feed/packages.git
9 months agoiputils: bump to 20240117
Jan Klos [Wed, 24 Jan 2024 16:57:27 +0000 (17:57 +0100)]
iputils: bump to 20240117

Signed-off-by: Jan Klos <jan@klos.xyz>
9 months agoprocps-ng: update to 4.0.4
krant [Thu, 1 Feb 2024 15:34:58 +0000 (17:34 +0200)]
procps-ng: update to 4.0.4

- Update the patch

Signed-off-by: krant <aleksey.vasilenko@gmail.com>
9 months agotreewide: assign PKG_CPE_ID
Fabrice Fontaine [Fri, 2 Feb 2024 17:37:33 +0000 (18:37 +0100)]
treewide: assign PKG_CPE_ID

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agotelldus-mqtt: add new package in utils
PeterFromSweden [Sun, 28 Jan 2024 16:23:40 +0000 (17:23 +0100)]
telldus-mqtt: add new package in utils

Extends functionality of exisiting telldus-core package

Signed-off-by: PeterFromSweden <peterfromswe884@gmail.com>
9 months agomake: update to 4.4.1
krant [Wed, 31 Jan 2024 11:38:30 +0000 (13:38 +0200)]
make: update to 4.4.1

Signed-off-by: krant <aleksey.vasilenko@gmail.com>
9 months agoleptonica: update to 1.84.1
krant [Wed, 31 Jan 2024 09:19:34 +0000 (11:19 +0200)]
leptonica: update to 1.84.1

- remove upstreamed patch
- explicitly disable openjpeg to ignore host-installed library
- fix .cmake and .pc paths

Signed-off-by: krant <aleksey.vasilenko@gmail.com>
9 months agonextdns: Update to version 1.42.0
Olivier Poitrey [Sun, 4 Feb 2024 23:50:54 +0000 (23:50 +0000)]
nextdns: Update to version 1.42.0

Signed-off-by: Olivier Poitrey <rs@nextdns.io>
9 months agoimagemagick: take over maintainership
krant [Thu, 1 Feb 2024 08:36:33 +0000 (10:36 +0200)]
imagemagick: take over maintainership

Signed-off-by: krant <aleksey.vasilenko@gmail.com>
9 months agoimagemagick: update to 7.1.1-27
krant [Wed, 31 Jan 2024 12:53:27 +0000 (14:53 +0200)]
imagemagick: update to 7.1.1-27

- Use official source URL
- Add libstdcpp dependency
- Don't set configure options which are matching default values

Signed-off-by: krant <aleksey.vasilenko@gmail.com>
9 months agoflac: update to 1.4.3
krant [Wed, 31 Jan 2024 13:14:23 +0000 (15:14 +0200)]
flac: update to 1.4.3

Signed-off-by: krant <aleksey.vasilenko@gmail.com>
9 months agovnstat2: update to version 2.12
Jan Hoffmann [Thu, 1 Feb 2024 20:12:05 +0000 (21:12 +0100)]
vnstat2: update to version 2.12

This version includes several new features that allow to simplify the
package significantly: The noexit patch and hotplug script are no longer
needed, and the init script doesn't have to check for legacy databases
anymore.

Signed-off-by: Jan Hoffmann <jan@3e8.eu>
9 months agozstd: update to 1.5.5
krant [Thu, 1 Feb 2024 10:37:35 +0000 (12:37 +0200)]
zstd: update to 1.5.5

- Don't set Meson options which are matching defaults

Signed-off-by: krant <aleksey.vasilenko@gmail.com>
9 months agolibcurl-gnutls: update to version 8.6.0
Konstantin Demin [Thu, 1 Feb 2024 00:29:58 +0000 (03:29 +0300)]
libcurl-gnutls: update to version 8.6.0

https://curl.se/changes.html#8_6_0

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
9 months agoutils/ntfs-3g: fix PKG_CPE_ID
Fabrice Fontaine [Fri, 2 Feb 2024 22:01:37 +0000 (23:01 +0100)]
utils/ntfs-3g: fix PKG_CPE_ID

tuxera:ntfs-3g is a better CPE ID than ntfs-3g:ntfs-3g as this CPE ID
has the latest CVEs (whereas ntfs-3g:ntfs-3g only has one CVE from 2007):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:tuxera:ntfs-3g

Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agoutils/gpsd: fix PKG_CPE_ID
Fabrice Fontaine [Thu, 1 Feb 2024 10:13:06 +0000 (11:13 +0100)]
utils/gpsd: fix PKG_CPE_ID

gpsd_project:gpsd is a better CPE ID than berlios:gps_daemon as this CPE
ID has the latest CVEs (whereas berlios:gps_daemon only has one CVE from
2004):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:gpsd_project:gpsd

Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agolang/python/python-pip: fix PKG_CPE_ID
Fabrice Fontaine [Fri, 2 Feb 2024 17:17:47 +0000 (18:17 +0100)]
lang/python/python-pip: fix PKG_CPE_ID

There is not a single CVE linked to python:pip so use pypa:pip instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:pypa:pip

Moreover, CPE_ID missed PKG_ prefix

Fixes: eee273507b868ad5f6f7e744d513c85330967906 (python3: Split pip into separate source package)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agonet/nbd: fix PKG_CPE_ID
Fabrice Fontaine [Fri, 2 Feb 2024 17:20:15 +0000 (18:20 +0100)]
net/nbd: fix PKG_CPE_ID

There is not a single CVE linked to network_block_device:nbd so use
network_block_device_project:network_block_device instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:network_block_device_project:network_block_device

Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agomultimedia/motion: fix PKG_CPE_ID
Fabrice Fontaine [Thu, 1 Feb 2024 22:31:04 +0000 (23:31 +0100)]
multimedia/motion: fix PKG_CPE_ID

motion_project:motion is a better CPE ID than lavrsen:motion as this CPE
ID has the latest CVE (whereas lavrsen:motion only a CVE from 2008):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:motion_project:motion

Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agonet/miniupnpc: fix PKG_CPE_ID
Fabrice Fontaine [Thu, 1 Feb 2024 22:04:45 +0000 (23:04 +0100)]
net/miniupnpc: fix PKG_CPE_ID

cpe:/a:miniupnp_project:miniupnpc is the correct CPE ID for miniupnpc:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:miniupnp_project:miniupnpc

Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agolibs/libidn2: fix PKG_CPE_ID
Fabrice Fontaine [Thu, 1 Feb 2024 17:30:52 +0000 (18:30 +0100)]
libs/libidn2: fix PKG_CPE_ID

There is not a single CVE linked to libidn2_project:libidn2 so use
gnu:libidn2 instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:gnu:libidn2

Fixes: ceadbcbb64de727c3a974e552d9a723d532e4e40 (treewide: add PKG_CPE_ID for cvescanner)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agolibs/expat: fix PKG_CPE_ID
Fabrice Fontaine [Thu, 1 Feb 2024 17:27:39 +0000 (18:27 +0100)]
libs/expat: fix PKG_CPE_ID

There is not a single CVE linked to libexpat:expat so use
libexpat_project:libexpat instead:

https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:libexpat_project:libexpat

Fixes: 70c62ef2d77aef5d8a27ccca2b147bc2a69dc7f8 (expat: update to version 2.2.7 (security fix))
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agoutils/lrzsz: fix PKG_CPE_ID
Fabrice Fontaine [Thu, 1 Feb 2024 21:31:08 +0000 (22:31 +0100)]
utils/lrzsz: fix PKG_CPE_ID

PKG_CPE_ID was missing ":lrzsz"

Fixes: 6d6c4b21b5e22a9f1058db5b61521a298e00a5f0 (lrzsz: update to v0.12.21rc and fix a CVE)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agolang/python/python-paho-mqtt: fix license
Fabrice Fontaine [Sun, 4 Feb 2024 21:08:51 +0000 (22:08 +0100)]
lang/python/python-paho-mqtt: fix license

python-paho-mqtt is licensed under EPL-2.0, not EPL-1.0, since version
1.6.0 and
https://github.com/eclipse/paho.mqtt.python/commit/fabe7500fb6fde31fd98c619e0117d1c651fd18d

While at it, add LICENSE.txt to PKG_LICENSE_FILES

Fixes: 784f2a519bb8cdfaa973070f65ff9a3a481e5cd1 (python-paho-mqtt: bump to version 1.6.1)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agozoneinfo: Updated to 2024a release
Vladimir Ulrich [Sun, 4 Feb 2024 21:08:14 +0000 (00:08 +0300)]
zoneinfo: Updated to 2024a release

Signed-off-by: Vladimir Ulrich <admin@evl.su>
9 months agonet/ntpd: fix license
Fabrice Fontaine [Sun, 4 Feb 2024 21:46:55 +0000 (22:46 +0100)]
net/ntpd: fix license

