package/gstreamer1/gst-omx: bump to version 1.16.0

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
[Peter: fix download hash]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/gstreamer1/gst1-plugins-{base, good, bad, ugly}: bump to 1.16.0

Group these patches because of several changes to the plugin packages.

Changes:
  - Remove upstreamed patches:
      - 0001-fdkaacenc-Remove-MODE_2_1.patch
      - 0002-fdkaacdec-Use-WAV-channel-mapping-instead-of-interle.patch

  - Add BR2_PACKAGE_GST1_PLUGINS_BAD_PLUGIN_COMPOSITOR to Config.in.legacy as
    this plugin is moved to gst1-plugins-base.

  - Add BR2_PACKAGE_GST1_PLUGINS_BAD_PLUGIN_IQA to Config.in.legacy as this the
    plugin is now removed.

  - Add BR2_PACKAGE_GST1_PLUGINS_BAD_PLUGIN_OPENCV to Config.in.legacy as the
    plugin now requires opencv3 with the bgsegm opencv_contrib module, which is
    not in Buildroot.

  - Add BR2_PACKAGE_GST1_PLUGINS_BAD_PLUGIN_STEREO to Config.in.legacy as this
    plugin is merged with the audiofx plugin in gst1-plugins-good.

  - Add BR2_PACKAGE_GST1_PLUGINS_BAD_PLUGIN_VCD to Config.in.legacy as this
    plugin is removed.

  - Remove COPYING.LIB from gst-plugins-base mk file and hash file as it no
    longer exists.

  - Add BR2_PACKAGE_GST1_PLUGINS_BASE_PLUGIN_COMPOSITOR to gst1-plugins-base.mk

  - Add BR2_PACKAGE_GST1_PLUGINS_BASE_PLUGIN_OVERLAYCOMPOSITION to
    gst1-plugins-base.

  - Add mjpegtools to the dependencies of
    BR2_PACKAGE_GST1_PLUGINS_BAD_PLUGIN_MPEG2ENC

  - Remove BR2_PACKAGE_GST1_PLUGINS_BAD_PLUGIN_IQA because it now depends on
    the package dssim which isn't available in Buildroot.

  - Remove upstream patch
    0001-gstrtspconnection-Security-loophole-making-heap-over.patch

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/gstreamer1/gstreamer1: bump to version 1.16.0

Also remove upstreamed patch 0001-gstconfig.h.in-initial-RISC-V-support.patch.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/minicom: bump to version 1e84585e8e7710677b6ff9a70dce5f3ad3e23540

Remove both patches since they've been upstreamed.

Add host-pkgconf to MINICOM_DEPENDENCIES and remove:
`MINICOM_CONF_ENV = PKG_CONFIG=/bin/false` since now pkg-config is
needed to build.

Shortlog follows:
git shortlog --no-merges  19ab49422f3431102c31fea01549121385113f80..
Adam Lackorzynski (9):
      Update project URL
      Updated translations
      Updated translations: pl and sv
      Translations: regen update
      Update danish translation
      Update of danish translation
      Update README
      Formatting fix
      More friendly mbslength test

Fabrice Fontaine (1):
      src/Makefile.am: fix ascii-xfr link with lintl

Giulio Benetti (2):
      TODO: remove Utf8 bug.
      sysdep1: check if RS485 is support before setting its parameters

Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/nfs-utils: making nfs server optional

This patch makes nfs server component optional. This is useful when
only client tools are needed instead of the full nfs server.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/nfs-utils: fix unnecessary files removal

The removal of unnecessary files is currently broken by the fact that
the rm command is executed from the buildroot directory and not the
target directory.

This patch fixes the problem changing to target directory before
removing files.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/cryptopp: fix build with gcc < 4.9

Fixes:
 - http://autobuild.buildroot.org/results/7e68f32e62c34497848f0f7fc1f12dba67bf44d0

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Arnout: re-order the assignments]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/radvd: improve startup script

- Add start, stop and restart/reload options, following the logic used
  in other init scripts (e.g. S01syslogd).

