package/graphicsmagick: bump to version 1.3.36

Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/boost: add BR2_PACKAGE_BOOST_NOWIDE

nowide library has been added in version 1.73.0 and is enabled by
default

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/docker-engine: add AppArmor support

Signed-off-by: Pascal Vizeli <pvizeli@syshack.ch>
Signed-off-by: Stefan Agner <stefan@agner.ch>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/docker-containerd: add AppArmor support

Signed-off-by: Pascal Vizeli <pvizeli@syshack.ch>
Signed-off-by: Stefan Agner <stefan@agner.ch>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/runc: add AppArmor support

Signed-off-by: Pascal Vizeli <pvizeli@syshack.ch>
Signed-off-by: Stefan Agner <stefan@agner.ch>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

docs/website: update for 2020.02.9

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

Update for 2020.02.9

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 15a05e6d5a875759d217d61b3c7b31ec87ea4eb5)
[Peter: drop Makefile changes]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

docs/website: update for 2020.08.3

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

Update for 2020.08.3

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit b6a0f0d08de2d3942b63506cb4432f428ae3796f)
[Peter: drop Makefile changes]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

docs/website: update for 2020.11.1

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

Update for 2020.11.1

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 804a9e18656c1584b059129e0b5cebe2a2405fac)
[Peter: drop Makefile changes]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/uclibc: bump version to 1.0.37

Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/opencv3: fix build with protobuf and gcc < 6

Fix the folloing build failure with protobuf (enabled since commit
31c68a449ecd7da61ecfd909bea7ce799f9a6450) and gcc 5.3.0:

[ 53%] Building CXX object modules/dnn/CMakeFiles/opencv_dnn.dir/opencv-caffe.pb.cc.o
In file included from /home/peko/autobuild/instance-1/output-1/per-package/opencv3/host/opt/ext-toolchain/mips64el-buildroot-linux-uclibc/include/c++/5.5.0/atomic:38:0,
                 from /home/peko/autobuild/instance-1/output-1/per-package/opencv3/host/mips64el-buildroot-linux-uclibc/sysroot/usr/include/google/protobuf/io/coded_stream.h:115,
                 from /home/peko/autobuild/instance-1/output-1/build/opencv3-3.4.12/buildroot-build/modules/dnn/opencv-caffe.pb.h:23,
                 from /home/peko/autobuild/instance-1/output-1/build/opencv3-3.4.12/buildroot-build/modules/dnn/opencv-caffe.pb.cc:4:
/home/peko/autobuild/instance-1/output-1/per-package/opencv3/host/opt/ext-toolchain/mips64el-buildroot-linux-uclibc/include/c++/5.5.0/bits/c++0x_warning.h:32:2: error: #error This file requires compiler and library support for the ISO C++ 2011 standard. This support must be enabled with the -std=c++11 or -std=gnu++11 compiler options.
 #error This file requires compiler and library support \
  ^

Fixes:
 - http://autobuild.buildroot.org/results/7caf175af039054a032b8f63b458b3940d9ec0f3

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-pycups: needs python3

As stated in README:

Python 3 or later is required since Python 2 is unsupported since
2020-01-01.

Fixes:
 - http://autobuild.buildroot.org/results/3c8db83a2d1ae094fc718947a508e35e940121ce

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/vdr: bump to version 2.4.6

- Drop patches (already in version)
- pkg-config can be used to retrieve dependencies since
  https://projects.vdr-developer.org/git/vdr.git/commit?id=f5dba03447fa73da6e181ead7fb98c2b0a2fed41
  so use it and drop unneeded workarounds such as VDR_INCLUDE_DIRS
- Update indentation in hash file (two spaces)

https://projects.vdr-developer.org/git/vdr.git/tree/HISTORY?id=V20406

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/mosquitto: fix static build with cjson

Fixes:
 - http://autobuild.buildroot.org/results/98e0bccf3e1a964bb6a52265bd6f11a681ec220d

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/opencv3: do not detect ccache

OpenCV-3's buildsystem will try to detect ccache and use it if
available. This may yield a system-installed ccache.

However, in Buildroot, ccache is entirely hidden away and handled in the
toolchain wrapper.

