Eric Fahlgren [Wed, 10 Jan 2024 16:10:05 +0000 (08:10 -0800)]
snort3: finish up several incomplete capabilities
Reporting
- Use json alert data for 10x speed improvement in report generation
- Include both gid and sid, plus packet direction in report output
- Add by-date incident filtering
- Add verbose mode which displays actual rules triggered and their source
- Attempt to look up host names from IPs in verbose mode
- Clean up display of port number involved in incidents
Rules
- Complete downloader for subscription rules using oinkcode (only tested
with snort.org's "free" tier subscription)
- Auto-detect multiple rules files and include them in lua 'ips.rules'
- Add '--backup' option to copy out current rules before installing new
- Add '--persistent' option to 'snort-rules', storing in persistent location
CLI interface
- Completely rework command line option parsing in all user scripts
- Allow options and commands to be in any order on command line
- Add long-form names for all options ('--help' for '-h' and so on)
- Detect errors properly in options, enhance help pages
Bug fixes
- Use 'mkdir -p' on all directory creation
- Use proper tmp directory from 'snort.snort.temp_dir' everywhere
Signed-off-by: Eric Fahlgren <ericfahlgren@gmail.com>
Jan Klos [Wed, 24 Jan 2024 16:57:27 +0000 (17:57 +0100)]
iputils: bump to
20240117
Signed-off-by: Jan Klos <jan@klos.xyz>
krant [Thu, 1 Feb 2024 15:34:58 +0000 (17:34 +0200)]
procps-ng: update to 4.0.4
- Update the patch
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
Fabrice Fontaine [Fri, 2 Feb 2024 17:37:33 +0000 (18:37 +0100)]
treewide: assign PKG_CPE_ID
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
PeterFromSweden [Sun, 28 Jan 2024 16:23:40 +0000 (17:23 +0100)]
telldus-mqtt: add new package in utils
Extends functionality of exisiting telldus-core package
Signed-off-by: PeterFromSweden <peterfromswe884@gmail.com>
krant [Wed, 31 Jan 2024 11:38:30 +0000 (13:38 +0200)]
make: update to 4.4.1
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Wed, 31 Jan 2024 09:19:34 +0000 (11:19 +0200)]
leptonica: update to 1.84.1
- remove upstreamed patch
- explicitly disable openjpeg to ignore host-installed library
- fix .cmake and .pc paths
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
Olivier Poitrey [Sun, 4 Feb 2024 23:50:54 +0000 (23:50 +0000)]
nextdns: Update to version 1.42.0
Signed-off-by: Olivier Poitrey <rs@nextdns.io>
krant [Thu, 1 Feb 2024 08:36:33 +0000 (10:36 +0200)]
imagemagick: take over maintainership
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Wed, 31 Jan 2024 12:53:27 +0000 (14:53 +0200)]
imagemagick: update to 7.1.1-27
- Use official source URL
- Add libstdcpp dependency
- Don't set configure options which are matching default values
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Wed, 31 Jan 2024 13:14:23 +0000 (15:14 +0200)]
flac: update to 1.4.3
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
Jan Hoffmann [Thu, 1 Feb 2024 20:12:05 +0000 (21:12 +0100)]
vnstat2: update to version 2.12
This version includes several new features that allow to simplify the
package significantly: The noexit patch and hotplug script are no longer
needed, and the init script doesn't have to check for legacy databases
anymore.
