package/gupnp: security bump to version 1.2.3

It includes the following commits:
https://github.com/GNOME/gupnp/commit/66a73e96f5a733a149803a985686a4e4e196f90b
https://github.com/GNOME/gupnp/commit/f943904e2d7f21601337b90058faf74b49c02796
which mitigate CVE-2020-12695

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/parprouted: new package

parprouted is a daemon for transparent IP (Layer 3) proxy ARP
bridging. This is useful for creation of transparent firewalls
and bridging networks with different MAC protocols. Also,
unlike standard bridging, proxy ARP bridging allows to bridge
Ethernet networks behind wireless nodes without using WDS or
layer 2 bridging.

https://www.hazard.maks.net/parprouted

Signed-off-by: Owen Walpole <owen@walpole.dev>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/keepalived: bump to version 2.1.4

This will fix a build failure with kernel 4.15 thanks to:
https://github.com/acassen/keepalived/commit/d47ae3b1c853adefb9680ba31cf05c037d844445

Fixes:
 - http://autobuild.buildroot.org/results/db7f149f63e9180b22460caa74850673362aa17c

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/xvisor: needs host-dtc

host-dtc is a mandatory dependency since version 0.3.0 and
https://github.com/xvisor/xvisor/commit/e31344c9b5835c8a12bfffb3a359f343b273fab5

Fixes:
 - http://autobuild.buildroot.org/results/3f49302e7d05d666a51db0cb51365620a63e3b40

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/pigpio: bump to version 77

Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/gst1-plugins-bayer2rgb-neon: bump to 0.4

Bump gst1-plugins-bayer2rgb-neon to 0.4.

Signed-off-by: Eloi Bail <eloi.bail@savoirfairelinux.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/nfs-utils: bump version to 2.5.1

Bump to version 2.5.1 and remove local already upstreamed patch.

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Reviewed-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/zlib-ng: bump to version 9609cb56a8f62868ccf264493bc9c3b4d5762fcf

We need to update the location to point to the current maintained
upstream repo as well since the existing one is unmaintained.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/redis: bump to version 6.0.5

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Acked-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libva-utils: bump version to 2.8.0

Release notes:
https://github.com/intel/libva-utils/blob/v2.8-branch/NEWS

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libva: bump version to 2.8.0

Release notes: https://github.com/intel/libva/blob/v2.8-branch/NEWS

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/ntp: bump to version 4.2.8p15

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libnss: bump version to 3.54

Bump version to 3.54 and remove 0002[1] and 0003[2] local patches that
has been upstreamed.

Release Notes:
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.54_release_notes

[1]: https://hg.mozilla.org/projects/nss/rev/e955ece90b050e9da67528f09648945156d2bcea
[2]: https://hg.mozilla.org/projects/nss/rev/f46fca8ced7fca6aa6de60e3170b2a3b6b2df565

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/sdl_image: disable dynamic loading of libraries

The thing with Buildroot, is that we know in advance what will be in the
root filesystem. Therefore, we don't need SDL_image to probe for the
presence of libpng, libjpeg, libtiff or libwebp and dynamically load
them; SDL_image can be linked to them directly at compilation time.

Signed-off-by: Paul Cercueil <paul@crapouillou.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/sdl_image: fix WebP dynamically loaded on host build

Just like with libjpeg and libpng, we don't want libwebp to be
dynamically loaded by SDL_image at runtime.

Signed-off-by: Paul Cercueil <paul@crapouillou.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/ttyd: bump to version 1.6.1

Removed patches applied upstream.

Signed-off-by: Tian Yuanhao <tianyuanhao@aliyun.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/samba4: bump version to 4.11.10

Changelog:
https://www.samba.org/samba/history/samba-4.11.10.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/gensio: bump to version 2.1.1

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libudfread: bump version to 1.1.0

Changelog:
https://code.videolan.org/videolan/libudfread/-/blob/master/ChangeLog

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/stella: bump version to 6.2.1

Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/tslib: update to 1.22

The removed patches are of course part of this release and
https://github.com/libts/tslib/releases has a very short changelog.

