions?
+ AC_MSG_CHECKING([for libm math function in std libs])
+ OCFL="$CFLAGS"
+-- 
+2.29.2
+

package/kismet/kismet.mk

@@ -17,6 +17,8 @@ KISMET_DEPENDENCIES = \
 	zlib
 KISMET_LICENSE = GPL-2.0+
 KISMET_LICENSE_FILES = LICENSE
+# We're patching configure.ac
+KISMET_AUTORECONF = YES
 KISMET_CONF_OPTS = --disable-debuglibs
 
 KISMET_CXXFLAGS = $(TARGET_CXXFLAGS)

package/libcurl/0001-libssh2-fix-build-with-disabled-proxy-support.patch

@@ -1,46 +0,0 @@
-From 75d2b1787b3253784a94c66016829acf1f442526 Mon Sep 17 00:00:00 2001
-Message-Id: <75d2b1787b3253784a94c66016829acf1f442526.1603688719.git.baruch@tkos.co.il>
-From: Baruch Siach <baruch@tkos.co.il>
-Date: Mon, 26 Oct 2020 06:56:49 +0200
-Subject: [PATCH] libssh2: fix build with disabled proxy support
-
-Build breaks because the http_proxy field is missing:
-
-vssh/libssh2.c: In function 'ssh_connect':
-vssh/libssh2.c:3119:10: error: 'struct connectdata' has no member named 'http_proxy'
-   if(conn->http_proxy.proxytype == CURLPROXY_HTTPS) {
-		  ^
-
-Signed-off-by: Baruch Siach <baruch@tkos.co.il>
----
-Upstream status: https://github.com/curl/curl/pull/6125
-
- lib/vssh/libssh2.c | 5 ++++-
- 1 file changed, 4 insertions(+), 1 deletion(-)
-
-diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c
-index 6c6db049bf5a..74cd5d887549 100644
---- a/lib/vssh/libssh2.c
-+++ b/lib/vssh/libssh2.c
-@@ -3094,6 +3094,7 @@ static CURLcode ssh_connect(struct connectdata *conn, bool *done)
-     return CURLE_FAILED_INIT;
-   }
- 
-+#ifndef CURL_DISABLE_PROXY
-   if(conn->http_proxy.proxytype == CURLPROXY_HTTPS) {
-     /*
-      * This crazy union dance is here to avoid assigning a void pointer a
-@@ -3132,7 +3133,9 @@ static CURLcode ssh_connect(struct connectdata *conn, bool *done)
-     libssh2_session_callback_set(ssh->ssh_session,
-                                  LIBSSH2_CALLBACK_SEND, sshsend.sendp);
-   }
--  else if(conn->handler->protocol & CURLPROTO_SCP) {
-+  else
-+#endif /* CURL_DISABLE_PROXY */
-+  if(conn->handler->protocol & CURLPROTO_SCP) {
-     conn->recv[FIRSTSOCKET] = scp_recv;
-     conn->send[FIRSTSOCKET] = scp_send;
-   }
--- 
-2.28.0
-

package/libcurl/libcurl.hash

@@ -1,5 +1,5 @@
 # Locally calculated after checking pgp signature
-# https://curl.haxx.se/download/curl-7.73.0.tar.xz.asc
+# https://curl.haxx.se/download/curl-7.74.0.tar.xz.asc
 # signed with key 27EDEAF22F3ABCEB50DB9A125CC908FDB71E12C2
-sha256  7c4c7ca4ea88abe00fea4740dcf81075c031b1d0bb23aff2d5efde20a3c2408a  curl-7.73.0.tar.xz
+sha256  999d5f2c403cf6e25d58319fdd596611e455dd195208746bc6e6d197a77e878b  curl-7.74.0.tar.xz
 sha256  db3c4a3b3695a0f317a0c5176acd2f656d18abc45b3ee78e50935a78eb1e132e  COPYING

package/libcurl/libcurl.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-LIBCURL_VERSION = 7.73.0
+LIBCURL_VERSION = 7.74.0
 LIBCURL_SOURCE = curl-$(LIBCURL_VERSION).tar.xz
 LIBCURL_SITE = https://curl.haxx.se/download
 LIBCURL_DEPENDENCIES = host-pkgconf \

package/libglib2/0001-fix-compile-time-atomic-detection.patch

@@ -5,7 +5,7 @@ Subject: [PATCH] Fix compile time atomic detection
 
 Improved compile-time detection of atomic support in the compiler.
 
-Upstream-Status: Merged
+Upstream-Status: 'Needs information'
 See : https://gitlab.gnome.org/GNOME/glib/issues/1063
 
 Signed-off-by: Brendan Heading <brendanheading@gmail.com>

package/libhtp/libhtp.hash

@@ -1,3 +1,3 @@
 # Locally computed:
-sha256  4c3ac4c6027710455ffe725f24ac6a83b2c13fe0afc83b74df2cca78ba46976a  libhtp-0.5.35.tar.gz
+sha256  ab1dd6cfd4ab4c36624a5c74793d80d1b7f50f5791620f47bfd831a79e32bc4b  libhtp-0.5.36.tar.gz
 sha256  87c93904e5434c81622ea690c2b90097b9f162aaa92a96542649a157dbf98d15  LICENSE

package/libhtp/libhtp.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-LIBHTP_VERSION = 0.5.35
+LIBHTP_VERSION = 0.5.36
 LIBHTP_SITE = $(call github,OISF,libhtp,$(LIBHTP_VERSION))
 LIBHTP_LICENSE = BSD-3-Clause
 LIBHTP_LICENSE_FILES = LICENSE

package/libopenssl/0001-Dont-waste-time-building-manpages-if-we-re-not-going.patch

@@ -9,6 +9,8 @@ Signed-off-by: Ryan Barnett <ryanbarnett3@gmail.com>
 
 [rebased on openssl-1.1.0h]
 Signed-off-by: Peter Seiderer <ps.report@gmx.net>
+[rebased on openssl-1.1.1i]
+Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
 ---
  Configurations/unix-Makefile.tmpl | 2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)
@@ -17,7 +19,7 @@ diff --git a/Configurations/unix-Makefile.tmpl b/Configurations/unix-Makefile.tm
 index 40cf2c3..777d9ca 100644
 --- a/Configurations/unix-Makefile.tmpl
 +++ b/Configurations/unix-Makefile.tmpl
-@@ -268,7 +268,7 @@ list-tests:
+@@ -491,7 +491,7 @@ list-tests:
  	@echo "Tests are not supported with your chosen Configure options"
  	@ : {- output_on() if !$disabled{tests}; "" -}
  

package/libopenssl/0004-Configure-use-ELFv2-ABI-on-some-ppc64-big-endian-sys.patch

@@ -11,6 +11,8 @@ Reviewed-by: Richard Levitte <levitte@openssl.org>
 (Merged from https://github.com/openssl/openssl/pull/8883)
 [vfazio: fixup for 1.1.1d]
 Signed-off-by: Vincent Fazio <vfazio@xes-inc.com>
+[rebased on openssl-1.1.1i]
+Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
 ---
  Configure | 4 ++++
  1 file changed, 4 insertions(+)
@@ -19,7 +21,7 @@ diff --git a/Configure b/Configure
 index 5a699836f3..f9152b1702 100755
 --- a/Configure
 +++ b/Configure
-@@ -1413,6 +1413,10 @@ my %predefined_CXX = $config{CXX}
+@@ -1417,6 +1417,10 @@ my %predefined_CXX = $config{CXX}
      ? compiler_predefined($config{CROSS_COMPILE}.$config{CXX})
      : ();
  

package/libopenssl/libopenssl.hash

@@ -1,5 +1,5 @@
-# From https://www.openssl.org/source/openssl-1.1.1h.tar.gz.sha256
-sha256  5c9ca8774bd7b03e5784f26ae9e9e6d749c9da2438545077e6b3d755a06595d9  openssl-1.1.1h.tar.gz
+# From https://www.openssl.org/source/openssl-1.1.1i.tar.gz.sha256
+sha256  e8be6a35fe41d10603c3cc635e93289ed00bf34b79671a3a4de64fcee00d5242  openssl-1.1.1i.tar.gz
 
