support/scripts/cve.py: use the JSON data in 1.1 schema

In 2019, the JSON vulnerability feeds switched their schema from
version 1.0 to 1.1.

The main difference is the removal of the "affects" element that we
were using to check if a package was affected by a CVE.

This information is now available in the "configuration" element which
contains the cpeid as well as properties about the versions
affected. Instead of having a list of the versions affected, with
these properties, it is possible to have a range of versions.

Signed-off-by: Gregory CLEMENT <gregory.clement@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

support/scripts/pkg-stats: move CVE related code to a separate module

In order to be able to use the CVE checking logic outside of
pkg-stats, move the CVE class in a module that can be used by other
scripts.

Signed-off-by: Gregory CLEMENT <gregory.clement@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

support/scripts/pkg-stats: consider "-" as a wildcard when doing CVE version matching

Some CVE entries in the NVD database have version_value set to "-",
which seems to indicate that it applies to all versions of the
software project, or that they don't really know which versions are
affected, and which are not.

So, for the benefit of doubt, it seems more appropriate to consider
such CVEs as affecting our packages.

This makes the total number of CVEs affecting our next branch jump
from 141 CVEs to 658 CVEs, but that number will go back down once we
switch to the JSON 1.1 schema. Indeed, in the JSON 1.0 schema, there
are often cases where a version_value is set to "=" *and* specific
versions are set to.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

support/scripts/pkg-stats: drop erroneous "break" in CVE.affects()

Commit 7d2779ecbb142b62f8913d30352b11058f922b2a
("support/script/pkg-stats: handle exception when version comparison
fails") erroneousy introduced a "break" within a try/expect block.

This break has the unfortunate consequence that every CVE that was
using the <= operator was skipped, and according to the current
CVE statistics, made us miss 74 CVEs out of 141 CVEs.

Here is for reference the complete list of CVEs we missed:

 - gnupg
   CVE-2006-3082
   CVE-2019-13050

 - jhead
   CVE-2020-6624
   CVE-2020-6625

 - patch
   CVE-2018-6952
   CVE-2019-20633

 - json-c
   CVE-2020-12762

 - git
   CVE-2018-1000110
   CVE-2018-1000182
   CVE-2019-1003010
   CVE-2020-2136

 - iperf2
   CVE-2016-4303

 - libtorrent
   CVE-2009-1760
   CVE-2016-5301

 - lua
   CVE-2020-15888
   CVE-2020-15889
   CVE-2020-15945
   CVE-2020-24342

 - openvpn
   CVE-2020-7224

 - smack
   CVE-2016-10027

 - bashtop
   CVE-2019-18276

 - links
   CVE-2008-3319

 - argus
   CVE-2011-3332

 - libraw
   CVE-2020-15503

 - netcat
   CVE-2008-5727
   CVE-2008-5728
   CVE-2008-5729
   CVE-2008-5730
   CVE-2008-5742
   CVE-2015-2214

 - subversion
   CVE-2017-1000085
   CVE-2018-1000111
   CVE-2020-2111

 - python
   CVE-2013-1753
   CVE-2015-5652
   CVE-2017-17522
   CVE-2017-18207
   CVE-2019-20907
   CVE-2019-9674

 - cereal
   CVE-2020-11104
   CVE-2020-11105

 - opencv
   CVE-2017-1000450
   CVE-2017-12597
   CVE-2017-12598
   CVE-2017-12599
   CVE-2017-12600
   CVE-2017-12601
   CVE-2017-12602
   CVE-2017-12603
   CVE-2017-12604
   CVE-2017-12605
   CVE-2017-12606
   CVE-2017-12862
   CVE-2017-12863
   CVE-2017-12864
   CVE-2019-15939

 - docker
   CVE-2015-1843
   CVE-2015-3627
   CVE-2015-3630
   CVE-2015-3631
   CVE-2016-3697
   CVE-2017-14992
   CVE-2019-16884

 - trousers
   CVE-2020-24330
   CVE-2020-24331
   CVE-2020-24332

 - libcroco
   CVE-2020-12825

 - libpupnp
   CVE-2020-13848

 - openjpeg
   CVE-2020-15389

 - flex
   CVE-2015-1773

 - libesmtp
   CVE-2019-19977

 - ed
   CVE-2015-2987

 - libmad
   CVE-2018-7263

 - grub
   CVE-2020-15705

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/linuxptp: bump version to 3.0

- remove patch that is in new version
- update indentation in hash file (two spaces)

Run tests:

             br-arm-full [1/6]: OK
  br-arm-cortex-a9-glibc [2/6]: OK
   br-arm-cortex-m4-full [3/6]: OK
          br-x86-64-musl [4/6]: OK
      br-arm-full-static [5/6]: OK
            sourcery-arm [6/6]: OK

Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libnss: bump version to 3.56

Bump version to 3.56. Unfortunately local patch is still pending
upstream and not applied and I've just asked why:
https://bugzilla.mozilla.org/show_bug.cgi?id=1642174

This version requires NSPR 4.28.

