Build: Update 4.1 libraries to fix CVEs
Pull Request: https://projects.blender.org/blender/blender/pulls/117866
This commit is contained in:
Brecht Van Lommel
committed by
Brecht Van Lommel
Brecht Van Lommel
parent
49f4b643b9
commit
ec4b074506
@@ -25,9 +25,14 @@ vendor,product,version,cve_number,remarks,comment
|
||||
@TIFF_ID@,CVE-2022-3599,Ignored,issue in tiff command line tool not used by blender
|
||||
@TIFF_ID@,CVE-2022-3626,Ignored,issue in tiff command line tool not used by blender
|
||||
@TIFF_ID@,CVE-2022-3627,Ignored,issue in tiff command line tool not used by blender
|
||||
@TIFF_ID@,CVE-2023-40745,Ignored,issue in tiff command line tool not used by blender
|
||||
@TIFF_ID@,CVE-2023-41175,Ignored,issue in tiff command line tool not used by blender
|
||||
@XML2_ID@,CVE-2016-3709,Ignored,not affecting blender and not considered a security issue upstream
|
||||
@XML2_ID@,CVE-2023-39615,Ignored,not affecting blender and not considered a security issue upstream
|
||||
@XML2_ID@,CVE-2020-7595,Ignored,already fixed in the libxml2 version used
|
||||
@GMP_ID@,CVE-2021-43618,Mitigated,patched using upstream commit 561a9c25298e
|
||||
@SQLITE_ID@,CVE-2022-35737,Ignored,only affects SQLITE_ENABLE_STAT4 compile option not used by blender or python
|
||||
@SQLITE_ID@,CVE-2023-7104,Ignored,does not affect blender use of sqlite
|
||||
@SQLITE_ID@,CVE-2024-0232,Ignored,does not affect blender use of sqlite
|
||||
@ZLIB_ID@,CVE-2023-45853,Ignored,only affects minizip not used by blender
|
||||
@SBOMCONTENTS@
|
||||
|
||||
@@ -56,7 +56,7 @@ set(BLOSC_URI https://github.com/Blosc/c-blosc/archive/v${BLOSC_VERSION}.tar.gz)
|
||||
set(BLOSC_HASH 134b55813b1dca57019d2a2dc1f7a923)
|
||||
set(BLOSC_HASH_TYPE MD5)
|
||||
set(BLOSC_FILE blosc-${BLOSC_VERSION}.tar.gz)
|
||||
set(BLOSC_CPE "cpe:2.3:a:c-blosc2_project:c-blosc2:${BLOSC_VERSION}:*:*:*:*:*:*:*")
|
||||
set(BLOSC_CPE "cpe:2.3:a:c-blosc_project:c-blosc:${BLOSC_VERSION}:*:*:*:*:*:*:*")
|
||||
|
||||
set(PTHREADS_VERSION 3.0.0)
|
||||
set(PTHREADS_URI http://prdownloads.sourceforge.net/pthreads4w/pthreads4w-code-v${PTHREADS_VERSION}.zip)
|
||||
@@ -218,11 +218,11 @@ set(OSL_FILE OpenShadingLanguage-${OSL_VERSION}.tar.gz)
