GNU bug report logs - #71121
[PATCH 0/3] Update LibreWolf to 126.0-1 [security fixes]

Previous Next

Package: guix-patches;

Reported by: Ian Eure <ian <at> retrospec.tv>

Date: Wed, 22 May 2024 14:54:02 UTC

Severity: normal

Tags: patch

Done: Maxim Cournoyer <maxim.cournoyer <at> gmail.com>

Bug is archived. No further changes may be made.

Full log

Message #26 received at 71121 <at> debbugs.gnu.org (full text, mbox):

From: Ian Eure <ian <at> retrospec.tv>
To: 71121 <at> debbugs.gnu.org
Cc: Ian Eure <ian <at> retrospec.tv>
Subject: [PATCH v2 3/3] gnu: librewolf: Update to 126.0-1.
Date: Thu, 30 May 2024 15:39:51 -0700

* gnu/packages/librewolf.scm (librewolf): Update to 126.0-1.  Fixes
CVE-2024-4367, CVE-2024-4764, CVE-2024-4765, CVE-2024-4766, CVE-2024-4767,
CVE-2024-4768, CVE-2024-4769, CVE-2024-4770, CVE-2024-4771, CVE-2024-4772,
CVE-2024-4773, CVE-2024-4774, CVE-2024-4775, CVE-2024-4776, CVE-2024-4777,
CVE-2024-4778.

Change-Id: Iec010e516651588da389f747074cbd10f8c14377
---
 gnu/packages/librewolf.scm | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/gnu/packages/librewolf.scm b/gnu/packages/librewolf.scm
index bb8bc8a283..80b942ec12 100644
--- a/gnu/packages/librewolf.scm
+++ b/gnu/packages/librewolf.scm
@@ -115,9 +115,9 @@ (define (librewolf-source-origin version hash)
 (define computed-origin-method (@@ (guix packages) computed-origin-method))
 
 (define librewolf-source
-  (let* ((ff-src (firefox-source-origin "125.0.2" "16gpd6n52lshvkkha41z7xicggj64dw0qhr5gd07bcxsc4rmdl39"))
-         (version "125.0.2-1")
-         (lw-src (librewolf-source-origin version "17i36s2ny1pv3cz44w0gz48fy4vjfw6vp9jk21j62f5d3dl726x8")))
+  (let* ((ff-src (firefox-source-origin "126.0" "09l5hsyrkimmkd7wbhnamy5mwmwwxjfa742hpkjjkhlyk6hq43li"))
+         (version "126.0-1")
+         (lw-src (librewolf-source-origin version "1q8fjki6rgzrir84y7j2anra2w213bm0g74nw205gja9qsxlassc")))
 
     (origin
       (method computed-origin-method)
@@ -161,6 +161,11 @@ (define librewolf-source
                  (("^ff_source_tarball:=.*")
                   (string-append "ff_source_tarball:=" #+ff-src)))
 
+               ;; Remove encoding_rs patch, it doesn't build with Rust 1.75.
+               (substitute* '("assets/patches.txt")
+                 (("patches/encoding_rs.patch\\\n$")
+                  ""))
+
                ;; Stage locales
                (begin
                  (format #t "Staging locales...~%")
@@ -205,12 +210,12 @@ (define rust-librewolf rust) ; 1.75 is the default in Guix, 1.65 is the minimum.
 ;; Update this id with every update to its release date.
 ;; It's used for cache validation and therefore can lead to strange bugs.
 ;; ex: date '+%Y%m%d%H%M%S'
-(define %librewolf-build-id "20240427150329")
+(define %librewolf-build-id "20240530072108")
 
 (define-public librewolf
   (package
     (name "librewolf")
-    (version "125.0.2-1")
+    (version "126.0-1")
     (source librewolf-source)
     (build-system gnu-build-system)
     (arguments
-- 
2.41.0
This bug report was last modified 352 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.