Alexandru Ardelean [Mon, 15 Jan 2024 05:40:30 +0000 (07:40 +0200)]
django: bump to version 5.0.1
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
Alexandru Ardelean [Mon, 15 Jan 2024 05:38:12 +0000 (07:38 +0200)]
numpy: bump to version 1.26.3
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
krant [Thu, 8 Feb 2024 13:01:10 +0000 (15:01 +0200)]
squid: update to 6.7
- Switch URL to HTTPS
- Remove default/obsolete configure options
- Fix and refresh the patch
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Thu, 8 Feb 2024 13:46:01 +0000 (15:46 +0200)]
lyncx: fix wrongful include of 'bsd/stdlib.h' is some environments
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
Michel Promonet [Mon, 1 Jan 2024 14:12:50 +0000 (15:12 +0100)]
v4l2camera: Update Makefile to fix mips build
Signed-off-by: Michel Promonet <michel.promonet@free.fr>
kkubicki [Fri, 12 Jan 2024 21:26:17 +0000 (21:26 +0000)]
autossh: make forwarding optional
- previously localport option was required, which broke older configs
- now in-config forwarding is only optional
- ssh option still can be used for forwarding as in sample config
Signed-off-by: kkubicki <krzysiek.kubicki@gmail.com>
Eric Fahlgren [Mon, 5 Feb 2024 15:07:38 +0000 (07:07 -0800)]
snort3: improve script reliability
- Enable missing variable checking by default
- Explicitly check variables are defined in all 'rm' commands
Signed-off-by: Eric Fahlgren <ericfahlgren@gmail.com>
krant [Mon, 5 Feb 2024 11:41:44 +0000 (13:41 +0200)]
apr-util: update to 1.6.3
- Remove upstreamed patches
- Fix OS path leak in iconv configure script
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Wed, 7 Feb 2024 13:38:02 +0000 (15:38 +0200)]
usbutils: update to 017
- Add mandatory usbids dependency
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
Martin Schiller [Wed, 31 Jan 2024 07:20:13 +0000 (08:20 +0100)]
openvpn: add OpenVPN option disable-dco
You maybe want to disable the DCO support, so let's add this option.
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
krant [Wed, 7 Feb 2024 11:37:29 +0000 (13:37 +0200)]
rsyslog: update to 8.2312.0
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Wed, 7 Feb 2024 11:35:13 +0000 (13:35 +0200)]
libfastjson: update to 1.2304.0
- Use HTTPS for source URL
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Wed, 7 Feb 2024 12:30:16 +0000 (14:30 +0200)]
whois: update to 5.5.20
- Refresh patches
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Wed, 7 Feb 2024 12:14:37 +0000 (14:14 +0200)]
xxhash: update to 0.8.2
- Switch URL to the official one
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Tue, 6 Feb 2024 15:38:16 +0000 (17:38 +0200)]
iptraf-ng: update to 1.2.1
- Update package URLs
- Remove rvnamed-ng target since it was merged into iptraf-ng
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Wed, 7 Feb 2024 10:59:52 +0000 (12:59 +0200)]
libffi: update to 3.4.4
- Use proper tarball URL
- Use HTTPS for package URL
- Don't set default configure option
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Tue, 6 Feb 2024 13:14:18 +0000 (15:14 +0200)]
diffutils: update to 3.10
- Switch package URL to HTTPS
- Refresh the patch
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Tue, 6 Feb 2024 12:30:32 +0000 (14:30 +0200)]
pigz: update to 2.8
- Fix license name
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Wed, 7 Feb 2024 09:22:07 +0000 (11:22 +0200)]
libinput: update to 1.25.0
- Switch sources to git since no proper tarball is available
- Switch URL to HTTPS
- Don't set default Meson options
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Tue, 6 Feb 2024 09:21:27 +0000 (11:21 +0200)]
gitolite: update to 3.6.13
- Use git for sources since no proper tarball is available
- Switch package URL to HTTPS
- Refresh the patch
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Tue, 6 Feb 2024 08:11:47 +0000 (10:11 +0200)]
git-lfs: update to 3.4.1
- Update package URLs to the official ones
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
Eneas U de Queiroz [Sun, 4 Feb 2024 20:35:53 +0000 (17:35 -0300)]
xmlrpc-c: install dev files only with 1st variant
This adds a variant check to run InstallDev only when the first variant
