package/tvheadend: bump version

Removed patch which was applied upstream.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libssh: bump to version 0.9.0

Drop upstream patches.

Cc: Scott Fan <fancp2007@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-scandir: bump to version 1.10.0

See https://github.com/benhoyt/scandir/releases

Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-libusb1: bump to version 1.7.1

See https://pypi.org/project/libusb1/#id40

Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-can: bump to version 3.3.0

See https://github.com/hardbyte/python-can/releases

Also add a patch removing the pytest-runner dependency.

Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-zeroconf: bump to version 0.23.0

See https://github.com/jstasiak/python-zeroconf#changelog

Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/p11-kit: bump version to 0.23.16.1

Added license hash, switched _SITE to github, previous URL is broken.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/pcre2: bump version to 10.33

Release notes:
https://lists.exim.org/lurker/message/20190304.181617.bc5235a2.en.html
http://www.pcre.org/news.txt
https://lists.exim.org/lurker/message/20190416.154043.a260ee6c.en.html

Updated license hash after update of copyright year in upstream commit
https://vcs.pcre.org/pcre2/code/tags/pcre2-10.33/LICENCE?r1=1087&r2=1001

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/pcre: bump version to 8.43

Release notes:
https://lists.exim.org/lurker/message/20190125.161413.ce45dfd2.en.html
https://lists.exim.org/lurker/message/20190223.165009.b0fb3c20.en.html

Updated license hash after update of copyright year in upstream commit
https://vcs.pcre.org/pcre/code/tags/pcre-8.43/LICENCE?r1=1749&r2=1734

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/gnutls: bump version to 3.6.8

Release notes:
https://lists.gnupg.org/pipermail/gnutls-help/2019-May/004527.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/nettle: bump version to 3.5.1

Release notes:
http://lists.lysator.liu.se/pipermail/nettle-bugs/2019/007593.html

Removed patch which was applied upstream.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/mbedtls: bump version to 2.16.2

See changelog: https://tls.mbed.org/tech-updates/releases/mbedtls-2.16.2-and-2.7.11-released

Fixes:
 - http://autobuild.buildroot.net/results/7c0/7c09c80a376cf0c4c23a3cf48314806de9251544/

Also add a patch to fix the build issue by requiring at least
ARMv6 in addition to the DSP feature.

Signed-off-by: Joris Offouga <offougajoris@gmail.com>
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/python-django: security bump to version 2.1.10

Fixes the following security vulnerabilities:

CVE-2019-12781: Incorrect HTTP detection with reverse-proxy connecting via
HTTPS

For more details, see the announcement:
https://www.djangoproject.com/weblog/2019/jul/01/security-releases/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/x11r7/xserver_xorg-server: add license hash

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/x11r7/xlib_libXxf86vm: add license hash

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/x11r7/xlib_libXv: add license hash

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/x11r7/xlib_libXres: add license hash

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/x11r7/xlib_libXrender: add license hash

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/x11r7/xlib_libXfont2: add license hash

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/x11r7/xlib_libXfont: add license hash

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/x11r7/xlib_libXfixes: add license hash

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/x11r7/xfont_font-util: add license hash

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/x11r7/xfont_font-misc-misc: add license hash

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/x11r7/xfont_font-cursor-misc: add license hash

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/x11r7/xfont_font-alias: add license hash

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/x11r7/xapp_bdftopcf: add license hash

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/wayland: add license hash

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/rpi-userland: add license hash

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/rpi-firmware: add license hash

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
[Arnout: fix path to license file]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/mtools: add license hash

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/libtheora: add license hashes

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/libsigc: add license hash

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/libsha1: add license hash

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/libpthread-stubs: add license hash

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/dosfstools: add license hash

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/x11r7/xlib_libX11: don't require static libc on host

As per: https://gitlab.freedesktop.org/xorg/lib/libx11/commit/4645e219133458781e3fb48eaea6a74cccb1b9aa

"For Windows targets, libtool uses a wrapper executable, not a wrapper
script (see [1]), which it compiles with the host compiler.  This
doesn't work when cross-compiling."

Because of this change, builds fail on Linux hosts without a static
libc. This patch reverts this change as we are guaranteed to build in a
Linux environment.

Fixes:
http://autobuild.buildroot.net/results/ac7c777e5fe31b6eda8b8b662881b07299e57ae9

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/x11r7/xlib_libX11: backport patch to detach makekeys from X headers.

