package/systemd: fix build due to missing -lrt

Fixes:
 - http://autobuild.buildroot.org/results/a27d2e865ca620b6b2c6f39a07385f74fcfbb385

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/systemd: fix patch order

Rename 0002-install-don-t-use-ln-relative.patch to
0001-install-don-t-use-ln-relative.patch as there is two 0002-xxx
patches

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/network-manager: don't use --disable-crashtrace

It was removed long ago and does nothing.

Signed-off-by: Lubomir Rintel <lkundrak@v3.sk>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/libtorrent-rasterbar: needs gcc >= 4.9

Needs C++11 since bump to version 1.2.0

Fixes:
 - http://autobuild.buildroot.org/results/73481ae2e5736c8042ec7911f1378623bd3de74d

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/liburiparser: fix build without C++

Fixes:
 - http://autobuild.buildroot.org/results/1e191676f28905a81de6282e07978aa5d4f02039

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/gerbera: fix build with latest exiv2

After the bump to exiv2 0.27.1 a build error due to missing header
inclusion appeared.

Fixes:
http://autobuild.buildroot.net/results/3831acf7f4c5a9f1a404e0ced3d6bec7a2249601/
http://autobuild.buildroot.net/results/de0545462c6017fe54acc284b914b9fa8b0172d8/

The patch is waiting merge into the mainline
https://github.com/gerbera/gerbera/pull/457

Signed-off-by: Nicolas Serafini <nicolas.serafini@sensefly.com>
[Arnout: include as a patch instead of downloading it, due to hash]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/mono: bump to version 5.20.1.27

This patch bumps mono to version 5.20.1.27 and it's monolite dependency
to version B886E13F-6276-4BE5-85F8-C6BF5EDBD200.
It also adapt the monolite path to updated mono version.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-pillow: bump to version 6.0.0

This patch bumps python-pillow to version 6.0.0.
Hash for LICENSE file is changed because of a copyright year update.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/uboot-tools: fix build with host-openssl

As suggested by Arnout during review of previous iteration, add a patch
to uboot-tools so it uses CFLAGS and not HOSTCFLAGS when building cross
tools

Fixes:
 - http://autobuild.buildroot.org/results/915b509e814bda16be54a24276b9c740c51e5770

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/libzip: add host variant

The updated host mfgtool package needs the host variant of libzip.

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/python-flask-sqlalchemy: bump to version 2.3.2

Also update hash for license file due to additional information.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-sqlalchemy: bump to version .3.3

Also update hash for license file due to copyright year bump.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-flask: bump to version 1.0.2

Also add hash for the license file.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-jinja2: bump to version 2.10.1

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-mutagen: bump to version 1.42.0

Also add hash for the license file.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-psycopg2: bump to version 2.8.2

Also remove upstream patch and change the hash for the license file due to
url changes.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-itsdangerous: bump to version 1.1.0

Also add a hash for the license file, and change the license file to LICENSE.rst
as LICENSE no longer exists.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-werkzeug: bump to version 0.15.2

Also add hash for the license file, and change the license file to LICENSE.rst
as LICENSE no longer exists.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-markupsafe: bump to version 1.1.1

Also add hash for the license file.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-pip: bump to version 19.1

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python{3}-setuptools: bump to version 41.0.1

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/mjpegtools: install to staging

The mpeg2enc plugin in gst1-plugins-bad now depends on mjpegtools.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libvpx: bump to version v1.8.0

The gst1-plugins-good 1.16.0 vpx plugin requires libvpx v1.8.0

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/netcat-openbsd: switch to new upstream URL

anonscm.debian.org has been discontinued and now hosts a page pointing
to salsa.debian.org.  Switch to the new upstream URL, explicitly setting
the method to git now that we use an HTTPS URL.

Signed-off-by: John Keeping <john@metanate.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/luv: bump to version 1.28.0-1

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/luarocks: bump to version 3.1.0

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

configs/atmel_sama5d27_som1: bump to linux4sam_6.0

This commit :
- bumps Linux & U-Boot to linux4sam_6.0.
- bumps at91bootstrap to v3.8.12.
- removes old in-tree dts (now in dt-overlay-at91 [1][2])
- adapts genimage accordingly.

