670329f057
- Fixes CVE-2023-38285 [1] - Adapted 0001-configure.ac-drop-usage-of-git-at-configure-time.patch due to upstream moving to autoconf portable shell constructs. Signed-off-by: Frank Vanbever <frank.vanbever@mind.be> [1] https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/modsecurity-v3-dos-vulnerability-in-four-transformations-cve-2023-38285/ Signed-off-by: Frank Vanbever <frank.vanbever@mind.be> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
67 lines
1.9 KiB
Makefile
67 lines
1.9 KiB
Makefile
################################################################################
|
|
#
|
|
# libmodsecurity
|
|
#
|
|
################################################################################
|
|
|
|
LIBMODSECURITY_VERSION = 3.0.10
|
|
LIBMODSECURITY_SOURCE = modsecurity-v$(LIBMODSECURITY_VERSION).tar.gz
|
|
LIBMODSECURITY_SITE = https://github.com/SpiderLabs/ModSecurity/releases/download/v$(LIBMODSECURITY_VERSION)
|
|
LIBMODSECURITY_INSTALL_STAGING = YES
|
|
LIBMODSECURITY_LICENSE = Apache-2.0
|
|
LIBMODSECURITY_LICENSE_FILES = LICENSE
|
|
LIBMODSECURITY_CPE_ID_VENDOR = trustwave
|
|
LIBMODSECURITY_CPE_ID_PRODUCT = modsecurity
|
|
# We're patching configure.ac
|
|
LIBMODSECURITY_AUTORECONF = YES
|
|
|
|
LIBMODSECURITY_DEPENDENCIES = pcre2
|
|
LIBMODSECURITY_CONF_OPTS = \
|
|
--without-pcre \
|
|
--with-pcre2="$(STAGING_DIR)/usr" \
|
|
--disable-examples \
|
|
--without-lmdb \
|
|
--without-ssdeep \
|
|
--without-lua \
|
|
--without-yajl
|
|
|
|
ifeq ($(BR2_PACKAGE_LIBXML2),y)
|
|
LIBMODSECURITY_DEPENDENCIES += libxml2
|
|
LIBMODSECURITY_CONF_OPTS += --with-libxml="$(STAGING_DIR)/usr/bin/xml2-config"
|
|
else
|
|
LIBMODSECURITY_CONF_OPTS += --without-libxml
|
|
endif
|
|
|
|
ifeq ($(BR2_PACKAGE_LIBCURL),y)
|
|
LIBMODSECURITY_DEPENDENCIES += libcurl
|
|
LIBMODSECURITY_CONF_OPTS += --with-curl="$(STAGING_DIR)/usr/bin/curl-config"
|
|
else
|
|
LIBMODSECURITY_CONF_OPTS += --without-curl
|
|
endif
|
|
|
|
ifeq ($(BR2_PACKAGE_GEOIP),y)
|
|
LIBMODSECURITY_DEPENDENCIES += geoip
|
|
LIBMODSECURITY_CONF_OPTS += --with-geoip
|
|
else
|
|
LIBMODSECURITY_CONF_OPTS += --without-geoip
|
|
endif
|
|
|
|
ifeq ($(BR2_PACKAGE_LIBMAXMINDDB),y)
|
|
LIBMODSECURITY_DEPENDENCIES += libmaxminddb
|
|
LIBMODSECURITY_CONF_OPTS += --with-maxmind
|
|
else
|
|
LIBMODSECURITY_CONF_OPTS += --without-maxmind
|
|
endif
|
|
|
|
LIBMODSECURITY_CXXFLAGS = $(TARGET_CXXFLAGS)
|
|
|
|
# m68k_cf can't use -fPIC that libmodsecurity forces to use, so we need
|
|
# to disable it to avoid a build failure.
|
|
ifeq ($(BR2_m68k_cf),y)
|
|
LIBMODSECURITY_CXXFLAGS += -fno-PIC
|
|
endif
|
|
|
|
LIBMODSECURITY_CONF_OPTS += CXXFLAGS="$(LIBMODSECURITY_CXXFLAGS)"
|
|
|
|
$(eval $(autotools-package))
|