amaharaneko/guix-mirrors
1
1
Fork 0
mirror of https://codeberg.org/guix/guix.git synced 2025-10-02 02:15:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

gnu: librewolf: Update to 137.0-1 [security fixes].

Browse source 
Contains fixes for:

CVE-2025-3028: Use-after-free triggered by XSLTProcessor
CVE-2025-3031: JIT optimization bug with different stack slot sizes
CVE-2025-3032: Leaking file descriptors from the fork server
CVE-2025-3029: URL bar spoofing via non-BMP Unicode characters
CVE-2025-3035: Tab title disclosure across pages when using AI chatbot
CVE-2025-3033: Opening local .url files could lead to another file
               being opened
CVE-2025-3030: Memory safety bugs fixed in Firefox 137, Thunderbird
               137, Firefox ESR 128.9, and Thunderbird 128.9
CVE-2025-3034: Memory safety bugs fixed in Firefox 137 and Thunderbird
               137

* gnu/packages/librewolf.scm (librewolf): Update to 137.0-1.

Change-Id: I23d8cbefc242e57c19b4e98660fd22bd1dda8d6a
This commit is contained in:
Ian Eure 2025-04-02 15:50:38 -07:00
parent 538fc4917f
commit f664a9377d
No known key found for this signature in database
GPG key ID: 8499AC88F1A71CF2
1 changed files with 7 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

10
gnu/packages/librewolf.scm
View file

@ -206,17 +206,17 @@
;; Update this id with every update to its release date.
;; It's used for cache validation and therefore can lead to strange bugs.
;; ex: date '+%Y%m%d%H%M%S'
(define %librewolf-build-id "20250327215540")
(define %librewolf-build-id "20250401171639")
(define-public librewolf
(package
(name "librewolf")
(version "136.0.4-1")
(version "137.0-1")
(source
(make-librewolf-source
#:version version
#:firefox-hash "0hn2ywyacgg8n47qz1q2l8bf32mszj3vnpkl6kag3wmqqbhvja2a"
#:librewolf-hash "045il4xrji2zh1scx3aiy6hx6jv098232aycda6bhsh27szbsrfa"
#:firefox-hash "07d9rdxmp48gbk41y1c6gggzziv9aqdhjwgi6c0hrf6chcppxi0y"
#:librewolf-hash "164bvissxzhzlwjafp9pdyhhg8hhdxh8w61ifkak497qm4yf8af7"
#:l10n firefox-l10n))
(build-system gnu-build-system)
(arguments
@ -236,8 +236,6 @@
"--with-system-ffi"
"--enable-system-pixman"
"--enable-jemalloc"
;; see https://bugs.gnu.org/32833
"--with-system-nspr"
"--with-system-nss"