Release Notes:
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.56_release_notes

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libnspr: bump version to 4.28

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/netdata: bump to 1.21.1

Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-packaging: new package

Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Reviewed-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-ansicolors: new package

Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Reviewed-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/iptraf-ng: add dependency on Linux headers >= 3.14

iptraf-ng uses a number of definitions (like PACKET_KERNEL and
PACKET_USERSPACE) provided by the Linux kernel headers, which were
introduced in Linux 3.14 [1], so we need to add a dependency on
BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_14.

[1] https://elixir.bootlin.com/linux/v3.14-rc1/source/include/uapi/linux/if_packet.h

Fixes:

  http://autobuild.buildroot.net/results/480b00b4b264cfe1da533c762595d21b72fa8211/

Signed-off-by: Jugurtha BELKALEM <jugurtha.belkalem@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/netopeer2: bump version to 1.1.39

Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/sysrepo: bump version to 1.4.70

Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libyang: bump version to 1.0.184

Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/kodi-visualisation-goom: bump version to 2.2.2-Leia

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/mutt: bump version to 1.14.6

Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/nano: bump version to 5.2

Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/nasm: bump version to 2.15.04

Also separate the fields in the hash file by two spaces.

Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/frr: new package

FRR is free software that implements and manages various IPv4 and IPv6
routing protocols. It runs on nearly all distributions of Linux and
BSD as well as Solaris and supports all modern CPU architectures.

FRR currently supports the following protocols:

    BGP
    OSPFv2
    OSPFv3
    RIPv1
    RIPv2
    RIPng
    IS-IS
    PIM-SM/MSDP
    LDP
    BFD
    Babel
    PBR
    OpenFabric
    VRRP
    EIGRP (alpha)
    NHRP (alpha)

Some not-needed features were disabled to minimize package
dependencies:

    - POSIX capabilities
    - RPKi

Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
[Thomas:
 - select bash instead of depending on it
 - switch to version 7.4, since 7.3 was not building (it's using
   TRUE/FALSE, which are not standard, and this was fixed in 7.4)
 - use the github macro to define FRR_SITE
 - use host-python3 instead of host-python]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libyang: enable LYD_PRIV option for frr package

This option is required by frr package, so enable it by default as there
is no size difference with or without this option enabled.

Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/iptraf-ng: bump to version 1.2.1

IPTraf-ng is a console-based network monitoring program for Linux that
displays information about IP traffic. It returns such information as:

- Current TCP connections
- UDP, ICMP, OSPF, and other types of IP packets
- Packet and byte counts on TCP connections
- IP, TCP, UDP, ICMP, non-IP, and other packet and byte counts
- TCP/UDP counts by ports
- Packet counts by packet sizes
- Packet and byte counts by IP address
- Interface activity
- Flag statuses on TCP packets
- LAN station statistics

V1.2.1 fixed multiple issues in V1.1.4 like :
- Introduce packet capturing abstraction: add recvmmsg(),
  TPACKET_V2 and TPACKET_V3 to capture in multigigabit speeds.
- Handling mlock() failures and carry on execution (without
  crashing iptraf-ng).
- Properly account non-IP packets.
- Show dropped packet count.

Signed-off-by: Jugurtha BELKALEM <jugurtha.belkalem@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/collectd: add nut support

The NUT plugin has status "supported":
https://collectd.org/wiki/index.php/Plugin:NUT

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/nut: install to staging

Needed for collectd plugin.

Added --with-dev to enable install of pkgconfig files:
https://github.com/networkupstools/nut/blob/master/lib/Makefile.am#L3

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/{mesa3d, mesa3d-headers}: bump version to 20.1.6

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-sh: bump to version 1.13.1

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libuhttpd: bump version to 3.2.0

Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/iputils: bump version to 20200821

Remove patch from this version.

Remove USE_CRYPTO related config (configuration was removed in this
release).

tftpd is not built by default since this release, thus explicitly enable it.

Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/dovecot-pigeonhole: bump version to 0.5.11

Release notes:
https://dovecot.org/pipermail/dovecot-news/2020-August/000439.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/musl: bump to version 1.2.1

The license file has seen a few changes, but the overall license
remains MIT. Details of the changes:

--- output/build/musl-1.2.0/COPYRIGHT 2020-02-21 01:37:02.000000000 +0100
+++ output/build/musl-1.2.1/COPYRIGHT 2020-08-04 06:21:09.000000000 +0200
@@ -127,10 +127,13 @@
 and labelled as such in comments in the individual source files. All
 have been licensed under extremely permissive terms.

