From f5b957b4e79cff5bf8e1321c3276567910613066 Mon Sep 17 00:00:00 2001
From: Tomas Volf <~@wolfsden.cz>
Date: Tue, 14 Oct 2025 20:47:35 +0200
Subject: nongnu: firefox-esr: Update to 140.4.0esr [security fixes].

Fixes CVE-2025-11708, CVE-2025-11709, CVE-2025-11710, CVE-2025-11711,
CVE-2025-11712, CVE-2025-11713, CVE-2025-11714, CVE-2025-11715.

* nongnu/packages/mozilla.scm (firefox-esr): Update to 140.4.0esr.

Signed-off-by: John Kehayias <john.kehayias@protonmail.com>
---
 nongnu/packages/mozilla.scm | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'nongnu/packages')

diff --git a/nongnu/packages/mozilla.scm b/nongnu/packages/mozilla.scm
index 045da60..d92deb6 100644
--- a/nongnu/packages/mozilla.scm
+++ b/nongnu/packages/mozilla.scm
@@ -87,19 +87,19 @@
 
 ;; Update this id with every firefox update to its release date.
 ;; It's used for cache validation and therefore can lead to strange bugs.
-(define %firefox-esr-build-id "20250923121713")
+(define %firefox-esr-build-id "20251013122101")
 
 (define-public firefox-esr
   (package
     (name "firefox-esr")
-    (version "140.3.1esr")
+    (version "140.4.0esr")
     (source
      (origin
        (method url-fetch)
        (uri (string-append "https://archive.mozilla.org/pub/firefox/releases/"
                            version "/source/firefox-" version ".source.tar.xz"))
        (sha256
-        (base32 "0db7qgcvw4knl6qbkn0a52vh2pcghcw4s2djdvcna1zlqjhv6hqb"))
+        (base32 "1xx4rsdkfkx9nxlfzw07j5di07kfqi0a7jplcixvqihh2xrhdwj9"))
        (patches
         (map (lambda (patch)
                (search-path
-- 
cgit v1.2.3