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
krant [Thu, 1 Feb 2024 10:37:35 +0000 (12:37 +0200)]
zstd: update to 1.5.5
- Don't set Meson options which are matching defaults
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
Konstantin Demin [Thu, 1 Feb 2024 00:29:58 +0000 (03:29 +0300)]
libcurl-gnutls: update to version 8.6.0
https://curl.se/changes.html#8_6_0
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
Fabrice Fontaine [Fri, 2 Feb 2024 22:01:37 +0000 (23:01 +0100)]
utils/ntfs-3g: fix PKG_CPE_ID
tuxera:ntfs-3g is a better CPE ID than ntfs-3g:ntfs-3g as this CPE ID
has the latest CVEs (whereas ntfs-3g:ntfs-3g only has one CVE from 2007):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:tuxera:ntfs-3g
Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Thu, 1 Feb 2024 10:13:06 +0000 (11:13 +0100)]
utils/gpsd: fix PKG_CPE_ID
gpsd_project:gpsd is a better CPE ID than berlios:gps_daemon as this CPE
ID has the latest CVEs (whereas berlios:gps_daemon only has one CVE from
2004):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:gpsd_project:gpsd
Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Fri, 2 Feb 2024 17:17:47 +0000 (18:17 +0100)]
lang/python/python-pip: fix PKG_CPE_ID
There is not a single CVE linked to python:pip so use pypa:pip instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:pypa:pip
Moreover, CPE_ID missed PKG_ prefix
Fixes: eee273507b868ad5f6f7e744d513c85330967906 (python3: Split pip into separate source package)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Fri, 2 Feb 2024 17:20:15 +0000 (18:20 +0100)]
net/nbd: fix PKG_CPE_ID
There is not a single CVE linked to network_block_device:nbd so use
network_block_device_project:network_block_device instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:network_block_device_project:network_block_device
Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Thu, 1 Feb 2024 22:31:04 +0000 (23:31 +0100)]
multimedia/motion: fix PKG_CPE_ID
motion_project:motion is a better CPE ID than lavrsen:motion as this CPE
ID has the latest CVE (whereas lavrsen:motion only a CVE from 2008):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:motion_project:motion
Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Thu, 1 Feb 2024 22:04:45 +0000 (23:04 +0100)]
net/miniupnpc: fix PKG_CPE_ID
cpe:/a:miniupnp_project:miniupnpc is the correct CPE ID for miniupnpc:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:miniupnp_project:miniupnpc
Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Thu, 1 Feb 2024 17:30:52 +0000 (18:30 +0100)]
libs/libidn2: fix PKG_CPE_ID
There is not a single CVE linked to libidn2_project:libidn2 so use
gnu:libidn2 instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:gnu:libidn2
Fixes: ceadbcbb64de727c3a974e552d9a723d532e4e40 (treewide: add PKG_CPE_ID for cvescanner)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Thu, 1 Feb 2024 17:27:39 +0000 (18:27 +0100)]
libs/expat: fix PKG_CPE_ID
There is not a single CVE linked to libexpat:expat so use
libexpat_project:libexpat instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:libexpat_project:libexpat
Fixes: 70c62ef2d77aef5d8a27ccca2b147bc2a69dc7f8 (expat: update to version 2.2.7 (security fix))
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Thu, 1 Feb 2024 21:31:08 +0000 (22:31 +0100)]
utils/lrzsz: fix PKG_CPE_ID
PKG_CPE_ID was missing ":lrzsz"
Fixes: 6d6c4b21b5e22a9f1058db5b61521a298e00a5f0 (lrzsz: update to v0.12.21rc and fix a CVE)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Sun, 4 Feb 2024 21:08:51 +0000 (22:08 +0100)]
lang/python/python-paho-mqtt: fix license
python-paho-mqtt is licensed under EPL-2.0, not EPL-1.0, since version
