adguardhome: Update to 0.107.46

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>

adguardhome: Update to 0.107.42

Signed-off-by: Zuev Aleksandr <A.Zuev@stdev.su>
(cherry picked from commit 050f13c2c7d0c35f497ddac005dcf4ada19efbf8)

adguardhome: wait for interfaces to be up at boot

This should allow the service to be activated even earlier during
the boot process and also avoids race condition against network.

Signed-off-by: Hiếu Lê <leorize+oss@disroot.org>
(cherry picked from commit d00131e2a0c8e846b42df22eda6c8356d4fce4a9)

Merge pull request #24546 from ynezz/ynezz/openwrt-23.05/license-fixes-backports

[23.05] backport package license fixes

v2raya: update to 2.2.5.6

chore(deps): bump golang.org/x/net from 0.18.0 to 0.23.0 in /service

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
(cherry picked from commit 5a05a3a2b9c1343c585fbbd291a91807104257d4)

v2raya: update to 2.2.5.5

Fix: docker dev environment build.
Remove is-text in button style.
Add tun mode with sing-tun.
Publish docker images on Github Container Registry.
Ci: add separated singtun workflow.

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
(cherry picked from commit edb50c24fc61a14664017981c8ba0b4096d96c0a)

apfree-wifidog: Update to 7.07.2018

Signed-off-by: Dengfeng Liu <liudf0716@gmail.com>
(cherry picked from commit b6431127400f2858216c72c3175de9643620e11c)

apfree-wifidog: support wildcard domain

Signed-off-by: Dengfeng Liu <liudf0716@gmail.com>
(cherry picked from commit ca8fe51fd8b6067bf671d627c57911d299ab940c)

lang/python/python-paho-mqtt: fix license

python-paho-mqtt is licensed under EPL-2.0, not EPL-1.0, since version
1.6.0 and
https://github.com/eclipse/paho.mqtt.python/commit/fabe7500fb6fde31fd98c619e0117d1c651fd18d

While at it, add LICENSE.txt to PKG_LICENSE_FILES

Fixes: 784f2a519bb8cdfaa973070f65ff9a3a481e5cd1 (python-paho-mqtt: bump to version 1.6.1)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit 3380427f2929f838a7014fd74209c5ed41270176)

net/ntpd: fix license

Replace "Unique" by the standard SPDX identifier for NTP license:
https://spdx.org/licenses/NTP.html

Fixes: 1aff45c6dd36f2a5875eadaeae2ed93da8ff6d45 (ntpd: add SPDX license information)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit f7ad88678d00babe5b82e62aa6708a0dea1ef315)

utils/lsof: fix license

Replace "Unique" by the standard SPDX identifier for lsof license:
https://spdx.org/licenses/lsof.html

Fixes: 59adfc86b9d1e5a8fb9d5c83db6546a6b49a77f5 (lsof: add license information)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz> [backport]
(cherry picked from commit 9111b290d1dd67a1c7bb017c17569b3a35055eef)

libs/libgd: fix license

libgd is licensed under its own "GD" license and not MIT

Fixes: 60feea09c9d343f648045e5e85e7788e75d4e039 (libgd: import from oldpackages, add myself as maintainer, add license...)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit 41c998224d20160d7b5ecaf173df42bd5f6dc7a4)

libs/tiff: fix license

tiff is licensed under its own "libtiff" license and not BSD-3-Clause

Fixes: 364de5bc3f16eba42f93d36e848b998b3579e39e (tiff: add licensing information)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit ae165deaf5a708fcbcfc8c48e3866ec7e048ba00)

libs/libev: fix license

libev is licensed under BSD-2-Clause or GPL-2.0-or-later since its
addition to openwrt