Forcibly disable detection of ccache.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Cc: Samuel Martin <s.martin49@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/freescale-imx/imx-gpu-viv: is an libopencl provider

The imx-gpu-viv install libOpenCL.so.1.2 library and cl.h header,
so declare it as a libopencl provider.

With this support we can select the clinfo package provided by
Buildroot instead of the one provided by imx-gpu-viv package.

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Cc: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/freescale-imx/imx-gpu-viv: install Vendor ICDs file (Vivante.icd)

Without this file, the clinfo binary provided by the package doesn't
detect the opencl support.

Fixes:
https://github.com/boundarydevices/buildroot-external-boundary/issues/5

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Cc: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

board/boundarydevices: promote buildroot-external-boundary project

It may be useful for users using Boundary Devices boards to find
more advanced defconfigs that the one provided by Buildroot.

See:
https://github.com/boundarydevices/buildroot-external-boundary#configurations-details

Update the readme.txt to add the link to the br2_external maintained
by Boundary Devices.

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Cc: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/freescale_imx8qxpmek: bump BSP components to 5.4.47_2.2.0

Signed-off-by: Stephane Viau <stephane.viau@oss.nxp.com>
[Build- and run-tested on i.MX8QXP MEK rev B0]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/freescale_imx8qmmek: bump BSP components to 5.4.47_2.2.0

Signed-off-by: Stephane Viau <stephane.viau@oss.nxp.com>
[Build- and run-tested on i.MX8QM MEK]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/freescale_imx8mqevk: bump BSP components to 5.4.47_2.2.0

Signed-off-by: Stephane Viau <stephane.viau@oss.nxp.com>
[Build- and run-tested on i.MX8MQ EVK]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/freescale_imx8mnevk: bump BSP components to 5.4.47_2.2.0

Signed-off-by: Stephane Viau <stephane.viau@oss.nxp.com>
[Build- and run-tested on i.MX8MN DDR4 EVK]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/freescale_imx8mmevk: bump BSP components to 5.4.47_2.2.0

Signed-off-by: Stephane Viau <stephane.viau@oss.nxp.com>
[Build-tested only]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/freescale_imx7dsabresd: bump BSP components to 5.4.47_2.2.0

Signed-off-by: Stephane Viau <stephane.viau@oss.nxp.com>
[Build-tested only]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/freescale_imx6*: bump BSP components to 5.4.47_2.2.0

Signed-off-by: Stephane Viau <stephane.viau@oss.nxp.com>
[run-tested on i.MX6Q SabreSD, build-tested only for other configs]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/imx-mkimage: bump to version rel_imx_5.4.47_2.2.0

This version is aligned with 5.4.47_2.2.0 NXP Linux BSP.

Signed-off-by: Stephane Viau <stephane.viau@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/freescale-imx/imx-vpu-hantro: bump version to 1.19.0

This version is aligned with 5.4.47_2.2.0 NXP Linux BSP.

Signed-off-by: Stephane Viau <stephane.viau@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/freescale-imx/imx-vpu: bump version to 5.4.39.3

This version is aligned with 5.4.47_2.2.0 NXP Linux BSP.

Signed-off-by: Stephane Viau <stephane.viau@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/freescale-imx/imx-seco: bump version to 3.7.1

This version is aligned with 5.4.47_2.2.0 NXP Linux BSP.

Signed-off-by: Stephane Viau <stephane.viau@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/freescale-imx/imx-sc-firmware: bump version to 1.6.0

This version is aligned with 5.4.47_2.2.0 NXP Linux BSP.

Signed-off-by: Stephane Viau <stephane.viau@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/freescale-imx/imx-gpu-viv: bump version to 6.4.3.p0.0

This version is aligned with 5.4.47_2.2.0 NXP Linux BSP.

Signed-off-by: Stephane Viau <stephane.viau@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/freescale-imx/imx-gpu-g2d: bump to version 6.4.3.p0.0

This version is aligned with 5.4.47_2.2.0 NXP Linux BSP.

Signed-off-by: Stephane Viau <stephane.viau@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/freescale-imx/firmware-imx: bump version to 8.9

This version is aligned with 5.4.47_2.2.0 NXP Linux BSP.