1.6.0 and
https://github.com/eclipse/paho.mqtt.python/commit/
fabe7500fb6fde31fd98c619e0117d1c651fd18d
While at it, add LICENSE.txt to PKG_LICENSE_FILES
Fixes: 784f2a519bb8cdfaa973070f65ff9a3a481e5cd1 (python-paho-mqtt: bump to version 1.6.1)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Vladimir Ulrich [Sun, 4 Feb 2024 21:08:14 +0000 (00:08 +0300)]
zoneinfo: Updated to 2024a release
Signed-off-by: Vladimir Ulrich <admin@evl.su>
Fabrice Fontaine [Sun, 4 Feb 2024 21:46:55 +0000 (22:46 +0100)]
net/ntpd: fix license
Replace "Unique" by the standard SPDX identifier for NTP license:
https://spdx.org/licenses/NTP.html
Fixes: 1aff45c6dd36f2a5875eadaeae2ed93da8ff6d45 (ntpd: add SPDX license information)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Sun, 4 Feb 2024 21:41:03 +0000 (22:41 +0100)]
utils/lsof: fix license
Replace "Unique" by the standard SPDX identifier for lsof license:
https://spdx.org/licenses/lsof.html
Fixes: 59adfc86b9d1e5a8fb9d5c83db6546a6b49a77f5 (lsof: add license information)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Fri, 2 Feb 2024 17:48:20 +0000 (18:48 +0100)]
net/boinc: fix PKG_CPE_ID
boinc_project:boinc has never been a valid CPE ID so use
rom_walton:boinc instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:rom_walton:boinc
Fixes: 9c2bd865c715cad8646157d6bbfb669d9970c322 (boinc: new package for distributed computing/data acquisition)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Fri, 2 Feb 2024 21:23:24 +0000 (22:23 +0100)]
utils/zsh: fix PKG_CPE_ID
zsh:zsh is a better CPE ID than zsh_project:zsh as this CPE ID has the
latest CVEs (whereas zsh_project:zsh only has CVEs up to 2017):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:zsh:zsh
Fixes: ff056fcffcacf2632505bb108bf8e8c2a3cef09c (zsh: Update to 5.6.2)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Fri, 2 Feb 2024 19:50:37 +0000 (20:50 +0100)]
utils/tmux: fix PKG_CPE_ID
tmux_project:tmux is a better CPE ID than nicholas_marriott:tmux as this
CPE ID has the latest CVE (whereas nicholas_marriott:tmux only has a CVE
from 2011):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:tmux_project:tmux
Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Fri, 2 Feb 2024 19:43:57 +0000 (20:43 +0100)]
net/tinyproxy: fix PKG_CPE_ID
tinyproxy_project:tinyproxy is a better CPE ID than banu:tinyproxy as
this CPE ID has the latest CVEs (whereas banu:tinyproxy only has CVEs up
to 2012):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:tinyproxy_project:tinyproxy
Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Fri, 2 Feb 2024 19:35:54 +0000 (20:35 +0100)]
net/tinc: fix PKG_CPE_ID
tinc-vpn:tinc is a better CPE ID than tinc:tinc as this CPE ID has the
latest CVEs (whereas tinc:tinc only has CVEs up to 2002):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:tinc-vpn:tinc
Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Fri, 2 Feb 2024 20:48:01 +0000 (21:48 +0100)]
net/vsftpd: fix PKG_CPE_ID
vsftpd_project:vsftpd is a better CPE ID than beasts:vsftpd as this CPE
ID has the latest CVEs (whereas beasts:vsftpd only has CVEs up to 2015):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:vsftpd_project:vsftpd
Fixes: 1371b7be878382b8b52cd73ff72a3a41d28013c4 (vsftpd: Fix compilation without ECC or deprecated APIs)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Fri, 2 Feb 2024 17:38:11 +0000 (18:38 +0100)]
libs/redis: fix PKG_CPE_ID
There is not a single CVE linked to pivotal_software:redis so use
redis:redis instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:redis:redis