While at it, assign PKG_LICENSE_FILES

Fixes: 67b39f8f9b703e2cf95616b8e591ec76278a5846
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit 070fc8021c9376b74c7350edba0f551ccf28f8bf)

net/tor: add license

tor is licensed under BSD-3-Clause

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit 63c942cedbb5eb647d0e39690f8d90b4bfd285c0)

devel/automake: fix license

automake is licensed under GPL-2.0-or-later, not GPL-3.0-or-later:
https://git.savannah.gnu.org/cgit/automake.git/tree/COPYING
indeed switch to GPL-3.0-or-later was reverted a long time ago (i.e.
before its addition to openwrt) by
https://git.savannah.gnu.org/cgit/automake.git/commit/?id=fcf2f56062e384455ec8b1aed943af33f20c27c7

While at it, add the license file

Fixes: c6ac1e3f76ecd92d02d82c5729bbd1f2bd64922b
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit f3e54bda3131c97fd07af50c12ae7eade768b58b)

utils/vim: add license info

vim is licensed under its own Vim license:
https://spdx.org/licenses/Vim.html

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit 584f4e71980efca2e98923008c85c5524f38a7a6)

libassuan: Fix license

libassuan license is wrong since the addition of the package in commit
https://git.openwrt.org/?p=feed/packages.git;a=commit;h=e24e8fa98c813911419271d64433deb2b453fa02

Indeed, libassuan has been licensed under LGPL-2.1+ since version 1.0.3
back in 2007 [1]:

Noteworthy changes in version 1.0.3 (2007-08-24)
------------------------------------------------

 * Changed the license of the library code back to LGPLv2.1 to support
   a bunch of GPLv2(only) software which does not allow the use of
   LGPLv3.  Note that this is only a temporary change and authors of
   GPLv2(only) software are asked to switch to GPLv3 or to add an
   exception which allow the use of LPGLv3 software.

[1]: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libassuan.git;a=blob;f=NEWS;h=3a86eca4175fbcb12bb00722c2047062df67a46d;hb=HEAD

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit cb9b994a53efaeecd6953b5e6d6ef4f440ff2d26)

gpgme: Fix license

gpgme license is wrong since the addition of the package in commit
https://git.openwrt.org/?p=feed/packages.git;a=commit;h=3e39633b75e7d26f3666bce9c2e97d268f0fd068

Indeed, gpgme has been licensed under LPGL-2.1+ since version 1.0.2 back
in 2004 [1]:

Noteworthy changes in version 1.0.2 (2004-12-28)
------------------------------------------------

 * Changed the license of the library to the GNU Lesser General Public
   License (LGPL), version 2.1 or later.

[1]: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gpgme.git;a=blob;f=NEWS;h=2475a877a40817f575accd22a386bfd5f0a66aad;hb=HEAD

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit e8bbeb05b9a8fe67073d2cc5c00fce32e70ce868)

node: July 8, 2024 Security Releases

This is a security release.

Notable Changes

    CVE-2024-36138 - Bypass incomplete fix of CVE-2024-27980 (High)
    CVE-2024-22020 - Bypass network import restriction via data URL (Medium)

Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>

golang: Update to 1.21.12

go1.21.12 (2024-07-02) includes security fixes to the net/http package,
as well as bug fixes to the compiler, the go command, the runtime,
and the crypto/x509, net/http, net/netip, and os packages.

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>

sms-tool: version bump to 2023-09-21

Fixes:
"no SMS Messages if some of them contain From: field with special symbols":
https://github.com/4IceG/luci-app-sms-tool-js/issues/9

Signed-off-by: Andrey Butirsky <butirsky@gmail.com>

rust: select correct architecture for armv5

Currently, armv5 and armv6 targets are both using armv6 rustc.
Without this patch, rust programs in armv5 targets throw illegal instruction
error.

Signed-off-by: Lu jicong <jiconglu58@gmail.com>
(cherry picked from commit 84464a656c88bb8c5c3b1f57be9804f1551524d5)

rust: add patch to fix remote filesystem issue

If the download directory is on another filesystem (NFS), then the
current implementation of bootstrapping rust fails. Because the 'syscall'
(rename) does not work on crossing filesystem boundary.

