Fabrice Fontaine
465c6ec847
package/flatcc: disable -Werror
...
Disable -Werror to fix the following build failure with gcc 11:
/data/buildroot-autobuilder/instance-0/output-1/build/host-flatcc-0.6.0/include/flatcc/reflection/flatbuffers_common_builder.h: In function 'flatbuffers_char_array_copy_from_pe':
/data/buildroot-autobuilder/instance-0/output-1/build/host-flatcc-0.6.0/include/flatcc/reflection/flatbuffers_common_builder.h:341:3: error: this 'for' clause does not guard... [-Werror=misleading-indentation]
341 | for (i = 0; i < n; ++i) N ## _copy_from_pe(&p[i], &p2[i]); return p; }\
| ^~~
An other option would have been to retrieve the following upstream
commit:
f8c4140dd9http://autobuild.buildroot.org/results/4d5cdddbfeefdeb943234b76eb08b04376f3c36d
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 1beb978492
2021-05-23 18:02:49 +02:00
Fabrice Fontaine
591cd52cdb
package/supervisor: add SUPERVISOR_CPE_ID_VENDOR
...
cpe:2.3🅰️ supervisord:supervisor is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Asupervisord%3Asupervisor
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 0e429b176b
2021-05-23 17:58:55 +02:00
Fabrice Fontaine
3194fe85d5
package/synergy: add SYNERGY_CPE_ID_VENDOR
...
cpe:2.3🅰️ symless:synergy is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Asymless%3Asynergy
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 778e2e0467
2021-05-23 17:58:45 +02:00
Fabrice Fontaine
69470f9d32
package/uclibc: add CPE variables
...
cpe:2.3🅰️ uclibc-ng_project:uclibc-ng is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Auclibc-ng_project%3Auclibc-ng
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 81c93749ae
2021-05-23 17:58:34 +02:00
Fabrice Fontaine
9784aa99a6
package/nbd: add CPE variables
...
cpe:2.3🅰️ network_block_device_project:network_block_device is a valid
CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Anetwork_block_device_project%3Anetwork_block_device
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 08194ef159
2021-05-23 17:55:56 +02:00
Fabrice Fontaine
6b34d98582
package/nasm: add CPE variables
...
cpe:2.3🅰️ nasm:netwide_assembler is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Anasm%3Anetwide_assembler
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 760d76ac98
2021-05-23 17:55:50 +02:00
Fabrice Fontaine
b710758612
package/musl: add MUSL_CPE_ID_VENDOR
...
cpe:2.3🅰️ musl-libc:musl is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Amusl-libc%3Amusl
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 8ac2e592c0
2021-05-23 17:55:41 +02:00
Fabrice Fontaine
f6317d250b
package/bird: add BIRD_CPE_ID_VENDOR
...
cpe:2.3🅰️ nic:bird is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Anic%3Abird
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit b68047e324
2021-05-23 17:55:34 +02:00
Mircea GLIGA
a24df585b9
package/environment-setup: Fix incorrect order of the sed expressions
...
Order of the `sed` expressions is important; when this was commited
to master, the order of the expressions from the original patch [1] was
changed, rendering the second expression to noop.
This made all the environment variables from the script to contain
absolute paths: long absolute paths makes verbose builds difficult
to read/follow.
We can take advantage of the fact that the PATH is updated and we
don't have to use absolute paths.
Fixed by reordering the `sed` expresions:
* first update the path of the binaries: e.g. 's%$(HOST_DIR)/bin/%%g'
* only then update remaining paths: e.g. 's%$(HOST_DIR)%\$$SDK_PATH%g'
[1] https://patchwork.ozlabs.org/project/buildroot/patch/20201027140140.47982-1-matthew.weber@rockwellcollins.com/
Signed-off-by: Mircea GLIGA <mgliga@bitdefender.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit d0ed2725e9
2021-05-20 11:38:14 +02:00
Bernd Kuhls
ca5ff77a71
package/x11r7/xlib_libX11: security bump version to 1.7.1
...
Fixes CVE-2021-31535:
https://lists.x.org/archives/xorg-announce/2021-May/003088.html
Release notes:
https://lists.x.org/archives/xorg-announce/2021-May/003089.html
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 3f0eb2782c
2021-05-20 11:28:56 +02:00
Bernd Kuhls
7e44576e07
package/xterm: security bump version to 367
...
Fixes CVE-2021-27135:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27135
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 576beb7c0a
2021-05-20 11:28:28 +02:00
Matthew Weber
ec2b44efbf
support/scripts/pkg-stats: fix flake8 E741 ambiguous variable name
...
