package/collectd: add config option for lua

collectd has sub-options for all its different plugins and features,
so let's do the same for the lua functionality, instead of using
automatic dependencies.

Signed-off-by: Tom Marcuzzi <tom.marcuzzi@orolia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libpjsip: add sdl2 support

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/nginx-modsecurity: depends on BR2_PACKAGE_NGINX_HTTP

Fixes:
 - http://autobuild.buildroot.org/results/7babc12094f4d490569556824a2029e5f08ff866

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/qt5: bump latest version to 5.12.7

qt5base:
 - remove 0003-Do-not-load-plugin-from-the-PWD.patch
   (taken from upstream [1])
 - remove 0004-QLibrary-Unix-do-not-attempt-to-load-a-library-relat.patch
   (taken from upstream [2])

qt5webengine:
 - update 3rdparty license hash script to not include '*.pyc' files
 - update 3rdparty license hash list and chromium-latest.inc file

[1] https://code.qt.io/cgit/qt/qtbase.git/commit/?id=bf131e8d2181b3404f5293546ed390999f760404
[2] https://code.qt.io/cgit/qt/qtbase.git/commit/?id=e6f1fde24f77f63fb16b2df239f82a89d2bf05dd

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

linux/linux.mk: use HOST_MAKE_ENV rather than TARGET_MAKE_ENV

While the kernel is built for the target, the build may need various host
libraries depending on config (and kernel version), so use HOST_MAKE_ENV
instead of TARGET_MAKE_ENV.

In particular, this ensures that our host-pkgconf will look for host
libraries and not target ones.

Fixes building scripts/dtc for Buildroot configurations enabling libyaml and
host-pkgconf for kernels after commit 067c650c45 (dtc: Use pkg-config to
locate libyaml).

With this enabled, we can drop the PKG_CONFIG_* variables for the
_NEEDS_HOST_LIBELF conditional, as those are included in HOST_MAKE_ENV.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-entrypoints: new package

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libssh: add support for mbedtls crypto backend

At this point Buildroot doesn't allow to use mbedTLS crypto
backend even though libssh supports it. In case of fully statically
linked ELF executables the size difference between OpenSSL and mbedTLS
is significant: it matters for embedded targets with very limited
storage.

This patch adds support for compiling libssh with mbedTLS as a crypto
backend.  It also allows the selection of the crypto backend libssh will use
through a choice in the package config, similar to libssh2.

Currently, the selection of the backend is based on a priority order,
which is not always desirable, as in some cases multiple backends
can exists at the same time for various reasons.

Signed-off-by: Mircea Gliga <gliga.mircea@gmail.com>
[Peter: use depends on rather can select for consistency with libssh2]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/lua-livr-extra: new package

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/lua-livr: new package

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/socat: bump to version 1.7.3.4

Drop patch #2. Upstream commit d8a5d49c2d8359 includes stddef.h in a
higher level header.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libpjsip: add openh264 support

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/php: remove trailing whitespace in php.hash

A trailing whitespace was added by commit
26c16e9d5b2305e6da99762a254621fe257216be

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/util-linux: bump to version 2.35

This version brings bug fixes, enhancements and a new script utility,
scriptlive. For detailed information see the release notes:

  http://www.kernel.org/pub/linux/utils/util-linux/v2.35/v2.35-ReleaseNotes

Pull some fixed applied after the release.

Disable the use of code under GPLv3 included in hwclock since v2.30. The
subject was discussed upstream[1] and it was decided that hwclock will
be made GPLv2-only again in v2.36, so do it in advance in Buildroot.

Meanwhile, be warned that all OS images selecting hwclock built with
Buildroot since commit 74235a6854 (util-linux: bump to version 2.30)
contain code under GPLv3, which imposes some technical difficulties to
include in embedded systems. For more information see GPLv3, Section 6,
"Conveying Non-Source Forms", and the definitions of User Product and
Installation Information[2].