- Do nothing if /etc/radvd.conf does not exist instead of printing an
  error message. It is valid to install radvd without a configuration
  file. The daemon may be started later by another service with a
  configuration created at run-time.

- Print an error message if the kernel does not support IPv6 forwarding,
  which is required by radvd.

Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

config: add defconfig for orangepi-r1

Very similar to orangepi-zero, except that the board has a 16MB SPI flash, a
2nd ethernet port is provided through a Realtek RTL8152 and wifi is provided
through a Realtek RTL8189FTV (no mainline driver, not supported).

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

configs/orangepi_zero: bump Linux to 4.19.38, U-boot to 2019.04

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/kf5-kcoreaddons: fix build with atomic

Fixes:
 - http://autobuild.buildroot.org/results/d17c2fb420e395b995b2c2eef387f0c66e89c96c

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libglib2: avoid printing null strings

GCC 9 is being stricter about passing null string pointers
to printf-like functions.

Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-numpy: bump to version 1.16.3

Remove third patch (already in version)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/openblas: bump to version 0.3.6

- Remove second and third patches (already in version)
- Add an upstream patch to fix build with glibc < 2.5

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/cryptopp: bump to version 8.2.0

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/vlc: fix build with libvpx 1.8.0

Fixes
http://autobuild.buildroot.net/results/e44/e44d5ca85be9e0dafa4a3d8b0187c54cff6e2d55/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/samba4: bump version to 4.9.7

Release notes: https://www.samba.org/samba/history/samba-4.9.7.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/php: security bump version to 7.3.5

Release notes: https://www.php.net/archive/2019.php#id2019-05-02-1

Fixes 2019-11036:
* Heap-buffer-overflow in _estrndup via exif_process_IFD_TAG

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/tor: bump version to 0.4.0.5

Release notes: https://blog.torproject.org/new-release-tor-0405

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/xdriver_xf86-video-sis: drop unneeded third patch

This patch is not needed since version 0.10.8 and:
https://gitlab.freedesktop.org/xorg/driver/xf86-video-sis/commit/0f50f8c3db2b9f1c9d4ecab8ad278e9db6418a92

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libtorrent-rasterbar: bump to version 1.2.1

Remove all patches (already in version)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

configs/armadeus_apf28_defconfig: bump Linux 4.9 version to latest one

Signed-off-by: Julien BOIBESSOT <julien.boibessot@armadeus.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

{linux, linux-headers}: bump 4.{9, 14, 19}.x / 5.0.x series

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/docker-engine: bump to version 18.09.5

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/docker-cli: bump to version 18.09.5

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/docker-containerd: bump to version 1.2.6

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/runc: bump to version 1.0.0-rc8

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/bird: BFD needs NPTL

Fixes:
 - http://autobuild.buildroot.org/results/ab9ab2cca2c191ae9a8f0ecb2aa2536a3f020301

uClibc linuxthreads does not provide pthread_spin_lock().

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/rpm: drop unneeded third patch

After upstream review, I found that the third patch is not needed, just
doing an autoreconf fix the linking issue with -lintl

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/network-manager: update to 1.18.0

A straightforward package update. Tested.

Signed-off-by: Lubomir Rintel <lkundrak@v3.sk>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

.gitlab-ci.yml: add trigger per job

Triggering a single defconfig or runtime test job can be handy:
 - when adding or changing a defconfig;
 - when adding or changing a runtime test case;
 - when fixing some bug on a use case tested by a runtime test case.

Currently there are 3 subsets of jobs that can easily be triggered by
pushing a temporary branch with specific suffix:
 - to trigger only the check-* jobs:
   $ git push gitlab HEAD:<name>                   # currently   4 jobs
 - to trigger all defconfigs and all check-* jobs:
   $ git push gitlab HEAD:<name>-defconfigs        # currently 197 jobs
 - to trigger all runtime tests and all check-* jobs:
   $ git push gitlab HEAD:<name>-runtime-tests     # currently 118 jobs

When the user wants to trigger a single defconfig or runtime test job,
hand-editing the .gitlab-ci.yml and creating a temporary commit are
currently needed.