Signed-off-by: Matthew Weber <matthew.weber@collins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit c2ebfe7d78
2021-05-20 11:24:54 +02:00
Petr Vorel
11f488c9f1
package/libtirpc: bump version to 1.3.2
...
Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 6e780387b4
2021-05-20 11:05:14 +02:00
Fabrice Fontaine
1690ddde4d
package/docker-engine: devicemapper driver does not need liblvm2app
...
lvm2 app library is not needed to build devicemapper filesystem driver
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr: tweak title]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 378e9f4b11
2021-05-20 10:48:48 +02:00
Vineet Gupta
f62509fe1e
lmbench: lat_rpc: fix stray pointer
...
| # ./lat_rpc -S localhost
| potentially unexpected fatal signal 11.
| Path: /lmbench/bin/arc64/lat_rpc
| CPU: 0 PID: 62 Comm: lat_rpc Not tainted 5.6.0-00224-g8e1b159f529e #39
| Invalid Read @ 0x00000001 by insn @ 0x2011f110
| @off 0x6c110 in [/lib/libc-2.32.so] VMA: 0x200b3000 to 0x201b8000
| ECR: 0x00050100 EFA: 0x00000001 ERET: 0x2011f110
| STAT32: 0x80081082 [IE U ] BTA: 0x2011b87c
| SP: 0x5fffefe8 FP: 0x00000000 BLK: 0x20103242
| r00: 0x00000001 r01: 0x00000002 r02: 0x00000001
| r03: 0x20101eb0 r04: 0x00000001 r05: 0x00000001
| r06: 0x00000000 r07: 0x00000000 r08: 0x00000001
| r09: 0x2019d8b0 r10: 0x20039fc4 r11: 0x5ffff0f0
| r12: 0x2019d6d0 r13: 0x2019d748 r14: 0x5ffff588
| r15: 0x00000000 r16: 0x00000000 r17: 0x5ffff708
| r18: 0x20039fc0 r19: 0xffffffff r20: 0x201ba010
| r21: 0x00000000 r22: 0x00000000 r23: 0x20039fc0
| r24: 0x00000bd0 r25: 0x00000073
Segmentation fault
Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit e1137c06a0
2021-05-20 10:40:53 +02:00
Vineet Gupta
ff50cfb100
lmbench: memsize: increase delay for slow FPGAs
...
otherwise memsize bails out and erroneously reports 1 MB
NOK
----
| />/lmbench/bin/arc/memsize 16
|
| 1
OK
----
| />/lmbench/bin/arc/memsize 16
| 2MB OK3MB OK4MB OK5MB OK6MB OK7MB OK8MB OK9MB OK10MB OK11MB OK12MB OK13MB OK14MB OK15MB OK16MB OK
| 16
Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 2f6d7b6333
2021-05-20 10:40:36 +02:00
Peter Korsgaard
e553ad9de2
package/intel-microcode: security bump to version 20210216
...
Fixes the following security issues:
- CVE-2020-8696: Description: Improper removal of sensitive information
before storage or transfer in some Intel(R) Processors may allow an
authenticated user to potentially enable information disclosure via local
access
- CVE-2020-8698: Description: Improper isolation of shared resources in some
Intel(R) Processors may allow an authenticated user to potentially enable
information disclosure via local access
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html
License file updated with the new year, so change hash accordingly.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[yann.morin.1998@free.fr: explain license hash change]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit e87d5f643b
2021-05-19 21:56:46 +02:00
Titouan Christophe
725eb18497
package/redis: security bump to v6.0.13
...
From the release notes:
================================================================================
Redis 6.0.13 Released Mon May 3 19:00:00 IST 2021
================================================================================
Upgrade urgency: SECURITY, Contains fixes to security issues that affect
authenticated client connections. LOW otherwise.
