| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
| |
- Use official source URL
- Add libstdcpp dependency
- Don't set configure options which are matching default values
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
|
| |
|
|
| |
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
This version includes several new features that allow to simplify the
package significantly: The noexit patch and hotplug script are no longer
needed, and the init script doesn't have to check for legacy databases
anymore.
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
|
| |
|
|
|
|
| |
- Don't set Meson options which are matching defaults
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
|
| |
|
|
|
|
| |
https://curl.se/changes.html#8_6_0
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
tuxera:ntfs-3g is a better CPE ID than ntfs-3g:ntfs-3g as this CPE ID
has the latest CVEs (whereas ntfs-3g:ntfs-3g only has one CVE from 2007):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:tuxera:ntfs-3g
Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
gpsd_project:gpsd is a better CPE ID than berlios:gps_daemon as this CPE
ID has the latest CVEs (whereas berlios:gps_daemon only has one CVE from
2004):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:gpsd_project:gpsd
Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
There is not a single CVE linked to python:pip so use pypa:pip instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:pypa:pip
Moreover, CPE_ID missed PKG_ prefix
Fixes: eee273507b868ad5f6f7e744d513c85330967906 (python3: Split pip into separate source package)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
There is not a single CVE linked to network_block_device:nbd so use
network_block_device_project:network_block_device instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:network_block_device_project:network_block_device
Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
motion_project:motion is a better CPE ID than lavrsen:motion as this CPE
ID has the latest CVE (whereas lavrsen:motion only a CVE from 2008):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:motion_project:motion
Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
cpe:/a:miniupnp_project:miniupnpc is the correct CPE ID for miniupnpc:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:miniupnp_project:miniupnpc
Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
There is not a single CVE linked to libidn2_project:libidn2 so use
gnu:libidn2 instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:gnu:libidn2
Fixes: ceadbcbb64de727c3a974e552d9a723d532e4e40 (treewide: add PKG_CPE_ID for cvescanner)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
There is not a single CVE linked to libexpat:expat so use
libexpat_project:libexpat instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:libexpat_project:libexpat
Fixes: 70c62ef2d77aef5d8a27ccca2b147bc2a69dc7f8 (expat: update to version 2.2.7 (security fix))
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
| |
|
|
|
|
|
|
| |
PKG_CPE_ID was missing ":lrzsz"
Fixes: 6d6c4b21b5e22a9f1058db5b61521a298e00a5f0 (lrzsz: update to v0.12.21rc and fix a CVE)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
python-paho-mqtt is licensed under EPL-2.0, not EPL-1.0, since version
1.6.0 and
https://github.com/eclipse/paho.mqtt.python/commit/fabe7500fb6fde31fd98c619e0117d1c651fd18d
While at it, add LICENSE.txt to PKG_LICENSE_FILES
Fixes: 784f2a519bb8cdfaa973070f65ff9a3a481e5cd1 (python-paho-mqtt: bump to version 1.6.1)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
| |
|
|
| |
Signed-off-by: Vladimir Ulrich <admin@evl.su>
|
| |
|
|
|
|
|
|
|
| |
Replace "Unique" by the standard SPDX identifier for NTP license:
https://spdx.org/licenses/NTP.html
Fixes: 1aff45c6dd36f2a5875eadaeae2ed93da8ff6d45 (ntpd: add SPDX license information)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Replace "Unique" by the standard SPDX identifier for lsof license:
https://spdx.org/licenses/lsof.html
Fixes: 59adfc86b9d1e5a8fb9d5c83db6546a6b49a77f5 (lsof: add license information)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
boinc_project:boinc has never been a valid CPE ID so use
rom_walton:boinc instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:rom_walton:boinc
Fixes: 9c2bd865c715cad8646157d6bbfb669d9970c322 (boinc: new package for distributed computing/data acquisition)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
zsh:zsh is a better CPE ID than zsh_project:zsh as this CPE ID has the
latest CVEs (whereas zsh_project:zsh only has CVEs up to 2017):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:zsh:zsh
Fixes: ff056fcffcacf2632505bb108bf8e8c2a3cef09c (zsh: Update to 5.6.2)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
tmux_project:tmux is a better CPE ID than nicholas_marriott:tmux as this
CPE ID has the latest CVE (whereas nicholas_marriott:tmux only has a CVE
from 2011):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:tmux_project:tmux
Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
tinyproxy_project:tinyproxy is a better CPE ID than banu:tinyproxy as
this CPE ID has the latest CVEs (whereas banu:tinyproxy only has CVEs up
to 2012):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:tinyproxy_project:tinyproxy
Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
