aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--.gitlab-ci.yml4
-rw-r--r--.gitlab-ci.yml.in2
-rw-r--r--CHANGES67
-rw-r--r--DEVELOPERS15
-rw-r--r--Makefile18
-rw-r--r--board/qemu/ppc64le-pseries/readme.txt4
-rw-r--r--boot/uboot/uboot.mk9
-rw-r--r--configs/bananapi_m1_defconfig1
-rw-r--r--configs/bananapi_m2_plus_defconfig1
-rw-r--r--configs/linksprite_pcduino_defconfig1
-rw-r--r--configs/orangepi_lite_defconfig1
-rw-r--r--configs/orangepi_one_defconfig1
-rw-r--r--configs/orangepi_pc_defconfig1
-rw-r--r--configs/orangepi_pc_plus_defconfig1
-rw-r--r--configs/orangepi_zero_defconfig1
-rw-r--r--configs/qemu_x86_64_defconfig4
-rw-r--r--docs/manual/adding-packages-cargo.txt4
-rw-r--r--docs/manual/using-buildroot-toolchain.txt18
-rw-r--r--docs/website/docs.html12
-rw-r--r--docs/website/download.html40
-rw-r--r--docs/website/index.html2
-rw-r--r--docs/website/js/buildroot.js2
-rw-r--r--docs/website/news.html66
-rwxr-xr-xfs/cpio/init2
-rw-r--r--linux/Config.in2
-rw-r--r--package/asterisk/asterisk.hash2
-rw-r--r--package/asterisk/asterisk.mk4
-rw-r--r--package/azmq/Config.in6
-rw-r--r--package/bluez5_utils/bluez5_utils.mk2
-rw-r--r--package/cargo-bin/cargo-bin.mk2
-rw-r--r--package/cargo/cargo.mk2
-rw-r--r--package/cargo/config.in2
-rw-r--r--package/clamav/clamav.hash2
-rw-r--r--package/clamav/clamav.mk2
-rw-r--r--package/dash/0002-histedit-fix-build-with-musl-libc.patch35
-rw-r--r--package/dash/dash.mk3
-rw-r--r--package/dhcp/0003-Correct-buffer-overrun-in-pretty_print_option.patch59
-rw-r--r--package/dhcp/0004-Corrected-refcnt-loss-in-option-parsing.patch40
-rw-r--r--package/dnsmasq/0001-DNSSEC-fix-for-wildcard-NSEC-records.-CVE-2017-15107.patch212
-rw-r--r--package/dnsmasq/0002-Fix-DNSSEC-validation-errors-introduced-in-4fe6744a2.patch29
-rw-r--r--package/domoticz/Config.in8
-rw-r--r--package/dovecot/0002-lib-auth-Fix-memory-leak-in-auth_client_request_abor.patch33
-rw-r--r--package/dovecot/dovecot.hash2
-rw-r--r--package/dovecot/dovecot.mk2
-rw-r--r--package/dropbear/Config.in2
-rw-r--r--package/dropbear/dropbear.mk2
-rw-r--r--package/e2fsprogs/0001-libext2fs-fix-build-failure-in-swapfs.c-on-big-endia.patch41
-rw-r--r--package/e2fsprogs/e2fsprogs.hash4
-rw-r--r--package/e2fsprogs/e2fsprogs.mk2
-rw-r--r--package/efl/efl.hash8
-rw-r--r--package/efl/efl.mk3
-rw-r--r--package/erlang/Config.in7
-rw-r--r--package/exim/0005-Fix-base64d-buffer-size-CVE-2018-6789.patch37
-rw-r--r--package/ffmpeg/0002-ffmpeg-pthreads.patch34
-rw-r--r--package/gconf/Config.in6
-rw-r--r--package/gpsd/Config.in2
-rw-r--r--package/jq/jq.mk6
-rw-r--r--package/keepalived/0001-Fix-build-with-Linux-kernel-headers-v4.15.patch59
-rw-r--r--package/libcpprestsdk/0004-libcpprestsdk-fix-building-as-a-static-library.patch38
-rw-r--r--package/libcpprestsdk/libcpprestsdk.mk2
-rw-r--r--package/libglib2/libglib2.mk2
-rw-r--r--package/libgpiod/libgpiod.hash2
-rw-r--r--package/libmaxminddb/0001-Add-disable-binaries.patch53
-rw-r--r--package/libmaxminddb/libmaxminddb.mk7
-rw-r--r--package/librsvg/librsvg.hash4
-rw-r--r--package/librsvg/librsvg.mk2
-rw-r--r--package/libtasn1/libtasn1.hash6
-rw-r--r--package/libtasn1/libtasn1.mk2
-rw-r--r--package/libv4l/0002-keytable-fix-EVIOCSCLOCKID-related-compile-failure.patch35
-rw-r--r--package/libv4l/0003-libdvbv5-add-optional-copy-of-TEMP_FAILURE_RETRY-mac.patch39
-rw-r--r--package/libvorbis/0001-CVE-2017-14633-Don-t-allow-for-more-than-256-channel.patch36
-rw-r--r--package/libvorbis/0002-CVE-2017-14632-vorbis_analysis_header_out-Don-t-clea.patch56
-rw-r--r--package/libxml2/0001-CVE-2017-8872.patch33
-rw-r--r--package/lightning/lightning.hash3
-rw-r--r--package/lightning/lightning.mk2
-rw-r--r--package/linux-headers/Config.in.host10
-rw-r--r--package/ltp-testsuite/ltp-testsuite.mk7
-rw-r--r--package/mariadb/mariadb.hash4
-rw-r--r--package/mariadb/mariadb.mk2
-rw-r--r--package/mbedtls/0001-dhm-Fix-typo-in-RFC-5114-constants.patch33
-rw-r--r--package/mbedtls/mbedtls.hash6
-rw-r--r--package/mbedtls/mbedtls.mk2
-rw-r--r--package/mesa3d-demos/mesa3d-demos.mk1
-rw-r--r--package/mesa3d-headers/mesa3d-headers.mk2
-rw-r--r--package/mesa3d/mesa3d.hash10
-rw-r--r--package/mesa3d/mesa3d.mk2
-rw-r--r--package/mono/Config.in6
-rw-r--r--package/mosquitto/0001-websockets.c-unbreak-build-without-TLS.patch49
-rw-r--r--package/mosquitto/mosquitto.hash4
-rw-r--r--package/mosquitto/mosquitto.mk2
-rw-r--r--package/mpv/mpv.hash2
-rw-r--r--package/mpv/mpv.mk5
-rw-r--r--package/mtools/Config.in.host8
-rw-r--r--package/nftables/0001-src-fix-build-with-older-glibc.patch38
-rw-r--r--package/omap-u-boot-utils/Config.in.host4
-rw-r--r--package/open-lldp/0004-fixed-unknown-type-pid_t.patch41
-rw-r--r--package/patch/0001-Fix-segfault-with-mangled-rename-patch.patch33
-rw-r--r--package/patch/patch.hash4
-rw-r--r--package/patch/patch.mk2
-rw-r--r--package/pcre2/0001-fix-heapframe-alignment.patch49
-rw-r--r--package/php/0008-ext-sockets-make-AI_IDN-usage-optional.patch55
-rw-r--r--package/php/0009-main-php_ini.c-build-empty-php_load_zend_extension_c.patch62
-rw-r--r--package/php/Config.in4
-rw-r--r--package/php/php.hash2
-rw-r--r--package/php/php.mk7
-rw-r--r--package/pkgconf/Config.in.host9
-rw-r--r--package/postgresql/postgresql.hash6
-rw-r--r--package/postgresql/postgresql.mk2
-rw-r--r--package/pure-ftpd/Config.in4
-rw-r--r--package/pwgen/Config.in.host4
-rw-r--r--package/python-crossbar/Config.in1
-rw-r--r--package/qemu/Config.in.host3
-rw-r--r--package/qt/Config.in2
-rw-r--r--package/qt5/qt5.mk4
-rw-r--r--package/qt5/qt53d/qt53d.hash4
-rw-r--r--package/qt5/qt53d/qt53d.mk2
-rw-r--r--package/qt5/qt5base/qt5base.hash4
-rw-r--r--package/qt5/qt5canvas3d/qt5canvas3d.hash4
-rw-r--r--package/qt5/qt5charts/qt5charts.hash4
-rw-r--r--package/qt5/qt5connectivity/5.9.3/0001-Example-heartrate-server-needs-only-core-and-bluetoo.patch32
-rw-r--r--package/qt5/qt5connectivity/qt5connectivity.hash4
-rw-r--r--package/qt5/qt5declarative/qt5declarative.hash4
-rw-r--r--package/qt5/qt5enginio/qt5enginio.hash4
-rw-r--r--package/qt5/qt5enginio/qt5enginio.mk2
-rw-r--r--package/qt5/qt5graphicaleffects/qt5graphicaleffects.hash4
-rw-r--r--package/qt5/qt5imageformats/qt5imageformats.hash4
-rw-r--r--package/qt5/qt5location/qt5location.hash4
-rw-r--r--package/qt5/qt5multimedia/qt5multimedia.hash4
-rw-r--r--package/qt5/qt5multimedia/qt5multimedia.mk9
-rw-r--r--package/qt5/qt5quickcontrols/qt5quickcontrols.hash4
-rw-r--r--package/qt5/qt5quickcontrols2/5.9.3/0001-Example-flatstyle-needs-widgets-module.patch31
-rw-r--r--package/qt5/qt5quickcontrols2/qt5quickcontrols2.hash4
-rw-r--r--package/qt5/qt5script/qt5script.hash4
-rw-r--r--package/qt5/qt5scxml/qt5scxml.hash4
-rw-r--r--package/qt5/qt5sensors/qt5sensors.hash4
-rw-r--r--package/qt5/qt5serialbus/qt5serialbus.hash4
-rw-r--r--package/qt5/qt5serialport/qt5serialport.hash4
-rw-r--r--package/qt5/qt5svg/qt5svg.hash4
-rw-r--r--package/qt5/qt5tools/qt5tools.hash4
-rw-r--r--package/qt5/qt5tools/qt5tools.mk2
-rw-r--r--package/qt5/qt5virtualkeyboard/qt5virtualkeyboard.hash4
-rw-r--r--package/qt5/qt5wayland/qt5wayland.hash4
-rw-r--r--package/qt5/qt5wayland/qt5wayland.mk7
-rw-r--r--package/qt5/qt5webchannel/qt5webchannel.hash4
-rw-r--r--package/qt5/qt5webengine/5.9.3/0002-Load-libEGL-and-libGLES2-symbols-implicitly.patch89
-rw-r--r--package/qt5/qt5webengine/Config.in10
-rw-r--r--package/qt5/qt5webengine/qt5webengine.hash4
-rw-r--r--package/qt5/qt5webengine/qt5webengine.mk8
-rw-r--r--package/qt5/qt5webkit-examples/qt5webkit-examples.hash4
-rw-r--r--package/qt5/qt5webkit-examples/qt5webkit-examples.mk4
-rw-r--r--package/qt5/qt5webkit/qt5webkit.hash4
-rw-r--r--package/qt5/qt5webkit/qt5webkit.mk13
-rw-r--r--package/qt5/qt5websockets/qt5websockets.hash4
-rw-r--r--package/qt5/qt5x11extras/qt5x11extras.hash4
-rw-r--r--package/qt5/qt5xmlpatterns/qt5xmlpatterns.hash4
-rw-r--r--package/quagga/0005-bgpd-security-invalid-attr-length-sends-NOTIFY-with-.patch69
-rw-r--r--package/quagga/0006-bgpd-security-Fix-double-free-of-unknown-attribute.patch112
-rw-r--r--package/quagga/0007-bgpd-security-debug-print-of-received-NOTIFY-data-ca.patch114
-rw-r--r--package/quagga/0008-bgpd-security-fix-infinite-loop-on-certain-invalid-O.patch43
-rw-r--r--package/rsync/0001-Check-fname-in-recv_files-sooner.patch45
-rw-r--r--package/rsync/0002-Sanitize-xname-in-read_ndx_and_attrs.patch39
-rw-r--r--package/rsync/0003-Check-daemon-filter-against-fnamecmp-in-recv_files.patch28
-rw-r--r--package/rsync/0004-Enforce-trailing-0-when-receiving-xattr-name-values.patch33
-rw-r--r--package/rsync/rsync.hash5
-rw-r--r--package/rsync/rsync.mk2
-rw-r--r--package/rust-bin/rust-bin.mk16
-rw-r--r--package/rust/rust.mk4
-rw-r--r--package/rustc/Config.in.host6
-rw-r--r--package/rustc/rustc.mk4
-rw-r--r--package/sdl2/sdl2.mk2
-rw-r--r--package/skeleton-init-systemd/skeleton-init-systemd.mk17
-rw-r--r--package/systemd/0002-install-don-t-use-ln-relative.patch22
-rw-r--r--package/systemd/Config.in1
-rw-r--r--package/systemd/systemd.hash2
-rw-r--r--package/systemd/systemd.mk16
-rw-r--r--package/tegrarcm/Config.in.host4
-rw-r--r--package/tor/tor.hash2
-rw-r--r--package/tor/tor.mk2
-rw-r--r--package/tvheadend/Config.in2
-rw-r--r--package/wavpack/0002-issue-27-do-not-overwrite-stack-on-corrupt-RF64-file.patch118
-rw-r--r--package/wavpack/0003-issue-28-do-not-overwrite-heap-on-corrupt-DSDIFF-fil.patch38
-rw-r--r--package/wavpack/0004-issue-28-fix-buffer-overflows-and-bad-allocs-on-corr.patch72
-rw-r--r--package/wireguard/wireguard.hash4
-rw-r--r--package/wireguard/wireguard.mk2
-rw-r--r--package/zic/zic.hash4
-rw-r--r--package/zic/zic.mk2
-rw-r--r--package/zlib/Config.in8
-rwxr-xr-xsupport/dependencies/check-host-tar.sh33
-rw-r--r--support/dependencies/dependencies.mk5
-rwxr-xr-xsupport/dependencies/dependencies.sh15
-rw-r--r--support/docker/Dockerfile2
-rw-r--r--support/misc/Vagrantfile2
-rwxr-xr-xsupport/scripts/check-bin-arch8
-rwxr-xr-xsupport/scripts/check-uniq-files2
-rw-r--r--support/testing/tests/init/test_systemd.py12
-rw-r--r--support/testing/tests/package/test_rust.py18
-rwxr-xr-xutils/genrandconfig3
-rwxr-xr-xutils/scanpypi2
198 files changed, 2350 insertions, 667 deletions
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index b4be44843c..30c8ff920b 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -4,7 +4,7 @@
# It needs to be regenerated every time a defconfig is added, using
# "make .gitlab-ci.yml".
-image: buildroot/base
+image: buildroot/base:20180205.0730
.defconfig_script: &defconfig_script
- echo 'Configure Buildroot'
@@ -286,6 +286,8 @@ tests.package.test_python.TestPython2: *runtime_test
tests.package.test_python.TestPython3: *runtime_test
tests.package.test_python_cryptography.TestPythonPy2Cryptography: *runtime_test
tests.package.test_python_cryptography.TestPythonPy3Cryptography: *runtime_test
+tests.package.test_rust.TestRust: *runtime_test
+tests.package.test_rust.TestRustBin: *runtime_test
tests.toolchain.test_external.TestExternalToolchainBuildrootMusl: *runtime_test
tests.toolchain.test_external.TestExternalToolchainBuildrootuClibc: *runtime_test
tests.toolchain.test_external.TestExternalToolchainCCache: *runtime_test
diff --git a/.gitlab-ci.yml.in b/.gitlab-ci.yml.in
index f763fdd454..cb3eb715f2 100644
--- a/.gitlab-ci.yml.in
+++ b/.gitlab-ci.yml.in
@@ -4,7 +4,7 @@
# It needs to be regenerated every time a defconfig is added, using
# "make .gitlab-ci.yml".
-image: buildroot/base
+image: buildroot/base:20180205.0730
.defconfig_script: &defconfig_script
- echo 'Configure Buildroot'
diff --git a/CHANGES b/CHANGES
index b897d4f996..c7925bdedc 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,70 @@
+2018.02, Released March 4th, 2018
+
+ Fixes all over the tree.
+
+ Issues with systemd with a readonly rootfs and DBus fixed.
+
+ Instructure:
+ - check-uniq-files: fix Python 2.6 compatibility.
+ - dependencies.sh: check for external argparse module for
+ Python 2.6.
+ - Add infrastructure to detect and use a UTF-8 locale on the
+ host, needed by systemd.
+
+ Update/fixed packages: clamav, dash, dhcp, dovecot, efl,
+ ffmpeg, libv4l, mono, mosquitto, php, postgresql, qt,
+ scanpypi, sdl2, systemd, tor, tvheadend, uboot, wavpack
+
+ Issues resolved (http://bugs.uclibc.org):
+
+ #10831: qemu_x86_64_defconfig build fails on linux-headers..
+
+2018.02-rc3, Released February 27th, 2018
+
+ Fixes all over the tree.
+
+ check-bin-arch: skip /lib/modules to allow 32-bit userland
+ with 64bit kernel.
+
+ dependencies: Blacklist tar 1.30+ and build our own host-tar
+ if needed as tar 1.30+ changed the --numeric-owner output for
+ long path names. Build host-tar before other host-dependencies
+ as they need it to extract their source tarballs.
+
+ Update/fixed packages: asterisk, azmq, bluez5_utils, domoticz,
+ e2fsprogs, erlang, exim, glibc, gpsd, jq, libglib2, libvorbis,
+ mariadb, mbedtls, mesa3d, mesa3d-headers, mpv, patch, pcre2,
+ php, qt5, qt5multimedia, qt5wayland, qt5webengine, qt5webkit,
+ systemd, quagga, rustc, uboot, wireguard, zic, zlib-ng
+
+ Issues resolved (http://bugs.uclibc.org):
+
+ #10726: Current libglib2.mk creates broken libglib2 binary...
+ #10786: Linux fails to build unless make linux-menuconfig...
+ #10796: Cannot generate cpio image without selecting CON...
+
+2018.02-rc2, Released February 15th, 2018
+
+ Fixes all over the tree.
+
+ Dependencies: Ensure C++ support is available like for C
+ support for packages needing 32bit host support.
+
+ utils/genrandconfig: Check host dependencies for config.
+
+ Updated/fixed packages: busybox, dnsmasq, dropbear, ffmpeg,
+ glibc, keepalived, libcpprestsdk, libgpiod, libmaxminddb,
+ librsvg, libtasn1, libv4l, libxml2, lightning, ltp-testsuite,
+ mesa3d, mesa3d-demos, mesa3d-headers, nftables, open-lldp,
+ php, postgresql, python-crossbar, qt5, qt53d, qt5enginio,
+ qt5tools, qt5webengine, qt5webkit, rsync, rust-bin, rustc,
+ systemd
+
+ Issues resolved (http://bugs.uclibc.org):
+
+ #9781: ti-sgx-km build on kernel >4.1
+ #10141: Squashfs extended attribute failures
+
2018.02-rc1, Released February 5th, 2018
The global source-check and per-package <pkg>-source-check
diff --git a/DEVELOPERS b/DEVELOPERS
index 77b6df3cd3..dbd90e5b8c 100644
--- a/DEVELOPERS
+++ b/DEVELOPERS
@@ -93,14 +93,14 @@ F: package/hostapd/
N: Alexander Varnin <fenixk19@mail.ru>
F: package/liblog4c-localtime/
-N: Alexandre Belloni <alexandre.belloni@free-electrons.com>
+N: Alexandre Belloni <alexandre.belloni@bootlin.com>
F: package/tz/
N: Alexandre Esse <alexandre.esse.dev@gmail.com>
F: package/kvazaar/
F: package/v4l2loopback/
-N: Alistair Francis <alistair.francis@xilinx.com>
+N: Alistair Francis <alistair@alistair23.me>
F: package/xen/
N: Alvaro G. M <alvaro.gamez@hazent.com>
@@ -152,7 +152,7 @@ F: package/lsscsi/
N: Anthony Viallard <viallard@syscom-instruments.com>
F: package/gnuplot/
-N: Antoine Ténart <antoine.tenart@free-electrons.com>
+N: Antoine Ténart <antoine.tenart@bootlin.com>
F: package/wf111/
N: ARC Maintainers <arc-buildroot@synopsys.com>
@@ -1262,7 +1262,7 @@ F: package/systemd-bootchart/
F: package/tinyalsa/
F: package/tinyxml/
-N: Maxime Ripard <maxime.ripard@free-electrons.com>
+N: Maxime Ripard <maxime.ripard@bootlin.com>
F: package/kmsxx/
N: Michael Rommel <rommel@layer-7.net>
@@ -1291,7 +1291,7 @@ N: Mike Harmony <mike.harmony@snapav.com>
F: board/sinovoip/m2-plus/
F: configs/bananapi_m2_plus_defconfig
-N: Mylène Josserand <mylene.josserand@free-electrons.com>
+N: Mylène Josserand <mylene.josserand@bootlin.com>
F: package/rtl8723bu/
N: Nathan Lynch <ntl@pobox.com>
@@ -1526,9 +1526,6 @@ F: package/terminology/
F: package/upower/
F: package/xenomai/
-N: Romain Perier <romain.perier@free-electrons.com>
-F: package/amd-catalyst/
-
N: Ryan Barnett <ryan.barnett@rockwellcollins.com>
F: package/atftp/
F: package/miraclecast/
@@ -1750,7 +1747,7 @@ F: support/scripts/size-stats
F: utils/size-stats-compare
F: toolchain/
-N: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
+N: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
F: arch/Config.in.arm
F: boot/boot-wrapper-aarch64/
F: boot/grub2/
diff --git a/Makefile b/Makefile
index 45c6077cf6..1b34818fc8 100644
--- a/Makefile
+++ b/Makefile
@@ -89,7 +89,7 @@ all:
# Set and export the version string
export BR2_VERSION := 2018.05-git
# Actual time the release is cut (for reproducible builds)
-BR2_VERSION_EPOCH = 1517840000
+BR2_VERSION_EPOCH = 1520198000
# Save running make version since it's clobbered by the make package
RUNNING_MAKE_VERSION := $(MAKE_VERSION)
@@ -363,6 +363,22 @@ ifneq ($(firstword $(HOSTCC_VERSION)),4)
HOSTCC_VERSION := $(firstword $(HOSTCC_VERSION))
endif
+ifeq ($(BR2_NEEDS_HOST_UTF8_LOCALE),y)
+# First, we try to use the user's configured locale (as that's the
+# language they'd expect messages to be displayed), then we favour
+# a non language-specific locale like C.UTF-8 if one is available,
+# so we sort with the C locale to get it at the top.
+# This is guaranteed to not be empty, because of the check in
+# support/dependencies/dependencies.sh
+HOST_UTF8_LOCALE := $(shell \
+ ( echo $${LC_ALL:-$${LC_MESSAGES:-$${LANG}}}; \
+ locale -a 2>/dev/null | LC_ALL=C sort \
+ ) \
+ | grep -i -E 'utf-?8$$' \
+ | head -n 1)
+HOST_UTF8_LOCALE_ENV := LC_ALL=$(HOST_UTF8_LOCALE)
+endif
+
# Make sure pkg-config doesn't look outside the buildroot tree
HOST_PKG_CONFIG_PATH := $(PKG_CONFIG_PATH)
unexport PKG_CONFIG_PATH
diff --git a/board/qemu/ppc64le-pseries/readme.txt b/board/qemu/ppc64le-pseries/readme.txt
index dd188c505f..95455e9478 100644
--- a/board/qemu/ppc64le-pseries/readme.txt
+++ b/board/qemu/ppc64le-pseries/readme.txt
@@ -1,8 +1,6 @@
Run the emulation with:
-qemu-system-ppc64le -M pseries -nographic \
- -kernel output/images/vmlinux \
- -initrd output/images/rootfs.ext2
+qemu-system-ppc64 -M pseries -cpu POWER8 -m 256 -kernel output/images/vmlinux -append "console=hvc0 root=/dev/sda" -drive file=output/images/rootfs.ext2,if=scsi,index=0,format=raw -serial stdio -display curses
The login prompt will appear in the terminal window.
diff --git a/boot/uboot/uboot.mk b/boot/uboot/uboot.mk
index d2f241cd8b..5da339850d 100644
--- a/boot/uboot/uboot.mk
+++ b/boot/uboot/uboot.mk
@@ -131,7 +131,7 @@ endif
UBOOT_MAKE_OPTS += \
CROSS_COMPILE="$(TARGET_CROSS)" \
ARCH=$(UBOOT_ARCH) \
- HOSTCC="$(HOSTCC) $(HOST_CFLAGS)" \
+ HOSTCC="$(HOSTCC) $(subst -I/,-isystem /,$(subst -I /,-isystem /,$(HOST_CFLAGS)))" \
HOSTLDFLAGS="$(HOST_LDFLAGS)"
ifeq ($(BR2_TARGET_UBOOT_NEEDS_ATF_BL31),y)
@@ -188,13 +188,6 @@ define UBOOT_APPLY_LOCAL_PATCHES
endef
UBOOT_POST_PATCH_HOOKS += UBOOT_APPLY_LOCAL_PATCHES
-# Bug: https://patchwork.ozlabs.org/patch/833760/
-define UBOOT_FIX_LIBFDT_SYSTEM_PATH
- [ ! -e $(@D)/tools/fdtgrep.c ] || \
- $(SED) 's%<../include/libfdt.h>%"../include/libfdt.h"%' $(@D)/tools/fdtgrep.c
-endef
-UBOOT_POST_PATCH_HOOKS += UBOOT_FIX_LIBFDT_SYSTEM_PATH
-
ifeq ($(BR2_TARGET_UBOOT_BUILD_SYSTEM_LEGACY),y)
define UBOOT_CONFIGURE_CMDS
$(TARGET_CONFIGURE_OPTS) \
diff --git a/configs/bananapi_m1_defconfig b/configs/bananapi_m1_defconfig
index b084309d7c..f8c66a3334 100644
--- a/configs/bananapi_m1_defconfig
+++ b/configs/bananapi_m1_defconfig
@@ -12,6 +12,7 @@ BR2_TARGET_UBOOT_CUSTOM_VERSION=y
BR2_TARGET_UBOOT_CUSTOM_VERSION_VALUE="2017.09"
BR2_TARGET_UBOOT_BOARD_DEFCONFIG="Bananapi"
BR2_TARGET_UBOOT_NEEDS_DTC=y
+BR2_TARGET_UBOOT_NEEDS_PYLIBFDT=y
BR2_TARGET_UBOOT_FORMAT_BIN=y
BR2_TARGET_UBOOT_SPL=y
BR2_TARGET_UBOOT_SPL_NAME="u-boot-sunxi-with-spl.bin"
diff --git a/configs/bananapi_m2_plus_defconfig b/configs/bananapi_m2_plus_defconfig
index ebaea2deab..bbc3eb0ebd 100644
--- a/configs/bananapi_m2_plus_defconfig
+++ b/configs/bananapi_m2_plus_defconfig
@@ -19,6 +19,7 @@ BR2_TARGET_UBOOT_CUSTOM_VERSION=y
BR2_TARGET_UBOOT_CUSTOM_VERSION_VALUE="2017.07"
BR2_TARGET_UBOOT_BOARD_DEFCONFIG="Sinovoip_BPI_M2_Plus"
BR2_TARGET_UBOOT_NEEDS_DTC=y
+BR2_TARGET_UBOOT_NEEDS_PYLIBFDT=y
BR2_TARGET_UBOOT_FORMAT_CUSTOM=y
BR2_TARGET_UBOOT_FORMAT_CUSTOM_NAME="u-boot-sunxi-with-spl.bin"
BR2_TARGET_UBOOT_BOOT_SCRIPT=y
diff --git a/configs/linksprite_pcduino_defconfig b/configs/linksprite_pcduino_defconfig
index 79e0939792..dd9bcdc1f7 100644
--- a/configs/linksprite_pcduino_defconfig
+++ b/configs/linksprite_pcduino_defconfig
@@ -41,6 +41,7 @@ BR2_TARGET_UBOOT_CUSTOM_VERSION_VALUE="2017.09"
BR2_TARGET_UBOOT_USE_DEFCONFIG=y
BR2_TARGET_UBOOT_BOARD_DEFCONFIG="Linksprite_pcDuino"
BR2_TARGET_UBOOT_NEEDS_DTC=y
+BR2_TARGET_UBOOT_NEEDS_PYLIBFDT=y
BR2_TARGET_UBOOT_FORMAT_BIN=y
BR2_TARGET_UBOOT_SPL=y
BR2_TARGET_UBOOT_SPL_NAME="u-boot-sunxi-with-spl.bin"
diff --git a/configs/orangepi_lite_defconfig b/configs/orangepi_lite_defconfig
index 0f9a8e098b..1e5fca8677 100644
--- a/configs/orangepi_lite_defconfig
+++ b/configs/orangepi_lite_defconfig
@@ -24,6 +24,7 @@ BR2_TARGET_UBOOT_CUSTOM_VERSION=y
BR2_TARGET_UBOOT_CUSTOM_VERSION_VALUE="2017.11"
BR2_TARGET_UBOOT_BOARD_DEFCONFIG="orangepi_lite"
BR2_TARGET_UBOOT_NEEDS_DTC=y
+BR2_TARGET_UBOOT_NEEDS_PYLIBFDT=y
BR2_TARGET_UBOOT_FORMAT_CUSTOM=y
BR2_TARGET_UBOOT_FORMAT_CUSTOM_NAME="u-boot-sunxi-with-spl.bin"
BR2_TARGET_UBOOT_BOOT_SCRIPT=y
diff --git a/configs/orangepi_one_defconfig b/configs/orangepi_one_defconfig
index 51f82054c5..3715f1ddbb 100644
--- a/configs/orangepi_one_defconfig
+++ b/configs/orangepi_one_defconfig
@@ -20,6 +20,7 @@ BR2_TARGET_UBOOT_CUSTOM_VERSION=y
BR2_TARGET_UBOOT_CUSTOM_VERSION_VALUE="2018.01"
BR2_TARGET_UBOOT_BOARD_DEFCONFIG="orangepi_one"
BR2_TARGET_UBOOT_NEEDS_DTC=y
+BR2_TARGET_UBOOT_NEEDS_PYLIBFDT=y
BR2_TARGET_UBOOT_FORMAT_CUSTOM=y
BR2_TARGET_UBOOT_FORMAT_CUSTOM_NAME="u-boot-sunxi-with-spl.bin"
BR2_TARGET_UBOOT_BOOT_SCRIPT=y
diff --git a/configs/orangepi_pc_defconfig b/configs/orangepi_pc_defconfig
index 0fd90f008b..aa559e743e 100644
--- a/configs/orangepi_pc_defconfig
+++ b/configs/orangepi_pc_defconfig
@@ -20,6 +20,7 @@ BR2_TARGET_UBOOT_CUSTOM_VERSION=y
BR2_TARGET_UBOOT_CUSTOM_VERSION_VALUE="2018.01"
BR2_TARGET_UBOOT_BOARD_DEFCONFIG="orangepi_pc"
BR2_TARGET_UBOOT_NEEDS_DTC=y
+BR2_TARGET_UBOOT_NEEDS_PYLIBFDT=y
BR2_TARGET_UBOOT_FORMAT_CUSTOM=y
BR2_TARGET_UBOOT_FORMAT_CUSTOM_NAME="u-boot-sunxi-with-spl.bin"
BR2_TARGET_UBOOT_BOOT_SCRIPT=y
diff --git a/configs/orangepi_pc_plus_defconfig b/configs/orangepi_pc_plus_defconfig
index 7969e8a4bf..053c3bffbd 100644
--- a/configs/orangepi_pc_plus_defconfig
+++ b/configs/orangepi_pc_plus_defconfig
@@ -22,6 +22,7 @@ BR2_TARGET_UBOOT_CUSTOM_VERSION=y
BR2_TARGET_UBOOT_CUSTOM_VERSION_VALUE="2018.01"
BR2_TARGET_UBOOT_BOARD_DEFCONFIG="orangepi_pc_plus"
BR2_TARGET_UBOOT_NEEDS_DTC=y
+BR2_TARGET_UBOOT_NEEDS_PYLIBFDT=y
BR2_TARGET_UBOOT_FORMAT_CUSTOM=y
BR2_TARGET_UBOOT_FORMAT_CUSTOM_NAME="u-boot-sunxi-with-spl.bin"
BR2_TARGET_UBOOT_BOOT_SCRIPT=y
diff --git a/configs/orangepi_zero_defconfig b/configs/orangepi_zero_defconfig
index 86c634e39b..2efccc0ced 100644
--- a/configs/orangepi_zero_defconfig
+++ b/configs/orangepi_zero_defconfig
@@ -23,6 +23,7 @@ BR2_TARGET_UBOOT_CUSTOM_VERSION=y
BR2_TARGET_UBOOT_CUSTOM_VERSION_VALUE="2018.01"
BR2_TARGET_UBOOT_BOARD_DEFCONFIG="orangepi_zero"
BR2_TARGET_UBOOT_NEEDS_DTC=y
+BR2_TARGET_UBOOT_NEEDS_PYLIBFDT=y
BR2_TARGET_UBOOT_FORMAT_CUSTOM=y
BR2_TARGET_UBOOT_FORMAT_CUSTOM_NAME="u-boot-sunxi-with-spl.bin"
BR2_TARGET_UBOOT_BOOT_SCRIPT=y
diff --git a/configs/qemu_x86_64_defconfig b/configs/qemu_x86_64_defconfig
index 92a196790d..b92ae17ae6 100644
--- a/configs/qemu_x86_64_defconfig
+++ b/configs/qemu_x86_64_defconfig
@@ -9,8 +9,8 @@ BR2_TARGET_GENERIC_GETTY_PORT="tty1"
BR2_TARGET_ROOTFS_EXT2=y
# BR2_TARGET_ROOTFS_TAR is not set
-# Linux headers same as kernel, a 4.11 series
-BR2_PACKAGE_HOST_LINUX_HEADERS_CUSTOM_4_11=y
+# Linux headers same as kernel, a 4.15 series
+BR2_PACKAGE_HOST_LINUX_HEADERS_CUSTOM_4_15=y
# Kernel
BR2_LINUX_KERNEL=y
diff --git a/docs/manual/adding-packages-cargo.txt b/docs/manual/adding-packages-cargo.txt
index 3f9ddfed16..b78163e6a1 100644
--- a/docs/manual/adding-packages-cargo.txt
+++ b/docs/manual/adding-packages-cargo.txt
@@ -49,11 +49,11 @@ package. Let's start with an example:
15: FOO_CARGO_ENV = CARGO_HOME=$(HOST_DIR)/share/cargo
16: FOO_CARGO_MODE = $(if $(BR2_ENABLE_DEBUG),debug,release)
17:
-18: FOO_BIN_DIR = target/$(RUST_TARGET_NAME)/$(FOO_CARGO_MODE)
+18: FOO_BIN_DIR = target/$(RUSTC_TARGET_NAME)/$(FOO_CARGO_MODE)
19:
20: FOO_CARGO_OPTS = \
21: --$(FOO_CARGO_MODE) \
-22: --target=$(RUST_TARGET_NAME) \
+22: --target=$(RUSTC_TARGET_NAME) \
23: --manifest-path=$(@D)/Cargo.toml
24:
25: define FOO_BUILD_CMDS
diff --git a/docs/manual/using-buildroot-toolchain.txt b/docs/manual/using-buildroot-toolchain.txt
index 6a90645649..3246dc2411 100644
--- a/docs/manual/using-buildroot-toolchain.txt
+++ b/docs/manual/using-buildroot-toolchain.txt
@@ -12,11 +12,15 @@ The toolchain generated by Buildroot is located by default in
+output/host/bin/+ to your PATH environment variable and then to
use +ARCH-linux-gcc+, +ARCH-linux-objdump+, +ARCH-linux-ld+, etc.
-It is possible to relocate the toolchain - but then +--sysroot+ must
-be passed every time the compiler is called to tell where the
-libraries and header files are.
+It is possible to relocate the toolchain, this allows to distribute
+the toolchain to other developers to build applications for your
+target. To achieve this:
+
+* run +make sdk+, which prepares the toolchain to be relocatable;
+* tarball the contents of the +output/host+ directory;
+* distribute the resulting tarball.
+
+Once the toolchain is installed to the new location, the user must run
+the +relocate-sdk.sh+ script to make sure all paths are updated with
+the new location.