-The ARM memcpy code (src/string/arm/memcpy_el.S) is Copyright © 2008
+The ARM memcpy code (src/string/arm/memcpy.S) is Copyright © 2008
 The Android Open Source Project and is licensed under a two-clause BSD
 license. It was taken from Bionic libc, used on Android.

+The AArch64 memcpy and memset code (src/string/aarch64/*) are
+Copyright © 1999-2019, Arm Limited.
+
 The implementation of DES for crypt (src/crypt/crypt_des.c) is
 Copyright © 1994 David Burren. It is licensed under a BSD license.

Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-requests : bump to version 2.24.0

Signed-off-by: Jugurtha BELKALEM <jugurtha.belkalem@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-urllib3: bump to version 1.25.10

Signed-off-by: Jugurtha BELKALEM <jugurtha.belkalem@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/snmppp: bump to version 3.4.2

The src/v3.cpp source file, used as a license file, has seen a few
modifications (hence the change of hash) but none of these changes are
related to licensing.

Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/openlayers: bump to version 6.4.3

Signed-off-by: Thomas Claveirole <thomas.claveirole@green-communications.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-netaddr: bump to version 0.8.0

Signed-off-by: Jugurtha BELKALEM <jugurtha.belkalem@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/ser2net: bump to version 4.2.1

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/gensio: bump to version 2.1.4

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/exfatprogs: bump to version 1.0.4

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-pyzmq: bump to version 19.0.2

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-more-itertools: bump to version 8.4.0

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-cffi: bump to version 1.14.2

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python{3}-psutil: bump to version 5.7.2

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/meson: bump to version 0.55.1

Drop fix rpath match pattern patch which is now upstream.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/gdb: drop support for gdb 8.1

Now that gdb 9.2 has been introduced, and gdb 8.3 is the default gdb
version, we can drop the oldest gdb version, 8.1.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/gdb: switch to gdb 8.3 as the default

Now that we have added support for gdb 9.2, let's switch to gdb 8.3 as
the default.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/gdb: bump to version 9.2

The in-tree build restriction has been added after the move of gnulib
to top level [1] [2].  This restriction has been added as a workaround
a build issue with gdbserver that still uses its own copy of gnulib.

gnulib is configured a second time if we build in-tree gdb and gdbserver:

    configure: error: source directory already configured; run "make distclean" there first
    configure: error: .././../../gnulib/configure failed for build-gnulib-gdbserver
    configure: error: ./configure failed for gdbserver

Use the same pre-configure-hook as gcc package.

Older gdb version support building out of tree even if it's not
required.

There is no in-tree build restriction of we only build gdbserver for
the target.

[1] https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=73cc72729a184f00bf6fc4d74684a8516ba6b683
[2] https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=043a0010933a6b55081535ecaf7fde9cc1491be0

See:
https://sourceware.org/pipermail/gdb-announce/2020/000122.html
https://sourceware.org/pipermail/gdb-announce/2020/000123.html

Signed-off-by: Maxim Kochetkov <fido_max@inbox.ru>
[Romain:
    - add in-tree build support
    - improve commit log]
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

system: set default PATH according to BR2_ROOTFS_MERGED_USR

Use "/usr/bin:/usr/sbin" as the default path if BR2_ROOTFS_MERGED_USR
is enabled, otherwise use "/bin:/sbin:/usr/bin:/usr/sbin".

Signed-off-by: Paul Cercueil <paul@crapouillou.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/{rust,rust-bin}: bump to 1.45.2

- APPENDIX (entitled : how to apply the Apache License to your work)
  has been removed from the end of LICENSE-APACHE.
- Bug fixes and API enhancement, a detailed list is available at :
  https://github.com/rust-lang/rust/blob/master/RELEASES.md

Signed-off-by: Jugurtha BELKALEM <jugurtha.belkalem@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

DEVELOPERS: add Michael Nosthoff for the re2 package

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

support/testing/tests/toolchain/test_external: support non-ELF toolchains

The TestExternalToolchain() base class implement a test checking if
the ELF interpreter that is advertised by Busybox really exists in the
rootfs. Of course, this only makes sense with ELF toolchains. Until
now, only ELF toolchains were tested, but we are going to use
TestExternalToolchain() with non-ELF toolchains as well, so let's make
this conditional.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr: strip() lines during readlines()]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/grpc: bump version to 1.31.0

Related changes:
 - add dependency on Google RE2 package
 - update patches to new offsets

Tested on Ubuntu 20.04

Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/re2: new package

RE2 is a fast, safe, thread-friendly alternative to backtracking
regular expression engines like those used in PCRE, Perl, and
Python. It is a C++ library.

Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/qemu: bump to version 5.1.0

Release 5.1.0 brought new changes like :
- New architecture support for AVR CPUs
- New ARMv8.2 TTS2UXN architecture feature support
- Parameter 'mem' of the '-numa' option is not supported anymore.

See:
https://wiki.qemu.org/ChangeLog/5.1
https://www.qemu.org/2020/08/11/qemu-5-1-0/

Build results available at : https://gitlab.com/jugurthaB/buildroot/-/pipelines/177823315.

Signed-off-by: Jugurtha BELKALEM <jugurtha.belkalem@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libbacktrace: new package

A C library that may be linked into a C/C++ program to produce
symbolic backtraces.

Signed-off-by: Avi Shukron <avraham.shukron@gmail.com>
Reviewed-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/rock_pi_n8: new defconfig

Add initial support for RK3288 SOM based radxa rockpi-n8
target with below features:

- Custom U-Boot 2020.07-rc4
  https://github.com/amarula/u-boot-amarula.git
  commit: "ba120841bf40ebaed049d64bb4f980083a1cf6b7"
- Custom Linux 5.7.0-rc1
  https://github.com/amarula/linux-amarula.git
  commit: "5dcb0132685b07beb82065c5d7521e6c555c55b6"
- GPT partition layout is being used
- Default packages from buildroot

Signed-off-by: Suniel Mahesh <sunil@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/uredir: new package

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libuev: new package

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/redir: new package

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/xen: bump version to 4.14.0

Bump the Xen package to the latest release. We can also remove a patch
to change the CFLAGS as it is no longer required.

The hash of the license file is changed, as ZPL-2.0 is no longer
listed as one of the licenses of 3rd party code imported into Xen.

Signed-off-by: Alistair Francis <alistair@alistair23.me>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/lualogging: bump to version 1.4.0

diff of the COPYRIGHT file that explains the license file hash change:
- Copyright (c) 2004-2013 Kepler Project.
+ Copyright (c) 2004-2020 Kepler Project.

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/lua-cqueues: bump to version 20200726

supports Lua 5.4

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

Merge branch 'master' into next

package/cage: bump to version 0.1.2.1

requires at least wlroots 0.11

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/wlroots: bump to version 0.11.0

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/iputils: drop wrong linux-headers dependency

Commit 9ffcd9279e5505535a73cf1200b3a86fd425cf32 wrongly added a
linux-headers dependency when switching to meson.

Remove it as headers are always provided by the toolchain.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Acked-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python3-pyelftools: use PYTHON3_PYELFTOOLS_VERSION

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python3-mako: use PYTHON3_MAKO_VERSION

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/aircrack-ng: fix build with gcc 10

Fixes:
 - http://autobuild.buildroot.org/results/98ab591a88e06a985b0a7aac5abbf665289134b4

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/atest: fix build with gcc 10

Fixes:
 - http://autobuild.buildroot.org/results/887c466b3703449239eedaf86f3f4dd2a2dc8afe

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/gdk-pixbuf: security bump to version 2.36.12

- Fix CVE-2017-6312: Integer overflow in io-ico.c in gdk-pixbuf allows
  context-dependent attackers to cause a denial of service (segmentation
  fault and application crash) via a crafted image entry offset in an
  ICO file, which triggers an out-of-bounds read, related to compiler
  optimizations.
- Fix CVE-2017-6313: Integer underflow in the load_resources function in
  io-icns.c in gdk-pixbuf allows context-dependent attackers to cause a
  denial of service (out-of-bounds read and program crash) via a crafted
  image entry size in an ICO file.
- Fix CVE-2017-6314: The make_available_at_least function in io-tiff.c
  in gdk-pixbuf allows context-dependent attackers to cause a denial of
  service (infinite loop) via a large TIFF file.