|
||||
# BZIP2, FFI, SQLITE and change the versions in this file as well. For compliance
|
||||
# reasons there can be no exceptions to this.
|
||||
|
||||
set(PYTHON_VERSION 3.11.6)
|
||||
set(PYTHON_VERSION 3.11.7)
|
||||
set(PYTHON_SHORT_VERSION 3.11)
|
||||
set(PYTHON_SHORT_VERSION_NO_DOTS 311)
|
||||
set(PYTHON_URI https://www.python.org/ftp/python/${PYTHON_VERSION}/Python-${PYTHON_VERSION}.tar.xz)
|
||||
set(PYTHON_HASH d0c5a1a31efe879723e51addf56dd206)
|
||||
set(PYTHON_HASH d96c7e134c35a8c46236f8a0e566b69c)
|
||||
set(PYTHON_HASH_TYPE MD5)
|
||||
set(PYTHON_FILE Python-${PYTHON_VERSION}.tar.xz)
|
||||
set(PYTHON_CPE "cpe:2.3:a:python:python:${PYTHON_VERSION}:-:*:*:*:*:*:*")
|
||||
@@ -318,9 +318,9 @@ set(FLAC_FILE flac-${FLAC_VERSION}.tar.xz)
|
||||
set(FLAC_CPE "cpe:2.3:a:flac_project:flac:${FLAC_VERSION}:*:*:*:*:*:*:*")
|
||||
set(FLAC_HOMEPAGE https://xiph.org/flac/)
|
||||
|
||||
set(VPX_VERSION 1.11.0)
|
||||
set(VPX_VERSION 1.14.0)
|
||||
set(VPX_URI https://github.com/webmproject/libvpx/archive/v${VPX_VERSION}/libvpx-v${VPX_VERSION}.tar.gz)
|
||||
set(VPX_HASH 965e51c91ad9851e2337aebcc0f517440c637c506f3a03948062e3d5ea129a83)
|
||||
set(VPX_HASH 5f21d2db27071c8a46f1725928a10227ae45c5cd1cad3727e4aafbe476e321fa)
|
||||
set(VPX_HASH_TYPE SHA256)
|
||||
set(VPX_FILE libvpx-v${VPX_VERSION}.tar.gz)
|
||||
set(VPX_CPE "cpe:2.3:a:webmproject:libvpx:${VPX_VERSION}:*:*:*:*:*:*:*")
|
||||
@@ -347,9 +347,9 @@ set(OPENJPEG_HASH_TYPE SHA256)
|
||||
set(OPENJPEG_FILE openjpeg-v${OPENJPEG_VERSION}.tar.gz)
|
||||
set(OPENJPEG_CPE "cpe:2.3:a:uclouvain:openjpeg:${OPENJPEG_VERSION}:*:*:*:*:*:*:*")
|
||||
|
||||
set(FFMPEG_VERSION 6.0)
|
||||
set(FFMPEG_VERSION 6.1.1)
|
||||
set(FFMPEG_URI http://ffmpeg.org/releases/ffmpeg-${FFMPEG_VERSION}.tar.bz2)
|
||||
set(FFMPEG_HASH 47d062731c9f66a78380e35a19aac77cebceccd1c7cc309b9c82343ffc430c3d)
|
||||
set(FFMPEG_HASH 5e3133939a61ef64ac9b47ffd29a5ea6e337a4023ef0ad972094b4da844e3a20)
|
||||
set(FFMPEG_HASH_TYPE SHA256)
|
||||
set(FFMPEG_FILE ffmpeg-${FFMPEG_VERSION}.tar.bz2)
|
||||
set(FFMPEG_CPE "cpe:2.3:a:ffmpeg:ffmpeg:${FFMPEG_VERSION}:*:*:*:*:*:*:*")
|
||||
@@ -479,9 +479,9 @@ set(LZMA_FILE xz-${LZMA_VERSION}.tar.bz2)
|
||||
set(LZMA_HOMEPAGE https://tukaani.org/lzma/)
|
||||
|
||||
# NOTE: Python's build has been modified to use our ssl version.
|
||||
set(SSL_VERSION 3.1.2)
|
||||
set(SSL_VERSION 3.1.5)
|
||||
set(SSL_URI https://www.openssl.org/source/openssl-${SSL_VERSION}.tar.gz)
|
||||
set(SSL_HASH a0ce69b8b97ea6a35b96875235aa453b966ba3cba8af2de23657d8b6767d6539)
|
||||
set(SSL_HASH 6ae015467dabf0469b139ada93319327be24b98251ffaeceda0221848dc09262)
|
||||
set(SSL_HASH_TYPE SHA256)
|
||||
set(SSL_FILE openssl-${SSL_VERSION}.tar.gz)
|
||||
set(SSL_CPE "cpe:2.3:a:openssl:openssl:${SSL_VERSION}:*:*:*:*:*:*:*")
|
||||
@@ -490,9 +490,9 @@ set(SSL_HOMEPAGE https://www.openssl.org)
|
||||
# Note: This will *HAVE* to match the version python ships on windows which
|
||||
# is hardcoded in pythons PCbuild/get_externals.bat for compliance reasons there
|
||||
# can be no exceptions to this.
|
||||
set(SQLITE_VERSION 3.42.0)
|
||||
set(SQLLITE_LONG_VERSION 3420000)
|
||||
set(SQLITE_URI https://www.sqlite.org/2023/sqlite-autoconf-${SQLLITE_LONG_VERSION}.tar.gz)
|
||||
set(SQLITE_VERSION 3.45.1)
|
||||
set(SQLLITE_LONG_VERSION 3450100)
|
||||
set(SQLITE_URI https://www.sqlite.org/2024/sqlite-autoconf-${SQLLITE_LONG_VERSION}.tar.gz)
|
||||
set(SQLITE_HASH 036575929b174c1b829769255491ba2b32bda9ee)
|
||||
set(SQLITE_HASH_TYPE SHA1)
|
||||
set(SQLITE_FILE sqlite-autoconf-${SQLLITE_LONG_VERSION}.tar.gz)
|
||||
|
||||
Reference in New Issue
Block a user