-It is also possible to generate the Buildroot toolchain in a directory
-other than +output/host+ by using the +Build options -> Host dir+
-option. This could be useful if the toolchain must be shared with
-other users.
diff --git a/docs/website/docs.html b/docs/website/docs.html
index 9cee36da28..9ef202ff9d 100644
--- a/docs/website/docs.html
+++ b/docs/website/docs.html
@@ -78,8 +78,8 @@
<div class="panel panel-primary">
<div class="panel-heading">Training</div>
<div class="panel-body">
- <p><a href="http://www.free-electrons.com">Free Electrons</a> offers a
- complete <a href="http://free-electrons.com/training/buildroot/">3-days
+ <p><a href="http://www.bootlin.com">Bootlin</a> (formerly Free Electrons)
+ offers a complete <a href="http://bootlin.com/training/buildroot/">3-days
training course on Buildroot</a>. They also make the training
materials freely available:</p>
@@ -89,7 +89,7 @@
<div class="panel-heading">Slides preview</div>
<div class="panel-body">
<div id="slides" style="width: 100%; padding-bottom: 75%; position: relative">
- <a href="http://free-electrons.com/doc/training/buildroot/buildroot-slides.pdf"><img src="images/buildroot-slides.png" alt="buildroot slides" style="position:absolute; width:100%; height:100%; top:0; left:0;"></a>
+ <a href="http://bootlin.com/doc/training/buildroot/buildroot-slides.pdf"><img src="images/buildroot-slides.png" alt="buildroot slides" style="position:absolute; width:100%; height:100%; top:0; left:0;"></a>
</div>
</div>
</div>
@@ -100,9 +100,9 @@
<div class="panel-heading">Training materials</div>
<div class="panel-body">
<ul>
- <li><a href="http://free-electrons.com/doc/training/buildroot/buildroot-slides.pdf">slides (PDF)</a></li>
- <li><a href="http://free-electrons.com/doc/training/buildroot/buildroot-labs.pdf">practical labs (PDF)</a></li>
- <li><a href="http://free-electrons.com/doc/training/buildroot/buildroot-labs.tar.xz">practical labs data (.tar.xz)</a></li>
+ <li><a href="http://bootlin.com/doc/training/buildroot/buildroot-slides.pdf">slides (PDF)</a></li>
+ <li><a href="http://bootlin.com/doc/training/buildroot/buildroot-labs.pdf">practical labs (PDF)</a></li>
+ <li><a href="http://bootlin.com/doc/training/buildroot/buildroot-labs.tar.xz">practical labs data (.tar.xz)</a></li>
</ul>
</div>
</div>
diff --git a/docs/website/download.html b/docs/website/download.html
index 57c82e2739..cf99b22cd1 100644
--- a/docs/website/download.html
+++ b/docs/website/download.html
@@ -8,40 +8,40 @@
<div class="panel-heading">Download</div>
<div class="panel-body">
- <h3 style="text-align: center;">Latest long term support release: <b>2017.02.10</b></h3>
+ <h3 style="text-align: center;">Latest stable / long term support release: <b>2018.02</b></h3>
<div class="row mt centered">
<div class="col-sm-6">
<div class="flip-container center-block" ontouchstart="this.classList.toggle('hover');">
<div class="flipper">
<div class="front">
- <a href="/downloads/buildroot-2017.02.10.tar.gz"><img src="images/zip.png" width="180" alt=""></a>
+ <a href="/downloads/buildroot-2018.02.tar.gz"><img src="images/zip.png" width="180" alt=""></a>
</div>
<div class="back">
- <a href="/downloads/buildroot-2017.02.10.tar.gz"><img src="images/zip.png" width="180" alt=""></a>
+ <a href="/downloads/buildroot-2018.02.tar.gz"><img src="images/zip.png" width="180" alt=""></a>
</div>
</div>
</div>
- <h3><a href="/downloads/buildroot-2017.02.10.tar.gz">buildroot-2017.02.10.tar.gz</a></h3>
- <p><a href="/downloads/buildroot-2017.02.10.tar.gz.sign">PGP signature</a></p>
+ <h3><a href="/downloads/buildroot-2018.02.tar.gz">buildroot-2018.02.tar.gz</a></h3>
+ <p><a href="/downloads/buildroot-2018.02.tar.gz.sign">PGP signature</a></p>
</div>
<div class="col-sm-6">
<div class="flip-container center-block" ontouchstart="this.classList.toggle('hover');">
<div class="flipper">
<div class="front">
- <a href="/downloads/buildroot-2017.02.10.tar.bz2"><img src="images/package.png" width="180" alt=""></a>
+ <a href="/downloads/buildroot-2018.02.tar.bz2"><img src="images/package.png" width="180" alt=""></a>
</div>
<div class="back">
- <a href="/downloads/buildroot-2017.02.10.tar.bz2"><img src="images/package.png" width="180" alt=""></a>
+ <a href="/downloads/buildroot-2018.02.tar.bz2"><img src="images/package.png" width="180" alt=""></a>
</div>
</div>
</div>
- <h3><a href="/downloads/buildroot-2017.02.10.tar.bz2">buildroot-2017.02.10.tar.bz2</a></h3>
- <p><a href="/downloads/buildroot-2017.02.10.tar.bz2.sign">PGP signature</a></p>
+ <h3><a href="/downloads/buildroot-2018.02.tar.bz2">buildroot-2018.02.tar.bz2</a></h3>
+ <p><a href="/downloads/buildroot-2018.02.tar.bz2.sign">PGP signature</a></p>
</div>
</div>
-
+<!--
<h3 style="text-align: center;">Latest stable release: <b>2017.11.2</b></h3>
<div class="row mt centered">
@@ -76,40 +76,40 @@
</div>
</div>
- <h3 style="text-align: center;">Latest release candidate: <b>2018.02-rc1</b></h3>
+ <h3 style="text-align: center;">Latest release candidate: <b>2018.02-rc3</b></h3>
<div class="row mt centered">
<div class="col-sm-6">
<div class="flip-container center-block" ontouchstart="this.classList.toggle('hover');">
<div class="flipper">
<div class="front">
- <a href="/downloads/buildroot-2018.02-rc1.tar.gz"><img src="images/zip.png" width="180" alt=""></a>
+ <a href="/downloads/buildroot-2018.02-rc3.tar.gz"><img src="images/zip.png" width="180" alt=""></a>
</div>
<div class="back">
- <a href="/downloads/buildroot-2018.02-rc1.tar.gz"><img src="images/zip.png" width="180" alt=""></a>
+ <a href="/downloads/buildroot-2018.02-rc3.tar.gz"><img src="images/zip.png" width="180" alt=""></a>
</div>
</div>
</div>
- <h3><a href="/downloads/buildroot-2018.02-rc1.tar.gz">buildroot-2018.02-rc1.tar.gz</a></h3>
- <p><a href="/downloads/buildroot-2018.02-rc1.tar.gz.sign">PGP signature</a></p>
+ <h3><a href="/downloads/buildroot-2018.02-rc3.tar.gz">buildroot-2018.02-rc3.tar.gz</a></h3>
+ <p><a href="/downloads/buildroot-2018.02-rc3.tar.gz.sign">PGP signature</a></p>
</div>
<div class="col-sm-6">
<div class="flip-container center-block" ontouchstart="this.classList.toggle('hover');">
<div class="flipper">
<div class="front">
- <a href="/downloads/buildroot-2018.02-rc1.tar.bz2"><img src="images/package.png" width="180" alt=""></a>
+ <a href="/downloads/buildroot-2018.02-rc3.tar.bz2"><img src="images/package.png" width="180" alt=""></a>
</div>
<div class="back">
- <a href="/downloads/buildroot-2018.02-rc1.tar.bz2"><img src="images/package.png" width="180" alt=""></a>
+ <a href="/downloads/buildroot-2018.02-rc3.tar.bz2"><img src="images/package.png" width="180" alt=""></a>
</div>
</div>
</div>
- <h3><a href="/downloads/buildroot-2018.02-rc1.tar.bz2">buildroot-2018.02-rc1.tar.bz2</a></h3>
- <p><a href="/downloads/buildroot-2018.02-rc1.tar.bz2.sign">PGP signature</a></p>
+ <h3><a href="/downloads/buildroot-2018.02-rc3.tar.bz2">buildroot-2018.02-rc3.tar.bz2</a></h3>
+ <p><a href="/downloads/buildroot-2018.02-rc3.tar.bz2.sign">PGP signature</a></p>
</div>
</div>
-
+-->
This and earlier releases (and their PGP signatures) can always be downloaded from
<a href="/downloads/">http://buildroot.net/downloads/</a>.
</div>
diff --git a/docs/website/index.html b/docs/website/index.html
index f0d0175bb7..300adbb83d 100644
--- a/docs/website/index.html
+++ b/docs/website/index.html
@@ -78,7 +78,7 @@
</div>
</div>
- <h4>Supports hundreds of packages</h4>
+ <h4>Supports several thousand packages</h4>
<p>X.org stack, Gtk3, Qt 5, GStreamer, Webkit, Kodi, a large number of network-related and system-related utilities are supported.</p>
</div><!--/col-lg-4 -->
diff --git a/docs/website/js/buildroot.js b/docs/website/js/buildroot.js
index a30da633e9..ec28cbb750 100644
--- a/docs/website/js/buildroot.js
+++ b/docs/website/js/buildroot.js
@@ -90,5 +90,5 @@ jQuery(document).ready(function($) {
load_activity("http://buildroot-busybox.2317881.n4.nabble.com/Buildroot-busybox-ft2.xml", "mailing-list-activity");
load_activity("http://git.buildroot.org/buildroot/atom/?h=master", "commit-activity");
- $('#slides').html('<iframe src="https://docs.google.com/gview?url=http://free-electrons.com/doc/training/buildroot/buildroot-slides.pdf&embedded=true" style="position:absolute; width:100%; height:100%; top:0; left:0;" frameborder="0"></iframe>')
+ $('#slides').html('<iframe src="https://docs.google.com/gview?url=http://bootlin.com/doc/training/buildroot/buildroot-slides.pdf&embedded=true" style="position:absolute; width:100%; height:100%; top:0; left:0;" frameborder="0"></iframe>')
});
diff --git a/docs/website/news.html b/docs/website/news.html
index e194d68b7e..980b0cc83c 100644
--- a/docs/website/news.html
+++ b/docs/website/news.html
@@ -9,6 +9,72 @@
<h2>News</h2>
<ul class="timeline">
+ <li>
+ <div class="timeline-badge"><i class="glyphicon glyphicon-thumbs-up"></i></div>
+ <div class="timeline-panel">
+ <div class="timeline-heading">
+ <h4 class="timeline-title">2018.02 released</h4>
+ <p><small class="text-muted"><i class="glyphicon glyphicon-time"></i>4 March 2018</small></p>
+ </div>
+ <div class="timeline-body">
+ <p>The stable 2018.02 release is out - Thanks to everyone
+ contributing and testing the release candidates. See the
+ <a href="http://git.buildroot.net/buildroot/plain/CHANGES?id=2018.02">CHANGES</a>
+ file for more details, read the
+ <a href="http://lists.busybox.net/pipermail/buildroot/2018-March/215002.html">announcement</a>
+ and go to the <a href="/downloads/">downloads page</a> to pick up the
+ <a href="/downloads/buildroot-2018.02.tar.bz2">2018.02 release</a>.</p>
+
+ <p>Notice that this is a long term support release which will be
+ supported with security and other important fixes until February 2019.</p>
+ </div>
+ </div>
+ </li>
+
+ <li class="timeline-inverted">
+ <div class="timeline-badge"><i class="glyphicon glyphicon-thumbs-up"></i></div>
+ <div class="timeline-panel">
+ <div class="timeline-heading">
+ <h4 class="timeline-title">2018.02-rc3 released</h4>
+ <p><small class="text-muted"><i class="glyphicon glyphicon-time"></i>27 February 2018</small></p>
+ </div>
+ <div class="timeline-body">
+ <p>Release candidate 3 is out with more cleanups and security
+ / build fixes. See
+ the <a href="http://git.buildroot.net/buildroot/plain/CHANGES?id=2018.02-rc3">CHANGES</a>
+ file for details.</p>
+ <p>Head to the <a href="/downloads/">downloads page</a> to
+ pick up
+ the <a href="/downloads/buildroot-2018.02-rc3.tar.bz2">2018.02-rc3
+ release candidate</a>, and report any problems found to
+ the <a href="support.html">mailing list</a>
+ or <a href="https://bugs.uclibc.org">bug tracker</a>.</p>
+ </div>
+ </div>
+ </li>
+
+ <li>
+ <div class="timeline-badge"><i class="glyphicon glyphicon-thumbs-up"></i></div>
+ <div class="timeline-panel">
+ <div class="timeline-heading">
+ <h4 class="timeline-title">2018.02-rc2 released</h4>
+ <p><small class="text-muted"><i class="glyphicon glyphicon-time"></i>15 February 2018</small></p>
+ </div>
+ <div class="timeline-body">
+ <p>Another week, another release candidate with more cleanups
+ and build fixes. See the
+ <a href="http://git.buildroot.net/buildroot/plain/CHANGES?id=2018.02-rc2">CHANGES</a>
+ file for details.</p>
+
+ <p>Head to the <a href="/downloads/">downloads page</a> to pick up the
+ <a href="/downloads/buildroot-2018.02-rc2.tar.bz2">2018.02-rc2
+ release candidate</a>, and report any problems found to the
+ <a href="support.html">mailing list</a> or
+ <a href="https://bugs.buildroot.org">bug tracker</a>.</p>
+ </div>
+ </div>
+ </li>
+
<li class="timeline-inverted">
<div class="timeline-badge"><i class="glyphicon glyphicon-thumbs-up"></i></div>
<div class="timeline-panel">
diff --git a/fs/cpio/init b/fs/cpio/init
index a275482177..dbe09ac68e 100755
--- a/fs/cpio/init
+++ b/fs/cpio/init
@@ -4,4 +4,4 @@
exec 0</dev/console
exec 1>/dev/console
exec 2>/dev/console
-exec /sbin/init $*
+exec /sbin/init "$@"
diff --git a/linux/Config.in b/linux/Config.in
index 80e85b9e8b..bc6cd1b5f7 100644
--- a/linux/Config.in
+++ b/linux/Config.in
@@ -116,7 +116,7 @@ endif
config BR2_LINUX_KERNEL_VERSION
string
- default "4.15.1" if BR2_LINUX_KERNEL_LATEST_VERSION
+ default "4.15.7" if BR2_LINUX_KERNEL_LATEST_VERSION
default "v4.4.112-cip18" if BR2_LINUX_KERNEL_LATEST_CIP_VERSION
default BR2_LINUX_KERNEL_CUSTOM_VERSION_VALUE \
if BR2_LINUX_KERNEL_CUSTOM_VERSION
diff --git a/package/asterisk/asterisk.hash b/package/asterisk/asterisk.hash
index f537c2df66..a3e9d10aff 100644
--- a/package/asterisk/asterisk.hash
+++ b/package/asterisk/asterisk.hash
@@ -1,5 +1,5 @@
# Locally computed
-sha256 6525170fa16fecb08cb3cde2c1bd5d3140df55b14e4561ac0771fbd1e04b3b75 asterisk-14.7.5.tar.gz
+sha256 249cf223ef4dd7aea01f0d250a6b9cad661ebd78910c73adb7f59c1c46f9fed8 asterisk-14.7.6.tar.gz
# sha1 from: http://downloads.asterisk.org/pub/telephony/sounds/releases
# sha256 locally computed
diff --git a/package/asterisk/asterisk.mk b/package/asterisk/asterisk.mk
index fc9a961c89..28b85da562 100644
--- a/package/asterisk/asterisk.mk
+++ b/package/asterisk/asterisk.mk
@@ -4,7 +4,7 @@
#
################################################################################
-ASTERISK_VERSION = 14.7.5
+ASTERISK_VERSION = 14.7.6
# Use the github mirror: it's an official mirror maintained by Digium, and
# provides tarballs, which the main Asterisk git tree (behind Gerrit) does not.
ASTERISK_SITE = $(call github,asterisk,asterisk,$(ASTERISK_VERSION))
@@ -287,7 +287,7 @@ HOST_ASTERISK_LICENSE_FILES = COPYING
# so do not inherit the target setup.
HOST_ASTERISK_AUTORECONF = NO
-HOST_ASTERISK_CONF_ENV = CONFIG_LIBXML2=$(HOST_DIR)/usr/bin/xml2-config
+HOST_ASTERISK_CONF_ENV = CONFIG_LIBXML2=$(HOST_DIR)/bin/xml2-config
HOST_ASTERISK_CONF_OPTS = \
--without-newt \
diff --git a/package/azmq/Config.in b/package/azmq/Config.in
index 422a058832..eeafa2ad6d 100644
--- a/package/azmq/Config.in
+++ b/package/azmq/Config.in
@@ -2,7 +2,7 @@ config BR2_PACKAGE_AZMQ
bool "azmq"
depends on BR2_INSTALL_LIBSTDCPP
depends on BR2_TOOLCHAIN_HAS_ATOMIC
- depends on BR2_TOOLCHAIN_HAS_THREADS # zeromq
+ depends on BR2_TOOLCHAIN_HAS_THREADS_NPTL # boost-log
depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_8 # C++11
depends on BR2_USE_WCHAR # boost
depends on !BR2_TOOLCHAIN_HAS_GCC_BUG_64735 # exception_ptr
@@ -20,9 +20,9 @@ config BR2_PACKAGE_AZMQ
https://github.com/zeromq/azmq
-comment "azmq needs a toolchain w/ C++11, wchar and threads"
+comment "azmq needs a toolchain w/ C++11, wchar and NTPL"
depends on !(BR2_INSTALL_LIBSTDCPP && BR2_TOOLCHAIN_GCC_AT_LEAST_4_8 \
- && BR2_USE_WCHAR && BR2_TOOLCHAIN_HAS_THREADS)
+ && BR2_USE_WCHAR && BR2_TOOLCHAIN_HAS_THREADS_NPTL)
comment "azmq needs exception_ptr"
depends on BR2_TOOLCHAIN_HAS_GCC_BUG_64735
diff --git a/package/bluez5_utils/bluez5_utils.mk b/package/bluez5_utils/bluez5_utils.mk
index 0634ec9f6f..395340a3e6 100644
--- a/package/bluez5_utils/bluez5_utils.mk
+++ b/package/bluez5_utils/bluez5_utils.mk
@@ -116,7 +116,7 @@ define BLUEZ5_UTILS_INSTALL_INIT_SYSTEMD
mkdir -p $(TARGET_DIR)/etc/systemd/system/bluetooth.target.wants
ln -fs ../../../../usr/lib/systemd/system/bluetooth.service \
$(TARGET_DIR)/etc/systemd/system/bluetooth.target.wants/bluetooth.service
- ln -fs ../../../../usr/lib/systemd/system/bluetooth.service \
+ ln -fs ../../../usr/lib/systemd/system/bluetooth.service \
$(TARGET_DIR)/etc/systemd/system/dbus-org.bluez.service
endef
diff --git a/package/cargo-bin/cargo-bin.mk b/package/cargo-bin/cargo-bin.mk
index 0f235748ff..3c834d9033 100644
--- a/package/cargo-bin/cargo-bin.mk
+++ b/package/cargo-bin/cargo-bin.mk
@@ -6,7 +6,7 @@
CARGO_BIN_VERSION = 0.24.0
CARGO_BIN_SITE = https://static.rust-lang.org/dist
-CARGO_BIN_SOURCE = cargo-$(CARGO_BIN_VERSION)-$(RUST_HOST_NAME).tar.xz
+CARGO_BIN_SOURCE = cargo-$(CARGO_BIN_VERSION)-$(RUSTC_HOST_NAME).tar.xz
CARGO_BIN_LICENSE = Apache-2.0 or MIT
CARGO_BIN_LICENSE_FILES = LICENSE-APACHE LICENSE-MIT
diff --git a/package/cargo/cargo.mk b/package/cargo/cargo.mk
index 5625127fcd..3fd088d727 100644
--- a/package/cargo/cargo.mk
+++ b/package/cargo/cargo.mk
@@ -82,7 +82,7 @@ define HOST_CARGO_INSTALL_CMDS
$(INSTALL) -D -m 0755 $(@D)/target/release/cargo $(HOST_DIR)/bin/cargo
$(INSTALL) -D package/cargo/config.in \
$(HOST_DIR)/share/cargo/config
- $(SED) 's/@RUST_TARGET_NAME@/$(RUST_TARGET_NAME)/' \
+ $(SED) 's/@RUSTC_TARGET_NAME@/$(RUSTC_TARGET_NAME)/' \
$(HOST_DIR)/share/cargo/config
$(SED) 's/@CROSS_PREFIX@/$(notdir $(TARGET_CROSS))/' \
$(HOST_DIR)/share/cargo/config
diff --git a/package/cargo/config.in b/package/cargo/config.in
index cc048c71c4..47fad026be 100644
--- a/package/cargo/config.in
+++ b/package/cargo/config.in
@@ -1,2 +1,2 @@
-[target.@RUST_TARGET_NAME@]
+[target.@RUSTC_TARGET_NAME@]
linker = "@CROSS_PREFIX@gcc"
diff --git a/package/clamav/clamav.hash b/package/clamav/clamav.hash
index fe873bddfc..76c633f979 100644
--- a/package/clamav/clamav.hash
+++ b/package/clamav/clamav.hash
@@ -1,5 +1,5 @@
# Locally calculated
-sha256 00fa5292a6e00a3a4035b826267748965d5d2c4943d8ff417d740238263e8e84 clamav-0.99.3.tar.gz
+sha256 d72ac3273bde8d2e5e28ec9978373ee3ab4529fd868bc3fc4d2d2671228f2461 clamav-0.99.4.tar.gz
sha256 0c4fd2fa9733fc9122503797648710851e4ee6d9e4969dd33fcbd8c63cd2f584 COPYING
sha256 d72a145c90918184a05ef65a04c9e6f7466faa59bc1b82c8f6a8ddc7ddcb9bed COPYING.bzip2
sha256 dfb818a0d41411c6fb1c193c68b73018ceadd1994bda41ad541cbff292894bc6 COPYING.file
diff --git a/package/clamav/clamav.mk b/package/clamav/clamav.mk
index d53168fc1b..4c4fc395c2 100644
--- a/package/clamav/clamav.mk
+++ b/package/clamav/clamav.mk
@@ -4,7 +4,7 @@
#
################################################################################
-CLAMAV_VERSION = 0.99.3
+CLAMAV_VERSION = 0.99.4
CLAMAV_SITE = https://www.clamav.net/downloads/production
CLAMAV_LICENSE = GPL-2.0
CLAMAV_LICENSE_FILES = COPYING COPYING.bzip2 COPYING.file COPYING.getopt \
diff --git a/package/dash/0002-histedit-fix-build-with-musl-libc.patch b/package/dash/0002-histedit-fix-build-with-musl-libc.patch
new file mode 100644
index 0000000000..a9e4c5aea1
--- /dev/null
+++ b/package/dash/0002-histedit-fix-build-with-musl-libc.patch
@@ -0,0 +1,35 @@
+From 2da5b72c704fed10f1b04b5432ac6b078d016fae Mon Sep 17 00:00:00 2001
+From: Baruch Siach <baruch@tkos.co.il>
+Date: Fri, 2 Mar 2018 08:25:36 +0200
+Subject: [PATCH] histedit: fix build with musl libc
+
+musl libc defines the optreset BSD extension only in getopt.h. This
+fixes the following build failure:
+
+histedit.c: In function 'histcmd':
+histedit.c:220:2: error: 'optreset' undeclared (first use in this function)
+ optreset = 1; optind = 1; /* initialize getopt */
+ ^~~~~~~~
+
+Signed-off-by: Baruch Siach <baruch@tkos.co.il>
+---
+Upstream status: https://www.mail-archive.com/dash@vger.kernel.org/msg01389.html
+
+ src/histedit.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/histedit.c b/src/histedit.c
+index 94465d785cc9..f5c90aba873b 100644
+--- a/src/histedit.c
++++ b/src/histedit.c
+@@ -39,6 +39,7 @@
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <unistd.h>
++#include <getopt.h>
+ /*
+ * Editline and history functions (and glue).
+ */
+--
+2.16.1
+
diff --git a/package/dash/dash.mk b/package/dash/dash.mk
index 87c9cc9f8b..2ee292b8d3 100644
--- a/package/dash/dash.mk
+++ b/package/dash/dash.mk
@@ -10,8 +10,9 @@ DASH_LICENSE = BSD-3-Clause, GPL-2.0+ (mksignames.c)
DASH_LICENSE_FILES = COPYING
ifeq ($(BR2_PACKAGE_LIBEDIT),y)
-DASH_DEPENDENCIES += libedit
+DASH_DEPENDENCIES += libedit host-pkgconf
DASH_CONF_OPTS += --with-libedit
+DASH_CONF_ENV += LIBS=`pkg-config --libs libedit`
# Enable line editing, Emacs style
define DASH_INSTALL_PROFILE
diff --git a/package/dhcp/0003-Correct-buffer-overrun-in-pretty_print_option.patch b/package/dhcp/0003-Correct-buffer-overrun-in-pretty_print_option.patch
new file mode 100644
index 0000000000..aad20ff93f
--- /dev/null
+++ b/package/dhcp/0003-Correct-buffer-overrun-in-pretty_print_option.patch
@@ -0,0 +1,59 @@
+From b8c29336bd5401a5f962bc6ddfa4ebb6f0274f3c Mon Sep 17 00:00:00 2001
+From: Thomas Markwalder <tmark@isc.org>
+Date: Sat, 10 Feb 2018 12:15:27 -0500
+Subject: [PATCH 1/2] Correct buffer overrun in pretty_print_option
+
+ Merges in rt47139.
+
+[baruch: drop RELNOTES and test; address CVE-2018-5732]
+Signed-off-by: Baruch Siach <baruch@tkos.co.il>
+---
+Upstream status: backported from commit c5931725b48
+---
+ common/options.c | 15 ++++++++++++---
+ 1 file changed, 12 insertions(+), 3 deletions(-)
+
+diff --git a/common/options.c b/common/options.c
+index 5547287fb6e5..2ed6b16c6412 100644
+--- a/common/options.c
++++ b/common/options.c
+@@ -1758,7 +1758,8 @@ format_min_length(format, oc)
+
+
+ /* Format the specified option so that a human can easily read it. */
+-
++/* Maximum pretty printed size */
++#define MAX_OUTPUT_SIZE 32*1024
+ const char *pretty_print_option (option, data, len, emit_commas, emit_quotes)
+ struct option *option;
+ const unsigned char *data;
+@@ -1766,8 +1767,9 @@ const char *pretty_print_option (option, data, len, emit_commas, emit_quotes)
+ int emit_commas;
+ int emit_quotes;
+ {
+- static char optbuf [32768]; /* XXX */
+- static char *endbuf = &optbuf[sizeof(optbuf)];
++ /* We add 128 byte pad so we don't have to add checks everywhere. */
++ static char optbuf [MAX_OUTPUT_SIZE + 128]; /* XXX */
++ static char *endbuf = optbuf + MAX_OUTPUT_SIZE;
+ int hunksize = 0;
+ int opthunk = 0;
+ int hunkinc = 0;
+@@ -2193,7 +2195,14 @@ const char *pretty_print_option (option, data, len, emit_commas, emit_quotes)
+ log_error ("Unexpected format code %c",
+ fmtbuf [j]);
+ }
++
+ op += strlen (op);
++ if (op >= endbuf) {
++ log_error ("Option data exceeds"
++ " maximum size %d", MAX_OUTPUT_SIZE);
++ return ("<error>");
++ }
++
+ if (dp == data + len)
+ break;
+ if (j + 1 < numelem && comma != ':')
+--
+2.16.1
+
diff --git a/package/dhcp/0004-Corrected-refcnt-loss-in-option-parsing.patch b/package/dhcp/0004-Corrected-refcnt-loss-in-option-parsing.patch
new file mode 100644
index 0000000000..c79bbc7f82
--- /dev/null
+++ b/package/dhcp/0004-Corrected-refcnt-loss-in-option-parsing.patch
@@ -0,0 +1,40 @@
+From 93b5b67dd31b9efcbfaabc2df1e1d9d164a5e04a Mon Sep 17 00:00:00 2001
+From: Thomas Markwalder <tmark@isc.org>
+Date: Fri, 9 Feb 2018 14:46:08 -0500
+Subject: [PATCH 2/2] Corrected refcnt loss in option parsing
+
+ Merges in 47140.
+
+[baruch: drop RELNOTES and tests; address CVE-2018-5733]
+Signed-off-by: Baruch Siach <baruch@tkos.co.il>
+---
+Upstream status: backported from commit 197b26f25309
+---
+ common/options.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/common/options.c b/common/options.c
+index 2ed6b16c6412..25b29a6be7bb 100644
+--- a/common/options.c
++++ b/common/options.c
+@@ -3,7 +3,7 @@
+ DHCP options parsing and reassembly. */
+
+ /*
+- * Copyright (c) 2004-2017 by Internet Systems Consortium, Inc. ("ISC")
++ * Copyright (c) 2004-2018 by Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (c) 1995-2003 by Internet Software Consortium
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+@@ -177,6 +177,8 @@ int parse_option_buffer (options, buffer, length, universe)
+
+ /* If the length is outrageous, the options are bad. */
+ if (offset + len > length) {
++ /* Avoid reference count overflow */
++ option_dereference(&option, MDL);
+ reason = "option length exceeds option buffer length";
+ bogus:
+ log_error("parse_option_buffer: malformed option "
+--
+2.16.1
+
diff --git a/package/dnsmasq/0001-DNSSEC-fix-for-wildcard-NSEC-records.-CVE-2017-15107.patch b/package/dnsmasq/0001-DNSSEC-fix-for-wildcard-NSEC-records.-CVE-2017-15107.patch
new file mode 100644
index 0000000000..7b834e80e2
--- /dev/null
+++ b/package/dnsmasq/0001-DNSSEC-fix-for-wildcard-NSEC-records.-CVE-2017-15107.patch
@@ -0,0 +1,212 @@
+From 4fe6744a220eddd3f1749b40cac3dfc510787de6 Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Fri, 19 Jan 2018 12:26:08 +0000
+Subject: [PATCH] DNSSEC fix for wildcard NSEC records. CVE-2017-15107 applies.
+
+It's OK for NSEC records to be expanded from wildcards,
+but in that case, the proof of non-existence is only valid
+starting at the wildcard name, *.<domain> NOT the name expanded
+from the wildcard. Without this check it's possible for an
+attacker to craft an NSEC which wrongly proves non-existence
+in a domain which includes a wildcard for NSEC.
+
+[baruch: drop the CHANGELOG hunk]
+Signed-off-by: Baruch Siach <baruch@tkos.co.il>
+---
+Upstream status: upstream commit 4fe6744a220e
+
+ CHANGELOG | 12 +++++-
+ src/dnssec.c | 117 ++++++++++++++++++++++++++++++++++++++++++++++++++++-------
+ 2 files changed, 114 insertions(+), 15 deletions(-)
+
+diff --git a/src/dnssec.c b/src/dnssec.c
+index eb6c11cbe00f..a54a0b4f14cf 100644
+--- a/src/dnssec.c
++++ b/src/dnssec.c
+@@ -103,15 +103,17 @@ static void from_wire(char *name)
+ static int count_labels(char *name)
+ {
+ int i;
+-
++ char *p;
++
+ if (*name == 0)
+ return 0;
+
+- for (i = 0; *name; name++)
+- if (*name == '.')
++ for (p = name, i = 0; *p; p++)
++ if (*p == '.')
+ i++;
+
+- return i+1;
++ /* Don't count empty first label. */
++ return *name == '.' ? i : i+1;
+ }
+
+ /* Implement RFC1982 wrapped compare for 32-bit numbers */
+@@ -1094,8 +1096,8 @@ static int hostname_cmp(const char *a, const char *b)
+ }
+ }
+
+-static int prove_non_existence_nsec(struct dns_header *header, size_t plen, unsigned char **nsecs, int nsec_count,
+- char *workspace1, char *workspace2, char *name, int type, int *nons)
++static int prove_non_existence_nsec(struct dns_header *header, size_t plen, unsigned char **nsecs, unsigned char **labels, int nsec_count,
++ char *workspace1_in, char *workspace2, char *name, int type, int *nons)
+ {
+ int i, rc, rdlen;
+ unsigned char *p, *psave;
+@@ -1108,6 +1110,9 @@ static int prove_non_existence_nsec(struct dns_header *header, size_t plen, unsi
+ /* Find NSEC record that proves name doesn't exist */
+ for (i = 0; i < nsec_count; i++)
+ {
++ char *workspace1 = workspace1_in;
++ int sig_labels, name_labels;
++
+ p = nsecs[i];
+ if (!extract_name(header, plen, &p, workspace1, 1, 10))
+ return 0;
+@@ -1116,7 +1121,27 @@ static int prove_non_existence_nsec(struct dns_header *header, size_t plen, unsi
+ psave = p;
+ if (!extract_name(header, plen, &p, workspace2, 1, 10))
+ return 0;
+-
++
++ /* If NSEC comes from wildcard expansion, use original wildcard
++ as name for computation. */
++ sig_labels = *labels[i];
++ name_labels = count_labels(workspace1);
++
++ if (sig_labels < name_labels)
++ {
++ int k;
++ for (k = name_labels - sig_labels; k != 0; k--)
++ {
++ while (*workspace1 != '.' && *workspace1 != 0)
++ workspace1++;
++ if (k != 1 && *workspace1 == '.')
++ workspace1++;
++ }
++
++ workspace1--;
++ *workspace1 = '*';
++ }
++
+ rc = hostname_cmp(workspace1, name);
+
+ if (rc == 0)
+@@ -1514,24 +1539,26 @@ static int prove_non_existence_nsec3(struct dns_header *header, size_t plen, uns
+
+ static int prove_non_existence(struct dns_header *header, size_t plen, char *keyname, char *name, int qtype, int qclass, char *wildname, int *nons)
+ {
+- static unsigned char **nsecset = NULL;
+- static int nsecset_sz = 0;
++ static unsigned char **nsecset = NULL, **rrsig_labels = NULL;
++ static int nsecset_sz = 0, rrsig_labels_sz = 0;
+
+ int type_found = 0;
+- unsigned char *p = skip_questions(header, plen);
++ unsigned char *auth_start, *p = skip_questions(header, plen);
+ int type, class, rdlen, i, nsecs_found;
+
+ /* Move to NS section */
+ if (!p || !(p = skip_section(p, ntohs(header->ancount), header, plen)))
+ return 0;
++
++ auth_start = p;
+
+ for (nsecs_found = 0, i = ntohs(header->nscount); i != 0; i--)
+ {
+ unsigned char *pstart = p;
+
+- if (!(p = skip_name(p, header, plen, 10)))
++ if (!extract_name(header, plen, &p, daemon->workspacename, 1, 10))
+ return 0;
+-
++
+ GETSHORT(type, p);
+ GETSHORT(class, p);
+ p += 4; /* TTL */
+@@ -1548,7 +1575,69 @@ static int prove_non_existence(struct dns_header *header, size_t plen, char *key
+ if (!expand_workspace(&nsecset, &nsecset_sz, nsecs_found))
+ return 0;
+
+- nsecset[nsecs_found++] = pstart;
++ if (type == T_NSEC)
++ {
++ /* If we're looking for NSECs, find the corresponding SIGs, to
++ extract the labels value, which we need in case the NSECs
++ are the result of wildcard expansion.
++ Note that the NSEC may not have been validated yet
++ so if there are multiple SIGs, make sure the label value
++ is the same in all, to avoid be duped by a rogue one.