Fixes: ceadbcbb64de727c3a974e552d9a723d532e4e40 (treewide: add PKG_CPE_ID for cvescanner)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Fri, 2 Feb 2024 17:15:55 +0000 (18:15 +0100)]
lang/python/python-requests: fix PKG_CPE_ID
There is not a single CVE linked to python-requests:requests so use
python:requests instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:python:requests
Fixes: ceadbcbb64de727c3a974e552d9a723d532e4e40 (treewide: add PKG_CPE_ID for cvescanner)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Fri, 2 Feb 2024 17:09:46 +0000 (18:09 +0100)]
lang/python/python-urllib3: fix PKG_CPE_ID
There is not a single CVE linked to urllib3_project:urllib3 so use
python:urllib3 instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:python:urllib3
Fixes: 6dcaa769d8ce8921dc3bfaf78ab9a8c1cef4a9b9 (python-urllib3: update to version 1.25)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
S. Brusch [Fri, 2 Feb 2024 12:28:37 +0000 (13:28 +0100)]
crowdsec: new upstream release version 1.6.0
Update crowdsec to latest upstream release version 1.6.0
Signed-off-by: S. Brusch <ne20002@gmx.ch>
Maintainer: Kerma Gérald <gandalf@gk2.net>
Package tested: not able to test run due to limited space (package is big)
Description: update to latest version of upstream
Fabrice Fontaine [Sun, 4 Feb 2024 20:57:46 +0000 (21:57 +0100)]
libs/libgd: fix license
libgd is licensed under its own "GD" license and not MIT
Fixes: 60feea09c9d343f648045e5e85e7788e75d4e039 (libgd: import from oldpackages, add myself as maintainer, add license...)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Konstantin Demin [Wed, 31 Jan 2024 09:24:53 +0000 (12:24 +0300)]
nmap: bump package version
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
Konstantin Demin [Wed, 31 Jan 2024 09:24:53 +0000 (12:24 +0300)]
nmap: unify SSL dependencies
ssl/full variants now depend on "ca-certs" (provided by "ca-bundle" and "ca-certificates")
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
Konstantin Demin [Wed, 31 Jan 2024 09:24:53 +0000 (12:24 +0300)]
nmap: ncat: use default CA bundle
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
Jiri Slachta [Sun, 4 Feb 2024 21:42:04 +0000 (22:42 +0100)]
Merge pull request #23279 from ffontaine/fix-tiff-license
libs/tiff: fix license
Fabrice Fontaine [Sun, 4 Feb 2024 21:30:33 +0000 (22:30 +0100)]
libs/tiff: fix license
tiff is licensed under its own "libtiff" license and not BSD-3-Clause
Fixes: 364de5bc3f16eba42f93d36e848b998b3579e39e (tiff: add licensing information)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Sun, 4 Feb 2024 10:06:04 +0000 (11:06 +0100)]
lang/python/python-aiohttp: fix PKG_CPE_ID
aiohttp:aiohttp is a better CPE ID than aio-libs_projet:aiohttp as this
CPE ID has the latest CVEs (whereas aio-libs_project:aiohttp only has
one CVE from 2018):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:aiohttp:aiohttp
Fixes: 2edf5034f1c09fe60af52087abe7b6fcef9433fc (python-aiohttp: add a new package)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
krant [Thu, 1 Feb 2024 14:25:01 +0000 (16:25 +0200)]
less: update to 643
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Thu, 1 Feb 2024 15:06:57 +0000 (17:06 +0200)]
grep: update to 3.11
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
Sergey Ponomarev [Sat, 3 Feb 2024 20:13:22 +0000 (22:13 +0200)]
cloudflared: refine config.yml
The config.yml is an example of a tunnel local configuration.
But the cloudlfared treat it as a real config and fails to start.
So to avoid problems let's comment all the statements.
The `url: http://localhost:8000` is not a valid config option.
Additionally add a smale of configuring ingres rules.
The cloudflared.config has missing option token.
Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
Alexandru Ardelean [Sat, 3 Feb 2024 06:12:38 +0000 (08:12 +0200)]
Merge pull request #23263 from ffontaine/fix-sudo-cpeid
admin/sudo: fix PKG_CPE_ID
Alexandru Ardelean [Sat, 3 Feb 2024 06:05:56 +0000 (08:05 +0200)]
Merge pull request #23262 from ffontaine/fix-squashfs-tools-cpeid
utils/squashfs-tools: fix PKG_CPE_ID
Fabrice Fontaine [Fri, 2 Feb 2024 19:08:34 +0000 (20:08 +0100)]
utils/squashfs-tools: fix PKG_CPE_ID
There is not a single CVE linked to phillip_lougher:squashfs so use
squashfs-tools_project:squashfs-tools instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:squashfs-tools_project:squashfs-tools
Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Fri, 2 Feb 2024 19:18:23 +0000 (20:18 +0100)]
admin/sudo: fix PKG_CPE_ID
sudo_project:sudo is a better CPE ID than todd_miller:sudo as this CPE
ID has the latest CVEs (whereas todd_miller:sudo only has CVEs up to
2016):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:sudo_project:sudo
Fixes: 8ce9f30c421255c514b1b2e41fc92eafd7976583 (sudo: Update to 1.8.24)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
krant [Thu, 1 Feb 2024 21:10:02 +0000 (23:10 +0200)]
libidn2: update to 2.3.7
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
Stan Grishin [Fri, 2 Feb 2024 13:47:17 +0000 (06:47 -0700)]
Merge pull request #23219 from rockdrilla/curl-8.6.0
curl: update to 8.6.0
krant [Thu, 1 Feb 2024 12:06:47 +0000 (14:06 +0200)]
unrar: update to 6.2.12
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Thu, 1 Feb 2024 16:53:36 +0000 (18:53 +0200)]
tar: update to 1.35
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
Fabrice Fontaine [Thu, 1 Feb 2024 17:24:48 +0000 (18:24 +0100)]
libs/vips: fix PKG_CPE_ID
libvips:libvips is a better CPE ID than vips:vips as this CPE ID has the
latest CVEs (whereas vips only has an old CVE from 2010):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:libvips:libvips
Fix:
299e5b0a9bce19d6e96cb9ff217028b36ee2dd36
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
krant [Thu, 1 Feb 2024 21:02:01 +0000 (23:02 +0200)]
libpsl: update to 0.21.5
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
Fabrice Fontaine [Thu, 1 Feb 2024 22:22:16 +0000 (23:22 +0100)]
net/krb5: fix PKG_CPE_ID
mit:kerberos_5 is a better CPE ID than mit:kerberos as this CPE ID has
the latest CVEs (whereas mit:kerberos only has CVEs until 2018):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:mit:kerberos_5
Fix:
299e5b0a9bce19d6e96cb9ff217028b36ee2dd36
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Nikos Mavrogiannopoulos [Fri, 2 Feb 2024 08:33:15 +0000 (09:33 +0100)]
Merge pull request #23243 from ffontaine/fix-libpam-cpeid
libs/libpam: fix PKG_CPE_ID
Fabrice Fontaine [Thu, 1 Feb 2024 21:12:24 +0000 (22:12 +0100)]
libs/libpam: fix PKG_CPE_ID
linux-pam:linux-pam is a better CPE ID than kernel:linux-pam as this CPE
ID has the latest CVEs (whereas kernel:linux-pam only has a
SUSE-specific CVE):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:linux-pam:linux-pam
Fix:
6f74b0c4f15a095b1069a8aaeb19a32dfbc7539a
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Tianling Shen [Thu, 1 Feb 2024 15:21:07 +0000 (23:21 +0800)]
dnsproxy: Update to 0.64.1
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Stan Grishin [Thu, 25 Jan 2024 23:15:49 +0000 (23:15 +0000)]
nebula: update to 1.8.2-2
The following fixes have been applied to Makefile:
* fix the nebula license type
* add PKG_CPE_ID
* remove unneeded call to Build/Compile
* add leading spaces to descriptions
* add Package/nebula/conffiles definition
* remove unneeded /lib/upgrade/keep.d files
* no longer install actual license file
* add the README file
Kudos to @BKPepe and @
1715173329 for feedback which lead to these fixes
Signed-off-by: Stan Grishin <stangri@melmac.ca>
Konstantin Demin [Thu, 1 Feb 2024 00:28:09 +0000 (03:28 +0300)]
curl: update to 8.6.0
* https://curl.se/changes.html#8_6_0
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
Fabrice Fontaine [Tue, 30 Jan 2024 20:13:59 +0000 (21:13 +0100)]
libs/libdaq3: assign PKG_LICENSE_FILES
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Tue, 30 Jan 2024 21:05:54 +0000 (22:05 +0100)]
libs/libev: fix license
libev is licensed under BSD-2-Clause or GPL-2.0-or-later since its
addition to openwrt
While at it, assign PKG_LICENSE_FILES
Fixes: 67b39f8f9b703e2cf95616b8e591ec76278a5846
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Tue, 30 Jan 2024 20:08:51 +0000 (21:08 +0100)]
utils/pv: assign PKG_LICENSE_FILES
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Tue, 30 Jan 2024 21:15:08 +0000 (22:15 +0100)]
libs/libpciaccess: assign PKG_LICENSE
libpciaccess is licensed under MIT
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Tue, 30 Jan 2024 21:34:14 +0000 (22:34 +0100)]
net/tor: add license
tor is licensed under BSD-3-Clause
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Tue, 30 Jan 2024 20:06:31 +0000 (21:06 +0100)]
devel/automake: fix license
automake is licensed under GPL-2.0-or-later, not GPL-3.0-or-later:
https://git.savannah.gnu.org/cgit/automake.git/tree/COPYING
indeed switch to GPL-3.0-or-later was reverted a long time ago (i.e.
