From e06ce962717e9524f5bb68880bca3ecfe3c47647 Mon Sep 17 00:00:00 2001 From: Max Rees Date: Wed, 10 Jun 2020 14:54:20 -0500 Subject: user/nghttp2: [CVE] bump to 1.41.0 (#299), disable no-op check() --- user/nghttp2/APKBUILD | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/user/nghttp2/APKBUILD b/user/nghttp2/APKBUILD index 41dd0bc58..063bc9b0f 100644 --- a/user/nghttp2/APKBUILD +++ b/user/nghttp2/APKBUILD @@ -1,17 +1,22 @@ # Contributor: Natanael Copa # Maintainer: pkgname=nghttp2 -pkgver=1.40.0 +pkgver=1.41.0 pkgrel=0 pkgdesc="Experimental HTTP/2 client, server and proxy" url="https://nghttp2.org/" arch="all" +options="!check" # Requires cunit, which we don't currently ship license="MIT" depends="" makedepends="c-ares-dev libev-dev libxml2-dev openssl-dev zlib-dev" subpackages="$pkgname-dev $pkgname-doc $pkgname-libs" source="https://github.com/tatsuhiro-t/$pkgname/releases/download/v$pkgver/nghttp2-$pkgver.tar.xz" +# secfixes: +# 1.41.0-r0: +# - CVE-2020-11080 + build() { ./configure \ --build=$CBUILD \ @@ -37,4 +42,4 @@ package() { make DESTDIR="$pkgdir" install } -sha512sums="3f9b989c4bd9571b11bb9d59fe2dfd5596ba3962babfc836587d5047e780400a6cf46e43c602caa25ca83c03b84a1629953140d45223099b193df54a719745ce nghttp2-1.40.0.tar.xz" +sha512sums="c92e8022ccc876fa311f21bc5bf5af75feff8232efb56a4b2ab198031e974d15b67c16c046188cc76552f75a1b2e7115925d6ce1e42d6f94ae482fe69727466d nghttp2-1.41.0.tar.xz" -- cgit v1.2.3-70-g09d2