This chnage was already merged upstream to the github main rust repository.
rust-lang/rust#124975

The patch has been rebased so that it can be applied correctly.
No functional change.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit 6b6c74dca86036c5ccfde236816a40e5895303d6)

rust: Update to 1.78.0

- Switch back to .gz tarball
- Replace local bootstrap cache hack with upstreamed option

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit c1b3e0440f67bcec101a3f72525f9c90eb4e6497)

jq: Add PKG_CPE_ID

Signed-off-by: Andreas Gnau <andreas.gnau@iopsys.eu>
(cherry picked from commit 7e5332e3cdd9f7a463a9961709e3d877f2e3ff97)

uwsgi: Add PKG_CPE_ID

Signed-off-by: Andreas Gnau <andreas.gnau@iopsys.eu>
(cherry picked from commit 9477f71f99dca89d1d0b20862b20cf315d2ea27a)

mxml: Add PKG_CPE_ID

Signed-off-by: Andreas Gnau <andreas.gnau@iopsys.eu>
(cherry picked from commit fc043c003926ae5d234c38ac0115ad10e7221c46)

net/iperf: assign PKG_CPE_ID

Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
(cherry picked from commit 85a9ea33ec028fbf96b86633e89aa3b3fb27875d)

net/iperf3: assign PKG_CPE_ID

Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
(cherry picked from commit e97f763a7281b543dfb9709cf84da97f28bbf0db)

net/i2pd: assign PKG_CPE_ID

https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Ai2pd%3Ai2pd

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit 4ea63a66d0de1b365e85a722450a62a71d8adadc)

libs/libvpx: fix PKG_CPE_ID

There is not a single CVEs under cpe:/a:john_koleszar:libvpx
so use cpe:/a:webmproject:libvpx:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Awebmproject%3Alibvpx

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit 37a60ca9349cb3cc638eada1186eb24d9826a442)

libs/apr: fix PKG_CPE_ID

There is not a single CVE under cpe:/a:apache:apr
so use cpe:/a:apache:portable_runtime:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aapache%3Aportable_runtime

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit a9ddc8e373945437d58e976b6c20bbc44ba31b67)

libs/libestr: assign PKG_CPE_ID

https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aadiscon%3Alibestr

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit 2d0649c1c9737bac40f079c87eebb16f1acda656)

net/tcpreplay: fix PKG_CPE_ID

There is not a single CVE under cpe:/a:appneta:tcpreplay
so use cpe:/a:broadcom:tcpreplay:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:broadcom:tcpreplay

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit 52282b2ed949bb8f3ae008592969eb1cf3914e84)

utils/cryptsetup: assign PKG_CPE_ID

https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:cryptsetup_project:cryptsetup

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit cf0d28bf8c1b84a343ac0045564dad1ca9463163)

libs/fmtlib: assign PKG_CPE_ID

https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:fmt:fmt

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit 903d0100202f249e62d05f382ab0f284e4b53d49)

net/atftp: assign PKG_CPE_ID

https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:atftp_project:atftp

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit 154fda59335fa0730a2e35af00a43a3c991fdc2e)

libs/libyang: assign PKG_CPE_ID

https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:cesnet:libyang

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit 3c823356581c8b2d0eb99705e335d721e300c9e7)

multimedia/gst1-plugins-bad: assign PKG_CPE_ID

https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:freedesktop:gst-plugins-bad

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit 480aaec2caf2dfd00ea06858ceaf446347c5ceaa)

lang/vala: assign PKG_CPE_ID

https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:gnome:vala

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit 72e92747a784e122cfba37ff4548255d47e2e8b5)

libs/freetype: fix PKG_CPE_ID

There is not a single CVE under cpe:/a:freetype:freetype2
so use cpe:/a:freetype:freetype:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:freetype:freetype