[1] https://github.com/linux4sam/dt-overlay-at91/tree/master/sama5d27_som1_ek
[2] http://www.at91.com/linux4sam/bin/view/Linux4SAM/DT-Overlay

Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

configs/qemu_xtensa_lx60_*: kernel build needs mkimage

Following ffbe46a5295 ("linux: simplify LINUX_BUILD_CMDS"), the Linux
kernel build for these xtensa qemu builds an image format that needs
mkimage.

Reported-by: Jugurtha BELKALEM <jugurtha.belkalem@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Jugurtha BELKALEM <jugurtha.belkalem@smile.fr>
Cc: Max Filippov <jcmvbkbc@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Reviewed-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/dovecot-pigeonhole: bump version to 0.5.6

Release notes:
https://dovecot.org/pipermail/dovecot-news/2019-April/000411.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/dovecot: security bump to version 2.3.6

Fixes
* CVE-2019-11494: Submission-login crashed with signal 11 due to null
  pointer access when authentication was aborted by disconnecting.
* CVE-2019-11499: Submission-login crashed when authentication was
  started over TLS secured channel and invalid authentication message
  was sent.

Release notes:
https://dovecot.org/pipermail/dovecot-news/2019-April/000408.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-ply: add host variant

Commit 89e70a7077 (package/bind: fix python build) added a dependency on
host-python-ply to bind, which doesn't exist. Add it.

Fixes:
 - http://autobuild.buildroot.org/results/a68251773f61c3463f4d18aa626c83df70126afc

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Peter: reword / add commit reference]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

DEVELOPERS: Add Carlos Santos for liburiparser

Signed-off-by: Carlos Santos <unixmania@gmail.com>
[Peter: sort alphabetically]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/liburiparser: bump to version 0.9.3

Version 0.9.3 is a fix-up to 0.9.2. Combined, releases 0.9.2 and 0.9.3
feature:

- Migration from GNU autotools to CMake
- Link fixes for use of uriparser from C++ code
- Library visibility fixes / introduction of -fvisibility=hidden

For more details please check the change log at

   https://github.com/uriparser/uriparser/blob/uriparser-0.9.3/ChangeLog

Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/strace: bump to version 5.0

Drop patches; issues fixed upstream.

Update license file hash due to copyright year update.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libzip: bump to version 1.5.2

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/popt: add hash for the license file

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/luv: bump to version 1.28.0-0

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/shairport-sync: bump to version 3.2.2

Drop patches 0001 and 0002 which are included in the new version.

Add hash for the license file.

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/luajit: add hash for the license file

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/tpm2-totp: fix menu prompt

It must be "tpm2-totp", not "tpm2-tools" (probably a copy/paste issue).

Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/strace: disable build for nds32

Current version of strace does not support nds32.

Fixes:
http://autobuild.buildroot.net/results/05ec776548c9bede4878d4c3c43040c5b0aac182
http://autobuild.buildroot.net/results/24023f2fa3dbf7c281726abdbfd4322badaffbfb

Cc: Nylon Chen <nylon7@andestech.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

linux: bump Linux CIP to version v4.19.13-cip1

This patch bumps CIP to the latest SLTS version v4.19.13-cip1.
Kernel based on 4.4 is not deprecated, it will continue to be supported
as planned by the CIP foundation.
If the 4.4 version is needed, it should be selected manually.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/gst1-plugins-base: add upstream SA-2019-0001 security fix

Fixes the following security issue:

CVE-2019-9928: GStreamer before 1.16.0 has a heap-based buffer overflow in
the RTSP connection parser via a crafted response from a server

For more details, see the advisory:
https://gstreamer.freedesktop.org/security/sa-2019-0001.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/go: bump version to 1.12.4

Fixes a number of issues discovered since 1.12.1.  From the release notes:

go1.12.2 (released 2019/04/05) includes fixes to the compiler, the go
command, the runtime, and the doc, net, net/http/httputil, and os packages.
See the Go 1.12.2 milestone on our issue tracker for details.

go1.12.3 (released 2019/04/08) was accidentally released without its
intended fix.  It is identical to go1.12.2, except for its version number.
The intended fix is in go1.12.4.

go1.12.4 (released 2019/04/11) fixes an issue where using the prebuilt
binary releases on older versions of GNU/Linux led to failures when linking
programs that used cgo.  Only Linux users who hit this issue need to update.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/imagemagick: security bump to version 7.0.8-42

Fixes the following security issues:

- CVE-2019-9956: In ImageMagick 7.0.8-35 Q16, there is a stack-based buffer
  overflow in the function PopHexPixel of coders/ps.c, which allows an
  attacker to cause a denial of service or code execution via a crafted
  image file.

