summaryrefslogtreecommitdiff
path: root/www
diff options
context:
space:
mode:
authoradam <adam@pkgsrc.org>2020-06-02 19:12:55 +0000
committeradam <adam@pkgsrc.org>2020-06-02 19:12:55 +0000
commit092be1d4b9668d36e25886bfda2b22f24740bdbe (patch)
tree8281cc9767490e4ecca5a5d4f12afb957023e92c /www
parent161d5b5ea01ababac055f13e6b22483046cbefd4 (diff)
downloadpkgsrc-092be1d4b9668d36e25886bfda2b22f24740bdbe.tar.gz
nghttp2: updated to 1.14.0
Nghttp2 v1.41.0 Security Advisory CVE-2020-11080: Denial of service: Overly large SETTINGS frames For more information, read the security advisory. lib This release implements nghttp2_option_set_max_settings API which sets the maximum number of SETTINGS entries in one SETTINGS frame to mitigate the security issue. It also moves SETTINGS flood check earlier to make it more effective. The bug which stalls receiving stream data is fixed. Previously, if automatic window update is enabled (which is default), after window size is set to 0 by nghttp2_session_set_local_window_size, once the receiving window is exhausted, even after window size is increased by nghttp2_session_set_local_window_size, no more data cannot be received. This is because nghttp2_session_set_local_window_size does not submit WINDOW_UPDATE. It is only triggered when new data arrives but since window is filled up, no more data cannot be received, thus dead lock happens. build With cmake build, the hard-coded static lib suffix is now optional. nghttpx proxyprotocol v2 has been implemented. The bug in getting certificate serial number with mruby script has been fixed. h2load New option, --connect-to, is added.
Diffstat (limited to 'www')
-rw-r--r--www/nghttp2-tools/Makefile3
-rw-r--r--www/nghttp2/Makefile4
-rw-r--r--www/nghttp2/Makefile.common4
-rw-r--r--www/nghttp2/distinfo10
4 files changed, 9 insertions, 12 deletions
diff --git a/www/nghttp2-tools/Makefile b/www/nghttp2-tools/Makefile
index ee304ca3f7f..f140869a7e0 100644
--- a/www/nghttp2-tools/Makefile
+++ b/www/nghttp2-tools/Makefile
@@ -1,6 +1,5 @@
-# $NetBSD: Makefile,v 1.3 2020/06/02 08:24:57 adam Exp $
+# $NetBSD: Makefile,v 1.4 2020/06/02 19:12:55 adam Exp $
-PKGREVISION= 2
.include "../../www/nghttp2/Makefile.common"
PKGNAME= ${DISTNAME:S/-/-tools-/}
diff --git a/www/nghttp2/Makefile b/www/nghttp2/Makefile
index 03c9e6bb592..936fec83d1a 100644
--- a/www/nghttp2/Makefile
+++ b/www/nghttp2/Makefile
@@ -1,9 +1,7 @@
-# $NetBSD: Makefile,v 1.62 2020/06/02 08:24:57 adam Exp $
+# $NetBSD: Makefile,v 1.63 2020/06/02 19:12:55 adam Exp $
.include "Makefile.common"
-PKGREVISION= 5
-
COMMENT= Implementation of HTTP/2 in C
# Upstream documents that c++14 is required for C++ parts of the code;
diff --git a/www/nghttp2/Makefile.common b/www/nghttp2/Makefile.common
index e5790da2d5e..252a262b579 100644
--- a/www/nghttp2/Makefile.common
+++ b/www/nghttp2/Makefile.common
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile.common,v 1.1 2020/03/30 14:00:09 adam Exp $
+# $NetBSD: Makefile.common,v 1.2 2020/06/02 19:12:55 adam Exp $
# used by www/nghttp2/Makefile
# used by www/nghttp2-tools/Makefile
-DISTNAME= nghttp2-1.40.0
+DISTNAME= nghttp2-1.41.0
CATEGORIES= www
MASTER_SITES= ${MASTER_SITE_GITHUB:=tatsuhiro-t/}
EXTRACT_SUFX= .tar.xz
diff --git a/www/nghttp2/distinfo b/www/nghttp2/distinfo
index 9cc868dae3e..b264f9abb1e 100644
--- a/www/nghttp2/distinfo
+++ b/www/nghttp2/distinfo
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.43 2019/11/20 16:38:22 adam Exp $
+$NetBSD: distinfo,v 1.44 2020/06/02 19:12:55 adam Exp $
-SHA1 (nghttp2-1.40.0.tar.xz) = 7df231b961b84bd5d0c8ce81062de8aad83fcf5e
-RMD160 (nghttp2-1.40.0.tar.xz) = 91b637294817800880bdce5d15b0876189f2d53a
-SHA512 (nghttp2-1.40.0.tar.xz) = 3f9b989c4bd9571b11bb9d59fe2dfd5596ba3962babfc836587d5047e780400a6cf46e43c602caa25ca83c03b84a1629953140d45223099b193df54a719745ce
-Size (nghttp2-1.40.0.tar.xz) = 1637004 bytes
+SHA1 (nghttp2-1.41.0.tar.xz) = f5cf4fdf6a29adcd810c938736044289a3bf11ff
+RMD160 (nghttp2-1.41.0.tar.xz) = 9d23cd271ac59c4f0c1c4748076d51e356b2fc0b
+SHA512 (nghttp2-1.41.0.tar.xz) = c92e8022ccc876fa311f21bc5bf5af75feff8232efb56a4b2ab198031e974d15b67c16c046188cc76552f75a1b2e7115925d6ce1e42d6f94ae482fe69727466d
+Size (nghttp2-1.41.0.tar.xz) = 1640712 bytes