See https://github.com/redis/redis/blob/6.0.13/00-RELEASENOTES
Signed-off-by: Titouan Christophe <titouanchristophe@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-05-19 21:56:07 +02:00
Fabrice Fontaine
590cdd6624
package/tpm2-tss: add CPE variables
...
cpe:2.3🅰️ tpm2_software_stack_project:tpm2_software_stack is a valid CPE
identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Atpm2_software_stack_project%3Atpm2_software_stack
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 020149e4cd
2021-05-19 21:51:07 +02:00
Fabrice Fontaine
dd71a0ffd8
package/weston: add WESTON_CPE_ID_VENDOR
...
cpe:2.3🅰️ wayland:weston is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Awayland%3Aweston
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit bbfc6f546e
2021-05-19 21:51:07 +02:00
Fabrice Fontaine
722ab35b07
package/libuv: add LIBUV_CPE_ID_VENDOR
...
cpe:2.3🅰️ libuv:libuv is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Alibuv%3Alibuv
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 442b21f8cb
2021-05-19 21:51:06 +02:00
Fabrice Fontaine
77a5779758
package/libusb: add LIBUSB_CPE_ID_VENDOR
...
cpe:2.3🅰️ libusb:libusb is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Alibusb%3Alibusb
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit f7b2865949
2021-05-19 21:51:06 +02:00
Fabrice Fontaine
79cc4df058
package/libsamplerate: add LIBSAMPLERATE_CPE_ID_VENDOR
...
cpe:2.3🅰️ libsamplerate_project:libsamplerate is a valid CPE identifier
for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Alibsamplerate_project%3Alibsamplerate
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 7a899d67e8
2021-05-19 21:51:06 +02:00
Fabrice Fontaine
1545853d54
package/librelp: add LIBRELP_CPE_ID_VENDOR
...
cpe:2.3🅰️ rsyslog:librelp is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Arsyslog%3Alibrelp
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 10f8934c59
2021-05-19 21:51:06 +02:00
Fabrice Fontaine
aef648849d
package/liboping: add LIBOPING_CPE_ID_VENDOR
...
cpe:2.3🅰️ noping:liboping is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Anoping%3Aliboping
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit c3e5a675dd
2021-05-19 21:51:06 +02:00
Fabrice Fontaine
92ebf149fa
package/libmodbus: add LIBMODBUS_CPE_ID_VENDOR
...
cpe:2.3🅰️ libmodbus:libmodbus is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Alibmodbus%3Alibmodbus
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 8910dc505a
2021-05-19 21:51:06 +02:00
Fabrice Fontaine
e9126f22db
package/libmms: add LIBMMS_CPE_ID_VENDOR
...
cpe:2.3🅰️ libmms_project:libmms is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Alibmms_project%3Alibmms
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit c91b3c3ce2
2021-05-19 21:51:06 +02:00
Fabrice Fontaine
00f7f922c0
package/libldns: add CPE variables
...
cpe:2.3🅰️ nlnetlabs:ldns is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Anlnetlabs%3Aldns
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit c2bc364c08
2021-05-19 21:51:06 +02:00
Fabrice Fontaine
5df3620cf0
package/kodi: add CPE variables
...
cpe:2.3🅰️ kodi:kodi is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Akodi%3Akodi
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit c5e9b02251
2021-05-19 21:51:06 +02:00
Fabrice Fontaine
7bcfdd676b
package/keepalived: add KEEPALIVED_CPE_ID_VENDOR
...
cpe:2.3🅰️ keepalived:keepalived is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Akeepalived%3Akeepalived
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 00cb0f00fa
2021-05-19 21:51:06 +02:00
Fabrice Fontaine
f0c0b27d47
package/grpc: add GRPC_CPE_ID_VENDOR
...
cpe:2.3🅰️ grpc:grpc is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Agrpc%3Agrpc
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit ea77594f3f
2021-05-19 21:51:06 +02:00
Fabrice Fontaine
86a31b1053
package/frr: add CPE variables
...
cpe:2.3🅰️ linuxfoundation:free_range_routing is a valid CPE identifier
for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Alinuxfoundation%3Afree_range_routing
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit c4c11c2e1a
2021-05-19 21:51:06 +02:00
Fabrice Fontaine
96e8d83503
package/fluidsynth: add FLUIDSYNTH_CPE_ID_VENDOR
...
cpe:2.3🅰️ fluidsynth:fluidsynth is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Afluidsynth%3Afluidsynth
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 13bca2271d
2021-05-19 21:51:06 +02:00
Fabrice Fontaine
16e2240820
package/exempi: add EXEMPI_CPE_ID_VENDOR
...
cpe:2.3🅰️ exempi_project:exempi is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aexempi_project%3Aexempi
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit c98e315838
2021-05-19 21:51:06 +02:00
Fabrice Fontaine
0146dd8ba0
package/enscript: add ENSCRIPT_CPE_ID_VENDOR
...
cpe:2.3🅰️ gnu:enscript is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Agnu%3Aenscript
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 2ad812a0b3
2021-05-19 21:51:06 +02:00
Fabrice Fontaine
646c83cf5a
package/enlightenment: add ENLIGHTENMENT_CPE_ID_VENDOR
...
cpe:2.3🅰️ enlightenment:enlightenment is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aenlightenment%3Aenlightenment
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit e7b8832a5e
2021-05-19 21:51:06 +02:00
Fabrice Fontaine
be9602b604
package/terminology: add TERMINOLOGY_CPE_ID_VENDOR
...
cpe:2.3🅰️ enlightenment:terminology is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aenlightenment%3Aterminology
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 05bffd0613
2021-05-19 21:51:06 +02:00
Arnout Vandecappelle (Essensium/Mind)
ec602113a6
package/mesa3d-headers: remove spurious empty line
...
