Commit Graph

4 Commits

Author SHA1 Message Date
Rémi Verschelde aa05918971 zlib/minizip: Update to version 1.3
Upstreams the fix from #73310, so we can remove that patch.
Remove `infback.c` which we stopped compiling after #79273.

The `OF` macro was also removed so I can drop the patch where I yell
at Gentoo developers.

(cherry picked from commit e0e1f2e4a2)
2023-10-24 17:48:46 +02:00
RedworkDE fb73281519 Fix ZIPReader failing to open empty zip files
(cherry picked from commit 071499ac0d)
2023-10-24 17:48:46 +02:00
DeeJayLSP 93409b8e64
zlib/minizip: Update to version 1.2.13, remove zlib from freetype
Security update, fixes CVE-2022-37434 in zlib.

Only applications exposing/using `inflateGetHeader()` seem to be affected,
which is not our case, so this is not critical for Godot.

Remove duplicated copy of zlib in freetype sources to force using the updated
version in `thirdparty/zlib/`.

Co-authored-by: Rémi Verschelde <rverschelde@gmail.com>
2023-01-07 13:03:06 +01:00
Rémi Verschelde 420d0d50bc zlib/minizip: Update to version 1.2.12
Security update, fixes CVE-2018-25032 in zlib.

Preliminary assessment doesn't show Godot as affected since we don't
seem to call `deflate` with the problematic parameters, but the extent
of the vulnerability is not fully clear upstream yet.
2022-03-31 15:19:11 +02:00