GNU bug report logs - #70618
[PATCH 0/3] Update LibreWolf to 125.0.2-1

Previous Next

Package: guix-patches;

Reported by: Ian Eure <ian <at> retrospec.tv>

Date: Sun, 28 Apr 2024 00:33:01 UTC

Severity: normal

Tags: patch

Done: Maxim Cournoyer <maxim.cournoyer <at> gmail.com>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: help-debbugs <at> gnu.org (GNU bug Tracking System)
To: Ian Eure <ian <at> retrospec.tv>
Subject: bug#70618: closed (Re: [bug#70618] [PATCH 0/3] Update LibreWolf
 to 125.0.2-1)
Date: Sun, 28 Apr 2024 14:44:02 +0000

[Message part 1 (text/plain, inline)]
Your bug report

#70618: [PATCH 0/3] Update LibreWolf to 125.0.2-1

which was filed against the guix-patches package, has been closed.

The explanation is attached below, along with your original report.
If you require more details, please reply to 70618 <at> debbugs.gnu.org.

-- 
70618: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=70618
GNU Bug Tracking System
Contact help-debbugs <at> gnu.org with problems

[Message part 2 (message/rfc822, inline)]
From: Maxim Cournoyer <maxim.cournoyer <at> gmail.com>
To: Ian Eure <ian <at> retrospec.tv>
Cc: 70618-done <at> debbugs.gnu.org
Subject: Re: [bug#70618] [PATCH 0/3] Update LibreWolf to 125.0.2-1
Date: Sun, 28 Apr 2024 10:42:59 -0400

Hi,

Ian Eure <ian <at> retrospec.tv> writes:

> New upstream release.  A few things to note:
>
> - nss / nss-certs needs a bump from 3.98->3.99, as this is what LibreWolf wants in order to build.
> - Clang 13.x (the Guix default) segfaulted when building LibreWolf and suggested that I file a bug report.  Switching to clang/LLVM 18 resolved the issue.
>
> LibreWolf 125.0.2-1 resolves:
>
> CVE-2024-3852 (high)
> CVE-2024-3853 (high)
> CVE-2024-3854 (high)
> CVE-2024-3855 (high)
> CVE-2024-3856 (high)
> CVE-2024-3857 (high)
> CVE-2024-3858 (high)
> CVE-2024-3859 (moderate)
> CVE-2024-3860 (moderate)
> CVE-2024-3861 (moderate)
> CVE-2024-3862 (moderate)
> CVE-2024-3302 (low)
> CVE-2024-3864 (high)
> CVE-2024-3865 (high)
>
> Ian Eure (3):
>   gnu: nss/fixed: Update to 3.99.
>   gnu: nss-certs: Update to 3.99.
>   gnu: librewolf: Update to 125.0.2-1.

Applied, thank you!

-- 
Thanks,
Maxim


[Message part 3 (message/rfc822, inline)]
From: Ian Eure <ian <at> retrospec.tv>
To: guix-patches <at> gnu.org
Cc: Ian Eure <ian <at> retrospec.tv>
Subject: [PATCH 0/3] Update LibreWolf to 125.0.2-1
Date: Sat, 27 Apr 2024 17:31:21 -0700

New upstream release.  A few things to note:

- nss / nss-certs needs a bump from 3.98->3.99, as this is what LibreWolf wants in order to build.
- Clang 13.x (the Guix default) segfaulted when building LibreWolf and suggested that I file a bug report.  Switching to clang/LLVM 18 resolved the issue.

LibreWolf 125.0.2-1 resolves:

CVE-2024-3852 (high)
CVE-2024-3853 (high)
CVE-2024-3854 (high)
CVE-2024-3855 (high)
CVE-2024-3856 (high)
CVE-2024-3857 (high)
CVE-2024-3858 (high)
CVE-2024-3859 (moderate)
CVE-2024-3860 (moderate)
CVE-2024-3861 (moderate)
CVE-2024-3862 (moderate)
CVE-2024-3302 (low)
CVE-2024-3864 (high)
CVE-2024-3865 (high)

Ian Eure (3):
  gnu: nss/fixed: Update to 3.99.
  gnu: nss-certs: Update to 3.99.
  gnu: librewolf: Update to 125.0.2-1.

 gnu/packages/certs.scm     |  6 +++---
 gnu/packages/librewolf.scm | 15 ++++++++-------
 gnu/packages/nss.scm       |  4 ++--
 3 files changed, 13 insertions(+), 12 deletions(-)


base-commit: 8d29f416a9378d30f63c2a95f1bd1a420d9ccab4
-- 
2.41.0
This bug report was last modified 1 year and 115 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.