1. https://lore.kernel.org/util-linux/20200127202152.4jh2w4chch37wgee@ws.net.home/T/#t
2. https://www.gnu.org/licenses/gpl-3.0.html

Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/kodi: use github helper for KODI_EXTRA_DOWNLOADS

This will ensure the downloads have nicer filenames in the download
directory, e.g.:
    4.0.4-Leia-18.4.tar.gz --> kodi-ffmpeg-4.0.4-Leia-18.4.tar.gz

Update the hashes list accordingly.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[yann.morin.1998@free.fr: expand comit log with additional explanations]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/libpjsip: add libyuv support

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

Revert "package/weston: bump to version 8.0.0"

This reverts commit 4f217669de10f61d77e9ff834d9efdcee4efdf04 which
should not have been pushed.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

Revert "package/wayland-protocols: bump to version 1.18"

This reverts commit 42c0fd586944b8fe38f54551f596465cfe4c7678 which
should not have been pushed to begin with.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/weston: bump to version 8.0.0

Lots of changes with this big leap:
  - autotools is deprecated and replaced with meson
  - demo clients now need pango

---------------------------

The dbus option in autotools is replaced with launcher-logind in meson.

Replaced WESTON_NATIVE_BACKEND with backend-default in meson.

Added optional pipewire dependency.

Added patch fixing missing include in os-compatibility.c.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Tested-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/wayland-protocols: bump to version 1.18

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Tested-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/weston-imx: split weston-imx off from weston

Stock weston has been migrated to meson, now the only buildsystem
starting with version 8, but the IMX fork is still stuck With the
older version 6, which only has the autotools buildsystem.

As a consequence, either we make weston a hybrid package that calls
to the appropriate package macro infra, or we split the IMX fork off
to its own package.

meson and autotools have two different ways to express passing options,
so we can't factorise the code paths to support both buildsystems:
we'd need to duplicate those depending on the variant used.

So, it's much more sensible to spin he IMX variant away. Besides, that
will make it easier to drop it, should it eventually gets merged
upstream (or the fork just dies off).

We ensure that the two variants, vanilla and IMX, can't get selected at
the same time, by making weston-imx depend on !weston, and hiding it
behind IMX conditionals.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[yann.morin.1998@free.fr:
  - drop !BR2_PACKAGE_IMX_GPU_VIV_OUTPUT_WL dependency from stock weston
  - make weston-imx depends on !weston
  - rework commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/erlang-p1-xmpp: fix host build

Fixes:
http://autobuild.buildroot.net/results/3e594350131994df53b20d5113fefbba2e747836

Signed-off-by: Johan Oudinet <johan.oudinet@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libevent: do not drop python script with python 3

python script is compatible with python3 since 2.1.10 and
https://github.com/libevent/libevent/commit/532a8cc301db39e82166b4fe98146534fdc242ce

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libpam-tacplus: add openssl optional dependency

openssl is an optional dependency since version 1.4.1 and
https://github.com/kravietz/pam_tacplus/commit/789cf4a85266dcb426ed133b2d07df86d0a55972

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Tested-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libpam-tacplus: fix build on uclibc

Fixes:
 - http://autobuild.buildroot.org/results/05c67484136f3bb433ce7fc47b2ce01167048cc2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Tested-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/bitcoin: bump to version 0.19.0.1

- Retrieve official tarball instead of using github as specified in
  https://github.com/bitcoin/bitcoin/releases/tag/v0.19.0.1
- Remove patch (already in version)
- Update hash of COPYING (update in year:
  https://github.com/bitcoin/bitcoin/commit/ae5594d51b489826f2f2315c92e8df5ee0267efc)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libnss: bump version to 3.49.2

Release notes:
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.49.2_release_notes

Fixes:
http://autobuild.buildroot.net/results/2687d667467a2f4209af74e6e77073801c716a3b/
http://autobuild.buildroot.net/results/0a46d17d44b69afa8576b7a09ec825319d195489/

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libnss: rename patch number

At the moment there are 2 patches with the same id(0001-xxx.patch) so
let's rename one of them to 0002-xxx.patch.

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

toolchain/toolchain-external: warn for untested GCC/kernel version

The oldest toolchain we test in the autobuilders is the Sourcery ARM
toolchain which is GCC 4.8 and kernel headers 3.13. Therefore, it is
likely that we're missing the required _AT_LEAST dependencies to exclude
packages that don't build with older GCC/headers.

Add a comment to the custom external toolchain that warns when an
untested GCC or kernel headers version is selected.