Signed-off-by: Martin Kepplinger <martink@posteo.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/rock_pi_4: new defconfig

Add initial support for RK3399 based rockpi-4 targets (model A, B, C)
with below features:

- Custom U-Boot 2020.07-rc4
  https://github.com/amarula/u-boot-amarula.git
  branch rock-pi
- Linux 5.4.46
- GPT partition layout is being used
- Default packages from buildroot

Signed-off-by: Suniel Mahesh <sunil@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/rock_pi_n10: new defconfig

Add initial support for RK3399PRO SOM based rockpi-n10 target
with below features:

- Custom U-Boot 2020.07-rc4
  https://github.com/amarula/u-boot-amarula.git
  branch rock-pi
- Linux 5.7.2
- GPT partition layout is being used
- Default packages from buildroot

Signed-off-by: Suniel Mahesh <sunil@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/batctl: bump version to 2020.2

Also separate the fields in the hash file by two spaces.

Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/bluez-alsa: add patch for fixing build failure with gcc 10

A fix is available upstream but does not apply on the used version by
buildroot.

Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

support/scripts/pkg-stats: fix flake8 warning

This fixes the following flake8 warning:

support/scripts/pkg-stats:1005:9: E117 over-indented

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

support/script/pkg-stats: handle exception when version comparison fails

With python 3, when a package has a version number x-y-z instead of
x.y.z, then the version returned by LooseVersion can't be compared
which raises a TypeError exception:

Traceback (most recent call last):
  File "./support/scripts/pkg-stats", line 1062, in <module>
    __main__()
  File "./support/scripts/pkg-stats", line 1051, in __main__
    check_package_cves(args.nvd_path, {p.name: p for p in packages})
  File "./support/scripts/pkg-stats", line 613, in check_package_cves
    if pkg_name in packages and cve.affects(packages[pkg_name]):
  File "./support/scripts/pkg-stats", line 386, in affects
    return pkg_version <= cve_affected_version
  File "/usr/lib64/python3.8/distutils/version.py", line 58, in __le__
    c = self._cmp(other)
  File "/usr/lib64/python3.8/distutils/version.py", line 337, in _cmp
    if self.version < other.version:
TypeError: '<' not supported between instances of 'str' and 'int'

This patch handles this exception by adding a new return value when
the comparison can't be done. The code is adjusted to take of this
change. For now, a return value of CVE_UNKNOWN is handled the same way
as a CVE_DOESNT_AFFECT return value, but this can be improved later
on.

Signed-off-by: Gregory CLEMENT <gregory.clement@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/bitwise: new package

Bitwise is multi base interactive calculator supporting dynamic base
conversion and bit manipulation.  It's a handy tool for low level
hackers, kernel developers and device drivers developers.

Signed-off-by: Ramon Fried <rfried.dev@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/sdl_mixer: add MIDI support using Timidity

Add MIDI playback support using SDL_mixer' built-in Timidity synth.

Signed-off-by: Paul Cercueil <paul@crapouillou.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

pakcage/sdl_mixer: add optional dependency on FluidSynth for MIDI

Add support for MIDI playback using FluidSynth.

Signed-off-by: Paul Cercueil <paul@crapouillou.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libodb-boost: new package

This package contains the Boost ODB profile library. The Boost profile
provides support for persisting Boost smart pointers, containers, and
value types with the ODB system.

Signed-off-by: Kamel Bouhara <kamel.bouhara@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libodb-mysql: new package

This package contains the MySQL ODB runtime library. Every application
that includes code generated for the MySQL database will need to link
to this library.

Signed-off-by: Kamel Bouhara <kamel.bouhara@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libodb-pgsql: new package

This package contains the PostgreSQL ODB runtime library.
Every application that includes code generated for the PostgreSQL
database will need to link to this library.

Signed-off-by: Adam Duskett <aduskett@gmail.com>
[Kamel: Fix incorrect license, remove unneeded dependency on host-odb]
Signed-off-by: Kamel Bouhara <kamel.bouhara@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libodb: new package

This package contains the common ODB runtime library. Every application
that includes code generated by the ODB compiler will need to link to this
library.

Signed-off-by: Adam Duskett <aduskett@gmail.com>
[Kamel:
- Fix incorrect license
- Remove unneeded dependency on host-odb]
Signed-off-by: Kamel Bouhara <kamel.bouhara@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/odb: new package

ODB is an open-source, cross-platform, and cross-database
object-relational mapping (ORM) system for C++. It allows you to
persist C++ objects to a relational database without having to deal
with tables, columns, or SQL and without manually writing any mapping
code.

ODB supports MySQL, SQLite, PostgreSQL, Oracle, and Microsoft SQL
Server relational databases as well as C++98/03 and C++11 language
standards.  It also comes with optional profiles for Boost and Qt
which allow you to seamlessly use value types, containers, and smart
pointers from these libraries in your persistent C++ classes.