>From https://gitlab.freedesktop.org/xorg/lib/libx11/commit/0327c427d62f671eced067c6d9b69f4e216a8ca

With 1.6.8, there's no real reason to demand the X
headers be installed for both the build and target machines if cross-
compiling.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/x11r7/xlib_libX11: drop post patch hooks

X11_CFLAGS no longer exists in version 1.6.8 of libX11, making the
XLIB_LIBX11_DISABLE_MAKEKEYS_X11_CFLAGS post patch hook useless.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

Standardize Adam Duskett's email address

Globally change Adam Duskett's email address to aduskett@gmail.com.

Note that one or two of the patches may have been applied upstream with
the old email address, but in that case those patches will anyway be
removed when bumping.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/glibmm: bump to version 2.60.0

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/faad2: add upstream security fixes

CVE-2018-20194: Stack buffer overflow on invalid input

CVE-2018-20362: Null pointer dereference when processing crafted AAC
input

Add two more crash fixes from upstream.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/ipset: bump to version 7.2

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/iptables: bump to version 1.8.3

Drop upstream patches.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/libnftnl: bump to version 1.1.3

Rebase patch #1.

Cc: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

utils/check-package: Add a quiet flag

When running in a CI system, stat messages become white noise. Introduce
an option to suppress non-error, non-warning, messages.

Signed-off-by: Brandon Maier <brandon.maier@rockwellcollins.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

boot/barebox: needs host-{flex,bison}

Barebox starting from 2019.02 no longer ships flex/bison generated
parser. Add conditional kconfig dependencies, same as we did for kernel
and uboot.

Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/irssi: security bump to version 1.0.8

Fixes the following security vulnerability:

CVE-2019-13045: Use after free when sending SASL login to the server found
by ilbelkyr

For more details, see the advisory:
https://irssi.org/security/html/irssi_sa_2019_06/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

core/pkg-infra: really build all dependencies of foo with foo-depends

Currently, foo-depends only builds build dependencies. This means that
download and extract dependencies are not built.

First, but a minor point, this is inconsistent with foo-show-depends,
which does display all dependencies:

    $ make host-gzip-show-depends
    host-skeleton host-tar
    $ make host-gzip-depends
        # Only host-skeleton is built and installed

Second, and more important, it makes it more difficult to preapre a
debug build, like so:

    $ make foo-depends
    $ tar cf output.tar output
    $ make foo
        # bummer, broken
        # edit foo.mk to try and fix it
    $ rm -rf output; tar xf output.tar
        # rince and repeat

Change foo-depends so that it really builds all the dependencies for
foo, bringing it on-par with foo-show-depends.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/libglib2: fix build on ARM in Thumb mode

Commit 4102db0f7 (package/libglib2: bump to version 2.60.3) did convert
libglib2 over to meson. In doing so, it left a very corner-case along.

When the target is an ARM CPU and the build is in thumb mode, then we
want to ensure that libglib2 is still built in arm mode (because of
inline asm).

But with meson, CFLAGS from the environment are passed to the host
compiler, so the build breaks, and the meson log contains:

    Appending CFLAGS from environment: '-D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64  -Os   -marm'
    No LDFLAGS in the environment, not changing global flags.
    No CPPFLAGS in the environment, not changing global flags.
    Sanity testing C compiler: cc
    Is cross compiler: False.
    Sanity check compiler command line: cc -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -Os -marm [...]/build/libglib2-2.60.4/build/meson-private/sanitycheckc.c -o [...]/build/libglib2-2.60.4/build/meson-private/sanitycheckc.exe
    Sanity check compile stdout:
    -----
    Sanity check compile stderr:
    cc: error: unrecognized command line option ‘-marm’; did you mean ‘-mabm’?
    -----
    meson.build:1:0: ERROR: Compiler cc can not compile programs.

Fix that by using the new per-package CFLAGS feature of the meson infra.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Cc: Adam Duskett <aduskett@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/libglib2: fix NLS build on musl and uclibc

libglib2 uses a very crude and error-prone way to detect the intl
functions, which basically fails when the C library is not glibc.

There is a bug report about this in upstream meson [1], but it doesn't
seem to get any progress. Fixing that properly in Buildroot looks
complicated.

