Merge branch 'master' into next

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

Config.in.legacy

@@ -146,6 +146,12 @@ endif
 
 comment "Legacy options removed in 2021.08"
 
+config BR2_PACKAGE_PHP_EXT_MCRYPT
+	bool "PHP mcrypt extension removed"
+	select BR2_LEGACY
+	help
+	  mcrypt has been removed from php since version 7.2.0.
+
 config BR2_BINUTILS_VERSION_2_34_X
 	bool "binutils 2.34 has been removed"
 	select BR2_LEGACY

DEVELOPERS

@@ -1055,6 +1055,7 @@ F:	package/xapian/
 
 N:	Giulio Benetti <giulio.benetti@benettiengineering.com>
 F:	package/at/
+F:	package/libfuse3/
 F:	package/libnspr/
 F:	package/libnss/
 F:	package/minicom/

package/azure-iot-sdk-c/0001-hmac-c-fix-mismatching-function-prototype.patch

@@ -0,0 +1,35 @@
+From 3a7997af72e7a4f70109d1639e6725b39046443e Mon Sep 17 00:00:00 2001
+From: Francesco Giancane <30423178+fgiancane8@users.noreply.github.com>
+Date: Fri, 2 Jul 2021 20:47:38 +0200
+Subject: [PATCH] hmac.c: fix mismatching function prototype (#537)
+
+The reported function raises a warning when compilers assert the flag
+`-Warray-parameter=`, signaling that an array-type argument was promoted
+to a pointer-type argument.
+
+While in practice in most C implementations this is correct, fixing the
+warning (and, in this case, indicating the maximum size for the array)
+would represent a best-practice for finding out-of-bound accesses or
+identifying wrongly-sized arrays passed in the function.
+
+Signed-off-by: Francesco Giancane <francesco.giancane@accenture.com>
+[Retrieved from:
+https://github.com/Azure/azure-c-shared-utility/commit/3a7997af72e7a4f70109d1639e6725b39046443e]
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+---
+ src/hmac.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/hmac.c b/src/hmac.c
+index 53f2411f8..160af9d2f 100644
+--- a/c-utility/src/hmac.c
++++ b/c-utility/src/hmac.c
+@@ -208,7 +208,7 @@ int hmacFinalBits(HMACContext *ctx,
+ *   sha Error Code.
+ *
+ */
+-int hmacResult(HMACContext *ctx, uint8_t *digest)
++int hmacResult(HMACContext *ctx, uint8_t digest[USHAMaxHashSize])
+ {
+     if (!ctx) return shaNull;
+ 

package/bluez5_utils/Config.in

@@ -143,6 +143,7 @@ config BR2_PACKAGE_BLUEZ5_UTILS_TOOLS_HID2HCI
 	bool "build hid2hci tool"
 	depends on BR2_PACKAGE_HAS_UDEV
 	select BR2_PACKAGE_BLUEZ5_UTILS_PLUGINS_HID # runtime
+	select BR2_PACKAGE_BLUEZ5_UTILS_TOOLS
 	help
 	  Build hid2hci tool
 

package/cegui/cegui.mk

@@ -13,6 +13,7 @@ CEGUI_CONF_OPTS = \
 	-DCEGUI_HAS_MINIZIP_RESOURCE_PROVIDER=OFF \
 	-DCEGUI_BUILD_RENDERER_IRRLICHT=OFF \
 	-DCEGUI_BUILD_RENDERER_OGRE=OFF \
+	-DCEGUI_BUILD_RENDERER_OPENGLES=OFF \
 	-DCEGUI_BUILD_XMLPARSER_XERCES=OFF \
 	-DCEGUI_USE_FRIBIDI=OFF \
 	-DCEGUI_SAMPLES_ENABLED=OFF \

package/desktop-file-utils/desktop-file-utils.hash

@@ -0,0 +1,3 @@
+# Locally calculated:
+sha256  b26dbde79ea72c8c84fb7f9d870ffd857381d049a86d25e0038c4cef4c747309  desktop-file-utils-0.26.tar.xz
+sha256  8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643  COPYING

package/desktop-file-utils/desktop-file-utils.mk

@@ -0,0 +1,14 @@
+################################################################################
+#
+# desktop-file-utils
+#
+################################################################################
+
+DESKTOP_FILE_UTILS_VERSION = 0.26
+DESKTOP_FILE_UTILS_SOURCE = desktop-file-utils-$(DESKTOP_FILE_UTILS_VERSION).tar.xz
+DESKTOP_FILE_UTILS_SITE = https://www.freedesktop.org/software/desktop-file-utils/releases
+DESKTOP_FILE_UTILS_LICENSE = GPL-2.0+
+DESKTOP_FILE_UTILS_LICENSE_FILES = COPYING
+HOST_DESKTOP_FILE_UTILS_DEPENDENCIES = host-libglib2
+
+$(eval $(host-meson-package))

package/erlang/Config.in

@@ -10,7 +10,7 @@ config BR2_PACKAGE_ERLANG_ARCH_SUPPORTS
 	# __atomic_* builtins
 	default y if BR2_i386 || BR2_x86_64 || BR2_powerpc || \
 		BR2_sparc_v9 || BR2_arm || BR2_aarch64 || BR2_mipsel || \
-		BR2_TOOLCHAIN_HAS_ATOMIC
+		BR2_RISCV_64
 	# erlang needs host-erlang
 	depends on BR2_PACKAGE_HOST_ERLANG_ARCH_SUPPORTS
 

package/gpsd/gpsd.mk

@@ -16,6 +16,7 @@ GPSD_DEPENDENCIES = host-python3 host-scons host-pkgconf
 
 GPSD_LDFLAGS = $(TARGET_LDFLAGS)
 GPSD_CFLAGS = $(TARGET_CFLAGS)
+GPSD_CXXFLAGS = $(TARGET_CXXFLAGS)
 
 GPSD_SCONS_ENV = $(TARGET_CONFIGURE_OPTS)
 
@@ -46,6 +47,7 @@ endif
 
 ifeq ($(BR2_TOOLCHAIN_HAS_GCC_BUG_68485),y)
 GPSD_CFLAGS += -O0
+GPSD_CXXFLAGS += -O0
 endif
 
 # If libusb is available build it before so the package can use it
@@ -203,7 +205,8 @@ endif
 GPSD_SCONS_ENV += \
 	LDFLAGS="$(GPSD_LDFLAGS)" \
 	CFLAGS="$(GPSD_CFLAGS)" \
-	CCFLAGS="$(GPSD_CFLAGS)"
+	CCFLAGS="$(GPSD_CFLAGS)" \
+	CXXFLAGS="$(GPSD_CXXFLAGS)"
 
 define GPSD_BUILD_CMDS
 	(cd $(@D); \

package/libebml/0001-include-appropriate-header-files-for-std-numeric_limits.patch

