python-six: add host variant

While currently there is no in-tree Buildroot package which depends on
host-python-six, it can be needed to build external packages.

Signed-off-by: Julien Floret <julien.floret@6wind.com>
Tested-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/nmap: bump version to 7.60

Version 7.60 added optional support for libssh2:
http://seclists.org/nmap-announce/2017/4

Switched _SITE to https

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/ngircd: add optional support for linux-pam

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/ngircd: make zlib an optional dependency

zlib is not a hard dependency:
https://github.com/ngircd/ngircd/blob/master/configure.ng#L256

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/ngircd: add optional support for gnutls

openssl and gnutls can not be enabled at the same time:
https://github.com/ngircd/ngircd/blob/master/configure.ng#L449

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/ngircd: add optional dependency to openssl

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/ngircd: bump version to 24

Switched _SITE to https, added patch to fix compile error.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/slang: bump version to 2.3.1a

Switched to bz2 tarball, upstream does not provide a gz tarball anymore.

Rebased 0001-slsh-libs.patch according to
https://gitweb.gentoo.org/repo/gentoo.git/tree/sys-libs/slang/files/slang-2.3.1-slsh-libs.patch

Removed patches applied upstream:
0002-Enable-a-statically-linked-version-of-slsh.patch
0003-Disable-module-support-in-the-statically-linked-version-of-slsh.patch
0005-make-install-static-do-install-pkgconfig-as-install-.patch

Removed 0004-Rename-posix_close-function-to-posix_close_slfile.patch
after upstream committed a different solution, Alpine Linux did the
same when bumping to 2.3.1:
https://git.alpinelinux.org/cgit/aports/commit/main/slang?id=d4d252e4dea77c868259b0ef1f3d9cfbe6dc2152

Added sha256 hash and license file hash.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Arnout: Added sha256 hash and license file hash.]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/neard: bump version to 0.16

Added systemd support needed after upstream commit
https://git.kernel.org/pub/scm/network/nfc/neard.git/commit/?id=ffc849bc1c83f0c9f31cbdf9bf843cf245496183

Fixed broken link in Config.in help section.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

rpi-firmware: bump to latest version

Signed-off-by: Mahyar Koshkouei <mahyar.koshkouei@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/librsync: not available in static builds

Upstream only supports shared builds:
https://github.com/librsync/librsync/blob/master/CMakeLists.txt#L319

Fixes
http://autobuild.buildroot.net/results/4b8/4b8db2d520373d0c9127e0d7695b5aeda6925dc5/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

pkg-download: remove explicit PKG_VERSION from github helper

Currently it is always required to add package version as an argument to
the github helper. Since the version is always defined as PKG_VERSION,
drop this argument and generate it automatically inside the helper
routine.

The github helper function is extended to support both 2 and 3 argument
variants (ie. either use the provided package version argument or
automatically substitute with PKG_VERSION if not available), which can
make the transition of the package files easier as well allows using the
3-argument variant outside of package definitions.

Signed-off-by: Marcin Nowakowski <marcin.nowakowski@imgtec.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

shairport-sync: fix static link with mbedtls

mbedtls provided libraries are interdependent. libmbedtls depends on
libmbedx509. Both depend on libmbedcrypto. When compression is enabled
libz is also needed.

Fixes:
http://autobuild.buildroot.net/results/79d/79d9aff5edb6a767c38efb54256a4f20fc36a6ee/

Cc: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

wsapi: fix Lua 5.3 compatibility

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
[Arnout: use git-formatted patch]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

orbit: mark as only with Lua 5.1

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

lbase64: build as generic-package instead of luarocks

The author of lbase64 maintains 3 separate versions of the package for
the 3 Lua versions. Only the 5.1 version is uploaded to luarocks, so
that is the one we currently support in Buildroot.

However, the three versions are nearly identical. With a small patch,
this allows us to support all Lua versions from a single tarball.

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

gst1-plugins-bad: fix build against openjpeg 2.2

Add upstream patch to fix build against openjpeg 2.2.

Fixes [1]:

  gstopenjpeg.h:42:37: fatal error: openjpeg-2.1/openjpeg.h: No such file or directory

[1] http://autobuild.buildroot.net/results/90f1f7838f08e3a557be27470406d4d84dbcc828

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

libmbim: fix build with musl libc

Patch applied upstream:
  https://cgit.freedesktop.org/libmbim/libmbim/commit/?id=417b0b80023dc30d61c111ec0a54da2884d3a541

Fixes:
http://autobuild.buildroot.net/results/dc1/dc11a3dfd18bb7f5078de00412de82de3cce3c48

Signed-off-by: Aleksander Morgado <aleksander@aleksander.es>
[Arnout: rework commit message]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/mdadm: not available in static builds

http://git.neil.brown.name/?p=mdadm.git;a=commitdiff;h=7716570e6d906e7326f83d466f6ba73009649d03#patch9
added code to include dlfcn.h.