++ If there are no SIGs, that's an error */
++ unsigned char *p1 = auth_start;
++ int res, j, rdlen1, type1, class1;
++
++ if (!expand_workspace(&rrsig_labels, &rrsig_labels_sz, nsecs_found))
++ return 0;
++
++ rrsig_labels[nsecs_found] = NULL;
++
++ for (j = ntohs(header->nscount); j != 0; j--)
++ {
++ if (!(res = extract_name(header, plen, &p1, daemon->workspacename, 0, 10)))
++ return 0;
++
++ GETSHORT(type1, p1);
++ GETSHORT(class1, p1);
++ p1 += 4; /* TTL */
++ GETSHORT(rdlen1, p1);
++
++ if (!CHECK_LEN(header, p1, plen, rdlen1))
++ return 0;
++
++ if (res == 1 && class1 == qclass && type1 == T_RRSIG)
++ {
++ int type_covered;
++ unsigned char *psav = p1;
++
++ if (rdlen < 18)
++ return 0; /* bad packet */
++
++ GETSHORT(type_covered, p1);
++
++ if (type_covered == T_NSEC)
++ {
++ p1++; /* algo */
++
++ /* labels field must be the same in every SIG we find. */
++ if (!rrsig_labels[nsecs_found])
++ rrsig_labels[nsecs_found] = p1;
++ else if (*rrsig_labels[nsecs_found] != *p1) /* algo */
++ return 0;
++ }
++ p1 = psav;
++ }
++
++ if (!ADD_RDLEN(header, p1, plen, rdlen1))
++ return 0;
++ }
++
++ /* Must have found at least one sig. */
++ if (!rrsig_labels[nsecs_found])
++ return 0;
++ }
++
++ nsecset[nsecs_found++] = pstart;
+ }
+
+ if (!ADD_RDLEN(header, p, plen, rdlen))
+@@ -1556,7 +1645,7 @@ static int prove_non_existence(struct dns_header *header, size_t plen, char *key
+ }
+
+ if (type_found == T_NSEC)
+- return prove_non_existence_nsec(header, plen, nsecset, nsecs_found, daemon->workspacename, keyname, name, qtype, nons);
++ return prove_non_existence_nsec(header, plen, nsecset, rrsig_labels, nsecs_found, daemon->workspacename, keyname, name, qtype, nons);
+ else if (type_found == T_NSEC3)
+ return prove_non_existence_nsec3(header, plen, nsecset, nsecs_found, daemon->workspacename, keyname, name, qtype, wildname, nons);
+ else
+--
+2.15.1
+
diff --git a/package/dnsmasq/0002-Fix-DNSSEC-validation-errors-introduced-in-4fe6744a2.patch b/package/dnsmasq/0002-Fix-DNSSEC-validation-errors-introduced-in-4fe6744a2.patch
new file mode 100644
index 0000000000..ef28b90c58
--- /dev/null
+++ b/package/dnsmasq/0002-Fix-DNSSEC-validation-errors-introduced-in-4fe6744a2.patch
@@ -0,0 +1,29 @@
+From cd7df612b14ec1bf831a966ccaf076be0dae7404 Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Sat, 20 Jan 2018 00:10:55 +0000
+Subject: [PATCH] Fix DNSSEC validation errors introduced in
+ 4fe6744a220eddd3f1749b40cac3dfc510787de6
+
+Signed-off-by: Baruch Siach <baruch@tkos.co.il>
+---
+Upstream status: upstream commit cd7df612b14ec
+
+ src/dnssec.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/dnssec.c b/src/dnssec.c
+index a54a0b4f14cf..c47e33569f96 100644
+--- a/src/dnssec.c
++++ b/src/dnssec.c
+@@ -1610,7 +1610,7 @@ static int prove_non_existence(struct dns_header *header, size_t plen, char *key
+ int type_covered;
+ unsigned char *psav = p1;
+
+- if (rdlen < 18)
++ if (rdlen1 < 18)
+ return 0; /* bad packet */
+
+ GETSHORT(type_covered, p1);
+--
+2.15.1
+
diff --git a/package/domoticz/Config.in b/package/domoticz/Config.in
index 34bf2521a2..530027f273 100644
--- a/package/domoticz/Config.in
+++ b/package/domoticz/Config.in
@@ -3,7 +3,8 @@ config BR2_PACKAGE_DOMOTICZ
depends on BR2_USE_MMU # mosquitto
depends on BR2_TOOLCHAIN_HAS_SYNC_4 # mosquitto
depends on !BR2_STATIC_LIBS # mosquitto
- depends on BR2_TOOLCHAIN_HAS_THREADS
+ # pthread_condattr_setclock
+ depends on BR2_TOOLCHAIN_HAS_THREADS_NPTL
depends on BR2_INSTALL_LIBSTDCPP
depends on BR2_USE_WCHAR
depends on BR2_PACKAGE_LUA_5_2 || BR2_PACKAGE_LUA_5_3
@@ -26,10 +27,11 @@ config BR2_PACKAGE_DOMOTICZ
http://domoticz.com
-comment "domoticz needs lua >= 5.2 and a toolchain w/ C++, threads, wchar, dynamic library"
+comment "domoticz needs lua >= 5.2 and a toolchain w/ C++, NPTL, wchar, dynamic library"
depends on BR2_USE_MMU
depends on BR2_TOOLCHAIN_HAS_SYNC_4
- depends on !BR2_INSTALL_LIBSTDCPP || !BR2_TOOLCHAIN_HAS_THREADS || \
+ depends on !BR2_INSTALL_LIBSTDCPP || \
+ !BR2_TOOLCHAIN_HAS_THREADS_NPTL || \
!BR2_USE_WCHAR || BR2_STATIC_LIBS || \
!(BR2_PACKAGE_LUA_5_2 || BR2_PACKAGE_LUA_5_3)
diff --git a/package/dovecot/0002-lib-auth-Fix-memory-leak-in-auth_client_request_abor.patch b/package/dovecot/0002-lib-auth-Fix-memory-leak-in-auth_client_request_abor.patch
deleted file mode 100644
index babccd3acf..0000000000
--- a/package/dovecot/0002-lib-auth-Fix-memory-leak-in-auth_client_request_abor.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-From 1a29ed2f96da1be22fa5a4d96c7583aa81b8b060 Mon Sep 17 00:00:00 2001
-From: Timo Sirainen <timo.sirainen@dovecot.fi>
-Date: Mon, 18 Dec 2017 16:50:51 +0200
-Subject: [PATCH] lib-auth: Fix memory leak in auth_client_request_abort()
-
-This caused memory leaks when authentication was aborted. For example
-with IMAP:
-
-a AUTHENTICATE PLAIN
-*
-
-Broken by 9137c55411aa39d41c1e705ddc34d5bd26c65021
-
-Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
----
- src/lib-auth/auth-client-request.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/src/lib-auth/auth-client-request.c b/src/lib-auth/auth-client-request.c
-index 480fb42b3..046f7c307 100644
---- a/src/lib-auth/auth-client-request.c
-+++ b/src/lib-auth/auth-client-request.c
-@@ -186,6 +186,7 @@ void auth_client_request_abort(struct auth_client_request **_request)
-
- auth_client_send_cancel(request->conn->client, request->id);
- call_callback(request, AUTH_REQUEST_STATUS_ABORT, NULL, NULL);
-+ pool_unref(&request->pool);
- }
-
- unsigned int auth_client_request_get_id(struct auth_client_request *request)
---
-2.11.0
-
diff --git a/package/dovecot/dovecot.hash b/package/dovecot/dovecot.hash
index 33163d6d8c..fef0746089 100644
--- a/package/dovecot/dovecot.hash
+++ b/package/dovecot/dovecot.hash
@@ -1,5 +1,5 @@
# Locally computed after checking signature
-sha256 fe1e3b78609a56ee22fc209077e4b75348fa1bbd54c46f52bde2472a4c4cee84 dovecot-2.2.33.2.tar.gz
+sha256 5e92a4325409e66b343f6aaa67174b8921ce83d0df792c6eeb0b7b7e2c808353 dovecot-2.2.34.tar.gz
sha256 a363b132e494f662d98c820d1481297e6ae72f194c2c91b6c39e1518b86240a8 COPYING
sha256 dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551 COPYING.LGPL
sha256 52b8c95fabb19575281874b661ef7968ea47e8f5d74ba0dd40ce512e52b3fc97 COPYING.MIT
diff --git a/package/dovecot/dovecot.mk b/package/dovecot/dovecot.mk
index 71a76c2818..e1b4bb21b8 100644
--- a/package/dovecot/dovecot.mk
+++ b/package/dovecot/dovecot.mk
@@ -5,7 +5,7 @@
################################################################################
DOVECOT_VERSION_MAJOR = 2.2
-DOVECOT_VERSION = $(DOVECOT_VERSION_MAJOR).33.2
+DOVECOT_VERSION = $(DOVECOT_VERSION_MAJOR).34
DOVECOT_SITE = http://www.dovecot.org/releases/$(DOVECOT_VERSION_MAJOR)
DOVECOT_INSTALL_STAGING = YES
DOVECOT_LICENSE = LGPL-2.1, MIT, Public Domain, BSD-3-Clause, Unicode-DFS-2015
diff --git a/package/dropbear/Config.in b/package/dropbear/Config.in
index d92361fa39..6700778161 100644
--- a/package/dropbear/Config.in
+++ b/package/dropbear/Config.in
@@ -13,7 +13,7 @@ config BR2_PACKAGE_DROPBEAR
Alternatively, mount a persistent unionfs over your root
filesystem.
- http://matt.ucc.asn.au/dropbear/dropbear.html
+ https://matt.ucc.asn.au/dropbear/dropbear.html
if BR2_PACKAGE_DROPBEAR
diff --git a/package/dropbear/dropbear.mk b/package/dropbear/dropbear.mk
index bf7f99d975..01a1a07b76 100644
--- a/package/dropbear/dropbear.mk
+++ b/package/dropbear/dropbear.mk
@@ -5,7 +5,7 @@
################################################################################
DROPBEAR_VERSION = 2017.75
-DROPBEAR_SITE = http://matt.ucc.asn.au/dropbear/releases
+DROPBEAR_SITE = https://matt.ucc.asn.au/dropbear/releases
DROPBEAR_SOURCE = dropbear-$(DROPBEAR_VERSION).tar.bz2
DROPBEAR_LICENSE = MIT, BSD-2-Clause-like, BSD-2-Clause
DROPBEAR_LICENSE_FILES = LICENSE
diff --git a/package/e2fsprogs/0001-libext2fs-fix-build-failure-in-swapfs.c-on-big-endia.patch b/package/e2fsprogs/0001-libext2fs-fix-build-failure-in-swapfs.c-on-big-endia.patch
deleted file mode 100644
index 526157d7e9..0000000000
--- a/package/e2fsprogs/0001-libext2fs-fix-build-failure-in-swapfs.c-on-big-endia.patch
+++ /dev/null
@@ -1,41 +0,0 @@
-From 876d9b0c8eac2fd80dd62bfa1b09adea62aa08f3 Mon Sep 17 00:00:00 2001
-From: Theodore Ts'o <tytso@mit.edu>
-Date: Wed, 3 Jan 2018 01:32:02 -0500
-Subject: [PATCH] libext2fs: fix build failure in swapfs.c on big-endian
- systems
-
-Addresses-Debian-Bug: #886119
-
-Reported-by: James Clarke <jrtc27@debian.org>
-Signed-off-by: Theodore Ts'o <tytso@mit.edu>
-Signed-off-by: Baruch Siach <baruch@tkos.co.il>
----
-Patch status: upstream commit 876d9b0c8eac
-
- lib/ext2fs/swapfs.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/lib/ext2fs/swapfs.c b/lib/ext2fs/swapfs.c
-index 6e5cff97e505..b13dc4229225 100644
---- a/lib/ext2fs/swapfs.c
-+++ b/lib/ext2fs/swapfs.c
-@@ -19,6 +19,7 @@
-
- #include "ext2_fs.h"
- #include "ext2fs.h"
-+#include "ext2fsP.h"
- #include <ext2fs/ext2_ext_attr.h>
-
- #ifdef WORDS_BIGENDIAN
-@@ -358,7 +359,7 @@ void ext2fs_swap_inode_full(ext2_filsys fs, struct ext2_inode_large *t,
- if (inode_includes(inode_size, i_projid))
- t->i_projid = ext2fs_swab16(f->i_projid);
- /* catch new static fields added after i_projid */
-- EXT2FS_BUILD_BUG_ON(sizeof(ext2_inode_large) != 160);
-+ EXT2FS_BUILD_BUG_ON(sizeof(struct ext2_inode_large) != 160);
-
- i = sizeof(struct ext2_inode) + extra_isize + sizeof(__u32);
- if (bufsize < (int) i)
---
-2.15.1
-
diff --git a/package/e2fsprogs/e2fsprogs.hash b/package/e2fsprogs/e2fsprogs.hash
index da5d5f4110..3def51f95b 100644
--- a/package/e2fsprogs/e2fsprogs.hash
+++ b/package/e2fsprogs/e2fsprogs.hash
@@ -1,5 +1,5 @@
-# From https://www.kernel.org/pub/linux/kernel/people/tytso/e2fsprogs/v1.43.8/sha256sums.asc
-sha256 c0841d5fe724d49132158850f3975e886fccfcef642878dca2425a1b5d30b12a e2fsprogs-1.43.8.tar.xz
+# From https://www.kernel.org/pub/linux/kernel/people/tytso/e2fsprogs/v1.43.9/sha256sums.asc
+sha256 926f8e8de1ffba55d791f21b71334e8a32b5227257ad370f2bf7e4396629e97f e2fsprogs-1.43.9.tar.xz
# Locally calculated
sha256 680f852df303874fe9c722283a7da571ae9a0477768df8af1e363298e2adc51e NOTICE
sha256 032989b508f1a72ebee5b3417e55d06d473f9ee203e45ab11864a7e49cdec63d lib/ss/mit-sipb-copyright.h
diff --git a/package/e2fsprogs/e2fsprogs.mk b/package/e2fsprogs/e2fsprogs.mk
index e77b10f26d..99019c7317 100644
--- a/package/e2fsprogs/e2fsprogs.mk
+++ b/package/e2fsprogs/e2fsprogs.mk
@@ -4,7 +4,7 @@
#
################################################################################
-E2FSPROGS_VERSION = 1.43.8
+E2FSPROGS_VERSION = 1.43.9
E2FSPROGS_SOURCE = e2fsprogs-$(E2FSPROGS_VERSION).tar.xz
E2FSPROGS_SITE = $(BR2_KERNEL_MIRROR)/linux/kernel/people/tytso/e2fsprogs/v$(E2FSPROGS_VERSION)
E2FSPROGS_LICENSE = GPL-2.0, MIT-like with advertising clause (libss and libet)
diff --git a/package/efl/efl.hash b/package/efl/efl.hash
index 8b0543007e..5507bda3ef 100644
--- a/package/efl/efl.hash
+++ b/package/efl/efl.hash
@@ -1,2 +1,10 @@
# From https://download.enlightenment.org/rel/libs/efl/efl-1.20.6.tar.xz.sha256
sha256 56c67ea77435753a4f324a0a13488ba58f4ed7eb35a97c1a354fdc79c39a32c1 efl-1.20.6.tar.xz
+sha256 d949e42ca8fd48d275c397c5fc2ac34c9b63ada715dcaf1a670e17bb62964341 COMPLIANCE
+sha256 1f0597d326e2fdb54aa2f0caec6d8bb0afb9941ef32475f017ed02ca214fcf37 COPYING
+sha256 781ee841d15835b393bfe7d4c6497dc1b05217479abd40daceaf7aa102a758e1 licenses/COPYING.BSD
+sha256 e60d07dfb2c5264f9f405fa52bf0d4f85429dd9ae1bc2ffcff8af1924ef720d1 licenses/COPYING.FTL
+sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 licenses/COPYING.GPL
+sha256 89f79ccd2c35ba220ddeba70ee36ca867226c41fc210bc5e7f1e9032c5b16d5f licenses/COPYING.LGPL
+sha256 2996a1c43ee757f9c997a829d82bdd584052323e73cf02ff8126c6fbd95c2d87 licenses/COPYING.NGINX-MIT
+sha256 48f124212f8fc024392a2d1d011fbb96c7ab8f89c0b72c671c33e9e1cb1d0790 licenses/COPYING.SMALL
diff --git a/package/efl/efl.mk b/package/efl/efl.mk
index 5a82479ff5..7085796756 100644
--- a/package/efl/efl.mk
+++ b/package/efl/efl.mk
@@ -7,7 +7,7 @@
EFL_VERSION = 1.20.6
EFL_SOURCE = efl-$(EFL_VERSION).tar.xz
EFL_SITE = http://download.enlightenment.org/rel/libs/efl
-EFL_LICENSE = BSD-2-Clause, LGPL-2.1+, GPL-2.0+
+EFL_LICENSE = BSD-2-Clause, LGPL-2.1+, GPL-2.0+, FTL, MIT
EFL_LICENSE_FILES = \
COMPLIANCE \
COPYING \
@@ -15,6 +15,7 @@ EFL_LICENSE_FILES = \
licenses/COPYING.FTL \
licenses/COPYING.GPL \
licenses/COPYING.LGPL \
+ licenses/COPYING.NGINX-MIT \
licenses/COPYING.SMALL
EFL_INSTALL_STAGING = YES
diff --git a/package/erlang/Config.in b/package/erlang/Config.in
index 96af5516fd..bf745555e8 100644
--- a/package/erlang/Config.in
+++ b/package/erlang/Config.in
@@ -1,9 +1,16 @@
+config BR2_PACKAGE_HOST_ERLANG_ARCH_SUPPORTS
+ bool
+ default y if BR2_HOSTARCH = "x86_64"
+ default y if BR2_HOSTARCH = "x86"
+
config BR2_PACKAGE_ERLANG_ARCH_SUPPORTS
bool
# see HOWTO/INSTALL.md for Erlang's supported platforms
# when using its native atomic ops implementation
default y if BR2_i386 || BR2_x86_64 || BR2_powerpc || \
BR2_sparc_v9 || BR2_arm || BR2_aarch64 || BR2_mipsel
+ # erlang needs host-erlang
+ depends on BR2_PACKAGE_HOST_ERLANG_ARCH_SUPPORTS
comment "erlang needs a toolchain w/ dynamic library"
depends on BR2_USE_MMU # fork()
diff --git a/package/exim/0005-Fix-base64d-buffer-size-CVE-2018-6789.patch b/package/exim/0005-Fix-base64d-buffer-size-CVE-2018-6789.patch
new file mode 100644
index 0000000000..1811a7ff98
--- /dev/null
+++ b/package/exim/0005-Fix-base64d-buffer-size-CVE-2018-6789.patch
@@ -0,0 +1,37 @@
+From 062990cc1b2f9e5d82a413b53c8f0569075de700 Mon Sep 17 00:00:00 2001
+From: "Heiko Schlittermann (HS12-RIPE)" <hs@schlittermann.de>
+Date: Mon, 5 Feb 2018 22:23:32 +0100
+Subject: [PATCH] Fix base64d() buffer size (CVE-2018-6789)
+
+Credits for discovering this bug: Meh Chang <meh@devco.re>
+
+[Peter: Drop ChangeLog change, fix path]
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+---
+ src/base64.c | 8 ++++++--
+ 1 file changed, 6 insertions(+), 2 deletions(-)
+
+diff --git a/src/base64.c b/src/base64.c
+index f6f187f0..e58ca6c7 100644
+--- a/src/base64.c
++++ b/src/base64.c
+@@ -152,10 +152,14 @@ static uschar dec64table[] = {
+ int
+ b64decode(const uschar *code, uschar **ptr)
+ {
++
+ int x, y;
+-uschar *result = store_get(3*(Ustrlen(code)/4) + 1);
++uschar *result;
+
+-*ptr = result;
++{
++ int l = Ustrlen(code);
++ *ptr = result = store_get(1 + l/4 * 3 + l%4);
++}
+
+ /* Each cycle of the loop handles a quantum of 4 input bytes. For the last
+ quantum this may decode to 1, 2, or 3 output bytes. */
+--
+2.11.0
+
diff --git a/package/ffmpeg/0002-ffmpeg-pthreads.patch b/package/ffmpeg/0002-ffmpeg-pthreads.patch
new file mode 100644
index 0000000000..c6d75d2297
--- /dev/null
+++ b/package/ffmpeg/0002-ffmpeg-pthreads.patch
@@ -0,0 +1,34 @@
+From patchwork Wed Oct 25 13:32:36 2017
+Content-Type: text/plain; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 7bit
+Subject: [FFmpeg-devel] configure: v4l2_m2m depends on pthreads
+From: Mark Thompson <sw@jkqxz.net>
+X-Patchwork-Id: 5688
+Message-Id: <27e5b360-1210-d550-c8de-a761f8e9f326@jkqxz.net>
+To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
+Date: Wed, 25 Oct 2017 14:32:36 +0100
+
+Fixes build with --disable-pthreads.
+
+Downloaded from upstream patchworks:
+https://patchwork.ffmpeg.org/patch/5688/
+
+Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
+---
+ configure | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/configure b/configure
+index c86e578..76523c8 100755
+--- a/configure
++++ b/configure
+@@ -2780,7 +2780,7 @@ omx_rpi_select="omx"
+ qsvdec_select="qsv"
+ qsvenc_select="qsv"
+ vaapi_encode_deps="vaapi"
+-v4l2_m2m_deps_any="linux_videodev2_h"
++v4l2_m2m_deps="linux_videodev2_h pthreads"
+
+ hwupload_cuda_filter_deps="cuda"
+ scale_npp_filter_deps="cuda libnpp"
diff --git a/package/gconf/Config.in b/package/gconf/Config.in
index a967d61644..a2371b3f23 100644
--- a/package/gconf/Config.in
+++ b/package/gconf/Config.in
@@ -9,9 +9,9 @@ config BR2_PACKAGE_GCONF
select BR2_PACKAGE_LIBGLIB2
select BR2_PACKAGE_LIBXML2
help
- GConf was a system used by the GNOME desktop environment for storing
- configuration settings for the desktop and applications. It is similar
- to the Windows Registry.
+ GConf was a system used by the GNOME desktop environment for
+ storing configuration settings for the desktop and
+ applications. It is similar to the Windows Registry.
https://projects.gnome.org/gconf/
diff --git a/package/gpsd/Config.in b/package/gpsd/Config.in
index d9ab7b7dba..849d22ffa7 100644
--- a/package/gpsd/Config.in
+++ b/package/gpsd/Config.in
@@ -38,6 +38,8 @@ config BR2_PACKAGE_GPSD_PROFILING
bool "profiling support"
depends on BR2_TOOLCHAIN_USES_GLIBC
depends on !BR2_aarch64
+ # Needs glibc for ARC arc-2018.03-eng007+ for correct __mcount linking
+ depends on !BR2_arc
comment "profiling support not available with uClibc-based toolchain"
depends on !BR2_TOOLCHAIN_USES_GLIBC
diff --git a/package/jq/jq.mk b/package/jq/jq.mk
index aecdba2280..79629faa5e 100644
--- a/package/jq/jq.mk
+++ b/package/jq/jq.mk
@@ -11,8 +11,10 @@ JQ_LICENSE_FILES = COPYING
JQ_INSTALL_STAGING = YES
# uses c99 specific features
-JQ_CONF_ENV += CFLAGS="$(TARGET_CFLAGS) -std=c99"
-HOST_JQ_CONF_ENV += CFLAGS="$(HOST_CFLAGS) -std=c99"
+# _GNU_SOURCE added to fix gcc6+ host compilation
+# (https://github.com/stedolan/jq/issues/1598)
+JQ_CONF_ENV += CFLAGS="$(TARGET_CFLAGS) -std=c99 -D_GNU_SOURCE"
+HOST_JQ_CONF_ENV += CFLAGS="$(HOST_CFLAGS) -std=c99 -D_GNU_SOURCE"
# jq explicitly enables maintainer mode, which we don't need/want
JQ_CONF_OPTS += --disable-maintainer-mode
diff --git a/package/keepalived/0001-Fix-build-with-Linux-kernel-headers-v4.15.patch b/package/keepalived/0001-Fix-build-with-Linux-kernel-headers-v4.15.patch
new file mode 100644
index 0000000000..b5f21cb40a
--- /dev/null
+++ b/package/keepalived/0001-Fix-build-with-Linux-kernel-headers-v4.15.patch
@@ -0,0 +1,59 @@
+From 15f93dd90484532e25c8f3e43fb34a361a79d7f2 Mon Sep 17 00:00:00 2001
+From: Baruch Siach <baruch@tkos.co.il>
+Date: Fri, 9 Feb 2018 11:55:19 +0200
+Subject: [PATCH] Fix build with Linux kernel headers v4.15
+
+Linux kernel version 4.15 changed the libc/kernel headers suppression
+logic in a way that introduces collisions:
+
+In file included from ./../include/vrrp_ipaddress.h:32:0,
+ from ./../include/vrrp_arp.h:31,
+ from vrrp.c:29:
+/home/peko/autobuild/instance-1/output/host/arc-buildroot-linux-uclibc/sysroot/usr/include/linux/in.h:29:3: error: redeclaration of enumerator 'IPPROTO_IP'
+ IPPROTO_IP = 0, /* Dummy protocol for TCP */
+ ^
+/home/peko/autobuild/instance-1/output/host/arc-buildroot-linux-uclibc/sysroot/usr/include/netinet/in.h:33:5: note: previous definition of 'IPPROTO_IP' was here
+ IPPROTO_IP = 0, /* Dummy protocol for TCP. */
+ ^~~~~~~~~~
+
+Include the libc netinet/in.h header first to suppress the kernel
+header.
+
+In addition, add _GNU_SOURCE to vrrp.c for the libc provided in6_pktinfo
+definition.
+
+Signed-off-by: Baruch Siach <baruch@tkos.co.il>
+---
+Upstream status: https://github.com/acassen/keepalived/pull/777
+
+ keepalived/include/vrrp_arp.h | 1 +
+ keepalived/vrrp/vrrp.c | 1 +
+ 2 files changed, 2 insertions(+)
+
+diff --git a/keepalived/include/vrrp_arp.h b/keepalived/include/vrrp_arp.h
+index 77a26c450b12..a103ab075c1d 100644
+--- a/keepalived/include/vrrp_arp.h
++++ b/keepalived/include/vrrp_arp.h
+@@ -24,6 +24,7 @@
+ #define _VRRP_ARP_H
+
+ /* system includes */
++#include <netinet/in.h>
+ #include <net/ethernet.h>
+ #include <net/if_arp.h>
+
+diff --git a/keepalived/vrrp/vrrp.c b/keepalived/vrrp/vrrp.c
+index 3d2bfe41ab4f..435a4b54b2a9 100644
+--- a/keepalived/vrrp/vrrp.c
++++ b/keepalived/vrrp/vrrp.c
+@@ -26,6 +26,7 @@
+ #include "config.h"
+
+ /* local include */
++#define _GNU_SOURCE
+ #include "vrrp_arp.h"
+ #include "vrrp_ndisc.h"
+ #include "vrrp_scheduler.h"
+--
+2.15.1
+
diff --git a/package/libcpprestsdk/0004-libcpprestsdk-fix-building-as-a-static-library.patch b/package/libcpprestsdk/0004-libcpprestsdk-fix-building-as-a-static-library.patch
new file mode 100644
index 0000000000..de900178d5
--- /dev/null
+++ b/package/libcpprestsdk/0004-libcpprestsdk-fix-building-as-a-static-library.patch
@@ -0,0 +1,38 @@
+From 8a9c3db14a390c0a8788405e52e9b8737a430191 Mon Sep 17 00:00:00 2001
+From: Adam Duskett <aduskett@gmail.com>
+Date: Mon, 12 Feb 2018 07:49:34 -0500
+Subject: [PATCH] libcpprestsdk: fix building as a static library
+
+Use pkg-config to find OpenSSL. This will automatically find any
+dependent libraries and put them in the correct order for linking.
+
+Upstream status: submitted
+https://github.com/Microsoft/cpprestsdk/pull/688
+
+Signed-off-by: Adam Duskett <aduskett@gmail.com>
+---
+ Release/cmake/cpprest_find_openssl.cmake | 10 +++++++---
+ 1 file changed, 7 insertions(+), 3 deletions(-)
+
+diff --git a/Release/cmake/cpprest_find_openssl.cmake b/Release/cmake/cpprest_find_openssl.cmake
+index 0b49a7e..2be8afb 100644
+--- a/Release/cmake/cpprest_find_openssl.cmake
++++ b/Release/cmake/cpprest_find_openssl.cmake
+@@ -41,8 +41,12 @@ function(cpprest_find_openssl)
+ # This should prevent linking against the system provided 0.9.8y
+ set(_OPENSSL_VERSION "")
+ endif()
+- find_package(OpenSSL 1.0.0 REQUIRED)
+-
++ if(UNIX)
++ find_package(PkgConfig REQUIRED)
++ pkg_search_module(OPENSSL openssl REQUIRED)
++ else()
++ find_package(OpenSSL 1.0.0 REQUIRED)
++ endif()
+ INCLUDE(CheckCXXSourceCompiles)
+ set(CMAKE_REQUIRED_INCLUDES "${OPENSSL_INCLUDE_DIR}")
+ set(CMAKE_REQUIRED_LIBRARIES "${OPENSSL_LIBRARIES}")
+--
+2.14.3
+
diff --git a/package/libcpprestsdk/libcpprestsdk.mk b/package/libcpprestsdk/libcpprestsdk.mk
index 4aafa6e593..4d30f07c39 100644
--- a/package/libcpprestsdk/libcpprestsdk.mk
+++ b/package/libcpprestsdk/libcpprestsdk.mk
@@ -9,7 +9,7 @@ LIBCPPRESTSDK_SITE = $(call github,Microsoft,cpprestsdk,$(LIBCPPRESTSDK_VERSION)
LIBCPPRESTSDK_LICENSE = MIT
LIBCPPRESTSDK_LICENSE_FILES = license.txt
LIBCPPRESTSDK_SUBDIR = Release
-LIBCPPRESTSDK_DEPENDENCIES += boost openssl zlib
+LIBCPPRESTSDK_DEPENDENCIES += host-pkgconf boost openssl zlib
LIBCPPRESTSDK_CONF_OPTS = -DWERROR=OFF
$(eval $(cmake-package))
diff --git a/package/libglib2/libglib2.mk b/package/libglib2/libglib2.mk
index b13da333d8..097c980393 100644
--- a/package/libglib2/libglib2.mk
+++ b/package/libglib2/libglib2.mk
@@ -42,8 +42,6 @@ LIBGLIB2_CONF_ENV = \
jm_cv_func_nanosleep_works=yes \
gl_cv_func_working_utimes=yes \
ac_cv_func_utime_null=yes \
- ac_cv_have_decl_strerror_r=yes \
- ac_cv_func_strerror_r_char_p=no \
jm_cv_func_svid_putenv=yes \
ac_cv_func_getcwd_null=yes \
ac_cv_func_getdelim=yes \
diff --git a/package/libgpiod/libgpiod.hash b/package/libgpiod/libgpiod.hash
index a98e138fa4..b29e12ebd2 100644
--- a/package/libgpiod/libgpiod.hash
+++ b/package/libgpiod/libgpiod.hash
@@ -1,2 +1,4 @@
# From https://www.kernel.org/pub/software/libs/libgpiod/sha256sums.asc
sha256 34c76b3730b9d4a1159bcb14000f78b1e890251b8a3823b794fa930654eabdd0 libgpiod-1.0.tar.xz
+# Hash for license file
+sha256 ce64d5f7b49ea6d80fdb6d4cdee6839d1a94274f7493dc797c3b55b65ec8e9ed COPYING
diff --git a/package/libmaxminddb/0001-Add-disable-binaries.patch b/package/libmaxminddb/0001-Add-disable-binaries.patch
new file mode 100644
index 0000000000..0053cace71
--- /dev/null
+++ b/package/libmaxminddb/0001-Add-disable-binaries.patch
@@ -0,0 +1,53 @@
+From 501f85fa729d08b90f0e1ff6f9378a0864f722a7 Mon Sep 17 00:00:00 2001
+From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+Date: Fri, 2 Feb 2018 13:19:18 +0100
+Subject: [PATCH] Add --disable-binaries
+
+mmdblookup now depends on pthread.h which can be disabled on some
+toolchains so add an option to be able to compile libmaxminddb without
+this binary
+
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+---
+ Makefile.am | 6 +++++-
+ configure.ac | 6 ++++++
+ 2 files changed, 11 insertions(+), 1 deletion(-)
+
+diff --git a/Makefile.am b/Makefile.am
+index cebcd31..cfbfd77 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -4,8 +4,12 @@ include_HEADERS = include/maxminddb.h
+ nodist_include_HEADERS = include/maxminddb_config.h
+
+ SUBDIRS = \
+- src \
++ src
++
++if BINARIES
++SUBDIRS += \
+ bin
++endif
+
+ if TESTS
+ SUBDIRS += \
+diff --git a/configure.ac b/configure.ac
+index c494746..4d1beb4 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -119,6 +119,12 @@ AC_ARG_ENABLE(
+ esac],[debug=false])
+ AM_CONDITIONAL([DEBUG], [test x$debug = xtrue])
+
++AC_ARG_ENABLE([binaries],
++ AS_HELP_STRING([--enable-binaries], [Compilation of binaries code]),
++ [enable_binaries=${enableval}],
++ [enable_binaries=yes])
++AM_CONDITIONAL([BINARIES], [test "${enable_binaries}" = "yes"])
++
+ AC_ARG_ENABLE([tests],
+ AS_HELP_STRING([--enable-tests], [Compilation of tests code]),
+ [enable_tests=${enableval}],
+--
+2.7.4
+
diff --git a/package/libmaxminddb/libmaxminddb.mk b/package/libmaxminddb/libmaxminddb.mk
index 4d4f582c21..25d4d3378f 100644
--- a/package/libmaxminddb/libmaxminddb.mk
+++ b/package/libmaxminddb/libmaxminddb.mk
@@ -13,4 +13,11 @@ LIBMAXMINDDB_LICENSE_FILES = LICENSE
LIBMAXMINDDB_AUTORECONF = YES
LIBMAXMINDDB_CONF_OPTS = --disable-tests
+# mmdblookup binary depends on pthreads
+ifeq ($(BR2_TOOLCHAIN_HAS_THREADS),y)
+LIBMAXMINDDB_CONF_OPTS += --enable-binaries
+else
+LIBMAXMINDDB_CONF_OPTS += --disable-binaries
+endif
+
$(eval $(autotools-package))
diff --git a/package/librsvg/librsvg.hash b/package/librsvg/librsvg.hash
index 9ab798120f..6f4b07423a 100644
--- a/package/librsvg/librsvg.hash
+++ b/package/librsvg/librsvg.hash
@@ -1,2 +1,2 @@
-# From http://ftp.gnome.org/pub/gnome/sources/librsvg/2.40/librsvg-2.40.18.sha256sum
-sha256 bfc8c488c89c1e7212c478beb95c41b44701636125a3e6dab41187f1485b564c librsvg-2.40.18.tar.xz
+# From http://ftp.gnome.org/pub/gnome/sources/librsvg/2.40/librsvg-2.40.20.sha256sum
+sha256 cff4dd3c3b78bfe99d8fcfad3b8ba1eee3289a0823c0e118d78106be6b84c92b librsvg-2.40.20.tar.xz
diff --git a/package/librsvg/librsvg.mk b/package/librsvg/librsvg.mk
index c8afdfd69f..4f563ce6db 100644
--- a/package/librsvg/librsvg.mk
+++ b/package/librsvg/librsvg.mk
@@ -5,7 +5,7 @@
################################################################################
LIBRSVG_VERSION_MAJOR = 2.40
-LIBRSVG_VERSION = $(LIBRSVG_VERSION_MAJOR).18
+LIBRSVG_VERSION = $(LIBRSVG_VERSION_MAJOR).20
LIBRSVG_SITE = http://ftp.gnome.org/pub/gnome/sources/librsvg/$(LIBRSVG_VERSION_MAJOR)
LIBRSVG_SOURCE = librsvg-$(LIBRSVG_VERSION).tar.xz
LIBRSVG_INSTALL_STAGING = YES
diff --git a/package/libtasn1/libtasn1.hash b/package/libtasn1/libtasn1.hash
index 699c14050a..9ed7a7a42c 100644
--- a/package/libtasn1/libtasn1.hash
+++ b/package/libtasn1/libtasn1.hash
@@ -1,2 +1,6 @@
# Locally calculated after checking pgp signature
-sha256 6753da2e621257f33f5b051cc114d417e5206a0818fe0b1ecfd6153f70934753 libtasn1-4.12.tar.gz
+# https://ftp.gnu.org/gnu/libtasn1/libtasn1-4.13.tar.gz.sig
+sha256 7e528e8c317ddd156230c4e31d082cd13e7ddeb7a54824be82632209550c8cca libtasn1-4.13.tar.gz
+# Locally calculated
+sha256 8ceb4b9ee5adedde47b31e975c1d90c73ad27b6b165a1dcd80c7c545eb65b903 COPYING
+sha256 dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551 COPYING.LIB
diff --git a/package/libtasn1/libtasn1.mk b/package/libtasn1/libtasn1.mk
index b34a3b63f0..f14d57abd3 100644
--- a/package/libtasn1/libtasn1.mk
+++ b/package/libtasn1/libtasn1.mk
@@ -4,7 +4,7 @@
#
################################################################################
-LIBTASN1_VERSION = 4.12
+LIBTASN1_VERSION = 4.13
LIBTASN1_SITE = $(BR2_GNU_MIRROR)/libtasn1
LIBTASN1_DEPENDENCIES = host-bison
LIBTASN1_LICENSE = GPL-3.0+ (tests, tools), LGPL-2.1+ (library)
diff --git a/package/libv4l/0002-keytable-fix-EVIOCSCLOCKID-related-compile-failure.patch b/package/libv4l/0002-keytable-fix-EVIOCSCLOCKID-related-compile-failure.patch
new file mode 100644
index 0000000000..656008b708
--- /dev/null
+++ b/package/libv4l/0002-keytable-fix-EVIOCSCLOCKID-related-compile-failure.patch
@@ -0,0 +1,35 @@
+From 663b7be9d27c979c914011a3ce707e227987bc59 Mon Sep 17 00:00:00 2001
+From: Peter Seiderer <ps.report@gmx.net>
+Date: Sat, 3 Feb 2018 22:47:18 +0100
+Subject: [PATCH] keytable: fix EVIOCSCLOCKID related compile failure
+
+Fixes:
+
+ keytable.c: In function 'test_event':
+ keytable.c:1351:12: error: 'EVIOCSCLOCKID' undeclared (first use in this function)
+ ioctl(fd, EVIOCSCLOCKID, &mode);
+ ^~~~~~~~~~~~~
+
+Signed-off-by: Peter Seiderer <ps.report@gmx.net>
+---
+ utils/keytable/keytable.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/utils/keytable/keytable.c b/utils/keytable/keytable.c
+index 34a1522e..925eab00 100644
+--- a/utils/keytable/keytable.c
++++ b/utils/keytable/keytable.c
+@@ -55,6 +55,10 @@ struct input_keymap_entry_v2 {
+ u_int8_t scancode[32];
+ };
+
++#ifndef EVIOCSCLOCKID
++#define EVIOCSCLOCKID _IOW('E', 0xa0, int)
++#endif
++
+ #ifndef EVIOCGKEYCODE_V2
+ #define EVIOCGKEYCODE_V2 _IOR('E', 0x04, struct input_keymap_entry_v2)
+ #define EVIOCSKEYCODE_V2 _IOW('E', 0x04, struct input_keymap_entry_v2)
+--
+2.16.1
+
diff --git a/package/libv4l/0003-libdvbv5-add-optional-copy-of-TEMP_FAILURE_RETRY-mac.patch b/package/libv4l/0003-libdvbv5-add-optional-copy-of-TEMP_FAILURE_RETRY-mac.patch
new file mode 100644
index 0000000000..cd22be15c4
--- /dev/null
+++ b/package/libv4l/0003-libdvbv5-add-optional-copy-of-TEMP_FAILURE_RETRY-mac.patch
@@ -0,0 +1,39 @@
+From abfe3e7b2b4af1de9b891f3a7a996b70533b0a27 Mon Sep 17 00:00:00 2001
+From: Peter Seiderer <ps.report@gmx.net>
+Date: Sun, 4 Mar 2018 09:07:51 +0100
+Subject: [PATCH] libdvbv5: add optional copy of TEMP_FAILURE_RETRY macro (fix
+ musl compile)
+
+Fixes:
+
+ ../../lib/libdvbv5/.libs/libdvbv5.so: undefined reference to `TEMP_FAILURE_RETRY'
+
+[Upstream: https://www.mail-archive.com/linux-media@vger.kernel.org/msg127134.html]
+Signed-off-by: Peter Seiderer <ps.report@gmx.net>
+---
+ lib/libdvbv5/dvb-dev-local.c | 9 +++++++++
+ 1 file changed, 9 insertions(+)
+
+diff --git a/lib/libdvbv5/dvb-dev-local.c b/lib/libdvbv5/dvb-dev-local.c
+index 8bc99d1..7a76d65 100644
+--- a/lib/libdvbv5/dvb-dev-local.c
++++ b/lib/libdvbv5/dvb-dev-local.c
+@@ -44,6 +44,15 @@
+ # define _(string) string
+ #endif
+
++/* taken from glibc unistd.h */
++#ifndef TEMP_FAILURE_RETRY
++#define TEMP_FAILURE_RETRY(expression) \
++ ({ long int __result; \
++ do __result = (long int) (expression); \
++ while (__result == -1L && errno == EINTR); \
++ __result; })
++#endif
++
+ struct dvb_dev_local_priv {
+ dvb_dev_change_t notify_dev_change;
+
+--
+2.16.2
+
diff --git a/package/libvorbis/0001-CVE-2017-14633-Don-t-allow-for-more-than-256-channel.patch b/package/libvorbis/0001-CVE-2017-14633-Don-t-allow-for-more-than-256-channel.patch
new file mode 100644
index 0000000000..416aa66ddf
--- /dev/null
+++ b/package/libvorbis/0001-CVE-2017-14633-Don-t-allow-for-more-than-256-channel.patch
@@ -0,0 +1,36 @@
+From a79ec216cd119069c68b8f3542c6a425a74ab993 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Guido=20G=C3=BCnther?= <agx@sigxcpu.org>
+Date: Tue, 31 Oct 2017 18:32:46 +0100
+Subject: [PATCH] CVE-2017-14633: Don't allow for more than 256 channels
+
+Otherwise
+
+ for(i=0;i<vi->channels;i++){
+ /* the encoder setup assumes that all the modes used by any
+ specific bitrate tweaking use the same floor */
+ int submap=info->chmuxlist[i];
+
+overreads later in mapping0_forward since chmuxlist is a fixed array of
+256 elements max.