Fixes: 456ae2f541f698e6b9106b696d385d52164ed860
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit eb2c47d493d4ef6338e1c1e92d982e2ebad43591)

utils/domoticz: assign PKG_CPE_ID

https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:domoticz:domoticz

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit 1ebffab763d0813ce7b6300c64a03dca765ddf25)

libs/libinput: assign PKG_CPE_ID

https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:freedesktop:libinput

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit 17d25745bad380bd197ca4d4bda49accdc18aa04)

net/fail2ban: assign PKG_CPE_ID

https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:fail2ban:fail2ban

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit 4d18c15388b64a281f5b877e4855b68d5eec6f35)

utils/crun: assign PKG_CPE_ID

https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:crun_project:crun

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit a22a7b92c8e1cb78769afbfda598953b54397036)

utils/pax-utils: assign PKG_CPE_ID

https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:gentoo:pax-utils

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit 37223bbca64de4e7eacb58d1d24d259fa967661a)

lang/python/python-docker: assign PKG_CPE_ID

https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:docker:docker-py

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit dd52b70c4c17c0a7d093173c269fc99acb684876)

admin/atop: assign PKG_CPE_ID

https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:atop_project:atop

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit 07de80e8b49b03091ae7b2973e3060c2fa33b66b)

libs/libmbim: assign PKG_CPE_ID

https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:freedesktop:libmbim

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit c24fb4a2f7083c858ad2e9764242cf1b5c2e1a61)

net/fastd: assign PKG_CPE_ID

https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:fastd_project:fastd

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit 9404f17af14b561cd40f64c1ec3f9d7c25633f4f)

utils/augeas: assign PKG_CPE_ID

https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:augeas:augeas

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit 229fccfc251272373e347552a404e0f3a6f3034f)

utils/cgroupfs-mount: assign PKG_CPE_ID

https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:cgroupfs-mount_project:cgroupfs-mount

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit f91be9a87f04249ee615a9379f2f3e5fd91c47f4)

utils/acl: assign PKG_CPE_ID

https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aacl_project%3Aacl

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit 0d4d5546249b3e013251507bf9d2bdf995b5666d)

net/bwm-ng: assign PKG_CPE_ID

https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:bwm-ng_project:bwm-ng

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit ff56f877330035e0a5367e80ca56b1eac7fb3b2d)

libs/libgee: assign PKG_CPE_ID

https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:gnome:libgee

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit 4bdc29ece49d9e4706b31c7243a9ad0ed3eaae6c)

libs/libpam: fix PKG_CPE_ID

linux-pam:linux-pam is a better CPE ID than kernel:linux-pam as this CPE
ID has the latest CVEs (whereas kernel:linux-pam only has a
SUSE-specific CVE):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:linux-pam:linux-pam

Fix: 6f74b0c4f15a095b1069a8aaeb19a32dfbc7539a

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit 2269848bffffba9b6adf44c75b676f642a1fd893)

net/krb5: fix PKG_CPE_ID

mit:kerberos_5 is a better CPE ID than mit:kerberos as this CPE ID has
the latest CVEs (whereas mit:kerberos only has CVEs until 2018):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:mit:kerberos_5

Fix: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit 302761f0e81d7a9729849384a77ffe62273ec527)

libs/vips: fix PKG_CPE_ID

libvips:libvips is a better CPE ID than vips:vips as this CPE ID has the
latest CVEs (whereas vips only has an old CVE from 2010):

  https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:libvips:libvips

Fix: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit a220c04b5007ac53042603c4642cf760262b5fc8)

admin/sudo: fix PKG_CPE_ID

sudo_project:sudo is a better CPE ID than todd_miller:sudo as this CPE
ID has the latest CVEs (whereas todd_miller:sudo only has CVEs up to
2016):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:sudo_project:sudo

Fixes: 8ce9f30c421255c514b1b2e41fc92eafd7976583 (sudo: Update to 1.8.24)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit 253944fc6255c9984d52a0bea82a4f95926fb554)

utils/squashfs-tools: fix PKG_CPE_ID

There is not a single CVE linked to phillip_lougher:squashfs so use
squashfs-tools_project:squashfs-tools instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:squashfs-tools_project:squashfs-tools

Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit 9e770d6c1d465dc4c5c129a559ee5203a90d8f0f)

lang/python/python-aiohttp: fix PKG_CPE_ID

aiohttp:aiohttp is a better CPE ID than aio-libs_projet:aiohttp as this
CPE ID has the latest CVEs (whereas aio-libs_project:aiohttp only has
one CVE from 2018):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:aiohttp:aiohttp