Signed-off-by: Stephane Viau <stephane.viau@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/dhcpcd: add udev optional dependency

udev is an optional dependency (enabled by default) since version 6.1.0:
https://github.com/rsmarples/dhcpcd/commit/12bbc8cb5c7507be15a7e0af4140c3d81125c46c

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/dhcpcd: create dhcpcd user

privsep is supported since version 9.0.0 and
https://github.com/rsmarples/dhcpcd/commit/d5786118da1bad4c247631cae86344f1b249a8cb
It is enabled by default since
https://github.com/rsmarples/dhcpcd/commit/3a4c2e5604d72151b06ed365aa71493740a3ad75

So use --privsepuser to avoid that the detection mechanism finds a wrong
value from host and create it on the target

Fixes:
 - https://bugs.buildroot.org/show_bug.cgi?id=13416

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/dhcpcd: enhance syntax

Add all configure options through DHCP_CONFIG_OPTS and avoid splitting
lines when they are less than 80 characters

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/opencv3: bump to version 3.4.13

https://github.com/opencv/opencv/wiki/ChangeLog#version3413

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/botan: bump to version 2.17.3

https://botan.randombit.net/news.html#version-2-17-3-2020-12-21

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/mutt: add gnutls optional dependency

gnutls is an optional dependency since version 1.5.7 and
https://gitlab.com/muttmua/mutt/-/commit/457d70d6b10860bae084837024eb34aa3bfbc5fa

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/mutt: add zlib optional dependency

zlib is an optional dependency which is enabled by default since version
1.14.1 and
https://gitlab.com/muttmua/mutt/-/commit/136ae0add512f21bc418f9e31a2f1b970ad1a490

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/mutt: fix activation of openssl on imap

Activation of openssl for imap is broken since commit
0fcd010a2db771c259224ad1d025fb4c5a9baf3b because of the following typo:
BR2_PACKAGET_MUTT_IMAP

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/refpolicy: bump to 2.20200818

Changelog:
https://github.com/SELinuxProject/refpolicy/releases/tag/RELEASE_2_20200818

Signed-off-by: Antoine Tenart <atenart@kernel.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/bustle: bump to version 0.8.0

- Update license hash and remove GPL-3.0:
  https://gitlab.freedesktop.org/bustle/bustle/-/commit/c3f2f160c528c874c483a314ebbf997abfd85492
- Use PCAP_CONFIG which is available since
  https://gitlab.freedesktop.org/bustle/bustle/-/commit/7e2daf2984fc4d479b153e899b80e8d669ff54cf
- Update indentation in hash file (two spaces)

https://hackage.haskell.org/package/bustle-0.8.0/changelog

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/freescale-imx/firmware-imx: add sdma file for IMX6S platform

Uses the same file as IMX6Q platform, see imx6sl.dtsi.

Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/minizip: fix build without openssl

Disable PKWARE traditional and WinZIP AES encryption without openssl to
avoid the following build failure due to MZ_FETCH_LIBS being set to OFF
since commit f9d31de3b7585e3521aafe2089fcff79bf7f037d

Fixes:
 - http://autobuild.buildroot.org/results/ae16497bf56df9ce4be97651b5ce65f75bdf909f

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/rhash: fix build failure due to gcc -v

With BR2_RELRO_PARTIAL or BR2_RELRO_FULL, our toolchain wrapper will
forcibly add -Wl,-z,relro to any call to the actual compiler. This
usually works OK, because gcc will only use those options it needs for
the compile step it has to carry: pre-processing, compiling, assembling,
or linking, and ignore those options it does not need.

Excpt in one case: when -v is passed standalone, with no input file,
then gcc will falsely believe it has to do a link stage;

    $ gcc -Wl,-z,relro -v
    [...]
    /usr/bin/ld: /usr/lib/gcc/x86_64-linux-gnu/9/../../../x86_64-linux-gnu/Scrt1.o: in function `_start':
    (.text+0x24): undefined reference to `main'
    collect2: error: ld returned 1 exit status

Fixing that in our wrapper will not be easy, because we'd have to detect
there is no input file. Doing so would probably require we support
almost all gcc options to differentiate between the parameter of an
option (e.g. -I /some/path) from an actual inpout file. This would not
be very robust, and would have a high risk od breaking when we introduce
the next gcc version.