+
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+---
+ lib/info.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/lib/info.c b/lib/info.c
+index fe759ed..7bc4ea4 100644
+--- a/lib/info.c
++++ b/lib/info.c
+@@ -588,7 +588,7 @@ int vorbis_analysis_headerout(vorbis_dsp_state *v,
+ oggpack_buffer opb;
+ private_state *b=v->backend_state;
+
+- if(!b||vi->channels<=0){
++ if(!b||vi->channels<=0||vi->channels>256){
+ ret=OV_EFAULT;
+ goto err_out;
+ }
+--
+2.11.0
+
diff --git a/package/libvorbis/0002-CVE-2017-14632-vorbis_analysis_header_out-Don-t-clea.patch b/package/libvorbis/0002-CVE-2017-14632-vorbis_analysis_header_out-Don-t-clea.patch
new file mode 100644
index 0000000000..ffb4cc92f2
--- /dev/null
+++ b/package/libvorbis/0002-CVE-2017-14632-vorbis_analysis_header_out-Don-t-clea.patch
@@ -0,0 +1,56 @@
+From c1c2831fc7306d5fbd7bc800324efd12b28d327f Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Guido=20G=C3=BCnther?= <agx@sigxcpu.org>
+Date: Wed, 15 Nov 2017 18:22:59 +0100
+Subject: [PATCH] CVE-2017-14632: vorbis_analysis_header_out: Don't clear opb
+ if not initialized
+
+If the number of channels is not within the allowed range
+we call oggback_writeclear altough it's not initialized yet.
+
+This fixes
+
+ =23371== Invalid free() / delete / delete[] / realloc()
+ ==23371== at 0x4C2CE1B: free (vg_replace_malloc.c:530)
+ ==23371== by 0x829CA31: oggpack_writeclear (in /usr/lib/x86_64-linux-gnu/libogg.so.0.8.2)
+ ==23371== by 0x84B96EE: vorbis_analysis_headerout (info.c:652)
+ ==23371== by 0x9FBCBCC: ??? (in /usr/lib/x86_64-linux-gnu/sox/libsox_fmt_vorbis.so)
+ ==23371== by 0x4E524F1: ??? (in /usr/lib/x86_64-linux-gnu/libsox.so.2.0.1)
+ ==23371== by 0x4E52CCA: sox_open_write (in /usr/lib/x86_64-linux-gnu/libsox.so.2.0.1)
+ ==23371== by 0x10D82A: open_output_file (sox.c:1556)
+ ==23371== by 0x10D82A: process (sox.c:1753)
+ ==23371== by 0x10D82A: main (sox.c:3012)
+ ==23371== Address 0x68768c8 is 488 bytes inside a block of size 880 alloc'd
+ ==23371== at 0x4C2BB1F: malloc (vg_replace_malloc.c:298)
+ ==23371== by 0x4C2DE9F: realloc (vg_replace_malloc.c:785)
+ ==23371== by 0x4E545C2: lsx_realloc (in /usr/lib/x86_64-linux-gnu/libsox.so.2.0.1)
+ ==23371== by 0x9FBC9A0: ??? (in /usr/lib/x86_64-linux-gnu/sox/libsox_fmt_vorbis.so)
+ ==23371== by 0x4E524F1: ??? (in /usr/lib/x86_64-linux-gnu/libsox.so.2.0.1)
+ ==23371== by 0x4E52CCA: sox_open_write (in /usr/lib/x86_64-linux-gnu/libsox.so.2.0.1)
+ ==23371== by 0x10D82A: open_output_file (sox.c:1556)
+ ==23371== by 0x10D82A: process (sox.c:1753)
+ ==23371== by 0x10D82A: main (sox.c:3012)
+
+as seen when using the testcase from CVE-2017-11333 with
+008d23b782be09c8d75ba8190b1794abd66c7121 applied. However the error was
+there before.
+
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+---
+ lib/info.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/lib/info.c b/lib/info.c
+index 7bc4ea4..8d0b2ed 100644
+--- a/lib/info.c
++++ b/lib/info.c
+@@ -589,6 +589,7 @@ int vorbis_analysis_headerout(vorbis_dsp_state *v,
+ private_state *b=v->backend_state;
+
+ if(!b||vi->channels<=0||vi->channels>256){
++ b = NULL;
+ ret=OV_EFAULT;
+ goto err_out;
+ }
+--
+2.11.0
+
diff --git a/package/libxml2/0001-CVE-2017-8872.patch b/package/libxml2/0001-CVE-2017-8872.patch
new file mode 100644
index 0000000000..b7a75c19a7
--- /dev/null
+++ b/package/libxml2/0001-CVE-2017-8872.patch
@@ -0,0 +1,33 @@
+From 8b329effb610f4138e4e680f6a6867570f6d6179 Mon Sep 17 00:00:00 2001
+From: Baruch Siach <baruch@tkos.co.il>
+Date: Fri, 9 Feb 2018 10:58:11 +0200
+Subject: [PATCH] CVE-2017-8872
+
+Taken from attachment to upstream bug report comment #9.
+
+https://bugzilla.gnome.org/show_bug.cgi?id=775200#c9
+https://bugzilla.gnome.org/attachment.cgi?id=366193&action=diff
+
+Signed-off-by: Baruch Siach <baruch@tkos.co.il>
+---
+ parser.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/parser.c b/parser.c
+index 1c5e036ea265..025111067ae8 100644
+--- a/parser.c
++++ b/parser.c
+@@ -12467,6 +12467,10 @@ xmlHaltParser(xmlParserCtxtPtr ctxt) {
+ ctxt->input->cur = BAD_CAST"";
+ ctxt->input->base = ctxt->input->cur;
+ ctxt->input->end = ctxt->input->cur;
++ if (ctxt->input->buf)
++ xmlBufEmpty (ctxt->input->buf->buffer);
++ else
++ ctxt->input->length = 0;
+ }
+ }
+
+--
+2.15.1
+
diff --git a/package/lightning/lightning.hash b/package/lightning/lightning.hash
index 4805686e98..8e78ef4f81 100644
--- a/package/lightning/lightning.hash
+++ b/package/lightning/lightning.hash
@@ -1,2 +1,3 @@
# Locally computed
-sha256 1fa3a2421852598b3162d6765645bb3cd0fccb5f0c105d0800c64c8428b749a6 lightning-2.1.0.tar.gz
+sha256 9b289ed1c977602f9282da507db2e980dcfb5207ee8bd2501536a6852a157a69 lightning-2.1.2.tar.gz
+sha256 a853c2ffec17057872340eee242ae4d96cbf2b520ae27d903e1b2fef1a5f9d1c COPYING.LESSER
diff --git a/package/lightning/lightning.mk b/package/lightning/lightning.mk
index 2b4931becc..b93946146d 100644
--- a/package/lightning/lightning.mk
+++ b/package/lightning/lightning.mk
@@ -4,7 +4,7 @@
#
################################################################################
-LIGHTNING_VERSION = 2.1.0
+LIGHTNING_VERSION = 2.1.2
LIGHTNING_SITE = $(BR2_GNU_MIRROR)/lightning
LIGHTNING_LICENSE = LGPL-3.0+
LIGHTNING_LICENSE_FILES = COPYING.LESSER
diff --git a/package/linux-headers/Config.in.host b/package/linux-headers/Config.in.host
index 069e31de24..d74f267a2e 100644
--- a/package/linux-headers/Config.in.host
+++ b/package/linux-headers/Config.in.host
@@ -240,14 +240,14 @@ endchoice
config BR2_DEFAULT_KERNEL_HEADERS
string
- default "3.2.98" if BR2_KERNEL_HEADERS_3_2
+ default "3.2.99" if BR2_KERNEL_HEADERS_3_2
default "4.1.49" if BR2_KERNEL_HEADERS_4_1
- default "4.4.115" if BR2_KERNEL_HEADERS_4_4
- default "4.9.80" if BR2_KERNEL_HEADERS_4_9
+ default "4.4.119" if BR2_KERNEL_HEADERS_4_4
+ default "4.9.86" if BR2_KERNEL_HEADERS_4_9
default "4.10.17" if BR2_KERNEL_HEADERS_4_10
default "4.11.12" if BR2_KERNEL_HEADERS_4_11
default "4.12.14" if BR2_KERNEL_HEADERS_4_12
default "4.13.16" if BR2_KERNEL_HEADERS_4_13
- default "4.14.17" if BR2_KERNEL_HEADERS_4_14
- default "4.15.1" if BR2_KERNEL_HEADERS_4_15
+ default "4.14.24" if BR2_KERNEL_HEADERS_4_14
+ default "4.15.7" if BR2_KERNEL_HEADERS_4_15
default BR2_DEFAULT_KERNEL_VERSION if BR2_KERNEL_HEADERS_VERSION
diff --git a/package/ltp-testsuite/ltp-testsuite.mk b/package/ltp-testsuite/ltp-testsuite.mk
index 5e0b35d12a..c47f587836 100644
--- a/package/ltp-testsuite/ltp-testsuite.mk
+++ b/package/ltp-testsuite/ltp-testsuite.mk
@@ -40,6 +40,13 @@ else
LTP_TESTSUITE_CONF_ENV += ac_cv_lib_cap_cap_compare=no
endif
+# No explicit enable/disable options
+ifeq ($(BR2_PACKAGE_NUMACTL),y)
+LTP_TESTSUITE_DEPENDENCIES += numactl
+else
+LTP_TESTSUITE_CONF_ENV += have_numa_headers=no
+endif
+
# ltp-testsuite uses <fts.h>, which isn't compatible with largefile
# support.
LTP_TESTSUITE_CFLAGS = $(filter-out -D_FILE_OFFSET_BITS=64,$(TARGET_CFLAGS))
diff --git a/package/mariadb/mariadb.hash b/package/mariadb/mariadb.hash
index f8e1c6ce10..cc1e353ab7 100644
--- a/package/mariadb/mariadb.hash
+++ b/package/mariadb/mariadb.hash
@@ -1,5 +1,5 @@
-# From https://downloads.mariadb.org/mariadb/10.1.30/
-sha256 173a5e5a24819e0a469c3bd09b5c98491676c37c6095882a2ea34c5af0996c88 mariadb-10.1.30.tar.gz
+# From https://downloads.mariadb.org/mariadb/10.1.31/
+sha256 ab7641c2fe4e5289da6141766a9c3350e013def56fafd6f1377080bc8048b2e6 mariadb-10.1.31.tar.gz
# Hash for license files
sha256 69ce89a0cadbe35a858398c258be93c388715e84fc0ca04e5a1fd1aa9770dd3a README
diff --git a/package/mariadb/mariadb.mk b/package/mariadb/mariadb.mk
index b406692b47..54eafc1702 100644
--- a/package/mariadb/mariadb.mk
+++ b/package/mariadb/mariadb.mk
@@ -4,7 +4,7 @@
#
################################################################################
-MARIADB_VERSION = 10.1.30
+MARIADB_VERSION = 10.1.31
MARIADB_SITE = https://downloads.mariadb.org/interstitial/mariadb-$(MARIADB_VERSION)/source
MARIADB_LICENSE = GPL-2.0 (server), GPL-2.0 with FLOSS exception (GPL client library), LGPL-2.0 (LGPL client library)
# Tarball no longer contains LGPL license text
diff --git a/package/mbedtls/0001-dhm-Fix-typo-in-RFC-5114-constants.patch b/package/mbedtls/0001-dhm-Fix-typo-in-RFC-5114-constants.patch
new file mode 100644
index 0000000000..effaf3d931
--- /dev/null
+++ b/package/mbedtls/0001-dhm-Fix-typo-in-RFC-5114-constants.patch
@@ -0,0 +1,33 @@
+From 129f50838bf14f4e1319f06f41c827fae9cc4b73 Mon Sep 17 00:00:00 2001
+From: Jaeden Amero <jaeden.amero@arm.com>
+Date: Thu, 8 Feb 2018 14:25:36 +0000
+Subject: [PATCH] dhm: Fix typo in RFC 5114 constants
+
+We accidentally named the constant MBEDTLS_DHM_RFC5114_MODP_P instead of
+MBEDTLS_DHM_RFC5114_MODP_2048_P.
+
+Fixes #1358
+
+Signed-off-by: Baruch Siach <baruch@tkos.co.il>
+---
+Patch status: upstream commit 129f50838bf
+
+ include/mbedtls/dhm.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/include/mbedtls/dhm.h b/include/mbedtls/dhm.h
+index da2e66b111b6..00fafd8d16f4 100644
+--- a/include/mbedtls/dhm.h
++++ b/include/mbedtls/dhm.h
+@@ -372,7 +372,7 @@ MBEDTLS_DEPRECATED typedef char const * mbedtls_deprecated_constant_t;
+ * in <em>RFC-5114: Additional Diffie-Hellman Groups for Use with
+ * IETF Standards</em>.
+ */
+-#define MBEDTLS_DHM_RFC5114_MODP_P \
++#define MBEDTLS_DHM_RFC5114_MODP_2048_P \
+ MBEDTLS_DEPRECATED_STRING_CONSTANT( \
+ "AD107E1E9123A9D0D660FAA79559C51FA20D64E5683B9FD1" \
+ "B54B1597B61D0A75E6FA141DF95A56DBAF9A3C407BA1DF15" \
+--
+2.16.1
+
diff --git a/package/mbedtls/mbedtls.hash b/package/mbedtls/mbedtls.hash
index d04b867754..a62c0f58de 100644
--- a/package/mbedtls/mbedtls.hash
+++ b/package/mbedtls/mbedtls.hash
@@ -1,5 +1,5 @@
-# From https://tls.mbed.org/tech-updates/releases/mbedtls-2.6.0-2.1.9-and-1.3.21-released
-sha1 e914288da50977f541773f9d36e26f14926594a5 mbedtls-2.6.0-apache.tgz
-sha256 99bc9d4212d3d885eeb96273bcde8ecc649a481404b8d7ea7bb26397c9909687 mbedtls-2.6.0-apache.tgz
+# From https://tls.mbed.org/tech-updates/releases/mbedtls-2.7.0-2.1.10-and-1.3.22-released
+sha1 01ffebf679c8696cc941c41224fa73d8944d2c85 mbedtls-2.7.0-apache.tgz
+sha256 aeb66d6cd43aa1c79c145d15845c655627a7fc30d624148aaafbb6c36d7f55ef mbedtls-2.7.0-apache.tgz
# Locally calculated
sha256 cfc7749b96f63bd31c3c42b5c471bf756814053e847c10f3eb003417bc523d30 apache-2.0.txt
diff --git a/package/mbedtls/mbedtls.mk b/package/mbedtls/mbedtls.mk
index 64ce18cf6f..7c26ea95ee 100644
--- a/package/mbedtls/mbedtls.mk
+++ b/package/mbedtls/mbedtls.mk
@@ -5,7 +5,7 @@
################################################################################
MBEDTLS_SITE = https://tls.mbed.org/code/releases
-MBEDTLS_VERSION = 2.6.0
+MBEDTLS_VERSION = 2.7.0
MBEDTLS_SOURCE = mbedtls-$(MBEDTLS_VERSION)-apache.tgz
MBEDTLS_CONF_OPTS = \
-DENABLE_PROGRAMS=$(if $(BR2_PACKAGE_MBEDTLS_PROGRAMS),ON,OFF) \
diff --git a/package/mesa3d-demos/mesa3d-demos.mk b/package/mesa3d-demos/mesa3d-demos.mk
index 52a1e2420a..ddff9b9ed9 100644
--- a/package/mesa3d-demos/mesa3d-demos.mk
+++ b/package/mesa3d-demos/mesa3d-demos.mk
@@ -13,7 +13,6 @@ MESA3D_DEMOS_DEPENDENCIES = host-pkgconf
MESA3D_DEMOS_LICENSE = MIT
MESA3D_DEMOS_CONF_OPTS += \
- --disable-osmesa \
--disable-gles1
ifeq ($(BR2_PACKAGE_XORG7)$(BR2_PACKAGE_HAS_LIBGL),yy)
diff --git a/package/mesa3d-headers/mesa3d-headers.mk b/package/mesa3d-headers/mesa3d-headers.mk
index b543fc097a..4eb57b3ad4 100644
--- a/package/mesa3d-headers/mesa3d-headers.mk
+++ b/package/mesa3d-headers/mesa3d-headers.mk
@@ -12,7 +12,7 @@ endif
# Not possible to directly refer to mesa3d variables, because of
# first/second expansion trickery...
-MESA3D_HEADERS_VERSION = 17.3.3
+MESA3D_HEADERS_VERSION = 17.3.6
MESA3D_HEADERS_SOURCE = mesa-$(MESA3D_HEADERS_VERSION).tar.xz
MESA3D_HEADERS_SITE = https://mesa.freedesktop.org/archive
MESA3D_HEADERS_LICENSE = MIT, SGI, Khronos
diff --git a/package/mesa3d/mesa3d.hash b/package/mesa3d/mesa3d.hash
index f7a77b56b0..a61fe02b6d 100644
--- a/package/mesa3d/mesa3d.hash
+++ b/package/mesa3d/mesa3d.hash
@@ -1,8 +1,8 @@
-# From https://lists.freedesktop.org/archives/mesa-announce/2018-January/000393.html
-md5 139b5f608b371c0d4395596162f88791 mesa-17.3.3.tar.xz
-sha1 346f7813f493b1daf9d9079826a13dbd722b86ab mesa-17.3.3.tar.xz
-sha256 41bac5de0ef6adc1f41a1ec0f80c19e361298ce02fa81b5f9ba4fdca33a9379b mesa-17.3.3.tar.xz
-sha512 7ac8ecdcf3b2b43239835bc2c5da7f2730f80a2db945fe00df03d1548920fbc074dd4806ddd345a1ce682fd29d75b2209ef81b6b06e657f9c8ae8622a34a03c1 mesa-17.3.3.tar.xz
+# From https://lists.freedesktop.org/archives/mesa-announce/2018-February/000403.html
+md5 ba66ae0f09b9b84482268608557cd175 mesa-17.3.6.tar.xz
+sha1 eff29cb8c284a813977d4201dd646d949b1d8fc4 mesa-17.3.6.tar.xz
+sha256 e5915680d44ac9d05defdec529db7459ac9edd441c9845266eff2e2d3e57fbf8 mesa-17.3.6.tar.xz
+sha512 5164ed5a1d3d25031b712a9f443f0e467a29b2bca0a1aa11324ed5c10279411979c9c7482825053926a813e76c58b78a3439c7c81fcd51a7808f53977080828f mesa-17.3.6.tar.xz
# License
sha256 630e75b4fdeb75ee2bf9e55db54dd1e3ff7353d52d9314ca8512bfd460f8e24c docs/license.html
sha256 a75ee0cec909515ff80a3ec07155b7fb0aafe8051abe1f0e45d5c4c5e2539366 docs/patents.txt
diff --git a/package/mesa3d/mesa3d.mk b/package/mesa3d/mesa3d.mk
index 3f907c9463..5f4832c0f0 100644
--- a/package/mesa3d/mesa3d.mk
+++ b/package/mesa3d/mesa3d.mk
@@ -5,7 +5,7 @@
################################################################################
# When updating the version, please also update mesa3d-headers
-MESA3D_VERSION = 17.3.3
+MESA3D_VERSION = 17.3.6
MESA3D_SOURCE = mesa-$(MESA3D_VERSION).tar.xz
MESA3D_SITE = https://mesa.freedesktop.org/archive
MESA3D_LICENSE = MIT, SGI, Khronos
diff --git a/package/mono/Config.in b/package/mono/Config.in
index d45ad376fe..d162237086 100644
--- a/package/mono/Config.in
+++ b/package/mono/Config.in
@@ -1,5 +1,11 @@
+config BR2_PACKAGE_HOST_MONO_ARCH_SUPPORTS
+ bool
+ default y if BR2_HOSTARCH = "x86_64"
+ default y if BR2_HOSTARCH = "x86"
+
config BR2_PACKAGE_MONO_ARCH_SUPPORTS
bool
+ depends on BR2_PACKAGE_HOST_MONO_ARCH_SUPPORTS
default y if (BR2_arm || BR2_armeb || BR2_i386 || BR2_mips || \
BR2_mipsel || BR2_powerpc || BR2_x86_64)
diff --git a/package/mosquitto/0001-websockets.c-unbreak-build-without-TLS.patch b/package/mosquitto/0001-websockets.c-unbreak-build-without-TLS.patch
new file mode 100644
index 0000000000..e977fae56c
--- /dev/null
+++ b/package/mosquitto/0001-websockets.c-unbreak-build-without-TLS.patch
@@ -0,0 +1,49 @@
+From 4822aa97da80a86033ec6e4a8b2f4ad0911235cf Mon Sep 17 00:00:00 2001
+From: Peter Korsgaard <peter@korsgaard.com>
+Date: Sat, 3 Mar 2018 11:04:47 +0100
+Subject: [PATCH] websockets.c: unbreak build without TLS
+
+Commit 7943072b1f3b (Fix use_identity_as_username not working on websockets
+clients) added code which unconditionally accesses mosq-ssl, breaking the
+build when TLS support is disabled.
+
+Fix it by guarding this logic inside #ifdef WITH_TLS.
+
+[Upstream: https://dev.eclipse.org/mhonarc/lists/mosquitto-dev/msg01813.html]
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+---
+ src/websockets.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/src/websockets.c b/src/websockets.c
+index d4d7961..a796f0a 100644
+--- a/src/websockets.c
++++ b/src/websockets.c
+@@ -201,12 +201,14 @@ static int callback_mqtt(struct libwebsocket_context *context,
+ mosq->ws_context = context;
+ #endif
+ mosq->wsi = wsi;
++#ifdef WITH_TLS
+ if(in){
+ mosq->ssl = (SSL *)in;
+ if(!mosq->listener->ssl_ctx){
+ mosq->listener->ssl_ctx = SSL_get_SSL_CTX(mosq->ssl);
+ }
+ }
++#endif
+ u->mosq = mosq;
+ }else{
+ return -1;
+@@ -240,7 +242,9 @@ static int callback_mqtt(struct libwebsocket_context *context,
+ mosq->pollfd_index = -1;
+ }
+ mosq->wsi = NULL;
++#ifdef WITH_TLS
+ mosq->ssl = NULL;
++#endif
+ do_disconnect(db, mosq);
+ }
+ break;
+--
+2.11.0
+
diff --git a/package/mosquitto/mosquitto.hash b/package/mosquitto/mosquitto.hash
index f6f17aa5ef..91c855cb4e 100644
--- a/package/mosquitto/mosquitto.hash
+++ b/package/mosquitto/mosquitto.hash
@@ -1,5 +1,5 @@
-# From http://www.eclipse.org/downloads/download.php?file=/mosquitto/source/mosquitto-1.4.14.tar.gz
-sha512 dc75a971354f87deeb79f32435acfae9bc561a1a24a75ee4940a35176ff91758071930d2105d8dee2a090e07527dbfaa5692bece67e03cc87e8b4b8b46f846c2 mosquitto-1.4.14.tar.gz
+# Locally calculated after checking gpg signature
+sha256 7d3b3e245a3b4ec94b05678c8199c806359737949f4cfe0bf936184f6ca89a83 mosquitto-1.4.15.tar.gz
# License files
sha256 cc77e25bafd40637b7084f04086d606f0a200051b61806f97c93405926670bc1 LICENSE.txt
diff --git a/package/mosquitto/mosquitto.mk b/package/mosquitto/mosquitto.mk
index c9b4418d04..ec5fc02f9f 100644
--- a/package/mosquitto/mosquitto.mk
+++ b/package/mosquitto/mosquitto.mk
@@ -4,7 +4,7 @@
#
################################################################################
-MOSQUITTO_VERSION = 1.4.14
+MOSQUITTO_VERSION = 1.4.15
MOSQUITTO_SITE = https://mosquitto.org/files/source
MOSQUITTO_LICENSE = EPL-1.0 or EDLv1.0
MOSQUITTO_LICENSE_FILES = LICENSE.txt epl-v10 edl-v10
diff --git a/package/mpv/mpv.hash b/package/mpv/mpv.hash
index 60fb84335e..1dac3a4940 100644
--- a/package/mpv/mpv.hash
+++ b/package/mpv/mpv.hash
@@ -1,2 +1,2 @@
# Locally calculated
-sha256 341d8bf18b75c1f78d5b681480b5b7f5c8b87d97a0d4f53a5648ede9c219a49c v0.27.0.tar.gz
+sha256 2ad104d83fd3b2b9457716615acad57e479fd1537b8fc5e37bfe9065359b50be v0.27.2.tar.gz
diff --git a/package/mpv/mpv.mk b/package/mpv/mpv.mk
index 8d10aa7c47..f38a6b916f 100644
--- a/package/mpv/mpv.mk
+++ b/package/mpv/mpv.mk
@@ -4,7 +4,7 @@
#
################################################################################
-MPV_VERSION = 0.27.0
+MPV_VERSION = 0.27.2
MPV_SITE = https://github.com/mpv-player/mpv/archive
MPV_SOURCE = v$(MPV_VERSION).tar.gz
MPV_DEPENDENCIES = \
@@ -31,7 +31,8 @@ MPV_CONF_OPTS = \
--disable-uchardet \
--disable-vapoursynth \
--disable-vapoursynth-lazy \
- --disable-vdpau
+ --disable-vdpau \
+ --disable-mali-fbdev
# ALSA support requires pcm+mixer
ifeq ($(BR2_PACKAGE_ALSA_LIB_MIXER)$(BR2_PACKAGE_ALSA_LIB_PCM),yy)
diff --git a/package/mtools/Config.in.host b/package/mtools/Config.in.host
index 96b332b039..42cb6f80fb 100644
--- a/package/mtools/Config.in.host
+++ b/package/mtools/Config.in.host
@@ -1,9 +1,9 @@
config BR2_PACKAGE_HOST_MTOOLS
bool "host mtools"
help
- Mtools is a collection of utilities to access MS-DOS disks from
- Unix without mounting them. It supports Win'95 style long file
- names, OS/2 Xdf disks and 2m disks (store up to 1992k on a high
- density 3 1/2 disk).
+ Mtools is a collection of utilities to access MS-DOS disks
+ from Unix without mounting them. It supports Win'95 style long
+ file names, OS/2 Xdf disks and 2m disks (store up to 1992k on
+ a high density 3 1/2 disk).
http://www.gnu.org/software/mtools/
diff --git a/package/nftables/0001-src-fix-build-with-older-glibc.patch b/package/nftables/0001-src-fix-build-with-older-glibc.patch
new file mode 100644
index 0000000000..d1ba295306
--- /dev/null
+++ b/package/nftables/0001-src-fix-build-with-older-glibc.patch
@@ -0,0 +1,38 @@
+From 381eaa40735385a1a60e5ab0a7daf4bb847fc2ab Mon Sep 17 00:00:00 2001
+From: Baruch Siach <baruch@tkos.co.il>
+Date: Fri, 9 Feb 2018 14:42:31 +0200
+Subject: [PATCH] src: fix build with older glibc
+
+glibc before 2.19 missed the definition of IPPROTO_MH. This leads to
+build failure:
+
+parser_bison.y: In function 'nft_parse':
+parser_bison.y:3793:21: error: 'IPPROTO_MH' undeclared (first use in this function)
+ | MH { $$ = IPPROTO_MH; }
+ ^
+
+Since we have a local definition of IPPROTO_MH in headers.h use that to
+fix the build.
+
+Signed-off-by: Baruch Siach <baruch@tkos.co.il>
+---
+Upstream status: https://marc.info/?l=netfilter-devel&m=151818061103886&w=2
+
+ src/parser_bison.y | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/parser_bison.y b/src/parser_bison.y
+index 2e79109f4da3..578bfdc10429 100644
+--- a/src/parser_bison.y
++++ b/src/parser_bison.y
+@@ -29,6 +29,7 @@
+ #include <rule.h>
+ #include <statement.h>
+ #include <expression.h>
++#include <headers.h>
+ #include <utils.h>
+ #include <parser.h>
+ #include <erec.h>
+--
+2.15.1
+
diff --git a/package/omap-u-boot-utils/Config.in.host b/package/omap-u-boot-utils/Config.in.host
index 87dcc06938..1549674f01 100644
--- a/package/omap-u-boot-utils/Config.in.host
+++ b/package/omap-u-boot-utils/Config.in.host
@@ -3,7 +3,7 @@ config BR2_PACKAGE_HOST_OMAP_U_BOOT_UTILS
depends on BR2_arm || BR2_armeb
help
U-Boot Utilities for Texas Instrument's OMAP platforms.
- This is a set of tools to control U-Boot from scripts, generate
- OMAP-specific signed image files and more.
+ This is a set of tools to control U-Boot from scripts,
+ generate OMAP-specific signed image files and more.
https://github.com/nmenon/omap-u-boot-utils
diff --git a/package/open-lldp/0004-fixed-unknown-type-pid_t.patch b/package/open-lldp/0004-fixed-unknown-type-pid_t.patch
new file mode 100644
index 0000000000..2d3b9148e0
--- /dev/null
+++ b/package/open-lldp/0004-fixed-unknown-type-pid_t.patch
@@ -0,0 +1,41 @@
+From 41e9e6b5aa13d65480cc960a7f15f97d74d64090 Mon Sep 17 00:00:00 2001
+From: Laurent Charpentier <laurent_pubs@yahoo.com>
+Date: Mon, 22 Jan 2018 10:49:45 +0100
+Subject: [PATCH] fixed unknown type pid_t
+
+Fixed 'unknown type pid_t' gcc compile error in dcbtool_cmds.c and
+lldptool_cmds.c
+
+Signed-off-by: Laurent Charpentier <laurent_pubs@yahoo.com>
+---
+ dcbtool_cmds.c | 1 +
+ lldptool_cmds.c | 1 +
+ 2 files changed, 2 insertions(+)
+
+diff --git a/dcbtool_cmds.c b/dcbtool_cmds.c
+index a5cd0fe..ee5c144 100644
+--- a/dcbtool_cmds.c
++++ b/dcbtool_cmds.c
+@@ -27,6 +27,7 @@
+ #include <stdlib.h>
+ #include <stdio.h>
+ #include <ctype.h>
++#include <sys/types.h>
+ #include "clif.h"
+ #include "dcbtool.h"
+ #include "lldp_dcbx_cmds.h"
+diff --git a/lldptool_cmds.c b/lldptool_cmds.c
+index daef8c8..c793e34 100644
+--- a/lldptool_cmds.c
++++ b/lldptool_cmds.c
+@@ -27,6 +27,7 @@
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <ctype.h>
++#include <sys/types.h>
+ #include "clif.h"
+ #include "dcb_types.h"
+ #include "lldptool.h"
+--
+2.14.3
+
diff --git a/package/patch/0001-Fix-segfault-with-mangled-rename-patch.patch b/package/patch/0001-Fix-segfault-with-mangled-rename-patch.patch
new file mode 100644
index 0000000000..19a67573c4
--- /dev/null
+++ b/package/patch/0001-Fix-segfault-with-mangled-rename-patch.patch
@@ -0,0 +1,33 @@
+From f290f48a621867084884bfff87f8093c15195e6a Mon Sep 17 00:00:00 2001
+From: Andreas Gruenbacher <agruen@gnu.org>
+Date: Mon, 12 Feb 2018 16:48:24 +0100
+Subject: [PATCH] Fix segfault with mangled rename patch
+
+http://savannah.gnu.org/bugs/?53132
+* src/pch.c (intuit_diff_type): Ensure that two filenames are specified
+for renames and copies (fix the existing check).
+
+Signed-off-by: Baruch Siach <baruch@tkos.co.il>
+---
+Patch status: upstream commit f290f48a6218
+
+ src/pch.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/pch.c b/src/pch.c
+index ff9ed2cebb8a..bc6278c4032c 100644
+--- a/src/pch.c
++++ b/src/pch.c
+@@ -974,7 +974,8 @@ intuit_diff_type (bool need_header, mode_t *p_file_type)
+ if ((pch_rename () || pch_copy ())
+ && ! inname
+ && ! ((i == OLD || i == NEW) &&
+- p_name[! reverse] &&
++ p_name[reverse] && p_name[! reverse] &&
++ name_is_valid (p_name[reverse]) &&
+ name_is_valid (p_name[! reverse])))
+ {
+ say ("Cannot %s file without two valid file names\n", pch_rename () ? "rename" : "copy");
+--
+2.16.1
+
diff --git a/package/patch/patch.hash b/package/patch/patch.hash
index d6e3a2d261..917d951a94 100644
--- a/package/patch/patch.hash
+++ b/package/patch/patch.hash
@@ -1,2 +1,4 @@
# Locally calculated after checking pgp signature
-sha256 fd95153655d6b95567e623843a0e77b81612d502ecf78a489a4aed7867caa299 patch-2.7.5.tar.xz
+sha256 ac610bda97abe0d9f6b7c963255a11dcb196c25e337c61f94e4778d632f1d8fd patch-2.7.6.tar.xz
+# Locally calculated
+sha256 8ceb4b9ee5adedde47b31e975c1d90c73ad27b6b165a1dcd80c7c545eb65b903 COPYING
diff --git a/package/patch/patch.mk b/package/patch/patch.mk
index 4c76a3123b..33f0039d60 100644
--- a/package/patch/patch.mk
+++ b/package/patch/patch.mk
@@ -4,7 +4,7 @@
#
################################################################################
-PATCH_VERSION = 2.7.5
+PATCH_VERSION = 2.7.6
PATCH_SOURCE = patch-$(PATCH_VERSION).tar.xz
PATCH_SITE = $(BR2_GNU_MIRROR)/patch
PATCH_LICENSE = GPL-3.0+
diff --git a/package/pcre2/0001-fix-heapframe-alignment.patch b/package/pcre2/0001-fix-heapframe-alignment.patch
new file mode 100644
index 0000000000..a10e9e793f
--- /dev/null
+++ b/package/pcre2/0001-fix-heapframe-alignment.patch
@@ -0,0 +1,49 @@
+src/pcre2_intmodedep.h: fix alignment of fields in struct heapframe
+
+pcre2_intmodedep.h has a check to verify that the size of the struct
+heapframe is a multiple of 4 bytes. On most architectures this works
+fine, but not on m68k. Indeed, when building the 16-bit variant of
+pcre2, the heapframe structure contains:
+
+ PCRE2_UCHAR occu[2];
+ PCRE2_SPTR eptr;
+
+Where PCRE2_UCHAR is a 16-bit data type, and PCRE2_SPTR is a
+pointer. The occu[] array starts at byte 0x32, so not aligned on a
+32-bit boundary. With 2 x 16-bit, the occur[] array ends at byte 0x36.
+
+Now, on most architectures, the alignment required for a pointer will
+make the eptr field start at 0x38 (on 32 bit architectures). However,
+on m68k, it is fine to have a pointer aligned only on a 16-bit
+boundary, and the eptr pointer will be at offset 0x36.
+
+This doesn't cause a problem per-se, but breaks the check that
+heapframe should be a multiple of 4 bytes.
+
+To fix this, we make sure eptr is aligned by introducing an unused
+field of 16 bits after the occu[] array (in the 16-bit variant) or
+after the occu[] array (in the 32-bit variant). These choices have
+been made to keep the structure layout unchanged.