tinc-vpn:tinc is a better CPE ID than tinc:tinc as this CPE ID has the
latest CVEs (whereas tinc:tinc only has CVEs up to 2002):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:tinc-vpn:tinc
Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
vsftpd_project:vsftpd is a better CPE ID than beasts:vsftpd as this CPE
ID has the latest CVEs (whereas beasts:vsftpd only has CVEs up to 2015):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:vsftpd_project:vsftpd
Fixes: 1371b7be878382b8b52cd73ff72a3a41d28013c4 (vsftpd: Fix compilation without ECC or deprecated APIs)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
There is not a single CVE linked to pivotal_software:redis so use
redis:redis instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:redis:redis
Fixes: ceadbcbb64de727c3a974e552d9a723d532e4e40 (treewide: add PKG_CPE_ID for cvescanner)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
There is not a single CVE linked to python-requests:requests so use
python:requests instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:python:requests
Fixes: ceadbcbb64de727c3a974e552d9a723d532e4e40 (treewide: add PKG_CPE_ID for cvescanner)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
There is not a single CVE linked to urllib3_project:urllib3 so use
python:urllib3 instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:python:urllib3
Fixes: 6dcaa769d8ce8921dc3bfaf78ab9a8c1cef4a9b9 (python-urllib3: update to version 1.25)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Update crowdsec to latest upstream release version 1.6.0
Signed-off-by: S. Brusch <ne20002@gmx.ch>
Maintainer: Kerma GĂ©rald <gandalf@gk2.net>
Package tested: not able to test run due to limited space (package is big)
Description: update to latest version of upstream
|
| |
|
|
|
|
|
|
| |
libgd is licensed under its own "GD" license and not MIT
Fixes: 60feea09c9d343f648045e5e85e7788e75d4e039 (libgd: import from oldpackages, add myself as maintainer, add license...)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
| |
|
|
| |
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
|
| |
|
|
|
|
| |
ssl/full variants now depend on "ca-certs" (provided by "ca-bundle" and "ca-certificates")
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
|
| |
|
|
| |
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
|
| |\
| |
| | |
libs/tiff: fix license
|
| |/
|
|
|
|
|
|
| |
tiff is licensed under its own "libtiff" license and not BSD-3-Clause
Fixes: 364de5bc3f16eba42f93d36e848b998b3579e39e (tiff: add licensing information)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
aiohttp:aiohttp is a better CPE ID than aio-libs_projet:aiohttp as this
CPE ID has the latest CVEs (whereas aio-libs_project:aiohttp only has
one CVE from 2018):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:aiohttp:aiohttp
Fixes: 2edf5034f1c09fe60af52087abe7b6fcef9433fc (python-aiohttp: add a new package)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
| |
|
|
| |
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
|
| |
|
|
| |
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The config.yml is an example of a tunnel local configuration.
But the cloudlfared treat it as a real config and fails to start.
So to avoid problems let's comment all the statements.
The `url: http://localhost:8000` is not a valid config option.
Additionally add a smale of configuring ingres rules.
The cloudflared.config has missing option token.
Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
|
| |\
| |
| | |
admin/sudo: fix PKG_CPE_ID
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
sudo_project:sudo is a better CPE ID than todd_miller:sudo as this CPE
ID has the latest CVEs (whereas todd_miller:sudo only has CVEs up to
2016):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:sudo_project:sudo
Fixes: 8ce9f30c421255c514b1b2e41fc92eafd7976583 (sudo: Update to 1.8.24)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
| |\ \
| | |
| | | |
utils/squashfs-tools: fix PKG_CPE_ID
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| | |
There is not a single CVE linked to phillip_lougher:squashfs so use
squashfs-tools_project:squashfs-tools instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:squashfs-tools_project:squashfs-tools
Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
| | |
| |
| |
| | |
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
|
| |\ \
| |/
|/| |
curl: update to 8.6.0
|
| | |
| |
| |
| |
| |
| | |
* https://curl.se/changes.html#8_6_0
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
|
| | |
| |
| |
| | |
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
|
| | |
| |
| |
| | |
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
libvips:libvips is a better CPE ID than vips:vips as this CPE ID has the
latest CVEs (whereas vips only has an old CVE from 2010):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:libvips:libvips
Fix: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
| | |
| |
| |
| | |
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
mit:kerberos_5 is a better CPE ID than mit:kerberos as this CPE ID has
the latest CVEs (whereas mit:kerberos only has CVEs until 2018):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:mit:kerberos_5
Fix: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|