Replace "Unique" by the standard SPDX identifier for NTP license:
https://spdx.org/licenses/NTP.html

Fixes: 1aff45c6dd36f2a5875eadaeae2ed93da8ff6d45 (ntpd: add SPDX license information)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agoutils/lsof: fix license
Fabrice Fontaine [Sun, 4 Feb 2024 21:41:03 +0000 (22:41 +0100)]
utils/lsof: fix license

Replace "Unique" by the standard SPDX identifier for lsof license:
https://spdx.org/licenses/lsof.html

Fixes: 59adfc86b9d1e5a8fb9d5c83db6546a6b49a77f5 (lsof: add license information)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agonet/boinc: fix PKG_CPE_ID
Fabrice Fontaine [Fri, 2 Feb 2024 17:48:20 +0000 (18:48 +0100)]
net/boinc: fix PKG_CPE_ID

boinc_project:boinc has never been a valid CPE ID so use
rom_walton:boinc instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:rom_walton:boinc

Fixes: 9c2bd865c715cad8646157d6bbfb669d9970c322 (boinc: new package for distributed computing/data acquisition)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agoutils/zsh: fix PKG_CPE_ID
Fabrice Fontaine [Fri, 2 Feb 2024 21:23:24 +0000 (22:23 +0100)]
utils/zsh: fix PKG_CPE_ID

zsh:zsh is a better CPE ID than zsh_project:zsh as this CPE ID has the
latest CVEs (whereas zsh_project:zsh only has CVEs up to 2017):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:zsh:zsh

Fixes: ff056fcffcacf2632505bb108bf8e8c2a3cef09c (zsh: Update to 5.6.2)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agoutils/tmux: fix PKG_CPE_ID
Fabrice Fontaine [Fri, 2 Feb 2024 19:50:37 +0000 (20:50 +0100)]
utils/tmux: fix PKG_CPE_ID

tmux_project:tmux is a better CPE ID than nicholas_marriott:tmux as this
CPE ID has the latest CVE (whereas nicholas_marriott:tmux only has a CVE
from 2011):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:tmux_project:tmux

Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agonet/tinyproxy: fix PKG_CPE_ID
Fabrice Fontaine [Fri, 2 Feb 2024 19:43:57 +0000 (20:43 +0100)]
net/tinyproxy: fix PKG_CPE_ID

tinyproxy_project:tinyproxy is a better CPE ID than banu:tinyproxy as
this CPE ID has the latest CVEs (whereas banu:tinyproxy only has CVEs up
to 2012):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:tinyproxy_project:tinyproxy

Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agonet/tinc: fix PKG_CPE_ID
Fabrice Fontaine [Fri, 2 Feb 2024 19:35:54 +0000 (20:35 +0100)]
net/tinc: fix PKG_CPE_ID

tinc-vpn:tinc is a better CPE ID than tinc:tinc as this CPE ID has the
latest CVEs (whereas tinc:tinc only has CVEs up to 2002):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:tinc-vpn:tinc

Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agonet/vsftpd: fix PKG_CPE_ID
Fabrice Fontaine [Fri, 2 Feb 2024 20:48:01 +0000 (21:48 +0100)]
net/vsftpd: fix PKG_CPE_ID

vsftpd_project:vsftpd is a better CPE ID than beasts:vsftpd as this CPE
ID has the latest CVEs (whereas beasts:vsftpd only has CVEs up to 2015):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:vsftpd_project:vsftpd

Fixes: 1371b7be878382b8b52cd73ff72a3a41d28013c4 (vsftpd: Fix compilation without ECC or deprecated APIs)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agolibs/redis: fix PKG_CPE_ID
Fabrice Fontaine [Fri, 2 Feb 2024 17:38:11 +0000 (18:38 +0100)]
libs/redis: fix PKG_CPE_ID

There is not a single CVE linked to pivotal_software:redis so use
redis:redis instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:redis:redis

Fixes: ceadbcbb64de727c3a974e552d9a723d532e4e40 (treewide: add PKG_CPE_ID for cvescanner)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agolang/python/python-requests: fix PKG_CPE_ID
Fabrice Fontaine [Fri, 2 Feb 2024 17:15:55 +0000 (18:15 +0100)]
lang/python/python-requests: fix PKG_CPE_ID

There is not a single CVE linked to python-requests:requests so use
python:requests instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:python:requests

