diff options
| author | Tomas Volf <~@wolfsden.cz> | 2025-03-04 23:39:23 +0100 |
|---|---|---|
| committer | Jelle Licht <jlicht@fsfe.org> | 2025-03-06 21:52:46 +0100 |
| commit | 944619c1947ba59823f4ad6d8b13842b7e162d76 (patch) | |
| tree | 9f2ac1cca74170f613445edffa30b6ead9c55578 /nongnu/packages/mozilla.scm | |
| parent | e8f39f68164b78150d6158d83e69e15b7328304a (diff) | |
nongnu: firefox: Update to 136.0 [security fixes].
Fixes CVE-2024-9956, CVE-2025-1930, CVE-2025-1931, CVE-2025-1932,
CVE-2025-1933, CVE-2025-1934, CVE-2025-1935, CVE-2025-1936,
CVE-2025-1937, CVE-2025-1938, CVE-2025-1939, CVE-2025-1940,
CVE-2025-1941, CVE-2025-1942, CVE-2025-1943.
* nongnu/packages/mozilla.scm (firefox): Update to 136.0.
[inputs]: Use icu4c-76.
[arguments]<#:phases>: Add 'patch-icu-lookup.
Signed-off-by: Jelle Licht <jlicht@fsfe.org>
Diffstat (limited to 'nongnu/packages/mozilla.scm')
| -rw-r--r-- | nongnu/packages/mozilla.scm | 21 |
1 files changed, 16 insertions, 5 deletions
diff --git a/nongnu/packages/mozilla.scm b/nongnu/packages/mozilla.scm index 98f142c..499bfb5 100644 --- a/nongnu/packages/mozilla.scm +++ b/nongnu/packages/mozilla.scm @@ -548,13 +548,13 @@ MOZ_ENABLE_WAYLAND=1 exec ~a $@\n" ;; Update this id with every firefox update to its release date. ;; It's used for cache validation and therefore can lead to strange bugs. -(define %firefox-build-id "20250218001747") +(define %firefox-build-id "20250303134749") (define-public firefox (package (inherit firefox-esr) (name "firefox") - (version "135.0.1") + (version "136.0") (source (origin (method url-fetch) @@ -570,17 +570,28 @@ MOZ_ENABLE_WAYLAND=1 exec ~a $@\n" "firefox-esr-compare-paths.patch" "firefox-use-system-wide-dir.patch"))) (sha256 - (base32 "01krqfx3havzknjl45affmlhl3dkk3is951iy3rr1qrvrvfxzyvl")))) + (base32 "0mvg53fr9zi6pq2pwa6qzqi88brqig1wlzic9sz52i4knx733viv")))) (arguments (substitute-keyword-arguments (package-arguments firefox-esr) ((#:phases phases) #~(modify-phases #$phases (replace 'set-build-id (lambda _ - (setenv "MOZ_BUILD_DATE" #$%firefox-build-id))))))) + (setenv "MOZ_BUILD_DATE" #$%firefox-build-id))) + ;; https://bugzilla.mozilla.org/show_bug.cgi?id=1927380 + (add-before 'configure 'patch-icu-lookup + (lambda _ + (let* ((file "js/moz.configure") + (old-content (call-with-input-file file get-string-all))) + (substitute* file + (("icu-i18n >= 76.1" all) + (string-append all ", icu-uc >= 76.1"))) + (if (string=? old-content + (pk (call-with-input-file file get-string-all))) + (error "substitute did nothing, phase requires an update"))))))))) (inputs (modify-inputs (package-inputs firefox-esr) - (replace "icu4c" icu4c-75))) + (replace "icu4c" icu4c-76))) (native-inputs (modify-inputs (package-native-inputs firefox-esr) (replace "rust" rust-firefox) |