before its addition to openwrt) by
https://git.savannah.gnu.org/cgit/automake.git/commit/?id=
fcf2f56062e384455ec8b1aed943af33f20c27c7
While at it, add the license file
Fixes: c6ac1e3f76ecd92d02d82c5729bbd1f2bd64922b
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Tue, 30 Jan 2024 20:27:53 +0000 (21:27 +0100)]
treewide: fix licence typos
- PKG_LICENCE -> PKG_LICENSE
- PKC_LICENSE_FILES -> PKG_LICENSE_FILES
- BSD 3-Clause -> BSD-3-Clause
- BSD-3-clause -> BSD-3-Clause
- BSD-2-clause -> BSD-2-Clause
- Public Domain -> Public-Domain
- PublicDomain -> Public-Domain
- Drop unneeded ',' in PKG_LICENSE or PKG_LICENSE_FILES
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Jiri Slachta [Wed, 31 Jan 2024 17:36:25 +0000 (18:36 +0100)]
Merge pull request #23213 from krant/tiff
tiff: update to 4.6.0
krant [Wed, 31 Jan 2024 11:15:14 +0000 (13:15 +0200)]
libjpeg-trubo: update to 3.0.2
- Switch source URL to Github since upstream migrated there
- Remove CMake options which are obsolete or match default values
- Don't disable arithmetic encoding/decoding since it's the standard
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Wed, 31 Jan 2024 12:04:21 +0000 (14:04 +0200)]
tiff: update to 4.6.0
- Don't set CMake options which are on by default
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
Javier Marcet [Wed, 31 Jan 2024 07:30:14 +0000 (08:30 +0100)]
docker-compose: Update to version 2.24.5
Signed-off-by: Javier Marcet <javier@marcet.info>
Hannu Nyman [Tue, 30 Jan 2024 18:47:51 +0000 (20:47 +0200)]
xz: Update to 5.4.6
Update xz to match the version 5.4.6 in tools/
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Fabrice Fontaine [Tue, 30 Jan 2024 07:23:18 +0000 (08:23 +0100)]
utils/vim: add license info
vim is licensed under its own Vim license:
https://spdx.org/licenses/Vim.html
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Tue, 30 Jan 2024 07:06:23 +0000 (08:06 +0100)]
utils/augeas: assign PKG_LICENSE_FILES
augeas provides a COPYING file since its addition to openwrt
Fixes: 7fc497dd67727225e875d5b13a5c76437815e277
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Tianling Shen [Tue, 30 Jan 2024 15:41:36 +0000 (23:41 +0800)]
inih: Update to r58
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Tianling Shen [Tue, 30 Jan 2024 15:41:30 +0000 (23:41 +0800)]
rclone: Update to 1.65.2
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Tianling Shen [Tue, 30 Jan 2024 15:41:25 +0000 (23:41 +0800)]
cloudflared: Update to 2024.1.5
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Tianling Shen [Tue, 30 Jan 2024 15:41:21 +0000 (23:41 +0800)]
dos2unix: Update to 7.5.2
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Javier Marcet [Mon, 29 Jan 2024 22:12:30 +0000 (23:12 +0100)]
docker-compose: Update to version 2.24.4
Signed-off-by: Javier Marcet <javier@marcet.info>
Álvaro Fernández Rojas [Sat, 27 Jan 2024 18:50:20 +0000 (19:50 +0100)]
ffmpeg: add V4L2 support
Enable V4L2 support on ffmpeg-full package.