Fixes: 2edf5034f1c09fe60af52087abe7b6fcef9433fc (python-aiohttp: add a new package)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit 8b9965fcb30f1f7401cad5ec9967e65ae72398b3)

lang/python/python-urllib3: fix PKG_CPE_ID

There is not a single CVE linked to urllib3_project:urllib3 so use
python:urllib3 instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:python:urllib3

Fixes: 6dcaa769d8ce8921dc3bfaf78ab9a8c1cef4a9b9 (python-urllib3: update to version 1.25)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit d369edb57105104b7a6085b9217366705d0ca118)

lang/python/python-requests: fix PKG_CPE_ID

There is not a single CVE linked to python-requests:requests so use
python:requests instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:python:requests

Fixes: ceadbcbb64de727c3a974e552d9a723d532e4e40 (treewide: add PKG_CPE_ID for cvescanner)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit c0aec8bc086af80e932a54eb9d68a29dcaa1f068)

libs/redis: fix PKG_CPE_ID

There is not a single CVE linked to pivotal_software:redis so use
redis:redis instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:redis:redis

Fixes: ceadbcbb64de727c3a974e552d9a723d532e4e40 (treewide: add PKG_CPE_ID for cvescanner)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit 5c089b16baa0b98afb52ee4f6b37ef9410d9cc42)

net/vsftpd: fix PKG_CPE_ID

vsftpd_project:vsftpd is a better CPE ID than beasts:vsftpd as this CPE
ID has the latest CVEs (whereas beasts:vsftpd only has CVEs up to 2015):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:vsftpd_project:vsftpd

Fixes: 1371b7be878382b8b52cd73ff72a3a41d28013c4 (vsftpd: Fix compilation without ECC or deprecated APIs)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit 803c7b0571221451aa98407842a5fc4142a38493)

net/tinc: fix PKG_CPE_ID

tinc-vpn:tinc is a better CPE ID than tinc:tinc as this CPE ID has the
latest CVEs (whereas tinc:tinc only has CVEs up to 2002):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:tinc-vpn:tinc

Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit b52f465c7b2c6fc8438f5a09aab3bbb26eba9de5)

net/tinyproxy: fix PKG_CPE_ID

tinyproxy_project:tinyproxy is a better CPE ID than banu:tinyproxy as
this CPE ID has the latest CVEs (whereas banu:tinyproxy only has CVEs up
to 2012):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:tinyproxy_project:tinyproxy

Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit d6d157f644ec57b682c246f6c876936f0bcb9baa)

utils/tmux: fix PKG_CPE_ID

tmux_project:tmux is a better CPE ID than nicholas_marriott:tmux as this
CPE ID has the latest CVE (whereas nicholas_marriott:tmux only has a CVE
from 2011):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:tmux_project:tmux

Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit c42dcc5fd69a6f5d8cfe2aba9af0c5dccdd73e05)

utils/zsh: fix PKG_CPE_ID

zsh:zsh is a better CPE ID than zsh_project:zsh as this CPE ID has the
latest CVEs (whereas zsh_project:zsh only has CVEs up to 2017):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:zsh:zsh

Fixes: ff056fcffcacf2632505bb108bf8e8c2a3cef09c (zsh: Update to 5.6.2)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit 00e038942a5856b01ee359706dbb4398148ba162)

net/boinc: fix PKG_CPE_ID

boinc_project:boinc has never been a valid CPE ID so use
rom_walton:boinc instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:rom_walton:boinc

Fixes: 9c2bd865c715cad8646157d6bbfb669d9970c322 (boinc: new package for distributed computing/data acquisition)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit 013a2f2dfa1f6b7e582588c8641b0ecbc7cf223e)

utils/lrzsz: fix PKG_CPE_ID

PKG_CPE_ID was missing ":lrzsz"

Fixes: 6d6c4b21b5e22a9f1058db5b61521a298e00a5f0 (lrzsz: update to v0.12.21rc and fix a CVE)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit da56ee5bed54bf0f58a4a51d7849b9de2880dfde)

libs/expat: fix PKG_CPE_ID

There is not a single CVE linked to libexpat:expat so use
libexpat_project:libexpat instead:

https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:libexpat_project:libexpat