+
+Fixes the following build failure on m68k:
+
+src/pcre2_intmodedep.h:818:14: error: size of array 'check_heapframe_size' is negative
+ typedef char check_heapframe_size[
+ ^~~~~~~~~~~~~~~~~~~~
+
+Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
+Upstream: https://bugs.exim.org/show_bug.cgi?id=2247
+
+Index: src/pcre2_intmodedep.h
+===================================================================
+--- a/src/pcre2_intmodedep.h (revision 923)
++++ b/src/pcre2_intmodedep.h (working copy)
+@@ -797,7 +797,9 @@
+ PCRE2_UCHAR occu[6]; /* Used for other case code units */
+ #elif PCRE2_CODE_UNIT_WIDTH == 16
+ PCRE2_UCHAR occu[2]; /* Used for other case code units */
++ uint8_t unused[2]; /* Ensure 32 bit alignment */
+ #else
++ uint8_t unused[2]; /* Ensure 32 bit alignment */
+ PCRE2_UCHAR occu[1]; /* Used for other case code units */
+ #endif
diff --git a/package/php/0008-ext-sockets-make-AI_IDN-usage-optional.patch b/package/php/0008-ext-sockets-make-AI_IDN-usage-optional.patch
new file mode 100644
index 0000000000..7ab086865e
--- /dev/null
+++ b/package/php/0008-ext-sockets-make-AI_IDN-usage-optional.patch
@@ -0,0 +1,55 @@
+From 923cab3a5ee112d3de44b5571e73402f1fa3d619 Mon Sep 17 00:00:00 2001
+From: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
+Date: Mon, 26 Feb 2018 19:06:40 +0100
+Subject: [PATCH] ext/sockets: make AI_IDN usage optional
+
+AI_IDN is not supported by all C libraries (uClibc, musl), so make it
+optional, like AI_ALL.
+
+Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
+Upstream-status: https://github.com/php/php-src/pull/3160
+---
+ ext/sockets/config.m4 | 13 +++++++++++++
+ ext/sockets/sockets.c | 2 +-
+ 2 files changed, 14 insertions(+), 1 deletion(-)
+
+diff --git a/ext/sockets/config.m4 b/ext/sockets/config.m4
+index fe7d22a10a..2bf6a2bd11 100644
+--- a/ext/sockets/config.m4
++++ b/ext/sockets/config.m4
+@@ -69,6 +69,19 @@ if test "$PHP_SOCKETS" != "no"; then
+ AC_DEFINE(HAVE_AI_ALL,1,[Whether you have AI_ALL])
+ fi
+
++ dnl Check for AI_IDN flag
++ AC_CACHE_CHECK([if getaddrinfo supports AI_IDN],[ac_cv_gai_ai_idn],
++ [
++ AC_TRY_COMPILE([
++#include <netdb.h>
++ ], [int flag = AI_IDN;],
++ ac_cv_gai_ai_idn=yes, ac_cv_gai_ai_idn=no)
++ ])
++
++ if test "$ac_cv_gai_ai_idn" = yes; then
++ AC_DEFINE(HAVE_AI_IDN,1,[Whether you have AI_IDN])
++ fi
++
+ PHP_NEW_EXTENSION([sockets], [sockets.c multicast.c conversions.c sockaddr_conv.c sendrecvmsg.c], [$ext_shared],, -DZEND_ENABLE_STATIC_TSRMLS_CACHE=1)
+ PHP_INSTALL_HEADERS([ext/sockets/], [php_sockets.h])
+ fi
+diff --git a/ext/sockets/sockets.c b/ext/sockets/sockets.c
+index 6db56c2816..ee9651ce09 100644
+--- a/ext/sockets/sockets.c
++++ b/ext/sockets/sockets.c
+@@ -796,7 +796,7 @@ static PHP_MINIT_FUNCTION(sockets)
+ REGISTER_LONG_CONSTANT("AI_ALL", AI_ALL, CONST_CS | CONST_PERSISTENT);
+ #endif
+ REGISTER_LONG_CONSTANT("AI_ADDRCONFIG", AI_ADDRCONFIG, CONST_CS | CONST_PERSISTENT);
+-#ifdef __USE_GNU
++#if defined(HAVE_AI_IDN) && defined(__USE_GNU)
+ REGISTER_LONG_CONSTANT("AI_IDN", AI_IDN, CONST_CS | CONST_PERSISTENT);
+ REGISTER_LONG_CONSTANT("AI_CANONIDN", AI_CANONIDN, CONST_CS | CONST_PERSISTENT);
+ REGISTER_LONG_CONSTANT("AI_IDN_ALLOW_UNASSIGNED", AI_IDN_ALLOW_UNASSIGNED, CONST_CS | CONST_PERSISTENT);
+--
+2.14.3
+
diff --git a/package/php/0009-main-php_ini.c-build-empty-php_load_zend_extension_c.patch b/package/php/0009-main-php_ini.c-build-empty-php_load_zend_extension_c.patch
new file mode 100644
index 0000000000..bc5149d1d6
--- /dev/null
+++ b/package/php/0009-main-php_ini.c-build-empty-php_load_zend_extension_c.patch
@@ -0,0 +1,62 @@
+From b7bbdfbcb0869b5c068143d4e27bab9eac4ae72b Mon Sep 17 00:00:00 2001
+From: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
+Date: Mon, 26 Feb 2018 19:30:55 +0100
+Subject: [PATCH] main/php_ini.c: build empty php_load_zend_extension_cb() when
+ !HAVE_LIBDL
+
+Commit 0782a7fc6314c8bd3cbfd57f12d0479bf9cc8dc7 ("Fixed bug #74866
+extension_dir = "./ext" now use current directory for base") modified
+the php_load_zend_extension_cb() function to use php_load_shlib(), and
+pass a handle to the newly introduced zend_load_extension_handle()
+function instead of passing the extension path to
+zend_load_extension().
+
+While doing so, it introduced a call to php_load_shlib() from code
+that is built even when HAVE_LIBDL is not defined. However,
+php_load_shlib() is not implemented when HAVE_LIBDL is not defined,
+for obvious reasons.
+
+It turns out that zend_load_extension_handle() anyway doesn't do
+anything when ZEND_EXTENSIONS_SUPPORT is defined to 0, and
+ZEND_EXTENSIONS_SUPPORT is not defined when HAVE_LIBDL is not defined
+(Zend/zend_portability.h).
+
+Fixes the following build failure when building on a system that
+doesn't have libdl:
+
+main/php_ini.o: In function `php_load_zend_extension_cb':
+php_ini.c:(.text+0x478): undefined reference to `php_load_shlib'
+php_ini.c:(.text+0x4b0): undefined reference to `php_load_shlib'
+collect2: error: ld returned 1 exit status
+
+Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
+Upstream-status: https://github.com/php/php-src/pull/3161
+---
+ main/php_ini.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/main/php_ini.c b/main/php_ini.c
+index ba58eb1180..fca263e5f0 100644
+--- a/main/php_ini.c
++++ b/main/php_ini.c
+@@ -350,6 +350,7 @@ static void php_load_php_extension_cb(void *arg)
+
+ /* {{{ php_load_zend_extension_cb
+ */
++#ifdef HAVE_LIBDL
+ static void php_load_zend_extension_cb(void *arg)
+ {
+ char *filename = *((char **) arg);
+@@ -409,6 +410,9 @@ static void php_load_zend_extension_cb(void *arg)
+ efree(libpath);
+ }
+ }
++#else
++static void php_load_zend_extension_cb(void *arg) { }
++#endif
+ /* }}} */
+
+ /* {{{ php_init_config
+--
+2.14.3
+
diff --git a/package/php/Config.in b/package/php/Config.in
index 0fb80063af..11514e04b1 100644
--- a/package/php/Config.in
+++ b/package/php/Config.in
@@ -6,6 +6,10 @@ config BR2_PACKAGE_PHP
!BR2_PACKAGE_PHP_SAPI_FPM && \
BR2_USE_MMU
select BR2_PACKAGE_PHP_SAPI_CLI if !BR2_USE_MMU
+ # PHP uses -export-dynamic, which breaks with elf2flt with a
+ # message like "ld.real: section .junk LMA [...,...] overlaps
+ # section .text LMA [...,...]"
+ depends on !BR2_BINFMT_FLAT
help
PHP is a widely-used general-purpose scripting
language that is especially suited for Web development
diff --git a/package/php/php.hash b/package/php/php.hash
index fdb4446d2b..34230df874 100644
--- a/package/php/php.hash
+++ b/package/php/php.hash
@@ -1,5 +1,5 @@
# From http://php.net/downloads.php
-sha256 47d7607d38a1d565fc43ea942c92229a7cd165f156737f210937e375b243cb11 php-7.2.2.tar.xz
+sha256 b3a94f1b562f413c0b96f54bc309706d83b29ac65d9b172bc7ed9fb40a5e651f php-7.2.3.tar.xz
# License file
sha256 00e567a8d50359d93ee1f9afdd9511277660c1e70a0cbf3229f84403aa9aebb1 LICENSE
diff --git a/package/php/php.mk b/package/php/php.mk
index a4481c45c7..dcb89b03d3 100644
--- a/package/php/php.mk
+++ b/package/php/php.mk
@@ -4,7 +4,7 @@
#
################################################################################
-PHP_VERSION = 7.2.2
+PHP_VERSION = 7.2.3
PHP_SITE = http://www.php.net/distributions
PHP_SOURCE = php-$(PHP_VERSION).tar.xz
PHP_INSTALL_STAGING = YES
@@ -232,6 +232,11 @@ define PHP_DISABLE_PCRE_JIT
$(SED) '/^#define SUPPORT_JIT/d' $(@D)/ext/pcre/pcrelib/config.h
endef
+define PHP_DISABLE_VALGRIND
+ $(SED) '/^#define HAVE_VALGRIND/d' $(@D)/main/php_config.h
+endef
+PHP_POST_CONFIGURE_HOOKS += PHP_DISABLE_VALGRIND
+
### Use external PCRE if it's available
ifeq ($(BR2_PACKAGE_PCRE),y)
PHP_CONF_OPTS += --with-pcre-regex=$(STAGING_DIR)/usr
diff --git a/package/pkgconf/Config.in.host b/package/pkgconf/Config.in.host
index 437a7bf6f9..56836a5cbf 100644
--- a/package/pkgconf/Config.in.host
+++ b/package/pkgconf/Config.in.host
@@ -1,9 +1,10 @@
config BR2_PACKAGE_HOST_PKGCONF
bool "host pkgconf"
help
- pkgconf is a program which helps to configure compiler and linker
- flags for development frameworks. It is similar to pkg-config,
- but was written from scratch in the summer of 2011 to replace
- pkg-config, which now needs itself to build itself
+ pkgconf is a program which helps to configure compiler and
+ linker flags for development frameworks. It is similar to
+ pkg-config, but was written from scratch in the summer of
+ 2011 to replace pkg-config, which now needs itself to build
+ itself
https://github.com/pkgconf/pkgconf
diff --git a/package/postgresql/postgresql.hash b/package/postgresql/postgresql.hash
index e2347701c1..533c398d59 100644
--- a/package/postgresql/postgresql.hash
+++ b/package/postgresql/postgresql.hash
@@ -1,5 +1,5 @@
-# From https://ftp.postgresql.org/pub/source/v10.1/postgresql-10.1.tar.bz2.sha256
-sha256 3ccb4e25fe7a7ea6308dea103cac202963e6b746697366d72ec2900449a5e713 postgresql-10.1.tar.bz2
+# From https://ftp.postgresql.org/pub/source/v10.3/postgresql-10.3.tar.bz2.sha256
+sha256 6ea268780ee35e88c65cdb0af7955ad90b7d0ef34573867f223f14e43467931a postgresql-10.3.tar.bz2
# License file, Locally calculated
-sha256 7dc8de32741ad1b03e21710771b55a1b9d460671d47f28a8840f917e38c66676 COPYRIGHT
+sha256 24cfc70cf16b3a23242c49ffce39510683bdd48cbedb8a46fe03976ee5f5c21e COPYRIGHT
diff --git a/package/postgresql/postgresql.mk b/package/postgresql/postgresql.mk
index 4657489a53..c6b689a146 100644
--- a/package/postgresql/postgresql.mk
+++ b/package/postgresql/postgresql.mk
@@ -4,7 +4,7 @@
#
################################################################################
-POSTGRESQL_VERSION = 10.1
+POSTGRESQL_VERSION = 10.3
POSTGRESQL_SOURCE = postgresql-$(POSTGRESQL_VERSION).tar.bz2
POSTGRESQL_SITE = http://ftp.postgresql.org/pub/source/v$(POSTGRESQL_VERSION)
POSTGRESQL_LICENSE = PostgreSQL
diff --git a/package/pure-ftpd/Config.in b/package/pure-ftpd/Config.in
index d03170b7cf..c060102650 100644
--- a/package/pure-ftpd/Config.in
+++ b/package/pure-ftpd/Config.in
@@ -33,7 +33,7 @@ config BR2_PACKAGE_PURE_FTPD_QUOTAS
config BR2_PACKAGE_PURE_FTPD_UPLOADSCRIPT
bool "uploadscript"
help
- Enable pure-upload script. Automatically run an external program
- after a successful upload.
+ Enable pure-upload script. Automatically run an external
+ program after a successful upload.
endif
diff --git a/package/pwgen/Config.in.host b/package/pwgen/Config.in.host
index 0c56851dcb..20b55f3fc0 100644
--- a/package/pwgen/Config.in.host
+++ b/package/pwgen/Config.in.host
@@ -1,7 +1,7 @@
config BR2_PACKAGE_HOST_PWGEN
bool "host pwgen"
help
- Pwgen is a small, GPL'ed password generator which creates passwords
- which can be easily memorized by a human.
+ Pwgen is a small, GPL'ed password generator which creates
+ passwords which can be easily memorized by a human.
http://sourceforge.net/projects/pwgen/
diff --git a/package/python-crossbar/Config.in b/package/python-crossbar/Config.in
index 705864471c..96a25c2c69 100644
--- a/package/python-crossbar/Config.in
+++ b/package/python-crossbar/Config.in
@@ -4,6 +4,7 @@ config BR2_PACKAGE_PYTHON_CROSSBAR
# All the following dependencies are runtime dependencies
select BR2_PACKAGE_PYTHON_ATTRS
select BR2_PACKAGE_PYTHON_AUTOBAHN
+ select BR2_PACKAGE_PYTHON_BITSTRING
select BR2_PACKAGE_PYTHON_CONSTANTLY
select BR2_PACKAGE_PYTHON_CBOR
select BR2_PACKAGE_PYTHON_CLICK
diff --git a/package/qemu/Config.in.host b/package/qemu/Config.in.host
index b001dd9514..78fe54a85c 100644
--- a/package/qemu/Config.in.host
+++ b/package/qemu/Config.in.host
@@ -13,7 +13,8 @@ config BR2_PACKAGE_HOST_QEMU
select BR2_PACKAGE_HOST_QEMU_LINUX_USER_MODE \
if !BR2_PACKAGE_HOST_QEMU_SYSTEM_MODE
help
- QEMU is a generic and open source machine emulator and virtualizer.
+ QEMU is a generic and open source machine emulator and
+ virtualizer.
This option builds an emulator for your selected architecture.
diff --git a/package/qt/Config.in b/package/qt/Config.in
index 4804a81537..0ecfafada5 100644
--- a/package/qt/Config.in
+++ b/package/qt/Config.in
@@ -3,7 +3,7 @@ comment "qt needs a toolchain w/ C++, threads"
depends on !BR2_INSTALL_LIBSTDCPP || !BR2_TOOLCHAIN_HAS_THREADS
menuconfig BR2_PACKAGE_QT
- bool "Qt"
+ bool "Qt (obsolete)"
depends on BR2_USE_MMU # fork
depends on BR2_INSTALL_LIBSTDCPP
depends on BR2_TOOLCHAIN_HAS_THREADS
diff --git a/package/qt5/qt5.mk b/package/qt5/qt5.mk
index 7a6e1d7cfe..3c03c10066 100644
--- a/package/qt5/qt5.mk
+++ b/package/qt5/qt5.mk
@@ -6,12 +6,12 @@
ifeq ($(BR2_PACKAGE_QT5_VERSION_LATEST),y)
QT5_VERSION_MAJOR = 5.9
-QT5_VERSION = $(QT5_VERSION_MAJOR).3
+QT5_VERSION = $(QT5_VERSION_MAJOR).4
else
QT5_VERSION_MAJOR = 5.6
QT5_VERSION = $(QT5_VERSION_MAJOR).3
endif
-QT5_SITE = http://download.qt.io/official_releases/qt/$(QT5_VERSION_MAJOR)/$(QT5_VERSION)/submodules
+QT5_SITE = https://download.qt.io/official_releases/qt/$(QT5_VERSION_MAJOR)/$(QT5_VERSION)/submodules
include $(sort $(wildcard package/qt5/*/*.mk))
diff --git a/package/qt5/qt53d/qt53d.hash b/package/qt5/qt53d/qt53d.hash
index 18441ead0d..9d629eb540 100644
--- a/package/qt5/qt53d/qt53d.hash
+++ b/package/qt5/qt53d/qt53d.hash
@@ -1,8 +1,8 @@
# Hash from: https://download.qt.io/official_releases/qt/5.6/5.6.3/submodules/qt3d-opensource-src-5.6.3.tar.xz.mirrorlist
sha256 10d05a30e925fcad971126c7f47a5e32c39f007dab96b298b2094501f9607ffe qt3d-opensource-src-5.6.3.tar.xz
-# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.3/submodules/qt3d-opensource-src-5.9.3.tar.xz.mirrorlist
-sha256 97925132f0583ccd76f5e104c849341df3abba73dd4d9b647622a23bdae6273f qt3d-opensource-src-5.9.3.tar.xz
+# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.4/submodules/qt3d-opensource-src-5.9.4.tar.xz.mirrorlist
+sha256 ad18b1c98a100025a96d600008c9478f646432c9e8cf11fb9a405c55f1970550 qt3d-opensource-src-5.9.4.tar.xz
# Hashes for license files:
sha256 edfe70e99be2a7c109d860b19204609e582720b211c50caedac729da372a1253 LICENSE.GPL
diff --git a/package/qt5/qt53d/qt53d.mk b/package/qt5/qt53d/qt53d.mk
index 4f37ae7f5d..fcb743db21 100644
--- a/package/qt5/qt53d/qt53d.mk
+++ b/package/qt5/qt53d/qt53d.mk
@@ -6,7 +6,7 @@
QT53D_VERSION = $(QT5_VERSION)
QT53D_SITE = $(QT5_SITE)
-QT53D_SOURCE = qt3d-opensource-src-$(QT5SVG_VERSION).tar.xz
+QT53D_SOURCE = qt3d-opensource-src-$(QT53D_VERSION).tar.xz
QT53D_DEPENDENCIES = qt5base qt5declarative
QT53D_INSTALL_STAGING = YES
diff --git a/package/qt5/qt5base/qt5base.hash b/package/qt5/qt5base/qt5base.hash
index c6e694ab39..a72d8cd4da 100644
--- a/package/qt5/qt5base/qt5base.hash
+++ b/package/qt5/qt5base/qt5base.hash
@@ -1,8 +1,8 @@
# Hash from: https://download.qt.io/official_releases/qt/5.6/5.6.3/submodules/qtbase-opensource-src-5.6.3.tar.xz.mirrorlist
sha256 fef48529a6fc2617a30d75d952cb327c6be341fd104154993922184b3b3b4da1 qtbase-opensource-src-5.6.3.tar.xz
-# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.3/submodules/qtbase-opensource-src-5.9.3.tar.xz.mirrorlist
-sha256 9e7c44005e7691dc7c85165bd4510282c47f0163521f4973eab71dbdb39a9982 qtbase-opensource-src-5.9.3.tar.xz
+# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.4/submodules/qtbase-opensource-src-5.9.4.tar.xz.mirrorlist
+sha256 69e6bde3ab00673a77e1506173551fec7d0cd899fcbf9b1260517db1b61004cf qtbase-opensource-src-5.9.4.tar.xz
# Hashes for license files:
sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 LICENSE.GPL2
diff --git a/package/qt5/qt5canvas3d/qt5canvas3d.hash b/package/qt5/qt5canvas3d/qt5canvas3d.hash
index 1664f626cd..68d1691d3d 100644
--- a/package/qt5/qt5canvas3d/qt5canvas3d.hash
+++ b/package/qt5/qt5canvas3d/qt5canvas3d.hash
@@ -1,8 +1,8 @@
# Hash from: https://download.qt.io/official_releases/qt/5.6/5.6.3/submodules/qtcanvas3d-opensource-src-5.6.3.tar.xz.mirrorlist
sha256 e99e0e159f2fba539b7947a1921072f6807f20958d32809edbf12aac571f56ff qtcanvas3d-opensource-src-5.6.3.tar.xz
-# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.3/submodules/qtcanvas3d-opensource-src-5.9.3.tar.xz.mirrorlist
-sha256 5e38b17844af801be57844da0379cc6882750b9019034f4fe884aae70c300abc qtcanvas3d-opensource-src-5.9.3.tar.xz
+# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.4/submodules/qtcanvas3d-opensource-src-5.9.4.tar.xz.mirrorlist
+sha256 ef358503e2f243c2e162c3fef2181707ff3485376198d8e4fcc6d979e6ebed29 qtcanvas3d-opensource-src-5.9.4.tar.xz
# Hashes for license files:
sha256 edfe70e99be2a7c109d860b19204609e582720b211c50caedac729da372a1253 LICENSE.GPLv2
diff --git a/package/qt5/qt5charts/qt5charts.hash b/package/qt5/qt5charts/qt5charts.hash
index 3a9db5b297..a0c2d0d739 100644
--- a/package/qt5/qt5charts/qt5charts.hash
+++ b/package/qt5/qt5charts/qt5charts.hash
@@ -1,5 +1,5 @@
-# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.3/submodules/qtcharts-opensource-src-5.9.3.tar.xz.mirrorlist
-sha256 ec1783a81d5715fc48a3276e67b90a66cac3e283ac14fc3bf88b2058994d69e9 qtcharts-opensource-src-5.9.3.tar.xz
+# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.4/submodules/qtcharts-opensource-src-5.9.4.tar.xz.mirrorlist
+sha256 75f72983fde6720a093d5f065d33f47e77a4bd2188ae9d41ebb9a4fcc459d3e7 qtcharts-opensource-src-5.9.4.tar.xz
# Hashes for license files:
sha256 8ceb4b9ee5adedde47b31e975c1d90c73ad27b6b165a1dcd80c7c545eb65b903 LICENSE.GPL3
diff --git a/package/qt5/qt5connectivity/5.9.3/0001-Example-heartrate-server-needs-only-core-and-bluetoo.patch b/package/qt5/qt5connectivity/5.9.3/0001-Example-heartrate-server-needs-only-core-and-bluetoo.patch
deleted file mode 100644
index cb0e8d18b1..0000000000
--- a/package/qt5/qt5connectivity/5.9.3/0001-Example-heartrate-server-needs-only-core-and-bluetoo.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-From 13c2f56cc9c3bbfe0c96031107e7fafd437703d9 Mon Sep 17 00:00:00 2001
-From: Peter Seiderer <ps.report@gmx.net>
-Date: Sat, 18 Nov 2017 21:07:44 +0100
-Subject: [PATCH] Example heartrate-server needs only core and bluetooth module
-
-Fixes compile with disabled gui module.
-
-Task-number: QTBUG-64597
-Change-Id: I376dede3db987e524f97070344cc119e0ee1d187
-
-Upstream: https://codereview.qt-project.org/211810
-Signed-off-by: Peter Seiderer <ps.report@gmx.net>
----
- examples/bluetooth/heartrate-server/heartrate-server.pro | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/examples/bluetooth/heartrate-server/heartrate-server.pro b/examples/bluetooth/heartrate-server/heartrate-server.pro
-index 4ccf486c..edd011b9 100644
---- a/examples/bluetooth/heartrate-server/heartrate-server.pro
-+++ b/examples/bluetooth/heartrate-server/heartrate-server.pro
-@@ -1,7 +1,7 @@
- TEMPLATE = app
- TARGET = heartrate-server
-
--QT += bluetooth
-+QT = core bluetooth
- CONFIG += c++11
-
- SOURCES += main.cpp
---
-2.14.2
-
diff --git a/package/qt5/qt5connectivity/qt5connectivity.hash b/package/qt5/qt5connectivity/qt5connectivity.hash
index aaa3ef275b..21d0ded4e0 100644
--- a/package/qt5/qt5connectivity/qt5connectivity.hash
+++ b/package/qt5/qt5connectivity/qt5connectivity.hash
@@ -1,5 +1,5 @@
# Hash from: https://download.qt.io/official_releases/qt/5.6/5.6.3/submodules/qtconnectivity-opensource-src-5.6.3.tar.xz.mirrorlist
sha256 fa406e3d63fa4a2acc8ecae6d110f20c766f19a21c7061a12f3c167deb07ccde qtconnectivity-opensource-src-5.6.3.tar.xz
-# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.3/submodules/qtconnectivity-opensource-src-5.9.3.tar.xz.mirrorlist
-sha256 e2891e6e8d91e82e3c4d5667f3146062458067c0b706d65ac0fc7562afce0649 qtconnectivity-opensource-src-5.9.3.tar.xz
+# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.4/submodules/qtconnectivity-opensource-src-5.9.4.tar.xz.mirrorlist
+sha256 dba750363bf55648a08bc44372f423d31f405f6deac5393f0b76376a3e9e0c8b qtconnectivity-opensource-src-5.9.4.tar.xz
diff --git a/package/qt5/qt5declarative/qt5declarative.hash b/package/qt5/qt5declarative/qt5declarative.hash
index 6f171ffa40..308a4f0f56 100644
--- a/package/qt5/qt5declarative/qt5declarative.hash
+++ b/package/qt5/qt5declarative/qt5declarative.hash
@@ -1,8 +1,8 @@
# Hash from: https://download.qt.io/official_releases/qt/5.6/5.6.3/submodules/qtdeclarative-opensource-src-5.6.3.tar.xz.mirrorlist
sha256 f63fc053d0d16b8a9ca9308f8ead77874b470ae31b66057e2bd336bf648191fc qtdeclarative-opensource-src-5.6.3.tar.xz
-# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.3/submodules/qtdeclarative-opensource-src-5.9.3.tar.xz.mirrorlist
-sha256 505f66d2062c1d84ce743a0b4969531e1cf94e30970dc64efffe10f74f989407 qtdeclarative-opensource-src-5.9.3.tar.xz
+# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.4/submodules/qtdeclarative-opensource-src-5.9.4.tar.xz.mirrorlist
+sha256 dc638a3b207dd2c6607a21415f6dd8d760568535dfe4b485fdb4576c98832d65 qtdeclarative-opensource-src-5.9.4.tar.xz
# Hashes for license files:
sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 LICENSE.GPL2
diff --git a/package/qt5/qt5enginio/qt5enginio.hash b/package/qt5/qt5enginio/qt5enginio.hash
index f970703687..424c4776e0 100644
--- a/package/qt5/qt5enginio/qt5enginio.hash
+++ b/package/qt5/qt5enginio/qt5enginio.hash
@@ -1,5 +1,5 @@
-# Hash from: http://download.qt.io/official_releases/qt/5.6/5.6.3/submodules/qtenginio-opensource-src-1.6.2.tar.xz.mirrorlist
-sha256 90ffc38d214a75ab0ef90a4760843f12bc073ae49c17de24c677d1d403bddcc3 qtenginio-opensource-src-1.6.2.tar.xz
+# Hash from: https://download.qt.io/official_releases/qt/5.6/5.6.3/submodules/qtenginio-opensource-src-1.6.3.tar.xz.mirrorlist
+sha256 d907060b355512ceb7a8c3f6980e3979c20d54320b6804303b6c5e8ed42d3912 qtenginio-opensource-src-1.6.3.tar.xz
# Hashes for license files:
sha256 245248009fd0af1725d183248380e476c1283383909358a13686606352bf2a17 LICENSE.GPLv3
diff --git a/package/qt5/qt5enginio/qt5enginio.mk b/package/qt5/qt5enginio/qt5enginio.mk
index 5590d7cf4e..603b2a517d 100644
--- a/package/qt5/qt5enginio/qt5enginio.mk
+++ b/package/qt5/qt5enginio/qt5enginio.mk
@@ -6,7 +6,7 @@
# Qt5Enginio does not follow Qt versionning
# see https://bugreports.qt.io/browse/QTBUG-50111
-QT5ENGINIO_VERSION = 1.6.2
+QT5ENGINIO_VERSION = 1.6.3
QT5ENGINIO_SITE = $(QT5_SITE)
QT5ENGINIO_SOURCE = qtenginio-opensource-src-$(QT5ENGINIO_VERSION).tar.xz
QT5ENGINIO_DEPENDENCIES = openssl qt5base
diff --git a/package/qt5/qt5graphicaleffects/qt5graphicaleffects.hash b/package/qt5/qt5graphicaleffects/qt5graphicaleffects.hash
index 8770d72a19..9a1bbdac32 100644
--- a/package/qt5/qt5graphicaleffects/qt5graphicaleffects.hash
+++ b/package/qt5/qt5graphicaleffects/qt5graphicaleffects.hash
@@ -1,8 +1,8 @@
# Hash from: https://download.qt.io/official_releases/qt/5.6/5.6.3/submodules/qtgraphicaleffects-opensource-src-5.6.3.tar.xz.mirrorlist
sha256 c742592d5e45b122b29df60b69be23ba7c817f2dc471db86e054f6ea24a999ed qtgraphicaleffects-opensource-src-5.6.3.tar.xz
-# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.3/submodules/qtgraphicaleffects-opensource-src-5.9.3.tar.xz.mirrorlist
-sha256 790b029bc8bdbb5c9548ecad2ff6e73b7da3deabbdba6bacac4a6aacd3a0f0d9 qtgraphicaleffects-opensource-src-5.9.3.tar.xz
+# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.4/submodules/qtgraphicaleffects-opensource-src-5.9.4.tar.xz.mirrorlist
+sha256 97f75327d7d20ec02e920f1c86ee2bc4063396833d93215e509e95c58e24b8ef qtgraphicaleffects-opensource-src-5.9.4.tar.xz
# Hashes for license files:
sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 LICENSE.GPL2
diff --git a/package/qt5/qt5imageformats/qt5imageformats.hash b/package/qt5/qt5imageformats/qt5imageformats.hash
index c56ed7d587..37d0519ed4 100644
--- a/package/qt5/qt5imageformats/qt5imageformats.hash
+++ b/package/qt5/qt5imageformats/qt5imageformats.hash
@@ -1,8 +1,8 @@
# Hash from: https://download.qt.io/official_releases/qt/5.6/5.6.3/submodules/qtimageformats-opensource-src-5.6.3.tar.xz.mirrorlist
sha256 efe4da3c90c976c9b9a2eb6b081d2b8e1435935695104456276ce98e8a5848c3 qtimageformats-opensource-src-5.6.3.tar.xz
-# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.3/submodules/qtimageformats-opensource-src-5.9.3.tar.xz.mirrorlist
-sha256 d4b309ddbac2275cafadffc62047a26ed8f169bde015925761894843eae725dd qtimageformats-opensource-src-5.9.3.tar.xz
+# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.4/submodules/qtimageformats-opensource-src-5.9.4.tar.xz.mirrorlist
+sha256 69e17081a8649b7db138073942d07d2e99f78f4b954ccd6aab3a406e92dbddd9 qtimageformats-opensource-src-5.9.4.tar.xz
# Hashes for license files:
sha256 edfe70e99be2a7c109d860b19204609e582720b211c50caedac729da372a1253 LICENSE.GPLv2
diff --git a/package/qt5/qt5location/qt5location.hash b/package/qt5/qt5location/qt5location.hash
index 5bb2021e09..3f9ba667c1 100644
--- a/package/qt5/qt5location/qt5location.hash
+++ b/package/qt5/qt5location/qt5location.hash
@@ -1,8 +1,8 @@
# Hash from: https://download.qt.io/official_releases/qt/5.6/5.6.3/submodules/qtlocation-opensource-src-5.6.3.tar.xz.mirrorlist
sha256 b7a81c58cc331fb15bea8fba21d3c9a59f6dc6ad2e4855e30a14ce59a2af1466 qtlocation-opensource-src-5.6.3.tar.xz
-# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.3/submodules/qtlocation-opensource-src-5.9.3.tar.xz.mirrorlist
-sha256 80fd425cde8747c1fc79aa90994a9caf921d7c79ff41babec692fe43cdc74ce1 qtlocation-opensource-src-5.9.3.tar.xz
+# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.4/submodules/qtlocation-opensource-src-5.9.4.tar.xz.mirrorlist
+sha256 37ed68b0243a30b836cda79802e3f33404b1792f7b845a25b2e4989dc2fed2a0 qtlocation-opensource-src-5.9.4.tar.xz
# Hashes for license files:
sha256 edfe70e99be2a7c109d860b19204609e582720b211c50caedac729da372a1253 LICENSE.GPLv2
diff --git a/package/qt5/qt5multimedia/qt5multimedia.hash b/package/qt5/qt5multimedia/qt5multimedia.hash
index 750c3379ca..5cb253790a 100644
--- a/package/qt5/qt5multimedia/qt5multimedia.hash
+++ b/package/qt5/qt5multimedia/qt5multimedia.hash
@@ -1,8 +1,8 @@
# Hash from: https://download.qt.io/official_releases/qt/5.6/5.6.3/submodules/qtmultimedia-opensource-src-5.6.3.tar.xz.mirrorlist
sha256 ae36039ea8037742342f1615687e0ca2188f3ed0d700627a5e5be546c15e1b46 qtmultimedia-opensource-src-5.6.3.tar.xz
-# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.3/submodules/qtmultimedia-opensource-src-5.9.3.tar.xz.mirrorlist
-sha256 e79558d24ace9b4444d91d807b85778b6a0a592e7d1500ffadf45f7d3b8238a6 qtmultimedia-opensource-src-5.9.3.tar.xz
+# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.4/submodules/qtmultimedia-opensource-src-5.9.4.tar.xz.mirrorlist
+sha256 4952a00712e209ad34241b22cb338bad2f44c42a77316b3b05389faeee1e4e74 qtmultimedia-opensource-src-5.9.4.tar.xz
# Hashes for license files:
sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 LICENSE.GPL2
diff --git a/package/qt5/qt5multimedia/qt5multimedia.mk b/package/qt5/qt5multimedia/qt5multimedia.mk
index 6df96bcab4..041ef49092 100644
--- a/package/qt5/qt5multimedia/qt5multimedia.mk
+++ b/package/qt5/qt5multimedia/qt5multimedia.mk
@@ -34,8 +34,15 @@ ifeq ($(BR2_PACKAGE_ALSA_LIB),y)
QT5MULTIMEDIA_DEPENDENCIES += alsa-lib
endif
+# The mesa's EGL/eglplatform.h header includes X11 headers unless the flag
+# MESA_EGL_NO_X11_HEADERS is defined. Tell to not include X11 headers if
+# the libxcb is not selected.
+ifeq ($(BR2_PACKAGE_MESA3D_OPENGL_EGL)x$(BR2_PACKAGE_LIBXCB),yx)
+QT5MULTIMEDIA_QMAKEFLAGS += QMAKE_CXXFLAGS+=-DMESA_EGL_NO_X11_HEADERS
+endif
+
define QT5MULTIMEDIA_CONFIGURE_CMDS
- (cd $(@D); $(TARGET_MAKE_ENV) $(HOST_DIR)/bin/qmake)
+ (cd $(@D); $(TARGET_MAKE_ENV) $(HOST_DIR)/bin/qmake $(QT5MULTIMEDIA_QMAKEFLAGS))
endef
define QT5MULTIMEDIA_BUILD_CMDS
diff --git a/package/qt5/qt5quickcontrols/qt5quickcontrols.hash b/package/qt5/qt5quickcontrols/qt5quickcontrols.hash
index 84890c5612..ca1e217d83 100644
--- a/package/qt5/qt5quickcontrols/qt5quickcontrols.hash
+++ b/package/qt5/qt5quickcontrols/qt5quickcontrols.hash
@@ -1,8 +1,8 @@
# Hash from: https://download.qt.io/official_releases/qt/5.6/5.6.3/submodules/qtquickcontrols-opensource-src-5.6.3.tar.xz.mirrorlist
sha256 31bb0fc8f21b855af6ff02c415be3246128b523d0ef7c05e248e92281ab0db8e qtquickcontrols-opensource-src-5.6.3.tar.xz
-# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.3/submodules/qtquickcontrols-opensource-src-5.9.3.tar.xz.mirrorlist
-sha256 300eeebd7d2c243c0123bc2324b5643b3f967c0816aead0ba7b993aeeac0e226 qtquickcontrols-opensource-src-5.9.3.tar.xz
+# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.4/submodules/qtquickcontrols-opensource-src-5.9.4.tar.xz.mirrorlist
+sha256 16a205a09bfe9d54c38e9ef555e6f1ecd082576ef2a33cb80b6d49a7ccaed98b qtquickcontrols-opensource-src-5.9.4.tar.xz
# Hashes for license files:
sha256 edfe70e99be2a7c109d860b19204609e582720b211c50caedac729da372a1253 LICENSE.GPLv2
diff --git a/package/qt5/qt5quickcontrols2/5.9.3/0001-Example-flatstyle-needs-widgets-module.patch b/package/qt5/qt5quickcontrols2/5.9.3/0001-Example-flatstyle-needs-widgets-module.patch
deleted file mode 100644
index 17e3b3610e..0000000000
--- a/package/qt5/qt5quickcontrols2/5.9.3/0001-Example-flatstyle-needs-widgets-module.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-From 10d92524cd6736c767c9ce55a1d9b9f1a2a69a9f Mon Sep 17 00:00:00 2001
-From: Peter Seiderer <ps.report@gmx.net>
-Date: Sat, 25 Nov 2017 22:26:58 +0100
-Subject: [PATCH] Example flatstyle needs widgets module
-
-Fixes compile with disabled widgets module.
