From e06ce962717e9524f5bb68880bca3ecfe3c47647 Mon Sep 17 00:00:00 2001
From: Max Rees <maxcrees@me.com>
Date: Wed, 10 Jun 2020 14:54:20 -0500
Subject: user/nghttp2: [CVE] bump to 1.41.0 (#299), disable no-op check()

---
 user/nghttp2/APKBUILD | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/user/nghttp2/APKBUILD b/user/nghttp2/APKBUILD
index 41dd0bc58..063bc9b0f 100644
--- a/user/nghttp2/APKBUILD
+++ b/user/nghttp2/APKBUILD
@@ -1,17 +1,22 @@
 # Contributor: Natanael Copa <ncopa@alpinelinux.org>
 # Maintainer: 
 pkgname=nghttp2
-pkgver=1.40.0
+pkgver=1.41.0
 pkgrel=0
 pkgdesc="Experimental HTTP/2 client, server and proxy"
 url="https://nghttp2.org/"
 arch="all"
+options="!check"  # Requires cunit, which we don't currently ship
 license="MIT"
 depends=""
 makedepends="c-ares-dev libev-dev libxml2-dev openssl-dev zlib-dev"
 subpackages="$pkgname-dev $pkgname-doc $pkgname-libs"
 source="https://github.com/tatsuhiro-t/$pkgname/releases/download/v$pkgver/nghttp2-$pkgver.tar.xz"
 
+# secfixes:
+#   1.41.0-r0:
+#     - CVE-2020-11080
+
 build() {
 	./configure \
 		--build=$CBUILD \
@@ -37,4 +42,4 @@ package() {
 	make DESTDIR="$pkgdir" install
 }
 
-sha512sums="3f9b989c4bd9571b11bb9d59fe2dfd5596ba3962babfc836587d5047e780400a6cf46e43c602caa25ca83c03b84a1629953140d45223099b193df54a719745ce  nghttp2-1.40.0.tar.xz"
+sha512sums="c92e8022ccc876fa311f21bc5bf5af75feff8232efb56a4b2ab198031e974d15b67c16c046188cc76552f75a1b2e7115925d6ce1e42d6f94ae482fe69727466d  nghttp2-1.41.0.tar.xz"
-- 
cgit v1.2.3-70-g09d2