Also update indentation in hash file (two spaces)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/fping: bump to version 5.0

This bump will fix a build failure with gcc 10 thanks to
https://github.com/schweikert/fping/commit/0ed73181eb54e3f2dc744271c0329620972a85ab

Also update indentation in hash file (two spaces)

Fixes:
 - http://autobuild.buildroot.org/results/f5c8e546200594e2367444e93e31aa615bd73796

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-wtforms: bump to version 2.3.3

Add docs/license.rst to PYTHON_WTFORMS_LICENSE_FILES

Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-hiredis: bump to version 1.1.0

Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/arcturus_ucls1012a: bump kernel to 4.14.140 and u-boot version to 2019.10

Fixes:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/674933582

Signed-off-by: Michael Durrant <mdurrant@arcturusnetworks.com>
Signed-off-by: Oleksandr G Zhadan <Oleks@ArcturusNetworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/ci20: use upstream Linux and U-Boot

The vendor kernel we are currently selecting no longer builds,
and fails with a ton of:

                 from include/linux/list.h:8,
                 from include/linux/module.h:9,
                 from arch/mips/jz4740/prom.c:16:
include/linux/log2.h:22:1: error: ignoring attribute 'noreturn' because it conflicts with attribute 'const' [-Werror=a
ttributes]
   22 | int ____ilog2_NaN(void);
      | ^~~

We can't afford to fix that, so let's just move to upstream
kernel and bootloader. It doesn't make much sense to keep
using an unsupported kernel and bootloader at this point.

This means we will be missing some of the features supported
by the vendor (such as HDMI support), but it is what it is.

Linux v5.7 and v5.4 have been tested to boot fine, the latter
is picked for the defconfig as it is an LTS version.

Fixes:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/674933782

Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Ezequiel Garcia <ezequiel@collabora.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/librtlsdr: bump to more recent upstream master version

Since 948666dfde1e0a5d149442f80facc162a83016ad, librtlsdr in Buildroot is no longer
built from an official release, but from a commit on the master branch. However, the
commit that was referenced has a broken pkgconfig file templating, such that
other packages using `pkgconfig --libs librtlsdr` as part of their build process
(such as dump1090) could not be built anymore:

Before 948666dfde1e0a5d149442f80facc162a83016ad:
$ cat staging/usr/lib/pkgconfig/librtlsdr.pc
prefix=/usr
exec_prefix=${prefix}
libdir=${exec_prefix}/lib
includedir=${prefix}/include

Name: RTL-SDR Library
Description: C Utility Library
Version: 0.6.0
Cflags: -I${includedir}/
Libs: -L${libdir} -lrtlsdr -lusb-1.0
Libs.private:

On 948666dfde1e0a5d149442f80facc162a83016ad:
$ cat staging/usr/lib/pkgconfig/librtlsdr.pc
prefix=
exec_prefix=
libdir=
includedir=

Name: RTL-SDR Library
Description: C Utility Library
Version: 7082
Cflags: -I${includedir}/
Libs: -L${libdir} -lrtlsdr
Libs.private:  -lusb-1.0

In the meantime, upstream released a bugfix for that ([1]), so we bump to that
commit as well, and update the only patch for shared libs accordingly, because
upstream also added a new tool called `rtl_biast` in the meantime.

Finaly, we update the hash file to the two-spaces convention.

Fixes: http://autobuild.buildroot.net/results/b4c/b4cdcb59cc61c51c024197a64865ad4b60023d0c/
[1]: https://github.com/steve-m/librtlsdr/commit/ed0317e6a58c098874ac58b769cf2e609c18d9a5

Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Tested-by: Heiko Thiery <heiko.thiery@gmail.com>
Tested-by: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

DEVELOPERS: add Gwenhael Goavec-Merou for librtlsdr

Even though librtlsdr was initially introduced by Jason Pruitt in
2014, and Jason is still listed in the DEVELOPERS file for this
package, in recent times it's mainly Gwenhael who has been taking of
this package. Let's reflect that in the DEVELOPERS file so that
Gwenhael gets notified when there are librtlsdr issues.

Cc: Jason Pruitt <jrspruitt@gmail.com>
Cc: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/librtlsdr: fix version fetching when code is extracted from tarball

librtlsdr currently fails to build on the autobuilders, as it fails
for out of tree builds. Indeed, there is some CMake logic in librtlsdr
that determines the version using Git. This works fine when librtlsdr
is fetched from Git of course. But in the context of Buildroot,
librtlsdr is extracted from a tarball.

For an in-tree build, the "git describe" invocation goes all the way
up to the Buildroot .git/ metadata, and uses that as the librtlsdr
version (it's of course wrong, but the build works). In an out-of-tree
build, there is no parent directory with .git/ metadata, so Git fails,
the VERSION variable is empty and later CMake aborts the build because
of that.

We fix that by adjusting the version retrieving logic to only use Git
if a .git/ metadata folder is found at the root of the librtlsdr
source tree. The patch has been submitted upstream.