- CVE-2019-10650: In ImageMagick 7.0.8-36 Q16, there is a heap-based buffer
  over-read in the function WriteTIFFImage of coders/tiff.c, which allows an
  attacker to cause a denial of service or information disclosure via a
  crafted image file.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/intel-mediasdk: fix license

Fixes:
 - http://autobuild.buildroot.org/results/5730991fded5ab3474cd0325b399f6f27972ca81

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-reentry: bump to version 1.3.1

Also update dependency list.

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/subversion: fix build with NLS

Fixes:
 - http://autobuild.buildroot.org/results/098a05b397ba1b05df561b6872b39e17a2bf27df

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

DEVELOPERS: Add Carlos Santos for tpm2-totp

[Peter: reword]
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/exiv2: bump to version 0.27.1

Signed-off-by: Nicolas Serafini <nicolas.serafini@sensefly.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

{linux, linux-headers}: bump 4.{4, 9, 14, 19}.x / 5.0.x series

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

docs/website: update for 2019.02.2

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

Update for 2019.02.2

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 3b4b3e7cd4618e56f5c6a8ea098ffd573a2e868e)
[Peter: drop Makefile changes]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/bind: fix python build

A check for python-ply has been added as this is a dependency of the
dnssec-keymgr script so install host-python-ply to avoid a build failure
if python-ply is not installed on host

Fixes:
 - http://autobuild.buildroot.org/results/96815b1300547c976443bf74b762febdfcc8d3ba

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/qemu: unset TARGET_DIR

qemu uses TARGET_DIR internally, and it is at least used to display the
shortened compiling commands, like (with a TARGET_DIR=/path/to/target):

    CC /path/to/targetblock/write-threshold.o

VS

    CC block/write-threshold.o

There does not seem to be any adverse effect to that, but this is very
confusing to see, especially when building the host variant.

Fix that by unsetting TARGET_DIR prior to building.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/gst1-plugins-base: drop legacy remnant comment

In 76722342000d (gst1-plugins-base: bump version to 1.12.0), the unknown
options were removed, but the comment associated to --disable-gio_unix_2_0
was left out.

Drop it now.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/binutils: don't override the build command

In 1d42d0acca (binutils: ensure TARGET_CONFIGURE_ARGS is taken into
consideration for subdirs), the whole BUILD_CMDS was overriden in an
attempt to ensure that the target configure args (in fact, environment
variables) are indeed passed in the environment of the build command.

However, there is no reason to override the whole command, when we can
simply specify additional environment variables, as supported by the
autotools infra.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/xapp_xload: fix build with NLS

Fixes:
 - http://autobuild.buildroot.org/results/a69b957d0f3251031b0c67e951ba8fb8d1043ce0

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libcamera: bump to version ab0188fc8bbb6f397ac3aa11c9377662b7bd88b0

Build failures due to:
`fatal error: sys/auxv.h: No such file or directory`
have been fixed upstream.

Fixes:
http://autobuild.buildroot.net/results/158/158950190141b4f1b0a3d7813322d3971bb8ba75/

Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Acked-by: Kieran Bingham <kieran.bingham@ideasonboard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/perl-mojolicious: bump to version 8.15

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/perl-module-build: bump to version 0.4229

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/perl-mail-dkim: bump to version 0.55

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/perl-http-headers-fast: bump to version 0.22

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/xapp_xfd: fix build with NLS

Fixes:
 - http://autobuild.buildroot.org/results/e6009f0232eb60ed10eb46b39edf125369eb12e1

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/{mesa3d, mesa3d-headers}: bump version to 19.0.3

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/wpa_supplicant: add upstream 2019-5 security patches

Fixes the following security vulnerabilities:

EAP-pwd implementation in hostapd (EAP server) and wpa_supplicant (EAP
peer) was discovered not to validate fragmentation reassembly state
properly for a case where an unexpected fragment could be received. This
could result in process termination due to NULL pointer dereference.