Add 2 more subsets that can be triggered based on the name of the
branch pushed.
 - to trigger one defconfig job:
   $ git push gitlab HEAD:<name>-<defconfig name>  # currently   1 jobs
 - to trigger one runtime job:
   $ git push gitlab HEAD:<name>-<test case name>  # currently   1 jobs

The check-* jobs are fast, so there is no need to add a per job trigger
for them. Also, they are anyway triggered with every push already.

While adding those new triggers, use the full name of the job as suffix.
This leads to large branch names:
$ git push gitlab HEAD:test1-tests.toolchain.test_external.TestExternalToolchainBuildrootuClibc
$ git push gitlab HEAD:test2-olimex_a20_olinuxino_lime_legacy_defconfig
But those branches are temporary, and this way the user doesn't need to
think much, just copy and paste the job name as suffix.

The hidden keys that now hold the commonalities between jobs does not
hold only a script anymore, so rename then from *_script to *_base.

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Matt Weber <matthew.weber@rockwellcollins.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[Arnout: squash two patches]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/systemd: fix build due to missing -lrt

Fixes:
 - http://autobuild.buildroot.org/results/a27d2e865ca620b6b2c6f39a07385f74fcfbb385

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/systemd: fix patch order

Rename 0002-install-don-t-use-ln-relative.patch to
0001-install-don-t-use-ln-relative.patch as there is two 0002-xxx
patches

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/network-manager: don't use --disable-crashtrace

It was removed long ago and does nothing.

Signed-off-by: Lubomir Rintel <lkundrak@v3.sk>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/libtorrent-rasterbar: needs gcc >= 4.9

Needs C++11 since bump to version 1.2.0

Fixes:
 - http://autobuild.buildroot.org/results/73481ae2e5736c8042ec7911f1378623bd3de74d

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/liburiparser: fix build without C++

Fixes:
 - http://autobuild.buildroot.org/results/1e191676f28905a81de6282e07978aa5d4f02039

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/gerbera: fix build with latest exiv2

After the bump to exiv2 0.27.1 a build error due to missing header
inclusion appeared.

Fixes:
http://autobuild.buildroot.net/results/3831acf7f4c5a9f1a404e0ced3d6bec7a2249601/
http://autobuild.buildroot.net/results/de0545462c6017fe54acc284b914b9fa8b0172d8/

The patch is waiting merge into the mainline
https://github.com/gerbera/gerbera/pull/457

Signed-off-by: Nicolas Serafini <nicolas.serafini@sensefly.com>
[Arnout: include as a patch instead of downloading it, due to hash]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/mono: bump to version 5.20.1.27

This patch bumps mono to version 5.20.1.27 and it's monolite dependency
to version B886E13F-6276-4BE5-85F8-C6BF5EDBD200.
It also adapt the monolite path to updated mono version.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-pillow: bump to version 6.0.0

This patch bumps python-pillow to version 6.0.0.
Hash for LICENSE file is changed because of a copyright year update.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/uboot-tools: fix build with host-openssl

As suggested by Arnout during review of previous iteration, add a patch
to uboot-tools so it uses CFLAGS and not HOSTCFLAGS when building cross
tools

Fixes:
 - http://autobuild.buildroot.org/results/915b509e814bda16be54a24276b9c740c51e5770

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/libzip: add host variant

The updated host mfgtool package needs the host variant of libzip.

