GNU bug report logs - #78249
[PATCH 0/3] gnu: librewolf: Update to 138.0.1-2 [security fixes].

Previous Next

Package: guix-patches;

Reported by: Ian Eure <ian <at> retrospec.tv>

Date: Sun, 4 May 2025 23:19:02 UTC

Severity: normal

Tags: patch

Done: Ian Eure <ian <at> retrospec.tv>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Ian Eure <ian <at> retrospec.tv>
To: 78249 <at> debbugs.gnu.org
Cc: Ian Eure <ian <at> retrospec.tv>
Subject: [bug#78249] [PATCH 3/3] gnu: librewolf: Update to 138.0.1-2 [security fixes].
Date: Sun,  4 May 2025 16:19:32 -0700

Contains fixes for:

CVE-2025-2817: Privilege escalation in Firefox Updater
CVE-2025-4082: WebGL shader attribute memory corruption in Firefox for
               macOS
CVE-2025-4083: Process isolation bypass using "javascript:" URI links
               in cross-origin frames

CVE-2025-4085: Potential information leakage and privilege escalation
               in UITour actor
CVE-2025-4086: Specially crafted filename could be used to obscure
               download type
CVE-2025-4087: Unsafe attribute access during XPath parsing
CVE-2025-4088: Cross-site request forgery via storage access API
               redirects
CVE-2025-4089: Potential local code execution in "copy as cURL"
               command
CVE-2025-4090: Leaked library paths in Firefox for Android
CVE-2025-4091: Memory safety bugs fixed in Firefox 138, Thunderbird
               138, Firefox ESR 128.10, and Thunderbird 128.10
CVE-2025-4092: Memory safety bugs fixed in Firefox 138 and Thunderbird
               138

* gnu/packages/librewolf.scm (librewolf): Update to 138.0.1-2.
* gnu/packages/patches/torbrowser-compare-paths.patch: Adjust for new version.

Change-Id: I2cc11b758dbc77f7ec3451faa89918b08c890729
---
 gnu/packages/librewolf.scm                      | 12 ++++++------
 .../patches/torbrowser-compare-paths.patch      | 17 ++++-------------
 2 files changed, 10 insertions(+), 19 deletions(-)

diff --git a/gnu/packages/librewolf.scm b/gnu/packages/librewolf.scm
index bcacbf8dd1..8a8dbd05ad 100644
--- a/gnu/packages/librewolf.scm
+++ b/gnu/packages/librewolf.scm
@@ -207,17 +207,17 @@ (define rust-librewolf rust-1.82)
 ;; Update this id with every update to its release date.
 ;; It's used for cache validation and therefore can lead to strange bugs.
 ;; ex: date '+%Y%m%d%H%M%S'
-(define %librewolf-build-id "20250416062358")
+(define %librewolf-build-id "20250502155055")
 
 (define-public librewolf
   (package
     (name "librewolf")
-    (version "137.0.2-1")
+    (version "138.0.1-2")
     (source
      (make-librewolf-source
       #:version version
-      #:firefox-hash "01yd5cq6qgww6w2kq1bchy9j81blim15kdz7bvx8n512m2x3mz06"
-      #:librewolf-hash "0vy1xvjwgc4vd9q3laakx6lrsy4ghpdr98vm9lmx86amg9gak5ix"
+      #:firefox-hash "0aybkr6zan7klybc1r455lgzz524rmhzj85g6xv88vw70dibk54q"
+      #:librewolf-hash "0c98hjhfklfbi2biib7bk5qijp6x77hmp8ska2fy3lzi78lsz08z"
       #:l10n firefox-l10n))
     (build-system gnu-build-system)
     (arguments
@@ -639,7 +639,7 @@ (define (runpaths-of-input label)
                   libxt
                   mesa
                   mit-krb5
-                  nspr
+                  nspr-4.36
                   nss-rapid
                   pango
                   pciutils
@@ -665,7 +665,7 @@ (define (runpaths-of-input label)
                          pkg-config
                          python
                          rust-librewolf
-                         rust-cbindgen-0.26
+                         rust-cbindgen-0.28
                          which
                          yasm))
     (native-search-paths
diff --git a/gnu/packages/patches/torbrowser-compare-paths.patch b/gnu/packages/patches/torbrowser-compare-paths.patch
index 7d4d5fdb78..8e880bf390 100644
--- a/gnu/packages/patches/torbrowser-compare-paths.patch
+++ b/gnu/packages/patches/torbrowser-compare-paths.patch
@@ -5,20 +5,11 @@ name.
 
 --- a/toolkit/mozapps/extensions/internal/XPIDatabase.sys.mjs
 +++ b/toolkit/mozapps/extensions/internal/XPIDatabase.sys.mjs
-@@ -3606,6 +3606,7 @@
+@@ -3753,6 +3753,7 @@
      if (
        newAddon ||
        oldAddon.updateDate != xpiState.mtime ||
 +      oldAddon.path != xpiState.path ||
-       (aUpdateCompatibility && this.isAppBundledLocation(installLocation))
-     ) {
-       newAddon = this.updateMetadata(
-@@ -3614,8 +3615,6 @@
-         xpiState,
-         newAddon
-       );
--    } else if (oldAddon.path != xpiState.path) {
--      newAddon = this.updatePath(installLocation, oldAddon, xpiState);
-     } else if (aUpdateCompatibility || aSchemaChange) {
-       newAddon = this.updateCompatibility(
-         installLocation,
+       (aUpdateCompatibility && this.isAppBundledLocation(installLocation)) ||
+       // update addon metadata if the addon in bundled into
+       // the omni jar and version or the resource URI pointing
-- 
2.49.0
This bug report was last modified 4 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.