diff options
author | Mark H Weaver <mhw@netris.org> | 2020-06-30 19:12:18 -0400 |
---|---|---|
committer | Mark H Weaver <mhw@netris.org> | 2020-07-01 12:45:08 -0400 |
commit | f74e9277c186be4bd8101fa3c6924f0cb04e4c13 (patch) | |
tree | 86e21a3f46edb86d55885bd41d0da660c269de6b | |
parent | ade0f8ea0cbcabcd94cb4212abebd8c143c7d69d (diff) | |
download | guix-f74e9277c186be4bd8101fa3c6924f0cb04e4c13.tar.gz |
gnu: icecat: Update to 68.10.0-guix0-preview1 [security-fixes].
Includes fixes for CVE-2020-12417, CVE-2020-12418, CVE-2020-12419, CVE-2020-12420, and CVE-2020-12421. * gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update. (icecat-source): Update gnuzilla commit, base version, and hashes. Remove code that deleted the Onion Browser Button extension, which is no longer bundled upstream. * gnu/packages/patches/icecat-makeicecat.patch: Adapt to new version.
-rw-r--r-- | gnu/packages/gnuzilla.scm | 18 | ||||
-rw-r--r-- | gnu/packages/patches/icecat-makeicecat.patch | 4 |
2 files changed, 8 insertions, 14 deletions
diff --git a/gnu/packages/gnuzilla.scm b/gnu/packages/gnuzilla.scm index 3bffe12577..cc3acd6b9b 100644 --- a/gnu/packages/gnuzilla.scm +++ b/gnu/packages/gnuzilla.scm @@ -556,8 +556,8 @@ from forcing GEXP-PROMISE." #:system system #:guile-for-build guile))) -(define %icecat-version "68.9.0-guix0-preview1") -(define %icecat-build-id "20200602000000") ;must be of the form YYYYMMDDhhmmss +(define %icecat-version "68.10.0-guix0-preview1") +(define %icecat-build-id "20200630000000") ;must be of the form YYYYMMDDhhmmss ;; 'icecat-source' is a "computed" origin that generates an IceCat tarball ;; from the corresponding upstream Firefox ESR tarball, using the 'makeicecat' @@ -579,11 +579,11 @@ from forcing GEXP-PROMISE." "firefox-" upstream-firefox-version ".source.tar.xz")) (sha256 (base32 - "01s41p985g6v544lf08zch3myssn5c76jwmkzzd68zd9m3hhalck")))) + "0azdinwqjfv2q37gqpxmfvzsk86pvsi6cjaq1310zs26gric5j1f")))) - (upstream-icecat-base-version "68.9.0") ; maybe older than base-version + (upstream-icecat-base-version "68.10.0") ; maybe older than base-version ;;(gnuzilla-commit (string-append "v" upstream-icecat-base-version)) - (gnuzilla-commit "d7acf32ad905a3382cb2353577a96d29aa58f589") + (gnuzilla-commit "76dced64ce0e72fe3030dc2f7b22cda8e36b165e") (gnuzilla-source (origin (method git-fetch) @@ -595,7 +595,7 @@ from forcing GEXP-PROMISE." (string-take gnuzilla-commit 8))) (sha256 (base32 - "0m49zm05m3n95diij2zyvpm74q66zxjhv9rp8zvaab0h7v2s09n9")))) + "0xcg6h0da63qyv7h575xjrbkzqqcjhwjd45x9h9qmpxiaibi9g3d")))) (makeicecat-patch (local-file (search-patch "icecat-makeicecat.patch"))) @@ -648,12 +648,6 @@ from forcing GEXP-PROMISE." "-p1" "--input" #+makeicecat-patch) (invoke "patch" "--force" "--no-backup-if-mismatch" "-p1" "--input" #+gnuzilla-fixes-patch) - - ;; Remove the bundled tortm-browser-button extension, - ;; which doesn't seem to be working properly. - (delete-file-recursively - "data/extensions/tortm-browser-button@jeremybenthum") - (patch-shebang "makeicecat") (substitute* "makeicecat" (("^FFMAJOR=(.*)" all ffmajor) diff --git a/gnu/packages/patches/icecat-makeicecat.patch b/gnu/packages/patches/icecat-makeicecat.patch index d3d95cbf28..cff0b7ad45 100644 --- a/gnu/packages/patches/icecat-makeicecat.patch +++ b/gnu/packages/patches/icecat-makeicecat.patch @@ -25,7 +25,7 @@ index 8be2362..48716f2 100755 -wget -N https://ftp.mozilla.org/pub/mozilla.org/firefox/releases/${FFVERSION}esr/source/firefox-${FFVERSION}esr.source.tar.xz.asc -gpg --recv-keys --keyserver keyserver.ubuntu.com 14F26682D0916CDD81E37B6D61B7B526D98F0353 -gpg --verify firefox-${FFVERSION}esr.source.tar.xz.asc --echo -n 935105e1a8a97d64daffb372690e2b566b5f07641f01470929dbbc82d20d4407 firefox-${FFVERSION}esr.source.tar.xz |sha256sum -c - +-echo -n 2ec8c2627e46e80fc208584966a2ded7a0a9ff76b55ffccec0623b89b98ded2b firefox-${FFVERSION}esr.source.tar.xz |sha256sum -c - - -echo Extracting Firefox tarball -tar -xf firefox-${FFVERSION}esr.source.tar.xz @@ -37,7 +37,7 @@ index 8be2362..48716f2 100755 +# wget -N https://ftp.mozilla.org/pub/mozilla.org/firefox/releases/${FFVERSION}esr/source/firefox-${FFVERSION}esr.source.tar.xz.asc +# gpg --recv-keys --keyserver keyserver.ubuntu.com 14F26682D0916CDD81E37B6D61B7B526D98F0353 +# gpg --verify firefox-${FFVERSION}esr.source.tar.xz.asc -+# echo -n 935105e1a8a97d64daffb372690e2b566b5f07641f01470929dbbc82d20d4407 firefox-${FFVERSION}esr.source.tar.xz |sha256sum -c - ++# echo -n 2ec8c2627e46e80fc208584966a2ded7a0a9ff76b55ffccec0623b89b98ded2b firefox-${FFVERSION}esr.source.tar.xz |sha256sum -c - +# +# echo Extracting Firefox tarball +# tar -xf firefox-${FFVERSION}esr.source.tar.xz |