Now that a meson package can specify its LDFLAGS, use that to pass the
infrastructure-provided TARGET_NLS_LIBS to link with.

Fixes:
    http://autobuild.buildroot.org/results/f0d/f0d85d76786343d767fba9c7c5c01f042ecfc018/
    [...]

[1] https://github.com/mesonbuild/meson/issues/3740

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Adam Duskett <aduskett@gmail.com>
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

infra/pkg-meson: allow packages to pass custom compiler/linker flags

Meson does not allow to pass CFLAGS/LDFLAGS/CXXFLAGS via the environment
or via command-line arguments or options (instead, those flags from the
environment are passed to the host compiler, which is seldom what we
need). The only way to pas those flags is via the cross-compilation.conf
file.

Add LIBFOO_CFLAGS, LIBFOO_LDFLAGS and LIBFOO_CXXFLAGS variables to allow
packages to provide their own flags, possibly overriding the generic
ones entirely, as we allow for other infras. Those per-package flags will
then be used to generate the per-package cross-compilation.conf.

This means that the meson infra is the first and only infra for which
FOO_CFLAGS, FOO_LDFLAGS, and FOO_CXXFLAGS are meaningful, while for the
other infras, they are just variables private to the package itself.
Instead of naming those variables after the meson infra (e.g.
FOO_MESON_CFLAGS), we name them with a generic name, as maybe, just
maybe, we could also change the other infras to also recognise those
variables.

Just like for the HOST_MESON_SED_CFLAGS etc., we need to add auxiliary
variables to do convert the shell-formatted argument list into the
JSON-formatted list that meson expects. We can't use a pure-make
construct because the CFLAGS can contain quoting that needs to be
expanded by the shell. Similarly, we need a condition on the strip'ed
variable to avoid passing empty arguments.

To mimic this feature for packages that are built from the SDK, we also
install a templatised version of cross-compilation.conf, with three new
placeholders for custom flags. If a user wants to build a package that
needs custom flags, they can use that template to generate a per-package
cross-compilation.conf.

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Adam Duskett <aduskett@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Tested-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/meson: fix empty arguments in cross-compilation.conf

When TARGET_CFLAGS (or _LDFLAGS or _CXXFLAGS) are empty, but were
constructed by appending other variables, like:

    TARGET_CFLAGS = $(SOMETHING) $(SOMETHING_ELSE)

and both variables are empty, then $(TARGET_CFLAGS) is _not_ the
null-string; it's value is a string made of a single space.

This means that the construct:

    $(if $(TARGET_CFLAGS),true,false)

will in fact return 'true'.

In our case, it means that we will call:

    `printf '"%s", ' `

which expands to just:

    "",

which we are then happy to insert as-is in the generated
cross-compilation.conf.

Then meson, will happily call the compiler with an empty argument.

The compiler is less happy, though:

    arm-none-linux-gnueabi-gcc: error: : No such file or directory

And this is not even trivial to debug either... The only clue being that
there seems to be something missing between ': :'

We fix that testing the $(strip)ed value. We can still pass the
non-$(strip) expansion, because the shell will just do it for us, and we
are then sure there is at least one non-blank word in there.

Thanks a lot to Adam for his invaluable help debugging this!

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Adam Duskett <aduskett@gmail.com>
Cc: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

support/testing: openjdk JNI test cases

This test case builds a native library and ensures a Java class can load
and interact with the native library. The test also verifies Java code
can make system calls via the native library.

Signed-off-by: Daniel J. Leach <dleach@belcan.com>
Acked-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Tested-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/openjdk and package/openjdk-bin: bump to version 12.0.1+12

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
[Arnout: rebase after change of version formatting]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

python-inflection: new package

A string transformation library that singularizes and pluralizes English
words, and transforms strings from CamelCase to underscored string.
Inflection is a port of Ruby on Rails' inflector to Python.

https://github.com/jpvanhal/inflection

Signed-off-by: John Faith <jfaith@impinj.com>
[Arnout: select unicodedata, add hash for license file]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/rtmpdump: Add patch to include limits.h

Fixes:
http://autobuild.buildroot.net/results/8fd/8fd65149bdbbaf5dcb8e6a9d543f4224875bb156/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/eudev: remove patches