Fixes
http://autobuild.buildroot.net/results/163/163ad5a9f976662be8ca8664f91254f90fca8439/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

configs: new raspberrypi3 qt5we config

This config sets Qt5 WebEngine for raspberrypi 3.

Signed-off-by: Gaël PORTAY <gael.portay@savoirfairelinux.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

qt5webengine: new package

This patch is based on works [1] and [2].

With this patch, one can run the Qt5 WebEngine quicknanobrowser sample
with the following options.

BR2_TOOLCHAIN_BUILDROOT_LIBC="glibc" and
BR2_TOOLCHAIN_BUILDROOT_CXX (Qt 5 needs a toolchain w/ wchar, NPTL, C++,
dynamic library; for now it builds only with glibc)
BR2_PACKAGE_LIBERATION (Qt needs at least one font)
BR2_PACKAGE_QT5BASE_EXAMPLES (to install quicknanobrowser sample)
BR2_PACKAGE_QT5BASE_GIF (do display gif)
BR2_PACKAGE_QT5BASE_JPEG (do display jpeg)
BR2_PACKAGE_QT5BASE_PNG (do display png)
BR2_PACKAGE_QT5QUICKCONTROLS (needed by webengine)
BR2_PACKAGE_QT5QUICKCONTROLS2 (needed by webengine)
BR2_PACKAGE_QT5WEBENGINE (because it is what we want)

Qt WebEngine requires an Open(E)GL-capable backend. As an example, the
package rpi-userland must be enabled to build for a rpi.

BR2_PACKAGE_RPI_USERLAND (to enable OpenGL ES backend)

To browse for HTTPS websites, please consider adding the following
options as well for SSL/TLS.

BR2_PACKAGE_CA_CERT (for certificates)
BR2_PACKAGE_NTPD (to sync date for certificates)

Since version 5.9, chromium requires udev at runtime (see note 4).

BR2_ROOTFS_DEVICE_CREATION_DYNAMIC_EUDEV (input backend)

To run quicknanobrowser

# cd /usr/lib/qt/examples/webengine/quicknanobrowser/
# ./quicknanobrowser https://www.buildroot.org/

Note: The chromium.inc has been generated using the following command.

( echo 'CHROMIUM_LICENSE_FILES = \' &&
  cd output/build/qt5webengine-5.9.1/ && \
  find "src/3rdparty/chromium/" -type f -iname "*LICENSE*" -o -iname "*COPYING*" -o -iname "*GPL*" | \
  sed -e '/\.asm$/d' \
      -e '/\.h$/d' \
      -e '/\.c$/d' \
      -e '/\.cc$/d' \
      -e '/\.cpp$/d' \
      -e '/\.pyc\?$/d' \
      -e '/\.pl$/d' \
      -e '/\.sha1$/d' \
      -e '/\.patch$/d' \
      -e '/licensecheck/d' \
      -e 's,^,\t,' \
      -e 's,$, \\,' | \
  sort && \
  echo '' ) >package/qt5/qt5webengine/chromium.inc

Note 2: Since 5.9.1, the chromium's copy of opus fails with neon [3].
Qt WebEngine can uses buildroot ffmpeg copy which compiles fine (using
qmake flag WEBENGINE_CONFIG+=use_system_ffmpeg). It implies selecting
the following options.

BR2_PACKAGE_FFMPEG
BR2_PACKAGE_OPUS
BR2_PACKAGE_LIBVPX
BR2_PACKAGE_WEBP
BR2_PACKAGE_WEBP_DEMUX

In file included from ../../3rdparty/chromium/third_party/opus/src/silk/arm/NSQ_neon.c:31:0:
/home/gportay/src/buildroot/output-rpi3-qt5.9/host/lib/gcc/arm-buildroot-linux-gnueabihf/6.4.0/include/arm_neon.h:8997:1: error: inlining failed in call to always_inline ‘vld1q_s32’: target specific option mismatch
 vld1q_s32 (const int32_t * __a)
 ^~~~~~~~~
../../3rdparty/chromium/third_party/opus/src/silk/arm/NSQ_neon.c:40:15: note: called from here
     int32x4_t coef0 = vld1q_s32(coef32);
       ^~~~~
../../3rdparty/chromium/third_party/opus/src/silk/arm/NSQ_neon.c: At top level:
cc1: warning: unrecognized command line option ‘-Wno-#pragma-messages’

Note 3: Version 5.6.2 causes a build issue while building chromium. The
build against this version is disabled until the release 5.6.3 is out.

