package/libnetconf2: bump version to 1.1.36

Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libyang: bump to version 1.0.215

Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/gdk-pixbuf: link with lintl if needed

Fixes:
 - http://autobuild.buildroot.org/results/4dc94dadbc17e06a214478644f29877fe205f93d

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

support/scripts/pkg-stats: fix flake8 warnings

Fixes:

support/scripts/pkg-stats:148:17: E741 ambiguous variable name 'l'
support/scripts/pkg-stats:379:9: E741 ambiguous variable name 'l'

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

support/scripts/pkg-stats: drop unused --cpeid option

The --cpeid option was mistakenly introduced by commit
92e7089a8ca9f7dba5a5d690b7f768352cd6b983 ("support/script/pkg-stats:
show CPE ID in results") but is in fact not necessary.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

support/scripts/pkg-stats: drop unused cpeid_name() function

The cpeid_name() function is not used anywhere, drop it.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

support/scripts/pkg-stats: fix the status reporting of CVEs

Since commit bd665d182c8131d2deafa39be0f3d89adb43643f
("support/scripts/pkg-stats: improve rendering of CVE information"),
we have better reporting of CVE related information, based on
pkg.status['cve']. However, this commit broke pkg-stats when the
--nvd-path option is not passed, and therefore no CVE information is
available.

This commit fixes that, by making use of the is_status_ok(),
is_status_error() and is_status_na() methods recently introduced.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

support/scripts/pkg-stats: improvements in is_status_*() methods

Make is_status_ok() work when the given status name is not even listed
in the status dict. This will be necessary for following commits.

Introduced similar methods for the error and na status, which will be
used in following commits.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/xapian: bump to version 1.4.18

Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/opusfile: bump to version 0.12

also set the indentation to 2 spaces in hash file

Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/leptonica: bump to version 1.80.0

Also added 2 spaces indentation in hash file

Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/faad2: bump to version 2.10.0

Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

DEVELOPERS: add Gilles Talis for opusfile

Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

DEVELOPERS: Add Gilles Talis for faad2

Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/{mesa3d, mesa3d-headers}: bump version to 20.3.4

Release notes:
https://lists.freedesktop.org/archives/mesa-announce/2021-January/000618.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libgpgme: bump to version 1.15.1

Update indentation in hash file (two spaces)

http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gpgme.git;a=blob;f=NEWS;h=f6c2b0d3c53b3a62ca71a2a85b2d9764cda359c0

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libgpgme: add CPE variables

cpe:2.3:a:gnupg:gpgme is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Agnupg%3Agpgme

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/mutt: add gpgme optional dependency

gpgme is supported since 2005 and
https://gitlab.com/muttmua/mutt/-/commit/4bb5db92a89158cc45c3480f2be62d0b435c9a4e

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/vde2: add CPE variables

cpe:2.3:a:vde_project:vde is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Avde_project%3Avde

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/haproxy: bump to version 2.2.8

https://www.mail-archive.com/haproxy@formilux.org/msg39408.html
https://www.mail-archive.com/haproxy@formilux.org/msg39470.html

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/logrotate: use official tarball

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/bitcoin: add CPE variables

cpe:2.3:a:bitcoin:bitcoin_core is a valid CPE identifier for this
package:

https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Abitcoin%3Abitcoin_core

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/bitcoin: security bump to version 0.21.0

Tag as a security bump as having an up to date bitcoin is important:
https://patchwork.ozlabs.org/project/buildroot/patch/20200202085526.35742-1-james.hilliard1@gmail.com

https://github.com/bitcoin/bitcoin/blob/master/doc/release-notes/release-notes-0.21.0.md

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/socat: security bump to version 1.7.4.1

Buffer size option (-b) is internally doubled for CR-CRLF conversion,
but not checked for integer overflow. This could lead to heap based
buffer overflow, assuming the attacker could provide this parameter.