Fixes: ceadbcbb64de727c3a974e552d9a723d532e4e40 (treewide: add PKG_CPE_ID for cvescanner)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agolang/python/python-urllib3: fix PKG_CPE_ID
Fabrice Fontaine [Fri, 2 Feb 2024 17:09:46 +0000 (18:09 +0100)]
lang/python/python-urllib3: fix PKG_CPE_ID

There is not a single CVE linked to urllib3_project:urllib3 so use
python:urllib3 instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:python:urllib3

Fixes: 6dcaa769d8ce8921dc3bfaf78ab9a8c1cef4a9b9 (python-urllib3: update to version 1.25)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agocrowdsec: new upstream release version 1.6.0
S. Brusch [Fri, 2 Feb 2024 12:28:37 +0000 (13:28 +0100)]
crowdsec: new upstream release version 1.6.0

Update crowdsec to latest upstream release version 1.6.0

Signed-off-by: S. Brusch <ne20002@gmx.ch>
Maintainer: Kerma Gérald <gandalf@gk2.net>
Package tested: not able to test run due to limited space (package is big)

Description: update to latest version of upstream

9 months agolibs/libgd: fix license
Fabrice Fontaine [Sun, 4 Feb 2024 20:57:46 +0000 (21:57 +0100)]
libs/libgd: fix license

libgd is licensed under its own "GD" license and not MIT

Fixes: 60feea09c9d343f648045e5e85e7788e75d4e039 (libgd: import from oldpackages, add myself as maintainer, add license...)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agonmap: bump package version
Konstantin Demin [Wed, 31 Jan 2024 09:24:53 +0000 (12:24 +0300)]
nmap: bump package version

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
9 months agonmap: unify SSL dependencies
Konstantin Demin [Wed, 31 Jan 2024 09:24:53 +0000 (12:24 +0300)]
nmap: unify SSL dependencies

ssl/full variants now depend on "ca-certs" (provided by "ca-bundle" and "ca-certificates")

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
9 months agonmap: ncat: use default CA bundle
Konstantin Demin [Wed, 31 Jan 2024 09:24:53 +0000 (12:24 +0300)]
nmap: ncat: use default CA bundle

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
9 months agoMerge pull request #23279 from ffontaine/fix-tiff-license
Jiri Slachta [Sun, 4 Feb 2024 21:42:04 +0000 (22:42 +0100)]
Merge pull request #23279 from ffontaine/fix-tiff-license

libs/tiff: fix license

9 months agolibs/tiff: fix license 23279/head
Fabrice Fontaine [Sun, 4 Feb 2024 21:30:33 +0000 (22:30 +0100)]
libs/tiff: fix license

tiff is licensed under its own "libtiff" license and not BSD-3-Clause

Fixes: 364de5bc3f16eba42f93d36e848b998b3579e39e (tiff: add licensing information)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agolang/python/python-aiohttp: fix PKG_CPE_ID
Fabrice Fontaine [Sun, 4 Feb 2024 10:06:04 +0000 (11:06 +0100)]
lang/python/python-aiohttp: fix PKG_CPE_ID

aiohttp:aiohttp is a better CPE ID than aio-libs_projet:aiohttp as this
CPE ID has the latest CVEs (whereas aio-libs_project:aiohttp only has
one CVE from 2018):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:aiohttp:aiohttp

Fixes: 2edf5034f1c09fe60af52087abe7b6fcef9433fc (python-aiohttp: add a new package)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agoless: update to 643
krant [Thu, 1 Feb 2024 14:25:01 +0000 (16:25 +0200)]
less: update to 643

Signed-off-by: krant <aleksey.vasilenko@gmail.com>
9 months agogrep: update to 3.11
krant [Thu, 1 Feb 2024 15:06:57 +0000 (17:06 +0200)]
grep: update to 3.11

Signed-off-by: krant <aleksey.vasilenko@gmail.com>
9 months agocloudflared: refine config.yml
Sergey Ponomarev [Sat, 3 Feb 2024 20:13:22 +0000 (22:13 +0200)]
cloudflared: refine config.yml

The config.yml is an example of a tunnel local configuration.
But the cloudlfared treat it as a real config and fails to start.
So to avoid problems let's comment all the statements.

The `url: http://localhost:8000` is not a valid config option.

Additionally add a smale of configuring ingres rules.

The cloudflared.config has missing option token.

Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
9 months agoMerge pull request #23263 from ffontaine/fix-sudo-cpeid
Alexandru Ardelean [Sat, 3 Feb 2024 06:12:38 +0000 (08:12 +0200)]
Merge pull request #23263 from ffontaine/fix-sudo-cpeid

admin/sudo: fix PKG_CPE_ID

9 months agoMerge pull request #23262 from ffontaine/fix-squashfs-tools-cpeid
Alexandru Ardelean [Sat, 3 Feb 2024 06:05:56 +0000 (08:05 +0200)]
Merge pull request #23262 from ffontaine/fix-squashfs-tools-cpeid

utils/squashfs-tools: fix PKG_CPE_ID

9 months agoutils/squashfs-tools: fix PKG_CPE_ID 23262/head
Fabrice Fontaine [Fri, 2 Feb 2024 19:08:34 +0000 (20:08 +0100)]
utils/squashfs-tools: fix PKG_CPE_ID

There is not a single CVE linked to phillip_lougher:squashfs so use
squashfs-tools_project:squashfs-tools instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:squashfs-tools_project:squashfs-tools

Fixes: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36 (treewide: add PKG_CPE_ID for better cvescanner coverage)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agoadmin/sudo: fix PKG_CPE_ID 23263/head
Fabrice Fontaine [Fri, 2 Feb 2024 19:18:23 +0000 (20:18 +0100)]
admin/sudo: fix PKG_CPE_ID

sudo_project:sudo is a better CPE ID than todd_miller:sudo as this CPE
ID has the latest CVEs (whereas todd_miller:sudo only has CVEs up to
2016):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:sudo_project:sudo

Fixes: 8ce9f30c421255c514b1b2e41fc92eafd7976583 (sudo: Update to 1.8.24)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agolibidn2: update to 2.3.7
krant [Thu, 1 Feb 2024 21:10:02 +0000 (23:10 +0200)]
libidn2: update to 2.3.7

Signed-off-by: krant <aleksey.vasilenko@gmail.com>
9 months agoMerge pull request #23219 from rockdrilla/curl-8.6.0
Stan Grishin [Fri, 2 Feb 2024 13:47:17 +0000 (06:47 -0700)]
Merge pull request #23219 from rockdrilla/curl-8.6.0

curl: update to 8.6.0

9 months agounrar: update to 6.2.12
krant [Thu, 1 Feb 2024 12:06:47 +0000 (14:06 +0200)]
unrar: update to 6.2.12

Signed-off-by: krant <aleksey.vasilenko@gmail.com>
9 months agotar: update to 1.35
krant [Thu, 1 Feb 2024 16:53:36 +0000 (18:53 +0200)]
tar: update to 1.35

Signed-off-by: krant <aleksey.vasilenko@gmail.com>
9 months agolibs/vips: fix PKG_CPE_ID
Fabrice Fontaine [Thu, 1 Feb 2024 17:24:48 +0000 (18:24 +0100)]
libs/vips: fix PKG_CPE_ID

libvips:libvips is a better CPE ID than vips:vips as this CPE ID has the
latest CVEs (whereas vips only has an old CVE from 2010):

  https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:libvips:libvips

Fix: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agolibpsl: update to 0.21.5
krant [Thu, 1 Feb 2024 21:02:01 +0000 (23:02 +0200)]
libpsl: update to 0.21.5

Signed-off-by: krant <aleksey.vasilenko@gmail.com>
9 months agonet/krb5: fix PKG_CPE_ID
Fabrice Fontaine [Thu, 1 Feb 2024 22:22:16 +0000 (23:22 +0100)]
net/krb5: fix PKG_CPE_ID

mit:kerberos_5 is a better CPE ID than mit:kerberos as this CPE ID has
the latest CVEs (whereas mit:kerberos only has CVEs until 2018):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:mit:kerberos_5

Fix: 299e5b0a9bce19d6e96cb9ff217028b36ee2dd36

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agoMerge pull request #23243 from ffontaine/fix-libpam-cpeid
Nikos Mavrogiannopoulos [Fri, 2 Feb 2024 08:33:15 +0000 (09:33 +0100)]
Merge pull request #23243 from ffontaine/fix-libpam-cpeid

libs/libpam: fix PKG_CPE_ID

9 months agolibs/libpam: fix PKG_CPE_ID 23243/head
Fabrice Fontaine [Thu, 1 Feb 2024 21:12:24 +0000 (22:12 +0100)]
libs/libpam: fix PKG_CPE_ID

linux-pam:linux-pam is a better CPE ID than kernel:linux-pam as this CPE
ID has the latest CVEs (whereas kernel:linux-pam only has a
SUSE-specific CVE):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:linux-pam:linux-pam