For details, see the advisory:
https://w1.fi/security/2019-5/eap-pwd-message-reassembly-issue-with-unexpected-fragment.txt

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/hostapd: add upstream 2019-5 security patches

Fixes the following security vulnerabilities:

EAP-pwd implementation in hostapd (EAP server) and wpa_supplicant (EAP
peer) was discovered not to validate fragmentation reassembly state
properly for a case where an unexpected fragment could be received. This
could result in process termination due to NULL pointer dereference.

For details, see the advisory:
https://w1.fi/security/2019-5/eap-pwd-message-reassembly-issue-with-unexpected-fragment.txt

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libpng: security bump to version 1.6.37

Fixes the following security issue:

CVE-2019-7317: png_image_free in png.c in libpng 1.6.36 has a use-after-free
because png_image_free_function is called under png_safe_execute.

Update license hash for a change in copyright year and typo fixes.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/bind: security bump to version 9.11.6-P1

Fixes the following security issues:

 - CVE-2018-5743: Limiting simultaneous TCP clients is ineffective
   https://kb.isc.org/docs/cve-2018-5743

 - CVE-2019-6467: An error in the nxdomain redirect feature can cause
   BIND to exit with an INSIST assertion failure in query.c
   https://kb.isc.org/docs/cve-2019-6467

 - CVE-2019-6468: BIND Supported Preview Edition can exit with an
   assertion failure if nxdomain-redirect is used
   https://kb.isc.org/docs/cve-2019-6468

Add an upstream patch to fix building on architectures where bind does not
implement isc_atomic_*.

Upstream moved to a 2019 signing key, so update comment in .hash file.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/openssh: fix build with atomic

Use pkg-config to retrieve openssl dependencies such as atomic

Fixes:
 - http://autobuild.buildroot.org/results/33d0e56368ab0e74d523be4837824654a4684746

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/network-manager: don't require an external DHCP client

NetworkManager now has an internal DHCP client.  Therefor, there is no
need to select either the DHCPCD or DHCP_CLIENT package to get DHCP.

Remove the forced select of one of those packages.

The internal DHCP client has become NetworkManager's preferred DHCP
client, so it seems reasonable that it effectively becomes the default,
unless DHCPCD or DHCP_CLIENT are intentionally enabled.

Signed-off-by: Trent Piepho <tpiepho@impinj.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/warp7: bump to Linux 5.0.9 and U-Boot 2019.01

This commit bumps Linux & Linux-headers to 5.0 and U-Boot to version 2019.01

Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Pierre-Jean Texier <a class="moz-txt-link-rfc2396E" href="mailto:pjtexier@koncepto.io">&lt;pjtexier@koncepto.io&gt;</a>
Reviewed-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/dovecot: security bump to version 2.3.5.2

Fixes the following security issue:

* CVE-2019-10691: Trying to login with 8bit username containing
  invalid UTF8 input causes auth process to crash if auth policy is
  enabled. This could be used rather easily to cause a DoS. Similar
  crash also happens during mail delivery when using invalid UTF8 in
  From or Subject header when OX push notification driver is used.

https://dovecot.org/pipermail/dovecot-news/2019-April/000406.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-urllib3: security bump to version 1.24.2

Fixes the following security issue:

- CVE-2019-11324: The urllib3 library before 1.24.2 for Python mishandles
  certain cases where the desired set of CA certificates is different from
  the OS store of CA certificates, which results in SSL connections
  succeeding in situations where a verification failure is the correct
  outcome.  This is related to use of the ssl_context, ca_certs, or
  ca_certs_dir argument.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/bullet: extras needs dlfcn.h and threads

extras needs dynamic library (dlfcn.h) and threads

Fixes:
 - http://autobuild.buildroot.org/results/a2609de74c08d9287beb839b93794161a7868e30
 - http://autobuild.buildroot.org/results/3e961d40f3d7003061eee0f7dc476d26c444bd7b

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/websocketpp: fix build with boost 1.70.0

Fix build of libcpprestsdk with boost 1.70.0

Fixes:
 - http://autobuild.buildroot.org/results/65840c7c5b337f1d4e5768d8e68198a5449603fd

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-psutil: bump to version 5.6.2

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libressl: bump to version 2.9.1

LibreSSL 2.9.1 now has a test that requires libtls.a, however, when building a
shared library only build, the --disable-static flag is passed to libressl,
which prevents the building of libtls.a.