This package is used for auto-generating ODB specific header files
into useable code that can be linked against a seperate libodb and a
specific libodb database library.  As such, it is only needed as a
host program and is not user selectable.

Signed-off-by: Adam Duskett <aduskett@gmail.com>
[Kamel: Fix incorrect odb license]
Signed-off-by: Kamel Bouhara <kamel.bouhara@bootlin.com>
[Thomas: add patch fixing gcc10 build, add references to upstream
commits]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

support/dependencies: add BR2_NEEDS_HOST_GCC_PLUGIN_SUPPORT

Some packages requires support on the build machine to create gcc
plugins. This commit adds a blind option,
BR2_NEEDS_HOST_GCC_PLUGIN_SUPPORT, which such packages can
select. When this option is enabled, the logic in support/dependencies
verifies that everything needed on the build machine to build gcc
plugins is available.

Signed-off-by: Kamel Bouhara <kamel.bouhara@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libcutl: new package

libcutl is distributed in source code and includes the standard autotools
build system as well as the VC++ project files. It is a dependency for odb.

Because ODB is a host-only package, and no other package depends on libcutl,
this package will also be a host-only package.

Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Kamel Bouhara <kamel.bouhara@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/freescale-imx/firmware-imx: bump version to 8.8

This version is aligned with 5.4.24_2.1.0 NXP Linux BSP.

License was updated from:
LA_OPT_NXP_Software_License v10 December 2019
to:
LA_OPT_NXP_Software_License v11 February 2020
which explains the change of EULA/COPYING license files.

Tested-by: Julien Olivain <julien.olivain@oss.nxp.com>
[Julien: tested on i.MX8M Mini EVK Rev A with LPDDR4]
Tested-by: Stephane Viau <stephane.viau@oss.nxp.com>
[Stephane: tested on i.MX8MQ and i.MX8MN]
Tested-by : Maeva Manuel <maeva.manuel@oss.nxp.com>
[Maeva: tested on i.MX8QM MEK rev B0 and i.MX8QXP MEK rev B0]
Signed-off-by: Maeva Manuel <maeva.manuel@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/freescale-imx/imx-seco: bump version to 3.6.3

This version is aligned with 5.4.24_2.1.0 NXP Linux BSP.
Firmware file names now include the SoC revision.

In order not to break the compatibility with the imx-seco 2.3.1
package, it remains B0 support for i.MX8QXP MEK. C0 support should
introduce a Kconfig option and this will be done in a future patch.

License was updated from:
LA_OPT_NXP_Software_License v10 December 2019
to:
LA_OPT_NXP_Software_License v11 February 2020
which explains the change of EULA/COPYING license files.

Tested-by: Maeva Manuel <maeva.manuel@oss.nxp.com>
[Maeva: tested on i.MX8QXP MEK (Board rev D1, SoC rev B0)
and on i.MX8QM MEK (SoC rev B0)]
Signed-off-by: Maeva Manuel <maeva.manuel@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/freescale_imx8mnevk: bump BSP components to 5.4.24_2.1.0

Signed-off-by: Stephane Viau <stephane.viau@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/kodi-pvr-mythtv: bump version to 5.10.18-Leia

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/moarvm: bump to version 2020.06

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/tinydtls: fix build on big endian

Fixes:
 - http://autobuild.buildroot.org/results/e8704e02fdede7b63e22da552292977b23380b32

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

Config.in.legacy: drop legacy handling for BR2_PACKAGE_FIRMWARE_DDRFW_* options

These options were only added in commit
6bb7f3b81092e7005470c7d689a566dbc1d059c6, which was made after the
2020.05 release. So they are not part of any release at this point,
which makes legacy handling unnecessary.

Reported-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/agentpp: bump version to 4.3.1

Also separate the fields in the hash file by two spaces.

Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Reviewed-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/snmppp: bump version to 3.4.1

Also separate the fields in the hash file by two spaces.

Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Reviewed-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-greenlet: bump to version 0.4.16

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-aioconsole: bump to version 0.2.1

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/check: bump version to 0.15.0

Also separate the fields in the hash file by two spaces.

Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/jq: bump version to a17dd32

Bump jq package to latest to fix seg fault errors reported at
https://github.com/stedolan/jq/issues/2003

Signed-off-by: Lyle Franklin <lylejfranklin@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/ccid: bump version to 1.4.33

Also separate the fields in the hash file by two spaces.

Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/vsftpd: add systemd unit

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/ffmpeg: bump version to 4.3.1

Changelog:
http://git.videolan.org/?p=ffmpeg.git;a=blob;f=Changelog;h=be7588bbbf6d0568282a057e858d9aa694388e85;hb=refs/heads/release/4.3

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/aumix: add debian patch for fixing build with gcc 10

Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/tor: bump version to 0.4.3.6

Release notes for 0.4.3.5: https://blog.torproject.org/node/1872
"Tor 0.4.3.5 is the first stable release in the 0.4.3.x series."

Release notes for 0.4.3.6: https://blog.torproject.org/node/1900

The fix for CVE-2020-15572 "Fix a crash due to an out-of-bound memory
access when Tor is compiled with NSS support" does not affect buildroot
because we do not support building tor with libnss.

Rebased patch 0001.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libcec: bump version to 4.0.7

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/freescale-imx/firmware-imx: clarify installation of firmware files

The newly introduced BR2_PACKAGE_FIRMWARE_IMX_NEEDS_xxx symbols are
used in lieu of the SoC type when installing images or binaries on
target.

Suggested-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Stephane Viau <stephane.viau@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/freescale-imx/firmware-imx: add options for all i.MX FW needs

Some SoCs need a HDMI FW for their bootloader, some other require
EPDC, SDMA and/or VPU.

Instead of trying to "guess" what firmware images need to be installed
in firmware-imx.mk, let the Config framework do the job and allow each
SoC to pick what firmware they need.

Note that this patch should also help introducing an eventual DP FW,
as Gary mentioned in a separate thread [1].

[1] http://lists.busybox.net/pipermail/buildroot/2020-May/283181.html

Suggested-by: Yann E. MORIN <yann.morin.1998@free.fr>
Suggested-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Stephane Viau <stephane.viau@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/freescale-imx: move DDR FW choice down to firmware-imx package

The DDR FW along with all other FW code that need to be used in
bootloader or installed on target are related to the firmware-imx
package.

This patch does this job as well as fixing the conjugation of NEED*s*
in the symbol name. Also take advantage of this patch to make the DDR
FW dependant on BR2_PACKAGE_FIRMWARE_IMX.

In addition, the BR2_PACKAGE_FIRMWARE_DDRFW_* option was incorrect, as
there is no package matching this name. So we rename them to
BR2_PACKAGE_FIRMWARE_IMX_*, and add the appropriate Config.in.legacy
handling.

Suggested-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Stephane Viau <stephane.viau@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/freescale-imx/firmware-imx: fix sdma/vpu firmware install path

In a patch set that did not get in for other reasons, Sebastien proposed
to fix the install path directory of the sdma and vpu firmware code [1]:

"Mainline and NXP kernels expect the sdma firmware to be in
/lib/firmware/imx/sdma so fix the install path [...]"

By looking at the code, I believe this is correct even though I have no
means to test it.

[1] http://lists.busybox.net/pipermail/buildroot/2020-June/284875.html

Suggested-by: Sébastien Szymanski <sebastien.szymanski at armadeus.com>
Signed-off-by: Stephane Viau <stephane.viau@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/freescale_imx8qxpmek: bump BSP components to version 5.4.24_2.1.0

Tested-by: Maeva Manuel <maeva.manuel@oss.nxp.com>
Signed-off-by: Maeva Manuel <maeva.manuel@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/freescale_imx8qmmek: bump BSP components to version 5.4.24_2.1.0

Tested-by: Maeva Manuel <maeva.manuel@oss.nxp.com>
Signed-off-by: Maeva Manuel <maeva.manuel@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/webkitgtk: security bump to version 2.28.3

This is a minor release which provides fixes for CVE-2020-9800,
CVE-2020-9802, CVE-2020-9803, CVE-2020-9805, CVE-2020-9806,
CVE-2020-9807, CVE-2020-9843, CVE-2020-9850, and CVE-2020-13753.

Updating from 2.28.2 also brings in the usual batch of fixes, including
important improvements to threading in the media player. Full release
notes can be found at:

  https://webkitgtk.org/2020/07/09/webkitgtk2.28.3-released.html

A detailed security advisory can be found at:

  https://webkitgtk.org/security/WSA-2020-0006.html

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/wpewebkit: security bump to version 2.28.3

This is a minor release which provides fixes for CVE-2020-9800,
CVE-2020-9802, CVE-2020-9803, CVE-2020-9805, CVE-2020-9806,
CVE-2020-9807, CVE-2020-9843, CVE-2020-9850, and CVE-2020-13753.