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/fail2ban: bump to version 0.11.1

This patch bump fail2ban to verison 0.11.1.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/smartmontools: add libcap-ng optional dependency

libcap-ng is an optional dependency since a very long time (2010) and
https://github.com/mirror/smartmontools/commit/24882d3672b759c1125169420749e186a3816fe1

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/lighttpd: bump to version 1.4.55

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/sudo: bump version to 1.8.31

Notice that 1.8.31 fixes a security issue with the non-default pwfeedback
option, but according to the advisory this is not exploitable in 1.8.28:

versions 1.8.26 through 1.8.30 it is not exploitable due to a change in EOF
handling introduced in sudo 1.8.26

https://www.sudo.ws/alerts/pwfeedback.html

Adjust license hash as the copyright year was changed:
-   Copyright (c) 1994-1996, 1998-2019
+   Copyright (c) 1994-1996, 1998-2020

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/qt5base: add upstream security patches for latest variant

Fixed the following security issue:

- CVE-2020-0569: QPluginLoader in Qt versions 5.0.0 through 5.13.2 would
  search for certain plugins first on the current working directory of the
  application, which allows an attacker that can place files in the file
  system and influence the working directory of Qt-based applications to
  load and execute malicious code.  This issue was verified on macOS and
  Linux and probably affects all other Unix operating systems.  This issue
  does not affect Windows.

- CVE-2020-0570: QLibrary in Qt versions 5.12.0 through 5.14.0, on certain
  x86 machines, would search for certain libraries and plugins relative to
  current working directory of the application, which allows an attacker
  that can place files in the file system and influence the working
  directory of Qt-based applications to load and execute malicious code.
  This issue was verified on Linux and probably affects all Unix operating
  systems, other than macOS (Darwin).  This issue does not affect Windows.

For details, see the advisory:
https://www.openwall.com/lists/oss-security/2020/01/30/1

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
[Peter: extend commit message]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/qt5base: add upstream security patch for LTS variant

Fixed the following security issue:

- CVE-2020-0569: QPluginLoader in Qt versions 5.0.0 through 5.13.2 would
  search for certain plugins first on the current working directory of the
  application, which allows an attacker that can place files in the file
  system and influence the working directory of Qt-based applications to
  load and execute malicious code.  This issue was verified on macOS and
  Linux and probably affects all other Unix operating systems.  This issue
  does not affect Windows.

For details, see the advisory:
https://www.openwall.com/lists/oss-security/2020/01/30/1

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
[Peter: extend commit message]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libva: bump version to 2.6.1

Removed patch which was applied upstream:
https://github.com/intel/libva/commit/69b4230c36d977d4198d74a5f1fc7529715fd5ab

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/mesa3d: add support for gallium iris driver

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

boot/arm-trusted-firmware: allow additional make targets

Allow specifying additional build targets for ATF.

This might be more useful when using a custom git repository.

For example, when using with the ATF repository from NXP QorIQ,
there is a new build target 'pbl' which is used to build the
pbl binary image. Note that in the specific case of the 'pbl'
target, additional build variables also need to be specified
through BR2_TARGET_ARM_TRUSTED_FIRMWARE_ADDITIONAL_VARIABLES.

Signed-off-by: Francois Gervais <fgervais@distech-controls.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/php: bump version to 7.4.2

patch 0005 has been sourced from upstream, and can be dropped when
7.4.3 is released.

The mbstrings module used to use a bundled oniguruma library, but now
uses an external one, hence the new dependency on this package for the
mbstrings module.

The hash of the license file has changed due to this change in the
copyright year:

-Copyright (c) 1999 - 2018 The PHP Group. All rights reserved.
+Copyright (c) 1999 - 2019 The PHP Group. All rights reserved.

Signed-off-by: Pascal de Bruijn <p.debruijn@unilogic.nl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/meson: bump to version 0.53.1

Removed patch that is now upstream.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libplist: bump version to 2.1.0

Switched _SITE to github, added license hash.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/tor: bump version to 0.4.2.6

Release notes: https://blog.torproject.org/new-releases-tor-0426-0418

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libnspr: bump version to 4.25

Xtensa architecture has been added. Let's use upstream sha1 for
tarball's hash.

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

squashfs: bump version to 4.4

Bump to version 4.4 and switch to github site since the kernel
repository has not been updated. See
https://github.com/plougher/squashfs-tools/blob/master/README.

Dropping patch that has been incorporated in the new release.

