kumquat-buildroot/package/minidlna/minidlna.mk
Fabrice Fontaine c7520b7ea1 package/minidlna: fix CVE-2022-26505
A DNS rebinding issue in ReadyMedia (formerly MiniDLNA) before 1.3.1
allows a remote web server to exfiltrate media files.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-03-18 23:16:47 +01:00

43 lines
1.3 KiB
Makefile

################################################################################
#
# minidlna
#
################################################################################
MINIDLNA_VERSION = 1.3.0
MINIDLNA_SITE = https://downloads.sourceforge.net/project/minidlna/minidlna/$(MINIDLNA_VERSION)
MINIDLNA_LICENSE = GPL-2.0, BSD-3-Clause
MINIDLNA_LICENSE_FILES = COPYING LICENCE.miniupnpd
MINIDLNA_CPE_ID_VENDOR = readymedia_project
MINIDLNA_CPE_ID_PRODUCT = readymedia
MINIDLNA_SELINUX_MODULES = minidlna
# 0001-upnphttp-Protect-against-DNS-rebinding-attacks.patch
MINIDLNA_IGNORE_CVES += CVE-2022-26505
MINIDLNA_DEPENDENCIES = \
$(TARGET_NLS_DEPENDENCIES) \
ffmpeg flac libvorbis libogg libid3tag libexif jpeg sqlite \
host-xutil_makedepend
MINIDLNA_CONF_OPTS = \
--disable-static
define MINIDLNA_INSTALL_CONF
$(INSTALL) -D -m 644 $(@D)/minidlna.conf $(TARGET_DIR)/etc/minidlna.conf
endef
MINIDLNA_POST_INSTALL_TARGET_HOOKS += MINIDLNA_INSTALL_CONF
define MINIDLNA_INSTALL_INIT_SYSV
$(INSTALL) -D -m 0755 package/minidlna/S60minidlnad \
$(TARGET_DIR)/etc/init.d/S60minidlnad
endef
define MINIDLNA_INSTALL_INIT_SYSTEMD
$(INSTALL) -D -m 0644 package/minidlna/minidlnad.service \
$(TARGET_DIR)/usr/lib/systemd/system/minidlnad.service
endef
$(eval $(autotools-package))