0d96d38c6c
net/miniupnpc: fix PKG_CPE_ID
...
cpe:/a:miniupnp_project:miniupnpc is the correct CPE ID for miniupnpc:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️ miniupnp_project:miniupnpc
Fixes: 299e5b0a9b
2024-02-04 16:02:30 -08:00
b5b4545b24
libs/libidn2: fix PKG_CPE_ID
...
There is not a single CVE linked to libidn2_project:libidn2 so use
gnu:libidn2 instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️ gnu:libidn2
Fixes: ceadbcbb64
2024-02-04 16:02:06 -08:00
77a02f1efc
libs/expat: fix PKG_CPE_ID
...
There is not a single CVE linked to libexpat:expat so use
libexpat_project:libexpat instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️ libexpat_project:libexpat
Fixes: 70c62ef2d7
2024-02-04 16:01:55 -08:00
da56ee5bed
utils/lrzsz: fix PKG_CPE_ID
...
PKG_CPE_ID was missing ":lrzsz"
Fixes: 6d6c4b21b5
2024-02-04 15:59:34 -08:00
3380427f29
lang/python/python-paho-mqtt: fix license
...
python-paho-mqtt is licensed under EPL-2.0, not EPL-1.0, since version
1.6.0 and
fabe7500fb784f2a519b
2024-02-04 15:59:21 -08:00
5a06f63390
zoneinfo: Updated to 2024a release
...
Signed-off-by: Vladimir Ulrich <admin@evl.su>
2024-02-04 15:59:07 -08:00
f7ad88678d
net/ntpd: fix license
...
Replace "Unique" by the standard SPDX identifier for NTP license:
https://spdx.org/licenses/NTP.html
Fixes: 1aff45c6dd
2024-02-04 15:58:57 -08:00
9111b290d1
utils/lsof: fix license
...
Replace "Unique" by the standard SPDX identifier for lsof license:
https://spdx.org/licenses/lsof.html
Fixes: 59adfc86b9
2024-02-04 15:58:46 -08:00
013a2f2dfa
net/boinc: fix PKG_CPE_ID
...
boinc_project:boinc has never been a valid CPE ID so use
rom_walton:boinc instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️ rom_walton:boinc
Fixes: 9c2bd865c7
2024-02-04 15:58:35 -08:00
00e038942a
utils/zsh: fix PKG_CPE_ID
...
zsh:zsh is a better CPE ID than zsh_project:zsh as this CPE ID has the
latest CVEs (whereas zsh_project:zsh only has CVEs up to 2017):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️ zsh:zsh
Fixes: ff056fcffc
2024-02-04 15:58:25 -08:00
c42dcc5fd6
utils/tmux: fix PKG_CPE_ID
...
tmux_project:tmux is a better CPE ID than nicholas_marriott:tmux as this
CPE ID has the latest CVE (whereas nicholas_marriott:tmux only has a CVE
from 2011):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️ tmux_project:tmux
Fixes: 299e5b0a9b
2024-02-04 15:58:12 -08:00
d6d157f644
net/tinyproxy: fix PKG_CPE_ID
...
tinyproxy_project:tinyproxy is a better CPE ID than banu:tinyproxy as
this CPE ID has the latest CVEs (whereas banu:tinyproxy only has CVEs up
to 2012):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️ tinyproxy_project:tinyproxy
Fixes: 299e5b0a9b
2024-02-04 15:58:02 -08:00
b52f465c7b
net/tinc: fix PKG_CPE_ID
...
tinc-vpn:tinc is a better CPE ID than tinc:tinc as this CPE ID has the
latest CVEs (whereas tinc:tinc only has CVEs up to 2002):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️ tinc-vpn:tinc
Fixes: 299e5b0a9b
2024-02-04 15:57:46 -08:00
803c7b0571
net/vsftpd: fix PKG_CPE_ID
...
vsftpd_project:vsftpd is a better CPE ID than beasts:vsftpd as this CPE
ID has the latest CVEs (whereas beasts:vsftpd only has CVEs up to 2015):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️ vsftpd_project:vsftpd
Fixes: 1371b7be87
2024-02-04 15:57:34 -08:00
5c089b16ba
libs/redis: fix PKG_CPE_ID
...
