Stan Grishin [Sat, 3 Aug 2024 23:25:44 +0000 (23:25 +0000)]
adblock-fast: update to 1.1.2-3
This version brings two significant updates:
* support for text labels/names for the external lists
* better processing of the config update files, which cleans up
entries with missing URLs
Also:
* new config file contains names for all lists
* it tries to match existing URLs with the names from the new config file
and update user config as part of uci-defaults script
* contains minor updates to copyright/license/upstream URL/README
* updates the config update script to remove sysctl.org list as it's outdated
* adds two new remote lists: Hagezi and 1Hosts
Signed-off-by: Stan Grishin <stangri@melmac.ca>
(cherry picked from commit
50e85ed27f0999c8c43ed43675f9b702944ee3e8)
Luiz Angelo Daros de Luca [Sun, 28 Jul 2024 19:30:47 +0000 (16:30 -0300)]
ruby: update to 3.2.5
Ruby 3.2.5 includes many bug-fixes and a security fix in bundled gem
rexml.
- CVE-2024-39908: DoS in REXML.
See: https://www.ruby-lang.org/en/news/2024/07/26/ruby-3-2-5-released/
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Milinda Brantini [Wed, 24 Jul 2024 04:10:17 +0000 (12:10 +0800)]
dockerd: Update to 27.1.1
Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
(cherry picked from commit
84f20279113d05284de92bc246a1cf9149108ed9)
Milinda Brantini [Wed, 24 Jul 2024 04:07:42 +0000 (12:07 +0800)]
docker: Update to 27.1.1
Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
(cherry picked from commit
a14185ce28d2b37722b6fe5930ea2b430a4e0494)
Milinda Brantini [Tue, 23 Jul 2024 02:59:29 +0000 (10:59 +0800)]
containerd: Update to 1.7.20
Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
(cherry picked from commit
79fac95444e4874a411c1a135ad01b12a8e36007)
Milinda Brantini [Tue, 23 Jul 2024 02:26:46 +0000 (10:26 +0800)]
dockerd: Update to 27.1.0
Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
(cherry picked from commit
7e4cabe225894905c77cd5ac39e2a896dac45912)
Milinda Brantini [Tue, 23 Jul 2024 02:25:27 +0000 (10:25 +0800)]
docker: Update to 27.1.0
Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
(cherry picked from commit
c8d63383add0ec11e53f4f05d15ece6118b1cf41)
Milinda Brantini [Tue, 30 Jul 2024 07:54:05 +0000 (15:54 +0800)]
xray-core: update to 1.8.23
Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
(cherry picked from commit
b82deed3de4b3fbb7fa337543988ce8d70e567cc)
Hannu Nyman [Sun, 28 Jul 2024 17:46:40 +0000 (20:46 +0300)]
sqm-scripts-extra: remove the ancient package
Remove the ancient package with experimental cake options,
from time when cake was not yet officially here.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit
217e4ecb35e3181b0a57af9198d475f460b770ad)
Hannu Nyman [Sun, 28 Jul 2024 17:45:09 +0000 (20:45 +0300)]
nano: update to 8.1
Update nano editor to version 8.1.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit
98f642226fc11d7ce8f2fdbb03a4b5669bccf7a6)
Aleksey Kolosov [Thu, 25 Jul 2024 07:44:57 +0000 (10:44 +0300)]
delve: update to 1.23.0
Support Golang 1.21 and 1.22
Signed-off-by: Aleksey Kolosov <softovick@gmail.com>
Milinda Brantini [Mon, 22 Jul 2024 14:27:59 +0000 (22:27 +0800)]
xray-core: update to 1.8.21
Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
(cherry picked from commit
ebeeafb99630ea54bd9a14ab0484f213218028aa)
Paul Donald [Sun, 31 Mar 2024 18:25:17 +0000 (20:25 +0200)]
p910nd: set bidi only if not already set
Closes #23774
Signed-off-by: Paul Donald <newtwen+github@gmail.com>
(cherry picked from commit
4628b6bd43ac1c212363535fe4d32739c5f7e622)
krant [Wed, 31 Jan 2024 11:38:30 +0000 (13:38 +0200)]
make: update to 4.4.1
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
(cherry picked from commit
532f6e078291d25eb2a17f7de01a69edbe1c090e)
krant [Tue, 6 Feb 2024 13:25:47 +0000 (15:25 +0200)]
autoconf: update to 2.72
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
(cherry picked from commit
90d316b4286986192fc38bd064e138c336d8960c)
krant [Tue, 6 Feb 2024 13:29:27 +0000 (15:29 +0200)]
automake: update to 1.16.5
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
(cherry picked from commit
2bcd9a4cd7d8d5fd2c2a25fb18f5e0ec605c335c)
Milinda Brantini [Sat, 20 Jul 2024 12:26:36 +0000 (20:26 +0800)]
xray-core: update to 1.8.20
Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
(cherry picked from commit
c4a706898238b01b0bcfce40710562b382395f5b)
Ryan Keane [Sun, 16 Jun 2024 00:45:29 +0000 (20:45 -0400)]
unbound: Update to 1.20.0
Updated 010-configure-uname.patch as source changed.
Removed 100-example-conf-in.patch as not needed any more.
Release message:
This release has a fix for the DNSBomb issue CVE-2024-33655. This has a
low severity for Unbound, since it makes Unbound complicit in targeting
others, but does not affect Unbound so much.
To mitigate the issue new configuration options are introduced.
The options discard-timeout: 1900, wait-limit: 1000
and wait-limit-cookie: 10000 are enabled by default. They limit the
number of outstanding queries that a querier can have. This limits
the reply pulse, and make Unbound less favorable for the issue.