- Update indentation in hash file (two spaces)
- Update hash of README file due to minor updates:
  https://repo.or.cz/socat.git/commit/b145170837d75bd7a1a5803283910ab075d47bea
  https://repo.or.cz/socat.git/commit/0a115feadc3102f17e0a8a1a985319af0295f704

http://www.dest-unreach.org/socat/doc/CHANGES

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/uclibc: Patch with updated kernel time definitions

Building uclibc 1.0.37 for SuperH architecture with linux-headers 5.10.7
fails at libpthread level due to missing time-related data structures,
usually defined by the kernel. Make uclibc correctly define those types.

A previous patch in buildroot [1] fixed the symptom by tampering with
linux-headers inclusions, but analysis [2] done in collaboration with
Linux folks concluded that the issue lied in (voluntary) include guard
"preemption" in uclibc kernel_types.h.
However, kernel_types.h was not up to date with relevant 64-bit time
data structures, so defining those here was needed.

The present uclibc patch was mailed to uclibc-ng mailing list and got
a positive response; I am not able to give a link to the discussion,
as it has not appeared yet [3] (perhaps I'm not looking at the right
place ?)
So until the patch is merged upstream and we bump uclibc version, keep
our patch here.

[1] https://git.buildroot.net/buildroot/commit/?id=742f37de8d0e3797698411dfc6a63bd7e98aafe2
[2] https://patchwork.kernel.org/project/linux-sh/patch/20210123165652.10884-1-geoffrey.legourrierec@gmail.com/
[3] https://mailman.uclibc-ng.org/pipermail/devel/2021-January/thread.html

Signed-off-by: Geoffrey Le Gourriérec <geoffrey.legourrierec@gmail.com>
Tested-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

board/qemu/sh4*: Remove linux-headers patch

Previous patch about time data structures [1] provided a dirty fix
that did not solve the real issue.

After discussing with Linux folks on the SuperH mailing list [2],
the patch was deemed unnecessary, as the problem lied in uclibc.

[1] https://git.buildroot.net/buildroot/commit/?id=742f37de8d0e3797698411dfc6a63bd7e98aafe2
[2] https://patchwork.kernel.org/project/linux-sh/patch/20210123165652.10884-1-geoffrey.legourrierec@gmail.com/

Signed-off-by: Geoffrey Le Gourriérec <geoffrey.legourrierec@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/ply: needs headers >= 4.14

ply uses BPF_JLT is available only since kernel 4.14 with:
https://github.com/torvalds/linux/commit/92b31a9af73b3a3fc801899335d6c47966351830

Fixes:
 - http://autobuild.buildroot.org/results/632187ceb7ca5e2dc5a3e5185860ddb874b4274c

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/wayland: add WAYLAND_CPE_ID_VENDOR

cpe:2.3:a:wayland:wayland is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Awayland%3Awayland

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/sox: add CPE variables

cpe:2.3:a:sound_exchange_project:sound_exchange is a valid CPE
identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Asound_exchange_project%3Asound_exchange

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libgeos: disable benchmarks

Fixes:
 - http://autobuild.buildroot.org/results/790450f7541d690cdef3917d7056759cb9b403c5

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/dhcpcd: fix build with nds32

Fix build failure with dhcpcd due to SECCOMP_AUDIT_ARCH which is used
since version 9.3.0 and
https://github.com/rsmarples/dhcpcd/commit/a926ee6d8f4eb2f04e01d72664893e3cb95fceca

Fixes:
 - http://autobuild.buildroot.org/results/af8ba07ea0c12ab8cd24d528ef98db05521f3d36

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/spice: set SPICE_CPE_ID_VALID

cpe:2.3:a:spice_project:spice is a valid CPE identifier for this
package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aspice_project%3Aspice

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/pinentry: bump to version 1.1.1

- add efl optional dependency which is available since
  http://git.gnupg.org/cgi-bin/gitweb.cgi?p=pinentry.git;a=commit;h=948105b7a34ec9a9e5479d376b7c86bafee50a01
- Update indentation in hash file (two spaces)

http://git.gnupg.org/cgi-bin/gitweb.cgi?p=pinentry.git;a=blob;f=NEWS;h=c8b5195ace7bb3ffb1420ae479ac39d65b0fa17c

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/rtty: bump version to 7.3.0

Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libgcrypt: security bump version to 1.9.1

Removed patch which was applied upstream.

