aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* net/tinyproxy: fix PKG_CPE_IDFabrice Fontaine2024-02-04
| | | | | | | | | | | tinyproxy_project:tinyproxy is a better CPE ID than banu:tinyproxy as this CPE ID has the latest CVEs (whereas banu:tinyproxy only has CVEs up to 2012): https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:tinyproxy_project:tinyproxy Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage) Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
* net/tinc: fix PKG_CPE_IDFabrice Fontaine2024-02-04
| | | | | | | | | | tinc-vpn:tinc is a better CPE ID than tinc:tinc as this CPE ID has the latest CVEs (whereas tinc:tinc only has CVEs up to 2002): https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:tinc-vpn:tinc Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage) Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
* net/vsftpd: fix PKG_CPE_IDFabrice Fontaine2024-02-04
| | | | | | | | | | vsftpd_project:vsftpd is a better CPE ID than beasts:vsftpd as this CPE ID has the latest CVEs (whereas beasts:vsftpd only has CVEs up to 2015): https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:vsftpd_project:vsftpd Fixes: 1371b7be878382b8b52cd73ff72a3a41d28013c4 (vsftpd: Fix compilation without ECC or deprecated APIs) Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
* libs/redis: fix PKG_CPE_IDFabrice Fontaine2024-02-04
| | | | | | | | | | There is not a single CVE linked to pivotal_software:redis so use redis:redis instead: https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:redis:redis Fixes: ceadbcbb64de727c3a974e552d9a723d532e4e40 (treewide: add PKG_CPE_ID for cvescanner) Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
* lang/python/python-requests: fix PKG_CPE_IDFabrice Fontaine2024-02-04
| | | | | | | | | | There is not a single CVE linked to python-requests:requests so use python:requests instead: https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:python:requests Fixes: ceadbcbb64de727c3a974e552d9a723d532e4e40 (treewide: add PKG_CPE_ID for cvescanner) Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
* lang/python/python-urllib3: fix PKG_CPE_IDFabrice Fontaine2024-02-04
| | | | | | | | | | There is not a single CVE linked to urllib3_project:urllib3 so use python:urllib3 instead: https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:python:urllib3 Fixes: 6dcaa769d8ce8921dc3bfaf78ab9a8c1cef4a9b9 (python-urllib3: update to version 1.25) Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
* crowdsec: new upstream release version 1.6.0S. Brusch2024-02-04
| | | | | | | | | | | Update crowdsec to latest upstream release version 1.6.0 Signed-off-by: S. Brusch <ne20002@gmx.ch> Maintainer: Kerma GĂ©rald <gandalf@gk2.net> Package tested: not able to test run due to limited space (package is big) Description: update to latest version of upstream
* libs/libgd: fix licenseFabrice Fontaine2024-02-04
| | | | | | | | libgd is licensed under its own "GD" license and not MIT Fixes: 60feea09c9d343f648045e5e85e7788e75d4e039 (libgd: import from oldpackages, add myself as maintainer, add license...) Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
* nmap: bump package versionKonstantin Demin2024-02-04
| | | | Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
* nmap: unify SSL dependenciesKonstantin Demin2024-02-04
| | | | | | ssl/full variants now depend on "ca-certs" (provided by "ca-bundle" and "ca-certificates") Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
* nmap: ncat: use default CA bundleKonstantin Demin2024-02-04
| | | | Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
* Merge pull request #23279 from ffontaine/fix-tiff-licenseJiri Slachta2024-02-04
|\ | | | | libs/tiff: fix license
| * libs/tiff: fix licenseFabrice Fontaine2024-02-04
|/ | | | | | | | tiff is licensed under its own "libtiff" license and not BSD-3-Clause Fixes: 364de5bc3f16eba42f93d36e848b998b3579e39e (tiff: add licensing information) Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
* lang/python/python-aiohttp: fix PKG_CPE_IDFabrice Fontaine2024-02-04