Note 4: Here is trace when udev does not run

# cd /usr/lib/qt/examples/webengine/quicknanobrowser
# ./quicknanobrowser
QStandardPaths: XDG_RUNTIME_DIR not set, defaulting to '/tmp/runtime-root'
Unable to query physical screen size, defaulting to 100 dpi.
To override, set QT_QPA_EGLFS_PHYSICAL_WIDTH and QT_QPA_EGLFS_PHYSICAL_HEIGHT (in millimeters).
[0101/000248.161973:WARNING:resource_bundle_qt.cpp(114)] locale_file_path.empty() for locale
[0101/000248.384693:WARNING:resource_bundle_qt.cpp(114)] locale_file_path.empty() for locale
[202:223:0101/000248.484954:FATAL:udev_loader.cc(38)] Check failed: false.
#0 0x0000742b93de <unknown>
#1 0x0000742c3c38 <unknown>
#2 0x000073e1e1aa <unknown>
#3 0x000073e1d96e <unknown>
#4 0x000073e1defa <unknown>
#5 0x000074af6364 <unknown>
#6 0x000074302878 <unknown>
#7 0x0000742c8fee <unknown>
#8 0x0000742c9f44 <unknown>
#9 0x0000742ca21e <unknown>
#10 0x0000742cac4c <unknown>
#11 0x0000742c87b2 <unknown>
#12 0x0000742da4f6 <unknown>
#13 0x000073ed9d38 <unknown>
#14 0x000073eda03c <unknown>
#15 0x0000742e9aec <unknown>
#16 0x0000742e71dc <unknown>

Aborted

Note 5: On rpi and depending on what is insinde the .config, more GPU
memory should be allocated to run properly qt samples.

#0 0x0000742c63de <unknown>
#1 0x0000742d0c38 <unknown>
#2 0x0000749d7bde <unknown>
#3 0x0000749e3c70 <unknown>
#4 0x00007530227c <unknown>
#5 0x000075302480 <unknown>
#6 0x0000752fb1e4 <unknown>
#7 0x00007430f878 <unknown>
#8 0x0000742d5fee <unknown>
#9 0x0000742d6f44 <unknown>
#10 0x0000742d721e <unknown>
#11 0x0000742d7ad6 <unknown>
#12 0x0000742d57b2 <unknown>
#13 0x0000742e74f6 <unknown>
#14 0x0000742f6a74 <unknown>
#15 0x0000742f41dc <unknown>

Received signal 6
#0 0x0000742c63de <unknown>
#1 0x0000742c66a0 <unknown>
#2 0x0000725b5d10 <unknown>
[end of stack trace]
qml: Render process exited with code 256 (abnormal exit)

# mount /dev/mmcblk0p1 /mnt
# sed '/^gpu_mem_/s,=.*,=200,' -i /mnt/config.txt
# umount /mnt

Note 6: The first patch fixes a build issue when samples are compiled
without the support of printing [4]. This patch is already merged in
branch 5.9 [5] and concerns only 5.9.1.

085c2c52 Always compile QWebEnginePage::print

It fixes the error below.

.obj/browsermainwindow.o: In function `BrowserMainWindow::printRequested(QWebEnginePage*)': browsermainwindow.cpp:(.text+0x2cc0): undefined reference to `QWebEnginePage::print(QPrinter*, QWebEngineCallback<bool> const&)'

The second patch loads both libEGL and libGLESv2 symbols implicitly
instead of loading them with explicitly using hard-coded locations. It
fixes a bug when providers of lib*GL does not create libraries named
libEGL.so.1 and libGLESv2.s2 [6]. This patch is already merged in branch
5.9 [7].

d4c621f6 Load libEGL and libGLES2 symbols implicitly

It fixes the error below.