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/python-flask-sqlalchemy: bump to version 2.3.2

Also update hash for license file due to additional information.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-sqlalchemy: bump to version .3.3

Also update hash for license file due to copyright year bump.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-flask: bump to version 1.0.2

Also add hash for the license file.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-jinja2: bump to version 2.10.1

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-mutagen: bump to version 1.42.0

Also add hash for the license file.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-psycopg2: bump to version 2.8.2

Also remove upstream patch and change the hash for the license file due to
url changes.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-itsdangerous: bump to version 1.1.0

Also add a hash for the license file, and change the license file to LICENSE.rst
as LICENSE no longer exists.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-werkzeug: bump to version 0.15.2

Also add hash for the license file, and change the license file to LICENSE.rst
as LICENSE no longer exists.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-markupsafe: bump to version 1.1.1

Also add hash for the license file.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-pip: bump to version 19.1

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python{3}-setuptools: bump to version 41.0.1

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/mjpegtools: install to staging

The mpeg2enc plugin in gst1-plugins-bad now depends on mjpegtools.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libvpx: bump to version v1.8.0

The gst1-plugins-good 1.16.0 vpx plugin requires libvpx v1.8.0

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/netcat-openbsd: switch to new upstream URL

anonscm.debian.org has been discontinued and now hosts a page pointing
to salsa.debian.org.  Switch to the new upstream URL, explicitly setting
the method to git now that we use an HTTPS URL.

Signed-off-by: John Keeping <john@metanate.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/luv: bump to version 1.28.0-1

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/luarocks: bump to version 3.1.0

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

configs/atmel_sama5d27_som1: bump to linux4sam_6.0

This commit :
- bumps Linux & U-Boot to linux4sam_6.0.
- bumps at91bootstrap to v3.8.12.
- removes old in-tree dts (now in dt-overlay-at91 [1][2])
- adapts genimage accordingly.

[1] https://github.com/linux4sam/dt-overlay-at91/tree/master/sama5d27_som1_ek
[2] http://www.at91.com/linux4sam/bin/view/Linux4SAM/DT-Overlay

Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

configs/qemu_xtensa_lx60_*: kernel build needs mkimage

Following ffbe46a5295 ("linux: simplify LINUX_BUILD_CMDS"), the Linux
kernel build for these xtensa qemu builds an image format that needs
mkimage.

Reported-by: Jugurtha BELKALEM <jugurtha.belkalem@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Jugurtha BELKALEM <jugurtha.belkalem@smile.fr>
Cc: Max Filippov <jcmvbkbc@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Reviewed-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/dovecot-pigeonhole: bump version to 0.5.6

Release notes:
https://dovecot.org/pipermail/dovecot-news/2019-April/000411.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/dovecot: security bump to version 2.3.6

Fixes
* CVE-2019-11494: Submission-login crashed with signal 11 due to null
  pointer access when authentication was aborted by disconnecting.
* CVE-2019-11499: Submission-login crashed when authentication was
  started over TLS secured channel and invalid authentication message
  was sent.

Release notes:
https://dovecot.org/pipermail/dovecot-news/2019-April/000408.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-ply: add host variant

Commit 89e70a7077 (package/bind: fix python build) added a dependency on
host-python-ply to bind, which doesn't exist. Add it.

Fixes:
 - http://autobuild.buildroot.org/results/a68251773f61c3463f4d18aa626c83df70126afc

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Peter: reword / add commit reference]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

DEVELOPERS: Add Carlos Santos for liburiparser

Signed-off-by: Carlos Santos <unixmania@gmail.com>
[Peter: sort alphabetically]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/liburiparser: bump to version 0.9.3

Version 0.9.3 is a fix-up to 0.9.2. Combined, releases 0.9.2 and 0.9.3
feature:

- Migration from GNU autotools to CMake
- Link fixes for use of uriparser from C++ code
- Library visibility fixes / introduction of -fvisibility=hidden

For more details please check the change log at

   https://github.com/uriparser/uriparser/blob/uriparser-0.9.3/ChangeLog

Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/strace: bump to version 5.0

Drop patches; issues fixed upstream.

Update license file hash due to copyright year update.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libzip: bump to version 1.5.2

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/popt: add hash for the license file

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/luv: bump to version 1.28.0-0

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/shairport-sync: bump to version 3.2.2

Drop patches 0001 and 0002 which are included in the new version.