 # License files
 sha256  c32913b33252e71190af2066f08115c69bc9fddadf3bf29296e20c835389841c  LICENSE

package/libopenssl/libopenssl.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-LIBOPENSSL_VERSION = 1.1.1h
+LIBOPENSSL_VERSION = 1.1.1i
 LIBOPENSSL_SITE = https://www.openssl.org/source
 LIBOPENSSL_SOURCE = openssl-$(LIBOPENSSL_VERSION).tar.gz
 LIBOPENSSL_LICENSE = OpenSSL or SSLeay

package/libressl/libressl.hash

@@ -1,4 +1,4 @@
 # From https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/SHA256
-sha256  a9d1e1d030b8bcc67bf6428b8c0fff14a5602e2236257b9e3d77acaf12e2a7a1  libressl-3.2.2.tar.gz
+sha256  412dc2baa739228c7779e93eb07cd645d5c964d2f2d837a9fd56db7498463d73  libressl-3.2.3.tar.gz
 # Locally computed
 sha256  5c63613f008f16a9c0025c096bbd736cecf720494d121b5c5203e0ec6e5955b1  COPYING

package/libressl/libressl.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-LIBRESSL_VERSION = 3.2.2
+LIBRESSL_VERSION = 3.2.3
 LIBRESSL_SITE = https://ftp.openbsd.org/pub/OpenBSD/LibreSSL
 LIBRESSL_LICENSE = ISC (new additions), OpenSSL or SSLeay (original OpenSSL code)
 LIBRESSL_LICENSE_FILES = COPYING

package/libuv/libuv.hash

@@ -1,3 +1,3 @@
 # Locally calculated
-sha256  2cd9a757fe6c512440933e2bdcab21143d4aa6249b2541399908ce038b756c9d  libuv-1.38.0.tar.gz
+sha256  70fe1c9ba4f2c509e8166c0ca2351000237da573bb6c82092339207a9715ba6b  libuv-1.40.0.tar.gz
 sha256  6d20216ae022fbeed23916f48508fd807ece3d8464992330643b0e64e5c0c24b  LICENSE

package/libuv/libuv.mk

@@ -6,7 +6,7 @@
 
 # When bumping libuv, check if a new version of uvw is available
 # and bump it too.
-LIBUV_VERSION = 1.38.0
+LIBUV_VERSION = 1.40.0
 LIBUV_SITE = $(call github,libuv,libuv,v$(LIBUV_VERSION))
 LIBUV_DEPENDENCIES = host-pkgconf
 LIBUV_INSTALL_STAGING = YES

package/linux-headers/Config.in.host

@@ -346,13 +346,13 @@ endchoice
 
 config BR2_DEFAULT_KERNEL_HEADERS
 	string
-	default "4.4.246"	if BR2_KERNEL_HEADERS_4_4
-	default "4.9.246"	if BR2_KERNEL_HEADERS_4_9
-	default "4.14.209"	if BR2_KERNEL_HEADERS_4_14
-	default "4.19.160"	if BR2_KERNEL_HEADERS_4_19
-	default "5.4.80"	if BR2_KERNEL_HEADERS_5_4
+	default "4.4.248"	if BR2_KERNEL_HEADERS_4_4
+	default "4.9.248"	if BR2_KERNEL_HEADERS_4_9
+	default "4.14.212"	if BR2_KERNEL_HEADERS_4_14
+	default "4.19.163"	if BR2_KERNEL_HEADERS_4_19
+	default "5.4.83"	if BR2_KERNEL_HEADERS_5_4
 	default "5.8.18"	if BR2_KERNEL_HEADERS_5_8
-	default "5.9.11"	if BR2_KERNEL_HEADERS_5_9
+	default "5.9.14"	if BR2_KERNEL_HEADERS_5_9
 	default BR2_DEFAULT_KERNEL_VERSION if BR2_KERNEL_HEADERS_VERSION
 	default "custom"	if BR2_KERNEL_HEADERS_CUSTOM_TARBALL
 	default BR2_KERNEL_HEADERS_CUSTOM_REPO_VERSION \

package/lua/5.4.1/lua.hash

@@ -1,6 +0,0 @@
-# Hashes from: http://www.lua.org/ftp/
-md5  1d575faef1c907292edd79e7a2784d30  lua-5.4.1.tar.gz
-sha1  88961e7d4fda58ca2c6163938fd48db8880e803d  lua-5.4.1.tar.gz
-
-# Locally computed
-sha256  c202c5ff3b0c7a0ff2b215fff534c4b4018554843d23ac6eca3d97533b3ad97f  doc/readme.html

package/lua/5.4.2/0001-root-path.patch

@@ -6,7 +6,7 @@ Index: b/src/luaconf.h
 ===================================================================
 --- a/src/luaconf.h
 +++ b/src/luaconf.h
-@@ -227,7 +227,7 @@
+@@ -212,7 +212,7 @@
  
  #else			/* }{ */
  

package/lua/5.4.2/lua.hash

@@ -0,0 +1,6 @@
+# Hashes from: https://www.lua.org/ftp/
+md5  49c92d6a49faba342c35c52e1ac3f81e  lua-5.4.2.tar.gz
+sha1  96d4a21393c94bed286b8dc0568f4bdde8730b22  lua-5.4.2.tar.gz
+
+# Locally computed
+sha256  17bd5781d5dfa8c946fea639984fcbcb499d8bb3056a3c2cb5c15c3da5d1c207  doc/readme.html

package/lua/lua.mk

@@ -5,13 +5,13 @@
 ################################################################################
 
 ifeq ($(BR2_PACKAGE_LUA_5_4),y)
-LUA_VERSION = 5.4.1
+LUA_VERSION = 5.4.2
 else ifeq ($(BR2_PACKAGE_LUA_5_3),y)
 LUA_VERSION = 5.3.6
 else
 LUA_VERSION = 5.1.5
 endif
-LUA_SITE = http://www.lua.org/ftp
+LUA_SITE = https://www.lua.org/ftp
 LUA_INSTALL_STAGING = YES
 LUA_LICENSE = MIT
 ifeq ($(BR2_PACKAGE_LUA_5_3)$(BR2_PACKAGE_LUA_5_4),y)

package/mbedtls/mbedtls.hash

@@ -1,4 +1,4 @@
-# From https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.8:
-sha256  fe9e3b15c3375943bdfebbbb20dd6b4f1147b3b5d926248bd835d73247407430  mbedtls-2.16.8.tar.gz
+# From https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.9:
+sha256  fc17ff7d8c11d08f23ae2800a18269408ad2c24ea6bb8b9363e41a01c2425697  mbedtls-2.16.9.tar.gz
 # Locally calculated
 sha256  cfc7749b96f63bd31c3c42b5c471bf756814053e847c10f3eb003417bc523d30  apache-2.0.txt

package/mbedtls/mbedtls.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-MBEDTLS_VERSION = 2.16.8
+MBEDTLS_VERSION = 2.16.9
 MBEDTLS_SITE = $(call github,ARMmbed,mbedtls,v$(MBEDTLS_VERSION))
 MBEDTLS_CONF_OPTS = \
 	-DENABLE_PROGRAMS=$(if $(BR2_PACKAGE_MBEDTLS_PROGRAMS),ON,OFF) \

package/mongodb/mongodb.hash

@@ -1,4 +1,4 @@
 # Locally computed:
-sha256  f44a846514f8db8be2a662210ad7fefc059d8e17ab2c59aceeae8b0b173d8286  mongodb-src-r4.2.10.tar.gz
+sha256  ab5a8b6e967614a8ad67c0ca87124c4f380d4a476508973a7995d54ed902b02e  mongodb-src-r4.2.11.tar.gz
 sha256  cfc7749b96f63bd31c3c42b5c471bf756814053e847c10f3eb003417bc523d30  APACHE-2.0.txt
 sha256  09d99ca61eb07873d5334077acba22c33e7f7d0a9fa08c92734e0ac8430d6e27  LICENSE-Community.txt

package/mongodb/mongodb.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-MONGODB_VERSION = 4.2.10
+MONGODB_VERSION = 4.2.11
 MONGODB_SITE = https://fastdl.mongodb.org/src
 MONGODB_SOURCE = mongodb-src-r$(MONGODB_VERSION).tar.gz
 

package/mutt/0001-Ensure-IMAP-connection-is-closed-after-a-connection-error.patch