With libtls.a not being built, the following error occurs:
libressl-2.9.1/tls/.libs/libtls.a', needed by 'handshake_table'.  Stop.

There are three options to fix this:
1) Stick with autotools, and provide a patch that removes building anything in
   the tests folder.
2) Pass --enable-static to LIBRESSL_CONF_OPTS
3) Change the package type to cmake, as a cmake build does not have this issue.

Changing the package type to cmake is the least impactful, it also has the added
benefit of being able to remove the 0001-remove-test-z-DESTDIR-from-ltmain.patch
file.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/rpm: fix build with NLS

Fixes:
 - http://autobuild.buildroot.org/results/26e20e19d878811d90fce52eb0951ee4d8b59068

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/supertuxkart: bump to version 1.0

Remove upstream patch 0001-Fix-3091.patch.

Add enet, libsquish and nettle new dependencies.
Add host-pkgconf since the CMakeLists.txt now use pkg-config
for enet.

Make sure that glew and wiiuse libraries from staging are
used instead of bundled versions.

See:
http://blog.supertuxkart.net/2019/04/supertuxkart-10-release.html

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libglew: bump to version 2.1.0

See 2.1.0 Change Log:
http://glew.sourceforge.net/log.html

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/enet: new package

enet will be used by supertuxkart 1.0.

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/qemu_ppc_virtex_ml507: kernel build needs mkimage

Following ffbe46a5295ce4e0442728f2ad3e19afa7eaa8ed ("linux: simplify
LINUX_BUILD_CMDS"), the Linux kernel build for
qemu_ppc_virtex_ml507_defconfig builds an image format that needs
mkimage.

Fixes:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/199339544

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/qemu_ppc_mpc8544ds: kernel build needs mkimage

Following ffbe46a5295ce4e0442728f2ad3e19afa7eaa8ed ("linux: simplify
LINUX_BUILD_CMDS"), the Linux kernel build for
qemu_ppc_mpc8544ds_defconfig builds an image format that needs
mkimage.

Fixes:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/199339543

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/qemu_nios2_10m50: kernel build needs mkimage

Following ffbe46a5295ce4e0442728f2ad3e19afa7eaa8ed ("linux: simplify
LINUX_BUILD_CMDS"), the Linux kernel build for
qemu_nios2_10m50_defconfig builds an image format that needs mkimage.

Fixes:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/199339537

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/beaglebone: kernel build needs mkimage

Following ffbe46a5295ce4e0442728f2ad3e19afa7eaa8ed ("linux: simplify
LINUX_BUILD_CMDS"), the Linux kernel build for beaglebone_defconfig
builds more things, including some .itb files, which require mkimage
with FIT support.

Fixes:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/199339433

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

linux: split calling "all" and "$(LINUX_TARGET_NAME)" targets

In commit ffbe46a5295ce4e0442728f2ad3e19afa7eaa8ed ("linux: simplify
LINUX_BUILD_CMDS"), we changed LINUX_BUILD_CMDS to essentially do:

  make all $(LINUX_TARGET_NAME)

Unfortunately, it turns out that it breaks the build of a number of
defconfigs, with errors such as:

  fixdep: error opening file: arch/xtensa/boot/lib/.inftrees.o.d: No such file or directory

Calling "all" and "$(LINUX_TARGET_NAME)" as separate make invocations
avoids this problem, and fixes the build of several defconfigs.