Updating from 2.28.2 also brings in the usual batch of fixes, including
important improvements to threading in the media player. Full release
notes can be found at:

  https://wpewebkit.org/release/wpewebkit-2.28.3.html

A detailed security advisory can be found at:

  https://wpewebkit.org/security/WSA-2020-0006.html

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/php: bump version to 7.4.8

Quoting https://www.php.net/
"For windows users running an official build, this release contains a
 patched version of libcurl addressing CVE-2020-8159.

For all other consumers of PHP, this is a bug fix release."

Changelog: https://www.php.net/ChangeLog-7.php#7.4.8

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

board/qemu/aarch64-virt/linux.config: enable VIRTIO_FS driver

virtio-fs allow sharing a directory between the host and the guest.
It require virtiofsd daemon running before starting Qemu.

The wiki [1] recommand to enable the following kernel options:

      CONFIG_VIRTIO
      CONFIG_VIRTIO_FS
      CONFIG_DAX
      CONFIG_FS_DAX
      CONFIG_DAX_DRIVER
      CONFIG_ZONE_DEVICE

But virtio-fs works fine with only VIRTIO_FS.

Note: ZONE_DEVICE can only be enabled on aarch64 since kernel >= 5.7.
ARCH_ENABLE_MEMORY_HOTREMOVE support is missing for previous kernel [2].

[1] https://virtio-fs.gitlab.io/howto-qemu.html
[2] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=bbd6ec605c0fc286c3f8ce60b4ed44635361d58b

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

board/qemu/aarch64-virt/linux.config: enable TPM tis support

Qemu aarch64 virt machine support TPM using a swtmp [1] TPM emulator
provided on the qemu command line [2].

[1] https://github.com/stefanberger/swtpm/wiki
[2] https://git.qemu.org/?p=qemu.git;a=commitdiff;h=c294ac327ca99342b90bd3a83d2cef9b447afaa7

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

board/qemu/aarch64-virt/linux.config: enable ARM_SMMU_V3

>From [1]:
Support for implementations of the ARM System MMU architecture
version 3 providing translation support to a PCIe root complex.

ARM SMMU is supported since Qemu v3.0.0 [2].

ARM_SMMU_V3 can be enabled with: -M virt,iommu=smmuv3

dmesg:
arm-smmu-v3 9050000.smmuv3: ias 44-bit, oas 44-bit (features 0x00000305)
arm-smmu-v3 9050000.smmuv3: allocated 262144 entries for cmdq
arm-smmu-v3 9050000.smmuv3: allocated 131072 entries for evtq

[1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/tree/drivers/iommu/Kconfig?h=v5.4.42#n390
[2] https://git.qemu.org/?p=qemu.git;a=commitdiff;h=527773eeef9f2225370f9c17c35074b2ed0ced92

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

board/qemu/aarch64-virt/linux.config: enable QEMU firmware configuration (fw_cfg)

>From [1]:
This kernel option allow exporting of the QEMU firmware configuration (fw_cfg)
file entries via sysfs. Entries are found under /sys/firmware/fw_cfg when this
option is enabled and loaded.

Enable the suboption to allow the qemu_fw_cfg device to be initialized via the
kernel command line or using a module parameter.

[1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/tree/drivers/firmware/Kconfig?h=v5.4.42#n187

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

board/qemu/aarch64-virt/linux.config: enable VIRTIO_GPU driver

This driver is intended to be used by mesa virgl Gallium on the guest.
virtio-gpu is enabled by adding "-device virtio-gpu-pci" on the qemu
command line.

It's detected by lspci and dmesg log:

$ lspci
00:01.0 Display controller: Red Hat, Inc. Virtio GPU (rev 01)

$ dmesg
virtio-pci 0000:00:01.0: enabling device (0000 -> 0002)
[drm] pci: virtio-gpu-pci detected at 0000:00:01.0
[drm] virgl 3d acceleration not supported by host
[drm] EDID support available.
[TTM] Zone  kernel: Available graphics memory: 51876 KiB
[TTM] Initializing pool allocator
[TTM] Initializing DMA pool allocator
[drm] number of scanouts: 1
[drm] number of cap sets: 0
[drm] Initialized virtio_gpu 0.1.0 0 for virtio2 on minor 0

The framebuffer interface fb0 is now present in /dev

$ ls /dev/fb*
/dev/fb0

See:
https://www.kraxel.org/blog/2019/09/display-devices-in-qemu/
https://at.projects.genivi.org/wiki/display/WIK4/GENIVI+Technical+Summit+Session+Content+2018?preview=%2F28412356%2F28412481%2F2018-10-11_GeniviBangalorTechSummit_Virtio_GPU.pdf

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

board/qemu/aarch64-virt/linux.config: enable PCIe and PCI host generic driver

Add the CONFIG_PCI symbol due a change in kernel 5.0 [1].
The option was previously enabled by default (default y).

