amaharaneko/guix-mirrors
1
1
Fork 0
mirror of https://codeberg.org/guix/guix.git synced 2025-10-02 02:15:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

gnu: librewolf: Update to 131.0.2-1 [security fixes].

Browse source 
Updates the package and changes how the .desktop file is generated.  The
.desktop file the package had been using was removed upstream.

Fixes:

CVE-2024-9391: Prevent users from exiting full-screen mode in Firefox Focus
               for Android
CVE-2024-9392: Compromised content process can bypass site isolation
CVE-2024-9393: Cross-origin access to PDF contents through multipart responses
CVE-2024-9394: Cross-origin access to JSON contents through multipart
               responses
CVE-2024-9395: Specially crafted filename could be used to obscure download
               type
CVE-2024-9396: Potential memory corruption may occur when cloning certain
               objects
CVE-2024-9397: Potential directory upload bypass via clickjacking
CVE-2024-9398: External protocol handlers could be enumerated via popups
CVE-2024-9399: Specially crafted WebTransport requests could lead to denial of
               service
CVE-2024-9400: Potential memory corruption during JIT compilation
CVE-2024-9401: Memory safety bugs fixed in Firefox 131, Firefox ESR 115.16,
               Firefox ESR 128.3, Thunderbird 131, and Thunderbird 128.3
CVE-2024-9402: Memory safety bugs fixed in Firefox 131, Firefox ESR 128.3,
               Thunderbird 131, and Thunderbird 128.3
CVE-2024-9403: Memory safety bugs fixed in Firefox 131 and Thunderbird 131
CVE-2024-9680: Use-after-free in Animation timeline

* gnu/packages/librewolf.scm (%librewolf-build-id): Update.
(librewolf): Update to 131.0.2-1.
[arguments]<#:phases>: Adjust 'install-desktop-entry for new .desktop file.

Change-Id: I03f8a405c454a5bc3c8a1fc9f94d0ec9b41e92ec
Modified-by: Hilton Chain <hako@ultrarare.space>
Signed-off-by: Hilton Chain <hako@ultrarare.space>
This commit is contained in:
Ian Eure 2024-10-10 21:42:18 -07:00 committed by Hilton Chain
parent cdb262e993
commit a73a0a6554
No known key found for this signature in database
GPG key ID: ACC66D09CA528292
1 changed files with 13 additions and 22 deletions
Download patch file Download diff file Expand all files Collapse all files

35
gnu/packages/librewolf.scm
View file

@ -212,18 +212,18 @@
;; Update this id with every update to its release date. ;; Update this id with every update to its release date.
;; It's used for cache validation and therefore can lead to strange bugs. ;; It's used for cache validation and therefore can lead to strange bugs.
;; ex: date '+%Y%m%d%H%M%S' ;; ex: date '+%Y%m%d%H%M%S'
(define %librewolf-build-id "20241005085731") (define %librewolf-build-id "20241010143544")
(define-public librewolf (define-public librewolf
(package (package
(name "librewolf") (name "librewolf")
(version "130.0.1-1") (version "131.0.2-1")
(source (source
(origin (origin
(inherit (make-librewolf-source (inherit (make-librewolf-source
#:version version #:version version
#:firefox-hash "0w4z3fq5zhm63a0wmhvmqrj263bvy962dir25q3z0x5hx6hjawh2" #:firefox-hash "05knnwfxqd3mb6a5y2yh73sn4g648dxnz9kpkmpj9madr55863h4"
#:librewolf-hash "0f80pihn375bdjhjmmg2v1w96wpn76zb60ycy39wafwh1dnzybrd")))) #:librewolf-hash "1knx485kdjv8d0rn5ai1x1jp0403dvxz9m7lpim1y2d2ilyi26x7"))))
(build-system gnu-build-system) (build-system gnu-build-system)
(arguments (arguments
(list (list
@ -619,31 +619,22 @@
(add-after 'wrap-program 'install-desktop-entry (add-after 'wrap-program 'install-desktop-entry
(lambda* (#:key outputs #:allow-other-keys) (lambda* (#:key outputs #:allow-other-keys)
(let* ((desktop-file (let* ((desktop-file
"taskcluster/docker/firefox-snap/firefox.desktop") "toolkit/mozapps/installer/linux/rpm/mozilla.desktop")
(applications (string-append #$output (applications (string-append #$output
"/share/applications"))) "/share/applications")))
(substitute* desktop-file (substitute* desktop-file
(("^Exec=firefox") (("^Exec=@MOZ_APP_NAME@")
(string-append "Exec=" (string-append "Exec="
#$output "/bin/librewolf")) #$output "/bin/librewolf %u"))
;; "Firefox" -> "LibreWolf" everywhere (("@MOZ_APP_DISPLAYNAME@")
(("Firefox")
"LibreWolf") "LibreWolf")
;; Remove non-Latin translations. (("@MOZ_APP_REMOTINGNAME@")
(("^Name\\[(ar|bn)\\].*$") "LibreWolf")
"") (("^Icon=@MOZ_APP_NAME@")
(("^Icon=.*")
(string-append "Icon=" (string-append "Icon="
#$output #$output
"/share/icons/hicolor/128x128/apps/librewolf.png "/share/icons/hicolor/128x128/apps/librewolf.png")))
"))
;; These commands were changed.
(("-NewWindow")
"-new-window")
(("-NewPrivateWindow")
"-new-private-window")
(("StartupNotify=true")
"StartupNotify=true\nStartupWMClass=LibreWolf"))
(copy-file desktop-file "librewolf.desktop") (copy-file desktop-file "librewolf.desktop")
(install-file "librewolf.desktop" applications)))) (install-file "librewolf.desktop" applications))))
(add-after 'install-desktop-entry 'install-icons (add-after 'install-desktop-entry 'install-icons