godotengine/godot
1
0
Fork 0
mirror of https://github.com/godotengine/godot.git synced 2026-01-05 19:31:35 +00:00
Code Releases Wiki Activity
35,655 Commits 19 Branches 65 Tags
3.6.2-stable
Commit Graph

562 Commits

Author SHA1 Message Date
Rémi Verschelde
6b8948b3c6 mbedTLS: Update to version 3.6.5 
(cherry picked from commit 9de2837cd5)
 2025-10-22 23:41:35 +02:00
Sagar Devkota
862d8707f5 set minsdk to 21. Sorted the fseeko error. 
(cherry picked from commit e9525aed1c)
 2025-10-01 10:24:59 +01:00
Fabio Alessandrelli
ec635fdfd7 mbedTLS: Update to mbedTLS 3.6.4 
mbedTLS 2.28 is now EOL, and will no longer receive security updates.

This commit backports from Godot 4 the changes needed to update to
mbedTLS 3.6 (new LTS), including TLSv1.3 support.

(cherry picked from commit 0770c9a4a3)
 2025-10-01 10:24:59 +01:00
John Breton
49966f6927 libwebm: Fix double free in mkvparser ContentEncoding 
Origin: 6a7c84a244
Author: James Zern <jzern@google.com>

-----
This is a security fix for CVE-2019-2126. Godot currently contains a vulnerable
version of libwebm in its 3.x branch that is susceptible to a double free due
to a missing reset of a freed pointer. This commit corrects that issue.

(cherry picked from commit 53d8b958c5)
 2025-06-23 19:04:56 +02:00
John Breton
0e1cda420f Fix double free in ContentEncoding 
Origin: 6a7c84a244
Author: James Zern <jzern@google.com>

-----
This is a security fix for CVE-2019-2126. Godot currently contains a vulnerable version of libwebm in its 3.6 branch that is susceptible to a double free due to a missing reset of a freed pointer. This commit corrects that issue.
 2025-06-20 15:48:11 -04:00
Pāvels Nadtočajevs
bdb25bd710 [3.x] Fix unzSeekCurrentFile not resetting total_out_64. 
(cherry picked from commit daf23fd4c6)
 2025-06-13 18:17:42 +01:00
DeeJayLSP
9358ecae0e certs: Sync with upstream as of Apr 8 2025 
(cherry picked from commit f5eaf2a576)
 2025-06-13 18:17:15 +01:00
Rémi Verschelde
55d22086e1 mbedTLS: Update to version 2.28.10 
(cherry picked from commit cdb875257a)
 2025-06-13 18:12:51 +01:00
Rémi Verschelde
e5cbaba383 embree: Fix invalid output operators raising errors with GCC 15 
(cherry picked from commit 209579a2a6)
 2025-01-30 08:59:30 +01:00
Rémi Verschelde
18352fa353 mbedtls: Update to upstream version 2.28.9 
(cherry picked from commit 881645fff9)
 2024-12-05 01:07:21 +01:00
Rémi Verschelde
cce823b361 certs: Sync with Mozilla bundle as of Oct 19, 2024 
4d3fe6683f

Document matching mozilla-release changeset.

(cherry picked from commit eb41ff0fee)
 2024-11-05 21:13:17 +01:00
Rémi Verschelde
48f9059f12 enet: Sync with upstream commit c44b7d0 
c44b7d0f7f
(cherry picked from commit 360a1a4568)
 2024-04-25 16:24:13 +02:00
Rémi Verschelde
9a2e88aa01 certs: Sync with Mozilla bundle as of Mar 11, 2024 
c5a419971b
(cherry picked from commit fd61a42e04)
 2024-04-25 16:24:13 +02:00
Rémi Verschelde
c1615e766d mbedtls: Update to upstream version 2.28.8 
(cherry picked from commit 915ca4dd45)
 2024-04-25 16:24:13 +02:00
Jakub Marcowski
c37bbbfbdc libpng: Update to 1.6.43 
(cherry picked from commit 41268d7faa)
 2024-04-25 16:24:13 +02:00
Jakub Mateusz Marcowski
c0a9a34a2d tinyexr: Update to 1.0.8 
(cherry picked from commit ab14dec952)
 2024-04-25 16:24:13 +02:00
Rémi Verschelde
f59c244a4a miniupnpc: Update to 2.2.7 
No change for the files we include.

