summary refs log tree commit diff
path: root/gnu/local.mk
diff options
context:
space:
mode:
authorMark H Weaver <mhw@netris.org>2019-10-21 04:55:12 -0400
committerMark H Weaver <mhw@netris.org>2019-10-26 18:21:03 -0400
commitad21d767df29f6808b4291a10c0b32bd34b6b5d4 (patch)
tree850a0f7187dc816399472cb83f1c00a7008b2203 /gnu/local.mk
parent88f95687c79d33442bcc04062b17bfe946d7d109 (diff)
downloadguix-ad21d767df29f6808b4291a10c0b32bd34b6b5d4.tar.gz
gnu: icecat: Update to 68.2.0-guix0-preview1 [security fixes].
Fixes CVE-2019-11757, CVE-2019-11759, CVE-2019-11760, CVE-2019-11761,
CVE-2019-11762, CVE-2019-11763, CVE-2019-11764, and CVE-2019-15903.

Note: IceCat 68 has not yet been released by the IceCat project.  This is a
      work-in-progress, and does not currently meet the privacy-respecting
      standards of the IceCat project.

* gnu/packages/patches/icecat-default-search-ddg.patch,
gnu/packages/patches/icecat-disable-sync.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/gnuzilla.scm (%icecat-version): Update.
(mozilla-compare-locales, all-mozilla-locales): New variables.
(mozilla-locale): New procedure.
(mozilla-locales): New macro.
(icecat-source): Add code to populate the l10n directory.  Remove the code
that copied the l10n directory from an older IceCat source tarball.
(icecat)[inputs]: Remove hunspell.
[native-inputs]: Comment out previous Guix-specific patches for now.  Use the
newest rust, cargo, llvm, and clang.  Add rust-cbindgen, node, nasm, python 3,
icecat-default-search-ddg.patch and icecat-disable-sync.patch.
[arguments]: In configure flags: remove "--disable-maintenance-service" and
"--enable-system-hunspell", and comment out flags to use system libraries
instead of bundled libraries for libevent, libogg, libvorbis, libvpx,
harfbuzz, graphite2, and sqlite.  Add srfi-34 and srfi-35 to modules.  Delete
fewer bundled libraries.  Adapt the 'patch-source-shebangs' phase.  Add a
custom 'build' phase that tries the standard 'build' phase up to 5 times.
In the 'wrap-program' phase, set MOZ_LEGACY_PROFILES=1 in the environment,
and add 'pulseaudio' to the front of LD_LIBRARY_PATH.
[description]: Add a warning that this is only a preview release.
* gnu/packages/patches/icecat-makeicecat.patch: Adapt.
Diffstat (limited to 'gnu/local.mk')
-rw-r--r--gnu/local.mk2
1 files changed, 2 insertions, 0 deletions
diff --git a/gnu/local.mk b/gnu/local.mk
index 50bcab514a..8befd568d6 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -977,6 +977,8 @@ dist_patch_DATA =						\
   %D%/packages/patches/hplip-remove-imageprocessor.patch	\
   %D%/packages/patches/hydra-disable-darcs-test.patch		\
   %D%/packages/patches/icecat-makeicecat.patch			\
+  %D%/packages/patches/icecat-default-search-ddg.patch		\
+  %D%/packages/patches/icecat-disable-sync.patch		\
   %D%/packages/patches/icecat-avoid-bundled-libraries.patch	\
   %D%/packages/patches/icecat-use-system-graphite2+harfbuzz.patch	\
   %D%/packages/patches/icecat-use-system-media-libs.patch	\