aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages/patches/perl-5.14-autosplit-default-time.patch
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages/patches/perl-5.14-autosplit-default-time.patch')
0 files changed, 0 insertions, 0 deletions
generated by cgit
Interruption CVE-2024-11702: Inadequate Clipboard Protection in Private Browsing Mode on Android CVE-2024-11693: Download Protections were bypassed by .library-ms files on Windows CVE-2024-11694: CSP Bypass and XSS Exposure via Web Compatibility Shims CVE-2024-11695: URL Bar Spoofing via Manipulated Punycode and Whitespace Characters CVE-2024-11703: Password access without authentication via PIN bypass on Android CVE-2024-11696: Unhandled Exception in Add-on Signature Verification CVE-2024-11697: Improper Keypress Handling in Executable File Confirmation Dialog CVE-2024-11704: Potential Double-Free Vulnerability in PKCS#7 Decryption Handling CVE-2024-11698: Fullscreen Lock-Up When Modal Dialog Interrupts Transition on macOS CVE-2024-11705: Null Pointer Dereference in NSC_DeriveKey CVE-2024-11706: Null Pointer Dereference in PKCS#12 Utility CVE-2024-11708: Data race with PlaybackParams CVE-2024-11699: Memory safety bugs fixed in Firefox 133, Firefox ESR 128.5, and Thunderbird 128.5 * gnu/packages/librewolf.scm (librewolf): Update to 133.0-1. Change-Id: I611505daf4d4f0940405190471f443d99102c2b9 Signed-off-by: Hilton Chain <hako@ultrarare.space> Ian Eure 2024-11-23gnu: librewolf: Update to 132.0.2-1....* gnu/packages/librewolf.scm (librewolf): Update to 132.0.2-1. Change-Id: Ica7e9c8c02085101060401d72b83fe25a19448d9 Signed-off-by: Efraim Flashner <efraim@flashner.co.il> Ian Eure 2024-11-06gnu: librewolf: Update to 132.0-1 [security fixes]....New upstream version. The 132.0-2-1 release switches to the firefox-l10n repository, necessitating rework of locale handling. 131.0.3-1 fixes CVEs: CVE-2024-9936: Undefined behavior in selection node cache 132.0-1 fixes CVEs: CVE-2024-10458: Permission leak via embed or object elements CVE-2024-10459: Use-after-free in layout with accessibility CVE-2024-10460: Confusing display of origin for external protocol handler prompt CVE-2024-10461: XSS due to Content-Disposition being ignored in multipart/x-mixed-replace response CVE-2024-10462: Origin of permission prompt could be spoofed by long URL CVE-2024-10463: Cross origin video frame leak CVE-2024-10468: Race conditions in IndexedDB CVE-2024-10464: History interface could have been used to cause a Denial of Service condition in the browser CVE-2024-10465: Clipboard "paste" button persisted across tabs CVE-2024-10466: DOM push subscription message could hang Firefox CVE-2024-10467: Memory safety bugs fixed in Firefox 132, Thunderbird 132, Firefox ESR 128.4, and Thunderbird 128.4 * gnu/packages/librewolf.scm (librewolf): Update to 132.0-1. Change-Id: I4afbcb496a8b0a329254762259cd1598d574761e Signed-off-by: Ludovic Courtès <ludo@gnu.org> Ian Eure 2024-10-11gnu: librewolf: Update to 131.0.2-1 [security fixes]....Updates the package and changes how the .desktop file is generated. The .desktop file the package had been using was removed upstream. Fixes: CVE-2024-9391: Prevent users from exiting full-screen mode in Firefox Focus for Android CVE-2024-9392: Compromised content process can bypass site isolation CVE-2024-9393: Cross-origin access to PDF contents through multipart responses CVE-2024-9394: Cross-origin access to JSON contents through multipart responses CVE-2024-9395: Specially crafted filename could be used to obscure download type CVE-2024-9396: Potential memory corruption may occur when cloning certain objects CVE-2024-9397: Potential directory upload bypass via clickjacking CVE-2024-9398: External protocol handlers could be enumerated via popups CVE-2024-9399: Specially crafted WebTransport requests could lead to denial of service CVE-2024-9400: Potential memory corruption during JIT compilation CVE-2024-9401: Memory safety bugs fixed in Firefox 131, Firefox ESR 115.16, Firefox ESR 128.3, Thunderbird 131, and Thunderbird 128.3 CVE-2024-9402: Memory safety bugs fixed in Firefox 131, Firefox ESR 128.3, Thunderbird 131, and Thunderbird 128.3 CVE-2024-9403: Memory safety bugs fixed in Firefox 131 and Thunderbird 131 CVE-2024-9680: Use-after-free in Animation timeline * gnu/packages/librewolf.scm (%librewolf-build-id): Update. (librewolf): Update to 131.0.2-1. [arguments]<#:phases>: Adjust 'install-desktop-entry for new .desktop file. Change-Id: I03f8a405c454a5bc3c8a1fc9f94d0ec9b41e92ec Modified-by: Hilton Chain <hako@ultrarare.space> Signed-off-by: Hilton Chain <hako@ultrarare.space> Ian Eure 2024-10-08gnu: librewolf: Revert video acceleration fix....This patch partly reverts #73429, because that change makes livestreaming video refuse to play. * gnu/packages/librewolf.scm (librewolf) [source]: Remove the