is built. Otherwise, a dependent package may install the default
version, even though the second variant ends up in the staging dir,
causing downstream packages to miss library dependencies, such as:
Package rtorrent-rpc is missing dependencies for the following libraries:
libxmlrpc_xmlparse.so.3
libxmlrpc_xmltok.so.3
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
krant [Fri, 2 Feb 2024 11:52:11 +0000 (13:52 +0200)]
openldap: update to 2.6.7
- Remove dead mirror URL
- Clean-up configure args
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Mon, 5 Feb 2024 19:22:11 +0000 (21:22 +0200)]
lmdb: update to 0.9.32
- Switch to git source URL
- Rebase the patch
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Wed, 7 Feb 2024 13:35:30 +0000 (15:35 +0200)]
hwdata: update to 0.379
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Wed, 7 Feb 2024 08:58:46 +0000 (10:58 +0200)]
minizip: update to 4.0.4
- Don't set default cmake option
- Switch URL to the official one
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Tue, 6 Feb 2024 13:29:27 +0000 (15:29 +0200)]
automake: update to 1.16.5
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Mon, 5 Feb 2024 11:47:50 +0000 (13:47 +0200)]
apr: update to 1.7.4
- Remove upstreamed patches
- Fix bindir in apr-1-config to fix subversion build
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Tue, 6 Feb 2024 08:10:04 +0000 (10:10 +0200)]
git: update to 2.43.0
- Refresh patches
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Tue, 6 Feb 2024 19:32:50 +0000 (21:32 +0200)]
alsa-utils: update to 1.2.11
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Tue, 6 Feb 2024 19:31:47 +0000 (21:31 +0200)]
alsa-ucm-conf: update to 1.2.11
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Tue, 6 Feb 2024 19:29:33 +0000 (21:29 +0200)]
alsa-lib: update to 1.2.11
- Change package URL to HTTPS
- Refresh patches
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Tue, 6 Feb 2024 13:25:47 +0000 (15:25 +0200)]
autoconf: update to 2.72
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Tue, 6 Feb 2024 17:00:59 +0000 (19:00 +0200)]
libarchive: update to 3.7.2
- Don't set CMake options matching the defaults
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Tue, 6 Feb 2024 10:19:14 +0000 (12:19 +0200)]
lynx: update to 2.9.0
- Remove stale mirrors
- Use HTTPS for package URL
- Don't set default configure args
- Disable newly added bz2 support
- Formatting
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Wed, 7 Feb 2024 10:38:45 +0000 (12:38 +0200)]
expat: update to 2.6.0
- Don't set default CMake options
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Mon, 5 Feb 2024 19:35:12 +0000 (21:35 +0200)]
libmariadb: update to 3.1.23
- Replace dead source URL
- Rebase the patch
- Remove superfluous cmake option
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
Othmar Truniger [Tue, 6 Feb 2024 17:46:21 +0000 (18:46 +0100)]
knxd: bump to upstream version 0.14.61
Signed-off-by: Othmar Truniger <github@truniger.ch>
krant [Tue, 6 Feb 2024 12:23:25 +0000 (14:23 +0200)]
gzip: update to 1.13
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
Florian Eckert [Wed, 7 Feb 2024 08:55:58 +0000 (09:55 +0100)]
Merge pull request #23308 from krant/fping
fping: update to 5.1
krant [Mon, 5 Feb 2024 19:47:27 +0000 (21:47 +0200)]
libid3tag: update to 0.16.3
- Switch package URL to the new upstream
- Switch PKG_SOURCE_PROTO to git
- Switch to CMake build
- Drop custom .pc file in favor of upstream version
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Tue, 6 Feb 2024 15:52:14 +0000 (17:52 +0200)]
fping: update to 5.1
- Don't set default configure arg
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Mon, 5 Feb 2024 15:38:42 +0000 (17:38 +0200)]
mpg123: update to 1.32.4
- Use package official URL
- Fix license name
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
Eneas U de Queiroz [Mon, 5 Feb 2024 13:04:31 +0000 (10:04 -0300)]
oniguruma: bump to 6.9.9
Featured changes:
- Update Unicode version 15.1.0
- NEW API: ONIG_OPTION_MATCH_WHOLE_STRING
- Fixed: (?I) option was not enabled for character classes (Issue #264).
- Changed specification to check for incorrect POSIX bracket (Issue
#253).