Release notes:
https://lists.gnupg.org/pipermail/gnupg-announce/2021q1/000456.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

{linux, linux-headers}: bump 4.19.x / 5.{4, 10}.x series

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/spdlog: bump to version 1.8.2

Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-remi: bump to version 2020.11.20

Add runtime dependencies to pythonX-ssl and python-setuptools.

Signed-off-by: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/pinentry: drop unrecognized option

Drop --with-x option which is not recognized:

configure: WARNING: unrecognized options: --disable-gtk-doc, --disable-gtk-doc-html, --disable-doc, --disable-docs, --disable-documentation, --with-xmlto, --with-fop, --enable-ipv6, --disable-nls, --disable-static, --enable-shared, --with-x

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/ttyd: bump to version 1.6.3

Signed-off-by: Tian Yuanhao <tianyuanhao@aliyun.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/dhcpcd: bump to version 9.4.0

Drop patch (already in version)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/x11r7/xlib_libXt: bump version to 1.2.1

Reformatted hashes.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/xutil_util-macros: bump version to 1.19.3

Reformatted hashes.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/sqlite: bump version to 3.34.1

Updated SQLITE_SITE.

Release notes: https://www.sqlite.org/releaselog/3_34_1.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/open62541: force Release build

Force Release build to remove -Werror and avoid the following build
failure:

/home/giuliobenetti/autobuild/run/instance-3/output-1/build/open62541-1.0/arch/network_tcp.c: At top level:
cc1: error: unrecognized command line option '-Wno-static-in-inline' [-Werror]
cc1: all warnings being treated as errors

Fixes:
 - http://autobuild.buildroot.org/results/24b429ce0ae2b33e72bb6a0f523c3906e539a4fd

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/glibc: security bump for additional post-2.32.x fixes

Fixes the following security issue:

- CVE-2021-3326: Assertion failure in ISO-2022-JP-3 gconv module related to
  combining characters

For details, see https://sourceware.org/bugzilla/show_bug.cgi?id=27256 and
https://www.openwall.com/lists/oss-security/2021/01/27/3

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/runc: add CPE variables

cpe:2.3:a:linuxfoundation:runc is a valid CPE identifier for this
package:

https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Alinuxfoundation%3Arunc

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/mutt: add security fixes from Ubuntu for CVE-2021-3181

Fixes the following security issue:

- CVE-2021-3181: rfc822.c in Mutt through 2.0.4 allows remote attackers to
  cause a denial of service (mailbox unavailability) by sending email
  messages with sequences of semicolon characters in RFC822 address fields
  (aka terminators of empty groups).  A small email message from the
  attacker can cause large memory consumption, and the victim may then be
  unable to see email messages from other persons.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/gdk-pixbuf: fix license

Commit a7b51ed3013c919b293deb95299e33363fb9df70 forgot to update hash of
COPYING which now contains LGPL-2.1+

Here is an extract of
https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/commit/0a8882b1a1f5234f7de2177e41f9cb584b6d61f8:

"The vast majority of GdkPixbuf is released under the terms of the GNU
Lesser General Public License, version 2.1 or later.

The following files are released under the terms of the GNU Library
General Public License, version 2 or later:
[...]
The aggregate license of the GdkPixbuf project is the Lesser GPL v2.1 or
later."

Fixes:
 - http://autobuild.buildroot.org/results/292306061216471c258a89e61b54c0d05c757321

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/chrony: fix build with kernel headers older than 3.15

Add a patch to make renameat2 system call reference conditional.