Fixes: 70c62ef2d77aef5d8a27ccca2b147bc2a69dc7f8 (expat: update to version 2.2.7 (security fix))
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit 77a02f1efcdb3ff5d7ce697806075bc34ed2ed4b)

libs/libidn2: fix PKG_CPE_ID

There is not a single CVE linked to libidn2_project:libidn2 so use
gnu:libidn2 instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:gnu:libidn2

Fixes: ceadbcbb64de727c3a974e552d9a723d532e4e40 (treewide: add PKG_CPE_ID for cvescanner)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit b5b4545b2452ef3a9a4d958a22f5cc053be0523c)

net/miniupnpc: fix PKG_CPE_ID

cpe:/a:miniupnp_project:miniupnpc is the correct CPE ID for miniupnpc:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:miniupnp_project:miniupnpc

Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit 0d96d38c6c1f5645efb129fde2e5e06c8ffc2bdc)

multimedia/motion: fix PKG_CPE_ID

motion_project:motion is a better CPE ID than lavrsen:motion as this CPE
ID has the latest CVE (whereas lavrsen:motion only a CVE from 2008):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:motion_project:motion

Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit 1a50def3051ef64f4ce6240a74512177e7d51e6d)

net/nbd: fix PKG_CPE_ID

There is not a single CVE linked to network_block_device:nbd so use
network_block_device_project:network_block_device instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:network_block_device_project:network_block_device

Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit 222df5ed5d469f42034fea230666c011e7ea3e30)

lang/python/python-pip: fix PKG_CPE_ID

There is not a single CVE linked to python:pip so use pypa:pip instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:pypa:pip

Moreover, CPE_ID missed PKG_ prefix

Fixes: eee273507b868ad5f6f7e744d513c85330967906 (python3: Split pip into separate source package)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit acad8ffb5f4b9f2f380a22c53702c048e22c82ea)

utils/gpsd: fix PKG_CPE_ID

gpsd_project:gpsd is a better CPE ID than berlios:gps_daemon as this CPE
ID has the latest CVEs (whereas berlios:gps_daemon only has one CVE from
2004):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:gpsd_project:gpsd

Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit 1b1c28c9a03f7742ffaeda7ac2b22d82182a1137)

utils/ntfs-3g: fix PKG_CPE_ID

tuxera:ntfs-3g is a better CPE ID than ntfs-3g:ntfs-3g as this CPE ID
has the latest CVEs (whereas ntfs-3g:ntfs-3g only has one CVE from 2007):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:tuxera:ntfs-3g

Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit 52a5e71b49dd3d10d57a20f4cb9e83aad8fbbc5e)

treewide: assign PKG_CPE_ID

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[davici: not present in 23.05]
(cherry picked from commit 5afe5c9031190844f267357c68efe3c9c3cbe51d)

lang/python/python-yaml: fix PKG_CPE_ID

There is not a single CVE linked to pyyaml_project:pyyaml so use
pyyaml:pyyaml instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:pyyaml:pyyaml

Fixes: c06a04c754bdcfdb2ea0bd1d654128863a2b6738 (python-yaml: update to version 5.1)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit 94734c4bf9ff99c0b2001c4934a3c3f1398aca38)

treewide: fix licence typos

- PKG_LICENCE -> PKG_LICENSE
- PKC_LICENSE_FILES -> PKG_LICENSE_FILES
- BSD 3-Clause -> BSD-3-Clause
- BSD-3-clause -> BSD-3-Clause
- BSD-2-clause -> BSD-2-Clause
- Public Domain -> Public-Domain
- PublicDomain -> Public-Domain
- Drop unneeded ',' in PKG_LICENSE or PKG_LICENSE_FILES

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
(cherry picked from commit 820fcc5fb979ad9ac630231dcf12ce76342d1c01)

openssh: bump to 9.8p1

Release notes: https://www.openssh.com/txt/release-9.8

* 9.8p1 fixes CVE-2024-6387
* Adjusted Makefile to provide /usr/lib/sshd-session
* Given the troubles with -fzero-call-used-regs and all the
  broken checks, makes sense to skip it