| | | | | | | | | | | aiohttp:aiohttp is a better CPE ID than aio-libs_projet:aiohttp as this CPE ID has the latest CVEs (whereas aio-libs_project:aiohttp only has one CVE from 2018): https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:aiohttp:aiohttp Fixes: 2edf5034f1c09fe60af52087abe7b6fcef9433fc (python-aiohttp: add a new package) Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
* less: update to 643krant2024-02-04
| | | | Signed-off-by: krant <aleksey.vasilenko@gmail.com>
* grep: update to 3.11krant2024-02-04
| | | | Signed-off-by: krant <aleksey.vasilenko@gmail.com>
* cloudflared: refine config.ymlSergey Ponomarev2024-02-04
| | | | | | | | | | | | | | The config.yml is an example of a tunnel local configuration. But the cloudlfared treat it as a real config and fails to start. So to avoid problems let's comment all the statements. The `url: http://localhost:8000` is not a valid config option. Additionally add a smale of configuring ingres rules. The cloudflared.config has missing option token. Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
* Merge pull request #23263 from ffontaine/fix-sudo-cpeidAlexandru Ardelean2024-02-03
|\ | | | | admin/sudo: fix PKG_CPE_ID
| * admin/sudo: fix PKG_CPE_IDFabrice Fontaine2024-02-02
| | | | | | | | | | | | | | | | | | | | | | sudo_project:sudo is a better CPE ID than todd_miller:sudo as this CPE ID has the latest CVEs (whereas todd_miller:sudo only has CVEs up to 2016): https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:sudo_project:sudo Fixes: 8ce9f30c421255c514b1b2e41fc92eafd7976583 (sudo: Update to 1.8.24) Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
* | Merge pull request #23262 from ffontaine/fix-squashfs-tools-cpeidAlexandru Ardelean2024-02-03
|\ \ | | | | | | utils/squashfs-tools: fix PKG_CPE_ID
| * | utils/squashfs-tools: fix PKG_CPE_IDFabrice Fontaine2024-02-02
| |/ | | | | | | | | | | | | | | | | | | There is not a single CVE linked to phillip_lougher:squashfs so use squashfs-tools_project:squashfs-tools instead: https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:squashfs-tools_project:squashfs-tools Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage) Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
* | libidn2: update to 2.3.7krant2024-02-02
| | | | | | | | Signed-off-by: krant <aleksey.vasilenko@gmail.com>
* | Merge pull request #23219 from rockdrilla/curl-8.6.0Stan Grishin2024-02-02
|\ \ | |/ |/| curl: update to 8.6.0
| * curl: update to 8.6.0Konstantin Demin2024-02-01
| | | | | | | | | | | | * https://curl.se/changes.html#8_6_0 Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
* | unrar: update to 6.2.12krant2024-02-02
| | | | | | | | Signed-off-by: krant <aleksey.vasilenko@gmail.com>
* | tar: update to 1.35krant2024-02-02
| | | | | | | | Signed-off-by: krant <aleksey.vasilenko@gmail.com>
* | libs/vips: fix PKG_CPE_IDFabrice Fontaine2024-02-02
| | | | | | | | | | | | | | | | | | | | | | libvips:libvips is a better CPE ID than vips:vips as this CPE ID has the latest CVEs (whereas vips only has an old CVE from 2010): https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:libvips:libvips Fix: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
* | libpsl: update to 0.21.5krant2024-02-02
| | | | | | | | Signed-off-by: krant <aleksey.vasilenko@gmail.com>
* | net/krb5: fix PKG_CPE_IDFabrice Fontaine2024-02-02
| | | | | | | | | | | | | | | | | | | | mit:kerberos_5 is a better CPE ID than mit:kerberos as this CPE ID has the latest CVEs (whereas mit:kerberos only has CVEs until 2018): https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:mit:kerberos_5 Fix: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
* | Merge pull request #23243 from ffontaine/fix-libpam-cpeidNikos Mavrogiannopoulos2024-02-02
|\ \ | | | | | | libs/libpam: fix PKG_CPE_ID
| * | libs/libpam: fix PKG_CPE_IDFabrice Fontaine2024-02-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | linux-pam:linux-pam is a better CPE ID than kernel:linux-pam as this CPE ID has the latest CVEs (whereas kernel:linux-pam only has a SUSE-specific CVE): https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:linux-pam:linux-pam Fix: 6f74b0c4f15a095b1069a8aaeb19a32dfbc7539a Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
* | | dnsproxy: Update to 0.64.1Tianling Shen2024-02-01
| | | | | | | | | | | | Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