- Changed [[:punct:]] in Unicode encodings to be compatible with POSIX
definition. (Issue #268)
- Fixed: ONIG_OPTION_FIND_LONGEST behavior
--- 6.9.8
- Whole options
- (?C) : ONIG_OPTION_DONT_CAPTURE_GROUP
- (?I) : ONIG_OPTION_IGNORECASE_IS_ASCII
- (?L) : ONIG_OPTION_FIND_LONGEST
- Fixed some problems found by OSS-Fuzz
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
krant [Mon, 5 Feb 2024 13:20:37 +0000 (15:20 +0200)]
subversion: update to 1.14.3
- Adopt the package
- Remove default configure options
- Rebase the patch
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
Fabrice Fontaine [Mon, 5 Feb 2024 07:00:18 +0000 (08:00 +0100)]
devel/autoconf: assign PKG_LICENSE_FILES
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Eneas U de Queiroz [Mon, 5 Feb 2024 13:30:57 +0000 (10:30 -0300)]
python-certifi: Update to 2024.2.2
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
krant [Mon, 5 Feb 2024 15:49:38 +0000 (17:49 +0200)]
opus: update to 1.4
- Add patch to fix build on ARM
- Use official source URL
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
Timothy M. Ace [Mon, 5 Feb 2024 00:17:14 +0000 (19:17 -0500)]
python-orjson: update to version 3.9.13
Relevant changes since 3.9.12:
- FIXED: Serialization str escape uses only 128-bit SIMD.
- FIXED: Fix compatibility with CPython 3.13 alpha 3.
- Publish musllinux_1_2 instead of musllinux_1_1 wheels.
- Serialization uses small integer optimization in CPython 3.12 or later.
Signed-off-by: Timothy M. Ace <openwrt@timothyace.com>
Fabrice Fontaine [Fri, 2 Feb 2024 17:24:43 +0000 (18:24 +0100)]
lang/python/python-yaml: fix PKG_CPE_ID
There is not a single CVE linked to pyyaml_project:pyyaml so use
pyyaml:pyyaml instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:pyyaml:pyyaml
Fixes: c06a04c754bdcfdb2ea0bd1d654128863a2b6738 (python-yaml: update to version 5.1)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Jonas Lochmann [Mon, 1 Jan 2024 00:00:00 +0000 (01:00 +0100)]
mwan3: use network_get_preferred_ipaddr6
This updates mwan3 to use network_get_preferred_ipaddr6 instead of
network_get_ipaddr6 if possible to determine a source ip for the
connectivity checks. This avoids issues where the first ip address
that is returned from network_get_ipaddr6 does not work anymore while
the preferred one returned from network_get_preferred_ipaddr6 works.
Signed-off-by: Jonas Lochmann <git@inkompetenz.org>
Mark Baker [Thu, 18 Jan 2024 18:52:58 +0000 (13:52 -0500)]
lualanes: Version bump to v3.16.2
Update the PKG_VERSION and PKG_SOURCE_VERSION to pull version 3.16.2
from upstream. The upstream version includes fixes for the
`pthread_yield: symbol not found` issue.
Removed patches 100-musl-compat.patch and 200-fix-redef-error.patch
as fixes were implemented upstream.
Build tested on aarch64, arm_cortex_a15/a9, i386, mips[el]_24kc,
powerpc_464fp/8548, riscv64, x86_64. Confirmed on x86_64.
Signed-off-by: Mark Baker <mark@vpost.net>
Rosen Penev [Sun, 4 Feb 2024 23:50:11 +0000 (15:50 -0800)]
mosquitto: reenable options wrongly turned off
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Timothy Ace [Tue, 30 Jan 2024 00:01:50 +0000 (19:01 -0500)]
CONTRIBUTING.md: clarify pull request commit requirements
Corrects the commit subject being referred to as a "description"
and links the official OpenWrt patch submission standards for
commit messages. Adds additional notes about real names and
emails being required. Also fixes the capitalization of GitHub
and SourceForge.
Signed-off-by: Timothy Ace <openwrt@timothyace.com>
krant [Thu, 1 Feb 2024 13:11:28 +0000 (15:11 +0200)]
gnuplot: update to 6.0.0
- Add patch for MIPS and PowerPC systems
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Wed, 31 Jan 2024 19:34:06 +0000 (21:34 +0200)]
libsamplerate: update to 0.2.2
- Update package/source URLs to official ones
- Change license according to upstream
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Wed, 31 Jan 2024 13:34:53 +0000 (15:34 +0200)]
freetype: update to 2.13.2
- change package URL to HTTPS
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
Timothy Ace [Thu, 1 Feb 2024 17:40:17 +0000 (12:40 -0500)]
perl-time-moment: initial package at v0.44
Builds compiled perl module Time::Moment v0.44 from CPAN.