-
-Task-number: QTBUG-64761
-Change-Id: I743884d77d51e89061d87cab006bab0cafc9ddb7
-
-Upstream: https://codereview.qt-project.org/212583
-Signed-off-by: Peter Seiderer <ps.report@gmx.net>
----
- examples/quickcontrols2/quickcontrols2.pro | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/examples/quickcontrols2/quickcontrols2.pro b/examples/quickcontrols2/quickcontrols2.pro
-index 858759f..8310e9b 100644
---- a/examples/quickcontrols2/quickcontrols2.pro
-+++ b/examples/quickcontrols2/quickcontrols2.pro
-@@ -6,5 +6,6 @@ SUBDIRS += \
- contactlist \
- sidepanel \
- swipetoremove \
-- flatstyle \
- wearable
-+
-+qtHaveModule(widgets): SUBDIRS += flatstyle
---
-2.7.4
-
diff --git a/package/qt5/qt5quickcontrols2/qt5quickcontrols2.hash b/package/qt5/qt5quickcontrols2/qt5quickcontrols2.hash
index 7a6040f34c..15f23b5e4b 100644
--- a/package/qt5/qt5quickcontrols2/qt5quickcontrols2.hash
+++ b/package/qt5/qt5quickcontrols2/qt5quickcontrols2.hash
@@ -1,8 +1,8 @@
# Hash from: https://download.qt.io/official_releases/qt/5.6/5.6.3/submodules/qtquickcontrols2-opensource-src-5.6.3.tar.xz.mirrorlist
sha256 ec5078470abe2da888c2be5d1749b5961ef5132487c180ce4d4aa19ea7ff81cb qtquickcontrols2-opensource-src-5.6.3.tar.xz
-# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.3/submodules/qtquickcontrols2-opensource-src-5.9.3.tar.xz.mirrorlist
-sha256 21aaa26956ad0ccc3ce86ced7925ceae4b4cef25c6c5ef2f7ded608431420843 qtquickcontrols2-opensource-src-5.9.3.tar.xz
+# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.4/submodules/qtquickcontrols2-opensource-src-5.9.4.tar.xz.mirrorlist
+sha256 1528a7a356e7073f5eeca93ba6e3330ba708d31c3a8f10dc1ce4546d9557640c qtquickcontrols2-opensource-src-5.9.4.tar.xz
# Hashes for license files:
sha256 d2cfc059acb4abd8e513cd0a73cd8489f34cbafa7bc34d5d31fb3210821cf8ca LICENSE.GPLv3
diff --git a/package/qt5/qt5script/qt5script.hash b/package/qt5/qt5script/qt5script.hash
index 66582ad448..bcb37801a8 100644
--- a/package/qt5/qt5script/qt5script.hash
+++ b/package/qt5/qt5script/qt5script.hash
@@ -1,8 +1,8 @@
# Hash from: https://download.qt.io/official_releases/qt/5.6/5.6.3/submodules/qtscript-opensource-src-5.6.3.tar.xz.mirrorlist
sha256 f08720dd0e3a70377c1cb7fa3b129e24f4cdedade279e51b67c9271ab470b389 qtscript-opensource-src-5.6.3.tar.xz
-# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.3/submodules/qtscript-opensource-src-5.9.3.tar.xz.mirrorlist
-sha256 b80bfaaf58f154b68101e438a1881f669cb9974026926be7755adb00af355566 qtscript-opensource-src-5.9.3.tar.xz
+# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.4/submodules/qtscript-opensource-src-5.9.4.tar.xz.mirrorlist
+sha256 4045da078600b5928f8206341c442cc7f5eec8c51f477f7367072ab5c28ee053 qtscript-opensource-src-5.9.4.tar.xz
# Hashes for license files:
sha256 245248009fd0af1725d183248380e476c1283383909358a13686606352bf2a17 LICENSE.GPLv3
diff --git a/package/qt5/qt5scxml/qt5scxml.hash b/package/qt5/qt5scxml/qt5scxml.hash
index b0d861573c..dbe81ecbb6 100644
--- a/package/qt5/qt5scxml/qt5scxml.hash
+++ b/package/qt5/qt5scxml/qt5scxml.hash
@@ -1,5 +1,5 @@
-# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.3/submodules/qtscxml-opensource-src-5.9.3.tar.xz.mirrorlist
-sha256 d8f51fa8eddd09fef29d8fad6e570e9ca9403469543ab10cb5cfad738786a81b qtscxml-opensource-src-5.9.3.tar.xz
+# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.4/submodules/qtscxml-opensource-src-5.9.4.tar.xz.mirrorlist
+sha256 1decc54e157a1492066fe0e7d534c6a9888c096731af7cac9b64c52fd3950b75 qtscxml-opensource-src-5.9.4.tar.xz
# Hashes for license files:
diff --git a/package/qt5/qt5sensors/qt5sensors.hash b/package/qt5/qt5sensors/qt5sensors.hash
index 26e13d60b1..1a78d46770 100644
--- a/package/qt5/qt5sensors/qt5sensors.hash
+++ b/package/qt5/qt5sensors/qt5sensors.hash
@@ -1,8 +1,8 @@
# Hash from: https://download.qt.io/official_releases/qt/5.6/5.6.3/submodules/qtsensors-opensource-src-5.6.3.tar.xz.mirrorlist
sha256 7502d4dc5571865a7eea2a4180c3be396dfb8ce22df4c4f3d7e9ff32ab334973 qtsensors-opensource-src-5.6.3.tar.xz
-# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.3/submodules/qtsensors-opensource-src-5.9.3.tar.xz.mirrorlist
-sha256 b95ea20b3d616655435357671558631da6fe6970500b7e6d35d1111f0b8cdac1 qtsensors-opensource-src-5.9.3.tar.xz
+# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.4/submodules/qtsensors-opensource-src-5.9.4.tar.xz.mirrorlist
+sha256 793f3aa056b7ce9ae91acb599eab80525983e5e973bb4a2fdba82776ec9cd458 qtsensors-opensource-src-5.9.4.tar.xz
# Hashes for license files:
sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 LICENSE.GPL2
diff --git a/package/qt5/qt5serialbus/qt5serialbus.hash b/package/qt5/qt5serialbus/qt5serialbus.hash
index 9191fd2198..005fd0b5dc 100644
--- a/package/qt5/qt5serialbus/qt5serialbus.hash
+++ b/package/qt5/qt5serialbus/qt5serialbus.hash
@@ -1,8 +1,8 @@
# Hash from: https://download.qt.io/official_releases/qt/5.6/5.6.3/submodules/qtserialbus-opensource-src-5.6.3.tar.xz.mirrorlist
sha256 71c89be3879414e2a11cad93a4882758f9259b1c0aec980560309192c99f9a9e qtserialbus-opensource-src-5.6.3.tar.xz
-# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.3/submodules/qtserialbus-opensource-src-5.9.3.tar.xz.mirrorlist
-sha256 ef62745e1793515e03fa586171de13eb17ee7699c9eb626f76a4dc5a00c46938 qtserialbus-opensource-src-5.9.3.tar.xz
+# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.4/submodules/qtserialbus-opensource-src-5.9.4.tar.xz.mirrorlist
+sha256 ce91402e9781ef6ff37e313ce504b7f6fecb74e83d57d640fcbf82f1133fcbc4 qtserialbus-opensource-src-5.9.4.tar.xz
# Hashes for license files:
sha256 edfe70e99be2a7c109d860b19204609e582720b211c50caedac729da372a1253 LICENSE.GPLv2
diff --git a/package/qt5/qt5serialport/qt5serialport.hash b/package/qt5/qt5serialport/qt5serialport.hash
index 15abf7ac09..04122ef804 100644
--- a/package/qt5/qt5serialport/qt5serialport.hash
+++ b/package/qt5/qt5serialport/qt5serialport.hash
@@ -1,8 +1,8 @@
# Hash from: https://download.qt.io/official_releases/qt/5.6/5.6.3/submodules/qtserialport-opensource-src-5.6.3.tar.xz.mirrorlist
sha256 082d1fee2703aed19f840c4e4031e37c9b929e5bd8ebef2ebac4b28c509bae1a qtserialport-opensource-src-5.6.3.tar.xz
-# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.3/submodules/qtserialport-opensource-src-5.9.3.tar.xz.mirrorlist
-sha256 4cdd3e9157ec3e91078f993cd28651989fa2429a409e19d398fb9cced231abdf qtserialport-opensource-src-5.9.3.tar.xz
+# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.4/submodules/qtserialport-opensource-src-5.9.4.tar.xz.mirrorlist
+sha256 0c3d8e2908743c167113ce27be7b685e6f5c827c108107411d0c4c8b2f2b519c qtserialport-opensource-src-5.9.4.tar.xz
# Hashes for license files:
sha256 edfe70e99be2a7c109d860b19204609e582720b211c50caedac729da372a1253 LICENSE.GPLv2
diff --git a/package/qt5/qt5svg/qt5svg.hash b/package/qt5/qt5svg/qt5svg.hash
index 03659702d6..a94082c4bf 100644
--- a/package/qt5/qt5svg/qt5svg.hash
+++ b/package/qt5/qt5svg/qt5svg.hash
@@ -1,8 +1,8 @@
# Hash from: https://download.qt.io/official_releases/qt/5.6/5.6.3/submodules/qtsvg-opensource-src-5.6.3.tar.xz.mirrorlist
sha256 100f183517b46554079beabd8d2cabe3070a74dd0a2e64b6a304eac71cfadcec qtsvg-opensource-src-5.6.3.tar.xz
-# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.3/submodules/qtsvg-opensource-src-5.9.3.tar.xz.mirrorlist
-sha256 df6628a60c8fbbcff99e6a24955c29494268d741509a3367a2294031ab4f5df2 qtsvg-opensource-src-5.9.3.tar.xz
+# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.4/submodules/qtsvg-opensource-src-5.9.4.tar.xz.mirrorlist
+sha256 a2f22732bfd4f0f0204443daaa59448298ab5018750dce4600d01d969355037a qtsvg-opensource-src-5.9.4.tar.xz
# Hashes for license files:
sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 LICENSE.GPL2
diff --git a/package/qt5/qt5tools/qt5tools.hash b/package/qt5/qt5tools/qt5tools.hash
index 44856400e7..40176e6aee 100644
--- a/package/qt5/qt5tools/qt5tools.hash
+++ b/package/qt5/qt5tools/qt5tools.hash
@@ -1,8 +1,8 @@
# Hash from: https://download.qt.io/official_releases/qt/5.6/5.6.3/submodules/qttools-opensource-src-5.6.3.tar.xz.mirrorlist
sha256 1a63ba838058d73cb540040589b235ded77f76402693decfd6d4d3c75ea67926 qttools-opensource-src-5.6.3.tar.xz
-# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.3/submodules/qttools-opensource-src-5.9.3.tar.xz.mirrorlist
-sha256 442c38de3e35f9dcc355dadff35436e23a5a7abd7dd1167a3bf6325e3d9284ff qttools-opensource-src-5.9.3.tar.xz
+# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.4/submodules/qttools-opensource-src-5.9.4.tar.xz.mirrorlist
+sha256 95aa5782d5a79be22fba36cea4dc2319cf2a2060a3cc1e24e6585b8d98996e87 qttools-opensource-src-5.9.4.tar.xz
# Hashes for license files:
sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 LICENSE.GPL2
diff --git a/package/qt5/qt5tools/qt5tools.mk b/package/qt5/qt5tools/qt5tools.mk
index 3638b74163..cf181e576b 100644
--- a/package/qt5/qt5tools/qt5tools.mk
+++ b/package/qt5/qt5tools/qt5tools.mk
@@ -6,7 +6,7 @@
QT5TOOLS_VERSION = $(QT5_VERSION)
QT5TOOLS_SITE = $(QT5_SITE)
-QT5TOOLS_SOURCE = qttools-opensource-src-$(QT5BASE_VERSION).tar.xz
+QT5TOOLS_SOURCE = qttools-opensource-src-$(QT5TOOLS_VERSION).tar.xz
QT5TOOLS_DEPENDENCIES = qt5base
QT5TOOLS_INSTALL_STAGING = YES
diff --git a/package/qt5/qt5virtualkeyboard/qt5virtualkeyboard.hash b/package/qt5/qt5virtualkeyboard/qt5virtualkeyboard.hash
index 54ded48dea..81c81edff1 100644
--- a/package/qt5/qt5virtualkeyboard/qt5virtualkeyboard.hash
+++ b/package/qt5/qt5virtualkeyboard/qt5virtualkeyboard.hash
@@ -1,5 +1,5 @@
-# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.3/submodules/qtvirtualkeyboard-opensource-src-5.9.3.tar.xz.mirrorlist
-sha256 b9313f744026f0dcf6e1008212880cd34851499d8b6bc9fc9fbaa1e4e52532ff qtvirtualkeyboard-opensource-src-5.9.3.tar.xz
+# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.4/submodules/qtvirtualkeyboard-opensource-src-5.9.4.tar.xz.mirrorlist
+sha256 bf742a886054f12a73621952879cf7a2182304c498bc31ec8a61ef376b07e1ee qtvirtualkeyboard-opensource-src-5.9.4.tar.xz
# Hashes for license files:
sha256 8ceb4b9ee5adedde47b31e975c1d90c73ad27b6b165a1dcd80c7c545eb65b903 LICENSE.GPL3
diff --git a/package/qt5/qt5wayland/qt5wayland.hash b/package/qt5/qt5wayland/qt5wayland.hash
index f03a15ceb9..86dc65179f 100644
--- a/package/qt5/qt5wayland/qt5wayland.hash
+++ b/package/qt5/qt5wayland/qt5wayland.hash
@@ -1,8 +1,8 @@
# hash from: https://download.qt.io/official_releases/qt/5.6/5.6.3/submodules/qtwayland-opensource-src-5.6.3.tar.xz.mirrorlist
sha256 5a475278b2db73aa7fa7f3ba6d98d8d72774f5c77e172495007d79f91d09daa3 qtwayland-opensource-src-5.6.3.tar.xz
-# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.3/submodules/qtwayland-opensource-src-5.9.3.tar.xz.mirrorlist
-sha256 308e8c44b0ad13520868365d72786d3e3f0b384da99ee72ba543cd866f655f6d qtwayland-opensource-src-5.9.3.tar.xz
+# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.4/submodules/qtwayland-opensource-src-5.9.4.tar.xz.mirrorlist
+sha256 3f7496522013e6122bb8dc00d0c3cc7753a44dca94fa3b22096eaa21e6099874 qtwayland-opensource-src-5.9.4.tar.xz
# Hashes for license files:
sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 LICENSE.GPL2
diff --git a/package/qt5/qt5wayland/qt5wayland.mk b/package/qt5/qt5wayland/qt5wayland.mk
index 0a7bdb8cf9..8a7f2e1fb5 100644
--- a/package/qt5/qt5wayland/qt5wayland.mk
+++ b/package/qt5/qt5wayland/qt5wayland.mk
@@ -26,6 +26,13 @@ ifeq ($(BR2_PACKAGE_QT5WAYLAND_COMPOSITOR),y)
QT5WAYLAND_QMAKEFLAGS += CONFIG+=wayland-compositor
endif
+# The mesa's EGL/eglplatform.h header includes X11 headers unless the flag
+# MESA_EGL_NO_X11_HEADERS is defined. Tell to not include X11 headers if
+# the libxcb is not selected.
+ifeq ($(BR2_PACKAGE_MESA3D_OPENGL_EGL)x$(BR2_PACKAGE_LIBXCB),yx)
+QT5WAYLAND_QMAKEFLAGS += QMAKE_CXXFLAGS+=-DMESA_EGL_NO_X11_HEADERS
+endif
+
define QT5WAYLAND_CONFIGURE_CMDS
(cd $(@D); $(TARGET_MAKE_ENV) $(HOST_DIR)/bin/qmake $(QT5WAYLAND_QMAKEFLAGS))
endef
diff --git a/package/qt5/qt5webchannel/qt5webchannel.hash b/package/qt5/qt5webchannel/qt5webchannel.hash
index 188e5ea1f3..f1b69438d8 100644
--- a/package/qt5/qt5webchannel/qt5webchannel.hash
+++ b/package/qt5/qt5webchannel/qt5webchannel.hash
@@ -1,8 +1,8 @@
# Hash from: https://download.qt.io/official_releases/qt/5.6/5.6.3/submodules/qtwebchannel-opensource-src-5.6.3.tar.xz.mirrorlist
sha256 8eb1b0ac2286653c7932758c21e7760788a5d7cfd6162da09afa926d5be50713 qtwebchannel-opensource-src-5.6.3.tar.xz
-# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.3/submodules/qtwebchannel-opensource-src-5.9.3.tar.xz.mirrorlist
-sha256 632795b293f1318e9aaa1e124b6a39b1625c8c1e35b0a9f05a02ea0066458358 qtwebchannel-opensource-src-5.9.3.tar.xz
+# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.4/submodules/qtwebchannel-opensource-src-5.9.4.tar.xz.mirrorlist
+sha256 90303a72da63f250b6d6731b74827b0a1764904aac790a7264a3f65c94039aa9 qtwebchannel-opensource-src-5.9.4.tar.xz
# Hashes for license files:
sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 LICENSE.GPL2
diff --git a/package/qt5/qt5webengine/5.9.3/0002-Load-libEGL-and-libGLES2-symbols-implicitly.patch b/package/qt5/qt5webengine/5.9.3/0002-Load-libEGL-and-libGLES2-symbols-implicitly.patch
deleted file mode 100644
index b8ef687f99..0000000000
--- a/package/qt5/qt5webengine/5.9.3/0002-Load-libEGL-and-libGLES2-symbols-implicitly.patch
+++ /dev/null
@@ -1,89 +0,0 @@
-From d4c621f6a6b87f2a86069fa393b9f7c4f9e7b9ad Mon Sep 17 00:00:00 2001
-From: Viktor Engelmann <viktor.engelmann@qt.io>
-Date: Fri, 7 Jul 2017 12:56:19 +0200
-Subject: [PATCH] Load libEGL and libGLES2 symbols implicitly
-
-Instead of explicitly loading libraries from hard-coded locations,
-we now just call dlopen(NULL, RTLD_LAZY). This returns a handle to
-the host process'es context, which already contains the symbols of
-both these libraries, because we link against them.
-It was necessary to bypass LoadLibrary, because that expects a non-NULL
-file path, so we couldn't pass NULL through that interface.
-
-Task-number: QTBUG-57761
-Change-Id: I29f037dfe542222b5188a33c7727c81a464a87bb
-Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
-Reviewed-by: Michal Klocek <michal.klocek@qt.io>
-Upstream-Status: Merged
-Signed-off-by: Gaël PORTAY <gael.portay@savoirfairelinux.com>
----
- src/core/surface_factory_qt.cpp | 40 ++++++++--------------------------------
- 1 file changed, 8 insertions(+), 32 deletions(-)
-
-diff --git a/src/core/surface_factory_qt.cpp b/src/core/surface_factory_qt.cpp
-index 36c05ec5..e8be8480 100644
---- a/src/core/surface_factory_qt.cpp
-+++ b/src/core/surface_factory_qt.cpp
-@@ -51,51 +51,27 @@
- #if defined(USE_OZONE)
-
- #include <EGL/egl.h>
--
--#ifndef QT_LIBDIR_EGL
--#define QT_LIBDIR_EGL "/usr/lib"
--#endif
--#ifndef QT_LIBDIR_GLES2
--#define QT_LIBDIR_GLES2 QT_LIBDIR_EGL
--#endif
-+#include <dlfcn.h>
-
- namespace QtWebEngineCore {
-
--base::NativeLibrary LoadLibrary(const base::FilePath& filename) {
-- base::NativeLibraryLoadError error;
-- base::NativeLibrary library = base::LoadNativeLibrary(filename, &error);
-- if (!library) {
-- LOG(ERROR) << "Failed to load " << filename.MaybeAsASCII() << ": " << error.ToString();
-- return NULL;
-- }
-- return library;
--}
--
- bool SurfaceFactoryQt::LoadEGLGLES2Bindings()
- {
-- base::FilePath libEGLPath = QtWebEngineCore::toFilePath(QT_LIBDIR_EGL);
-- libEGLPath = libEGLPath.Append("libEGL.so.1");
-- base::NativeLibrary eglLibrary = LoadLibrary(libEGLPath);
-- if (!eglLibrary)
-- return false;
--
-- base::FilePath libGLES2Path = QtWebEngineCore::toFilePath(QT_LIBDIR_GLES2);
-- libGLES2Path = libGLES2Path.Append("libGLESv2.so.2");
-- base::NativeLibrary gles2Library = LoadLibrary(libGLES2Path);
-- if (!gles2Library)
-+ base::NativeLibrary eglgles2Library = dlopen(NULL, RTLD_LAZY);
-+ if (!eglgles2Library) {
-+ LOG(ERROR) << "Failed to open EGL/GLES2 context " << dlerror();
- return false;
-+ }
-
-- gl::GLGetProcAddressProc get_proc_address = reinterpret_cast<gl::GLGetProcAddressProc>(base::GetFunctionPointerFromNativeLibrary(eglLibrary, "eglGetProcAddress"));
-+ gl::GLGetProcAddressProc get_proc_address = reinterpret_cast<gl::GLGetProcAddressProc>(base::GetFunctionPointerFromNativeLibrary(eglgles2Library, "eglGetProcAddress"));
- if (!get_proc_address) {
- LOG(ERROR) << "eglGetProcAddress not found.";
-- base::UnloadNativeLibrary(eglLibrary);
-- base::UnloadNativeLibrary(gles2Library);
-+ base::UnloadNativeLibrary(eglgles2Library);
- return false;
- }
-
- gl::SetGLGetProcAddressProc(get_proc_address);
-- gl::AddGLNativeLibrary(eglLibrary);
-- gl::AddGLNativeLibrary(gles2Library);
-+ gl::AddGLNativeLibrary(eglgles2Library);
- return true;
- }
-
---
-2.13.2
-
diff --git a/package/qt5/qt5webengine/Config.in b/package/qt5/qt5webengine/Config.in
index d0c8d18210..7c99255061 100644
--- a/package/qt5/qt5webengine/Config.in
+++ b/package/qt5/qt5webengine/Config.in
@@ -81,4 +81,14 @@ config BR2_PACKAGE_QT5WEBENGINE_PROPRIETARY_CODECS
which includes required proprietary audio and video codecs,
such as H.264 and MPEG layer-3 (MP3).
+config BR2_PACKAGE_QT5WEBENGINE_ALSA
+ bool "alsa"
+ select BR2_PACKAGE_ALSA_LIB
+ select BR2_PACKAGE_ALSA_LIB_MIXER
+ select BR2_PACKAGE_ALSA_LIB_RAWMIDI
+ select BR2_PACKAGE_ALSA_LIB_HWDEP
+ select BR2_PACKAGE_ALSA_LIB_SEQ
+ help
+ Enable ALSA support.
+
endif
diff --git a/package/qt5/qt5webengine/qt5webengine.hash b/package/qt5/qt5webengine/qt5webengine.hash
index 35acf8da2c..9195c7f3b6 100644
--- a/package/qt5/qt5webengine/qt5webengine.hash
+++ b/package/qt5/qt5webengine/qt5webengine.hash
@@ -1,5 +1,5 @@
# Hash from https://download.qt.io/official_releases/qt/5.6/5.6.3/submodules/qtwebengine-opensource-src-5.6.3.tar.xz.mirrorlist
sha256 009d69fb39f6c0e2b0cd89a7e9302cd0ae1872d02c787d3a37f2cacca5ddb7a7 qtwebengine-opensource-src-5.6.3.tar.xz
-# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.3/submodules/qtwebengine-opensource-src-5.9.2.tar.xz.mirrorlist
-sha256 45ae1142fd87271c100f4d7889427738e774e86db5d8f6bcf9ceb99d18571d37 qtwebengine-opensource-src-5.9.3.tar.xz
+# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.4/submodules/qtwebengine-opensource-src-5.9.4.tar.xz.mirrorlist
+sha256 04b4305489b326bbbfe32b5f1da4a33ae034e54130776e3616b9e6d45a5a8271 qtwebengine-opensource-src-5.9.4.tar.xz
diff --git a/package/qt5/qt5webengine/qt5webengine.mk b/package/qt5/qt5webengine/qt5webengine.mk
index 96dd401c6c..4d423f8329 100644
--- a/package/qt5/qt5webengine/qt5webengine.mk
+++ b/package/qt5/qt5webengine/qt5webengine.mk
@@ -28,6 +28,12 @@ ifeq ($(BR2_PACKAGE_QT5WEBENGINE_PROPRIETARY_CODECS),y)
QT5WEBENGINE_QMAKEFLAGS += WEBENGINE_CONFIG+=use_proprietary_codecs
endif
+ifeq ($(BR2_PACKAGE_QT5WEBENGINE_ALSA),y)
+QT5WEBENGINE_DEPENDENCIES += alsa-lib
+else
+QT5WEBENGINE_QMAKEFLAGS += QT_CONFIG-=alsa
+endif
+
# QtWebengine's build system uses python, but only supports python2. We work
# around this by forcing python2 early in the PATH, via a python->python2
# symlink.
@@ -39,7 +45,7 @@ endef
QT5WEBENGINE_PRE_CONFIGURE_HOOKS += QT5WEBENGINE_PYTHON2_SYMLINK
define QT5WEBENGINE_CONFIGURE_CMDS
- (cd $(@D); $(TARGET_MAKE_ENV) $(QT5WEBENGINE_ENV) $(HOST_DIR)/usr/bin/qmake $(QT5WEBENGINE_QMAKEFLAGS))
+ (cd $(@D); $(TARGET_MAKE_ENV) $(QT5WEBENGINE_ENV) $(HOST_DIR)/bin/qmake $(QT5WEBENGINE_QMAKEFLAGS))
endef
define QT5WEBENGINE_BUILD_CMDS
diff --git a/package/qt5/qt5webkit-examples/qt5webkit-examples.hash b/package/qt5/qt5webkit-examples/qt5webkit-examples.hash
index 2af1efbaf0..6e4c090fdd 100644
--- a/package/qt5/qt5webkit-examples/qt5webkit-examples.hash
+++ b/package/qt5/qt5webkit-examples/qt5webkit-examples.hash
@@ -1,5 +1,5 @@
-# Hash from: http://download.qt.io/community_releases/5.6/5.6.3/qtwebkit-examples-opensource-src-5.6.3.tar.xz.mirrorlist
+# Hash from: https://download.qt.io/community_releases/5.6/5.6.3/qtwebkit-examples-opensource-src-5.6.3.tar.xz.mirrorlist
sha256 2d6ce7146298d03b443cca4390bbfee17c4c0b08a31efcbf9fe0732291a6169e qtwebkit-examples-opensource-src-5.6.3.tar.xz
-# Hash from: http://download.qt.io/official_releases/qt/5.9/5.9.1/submodules/qtwebkit-examples-opensource-src-5.9.1.tar.xz.mirrorlist
+# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.1/submodules/qtwebkit-examples-opensource-src-5.9.1.tar.xz.mirrorlist
sha256 e4ce4de6b468243abad2baabbe8ddfb05d25b186529bfe88cb8662fc983f54d0 qtwebkit-examples-opensource-src-5.9.1.tar.xz
diff --git a/package/qt5/qt5webkit-examples/qt5webkit-examples.mk b/package/qt5/qt5webkit-examples/qt5webkit-examples.mk
index f81e994dc5..4c01d8318a 100644
--- a/package/qt5/qt5webkit-examples/qt5webkit-examples.mk
+++ b/package/qt5/qt5webkit-examples/qt5webkit-examples.mk
@@ -7,10 +7,10 @@
# no 5.9.2 package available, fall back to 5.9.1 version
ifeq ($(BR2_PACKAGE_QT5_VERSION_LATEST),y)
QT5WEBKIT_EXAMPLES_VERSION = 5.9.1
-QT5WEBKIT_EXAMPLES_SITE = http://download.qt.io/official_releases/qt/5.9/5.9.1/submodules
+QT5WEBKIT_EXAMPLES_SITE = https://download.qt.io/official_releases/qt/5.9/5.9.1/submodules
else
QT5WEBKIT_EXAMPLES_VERSION = $(QT5_VERSION)
-QT5WEBKIT_EXAMPLES_SITE = http://download.qt.io/community_releases/5.6/$(QT5_VERSION)
+QT5WEBKIT_EXAMPLES_SITE = https://download.qt.io/community_releases/5.6/$(QT5_VERSION)
endif
QT5WEBKIT_EXAMPLES_SOURCE = qtwebkit-examples-opensource-src-$(QT5WEBKIT_VERSION).tar.xz
diff --git a/package/qt5/qt5webkit/qt5webkit.hash b/package/qt5/qt5webkit/qt5webkit.hash
index aa3a71c8d0..57ff2ac1b7 100644
--- a/package/qt5/qt5webkit/qt5webkit.hash
+++ b/package/qt5/qt5webkit/qt5webkit.hash
@@ -1,7 +1,7 @@
-# Hash from: http://download.qt.io/community_releases/5.6/5.6.3/qtwebkit-opensource-src-5.6.3.tar.xz.mirrorlist
+# Hash from: https://download.qt.io/community_releases/5.6/5.6.3/qtwebkit-opensource-src-5.6.3.tar.xz.mirrorlist
sha256 098c6bb25798fbf1b619b540621287787064efc9b586d76ac0ce7e39b87a3896 qtwebkit-opensource-src-5.6.3.tar.xz
-# hash from: http://download.qt.io/official_releases/qt/5.9/5.9.1/submodules/qtwebkit-opensource-src-5.9.1.tar.xz.mirrorlist
+# hash from: https://download.qt.io/official_releases/qt/5.9/5.9.1/submodules/qtwebkit-opensource-src-5.9.1.tar.xz.mirrorlist
sha256 28a560becd800a4229bfac317c2e5407cd3cc95308bc4c3ca90dba2577b052cf qtwebkit-opensource-src-5.9.1.tar.xz
# Hashes for license files:
diff --git a/package/qt5/qt5webkit/qt5webkit.mk b/package/qt5/qt5webkit/qt5webkit.mk
index 7925b114e6..5186671663 100644
--- a/package/qt5/qt5webkit/qt5webkit.mk
+++ b/package/qt5/qt5webkit/qt5webkit.mk
@@ -7,10 +7,10 @@
# no 5.9.2 package available, fall back to 5.9.1 version
ifeq ($(BR2_PACKAGE_QT5_VERSION_LATEST),y)
QT5WEBKIT_VERSION = 5.9.1
-QT5WEBKIT_SITE = http://download.qt.io/official_releases/qt/5.9/5.9.1/submodules
+QT5WEBKIT_SITE = https://download.qt.io/official_releases/qt/5.9/5.9.1/submodules
else
QT5WEBKIT_VERSION = $(QT5_VERSION)
-QT5WEBKIT_SITE = http://download.qt.io/community_releases/5.6/$(QT5_VERSION)
+QT5WEBKIT_SITE = https://download.qt.io/community_releases/5.6/$(QT5_VERSION)
endif
QT5WEBKIT_SOURCE = qtwebkit-opensource-src-$(QT5WEBKIT_VERSION).tar.xz
@@ -44,8 +44,15 @@ define QT5WEBKIT_PYTHON2_SYMLINK
endef
QT5WEBKIT_PRE_CONFIGURE_HOOKS += QT5WEBKIT_PYTHON2_SYMLINK
+# The mesa's EGL/eglplatform.h header includes X11 headers unless the flag
+# MESA_EGL_NO_X11_HEADERS is defined. Tell to not include X11 headers if
+# the libxcb is not selected.
+ifeq ($(BR2_PACKAGE_MESA3D_OPENGL_EGL)x$(BR2_PACKAGE_LIBXCB),yx)
+QT5WEBKIT_QMAKEFLAGS += QMAKE_CXXFLAGS+=-DMESA_EGL_NO_X11_HEADERS
+endif
+
define QT5WEBKIT_CONFIGURE_CMDS
- (cd $(@D); $(TARGET_MAKE_ENV) $(QT5WEBKIT_ENV) $(HOST_DIR)/bin/qmake)
+ (cd $(@D); $(TARGET_MAKE_ENV) $(QT5WEBKIT_ENV) $(HOST_DIR)/bin/qmake $(QT5WEBKIT_QMAKEFLAGS))
endef
define QT5WEBKIT_BUILD_CMDS
diff --git a/package/qt5/qt5websockets/qt5websockets.hash b/package/qt5/qt5websockets/qt5websockets.hash
index e76482bcfe..368be9b497 100644
--- a/package/qt5/qt5websockets/qt5websockets.hash
+++ b/package/qt5/qt5websockets/qt5websockets.hash
@@ -1,8 +1,8 @@
# Hash from: https://download.qt.io/official_releases/qt/5.6/5.6.3/submodules/qtwebsockets-opensource-src-5.6.3.tar.xz.mirrorlist
sha256 a2439045616c89dfe06333734ff4726075c92e01db6e6b6863bc138e39c028eb qtwebsockets-opensource-src-5.6.3.tar.xz
-# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.3/submodules/qtwebsockets-opensource-src-5.9.3.tar.xz.mirrorlist
-sha256 ce069dff5b552bc6039bcf17e211d2c8837757e2194773bb54054105866111de qtwebsockets-opensource-src-5.9.3.tar.xz
+# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.4/submodules/qtwebsockets-opensource-src-5.9.4.tar.xz.mirrorlist
+sha256 72970209f0d4260d11688d3d38d9e953d7fa4309a8a55e2c32726a545333e800 qtwebsockets-opensource-src-5.9.4.tar.xz
# Hashes for license files:
sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 LICENSE.GPL2
diff --git a/package/qt5/qt5x11extras/qt5x11extras.hash b/package/qt5/qt5x11extras/qt5x11extras.hash
index e835648c52..943577bbd6 100644
--- a/package/qt5/qt5x11extras/qt5x11extras.hash
+++ b/package/qt5/qt5x11extras/qt5x11extras.hash
@@ -1,8 +1,8 @@
# Hash from: https://download.qt.io/official_releases/qt/5.6/5.6.3/submodules/qtx11extras-opensource-src-5.6.3.tar.xz.mirrorlist
sha256 1e7a8e96e0629f2b2b78de684b156b357210cf5df6b42f30789423f2cb07677f qtx11extras-opensource-src-5.6.3.tar.xz
-# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.3/submodules/qtx11extras-opensource-src-5.9.3.tar.xz.mirrorlist
-sha256 e4e0bf8cbb629758ab85b72d240d7424642482f602ce414e06deef4e147bf2be qtx11extras-opensource-src-5.9.3.tar.xz
+# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.4/submodules/qtx11extras-opensource-src-5.9.4.tar.xz.mirrorlist
+sha256 879b18c44550e1be86c29adcca555c92915aab9222c40384beae2f7aa22b22a8 qtx11extras-opensource-src-5.9.4.tar.xz
# Hashes for license files:
sha256 edfe70e99be2a7c109d860b19204609e582720b211c50caedac729da372a1253 LICENSE.GPLv2
diff --git a/package/qt5/qt5xmlpatterns/qt5xmlpatterns.hash b/package/qt5/qt5xmlpatterns/qt5xmlpatterns.hash
index e7f9d60fdd..9c68eae1d8 100644
--- a/package/qt5/qt5xmlpatterns/qt5xmlpatterns.hash
+++ b/package/qt5/qt5xmlpatterns/qt5xmlpatterns.hash
@@ -1,8 +1,8 @@
# Hash from: https://download.qt.io/official_releases/qt/5.6/5.6.3/submodules/qtxmlpatterns-opensource-src-5.6.3.tar.xz.mirrorlist
sha256 a461ff9f0d7310de9b9904ff9cd34919e958bf4071a6fc7096450b8990ab51f6 qtxmlpatterns-opensource-src-5.6.3.tar.xz
-# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.3/submodules/qtxmlpatterns-opensource-src-5.9.3.tar.xz.mirrorlist
-sha256 cf9c66a612a963382f7b4b51ac8ee5e920bd035b26ecb5c5957f8f3d3286f0ba qtxmlpatterns-opensource-src-5.9.3.tar.xz
+# Hash from: https://download.qt.io/official_releases/qt/5.9/5.9.4/submodules/qtxmlpatterns-opensource-src-5.9.4.tar.xz.mirrorlist
+sha256 faf51ad39e5c2b856b38989c79d69253ad74d4b8d3278d4aaa79d3c547047f79 qtxmlpatterns-opensource-src-5.9.4.tar.xz
# Hashes for license files:
sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 LICENSE.GPL2
diff --git a/package/quagga/0005-bgpd-security-invalid-attr-length-sends-NOTIFY-with-.patch b/package/quagga/0005-bgpd-security-invalid-attr-length-sends-NOTIFY-with-.patch
new file mode 100644
index 0000000000..b64109d0f7
--- /dev/null
+++ b/package/quagga/0005-bgpd-security-invalid-attr-length-sends-NOTIFY-with-.patch
@@ -0,0 +1,69 @@
+From cc2e6770697e343f4af534114ab7e633d5beabec Mon Sep 17 00:00:00 2001
+From: Paul Jakma <paul@jakma.org>
+Date: Wed, 3 Jan 2018 23:57:33 +0000
+Subject: [PATCH] bgpd/security: invalid attr length sends NOTIFY with data
+ overrun
+
+Security issue: Quagga-2018-0543
+
+See: https://www.quagga.net/security/Quagga-2018-0543.txt
+
+* bgpd/bgp_attr.c: (bgp_attr_parse) An invalid attribute length is correctly
+ checked, and a NOTIFY prepared. The NOTIFY can include the incorrect
+ received data with the NOTIFY, for debug purposes. Commit
+ c69698704806a9ac5 modified the code to do that just, and also send the
+ malformed attr with the NOTIFY. However, the invalid attribute length was
+ used as the length of the data to send back.