@@ -0,0 +1,52 @@
+From f0bfd53647961e799a43d918c46cf3b6bff89806 Mon Sep 17 00:00:00 2001
+From: Moritz Bunkus <mo@bunkus.online>
+Date: Sat, 27 Feb 2021 20:36:52 +0100
+Subject: [PATCH] include appropriate header files for std::numeric_limits
+
+Fixes #80.
+
+[Retrieved from:
+https://github.com/Matroska-Org/libebml/commit/f0bfd53647961e799a43d918c46cf3b6bff89806]
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+---
+ ChangeLog                 | 4 ++++
+ src/EbmlString.cpp        | 1 +
+ src/EbmlUnicodeString.cpp | 1 +
+ 3 files changed, 6 insertions(+)
+
+diff --git a/ChangeLog b/ChangeLog
+index 034cf86..e4b13a9 100644
+--- a/ChangeLog
++++ b/ChangeLog
+@@ -1,3 +1,7 @@
++2021-02-27  Moritz Bunkus  <mo@bunkus.online>
++
++        * Fix compilation with g++ 11. Fixes #80.
++
+ 2021-02-21 Steve Lhomme <slhomme@matroska.org>
+ 
+         * Remove Coremake project files
+diff --git a/src/EbmlString.cpp b/src/EbmlString.cpp
+index 27e55fd..4c05fcf 100644
+--- a/src/EbmlString.cpp
++++ b/src/EbmlString.cpp
+@@ -34,6 +34,7 @@
+   \author Steve Lhomme     <robux4 @ users.sf.net>
+ */
+ #include <cassert>
++#include <limits>
+ 
+ #include "ebml/EbmlString.h"
+ 
+diff --git a/src/EbmlUnicodeString.cpp b/src/EbmlUnicodeString.cpp
+index 496a16a..99fc073 100644
+--- a/src/EbmlUnicodeString.cpp
++++ b/src/EbmlUnicodeString.cpp
+@@ -36,6 +36,7 @@
+ */
+ 
+ #include <cassert>
++#include <limits>
+ 
+ #include "ebml/EbmlUnicodeString.h"
+ 

package/libfuse3/0001-meson.build-fix-wrong-.symver-detection.patch

@@ -0,0 +1,61 @@
+From 3aba09a5c56e017746c5c1652dbc845f4db7374a Mon Sep 17 00:00:00 2001
+From: Giulio Benetti <giulio.benetti@benettiengineering.com>
+Date: Tue, 3 Aug 2021 23:39:46 +0200
+Subject: [PATCH] meson.build: fix wrong .symver detection
+
+As pointed here [1] __has_attribute() is broken for many attributes and
+if it doesn't support the specific attribute it returns true, so we
+can't really rely on that for this check. This lead to Buildroot
+libfuse3 build failure [2] where that shows up with:
+```
+error: symver is only supported on ELF platforms
+```
+Indeed Microblaze doesn't support ELF since it doesn't include elfos.h,
+but __has_attribute(symver) returns true.
+
+So let's substitute the #ifdef __has_attribute() with a stronger test on
+a function foo() with __attribute__((symver ("test@TEST"))).
+
+[1]: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=101766
+[2]: http://autobuild.buildroot.net/results/d6c/d6cfaf2aafaeda3c12d127f6a2d2e175b25e654f/build-end.log
+
+Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
+---
+ meson.build | 16 +++++++---------
+ 1 file changed, 7 insertions(+), 9 deletions(-)
+
+diff --git a/meson.build b/meson.build
+index b0250ee..a7281f3 100644
+--- a/meson.build
++++ b/meson.build
+@@ -96,20 +96,18 @@ endif
+ # to have __has_attribute, then they are too old to support symver)
+ # other compilers might not have __has_attribute, but in those cases
+ # it is safe for this check to fail and for us to fallback to the old _asm_
+-# method for symver
++# method for symver. Anyway the attributes not supported by __has_attribute()
++# unfortunately return true giving a false positive. So let's try to build
++# using __attribute__ ((symver )) and see the result.
+ code = '''
+-#if defined __has_attribute
+-# if !__has_attribute (symver)
+-# error symver attribute not supported
+-# endif
+-#else
+-#error __has_attribute not defined, assume we do not have symver
+-#endif
++__attribute__ ((symver ("test@TEST")))
++void foo(void) {
++}
+ 
+ int main(void) {
+     return 0;
+ }'''
+-if cc.compiles(code, args: [ '-O0', '-c'])
++if cc.compiles(code, args: [ '-O0', '-c', '-Werror'])
+      message('Compiler supports symver attribute')
+      add_project_arguments('-DHAVE_SYMVER_ATTRIBUTE', language: 'c')
+ else
+-- 
+2.25.1
+

package/libodb-boost/libodb-boost.mk

@@ -12,5 +12,6 @@ LIBODB_BOOST_INSTALL_STAGING = YES
 LIBODB_BOOST_LICENSE = GPL-2.0
 LIBODB_BOOST_LICENSE_FILES = LICENSE
 LIBODB_BOOST_DEPENDENCIES = boost libodb
+LIBODB_BOOST_CONF_ENV = CXXFLAGS="$(TARGET_CXXFLAGS) -std=c++11"
 
 $(eval $(autotools-package))

package/libodb-mysql/libodb-mysql.mk

@@ -12,6 +12,8 @@ LIBODB_MYSQL_INSTALL_STAGING = YES
 LIBODB_MYSQL_LICENSE = GPL-2.0
 LIBODB_MYSQL_LICENSE_FILES = LICENSE
 LIBODB_MYSQL_DEPENDENCIES = libodb mysql
-LIBODB_MYSQL_CONF_ENV = LIBS=`$(STAGING_DIR)/usr/bin/mysql_config --libs`
+LIBODB_MYSQL_CONF_ENV = \
+	CXXFLAGS="$(TARGET_CXXFLAGS) -std=c++11" \
+	LIBS=`$(STAGING_DIR)/usr/bin/mysql_config --libs`
 
 $(eval $(autotools-package))

package/libodb-pgsql/libodb-pgsql.mk

@@ -12,5 +12,6 @@ LIBODB_PGSQL_LICENSE = GPL-2.0
 LIBODB_PGSQL_LICENSE_FILES = LICENSE
 LIBODB_PGSQL_INSTALL_STAGING = YES
 LIBODB_PGSQL_DEPENDENCIES = postgresql libodb
+LIBODB_PGSQL_CONF_ENV = CXXFLAGS="$(TARGET_CXXFLAGS) -std=c++11"
 
 $(eval $(autotools-package))

package/libuhttpd/0001-openssl.c-fix-build-with-wolfssl.patch

@@ -0,0 +1,47 @@
+From e5c5ed1c64cfc715729c9bfbfdcc4be225f344ff Mon Sep 17 00:00:00 2001
+From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+Date: Wed, 4 Aug 2021 11:32:39 +0200
+Subject: [PATCH] openssl.c: fix build with wolfssl
+
+Fix the following build failure with wolfssl:
+
+/tmp/instance-4/output-1/build/libuhttpd-3.12.1/src/ssl/openssl.c: In function 'ssl_context_new':
+/tmp/instance-4/output-1/build/libuhttpd-3.12.1/src/ssl/openssl.c:174:33: error: 'tls13_ciphersuites' undeclared (first use in this function)
+  174 |     SSL_CTX_set_ciphersuites(c, tls13_ciphersuites);
+      |                                 ^~~~~~~~~~~~~~~~~~
+
+Fixes:
+ - http://autobuild.buildroot.org/results/d0fb629b40b05ad828775894fabed878692bb222
+
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+[Upstream status: https://github.com/zhaojh329/ssl/pull/1]
+---
+ openssl.c | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/openssl.c b/openssl.c
+index 8f3d8b7..c42638c 100644
+--- a/src/ssl/openssl.c
++++ b/src/ssl/openssl.c
+@@ -71,14 +71,14 @@
+                 "TLS13-AES256-GCM-SHA384:"		\
+                 ecdhe_aead_ciphers
+ #else
+-# define tls13_ciphersuites	"TLS_CHACHA20_POLY1305_SHA256:"		\
+-                "TLS_AES_128_GCM_SHA256:"		\
+-                "TLS_AES_256_GCM_SHA384"
+-
+ # define top_ciphers							\
+                 ecdhe_aead_ciphers
+ #endif
+ 
++# define tls13_ciphersuites	"TLS_CHACHA20_POLY1305_SHA256:"		\
++                "TLS_AES_128_GCM_SHA256:"		\
++                "TLS_AES_256_GCM_SHA384"
++
+ #define ecdhe_aead_ciphers						\
+                 "ECDHE-ECDSA-CHACHA20-POLY1305:"	\
+                 "ECDHE-ECDSA-AES128-GCM-SHA256:"	\
+-- 
+2.30.2
+