* | | nebula: update to 1.8.2-2Stan Grishin2024-02-01
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The following fixes have been applied to Makefile: * fix the nebula license type * add PKG_CPE_ID * remove unneeded call to Build/Compile * add leading spaces to descriptions * add Package/nebula/conffiles definition * remove unneeded /lib/upgrade/keep.d files * no longer install actual license file * add the README file Kudos to @BKPepe and @1715173329 for feedback which lead to these fixes Signed-off-by: Stan Grishin <stangri@melmac.ca>
* | libs/libdaq3: assign PKG_LICENSE_FILESFabrice Fontaine2024-01-31
| | | | | | | | Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
* | libs/libev: fix licenseFabrice Fontaine2024-01-31
| | | | | | | | | | | | | | | | | | | | | | libev is licensed under BSD-2-Clause or GPL-2.0-or-later since its addition to openwrt While at it, assign PKG_LICENSE_FILES Fixes: 67b39f8f9b703e2cf95616b8e591ec76278a5846 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
* | utils/pv: assign PKG_LICENSE_FILESFabrice Fontaine2024-01-31
| | | | | | | | Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
* | libs/libpciaccess: assign PKG_LICENSEFabrice Fontaine2024-01-31
| | | | | | | | | | | | libpciaccess is licensed under MIT Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
* | net/tor: add licenseFabrice Fontaine2024-01-31
| | | | | | | | | | | | tor is licensed under BSD-3-Clause Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
* | devel/automake: fix licenseFabrice Fontaine2024-01-31
| | | | | | | | | | | | | | | | | | | | | | | | | | | | automake is licensed under GPL-2.0-or-later, not GPL-3.0-or-later: https://git.savannah.gnu.org/cgit/automake.git/tree/COPYING indeed switch to GPL-3.0-or-later was reverted a long time ago (i.e. before its addition to openwrt) by https://git.savannah.gnu.org/cgit/automake.git/commit/?id=fcf2f56062e384455ec8b1aed943af33f20c27c7 While at it, add the license file Fixes: c6ac1e3f76ecd92d02d82c5729bbd1f2bd64922b Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
* | treewide: fix licence typosFabrice Fontaine2024-01-31
|/ | | | | | | | | | | | | - PKG_LICENCE -> PKG_LICENSE - PKC_LICENSE_FILES -> PKG_LICENSE_FILES - BSD 3-Clause -> BSD-3-Clause - BSD-3-clause -> BSD-3-Clause - BSD-2-clause -> BSD-2-Clause - Public Domain -> Public-Domain - PublicDomain -> Public-Domain - Drop unneeded ',' in PKG_LICENSE or PKG_LICENSE_FILES Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
* Merge pull request #23213 from krant/tiffJiri Slachta2024-01-31
|\ | | | | tiff: update to 4.6.0
| * tiff: update to 4.6.0krant2024-01-31
| | | | | | | | | | | | - Don't set CMake options which are on by default Signed-off-by: krant <aleksey.vasilenko@gmail.com>
* | libjpeg-trubo: update to 3.0.2krant2024-01-31
| | | | | | | | | | | | | | | | - Switch source URL to Github since upstream migrated there - Remove CMake options which are obsolete or match default values - Don't disable arithmetic encoding/decoding since it's the standard Signed-off-by: krant <aleksey.vasilenko@gmail.com>
* | docker-compose: Update to version 2.24.5Javier Marcet2024-01-31
|/ | | | Signed-off-by: Javier Marcet <javier@marcet.info>
* xz: Update to 5.4.6Hannu Nyman2024-01-30
| | | | | | Update xz to match the version 5.4.6 in tools/ Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
* utils/vim: add license infoFabrice Fontaine2024-01-30
| | | | | | | vim is licensed under its own Vim license: https://spdx.org/licenses/Vim.html Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
* utils/augeas: assign PKG_LICENSE_FILESFabrice Fontaine2024-01-30
| | | | | | | | augeas provides a COPYING file since its addition to openwrt Fixes: 7fc497dd67727225e875d5b13a5c76437815e277 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
* inih: Update to r58Tianling Shen2024-01-30
| | | | Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
* rclone: Update to 1.65.2Tianling Shen2024-01-30
| | | | Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
* cloudflared: Update to 2024.1.5Tianling Shen2024-01-30
| | | | Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Powered by cgit, Themed by Ted Yin.