[327:347:1221/085837:ERROR:surface_factory_qt.cpp(68)] Failed to load /usr/lib/libGLESv2.so.2: /usr/lib/libGLESv2.so.2: cannot open shared object file: No such file or directory

[1]: http://lists.busybox.net/pipermail/buildroot/2015-July/132010.html
[2]: https://patchwork.ozlabs.org/patch/640633/
[3]: https://patchwork.ozlabs.org/patch/791332/
[4]: https://bugreports.qt.io/browse/QTBUG-61510
[5]: https://codereview.qt-project.org/#/c/198041/
[6]: https://bugreports.qt.io/browse/QTBUG-57761
[7]: https://codereview.qt-project.org/#/c/199554/

Cc: Akihiko Odaki <akihiko.odaki.4i@stu.hosei.ac.jp>
Cc: Julien Corjon <corjon.j@ecagroup.com>
Signed-off-by: Gaël PORTAY <gael.portay@savoirfairelinux.com>
[Arnout:
 - move more dependencies to _ARCH_DEPENDS;
 - mention all toolchain dependencies in the comments]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

mtd-utils: add mtd test tools

Add the possibility to choose more test tools than only integck
from the MTD utils test-suite.

Move the hidden BR2_PACKAGE_MTD_TESTS configuration to the bottom
of the page and make it visible. When checked, a new list of available
binaries is displayed and may be selected and compiled into the image
with the --enable-install-tests configure script option:
- flash_torture
- flash_stress
- flash_speed
- nandbiterrs
- flash_readtest
- nandpagetest
- nandsubpagetest

Most of these tests may be performed by inserting kernel modules
which are almost legacy so having the userspace tools available
might become useful.

Legacy handling for users who had BR2_PACKAGE_MTD_INTEGCK selected is
not needed: they also have the BR2_PACKAGE_MTD_TESTS option enabled in
their .config. That option has now become a selectable option so it is
not removed any more by oldconfig.

Signed-off-by: Miquel Raynal <miquel.raynal@free-electrons.com>
[Arnout:
 - fix threads and MMU dependency;
 - order Config.in options and mtd.mk lines alphabetically;
 - add note on legacy handling to commit message.]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
fixup

.gitlab-ci.yml: update after adding bananapi_m2_plus_defconfig

Commit cef57c964284f9b545a2347dd6eb1654e03dfd6e added
bananapi_m2_plus_defconfig but forgot to update .gitlab-ci.yml. Do it
now.

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

boot/grub: remove

grub is no longer maintained: it is stuck at version 0.97 with huge
patches that have no opportunity to be applied upstream, as upstream
has even renamed it grub-legacy.

Besides, it no longer builds correctly with recent binutils versions,
and even the huge patches we could grab from Debian do not help the
slightest.

Since upstream really considers it dead, and there are at least two
alternatives (grub2 and syslinux), just remove grub.

Add a legacy entry.

Remove the test cases as well.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

fs/iso9660: remove support for grub

grub will be removed soon.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

openjpeg: fix build without C++ support

Fixes:
http://autobuild.buildroot.net/results/e2f/e2ff0a7fa2b911157edf6c43a8eed797b22edd46/
http://autobuild.buildroot.net/results/670/6706339e7df2f2e7d0d7a15663bed185ca55c2a1/

Openjpeg is written in C, but with the move to CMake the build system now
errors out if a C++ compiler isn't available.  Fix it by patching the
CMakeLists.txt to not require C++ support.

Patch submitted upstream:
https://github.com/uclouvain/openjpeg/pull/1027

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/asterisk: add optional netsnmp dependency

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/asterisk: add support for PRI signalling

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/libpri: new package

The Makefile in the package is not very versatile, so we need to go our
way to only build and install what we can.

Fixing the Makefile is not worth it, considering that we can quite
easily do all of that in our .mk.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
[Arnout: add license file hashes and use SPDX license name]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/asterisk: add support for SS7

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/libss7: new package

The Makefile in the package is not very versatile, so we need to go our
way to only build and install what we can.

Fixing the Makefile is not worth it, considering that we can quite
easily do all of that in our .mk.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
[Arnout: Add license file hash, use SPDX license name]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/asterisk: add support for dahdi

DAHDI is the 'framework' to drive actual telehony cards. Using telephony
cards without signalling is pretty much meaningless, so signalling will
be added in later commits.

libtonezone is provided by dhadi-tools, while the dahdi headers are
provided by dahdi-linux. Go figure.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/dahdi-tools: new package

Also provides libraries, so install in staging as well.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
[Arnout: add hashes for license files]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/dahdi-linux: new package

dahdi-linux provides kernel modules to drive a variety of telephony
cards, ranging from low-end one-channel to higher-end multi-channel
cards. It also provides headers for userland to talk to those cards.

With a bit of love, dahdi-linux can use our kernel-module
infrastructure. Wee! :-)

Still, there are a few specificities about dahdi-linux.

First, it needs to install a few binary firmware blobs, which it wants
to download at install time. Since we do want to be able to do
completely off-line builds, we need to downlaod them manually. So we
have the full list of firmware blobs (even if some can only be used on
an i386/x86_64 target, we still uconditionally download them), for which
we have locally-computed sha256 (no hash provided by upstream for the
blobs).