With the config wait-limit-netblock and wait-limit-cookie-netblock
the parameters can be fine tuned for specific destinations.
More information on the attack and Unbound's mitigations are
presented further down.
Other fixes in this release are that Unbound no longer follows symlinks
when truncating the pidfile. Unbound also does not chown the pidfile,
this is for safety reasons. There are also a number of fixes for RPZ, in
handling CNAMEs. There is a memory leak fix for the edns client subnet
cache. For DNSSEC validation a case is fixed when the query is of type
DNAME. The unbound-anchor program is fixed to first write to a temporary
file, before replacing the original. This handles disk full situations,
and because of it unbound-anchor needs permission to create that file,
in the same directory as the original file. There is also a fix for
IP_DONTFRAG, to disable fragmentation instead of the opposite.
The option cache-min-negative-ttl can be used to set the minimum TTL
for negative responses in the cache. It complements existing options to
set the maximum ttl for negative responses and to set the minimum and
maximum ttl but not specifically for negative responses.
The option cachedb-check-when-serve-expired option makes Unbound use
cachedb to check for expired responses, when serve-expired is enabled,
and cachedb is used. It is enabled by default.
The -q option for unbound-checkconf can be added to silence it when
there are no errors.
Signed-off-by: Ryan Keane <the.ra2.ifv@gmail.com>
(cherry picked from commit
d421db0527f41ae48ecff56501de2d56217f1182)
Karol Kolacinski [Sat, 6 Jul 2024 16:12:01 +0000 (18:12 +0200)]
transmission: update to version 4.0.6
Release notes:
https://github.com/transmission/transmission/releases/tag/4.0.6
Remove temporary patch included in 4.0.6 release.
Signed-off-by: Karol Kolacinski <kolacinskikarol@live.com>
(cherry picked from commit
c32139757cf13b78a114fbd900aadba8ae1b94b7)
Seo Suchan [Sat, 11 May 2024 19:20:50 +0000 (04:20 +0900)]
transmission: fix compile with MbedTLS 3.X
Backport pending patch, which was submitted to upstream via GitHub
to use renamed function to compile it against MbedTLS 3.x.
Signed-off-by: Seo Suchan <tjtncks@gmail.com>
(cherry picked from commit
42140c67e04392898e8372c4619a9c7ebfa876ca)
Philip Prindeville [Thu, 30 May 2024 16:29:04 +0000 (10:29 -0600)]
bind: bump to 9.18.27
Fixes: https://gitlab.isc.org/isc-projects/bind9/-/issues/4586
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
(cherry picked from commit
56c0f16e8b258c33f06c9b8cb412f7f1dd434c15)
Denis Shulyaka [Tue, 16 Jul 2024 10:54:54 +0000 (13:54 +0300)]
ddns-scripts: Update knot resolver regexp
The output format of `khost` has changed. This commit fixes the regexp
for IPv4. It fixes the issue of using a custom DNS to resolve current
address.
```bash
root@localhost:~# khost ns2.afraid.org
ns2.afraid.org. has IPv4 address 69.65.50.223
ns2.afraid.org. has IPv6 address 2001:1850:1:5:800::6b
Host ns2.afraid.org. has no MX record
root@localhost:~# khost --version
khost (Knot DNS), version 3.3.5
```
Signed-off-by: Denis Shulyaka <Shulyaka@gmail.com>
(cherry picked from commit
ebeae334d9ff39d81898a7d8b5275151518318f1)
Daniel Golle [Wed, 17 Jul 2024 01:53:35 +0000 (02:53 +0100)]
exim: update to 4.98
Remove upstreamed patch 300-avoid-time-printf.patch
Exim/exim@
9ae8613607b12257e1fe59c603119bc5d4cd3474
Exim version 4.98
-----------------
JH/01 Support list of dkim results in the dkim_status ACL condition, making
it more usable in the data ACL.
JH/02 Bug 3040: Handle error on close of the spool data file during reception.
Previously This was only logged, on the assumption that errors would be
seen for a previous fflush(). However, a fuse filesystem has been
reported as showing this an error for the fclose(). The spool is now in
an uncertain state, and we have logged and responded acceptance. Change
this to respond with a temp-reject, wipe spoolfiles, and log the error
detail.
JH/03 Bug 3030: Fix handling of DNS servfail respons for DANE TLSA. When hit
during a recipient verify callout, a QUIT command was attempted on the
now-closed callout channel, causing a paniclog entry.
JH/04 Bug 3039: Fix handling of of an empty log_reject_target, with
a connection_reject log_selector, under tls_on_connect. Previously
with this combination, when the connect ACL rejected, a spurious
paniclog entry was made.
JH/05 Fix TLS resumption for TLS-on-connect. This was broken by the advent
of loadbalancer-detection for resumption, in 4.96 - which tries to
use the EHLO response. SMTPS does not have one at the time it is starting
TLS. Change the default for the smtp transport host_name_extract option
to be a static string, for TLS-on-connect cases; meaning that resumption
will always be attempted (unless deliberately overriden).
JH/06 Bug 3054: Fix dnsdb lookup for a TXT record with multiple chunks, with a
chunk-separator specification. This was broken by hardening introduced
for Bug 3031.
JH/07 Bug 3050: Fix -bp for old message_id format spoolfiles. Previously it
included the -H with the id; this also messed up exiqgrep.
JH/08 Bug 3056: Tighten up parsing of DKIM DNS records. Previously, whitespace
was not properly skipped and empty elements would cause mis-parsing.
Tighten parsing of DKIM header records. Previously, all but lowercase
alpha chars would be ignored in potential tag names.
