Commit Graph

7 Commits

Author SHA1 Message Date
Rémi Verschelde f9ba49350b
zlib/minizip: Update to version 1.3.1
Minizip includes previously backported fix for CVE-2023-45853,
and a Debian patch for CVE-2014-9485 was also upstreamed.

(cherry picked from commit 8ead8d2ddb)
2024-01-30 15:03:21 +01:00
Rémi Verschelde 0c64b79e4c
zlib/minizip: Update to version 1.3
Remove `infback.c` which we don't need.

The `OF` macro was also removed so I can drop the patch where I yell
at Gentoo developers.

(cherry picked from commits e0e1f2e4a2
and 071499ac0d)
2024-01-30 15:03:21 +01:00
DeeJayLSP 466e23a6b8
zlib/minizip: Update to version 1.2.13, remove zlib from freetype
Security update, fixes CVE-2022-37434 in zlib.

Only applications exposing/using `inflateGetHeader()` seem to be affected,
which is not our case, so this is not critical for Godot.

Remove duplicated copy of zlib in freetype sources to force using the updated
version in `thirdparty/zlib/`.

Co-authored-by: Rémi Verschelde <rverschelde@gmail.com>
(cherry picked from commit 93409b8e64)
2023-01-11 16:03:02 +01:00
Rémi Verschelde e1beca0232 zlib/minizip: Update to version 1.2.12
Security update, fixes CVE-2018-25032 in zlib.

Preliminary assessment doesn't show Godot as affected since we don't
seem to call `deflate` with the problematic parameters, but the extent
of the vulnerability is not fully clear upstream yet.

(cherry picked from commit 420d0d50bc)
2022-04-13 11:43:49 +02:00
Rémi Verschelde 6a3dae5be9 zlib: Update to upstream version 1.2.11 2017-01-16 17:58:34 +01:00
Rémi Verschelde 2ca0337f5f zlib: Update to upstream 1.2.10 2017-01-05 23:27:59 +01:00
Rémi Verschelde cbf52606f4 zlib: Split thirdparty files, simplify scons option 2016-10-15 12:20:47 +02:00