Second, the install procedure for the firmware blobs needs to have
access to the Linux kernel .config file, so it can decide whether to
install the blobs or not. We can force not to install them, but we can't
force to install them... :-/ And anyway, we'd have to do the same check
as is already done by dahdi-linux, so no need to duplicate that.

Finally, the licensing is relatively weird. Although it is obvious and
straightforward for the most part of dahdi-linux, consisting of mostly
GPLv2 and a few LGPLv2.1, there is one gotcha.

Of the firmware blobs, one is provided as a .o file, with no licensing
information whatsoever, without any source available from upstream, but
is directly linked to a GPLv2 file.

This is very concerning, but there is not much we can do about it,
except delegate to the legal reviewer whether that is acceptable or not.

AS an aside, dahdi-linux drivers do not build with a kernel 4.0 or
later, as it uses internals that have been removed in linux-4.0. There
has been no update upstream dahdi-linux to fix that. There's not much we
can do, except warn the user in the help text.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
[Arnout: use SPDX license names and add hashes for license files]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/asterisk: add optional libsrtp dependency

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/asterisk: add optional freeradius-client dependency

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/asterisk: add optional openldap dependency

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
[Arnout: --with-ldap, suggested by Bernd]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/asterisk: add optional libical dependency

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/asterisk: add optional portaudio dependency

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/asterisk: add optional libvorbis dependency

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/asterisk: add optional speex dependency

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/asterisk: add optional opus dependency

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/asterisk: add optional bluez_utils dependency

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/asterisk: add optional libogg dependency

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/asterisk: add optional neon dependency

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/asterisk: add optional alsa-lib dependency

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/asterisk: add optional support for openssl

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/asterisk: add optional zlib dependency

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/asterisk: add optional libgsm dependency

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/asterisk: enable backtrace when available

asterisk uses backtrace() from execinfo.h to print beuatiful backtraces
when it fails. But execinfo is only reliably available with glibc, while
it is optionbal in uClibc and completely missing in musl.

So, only enable backtrace support for glibc toolchains.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/asterisk: new package

Asterisk: the flagship of telephony on Linux. These are the lines of
code whose continuous mission is to power small and large enterprises
telephony systems, to boldly provide IP PBX where no one has done so
before.

But it is a hell to get compiled... :-(

For starters, it needs a host tool, menuselect, to prepare its build
configuration. Unfortunately, the way it handles menuselect does not
apply very well for cross-compilation: the main ./configure calls out to
menuselect's own ./configure, and of course that runs with the same
environement, which is wrong for cross-compilation (because of variables
like CC, CFLAGS and the likes).

Furthermore, the paths to menuselect are imbricated about everywhere in
the main Makefile, so making it find menuselect in PATH is a lost cause.

Instead, we just patch-out the handling of menuselect, build it as the
host variant and copy it in place.

Now, asterisk wants to install a default set of sound files (for
answering machine stuff, I guess). They come come pre-bundled in the
official archive [0], but the buildsystem will want to download (at
install time) the sha1 files for each sound archive, to validate that
said archive is correct. However, the download is done via plain http,
so it still risks an MITM attack. And for Buildroot, it is not always
possible to download at install time, so we patch-out the sha1 check.

[0] http://downloads.asterisk.org/pub/telephony/asterisk/releases/

The official archive contains the sound archives plus a full set of
documentation. This makes it very big. Unfortunately, the hosting site
is rather slow, topping at about ~204kbps. So we get the archive from
the official mirror on Github. But that archive is missing the sound
archives, so we download them separately.

Some tests, like the crypt() one, are broken and could not have ever
possibly worked at all. Worse, the FFmpeg test is looking for headers
that FFmpeg removed more than 10 years ago and are virtually no longer
available in any distro. So, FFmpeg support is definitely not tested
by upstream and can't possibly work at all. Finally, trying to run
test-code does not work in cross-compilation.

As a final stroke of genius, asterisk checks for the re-entrant variant
of res_ninit(), and concludes that all such functions are available,
including res_nsearch(). Uclibc-ng has the former but not the latter, so
the build fails. Since there is no cache variable for that check, we
can't pre-feed that result to configure, and fixing it is a bigger
endeavour.  So we make asterisk depend on glibc for now, until someone
is brave enough to fix it.