JH/09 Bug 3057: Add heuristic for spotting mistyped IPv6 addresses in lists
being searched. Previously we only had one for IPv4 addresses. Per the
documentation, the error results by default in a no-match result for the
list. It is logged if the unknown_in_list log_selector is used.
JH/10 Bug 3058: Ensure that a failing expansion in a router "set" option defers
the routing operation. Previously it would silently stop routing the
message.
JH/11 Bug 3046: Fix queue-runs. Previously, the arrivel of a notification or
info-request event close in time to a scheduled run timer could result in
the latter being missed, and no further queue scheduled runs being
initiated. This ouwld be more likely on high-load systems.
JH/12 Refuse to accept a line "dot, LF" as end-of-DATA unless operating in
LF-only mode (as detected from the first header line). Previously we did
accept that in (normal) CRLF mode; this has been raised as a possible
attack scenario (under the name "smtp smuggling").
JH/13 Add an fdatasync call for the received message data file in spool, before
loggging reception and sending the SMTP ack. Previously we only flushed
the stdio buffer so there was still the possibility of a disk error.
JH/14 Bug 3061: Avoid a split log line when trying to rewrite a malformed
address. Previously, for the last address in a header line (commonly
there is only one) the terminating newline was part of the logged
information.
JH/15 Bug 3061: Ensure a log line is written for a malformed address in a
header, when parsing for address-qualification. Previously one was only
written if there were rewrite rules.
JH/16 Two-phase queue runs are now reported in the daemon startup log line and
in exiwhat output.
JH/17 Bug 3064: Fix combination of "-q<period> -R <recipients>". Introduction of
the multiple-queue-runners facility for 4.97 broke this, giving only a
one-time run of the queue.
JH/18 Bug 3068: Log a warning for use of deprecated syntax in query-style
lookups.
JH/19 Fix TLS startup. When the last expansion done before the initiation of a
TLS session resulted in a forced-fail, a misleading error was logged for
the expansino of tls_certificates. This would affect the common case of
that option being set (main-section options) but not having any variable
parts. It could also potentially affect tls_privatekeys. The underlyding
coding errors go back to 4.90 but were only exposed in 4.97.
JH/20 Bug 3047: A recent (somewhere between 10.34 and 10.42) version of the
pcre2 library starting allocating 20kB rather than 112 bytes per match
call, which broke the 2GB total limitation on Exim's memory management
when a user had over 104207 messages stored and the appendfile
maildir_quota_directory_regex option is in use. Release the allocated
memory every thosand files to avoid this.
The same issue arises with the ACL regex condition, which is applied
to every line of a received message.
JH/21 Bug 3059: Fix crash in smtp transport. When running for a message for
which all recipients had been handled (itself an issue) a null-pointer
deref was done on trying to write a retry record. Fix that by counting
the outstanding recipients before trying to transmit the message.
The situation arose for a second MX try within a transport run, when the
first had perm-rejected a recipient (the only one for the connection, in
the case seen) during pipelining, and then closed the TCP connection.
The transport classified that as an I/O error, leaving the message
outstanding but having marked up the recipient as dealt-with. It then
tried another MX because of the I/O error. Fix this by converting the
message-level status to ok if there was a close but all recipients were
dealt with. Thanks to Wolfgand Breyha for debug runs.
JH/22 The ESMTP_LIMITS facility (RFC 9422) is promoted from experimental status
and is now controlled by the build-time option DISABLE_ESMTP_LIMITS.
JH/23 Bug 3066: Avoid leaking lookup database credentials to log.
JH/24 Bug 3081: Fix a delivery process crash. When the router "errors_to"
option specified a fixed address, later rewriting on that address would
trip on the configuration data being readonly. Instead of modifying
in-place, copy data. Found and fixed by Peter Benie.
JH/25 Bug 3079: Fix crash in dbmnz. When a key was present for zero-length
data a null pointer was followed. Find and testcase by Sebastian Bugge.
JH/26 Fix encoding for an AUTH parameter on a MAIL FROM command. Previously
decimal 127 chars were not encoded, and lowercase hex was used for
encoded values. Outstanding since at least 1999.
JH/27 Fix crash in logging. When a message with a large number of recipients
had been received, and logging of recipients is enabled, the buffer used
for logging could reach limit. A read using a null pointer would then
be done, resulting in a crash of the receiving process before an SMTP
ACK for the message was returned to the sending system. Duplicate
messages were created as a result.
Find and debug help by Mateusz Krawczyk
JH/28 Bug 3086: Fix exinext for ipv6. Change the format of keys in the retry
DB, wrapping transport record bare-ip "host names" and ipv6
"host addresses" in square-brackets. This makes the parsing that
exinext does more reliable.
JH/29 Bug 3087: Fix SRS encode. A zero-length quoted element in the local-part
would cause a crash.
JH/30 Bug 3029: Avoid feeding Resent-From: to DMARC.
JH/31 Bug 3027: For -bh / -bhc tests change to using the compressed form of
ipv6 addresses for the sender. Previously the uncompressed form was used,
and if used in textual form this would result in behavior difference
versus non-bh.
JH/32 Bug 3096: MAIL before HELO/EHLO, where required by hosts_require_helo, is
now classed as a protocol error and subject to smtp_max_synprot_errors.
JH/33 Bug 2994: A subdir dsearch lookup should permit a directory name that starts
".." and has following characters.
JH/34 Fix delivery ordering for 2-phase queue run combined with
queue_run_in_order.
JH/35 Bug 3099: fix parsing of MIME filename= split over multiple paramemters.
Previously the $mime_filename variable would have an incorrect value.
