diff options
| author | Ian Eure <[email protected]> | 2025-03-11 21:24:10 -0700 |
|---|---|---|
| committer | Ian Eure <[email protected]> | 2025-03-11 21:24:10 -0700 |
| commit | 0b7c8ee635ab6a2d87e8c72969f5f165943836d3 (patch) | |
| tree | 5bd9b871a1f1d7c13798b368dfcca663dd072001 | |
| parent | dafdca07eac850c0337ae99f9c2c83c538896127 (diff) | |
gnu: librewolf: Update to 136.0-2 [security fixes].
CVE-2025-1930: AudioIPC StreamData could trigger a use-after-free in
the Browser process
CVE-2025-1939: Tapjacking in Android Custom Tabs using transition
animations
CVE-2025-1931: Use-after-free in WebTransportChild
CVE-2025-1932: Inconsistent comparator in XSLT sorting led to
out-of-bounds access
CVE-2025-1933: JIT corruption of WASM i32 return values on 64-bit CPUs
CVE-2025-1940: Android Intent confirmation prompt tapjacking using
Select options
CVE-2024-9956: Passkey phishing within Bluetooth range
CVE-2025-1934: Unexpected GC during RegExp bailout processing
CVE-2025-1941: Lock screen setting bypass in Firefox Focus for Android
CVE-2025-1942: Disclosure of uninitialized memory when .toUpperCase()
causes string to get longer
CVE-2025-1935: Clickjacking the registerProtocolHandler info-bar
CVE-2025-1936: Adding %00 and a fake extension to a jar: URL changed
the interpretation of the contents
CVE-2025-1937: Memory safety bugs fixed in Firefox 136, Thunderbird
136, Firefox ESR 115.21, Firefox ESR 128.8, and
Thunderbird 128.8
CVE-2025-1938: Memory safety bugs fixed in Firefox 136, Thunderbird
136, Firefox ESR 128.8, and Thunderbird 128.8
CVE-2025-1943: Memory safety bugs fixed in Firefox 136 and Thunderbird
136
* gnu/packages/librewolf.scm (librewolf): Update to 136.0-2.
Change-Id: Ia3b5777478fa8443471bd1e61898128cdeda4bcf
| -rw-r--r-- | gnu/packages/librewolf.scm | 25 |
1 files changed, 18 insertions, 7 deletions
diff --git a/gnu/packages/librewolf.scm b/gnu/packages/librewolf.scm index 7a356b6d91..344ab9532f 100644 --- a/gnu/packages/librewolf.scm +++ b/gnu/packages/librewolf.scm @@ -200,23 +200,23 @@ ;;; but since in Guix only the latest packaged Rust is officially supported, ;;; it is a tradeoff worth making. ;;; 0: https://firefox-source-docs.mozilla.org/writing-rust-code/update-policy.html -;; 135.0 wants 1.83, but it's not available in Guix yet. +;; 136.0 wants 1.84, but it's not available in Guix yet. (define rust-librewolf rust-1.82) ;; Update this id with every update to its release date. ;; It's used for cache validation and therefore can lead to strange bugs. ;; ex: date '+%Y%m%d%H%M%S' -(define %librewolf-build-id "20250209210057") +(define %librewolf-build-id "20250306064037") (define-public librewolf (package (name "librewolf") - (version "135.0-1") + (version "136.0-2") (source (make-librewolf-source #:version version - #:firefox-hash "0q5r2q6q56kyzl5pknrir9bzlhmzbvv9hi5gi4852izgcali4zl2" - #:librewolf-hash "0fg4vji5xb17pgvq7jnfz4dq08gi0rl998xhj37hfm5zxs19y8jk" + #:firefox-hash "0mvg53fr9zi6pq2pwa6qzqi88brqig1wlzic9sz52i4knx733viv" + #:librewolf-hash "0zb5f6hml7nmyf8hms66s07ba97x2px2hgqqi4lmwr5hm9mf942z" #:l10n firefox-l10n)) (build-system gnu-build-system) (arguments @@ -392,6 +392,17 @@ (lambda _ (setenv "MOZ_BUILD_DATE" #$%librewolf-build-id))) + ;; https://bugzilla.mozilla.org/show_bug.cgi?id=1927380 + (add-before 'configure 'patch-icu-lookup + (lambda _ + (let* ((file "js/moz.configure") + (old-content (call-with-input-file file get-string-all))) + (substitute* file + (("icu-i18n >= 76.1" all) + (string-append all ", icu-uc >= 76.1"))) + (if (string=? old-content + (pk (call-with-input-file file get-string-all))) + (error "substitute did nothing, phase requires an update"))))) (replace 'configure (lambda* (#:key inputs outputs configure-flags #:allow-other-keys) @@ -671,7 +682,7 @@ gtk+ gtk+-2 hunspell - icu4c-75 + icu4c-76 jemalloc libcanberra libevent @@ -679,7 +690,7 @@ libgnome libjpeg-turbo libnotify - libpng-apng + libpng-apng-for-librewolf libva libvpx libwebp |