@@ -0,0 +1,48 @@
+From 04b06aaa3e0cc0022b9b01dbca2863756ebbf59a Mon Sep 17 00:00:00 2001
+From: Kevin McCarthy <kevin@8t8.us>
+Date: Mon, 16 Nov 2020 10:20:21 -0800
+Subject: [PATCH] Ensure IMAP connection is closed after a connection error.
+
+During connection, if the server provided an illegal initial response,
+Mutt "bailed", but did not actually close the connection.  The calling
+code unfortunately relied on the connection status to decide to
+continue with authentication, instead of checking the "bail" return
+value.
+
+This could result in authentication credentials being sent over an
+unencrypted connection, without $ssl_force_tls being consulted.
+
+Fix this by strictly closing the connection on any invalid response
+during connection.  The fix is intentionally small, to ease
+backporting.  A better fix would include removing the 'err_close_conn'
+label, and perhaps adding return value checking in the caller (though
+this change obviates the need for that).
+
+This addresses CVE-2020-28896.  Thanks to Gabriel Salles-Loustau for
+reporting the problem, and providing test cases to reproduce.
+
+[Retrieved from:
+https://gitlab.com/muttmua/mutt/-/commit/04b06aaa3e0cc0022b9b01dbca2863756ebbf59a]
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+---
+ imap/imap.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/imap/imap.c b/imap/imap.c
+index b24e8a3f..b13dd54d 100644
+--- a/imap/imap.c
++++ b/imap/imap.c
+@@ -561,9 +561,9 @@ int imap_open_connection (IMAP_DATA* idata)
+ 
+ #if defined(USE_SSL)
+ err_close_conn:
+-  imap_close_connection (idata);
+ #endif
+ bail:
++  imap_close_connection (idata);
+   FREE (&idata->capstr);
+   return -1;
+ }
+-- 
+GitLab
+

package/mutt/mutt.mk

@@ -11,6 +11,9 @@ MUTT_LICENSE_FILES = GPL
 MUTT_DEPENDENCIES = ncurses
 MUTT_CONF_OPTS = --disable-doc --disable-smtp
 
+# 0001-Ensure-IMAP-connection-is-closed-after-a-connection-error.patch
+MUTT_IGNORE_CVES += CVE-2020-28896
+
 ifeq ($(BR2_PACKAGE_LIBICONV),y)
 MUTT_DEPENDENCIES += libiconv
 MUTT_CONF_OPTS += --enable-iconv
@@ -40,7 +43,7 @@ MUTT_CONF_OPTS += --disable-pop
 endif
 
 # SSL support is only used by imap or pop3 module
-ifneq ($(BR2_PACKAGET_MUTT_IMAP)$(BR2_PACKAGE_MUTT_POP3),)
+ifneq ($(BR2_PACKAGE_MUTT_IMAP)$(BR2_PACKAGE_MUTT_POP3),)
 ifeq ($(BR2_PACKAGE_OPENSSL),y)
 MUTT_DEPENDENCIES += openssl
 MUTT_CONF_OPTS += --with-ssl=$(STAGING_DIR)/usr
@@ -58,6 +61,13 @@ else
 MUTT_CONF_OPTS += --without-sqlite3
 endif
 
+ifeq ($(BR2_PACKAGE_ZLIB),y)
+MUTT_DEPENDENCIES += zlib
+MUTT_CONF_OPTS += --with-zlib=$(STAGING_DIR)/usr
+else
+MUTT_CONF_OPTS += --without-zlib
+endif
+
 # Avoid running tests to check for:
 #  - target system is *BSD
 #  - C99 conformance (snprintf, vsnprintf)

package/ncurses/ncurses.mk

@@ -187,6 +187,9 @@ define HOST_NCURSES_BUILD_CMDS
 	$(HOST_MAKE_ENV) $(MAKE) -C $(@D)/progs tic
 endef
 
+HOST_NCURSES_CONF_ENV = \
+	ac_cv_path_LDCONFIG=""
+
 HOST_NCURSES_CONF_OPTS = \
 	--with-shared \
 	--without-gpm \

package/netsnmp/0006-IP-MIB-Linux-Fix-a-memory-leak-in-an-error-path.patch

@@ -0,0 +1,37 @@
+From 7c073e3a1b736689135fd2ed44ede5b83790bd37 Mon Sep 17 00:00:00 2001
+From: Bart Van Assche <bvanassche@acm.org>
+Date: Mon, 26 Aug 2019 18:32:08 -0700
+Subject: IP-MIB, Linux: Fix a memory leak in an error path
+
+When a Linux system is booted with "ipv6.disable=1" in the kernel command
+line, the file "/proc/net/snmp6" is not created. Fix the memory leak in
+_systemstats_v6_load_systemstats() that is triggered with IPv6 disabled.
+
+See also https://sourceforge.net/p/net-snmp/bugs/2976/.
+
+Reported-by: Mark E Rusk <marker55@users.sourceforge.net>
+---
+ agent/mibgroup/ip-mib/data_access/systemstats_linux.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/agent/mibgroup/ip-mib/data_access/systemstats_linux.c b/agent/mibgroup/ip-mib/data_access/systemstats_linux.c
+index e28ff93..f68d122 100644
+--- a/agent/mibgroup/ip-mib/data_access/systemstats_linux.c
++++ b/agent/mibgroup/ip-mib/data_access/systemstats_linux.c
+@@ -560,10 +560,12 @@ _systemstats_v6_load_systemstats(netsnmp_container* container, u_int load_flags)
+      * try to open file. If we can't, that's ok - maybe the module hasn't
+      * been loaded yet.
+      */
+-    if (!(devin = fopen(filename, "r"))) {
++    devin = fopen(filename, "r");
++    if (!devin) {
+         DEBUGMSGTL(("access:systemstats",
+                 "Failed to load Systemstats Table (linux1), cannot open %s\n",
+                 filename));
++        netsnmp_access_systemstats_entry_free(entry);
+         return 0;
+     }
+     
+-- 
+2.7.4
+

package/nodejs/nodejs.hash

@@ -1,5 +1,5 @@
-# From https://nodejs.org/dist/v12.18.4/SHASUMS256.txt
-sha256  25f03cb18e53b6d0959d0c219e701a85eb4693f526bdda7c72bc6199b364f609  node-v12.18.4.tar.xz
+# From https://nodejs.org/dist/v12.19.1/SHASUMS256.txt
+sha256  74077e0cc3db000a6f3cc685b220e609807b61adc8e7d8243e8511d478d1b17d  node-v12.19.1.tar.xz
 