Signed-off-by: Timothy Ace <openwrt@timothyace.com>
krant [Thu, 1 Feb 2024 20:53:05 +0000 (22:53 +0200)]
libmaxminddb: update to 1.9.1
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Fri, 2 Feb 2024 08:21:37 +0000 (10:21 +0200)]
jq: update to 1.7.1
- Update package URLs
- Fix license
- Drop obsolete CFLAGS
- Drop obsolete patches
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Thu, 1 Feb 2024 20:12:28 +0000 (22:12 +0200)]
libstrophe: update 0.13.0
- Use common Github URL
- Add missing zlib dependency
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Thu, 1 Feb 2024 07:59:45 +0000 (09:59 +0200)]
libsndfile: update to 1.2.2
- Update package URL to the official one
- Update source URL to the official one
- Modernize CMake options
- Fixup pkgconfig file
- Enable mpg123 support per users request (+7kB)
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
Paul Donald [Tue, 16 Jan 2024 01:47:32 +0000 (02:47 +0100)]
p910nd: hotplug script
Signed-off-by: Paul Donald <newtwen@gmail.com>
krant [Sat, 3 Feb 2024 10:12:01 +0000 (12:12 +0200)]
graphicsmagick: update to 1.3.42
- Adopt the package
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
Eric Fahlgren [Wed, 10 Jan 2024 16:10:05 +0000 (08:10 -0800)]
snort3: finish up several incomplete capabilities
Reporting
- Use json alert data for 10x speed improvement in report generation
- Include both gid and sid, plus packet direction in report output
- Add by-date incident filtering
- Add verbose mode which displays actual rules triggered and their source
- Attempt to look up host names from IPs in verbose mode
- Clean up display of port number involved in incidents
Rules
- Complete downloader for subscription rules using oinkcode (only tested
with snort.org's "free" tier subscription)
- Auto-detect multiple rules files and include them in lua 'ips.rules'
- Add '--backup' option to copy out current rules before installing new
- Add '--persistent' option to 'snort-rules', storing in persistent location
CLI interface
- Completely rework command line option parsing in all user scripts
- Allow options and commands to be in any order on command line
- Add long-form names for all options ('--help' for '-h' and so on)
- Detect errors properly in options, enhance help pages
Bug fixes
- Use 'mkdir -p' on all directory creation
- Use proper tmp directory from 'snort.snort.temp_dir' everywhere
Signed-off-by: Eric Fahlgren <ericfahlgren@gmail.com>
Jan Klos [Wed, 24 Jan 2024 16:57:27 +0000 (17:57 +0100)]
iputils: bump to
20240117
Signed-off-by: Jan Klos <jan@klos.xyz>
krant [Thu, 1 Feb 2024 15:34:58 +0000 (17:34 +0200)]
procps-ng: update to 4.0.4
- Update the patch
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
Fabrice Fontaine [Fri, 2 Feb 2024 17:37:33 +0000 (18:37 +0100)]
treewide: assign PKG_CPE_ID
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
PeterFromSweden [Sun, 28 Jan 2024 16:23:40 +0000 (17:23 +0100)]
telldus-mqtt: add new package in utils
Extends functionality of exisiting telldus-core package
Signed-off-by: PeterFromSweden <peterfromswe884@gmail.com>
krant [Wed, 31 Jan 2024 11:38:30 +0000 (13:38 +0200)]
make: update to 4.4.1
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Wed, 31 Jan 2024 09:19:34 +0000 (11:19 +0200)]
leptonica: update to 1.84.1
- remove upstreamed patch
- explicitly disable openjpeg to ignore host-installed library
- fix .cmake and .pc paths
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
Olivier Poitrey [Sun, 4 Feb 2024 23:50:54 +0000 (23:50 +0000)]
nextdns: Update to version 1.42.0
Signed-off-by: Olivier Poitrey <rs@nextdns.io>
krant [Thu, 1 Feb 2024 08:36:33 +0000 (10:36 +0200)]
imagemagick: take over maintainership
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Wed, 31 Jan 2024 12:53:27 +0000 (14:53 +0200)]
imagemagick: update to 7.1.1-27
- Use official source URL
- Add libstdcpp dependency
- Don't set configure options which are matching default values
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Wed, 31 Jan 2024 13:14:23 +0000 (15:14 +0200)]
flac: update to 1.4.3
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
Jan Hoffmann [Thu, 1 Feb 2024 20:12:05 +0000 (21:12 +0100)]
vnstat2: update to version 2.12
This version includes several new features that allow to simplify the
package significantly: The noexit patch and hotplug script are no longer
needed, and the init script doesn't have to check for legacy databases
anymore.
