aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMark H Weaver <mhw@netris.org>2020-04-03 16:56:20 -0400
committerMark H Weaver <mhw@netris.org>2020-04-03 21:28:43 -0400
commitd24e598a7840a6ab70424e27fd858d9bc0ae12b1 (patch)
tree4d41ae9f832e7917f7af6fc93f144bd3ded522d3
parentf97a4279f0192e5c6b52322eff3769f184c335eb (diff)
downloadguix-d24e598a7840a6ab70424e27fd858d9bc0ae12b1.tar
guix-d24e598a7840a6ab70424e27fd858d9bc0ae12b1.tar.gz
gnu: icecat: Update to 68.6.1-guix0-preview1 [security fixes].
Includes fixes for CVE-2020-6819 and CVE-2020-6820. * gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update. (icecat-source): Update gnuzilla commit, base version, and hashes. * gnu/packages/patches/icecat-makeicecat.patch: Adapt to new version.
-rw-r--r--gnu/packages/gnuzilla.scm12
-rw-r--r--gnu/packages/patches/icecat-makeicecat.patch4
2 files changed, 8 insertions, 8 deletions
diff --git a/gnu/packages/gnuzilla.scm b/gnu/packages/gnuzilla.scm
index 23f15906c5..68b9a59d34 100644
--- a/gnu/packages/gnuzilla.scm
+++ b/gnu/packages/gnuzilla.scm
@@ -554,8 +554,8 @@ from forcing GEXP-PROMISE."
#:system system
#:guile-for-build guile)))
-(define %icecat-version "68.6.0-guix0-preview1")
-(define %icecat-build-id "20200309000000") ;must be of the form YYYYMMDDhhmmss
+(define %icecat-version "68.6.1-guix0-preview1")
+(define %icecat-build-id "20200403000000") ;must be of the form YYYYMMDDhhmmss
;; 'icecat-source' is a "computed" origin that generates an IceCat tarball
;; from the corresponding upstream Firefox ESR tarball, using the 'makeicecat'
@@ -577,11 +577,11 @@ from forcing GEXP-PROMISE."
"firefox-" upstream-firefox-version ".source.tar.xz"))
(sha256
(base32
- "17qwfq9hwra8jarawy8k2sqfa6hdhwa9qk84ndr6gjvmxcy22a14"))))
+ "1y69rrm73nb77p2yydny7hs7zwsbfdhyz8xg5y6xihvsakwsxn59"))))
- (upstream-icecat-base-version "68.6.0") ; maybe older than base-version
+ (upstream-icecat-base-version "68.6.1") ; maybe older than base-version
;;(gnuzilla-commit (string-append "v" upstream-icecat-base-version))
- (gnuzilla-commit "9dcb24d885eae5973eb2245b532b158c685d707a")
+ (gnuzilla-commit "f27cf24f9b5f85c1effcbac46d75e8fb83728df9")
(gnuzilla-source
(origin
(method git-fetch)
@@ -593,7 +593,7 @@ from forcing GEXP-PROMISE."
(string-take gnuzilla-commit 8)))
(sha256
(base32
- "1y3jmh055vmx44gsjgwxvwv3zcyvz8pc5mhgrwkzm0ybbwpp2pqi"))))
+ "1xrqk3iik9if6qcdfvschyya1vhiank6gnpkwix8m2shsdimaaq2"))))
(makeicecat-patch
(local-file (search-patch "icecat-makeicecat.patch"))))
diff --git a/gnu/packages/patches/icecat-makeicecat.patch b/gnu/packages/patches/icecat-makeicecat.patch
index a90d7fdee8..116a944871 100644
--- a/gnu/packages/patches/icecat-makeicecat.patch
+++ b/gnu/packages/patches/icecat-makeicecat.patch
@@ -25,7 +25,7 @@ index 8be2362..48716f2 100755
-wget -N https://ftp.mozilla.org/pub/mozilla.org/firefox/releases/${FFVERSION}esr/source/firefox-${FFVERSION}esr.source.tar.xz.asc
-gpg --recv-keys --keyserver keyserver.ubuntu.com 14F26682D0916CDD81E37B6D61B7B526D98F0353
-gpg --verify firefox-${FFVERSION}esr.source.tar.xz.asc
--echo -n 2428213ceb75cb6772b3044d9c14870d1ae5b0161379aeb29248650e13761c9f firefox-${FFVERSION}esr.source.tar.xz |sha256sum -c -
+-echo -n a9d8aef9547ac3d88d2fafa3ef61734bf37f343cde36efc53d67d9716acec9f8 firefox-${FFVERSION}esr.source.tar.xz |sha256sum -c -
-
-echo Extracting Firefox tarball
-tar -xf firefox-${FFVERSION}esr.source.tar.xz
@@ -37,7 +37,7 @@ index 8be2362..48716f2 100755
+# wget -N https://ftp.mozilla.org/pub/mozilla.org/firefox/releases/${FFVERSION}esr/source/firefox-${FFVERSION}esr.source.tar.xz.asc
+# gpg --recv-keys --keyserver keyserver.ubuntu.com 14F26682D0916CDD81E37B6D61B7B526D98F0353
+# gpg --verify firefox-${FFVERSION}esr.source.tar.xz.asc
-+# echo -n 2428213ceb75cb6772b3044d9c14870d1ae5b0161379aeb29248650e13761c9f firefox-${FFVERSION}esr.source.tar.xz |sha256sum -c -
++# echo -n a9d8aef9547ac3d88d2fafa3ef61734bf37f343cde36efc53d67d9716acec9f8 firefox-${FFVERSION}esr.source.tar.xz |sha256sum -c -
+#
+# echo Extracting Firefox tarball
+# tar -xf firefox-${FFVERSION}esr.source.tar.xz