Fixes:

  ts7680_defconfig
  https://gitlab.com/buildroot.org/buildroot/-/jobs/199339583

  qemu_xtensa_lx60_defconfig
  https://gitlab.com/buildroot.org/buildroot/-/jobs/199339553

  roseapplepi_defconfig
  https://gitlab.com/buildroot.org/buildroot/-/jobs/199339564

  qemu_xtensa_lx60_nommu_defconfig
  https://gitlab.com/buildroot.org/buildroot/-/jobs/199339554

  qemu_ppc64_e5500_defconfig
  https://gitlab.com/buildroot.org/buildroot/-/jobs/199339539

  freescale_t2080_qds_rdb_defconfig
  https://gitlab.com/buildroot.org/buildroot/-/jobs/199339455

  arcturus_ucp1020_defconfig
  https://gitlab.com/buildroot.org/buildroot/-/jobs/199339399

Cc: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Thomas: add comment in the code to explain why we call the two make
targets separately, as suggested by Yann E. Morin]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/mongodb: needs PCRE with UTF support

mongodb needs PCRE with UTF-8 support, see:
https://docs.mongodb.com/manual/reference/operator/query/regex/

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libinput: bump version to 1.13.1

- for changelog see [1] and [2]
 - removed 0001-meson.build-enable-CPP-include-check-only-in-case-CP.patch
   (upstream applied, see [3])

[1] https://lists.freedesktop.org/archives/wayland-devel/2019-March/040363.html
[2] https://lists.freedesktop.org/archives/wayland-devel/2019-April/040403.html
[3] https://gitlab.freedesktop.org/libinput/libinput/commit/4516ba977c1e22d01da4cc50a8ebffa5d11d73f1

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libyuv: bump to version 413a8d8041f1cc5a350a47c0d81cc721e64f9fd0

- Switch to https://chromium.googlesource.com/libyuv/libyuv which is
  the official repository and still active (updated this month).
  Current site has not been updated since 2015.
- Drop second patch (already in version)
- Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/bullet: bump to verion 2.88

Add license file hash.

See release notes:
https://github.com/bulletphysics/bullet3/releases/tag/2.88

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/minetest: bump to version 5.0.1

See:
https://forum.minetest.net/viewtopic.php?t=22463

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libv4l: bump version to 1.16.5

Update license hash for libv4l1-kernelcode-license.txt (Mauro Carvalho
e-mail address update).

Changelog (since 1.16.3):
  - Update my e-mail on all places
  - dvb-sat: rename Astra 1E to Astra 19.2 E and move it to beginning
  - Qt5: test for Desktop OpenGL presence
  - Qt5: fixup Qt OpenGL automake conditionals
  - dvbv5-zap.c: fix compile warning
  - dvbv5-tools: be sure to zero struct arguments
  - dvbv5-zap: improve program exit code
  - libdvbv5: leaks and double free in dvb_fe_open_fname()

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libdrm: bump version to 2.4.98

For detail see [1].

[1] https://lists.freedesktop.org/archives/dri-devel/2019-April/215254.html

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/corkscrew: bump to version v2.0

This patch bumps corkscrew package to version v2.0.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-can: bump to version 3.1.1

This patch bumps python-can to version 3.1.1, it removes md5 sum from
hash file cause it's not present anymore on the pypi website.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libnspr: add patch for nds32 support.

Fixes:

  http://autobuild.buildroot.net/results/9380435440c977eeaf98a1ffa80f411f07f62482/

Signed-off-by: Nylon Chen <nylon7@andestech.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-setuptools-scm: bump to version 3.2.0

python-setuptools-scm v1.15.6 was released in 2017 and is now
obsolete. Multiple versions have been released released to resolve
various issues:
https://github.com/pypa/setuptools_scm/blob/master/CHANGELOG.rst.

While at it, we add the hash for the license file.

Signed-off-by: Jugurtha BELKALEM <jugurtha.belkalem@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/meson: bump to version 0.50.1

Tested against systemd and glib-networking.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
[Thomas: use the upstream-uploaded tarball and not the github macro,
which allows to have the tarball that really matches upstream's GPG
signature]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/janus-gateway: bump to version 0.6.3

In additon:
  - Rebase both patches to work with the new version.
  - Add the dependency libconfig

All tests pass:
  - br-arm-full [1/6]: OK
  - br-arm-cortex-a9-glibc [2/6]: OK
  - br-arm-cortex-m4-full [3/6]: SKIPPED
  - br-x86-64-musl [4/6]: OK
  - br-arm-full-static [5/6]: SKIPPED
  - sourcery-arm [6/6]: OK

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>