Fixes:
http://autobuild.buildroot.net/results/bb6/bb638ed011aea379c7f780187dafe2615753e2ae/
http://autobuild.buildroot.net/results/5ef/5ef11bace60950b35b4a593d734a20df088c79aa/

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/grpc: bump to version 1.35.0

Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/logrotate: bump to 3.18.0 version

Main reason is to fix the issue when secure_getenv() is missing
in older toolchain, but it was fixed in this version by using
getenv() as alternative.

Signed-off-by: Vadym Kochan <vadym.kochan@plvision.eu>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/stress-ng: bump to version 0.12.02

Use https for download to save redirect.

Cc: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/socat: add SOCAT_CPE_ID_VENDOR

cpe:2.3:a:dest-unreach:socat is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Adest-unreach%3Asocat

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/webp: add CPE variables

cpe:2.3:a:webmproject:libwebp is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Awebmproject%3Alibwebp

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/wine: add WINE_CPE_ID_VENDOR

cpe:2.3:a:winehq:wine is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Awinehq%3Awine

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Acked-by: André Hentschel <nerv@dawncrow.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/wpewebkit: add CPE variables

cpe:2.3:a:wpewebkit:wpe_webkit is a valid CPE identifier for this
package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Awpewebkit%3Awpe_webkit

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/x265: add X265_CPE_ID_VENDOR

cpe:2.3:a:multicorewareinc:x265 is a valid CPE identifier for this
package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Amulticorewareinc%3Ax265

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/xapian: add CPE variables

cpe:2.3:a:xapian:xapian-core is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Axapian%3Axapian-core

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/uboot-tools: drop redundant parentheses

Commit d8db91fc6fa ("package/uboot-tools: resolve host uboot env/script
error") introduced closing parentheses that is not matched and not
needed.

Fixes:
http://autobuild.buildroot.net/results/a65/a65fcc581f56ef70154f83e80f12d64f2e0f856a/
http://autobuild.buildroot.net/results/39a/39aabb9d8afcdead1d620e081d2cd43ee2d61fbc/

Cc: Matt Weber <matthew.weber@rockwellcollins.com>
Cc: Kalpesh Panchal <kalpesh.panchal@rockwellcollins.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Reviewed-by: Matt Weber <matthew.weber@rockwellcollins.com>
Reviewed-by: Bin Meng <bin.meng@windriver.com>
Tested-by: Bin Meng <bin.meng@windriver.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

configs/orangepi_zero_plus2_defconfig: bump BSP versions

Bump Linux to 5.10.10 and U-Boot to 2020.10. In the new kernel sunxi-mmc
driver has been switched to asynchronous probe. As a result, mmc indexes
can be shuffled breaking board boot. Add patch that pins mmc indexes to
their original ordered values.

Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

configs/orangepi_zero_defconfig: bump BSP versions

Bump Linux to 5.10.10 and U-Boot to 2020.10.

Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

configs/linksprite_pcduino: bump BSP versions

Bump Linux to 5.10.10 and U-Boot to 2020.10.

Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/gerbera: needs gcc >= 8

std::filesystem is required since version 1.5.0:
https://github.com/gerbera/gerbera/issues/849

Fixes:
 - http://autobuild.buildroot.org/results/759c875ee8ab0447cd735c22f89fa127cb8c427c

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/collectd: add option to enable UBI counters

The 'ubi' collectd plugin was added in 5.11.0.
Add options in Buildroot to enable it.

Based on code by Bart De Vos.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/libiec61850: add LIBIEC61850_CPE_ID_VENDOR

cpe:2.3:a:mz-automation:libiec61850 is a valid CPE identifier for this
package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Amz-automation%3Alibiec61850

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/libiec61850: drop BUILD_EXAMPLES=OFF

BUILD_EXAMPLES=OFF is already passed by cmake-infrastructure

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/timescaledb: Fix build with Postgresql 13

Add missed patch for PG13 build.

