[Buildroot] [git commit branch/2020.02.x] package/nghttp2: security bump version to 1.41.0
Peter Korsgaard
peter at korsgaard.com
Sun Jul 12 21:31:05 UTC 2020
commit: https://git.buildroot.net/buildroot/commit/?id=94547c30d30821ce6ce995b19acb6b47724b578a
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/2020.02.x
Fix CVE-2020-11080 Denial of service: Overly large SETTINGS frames
Signed-off-by: Martin Bark <martin at barkynet.com>
[yann.morin.1998 at free.fr: two spaces in hash files]
Signed-off-by: Yann E. MORIN <yann.morin.1998 at free.fr>
(cherry picked from commit e500367ea44adffcfc3132099bedf550d9913313)
Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
---
package/nghttp2/nghttp2.hash | 4 ++--
package/nghttp2/nghttp2.mk | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/package/nghttp2/nghttp2.hash b/package/nghttp2/nghttp2.hash
index e0512e891b..3702a91b5e 100644
--- a/package/nghttp2/nghttp2.hash
+++ b/package/nghttp2/nghttp2.hash
@@ -1,3 +1,3 @@
# Locally calculated
-sha256 fc820a305e2f410fade1a3260f09229f15c0494fc089b0100312cd64a33a38c0 nghttp2-1.39.2.tar.gz
-sha256 6b94f3abc1aabd0c72a7c7d92a77f79dda7c8a0cb3df839a97890b4116a2de2a COPYING
+sha256 eacc6f0f8543583ecd659faf0a3f906ed03826f1d4157b536b4b385fe47c5bb8 nghttp2-1.41.0.tar.gz
+sha256 6b94f3abc1aabd0c72a7c7d92a77f79dda7c8a0cb3df839a97890b4116a2de2a COPYING
diff --git a/package/nghttp2/nghttp2.mk b/package/nghttp2/nghttp2.mk
index 6a5ec72847..7b611c88fd 100644
--- a/package/nghttp2/nghttp2.mk
+++ b/package/nghttp2/nghttp2.mk
@@ -4,7 +4,7 @@
#
################################################################################
-NGHTTP2_VERSION = 1.39.2
+NGHTTP2_VERSION = 1.41.0
NGHTTP2_SITE = https://github.com/nghttp2/nghttp2/releases/download/v$(NGHTTP2_VERSION)
NGHTTP2_LICENSE = MIT
NGHTTP2_LICENSE_FILES = COPYING
More information about the buildroot
mailing list