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
krant [Thu, 1 Feb 2024 10:37:35 +0000 (12:37 +0200)]
zstd: update to 1.5.5
- Don't set Meson options which are matching defaults
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
Konstantin Demin [Thu, 1 Feb 2024 00:29:58 +0000 (03:29 +0300)]
libcurl-gnutls: update to version 8.6.0
https://curl.se/changes.html#8_6_0
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
Fabrice Fontaine [Fri, 2 Feb 2024 22:01:37 +0000 (23:01 +0100)]
utils/ntfs-3g: fix PKG_CPE_ID
tuxera:ntfs-3g is a better CPE ID than ntfs-3g:ntfs-3g as this CPE ID
has the latest CVEs (whereas ntfs-3g:ntfs-3g only has one CVE from 2007):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:tuxera:ntfs-3g
Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Thu, 1 Feb 2024 10:13:06 +0000 (11:13 +0100)]
utils/gpsd: fix PKG_CPE_ID
gpsd_project:gpsd is a better CPE ID than berlios:gps_daemon as this CPE
ID has the latest CVEs (whereas berlios:gps_daemon only has one CVE from
2004):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:gpsd_project:gpsd
Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Fri, 2 Feb 2024 17:17:47 +0000 (18:17 +0100)]
lang/python/python-pip: fix PKG_CPE_ID
There is not a single CVE linked to python:pip so use pypa:pip instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:pypa:pip
Moreover, CPE_ID missed PKG_ prefix
Fixes: eee273507b868ad5f6f7e744d513c85330967906 (python3: Split pip into separate source package)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Fri, 2 Feb 2024 17:20:15 +0000 (18:20 +0100)]
net/nbd: fix PKG_CPE_ID
There is not a single CVE linked to network_block_device:nbd so use
network_block_device_project:network_block_device instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:network_block_device_project:network_block_device
Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Thu, 1 Feb 2024 22:31:04 +0000 (23:31 +0100)]
multimedia/motion: fix PKG_CPE_ID
motion_project:motion is a better CPE ID than lavrsen:motion as this CPE
ID has the latest CVE (whereas lavrsen:motion only a CVE from 2008):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:motion_project:motion
Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Thu, 1 Feb 2024 22:04:45 +0000 (23:04 +0100)]
net/miniupnpc: fix PKG_CPE_ID
cpe:/a:miniupnp_project:miniupnpc is the correct CPE ID for miniupnpc:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:miniupnp_project:miniupnpc
Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Thu, 1 Feb 2024 17:30:52 +0000 (18:30 +0100)]
libs/libidn2: fix PKG_CPE_ID
There is not a single CVE linked to libidn2_project:libidn2 so use
gnu:libidn2 instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:gnu:libidn2
Fixes: ceadbcbb64de727c3a974e552d9a723d532e4e40 (treewide: add PKG_CPE_ID for cvescanner)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Thu, 1 Feb 2024 17:27:39 +0000 (18:27 +0100)]
libs/expat: fix PKG_CPE_ID
There is not a single CVE linked to libexpat:expat so use
libexpat_project:libexpat instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:libexpat_project:libexpat
Fixes: 70c62ef2d77aef5d8a27ccca2b147bc2a69dc7f8 (expat: update to version 2.2.7 (security fix))
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Thu, 1 Feb 2024 21:31:08 +0000 (22:31 +0100)]
utils/lrzsz: fix PKG_CPE_ID
PKG_CPE_ID was missing ":lrzsz"
Fixes: 6d6c4b21b5e22a9f1058db5b61521a298e00a5f0 (lrzsz: update to v0.12.21rc and fix a CVE)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Sun, 4 Feb 2024 21:08:51 +0000 (22:08 +0100)]
lang/python/python-paho-mqtt: fix license
python-paho-mqtt is licensed under EPL-2.0, not EPL-1.0, since version
1.6.0 and
https://github.com/eclipse/paho.mqtt.python/commit/
fabe7500fb6fde31fd98c619e0117d1c651fd18d
While at it, add LICENSE.txt to PKG_LICENSE_FILES
Fixes: 784f2a519bb8cdfaa973070f65ff9a3a481e5cd1 (python-paho-mqtt: bump to version 1.6.1)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Vladimir Ulrich [Sun, 4 Feb 2024 21:08:14 +0000 (00:08 +0300)]
zoneinfo: Updated to 2024a release