package/libuwsc/0002-fix-bad-indentation.patch

@@ -0,0 +1,27 @@
+From 8cb416140741a596235b8acc46b2b119b13ebfab Mon Sep 17 00:00:00 2001
+From: Rosen Penev <rosenp@gmail.com>
+Date: Tue, 6 Jul 2021 21:01:52 -0700
+Subject: [PATCH] fix bad indentation
+
+Fixes error with GCC11.
+
+[Retrieved from:
+https://github.com/zhaojh329/libuwsc/commit/8cb416140741a596235b8acc46b2b119b13ebfab]
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+---
+ src/lua/uwsc_lua.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/lua/uwsc_lua.c b/src/lua/uwsc_lua.c
+index de6932e..84689fe 100644
+--- a/src/lua/uwsc_lua.c
++++ b/src/lua/uwsc_lua.c
+@@ -178,7 +178,7 @@ static int uwsc_lua_on(lua_State *L)
+     else
+         luaL_argcheck(L, false, 2, "available event name: open message error close");
+ 
+-	return 0;
++    return 0;
+ }
+ 
+ static int __uwsc_lua_send(lua_State *L, int op)

package/luaossl/Config.in

@@ -2,6 +2,7 @@ config BR2_PACKAGE_LUAOSSL
 	bool "luaossl"
 	depends on BR2_TOOLCHAIN_HAS_THREADS
 	select BR2_PACKAGE_OPENSSL
+	select BR2_PACKAGE_LIBOPENSSL_ENABLE_DES if BR2_PACKAGE_LIBOPENSSL
 	help
 	  luaossl is a comprehensive binding to OpenSSL for Lua 5.1,
 	  5.2, and later.

package/mesa3d/Config.in

@@ -65,7 +65,8 @@ config BR2_PACKAGE_MESA3D_DRI_DRIVER
 		!BR2_PACKAGE_MESA3D_OPENGL_GLX && \
 		!BR2_PACKAGE_MESA3D_OPENGL_EGL
 	select BR2_PACKAGE_XLIB_LIBXSHMFENCE if \
-		(BR2_PACKAGE_XORG7 && BR2_TOOLCHAIN_HAS_SYNC_4)
+		(BR2_PACKAGE_XORG7 && BR2_TOOLCHAIN_HAS_SYNC_4 && \
+			!BR2_RISCV_32)
 
 config BR2_PACKAGE_MESA3D_VULKAN_DRIVER
 	bool

package/mupdf/0003-Bug-703791-Stay-within-hash-table-max-key-size-in-cached-color-converter.patch

@@ -0,0 +1,119 @@
+From f5712c9949d026e4b891b25837edd2edc166151f Mon Sep 17 00:00:00 2001
+From: Tor Andersson <tor.andersson@artifex.com>
+Date: Tue, 20 Apr 2021 14:46:48 +0200
+Subject: [PATCH] Bug 703791: Stay within hash table max key size in cached
+ color converter.
+
+[Retrieved from:
+http://git.ghostscript.com/?p=mupdf.git;h=f5712c9949d026e4b891b25837edd2edc166151f]
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+---
+ include/mupdf/fitz/hash.h |  2 ++
+ source/fitz/colorspace.c  | 40 ++++++++++++++++++++++++---------------
+ source/fitz/hash.c        |  7 +++----
+ 3 files changed, 30 insertions(+), 19 deletions(-)
+
+diff --git a/include/mupdf/fitz/hash.h b/include/mupdf/fitz/hash.h
+index e92eb0458..feb37a5e4 100644
+--- a/include/mupdf/fitz/hash.h
++++ b/include/mupdf/fitz/hash.h
+@@ -5,6 +5,8 @@
+ #include "mupdf/fitz/context.h"
+ #include "mupdf/fitz/output.h"
+ 
++#define FZ_HASH_TABLE_KEY_LENGTH 48
++
+ /**
+ 	Generic hash-table with fixed-length keys.
+ 
+diff --git a/source/fitz/colorspace.c b/source/fitz/colorspace.c
+index af454caf1..f4db9d3d2 100644
+--- a/source/fitz/colorspace.c
++++ b/source/fitz/colorspace.c
+@@ -1025,23 +1025,30 @@ typedef struct fz_cached_color_converter
+ static void fz_cached_color_convert(fz_context *ctx, fz_color_converter *cc_, const float *ss, float *ds)
+ {
+ 	fz_cached_color_converter *cc = cc_->opaque;
+-	float *val = fz_hash_find(ctx, cc->hash, ss);
+-	int n = cc->base.ds->n * sizeof(float);
+-
+-	if (val)
++	if (cc->hash)
+ 	{
+-		memcpy(ds, val, n);
+-		return;
+-	}
++		float *val = fz_hash_find(ctx, cc->hash, ss);
++		int n = cc->base.ds->n * sizeof(float);
+ 
+-	cc->base.convert(ctx, &cc->base, ss, ds);
++		if (val)
++		{
++			memcpy(ds, val, n);
++			return;
++		}
+ 
+-	val = Memento_label(fz_malloc_array(ctx, cc->base.ds->n, float), "cached_color_convert");
+-	memcpy(val, ds, n);
+-	fz_try(ctx)
+-		fz_hash_insert(ctx, cc->hash, ss, val);
+-	fz_catch(ctx)
+-		fz_free(ctx, val);
++		cc->base.convert(ctx, &cc->base, ss, ds);
++
++		val = Memento_label(fz_malloc_array(ctx, cc->base.ds->n, float), "cached_color_convert");
++		memcpy(val, ds, n);
++		fz_try(ctx)
++			fz_hash_insert(ctx, cc->hash, ss, val);
++		fz_catch(ctx)
++			fz_free(ctx, val);
++	}
++	else
++	{
++		cc->base.convert(ctx, &cc->base, ss, ds);
++	}
+ }
+ 
+ void fz_init_cached_color_converter(fz_context *ctx, fz_color_converter *cc, fz_colorspace *ss, fz_colorspace *ds, fz_colorspace *is, fz_color_params params)
+@@ -1060,7 +1067,10 @@ void fz_init_cached_color_converter(fz_context *ctx, fz_color_converter *cc, fz_
+ 	fz_try(ctx)
+ 	{
+ 		fz_find_color_converter(ctx, &cached->base, ss, ds, is, params);
+-		cached->hash = fz_new_hash_table(ctx, 256, n * sizeof(float), -1, fz_free);
++		if (n * sizeof(float) <= FZ_HASH_TABLE_KEY_LENGTH)
++			cached->hash = fz_new_hash_table(ctx, 256, n * sizeof(float), -1, fz_free);
++		else
++			fz_warn(ctx, "colorspace has too many components to be cached");
+ 	}
+ 	fz_catch(ctx)
+ 	{
+diff --git a/source/fitz/hash.c b/source/fitz/hash.c
+index 882b886c9..287d43f03 100644
+--- a/source/fitz/hash.c
++++ b/source/fitz/hash.c
+@@ -11,11 +11,9 @@
+ 	and removed frequently.
+ */
+ 
+-enum { MAX_KEY_LEN = 48 };
+-
+ typedef struct
+ {
+-	unsigned char key[MAX_KEY_LEN];
++	unsigned char key[FZ_HASH_TABLE_KEY_LENGTH];
+ 	void *val;
+ } fz_hash_entry;
+ 
+@@ -50,7 +48,8 @@ fz_new_hash_table(fz_context *ctx, int initialsize, int keylen, int lock, fz_has
+ {
+ 	fz_hash_table *table;
+ 
+-	assert(keylen <= MAX_KEY_LEN);
++	if (keylen > FZ_HASH_TABLE_KEY_LENGTH)
++		fz_throw(ctx, FZ_ERROR_GENERIC, "hash table key length too large");
+ 
+ 	table = fz_malloc_struct(ctx, fz_hash_table);
+ 	table->keylen = keylen;
+-- 
+2.17.1
+

package/mupdf/mupdf.mk

@@ -22,9 +22,12 @@ MUPDF_DEPENDENCIES = \
 	xlib_libX11 \
 	zlib
 
-# 0001-Bug-703366-Fix-double-free-of-object-during-linearization.patch
+# 0002-Bug-703366-Fix-double-free-of-object-during-linearization.patch
 MUPDF_IGNORE_CVES += CVE-2021-3407
 