Add hash for the license file.

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/luajit: add hash for the license file

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/tpm2-totp: fix menu prompt

It must be "tpm2-totp", not "tpm2-tools" (probably a copy/paste issue).

Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/strace: disable build for nds32

Current version of strace does not support nds32.

Fixes:
http://autobuild.buildroot.net/results/05ec776548c9bede4878d4c3c43040c5b0aac182
http://autobuild.buildroot.net/results/24023f2fa3dbf7c281726abdbfd4322badaffbfb

Cc: Nylon Chen <nylon7@andestech.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

linux: bump Linux CIP to version v4.19.13-cip1

This patch bumps CIP to the latest SLTS version v4.19.13-cip1.
Kernel based on 4.4 is not deprecated, it will continue to be supported
as planned by the CIP foundation.
If the 4.4 version is needed, it should be selected manually.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/gst1-plugins-base: add upstream SA-2019-0001 security fix

Fixes the following security issue:

CVE-2019-9928: GStreamer before 1.16.0 has a heap-based buffer overflow in
the RTSP connection parser via a crafted response from a server

For more details, see the advisory:
https://gstreamer.freedesktop.org/security/sa-2019-0001.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/go: bump version to 1.12.4

Fixes a number of issues discovered since 1.12.1.  From the release notes:

go1.12.2 (released 2019/04/05) includes fixes to the compiler, the go
command, the runtime, and the doc, net, net/http/httputil, and os packages.
See the Go 1.12.2 milestone on our issue tracker for details.

go1.12.3 (released 2019/04/08) was accidentally released without its
intended fix.  It is identical to go1.12.2, except for its version number.
The intended fix is in go1.12.4.

go1.12.4 (released 2019/04/11) fixes an issue where using the prebuilt
binary releases on older versions of GNU/Linux led to failures when linking
programs that used cgo.  Only Linux users who hit this issue need to update.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/imagemagick: security bump to version 7.0.8-42

Fixes the following security issues:

- CVE-2019-9956: In ImageMagick 7.0.8-35 Q16, there is a stack-based buffer
  overflow in the function PopHexPixel of coders/ps.c, which allows an
  attacker to cause a denial of service or code execution via a crafted
  image file.

- CVE-2019-10650: In ImageMagick 7.0.8-36 Q16, there is a heap-based buffer
  over-read in the function WriteTIFFImage of coders/tiff.c, which allows an
  attacker to cause a denial of service or information disclosure via a
  crafted image file.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/intel-mediasdk: fix license

Fixes:
 - http://autobuild.buildroot.org/results/5730991fded5ab3474cd0325b399f6f27972ca81

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-reentry: bump to version 1.3.1

Also update dependency list.

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/subversion: fix build with NLS

Fixes:
 - http://autobuild.buildroot.org/results/098a05b397ba1b05df561b6872b39e17a2bf27df

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

DEVELOPERS: Add Carlos Santos for tpm2-totp

[Peter: reword]
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/exiv2: bump to version 0.27.1

Signed-off-by: Nicolas Serafini <nicolas.serafini@sensefly.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

{linux, linux-headers}: bump 4.{4, 9, 14, 19}.x / 5.0.x series

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

docs/website: update for 2019.02.2

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

Update for 2019.02.2

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 3b4b3e7cd4618e56f5c6a8ea098ffd573a2e868e)
[Peter: drop Makefile changes]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/bind: fix python build

A check for python-ply has been added as this is a dependency of the
dnssec-keymgr script so install host-python-ply to avoid a build failure
if python-ply is not installed on host

Fixes:
 - http://autobuild.buildroot.org/results/96815b1300547c976443bf74b762febdfcc8d3ba

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/qemu: unset TARGET_DIR

qemu uses TARGET_DIR internally, and it is at least used to display the
shortened compiling commands, like (with a TARGET_DIR=/path/to/target):

    CC /path/to/targetblock/write-threshold.o

VS

    CC block/write-threshold.o

There does not seem to be any adverse effect to that, but this is very
confusing to see, especially when building the host variant.