Since it seems that only rhash is affected, due to its inventive,
custom, hand-written configure script, we just patch it to be a bit more
robust in the face of a compiler that could not accept -v, and fallback
to --version.

Fixes:
 - http://autobuild.buildroot.org/results/8605c16cc28316954ce8b9dcc266974390c5da20

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
  - retain "$CC -v" as default, fallback to "$CC --version", in the hope
    that it stands better chance with upstream
  - write a commit log to explain the actual root-cause of the build
    failure
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/uhubctl: bump to version 2.3.0

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

libcurl: security bump to version 7.74.0

Fixes security issues:

CVE-2020-8286: Inferior OCSP verification

CVE-2020-8285: FTP wildcard stack overflow

CVE-2020-8284: trusting FTP PASV responses

Drop upstream patch.

Cc: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/linux-firmware: add new option for Samsung MFC firmwares

Multi format codec (MFC) is the IP present in Samsung Exynos series SoCs
for video encoding/decoding operations.

Signed-off-by: Stefan Agner <stefan@agner.ch>
[yann.morin.1998@free.fr: add all FW versions]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/pkg-meson: force-disable binary stripping

In buildroot, stripping for the target is configured and implemented
with the global `BR2_STRIP_strip` option that drive the stripping in
the target-finalize step.

So, we explicitly disable stripping at build time for the target
variants.

For the host variants, however, we don't much care about symbols and
stuff, but smaller executables will hopefully load faster than bigger
ones (disputable, given that sections in ELF files are paged-in
on-demand), so we explictly enable stripping.

Signed-off-by: Gleb Mazovetskiy <glex.spb@gmail.com>
[yann.morin.1998@free.fr:
  - add burb about the target-finalize step
  - enable stripping for host variants
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

support/dependencies: set cmake version min to 3.15

quazip requires cmake 3.15 since version 1.0 and
https://github.com/stachenov/quazip/commit/89e7c201f0215032d347eef6fc0c671a1845738b
https://github.com/stachenov/quazip/commit/818adc82246cefffa2e8851534016cf1db349da7

The rationale for this requirement is that "default locations for the
install(TARGETS command based on the GNUInstallDirs package were only
added in 3.14" and "3.15 is not that much of a difference from 3.14 and
it introduced a lot of useful UI improvements.":
https://github.com/stachenov/quazip/issues/82

Fixes:
 - http://autobuild.buildroot.org/results/5d848a46109aef448ea1d1b857a500d9461dc2d9

Note: we also have some patches to allow some packages to build with
cmake-3.10, and this will not be tenable over the long run.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr: add the "note"]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/go: fix s/amrv7/armv7/ typo in comment

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/sysstat: enable lm-sensors support

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/sysstat: bump to version 12.4.2

Drop NLS workaround, not needed since
https://github.com/sysstat/sysstat/commit/1b4185b599730e6139aaaaaa48eb6626fb732c9d

https://github.com/sysstat/sysstat/blob/v12.4.2/CHANGES

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/wpewebkit: security bump to version 2.30.4

This is a minor release which provides a fix for CVE-2020-13543.

Full release notes:

  https://wpewebkit.org/release/wpewebkit-2.30.4.html

A detailed security advisory can be found at:

  https://wpewebkit.org/security/WSA-2020-0009.html

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/webkitgtk: security bump to version 2.30.4

This is a minor release which provides a fix for CVE-2020-13543.

Full release notes:

  https://webkitgtk.org/2020/12/15/webkitgtk2.30.4-released.html

A detailed security advisory can be found at:

  https://webkitgtk.org/security/WSA-2020-0009.html

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/bind: fix compile/linking failure

Fixes:

  - http://autobuild.buildroot.net/results/966a3de94aa97fa8e9895eede29c9cbfb4bd7301

  .../host/lib/gcc/arm-buildroot-linux-musleabihf/9.3.0/../../../../arm-buildroot-linux-musleabihf/bin/ld: warning: libisccfg.so.163, needed by ../../lib/bind9/.libs/libbind9.so, not found (try using -rpath or -rpath-link)
  .../host/lib/gcc/arm-buildroot-linux-musleabihf/9.3.0/../../../../arm-buildroot-linux-musleabihf/bin/ld: ../../lib/bind9/.libs/libbind9.so: undefined reference to `cfg_obj_line'