Fixes:

  http://autobuild.buildroot.net/results/ea52be1da8ed03272db06679d5a0a441ffe6ea0c/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/htop: add patch for fixing build with gcc 10

Signed-off-by: Maxim Kochetkov <fido_max@inbox.ru>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/x11r7/xserver_xorg-server: add security fix for CVE-2020-14347

Release notes:
https://lists.x.org/archives/xorg-announce/2020-July/003051.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Thomas: add IGNORE_CVES entry.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python3-decorator: use PYTHON3_DECORATOR_VERSION

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libfuse3: bump to version 3.9.4

Drop patch (already in version). The commit list between 3.9.2 and
3.9.4 is just made of fixes:

db9b4fa148e6c22c0d4b4c567fa65d1cd5368152 Released 3.9.4
50cbca799c1f9b010fabaa0dd4a387f29d140873 fuse_send_data_iov(): correctly calculate total buffer size.
7b3e3899157566875280a8b860eb5ad5c73eadc1 Define fuse_session_loop_mt as a macro on uclibc and MacOS (#532)
c5e8684b5a2f3400af6d7a3edcaeb3ce8ffc51b5 Fixed typo in command to compile program (#536)
e8a9e84672dcaa892d4708c163f768dc177b6d4c Doc fixes (#537)
d1deae6968c49d83334e874c33abfe15824c4548 Fix FreeBSD CI (#539)
48450411647ca0818821af7b05b819ceff92ae7c Fix: crash on failure to set locale (#529)
9e1c2a4959c16c0b50090dd822389ad9acb08111 fuse_lowlevel: Move assert for se before dereferencing it with se->debug (#530)
7471156354002c6547aa6c3a4f39a3262f435ba4 Fixed minor print alignment issue in iconv_help(), replacing tab with space (#519)
9fa4dc1661f085d4e89a54d75acc3347d52f33fa Fix the typo "filed" -> "field" in fuse manpage (#524)
717c8b8b3ed815f14e5607a995d0113446e3fb0b README: Correct the directory name from 'examples' to 'example' (#526)
032db1ab298d62c4d0c5be1f9fb2df299aec2346 docs: Replace `mesonconf` with `meson configure` (#528)
06342ca60ed822b856990915f127d8beddc0d1f6 libfuse: Assign NULL to "old" to avoid free it twice (#522)
5021d6a0a100d4987be126e87b7ee5fbfc17bbdc Typo fixed. (#520)

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/mtd: crypto support needs headers >= 4.12

crypto support includes <linux/hash_info.h> since version 2.1.2 and
https://github.com/sigma-star/mtd-utils/commit/a739b59efe7996e3bdcbe8b17743dc05ac7c110a

However, linux/hash_info.h is only exported since kernel 4.12:
https://github.com/torvalds/linux/commit/fcc8487d477a3452a1d0ccbdd4c5e0e1e3cb8bed

Fixes:
 - http://autobuild.buildroot.org/results/dbaeed9e9e2af191166808d2d6d6d3c2e5051c2c

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

support/scripts/pkg-stats: show progress of upstream URL and latest version

This commit slightly improves the output of pkg-stats by showing the
progress of the upstream URL checks and latest version retrieval, on a
package basis:

Checking URL status
[0001/0062] curlpp
[0002/0062] cmocka
[0003/0062] snappy
[0004/0062] nload
[...]
[0060/0062] librtas
[0061/0062] libsilk
[0062/0062] jhead
Getting latest versions ...
[0001/0064] libglob
[0002/0064] perl-http-daemon
[0003/0064] shadowsocks-libev
[...]
[0061/0064] lua-flu
[0062/0064] python-aiohttp-security
[0063/0064] ljlinenoise
[0064/0064] matchbox-lib

Note that the above sample was run on 64 packages. Only 62 packages
appear for the URL status check, because packages that do not have any
URL in their Config.in file, or don't have any Config.in file at all,
are not checked and therefore not accounted.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

support/scripts/pkg-stats: use aiohttp for upstream URL checking

This commit reworks the code that checks if the upstream URL of each
package (specified by its Config.in file) using the aiohttp
module. This makes the implementation much more elegant, and avoids
the problematic multiprocessing Pool which is causing issues in some
situations.

Suggested-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

support/scripts/pkg-stats: use aiohttp for latest version retrieval

This commit reworks the code that retrieves the latest upstream
version of each package from release-monitoring.org using the aiohttp
module. This makes the implementation much more elegant, and avoids
the problematic multiprocessing Pool which is causing issues in some
situations.

Since we're now using some async functionality, the script is Python
3.x only, so the shebang is changed to make this clear.