Detected by check-package
Fixes: 7fa481437edfb045af5b
2021-05-19 18:10:09 +02:00
Fabrice Fontaine
1ce7c314c2
package/libidn: add LIBIDN_CPE_ID_VENDOR
...
cpe:2.3🅰️ gnu:libidn is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Agnu%3Alibidn
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 8391f7d189
2021-05-19 17:40:06 +02:00
Fabrice Fontaine
bbb314eb55
package/libidn2: add LIBIDN2_CPE_ID_VENDOR
...
cpe:2.3🅰️ gnu:libidn2 is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Agnu%3Alibidn2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 981850b353
2021-05-19 17:40:01 +02:00
Fabrice Fontaine
e6f62aaa98
package/tinyproxy: add TINYPROXY_CPE_ID_VENDOR
...
cpe:2.3🅰️ tinyproxy_project:tinyproxy is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Atinyproxy_project%3Atinyproxy
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit ba91be05c2
2021-05-19 17:39:27 +02:00
Fabrice Fontaine
23a2451933
package/tinyxml2: add TINYXML2_CPE_ID_VENDOR
...
cpe:2.3🅰️ tinyxml2_project:tinyxml2 is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Atinyxml2_project%3Atinyxml2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit c00a99c292
2021-05-19 17:39:19 +02:00
Fabrice Fontaine
0ed1c31c82
package/tini: add TINI_CPE_ID_VENDOR
...
cpe:2.3🅰️ tini_project:tini is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Atini_project%3Atini
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 5b074ef1f3
2021-05-19 17:39:13 +02:00
Fabrice Fontaine
54cb9e1fa6
package/tclap: add TCLAP_CPE_ID_VENDOR
...
cpe:2.3🅰️ tclap_project:tclap is a valid CPE identifier for this
package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Atclap_project%3Atclap
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 1ffd14f28a
2021-05-19 17:36:37 +02:00
Fabrice Fontaine
322c96467a
package/thermald: add THERMALD_CPE_ID_VENDOR
...
cpe:2.3🅰️ intel:thermald is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aintel%3Athermald
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 4e48f5da05
2021-05-19 17:36:30 +02:00
Fabrice Fontaine
8d42350eb7
package/taglib: add TAGLIB_CPE_ID_VENDOR
...
cpe:2.3🅰️ taglib:taglib is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Ataglib%3Ataglib
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit eecf0e55d3
2021-05-19 17:35:48 +02:00
Fabrice Fontaine
83225c36a0
package/qpdf: add QPDF_CPE_ID_VENDOR
...
cpe:2.3🅰️ qpdf_project:qpdf is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aqpdf_project%3Aqpdf
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 2774a21025
2021-05-19 17:35:43 +02:00
Fabrice Fontaine
e2008668d0
package/mesa3d{,-headers}: add CPE variables
...
cpe:2.3🅰️ mesa3d:mesa is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Amesa3d%3Amesa
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr: add to mesa3d-headers too]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 7fa481437e
2021-05-19 15:56:51 +02:00
Fabrice Fontaine
7d21104577
package/lvm2: add LVM2_CPE_ID_VENDOR
...
cpe:2.3🅰️ redhat:lvm2 is a valid CPE identifier for this package:
https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aredhat%3Alvm2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit d70da0be78
2021-05-19 15:56:46 +02:00
Fabrice Fontaine
783215a499
package/jquery-validation: security bump to version 1.19.3
...
Fix CVE-2021-21252: The jQuery Validation Plugin provides drop-in
validation for your existing forms. It is published as an npm package
"jquery-validation". jquery-validation before version 1.19.3 contains
one or more regular expressions that are vulnerable to ReDoS (Regular
Expression Denial of Service).
Update hash of README.md due to changes not related to license
https://github.com/jquery-validation/jquery-validation/releases/tag/1.19.3
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit ae79f0f403
2021-05-19 09:33:42 +02:00