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
[Peter: replace by upstream patches]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/bind: drop unrecognized option

Drop --enable-newstats option which is not recognized

Unrecognized options:
    --disable-gtk-doc, --disable-gtk-doc-html, --disable-doc, --disable-docs, --disable-documentation, --with-xmlto, --with-fop, --disable-dependency-tracking, --disable-nls, --enable-newstats

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/bind: bump version to 9.11.25

Release notes:
https://ftp.isc.org/isc/bind9/9.11.25/RELEASE-NOTES-bind-9.11.25.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Reviewed-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/openldap: security bump to version 2.4.56

Fixes the following security issue:

- CVE-2020-25692: A NULL pointer dereference was found in OpenLDAP server
  and was fixed in openldap 2.4.55, during a request for renaming RDNs.  An
  unauthenticated attacker could remotely crash the slapd process by sending
  a specially crafted request, causing a Denial of Service.

- CVE-2020-25709: Assertion failure in CSN normalization with invalid input

- CVE-2020-25710: Assertion failure in CSN normalization with invalid input

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
[Peter: add CVE info]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/tiff: bump version to 4.2.0

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/strace: bump version to 5.10

For details see [1].

[1] https://strace.io/files/5.10

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-crc16: allow to build with python3

python3 is officially supported by package, as there is a usage example
at [1]. Simply remove dependency on BR2_PACKAGE_PYTHON.

[1] https://pypi.org/project/crc16/

Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/stella: bump version to 6.4

Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/azure-iot-sdk-c: bump version to LTS_07_2020_Ref02

Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/rauc: fix build with headers < 4.14

Fixes:
 - http://autobuild.buildroot.org/results/829ae7ed66686c11a941ac99bd08a06f754affb4

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/rpi-firmware: bump version to d016a6e

Keep rpi-firmware up-to-date with the kernel
version bump (5.10.1).

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Reviewed-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

configs/raspberrypi*: bump kernel version to 967d45b (5.10.1)

Now based on 5.10.1 (from 5.4.80).

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Reviewed-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/xen: security bump to version 4.14.1

Includes security fixes up to XSA-359:

XSA-345: x86: Race condition in Xen mapping code
XSA-346: undue deferral of IOMMU TLB flushes
XSA-347: unsafe AMD IOMMU page table updates
XSA-348: undue recursion in x86 HVM context switch code (CVE-2020-29566)
XSA-351: Information leak via power sidechannel (CVE-2020-28368)
XSA-352: oxenstored: node ownership can be changed by unprivileged clients
         (CVE-2020-29486)
XSA-353: oxenstored: permissions not checked on root node (CVE-2020-29479)
XSA-355: stack corruption from XSA-346 change
XSA-356: infinite loop when cleaning up IRQ vectors (CVE-2020-29567)
XSA-358: FIFO event channels control block related ordering (CVE-2020-29570)
XSA-359: FIFO event channels control structure ordering (CVE-2020-29571)

And drop now upstreamed security patches.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/nodejs: security bump to version 12.19.1

Fixes the following security issue:

- CVE-2020-8277: Denial of Service through DNS request (High).  A Node.js
  application that allows an attacker to trigger a DNS request for a host of
  their choice could trigger a Denial of Service by getting the application
  to resolve a DNS record with a larger number of responses.

https://nodejs.org/en/blog/release/v12.19.1/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

configs/nitrogen6x_defconfig: remove duplicate BR2_PACKAGE_HOST_UBOOT_TOOLS=y

The commit [1] added this option a second time.
Remove the first occurence.