+# 0003-Bug-703791-Stay-within-hash-table-max-key-size-in-cached-color-converter.patch
+MUPDF_IGNORE_CVES += CVE-2021-37220
+
 # The pkg-config name for gumbo-parser is `gumbo`.
 MUPDF_PKG_CONFIG_PACKAGES = \
 	freetype2 \

package/network-manager/Config.in

@@ -4,6 +4,7 @@ config BR2_PACKAGE_NETWORK_MANAGER
 	depends on !BR2_STATIC_LIBS # gnutls
 	depends on BR2_USE_MMU # dbus
 	depends on BR2_PACKAGE_HAS_UDEV
+	depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_9
 	# Tested with 3.2, but may even work with earlier versions
 	depends on BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_2
 	depends on BR2_TOOLCHAIN_USES_GLIBC # CLOCK_BOOTTIME, IPTOS_CLASS_*
@@ -61,9 +62,10 @@ config BR2_PACKAGE_NETWORK_MANAGER_OVS
 
 endif
 
-comment "NetworkManager needs udev /dev management and a glibc toolchain w/ headers >= 3.2, dynamic library, wchar, threads"
+comment "NetworkManager needs udev /dev management and a glibc toolchain w/ headers >= 3.2, dynamic library, wchar, threads, gcc >= 4.9"
 	depends on BR2_USE_MMU
 	depends on !BR2_PACKAGE_HAS_UDEV || \
 		!BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_2 || \
 		!BR2_TOOLCHAIN_USES_GLIBC || BR2_STATIC_LIBS || \
-		!BR2_USE_WCHAR || !BR2_TOOLCHAIN_HAS_THREADS
+		!BR2_USE_WCHAR || !BR2_TOOLCHAIN_HAS_THREADS || \
+		!BR2_TOOLCHAIN_GCC_AT_LEAST_4_9

package/openzwave/openzwave.mk

@@ -23,7 +23,7 @@ OPENZWAVE_INSTALL_STAGING = YES
 # the correct directory otherwise openzwave will install configuration files in
 # $(PREFIX)/etc/openzwave.
 # Disable doxygen documentation.
-# Set {DEBUG,RELEASE}_CFLAGS to an empty value to remove -Werror.
+# Set {DEBUG,RELEASE}_CFLAGS to remove -Werror.
 OPENZWAVE_MAKE_OPTS = \
 	CROSS_COMPILE="$(TARGET_CROSS)" \
 	PREFIX=/usr \
@@ -31,8 +31,8 @@ OPENZWAVE_MAKE_OPTS = \
 	pkgconfigdir=/usr/lib/pkgconfig \
 	sysconfdir=/etc/openzwave \
 	DOXYGEN= \
-	DEBUG_CFLAGS= \
-	RELEASE_CFLAGS= \
+	DEBUG_CFLAGS="-fPIC -std=c++11" \
+	RELEASE_CFLAGS="-fPIC -std=c++11" \
 	USE_BI_TXML=0
 
 ifeq ($(BR2_PACKAGE_HAS_UDEV),y)

package/pdbg/0001-template-Fix-alignment.patch

@@ -0,0 +1,39 @@
+From 0080d0a64da274207bc341491f87863952bb6e3b Mon Sep 17 00:00:00 2001
+From: Joel Stanley <joel@jms.id.au>
+Date: Tue, 3 Aug 2021 17:28:17 +0930
+Subject: [PATCH] template: Fix alignment
+
+The assembler complains about unaliged data:
+
+ ./template.S: Assembler messages:
+ ./template.S:21: Error: misaligned data
+
+If the included data is not an aligned size, the the symbols following
+will be unaligned.
+
+We lost the alignment directive in commit 5f3deee1289e ("template: new
+libfdt requires 8-byte aligned fdt"), so add it back as it was before
+that commit.
+
+Reported by the buildroot autobuilder.
+
+Signed-off-by: Joel Stanley <joel@jms.id.au>
+---
+ template.S | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/template.S b/template.S
+index ecf9bba0656d..df8c064d6bc0 100644
+--- a/template.S
++++ b/template.S
+@@ -17,6 +17,7 @@
+ SYM_START(SYMBOL_PREFIX):
+ .incbin FILENAME
+ SYM_END(SYMBOL_PREFIX):
++.align 4
+ SYM_SIZE(SYMBOL_PREFIX):
+ 	.long	SYM_END(SYMBOL_PREFIX) - SYM_START(SYMBOL_PREFIX)
+ .globl SYM_START(SYMBOL_PREFIX)
+-- 
+2.32.0
+

package/php/Config.ext

@@ -10,8 +10,12 @@ config BR2_PACKAGE_PHP_EXT_FILEINFO
 	help
 	  File Information support
 
+comment "OPcache needs a toolchain w/ dynamic library"
+	depends on BR2_STATIC_LIBS
+
 config BR2_PACKAGE_PHP_EXT_OPCACHE
 	bool "OPcache"
+	depends on !BR2_STATIC_LIBS
 	help
 	  Enable the Zend OPcache accelerator.
 
@@ -83,12 +87,6 @@ config BR2_PACKAGE_PHP_EXT_LIBSODIUM
 	help
 	  libsodium support
 
-config BR2_PACKAGE_PHP_EXT_MCRYPT
-	bool "mcrypt"
-	select BR2_PACKAGE_LIBMCRYPT
-	help
-	  mcrypt support
-
 config BR2_PACKAGE_PHP_EXT_OPENSSL
 	bool "openssl"
 	select BR2_PACKAGE_OPENSSL

package/php/php.mk

@@ -136,11 +136,6 @@ PHP_CONF_OPTS += --enable-mbstring
 PHP_DEPENDENCIES += oniguruma
 endif
 
-ifeq ($(BR2_PACKAGE_PHP_EXT_MCRYPT),y)
-PHP_CONF_OPTS += --with-mcrypt=$(STAGING_DIR)/usr
-PHP_DEPENDENCIES += libmcrypt
-endif
-
 ifeq ($(BR2_PACKAGE_PHP_EXT_OPENSSL),y)
 PHP_CONF_OPTS += --with-openssl=$(STAGING_DIR)/usr
 PHP_DEPENDENCIES += openssl

package/pipewire/pipewire.mk

@@ -95,9 +95,9 @@ else
 PIPEWIRE_CONF_OPTS += -Dv4l2=disabled
 endif
 
-ifeq ($(BR2_PACKAGE_LIBCAMERA)$(BR2_PACKAGE_HAS_UDEV),yy)
+ifeq ($(BR2_PACKAGE_LIBCAMERA)$(BR2_PACKAGE_LIBDRM)$(BR2_PACKAGE_HAS_UDEV),yyy)
 PIPEWIRE_CONF_OPTS += -Dlibcamera=enabled
-PIPEWIRE_DEPENDENCIES += libcamera
+PIPEWIRE_DEPENDENCIES += libcamera libdrm
 else
 PIPEWIRE_CONF_OPTS += -Dlibcamera=disabled
 endif