Fix: 6f74b0c4f15a095b1069a8aaeb19a32dfbc7539a

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agodnsproxy: Update to 0.64.1
Tianling Shen [Thu, 1 Feb 2024 15:21:07 +0000 (23:21 +0800)]
dnsproxy: Update to 0.64.1

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
9 months agonebula: update to 1.8.2-2
Stan Grishin [Thu, 25 Jan 2024 23:15:49 +0000 (23:15 +0000)]
nebula: update to 1.8.2-2

The following fixes have been applied to Makefile:
* fix the nebula license type
* add PKG_CPE_ID
* remove unneeded call to Build/Compile
* add leading spaces to descriptions
* add Package/nebula/conffiles definition
* remove unneeded /lib/upgrade/keep.d files
* no longer install actual license file
* add the README file

Kudos to @BKPepe and @1715173329 for feedback which lead to these fixes

Signed-off-by: Stan Grishin <stangri@melmac.ca>
9 months agocurl: update to 8.6.0 23219/head
Konstantin Demin [Thu, 1 Feb 2024 00:28:09 +0000 (03:28 +0300)]
curl: update to 8.6.0

* https://curl.se/changes.html#8_6_0

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
9 months agolibs/libdaq3: assign PKG_LICENSE_FILES
Fabrice Fontaine [Tue, 30 Jan 2024 20:13:59 +0000 (21:13 +0100)]
libs/libdaq3: assign PKG_LICENSE_FILES

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agolibs/libev: fix license
Fabrice Fontaine [Tue, 30 Jan 2024 21:05:54 +0000 (22:05 +0100)]
libs/libev: fix license

libev is licensed under BSD-2-Clause or GPL-2.0-or-later since its
addition to openwrt

While at it, assign PKG_LICENSE_FILES

Fixes: 67b39f8f9b703e2cf95616b8e591ec76278a5846
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agoutils/pv: assign PKG_LICENSE_FILES
Fabrice Fontaine [Tue, 30 Jan 2024 20:08:51 +0000 (21:08 +0100)]
utils/pv: assign PKG_LICENSE_FILES

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agolibs/libpciaccess: assign PKG_LICENSE
Fabrice Fontaine [Tue, 30 Jan 2024 21:15:08 +0000 (22:15 +0100)]
libs/libpciaccess: assign PKG_LICENSE

libpciaccess is licensed under MIT

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agonet/tor: add license
Fabrice Fontaine [Tue, 30 Jan 2024 21:34:14 +0000 (22:34 +0100)]
net/tor: add license

tor is licensed under BSD-3-Clause

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agodevel/automake: fix license
Fabrice Fontaine [Tue, 30 Jan 2024 20:06:31 +0000 (21:06 +0100)]
devel/automake: fix license

automake is licensed under GPL-2.0-or-later, not GPL-3.0-or-later:
https://git.savannah.gnu.org/cgit/automake.git/tree/COPYING
indeed switch to GPL-3.0-or-later was reverted a long time ago (i.e.
before its addition to openwrt) by
https://git.savannah.gnu.org/cgit/automake.git/commit/?id=fcf2f56062e384455ec8b1aed943af33f20c27c7

While at it, add the license file

Fixes: c6ac1e3f76ecd92d02d82c5729bbd1f2bd64922b
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agotreewide: fix licence typos
Fabrice Fontaine [Tue, 30 Jan 2024 20:27:53 +0000 (21:27 +0100)]
treewide: fix licence typos

- PKG_LICENCE -> PKG_LICENSE
- PKC_LICENSE_FILES -> PKG_LICENSE_FILES
- BSD 3-Clause -> BSD-3-Clause
- BSD-3-clause -> BSD-3-Clause
- BSD-2-clause -> BSD-2-Clause
- Public Domain -> Public-Domain
- PublicDomain -> Public-Domain
- Drop unneeded ',' in PKG_LICENSE or PKG_LICENSE_FILES

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agoMerge pull request #23213 from krant/tiff
Jiri Slachta [Wed, 31 Jan 2024 17:36:25 +0000 (18:36 +0100)]
Merge pull request #23213 from krant/tiff

tiff: update to 4.6.0

9 months agolibjpeg-trubo: update to 3.0.2
krant [Wed, 31 Jan 2024 11:15:14 +0000 (13:15 +0200)]
libjpeg-trubo: update to 3.0.2