Almost all features are disabled for now. Support for additional
features will be added in subsequent patches now that we have a working
base.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Romain Naour <romain.naour@openwide.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
[Arnout:
 - make libilbc a mandatory dependency instead of using the bundled one;
 - add license, license files, and license file hashes;
 - minor spelling corrections;
 - remove redundant trailing backslash reported by check-package;
 - rewrap help text to 72 columns instead of 68]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
fixup

openjpeg: Fix malloc poison issue

The malloc poison issue has been fixed upstream, this patch will thus only
be temporary.

Fixes the following autobuild issues

       sparc | http://autobuild.buildroot.net/results/c1b7a316ca2a4db49023f304dbc7fd5fed05bd9d
        bfin | http://autobuild.buildroot.net/results/031ece7a72e76a9155938cb283de859bd12a8171
         sh4 | http://autobuild.buildroot.net/results/88664451f71c12ccd94e874d408fbb680bea1695
      xtensa | http://autobuild.buildroot.net/results/fbede64a5a86d4868b6da0ab1275e75803235af0
     powerpc | http://autobuild.buildroot.net/results/6c641650509048039b18fbeb010dbca0f0fc5292
microblazeel | http://autobuild.buildroot.net/results/fa2d5272b2db73cbfa441ead9250157c5626ab15
    mips64el | http://autobuild.buildroot.net/results/fc96f6628f71e05d9a74e0e13e50178d29a2c495
         sh4 | http://autobuild.buildroot.net/results/a6d6a6dcb9b4fa250edaaf5935762c5820457b23
      x86_64 | http://autobuild.buildroot.net/results/47b4ca2cc661582d86830b9353a6c8af86e4ba35
         arc | http://autobuild.buildroot.net/results/08e2e4eca6c3dbde8116a649dbf46e52ded45d10
         arc | http://autobuild.buildroot.net/results/899fa044aab7ee28acfa71544f2105da4a5c97d5
         arm | http://autobuild.buildroot.net/results/6016f6885b21d6e8c6199a6833c7acce6210ecc6
         arm | http://autobuild.buildroot.net/results/adbb3c76497e89161535c711de98809a0fa168a7
        or1k | http://autobuild.buildroot.net/results/de3ef69a72d2c2082e202fbed702c53a51274fef
    mips64el | http://autobuild.buildroot.net/results/39b186b13001a810e0992b52321f1015b445d2fd
      x86_64 | http://autobuild.buildroot.net/results/22c6a29a1ded6aedf01adfdfcf26302248dba80c
         arm | http://autobuild.buildroot.net/results/b62c54b727eb5f576c4a517a69c495b537c3b69a
        m68k | http://autobuild.buildroot.net/results/a826561c5786be5f0088b50b633210593e23ffff
         arm | http://autobuild.buildroot.net/results/d32ec927a5e4d5644cb3641014bcf6ebe5c14490

Signed-off-by: Olivier Schonken <olivier.schonken@gmail.com>
Tested-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/olsr: bump version to 0.9.6.1

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/ofono: bump version to 1.20

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/ocrad: bump version to 0.26

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

python-aiocoap: new package

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

mpd: remove version 0.19

MPD version 0.20 is affected by GCC bug 64735 and failes to build for
some archictuctures (NIOSII, ARMv4, ARMv5 and SPARCv8) with a GCC
toolchain less then version 7.

We added a version choice between 0.19 and 0.20 in Buildroot version
2017.02 as GCC 7 was not yet available at that time. This way, mpd could
still be build for those architectures.

As GCC 7 is now available in Buildroot remove the version choice for 0.19.

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

mpd: bump to version 0.20.10

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/nss-pam-ldapd: bump version to 0.9.8

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/nodm: bump version to 0.13

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

bind: use http:// instead of ftp:// for site

To avoid issues with firewalls blocking ftp.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

bind: bump to version 9.11.2

Adds support for the new ICANN DNSSEC root key for the upcoming KSK rollover
(Oct 11):

https://www.icann.org/resources/pages/ksk-rollover

For more details, see the release notes:
https://kb.isc.org/article/AA-01522

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/ninja: bump version to 1.8.2

Changelog:
https://groups.google.com/forum/#!topic/ninja-build/Xt3NdAA0KQU/discussion

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/newt: bump version to 0.52.20

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/net-tools: bump version

Removed patch, not needed anymore after upstream commits
https://sourceforge.net/p/net-tools/code/ci/ea3935bd7c0f36c86c40e5785326698fa3336c6a/
https://sourceforge.net/p/net-tools/code/ci/45d573a89386c934d3ebac499d00c1670437813b/

Added sha256 hash.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/openswan: bump version to 2.6.50

Removed patch applied upstream:
https://github.com/xelerance/Openswan/commit/0d78578d7f64c433324aa83248d11bd38f91c971

Switched _SITE to https.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/omniorb: bump version to 4.2.2

Removed patch after upstream committed a different solution:
https://sourceforge.net/p/omniorb/svn/6330/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/openntpd: bump version to 6.2p2

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

configs/qemu_arm_versatile: bump kernel to 4.13.3

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

Added support for Sinovoip BananaPi M2 Plus board.