Fixes;
    http://autobuild.buildroot.org/results/0e5/0e534ed0a5206856fad7272008b12205811f098a/build-end.log

Fixes: 5cff0c8a2d1c ("package/timescaledb: bump to version 2.0.0")
Signed-off-by: Maxim Kochetkov <fido_max@inbox.ru>
[yann.morin.1998@free.fr: add reference to autobuilder failure]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/libuhttpd: bump to version 3.9.0

Fix build without dlopen thanks to
https://github.com/zhaojh329/libuhttpd/commit/117ae812a4eb114f46f4d9dfd395618c74836710

https://github.com/zhaojh329/libuhttpd/releases/tag/v3.9.0

Fixes:
 - http://autobuild.buildroot.org/results/3d14502c87ecee5b1eeeec3f85b8d6b659d61bbc

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/strongswan: bump to version 5.9.1

https://wiki.strongswan.org/versions/79

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/xtables-addons: bump version to 3.13

Use https://inai.de/files/xtables-addons to download source code

Signed-off-by: Eldar Gasanov <eldargasanov2@gmail.com>
Signed-off-by: Maxim Kochetkov <fido_max@inbox.ru>
[Peter: also update Config.in URL]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/gdk-pixbuf: bump to version 2.42.2

- Switch to meson-package
- Drop GDK_PIXBUF_DISABLE_TESTS as it is not needed anymore (meson
  doesn't build tests when cross-commpiling)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/rtty: bump version to 7.2.3

Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/sudo: drop unneeded autoreconf

Commit 4fea71ac785cc (package/sudo: security bump to version 1.9.5p2)
removed the patch, but forgot to remove the now unneeded autoreconf.  Fix
that.

Reported-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/uboot-tools: resolve host uboot env/script error

The host build of uboot-tools can occur early in the build process and may
require the creation of BINARIES_DIR before generation of an enabled envimage
and/or boot script binary. So to resolve this in proper way, separated the
build and installation part of uboot env/script in their respective commands.

Signed-off-by: Kalpesh Panchal <kalpesh.panchal@rockwellcollins.com>
Signed-off-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/sudo: security bump to version 1.9.5p2

Major changes between sudo 1.9.5p2 and 1.9.5p1

 * Buildroot: dropped a patch that was included in the release.

 * Fixed sudo's setprogname(3) emulation on systems that don't
   provide it.

 * Fixed a problem with the sudoers log server client where a partial
   write to the server could result the sudo process consuming large
   amounts of CPU time due to a cycle in the buffer queue. Bug #954.

 * Added a missing dependency on libsudo_util in libsudo_eventlog.
   Fixes a link error when building sudo statically.

 * The user's KRB5CCNAME environment variable is now preserved when
   performing PAM authentication.  This fixes GSSAPI authentication
   when the user has a non-default ccache.

 * When invoked as sudoedit, the same set of command line options
   are now accepted as for "sudo -e".  The -H and -P options are
   now rejected for sudoedit and "sudo -e" which matches the sudo
   1.7 behavior.  This is part of the fix for CVE-2021-3156.

 * Fixed a potential buffer overflow when unescaping backslashes
   in the command's arguments.  Normally, sudo escapes special
   characters when running a command via a shell (sudo -s or sudo
   -i).  However, it was also possible to run sudoedit with the -s
   or -i flags in which case no escaping had actually been done,
   making a buffer overflow possible.  This fixes CVE-2021-3156.

https://www.sudo.ws/stable.html#1.9.5p2

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/spdlog: support dynamic library

spdlog can install a shared library since version 1.4.0 and
https://github.com/gabime/spdlog/commit/45a18a61c633564311e51f5cbed2748e9cb70e2f

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/nettle: set NETTLE_CPE_ID_VALID

cpe:2.3:a:nettle_project:nettle is a valid CPE identifier for this
package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Anettle_project%3Anettle

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/trousers: add TROUSERS_CPE_ID_VENDOR

cpe:2.3:a:trustedcomputinggroup:trousers is a valid CPE identifier for
this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Atrustedcomputinggroup%3Atrousers