 # Hash for license file
 sha256  0dc03af08b95ea0c1e27f8fd591dee4383eb6f2c304db6eb6cdfb6751f7da87b  LICENSE

package/nodejs/nodejs.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-NODEJS_VERSION = 12.18.4
+NODEJS_VERSION = 12.19.1
 NODEJS_SOURCE = node-v$(NODEJS_VERSION).tar.xz
 NODEJS_SITE = http://nodejs.org/dist/v$(NODEJS_VERSION)
 NODEJS_DEPENDENCIES = host-python host-nodejs c-ares \

package/opencv3/opencv3.mk

@@ -46,6 +46,7 @@ endif
 # OpenCV build options
 OPENCV3_CONF_OPTS += \
 	-DBUILD_WITH_STATIC_CRT=OFF \
+	-DENABLE_CCACHE=OFF \
 	-DENABLE_COVERAGE=OFF \
 	-DENABLE_FAST_MATH=ON \
 	-DENABLE_IMPL_COLLECTION=OFF \
@@ -286,7 +287,9 @@ OPENCV3_CONF_OPTS += -DWITH_PNG=OFF
 endif
 
 ifeq ($(BR2_PACKAGE_OPENCV3_WITH_PROTOBUF),y)
+# protobuf needs c++11 (since 3.6.0)
 OPENCV3_CONF_OPTS += \
+	-DENABLE_CXX11=ON \
 	-DPROTOBUF_UPDATE_FILES=ON \
 	-DWITH_PROTOBUF=ON
 OPENCV3_DEPENDENCIES += protobuf

package/openldap/0001-fix_cross_strip.patch

@@ -44,7 +44,7 @@ diff -rupN openldap-2.4.40/clients/tools/Makefile.in openldap-2.4.40-br/clients/
 diff -rupN openldap-2.4.40/configure.in openldap-2.4.40-br/configure.in
 --- openldap-2.4.40/configure.in	2014-09-18 21:48:49.000000000 -0400
 +++ openldap-2.4.40-br/configure.in	2015-01-16 15:50:48.874816786 -0500
-@@ -669,6 +669,15 @@ if test -z "${AR}"; then
+@@ -668,6 +668,15 @@ if test -z "${AR}"; then
  	fi
  fi
  

package/openldap/0002-fix-bignum.patch

@@ -15,7 +15,7 @@ Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
 diff -durN openldap-2.4.40.orig/configure openldap-2.4.40/configure
 --- openldap-2.4.40.orig/configure	2014-09-19 03:48:49.000000000 +0200
 +++ openldap-2.4.40/configure	2015-01-25 18:44:54.216879362 +0100
-@@ -23478,7 +23478,7 @@
+@@ -23431,7 +23431,7 @@
  
  	if test "$ac_cv_header_openssl_bn_h" = "yes" &&
  		test "$ac_cv_header_openssl_crypto_h" = "yes" &&
@@ -27,7 +27,7 @@ diff -durN openldap-2.4.40.orig/configure openldap-2.4.40/configure
 diff -durN openldap-2.4.40.orig/configure.in openldap-2.4.40/configure.in
 --- openldap-2.4.40.orig/configure.in	2014-09-19 03:48:49.000000000 +0200
 +++ openldap-2.4.40/configure.in	2015-01-25 18:44:37.628676446 +0100
-@@ -2367,7 +2367,7 @@
+@@ -2383,7 +2383,7 @@
  	AC_CHECK_HEADERS(openssl/crypto.h)
  	if test "$ac_cv_header_openssl_bn_h" = "yes" &&
  		test "$ac_cv_header_openssl_crypto_h" = "yes" &&

package/openldap/openldap.hash

@@ -1,7 +1,7 @@
-# From https://www.openldap.org/software/download/OpenLDAP/openldap-release/openldap-2.4.50.md5
-md5  f9ed44ef373abed04c9e4c8586260f9e  openldap-2.4.50.tgz
-# From https://www.openldap.org/software/download/OpenLDAP/openldap-release/openldap-2.4.50.sha1
-sha1  82f576e0d0d334e9e798d9de8936683546247bb9  openldap-2.4.50.tgz
+# From https://www.openldap.org/software/download/OpenLDAP/openldap-release/openldap-2.4.56.md5
+md5  82a7dcf7aeaf95fdad16017c0ed9983a  openldap-2.4.56.tgz
+# From https://www.openldap.org/software/download/OpenLDAP/openldap-release/openldap-2.4.56.sha1
+sha1  4c617b87bd50ef8d071e7deb7525af79b08d4910  openldap-2.4.56.tgz
 # Locally computed
-sha256  5cb57d958bf5c55a678c6a0f06821e0e5504d5a92e6a33240841fbca1db586b8  openldap-2.4.50.tgz
+sha256  25520e0363c93f3bcb89802a4aa3db33046206039436e0c7c9262db5a61115e0  openldap-2.4.56.tgz
 sha256  310fe25c858a9515fc8c8d7d1f24a67c9496f84a91e0a0e41ea9975b1371e569  LICENSE

package/openldap/openldap.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-OPENLDAP_VERSION = 2.4.50
+OPENLDAP_VERSION = 2.4.56
 OPENLDAP_SOURCE = openldap-$(OPENLDAP_VERSION).tgz
 OPENLDAP_SITE = https://www.openldap.org/software/download/OpenLDAP/openldap-release
 OPENLDAP_LICENSE = OpenLDAP Public License

package/opkg-utils/opkg-utils.mk

@@ -10,6 +10,8 @@ OPKG_UTILS_SITE_METHOD = git
 OPKG_UTILS_LICENSE = GPL-2.0+
 OPKG_UTILS_LICENSE_FILES = COPYING
 
+HOST_OPKG_UTILS_DEPENDENCIES += $(BR2_PYTHON3_HOST_DEPENDENCY)
+
 define HOST_OPKG_UTILS_BUILD_CMDS
 	$(MAKE) -C $(@D) $(HOST_CONFIGURE_OPTS)
 endef

package/paho-mqtt-c/paho-mqtt-c.hash

@@ -1,5 +1,5 @@
 # Locally computed:
-sha256  ecbc2c2000c6d8dcf1a76325312c61ed29db0b010acbd40cb92fcd4c014cd017  paho-mqtt-c-1.3.6.tar.gz
+sha256  19e9f04ddf244ab8c937d7e631ca15cedce7df95712c554107600e80efdaf277  paho-mqtt-c-1.3.7.tar.gz
 sha256  83bbba033dc985487e321b6dfde111772affb73460be48726299fed3da684b1c  edl-v10
 sha256  0becf16567beb77fa252b7664631dd177c8f9a1889e48995b45379c7130e5303  epl-v20
 sha256  bc0f3f447097eb82a29ad6c2f4929572bb548b6bd4c9e38fde1bf131a771b7a0  LICENSE

package/paho-mqtt-c/paho-mqtt-c.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-PAHO_MQTT_C_VERSION = 1.3.6
+PAHO_MQTT_C_VERSION = 1.3.7
 PAHO_MQTT_C_SITE = $(call github,eclipse,paho.mqtt.c,v$(PAHO_MQTT_C_VERSION))
 PAHO_MQTT_C_LICENSE = EPL-2.0 or BSD-3-Clause
 PAHO_MQTT_C_LICENSE_FILES = epl-v20 edl-v10 LICENSE