- Switch source URL to Github since upstream migrated there
- Remove CMake options which are obsolete or match default values
- Don't disable arithmetic encoding/decoding since it's the standard

Signed-off-by: krant <aleksey.vasilenko@gmail.com>
9 months agotiff: update to 4.6.0 23213/head
krant [Wed, 31 Jan 2024 12:04:21 +0000 (14:04 +0200)]
tiff: update to 4.6.0

- Don't set CMake options which are on by default

Signed-off-by: krant <aleksey.vasilenko@gmail.com>
9 months agodocker-compose: Update to version 2.24.5
Javier Marcet [Wed, 31 Jan 2024 07:30:14 +0000 (08:30 +0100)]
docker-compose: Update to version 2.24.5

Signed-off-by: Javier Marcet <javier@marcet.info>
9 months agoxz: Update to 5.4.6
Hannu Nyman [Tue, 30 Jan 2024 18:47:51 +0000 (20:47 +0200)]
xz: Update to 5.4.6

Update xz to match the version 5.4.6 in tools/

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
9 months agoutils/vim: add license info
Fabrice Fontaine [Tue, 30 Jan 2024 07:23:18 +0000 (08:23 +0100)]
utils/vim: add license info

vim is licensed under its own Vim license:
https://spdx.org/licenses/Vim.html

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agoutils/augeas: assign PKG_LICENSE_FILES
Fabrice Fontaine [Tue, 30 Jan 2024 07:06:23 +0000 (08:06 +0100)]
utils/augeas: assign PKG_LICENSE_FILES

augeas provides a COPYING file since its addition to openwrt

Fixes: 7fc497dd67727225e875d5b13a5c76437815e277
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agoinih: Update to r58
Tianling Shen [Tue, 30 Jan 2024 15:41:36 +0000 (23:41 +0800)]
inih: Update to r58

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
9 months agorclone: Update to 1.65.2
Tianling Shen [Tue, 30 Jan 2024 15:41:30 +0000 (23:41 +0800)]
rclone: Update to 1.65.2

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
9 months agocloudflared: Update to 2024.1.5
Tianling Shen [Tue, 30 Jan 2024 15:41:25 +0000 (23:41 +0800)]
cloudflared: Update to 2024.1.5

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
9 months agodos2unix: Update to 7.5.2
Tianling Shen [Tue, 30 Jan 2024 15:41:21 +0000 (23:41 +0800)]
dos2unix: Update to 7.5.2

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
9 months agodocker-compose: Update to version 2.24.4
Javier Marcet [Mon, 29 Jan 2024 22:12:30 +0000 (23:12 +0100)]
docker-compose: Update to version 2.24.4

Signed-off-by: Javier Marcet <javier@marcet.info>
9 months agoffmpeg: add V4L2 support
Álvaro Fernández Rojas [Sat, 27 Jan 2024 18:50:20 +0000 (19:50 +0100)]
ffmpeg: add V4L2 support

Enable V4L2 support on ffmpeg-full package.
Tested using V4L2 Raspberry Pi 4 encoder/decoder.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
9 months agoopenvpn: add missing script-security
Erik Conijn [Wed, 17 Jan 2024 12:31:37 +0000 (13:31 +0100)]
openvpn: add missing script-security

Maintainer: @mkrkn  @neheb

Compile tested: armv7, cortexA15, OpenWRT 23.05
Run tested: Linksys EA8500

Compile tested: armv8, cortexA53, OpenWRT main
Run tested: Dynalink DL-WRX36

Description:
Script-security is always 2 and cannot be changed from the openvpn config file due to a missing rule in openvpn.init.

This is discussed in issue #23014

This patch adds the missing rule in openvpn.init to parse script-security from the openvpn config file.