librewolf-add-paths-to-rdd-allowlist patch. [phases] <wrap-program>: Reinstate previous LD_LIBRARY_PATH wrapping. * gnu/packages/patches/librewolf-add-paths-to-rdd-allowlist.patch: Delete file. * gnu/local.mk (dist_patch_DATA): De-register it. Modified-by: Maxim Cournoyer <maxim.cournoyer@gmail.com> Change-Id: Iaf36c64464cd078538fda677ea4fa7b13e7c110f Ian Eure 2024-10-08gnu: librewolf: Fix broken context menu....This patch fixes a reported bug where context (right-click) menus contain many duplicate and incorrect entries. * gnu/packages/librewolf.scm (librewolf) [phases] <neuter-genai>: Reinstate the genai browser component. Change-Id: I288545ce80b9a7e854edfc26a7ffe43433303458 Ian Eure 2024-09-24gnu: librewolf-source: Turn into a procedure....This patch changes the `librewolf-source' variable into the `make-librewolf-source' prodecure. This procedure accepts a LibreWolf version, source hash, and Firefox source hash. The Firefox source version is derived from the provided LibreWolf version. This eases package updates, since the hashes are inside the `librewolf' package, rather than `librewolf-source'; and the version no longer needs to be specified in three places. It also removes a blank line between the file header and `define-module'. * gnu/packages/librewolf.scm (librewolf-source): Turn into a procedure. Change-Id: I96ab1304acde246c179e7aa5dad9ff621be3de82 Signed-off-by: Andrew Tropin <andrew@trop.in> Ian Eure 2024-09-24gnu: librewolf: Update to 130.0.1-1. [security fixes]...This patch: - Updates LibreWolf to the latest version - Removes the code which disabled encoding_rs.patch from upstream. It’s no longer in the repo, so the code did nothing, and the underlying issue (Guix being stuck with an old Rust version) has been fixed. - Integrates changes from #72265 with some slight tweaks. This should allow LibreWolf to use accelerated video decoding on supported hardware. - Neuters the GenAI chat feature, which direcly integrates with non-free services, by excluding it from the build and locking the preferences which would enable it. Fixes: CVE-2024-8385: WASM type confusion involving ArrayTypes CVE-2024-8381: Type confusion when looking up a property name in a "with" block CVE-2024-8388: Fullscreen notice on Android could be hidden under various panels and OS prompts CVE-2024-8382: Internal event interfaces were exposed to web content when browser EventHandler listener callbacks ran CVE-2024-8383: Firefox did not ask before openings news: links in an external application CVE-2024-8384: Garbage collection could mis-color cross-compartment objects in OOM conditions CVE-2024-8386: SelectElements could be shown over another site if popups are allowed CVE-2024-8387: Memory safety bugs fixed in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2 CVE-2024-8389: Memory safety bugs fixed in Firefox 130 * gnu/packages/librewolf.scm (librewolf): Update to 130.0.1-1. Change-Id: I764e6e66c5bfdc14a87b7ea59c29780a1f16769a Signed-off-by: Andrew Tropin <andrew@trop.in> Ian Eure 2024-08-31build-systems: gnu: Export %default-gnu-imported-modules and %default-gnu-mod......Until now users would have to cargo cult or inspect the private %default-modules variable of (guix build-systems gnu) to discover which modules to include when extending the used modules via the #:modules argument. The renaming was automated via the command: $ git grep -l %gnu-build-system-modules | xargs sed 's/%gnu-build-system-modules/%default-gnu-imported-modules/' -i * guix/build-system/gnu.scm (%gnu-build-system-modules): Rename to... (%default-gnu-imported-modules): ... this. (%default-modules): Rename to... (%default-gnu-modules): ... this. Export. (dist-package, gnu-build, gnu-cross-build): Adjust accordingly. Change-Id: Idef307fff13cb76f3182d782b26e1cd3a5c757ee Maxim Cournoyer 2024-08-19gnu: librewolf: Update to 129.0.1-1....* gnu/packages/librewolf.scm (librewolf): Update to 129.0.1-1. Change-Id: Iefeff2ea7016e8d55313b55dd97179f80bcead1b Signed-off-by: Vagrant Cascadian <vagrant@debian.org> Ian Eure 2024-08-11gnu: librewolf: Use distinct WM Class....Make desktop environments properly render the icon and not conflate LibreWolf with other browsers with the "Navigator" class. A similar fix to IceCat was pushed as commit be1d05c10766a979dd0720b677889ed950d3b895. * gnu/packages/librewolf.scm (librewolf)[arguments]: Set both the MOZ_APP_REMOTINGNAME environment variable and librewolf.desktop's StartupWMClass to "LibreWolf". Change-Id: I3e117f99ee25321fe3a40ad67450460971579d71 Ashvith Shetty 2024-07-08gnu: librewolf: Fix building on aarch64-linux....* gnu/packages/librewolf.scm (librewolf)[arguments]: On non-x86-linux systems the "--disable-eme" switch is not available because EME is not available. Change-Id: I0f397570249b1bc6a0182d2744a8d3c459c1bafa Signed-off-by: Andreas Enge <andreas@enge.fr> Remco van 't Veer