From 9492e00e3249015172dc1080b7a3568bd3c5964b Mon Sep 17 00:00:00 2001 From: SharpMan Date: Mon, 23 Oct 2023 23:40:42 -0400 Subject: [PATCH] Update Windows builds to zlib 1.3 --- .../Security/2023-10-23-23-37-37.gh-issue-111239.o_q0ef.rst | 1 + PCbuild/get_externals.bat | 2 +- PCbuild/python.props | 2 +- 3 files changed, 3 insertions(+), 2 deletions(-) create mode 100644 Misc/NEWS.d/next/Security/2023-10-23-23-37-37.gh-issue-111239.o_q0ef.rst diff --git a/Misc/NEWS.d/next/Security/2023-10-23-23-37-37.gh-issue-111239.o_q0ef.rst b/Misc/NEWS.d/next/Security/2023-10-23-23-37-37.gh-issue-111239.o_q0ef.rst new file mode 100644 index 00000000000000..7594725c037e19 --- /dev/null +++ b/Misc/NEWS.d/next/Security/2023-10-23-23-37-37.gh-issue-111239.o_q0ef.rst @@ -0,0 +1 @@ +Update Windows builds to zlib v1.3. Zlib v1.2.1.3 has CVE-2023-45853. diff --git a/PCbuild/get_externals.bat b/PCbuild/get_externals.bat index 94437f054d788c..8e22b7dbe07d07 100644 --- a/PCbuild/get_externals.bat +++ b/PCbuild/get_externals.bat @@ -58,7 +58,7 @@ set libraries=%libraries% sqlite-3.43.1.0 if NOT "%IncludeTkinterSrc%"=="false" set libraries=%libraries% tcl-core-8.6.13.0 if NOT "%IncludeTkinterSrc%"=="false" set libraries=%libraries% tk-8.6.13.0 set libraries=%libraries% xz-5.2.5 -set libraries=%libraries% zlib-1.2.13 +set libraries=%libraries% zlib-1.3 for %%e in (%libraries%) do ( if exist "%EXTERNALS_DIR%\%%e" ( diff --git a/PCbuild/python.props b/PCbuild/python.props index 496bc3dd4cf794..fa89c856af7318 100644 --- a/PCbuild/python.props +++ b/PCbuild/python.props @@ -78,7 +78,7 @@ $(ExternalsDir)openssl-bin-3.0.11\$(ArchName)\ $(opensslOutDir)include $(ExternalsDir)\nasm-2.11.06\ - $(ExternalsDir)\zlib-1.2.13\ + $(ExternalsDir)\zlib-1.3\