| Age | Commit message (Collapse) | Author |
|---|
|
Fixes CVE-2025-5262, CVE-2025-5263, CVE-2025-5264, CVE-2025-5265,
CVE-2025-5266, CVE-2025-5267, CVE-2025-5268, CVE-2025-5270,
CVE-2025-5271, CVE-2025-5272.
* nongnu/packages/mozilla.scm (firefox): Update to 139.0.
Signed-off-by: Hilton Chain <hako@ultrarare.space>
|
|
Fixes CVE-2025-5262, CVE-2025-5263, CVE-2025-5264, CVE-2025-5265,
CVE-2025-5266, CVE-2025-5267, CVE-2025-5268, CVE-2025-5269.
* nongnu/packages/mozilla.scm (firefox-esr): Update to 128.11.0esr.
Signed-off-by: Hilton Chain <hako@ultrarare.space>
|
|
Fixes CVE-2025-4920, CVE-2025-4921.
* nongnu/packages/mozilla.scm (firefox-esr): Update to 128.10.1esr.
Signed-off-by: Hilton Chain <hako@ultrarare.space>
|
|
Fixes CVE-2025-4920, CVE-2025-4921.
* nongnu/packages/mozilla.scm (firefox): Update to 138.0.4.
Signed-off-by: Hilton Chain <hako@ultrarare.space>
|
|
* nongnu/packages/mozilla.scm (firefox): Update to 138.0.3.
Signed-off-by: Hilton Chain <hako@ultrarare.space>
|
|
Fixes CVE-2025-2817, CVE-2025-4082, CVE-2025-4083, CVE-2025-4085,
CVE-2025-4086, CVE-2025-4087, CVE-2025-4088, CVE-2025-4089,
CVE-2025-4090, CVE-2025-4091, CVE-2025-4092.
* nongnu/packages/patches/firefox-ge-138-compare-paths.patch: New file.
* nongnu/packages/mozilla.scm (firefox): Update to 138.0.
[source]: Use the new patch.
[native-inputs]: Replace rust-cbindgen with rust-cbindgen-0.28.
Signed-off-by: Hilton Chain <hako@ultrarare.space>
|
|
Fixes CVE-2025-2817, CVE-2025-4082, CVE-2025-4083, CVE-2025-4084,
CVE-2025-4087, CVE-2025-4091, CVE-2025-4093.
* nongnu/packages/mozilla.scm (firefox-esr): Update to 128.10.0esr.
Signed-off-by: Hilton Chain <hako@ultrarare.space>
|
|
Fixes CVE-2025-3608.
* nongnu/packages/mozilla.scm (firefox): Update to 137.0.2.
Signed-off-by: Hilton Chain <hako@ultrarare.space>
|
|
Adapted from <https://issues.guix.gnu.org/77677>.
* nongnu/packages/mozilla.scm (firefox-esr)
[arguments]<#:phases>: Add 'mkdir-lib-icecat'.
Fixes: https://gitlab.com/nonguix/nonguix/-/issues/368
Reported-by: Katherine Cox-Buday <cox.katherine.e@gmail.com>
Signed-off-by: Hilton Chain <hako@ultrarare.space>
|
|
* nongnu/packages/mozilla.scm (firefox): Update to 137.0.1.
Signed-off-by: Hilton Chain <hako@ultrarare.space>
|
|
Since Firefox ESR has already been above version 121, this variable can be
deprecated.
* nongnu/packages/mozilla.scm (firefox-esr/wayland): Deprecated by
firefox-esr.
|
|
Fixes #386.
As of Firefox 137, VA-API video acceleration is enabled by default. This
would fail due to not finding libpciaccess. This is an indirect dependency,
through libdrm (that mesa and libva depend on). It would be best to have our
runpaths-of-input work recursively to catch this (so it can be in the RDD
sandbox used by Firefox here). In the meantime, add libpciaccess explicitly
to fix this issue.
* nongnu/packages/mozilla.scm (firefox-esr)[arguments]<#:phases>: In the
wrap-program phase, add the libpciaccess library path, used in
LD_LIBRARY_PATH. Add a comment for future work on rdd-whitelist.
[inputs]: Add libpciaccess.
|
|
Fixes CVE-2025-2857, CVE-2025-3028, CVE-2025-3029, CVE-2025-3030,
CVE-2025-3031, CVE-2025-3032, CVE-2025-3033, CVE-2025-3034,
CVE-2025-3035.
* nongnu/packages/mozilla.scm (firefox): Update to 137.0.
Signed-off-by: Hilton Chain <hako@ultrarare.space>
|
|
Fixes CVE-2025-2857, CVE-2025-3028, CVE-2025-3029, CVE-2025-3030.
* nongnu/packages/mozilla.scm (firefox-esr): Update to 128.9.0esr.
Signed-off-by: Hilton Chain <hako@ultrarare.space>
|
|
* nongnu/packages/mozilla.scm (firefox): Update to 136.0.2.