This version bump includes support for reproducible images. See the full
release notes for details at
https://github.com/plougher/squashfs-tools/blob/master/README-4.4

Signed-off-by: Clayton Shotwell <clayton.shotwell@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/suricata: fix lzma dependency

lzma package is a host-only package so replace this wrong dependency by
xz package

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libpjsip: add v4l2 support

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libhtp: bump to version 0.5.32

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/file: zlib is optional, not mandatory

zlib is optional since version 4.22 and
https://github.com/file/file/commit/b950f1f426f8855e69d6f3dcc32067e931e015b7
and --enable-zlib has been fixed since version 5.37 and
https://github.com/file/file/commit/8c6dcd7ef690e90a3e897e8f886513750ed2c04d

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/genimage: bump to version 12

Also drop upstreamed patch

Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/tpm2-tools: bump version to 4.1.1

Bugfix release, fixing a number of issues in the 4.1 release.  For details,
see the announcement:

https://github.com/tpm2-software/tpm2-tools/releases/tag/4.1.1

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/gerbera: fix static linking with libmagic

Fixes:
 - http://autobuild.buildroot.org/results/37b1ef54dc41100689f311fbc31fc9300dc6ae63

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/file: add libmagic.pc

Fixes:
 - http://autobuild.buildroot.org/results/37b1ef54dc41100689f311fbc31fc9300dc6ae63

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/arp-scan: bump version to 1.9.7

Signed-off-by: Arthur Courtel <arthur.courtel@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/kodi-audioencoder-vorbis: bump version to 2.0.3-Leia

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/kodi-screensaver-matrixtrails: remove 'v' prefix from github-fetched package

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[yann.morin.1998@free.fr: fix hash file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/file: add bzip2 optional dependency

bzip2 is an optional dependency since version 5.38 and
https://github.com/file/file/commit/b259a07ea95827f565faa20f0316e5b2704064f7

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/file: add xz optional dependency

xz is an optional dependency since version 5.38 and
https://github.com/file/file/commit/b259a07ea95827f565faa20f0316e5b2704064f7

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libmodsecurity: point to staging pcre-config

The libmodsecurity build system uses the file installed on the host if not
explicitly pointed to pcre-config in the staging dir.

Fixes:
- http://autobuild.buildroot.net/results/f936ad05bca4bb776917306700750ba6d2498ef0
  + similar failures for other architectures

Signed-off-by: Frank Vanbever <frank.vanbever@essensium.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

support/testing: add python-can test case

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-can: add missing dependency

Python-can depends on aenum package since 3.2.0:

https://github.com/hardbyte/python-can/commit/dcf87ce3712244bdde7cb4692901950ffcec2215

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-aenum: new package

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
[Peter: add license hash]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/modem-manager: update to version 1.12.4

https://lists.freedesktop.org/archives/modemmanager-devel/2020-January/007670.html

Signed-off-by: Aleksander Morgado <aleksander@aleksander.es>
Tested-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libqmi: bump to version 1.24.4

https://lists.freedesktop.org/archives/libqmi-devel/2020-January/003193.html

Signed-off-by: Aleksander Morgado <aleksander@aleksander.es>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/wireguard-linux-compat: bump version to 0.0.20200128

Fixes build issues with kernel 5.5. For details, see the announcement:

https://lists.zx2c4.com/pipermail/wireguard/2020-January/004905.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/nginx-modsecurity: new package

The name of the package diverges slightly from upstream to maintain
consistency with other nginx modules already present.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libmodsecurity: new package

The dependency on !BR2_STATIC_LIBS is due to missing Libs.private in the
libmodconfig pkg-config file making builds that statically link against
libmodsecurity fail.

Lua is disabled due to using the host libraries.

Yajl is disabled as enabling it forces the tests to be built. These tests have a
hard dependency on libmodsecurity.a which is not built when --disable-static is
used in the configuration. There is no flag to disable these tests.

Signed-off-by: Frank Vanbever <frank.vanbever@essensium.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libpjsip: add sound support

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libubootenv: bump to version 879c073

This includes the following changes:

879c073 Do not hardcode path for install
d9c639b libubootenv: add pkg-config support

Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

Makefile, manual, website: Bump copyright year

Happy 2020!