Tested using V4L2 Raspberry Pi 4 encoder/decoder.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Erik Conijn [Wed, 17 Jan 2024 12:31:37 +0000 (13:31 +0100)]
openvpn: add missing script-security
Maintainer: @mkrkn @neheb
Compile tested: armv7, cortexA15, OpenWRT 23.05
Run tested: Linksys EA8500
Compile tested: armv8, cortexA53, OpenWRT main
Run tested: Dynalink DL-WRX36
Description:
Script-security is always 2 and cannot be changed from the openvpn config file due to a missing rule in openvpn.init.
This is discussed in issue #23014
This patch adds the missing rule in openvpn.init to parse script-security from the openvpn config file.
Signed-off-by: Erik Conijn <egc112@msn.com>
krant [Wed, 10 Jan 2024 13:53:19 +0000 (15:53 +0200)]
erlang: remove CFLAGS modification since it has been fixed in the upstream
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Wed, 10 Jan 2024 13:27:01 +0000 (15:27 +0200)]
erlang: update to 26.2.1
- Update to Erlang/OTP 26.2.1
- Remove obsolete configure options
- Remove obsolete patches, add new one
- Add missing no_dot_erlang.boot file (fixes #20587)
- Change package URL to https
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
Fabrice Fontaine [Thu, 25 Jan 2024 21:49:41 +0000 (22:49 +0100)]
libs/libgee: assign PKG_CPE_ID
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:gnome:libgee
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Thu, 25 Jan 2024 17:39:36 +0000 (18:39 +0100)]
net/bwm-ng: assign PKG_CPE_ID
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:bwm-ng_project:bwm-ng
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Wed, 24 Jan 2024 21:31:37 +0000 (22:31 +0100)]
utils/acl: assign PKG_CPE_ID
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aacl_project%3Aacl
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Thu, 25 Jan 2024 17:52:05 +0000 (18:52 +0100)]
utils/cgroupfs-mount: assign PKG_CPE_ID
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:cgroupfs-mount_project:cgroupfs-mount
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Thu, 25 Jan 2024 17:26:16 +0000 (18:26 +0100)]
utils/augeas: assign PKG_CPE_ID
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:augeas:augeas
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Thu, 25 Jan 2024 21:03:09 +0000 (22:03 +0100)]
net/fastd: assign PKG_CPE_ID
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:fastd_project:fastd
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Thu, 25 Jan 2024 21:29:06 +0000 (22:29 +0100)]
libs/libmbim: assign PKG_CPE_ID
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:freedesktop:libmbim
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Thu, 25 Jan 2024 08:02:12 +0000 (09:02 +0100)]
admin/atop: assign PKG_CPE_ID
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:atop_project:atop
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Thu, 25 Jan 2024 20:39:30 +0000 (21:39 +0100)]
lang/python/python-docker: assign PKG_CPE_ID
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:docker:docker-py
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Thu, 25 Jan 2024 21:42:17 +0000 (22:42 +0100)]
utils/pax-utils: assign PKG_CPE_ID
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:gentoo:pax-utils
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Thu, 25 Jan 2024 20:21:36 +0000 (21:21 +0100)]
utils/crun: assign PKG_CPE_ID
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:crun_project:crun
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Thu, 25 Jan 2024 20:58:40 +0000 (21:58 +0100)]
net/fail2ban: assign PKG_CPE_ID
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:fail2ban:fail2ban
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Thu, 25 Jan 2024 21:25:23 +0000 (22:25 +0100)]
libs/libinput: assign PKG_CPE_ID
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:freedesktop:libinput
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fabrice Fontaine [Thu, 25 Jan 2024 20:43:47 +0000 (21:43 +0100)]
utils/domoticz: assign PKG_CPE_ID
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:domoticz:domoticz
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>