Both were committed upstream:
https://github.com/gentoo/eudev/commit/2cb6b734de901dda6e631de5dffbd4cb8e165cbb
https://github.com/gentoo/eudev/commit/906654a0ab73dd488b101a2047c3c6a1205f7548

Reported-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/dialog: fix build with NLS

Fixes:
 - http://autobuild.buildroot.org/results/9287ffbb86a7dc09cda5f99f87445fa884e77625

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/expat: security bump to version 2.2.7

Fixes the following security vulnerabilites:

CVE-2018-20843: In libexpat in Expat before 2.2.7, XML input including XML
names that contain a large number of colons could make the XML parser
consume a high amount of RAM and CPU resources while processing (enough to
be usable for denial-of-service attacks).

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/docker-cli: security bump to version 18.09.7

Fixes CVE-2018-15664: API endpoints behind the 'docker cp' command are
vulnerable to a symlink-exchange attack with Directory Traversal, giving
attackers arbitrary read-write access to the host filesystem with root
privileges, because daemon/archive.go does not do archive operations on a
frozen filesystem (or from within a chroot).

And includes additional post-18.09.6 fixes:

Builder
- Fixed a panic error when building dockerfiles that contain only comments.
  moby/moby#38487
- Added a workaround for GCR authentication issue. moby/moby#38246
- Builder-next: Fixed a bug in the GCR token cache implementation
  workaround.  moby/moby#39183

Runtime
- Added performance optimizations in aufs and layer store that helps in
  massively parallel container creation and removal.  moby/moby#39107,
  moby/moby#39135
- daemon: fixed a mirrors validation issue. moby/moby#38991
- Docker no longer supports sorting UID and GID ranges in ID maps.
  moby/moby#39288

Logging
- Added a fix that now allows large log lines for logger plugins.
  moby/moby#39038

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/docker-engine: security bump to version 18.09.7

Fixes CVE-2018-15664: API endpoints behind the 'docker cp' command are
vulnerable to a symlink-exchange attack with Directory Traversal, giving
attackers arbitrary read-write access to the host filesystem with root
privileges, because daemon/archive.go does not do archive operations on a
frozen filesystem (or from within a chroot).

And includes additional post-18.09.6 fixes:

Builder
- Fixed a panic error when building dockerfiles that contain only comments.
  moby/moby#38487
- Added a workaround for GCR authentication issue. moby/moby#38246
- Builder-next: Fixed a bug in the GCR token cache implementation
  workaround.  moby/moby#39183

Runtime
- Added performance optimizations in aufs and layer store that helps in
  massively parallel container creation and removal.  moby/moby#39107,
  moby/moby#39135
- daemon: fixed a mirrors validation issue. moby/moby#38991
- Docker no longer supports sorting UID and GID ranges in ID maps.
  moby/moby#39288

Logging
- Added a fix that now allows large log lines for logger plugins.
  moby/moby#39038

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/libcamera: bump to version caf25dc5cfd11b965316f02610d49ae3d886716b

Buildroots autobuild identified a failure on GCC v6.2 and GCC v6.3,
producing the following warning (reported as error due to -Werror):

  event_dispatcher_poll.cpp:231:13: error: types may not be defined
      in a for-range-declaration [-Werror]

              for (const struct pollfd &pfd : pollfds) {
                         ^~~~~~
              cc1plus: all warnings being treated as errors

A fix has been integrated upstream, bump the package to incorporate it.

Fixes: http://autobuild.buildroot.net/results/f6dd4c60c04892c8b1669e6000fce7edb2b6349e/
Signed-off-by: Kieran Bingham <kieran.bingham@ideasonboard.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libinput: bump version to 1.13.3

For details see [1].

[1] https://lists.freedesktop.org/archives/wayland-devel/2019-June/040650.html

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libevdev: bump version to 1.7.0

For details see [1] and [2].

[1] https://lists.freedesktop.org/archives/input-tools/2019-May/001511.html
[2] https://lists.freedesktop.org/archives/input-tools/2019-June/001512.html

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/bzip2: add upstream security fix for CVE-2019-12900

Patch to resolve cve-2019-12900 which affects bzip2 versions 1.0.6 and older

More information can be found at
https://nvd.nist.gov/vuln/detail/CVE-2019-12900

Signed-off-by: Jared Bents <jared.bents@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

{linux, linux-headers}: bump 4.{4, 9, 14, 19}.x / 5.1.x series

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

board/qemu: ensure root is available before mounting it

On my machine, it happens once in a while that the virtualised machine
boots too fast for the rootfs to be available at the time the kernel
tries to mount it.