+
+ The result is a read past the end of data, which is then written to the
+ NOTIFY message and sent to the peer.
+
+ A configured BGP peer can use this bug to read up to 64 KiB of memory from
+ the bgpd process, or crash the process if the invalid read is caught by
+ some means (unmapped page and SEGV, or other mechanism) resulting in a DoS.
+
+ This bug _ought_ /not/ be exploitable by anything other than the connected
+ BGP peer, assuming the underlying TCP transport is secure. For no BGP
+ peer should send on an UPDATE with this attribute. Quagga will not, as
+ Quagga always validates the attr header length, regardless of type.
+
+ However, it is possible that there are BGP implementations that do not
+ check lengths on some attributes (e.g. optional/transitive ones of a type
+ they do not recognise), and might pass such malformed attrs on. If such
+ implementations exists and are common, then this bug might be triggerable
+ by BGP speakers further hops away. Those peers will not receive the
+ NOTIFY (unless they sit on a shared medium), however they might then be
+ able to trigger a DoS.
+
+ Fix: use the valid bound to calculate the length.
+
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+---
+ bgpd/bgp_attr.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/bgpd/bgp_attr.c b/bgpd/bgp_attr.c
+index ef58beb1..9564637e 100644
+--- a/bgpd/bgp_attr.c
++++ b/bgpd/bgp_attr.c
+@@ -2147,6 +2147,8 @@ bgp_attr_parse (struct peer *peer, struct attr *attr, bgp_size_t size,
+ memset (seen, 0, BGP_ATTR_BITMAP_SIZE);
+
+ /* End pointer of BGP attribute. */
++ assert (size <= stream_get_size (BGP_INPUT (peer)));
++ assert (size <= stream_get_endp (BGP_INPUT (peer)));
+ endp = BGP_INPUT_PNT (peer) + size;
+
+ /* Get attributes to the end of attribute length. */
+@@ -2228,7 +2230,7 @@ bgp_attr_parse (struct peer *peer, struct attr *attr, bgp_size_t size,
+ bgp_notify_send_with_data (peer,
+ BGP_NOTIFY_UPDATE_ERR,
+ BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
+- startp, attr_endp - startp);
++ startp, endp - startp);
+ return BGP_ATTR_PARSE_ERROR;
+ }
+
+--
+2.11.0
+
diff --git a/package/quagga/0006-bgpd-security-Fix-double-free-of-unknown-attribute.patch b/package/quagga/0006-bgpd-security-Fix-double-free-of-unknown-attribute.patch
new file mode 100644
index 0000000000..0e32817f06
--- /dev/null
+++ b/package/quagga/0006-bgpd-security-Fix-double-free-of-unknown-attribute.patch
@@ -0,0 +1,112 @@
+From e69b535f92eafb599329bf725d9b4c6fd5d7fded Mon Sep 17 00:00:00 2001
+From: Paul Jakma <paul@jakma.org>
+Date: Sat, 6 Jan 2018 19:52:10 +0000
+Subject: [PATCH] bgpd/security: Fix double free of unknown attribute
+
+Security issue: Quagga-2018-1114
+See: https://www.quagga.net/security/Quagga-2018-1114.txt
+
+It is possible for bgpd to double-free an unknown attribute. This can happen
+via bgp_update_receive receiving an UPDATE with an invalid unknown attribute.
+bgp_update_receive then will call bgp_attr_unintern_sub and bgp_attr_flush,
+and the latter may try free an already freed unknown attr.
+
+* bgpd/bgp_attr.c: (transit_unintern) Take a pointer to the caller's storage
+ for the (struct transit *), so that transit_unintern can NULL out the
+ caller's reference if the (struct transit) is freed.
+ (cluster_unintern) By inspection, appears to have a similar issue.
+ (bgp_attr_unintern_sub) adjust for above.
+
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+---
+ bgpd/bgp_attr.c | 33 +++++++++++++++++++--------------
+ bgpd/bgp_attr.h | 4 ++--
+ 2 files changed, 21 insertions(+), 16 deletions(-)
+
+diff --git a/bgpd/bgp_attr.c b/bgpd/bgp_attr.c
+index 9564637e..0c2806b5 100644
+--- a/bgpd/bgp_attr.c
++++ b/bgpd/bgp_attr.c
+@@ -199,15 +199,17 @@ cluster_intern (struct cluster_list *cluster)
+ }
+
+ void
+-cluster_unintern (struct cluster_list *cluster)
++cluster_unintern (struct cluster_list **cluster)
+ {
+- if (cluster->refcnt)
+- cluster->refcnt--;
++ struct cluster_list *c = *cluster;
++ if (c->refcnt)
++ c->refcnt--;
+
+- if (cluster->refcnt == 0)
++ if (c->refcnt == 0)
+ {
+- hash_release (cluster_hash, cluster);
+- cluster_free (cluster);
++ hash_release (cluster_hash, c);
++ cluster_free (c);
++ *cluster = NULL;
+ }
+ }
+
+@@ -357,15 +359,18 @@ transit_intern (struct transit *transit)
+ }
+
+ void
+-transit_unintern (struct transit *transit)
++transit_unintern (struct transit **transit)
+ {
+- if (transit->refcnt)
+- transit->refcnt--;
++ struct transit *t = *transit;
++
++ if (t->refcnt)
++ t->refcnt--;
+
+- if (transit->refcnt == 0)
++ if (t->refcnt == 0)
+ {
+- hash_release (transit_hash, transit);
+- transit_free (transit);
++ hash_release (transit_hash, t);
++ transit_free (t);
++ *transit = NULL;
+ }
+ }
+
+@@ -820,11 +825,11 @@ bgp_attr_unintern_sub (struct attr *attr)
+ UNSET_FLAG(attr->flag, ATTR_FLAG_BIT (BGP_ATTR_LARGE_COMMUNITIES));
+
+ if (attr->extra->cluster)
+- cluster_unintern (attr->extra->cluster);
++ cluster_unintern (&attr->extra->cluster);
+ UNSET_FLAG(attr->flag, ATTR_FLAG_BIT (BGP_ATTR_CLUSTER_LIST));
+
+ if (attr->extra->transit)
+- transit_unintern (attr->extra->transit);
++ transit_unintern (&attr->extra->transit);
+ }
+ }
+
+diff --git a/bgpd/bgp_attr.h b/bgpd/bgp_attr.h
+index 9ff074b2..052acc7d 100644
+--- a/bgpd/bgp_attr.h
++++ b/bgpd/bgp_attr.h
+@@ -187,10 +187,10 @@ extern unsigned long int attr_unknown_count (void);
+
+ /* Cluster list prototypes. */
+ extern int cluster_loop_check (struct cluster_list *, struct in_addr);
+-extern void cluster_unintern (struct cluster_list *);
++extern void cluster_unintern (struct cluster_list **);
+
+ /* Transit attribute prototypes. */
+-void transit_unintern (struct transit *);
++void transit_unintern (struct transit **);
+
+ /* Below exported for unit-test purposes only */
+ struct bgp_attr_parser_args {
+--
+2.11.0
+
diff --git a/package/quagga/0007-bgpd-security-debug-print-of-received-NOTIFY-data-ca.patch b/package/quagga/0007-bgpd-security-debug-print-of-received-NOTIFY-data-ca.patch
new file mode 100644
index 0000000000..aeb50ae559
--- /dev/null
+++ b/package/quagga/0007-bgpd-security-debug-print-of-received-NOTIFY-data-ca.patch
@@ -0,0 +1,114 @@
+From 9e5251151894aefdf8e9392a2371615222119ad8 Mon Sep 17 00:00:00 2001
+From: Paul Jakma <paul@jakma.org>
+Date: Sat, 6 Jan 2018 22:31:52 +0000
+Subject: [PATCH] bgpd/security: debug print of received NOTIFY data can
+ over-read msg array
+
+Security issue: Quagga-2018-1550
+See: https://www.quagga.net/security/Quagga-2018-1550.txt
+
+* bgpd/bgp_debug.c: (struct message) Nearly every one of the NOTIFY
+ code/subcode message arrays has their corresponding size variables off
+ by one, as most have 1 as first index.
+
+ This means (bgp_notify_print) can cause mes_lookup to overread the (struct
+ message) by 1 pointer value if given an unknown index.
+
+ Fix the bgp_notify_..._msg_max variables to use the compiler to calculate
+ the correct sizes.
+
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+---
+ bgpd/bgp_debug.c | 21 ++++++++++++---------
+ 1 file changed, 12 insertions(+), 9 deletions(-)
+
+diff --git a/bgpd/bgp_debug.c b/bgpd/bgp_debug.c
+index ba797228..43faee7c 100644
+--- a/bgpd/bgp_debug.c
++++ b/bgpd/bgp_debug.c
+@@ -29,6 +29,7 @@ Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
+ #include "log.h"
+ #include "sockunion.h"
+ #include "filter.h"
++#include "memory.h"
+
+ #include "bgpd/bgpd.h"
+ #include "bgpd/bgp_aspath.h"
+@@ -73,7 +74,8 @@ const struct message bgp_status_msg[] =
+ { Clearing, "Clearing" },
+ { Deleted, "Deleted" },
+ };
+-const int bgp_status_msg_max = BGP_STATUS_MAX;
++#define BGP_DEBUG_MSG_MAX(msg) const int msg ## _max = array_size (msg)
++BGP_DEBUG_MSG_MAX (bgp_status_msg);
+
+ /* BGP message type string. */
+ const char *bgp_type_str[] =
+@@ -84,7 +86,8 @@ const char *bgp_type_str[] =
+ "NOTIFICATION",
+ "KEEPALIVE",
+ "ROUTE-REFRESH",
+- "CAPABILITY"
++ "CAPABILITY",
++ NULL,
+ };
+
+ /* message for BGP-4 Notify */
+@@ -98,15 +101,15 @@ static const struct message bgp_notify_msg[] =
+ { BGP_NOTIFY_CEASE, "Cease"},
+ { BGP_NOTIFY_CAPABILITY_ERR, "CAPABILITY Message Error"},
+ };
+-static const int bgp_notify_msg_max = BGP_NOTIFY_MAX;
++BGP_DEBUG_MSG_MAX (bgp_notify_msg);
+
+ static const struct message bgp_notify_head_msg[] =
+ {
+ { BGP_NOTIFY_HEADER_NOT_SYNC, "/Connection Not Synchronized"},
+ { BGP_NOTIFY_HEADER_BAD_MESLEN, "/Bad Message Length"},
+- { BGP_NOTIFY_HEADER_BAD_MESTYPE, "/Bad Message Type"}
++ { BGP_NOTIFY_HEADER_BAD_MESTYPE, "/Bad Message Type"},
+ };
+-static const int bgp_notify_head_msg_max = BGP_NOTIFY_HEADER_MAX;
++BGP_DEBUG_MSG_MAX (bgp_notify_head_msg);
+
+ static const struct message bgp_notify_open_msg[] =
+ {
+@@ -119,7 +122,7 @@ static const struct message bgp_notify_open_msg[] =
+ { BGP_NOTIFY_OPEN_UNACEP_HOLDTIME, "/Unacceptable Hold Time"},
+ { BGP_NOTIFY_OPEN_UNSUP_CAPBL, "/Unsupported Capability"},
+ };
+-static const int bgp_notify_open_msg_max = BGP_NOTIFY_OPEN_MAX;
++BGP_DEBUG_MSG_MAX (bgp_notify_open_msg);
+
+ static const struct message bgp_notify_update_msg[] =
+ {
+@@ -136,7 +139,7 @@ static const struct message bgp_notify_update_msg[] =
+ { BGP_NOTIFY_UPDATE_INVAL_NETWORK, "/Invalid Network Field"},
+ { BGP_NOTIFY_UPDATE_MAL_AS_PATH, "/Malformed AS_PATH"},
+ };
+-static const int bgp_notify_update_msg_max = BGP_NOTIFY_UPDATE_MAX;
++BGP_DEBUG_MSG_MAX (bgp_notify_update_msg);
+
+ static const struct message bgp_notify_cease_msg[] =
+ {
+@@ -150,7 +153,7 @@ static const struct message bgp_notify_cease_msg[] =
+ { BGP_NOTIFY_CEASE_COLLISION_RESOLUTION, "/Connection collision resolution"},
+ { BGP_NOTIFY_CEASE_OUT_OF_RESOURCE, "/Out of Resource"},
+ };
+-static const int bgp_notify_cease_msg_max = BGP_NOTIFY_CEASE_MAX;
++BGP_DEBUG_MSG_MAX (bgp_notify_cease_msg);
+
+ static const struct message bgp_notify_capability_msg[] =
+ {
+@@ -159,7 +162,7 @@ static const struct message bgp_notify_capability_msg[] =
+ { BGP_NOTIFY_CAPABILITY_INVALID_LENGTH, "/Invalid Capability Length"},
+ { BGP_NOTIFY_CAPABILITY_MALFORMED_CODE, "/Malformed Capability Value"},
+ };
+-static const int bgp_notify_capability_msg_max = BGP_NOTIFY_CAPABILITY_MAX;
++BGP_DEBUG_MSG_MAX (bgp_notify_capability_msg);
+
+ /* Origin strings. */
+ const char *bgp_origin_str[] = {"i","e","?"};
+--
+2.11.0
+
diff --git a/package/quagga/0008-bgpd-security-fix-infinite-loop-on-certain-invalid-O.patch b/package/quagga/0008-bgpd-security-fix-infinite-loop-on-certain-invalid-O.patch
new file mode 100644
index 0000000000..0a06da9330
--- /dev/null
+++ b/package/quagga/0008-bgpd-security-fix-infinite-loop-on-certain-invalid-O.patch
@@ -0,0 +1,43 @@
+From ce07207c50a3d1f05d6dd49b5294282e59749787 Mon Sep 17 00:00:00 2001
+From: Paul Jakma <paul@jakma.org>
+Date: Sat, 6 Jan 2018 21:20:51 +0000
+Subject: [PATCH] bgpd/security: fix infinite loop on certain invalid OPEN
+ messages
+
+Security issue: Quagga-2018-1975
+See: https://www.quagga.net/security/Quagga-2018-1975.txt
+
+* bgpd/bgp_packet.c: (bgp_capability_msg_parse) capability parser can infinite
+ loop due to checks that issue 'continue' without bumping the input
+ pointer.
+
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+---
+ bgpd/bgp_packet.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/bgpd/bgp_packet.c b/bgpd/bgp_packet.c
+index b3d601fc..f9338d8d 100644
+--- a/bgpd/bgp_packet.c
++++ b/bgpd/bgp_packet.c
+@@ -2328,7 +2328,8 @@ bgp_capability_msg_parse (struct peer *peer, u_char *pnt, bgp_size_t length)
+
+ end = pnt + length;
+
+- while (pnt < end)
++ /* XXX: Streamify this */
++ for (; pnt < end; pnt += hdr->length + 3)
+ {
+ /* We need at least action, capability code and capability length. */
+ if (pnt + 3 > end)
+@@ -2416,7 +2417,6 @@ bgp_capability_msg_parse (struct peer *peer, u_char *pnt, bgp_size_t length)
+ zlog_warn ("%s unrecognized capability code: %d - ignored",
+ peer->host, hdr->code);
+ }
+- pnt += hdr->length + 3;
+ }
+ return 0;
+ }
+--
+2.11.0
+
diff --git a/package/rsync/0001-Check-fname-in-recv_files-sooner.patch b/package/rsync/0001-Check-fname-in-recv_files-sooner.patch
deleted file mode 100644
index 3616960306..0000000000
--- a/package/rsync/0001-Check-fname-in-recv_files-sooner.patch
+++ /dev/null
@@ -1,45 +0,0 @@
-From 3e06d40029cfdce9d0f73d87cfd4edaf54be9c51 Mon Sep 17 00:00:00 2001
-From: Jeriko One <jeriko.one@gmx.us>
-Date: Thu, 2 Nov 2017 23:44:19 -0700
-Subject: [PATCH] Check fname in recv_files sooner.
-
-Signed-off-by: Baruch Siach <baruch@tkos.co.il>
----
-Patch status: upstream commit 3e06d40029c
-
- receiver.c | 12 ++++++------
- 1 file changed, 6 insertions(+), 6 deletions(-)
-
-diff --git a/receiver.c b/receiver.c
-index baae3a919cdd..9fdafa152cb3 100644
---- a/receiver.c
-+++ b/receiver.c
-@@ -574,6 +574,12 @@ int recv_files(int f_in, int f_out, char *local_name)
- file = dir_flist->files[cur_flist->parent_ndx];
- fname = local_name ? local_name : f_name(file, fbuf);
-
-+ if (daemon_filter_list.head
-+ && check_filter(&daemon_filter_list, FLOG, fname, 0) < 0) {
-+ rprintf(FERROR, "attempt to hack rsync failed.\n");
-+ exit_cleanup(RERR_PROTOCOL);
-+ }
-+
- if (DEBUG_GTE(RECV, 1))
- rprintf(FINFO, "recv_files(%s)\n", fname);
-
-@@ -645,12 +651,6 @@ int recv_files(int f_in, int f_out, char *local_name)
-
- cleanup_got_literal = 0;
-
-- if (daemon_filter_list.head
-- && check_filter(&daemon_filter_list, FLOG, fname, 0) < 0) {
-- rprintf(FERROR, "attempt to hack rsync failed.\n");
-- exit_cleanup(RERR_PROTOCOL);
-- }
--
- if (read_batch) {
- int wanted = redoing
- ? we_want_redo(ndx)
---
-2.15.0
-
diff --git a/package/rsync/0002-Sanitize-xname-in-read_ndx_and_attrs.patch b/package/rsync/0002-Sanitize-xname-in-read_ndx_and_attrs.patch
deleted file mode 100644
index 1e5d3717c4..0000000000
--- a/package/rsync/0002-Sanitize-xname-in-read_ndx_and_attrs.patch
+++ /dev/null
@@ -1,39 +0,0 @@
-From 70aeb5fddd1b2f8e143276f8d5a085db16c593b9 Mon Sep 17 00:00:00 2001
-From: Jeriko One <jeriko.one@gmx.us>
-Date: Thu, 16 Nov 2017 17:05:42 -0800
-Subject: [PATCH] Sanitize xname in read_ndx_and_attrs.
-
-Signed-off-by: Baruch Siach <baruch@tkos.co.il>
----
-Patch status: upstream commit 70aeb5fddd
-
- rsync.c | 6 ++++++
- 1 file changed, 6 insertions(+)
-
-diff --git a/rsync.c b/rsync.c
-index b82e59881018..a0945ba4e7f5 100644
---- a/rsync.c
-+++ b/rsync.c
-@@ -49,6 +49,7 @@ extern int flist_eof;
- extern int file_old_total;
- extern int keep_dirlinks;
- extern int make_backups;
-+extern int sanitize_paths;
- extern struct file_list *cur_flist, *first_flist, *dir_flist;
- extern struct chmod_mode_struct *daemon_chmod_modes;
- #ifdef ICONV_OPTION
-@@ -396,6 +397,11 @@ int read_ndx_and_attrs(int f_in, int f_out, int *iflag_ptr, uchar *type_ptr,
- if (iflags & ITEM_XNAME_FOLLOWS) {
- if ((len = read_vstring(f_in, buf, MAXPATHLEN)) < 0)
- exit_cleanup(RERR_PROTOCOL);
-+
-+ if (sanitize_paths) {
-+ sanitize_path(buf, buf, "", 0, SP_DEFAULT);
-+ len = strlen(buf);
-+ }
- } else {
- *buf = '\0';
- len = -1;
---
-2.15.0
-
diff --git a/package/rsync/0003-Check-daemon-filter-against-fnamecmp-in-recv_files.patch b/package/rsync/0003-Check-daemon-filter-against-fnamecmp-in-recv_files.patch
deleted file mode 100644
index b19921c3eb..0000000000
--- a/package/rsync/0003-Check-daemon-filter-against-fnamecmp-in-recv_files.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-From 5509597decdbd7b91994210f700329d8a35e70a1 Mon Sep 17 00:00:00 2001
-From: Jeriko One <jeriko.one@gmx.us>
-Date: Thu, 16 Nov 2017 17:26:03 -0800
-Subject: [PATCH] Check daemon filter against fnamecmp in recv_files().
-
-Signed-off-by: Baruch Siach <baruch@tkos.co.il>
----
-Patch status: upstream commit 5509597dec
-
- receiver.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/receiver.c b/receiver.c
-index 9fdafa152cb3..9c46242e013c 100644
---- a/receiver.c
-+++ b/receiver.c
-@@ -722,7 +722,7 @@ int recv_files(int f_in, int f_out, char *local_name)
- break;
- }
- if (!fnamecmp || (daemon_filter_list.head
-- && check_filter(&daemon_filter_list, FLOG, fname, 0) < 0)) {
-+ && check_filter(&daemon_filter_list, FLOG, fnamecmp, 0) < 0)) {
- fnamecmp = fname;
- fnamecmp_type = FNAMECMP_FNAME;
- }
---
-2.15.0
-
diff --git a/package/rsync/0004-Enforce-trailing-0-when-receiving-xattr-name-values.patch b/package/rsync/0004-Enforce-trailing-0-when-receiving-xattr-name-values.patch
deleted file mode 100644
index be9040010c..0000000000
--- a/package/rsync/0004-Enforce-trailing-0-when-receiving-xattr-name-values.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-From 47a63d90e71d3e19e0e96052bb8c6b9cb140ecc1 Mon Sep 17 00:00:00 2001
-From: Wayne Davison <wayned@samba.org>
-Date: Sun, 5 Nov 2017 11:33:15 -0800
-Subject: [PATCH] Enforce trailing \0 when receiving xattr name values. Fixes
- bug 13112.
-
-Fixes CVE-2017-16548
-
-Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
----
-Patch status: upstream commit 47a63d90e7
-
- xattrs.c | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/xattrs.c b/xattrs.c
-index 68305d75..4867e6f5 100644
---- a/xattrs.c
-+++ b/xattrs.c
-@@ -824,6 +824,10 @@ void receive_xattr(int f, struct file_struct *file)
- out_of_memory("receive_xattr");
- name = ptr + dget_len + extra_len;
- read_buf(f, name, name_len);
-+ if (name_len < 1 || name[name_len-1] != '\0') {
-+ rprintf(FERROR, "Invalid xattr name received (missing trailing \\0).\n");
-+ exit_cleanup(RERR_FILEIO);
-+ }
- if (dget_len == datum_len)
- read_buf(f, ptr, dget_len);
- else {
---
-2.11.0
-
diff --git a/package/rsync/rsync.hash b/package/rsync/rsync.hash
index 6311116141..2da62a18f1 100644
--- a/package/rsync/rsync.hash
+++ b/package/rsync/rsync.hash
@@ -1,2 +1,5 @@
# Locally calculated after checking pgp signature
-sha256 ecfa62a7fa3c4c18b9eccd8c16eaddee4bd308a76ea50b5c02a5840f09c0a1c2 rsync-3.1.2.tar.gz
+# https://download.samba.org/pub/rsync/src/rsync-3.1.3.tar.gz.asc
+sha256 55cc554efec5fdaad70de921cd5a5eeb6c29a95524c715f3bbf849235b0800c0 rsync-3.1.3.tar.gz
+# Locally calculated
+sha256 8ceb4b9ee5adedde47b31e975c1d90c73ad27b6b165a1dcd80c7c545eb65b903 COPYING
diff --git a/package/rsync/rsync.mk b/package/rsync/rsync.mk
index e6b955ae76..52875e428a 100644
--- a/package/rsync/rsync.mk
+++ b/package/rsync/rsync.mk
@@ -4,7 +4,7 @@
#
################################################################################
-RSYNC_VERSION = 3.1.2
+RSYNC_VERSION = 3.1.3
RSYNC_SITE = http://rsync.samba.org/ftp/rsync/src
RSYNC_LICENSE = GPL-3.0+
RSYNC_LICENSE_FILES = COPYING
diff --git a/package/rust-bin/rust-bin.mk b/package/rust-bin/rust-bin.mk
index 255573e582..cd5844b115 100644
--- a/package/rust-bin/rust-bin.mk
+++ b/package/rust-bin/rust-bin.mk
@@ -11,22 +11,22 @@ RUST_BIN_LICENSE_FILES = LICENSE-APACHE LICENSE-MIT
HOST_RUST_BIN_PROVIDES = host-rustc
-HOST_RUST_BIN_SOURCE = rustc-$(RUST_BIN_VERSION)-$(RUST_HOST_NAME).tar.xz
+HOST_RUST_BIN_SOURCE = rustc-$(RUST_BIN_VERSION)-$(RUSTC_HOST_NAME).tar.xz
HOST_RUST_BIN_EXTRA_DOWNLOADS = \
- rust-std-$(RUST_BIN_VERSION)-$(RUST_HOST_NAME).tar.xz \
- rust-std-$(RUST_BIN_VERSION)-$(RUST_TARGET_NAME).tar.xz
+ rust-std-$(RUST_BIN_VERSION)-$(RUSTC_HOST_NAME).tar.xz \
+ rust-std-$(RUST_BIN_VERSION)-$(RUSTC_TARGET_NAME).tar.xz
-HOST_RUST_BIN_LIBSTD_HOST_PREFIX = rust-std-$(RUST_BIN_VERSION)-$(RUST_HOST_NAME)/rust-std-$(RUST_HOST_NAME)
+HOST_RUST_BIN_LIBSTD_HOST_PREFIX = rust-std-$(RUST_BIN_VERSION)-$(RUSTC_HOST_NAME)/rust-std-$(RUSTC_HOST_NAME)
define HOST_RUST_BIN_LIBSTD_EXTRACT
mkdir -p $(@D)/std
$(foreach f,$(HOST_RUST_BIN_EXTRA_DOWNLOADS), \
$(call suitable-extractor,$(f)) $(DL_DIR)/$(f) | \
$(TAR) -C $(@D)/std $(TAR_OPTIONS) -
- )
+ )
cd $(@D)/rustc/lib/rustlib; \
- ln -sf ../../../std/$(HOST_RUST_BIN_LIBSTD_HOST_PREFIX)/lib/rustlib/$(RUST_HOST_NAME)
+ ln -sf ../../../std/$(HOST_RUST_BIN_LIBSTD_HOST_PREFIX)/lib/rustlib/$(RUSTC_HOST_NAME)
endef
HOST_RUST_BIN_POST_EXTRACT_HOOKS += HOST_RUST_BIN_LIBSTD_EXTRACT
@@ -42,12 +42,12 @@ define HOST_RUST_BIN_INSTALL_RUSTC
endef
define HOST_RUST_BIN_INSTALL_LIBSTD_HOST
- (cd $(@D)/std/rust-std-$(RUST_BIN_VERSION)-$(RUST_HOST_NAME); \
+ (cd $(@D)/std/rust-std-$(RUST_BIN_VERSION)-$(RUSTC_HOST_NAME); \
./install.sh $(HOST_RUST_BIN_INSTALL_OPTS))
endef
define HOST_RUST_BIN_INSTALL_LIBSTD_TARGET
- (cd $(@D)/std/rust-std-$(RUST_BIN_VERSION)-$(RUST_TARGET_NAME); \
+ (cd $(@D)/std/rust-std-$(RUST_BIN_VERSION)-$(RUSTC_TARGET_NAME); \
./install.sh $(HOST_RUST_BIN_INSTALL_OPTS))
endef
endif
diff --git a/package/rust/rust.mk b/package/rust/rust.mk
index 6d6ac4370a..ff2634b996 100644
--- a/package/rust/rust.mk
+++ b/package/rust/rust.mk
@@ -48,7 +48,7 @@ HOST_RUST_POST_EXTRACT_HOOKS += HOST_RUST_EXCLUDE_ORIG_FILES
define HOST_RUST_CONFIGURE_CMDS
( \
echo '[build]'; \
- echo 'target = ["$(RUST_TARGET_NAME)"]'; \
+ echo 'target = ["$(RUSTC_TARGET_NAME)"]'; \
echo 'cargo = "$(HOST_CARGO_BIN_DIR)/cargo/bin/cargo"'; \
echo 'rustc = "$(HOST_RUST_BIN_DIR)/rustc/bin/rustc"'; \
echo 'python = "$(HOST_DIR)/bin/python2"'; \
@@ -61,7 +61,7 @@ define HOST_RUST_CONFIGURE_CMDS
echo 'prefix = "$(HOST_DIR)"'; \
echo '[rust]'; \
echo 'use-jemalloc = $(HOST_RUST_JEMALLOC_ENABLED)'; \
- echo '[target.$(RUST_TARGET_NAME)]'; \
+ echo '[target.$(RUSTC_TARGET_NAME)]'; \
echo 'cc = "$(TARGET_CROSS)gcc"'; \
echo $(HOST_RUST_JEMALLOC_CONF); \
) > $(@D)/config.toml
diff --git a/package/rustc/Config.in.host b/package/rustc/Config.in.host
index d93ff05209..1c79eededc 100644
--- a/package/rustc/Config.in.host
+++ b/package/rustc/Config.in.host
@@ -1,17 +1,18 @@
config BR2_PACKAGE_HOST_RUSTC_ARCH_SUPPORTS
bool
- depends on BR2_HOSTARCH = "x86_64" || BR2_HOSTARCH = "x86"
# The pre-built Rust standard library is only available for the
# following architectures/ABIs, and is built against glibc.
default y if BR2_i386
default y if BR2_x86_64
default y if BR2_aarch64
- default y if BR2_arm && !BR2_ARM_CPU_ARMV4 && !BR2_ARM_CPU_ARMV5
+ default y if BR2_arm && !BR2_ARM_CPU_ARMV4 && !BR2_ARM_CPU_ARMV5 \
+ && !(BR2_ARM_CPU_ARMV7A && BR2_ARM_EABI)
default y if BR2_powerpc || BR2_powerpc64
default y if (BR2_mips || BR2_mipsel) && !BR2_MIPS_CPU_MIPS32R6
default y if (BR2_mips64 || BR2_mips64el) && !BR2_MIPS_CPU_MIPS64R6 \
&& BR2_MIPS_NABI64
depends on BR2_TOOLCHAIN_USES_GLIBC
+ depends on BR2_HOSTARCH = "x86_64" || BR2_HOSTARCH = "x86"
config BR2_PACKAGE_HOST_RUSTC_ARCH
string
@@ -76,4 +77,3 @@ config BR2_PACKAGE_PROVIDES_HOST_RUSTC
default "host-rust-bin" if BR2_PACKAGE_HOST_RUST_BIN
endif
-
diff --git a/package/rustc/rustc.mk b/package/rustc/rustc.mk
index 7a951c0cfd..bed74f3c2c 100644
--- a/package/rustc/rustc.mk
+++ b/package/rustc/rustc.mk
@@ -7,7 +7,7 @@
RUSTC_ARCH = $(call qstrip,$(BR2_PACKAGE_HOST_RUSTC_ARCH))
RUSTC_ABI = $(call qstrip,$(BR2_PACKAGE_HOST_RUSTC_ABI))
-RUST_TARGET_NAME = $(RUSTC_ARCH)-unknown-linux-gnu$(RUSTC_ABI)
+RUSTC_TARGET_NAME = $(RUSTC_ARCH)-unknown-linux-gnu$(RUSTC_ABI)
ifeq ($(HOSTARCH),x86)
RUSTC_HOST_ARCH = i686
@@ -15,6 +15,6 @@ else
RUSTC_HOST_ARCH = $(HOSTARCH)
endif
-RUST_HOST_NAME = $(RUSTC_HOST_ARCH)-unknown-linux-gnu
+RUSTC_HOST_NAME = $(RUSTC_HOST_ARCH)-unknown-linux-gnu
$(eval $(host-virtual-package))
diff --git a/package/sdl2/sdl2.mk b/package/sdl2/sdl2.mk
index 6cb24d9e75..6508e6b962 100644
--- a/package/sdl2/sdl2.mk
+++ b/package/sdl2/sdl2.mk
@@ -38,7 +38,7 @@ else
SDL2_CONF_OPTS += --disable-video-directfb
endif
-ifeq ($(BR2_PACKAGE_RPI_USERLAND),y)
+ifeq ($(BR2_PACKAGE_SDL2_OPENGLES)$(BR2_PACKAGE_RPI_USERLAND),yy)
SDL2_DEPENDENCIES += rpi-userland
SDL2_CONF_OPTS += --enable-video-rpi
else
diff --git a/package/skeleton-init-systemd/skeleton-init-systemd.mk b/package/skeleton-init-systemd/skeleton-init-systemd.mk
index a2d4e8c4b3..ff64205cbe 100644
--- a/package/skeleton-init-systemd/skeleton-init-systemd.mk
+++ b/package/skeleton-init-systemd/skeleton-init-systemd.mk
@@ -19,7 +19,6 @@ ifeq ($(BR2_TARGET_GENERIC_REMOUNT_ROOTFS_RW),y)