(cherry picked from commit afe64bb517)
 2024-04-25 16:24:13 +02:00
Jakub Marcowski
873d7ab52f miniupnpc: Update to version 2.2.6 
(cherry picked from commit 72b80b3cdf)
 2024-04-25 16:24:13 +02:00
Rémi Verschelde
abee48d063 nanosvg: Sync with upstream 93ce879 
93ce879dc4
 2024-04-05 11:19:09 +02:00
Rémi Verschelde
a81d96c637 mbedtls: Update to upstream version 2.28.7 
(cherry picked from commit dec635119e)
 2024-01-30 19:39:19 +01:00
Rémi Verschelde
ebd65eeb23 certs: Sync with Mozilla bundle as of Dec 13, 2023 
bef37a977c
(cherry picked from commit c6e829b4c6)
 2024-01-30 14:27:08 +01:00
Rémi Verschelde
7885b5814c zlib/minizip: Update to version 1.3.1 
Minizip includes previously backported fix for CVE-2023-45853,
and a Debian patch for CVE-2014-9485 was also upstreamed.

(cherry picked from commit 8ead8d2ddb)
 2024-01-30 14:21:37 +01:00
Rémi Verschelde
f61e2491e1 Update year property in version.py to 2024 
Seems like we missed this one when changing the copyright statements
to use `present` instead of the hardcoded `year`.

And backport other minor improvements from #87543.
 2024-01-25 13:38:03 +01:00
Rémi Verschelde
574a5e59f3 brotli: Sync with upstream 1.1.0 
https://github.com/google/brotli/releases/tag/v1.1.0
(cherry picked from commit 0402205ce6)
 2024-01-18 16:19:43 +01:00
Rémi Verschelde
49c20ecd19 minizip: Backport patch to fix CVE-2023-45853 
(cherry picked from commit c8dee05bf0)
 2024-01-18 16:19:43 +01:00
Rémi Verschelde
8bec4b6456 zlib/minizip: Update to version 1.3 
Remove `infback.c` which we don't need.

The `OF` macro was also removed so I can drop the patch where I yell
at Gentoo developers.

(cherry picked from commits e0e1f2e4a2
and 071499ac0d)
 2024-01-18 16:19:32 +01:00
Fabio Alessandrelli
b4240ea1a7 mbedTLS: Update to version 2.18.5 
(cherry picked from commit 5333365593)
 2023-10-30 14:52:24 +01:00
DeeJayLSP
a7c5e3134a libwebp: Sync with upstream 1.3.2 
(cherry picked from commit 56cfeda7d2)
 2023-10-30 14:49:13 +01:00
Rémi Verschelde
a9710a2a9b mbedtls: Fix UWP arm32 build after 2.28.3 enabled AES-NI intrinsics on MSVC 2023-09-07 10:27:41 +02:00
Rémi Verschelde
c1a84c685b zstd: Update to upstream version 1.5.5 
Release notes:
- https://github.com/facebook/zstd/releases/tag/v1.5.3
- https://github.com/facebook/zstd/releases/tag/v1.5.4
- https://github.com/facebook/zstd/releases/tag/v1.5.5

(cherry picked from commit 6100b4bd33)
 2023-08-29 11:50:10 +02:00
Rémi Verschelde
c320b2a181 wslay: Sync with upstream 0e7d106ff 
0e7d106ff8

Just a couple style fixes. Updating only so we know we don't have to review changes
since upstream development seems dormant.

(cherry picked from commit adfc46db4d)
 2023-08-29 11:49:21 +02:00
Rémi Verschelde
88e60dd625 recast: Update to upstream version 1.6.0 
Release notes:
- https://github.com/recastnavigation/recastnavigation/releases/tag/v1.6.0

(cherry picked from commit 2058b63067)
 2023-08-29 11:46:46 +02:00
Rémi Verschelde
69a6d7f179 pcre2: Update to upstream version 10.42 (take two) 
Changelog: https://github.com/PCRE2Project/pcre2/blob/pcre2-10.42/ChangeLog

This fixes support for RISC-V architectures in the sljit library, so we
enable the module's compilation for `rv64` too.