Fix that by unsetting TARGET_DIR prior to building.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/gst1-plugins-base: drop legacy remnant comment

In 76722342000d (gst1-plugins-base: bump version to 1.12.0), the unknown
options were removed, but the comment associated to --disable-gio_unix_2_0
was left out.

Drop it now.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/binutils: don't override the build command

In 1d42d0acca (binutils: ensure TARGET_CONFIGURE_ARGS is taken into
consideration for subdirs), the whole BUILD_CMDS was overriden in an
attempt to ensure that the target configure args (in fact, environment
variables) are indeed passed in the environment of the build command.

However, there is no reason to override the whole command, when we can
simply specify additional environment variables, as supported by the
autotools infra.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/xapp_xload: fix build with NLS

Fixes:
 - http://autobuild.buildroot.org/results/a69b957d0f3251031b0c67e951ba8fb8d1043ce0

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libcamera: bump to version ab0188fc8bbb6f397ac3aa11c9377662b7bd88b0

Build failures due to:
`fatal error: sys/auxv.h: No such file or directory`
have been fixed upstream.

Fixes:
http://autobuild.buildroot.net/results/158/158950190141b4f1b0a3d7813322d3971bb8ba75/

Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Acked-by: Kieran Bingham <kieran.bingham@ideasonboard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/perl-mojolicious: bump to version 8.15

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/perl-module-build: bump to version 0.4229

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/perl-mail-dkim: bump to version 0.55

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/perl-http-headers-fast: bump to version 0.22

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/xapp_xfd: fix build with NLS

Fixes:
 - http://autobuild.buildroot.org/results/e6009f0232eb60ed10eb46b39edf125369eb12e1

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/{mesa3d, mesa3d-headers}: bump version to 19.0.3

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/wpa_supplicant: add upstream 2019-5 security patches

Fixes the following security vulnerabilities:

EAP-pwd implementation in hostapd (EAP server) and wpa_supplicant (EAP
peer) was discovered not to validate fragmentation reassembly state
properly for a case where an unexpected fragment could be received. This
could result in process termination due to NULL pointer dereference.

For details, see the advisory:
https://w1.fi/security/2019-5/eap-pwd-message-reassembly-issue-with-unexpected-fragment.txt

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/hostapd: add upstream 2019-5 security patches

Fixes the following security vulnerabilities:

EAP-pwd implementation in hostapd (EAP server) and wpa_supplicant (EAP
peer) was discovered not to validate fragmentation reassembly state
properly for a case where an unexpected fragment could be received. This
could result in process termination due to NULL pointer dereference.

For details, see the advisory:
https://w1.fi/security/2019-5/eap-pwd-message-reassembly-issue-with-unexpected-fragment.txt

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libpng: security bump to version 1.6.37

Fixes the following security issue:

CVE-2019-7317: png_image_free in png.c in libpng 1.6.36 has a use-after-free
because png_image_free_function is called under png_safe_execute.

Update license hash for a change in copyright year and typo fixes.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/bind: security bump to version 9.11.6-P1

Fixes the following security issues:

 - CVE-2018-5743: Limiting simultaneous TCP clients is ineffective
   https://kb.isc.org/docs/cve-2018-5743

 - CVE-2019-6467: An error in the nxdomain redirect feature can cause
   BIND to exit with an INSIST assertion failure in query.c
   https://kb.isc.org/docs/cve-2019-6467

 - CVE-2019-6468: BIND Supported Preview Edition can exit with an
   assertion failure if nxdomain-redirect is used
   https://kb.isc.org/docs/cve-2019-6468

Add an upstream patch to fix building on architectures where bind does not
implement isc_atomic_*.

Upstream moved to a 2019 signing key, so update comment in .hash file.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>