[Peter: board is from Sinovoip, not Lemaker, move board files,
Use kernel headers from kernel, explicitly use 4.13.3,
drop eth0 dhcp config, cleanup post-build args,
disable tar output format, use u-boot custom format,
add host-dosfstools/mtools for genimage, drop unused
host-uboot-tools/genext2fs]
Signed-off-by: Mike Harmony <mike.harmony@snapav.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

libupnpp: bump to version 0.16.0

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

mongoose: don't install to target

Only a static library is built (and no _INSTALL_TARGET_CMDS are defined), so
there is no need to run the target-install step.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

mongoose: correct openssl define

NS_ENABLE_SSL was renamed to MG_ENABLE_SSL in v6.0, commit e1dd3f06fe33
(Rename Mongoose constants: NS_ -> MG_, NSF_ -> MG_F_), so use the new name
instead.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

mongoose: drop unused openssl linker flags

No linking is done since the package was reworked for v6.x in commit
9860746ff (mongoose: bump to version 6.1), so drop LDFLAGS and the list of
libraries to link against.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

mongoose: drop unused MONGOOSE_NO_DL define

This define is not used anywhere in the mongoose sources since v6.0 (commit
8927c9d22b3f), so drop it.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/pptp-linux: bump version to 1.9.0

Updated patch status of patch 0003.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/opencv: bump version to 2.4.13.3

Removed 0002-avoid-sysctl_h.patch, applied upstream:
https://github.com/opencv/opencv/commit/61936eb1a43e732e4bc1c75b63e6cab85c6f9e94#diff-f3b4393df86251f502cee9ba1da034a5

This bump includes
https://github.com/opencv/opencv/commit/70489b1e2232ead1701519e35d151670b74c3f70#diff-9076fba682f6d51a018b6de8648e1cdb
which fixes ffmpeg static linking
http://autobuild.buildroot.net/results/544/5444b0c5556a42923e3fcdae782811a805e51b1f/
http://autobuild.buildroot.net/results/44d/44d53e4c5d4570507c7e8856fb9dd0a477dcdf63/

In-source-builds are not allowed anymore:
https://github.com/opencv/opencv/commit/777a0080cbdb98761853519b3f45136727a855c2

Re-numbered remaining patches.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/php-yaml: bump version to 2.0.2

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libyaml: bump version to 0.1.7

Removed patch after upstream committed a similar patch:
https://github.com/yaml/libyaml/commit/946596172d140497b560e016e581accb0a92cca4#diff-35a172a9ca8faa1683fc747ca94681b3

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/owfs: bump version to 3.2p1

Removed patch applied upstream:
https://sourceforge.net/p/owfs/code/ci/6ff4da75c2f507e3d94fa9e01a253ccebd00b916/

Added md5 hash provided by upstream.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

luafilesystem: bump to version 1.7.0

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

libidn: add fix for CVE-2017-14062

Add upstream patch fixing CVE-2017-14062:

Integer overflow in the decode_digit function in puny_decode.c in
Libidn2 before 2.0.4 allows remote attackers to cause a denial of
service or possibly have unspecified other impact.

This issue also affects libidn.

Unfortunately, the patch also triggers reconf of the documentation
subdirectory, since lib/punycode.c is listed in GDOC_SRC that is defined
in doc/Makefile.am. Add autoreconf to handle that.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

sudo: bump to version 1.8.21p2

Switch SITE to https.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

iproute2: bump to version 4.13.0

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

configs/mx6cubox: Bump U-Boot and kernel versions

Bump U-Boot to 2017.09 version and kernel to 4.13.3.

Signed-off-by: Fabio Estevam <fabio.estevam@nxp.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

util-linux: bump to v2.30.2

Release notes:
https://www.kernel.org/pub/linux/utils/util-linux/v2.30/v2.30.2-ReleaseNotes

Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

gdk-pixbuf: security bump to version 2.36.10

Fixes the following security issues:

CVE-2017-2862 - An exploitable heap overflow vulnerability exists in the
gdk_pixbuf__jpeg_image_load_increment functionality of Gdk-Pixbuf 2.36.6.  A
specially crafted jpeg file can cause a heap overflow resulting in remote
code execution.  An attacker can send a file or url to trigger this
vulnerability.