While in the code, extend coverage to name= which previously was only
supported for single parameters, despite also filling in $mime_filename.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
00c4a7f9c3103caf84646f074af3ba6b261c658a)
Milinda Brantini [Wed, 17 Jul 2024 14:21:35 +0000 (22:21 +0800)]
xray-core: update to 1.8.19
Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
(cherry picked from commit
b85b8e869df6a79757d09401911d1000ffea6544)
Michael Heimpold [Tue, 16 Jul 2024 19:20:34 +0000 (21:20 +0200)]
Merge pull request #24572 from mhei/23.05-php8-update-to-8.2.21
[23.05] php8: update to 8.2.21
Milinda Brantini [Sun, 14 Jul 2024 12:03:06 +0000 (20:03 +0800)]
dockerd: fix breaks IPv6 routing
Add option to support ip6tables configuration(default false).
Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
(cherry picked from commit
55e689176ec52afde0cda0ee2b48dbff349d6c6c)
Tianling Shen [Tue, 16 Jul 2024 04:46:47 +0000 (12:46 +0800)]
v2ray-geodata: Update to latest version
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
1016f8f1ba41b743bff905cf27b6c6f2b8de6c8e)
Tianling Shen [Wed, 3 Jul 2024 18:06:49 +0000 (02:06 +0800)]
v2ray-geodata: Update to latest version
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
309687f01abeca6f369e7e1d62aa2a5a47df02e7)
Tianling Shen [Fri, 24 May 2024 14:06:45 +0000 (22:06 +0800)]
v2ray-geodata: Update to latest version
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
ef9be4a53c8f05f2d01cc4809055d5cb6999cb94)
Milinda Brantini [Mon, 15 Jul 2024 04:34:10 +0000 (12:34 +0800)]
v2raya: update to 2.2.5.7
ci: Fix up Docker images' tag from version number
chore(deps): bump github.com/gin-contrib/cors from 1.3.1 to 1.6.0
Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
(cherry picked from commit
ccccd5c92df2b4f80a9e5c43d1e96edf0a6b7e6a)
Milinda Brantini [Mon, 15 Jul 2024 14:08:08 +0000 (22:08 +0800)]
xray-core: update to 1.8.18
Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
(cherry picked from commit
88ba5210fb7ad6e3b6199cf4b70d4b53dc5fe3cf)
[Removed obsolete patch as upstream has fixed.]
Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
Dirk Brenken [Sun, 14 Jul 2024 20:26:36 +0000 (22:26 +0200)]
banip: update 1.0.0-5
* filter crappy IP entries from urlhaus feed
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit
9968fe6bf770f3a2eac47fbee17511d4144479cf)
W. Michael Petullo [Sun, 14 Jul 2024 05:53:01 +0000 (00:53 -0500)]
krb5: update to 1.21.3
Fixes the following CVEs when compared to the last-packaged version,
1.20.1:
CVE-2024-37370
CVE-2024-37371
CVE-2023-36054
Signed-off-by: W. Michael Petullo <mike@flyn.org>
Milinda Brantini [Fri, 12 Jul 2024 11:11:30 +0000 (19:11 +0800)]
xray-core: update to 1.8.17
Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
(cherry picked from commit
48ea7d33e169dee3513d4b3f22203b0b78df304c)
Milinda Brantini [Sun, 14 Jul 2024 02:13:16 +0000 (10:13 +0800)]
dnsproxy: Update to 0.67.0
Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
Michael Heimpold [Sat, 13 Jul 2024 20:18:23 +0000 (22:18 +0200)]
php8: update to 8.2.21
Upstream changelog:
https://www.php.net/ChangeLog-8.php#8.2.21
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Milinda Brantini [Fri, 12 Jul 2024 03:00:57 +0000 (11:00 +0800)]
adguardhome: Update to 0.107.46
Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
Zuev Aleksandr [Thu, 16 Nov 2023 16:00:35 +0000 (20:00 +0400)]
adguardhome: Update to 0.107.42
Signed-off-by: Zuev Aleksandr <A.Zuev@stdev.su>
(cherry picked from commit
050f13c2c7d0c35f497ddac005dcf4ada19efbf8)
Hiếu Lê [Fri, 29 Sep 2023 19:45:14 +0000 (19:45 +0000)]
adguardhome: wait for interfaces to be up at boot
This should allow the service to be activated even earlier during
the boot process and also avoids race condition against network.
Signed-off-by: Hiếu Lê <leorize+oss@disroot.org>
(cherry picked from commit
d00131e2a0c8e846b42df22eda6c8356d4fce4a9)
Tianling Shen [Fri, 12 Jul 2024 03:20:14 +0000 (11:20 +0800)]
Merge pull request #24546 from ynezz/ynezz/openwrt-23.05/license-fixes-backports
[23.05] backport package license fixes
Milinda Brantini [Thu, 11 Jul 2024 10:17:31 +0000 (18:17 +0800)]
v2raya: update to 2.2.5.6
chore(deps): bump golang.org/x/net from 0.18.0 to 0.23.0 in /service
Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
(cherry picked from commit
5a05a3a2b9c1343c585fbbd291a91807104257d4)
Milinda Brantini [Wed, 19 Jun 2024 16:05:51 +0000 (16:05 +0000)]
v2raya: update to 2.2.5.5
Fix: docker dev environment build.
Remove is-text in button style.
Add tun mode with sing-tun.
Publish docker images on Github Container Registry.
Ci: add separated singtun workflow.
Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
(cherry picked from commit
edb50c24fc61a14664017981c8ba0b4096d96c0a)
Dengfeng Liu [Wed, 10 Jul 2024 09:05:37 +0000 (17:05 +0800)]
apfree-wifidog: Update to 7.07.2018
Signed-off-by: Dengfeng Liu <liudf0716@gmail.com>
(cherry picked from commit
b6431127400f2858216c72c3175de9643620e11c)
Dengfeng Liu [Wed, 10 Jul 2024 09:02:46 +0000 (17:02 +0800)]
apfree-wifidog: support wildcard domain
Signed-off-by: Dengfeng Liu <liudf0716@gmail.com>
(cherry picked from commit
ca8fe51fd8b6067bf671d627c57911d299ab940c)
Fabrice Fontaine [Sun, 4 Feb 2024 21:08:51 +0000 (22:08 +0100)]
lang/python/python-paho-mqtt: fix license
python-paho-mqtt is licensed under EPL-2.0, not EPL-1.0, since version
1.6.0 and
https://github.com/eclipse/paho.mqtt.python/commit/
fabe7500fb6fde31fd98c619e0117d1c651fd18d
While at it, add LICENSE.txt to PKG_LICENSE_FILES
Fixes: 784f2a519bb8cdfaa973070f65ff9a3a481e5cd1 (python-paho-mqtt: bump to version 1.6.1)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit
3380427f2929f838a7014fd74209c5ed41270176)
Fabrice Fontaine [Sun, 4 Feb 2024 21:46:55 +0000 (22:46 +0100)]
net/ntpd: fix license
Replace "Unique" by the standard SPDX identifier for NTP license:
https://spdx.org/licenses/NTP.html
Fixes: 1aff45c6dd36f2a5875eadaeae2ed93da8ff6d45 (ntpd: add SPDX license information)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit
f7ad88678d00babe5b82e62aa6708a0dea1ef315)
Fabrice Fontaine [Sun, 4 Feb 2024 21:41:03 +0000 (22:41 +0100)]
utils/lsof: fix license
Replace "Unique" by the standard SPDX identifier for lsof license:
https://spdx.org/licenses/lsof.html
Fixes: 59adfc86b9d1e5a8fb9d5c83db6546a6b49a77f5 (lsof: add license information)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Petr Å tetiar <ynezz@true.cz> [backport]
(cherry picked from commit
9111b290d1dd67a1c7bb017c17569b3a35055eef)
Fabrice Fontaine [Sun, 4 Feb 2024 20:57:46 +0000 (21:57 +0100)]
libs/libgd: fix license
libgd is licensed under its own "GD" license and not MIT
Fixes: 60feea09c9d343f648045e5e85e7788e75d4e039 (libgd: import from oldpackages, add myself as maintainer, add license...)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit
41c998224d20160d7b5ecaf173df42bd5f6dc7a4)
Fabrice Fontaine [Sun, 4 Feb 2024 21:30:33 +0000 (22:30 +0100)]
libs/tiff: fix license
tiff is licensed under its own "libtiff" license and not BSD-3-Clause
Fixes: 364de5bc3f16eba42f93d36e848b998b3579e39e (tiff: add licensing information)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit
ae165deaf5a708fcbcfc8c48e3866ec7e048ba00)
Fabrice Fontaine [Tue, 30 Jan 2024 21:05:54 +0000 (22:05 +0100)]
libs/libev: fix license
libev is licensed under BSD-2-Clause or GPL-2.0-or-later since its
addition to openwrt
While at it, assign PKG_LICENSE_FILES
Fixes: 67b39f8f9b703e2cf95616b8e591ec76278a5846
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit
070fc8021c9376b74c7350edba0f551ccf28f8bf)
Fabrice Fontaine [Tue, 30 Jan 2024 21:34:14 +0000 (22:34 +0100)]
net/tor: add license
tor is licensed under BSD-3-Clause
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit
63c942cedbb5eb647d0e39690f8d90b4bfd285c0)
Fabrice Fontaine [Tue, 30 Jan 2024 20:06:31 +0000 (21:06 +0100)]
devel/automake: fix license
automake is licensed under GPL-2.0-or-later, not GPL-3.0-or-later:
https://git.savannah.gnu.org/cgit/automake.git/tree/COPYING
indeed switch to GPL-3.0-or-later was reverted a long time ago (i.e.
before its addition to openwrt) by
https://git.savannah.gnu.org/cgit/automake.git/commit/?id=
fcf2f56062e384455ec8b1aed943af33f20c27c7
While at it, add the license file
Fixes: c6ac1e3f76ecd92d02d82c5729bbd1f2bd64922b
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit
f3e54bda3131c97fd07af50c12ae7eade768b58b)
Fabrice Fontaine [Tue, 30 Jan 2024 07:23:18 +0000 (08:23 +0100)]
utils/vim: add license info
vim is licensed under its own Vim license:
https://spdx.org/licenses/Vim.html
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit
584f4e71980efca2e98923008c85c5524f38a7a6)
Fabrice Fontaine [Wed, 20 Dec 2023 08:18:46 +0000 (09:18 +0100)]
libassuan: Fix license
libassuan license is wrong since the addition of the package in commit
https://git.openwrt.org/?p=feed/packages.git;a=commit;h=
e24e8fa98c813911419271d64433deb2b453fa02
Indeed, libassuan has been licensed under LGPL-2.1+ since version 1.0.3
back in 2007 [1]:
Noteworthy changes in version 1.0.3 (2007-08-24)
------------------------------------------------
* Changed the license of the library code back to LGPLv2.1 to support
a bunch of GPLv2(only) software which does not allow the use of
LGPLv3. Note that this is only a temporary change and authors of
GPLv2(only) software are asked to switch to GPLv3 or to add an
exception which allow the use of LPGLv3 software.
