Now that `dev-lang/tcl` is included in SDK, we can now build
dev-db/sqlite without having to rely on third-party patches
in coreos-overlay.
So simply sync sqlite with Gentoo upstream, and update to the latest
version 3.33.0.
Now that dev-libs/glib was updated to 2.64.5, we need to also update
dev-util/gdbus-codegen to 2.64.5.
Otherwise we would see strange slot conflicts like:
```
* Error: The above package list contains packages which cannot be
* installed at the same time on the same system.
(dev-libs/glib-2.64.5:2/2::portage-stable, ebuild scheduled for merge) pulled in by
>=dev-libs/glib-2.58.3:2 required by (dev-util/gdbus-codegen-2.58.3:0/0::portage-stable, binary scheduled for merge)
(dev-util/gdbus-codegen-2.58.3:0/0::portage-stable, binary scheduled for merge) pulled in by
dev-util/gdbus-codegen required by (coreos-base/hard-host-depends-0.0.1-r194:0/0::coreos, binary scheduled for merge)
```
The bootstrap_sdk stage still requires `sys-apps/makedev` to be
available, as listed in `profiles/default/linux/packages.build`.
We need to bring it back to make the SDK build work again.
This reverts commit df8159f565972eb31455ff5e4cbfba8c4a12bb52.
To make the SDK build work again, we need to bring back dev-db/sqlite
3.31.1 in portage-stable. It is not enough to have it in coreos-overlay.
This reverts commit 4a7a4e3d272812963c3cd21431d1849ca9df11e4.
Update net-libs/libpcap to 1.9.1, to address security issue
CVE-2019-15163, an issue of allowing attackers to cause a denial of
service (NULL pointer dereference and daemon crash) if a crypt() call
fails.
Update rsync to 3.2.3, actually to update zlib bundled in rsync.
It is to address security issue CVE-2016-9841, an issue of allowing
context-dependent attackers to have unspecified impact by leveraging
improper pointer arithmetic.
Update app-misc/jq to 1.6-r3, to address security issue CVE-2015-8863.
It is mainly to fix off-by-one error in the tokenadd function. It allows
remote attackers to cause a denial of service (crash) via a long
JSON-encoded number, which triggers a heap-based buffer overflow.
Improve body text of each PR for `virtual/rust`, by mentioning that
it should be merged together with its paired PR in coreos-overlay.
Explicitly name `virtual/rust` instead of `Cargo`, because there is
no more ebuild for `cargo`.
Rename the dispatched event-type name to `rust-pull-request-main`, as
`cargo` has already disappeared.
Make the repository-dispatch action receive additional client-payload with
a field `coreos-overlay-pull-request-number` sent by the corresponding PR
in coreos-overlay. The PR number is then used for adding a link in the body
text, for pointing back to the PR in coreos-overlay.