Suggested-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

support/scripts/pkg-stats: show progress of upstream URL and latest version

This commit slightly improves the output of pkg-stats by showing the
progress of the upstream URL checks and latest version retrieval, on a
package basis:

Checking URL status
[0001/0062] curlpp
[0002/0062] cmocka
[0003/0062] snappy
[0004/0062] nload
[...]
[0060/0062] librtas
[0061/0062] libsilk
[0062/0062] jhead
Getting latest versions ...
[0001/0064] libglob
[0002/0064] perl-http-daemon
[0003/0064] shadowsocks-libev
[...]
[0061/0064] lua-flu
[0062/0064] python-aiohttp-security
[0063/0064] ljlinenoise
[0064/0064] matchbox-lib

Note that the above sample was run on 64 packages. Only 62 packages
appear for the URL status check, because packages that do not have any
URL in their Config.in file, or don't have any Config.in file at all,
are not checked and therefore not accounted.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

support/scripts/pkg-stats: use aiohttp for upstream URL checking

This commit reworks the code that checks if the upstream URL of each
package (specified by its Config.in file) using the aiohttp
module. This makes the implementation much more elegant, and avoids
the problematic multiprocessing Pool which is causing issues in some
situations.

Suggested-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

support/scripts/pkg-stats: use aiohttp for latest version retrieval

This commit reworks the code that retrieves the latest upstream
version of each package from release-monitoring.org using the aiohttp
module. This makes the implementation much more elegant, and avoids
the problematic multiprocessing Pool which is causing issues in some
situations.

Since we're now using some async functionality, the script is Python
3.x only, so the shebang is changed to make this clear.

Suggested-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libabseil-cpp: make check-package happy

The "depends on" must be after the "default" properties.

Fixes:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/677751258

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

support/testing/tests/boot/test_atf: DTC needed for ATF Vexpress test

Since the bump of ATF to 2.2 for the ATF Vexpress test case in commit
fc3d6a3ed0f5f1ceda7ab64b8b2bee88abd29373
("support/testing/tests/boot/test_atf: update U-Boot/ATF use in
TestATFVexpress"), DTC is now needed otherwise the build fails with:

make[2]: dtc: Command not found
Makefile:873: recipe for target 'build/juno/release/fdts/juno_tb_fw_config.dtb' failed

Fixes:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/674934470

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libabseil-cpp: add BR2_PACKAGE_LIBABSEIL_CPP_ARCH_SUPPORTS

The libabseil-cpp package fails to build on a number of CPU
architectures in our autobuilders.

On most CPU architectures, the first issue looked like this:

libabseil-cpp-20200225/absl/base/internal/direct_mmap.h: In function 'void* absl::lts_2020_02_25::base_internal::DirectMmap(void*, size_t, int, int, int, off64_t)':
libabseil-cpp-20200225/absl/base/internal/direct_mmap.h:121:39: error: static assertion failed: Platform is not 64-bit
  121 |   static_assert(sizeof(unsigned long) == 8, "Platform is not 64-bit");
      |                 ~~~~~~~~~~~~~~~~~~~~~~^~~~
libabseil-cpp-20200225/absl/base/internal/direct_mmap.h:123:15: error: 'SYS_mmap' was not declared in this scope; did you mean 'SYS_mmap2'?
  123 |       syscall(SYS_mmap, start, length, prot, flags, fd, offset));
      |               ^~~~~~~~
      |               SYS_mmap2

Indeed, on 32-bit architectures, libabseil-cpp has some special code
to use the mmap2() system call, and it white-lists the supported
architectures. It is therefore trivial to add support for more
architectures.

However, once this is fixed, another issue arises:
absl/debugging/internal/examine_stack.cc uses the ucontext data
structures, which are not provided by uClibc-ng on all CPU
architectures, and even the code of libabseil-cpp does not exist for
all CPU architectures.

So, this commit solves that by simply making libabseil-cpp available
on architectures/C libraries where it is supported: it needs ucontext
support in the toolchain + a CPU architecture where
absl/debugging/internal/examine_stack.cc has the appropriate logic.

This new dependency is propagated to the reverse dependencies of
libabseil-cpp.