For example, board/qemu/arm-vexpress/readme.txt suggested changing
"-smp 1" up to "-smp 4". But doing so here causes a kernel panic:

    VFS: Cannot open root device "mmcblk0" or unknown-block(0,0): error -6
    Please append a correct "root=" boot option; here are the available partitions:
    1f00          131072 mtdblock0
     (driver?)
    1f01           32768 mtdblock1
     (driver?)
    Kernel panic - not syncing: VFS: Unable to mount root fs on
    unknown-block(0,0)

So, add the oh-so-useful 'rootwait' option to all kernel command lines
for qemu defconfigs.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Joel Stanley <joel@jms.id.au>
Cc: Mark Corbin <mark.corbin@embecosm.com>
Cc: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/icu: adjust version information

The icu upstream developers have a strange way of labelling their versions:

 - The Github tags are named release-XX-Y, and therefore the versions
   referenced by by Release Monitoring look like 60-2 or 64-1.

 - The tarballs contain the version with an underscore separator, i.e
   60_2 or 64_1.

 - The directories on http://download.icu-project.org/files/icu4c/
   contain the version with a dot separator, i.e 60.2 or 64.1.

In order to have our <pkg>_VERSION match the one on Release
Monitoring, we adjust it to use the underscore separator, and then
further tweak the ICU_SOURCE and ICU_SITE definitions to keep
everything working.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/dtv-scan-tables: bump version

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/x264: bump version to 20190623-2245

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/{mesa3d, mesa3d-headers}: bump version to 19.0.7

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-paramiko: bump to version 2.6.0

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/weston: bump to version 6.0.1

Removed patch which has now been committed upstream.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libglib2: security bump to version 2.60.4

Fixes critical CVE-2019-12450:
  https://nvd.nist.gov/vuln/detail/CVE-2019-12450

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libvncserver: fix static build with openssl

Fixes:
 - http://autobuild.buildroot.org/results/c3f75480cb4b8b042cdf6a34cc5568ea13e51342

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/hiawatha: bump to version 1.9

See https://gitlab.com/hsleisink/hiawatha/-/releases

Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/harfbuzz: fix build without cairo-svg

Fixes:
http://autobuild.buildroot.org/results/f6c0b85fa476e0f52cc06f0133d2e4f9920f7556
test-ot-color.cc:40:10: fatal error: cairo-svg.h: No such file or directory
   40 | #include <cairo-svg.h>
      |          ^~~~~~~~~~~~~

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libcdaudio: fix build with toolchains lacking C++ support

When the target toolchain does not support C++, the provided
libcdaudio configure script tries to run a check with the C++
pre-processor provided by the host (/lib/cpp) which may not exist on
some systems.

This issue is fixed by autoreconfiguring the package, as newly
generated configure scripts do not have this issue.

Fixes:

  http://autobuild.buildroot.net/results/f725a41ef992c42ceef7514d1a8dcac99e6b9114/

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Acked-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

utils/test-pkg: clean output dir for successful builds

test-pkg will use gigabytes of space when testing all toolchains.
Nevertheless, you are normally only interested in the actual build / host
tree when there is a build failure.

Do a 'make clean' for successful builds to save disk space, unless the new
option '-k/--keep' is set.
Note that the logfile and configuration is always retained for inspection.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Acked-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

utils/test-pkg: fix long option parsing

The long option parsing of test-pkg is broken because:
- some long options are not declared
- there should be a comma between long options, the colon does not replace
it.

This change also revealed that the declaration of 'toolchains-dir' should
have been 'toolchains-csv', originally introduced in commit ed59f81a3cb4ddb.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Acked-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/linux-firmware: add options for MT7650/MT76x2e firmware

Add options to install the MT7650 bluetooth firmware and the MT76x2e
wifi firmware.

Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/rauc: allow use of host-libp11 for crypto hardware support in host-rauc

To use a private key stored on a hardware crypto module, such as an HSM
or smart card, rauc needs OpenSSL to have support for pkcs11 modules.
OpenSSL achieves this through the libp11 library.

