GNU bug report logs -
#73633
[PATCH] gnu: torbrowser: Update to 13.5.6 [security fixes].
Previous Next
Reported by: André Batista <nandre <at> riseup.net>
Date: Sat, 5 Oct 2024 03:09:03 UTC
Severity: normal
Tags: patch
Done: Ludovic Courtès <ludo <at> gnu.org>
Bug is archived. No further changes may be made.
Full log
View this message in rfc822 format
Fixes CVEs 2024-9392, 2024-9393, 2024-9394, 2024-9401 and 2024-9680.
See the Mozilla Foundation Security Advisories
<https://www.mozilla.org/en-US/security/advisories/mfsa2024-48/> and
<https://www.mozilla.org/en-US/security/advisories/mfsa2024-51/>
for details.
* gnu/packages/tor-browsers.scm (%torbrowser-build-date): Update to
20241008182800.
(%torbrowser-version): Update to 13.5.7.
(%torbrowser-firefox-version): Update to 115.16.0esr-13.5-1-build3.
(torbrowser-translation-base): Update to
ceb66dd0937da14962cb535699242b2526e11f02.
(torbrowser-translation-specific): Update to
dbf1454fdbd3256d65985cc1c46391ce0ec159e7.
(make-torbrowser) [arguments] <#:phases>: On 'copy-basebrowser-locales
stop copying 'cryptoSafetyPrompt.properties'. See
<https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/cf68476c67f6c5159dab3d7c241392c597fd3988>.
Change-Id: Ic17a669c1311d92da347e11ea08acc7a218bc728
---
gnu/packages/tor-browsers.scm | 25 +++++++++----------------
1 file changed, 9 insertions(+), 16 deletions(-)
diff --git a/gnu/packages/tor-browsers.scm b/gnu/packages/tor-browsers.scm
index 6bc1ef5328..e517f9b214 100644
--- a/gnu/packages/tor-browsers.scm
+++ b/gnu/packages/tor-browsers.scm
@@ -116,16 +116,16 @@ (define firefox-locales
;; We copy the official build id, which is defined at
;; tor-browser-build/rbm.conf (browser_release_date).
-(define %torbrowser-build-date "20240903073000")
+(define %torbrowser-build-date "20241008182800")
;; To find the last version, look at https://www.torproject.org/download/.
-(define %torbrowser-version "13.5.3")
+(define %torbrowser-version "13.5.7")
;; To find the last Firefox version, browse
;; https://archive.torproject.org/tor-package-archive/torbrowser/<%torbrowser-version>
;; There should be only one archive that starts with
;; "src-firefox-tor-browser-".
-(define %torbrowser-firefox-version "115.15.0esr-13.5-1-build3")
+(define %torbrowser-firefox-version "115.16.0esr-13.5-1-build3")
;; See tor-browser-build/rbm.conf for the list.
(define %torbrowser-locales (list "ar" "ca" "cs" "da" "de" "el" "es-ES" "fa" "fi" "fr"
@@ -139,11 +139,11 @@ (define torbrowser-translation-base
(method git-fetch)
(uri (git-reference
(url "https://gitlab.torproject.org/tpo/translation.git")
- (commit "daed2afc487d1b20efc17feb153156524c6f714b")))
+ (commit "ceb66dd0937da14962cb535699242b2526e11f02")))
(file-name "translation-base-browser")
(sha256
(base32
- "0psmmgw9dnjwdhjbqkd69q5q7sdwyjcwagh93ffrjk0v7ybc79dq"))))
+ "04ciw4rnl0cj7vz4pqbs1aca8fhva346bp0vahfcxv3isn1nwyy4"))))
;; See tor-browser-build/projects/translation/config.
(define torbrowser-translation-specific
@@ -151,11 +151,11 @@ (define torbrowser-translation-specific
(method git-fetch)
(uri (git-reference
(url "https://gitlab.torproject.org/tpo/translation.git")
- (commit "6374e3b09c0894b8452fa1ba0b99c807722fc805")))
+ (commit "dbf1454fdbd3256d65985cc1c46391ce0ec159e7")))
(file-name "translation-tor-browser")
(sha256
(base32
- "1wd9iwcj2h70bp017pcdhgfiw2bs8zi68kljmpnk69pssd6cn8l3"))))
+ "09zhl6fk0z69qy82l050fm02h0dyb3f8j38fbazmkwnd8x3z6jv0"))))
(define torbrowser-assets
;; This is a prebuilt Torbrowser from which we take the assets we need.
@@ -171,7 +171,7 @@ (define torbrowser-assets
version "/tor-browser-linux-x86_64-" version ".tar.xz"))
(sha256
(base32
- "0laz6yrm310iidddnas2w1s5wad183n9axjkgrf5cm5paj615343"))))
+ "1mdi6x0dvdvlk957fws1pw55z9hwkd5x05rv8k2g1vzy9qkvgrf3"))))
(arguments
(list
#:install-plan
@@ -213,7 +213,7 @@ (define* (make-torbrowser #:key
".tar.xz"))
(sha256
(base32
- "13b9ni6anv279drhbb5m95nnmgslrp6frsm0y4028nfqiprs7vj5"))))
+ "0v4hkxcz7cahbhwwafmspcl67ih2rnkmamcvp06kyx64xvpad00i"))))
(build-system mozilla-build-system)
(inputs
(list go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-lyrebird
@@ -580,13 +580,6 @@ (define (runpaths-of-input label)
"translation-tor-browser/~a/tor-browser.ftl"
"~a/~a/toolkit/toolkit/global/"))
lang l10ncentral lang))
- (system
- (format
- #f (string-join
- '("mv"
- "translation-tor-browser/~a/cryptoSafetyPrompt.properties"
- "~a/~a/browser/chrome/browser/"))
- lang l10ncentral lang))
(system
(format
#f (string-join
base-commit: b8fd792ea267cb920da0651074a533d8abf00488
--
2.45.2
This bug report was last modified 223 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.