"PCI: consolidate PCI config entry in drivers/pci

There is no good reason to duplicate the PCI menu in every architecture.
Instead provide a selectable HAVE_PCI symbol that indicates availability
of PCI support, and a FORCE_PCI symbol to for PCI on and the handle the
rest in drivers/pci."

Qemu aarch64 provide a PCIe Host bridge but it require CONFIG_PCI_HOST_GENERIC
enabled in the kernel.

With CONFIG_PCI_HOST_GENERIC enabled PCIe host bridge is detected:

$ dmesg
pci-host-generic 4010000000.pcie: host bridge /pcie@10000000 ranges:
pci-host-generic 4010000000.pcie:    IO 0x3eff0000..0x3effffff -> 0x00000000
pci-host-generic 4010000000.pcie:   MEM 0x10000000..0x3efeffff -> 0x10000000
pci-host-generic 4010000000.pcie:   MEM 0x8000000000..0xffffffffff -> 0x8000000000
pci-host-generic 4010000000.pcie: ECAM at [mem 0x4010000000-0x401fffffff] for [bus 00-ff]
pci-host-generic 4010000000.pcie: PCI host bridge to bus 0000:00
pci_bus 0000:00: root bus resource [bus 00-ff]
pci_bus 0000:00: root bus resource [io  0x0000-0xffff]
pci_bus 0000:00: root bus resource [mem 0x10000000-0x3efeffff]
pci_bus 0000:00: root bus resource [mem 0x8000000000-0xffffffffff]
pci 0000:00:00.0: [1b36:0008] type 00 class 0x060000

$ lspci
00:00.0 Host bridge: Red Hat, Inc. QEMU PCIe Host bridge

[1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=eb01d42a77785ff96b6e66a2a2e7027fc6d78e4a

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

board/qemu/aarch64-virt/linux.config: add RTC PL031 driver

Qemu for the aarch64 virt emulate an RTC PL031 device.
Enable the kernel support to allow setting the system time.

"date" now return the current time:
Sun Jul  5 20:38:50 UTC 2020

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

board/qemu/aarch64-virt/linux.config: regenerate after kernel version bump

Regenerate the with savedefconfig.

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/cutelyst: bump version to 2.11.0

Also separate the fields in the hash file by two spaces.

Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libnspr: bump version to 4.26

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/{mesa3d, mesa3d-headers}: bump version to 20.1.3

Renumbered patches, rebased patch 0003.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/babeld: bump version to 1.9.2

Also separate the fields in the hash file by two spaces.

Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/dhcpcd: bump version to 9.1.4

Also separate the fields in the hash file by two spaces and change the
hash of the license file (copyright message changed from 2019 to 2020).

Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/sqlite: security bump to version 3.32.3

Fixes the following CVEs:

- CVE-2019-19923 (Fixed in 3.31.0)

SQLite is vulnerable to denial-of-service condition because of a NULL
pointer dereferencing while handling `SELECT DISTINCT`statements.

- CVE-2019-19924 (Fixed in 3.31.0)

The SQLite mishandles certain SQL commands due to improper error
handling by ` sqlite3WindowRewrite() ` function.

- CVE-2020-13435 (Fixed in 3.32.1)

SQLite is vulnerable to denial-of-service (DoS) due to improper handling
of query rewriting. An attacker could exploit this vulnerability by
supplying a system with maliciously crafted input.

- CVE-2020-13632 (Fixed in 3.32.0)

SQLite is vulnerable to denial-of-service (DoS) due to improper pointer
management in the FTS3 virtual table module. An attacker could exploit
this vulnerability by supplying a system with maliciously crafted input.

- CVE-2020-13434 (Fixed in 3.32.1)

SQLite is vulnerable to denial-of-service (DoS) due to improper handling
of floating-point operations. An attacker could exploit this
vulnerability by supplying a system with maliciously crafted input.