With this commit, libabseil-cpp passes a test-pkg -a test (so all
external toolchains used by the autobuilders):

                             andes-nds32 [ 1/45]: SKIPPED
                             arm-aarch64 [ 2/45]: OK
                        br-aarch64-glibc [ 3/45]: OK
                           br-arcle-hs38 [ 4/45]: SKIPPED
                            br-arm-basic [ 5/45]: SKIPPED
                  br-arm-cortex-a9-glibc [ 6/45]: OK
                   br-arm-cortex-a9-musl [ 7/45]: OK
                   br-arm-cortex-m4-full [ 8/45]: SKIPPED
                             br-arm-full [ 9/45]: OK
                    br-arm-full-nothread [10/45]: SKIPPED
                      br-arm-full-static [11/45]: SKIPPED
                   br-i386-pentium4-full [12/45]: OK
                br-i386-pentium-mmx-musl [13/45]: OK
                       br-m68k-5208-full [14/45]: SKIPPED
                      br-m68k-68040-full [15/45]: SKIPPED
                    br-microblazeel-full [16/45]: SKIPPED
                 br-mips32r6-el-hf-glibc [17/45]: OK
                      br-mips64-n64-full [18/45]: OK
                 br-mips64r6-el-hf-glibc [19/45]: OK
                      br-mipsel-o32-full [20/45]: OK
                          br-nios2-glibc [21/45]: SKIPPED
                      br-openrisc-uclibc [22/45]: SKIPPED
               br-powerpc-603e-basic-cpp [23/45]: SKIPPED
             br-powerpc64le-power8-glibc [24/45]: OK
               br-powerpc64-power7-glibc [25/45]: OK
                  br-powerpc-e500mc-full [26/45]: SKIPPED
                              br-riscv32 [27/45]: OK
                              br-riscv64 [28/45]: OK
                         br-riscv64-musl [29/45]: OK
                             br-sh4-full [30/45]: SKIPPED
                        br-sparc64-glibc [31/45]: SKIPPED
                         br-sparc-uclibc [32/45]: SKIPPED
                    br-x86-64-core2-full [33/45]: OK
                          br-x86-64-musl [34/45]: OK
                          br-xtensa-full [35/45]: SKIPPED
                       linaro-aarch64-be [36/45]: OK
                          linaro-aarch64 [37/45]: OK
                              linaro-arm [38/45]: OK
                     sourcery-arm-armv4t [39/45]: OK
                            sourcery-arm [40/45]: OK
                     sourcery-arm-thumb2 [41/45]: OK
                         sourcery-mips64 [42/45]: OK
                           sourcery-mips [43/45]: OK
                          sourcery-nios2 [44/45]: SKIPPED
                         sourcery-x86-64 [45/45]: OK
45 builds, 18 skipped, 0 build failed, 0 legal-info failed

Fixes:

  http://autobuild.buildroot.net/results/ead663b4b67b0b57ed003a46db3182d95cc01bc0/
  (and many similar build failures)

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/libabseil-cpp: fix build on RISC-V 32-bits

This commit backports an upstream patch that fixes the build on RISC-V
32-bits.

Fixes:

  http://autobuild.buildroot.net/results/c6c2c99bdba8c840d52fe0464d26aca169ea1d90/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/libfuse3: define fuse_session_loop_mt as a macro on uclibc

This will fix a build failure with fuse-overlayfs

Fixes:
 - http://autobuild.buildroot.org/results/7186515526ee60488dac3bf9c4580ffd13a0ceac

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr: actually backport upstream commit]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/python-bsdiff4: new package

Binary diff and patch using the BSDIFF4-format.

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/qemu_arm_vexpress_tz_defconfig: bump ATF version, cleanup config

Bump to a later version of ATF and cleanup the Python
configuration. Previously this configuration had to work around Python
3 issues with OP-TEE. Now this relies on OP-TEE properly building
itself with host-python3.

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

boot/optee-os: depend on host-python3

Recent versions of OP-TEE depend on Python 3. Currently, OP-TEE is
building with the Python interpreter provided by the user. This patch
includes an upstream patch that makes the interpreter configurable,
and makes use of this configuration with host-python3.

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python3-pycryptodomex: new package

This package will ensure that pycryptodomex is built for Python 3.
Comments in both python-pycryptodome and python3-pycryptodomex are
added to ensure they stay in sync.

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/minizip: fix build with gcc 4.8

Fixes:
 - http://autobuild.buildroot.org/results/b8baff4b86923d29163ce5cc9e391904d81fc90c

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/prosody: luabitop is only needed with Lua 5.1

The luabitop package is only available with Lua 5.1. LuaJIT, Lua 5.3
or more recent versions of Lua have this functionality built-in.

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/luabitop: depends on lua 5.1

In preparation for the introduction of Lua 5.4, clarify the dependency
of luabitop: it only makes sense when used with Lua 5.1.

Also update the comment to no longer mention Lua 5.2, since we don't
support Lua 5.2 in Buildroot anymore.

Note that as explained in https://luajit.org/extensions.html, LuaJit
already implements luabitop functions, so luabitop is really for Lua
5.1 only, not for all Lua interpreters that implemented the 5.1 ABI.

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>