Minizip includes previously backported fix for CVE-2023-45853,
and a Debian patch for CVE-2014-9485 was also upstreamed.
(cherry picked from commit 8ead8d2ddb)
Upstreams the fix from #73310, so we can remove that patch.
The `OF` macro was also removed so I can drop the patch where I yell
at Gentoo developers.
(cherry picked from commit e0e1f2e4a2)
It will be included in the next release at some point.
- https://github.com/RenderKit/embree/issues 486
"fix output operator"
[ 30%] Compiling thirdparty/embree/kernels/common/accelset.cpp ...
In file included from thirdparty/embree/kernels/common/device.cpp:12:
In file included from thirdparty/embree/kernels/common/scene_curves.h:10:
thirdparty/embree/kernels/common/../subdiv/bezier_curve.h:138:56:
error: no member named 'u' in 'QuadraticBezierCurve<V>'
138 | return cout << "QuadraticBezierCurve ( (" << a.u.lower << ", "
<< a.u.upper << "), " << a.v0 << ", " << a.v1 << ", " << a.v2 << ")";
...
(cherry picked from commit c24ea0ecca)
0e7d106ff8
Just a couple style fixes. Updating only so we know we don't have to review changes
since upstream development seems dormant.
(cherry picked from commit adfc46db4d)
If no StreamPeerTLS implementation is available, HTTPClient and
WebSocketPeer will now correctly refuse to connect using TLS returning
ERR_UNAVAILABLE.
Similarly, ENetConnection will refuse to setup DTLS when PacketPeerDTLS
is not available.
(cherry picked from commit eeac6f8c7f)
> The 4.4.0 release is a minor release with image quality improvements,
> a small performance boost, a few new quality-of-life features, and a
> few minor fixes for uncommon build configurations.
https://github.com/ARM-software/astc-encoder/releases/tag/4.4.0
(cherry picked from commit 5a3f955e05)
Use a TLSOptions configuration object which is created via static
functions.
- "TLSOptions.client": uses the standard CA and common name verification.
- "TLSOptions.client_unsafe": uses optional CA verification (i.e. if specified)
- "TLSOptions.server": is the standard server configuration (chain + key)
This will allow us to expand the TLS configuration options to include
e.g. mutual authentication without bloating the classes that uses
StreamPeerTLS and PacketPeerDTLS as underlying peers.
For some reason it doesn't use the POSIX `poll.h`, instead resorting to
`sys/poll.h`. Musl doesn't really like this at all, throwing a warning
and, thus, halting compilation.
Security update, fixes CVE-2022-37434 in zlib.
Only applications exposing/using `inflateGetHeader()` seem to be affected,
which is not our case, so this is not critical for Godot.
Remove duplicated copy of zlib in freetype sources to force using the updated
version in `thirdparty/zlib/`.
Co-authored-by: Rémi Verschelde <rverschelde@gmail.com>
As many open source projects have started doing it, we're removing the
current year from the copyright notice, so that we don't need to bump
it every year.
It seems like only the first year of publication is technically
relevant for copyright notices, and even that seems to be something
that many companies stopped listing altogether (in a version controlled
codebase, the commits are a much better source of date of publication
than a hardcoded copyright statement).
We also now list Godot Engine contributors first as we're collectively
the current maintainers of the project, and we clarify that the
"exclusive" copyright of the co-founders covers the timespan before
opensourcing (their further contributions are included as part of Godot
Engine contributors).
Also fixed "cf." Frenchism - it's meant as "refer to / see".