- CVE-2020-13871 (Fixed in 3.32.3)

SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c
because the parse tree rewrite for window functions is too late.

- CVE-2020-13630 (Fixed in 3.32.0)

SQLite is vulnerable to denial-of-service (DoS) due to a use after free
issue in the FTS3 virtual table module. An attacker could exploit this
vulnerability by supplying a system with maliciously crafted input.

- CVE-2020-15358 (Fixed in 3.32.3)

SQLite is vulnerable to a heap-based buffer overflow flaw in part of an
optimization feature. An attacker able to issue specially crafted
queries could cause the application to crash, resulting in a
denial-of-service (DoS).

- CVE-2020-9327 (Fixed in 3.32.0)

SQLite is vulnerable to a Null pointer dereference flaw. A remote
attacker able to issue specially crafted SQL statements may be able to
cause a segmentation fault and application crash, resulting in a
denial-of-service (DoS).

- CVE-2019-19645 (Fixed in 3.31.0)

It was discovered that SQLite contains an denial-of-service (DoS)
vulnerability. An attacker could exploit this to trigger an infinite
recursion resulting in excessive resource consumption leading to a DoS
condition.

- CVE-2019-19926 (Fixed in 3.31.0)

The SQLite allows denial-of-service attack due to improper input
validation of user-supplied input.

- CVE-2020-11655 (Fixed in 3.32.0)

SQLite contains a memory corruption vulnerability. Successfully
exploiting this issue may allow attackers to cause a denial-of-service
(DoS). This allows an attacker to cause SQLite to crash by issuing a
crafted SQL query to the database.

- CVE-2019-19925 (Fixed in 3.31.0)

The INSERT statement fails when the zip file path is `NULL`.

- CVE-2019-19242 (Fixed in 3.31.0)

SQLite is vulnerable to a denial-of-service (DoS). An attacker could
exploit this vulnerability by supplying a maliciously crafted query to
cause an application crash.

- CVE-2019-19244 (Fixed in 3.31.0)

SQLite is vulnerable to a denial-of-service. An attacker could exploit
this vulnerability by providing a crafted SELECT statement to the SQL
server, resulting in an application crash.

- CVE-2020-13631 (Fixed in 3.32.0)

SQLite is vulnerable to data manipulation due to improper management of
virtual tables. An attacker could exploit this vulnerability by
supplying a system with maliciously crafted input.

- CVE-2020-11656 (Fixed in 3.32.0)

SQLite contains a Use-After-Free vulnerability. Successfully exploiting
this issue may allow attackers to cause a denial-of-service (DoS). This
allows an attacker to cause SQLite to crash by issuing a crafted SQL
query to the database.

- CVE-2019-19880 (Fixed in 3.31.0)

SQLite is vulnerable to denial-of-service (DoS) due to the mismanagement
of memory resources. A remote attacker could cause a victim's instance
of the application to crash by submitting crafted request that will lead
to the application parsing problematic integer values.

- CVE-2019-20218 (Fixed in 3.31.0)

SQLite is vulnerable to denial-of-service (DoS) due to improper
exception handling which could lead to unwinding of the `WITH` stack
following parsing errors. An attacker could exploit this vulnerability
by supplying a system with maliciously crafted input.

- CVE-2019-19603 (Fixed in 3.31.0)

It was discovered that SQLite contains a denial-of-service (DoS)
vulnerability. An authenticated attacker could exploit this
vulnerability by creating tables with the same name as shadow table
names.

- CVE-2019-19959 (Fixed in 3.31.0)

SQLite is vulnerable to denial-of-service (DoS) due to the mismanagement
of system memory resources. A remote attacker could cause a victim's
instance of the application to crash by causing it to process a SQL
statement that references a maliciously crafted file name.

- CVE-2019-19646 (Fixed in 3.31.0)

SQLite is vulnerable to a denial-of-service (DoS). An attacker could
exploit this vulnerability by supplying malicious SQL in order to crash
the application.

- CVE-2019-19317 (Fixed in 3.31.0)

SQLite contains a denial-of-service (DoS) vulnerability due to incorrect
logic in name lookups. An attacker could exploit this to cause a
application crash.

Signed-off-by: Sam Voss <sam.voss@rockwellcollins.com>
CC: Peter Korsgard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/luaossl: bump to version 20200709

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libcec: downgrade to version 4.0.5

According to
https://github.com/Pulse-Eight/libcec/releases/tag/libcec-5.0.0
version 5.0.0 is "not compatible with Kodi 18.x. Please use libCEC
4.0.5 instead."