Signed-off-by: Vladimir Ulrich <admin@evl.su>
Fabrice Fontaine [Sun, 4 Feb 2024 21:46:55 +0000 (22:46 +0100)]
net/ntpd: fix license
Replace "Unique" by the standard SPDX identifier for NTP license:
https://spdx.org/licenses/NTP.html
Fixes: 1aff45c6dd36f2a5875eadaeae2ed93da8ff6d45 (ntpd: add SPDX license information)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Sun, 4 Feb 2024 21:41:03 +0000 (22:41 +0100)]
utils/lsof: fix license
Replace "Unique" by the standard SPDX identifier for lsof license:
https://spdx.org/licenses/lsof.html
Fixes: 59adfc86b9d1e5a8fb9d5c83db6546a6b49a77f5 (lsof: add license information)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Fri, 2 Feb 2024 17:48:20 +0000 (18:48 +0100)]
net/boinc: fix PKG_CPE_ID
boinc_project:boinc has never been a valid CPE ID so use
rom_walton:boinc instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:rom_walton:boinc
Fixes: 9c2bd865c715cad8646157d6bbfb669d9970c322 (boinc: new package for distributed computing/data acquisition)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Fri, 2 Feb 2024 21:23:24 +0000 (22:23 +0100)]
utils/zsh: fix PKG_CPE_ID
zsh:zsh is a better CPE ID than zsh_project:zsh as this CPE ID has the
latest CVEs (whereas zsh_project:zsh only has CVEs up to 2017):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:zsh:zsh
Fixes: ff056fcffcacf2632505bb108bf8e8c2a3cef09c (zsh: Update to 5.6.2)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Fri, 2 Feb 2024 19:50:37 +0000 (20:50 +0100)]
utils/tmux: fix PKG_CPE_ID
tmux_project:tmux is a better CPE ID than nicholas_marriott:tmux as this
CPE ID has the latest CVE (whereas nicholas_marriott:tmux only has a CVE
from 2011):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:tmux_project:tmux
Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Fri, 2 Feb 2024 19:43:57 +0000 (20:43 +0100)]
net/tinyproxy: fix PKG_CPE_ID
tinyproxy_project:tinyproxy is a better CPE ID than banu:tinyproxy as
this CPE ID has the latest CVEs (whereas banu:tinyproxy only has CVEs up
to 2012):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:tinyproxy_project:tinyproxy
Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Fri, 2 Feb 2024 19:35:54 +0000 (20:35 +0100)]
net/tinc: fix PKG_CPE_ID
tinc-vpn:tinc is a better CPE ID than tinc:tinc as this CPE ID has the
latest CVEs (whereas tinc:tinc only has CVEs up to 2002):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:tinc-vpn:tinc
Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Fri, 2 Feb 2024 20:48:01 +0000 (21:48 +0100)]
net/vsftpd: fix PKG_CPE_ID
vsftpd_project:vsftpd is a better CPE ID than beasts:vsftpd as this CPE
ID has the latest CVEs (whereas beasts:vsftpd only has CVEs up to 2015):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:vsftpd_project:vsftpd
Fixes: 1371b7be878382b8b52cd73ff72a3a41d28013c4 (vsftpd: Fix compilation without ECC or deprecated APIs)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Fri, 2 Feb 2024 17:38:11 +0000 (18:38 +0100)]
libs/redis: fix PKG_CPE_ID
There is not a single CVE linked to pivotal_software:redis so use
redis:redis instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:redis:redis
Fixes: ceadbcbb64de727c3a974e552d9a723d532e4e40 (treewide: add PKG_CPE_ID for cvescanner)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Fri, 2 Feb 2024 17:15:55 +0000 (18:15 +0100)]
lang/python/python-requests: fix PKG_CPE_ID
There is not a single CVE linked to python-requests:requests so use
python:requests instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:python:requests
Fixes: ceadbcbb64de727c3a974e552d9a723d532e4e40 (treewide: add PKG_CPE_ID for cvescanner)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Fri, 2 Feb 2024 17:09:46 +0000 (18:09 +0100)]
lang/python/python-urllib3: fix PKG_CPE_ID
There is not a single CVE linked to urllib3_project:urllib3 so use
python:urllib3 instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:python:urllib3
Fixes: 6dcaa769d8ce8921dc3bfaf78ab9a8c1cef4a9b9 (python-urllib3: update to version 1.25)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
projects / feed / packages.git / log