There is not a single CVE linked to pivotal_software:redis so use
redis:redis instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️ redis:redis
Fixes: ceadbcbb64
2024-02-04 15:57:18 -08:00
c0aec8bc08
lang/python/python-requests: fix PKG_CPE_ID
...
There is not a single CVE linked to python-requests:requests so use
python:requests instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️ python:requests
Fixes: ceadbcbb64
2024-02-04 15:56:56 -08:00
d369edb571
lang/python/python-urllib3: fix PKG_CPE_ID
...
There is not a single CVE linked to urllib3_project:urllib3 so use
python:urllib3 instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️ python:urllib3
Fixes: 6dcaa769d8
2024-02-04 15:56:22 -08:00
c08dac5ec5
crowdsec: new upstream release version 1.6.0
...
Update crowdsec to latest upstream release version 1.6.0
Signed-off-by: S. Brusch <ne20002@gmx.ch>
Maintainer: Kerma Gérald <gandalf@gk2.net>
Package tested: not able to test run due to limited space (package is big)
Description: update to latest version of upstream
2024-02-04 15:55:41 -08:00
41c998224d
libs/libgd: fix license
...
libgd is licensed under its own "GD" license and not MIT
Fixes: 60feea09c9
2024-02-04 15:54:56 -08:00
1ff280529b
nmap: bump package version
...
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-04 23:05:25 +00:00
b4538c87ab
nmap: unify SSL dependencies
...
ssl/full variants now depend on "ca-certs" (provided by "ca-bundle" and "ca-certificates")
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-04 23:05:25 +00:00
c8793c0285
nmap: ncat: use default CA bundle
...
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-04 23:05:25 +00:00
5aded5ac7d
Merge pull request #23279 from ffontaine/fix-tiff-license
...
libs/tiff: fix license
2024-02-04 22:42:04 +01:00
ae165deaf5
libs/tiff: fix license
...
tiff is licensed under its own "libtiff" license and not BSD-3-Clause
Fixes: 364de5bc3f
2024-02-04 22:31:28 +01:00
8b9965fcb3
lang/python/python-aiohttp: fix PKG_CPE_ID
...
aiohttp:aiohttp is a better CPE ID than aio-libs_projet:aiohttp as this
CPE ID has the latest CVEs (whereas aio-libs_project:aiohttp only has
one CVE from 2018):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️ aiohttp:aiohttp
Fixes: 2edf5034f1
2024-02-04 13:15:41 +01:00
0daaae5501
less: update to 643
...
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
2024-02-04 13:04:47 +02:00
4a37a7b4b9
grep: update to 3.11
...
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
2024-02-04 13:04:23 +02:00
b3580a76d8
cloudflared: refine config.yml
...
The config.yml is an example of a tunnel local configuration.
But the cloudlfared treat it as a real config and fails to start.
So to avoid problems let's comment all the statements.
The `url: http://localhost:8000 ` is not a valid config option.
Additionally add a smale of configuring ingres rules.
The cloudflared.config has missing option token.
Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
2024-02-04 10:47:41 +08:00
d6c4223d63
Merge pull request #23263 from ffontaine/fix-sudo-cpeid
...
admin/sudo: fix PKG_CPE_ID
2024-02-03 08:12:38 +02:00
758eda145c
Merge pull request #23262 from ffontaine/fix-squashfs-tools-cpeid
...
utils/squashfs-tools: fix PKG_CPE_ID
2024-02-03 08:05:56 +02:00
9e770d6c1d
utils/squashfs-tools: fix PKG_CPE_ID
...
There is not a single CVE linked to phillip_lougher:squashfs so use
squashfs-tools_project:squashfs-tools instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️ squashfs-tools_project:squashfs-tools
Fixes: 299e5b0a9b
2024-02-02 22:36:42 +01:00
253944fc62
admin/sudo: fix PKG_CPE_ID
...
sudo_project:sudo is a better CPE ID than todd_miller:sudo as this CPE
ID has the latest CVEs (whereas todd_miller:sudo only has CVEs up to
2016):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️ sudo_project:sudo
Fixes: 8ce9f30c42
2024-02-02 22:35:50 +01:00
d74d7a6ac9
libidn2: update to 2.3.7
...
