diff options
| author | John Kehayias <john.kehayias@protonmail.com> | 2024-10-19 01:26:32 -0400 |
|---|---|---|
| committer | John Kehayias <john.kehayias@protonmail.com> | 2024-10-19 01:26:32 -0400 |
| commit | d47b2f5a7bc82fe52825ba4b5ff6cb9362a9fed4 (patch) | |
| tree | 4a1a9e7cff1c6aff6e1af38cbba886a680963144 /nongnu/packages/mozilla.scm | |
| parent | 14c3e1fdc837debd4b0e9e72cd20c81db44c0318 (diff) | |
nongnu: firefox: Update to 131.0.3 [security fixes].
Fixes CVE-2024-9936 and, in previous versions since 130.0.1, CVE-2024-9680,
CVE-2024-9391, CVE-2024-9392, CVE-2024-9393, CVE-2024-9394, CVE-2024-9395,
CVE-2024-9396, CVE-2024-9397, CVE-2024-9398, CVE-2024-9399, CVE-2024-9400,
CVE-2024-9401, CVE-2024-9402, and CVE-2024-9403.
Upstream removed firefox.desktop files which can be generated from their mach
tool. However, this will try to download various dependencies. So, for now
at least, use a patch which reverts that commit so we can use the included
desktop file. In Arch, for example, they include a separate pre-generated
desktop file rather than doing this at build time.
* nongnu/packages/mozilla.scm (firefox): Update to 131.0.3.
* nongnu/packages/patches/firefox-CVE-2024-9680.patch: Delete patch.
* nongnu/packages/patches/firefox-restore-desktop-files.patch: Add patch.
Diffstat (limited to 'nongnu/packages/mozilla.scm')
| -rw-r--r-- | nongnu/packages/mozilla.scm | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/nongnu/packages/mozilla.scm b/nongnu/packages/mozilla.scm index df7cb9c..4c2663b 100644 --- a/nongnu/packages/mozilla.scm +++ b/nongnu/packages/mozilla.scm @@ -524,13 +524,13 @@ MOZ_ENABLE_WAYLAND=1 exec ~a $@\n" ;; Update this id with every firefox update to its release date. ;; It's used for cache validation and therefore can lead to strange bugs. -(define %firefox-build-id "20241010233931") +(define %firefox-build-id "20241014032024") (define-public firefox (package (inherit firefox-esr) (name "firefox") - (version "130.0.1") + (version "131.0.3") (source (origin (method url-fetch) @@ -540,9 +540,9 @@ MOZ_ENABLE_WAYLAND=1 exec ~a $@\n" (list (search-path (map (cut string-append <> "/nongnu/packages/patches") %load-path) - "firefox-CVE-2024-9680.patch"))) + "firefox-restore-desktop-files.patch"))) (sha256 - (base32 "0w4z3fq5zhm63a0wmhvmqrj263bvy962dir25q3z0x5hx6hjawh2")))) + (base32 "1l30y1pf2kkhnnnazj2x7j1hy3sxz6x9vjj3lbx3wi9pfzwz6zbs")))) (arguments (substitute-keyword-arguments (package-arguments firefox-esr) ((#:phases phases) |