kumquat-buildroot/package/mongoose/mongoose.mk
Fabrice Fontaine c18562a82a package/mongoose: security bump to version 6.17
- Fix CVE-2019-19307: An integer overflow in parse_mqtt in mongoose.c in
  Cesanta Mongoose 6.16 allows an attacker to achieve remote DoS
  (infinite loop), or possibly cause an out-of-bounds write, by sending
  a crafted MQTT protocol packet.
- Update indentation of hash file (two spaces)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-02-13 18:08:21 +01:00

35 lines
986 B
Makefile

################################################################################
#
# mongoose
#
################################################################################
MONGOOSE_VERSION = 6.17
MONGOOSE_SITE = $(call github,cesanta,mongoose,$(MONGOOSE_VERSION))
MONGOOSE_LICENSE = GPL-2.0
MONGOOSE_LICENSE_FILES = LICENSE
MONGOOSE_INSTALL_STAGING = YES
# static library
MONGOOSE_INSTALL_TARGET = NO
MONGOOSE_CFLAGS = $(TARGET_CFLAGS)
ifeq ($(BR2_PACKAGE_OPENSSL),y)
MONGOOSE_DEPENDENCIES += openssl
MONGOOSE_CFLAGS += -DMG_ENABLE_SSL
endif
define MONGOOSE_BUILD_CMDS
$(TARGET_MAKE_ENV) $(TARGET_CC) -c $(@D)/mongoose.c $(MONGOOSE_CFLAGS) -o $(@D)/mongoose.o
$(TARGET_MAKE_ENV) $(TARGET_AR) rcs $(@D)/libmongoose.a $(@D)/mongoose.o
endef
define MONGOOSE_INSTALL_STAGING_CMDS
$(INSTALL) -D -m 644 $(@D)/libmongoose.a \
$(STAGING_DIR)/usr/lib/libmongoose.a
$(INSTALL) -D -m 644 $(@D)/mongoose.h \
$(STAGING_DIR)/usr/include/mongoose.h
endef
$(eval $(generic-package))