[1]: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libassuan.git;a=blob;f=NEWS;h=
3a86eca4175fbcb12bb00722c2047062df67a46d;hb=HEAD
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit
cb9b994a53efaeecd6953b5e6d6ef4f440ff2d26)
Fabrice Fontaine [Sun, 10 Dec 2023 20:42:37 +0000 (21:42 +0100)]
gpgme: Fix license
gpgme license is wrong since the addition of the package in commit
https://git.openwrt.org/?p=feed/packages.git;a=commit;h=
3e39633b75e7d26f3666bce9c2e97d268f0fd068
Indeed, gpgme has been licensed under LPGL-2.1+ since version 1.0.2 back
in 2004 [1]:
Noteworthy changes in version 1.0.2 (2004-12-28)
------------------------------------------------
* Changed the license of the library to the GNU Lesser General Public
License (LGPL), version 2.1 or later.
[1]: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gpgme.git;a=blob;f=NEWS;h=
2475a877a40817f575accd22a386bfd5f0a66aad;hb=HEAD
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit
e8bbeb05b9a8fe67073d2cc5c00fce32e70ce868)
Hirokazu MORIKAWA [Wed, 10 Jul 2024 00:08:37 +0000 (09:08 +0900)]
node: July 8, 2024 Security Releases
This is a security release.
Notable Changes
CVE-2024-36138 - Bypass incomplete fix of CVE-2024-27980 (High)
CVE-2024-22020 - Bypass network import restriction via data URL (Medium)
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
Milinda Brantini [Sun, 7 Jul 2024 02:23:51 +0000 (10:23 +0800)]
golang: Update to 1.21.12
go1.21.12 (2024-07-02) includes security fixes to the net/http package,
as well as bug fixes to the compiler, the go command, the runtime,
and the crypto/x509, net/http, net/netip, and os packages.
Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
Andrey Butirsky [Sun, 24 Sep 2023 23:39:02 +0000 (02:39 +0300)]
sms-tool: version bump to 2023-09-21
Fixes:
"no SMS Messages if some of them contain From: field with special symbols":
https://github.com/4IceG/luci-app-sms-tool-js/issues/9
Signed-off-by: Andrey Butirsky <butirsky@gmail.com>
Lu jicong [Wed, 3 Jul 2024 11:51:28 +0000 (19:51 +0800)]
rust: select correct architecture for armv5
Currently, armv5 and armv6 targets are both using armv6 rustc.
Without this patch, rust programs in armv5 targets throw illegal instruction
error.
Signed-off-by: Lu jicong <jiconglu58@gmail.com>
(cherry picked from commit
84464a656c88bb8c5c3b1f57be9804f1551524d5)
Florian Eckert [Mon, 13 May 2024 10:37:18 +0000 (12:37 +0200)]
rust: add patch to fix remote filesystem issue
If the download directory is on another filesystem (NFS), then the
current implementation of bootstrapping rust fails. Because the 'syscall'
(rename) does not work on crossing filesystem boundary.
This chnage was already merged upstream to the github main rust repository.
rust-lang/rust#124975
The patch has been rebased so that it can be applied correctly.
No functional change.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit
6b6c74dca86036c5ccfde236816a40e5895303d6)
Tianling Shen [Sat, 4 May 2024 10:39:44 +0000 (18:39 +0800)]
rust: Update to 1.78.0
- Switch back to .gz tarball
- Replace local bootstrap cache hack with upstreamed option
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
c1b3e0440f67bcec101a3f72525f9c90eb4e6497)
Andreas Gnau [Fri, 5 Jul 2024 12:06:18 +0000 (14:06 +0200)]
jq: Add PKG_CPE_ID
Signed-off-by: Andreas Gnau <andreas.gnau@iopsys.eu>
(cherry picked from commit
7e5332e3cdd9f7a463a9961709e3d877f2e3ff97)
Andreas Gnau [Fri, 5 Jul 2024 12:06:03 +0000 (14:06 +0200)]
uwsgi: Add PKG_CPE_ID
Signed-off-by: Andreas Gnau <andreas.gnau@iopsys.eu>
(cherry picked from commit
9477f71f99dca89d1d0b20862b20cf315d2ea27a)
Andreas Gnau [Fri, 5 Jul 2024 12:02:08 +0000 (14:02 +0200)]
mxml: Add PKG_CPE_ID
Signed-off-by: Andreas Gnau <andreas.gnau@iopsys.eu>
(cherry picked from commit
fc043c003926ae5d234c38ac0115ad10e7221c46)
Alexander Couzens [Mon, 18 Sep 2023 22:54:17 +0000 (00:54 +0200)]
net/iperf: assign PKG_CPE_ID
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
(cherry picked from commit
85a9ea33ec028fbf96b86633e89aa3b3fb27875d)
Alexander Couzens [Mon, 18 Sep 2023 22:54:52 +0000 (00:54 +0200)]
net/iperf3: assign PKG_CPE_ID
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
(cherry picked from commit
e97f763a7281b543dfb9709cf84da97f28bbf0db)
Fabrice Fontaine [Wed, 24 Jan 2024 14:50:10 +0000 (15:50 +0100)]
net/i2pd: assign PKG_CPE_ID
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Ai2pd%3Ai2pd
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit
4ea63a66d0de1b365e85a722450a62a71d8adadc)
Fabrice Fontaine [Wed, 24 Jan 2024 17:47:43 +0000 (18:47 +0100)]
libs/libvpx: fix PKG_CPE_ID
There is not a single CVEs under cpe:/a:john_koleszar:libvpx
so use cpe:/a:webmproject:libvpx:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Awebmproject%3Alibvpx
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit
37a60ca9349cb3cc638eada1186eb24d9826a442)
Fabrice Fontaine [Wed, 24 Jan 2024 21:48:33 +0000 (22:48 +0100)]
libs/apr: fix PKG_CPE_ID
There is not a single CVE under cpe:/a:apache:apr
so use cpe:/a:apache:portable_runtime:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aapache%3Aportable_runtime