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libcurl: fix no-proxy build with bearssl and nss

Add two patches fixing build against BearSSL and NSS TLS implementations
when BR2_PACKAGE_LIBCURL_PROXY_SUPPORT is disabled.

Fixes:
http://autobuild.buildroot.net/results/4d37d9163bfece536974f15f16b2ebfc5fabc539/
http://autobuild.buildroot.net/results/387e8baa13d0f07ed4dfd5b6ee3b933d4843c0e8/

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/dvb-apps: add hash file

Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/gnutls: fix build with uClibc

Since v3.6.14 gnutls wants to use the 'e' flag with fopen to set the
O_CLOEXEC flags. Since this is a glibc extension, it will trigger a
gnulib override of fopen on non-glibc systems, but that override
breaks the uClibc stdio.h header.

Fixes:
http://autobuild.buildroot.org/results/02f/02f2b524add307c8f7cc1af1ed0783bb1baf029a

Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libcamera: fix install staging typo

This won't enable install to staging unless capitalized.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/zip: install to staging

Install header files and libraries into the staging area.

Signed-off-by: Kamel Bouhara <kamel.bouhara@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/python-greenlet: enable build for x86_64

Commit 30f1decec2c (package/python-greenlet: enable only on supported
architectures) forgot to allow x86_64.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[yann.morin.1998@free.fr: split off the x86_64 support to its own patch]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/python-greenlet: really enable for i386

Commit 30f1decec2c (package/python-greenlet: enable only on supported
architectures) mis-typed the architecture name fox 286-32: BR2_x86
doesn't exist in buildroot; it is BR2_i386.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[yann.morin.1998@free.fr:
  - just do the s/x86/i386/ fix for easy backport
  - x86_64 split off to its own patch
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/libevent: bump to version 2.1.12

See full changelog https://raw.githubusercontent.com/libevent/libevent/release-2.1.12-stable/ChangeLog

And update hash file formatting (2 spaces).

Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
[yann.morin.1998@free.fr: drop md5, add sha256]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

configs/olimex_a20_olinuxino_lime*: bump Linux and U-Boot versions

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/luaposix: bump to version 35.0

LICENSE diff:
- Copyright (C) 2006-2019 luaposix authors
+ Copyright (C) 2006-2020 luaposix authors

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
[yann.morin.1998@free.fr: simplify help entry]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/angularjs: bump version to 1.8.0

Signed-off-by: Ignacy Gawędzki <ignacy.gawedzki@green-communications.fr>
[yann.morin.1998@free.fr: two spaces in hash file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/valijson: bump version to 0.3

Signed-off-by: Santosh Multhalli <santosh.multhalli@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

syslog-ng: version bump to 3.28.1

Signed-off-by: Chris Packham <judge.packham@gmail.com>
[yann.morin.1998@free.fr: two spaces in hash file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/sunxi-mali-mainline-driver: bump version

For 5.6 and 5.7 support.

git shortlog --invert-grep --grep=Travis --no-merges ec654ee9caeb0c4348caacd0cf5eb2730d1d70e2..
Jonathan Liu (2):
      mali: Fix build for 5.6
      mali: Fix build for 5.7

Maxime Ripard (3):
      Create travis.yml
      actions: Add feedparser to the host
      travis: Try to fix the push code

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
[yann.morin.1998@free.fr: two spaces in hash file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

DEVELOPERS: Update Mylene's email

Signed-off-by: Mylène Josserand <mylene.josserand@collabora.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/azure-iot-sdk-c: bump version to LTS_02_2020_Ref01

Also:

- Add missing hash file.
- Add new libraries to the install target.
- Apply patch to fix build with musl (MR sent upstream in [1]).
- Since there is no maintainer for this package, I can help maintain it,
so add the package to the DEVELOPERS file.

[1] https://github.com/Azure/azure-c-shared-utility/pull/456

Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/refpolicy: enable systemd support

This patch enables systemd support in the refpolicy by turning on the
'SYSTEMD' policy build option when systemd is enabled in Buildroot. This
enables conditional rules in SELinux policy modules (by defining
'init_systemd'), to better support systemd.

Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/refpolicy: bump to 2.20200229

Changelog:
https://github.com/SELinuxProject/refpolicy/releases/tag/RELEASE_2_20200229

Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/swig: bump version to 4.0.2

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>