CVE-2017-2870 - An exploitable integer overflow vulnerability exists in the
tiff_image_parse functionality of Gdk-Pixbuf 2.36.6 when compiled with
Clang.  A specially crafted tiff file can cause a heap-overflow resulting in
remote code execution.  An attacker can send a file or a URL to trigger this
vulnerability.

CVE-2017-6311 - gdk-pixbuf-thumbnailer.c in gdk-pixbuf allows
context-dependent attackers to cause a denial of service (NULL pointer
dereference and application crash) via vectors related to printing an error
message.

The host version now needs the same workaround as we do for the target to
not pull in shared-mime-info.

Also add a hash for the license file while we're at it.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

flashrom: fix static build with uClibc

Define HAVE_STRNLEN to avoid local strnlen() definition.

Fixes:
http://autobuild.buildroot.net/results/7dc/7dc4298e3a07c73e03f70205516d68a0f4c2d297/
http://autobuild.buildroot.net/results/e36/e362848eb45f6b8100131361e6e5faa546f0bbd8/
http://autobuild.buildroot.net/results/69e/69ef10ec710f418b4d10c1edb4f2ce2e49b522bf/

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

Update github hashes

It seems github now sometimes provides slightly changed tarballs which
produce a different sha256 hash than before. This commit fixes the
hashes of the packages when sources.buildroot.net does not store a copy
of the tarball matching the current hash.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/samba4: security bump to version 4.6.8

Release notes:
https://www.samba.org/samba/history/samba-4.6.8.html

Fixes
- CVE-2017-12150 (SMB1/2/3 connections may not require signing where
  they should)
- CVE-2017-12151 (SMB3 connections don't keep encryption across DFS
  redirects)
- CVE-2017-12163 (Server memory information leak over SMB1)

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/zstd: Install tools into /usr/bin, not /usr/local/bin

Install tools into /usr/bin, not /usr/local/bin, since /usr/local/bin
is not in PATH by deafault.

[Peter: set PREFIX to /usr to really install into /usr/bin]
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Tested-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python3: bump to 3.6.2

Bump Python3 version to 3.6.2.

Patches dropped:

"Support PGEN_FOR_BUILD and FREEZE_IMPORTLIB_FOR_BUILD"

Rationale: With commit 9d02f562961efd12d3c8317a10916db7f77330cc, code
generation step of building CPython now became explicit (instead of
always performed as a part of 'make' invocation) and more granular. We
no longer need to use Parser/pgen at all and tricking the build system
into using different Programs/_freeze_importlib can be done as a part
of recipe.

Additional info about the build change can be found at
https://bugs.python.org/issue23404

Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Tested-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/tvheadend: bump version

It seems github now sometimes provides slightly changed tarballs which
produce a different sha256 hash than before, this is the case for
tvheadend. Instead of fixing the hash lets bump to current HEAD and
hope that the new hash will be valid for a longer period of time ;)

Fixes
http://autobuild.buildroot.net/results/59a/59ad7940dcd498cd0aaec26c8497b21e64379a6f/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

zstd: bump to version 1.3.1

In this release zstd added the GPLv2 license and removed the PATENTS
clause (upstream commit 4f73b3b55d83b).

Cc: Andrey Smirnov <andrew.smirnov@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Tested-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Tested-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

chrony: bump version to 3.2

Also add a hash for the license file while we're at it.

[Peter: use tuxfamily.org URL for annoucement]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

chrony: add optional seccomp support

seccomp support has been available since chrony-2.2

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

lcdproc: fix build with musl libc

Add a patch adding missing linux ioctl header.

Fixes:
http://autobuild.buildroot.net/results/58a/58a9b98d08060c6ed9e8855ba9f59d03aa2f3e2c/
http://autobuild.buildroot.net/results/5b2/5b2c1bc872cebc7aadf93995b71178bba29e0b25/
http://autobuild.buildroot.net/results/125/12594e613f8fc106e477411f76093654a084c01c/

Cc: Sven Haardiek <sven.haardiek@greenbone.net>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

augeas: security bump to version 1.8.1

Fixes CVE-2017-7555 - Augeas versions up to and including 1.8.0 are
vulnerable to heap-based buffer overflow due to improper handling of escaped
strings.  Attacker could send crafted strings that would cause the
application using augeas to copy past the end of a buffer, leading to a
crash or possible code execution.

[Peter: extend description]
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

linux: bump default to version 4.13.3

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

linux-headers: bump 3.2.x and 4.{4, 9, 12, 13}.x series

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>