(cherry picked from commit e289cf7085)
 2023-08-29 11:45:59 +02:00
Rémi Verschelde
1e05769151 miniupnpc: Update to version 2.2.5 
No change for the files we ship, so just bumping the version number.

(cherry picked from commit 74f21cb666)
 2023-08-29 11:42:01 +02:00
Rémi Verschelde
c85eff5a69 libpng: Update to upstream 1.6.40 
(cherry picked from commit 0baca62734)
 2023-08-29 11:40:39 +02:00
Rémi Verschelde
980101a8d2 brotli: Sync with upstream commit ed1995b6b 
ed1995b6bd
(cherry picked from commit 7770e4447d)
 2023-08-29 11:21:08 +02:00
Rémi Verschelde
5c80d42561 Add missing stdint.h includes for GCC 13+ 
Fixes #77927.

(cherry picked from commit 10676e78e3)
 2023-08-28 17:27:17 +02:00
Rémi Verschelde
f3cc601e6c libwebp: Sync with upstream 1.3.1 
https://chromium.googlesource.com/webm/libwebp/+/1.3.1/NEWS
(cherry picked from commit 2529ad6a64)
 2023-08-28 17:27:17 +02:00
DeeJayLSP
a9d19a97ec libwebp: Sync with upstream 1.3.0 
(cherry picked from commit d8e8517d11)
 2023-08-28 17:27:17 +02:00
Rémi Verschelde
807e9038d2 mbedtls: Update to upstream version 2.28.4 
(cherry picked from commit 1f6340bc46)
 2023-08-28 17:27:17 +02:00
Rémi Verschelde
b7fe3c9c38 mbedtls: Update to upstream version 2.28.3 
Rediff patch from PR 1453, lstrlenW is no longer used upstream so
that part of the patch was dropped.

(cherry picked from commit 1fde2092d0)
 2023-08-28 17:27:16 +02:00
Rémi Verschelde
bebe1436fe tinyexr: Sync with upstream 1.0.7 
(cherry picked from commit b70e2af3b7)
 2023-08-28 17:27:16 +02:00
Rémi Verschelde
cdef832453 tinyexr: Sync with upstream 1.0.5 
(cherry picked from commit 56d85149e5)
 2023-08-28 17:27:16 +02:00
bitsawer
4746eaba83 tinyexr: Sync with upstream 1.0.4 
(cherry picked from commit ca55c455ad)
 2023-08-28 17:27:16 +02:00
Rémi Verschelde
3bc6822caa tinyexr: Sync with upstream 1.0.2 
Fixes a bunch of bugs, notably addressing fuzzer reports (crashes).
https://github.com/syoyo/tinyexr/releases/tag/v1.0.2

(cherry picked from commit c5834eb972)
 2023-08-28 17:27:16 +02:00
DeeJayLSP
76f2a07c8b Update certs (2023.06 revision) 
(cherry picked from commit 504e002224)
 2023-08-28 17:27:16 +02:00
Rémi Verschelde
ee24af9547 certs: Sync with Mozilla bundle as of Mar 23, 2023 
8bcd1092d2
(cherry picked from commit d1c59b47e4)
 2023-08-28 17:27:15 +02:00
Fabio Alessandrelli
6aedce488b [ENet] Update to upstream master. 2023-07-20 13:50:05 +02:00
Rémi Verschelde
b958e8a236 bullet: Sync with upstream 3.25 
Remove upstreamed patch.
 2023-05-22 15:10:57 +02:00
DeeJayLSP
a49fa86cca zlib/minizip: Update to version 1.2.13, remove zlib from freetype 
Security update, fixes CVE-2022-37434 in zlib.

Only applications exposing/using `inflateGetHeader()` seem to be affected,
which is not our case, so this is not critical for Godot.

Remove duplicated copy of zlib in freetype sources to force using the updated
version in `thirdparty/zlib/`.

Co-authored-by: Rémi Verschelde <rverschelde@gmail.com>
(cherry picked from commit 93409b8e64)
 2023-01-11 14:23:34 +01:00