Build system: x86/64
Build-tested: x86/64/AMD Cezanne
Run-tested: x86/64/AMD Cezanne

Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit 75674f0439ee497bc6b77222a23e3974d150be89)

dockerd: Update to 27.0.3

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
(cherry picked from commit e7ef6ae485008486a587b05df1489152abfb6248)

docker: Update to 27.0.3

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
(cherry picked from commit d9925c4813d8d5c44705c81a63d54c3304170ade)

docker: Update to 27.0.2

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
(cherry picked from commit ec1320310ab09ddfaf0a10b447e8f4c99f5e617b)

runc: Update to 1.1.13

This is the thirteenth patch release in the 1.1.z release branch of runc.
Itbrings in Go 1.22.x compatibility and fixes a few issues,
including anoccasional wrong nofile rlimit in runc exec,
and a race between runc list and runc delete.

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
(cherry picked from commit c49a11723819fa0405513800aa340c5cfa7fc9b8)

dockerd: Update to 27.0.2

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
(cherry picked from commit 24d29581e20d7643b8636efa3a26463fb2fd7f62)

dockerd: Update to 26.1.4

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
(cherry picked from commit 001e7138ddd8aa7c13213cea86956785cb382995)

containerd: Update to 1.7.18

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
(cherry picked from commit 8f3a94645df07996d5e1a8f26d1c4355bf2928c3)

docker: Update to 26.1.4

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
(cherry picked from commit ab5b9ea2f0f530f245f068a78288968535ba85a1)

adblock: update 4.1.5-11

* removed an accidentally commited flag of the upcoming adblock 5.x, this fixes a startup regression without trigger interface

Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit b76f6e1c166d0344f9022d1ca994946414d9d035)

jool: update to 4.1.12

Update jool to 4.1.12
Changelog: https://github.com/NICMx/Jool/releases/tag/v4.1.12

Signed-off-by: Goetz Goerisch <ggoerisch@gmail.com>
(cherry picked from commit 28256b2710fdbdb07a76d37f768bae23af45c4cf)

jool: update documentation

* corrected the documentation links for upstream
* fixed style to be correctly rendered
* add reference to OpenWrt tutorial

Signed-off-by: Goetz Goerisch <ggoerisch@gmail.com>
(cherry picked from commit 8b08b29271e9f8d26ce8d337ffb4261ea8a25914)

jool: update to 4.1.11

Update jool to 4.1.11 and remove unneeded patch.
Changelog: https://github.com/NICMx/Jool/releases/tag/v4.1.11

Signed-off-by: Tiago Gaspar <tiagogaspar8@gmail.com>
(cherry picked from commit 643e3bf73a9222b460f00dcd23aa11b6ecf3e852)

jool: update package to version 4.1.10

Update jool to version 4.1.10 and remove a no longer needed patch.
There was also a need to backport a patch to fix compile in some archs.

Signed-off-by: Tiago Gaspar <tiagogaspar8@gmail.com>
(cherry picked from commit 26bf35bb4338caaefad3b1be4ee2c99d8e618618)

cloudflared: Update to 2024.4.1

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 462bfd84e484da313b3f096cc4dbaec54c8c94a1)
[rebased upon 23.05 branch]
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>

cloudflared: Fix incorrect uci config syntax

Fix incorrect uci config syntax, caused by a careless newbie contributer.
Modify function append_param_arg() in init script, to support hyphenated
arguments.
Add more command parameters as uci options, no value is set to keep it default.

Signed-off-by: Ryan Keane <the.ra2.ifv@gmail.com>
(cherry picked from commit 2d711c8fbda489ab5f89b162c040b6502986e970)
[rebased upon 23.05 branch]
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>

cloudflared: Add more run parameters in UCI

https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/configure-tunnels/tunnel-run-parameters/

Close #24122

Signed-off-by: Ryan Keane <the.ra2.ifv@gmail.com>
(cherry picked from commit 31c91837f9f171828ef6d4bd1e1867f4c593e2cc)
[rebased upon 23.05 branch]
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>