Fixes:
configs/nitrogen6x_defconfig:31:warning: override: reassigning to symbol BR2_PACKAGE_HOST_UBOOT_TOOLS

[1] 6ea9f662a03e0f4b4a9000a25095b8e6293b07b6

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/apitrace: disable unit tests

This will avoid the following build failure with xtensa:

[ 62%] Linking CXX executable ../../guids_test
[ 62%] Building CXX object retrace/CMakeFiles/retrace_common.dir/retrace.cpp.o
CMakeFiles/guids_test.dir/guids_test.cpp.o:(.debug_line+0xf7b): dangerous relocation: overflow after relaxation
collect2: error: ld returned 1 exit status
lib/guids/CMakeFiles/guids_test.dir/build.make:85: recipe for target 'guids_test' failed

Fixes:
 - http://autobuild.buildroot.org/results/8fea93a88bb34e98e391a048c3b996b45ebac803

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/memcached: bump to version 1.6.9

https://github.com/memcached/memcached/wiki/ReleaseNotes169

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/minizip: bump to version 2.10.5

- Drop patches (already in version)
- Set MZ_FETCH_LIBS to OFF (available since version 2.10.5 and
  https://github.com/nmoinvaz/minizip/commit/a1602ed9c82c6b2dd5ea8753dd3fecc3dcc74ba5)
- Use MZ_ICONV which is available since version 2.10.4 and
  https://github.com/nmoinvaz/minizip/commit/628830ff93c2fb1fd1bbb87ccea5857c5caf2af4
- Add xz optional dependency which is available since version 2.10.2 and
  https://github.com/nmoinvaz/minizip/commit/f1cc0e3898b23828765378b2ab6ba7622d1f8dbe

https://github.com/nmoinvaz/minizip/releases/tag/2.10.5
https://github.com/nmoinvaz/minizip/releases/tag/2.10.4
https://github.com/nmoinvaz/minizip/releases/tag/2.10.3
https://github.com/nmoinvaz/minizip/releases/tag/2.10.2
https://github.com/nmoinvaz/minizip/releases/tag/2.10.1

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/librsvg: bump to version 2.50.2

https://gitlab.gnome.org/GNOME/librsvg/-/blob/2.50.2/NEWS

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/mongodb: bump to version 4.2.11

https://docs.mongodb.com/master/release-notes/4.2-changelog/#id1

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/netsnmp: fix memory leak in IP-MIB when running without IPv6

In a Linux system without IPv6 support (or booted with "ipv6.disable=1")
file /proc/net/snmp6 is not present. If such file is not present an allocated
memory is not freed. Memory leak occurs even without snmp queries.

Problem seen at least since netsnmp 5.7.3 (probably even v5.6.1).
Patch backported from netsnmp 5.9, where the problem does not appear any more.

Signed-off-by: Adam Wujek <dev_public@wujek.eu>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libdrm: add license file

Add xf86drm.c as the license file and while at it, update the indentation
in hash file (two spaces)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/mutt: fix CVE-2020-28896

Mutt before 2.0.2 and NeoMutt before 2020-11-20 did not ensure that
$ssl_force_tls was processed if an IMAP server's initial server response
was invalid. The connection was not properly closed, and the code could
continue attempting to authenticate. This could result in authentication
credentials being exposed on an unencrypted connection, or to a
machine-in-the-middle.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/rauc: security bump to version 1.5

Fixes the following security issue:

- CVE-2020-25860: Time-of-Check-Time-of-Use Vulnerability in code that
  checks and installs a firmware bundle.
  For more details, see the advisory:
  https://github.com/rauc/rauc/security/advisories/GHSA-cgf3-h62j-w9vv

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-pyqt5: fix qt5 openssl conditional

BR2_PACKAGE_QT5BASE_OPENSSL was dropped by commit 4be1f9b9873
(package/qt5enginio: drop qt 5.6 support), but python-pyqt5 not updated to
match.  Fix that.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/ti-sgx-*: fix s/correpsonds/corresponds/ typo

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/ttyd: bump to version 1.6.2

Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/zstd: bump to version 1.4.8

Drop patch (already in version)

https://github.com/facebook/zstd/releases/tag/v1.4.7
https://github.com/facebook/zstd/releases/tag/v1.4.8
(No 1.4.6 release)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/ghostscript: bump to version 9.53.3

https://www.ghostscript.com/doc/9.53.3/News.htm

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/imagemagick: security bump to version 7.10.51