package/pkg-cmake.mk

@@ -22,10 +22,10 @@
 
 # Set compiler variables.
 ifeq ($(BR2_CCACHE),y)
-CMAKE_HOST_C_COMPILER = $(HOST_DIR)/bin/ccache
-CMAKE_HOST_CXX_COMPILER = $(HOST_DIR)/bin/ccache
-CMAKE_HOST_C_COMPILER_ARG1 = $(HOSTCC_NOCCACHE)
-CMAKE_HOST_CXX_COMPILER_ARG1 = $(HOSTCXX_NOCCACHE)
+CMAKE_HOST_C_COMPILER = $(HOSTCC_NOCCACHE)
+CMAKE_HOST_CXX_COMPILER = $(HOSTCXX_NOCCACHE)
+CMAKE_HOST_C_COMPILER_LAUNCHER = $(HOST_DIR)/bin/ccache
+CMAKE_HOST_CXX_COMPILER_LAUNCHER = $(HOST_DIR)/bin/ccache
 else
 CMAKE_HOST_C_COMPILER = $(HOSTCC)
 CMAKE_HOST_CXX_COMPILER = $(HOSTCXX)
@@ -134,9 +134,9 @@ define $(2)_CONFIGURE_CMDS
 		-DCMAKE_ASM_COMPILER="$$(HOSTAS)" \
 		-DCMAKE_C_COMPILER="$$(CMAKE_HOST_C_COMPILER)" \
 		-DCMAKE_CXX_COMPILER="$$(CMAKE_HOST_CXX_COMPILER)" \
-		$(if $$(CMAKE_HOST_C_COMPILER_ARG1),\
-			-DCMAKE_C_COMPILER_ARG1="$$(CMAKE_HOST_C_COMPILER_ARG1)" \
-			-DCMAKE_CXX_COMPILER_ARG1="$$(CMAKE_HOST_CXX_COMPILER_ARG1)" \
+		$(if $$(CMAKE_HOST_C_COMPILER_LAUNCHER),\
+			-DCMAKE_C_COMPILER_LAUNCHER="$$(CMAKE_HOST_C_COMPILER_LAUNCHER)" \
+			-DCMAKE_CXX_COMPILER_LAUNCHER="$$(CMAKE_HOST_CXX_COMPILER_LAUNCHER)" \
 		) \
 		-DCMAKE_COLOR_MAKEFILE=OFF \
 		-DBUILD_DOC=OFF \

package/pkg-golang.mk

@@ -121,7 +121,7 @@ endif
 ifndef $(2)_INSTALL_TARGET_CMDS
 define $(2)_INSTALL_TARGET_CMDS
 	$$(foreach d,$$($(2)_INSTALL_BINS),\
-		$(INSTALL) -D -m 0755 $$(@D)/bin/$$(d) $(TARGET_DIR)/usr/bin/$$(d)
+		$(INSTALL) -D -m 0755 $$(@D)/bin/$$(d) $$(TARGET_DIR)/usr/bin/$$(d)
 	)
 endef
 endif
@@ -130,7 +130,7 @@ endif
 ifndef $(2)_INSTALL_CMDS
 define $(2)_INSTALL_CMDS
 	$$(foreach d,$$($(2)_INSTALL_BINS),\
-		$(INSTALL) -D -m 0755 $$(@D)/bin/$$(d) $(HOST_DIR)/bin/$$(d)
+		$(INSTALL) -D -m 0755 $$(@D)/bin/$$(d) $$(HOST_DIR)/bin/$$(d)
 	)
 endef
 endif

package/pkg-meson.mk

@@ -87,6 +87,7 @@ define $(2)_CONFIGURE_CMDS
 		--default-library=$(if $(BR2_STATIC_LIBS),static,shared) \
 		--buildtype=$(if $(BR2_ENABLE_DEBUG),debug,release) \
 		--cross-file=$$($$(PKG)_SRCDIR)/build/cross-compilation.conf \
+		-Dstrip=false \
 		-Dbuild.pkg_config_path=$$(HOST_DIR)/lib/pkgconfig \
 		$$($$(PKG)_CONF_OPTS) \
 		$$($$(PKG)_SRCDIR) $$($$(PKG)_SRCDIR)/build
@@ -105,6 +106,7 @@ define $(2)_CONFIGURE_CMDS
 		--localstatedir=$$(HOST_DIR)/var \
 		--default-library=shared \
 		--buildtype=release \
+		-Dstrip=true \
 		$$($$(PKG)_CONF_OPTS) \
 		$$($$(PKG)_SRCDIR) $$($$(PKG)_SRCDIR)/build
 endef

package/python-crc16/Config.in

@@ -1,6 +1,5 @@
 config BR2_PACKAGE_PYTHON_CRC16
 	bool "python-crc16"
-	depends on BR2_PACKAGE_PYTHON
 	help
 	  This library calculates only CRC16 (16-bit codes) and the
 	  only supported variant at the moment is CRC-CCITT (XModem).

package/python-lxml/python-lxml.hash

@@ -1,5 +1,5 @@
 # Locally computed
-sha256  27ee0faf8077c7c1a589573b1450743011117f1aa1a91d5ae776bbc5ca6070f2  lxml-4.5.1.tar.gz
+sha256  cd11c7e8d21af997ee8079037fff88f16fda188a9776eb4b81c7e4c9c0a7d7fc  lxml-4.6.2.tar.gz
 sha256  41d49dd406aa0e1548a6d5f21a30d6bf638b3cd96eb7289dd348d83ed2e40392  LICENSES.txt
 sha256  69edb445c1335a8312d4c09271847e9956d84f0d9f724d125340cc3fad767b2a  doc/licenses/BSD.txt
 sha256  0497ae8138811ef4466ede653bab7a59feb3d3c14f9ed50fc33a00aeb5bec32e  doc/licenses/elementtree.txt

package/python-lxml/python-lxml.mk

@@ -4,8 +4,8 @@
 #
 ################################################################################
 
-PYTHON_LXML_VERSION = 4.5.1
-PYTHON_LXML_SITE = https://files.pythonhosted.org/packages/03/a8/73d795778143be51d8b86750b371b3efcd7139987f71618ad9f4b8b65543
+PYTHON_LXML_VERSION = 4.6.2
+PYTHON_LXML_SITE = https://files.pythonhosted.org/packages/db/f7/43fecb94d66959c1e23aa53d6161231dca0e93ec500224cf31b3c4073e37
 PYTHON_LXML_SOURCE = lxml-$(PYTHON_LXML_VERSION).tar.gz
 
 # Not including the GPL, because it is used only for the test scripts.

package/python-pyparsing/Config.in

@@ -7,4 +7,4 @@ config BR2_PACKAGE_PYTHON_PYPARSING
 	  module provides a library of classes that client code uses
 	  to construct the grammar directly in Python code.
 
-	  http://pyparsing.wikispaces.com/
+	  https://github.com/pyparsing/pyparsing/

package/python-pyqt5/python-pyqt5.mk

@@ -135,7 +135,7 @@ PYTHON_PYQT5_QTDETAIL_TYPE = shared
 # Turn off features that aren't available in current qt configuration
 PYTHON_PYQT5_QTDETAIL_DISABLE_FEATURES += $(if $(BR2_PACKAGE_QT5BASE_OPENGL),,PyQt_OpenGL)
 PYTHON_PYQT5_QTDETAIL_DISABLE_FEATURES += $(if $(BR2_PACKAGE_QT5BASE_OPENGL_DESKTOP),,PyQt_Desktop_OpenGL)
-PYTHON_PYQT5_QTDETAIL_DISABLE_FEATURES += $(if $(BR2_PACKAGE_QT5BASE_OPENSSL),,PyQt_SSL)
+PYTHON_PYQT5_QTDETAIL_DISABLE_FEATURES += $(if $(BR2_PACKAGE_OPENSSL),,PyQt_SSL)
 
 define PYTHON_PYQT5_QTDETAIL
 	echo $(1) >> $(2)/qtdetail.out

package/qt5/qt5base/0005-eglfs-avoid-breaking-compilation-for-obscure-EGLNativeDisplayType-types.patch