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/samba4: bump version to 4.11.6

Release notes: https://www.samba.org/samba/history/samba-4.11.6.html

Removed patch 0004 which was applied upstream:
https://git.samba.org/samba.git/?p=samba.git;a=commit;h=1d28d27070a7ade82283dab11c9ef7cadfbf54fb
https://git.samba.org/samba.git/?p=samba.git;a=commit;h=3889444e00866eafebcdfb42be5f07990b881c56

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libpjsip: add bcg729 optional dependency

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/{mesa3d, mesa3d-headers}: bump version to 19.3.3

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/go: security bump to version 1.13.7

Fixes the following security issue:

- Panic in crypto/x509 certificate parsing and golang.org/x/crypto/cryptobyte

On 32-bit architectures, a malformed input to crypto/x509 or the ASN.1
parsing functions of golang.org/x/crypto/cryptobyte can lead to a panic.
The malformed certificate can be delivered via a crypto/tls connection to a
client, or to a server that accepts client certificates.  net/http clients
can be made to crash by an HTTPS server, while net/http servers that accept
client certificates will recover the panic and are unaffected.  Thanks to
Project Wycheproof for providing the test cases that led to the discovery of
this issue.  The issue is CVE-2020-7919 and Go issue golang.org/issue/36837.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-aiohttp-debugtoolbar: bump to version 0.6.0

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-rpi-ws281x: Bump to version 4.2.3

Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/luarocks: bump to version 3.3.0

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/opkg-utils: bump to version 0.4.2

Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/gensio: fix detection of openssl with -latomic

Add an upstream patch to fix --with-openssl argument and allow gensio to use
pkg-config to retrieve openssl dependencies otherwise the detection of
openssl will fail on architecture that needs to link with -latomic such as
sparc v8 32 bits:

configure:9379: checking for openssl/ssl.h in /home/fabrice/buildroot/output/host/sparc-buildroot-linux-uclibc/sysroot/usr
configure:9386: result: yes
configure:9402: checking whether compiling and linking against OpenSSL works
Trying link with OPENSSL_LDFLAGS=-L/home/fabrice/buildroot/output/host/sparc-buildroot-linux-uclibc/sysroot/usr/lib; OPENSSL_LIBS=-lssl -lcrypto; OPENSSL_INCLUDES=-I/home/fabrice/buildroot/output/host/sparc-buildroot-linux-uclibc/sysroot/usr/include
configure:9424: /home/fabrice/buildroot/output/host/bin/sparc-linux-gcc -o conftest -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64  -Os   -static -I/home/fabrice/buildroot/output/host/sparc-buildroot-linux-uclibc/sysroot/usr/include -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64  -static -L/home/fabrice/buildroot/output/host/sparc-buildroot-linux-uclibc/sysroot/usr/lib conftest.c -lssl -lcrypto  -lpthread >&5
/home/fabrice/buildroot/output/host/opt/ext-toolchain/bin/../lib/gcc/sparc-buildroot-linux-uclibc/8.3.0/../../../../sparc-buildroot-linux-uclibc/bin/ld: /home/fabrice/buildroot/output/host/sparc-buildroot-linux-uclibc/sysroot/usr/lib/libssl.a(ssl_lib.o): in function `CRYPTO_UP_REF.isra.6':
ssl_lib.c:(.text+0x3c8): undefined reference to `__atomic_fetch_add_4'

Fixes:
 - No autobuilder failures (silent error)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libpjsip: add opencore-amr support

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

{linux, linux-headers}: bump 4.{4, 9, 14, 19}.x / 5.4.x series

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/wpewebkit: security bump to version 2.26.3

Fixes the following security issues:

- CVE-2019-8835: Multiple memory corruption issues were addressed with
  improved memory handling

- CVE-2019-8844: Multiple memory corruption issues were addressed with
  improved memory handling

- CVE-2019-8846: A use after free issue was addressed with improved memory
  management

For details, see the advisory:
https://webkitgtk.org/security/WSA-2020-0001.html

Drop now upstreamed patch.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/webkitgtk: security bump to version 2.26.3

Fixes the following security issues:

- CVE-2019-8835: Multiple memory corruption issues were addressed with
  improved memory handling

- CVE-2019-8844: Multiple memory corruption issues were addressed with
  improved memory handling

- CVE-2019-8846: A use after free issue was addressed with improved memory
  management

For details, see the advisory:
https://webkitgtk.org/security/WSA-2020-0001.html

Drop now upstreamed patch.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/opkg: bump version to 0.4.2