The libp11 engine for OpenSSL is a dynamic module, so the dependency is
at rauc's runtime, rather than openssl's or rauc's build time.  However,
it still needs to be added as a dependency, so that anything that uses
host-rauc when building can be assured that host-rauc is fully
functional.

As this is a runtime dependency, there's no need for a target
dependency.  And it's only used for signing updates, which isn't done on
the target anyway.

Signed-off-by: Trent Piepho <tpiepho@impinj.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/imagemagick: add optional SVG support to host variant

SVG can be regarded as the "source code" for assets, like logos or other
graphical elements.

However, SVG needs to be rendered, which requires an XML parser and an
SVG "parser/rendered". As such, it has various runtime impacts, like
bad performance or security. As such, SVG are often pre-rendered to the
required sizes/depths/resolutions into other format, such as PNG, at
build time.

While rsvg-convert (from host-librsvg) would allow the rendering, it
does not allow more complex tasks taht ImageMagick allows for:
compositing more than one image, 2D transforamtions (rotation, skew...).

Yet, SVG support in ImageMagick relies on librsvg, which adds quite a
few dependencies, and thus has a noticeable impact on the build time.

Add an option to allow concerned users to enable/disable SVG support
in ImageMagick.

Enabling SVG support relies on librsvg, which in turns relies on a few
additional packages that ImageMagick can also optionally use. So,
automatically enable the corresponding support as well.

Signed-off-by: "Yann E. MORIN" <yann.morin@orange.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/imagemagick: add prompt for host variant

Sometimes, it is required to call imagemagick from a post-build script
or the likes, so we have to allow the user to enable the host variant
for imagemagick.

Update the linux package to select the host variant now.

Signed-off-by: "Yann E. MORIN" <yann.morin@orange.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/arcturus_ucp1020: bump Linux and U-Boot

Bump Linux and U-Boot versions.

The Linux configuration file and patches are no longer needed.

Signed-off-by: Oleksandr Zhadan <oleks@arcturusnetworks.com>
Signed-off-by: Michael Durrant <mdurrant@arcturusnetworks.com>
[Thomas: also use a tarball for U-Boot.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libiio: bump to version 0.18

See https://github.com/analogdevicesinc/libiio/releases

Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python3: drop unrecognized option

--enable-old-stdlib-cache is not recognozed since at least version
3.6.3, see:
http://autobuild.buildroot.org/results/b957f956100fc36c7d5ffab1d7df41a65ae52ded

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/util-linux: minix needs MMU

Fixes:
 - http://autobuild.buildroot.org/results/87801e1a3c628e00ccb0c57afc2b46cc735c6018

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Tested-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/rtmpdump: bump version

Added tarball and license hashes.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/mjpg-streamer: bump version

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/x11r7/xapp_sessreg: bump version to 1.1.2

Removed patch which was applied upstream:
https://gitlab.freedesktop.org/xorg/app/sessreg/commit/5b403d124c32c20fddc73bc5ae3c7e1febdf1bc4

Added all hashes provided by upstream, added license hash.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/x11r7/xapp_xcalc: bump version to 1.1.0

Switched _SITE to https.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/x11r7/xlib_libX11: bump version to 1.6.8

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/x11r7/xfont_encodings: bump version to 1.0.5

Added all hashes provided by upstream, added license hash.

Switched _SITE to https.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/x11r7/xlib_libXi: bump version to 1.7.10

Added all hashes provided by upstream, added license hash.

Switched _SITE to https.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libvncserver: fix build without C++

Fixes:
 - http://autobuild.buildroot.org/results/16aaa4e86a2dbf1acf95f10d5131b0f7b8a3d61a

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/xorgproto: enable legacy

xproxymngproto is needed by xfindproxy but it is now disabled by default
Enable it thanks to --enable-legacy

Fixes:
 - http://autobuild.buildroot.org/results/4b21400c36e8ba7a8222f9da962f79e42c6146d3

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/harfbuzz: fix build with cairo

harfbuzz needs svg support on cairo

Fixes:
 - http://autobuild.buildroot.org/results/f6c0b85fa476e0f52cc06f0133d2e4f9920f7556

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

boot/mv-ddr-marvell: fix build with GCC 8

Add upstream patch fixing a build warning that is considered as error.

Cc: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/efivar: bump version to 37

Backport patches required to build with gcc-9.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>