@@ -0,0 +1,63 @@
+From 0eb7058b473069a04cde60a800dfd04148c0c8b1 Mon Sep 17 00:00:00 2001
+From: Yann E. MORIN <yann.morin.1998@free.fr>
+Date: Sat, 14 Dec 2020 21:15:17 +0100
+Subject: [PATCH] plugins/eglfs/gbm: don't FTBFS when EGLNativeDisplayType is not a pointer
+
+On some platforms, EGLNativeDisplayType is not a pointer, but some kind
+of integer, like an int (e.g. TI's SGX) or an unsigned int. In those
+cases, the build breaks with:
+
+    qeglfskmsgbmintegration.cpp: In member function ‘virtual void* QEglFSKmsGbmIntegration::createDisplay(EGLNativeDisplayType)’:
+    qeglfskmsgbmintegration.cpp:83:60: error: invalid conversion from ‘EGLNativeDisplayType’ {aka ‘int’} to ‘void*’ [-fpermissive]
+       83 |         display = getPlatformDisplay(EGL_PLATFORM_GBM_KHR, nativeDisplay, nullptr);
+          |                                                            ^~~~~~~~~~~~~
+          |                                                            |
+          |                                                            EGLNativeDisplayType {aka int}
+
+We fix that by casting nativeDisplay to void* as expected by
+getPlatformDisplay().
+
+We can do that, because usually, nativeDisplay is already a pointer, and
+thus this cast is a no-op. When it is not already a pointer, we either
+don't care because the code path will not be taken at runtime, or the
+integer really is an opaque handle to some internal, low-level memory
+management, much like a void* is an pointer to an opaque memory type...
+
+It is to be noted, though, that in some ABIs (like x32), the size of a
+nativeDisplay that is not already a pointer, might be bigger than that
+of a pointer. There is not much we can do here anyway, since there would
+be no way to fit that in a void* to begin with, and the build will still
+fail for those situations. Those types of ABIs are far frome being
+widespread, the most prominent one, x32, even being retired...
+
+To be noted further: a more usual solution (as suggested in QTBUG-72567
+or in Gerrit:248270) would be to first cast to a qintptr or a quintptr,
+before finally casting to a void*. However, casting to either (resp.)
+qintptr or quintptr first, risk the case that nativeDisplay is of the other
+kind of signedness, (resp.) unsigned or signed, which would also cause
+some compile-time breakage.
+
+Finally, if nativeDisplay is something that is not an int-like, and that
+can't be cast into a void*, this would be hugely weird, so much so, that
+we do not even attempt to catter for that case.
+
+Fixes: QTBUG-72567
+Inspired-by: https://codereview.qt-project.org/c/qt/qtbase/+/248270
+Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
+---
+
+diff --git a/src/plugins/platforms/eglfs/deviceintegration/eglfs_kms/qeglfskmsgbmintegration.cpp b/src/plugins/platforms/eglfs/deviceintegration/eglfs_kms/qeglfskmsgbmintegration.cpp
+index d495a8d..059a580 100644
+--- a/src/plugins/platforms/eglfs/deviceintegration/eglfs_kms/qeglfskmsgbmintegration.cpp
++++ b/src/plugins/platforms/eglfs/deviceintegration/eglfs_kms/qeglfskmsgbmintegration.cpp
+@@ -80,7 +80,9 @@
+     }
+ 
+     if (getPlatformDisplay) {
+-        display = getPlatformDisplay(EGL_PLATFORM_GBM_KHR, nativeDisplay, nullptr);
++        // EGLNativeDisplayType may be int on some platforms but those
++        // won't hit this path. Have to keep it compiling nonetheless.
++        display = getPlatformDisplay(EGL_PLATFORM_GBM_KHR, reinterpret_cast<void *>(nativeDisplay), nullptr);
+     } else {
+         qCDebug(qLcEglfsKmsDebug, "No eglGetPlatformDisplay for GBM, falling back to eglGetDisplay");
+         display = eglGetDisplay(nativeDisplay);

package/rauc/0001-src-mount.c-fix-build-with-kernel-4.14.patch

@@ -0,0 +1,43 @@
+From f73eefdbc0577b125f7d36f54a27d8e95af831dd Mon Sep 17 00:00:00 2001
+From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+Date: Tue, 22 Dec 2020 11:52:31 +0100
+Subject: [PATCH] src/mount.c: fix build with kernel < 4.14
+
+Build with kernel headers < 4.14 fails since version 1.5.0 and
+https://github.com/rauc/rauc/commit/527bf2f7f746e0253f7843542e19cb0fa0c7c869:
+
+src/mount.c: In function 'r_setup_loop':
+src/mount.c:201:25: error: 'LOOP_SET_BLOCK_SIZE' undeclared (first use in this function)
+  looprc = ioctl(loopfd, LOOP_SET_BLOCK_SIZE, 4096);
+                         ^
+
+Indeed, LOOP_SET_BLOCK_SIZE is only defined since
+https://github.com/torvalds/linux/commit/89e4fdecb51cf5535867026274bc97de9480ade5
+
+Fixes:
+ - http://autobuild.buildroot.org/results/829ae7ed66686c11a941ac99bd08a06f754affb4
+
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+[Upstream status: https://github.com/rauc/rauc/pull/673]
+---
+ src/mount.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/src/mount.c b/src/mount.c
+index 2e593ca..75acf49 100644
+--- a/src/mount.c
++++ b/src/mount.c
+@@ -11,6 +11,10 @@
+ #include "mount.h"
+ #include "utils.h"
+ 
++#ifndef LOOP_SET_BLOCK_SIZE
++#define LOOP_SET_BLOCK_SIZE 0x4C09
++#endif
++
+ gboolean r_mount_bundle(const gchar *source, const gchar *mountpoint, GError **error)
+ {
+ 	const unsigned long flags = MS_NODEV | MS_NOSUID | MS_RDONLY;
+-- 
+2.29.2
+

package/rauc/rauc.hash

@@ -1,4 +1,4 @@
 # Locally calculated, after verifying against
-# https://github.com/rauc/rauc/releases/download/v1.4/rauc-1.4.tar.xz.asc
-sha256  85aabf214cd93a37f7ad0b3aaad89eb94facf0f3ebf6e2edca945acbca9b0967  rauc-1.4.tar.xz
+# https://github.com/rauc/rauc/releases/download/v1.5/rauc-1.5.tar.xz.asc
+sha256  5dfbc46e808240c5014d318cfe64f0431307c37aa79cb2b013caa12daaf96d9d  rauc-1.5.tar.xz
 sha256  dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551  COPYING

package/rauc/rauc.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-RAUC_VERSION = 1.4
+RAUC_VERSION = 1.5
 RAUC_SITE = https://github.com/rauc/rauc/releases/download/v$(RAUC_VERSION)
 RAUC_SOURCE = rauc-$(RAUC_VERSION).tar.xz
 RAUC_LICENSE = LGPL-2.1

package/shadowsocks-libev/0001-configure.ac-use-pkg-config-to-find-netfilter_conntr.patch