package/pistache/0003-include-pistache-typeid.h-include-cstddef.patch

@@ -0,0 +1,38 @@
+From 37291201ed948e9d65993a717c59bb14f4187e13 Mon Sep 17 00:00:00 2001
+From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+Date: Thu, 5 Aug 2021 19:02:56 +0200
+Subject: [PATCH] include/pistache/typeid.h: include cstddef
+
+Include cstddef to avoid the following build failure with gcc 11:
+
+In file included from /tmp/instance-3/output-1/build/pistache-f2f5a50fbfb5b8ef6cf1d3d2a9d442a8270e375d/src/../include/pistache/async.h:10,
+                 from /tmp/instance-3/output-1/build/pistache-f2f5a50fbfb5b8ef6cf1d3d2a9d442a8270e375d/src/../include/pistache/client.h:9,
+                 from /tmp/instance-3/output-1/build/pistache-f2f5a50fbfb5b8ef6cf1d3d2a9d442a8270e375d/src/client/client.cc:7:
+/tmp/instance-3/output-1/build/pistache-f2f5a50fbfb5b8ef6cf1d3d2a9d442a8270e375d/src/../include/pistache/typeid.h:26:12: error: expected type-specifier before 'size_t'
+   26 |   operator size_t() const { return reinterpret_cast<size_t>(id_); }
+      |            ^~~~~~
+
+Fixes:
+ - http://autobuild.buildroot.org/results/2443559df8c2357476e4cbdbebb08280cbb80a3b
+
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+[Upstream status: https://github.com/pistacheio/pistache/pull/965]
+---
+ include/pistache/typeid.h | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/include/pistache/typeid.h b/include/pistache/typeid.h
+index 10353ca..893e7c1 100644
+--- a/include/pistache/typeid.h
++++ b/include/pistache/typeid.h
+@@ -7,6 +7,7 @@
+ 
+ #pragma once
+ 
++#include <cstddef>
+ #include <functional>
+ 
+ namespace Pistache
+-- 
+2.30.2
+

package/pixman/pixman.mk

@@ -44,12 +44,20 @@ ifneq ($(BR2_iwmmxt),y)
 PIXMAN_CONF_OPTS += --disable-arm-iwmmxt
 endif
 
+PIXMAN_CFLAGS = $(TARGET_CFLAGS)
+
 # toolchain gets confused about TLS access through GOT (PIC), so disable TLS
 # movhi	r4, %got_hiadj(%tls_ldo(fast_path_cache))
 # {standard input}:172: Error: bad expression
 ifeq ($(BR2_TOOLCHAIN_EXTERNAL_CODESOURCERY_NIOSII),y)
-PIXMAN_CONF_ENV += CFLAGS="$(TARGET_CFLAGS) -DPIXMAN_NO_TLS"
+PIXMAN_CFLAGS += -DPIXMAN_NO_TLS
+endif
+
+ifeq ($(BR2_TOOLCHAIN_HAS_GCC_BUG_101737),y)
+PIXMAN_CFLAGS += -O0
 endif
 
+PIXMAN_CONF_OPTS += CFLAGS="$(PIXMAN_CFLAGS)"
+
 $(eval $(autotools-package))
 $(eval $(host-autotools-package))

package/python3/0036-Fix-dictionary-iteration-error-in-_ExecutorManagerTh.patch

@@ -0,0 +1,29 @@
+From 331966be70c371b268a4fcce9e97280cd869f137 Mon Sep 17 00:00:00 2001
+From: Jakub Kulik <kulikjak@gmail.com>
+Date: Mon, 15 Mar 2021 08:49:28 +0100
+Subject: [PATCH] Fix dictionary iteration error in _ExecutorManagerThread
+
+[Thomas: Taken from upstream pull request
+https://github.com/python/cpython/pull/24868, which is aimed at fixing
+https://bugs.python.org/issue43498]
+Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
+---
+ Lib/concurrent/futures/process.py | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/Lib/concurrent/futures/process.py b/Lib/concurrent/futures/process.py
+index 90bc98bf2ec..e3b36dff572 100644
+--- a/Lib/concurrent/futures/process.py
++++ b/Lib/concurrent/futures/process.py
+@@ -373,7 +373,7 @@ class _ExecutorManagerThread(threading.Thread):
+         assert not self.thread_wakeup._closed
+         wakeup_reader = self.thread_wakeup._reader
+         readers = [result_reader, wakeup_reader]
+-        worker_sentinels = [p.sentinel for p in self.processes.values()]
++        worker_sentinels = [p.sentinel for p in self.processes.copy().values()]
+         ready = mp.connection.wait(readers + worker_sentinels)
+ 
+         cause = None
+-- 
+2.31.1
+

package/qpdf/0002-Fix-some-pipelines-to-be-safe-if-downstream-write-fails.patch

@@ -0,0 +1,86 @@
+From dc92574c10f3e2516ec6445b88c5d584f40df4e5 Mon Sep 17 00:00:00 2001
+From: Jay Berkenbilt <ejb@ql.org>
+Date: Mon, 4 Jan 2021 11:55:28 -0500
+Subject: [PATCH] Fix some pipelines to be safe if downstream write fails (fuzz
+ issue 28262)
+
+[Retrieved (and updated to remove updates on ChangeLog and fuzz) from:
+https://github.com/qpdf/qpdf/commit/dc92574c10f3e2516ec6445b88c5d584f40df4e5]
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+---
+ ChangeLog                     |   6 ++++++
+ fuzz/qpdf_extra/28262.fuzz    | Bin 0 -> 40395 bytes
+ libqpdf/Pl_AES_PDF.cc         |   2 +-
+ libqpdf/Pl_ASCII85Decoder.cc  |   7 +++++--
+ libqpdf/Pl_ASCIIHexDecoder.cc |   6 ++++--
+ libqpdf/Pl_Count.cc           |   2 +-
+ 6 files changed, 17 insertions(+), 6 deletions(-)
+ create mode 100644 fuzz/qpdf_extra/28262.fuzz
+
+diff --git a/libqpdf/Pl_AES_PDF.cc b/libqpdf/Pl_AES_PDF.cc
+index 18cf3a4d..2865f804 100644
+--- a/libqpdf/Pl_AES_PDF.cc
++++ b/libqpdf/Pl_AES_PDF.cc
+@@ -238,6 +238,6 @@ Pl_AES_PDF::flush(bool strip_padding)
+ 	    }
+ 	}
+     }
+-    getNext()->write(this->outbuf, bytes);
+     this->offset = 0;
++    getNext()->write(this->outbuf, bytes);
+ }
+diff --git a/libqpdf/Pl_ASCII85Decoder.cc b/libqpdf/Pl_ASCII85Decoder.cc
+index b8df3e87..9d9f6704 100644
+--- a/libqpdf/Pl_ASCII85Decoder.cc
++++ b/libqpdf/Pl_ASCII85Decoder.cc
+@@ -119,10 +119,13 @@ Pl_ASCII85Decoder::flush()
+ 
+     QTC::TC("libtests", "Pl_ASCII85Decoder partial flush",
+ 	    (this->pos == 5) ? 0 : 1);
+-    getNext()->write(outbuf, this->pos - 1);
+-
++    // Reset before calling getNext()->write in case that throws an
++    // exception.
++    auto t = this->pos - 1;
+     this->pos = 0;
+     memset(this->inbuf, 117, 5);
++
++    getNext()->write(outbuf, t);
+ }
+ 
+ void
+diff --git a/libqpdf/Pl_ASCIIHexDecoder.cc b/libqpdf/Pl_ASCIIHexDecoder.cc
+index f20a9769..7845268e 100644
+--- a/libqpdf/Pl_ASCIIHexDecoder.cc
++++ b/libqpdf/Pl_ASCIIHexDecoder.cc
+@@ -97,12 +97,14 @@ Pl_ASCIIHexDecoder::flush()
+ 
+     QTC::TC("libtests", "Pl_ASCIIHexDecoder partial flush",
+ 	    (this->pos == 2) ? 0 : 1);
+-    getNext()->write(&ch, 1);
+-
++    // Reset before calling getNext()->write in case that throws an
++    // exception.
+     this->pos = 0;
+     this->inbuf[0] = '0';
+     this->inbuf[1] = '0';
+     this->inbuf[2] = '\0';
++
++    getNext()->write(&ch, 1);
+ }
+ 
+ void
+diff --git a/libqpdf/Pl_Count.cc b/libqpdf/Pl_Count.cc
+index 8077092a..c35619b8 100644
+--- a/libqpdf/Pl_Count.cc
++++ b/libqpdf/Pl_Count.cc
+@@ -27,8 +27,8 @@ Pl_Count::write(unsigned char* buf, size_t len)
+     if (len)
+     {
+ 	this->m->count += QIntC::to_offset(len);
+-	getNext()->write(buf, len);
+ 	this->m->last_char = buf[len - 1];
++	getNext()->write(buf, len);
+     }
+ }
+ 

