4c7e7acbe4
Fixes the following security issues: CVE-2019-9511: Data Dribble CVE-2019-9513: Resource Loop For details, see the advisory: https://nghttp2.org/blog/2019/08/19/nghttp2-v1-39-2/ Notice that libnghttp2 itself is not affected by these vulnerabilities, only nghttpx and nghttpd (which are currently not built). Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
23 lines
686 B
Makefile
23 lines
686 B
Makefile
################################################################################
|
|
#
|
|
# nghttp2
|
|
#
|
|
################################################################################
|
|
|
|
NGHTTP2_VERSION = 1.39.2
|
|
NGHTTP2_SITE = https://github.com/nghttp2/nghttp2/releases/download/v$(NGHTTP2_VERSION)
|
|
NGHTTP2_LICENSE = MIT
|
|
NGHTTP2_LICENSE_FILES = COPYING
|
|
NGHTTP2_INSTALL_STAGING = YES
|
|
NGHTTP2_DEPENDENCIES = host-pkgconf
|
|
NGHTTP2_CONF_OPTS = --enable-lib-only
|
|
|
|
define NGHTTP2_INSTALL_CLEAN_HOOK
|
|
# Remove fetch-ocsp-response script unused by library
|
|
$(Q)$(RM) -rf $(TARGET_DIR)/usr/share/nghttp2
|
|
endef
|
|
|
|
NGHTTP2_POST_INSTALL_TARGET_HOOKS += NGHTTP2_INSTALL_CLEAN_HOOK
|
|
|
|
$(eval $(autotools-package))
|