[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
branch master updated: gnu: librewolf: Update to 131.0.2-1 [security fix
|
From: |
guix-commits |
|
Subject: |
branch master updated: gnu: librewolf: Update to 131.0.2-1 [security fixes]. |
|
Date: |
Fri, 11 Oct 2024 06:41:27 -0400 |
This is an automated email from the git hooks/post-receive script.
hako pushed a commit to branch master
in repository guix.
The following commit(s) were added to refs/heads/master by this push:
new a73a0a6554 gnu: librewolf: Update to 131.0.2-1 [security fixes].
a73a0a6554 is described below
commit a73a0a65542ce50249d9507777778ffd0eb659f7
Author: Ian Eure <ian@retrospec.tv>
AuthorDate: Thu Oct 10 21:42:18 2024 -0700
gnu: librewolf: Update to 131.0.2-1 [security fixes].
Updates the package and changes how the .desktop file is generated. The
.desktop file the package had been using was removed upstream.
Fixes:
CVE-2024-9391: Prevent users from exiting full-screen mode in Firefox Focus
for Android
CVE-2024-9392: Compromised content process can bypass site isolation
CVE-2024-9393: Cross-origin access to PDF contents through multipart
responses
CVE-2024-9394: Cross-origin access to JSON contents through multipart
responses
CVE-2024-9395: Specially crafted filename could be used to obscure download
type
CVE-2024-9396: Potential memory corruption may occur when cloning certain
objects
CVE-2024-9397: Potential directory upload bypass via clickjacking
CVE-2024-9398: External protocol handlers could be enumerated via popups
CVE-2024-9399: Specially crafted WebTransport requests could lead to denial
of
service
CVE-2024-9400: Potential memory corruption during JIT compilation
CVE-2024-9401: Memory safety bugs fixed in Firefox 131, Firefox ESR 115.16,
Firefox ESR 128.3, Thunderbird 131, and Thunderbird 128.3
CVE-2024-9402: Memory safety bugs fixed in Firefox 131, Firefox ESR 128.3,
Thunderbird 131, and Thunderbird 128.3
CVE-2024-9403: Memory safety bugs fixed in Firefox 131 and Thunderbird 131
CVE-2024-9680: Use-after-free in Animation timeline
* gnu/packages/librewolf.scm (%librewolf-build-id): Update.
(librewolf): Update to 131.0.2-1.
[arguments]<#:phases>: Adjust 'install-desktop-entry for new .desktop file.
Change-Id: I03f8a405c454a5bc3c8a1fc9f94d0ec9b41e92ec
Modified-by: Hilton Chain <hako@ultrarare.space>
Signed-off-by: Hilton Chain <hako@ultrarare.space>
---
gnu/packages/librewolf.scm | 35 +++++++++++++----------------------
1 file changed, 13 insertions(+), 22 deletions(-)
diff --git a/gnu/packages/librewolf.scm b/gnu/packages/librewolf.scm
index 31de7a7171..d696a3058f 100644
--- a/gnu/packages/librewolf.scm
+++ b/gnu/packages/librewolf.scm
@@ -212,18 +212,18 @@
;; Update this id with every update to its release date.
;; It's used for cache validation and therefore can lead to strange bugs.
;; ex: date '+%Y%m%d%H%M%S'
-(define %librewolf-build-id "20241005085731")
+(define %librewolf-build-id "20241010143544")
(define-public librewolf
(package
(name "librewolf")
- (version "130.0.1-1")
+ (version "131.0.2-1")
(source
(origin
(inherit (make-librewolf-source
#:version version
- #:firefox-hash
"0w4z3fq5zhm63a0wmhvmqrj263bvy962dir25q3z0x5hx6hjawh2"
- #:librewolf-hash
"0f80pihn375bdjhjmmg2v1w96wpn76zb60ycy39wafwh1dnzybrd"))))
+ #:firefox-hash
"05knnwfxqd3mb6a5y2yh73sn4g648dxnz9kpkmpj9madr55863h4"
+ #:librewolf-hash
"1knx485kdjv8d0rn5ai1x1jp0403dvxz9m7lpim1y2d2ilyi26x7"))))
(build-system gnu-build-system)
(arguments
(list
@@ -619,31 +619,22 @@
(add-after 'wrap-program 'install-desktop-entry
(lambda* (#:key outputs #:allow-other-keys)
(let* ((desktop-file
-
"taskcluster/docker/firefox-snap/firefox.desktop")
+
"toolkit/mozapps/installer/linux/rpm/mozilla.desktop")
(applications (string-append #$output
"/share/applications")))
(substitute* desktop-file
- (("^Exec=firefox")
+ (("^Exec=@MOZ_APP_NAME@")
(string-append "Exec="
- #$output "/bin/librewolf"))
- ;; "Firefox" -> "LibreWolf" everywhere
- (("Firefox")
+ #$output "/bin/librewolf %u"))
+ (("@MOZ_APP_DISPLAYNAME@")
"LibreWolf")
- ;; Remove non-Latin translations.
- (("^Name\\[(ar|bn)\\].*$")
- "")
- (("^Icon=.*")
+ (("@MOZ_APP_REMOTINGNAME@")
+ "LibreWolf")
+ (("^Icon=@MOZ_APP_NAME@")
(string-append "Icon="
#$output
- "/share/icons/hicolor/128x128/apps/librewolf.png
-"))
- ;; These commands were changed.
- (("-NewWindow")
- "-new-window")
- (("-NewPrivateWindow")
- "-new-private-window")
- (("StartupNotify=true")
- "StartupNotify=true\nStartupWMClass=LibreWolf"))
+
"/share/icons/hicolor/128x128/apps/librewolf.png")))
+
(copy-file desktop-file "librewolf.desktop")
(install-file "librewolf.desktop" applications))))
(add-after 'install-desktop-entry 'install-icons
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- branch master updated: gnu: librewolf: Update to 131.0.2-1 [security fixes].,
guix-commits <=