package/qpdf/qpdf.mk

@@ -14,6 +14,9 @@ QPDF_DEPENDENCIES = host-pkgconf zlib jpeg
 
 QPDF_CONF_OPTS = --with-random=/dev/urandom
 
+# 0002-Fix-some-pipelines-to-be-safe-if-downstream-write-fails.patch
+QPDF_IGNORE_CVES += CVE-2021-36978
+
 ifeq ($(BR2_PACKAGE_GNUTLS),y)
 QPDF_CONF_OPTS += --enable-crypto-gnutls
 QPDF_DEPENDENCIES += gnutls

package/s390-tools/0004-zipl-boot-Makefile-no-pie-is-not-a-valid-ld-flag.patch

@@ -0,0 +1,29 @@
+From 9fd3c733c645be13a2e39a3bae3983f88530b48d Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Lukas=20M=C3=A4rdian?= <lukas.maerdian@canonical.com>
+Date: Thu, 7 Jan 2021 12:46:22 +0100
+Subject: [PATCH] zipl/boot/Makefile: -no-pie is not a valid ld flag
+
+The "-no-pie" option never has been a valid flag of ld. It breaks the build with newer binutils.
+See:
+https://sourceware.org/bugzilla/show_bug.cgi?id=27050
+https://bugs.launchpad.net/ubuntu/+source/s390-tools/+bug/1907789
+
+[Retrieved from: https://github.com/ibm-s390-linux/s390-tools/pull/106]
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+---
+ zipl/boot/Makefile | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/zipl/boot/Makefile b/zipl/boot/Makefile
+index a2e5f190..b81df778 100644
+--- a/zipl/boot/Makefile
++++ b/zipl/boot/Makefile
+@@ -109,7 +109,7 @@ stage3.bin:	stage3.exec
+ 		$< $@
+ 
+ data.o: $(FILES)
+-	$(LD) $(NO_PIE_LDFLAGS) -r -b binary -o data.o $(FILES)
++	$(LD) -r -b binary -o data.o $(FILES)
+ 
+ data.h: data.o
+ 	rm -f data.h

package/shairport-sync/0001-configure.ac-find-sndfile-through-pkg-config.patch

@@ -0,0 +1,43 @@
+From 900b1827c55cc6020b3242640075174c2e6b12a5 Mon Sep 17 00:00:00 2001
+From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+Date: Wed, 4 Aug 2021 22:16:40 +0200
+Subject: [PATCH] configure.ac: find sndfile through pkg-config
+
+Find sndfile through pkg-config to retrieve sndfile dependencies such as
+flac and avoid the following static build failure:
+
+/tmp/instance-3/output-1/host/lib/gcc/xtensa-buildroot-linux-uclibc/10.3.0/../../../../xtensa-buildroot-linux-uclibc/bin/ld: /tmp/instance-3/output-1/host/bin/../xtensa-buildroot-linux-uclibc/sysroot/usr/lib/libsndfile.a(libsndfile_la-flac.o): in function `flac_byterate':
+flac.c:(.text+0xfc): undefined reference to `FLAC__StreamDecoderErrorStatusString'
+
+Fixes:
+ - http://autobuild.buildroot.org/results/92ed30a6855ca11800b779718822bcba4a69c9a3
+
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+[Upstream status: https://github.com/mikebrady/shairport-sync/pull/1263]
+---
+ configure.ac | 9 ++++++++-
+ 1 file changed, 8 insertions(+), 1 deletion(-)
+
+diff --git a/configure.ac b/configure.ac
+index f77087c5..9b982c51 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -304,7 +304,14 @@ AC_ARG_WITH(convolution, [AS_HELP_STRING([--with-convolution],[choose audio DSP
+ if test "x$with_convolution" = "xyes" ; then
+   AM_INIT_AUTOMAKE([subdir-objects])
+   AC_DEFINE([CONFIG_CONVOLUTION], 1, [Include audio DSP convolution support.])
+-  AC_CHECK_LIB([sndfile], [sf_open], , AC_MSG_ERROR(Convolution support requires the sndfile library -- libsndfile1-dev suggested!))
++  if  test "x${with_pkg_config}" = xyes ; then
++    PKG_CHECK_MODULES(
++      [sndfile], [sndfile],
++      [CFLAGS="${sndfile_CFLAGS} ${CFLAGS}"
++      LIBS="${sndfile_LIBS} ${LIBS}"], AC_MSG_ERROR(Convolution support requires the sndfile library -- libsndfile1-dev suggested!))
++  else
++    AC_CHECK_LIB([sndfile], [sf_open], , AC_MSG_ERROR(Convolution support requires the sndfile library -- libsndfile1-dev suggested!))
++  fi
+ fi
+ AM_CONDITIONAL([USE_CONVOLUTION], [test "x$with_convolution" = "xyes"])
+ 
+-- 
+2.30.2
+

package/shairport-sync/shairport-sync.hash

@@ -1,3 +1,3 @@
 # Locally calculated
-sha256  7f8d4ecec53f2f681a962467bf09205568fc936c8c31a9ee07b1bd72d3d95b12  shairport-sync-3.3.7.tar.gz
+sha256  c92f9a2d86dd1138673abc66e0010c94412ad6a46da8f36c3d538f4fa6b9faca  shairport-sync-3.3.8.tar.gz
 sha256  1daaa904985807b7f9f2fa91f6b19f3faadf8df4e813f7451a691f89a6965e3f  LICENSES

package/shairport-sync/shairport-sync.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-SHAIRPORT_SYNC_VERSION = 3.3.7
+SHAIRPORT_SYNC_VERSION = 3.3.8
 SHAIRPORT_SYNC_SITE = $(call github,mikebrady,shairport-sync,$(SHAIRPORT_SYNC_VERSION))
 
 SHAIRPORT_SYNC_LICENSE = MIT, BSD-3-Clause
@@ -28,14 +28,16 @@ SHAIRPORT_SYNC_CONF_ENV += LIBS="$(SHAIRPORT_SYNC_CONF_LIBS)"
 # libavahi-client.
 ifeq ($(BR2_PACKAGE_AVAHI_DAEMON)$(BR2_PACKAGE_DBUS),yy)
 SHAIRPORT_SYNC_DEPENDENCIES += avahi
-SHAIRPORT_SYNC_CONF_OPTS += --with-avahi
+SHAIRPORT_SYNC_CONF_OPTS += --with-avahi --without-tinysvcmdns
 else
-SHAIRPORT_SYNC_CONF_OPTS += --with-tinysvcmdns
+SHAIRPORT_SYNC_CONF_OPTS += --without-avahi --with-tinysvcmdns
 endif
 
 ifeq ($(BR2_PACKAGE_LIBDAEMON),y)
 SHAIRPORT_SYNC_DEPENDENCIES += libdaemon
 SHAIRPORT_SYNC_CONF_OPTS += --with-libdaemon
+else
+SHAIRPORT_SYNC_CONF_OPTS += --without-libdaemon
 endif
 