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
2024-02-02 15:08:59 +01:00
76b49fe459
Merge pull request #23219 from rockdrilla/curl-8.6.0
...
curl: update to 8.6.0
2024-02-02 06:47:17 -07:00
86b091718e
unrar: update to 6.2.12
...
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
2024-02-02 17:55:18 +08:00
9df1acff08
tar: update to 1.35
...
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
2024-02-02 17:55:01 +08:00
a220c04b50
libs/vips: fix PKG_CPE_ID
...
libvips:libvips is a better CPE ID than vips:vips as this CPE ID has the
latest CVEs (whereas vips only has an old CVE from 2010):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️ libvips:libvips
Fix: 299e5b0a9b
2024-02-02 17:54:47 +08:00
6af519adb6
libpsl: update to 0.21.5
...
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
2024-02-02 17:54:36 +08:00
302761f0e8
net/krb5: fix PKG_CPE_ID
...
mit:kerberos_5 is a better CPE ID than mit:kerberos as this CPE ID has
the latest CVEs (whereas mit:kerberos only has CVEs until 2018):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️ mit:kerberos_5
Fix: 299e5b0a9b
2024-02-02 17:54:23 +08:00
288efbb743
Merge pull request #23243 from ffontaine/fix-libpam-cpeid
...
libs/libpam: fix PKG_CPE_ID
2024-02-02 09:33:15 +01:00
2269848bff
libs/libpam: fix PKG_CPE_ID
...
linux-pam:linux-pam is a better CPE ID than kernel:linux-pam as this CPE
ID has the latest CVEs (whereas kernel:linux-pam only has a
SUSE-specific CVE):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️ linux-pam:linux-pam
Fix: 6f74b0c4f1
2024-02-01 22:12:24 +01:00
f6714eb01e
dnsproxy: Update to 0.64.1
...
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-02-01 23:21:07 +08:00
31bcb23b79
nebula: update to 1.8.2-2
...
The following fixes have been applied to Makefile:
* fix the nebula license type
* add PKG_CPE_ID
* remove unneeded call to Build/Compile
* add leading spaces to descriptions
* add Package/nebula/conffiles definition
* remove unneeded /lib/upgrade/keep.d files
* no longer install actual license file
* add the README file
Kudos to @BKPepe and @1715173329 for feedback which lead to these fixes
Signed-off-by: Stan Grishin <stangri@melmac.ca>
2024-02-01 16:10:32 +08:00
0f2c98d53f
curl: update to 8.6.0
...
* https://curl.se/changes.html#8_6_0
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-01 03:28:09 +03:00
b2c548975d
libs/libdaq3: assign PKG_LICENSE_FILES
...
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2024-01-31 16:02:04 -08:00
070fc8021c
libs/libev: fix license
...
libev is licensed under BSD-2-Clause or GPL-2.0-or-later since its
addition to openwrt
While at it, assign PKG_LICENSE_FILES
Fixes: 67b39f8f9b
2024-01-31 16:01:52 -08:00
d4eb66ffa5
utils/pv: assign PKG_LICENSE_FILES
...
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2024-01-31 16:01:35 -08:00
8fe036bb1b
libs/libpciaccess: assign PKG_LICENSE
...
libpciaccess is licensed under MIT
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2024-01-31 16:01:18 -08:00
63c942cedb
net/tor: add license
...
tor is licensed under BSD-3-Clause
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2024-01-31 16:01:07 -08:00
f3e54bda31
devel/automake: fix license
...
automake is licensed under GPL-2.0-or-later, not GPL-3.0-or-later:
https://git.savannah.gnu.org/cgit/automake.git/tree/COPYING
indeed switch to GPL-3.0-or-later was reverted a long time ago (i.e.
before its addition to openwrt) by
https://git.savannah.gnu.org/cgit/automake.git/commit/?id=fcf2f56062e384455ec8b1aed943af33f20c27c7
While at it, add the license file
Fixes: c6ac1e3f76
2024-01-31 16:00:56 -08:00
Fabrice Fontaine