Commit Graph

7 Commits

Author SHA1 Message Date
DeeJayLSP a49fa86cca
zlib/minizip: Update to version 1.2.13, remove zlib from freetype
Security update, fixes CVE-2022-37434 in zlib.

Only applications exposing/using `inflateGetHeader()` seem to be affected,
which is not our case, so this is not critical for Godot.

Remove duplicated copy of zlib in freetype sources to force using the updated
version in `thirdparty/zlib/`.

Co-authored-by: Rémi Verschelde <rverschelde@gmail.com>
(cherry picked from commit 93409b8e64)
2023-01-11 14:23:34 +01:00
Rémi Verschelde e1beca0232 zlib/minizip: Update to version 1.2.12
Security update, fixes CVE-2018-25032 in zlib.

Preliminary assessment doesn't show Godot as affected since we don't
seem to call `deflate` with the problematic parameters, but the extent
of the vulnerability is not fully clear upstream yet.

(cherry picked from commit 420d0d50bc)
2022-04-13 11:43:49 +02:00
volzhs 7e563f75b5 Update minizip to 1.2.11 2018-05-16 01:58:34 +09:00
Rémi Verschelde 67e6c1b735 minizip: Fix compatibility with Gentoo's unique zlib API
Fixes #10539 in a diplomatic way (as opposed to telling Gentoo users
to just change their distro or rebuild zlib from upstream...).
2017-08-22 20:11:56 +02:00
Rémi Verschelde 53fffa12f1 minizip: Reapply Godot-specific changes for seek support
I have not assessed whether they are still all relevant.
2017-08-18 23:26:41 +02:00
Rémi Verschelde 5681b7b60a minizip: Sync with pristine contrib/minizip from zlib 1.2.4
Godot-specific changes are undone in this commit, they will be readded
and properly documented in the following commit.
2017-08-18 23:17:50 +02:00
Rémi Verschelde 2398eb6ed4 Move core thirdparty files to thirdparty/{minizip,misc} 2017-04-28 21:19:23 +02:00