- Fix CVE-2020-29599: ImageMagick before 6.9.11-40 and 7.x before
  7.0.10-40 mishandles the -authenticate option, which allows setting a
  password for password-protected PDF files. The user-controlled password
  was not properly escaped/sanitized and it was therefore possible to
  inject additional shell commands via coders/pdf.c.
- Update license hash (correct wording to match Apache 2 license:
  https://github.com/ImageMagick/ImageMagick/commit/45e5d2493c08e7cb49f7268c01d847e88f78fd6c)

https://github.com/ImageMagick/ImageMagick/blob/7.0.10-51/ChangeLog

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/cryptopp: security bump to version 8.3.0

- Fix CVE-2019-14318: Crypto++ 8.2.0 and earlier contains a timing side
  channel in ECDSA signature generation. This allows a local or remote
  attacker, able to measure the duration of hundreds to thousands of
  signing operations, to compute the private key used. The issue occurs
  because scalar multiplication in ecp.cpp (prime field curves, small
  leakage) and algebra.cpp (binary field curves, large leakage) is not
  constant time and leaks the bit length of the scalar among other
  information. For details, see:
  https://github.com/weidai11/cryptopp/issues/869

- Update license hash due to the addition of ARM SHA1 and SHA256 asm
  implementation from Cryptogams
  https://github.com/weidai11/cryptopp/commit/1a63112faf5af60e0ebcc60654eef806e7f6f11a
  https://github.com/weidai11/cryptopp/commit/4c9ca6b723b5ec5aab7eec720ad4d22598abe941

https://www.cryptopp.com/release830.html

[Peter: adjust CVE info, issue is fixes in 8.3.0]
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/glib-networking: bump to version 2.66.0

https://gitlab.gnome.org/GNOME/glib-networking/-/blob/2.66.0/NEWS

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/gnupg2: bump to version 2.2.25

Update indentation in hash file (two spaces)

https://lists.gnupg.org/pipermail/gnupg-announce/2020q4/000449.html
https://lists.gnupg.org/pipermail/gnupg-announce/2020q4/000450.html

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/rtl8188eu: Bump to 60cb0b5 (v5.2.2.4 branch HEAD)

This allows to build against newer kernels (up to 5.10).
Added support for new HW (Edimax EW-7811Un V2, RTL8188FU, MERCUSYS
MW150US v2, various RTL8188CE)

Tested on kernel v5.9.

Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/perl-math-int64: new package

Signed-off-by: Joeri Barbarien <joeri.barbarien@nokia.com>
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/perl-devel-size: new package

Signed-off-by: Joeri Barbarien <joeri.barbarien@nokia.com>
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/perl-devel-cycle: new package

Signed-off-by: Joeri Barbarien <joeri.barbarien@nokia.com>
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/ncurses: don't attempt calling ldconfig in host-ncurses

The host-ncurses install step attempts to run ldconfig, causing a permission
failure:

cd /buildroot/output/host/lib && (ln -s -f libncurses.so.6.0 libncurses.so.6; ln -s -f libncurses.so.6 libncurses.so; )
test -z "" && /sbin/ldconfig
/sbin/ldconfig: Can't create temporary cache file /etc/ld.so.cache~: Permission denied
make[3]: [/buildroot/output/host/lib/libncurses.so.6.0] Error 1 (ignored)

The error is non-fatal and ignored, but confusing.

The ncurses makefiles already avoid calling ldconfig when DESTDIR is set
(target case) but for host-ncurses DESTDIR is empty and the output/host path
is passed via --prefix.

Pass an empty ac_cv_path_LDCONFIG to the configure step, so than ldconfig is
not called.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/opkg-utils: needs Python3 on the host

The 'opkg.py' script installed by host-opkg-utils has as shebang:
    #!/usr/bin/env python3

which may not be available on all host machines.
Add a potential dependency on host-python3 via BR2_PYTHON3_HOST_DEPENDENCY,
which will only add the host-python3 dependency if no python3 is already
available on the host.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/ffmpeg: enable libv4l2 when selected

Signed-off-by: Joseph Kogut <joseph.kogut@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/snort: bump to version 2.9.17

Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

configs/chromebook_elm_defconfig: use linux headers same as kernel (5.9 series)

Use linux headers same as kernel (5.9 series).

Fixes:

  - https://gitlab.com/buildroot.org/buildroot/-/jobs/917539050

  Incorrect selection of kernel headers: expected 5.10.x, got 5.9.x

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>