krant
d1f674f38e
zstd: update to 1.5.5
...
- Don't set Meson options which are matching defaults
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
2024-02-04 16:06:04 -08:00
Konstantin Demin
af748ea691
libcurl-gnutls: update to version 8.6.0
...
https://curl.se/changes.html#8_6_0
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-04 16:05:08 -08:00
Fabrice Fontaine
52a5e71b49
utils/ntfs-3g: fix PKG_CPE_ID
...
tuxera:ntfs-3g is a better CPE ID than ntfs-3g:ntfs-3g as this CPE ID
has the latest CVEs (whereas ntfs-3g:ntfs-3g only has one CVE from 2007):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️ tuxera:ntfs-3g
Fixes: 299e5b0a9b
(treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2024-02-04 16:04:21 -08:00
Fabrice Fontaine
1b1c28c9a0
utils/gpsd: fix PKG_CPE_ID
...
gpsd_project:gpsd is a better CPE ID than berlios:gps_daemon as this CPE
ID has the latest CVEs (whereas berlios:gps_daemon only has one CVE from
2004):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️ gpsd_project:gpsd
Fixes: 299e5b0a9b
(treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2024-02-04 16:04:07 -08:00
Fabrice Fontaine
acad8ffb5f
lang/python/python-pip: fix PKG_CPE_ID
...
There is not a single CVE linked to python:pip so use pypa:pip instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️ pypa:pip
Moreover, CPE_ID missed PKG_ prefix
Fixes: eee273507b
(python3: Split pip into separate source package)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2024-02-04 16:03:49 -08:00
Fabrice Fontaine
222df5ed5d
net/nbd: fix PKG_CPE_ID
...
There is not a single CVE linked to network_block_device:nbd so use
network_block_device_project:network_block_device instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️ network_block_device_project:network_block_device
Fixes: 299e5b0a9b
(treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2024-02-04 16:02:55 -08:00
Fabrice Fontaine
1a50def305
multimedia/motion: fix PKG_CPE_ID
...
motion_project:motion is a better CPE ID than lavrsen:motion as this CPE
ID has the latest CVE (whereas lavrsen:motion only a CVE from 2008):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️ motion_project:motion
Fixes: 299e5b0a9b
(treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2024-02-04 16:02:43 -08:00
Fabrice Fontaine
0d96d38c6c
net/miniupnpc: fix PKG_CPE_ID
...
cpe:/a:miniupnp_project:miniupnpc is the correct CPE ID for miniupnpc:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️ miniupnp_project:miniupnpc
Fixes: 299e5b0a9b
(treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2024-02-04 16:02:30 -08:00
Fabrice Fontaine
b5b4545b24
libs/libidn2: fix PKG_CPE_ID
...
There is not a single CVE linked to libidn2_project:libidn2 so use
gnu:libidn2 instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️ gnu:libidn2
Fixes: ceadbcbb64
(treewide: add PKG_CPE_ID for cvescanner)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2024-02-04 16:02:06 -08:00
Fabrice Fontaine
77a02f1efc
libs/expat: fix PKG_CPE_ID
...
There is not a single CVE linked to libexpat:expat so use
libexpat_project:libexpat instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️ libexpat_project:libexpat
Fixes: 70c62ef2d7
(expat: update to version 2.2.7 (security fix))
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2024-02-04 16:01:55 -08:00
Fabrice Fontaine
da56ee5bed
utils/lrzsz: fix PKG_CPE_ID
...
PKG_CPE_ID was missing ":lrzsz"
Fixes: 6d6c4b21b5
(lrzsz: update to v0.12.21rc and fix a CVE)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2024-02-04 15:59:34 -08:00
Fabrice Fontaine
3380427f29
lang/python/python-paho-mqtt: fix license
...
python-paho-mqtt is licensed under EPL-2.0, not EPL-1.0, since version
1.6.0 and
fabe7500fb
While at it, add LICENSE.txt to PKG_LICENSE_FILES
Fixes: 784f2a519b
(python-paho-mqtt: bump to version 1.6.1)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2024-02-04 15:59:21 -08:00
Vladimir Ulrich
5a06f63390
zoneinfo: Updated to 2024a release
...
Signed-off-by: Vladimir Ulrich <admin@evl.su>
2024-02-04 15:59:07 -08:00
Fabrice Fontaine
f7ad88678d
net/ntpd: fix license
...
Replace "Unique" by the standard SPDX identifier for NTP license:
https://spdx.org/licenses/NTP.html
Fixes: 1aff45c6dd
(ntpd: add SPDX license information)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2024-02-04 15:58:57 -08:00
Fabrice Fontaine
9111b290d1
utils/lsof: fix license
...