 # OpenSSL or mbedTLS
@@ -54,21 +56,29 @@ endif
 ifeq ($(BR2_PACKAGE_SHAIRPORT_SYNC_CONVOLUTION),y)
 SHAIRPORT_SYNC_DEPENDENCIES += libsndfile
 SHAIRPORT_SYNC_CONF_OPTS += --with-convolution
+else
+SHAIRPORT_SYNC_CONF_OPTS += --without-convolution
 endif
 
 ifeq ($(BR2_PACKAGE_SHAIRPORT_SYNC_DBUS),y)
 SHAIRPORT_SYNC_DEPENDENCIES += libglib2
 SHAIRPORT_SYNC_CONF_OPTS += --with-dbus-interface --with-mpris-interface
+else
+SHAIRPORT_SYNC_CONF_OPTS += --without-dbus-interface --without-mpris-interface
 endif
 
 ifeq ($(BR2_PACKAGE_SHAIRPORT_SYNC_LIBSOXR),y)
 SHAIRPORT_SYNC_DEPENDENCIES += libsoxr
 SHAIRPORT_SYNC_CONF_OPTS += --with-soxr
+else
+SHAIRPORT_SYNC_CONF_OPTS += --without-soxr
 endif
 
 ifeq ($(BR2_PACKAGE_SHAIRPORT_SYNC_MQTT),y)
 SHAIRPORT_SYNC_DEPENDENCIES += avahi dbus mosquitto
 SHAIRPORT_SYNC_CONF_OPTS += --with-mqtt-client
+else
+SHAIRPORT_SYNC_CONF_OPTS += --without-mqtt-client
 endif
 
 define SHAIRPORT_SYNC_INSTALL_TARGET_CMDS

package/sox/0005-configure.ac-fix-static-linking-with-sndfile.patch

@@ -0,0 +1,44 @@
+From 06109c84ab6930265287049c4bf9405e7ebc4986 Mon Sep 17 00:00:00 2001
+From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+Date: Wed, 4 Aug 2021 10:27:16 +0200
+Subject: [PATCH] configure.ac: fix static linking with sndfile
+
+Use SOX_FMT_PKG to retrieve sndfile dependencies (e.g. flac, opus or
+vorbis). This will fix the following static build failure:
+
+configure:14720: checking for sf_open_virtual in -lsndfile
+configure:14745: /tmp/instance-1/output-1/host/bin/xtensa-buildroot-linux-uclibc-gcc -o conftest -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -mlongcalls -mauto-litpools -Os -g0  -static -Wall -Wmissing-prototypes -Wstrict-prototypes  -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64  -static -Wl,--as-needed conftest.c -lsndfile    >&5
+conftest.c:73:1: warning: function declaration isn't a prototype [-Wstrict-prototypes]
+   73 | char sf_open_virtual ();
+      | ^~~~
+conftest.c:75:1: warning: function declaration isn't a prototype [-Wstrict-prototypes]
+   75 | main ()
+      | ^~~~
+/tmp/instance-1/output-1/host/lib/gcc/xtensa-buildroot-linux-uclibc/10.3.0/../../../../xtensa-buildroot-linux-uclibc/bin/ld: /tmp/instance-1/output-1/host/xtensa-buildroot-linux-uclibc/sysroot/usr/lib/libsndfile.a(libsndfile_la-flac.o): in function `flac_byterate':
+flac.c:(.text+0xfc): undefined reference to `FLAC__StreamDecoderErrorStatusString'
+
+Fixes:
+ - http://autobuild.buildroot.org/results/4bc58ed68b29642876bb02710d0cd4f31540de86
+
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+[Upstream status: not sent yet (waiting for feedback on third patch)]
+---
+ configure.ac | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/configure.ac b/configure.ac
+index 8ae3202c..26510769 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -117,7 +117,7 @@ SOX_FMT_REQ([mp3], [MAD LAME TWOLAME])
+ SOX_FMT_PKG([oggvorbis], [ogg vorbis vorbisenc vorbisfile])
+ SOX_FMT_PKG([opus], [opusfile])
+ 
+-SOX_DL_LIB([libsndfile], [sndfile.h], [sndfile], [sf_open_virtual])
++SOX_FMT_PKG([libsndfile], [sndfile])
+ SOX_FMT_REQ([sndfile], [LIBSNDFILE])
+ 
+ SOX_FMT_LIB([wavpack], [wavpack/wavpack.h], [wavpack], [WavpackGetSampleRate])
+-- 
+2.30.2
+

package/sysdig/Config.in

@@ -1,7 +1,7 @@
 config BR2_PACKAGE_SYSDIG
 	bool "sysdig"
 	depends on BR2_LINUX_KERNEL
-	depends on BR2_INSTALL_LIBSTDCPP # libjson
+	depends on BR2_INSTALL_LIBSTDCPP # jsoncpp
 	depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_8
 	depends on BR2_TOOLCHAIN_HAS_THREADS # elfutils, jq
 	depends on !BR2_STATIC_LIBS # elfutils

package/syslog-ng/0002-modules-diskq-dqtool.c-fix-static-build.patch

@@ -0,0 +1,33 @@
+From 04c8fe720d09bd6e53c4bcea9ad72ff131925ce6 Mon Sep 17 00:00:00 2001
+From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+Date: Fri, 23 Jul 2021 18:41:29 +0200
+Subject: [PATCH] modules/diskq/dqtool.c: fix static build
+
+Fix the following static build failure:
+
+/data/buildroot-autobuilder/instance-0/output-1/host/opt/ext-toolchain/bin/../lib/gcc/riscv64-buildroot-linux-musl/10.2.0/../../../../riscv64-buildroot-linux-musl/bin/ld: ./lib/.libs/libsyslog-ng.a(lib_libsyslog_ng_la-messages.o):(.sbss+0x2c): multiple definition of `verbose_flag'; modules/diskq/dqtool.o:(.sbss+0x4): first defined here
+/data/buildroot-autobuilder/instance-0/output-1/host/opt/ext-toolchain/bin/../lib/gcc/riscv64-buildroot-linux-musl/10.2.0/../../../../riscv64-buildroot-linux-musl/bin/ld: ./lib/.libs/libsyslog-ng.a(lib_libsyslog_ng_la-messages.o):(.sbss+0x30): multiple definition of `debug_flag'; modules/diskq/dqtool.o:(.sbss+0x8): first defined here
+
+Fixes:
+ - http://autobuild.buildroot.org/results/ccd0a954f6e0676db67026f8b8c89823f3e5c510
+
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+[Retrieved from:
+https://github.com/syslog-ng/syslog-ng/commit/04c8fe720d09bd6e53c4bcea9ad72ff131925ce6]
+---
+ modules/diskq/dqtool.c | 2 --
+ 1 file changed, 2 deletions(-)
+
+diff --git a/modules/diskq/dqtool.c b/modules/diskq/dqtool.c
+index 6105f2ec68..50be452453 100644
+--- a/modules/diskq/dqtool.c
++++ b/modules/diskq/dqtool.c
+@@ -49,8 +49,6 @@ gchar *persist_file_path;
+ gchar *assign_persist_name;
+ gboolean relocate_all;
+ gboolean display_version;
+-gboolean debug_flag;
+-gboolean verbose_flag;
+ gboolean assign_help;
+ 
+ static GOptionEntry cat_options[] =

package/system-config-printer/system-config-printer.mk

@@ -9,7 +9,7 @@ SYSTEM_CONFIG_PRINTER_SOURCE = system-config-printer-$(SYSTEM_CONFIG_PRINTER_VER
 SYSTEM_CONFIG_PRINTER_SITE = https://github.com/OpenPrinting/system-config-printer/releases/download/v$(SYSTEM_CONFIG_PRINTER_VERSION)
 SYSTEM_CONFIG_PRINTER_LICENSE = GPL-2.0+
 SYSTEM_CONFIG_PRINTER_LICENSE_FILES = COPYING
-SYSTEM_CONFIG_PRINTER_DEPENDENCIES = cups host-intltool host-pkgconf
+SYSTEM_CONFIG_PRINTER_DEPENDENCIES = cups host-desktop-file-utils host-intltool host-pkgconf
 