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit
a9ddc8e373945437d58e976b6c20bbc44ba31b67)
Fabrice Fontaine [Wed, 24 Jan 2024 21:39:42 +0000 (22:39 +0100)]
libs/libestr: assign PKG_CPE_ID
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aadiscon%3Alibestr
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit
2d0649c1c9737bac40f079c87eebb16f1acda656)
Fabrice Fontaine [Thu, 25 Jan 2024 17:33:36 +0000 (18:33 +0100)]
net/tcpreplay: fix PKG_CPE_ID
There is not a single CVE under cpe:/a:appneta:tcpreplay
so use cpe:/a:broadcom:tcpreplay:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:broadcom:tcpreplay
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit
52282b2ed949bb8f3ae008592969eb1cf3914e84)
Fabrice Fontaine [Thu, 25 Jan 2024 20:27:06 +0000 (21:27 +0100)]
utils/cryptsetup: assign PKG_CPE_ID
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:cryptsetup_project:cryptsetup
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit
cf0d28bf8c1b84a343ac0045564dad1ca9463163)
Fabrice Fontaine [Thu, 25 Jan 2024 21:15:08 +0000 (22:15 +0100)]
libs/fmtlib: assign PKG_CPE_ID
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:fmt:fmt
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit
903d0100202f249e62d05f382ab0f284e4b53d49)
Fabrice Fontaine [Thu, 25 Jan 2024 07:57:31 +0000 (08:57 +0100)]
net/atftp: assign PKG_CPE_ID
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:atftp_project:atftp
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit
154fda59335fa0730a2e35af00a43a3c991fdc2e)
Fabrice Fontaine [Thu, 25 Jan 2024 17:47:52 +0000 (18:47 +0100)]
libs/libyang: assign PKG_CPE_ID
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:cesnet:libyang
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit
3c823356581c8b2d0eb99705e335d721e300c9e7)
Fabrice Fontaine [Thu, 25 Jan 2024 21:19:56 +0000 (22:19 +0100)]
multimedia/gst1-plugins-bad: assign PKG_CPE_ID
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:freedesktop:gst-plugins-bad
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit
480aaec2caf2dfd00ea06858ceaf446347c5ceaa)
Fabrice Fontaine [Thu, 25 Jan 2024 21:58:07 +0000 (22:58 +0100)]
lang/vala: assign PKG_CPE_ID
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:gnome:vala
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit
72e92747a784e122cfba37ff4548255d47e2e8b5)
Fabrice Fontaine [Thu, 25 Jan 2024 21:36:46 +0000 (22:36 +0100)]
libs/freetype: fix PKG_CPE_ID
There is not a single CVE under cpe:/a:freetype:freetype2
so use cpe:/a:freetype:freetype:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:freetype:freetype
Fixes: 456ae2f541f698e6b9106b696d385d52164ed860
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit
eb2c47d493d4ef6338e1c1e92d982e2ebad43591)
Fabrice Fontaine [Thu, 25 Jan 2024 20:43:47 +0000 (21:43 +0100)]
utils/domoticz: assign PKG_CPE_ID
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:domoticz:domoticz
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit
1ebffab763d0813ce7b6300c64a03dca765ddf25)
Fabrice Fontaine [Thu, 25 Jan 2024 21:25:23 +0000 (22:25 +0100)]
libs/libinput: assign PKG_CPE_ID
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:freedesktop:libinput
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit
17d25745bad380bd197ca4d4bda49accdc18aa04)
Fabrice Fontaine [Thu, 25 Jan 2024 20:58:40 +0000 (21:58 +0100)]
net/fail2ban: assign PKG_CPE_ID
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:fail2ban:fail2ban
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit
4d18c15388b64a281f5b877e4855b68d5eec6f35)
Fabrice Fontaine [Thu, 25 Jan 2024 20:21:36 +0000 (21:21 +0100)]
utils/crun: assign PKG_CPE_ID
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:crun_project:crun
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit
a22a7b92c8e1cb78769afbfda598953b54397036)
Fabrice Fontaine [Thu, 25 Jan 2024 21:42:17 +0000 (22:42 +0100)]
utils/pax-utils: assign PKG_CPE_ID
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:gentoo:pax-utils
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit
37223bbca64de4e7eacb58d1d24d259fa967661a)
Fabrice Fontaine [Thu, 25 Jan 2024 20:39:30 +0000 (21:39 +0100)]
lang/python/python-docker: assign PKG_CPE_ID
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:docker:docker-py
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit
dd52b70c4c17c0a7d093173c269fc99acb684876)
Fabrice Fontaine [Thu, 25 Jan 2024 08:02:12 +0000 (09:02 +0100)]
admin/atop: assign PKG_CPE_ID
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:atop_project:atop
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit
07de80e8b49b03091ae7b2973e3060c2fa33b66b)
Fabrice Fontaine [Thu, 25 Jan 2024 21:29:06 +0000 (22:29 +0100)]
libs/libmbim: assign PKG_CPE_ID
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:freedesktop:libmbim
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit
c24fb4a2f7083c858ad2e9764242cf1b5c2e1a61)
Fabrice Fontaine [Thu, 25 Jan 2024 21:03:09 +0000 (22:03 +0100)]
net/fastd: assign PKG_CPE_ID
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:fastd_project:fastd
