git.libre-soc.org Git - buildroot.git/commit

author	Peter Korsgaard <peter@korsgaard.com>
	Thu, 12 Sep 2019 19:43:53 +0000 (21:43 +0200)
committer	Thomas Petazzoni <thomas.petazzoni@bootlin.com>
	Fri, 13 Sep 2019 20:30:03 +0000 (22:30 +0200)
commit	4c7e7acbe4390f4327acb5e82696951c01b91ab4
tree	ec4caf6065e44a94ef3a32a6729c184eef0b80ac	tree
parent	8e2845eb1a8673975a55ec554dfcb5639327363e	commit \| diff

package/nghttp2: security bump to version 1.39.2

Fixes the following security issues:

CVE-2019-9511: Data Dribble
CVE-2019-9513: Resource Loop

For details, see the advisory:
https://nghttp2.org/blog/2019/08/19/nghttp2-v1-39-2/

Notice that libnghttp2 itself is not affected by these vulnerabilities, only
nghttpx and nghttpd (which are currently not built).

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/nghttp2/nghttp2.hash		diff \| blob \| history
package/nghttp2/nghttp2.mk		diff \| blob \| history

RSS Atom