Replace "Unique" by the standard SPDX identifier for lsof license:
https://spdx.org/licenses/lsof.html
Fixes: 59adfc86b9
(lsof: add license information)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2024-02-04 15:58:46 -08:00
Fabrice Fontaine
013a2f2dfa
net/boinc: fix PKG_CPE_ID
...
boinc_project:boinc has never been a valid CPE ID so use
rom_walton:boinc instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️ rom_walton:boinc
Fixes: 9c2bd865c7
(boinc: new package for distributed computing/data acquisition)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2024-02-04 15:58:35 -08:00
Fabrice Fontaine
00e038942a
utils/zsh: fix PKG_CPE_ID
...
zsh:zsh is a better CPE ID than zsh_project:zsh as this CPE ID has the
latest CVEs (whereas zsh_project:zsh only has CVEs up to 2017):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️ zsh:zsh
Fixes: ff056fcffc
(zsh: Update to 5.6.2)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2024-02-04 15:58:25 -08:00
Fabrice Fontaine
c42dcc5fd6
utils/tmux: fix PKG_CPE_ID
...
tmux_project:tmux is a better CPE ID than nicholas_marriott:tmux as this
CPE ID has the latest CVE (whereas nicholas_marriott:tmux only has a CVE
from 2011):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️ tmux_project:tmux
Fixes: 299e5b0a9b
(treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2024-02-04 15:58:12 -08:00
Fabrice Fontaine
d6d157f644
net/tinyproxy: fix PKG_CPE_ID
...
tinyproxy_project:tinyproxy is a better CPE ID than banu:tinyproxy as
this CPE ID has the latest CVEs (whereas banu:tinyproxy only has CVEs up
to 2012):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️ tinyproxy_project:tinyproxy
Fixes: 299e5b0a9b
(treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2024-02-04 15:58:02 -08:00
Fabrice Fontaine
b52f465c7b
net/tinc: fix PKG_CPE_ID
...
tinc-vpn:tinc is a better CPE ID than tinc:tinc as this CPE ID has the
latest CVEs (whereas tinc:tinc only has CVEs up to 2002):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️ tinc-vpn:tinc
Fixes: 299e5b0a9b
(treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2024-02-04 15:57:46 -08:00
Fabrice Fontaine
803c7b0571
net/vsftpd: fix PKG_CPE_ID
...
vsftpd_project:vsftpd is a better CPE ID than beasts:vsftpd as this CPE
ID has the latest CVEs (whereas beasts:vsftpd only has CVEs up to 2015):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️ vsftpd_project:vsftpd
Fixes: 1371b7be87
(vsftpd: Fix compilation without ECC or deprecated APIs)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2024-02-04 15:57:34 -08:00
Fabrice Fontaine
5c089b16ba
libs/redis: fix PKG_CPE_ID
...
There is not a single CVE linked to pivotal_software:redis so use
redis:redis instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️ redis:redis
Fixes: ceadbcbb64
(treewide: add PKG_CPE_ID for cvescanner)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2024-02-04 15:57:18 -08:00
Fabrice Fontaine
c0aec8bc08
lang/python/python-requests: fix PKG_CPE_ID
...
There is not a single CVE linked to python-requests:requests so use
python:requests instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️ python:requests
Fixes: ceadbcbb64
(treewide: add PKG_CPE_ID for cvescanner)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2024-02-04 15:56:56 -08:00
Fabrice Fontaine
d369edb571
lang/python/python-urllib3: fix PKG_CPE_ID
...
There is not a single CVE linked to urllib3_project:urllib3 so use
python:urllib3 instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️ python:urllib3
Fixes: 6dcaa769d8
(python-urllib3: update to version 1.25)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2024-02-04 15:56:22 -08:00
S. Brusch
c08dac5ec5
crowdsec: new upstream release version 1.6.0
...
Update crowdsec to latest upstream release version 1.6.0
Signed-off-by: S. Brusch <ne20002@gmx.ch>
Maintainer: Kerma Gérald <gandalf@gk2.net>
Package tested: not able to test run due to limited space (package is big)
Description: update to latest version of upstream
2024-02-04 15:55:41 -08:00
Fabrice Fontaine
41c998224d
libs/libgd: fix license
...
libgd is licensed under its own "GD" license and not MIT
Fixes: 60feea09c9
(libgd: import from oldpackages, add myself as maintainer, add license...)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2024-02-04 15:54:56 -08:00
Konstantin Demin
1ff280529b
nmap: bump package version
...
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-04 23:05:25 +00:00
Konstantin Demin
b4538c87ab
nmap: unify SSL dependencies
...
ssl/full variants now depend on "ca-certs" (provided by "ca-bundle" and "ca-certificates")
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-04 23:05:25 +00:00
Konstantin Demin
c8793c0285
nmap: ncat: use default CA bundle
...
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2024-02-04 23:05:25 +00:00
Jiri Slachta
5aded5ac7d
Merge pull request #23279 from ffontaine/fix-tiff-license
...
libs/tiff: fix license
2024-02-04 22:42:04 +01:00
Fabrice Fontaine
ae165deaf5
libs/tiff: fix license
...
tiff is licensed under its own "libtiff" license and not BSD-3-Clause
Fixes: 364de5bc3f
(tiff: add licensing information)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2024-02-04 22:31:28 +01:00
Fabrice Fontaine
8b9965fcb3
lang/python/python-aiohttp: fix PKG_CPE_ID
...
aiohttp:aiohttp is a better CPE ID than aio-libs_projet:aiohttp as this
CPE ID has the latest CVEs (whereas aio-libs_project:aiohttp only has
one CVE from 2018):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️ aiohttp:aiohttp
Fixes: 2edf5034f1
(python-aiohttp: add a new package)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2024-02-04 13:15:41 +01:00
krant
0daaae5501
less: update to 643
...
