Commit Graph

7 Commits

Author SHA1 Message Date
Rémi Verschelde
f073af9af6 zlib/minizip: Update to version 1.3
Remove `infback.c` which we don't need.

The `OF` macro was also removed so I can drop the patch where I yell
at Gentoo developers.

(cherry picked from commits e0e1f2e4a2056db1a908af75612daaaf5b129ebd
and 071499ac0d8e33e6f269437c3ce4fab52cc43f90)
2024-02-08 15:06:20 +01:00
Rémi Verschelde
4e199523f9 minizip: Backport patch to fix CVE-2023-45853
(cherry picked from commit c8dee05bf09cefdc33941aec1a76d3c563899995)
2024-02-08 15:05:47 +01:00
DeeJayLSP
65cfddb569 zlib/minizip: Update to version 1.2.13, remove zlib from freetype
Security update, fixes CVE-2022-37434 in zlib.

Only applications exposing/using `inflateGetHeader()` seem to be affected,
which is not our case, so this is not critical for Godot.

Remove duplicated copy of zlib in freetype sources to force using the updated
version in `thirdparty/zlib/`.

Co-authored-by: Rémi Verschelde <rverschelde@gmail.com>
(cherry picked from commit 93409b8e64a9bc3c271ab4a7489b59a43bc0d048)
2023-01-16 14:22:58 +01:00
79f97a1dfc Ported: zlib/minizip: Update to version 1.2.12
Security update, fixes CVE-2018-25032 in zlib.
Preliminary assessment doesn't show Godot as affected since we don't
seem to call `deflate` with the problematic parameters, but the extent
of the vulnerability is not fully clear upstream yet.
- akien-mga
e1beca0232
2022-07-26 12:12:33 +02:00
32f148ac0c Mass replaced godot to pandemonium. 2022-03-23 20:46:05 +01:00
b2b6322471 Ran the script on everything in the thirdparty directory except freetype, and pcre2. 2022-03-18 00:08:00 +01:00
49f8e8c398 Added godot with all my currently used engine modules. 2022-03-15 13:29:32 +01:00