@@ -0,0 +1,62 @@
+From b3c61360a93b7f08fc9c33526056211408301ea9 Mon Sep 17 00:00:00 2001
+From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+Date: Mon, 23 Nov 2020 21:16:38 +0100
+Subject: [PATCH] configure.ac: use pkg-config to find netfilter_conntrack
+
+Use pkg-config to retrieve the dependencies of netfilter_conntrack
+and avoid the following build failure when building statically:
+
+configure:13096: /data/buildroot-test/instance-1/output-1/host/bin/x86_64-linux-gcc -o conftest -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64  -Os   -static -I/data/buildroot-test/instance-1/output-1/host/x86_64-buildroot-linux-uclibc/sysroot/usr/include -DPCRE_STATIC -pthread -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64  -static -L/data/buildroot-test/instance-1/output-1/host/x86_64-buildroot-linux-uclibc/sysroot/usr/lib conftest.c -lnetfilter_conntrack -lnfnetlink -lev  -lcares -lsodium -lmbedcrypto -lpcre  >&5
+/data/buildroot-test/instance-1/output-1/host/opt/ext-toolchain/bin/../lib/gcc/x86_64-buildroot-linux-uclibc/8.3.0/../../../../x86_64-buildroot-linux-uclibc/bin/ld: /data/buildroot-test/instance-1/output-1/host/x86_64-buildroot-linux-uclibc/sysroot/usr/lib/libnetfilter_conntrack.a(api.o): in function `nfct_fill_hdr.constprop.4':
+api.c:(.text+0x3f): undefined reference to `mnl_nlmsg_put_header'
+
+Fixes:
+ - http://autobuild.buildroot.org/results/6cad497a7ab941a0ee3fd7007defc81e30cdcbe0
+
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+[Upstream status:
+https://github.com/shadowsocks/shadowsocks-libev/pull/2773]
+---
+ configure.ac    | 5 +++--
+ src/Makefile.am | 2 +-
+ 2 files changed, 4 insertions(+), 3 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index 9787bc2..207c041 100755
+--- a/configure.ac
++++ b/configure.ac
+@@ -252,7 +252,8 @@ AC_ARG_ENABLE(connmarktos,
+ if test x"$enable_connmarktos" = "xyes" ; then
+ 	AC_MSG_NOTICE([Linux Netfilter Conntrack support requested by --enable-connmarktos: ${enable_connmarktos}])
+ 	if test "x$enable_connmarktos" != "xno"; then
+-	    AC_SEARCH_LIBS([nfct_query], [netfilter_conntrack],,[
++	    PKG_CHECK_MODULES([NETFILTER_CONNTRACK], [libnetfilter_conntrack],,
++	    [AC_SEARCH_LIBS([nfct_query], [netfilter_conntrack],,[
+ 	        if test x"$enable_connmarktos" = "xyes"; then
+ 	            AC_MSG_ERROR([--enable-connmarktos specified but libnetfilter-conntrack library not found])
+ 	        fi
+@@ -262,7 +263,7 @@ if test x"$enable_connmarktos" = "xyes" ; then
+ 	        if test x"$enable_connmarktos" = "xyes"; then
+ 	            AC_MSG_ERROR([--enable-connmarktos specified but libnetfilter-conntrack headers not found])
+ 	        fi
+-	        with_netfilter_conntrack=no])
++	        with_netfilter_conntrack=no])])
+ 	  # If nothing is broken; enable the libraries usage.
+ 	  if test "x$with_netfilter_conntrack" != "xno"; then
+ 		with_netfilter_conntrack=yes
+diff --git a/src/Makefile.am b/src/Makefile.am
+index c261ed0..b81ced7 100644
+--- a/src/Makefile.am
++++ b/src/Makefile.am
+@@ -9,7 +9,7 @@ AM_CFLAGS += -I$(top_srcdir)/libcork/include
+ endif
+ AM_CFLAGS += $(LIBPCRE_CFLAGS)
+ 
+-SS_COMMON_LIBS = $(INET_NTOP_LIB) $(LIBPCRE_LIBS)
++SS_COMMON_LIBS = $(INET_NTOP_LIB) $(LIBPCRE_LIBS) $(NETFILTER_CONNTRACK_LIBS)
+ if !USE_SYSTEM_SHARED_LIB
+ SS_COMMON_LIBS += $(top_builddir)/libbloom/libbloom.la \
+                   $(top_builddir)/libipset/libipset.la \
+-- 
+2.29.2
+

package/shadowsocks-libev/shadowsocks-libev.mk

@@ -10,6 +10,8 @@ SHADOWSOCKS_LIBEV_LICENSE = GPL-3.0+, BSD-2-Clause (libbloom), BSD-3-Clause (lib
 SHADOWSOCKS_LIBEV_LICENSE_FILES = COPYING libbloom/LICENSE libcork/COPYING
 SHADOWSOCKS_LIBEV_DEPENDENCIES = host-pkgconf c-ares libev libsodium mbedtls pcre
 SHADOWSOCKS_LIBEV_INSTALL_STAGING = YES
+# We're patching configure.ac
+SHADOWSOCKS_LIBEV_AUTORECONF = YES
 SHADOWSOCKS_LIBEV_CONF_OPTS = \
 	--with-pcre=$(STAGING_DIR)/usr \
 	--disable-ssp

package/sqlcipher/sqlcipher.hash

@@ -1,3 +1,3 @@
 # locally computed
-sha256  fccb37e440ada898902b294d02cde7af9e8706b185d77ed9f6f4d5b18b4c305f  sqlcipher-4.3.0.tar.gz
+sha256  87458e0e16594b3ba6c7a1f046bc1ba783d002d35e0e7b61bb6b7bb862f362a7  sqlcipher-4.4.2.tar.gz
 sha256  3eee3c7964a9becc94d747bd36703d31fc86eb994680b06a61bfd4f2661eaac8  LICENSE

package/sqlcipher/sqlcipher.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-SQLCIPHER_VERSION = 4.3.0
+SQLCIPHER_VERSION = 4.4.2
 SQLCIPHER_SITE = $(call github,sqlcipher,sqlcipher,v$(SQLCIPHER_VERSION))
 SQLCIPHER_LICENSE = BSD-3-Clause
 SQLCIPHER_LICENSE_FILES = LICENSE

package/suricata/suricata.hash

@@ -1,5 +1,5 @@
 # Locally computed:
-sha256  3c175a6dee9071141391f64828502cfb6e48dc1a20833e1411fb45be5368923b  suricata-6.0.0.tar.gz
+sha256  e7a1798fe59c1d213f752feefbf8bb54168f9fa56235cf3380347c696ecdb1ae  suricata-6.0.1.tar.gz
 
 # Hash for license files:
 sha256  8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643  COPYING

package/suricata/suricata.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-SURICATA_VERSION = 6.0.0
+SURICATA_VERSION = 6.0.1
 SURICATA_SITE = https://www.openinfosecfoundation.org/download
 SURICATA_LICENSE = GPL-2.0
 SURICATA_LICENSE_FILES = COPYING LICENSE

package/ti-sgx-demos/ti-sgx-demos.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-# This correpsonds to SDK 06.00.00.07 plus one pull request
+# This corresponds to SDK 06.00.00.07 plus one pull request
 TI_SGX_DEMOS_VERSION = bb8b74cdd1323e76697b3eb2258f863b15fee287
 TI_SGX_DEMOS_SITE = http://git.ti.com/git/graphics/img-pvr-sdk.git
 TI_SGX_DEMOS_SITE_METHOD = git
@@ -12,7 +12,7 @@ TI_SGX_DEMOS_LICENSE = Imagination Technologies License Agreement
 TI_SGX_DEMOS_LICENSE_FILES = LegalNotice.txt
 
 define TI_SGX_DEMOS_INSTALL_TARGET_CMDS
-	cp -dpfr $(@D)/targetfs/arm/Examples/Advanced/Wayland/OGLES* \
+	cp -dpfr $(@D)/targetfs/arm/Examples/Advanced/NullWS/OGLES* \
 		$(TARGET_DIR)/usr/bin/
 endef
 

package/ti-sgx-km/ti-sgx-km.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-# This correpsonds to SDK 06.00.00.07
+# This corresponds to SDK 06.00.00.07
 TI_SGX_KM_VERSION = 4519ed3b83d1d72207ddc2874c7eb5e5a7f20d8d
 TI_SGX_KM_SITE = http://git.ti.com/git/graphics/omap5-sgx-ddk-linux.git
 TI_SGX_KM_SITE_METHOD = git

package/ti-sgx-um/ti-sgx-um.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-# This correpsonds to SDK 06.00.00.07 plus one pull request
+# This corresponds to SDK 06.00.00.07 plus one pull request
 TI_SGX_UM_VERSION = 2a2e5bb090ced870d73ed4edbc54793e952cc6d8
 TI_SGX_UM_SITE = http://git.ti.com/git/graphics/omap5-sgx-ddk-um-linux.git
 TI_SGX_UM_SITE_METHOD = git

