From d67dd230aae78b117164fbe90e85fed262071224 Mon Sep 17 00:00:00 2001
From: Tomas Volf <~@wolfsden.cz>
Date: Tue, 10 Mar 2026 22:00:52 +0100
Subject: nongnu: firefox: Update to 148.0.2 [security fixes].

Fixes CVE-2026-3845, CVE-2026-3846, CVE-2026-3847.

* nongnu/packages/mozilla.scm (firefox): Update to 148.0.2.

Signed-off-by: John Kehayias <john.kehayias@protonmail.com>
---
 nongnu/packages/mozilla.scm | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'nongnu')

diff --git a/nongnu/packages/mozilla.scm b/nongnu/packages/mozilla.scm
index 527593b..356615f 100644
--- a/nongnu/packages/mozilla.scm
+++ b/nongnu/packages/mozilla.scm
@@ -84,7 +84,7 @@
 ;;; it is a tradeoff worth making.
 ;;; 0: https://firefox-source-docs.mozilla.org/writing-rust-code/update-policy.html
 (define-public rust-firefox-esr rust)
-(define-public rust-firefox     rust-1.92)
+(define-public rust-firefox     rust)
 
 ;; Update this id with every firefox update to its release date.
 ;; It's used for cache validation and therefore can lead to strange bugs.
@@ -526,20 +526,20 @@ Release (ESR) version.")
 
 ;; Update this id with every firefox update to its release date.
 ;; It's used for cache validation and therefore can lead to strange bugs.
-(define %firefox-build-id "20260223140545")
+(define %firefox-build-id "20260309183544")
 
 (define-public firefox
   (package
     (inherit firefox-esr)
     (name "firefox")
-    (version "148.0")
+    (version "148.0.2")
     (source
      (origin
        (method url-fetch)
        (uri (string-append "https://archive.mozilla.org/pub/firefox/releases/"
                            version "/source/firefox-" version ".source.tar.xz"))
        (sha256
-        (base32 "0vybaiiknrzk2zvg46w5sxb0i0m9rmy4msvpxklxpdr3182fb4zc"))
+        (base32 "142f4k4ykcm65kbvj60p472103r4k79v9fdsfljdav2rbr6qxjx6"))
        (patches
         (nongnu-patches
          "firefox-restore-desktop-files.patch"
-- 
cgit v1.3