efd6528e30
Changelog: * https://github.com/nghttp2/nghttp2/releases/tag/v1.59.0 * https://github.com/nghttp2/nghttp2/releases/tag/v1.60.0 * https://github.com/nghttp2/nghttp2/releases/tag/v1.61.0 * https://github.com/nghttp2/nghttp2/releases/tag/v1.62.0 * https://github.com/nghttp2/nghttp2/releases/tag/v1.63.0 * https://github.com/nghttp2/nghttp2/releases/tag/v1.64.0 Fixes: CVE-2024-28182 [1] - Reading unbounded number of HTTP/2 CONTINUATION frames to cause excessive CPU usage [1] https://github.com/nghttp2/nghttp2/security/advisories/GHSA-x6x3-gv8h-m57q Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit 55d48e866e471e0b704f3ae56300cca6e87d7559) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
25 lines
770 B
Makefile
25 lines
770 B
Makefile
################################################################################
|
|
#
|
|
# nghttp2
|
|
#
|
|
################################################################################
|
|
|
|
NGHTTP2_VERSION = 1.64.0
|
|
NGHTTP2_SOURCE = nghttp2-$(NGHTTP2_VERSION).tar.xz
|
|
NGHTTP2_SITE = https://github.com/nghttp2/nghttp2/releases/download/v$(NGHTTP2_VERSION)
|
|
NGHTTP2_LICENSE = MIT
|
|
NGHTTP2_LICENSE_FILES = COPYING
|
|
NGHTTP2_INSTALL_STAGING = YES
|
|
NGHTTP2_CPE_ID_VENDOR = nghttp2
|
|
NGHTTP2_DEPENDENCIES = host-pkgconf
|
|
NGHTTP2_CONF_OPTS = --enable-lib-only
|
|
|
|
define NGHTTP2_INSTALL_CLEAN_HOOK
|
|
# Remove fetch-ocsp-response script unused by library
|
|
$(Q)$(RM) -rf $(TARGET_DIR)/usr/share/nghttp2
|
|
endef
|
|
|
|
NGHTTP2_POST_INSTALL_TARGET_HOOKS += NGHTTP2_INSTALL_CLEAN_HOOK
|
|
|
|
$(eval $(autotools-package))
|