define SKELETON_INIT_SYSTEMD_ROOT_RO_OR_RW
echo "/dev/root / auto rw 0 1" >$(TARGET_DIR)/etc/fstab
- mkdir -p $(TARGET_DIR)/var
endef
else
@@ -31,16 +30,18 @@ else
# back there by the tmpfiles.d mechanism.
define SKELETON_INIT_SYSTEMD_ROOT_RO_OR_RW
mkdir -p $(TARGET_DIR)/etc/systemd/tmpfiles.d
- mkdir -p $(TARGET_DIR)/usr/share/factory/var
- ln -s usr/share/factory/var $(TARGET_DIR)/var
echo "/dev/root / auto ro 0 1" >$(TARGET_DIR)/etc/fstab
echo "tmpfs /var tmpfs mode=1777 0 0" >>$(TARGET_DIR)/etc/fstab
endef
define SKELETON_INIT_SYSTEMD_PRE_ROOTFS_VAR
- rm -f $(TARGET_DIR)/var
- mkdir $(TARGET_DIR)/var
- for i in $(TARGET_DIR)/usr/share/factory/var/*; do \
+ rm -rf $(TARGET_DIR)/usr/share/factory/var
+ mv $(TARGET_DIR)/var $(TARGET_DIR)/usr/share/factory/var
+ mkdir -p $(TARGET_DIR)/var
+ for i in $(TARGET_DIR)/usr/share/factory/var/* \
+ $(TARGET_DIR)/usr/share/factory/var/lib/* \
+ $(TARGET_DIR)/usr/share/factory/var/lib/systemd/*; do \
+ [ -e "$${i}" ] || continue; \
j="$${i#$(TARGET_DIR)/usr/share/factory}"; \
if [ -L "$${i}" ]; then \
printf "L+! %s - - - - %s\n" \
@@ -56,7 +57,7 @@ SKELETON_INIT_SYSTEMD_ROOTFS_PRE_CMD_HOOKS += SKELETON_INIT_SYSTEMD_PRE_ROOTFS_V
define SKELETON_INIT_SYSTEMD_POST_ROOTFS_VAR
rm -rf $(TARGET_DIR)/var
- ln -s usr/share/factory/var $(TARGET_DIR)/var
+ mv $(TARGET_DIR)/usr/share/factory/var $(TARGET_DIR)/var
endef
SKELETON_INIT_SYSTEMD_ROOTFS_POST_CMD_HOOKS += SKELETON_INIT_SYSTEMD_POST_ROOTFS_VAR
@@ -65,6 +66,8 @@ endif
define SKELETON_INIT_SYSTEMD_INSTALL_TARGET_CMDS
mkdir -p $(TARGET_DIR)/home
mkdir -p $(TARGET_DIR)/srv
+ mkdir -p $(TARGET_DIR)/var
+ ln -s ../run $(TARGET_DIR)/var/run
$(SKELETON_INIT_SYSTEMD_ROOT_RO_OR_RW)
endef
diff --git a/package/systemd/0002-install-don-t-use-ln-relative.patch b/package/systemd/0002-install-don-t-use-ln-relative.patch
index 5f34b56969..61a139e2a2 100644
--- a/package/systemd/0002-install-don-t-use-ln-relative.patch
+++ b/package/systemd/0002-install-don-t-use-ln-relative.patch
@@ -1,4 +1,4 @@
-From ecf3b9baaebda1d9182c22dc504e32ed275d4abb Mon Sep 17 00:00:00 2001
+From 17560d52e9ec0afebbfe31e694870c6433b36f60 Mon Sep 17 00:00:00 2001
From: Adam Duskett <Adamduskett@outlook.com>
Date: Sun, 31 Dec 2017 12:46:04 -0500
Subject: [PATCH] install: don't use ln --relative
@@ -21,17 +21,20 @@ Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
[aduskett@gmail.com: Added meson.build section and dirname wrapper in add-wants]
[aduskett@gmail.com: Update for systemd v237]
Signed-off-by: Adam Duskett <Adamduskett@outlook.com>
+[tpiepho@impinj.com: Fix add-wants wrapper]
+Signed-off-by: Trent Piepho <tpiepho@impinj.com>
---
meson.build | 2 +-
tools/meson-make-symlink.sh | 3 ++-
- units/meson-add-wants.sh | 5 +++--
- 3 files changed, 6 insertions(+), 4 deletions(-)
+ units/meson-add-wants.sh | 6 ++++--
+ 3 files changed, 7 insertions(+), 4 deletions(-)
diff --git a/meson.build b/meson.build
-index ddc061c..614201a 100644
+index d4af95a44..d75f2b34c 100644
--- a/meson.build
+++ b/meson.build
-@@ -572,6 +572,6 @@ conf.set_quoted('TELINIT', get_option('telinit-path'))
+@@ -586,7 +586,7 @@ endforeach
+ conf.set_quoted('TELINIT', get_option('telinit-path'))
if run_command('ln', '--relative', '--help').returncode() != 0
- error('ln does not support --relative')
@@ -40,7 +43,7 @@ index ddc061c..614201a 100644
############################################################
diff --git a/tools/meson-make-symlink.sh b/tools/meson-make-symlink.sh
-index 47a5e70..e9002ad 100755
+index 501cd43d4..25e7f89fd 100755
--- a/tools/meson-make-symlink.sh
+++ b/tools/meson-make-symlink.sh
@@ -8,5 +8,6 @@ mkdir -vp "$(dirname "${DESTDIR:-}$2")"
@@ -52,7 +55,7 @@ index 47a5e70..e9002ad 100755
+ ln -vfs -T "${dds}$1" "${DESTDIR:-}$2"
fi
diff --git a/units/meson-add-wants.sh b/units/meson-add-wants.sh
-index dfd287e..8c08283 100755
+index 70f7172ae..bb8155075 100755
--- a/units/meson-add-wants.sh
+++ b/units/meson-add-wants.sh
@@ -14,7 +14,7 @@ case "$target" in
@@ -64,12 +67,13 @@ index dfd287e..8c08283 100755
case "$target" in
*/)
-@@ -25,4 +25,5 @@ case "$target" in
+@@ -25,4 +25,6 @@ case "$target" in
;;
esac
-ln -vfs --relative "$unitpath" "$dir"
-+dds="$( dirname `printf "%s" "${dir#${DESTDIR:-}}" |sed -r -e 's:/+[^/]+:../:g; s:/$::'` )"
++[ ! -d "${dir}" ] && linkdir=`dirname "${dir}"` || linkdir="${dir}"
++dds="$(printf "%s" "${linkdir#${DESTDIR:-}}" |sed -r -e 's:/+[^/]+:../:g; s:/$::')"
+ln -vfs "$dds$unitpath" "$dir"
--
2.14.3
diff --git a/package/systemd/Config.in b/package/systemd/Config.in
index 81eee96c57..420c78493d 100644
--- a/package/systemd/Config.in
+++ b/package/systemd/Config.in
@@ -27,6 +27,7 @@ menuconfig BR2_PACKAGE_SYSTEMD
select BR2_PACKAGE_BUSYBOX_SHOW_OTHERS # kmod-tools
select BR2_PACKAGE_KMOD_TOOLS
select BR2_TARGET_TZ_INFO
+ select BR2_NEEDS_HOST_UTF8_LOCALE
help
systemd is a system and service manager for Linux,
compatible with SysV and LSB init scripts. systemd provides
diff --git a/package/systemd/systemd.hash b/package/systemd/systemd.hash
index 74cc5dd825..d580a29b83 100644
--- a/package/systemd/systemd.hash
+++ b/package/systemd/systemd.hash
@@ -2,4 +2,4 @@
sha256 c83dabbe1c9de6b9db1dafdb7e04140c7d0535705c68842f6c0768653ba4913c systemd-237.tar.gz
sha256 ab15fd526bd8dd18a9e77ebc139656bf4d33e97fc7238cd11bf60e2b9b8666c6 LICENSE.GPL2
sha256 dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551 LICENSE.LGPL2.1
-sha256 f6a739f5ee7f10df6467021066038297c0150ff680db9a4b9f60da53b11aa560 README
+sha256 9c7709aa401a41c4c3f33ea75c34ae5d5354d62c310c3391c2a5958952d8aadd README
diff --git a/package/systemd/systemd.mk b/package/systemd/systemd.mk
index a6c4b338e9..34b70c754a 100644
--- a/package/systemd/systemd.mk
+++ b/package/systemd/systemd.mk
@@ -298,10 +298,10 @@ SYSTEMD_CONF_OPTS += -Dnetworkd=false
endif
ifeq ($(BR2_PACKAGE_SYSTEMD_RESOLVED),y)
-SYSTEMD_CONF_OPTS += -Dresolved=true
+SYSTEMD_CONF_OPTS += -Dresolve=true
SYSTEMD_RESOLVED_USER = systemd-resolve -1 systemd-resolve -1 * - - - Network Name Resolution Manager
else
-SYSTEMD_CONF_OPTS += -Dresolved=false
+SYSTEMD_CONF_OPTS += -Dresolve=false
endif
ifeq ($(BR2_PACKAGE_SYSTEMD_TIMESYNCD),y)
@@ -354,6 +354,8 @@ SYSTEMD_POST_INSTALL_TARGET_HOOKS += \
define SYSTEMD_USERS
- - input -1 * - - - Input device group
- - systemd-journal -1 * - - - Journal
+ - - render -1 * - - - DRI rendering nodes
+ - - kvm -1 * - - - kvm nodes
systemd-bus-proxy -1 systemd-bus-proxy -1 * - - - Proxy D-Bus messages to/from a bus
systemd-journal-gateway -1 systemd-journal-gateway -1 * /var/log/journal - - Journal Gateway
systemd-journal-remote -1 systemd-journal-remote -1 * /var/log/journal/remote - - Journal Remote
@@ -396,23 +398,25 @@ endef
SYSTEMD_NINJA_OPTS = $(if $(VERBOSE),-v) -j$(PARALLEL_JOBS)
+SYSTEMD_ENV = $(TARGET_MAKE_ENV) $(HOST_UTF8_LOCALE_ENV)
+
define SYSTEMD_CONFIGURE_CMDS
rm -rf $(@D)/build
mkdir -p $(@D)/build
- $(TARGET_MAKE_ENV) meson $(SYSTEMD_CONF_OPTS) $(@D) $(@D)/build
+ $(SYSTEMD_ENV) meson $(SYSTEMD_CONF_OPTS) $(@D) $(@D)/build
endef
define SYSTEMD_BUILD_CMDS
- $(TARGET_MAKE_ENV) ninja $(SYSTEMD_NINJA_OPTS) -C $(@D)/build
+ $(SYSTEMD_ENV) ninja $(SYSTEMD_NINJA_OPTS) -C $(@D)/build
endef
define SYSTEMD_INSTALL_TARGET_CMDS
- $(TARGET_MAKE_ENV) DESTDIR=$(TARGET_DIR) ninja $(SYSTEMD_NINJA_OPTS) \
+ $(SYSTEMD_ENV) DESTDIR=$(TARGET_DIR) ninja $(SYSTEMD_NINJA_OPTS) \
-C $(@D)/build install
endef
define SYSTEMD_INSTALL_STAGING_CMDS
- $(TARGET_MAKE_ENV) DESTDIR=$(STAGING_DIR) ninja $(SYSTEMD_NINJA_OPTS) \
+ $(SYSTEMD_ENV) DESTDIR=$(STAGING_DIR) ninja $(SYSTEMD_NINJA_OPTS) \
-C $(@D)/build install
endef
diff --git a/package/tegrarcm/Config.in.host b/package/tegrarcm/Config.in.host
index 47590fa127..d8cbb947d6 100644
--- a/package/tegrarcm/Config.in.host
+++ b/package/tegrarcm/Config.in.host
@@ -2,7 +2,7 @@ config BR2_PACKAGE_HOST_TEGRARCM
bool "host tegrarcm"
depends on BR2_arm || BR2_armeb
help
- This program is used to send code to a Tegra device in recovery
- mode.
+ This program is used to send code to a Tegra device in
+ recovery mode.
https://github.com/NVIDIA/tegrarcm
diff --git a/package/tor/tor.hash b/package/tor/tor.hash
index 08ab61ec14..db946eec07 100644
--- a/package/tor/tor.hash
+++ b/package/tor/tor.hash
@@ -1,3 +1,3 @@
# Locally computed
-sha256 6e1b04f7890e782fd56014a0de5075e4ab29b52a35d8bca1f6b80c93f58f3d26 tor-0.3.1.9.tar.gz
+sha256 c0e1a71e8e079ddd7951f846bcbd79d5e716b602faa5b890c70762fe95cd04e0 tor-0.3.1.10.tar.gz
sha256 f9a4f724d8037711dde7d3f1d17094fb7d211545b3a3bbb1b03e769e13ca5608 LICENSE
diff --git a/package/tor/tor.mk b/package/tor/tor.mk
index 925e4d8f09..ddf912fe18 100644
--- a/package/tor/tor.mk
+++ b/package/tor/tor.mk
@@ -4,7 +4,7 @@
#
################################################################################
-TOR_VERSION = 0.3.1.9
+TOR_VERSION = 0.3.1.10
TOR_SITE = https://dist.torproject.org
TOR_LICENSE = BSD-3-Clause
TOR_LICENSE_FILES = LICENSE
diff --git a/package/tvheadend/Config.in b/package/tvheadend/Config.in
index 44a69a27ba..de37b61483 100644
--- a/package/tvheadend/Config.in
+++ b/package/tvheadend/Config.in
@@ -1,10 +1,12 @@
comment "tvheadend needs a toolchain w/ NPTL, headers >= 3.2, dynamic library"
+ depends on !BR2_microblazeel
depends on !BR2_TOOLCHAIN_HAS_THREADS_NPTL || \
!BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_2 || BR2_STATIC_LIBS
depends on BR2_TOOLCHAIN_HAS_SYNC_4
config BR2_PACKAGE_TVHEADEND
bool "tvheadend"
+ depends on !BR2_microblazeel # assertion failure in binutils
depends on !BR2_STATIC_LIBS # dladdr()
depends on BR2_TOOLCHAIN_HAS_THREADS_NPTL
depends on BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_2
diff --git a/package/wavpack/0002-issue-27-do-not-overwrite-stack-on-corrupt-RF64-file.patch b/package/wavpack/0002-issue-27-do-not-overwrite-stack-on-corrupt-RF64-file.patch
new file mode 100644
index 0000000000..bda00999b9
--- /dev/null
+++ b/package/wavpack/0002-issue-27-do-not-overwrite-stack-on-corrupt-RF64-file.patch
@@ -0,0 +1,118 @@
+From d5bf76b5a88d044a1be1d5656698e3ba737167e5 Mon Sep 17 00:00:00 2001
+From: David Bryant <david@wavpack.com>
+Date: Sun, 4 Feb 2018 11:28:15 -0800
+Subject: [PATCH] issue #27, do not overwrite stack on corrupt RF64 file
+
+Fixes CVE-2018-6767
+
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+---
+ cli/riff.c | 39 ++++++++++++++++++++++++++++++++-------
+ 1 file changed, 32 insertions(+), 7 deletions(-)
+
+diff --git a/cli/riff.c b/cli/riff.c
+index 8b1af45..de98c1e 100644
+--- a/cli/riff.c
++++ b/cli/riff.c
+@@ -42,6 +42,7 @@ typedef struct {
+
+ #pragma pack(pop)
+
++#define CS64ChunkFormat "4D"
+ #define DS64ChunkFormat "DDDL"
+
+ #define WAVPACK_NO_ERROR 0
+@@ -101,13 +102,13 @@ int ParseRiffHeaderConfig (FILE *infile, char *infilename, char *fourcc, Wavpack
+
+ if (!strncmp (chunk_header.ckID, "ds64", 4)) {
+ if (chunk_header.ckSize < sizeof (DS64Chunk) ||
+- !DoReadFile (infile, &ds64_chunk, chunk_header.ckSize, &bcount) ||
+- bcount != chunk_header.ckSize) {
++ !DoReadFile (infile, &ds64_chunk, sizeof (DS64Chunk), &bcount) ||
++ bcount != sizeof (DS64Chunk)) {
+ error_line ("%s is not a valid .WAV file!", infilename);
+ return WAVPACK_SOFT_ERROR;
+ }
+ else if (!(config->qmode & QMODE_NO_STORE_WRAPPER) &&
+- !WavpackAddWrapper (wpc, &ds64_chunk, chunk_header.ckSize)) {
++ !WavpackAddWrapper (wpc, &ds64_chunk, sizeof (DS64Chunk))) {
+ error_line ("%s", WavpackGetErrorMessage (wpc));
+ return WAVPACK_SOFT_ERROR;
+ }
+@@ -315,10 +316,11 @@ int ParseRiffHeaderConfig (FILE *infile, char *infilename, char *fourcc, Wavpack
+
+ int WriteRiffHeader (FILE *outfile, WavpackContext *wpc, int64_t total_samples, int qmode)
+ {
+- int do_rf64 = 0, write_junk = 1;
++ int do_rf64 = 0, write_junk = 1, table_length = 0;
+ ChunkHeader ds64hdr, datahdr, fmthdr;
+ RiffChunkHeader riffhdr;
+ DS64Chunk ds64_chunk;
++ CS64Chunk cs64_chunk;
+ JunkChunk junkchunk;
+ WaveHeader wavhdr;
+ uint32_t bcount;
+@@ -380,6 +382,7 @@ int WriteRiffHeader (FILE *outfile, WavpackContext *wpc, int64_t total_samples,
+ strncpy (riffhdr.formType, "WAVE", sizeof (riffhdr.formType));
+ total_riff_bytes = sizeof (riffhdr) + wavhdrsize + sizeof (datahdr) + ((total_data_bytes + 1) & ~(int64_t)1);
+ if (do_rf64) total_riff_bytes += sizeof (ds64hdr) + sizeof (ds64_chunk);
++ total_riff_bytes += table_length * sizeof (CS64Chunk);
+ if (write_junk) total_riff_bytes += sizeof (junkchunk);
+ strncpy (fmthdr.ckID, "fmt ", sizeof (fmthdr.ckID));
+ strncpy (datahdr.ckID, "data", sizeof (datahdr.ckID));
+@@ -394,11 +397,12 @@ int WriteRiffHeader (FILE *outfile, WavpackContext *wpc, int64_t total_samples,
+
+ if (do_rf64) {
+ strncpy (ds64hdr.ckID, "ds64", sizeof (ds64hdr.ckID));
+- ds64hdr.ckSize = sizeof (ds64_chunk);
++ ds64hdr.ckSize = sizeof (ds64_chunk) + (table_length * sizeof (CS64Chunk));
+ CLEAR (ds64_chunk);
+ ds64_chunk.riffSize64 = total_riff_bytes;
+ ds64_chunk.dataSize64 = total_data_bytes;
+ ds64_chunk.sampleCount64 = total_samples;
++ ds64_chunk.tableLength = table_length;
+ riffhdr.ckSize = (uint32_t) -1;
+ datahdr.ckSize = (uint32_t) -1;
+ WavpackNativeToLittleEndian (&ds64hdr, ChunkHeaderFormat);
+@@ -409,6 +413,14 @@ int WriteRiffHeader (FILE *outfile, WavpackContext *wpc, int64_t total_samples,
+ datahdr.ckSize = (uint32_t) total_data_bytes;
+ }
+
++ // this "table" is just a dummy placeholder for testing (normally not written)
++
++ if (table_length) {
++ strncpy (cs64_chunk.ckID, "dmmy", sizeof (cs64_chunk.ckID));
++ cs64_chunk.chunkSize64 = 12345678;
++ WavpackNativeToLittleEndian (&cs64_chunk, CS64ChunkFormat);
++ }
++
+ // write the RIFF chunks up to just before the data starts
+
+ WavpackNativeToLittleEndian (&riffhdr, ChunkHeaderFormat);
+@@ -418,8 +430,21 @@ int WriteRiffHeader (FILE *outfile, WavpackContext *wpc, int64_t total_samples,
+
+ if (!DoWriteFile (outfile, &riffhdr, sizeof (riffhdr), &bcount) || bcount != sizeof (riffhdr) ||
+ (do_rf64 && (!DoWriteFile (outfile, &ds64hdr, sizeof (ds64hdr), &bcount) || bcount != sizeof (ds64hdr))) ||
+- (do_rf64 && (!DoWriteFile (outfile, &ds64_chunk, sizeof (ds64_chunk), &bcount) || bcount != sizeof (ds64_chunk))) ||
+- (write_junk && (!DoWriteFile (outfile, &junkchunk, sizeof (junkchunk), &bcount) || bcount != sizeof (junkchunk))) ||
++ (do_rf64 && (!DoWriteFile (outfile, &ds64_chunk, sizeof (ds64_chunk), &bcount) || bcount != sizeof (ds64_chunk)))) {
++ error_line ("can't write .WAV data, disk probably full!");
++ return FALSE;
++ }
++
++ // again, this is normally not written except for testing
++
++ while (table_length--)
++ if (!DoWriteFile (outfile, &cs64_chunk, sizeof (cs64_chunk), &bcount) || bcount != sizeof (cs64_chunk)) {
++ error_line ("can't write .WAV data, disk probably full!");
++ return FALSE;
++ }
++
++
++ if ((write_junk && (!DoWriteFile (outfile, &junkchunk, sizeof (junkchunk), &bcount) || bcount != sizeof (junkchunk))) ||
+ !DoWriteFile (outfile, &fmthdr, sizeof (fmthdr), &bcount) || bcount != sizeof (fmthdr) ||
+ !DoWriteFile (outfile, &wavhdr, wavhdrsize, &bcount) || bcount != wavhdrsize ||
+ !DoWriteFile (outfile, &datahdr, sizeof (datahdr), &bcount) || bcount != sizeof (datahdr)) {
+--
+2.11.0
+
diff --git a/package/wavpack/0003-issue-28-do-not-overwrite-heap-on-corrupt-DSDIFF-fil.patch b/package/wavpack/0003-issue-28-do-not-overwrite-heap-on-corrupt-DSDIFF-fil.patch
new file mode 100644
index 0000000000..950877b03c
--- /dev/null
+++ b/package/wavpack/0003-issue-28-do-not-overwrite-heap-on-corrupt-DSDIFF-fil.patch
@@ -0,0 +1,38 @@
+From 36a24c7881427d2e1e4dc1cef58f19eee0d13aec Mon Sep 17 00:00:00 2001
+From: David Bryant <david@wavpack.com>
+Date: Sat, 10 Feb 2018 16:01:39 -0800
+Subject: [PATCH] issue #28, do not overwrite heap on corrupt DSDIFF file
+
+Fixes CVE-2018-7253
+
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+---
+ cli/dsdiff.c | 12 +++++++++++-
+ 1 file changed, 11 insertions(+), 1 deletion(-)
+
+diff --git a/cli/dsdiff.c b/cli/dsdiff.c
+index 410dc1c..c016df9 100644
+--- a/cli/dsdiff.c
++++ b/cli/dsdiff.c
+@@ -153,7 +153,17 @@ int ParseDsdiffHeaderConfig (FILE *infile, char *infilename, char *fourcc, Wavpa
+ error_line ("dsdiff file version = 0x%08x", version);
+ }
+ else if (!strncmp (dff_chunk_header.ckID, "PROP", 4)) {
+- char *prop_chunk = malloc ((size_t) dff_chunk_header.ckDataSize);
++ char *prop_chunk;
++
++ if (dff_chunk_header.ckDataSize < 4 || dff_chunk_header.ckDataSize > 1024) {
++ error_line ("%s is not a valid .DFF file!", infilename);
++ return WAVPACK_SOFT_ERROR;
++ }
++
++ if (debug_logging_mode)
++ error_line ("got PROP chunk of %d bytes total", (int) dff_chunk_header.ckDataSize);
++
++ prop_chunk = malloc ((size_t) dff_chunk_header.ckDataSize);
+
+ if (!DoReadFile (infile, prop_chunk, (uint32_t) dff_chunk_header.ckDataSize, &bcount) ||
+ bcount != dff_chunk_header.ckDataSize) {
+--
+2.11.0
+
diff --git a/package/wavpack/0004-issue-28-fix-buffer-overflows-and-bad-allocs-on-corr.patch b/package/wavpack/0004-issue-28-fix-buffer-overflows-and-bad-allocs-on-corr.patch
new file mode 100644
index 0000000000..142e81ff7a
--- /dev/null
+++ b/package/wavpack/0004-issue-28-fix-buffer-overflows-and-bad-allocs-on-corr.patch
@@ -0,0 +1,72 @@
+From 8e3fe45a7bac31d9a3b558ae0079e2d92a04799e Mon Sep 17 00:00:00 2001
+From: David Bryant <david@wavpack.com>
+Date: Sun, 11 Feb 2018 16:37:47 -0800
+Subject: [PATCH] issue #28, fix buffer overflows and bad allocs on corrupt CAF
+ files
+
+Fixes CVE-2018-7254
+
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+---
+ cli/caff.c | 30 +++++++++++++++++++++++-------
+ 1 file changed, 23 insertions(+), 7 deletions(-)
+
+diff --git a/cli/caff.c b/cli/caff.c
+index ae57c4b..6248a71 100644
+--- a/cli/caff.c
++++ b/cli/caff.c
+@@ -89,8 +89,8 @@ typedef struct
+
+ #define CAFChannelDescriptionFormat "LLLLL"
+
+-static const char TMH_full [] = { 1,2,3,13,9,10,5,6,12,14,15,16,17,9,4,18,7,8,19,20,21 };
+-static const char TMH_std [] = { 1,2,3,11,8,9,5,6,10,12,13,14,15,7,4,16 };
++static const char TMH_full [] = { 1,2,3,13,9,10,5,6,12,14,15,16,17,9,4,18,7,8,19,20,21,0 };
++static const char TMH_std [] = { 1,2,3,11,8,9,5,6,10,12,13,14,15,7,4,16,0 };
+
+ static struct {
+ uint32_t mChannelLayoutTag; // Core Audio layout, 100 - 146 in high word, num channels in low word
+@@ -274,10 +274,19 @@ int ParseCaffHeaderConfig (FILE *infile, char *infilename, char *fourcc, Wavpack
+ }
+ }
+ else if (!strncmp (caf_chunk_header.mChunkType, "chan", 4)) {
+- CAFChannelLayout *caf_channel_layout = malloc ((size_t) caf_chunk_header.mChunkSize);
++ CAFChannelLayout *caf_channel_layout;
+
+- if (caf_chunk_header.mChunkSize < sizeof (CAFChannelLayout) ||
+- !DoReadFile (infile, caf_channel_layout, (uint32_t) caf_chunk_header.mChunkSize, &bcount) ||
++ if (caf_chunk_header.mChunkSize < sizeof (CAFChannelLayout) || caf_chunk_header.mChunkSize > 1024) {
++ error_line ("this .CAF file has an invalid 'chan' chunk!");
++ return WAVPACK_SOFT_ERROR;
++ }
++
++ if (debug_logging_mode)
++ error_line ("'chan' chunk is %d bytes", (int) caf_chunk_header.mChunkSize);
++
++ caf_channel_layout = malloc ((size_t) caf_chunk_header.mChunkSize);
++
++ if (!DoReadFile (infile, caf_channel_layout, (uint32_t) caf_chunk_header.mChunkSize, &bcount) ||
+ bcount != caf_chunk_header.mChunkSize) {
+ error_line ("%s is not a valid .CAF file!", infilename);
+ free (caf_channel_layout);
+@@ -495,8 +504,15 @@ int ParseCaffHeaderConfig (FILE *infile, char *infilename, char *fourcc, Wavpack
+ }
+ else { // just copy unknown chunks to output file
+
+- int bytes_to_copy = (uint32_t) caf_chunk_header.mChunkSize;
+- char *buff = malloc (bytes_to_copy);
++ uint32_t bytes_to_copy = (uint32_t) caf_chunk_header.mChunkSize;
++ char *buff;
++
++ if (caf_chunk_header.mChunkSize < 0 || caf_chunk_header.mChunkSize > 1048576) {
++ error_line ("%s is not a valid .CAF file!", infilename);
++ return WAVPACK_SOFT_ERROR;
++ }
++
++ buff = malloc (bytes_to_copy);
+
+ if (debug_logging_mode)
+ error_line ("extra unknown chunk \"%c%c%c%c\" of %d bytes",
+--
+2.11.0
+
diff --git a/package/wireguard/wireguard.hash b/package/wireguard/wireguard.hash
index 1bc6599620..4961d4fd14 100644
--- a/package/wireguard/wireguard.hash
+++ b/package/wireguard/wireguard.hash
@@ -1,4 +1,4 @@
-# From https://lists.zx2c4.com/pipermail/wireguard/2018-February/002350.html
-sha256 ee3415b482265ad9e8721aa746aaffdf311058a2d1a4d80e7b6d11bbbf71c722 WireGuard-0.0.20180202.tar.xz
+# From https://lists.zx2c4.com/pipermail/wireguard/2018-February/002406.html
+sha256 4ac4c4e4ad4dc2cf9dcb831b0cf347567ccea675ca524528cf5a4d9dccb2fe52 WireGuard-0.0.20180218.tar.xz
# Locally calculated
sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING
diff --git a/package/wireguard/wireguard.mk b/package/wireguard/wireguard.mk
index 0b5a837a44..aa86b5782b 100644
--- a/package/wireguard/wireguard.mk
+++ b/package/wireguard/wireguard.mk
@@ -4,7 +4,7 @@
#
################################################################################
-WIREGUARD_VERSION = 0.0.20180202
+WIREGUARD_VERSION = 0.0.20180218
WIREGUARD_SITE = https://git.zx2c4.com/WireGuard/snapshot
WIREGUARD_SOURCE = WireGuard-$(WIREGUARD_VERSION).tar.xz
WIREGUARD_LICENSE = GPL-2.0
diff --git a/package/zic/zic.hash b/package/zic/zic.hash
index e7eef7aea0..df578fe1b3 100644
--- a/package/zic/zic.hash
+++ b/package/zic/zic.hash
@@ -1,2 +1,2 @@
-# From http://mm.icann.org/pipermail/tz-announce/2017-October/000047.html
-sha512 0d8c3e07b0de9015a137602450468ceb6358312a50eeda2a860882367107b8ba9ef275880b292570a671b9910afc54e6209e1e642387d246bc9c08c4ff660ffb tzcode2017c.tar.gz
+# From http://mm.icann.org/pipermail/tz-announce/2018-January/000048.html
+sha512 21988e876479e38661d41ea4c7b5218ba14b979739d7ba8d49a2d343bb9f37c654056ab21c046a6652715f012e4ca33c4aa109b1ec3ac5d0244dd3a7ea9ed6d2 tzcode2018c.tar.gz
diff --git a/package/zic/zic.mk b/package/zic/zic.mk
index a2f27e44a3..aba8bc5b3f 100644
--- a/package/zic/zic.mk
+++ b/package/zic/zic.mk
@@ -4,7 +4,7 @@
#
################################################################################
-ZIC_VERSION = 2017c
+ZIC_VERSION = 2018c
ZIC_SOURCE = tzcode$(ZIC_VERSION).tar.gz
ZIC_SITE = http://www.iana.org/time-zones/repository/releases
ZIC_STRIP_COMPONENTS = 0
diff --git a/package/zlib/Config.in b/package/zlib/Config.in
index 87abc2bdd5..0f6179f537 100644
--- a/package/zlib/Config.in
+++ b/package/zlib/Config.in
@@ -1,3 +1,10 @@
+config BR2_PACKAGE_ZLIB_NG_ARCH_SUPPORTS
+ bool
+ default y if BR2_arm
+ default y if BR2_aarch64
+ default y if BR2_i386
+ default y if BR2_x86_64
+
config BR2_PACKAGE_ZLIB
bool "zlib support"
help
@@ -22,6 +29,7 @@ config BR2_PACKAGE_LIBZLIB
config BR2_PACKAGE_ZLIB_NG
bool "zlib-ng"
+ depends on BR2_PACKAGE_ZLIB_NG_ARCH_SUPPORTS
select BR2_PACKAGE_HAS_ZLIB
help
Zlib replacement with optimizations for
diff --git a/support/dependencies/check-host-tar.sh b/support/dependencies/check-host-tar.sh
index 932d3c4fb2..2143877524 100755
--- a/support/dependencies/check-host-tar.sh
+++ b/support/dependencies/check-host-tar.sh
@@ -30,13 +30,28 @@ fi
# containing hard-links if the --strip-components option is used).
major_min=1
minor_min=17
-if [ $major -gt $major_min ]; then
- echo $tar
-else
- if [ $major -eq $major_min -a $minor -ge $minor_min ]; then
- echo $tar
- else
- # echo nothing: no suitable tar found
- exit 1
- fi
+
+# Maximal version = 1.29 (1.30 changed --numeric-owner output for
+# filenames > 100 characters). This is really a fix for a bug in
+# earlier tar versions regarding deterministic output so it is
+# unlikely to be reverted in later versions.
+major_max=1
+minor_max=29
+
+if [ $major -lt $major_min -o $major -gt $major_max ]; then
+ # echo nothing: no suitable tar found
+ exit 1
fi
+
+if [ $major -eq $major_min -a $minor -lt $minor_min ]; then
+ # echo nothing: no suitable tar found
+ exit 1
+fi
+
+if [ $major -eq $major_max -a $minor -gt $minor_max ]; then
+ # echo nothing: no suitable tar found
+ exit 1
+fi
+
+# valid
+echo $tar
diff --git a/support/dependencies/dependencies.mk b/support/dependencies/dependencies.mk
index 4f606f849d..3fc235863c 100644
--- a/support/dependencies/dependencies.mk
+++ b/support/dependencies/dependencies.mk
@@ -12,7 +12,10 @@
define suitable-host-package
$(shell support/dependencies/check-host-$(1).sh $(2))
endef
--include $(sort $(wildcard support/dependencies/check-host-*.mk))
+# host utilities needs host-tar to extract the source code tarballs, so
+# ensure check-host-tar.mk is included before the rest
+include support/dependencies/check-host-tar.mk
+-include $(sort $(filter-out %-tar.mk,$(wildcard support/dependencies/check-host-*.mk)))
ifeq ($(BR2_CCACHE),y)
DEPENDENCIES_HOST_PREREQ += host-ccache
diff --git a/support/dependencies/dependencies.sh b/support/dependencies/dependencies.sh
index a195c62c8c..985b1d863b 100755
--- a/support/dependencies/dependencies.sh
+++ b/support/dependencies/dependencies.sh
@@ -200,7 +200,7 @@ if grep ^BR2_NEEDS_HOST_UTF8_LOCALE=y $BR2_CONFIG > /dev/null; then
echo "You need locale support on your build machine to build a toolchain supporting locales"
exit 1 ;
fi
- if ! locale -a | grep -q -i utf8$ ; then
+ if ! locale -a | grep -q -i -E 'utf-?8$' ; then
echo
echo "You need at least one UTF8 locale to build a toolchain supporting locales"
exit 1 ;
@@ -249,6 +249,14 @@ if grep -q ^BR2_HOSTARCH_NEEDS_IA32_COMPILER=y $BR2_CONFIG ; then
echo "For other distributions, refer to their documentation."
exit 1
fi
+
+ if ! echo "int main(void) {}" | g++ -m32 -x c++ - -o /dev/null 2>/dev/null; then
+ echo
+ echo "Your Buildroot configuration needs a compiler capable of building 32 bits binaries."
+ echo "If you're running a Debian/Ubuntu distribution, install the g++-multilib package."
+ echo "For other distributions, refer to their documentation."
+ exit 1
+ fi
fi
# Check that the Perl installation is complete enough for Buildroot.
@@ -280,3 +288,8 @@ if [ -n "$missing_perl_modules" ] ; then
echo
exit 1
fi
+
+if ! python -c "import argparse" > /dev/null 2>&1 ; then
+ echo "Your Python installation is not complete enough: argparse module is missing"
+ exit 1
+fi
diff --git a/support/docker/Dockerfile b/support/docker/Dockerfile
index 474e073c61..ce3fdd9cc2 100644
--- a/support/docker/Dockerfile
+++ b/support/docker/Dockerfile
@@ -22,7 +22,7 @@ COPY apt-sources.list /etc/apt/sources.list
RUN dpkg --add-architecture i386 && \
apt-get update -y && \
apt-get install -y --no-install-recommends \
- build-essential cmake libc6:i386 gcc-multilib \
+ build-essential cmake libc6:i386 g++-multilib \
bc ca-certificates file locales rsync \
cvs bzr git mercurial subversion wget \
cpio unzip \
diff --git a/support/misc/Vagrantfile b/support/misc/Vagrantfile
index 3d833f09fc..54b45da69e 100644
--- a/support/misc/Vagrantfile
+++ b/support/misc/Vagrantfile
@@ -5,7 +5,7 @@
################################################################################
# Buildroot version to use
-RELEASE='2017.11'
+RELEASE='2018.02'
### Change here for more memory/cores ###
VM_MEMORY=2048
diff --git a/support/scripts/check-bin-arch b/support/scripts/check-bin-arch
index 887b6613cd..f6a4569c62 100755
--- a/support/scripts/check-bin-arch
+++ b/support/scripts/check-bin-arch
@@ -29,6 +29,14 @@ while read f; do
continue
fi
+ # Skip kernel modules
+ # When building a 32-bit userland on 64-bit architectures, the kernel
+ # and its modules may still be 64-bit. To keep the basic
+ # check-bin-arch logic simple, just skip this directory.
+ if [[ "${f}" =~ ^/lib/modules/.* ]]; then
+ continue
+ fi
+
# Skip files in /usr/share, several packages (qemu,
# pru-software-support) legitimately install ELF binaries that
# are not for the target architecture
diff --git a/support/scripts/check-uniq-files b/support/scripts/check-uniq-files
index a3d176710e..be808cce03 100755
--- a/support/scripts/check-uniq-files
+++ b/support/scripts/check-uniq-files
@@ -5,7 +5,7 @@ import csv
import argparse
from collections import defaultdict
-warn = 'Warning: {} file "{}" is touched by more than one package: {}\n'
+warn = 'Warning: {0} file "{1}" is touched by more than one package: {2}\n'
def main():
diff --git a/support/testing/tests/init/test_systemd.py b/support/testing/tests/init/test_systemd.py
index 48fac1490f..a324ba8569 100644
--- a/support/testing/tests/init/test_systemd.py
+++ b/support/testing/tests/init/test_systemd.py
@@ -21,6 +21,18 @@ class InitSystemSystemdBase(InitSystemBase):
def check_init(self):
super(InitSystemSystemdBase, self).check_init("/lib/systemd/systemd")
+ # Test all units are OK
+ output, _ = self.emulator.run("systemctl --no-pager --failed --no-legend")
+ self.assertEqual(len(output), 0)
+
+ # Test we can reach the DBus daemon
+ _, exit_code = self.emulator.run("busctl --no-pager")
+ self.assertEqual(exit_code, 0)
+
+ # Test we can read at least one line from the journal
+ output, _ = self.emulator.run("journalctl --no-pager --lines 1 --quiet")
+ self.assertEqual(len(output), 1)
+
class TestInitSystemSystemdRoNetworkd(InitSystemSystemdBase):
config = InitSystemSystemdBase.config + \
diff --git a/support/testing/tests/package/test_rust.py b/support/testing/tests/package/test_rust.py
index 8035f8b83a..e6c0de2214 100644
--- a/support/testing/tests/package/test_rust.py
+++ b/support/testing/tests/package/test_rust.py
@@ -53,12 +53,6 @@ class TestRustBase(infra.basetest.BRTest):
self.b.build()
shutil.rmtree(workdir)
- def test_run(self):
- self.build_test_prog()
- self.login()
- _, exit_code = self.emulator.run(self.crate)
- self.assertEqual(exit_code, 0)
-
class TestRustBin(TestRustBase):
config = \
@@ -82,6 +76,12 @@ class TestRustBin(TestRustBase):
BR2_PACKAGE_HOST_RUSTC=y
"""
+ def test_run(self):
+ self.build_test_prog()
+ self.login()
+ _, exit_code = self.emulator.run(self.crate)
+ self.assertEqual(exit_code, 0)
+
class TestRust(TestRustBase):
config = \
@@ -105,3 +105,9 @@ class TestRust(TestRustBase):
BR2_PACKAGE_HOST_RUSTC=y
BR2_PACKAGE_HOST_RUST=y
"""
+
+ def test_run(self):
+ self.build_test_prog()
+ self.login()
+ _, exit_code = self.emulator.run(self.crate)
+ self.assertEqual(exit_code, 0)
diff --git a/utils/genrandconfig b/utils/genrandconfig
index 883322552c..0d08570bc5 100755
--- a/utils/genrandconfig
+++ b/utils/genrandconfig
@@ -401,7 +401,8 @@ def gen_config(args):
subprocess.check_call(["make", "O=%s" % args.outputdir, "-C", args.buildrootdir,
"savedefconfig"])
- return 0
+ return subprocess.call(["make", "O=%s" % args.outputdir, "-C", args.buildrootdir,
+ "core-dependencies"])
if __name__ == '__main__':
diff --git a/utils/scanpypi b/utils/scanpypi
index 14ee87784a..2b3188dbf6 100755
--- a/utils/scanpypi
+++ b/utils/scanpypi
@@ -214,7 +214,7 @@ class BuildrootPackage():
else:
if download.__class__ == six.moves.urllib.error.HTTPError:
raise download
- raise DownloadFailed('Failed to downloas package {pkg}'
+ raise DownloadFailed('Failed to download package {pkg}'
.format(pkg=self.real_name))
self.filename = self.used_url['filename']
self.url = self.used_url['url']