Signed-off-by: Erik Conijn <egc112@msn.com>
9 months agoerlang: remove CFLAGS modification since it has been fixed in the upstream
krant [Wed, 10 Jan 2024 13:53:19 +0000 (15:53 +0200)]
erlang: remove CFLAGS modification since it has been fixed in the upstream

Signed-off-by: krant <aleksey.vasilenko@gmail.com>
9 months agoerlang: update to 26.2.1
krant [Wed, 10 Jan 2024 13:27:01 +0000 (15:27 +0200)]
erlang: update to 26.2.1

- Update to Erlang/OTP 26.2.1
- Remove obsolete configure options
- Remove obsolete patches, add new one
- Add missing no_dot_erlang.boot file (fixes #20587)
- Change package URL to https

Signed-off-by: krant <aleksey.vasilenko@gmail.com>
9 months agolibs/libgee: assign PKG_CPE_ID
Fabrice Fontaine [Thu, 25 Jan 2024 21:49:41 +0000 (22:49 +0100)]
libs/libgee: assign PKG_CPE_ID

https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:gnome:libgee

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agonet/bwm-ng: assign PKG_CPE_ID
Fabrice Fontaine [Thu, 25 Jan 2024 17:39:36 +0000 (18:39 +0100)]
net/bwm-ng: assign PKG_CPE_ID

https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:bwm-ng_project:bwm-ng

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agoutils/acl: assign PKG_CPE_ID
Fabrice Fontaine [Wed, 24 Jan 2024 21:31:37 +0000 (22:31 +0100)]
utils/acl: assign PKG_CPE_ID

https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aacl_project%3Aacl

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agoutils/cgroupfs-mount: assign PKG_CPE_ID
Fabrice Fontaine [Thu, 25 Jan 2024 17:52:05 +0000 (18:52 +0100)]
utils/cgroupfs-mount: assign PKG_CPE_ID

https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:cgroupfs-mount_project:cgroupfs-mount

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agoutils/augeas: assign PKG_CPE_ID
Fabrice Fontaine [Thu, 25 Jan 2024 17:26:16 +0000 (18:26 +0100)]
utils/augeas: assign PKG_CPE_ID

https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:augeas:augeas

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agonet/fastd: assign PKG_CPE_ID
Fabrice Fontaine [Thu, 25 Jan 2024 21:03:09 +0000 (22:03 +0100)]
net/fastd: assign PKG_CPE_ID

https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:fastd_project:fastd

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agolibs/libmbim: assign PKG_CPE_ID
Fabrice Fontaine [Thu, 25 Jan 2024 21:29:06 +0000 (22:29 +0100)]
libs/libmbim: assign PKG_CPE_ID

https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:freedesktop:libmbim

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agoadmin/atop: assign PKG_CPE_ID
Fabrice Fontaine [Thu, 25 Jan 2024 08:02:12 +0000 (09:02 +0100)]
admin/atop: assign PKG_CPE_ID

https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:atop_project:atop

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agolang/python/python-docker: assign PKG_CPE_ID
Fabrice Fontaine [Thu, 25 Jan 2024 20:39:30 +0000 (21:39 +0100)]
lang/python/python-docker: assign PKG_CPE_ID

https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:docker:docker-py

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agoutils/pax-utils: assign PKG_CPE_ID
Fabrice Fontaine [Thu, 25 Jan 2024 21:42:17 +0000 (22:42 +0100)]
utils/pax-utils: assign PKG_CPE_ID

https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:gentoo:pax-utils

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agoutils/crun: assign PKG_CPE_ID
Fabrice Fontaine [Thu, 25 Jan 2024 20:21:36 +0000 (21:21 +0100)]
utils/crun: assign PKG_CPE_ID

https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:crun_project:crun

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agonet/fail2ban: assign PKG_CPE_ID
Fabrice Fontaine [Thu, 25 Jan 2024 20:58:40 +0000 (21:58 +0100)]
net/fail2ban: assign PKG_CPE_ID

https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:fail2ban:fail2ban

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agolibs/libinput: assign PKG_CPE_ID
Fabrice Fontaine [Thu, 25 Jan 2024 21:25:23 +0000 (22:25 +0100)]
libs/libinput: assign PKG_CPE_ID

https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:freedesktop:libinput

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agoutils/domoticz: assign PKG_CPE_ID
Fabrice Fontaine [Thu, 25 Jan 2024 20:43:47 +0000 (21:43 +0100)]
utils/domoticz: assign PKG_CPE_ID

https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:domoticz:domoticz

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
9 months agolibs/freetype: fix PKG_CPE_ID
Fabrice Fontaine [Thu, 25 Jan 2024 21:36:46 +0000 (22:36 +0100)]
libs/freetype: fix PKG_CPE_ID

There is not a single CVE under cpe:/a:freetype:freetype2
so use cpe:/a:freetype:freetype:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:freetype:freetype

Fixes: 456ae2f541f698e6b9106b696d385d52164ed860
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>