Signed-off-by: John Kehayias <john.kehayias@protonmail.com>
|
|
* nongnu/packages/mozilla.scm (firefox): Update to 136.0.1.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
|
|
* nongnu/packages/mozilla.scm (rust-firefox-esr): Set to `rust'.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
|
|
* nongnu/packages/mozilla.scm (rust-firefox): Set to `rust'.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
|
|
Fixes CVE-2024-9956, CVE-2025-1930, CVE-2025-1931, CVE-2025-1932,
CVE-2025-1933, CVE-2025-1934, CVE-2025-1935, CVE-2025-1936,
CVE-2025-1937, CVE-2025-1938, CVE-2025-1939, CVE-2025-1940,
CVE-2025-1941, CVE-2025-1942, CVE-2025-1943.
* nongnu/packages/mozilla.scm (firefox): Update to 136.0.
[inputs]: Use icu4c-76.
[arguments]<#:phases>: Add 'patch-icu-lookup.
Signed-off-by: Jelle Licht <jlicht@fsfe.org>
|
|
Fixes CVE-2024-43097, CVE-2025-1930, CVE-2025-1931, CVE-2025-1932,
CVE-2025-1933, CVE-2025-1934, CVE-2025-1935, CVE-2025-1936,
CVE-2025-1937, CVE-2025-1938.
* nongnu/packages/mozilla.scm (firefox-esr): Update to 128.8.0esr.
Signed-off-by: John Kehayias <john.kehayias@protonmail.com>
|
|
* nongnu/packages/mozilla.scm (firefox-esr)[inputs]: Rename icu4c-73 to
icu4c. On gnome-team icu4c was updated to version 73.
|
|
This was proposed by Joel (beaconDB founder) at their Matrix chat room.
* nongnu/packages/mozilla.scm (firefox-esr)[arguments]: Set a key for
beaconDB API.
Co-authored-by: Tomas Volf <wolf@wolfsden.cz>
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
|
|
* nongnu/packages/mozilla.scm (firefox)[arguments]{phases}: Honor
--cores build argument in 'build phase. Also removing comments that
are outdated by this change.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
|
|
Fixes CVE-2025-1414.
* nongnu/packages/mozilla.scm (firefox): Update to 135.0.1.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
|
|
Fixes CVE-2025-1009, CVE-2025-1010, CVE-2025-1011, CVE-2025-1012,
CVE-2025-1013, CVE-2025-1014, CVE-2025-1016, CVE-2025-1017,
CVE-2025-1018, CVE-2025-1019, CVE-2025-1020.
* nongnu/packages/mozilla.scm (firefox): Update to 135.0.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
|
|
Fixes CVE-2024-11704, CVE-2025-1009, CVE-2025-1010, CVE-2025-1011,
CVE-2025-1012, CVE-2025-1013, CVE-2025-1014, CVE-2025-1016,
CVE-2025-1017.
* nongnu/packages/mozilla.scm (firefox-esr): Update to 128.7.0esr.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
|
|
* nongnu/packages/mozilla.scm (firefox-esr)[arguments]: Set beaconDB as
geolocation provider in 'fix-preferences phase.
|
|
* nongnu/packages/mozilla.scm (firefox): Update to 134.0.2.
Signed-off-by: Hilton Chain <hako@ultrarare.space>
|
|
* nongnu/packages/mozilla.scm (firefox): Update to 134.0.1.
Signed-off-by: Hilton Chain <hako@ultrarare.space>
|
|
Fixes CVE-2025-0237, CVE-2025-0238, CVE-2025-0239, CVE-2025-0240,
CVE-2025-0241, CVE-2025-0242, CVE-2025-0243, CVE-2025-0244,
CVE-2025-0245, CVE-2025-0246, CVE-2025-0247.
* nongnu/packages/mozilla.scm (firefox): Update to 134.0.
[inputs]: Replace icu4c with icu4c-75.
Signed-off-by: John Kehayias <john.kehayias@protonmail.com>
|
|
Fixes CVE-2025-0237, CVE-2025-0238, CVE-2025-0239, CVE-2025-0240,
CVE-2025-0241, CVE-2025-0242, CVE-2025-0243.
* nongnu/packages/mozilla.scm (firefox-esr): Update to 128.6.0esr.
Signed-off-by: John Kehayias <john.kehayias@protonmail.com>
|
|
* nongnu/packages/mozilla.scm (firefox-esr): Update to 128.5.2esr.
Signed-off-by: Hilton Chain <hako@ultrarare.space>
|
|
* nongnu/packages/patches/firefox-use-system-wide-dir.patch: New file.
* nongnu/packages/mozilla.scm (firefox)[source]: Add it along with
firefox-esr-compare-paths.patch.
|
|
* nongnu/packages/patches/firefox-esr-compare-paths.patch: New file.
* nongnu/packages/patches/firefox-esr-use-system-wide-dir.patch: New file.
* nongnu/packages/mozilla.scm (firefox-esr)[source]: Add them.
[arguments]<#:configure-flags>: Allow unsigned system addons.