package/tinycbor/0001-Enable-build-for-different-c-libraries.patch

@@ -0,0 +1,39 @@
+From 085ca40781f7c39febe6d14fb7e5cba342e1804b Mon Sep 17 00:00:00 2001
+From: Ricardo Crudo <ricardo.crudo@gmail.com>
+Date: Sat, 30 May 2020 22:03:01 +0200
+Subject: [PATCH] Enable build for different c libraries
+
+The open_memstream.c was using GLIBC macro definition to test if the
+library is building on a Linux box. This makes impossible to build
+tinycbor against other C libraries, as musl for example.
+
+Signed-off-by: Ricardo Crudo <ricardo.crudo@gmail.com>
+[Retrieved from:
+https://github.com/intel/tinycbor/commit/085ca40781f7c39febe6d14fb7e5cba342e1804b]
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+---
+ src/open_memstream.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/open_memstream.c b/src/open_memstream.c
+index 18f3de8..3365378 100644
+--- a/src/open_memstream.c
++++ b/src/open_memstream.c
+@@ -38,7 +38,7 @@
+ #ifdef __APPLE__
+ typedef int RetType;
+ typedef int LenType;
+-#elif __GLIBC__
++#elif __linux__
+ typedef ssize_t RetType;
+ typedef size_t LenType;
+ #else
+@@ -101,7 +101,7 @@ FILE *open_memstream(char **bufptr, size_t *lenptr)
+ 
+ #ifdef __APPLE__
+     return funopen(b, NULL, write_to_buffer, NULL, close_buffer);
+-#elif __GLIBC__
++#elif __linux__
+     static const cookie_io_functions_t vtable = {
+         NULL,
+         write_to_buffer,

package/uclibc-ng-test/0001-add-nios2-tls-macros-from-glibc.patch

@@ -0,0 +1,84 @@
+From bf6fcd59d1ff51584a703b1d78c9e8fd4f808917 Mon Sep 17 00:00:00 2001
+From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+Date: Sat, 28 Nov 2020 11:44:00 +0100
+Subject: [PATCH] add nios2 tls macros from glibc
+
+Retrieved from
+https://github.com/bminor/glibc/blob/master/sysdeps/nios2/tls-macros.h
+
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+[Retrieved from:
+https://github.com/wbx-github/uclibc-ng-test/commit/bf6fcd59d1ff51584a703b1d78c9e8fd4f808917]
+---
+ test/tls/tls-macros-nios2.h | 46 +++++++++++++++++++++++++++++++++++++
+ test/tls/tls-macros.h       |  4 ++++
+ 2 files changed, 50 insertions(+)
+ create mode 100644 test/tls/tls-macros-nios2.h
+
+diff --git a/test/tls/tls-macros-nios2.h b/test/tls/tls-macros-nios2.h
+new file mode 100644
+index 0000000..7029530
+--- /dev/null
++++ b/test/tls/tls-macros-nios2.h
+@@ -0,0 +1,46 @@
++#define TLS_LE(x)					\
++  ({ int *__result;					\
++     asm ("addi %0, r23, %%tls_le(" #x ")"		\
++	  : "=r" (__result));		                \
++     __result; })
++
++#define TLS_IE(x)					\
++  ({ int *__result;					\
++     int __tmp;                                         \
++     asm ("nextpc %0 ; "                                \
++          "1: movhi %1, %%hiadj(_gp_got - 1b) ; "	\
++          "addi %1, %1, %%lo(_gp_got - 1b) ; "		\
++          "add %0, %0, %1 ; "                           \
++          "ldw %1, %%tls_ie(" #x ")(%0) ; "        	\
++	  "add %1, r23, %1"              		\
++          : "=&r" (__tmp), "=&r" (__result));           \
++     __result; })
++
++#define TLS_LD(x)					\
++  ({ char *__result;					\
++     char *__result2;                                   \
++     int *__result3;                                    \
++     int __tmp;                                         \
++     extern void *__tls_get_addr (void *);		\
++     asm ("nextpc %0 ; "                                \
++          "1: movhi %1, %%hiadj(_gp_got - 1b) ; "	\
++          "addi %1, %1, %%lo(_gp_got - 1b) ; "		\
++          "add %0, %0, %1 ; "                           \
++          "addi %0, %0, %%tls_ldm(" #x ")"              \
++          : "=r" (__result), "=r" (__tmp));             \
++     __result2 = (char *)__tls_get_addr (__result);	\
++     asm ("addi %0, %1, %%tls_ldo(" #x ")"              \
++	  : "=r" (__result3) : "r" (__result2));        \
++     __result3; })
++
++#define TLS_GD(x)					\
++  ({ int *__result;					\
++     int __tmp;                                         \
++     extern void *__tls_get_addr (void *);		\
++     asm ("nextpc %0 ; "                                \
++          "1: movhi %1, %%hiadj(_gp_got - 1b) ; "	\
++          "addi %1, %1, %%lo(_gp_got - 1b) ; "		\
++          "add %0, %0, %1 ; "                           \
++          "addi %0, %0, %%tls_gd(" #x ")"		\
++	  : "=r" (__result), "=r" (__tmp));		\
++     (int *)__tls_get_addr (__result); })
+diff --git a/test/tls/tls-macros.h b/test/tls/tls-macros.h
+index 4a4e916..087b365 100644
+--- a/test/tls/tls-macros.h
++++ b/test/tls/tls-macros.h
+@@ -64,6 +64,10 @@
+ #include <tls-macros-mips.h>
+ #endif
+ 
++#ifdef __nios2__
++#include <tls-macros-nios2.h>
++#endif
++
+ #if defined(__powerpc__) && !defined(__powerpc64__)
+ #include <tls-macros-powerpc.h>
+ #endif

package/uclibc-ng-test/uclibc-ng-test.hash

@@ -0,0 +1,3 @@
+# Locally computed
+sha256  1f22e4143413550d64cbde193de388e8884eb7398cd41d3835e5d8a06a488423  uclibc-ng-test-c64d6ac77f0e745c70e76024212c72e4bbe2091a.tar.gz
+sha256  6095e9ffa777dd22839f7801aa845b31c9ed07f3d6bf8a26dc5d2dec8ccc0ef3  COPYING.LIB

package/unbound/unbound.hash

@@ -1,3 +1,5 @@
+# From https://nlnetlabs.nl/downloads/unbound/unbound-1.13.0.tar.gz.sha256
+sha256  a954043a95b0326ca4037e50dace1f3a207a0a19e9a4a22f4c6718fc623db2a1  unbound-1.13.0.tar.gz
+
 # Locally calculated
-sha256 5b9253a97812f24419bf2e6b3ad28c69287261cf8c8fa79e3e9f6d3bf7ef5835  unbound-1.12.0.tar.gz
-sha256 8eb9a16cbfb8703090bbfa3a2028fd46bb351509a2f90dc1001e51fbe6fd45db  LICENSE
+sha256  8eb9a16cbfb8703090bbfa3a2028fd46bb351509a2f90dc1001e51fbe6fd45db  LICENSE

package/unbound/unbound.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-UNBOUND_VERSION = 1.12.0
+UNBOUND_VERSION = 1.13.0
 UNBOUND_SITE = https://www.unbound.net/downloads
 UNBOUND_DEPENDENCIES = host-pkgconf expat libevent openssl
 UNBOUND_LICENSE = BSD-3-Clause

package/uvw/uvw.hash

@@ -1,3 +1,3 @@
 # Locally calculated
-sha256  2695276bb4b154174ac0a6401bde5c0768bca99a43c9a469af67526f7e2e9410  uvw-2.6.0_libuv-v1.38.tar.gz
+sha256  aa5769f5b9ba50de72ab02a8f8acf298b4aa9ceaef07992418a13a0fa119ce7d  uvw-2.8.0_libuv_v1.40.tar.gz
 sha256  755b2f245af22830c15b60c54469c0d92fbed42009b0d0074cec4b3959905757  LICENSE

package/uvw/uvw.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-UVW_VERSION = 2.6.0_libuv-v1.38
+UVW_VERSION = 2.8.0_libuv_v1.40
 UVW_SITE = $(call github,skypjack,uvw,v$(UVW_VERSION))
 UVW_INSTALL_STAGING = YES
 UVW_INSTALL_TARGET = NO