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit
9404f17af14b561cd40f64c1ec3f9d7c25633f4f)
Fabrice Fontaine [Thu, 25 Jan 2024 17:26:16 +0000 (18:26 +0100)]
utils/augeas: assign PKG_CPE_ID
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:augeas:augeas
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit
229fccfc251272373e347552a404e0f3a6f3034f)
Fabrice Fontaine [Thu, 25 Jan 2024 17:52:05 +0000 (18:52 +0100)]
utils/cgroupfs-mount: assign PKG_CPE_ID
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:cgroupfs-mount_project:cgroupfs-mount
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit
f91be9a87f04249ee615a9379f2f3e5fd91c47f4)
Fabrice Fontaine [Wed, 24 Jan 2024 21:31:37 +0000 (22:31 +0100)]
utils/acl: assign PKG_CPE_ID
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aacl_project%3Aacl
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit
0d4d5546249b3e013251507bf9d2bdf995b5666d)
Fabrice Fontaine [Thu, 25 Jan 2024 17:39:36 +0000 (18:39 +0100)]
net/bwm-ng: assign PKG_CPE_ID
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:bwm-ng_project:bwm-ng
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit
ff56f877330035e0a5367e80ca56b1eac7fb3b2d)
Fabrice Fontaine [Thu, 25 Jan 2024 21:49:41 +0000 (22:49 +0100)]
libs/libgee: assign PKG_CPE_ID
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:gnome:libgee
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit
4bdc29ece49d9e4706b31c7243a9ad0ed3eaae6c)
Fabrice Fontaine [Thu, 1 Feb 2024 21:12:24 +0000 (22:12 +0100)]
libs/libpam: fix PKG_CPE_ID
linux-pam:linux-pam is a better CPE ID than kernel:linux-pam as this CPE
ID has the latest CVEs (whereas kernel:linux-pam only has a
SUSE-specific CVE):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:linux-pam:linux-pam
Fix:
6f74b0c4f15a095b1069a8aaeb19a32dfbc7539a
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit
2269848bffffba9b6adf44c75b676f642a1fd893)
Fabrice Fontaine [Thu, 1 Feb 2024 22:22:16 +0000 (23:22 +0100)]
net/krb5: fix PKG_CPE_ID
mit:kerberos_5 is a better CPE ID than mit:kerberos as this CPE ID has
the latest CVEs (whereas mit:kerberos only has CVEs until 2018):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:mit:kerberos_5
Fix:
299e5b0a9bce19d6e96cb9ff217028b36ee2dd36
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit
302761f0e81d7a9729849384a77ffe62273ec527)
Fabrice Fontaine [Thu, 1 Feb 2024 17:24:48 +0000 (18:24 +0100)]
libs/vips: fix PKG_CPE_ID
libvips:libvips is a better CPE ID than vips:vips as this CPE ID has the
latest CVEs (whereas vips only has an old CVE from 2010):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:libvips:libvips
Fix:
299e5b0a9bce19d6e96cb9ff217028b36ee2dd36
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit
a220c04b5007ac53042603c4642cf760262b5fc8)
Fabrice Fontaine [Fri, 2 Feb 2024 19:18:23 +0000 (20:18 +0100)]
admin/sudo: fix PKG_CPE_ID
sudo_project:sudo is a better CPE ID than todd_miller:sudo as this CPE
ID has the latest CVEs (whereas todd_miller:sudo only has CVEs up to
2016):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:sudo_project:sudo
Fixes: 8ce9f30c421255c514b1b2e41fc92eafd7976583 (sudo: Update to 1.8.24)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit
253944fc6255c9984d52a0bea82a4f95926fb554)
Fabrice Fontaine [Fri, 2 Feb 2024 19:08:34 +0000 (20:08 +0100)]
utils/squashfs-tools: fix PKG_CPE_ID
There is not a single CVE linked to phillip_lougher:squashfs so use
squashfs-tools_project:squashfs-tools instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:squashfs-tools_project:squashfs-tools
Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit
9e770d6c1d465dc4c5c129a559ee5203a90d8f0f)
Fabrice Fontaine [Sun, 4 Feb 2024 10:06:04 +0000 (11:06 +0100)]
lang/python/python-aiohttp: fix PKG_CPE_ID
aiohttp:aiohttp is a better CPE ID than aio-libs_projet:aiohttp as this
CPE ID has the latest CVEs (whereas aio-libs_project:aiohttp only has
one CVE from 2018):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:aiohttp:aiohttp
Fixes: 2edf5034f1c09fe60af52087abe7b6fcef9433fc (python-aiohttp: add a new package)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit
8b9965fcb30f1f7401cad5ec9967e65ae72398b3)
Fabrice Fontaine [Fri, 2 Feb 2024 17:09:46 +0000 (18:09 +0100)]
lang/python/python-urllib3: fix PKG_CPE_ID
There is not a single CVE linked to urllib3_project:urllib3 so use
python:urllib3 instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:python:urllib3
Fixes: 6dcaa769d8ce8921dc3bfaf78ab9a8c1cef4a9b9 (python-urllib3: update to version 1.25)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit
d369edb57105104b7a6085b9217366705d0ca118)
Fabrice Fontaine [Fri, 2 Feb 2024 17:15:55 +0000 (18:15 +0100)]
lang/python/python-requests: fix PKG_CPE_ID
There is not a single CVE linked to python-requests:requests so use
python:requests instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:python:requests
Fixes: ceadbcbb64de727c3a974e552d9a723d532e4e40 (treewide: add PKG_CPE_ID for cvescanner)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit
c0aec8bc086af80e932a54eb9d68a29dcaa1f068)