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/beecrypt: set BEECRYPT_CPE_ID_VALID

cpe:2.3:a:beecrypt_project:beecrypt is a valid CPE identifier for this
package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Abeecrypt_project%3Abeecrypt

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/sdl2: add CPE variables

cpe:2.3:a:libsdl:sdl is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Alibsdl%3Asdl

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/opentracing-cpp: fix build if clang-tidy is installed on the host

opentracing-cpp fails to build if clang-tidy is installed:

...
-- clang-tidy found: /usr/lib/llvm/11/bin/clang-tidy
-- Configuring done
-- Generating done
...

[ 25%] Building CXX object CMakeFiles/opentracing.dir/src/propagation.cpp.o
.../buildroot/output/build/opentracing-cpp-1.5.1/include/opentracing/string_view.h:5:10: error: 'algorithm' file not found [clang-diagnostic-error]
         ^
.../buildroot/output/build/opentracing-cpp-1.5.1/src/propagation.cpp:3:11: warning: '__llvm_libc' needs to be the outermost namespace [llvmlibc-implementation-in-namespace]
namespace opentracing {
          ^
.../buildroot/output/build/opentracing-cpp-1.5.1/src/propagation.cpp:11:3: warning: use '= default' to define a trivial default constructor [hicpp-use-equals-default,modernize-use-equals-default]
  PropagationErrorCategory() {}
  ^                          ~~
                             = default;
.../buildroot/output/build/opentracing-cpp-1.5.1/src/propagation.cpp:13:15: warning: use a trailing return type for this function [modernize-use-trailing-return-type]
  const char* name() const noexcept override {
  ~~~~~~~~~~~ ^
  auto                              -> const char*
.../buildroot/output/build/opentracing-cpp-1.5.1/src/propagation.cpp:13:15: warning: method 'name' can be made static [readability-convert-member-functions-to-static]
  const char* name() const noexcept override {
              ^      ~~~~~~
  static
.../buildroot/output/build/opentracing-cpp-1.5.1/src/propagation.cpp:17:24: warning: use a trailing return type for this function [modernize-use-trailing-return-type]
  std::error_condition default_error_condition(int code) const
                       ^
.../buildroot/output/build/opentracing-cpp-1.5.1/src/propagation.cpp:37:15: warning: use a trailing return type for this function [modernize-use-trailing-return-type]
  std::string message(int code) const override {
              ^
.../buildroot/output/build/opentracing-cpp-1.5.1/src/propagation.cpp:58:28: warning: use a trailing return type for this function [modernize-use-trailing-return-type]
const std::error_category& propagation_error_category() {
                           ^
226 warnings and 1 error generated.
Error while processing .../buildroot/output/build/opentracing-cpp-1.5.1/src/propagation.cpp.
Suppressed 218 warnings (218 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
Found compiler error(s).
make[3]: *** [CMakeFiles/opentracing.dir/build.make:83: CMakeFiles/opentracing.dir/src/propagation.cpp.o] Error 1
make[3]: *** Waiting for unfinished jobs....
.../buildroot/output/build/opentracing-cpp-1.5.1/include/opentracing/string_view.h:5:10: error: 'algorithm' file not found [clang-diagnostic-error]
         ^
.../buildroot/output/build/opentracing-cpp-1.5.1/src/dynamic_load.cpp:4:

Disable the 'ENABLE_LINTING' option to avoid this influence.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/igd2-for-linux: bump to version 2.1

Move to autotools which has been added to this version to fix static
build failure with an openssl-enabled libupnp in version > 1.6

Fixes:
 - http://autobuild.buildroot.org/results/86214570ac5093d4a5a31fadae59c3f47df16948

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/ltp-testsuite: simplify code to exclude test-cases

We have three conditions under which some tests may get removed:
uClibc, musl, static libraries. All three use the same mechanism
to exclude those test-cases: remove the files.

The first two use a common variable to list the affected files,
and share the same hook of their own to iterate over that list,
while the third has its own hook.