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
2024-02-04 13:04:47 +02:00
krant
4a37a7b4b9
grep: update to 3.11
...
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
2024-02-04 13:04:23 +02:00
Sergey Ponomarev
b3580a76d8
cloudflared: refine config.yml
...
The config.yml is an example of a tunnel local configuration.
But the cloudlfared treat it as a real config and fails to start.
So to avoid problems let's comment all the statements.
The `url: http://localhost:8000 ` is not a valid config option.
Additionally add a smale of configuring ingres rules.
The cloudflared.config has missing option token.
Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
2024-02-04 10:47:41 +08:00
Alexandru Ardelean
d6c4223d63
Merge pull request #23263 from ffontaine/fix-sudo-cpeid
...
admin/sudo: fix PKG_CPE_ID
2024-02-03 08:12:38 +02:00
Alexandru Ardelean
758eda145c
Merge pull request #23262 from ffontaine/fix-squashfs-tools-cpeid
...
utils/squashfs-tools: fix PKG_CPE_ID
2024-02-03 08:05:56 +02:00
Fabrice Fontaine
9e770d6c1d
utils/squashfs-tools: fix PKG_CPE_ID
...
There is not a single CVE linked to phillip_lougher:squashfs so use
squashfs-tools_project:squashfs-tools instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️ squashfs-tools_project:squashfs-tools
Fixes: 299e5b0a9b
(treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2024-02-02 22:36:42 +01:00
Fabrice Fontaine
253944fc62
admin/sudo: fix PKG_CPE_ID
...
sudo_project:sudo is a better CPE ID than todd_miller:sudo as this CPE
ID has the latest CVEs (whereas todd_miller:sudo only has CVEs up to
2016):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️ sudo_project:sudo
Fixes: 8ce9f30c42
(sudo: Update to 1.8.24)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2024-02-02 22:35:50 +01:00
krant
d74d7a6ac9
libidn2: update to 2.3.7
...
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
2024-02-02 15:08:59 +01:00
Stan Grishin
76b49fe459
Merge pull request #23219 from rockdrilla/curl-8.6.0
...
curl: update to 8.6.0
2024-02-02 06:47:17 -07:00
krant
86b091718e
unrar: update to 6.2.12
...
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
2024-02-02 17:55:18 +08:00
krant
9df1acff08
tar: update to 1.35
...
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
2024-02-02 17:55:01 +08:00
Fabrice Fontaine
a220c04b50
libs/vips: fix PKG_CPE_ID
...
libvips:libvips is a better CPE ID than vips:vips as this CPE ID has the
latest CVEs (whereas vips only has an old CVE from 2010):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️ libvips:libvips
Fix: 299e5b0a9b
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2024-02-02 17:54:47 +08:00
krant
6af519adb6
libpsl: update to 0.21.5
...
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
2024-02-02 17:54:36 +08:00
Fabrice Fontaine
302761f0e8
net/krb5: fix PKG_CPE_ID
...
mit:kerberos_5 is a better CPE ID than mit:kerberos as this CPE ID has
the latest CVEs (whereas mit:kerberos only has CVEs until 2018):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️ mit:kerberos_5
Fix: 299e5b0a9b
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2024-02-02 17:54:23 +08:00
Nikos Mavrogiannopoulos
288efbb743
Merge pull request #23243 from ffontaine/fix-libpam-cpeid
...
libs/libpam: fix PKG_CPE_ID
2024-02-02 09:33:15 +01:00
Fabrice Fontaine
2269848bff
libs/libpam: fix PKG_CPE_ID
...
linux-pam:linux-pam is a better CPE ID than kernel:linux-pam as this CPE
ID has the latest CVEs (whereas kernel:linux-pam only has a
SUSE-specific CVE):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3🅰️ linux-pam:linux-pam
Fix: 6f74b0c4f1
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2024-02-01 22:12:24 +01:00
Tianling Shen
f6714eb01e
dnsproxy: Update to 0.64.1
...
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2024-02-01 23:21:07 +08:00
Stan Grishin
31bcb23b79
nebula: update to 1.8.2-2
...
The following fixes have been applied to Makefile:
* fix the nebula license type
* add PKG_CPE_ID
* remove unneeded call to Build/Compile
* add leading spaces to descriptions
* add Package/nebula/conffiles definition
* remove unneeded /lib/upgrade/keep.d files
* no longer install actual license file
* add the README file
Kudos to @BKPepe and @1715173329 for feedback which lead to these fixes
Signed-off-by: Stan Grishin <stangri@melmac.ca>
2024-02-01 16:10:32 +08:00