Signed-off-by: Max Berger <phobie@protonmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/aircrack-ng: bump to version 1.6

Signed-off-by: Laurent Cans <laurent.cans@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/axel: bump to version 2.17.7

Signed-off-by: Ismael Luceno <ismael@iodev.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/kodi-visualisation-goom: fix build with gcc-4.9

Fixes build error:

output/build/kodi-visualisation-goom-2.1.0-Leia/lib/goom/src/lines.c:
In function 'goom_lines_draw':
output/build/kodi-visualisation-goom-2.1.0-Leia/lib/goom/src/lines.c:232:3:
error: 'for' loop initial declarations are only allowed in C99 or C11 mode
   for (int i = 1; i < AUDIO_SAMPLE_LEN; i++) {

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/owfs: bump to version 3.2p3

- Switch site to github to get latest release
- Drop patch (already in version) and so autoreconf
- Update hash of license files ($Id$ strings removed with
  https://github.com/owfs/owfs/commit/52b1059a5bc7efb6ac8891e7c2b90433d0bdd0f4)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libpjsip: add libsamplerate support

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/bluez-alsa: bump to version 2.1.0

Also:
  * Conditionally enable support for integration with UPower D-Bus
    service if BR2_PACKAGE_UPOWER is selected
  * The copyright year was updated in the LICENSE file, therefore
    the hash value was also recalculated.

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/kodi-visualisation-goom: needs glm

See CMakeLists.txt:
https://github.com/xbmc/visualization.goom/blob/Leia/CMakeLists.txt#L7

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-pigpio: Bump to version 1.45

Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/pigpio: Bump to version 7301

Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/ser2net: bump to version 4.1.1

The 4.x version now needs gensio and libyaml:
https://sourceforge.net/p/ser2net/news/2019/05/ser2net-40-gensio-10-released/

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[Peter: extend commit message, add 4.x release notes]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/rpi-userland: bump version to 06bc6da

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/rpi-firmware: bump version to 01ecfd2

Keep rpi-firmware up-to-date with the kernel
vesion bump (4.19.97).

Go back to sha1 version scheme instead of official tag (after
only two tag versions) to keep up with the up-to-date kernel
version (as the offical last tag is for 4.19.94).

Update boot/LICENCE.broadcom hash according to the
'Update to support customisation program ' change ([1]).

[1] https://github.com/raspberrypi/firmware/commit/dd9e9ebb5d5306e91acb135db890cf18f3a5eea2#diff-b7cccbd9821a372750de822dfd97a843

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

configs/raspberrypi*: bump kernel version to 64d0a98

Now based on 4.19.97 (from 4.19.75).

Go back to sha1 version scheme instead of official tag (after
only two tag versions) to get an up-to-date kernel version
(as the offical last tag is for 4.19.94).

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/linux-pam: replace second patch by upstream patch

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/xtables-addons: bump version to 3.7

Resolves build failure with Linux 5.4

Signed-off-by: Nathaniel Roach <nroach44@nroach44.id.au>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/ptm2human: new package

ptm2human is a decoder for trace data outputted by Program
Trace Macrocell (PTM) and Embedded Trace Macrocell (ETMv4).
It deconstructs ID packets and data packets from the
formatter of ARM Coresight ETB, and then translates the
trace data to a human-readable format.

./utils/test-pkg --package ptm2human --all
44 builds, 29 skipped, 0 build failed, 0 legal-info failed

Signed-off-by: Julien Olivain <juju@cotds.org>
[yann.morin.1998@free.fr:
  - drop the host variant
  - introduce _ARCH_SUPPORTS
  - comment why we need autoreconf
  - drop spurious empty line
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

DEVELOPERS: remove Rico Bachmann

His e-mail address is bouncing:

Your message to bachmann@tofwerk.com couldn't be delivered.
bachmann wasn't found at tofwerk.com.
thomas.petazzoni        Office 365      bachmann
Action Required                 Recipient
Unknown To address

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

DEVELOPERS: remove Sam Bobroff

His e-mail address is bouncing:

   ----- The following addresses had permanent fatal errors -----
<sbobroff@linux.ibm.com>
    (reason: 550 5.1.1 <sbobroff@linux.ibm.com>: Recipient address rejected: User unknown in local recipient table)

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>