This is not very clean, so switch to using a single variable and
a single hook for all three conditions.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Petr Vorel <petr.vorel@gmail.com>
Reviewed-by: Petr Vorel <petr.vorel@gmail.com>

package/gerbera: needs xpath in pugixml

Fixes:
 - http://autobuild.buildroot.org/results/0fcd0ce167c04f788bf1b9414ae5e7677691c7cf

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/gerbera: fix linking with std::filesystem

Do not force to CXX_FILESYSTEM_NO_LINK_NEEDED to ON to allow gerbera to
link with the approriate library for std::filesystem

It should be noted that check_cxx_source_runs has been dropped since
version 1.6.0 and
https://github.com/gerbera/gerbera/commit/a3a64bed1d78fc51c7ab298db019c89852acb80c

Fixes:
 - http://autobuild.buildroot.org/results/0fcd0ce167c04f788bf1b9414ae5e7677691c7cf

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/ltp-testsuite: update musl related cleanup

Compile getdents0{1,2}.c which has been fixed in upstream in commit
8a85a2d61 ("getdents: update to the new api, don't mix libc and kernel
types").

Fixes: 84968aa495 ("package/ltp-testsuite: bump version to 20210121")
Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/sslh: systemd needs libconfig

systemd-sslh-generator unconditionally uses libconfig

Fixes:
 - http://autobuild.buildroot.org/results/d46581842906f7780f4a3a1ae21963e78e7f5276

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
  - select libconfig
  - drop changes in the .mk
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/ushare: bump to release 2.0

As suggested by Yann E. Morin, switch to an active fork with all our
patches as upstream seems pretty dead, and they even acknowledge that
status:

    https://ushare.geexbox.org/

    By lack of spare time, motivation and interest, uShare development
    is currently discontinued (this may change though). Don't expect
    release anytime soon :-(

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/librtlsdr: drop cmake workaround

Drop workaround for cmake < 3.10 (not needed since commit
d4773b610a40be1d3ac7d793033abaf4eb2491ed)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/exiv2: drop cmake workaround

Drop workaround for cmake < 3.10 (not needed since commit
d4773b610a40be1d3ac7d793033abaf4eb2491ed)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/paho-mqtt-cpp: drop cmake workaround

Drop workaround for cmake < 3.10 (not needed since commit
d4773b610a40be1d3ac7d793033abaf4eb2491ed)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/poppler: drop cmake workaround

Drop workaround for cmake < 3.10 (not needed since commit
d4773b610a40be1d3ac7d793033abaf4eb2491ed)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/xerces: drop cmake workaround

Drop workaround for cmake < 3.10 (not needed since commit
d4773b610a40be1d3ac7d793033abaf4eb2491ed)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/rabbitmq-c: drop cmake workaround

Drop workaround for cmake < 3.10 (not needed since commit
d4773b610a40be1d3ac7d793033abaf4eb2491ed)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/i2pd: drop cmake workaround

Drop workaround for cmake < 3.10 (not needed since commit
d4773b610a40be1d3ac7d793033abaf4eb2491ed)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/znc: drop cmake workaround

Drop workaround for cmake < 3.10 (not needed since commit
d4773b610a40be1d3ac7d793033abaf4eb2491ed)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/uvw: drop cmake workaround

Drop workaround for cmake < 3.10 (not needed since commit
d4773b610a40be1d3ac7d793033abaf4eb2491ed)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/xfsprogs: bump version to 5.10.0

Release notes:
https://www.spinics.net/lists/linux-xfs/msg47553.html

Added dependency to inih:
https://www.spinics.net/lists/linux-xfs/msg47554.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/inih: new package

needed for xfsprogs >= 5.10.0:
https://www.spinics.net/lists/linux-xfs/msg47554.html

Added upstream patch to avoid dependency for c++.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[yann.morin.1998@free.fr: license is BSD-3-Clause, not BSD]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>