 # 0001-Add-option-to-disable-xmlto-manual-generation.patch
 # 0002-configure-accept-non-system-cups-config.patch

package/uhd/0004-lib-Fix-missing-includes-in-rpc-hpp.patch

@@ -0,0 +1,28 @@
+From 9c4d9d826a6f40f199c526afd5ec168d5d088591 Mon Sep 17 00:00:00 2001
+From: Martin Braun <martin.braun@ettus.com>
+Date: Fri, 29 Jan 2021 12:23:50 +0100
+Subject: [PATCH] lib: Fix missing includes in rpc.hpp
+
+[Retrieved from:
+https://github.com/EttusResearch/uhd/commit/9c4d9d826a6f40f199c526afd5ec168d5d088591]
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+---
+ host/lib/include/uhdlib/utils/rpc.hpp | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/host/lib/include/uhdlib/utils/rpc.hpp b/host/lib/include/uhdlib/utils/rpc.hpp
+index e87a2ee324..ca89c10547 100644
+--- a/host/lib/include/uhdlib/utils/rpc.hpp
++++ b/host/lib/include/uhdlib/utils/rpc.hpp
+@@ -12,7 +12,11 @@
+ #include <rpc/client.h>
+ #include <rpc/rpc_error.h>
+ #include <boost/format.hpp>
++#include <chrono>
+ #include <memory>
++#include <mutex>
++#include <string>
++#include <thread>
+ 
+ namespace {
+ 

package/usbguard/Config.in

@@ -8,6 +8,7 @@ config BR2_PACKAGE_USBGUARD
 	depends on !BR2_TOOLCHAIN_USES_MUSL
 	select BR2_PACKAGE_PROTOBUF
 	select BR2_PACKAGE_LIBQB
+	select BR2_PACKAGE_LIBSODIUM if !BR2_PACKAGE_LIBGCRYPT && !BR2_PACKAGE_LIBOPENSSL
 	help
 	  The USBGuard software framework
 

package/usbguard/usbguard.mk

@@ -19,23 +19,19 @@ USBGUARD_CONF_OPTS = \
 
 USBGUARD_DEPENDENCIES += libqb protobuf
 
-ifeq ($(BR2_PACKAGE_LIBOPENSSL),y)
+ifeq ($(BR2_PACKAGE_LIBSODIUM),y)
+USBGUARD_CONF_OPTS += --with-crypto-library=sodium
+USBGUARD_DEPENDENCIES += libsodium
+else ifeq ($(BR2_PACKAGE_LIBOPENSSL),y)
 USBGUARD_CONF_OPTS += --with-crypto-library=openssl
 USBGUARD_DEPENDENCIES += libopenssl
-endif
-
-ifeq ($(BR2_PACKAGE_LIBGCRYPT),y)
+else ifeq ($(BR2_PACKAGE_LIBGCRYPT),y)
 USBGUARD_CONF_ENV += \
 	ac_cv_path_LIBGCRYPT_CONFIG=$(STAGING_DIR)/usr/bin/libgcrypt-config
 USBGUARD_CONF_OPTS += --with-crypto-library=gcrypt
 USBGUARD_DEPENDENCIES += libgcrypt
 endif
 
-ifeq ($(BR2_PACKAGE_LIBSODIUM),y)
-USBGUARD_CONF_OPTS += --with-crypto-library=sodium
-USBGUARD_DEPENDENCIES += libsodium
-endif
-
 ifeq ($(BR2_PACKAGE_SYSTEMD),y)
 USBGUARD_CONF_OPTS += --enable-systemd
 USBGUARD_DEPENDENCIES += systemd

package/wireshark/wireshark.mk

@@ -44,6 +44,10 @@ endef
 
 WIRESHARK_PRE_BUILD_HOOKS += WIRESHARK_BUILD_LEMON_TOOL
 
+ifeq ($(BR2_TOOLCHAIN_HAS_LIBATOMIC),y)
+WIRESHARK_CONF_OPTS += -DCMAKE_EXE_LINKER_FLAGS=-latomic
+endif
+
 ifeq ($(BR2_GCC_ENABLE_LTO),y)
 WIRESHARK_CONF_OPTS += -DENABLE_LTO=ON
 else

package/x11r7/xlib_libxshmfence/Config.in

@@ -1,5 +1,8 @@
 config BR2_PACKAGE_XLIB_LIBXSHMFENCE
 	bool "libxshmfence"
+	# Due to use of SYS_futex - can be enabled again when upstream
+	# adds SYS_futex64 as an alternative
+	depends on !BR2_RISCV_32
 	depends on BR2_TOOLCHAIN_HAS_SYNC_4
 	select BR2_PACKAGE_XORGPROTO
 	help

package/x11r7/xserver_xorg-server/Config.in

@@ -53,7 +53,8 @@ config BR2_PACKAGE_XSERVER_XORG_SERVER_MODULAR
 	depends on BR2_INSTALL_LIBSTDCPP
 	select BR2_PACKAGE_LIBDRM
 	select BR2_PACKAGE_LIBPCIACCESS
-	select BR2_PACKAGE_XLIB_LIBXSHMFENCE if BR2_TOOLCHAIN_HAS_SYNC_4
+	select BR2_PACKAGE_XLIB_LIBXSHMFENCE if \
+		(BR2_TOOLCHAIN_HAS_SYNC_4 && !BR2_RISCV_32)
 	help
 	  This variant of the X.org server is the full-blown variant,
 	  as used by desktop GNU/Linux distributions. The drivers (for

package/zstd/zstd.mk

@@ -12,12 +12,7 @@ ZSTD_LICENSE_FILES = LICENSE COPYING
 ZSTD_CPE_ID_VENDOR = facebook
 ZSTD_CPE_ID_PRODUCT = zstandard
 
-ifeq ($(BR2_TOOLCHAIN_HAS_THREADS),y)
-ZSTD_OPTS += HAVE_THREAD=1
-else
-ZSTD_OPTS += HAVE_THREAD=0
-endif
-
+ZSTD_OPTS += ZSTD_LEGACY_SUPPORT=0
 ifeq ($(BR2_PACKAGE_ZLIB),y)
 ZSTD_DEPENDENCIES += zlib
 ZSTD_OPTS += HAVE_ZLIB=1
@@ -39,23 +34,31 @@ else
 ZSTD_OPTS += HAVE_LZ4=0
 endif
 
+# zstd will append -O3 after $(CFLAGS), use MOREFLAGS to override again
+ZSTD_OPTS += MOREFLAGS="$(TARGET_OPTIMIZATION)"
+
 ifeq ($(BR2_STATIC_LIBS),y)
 ZSTD_BUILD_LIBS = libzstd.a
 ZSTD_INSTALL_LIBS = install-static
 else ifeq ($(BR2_SHARED_LIBS),y)
-ZSTD_BUILD_LIBS = libzstd
+ZSTD_BUILD_LIBS = lib
 ZSTD_INSTALL_LIBS = install-shared
 else
-ZSTD_BUILD_LIBS = libzstd.a libzstd
+ZSTD_BUILD_LIBS = lib
 ZSTD_INSTALL_LIBS = install-static install-shared
 endif
 
 # The HAVE_THREAD flag is read by the 'programs' makefile but not by  the 'lib'
-# one. Building a multi-threaded binary with a library (which defaults to
-# single-threaded) gives a runtime error when compressing files.
-# The 'lib' makefile provides specific '%-mt' targets for this purpose.
+# one. Building a multi-threaded binary with a static library (which defaults
+# to single-threaded) gives a runtime error when compressing files.
+# The 'lib' makefile provides specific '%-mt' and '%-nomt' targets for this
+# purpose.
 ifeq ($(BR2_TOOLCHAIN_HAS_THREADS),y)
+ZSTD_OPTS += HAVE_THREAD=1
 ZSTD_BUILD_LIBS := $(addsuffix -mt,$(ZSTD_BUILD_LIBS))
+else
+ZSTD_OPTS += HAVE_THREAD=0
+ZSTD_BUILD_LIBS := $(addsuffix -nomt,$(ZSTD_BUILD_LIBS))
 endif
 
 define ZSTD_BUILD_CMDS

toolchain/Config.in

@@ -176,6 +176,13 @@ config BR2_TOOLCHAIN_HAS_GCC_BUG_99140
 	bool
 	default y if BR2_nios2 && !BR2_TOOLCHAIN_GCC_AT_LEAST_8
 
+# https://gcc.gnu.org/bugzilla/show_bug.cgi?id=101737
+# ICE: SH4 -Os causes internal compiler error. This bug
+# still exists in gcc = 11.1.0
+config BR2_TOOLCHAIN_HAS_GCC_BUG_101737
+	bool
+	default y if BR2_sh4
+
 config BR2_TOOLCHAIN_HAS_NATIVE_RPC
 	bool