diff options
| author | Ian Eure <ian@retrospec.tv> | 2025-04-02 15:50:38 -0700 |
|---|---|---|
| committer | Ian Eure <ian@retrospec.tv> | 2025-04-03 16:52:15 -0700 |
| commit | f664a9377deed2c9e644b53a0b497153c7e7a41f (patch) | |
| tree | acab65dd8c6a83d788aef103fa4ad96154b754fc | |
| parent | 538fc4917f55cb2ab0b7c090de00855fa421db69 (diff) | |
| download | guix-f664a9377deed2c9e644b53a0b497153c7e7a41f.tar.gz guix-f664a9377deed2c9e644b53a0b497153c7e7a41f.zip | |
gnu: librewolf: Update to 137.0-1 [security fixes].
Contains fixes for:
CVE-2025-3028: Use-after-free triggered by XSLTProcessor
CVE-2025-3031: JIT optimization bug with different stack slot sizes
CVE-2025-3032: Leaking file descriptors from the fork server
CVE-2025-3029: URL bar spoofing via non-BMP Unicode characters
CVE-2025-3035: Tab title disclosure across pages when using AI chatbot
CVE-2025-3033: Opening local .url files could lead to another file
being opened
CVE-2025-3030: Memory safety bugs fixed in Firefox 137, Thunderbird
137, Firefox ESR 128.9, and Thunderbird 128.9
CVE-2025-3034: Memory safety bugs fixed in Firefox 137 and Thunderbird
137
* gnu/packages/librewolf.scm (librewolf): Update to 137.0-1.
Change-Id: I23d8cbefc242e57c19b4e98660fd22bd1dda8d6a
| -rw-r--r-- | gnu/packages/librewolf.scm | 16 |
1 files changed, 7 insertions, 9 deletions
diff --git a/gnu/packages/librewolf.scm b/gnu/packages/librewolf.scm index 1cb7084f23..ae4d64534c 100644 --- a/gnu/packages/librewolf.scm +++ b/gnu/packages/librewolf.scm @@ -206,17 +206,17 @@ ;; Update this id with every update to its release date. ;; It's used for cache validation and therefore can lead to strange bugs. ;; ex: date '+%Y%m%d%H%M%S' -(define %librewolf-build-id "20250327215540") +(define %librewolf-build-id "20250401171639") (define-public librewolf (package (name "librewolf") - (version "136.0.4-1") + (version "137.0-1") (source (make-librewolf-source #:version version - #:firefox-hash "0hn2ywyacgg8n47qz1q2l8bf32mszj3vnpkl6kag3wmqqbhvja2a" - #:librewolf-hash "045il4xrji2zh1scx3aiy6hx6jv098232aycda6bhsh27szbsrfa" + #:firefox-hash "07d9rdxmp48gbk41y1c6gggzziv9aqdhjwgi6c0hrf6chcppxi0y" + #:librewolf-hash "164bvissxzhzlwjafp9pdyhhg8hhdxh8w61ifkak497qm4yf8af7" #:l10n firefox-l10n)) (build-system gnu-build-system) (arguments @@ -236,8 +236,6 @@ "--with-system-ffi" "--enable-system-pixman" "--enable-jemalloc" - - ;; see https://bugs.gnu.org/32833 "--with-system-nspr" "--with-system-nss" @@ -312,7 +310,7 @@ (libavcodec (string-append ffmpeg "/lib/libavcodec.so"))) ;; Arrange to load libavcodec.so by its absolute file name. - (substitute* + (substitute* "dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp" (("libavcodec\\.so") libavcodec))))) @@ -405,7 +403,7 @@ (string-append all ", icu-uc >= 76.1"))) (if (string=? old-content (pk (call-with-input-file file get-string-all))) - (error + (error "substitute did nothing, phase requires an update"))))) (replace 'configure (lambda* (#:key inputs outputs configure-flags @@ -478,7 +476,7 @@ (invoke "./mach" "configure"))) (add-before 'build 'fix-addons-placeholder (lambda _ - (substitute* + (substitute* "toolkit/locales/en-US/toolkit/about/aboutAddons.ftl" (("addons.mozilla.org") "gnuzilla.gnu.org")))) |