[native-search-paths]: Add ICECAT_SYSTEM_DIR.
|
|
* nongnu/packages/mozilla.scm (firefox): Update to 133.0.3.
|
|
* nongnu/packages/mozilla.scm (firefox-esr): Update to 128.5.1esr.
|
|
Fixes CVE-2024-11691, CVE-2024-11692, CVE-2024-11693, CVE-2024-11694,
CVE-2024-11695, CVE-2024-11696, CVE-2024-11697, CVE-2024-11698,
CVE-2024-11699, CVE-2024-11700, CVE-2024-11701, CVE-2024-11702,
CVE-2024-11703, CVE-2024-11704, CVE-2024-11705, CVE-2024-11706
and CVE-2024-11708.
* nongnu/packages/mozilla.scm (firefox): Update to 133.0.
|
|
Fixes CVE-2024-11691, CVE-2024-11692, CVE-2024-11693, CVE-2024-11694,
CVE-2024-11695, CVE-2024-11696, CVE-2024-11697, CVE-2024-11698,
CVE-2024-11699.
* nongnu/packages/mozilla.scm (firefox-esr): Update to 128.5.0esr.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
|
|
Firefox needs pipewire in LD_LIBRARY_PATH for screensharing on Wayland,
otherwise the screensharing just won't start.
* nongnu/packages/mozilla.scm (firefox-esr)[arguments]: Add pipewire
lib path to LD_LIBRARY_PATH variable in 'wrap-program phase.
Signed-off-by: John Kehayias <john.kehayias@protonmail.com>
|
|
Fixes CVE-2024-10458, CVE-2024-10459, CVE-2024-10460, CVE-2024-10461,
CVE-2024-10462, CVE-2024-10463, CVE-2024-10464, CVE-2024-10465,
CVE-2024-10466, CVE-2024-10467.
* nongnu/packages/mozilla.scm (firefox-esr): Update to 128.4.0esr.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
|
|
Fixes CVE-2024-9936 and, in previous versions since 130.0.1, CVE-2024-9680,
CVE-2024-9391, CVE-2024-9392, CVE-2024-9393, CVE-2024-9394, CVE-2024-9395,
CVE-2024-9396, CVE-2024-9397, CVE-2024-9398, CVE-2024-9399, CVE-2024-9400,
CVE-2024-9401, CVE-2024-9402, and CVE-2024-9403.
Upstream removed firefox.desktop files which can be generated from their mach
tool. However, this will try to download various dependencies. So, for now
at least, use a patch which reverts that commit so we can use the included
desktop file. In Arch, for example, they include a separate pre-generated
desktop file rather than doing this at build time.
* nongnu/packages/mozilla.scm (firefox): Update to 131.0.3.
* nongnu/packages/patches/firefox-CVE-2024-9680.patch: Delete patch.
* nongnu/packages/patches/firefox-restore-desktop-files.patch: Add patch.
|
|
* nongnu/packages/patches/firefox-CVE-2024-9680.patch: New file.
* nongnu/packages/mozilla.scm (firefox)[source]<patches>: Add it.
(%firefox-build-id): Update.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
|
|
Fixes CVE-2024-9680.
* nongnu/packages/mozilla.scm (firefox-esr): Update to 128.3.1esr.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
|
|
Fixes CVE-2024-8900, CVE-2024-9392, CVE-2024-9393, CVE-2024-9394,
CVE-2024-9396, CVE-2024-9397, CVE-2024-9398, CVE-2024-9399,
CVE-2024-9400, CVE-2024-9401, CVE-2024-9402.
* nongnu/packages/mozilla.scm (firefox-esr): Update to 128.3.0esr.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
|
|
* nongnu/packages/mozilla.scm (firefox): Update to 130.0.1.
Signed-off-by: John Kehayias <john.kehayias@protonmail.com>
|
|
%gnu-build-system-modules is deprecated, so let us use
%default-gnu-imported-modules instead as the warning suggests.
* nongnu/packages/mozilla.scm (firefox-esr)[arguments]<#:modules>: Use
%default-gnu-imported-modules instead of %gnu-build-system-modules.
Signed-off-by: Jelle Licht <jlicht@fsfe.org>
|
|
Fixes CVE-2024-8381, CVE-2024-8382, CVE-2024-8383, CVE-2024-8384,
CVE-2024-8385, CVE-2024-8386, CVE-2024-8387.
* nongnu/packages/mozilla.scm (firefox-esr): Update to 128.2.0esr.
Signed-off-by: John Kehayias <john.kehayias@protonmail.com>
|
|
Fixes CVE-2024-8381, CVE-2024-8382, CVE-2024-8383, CVE-2024-8384,
CVE-2024-8385, CVE-2024-8386, CVE-2024-8387, CVE-2024-8388,
CVE-2024-8389.
* nongnu/packages/mozilla.scm (firefox): Update to 130.0.
Signed-off-by: John Kehayias <john.kehayias@protonmail.com>
|
|
This version of icu4c is in Guix and made public in
cf842e9b20b89ecb08ac3456a91780ec07b5a201. This also failed to build on the
core-updates nonguix build due to a test failure which should be fixed in Guix
with 7937c8827b8d23347a3159b4696335bd19fc17aa.
* nongnu/packages/mozilla.scm (icu4c-73): Delete variable.
|
|
* nongnu/packages/mozilla.scm (firefox): Update to 129.0.2.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
|
