diff options
author | Mark H Weaver <mhw@netris.org> | 2018-09-22 04:47:54 -0400 |
---|---|---|
committer | Mark H Weaver <mhw@netris.org> | 2018-09-22 13:48:32 -0400 |
commit | ae71cd8ac93245360ffe73d6ab260975ec0d742f (patch) | |
tree | 12a825e14b608919122460c22328461c5439d76e /gnu/packages/gnuzilla.scm | |
parent | 91294b53619995712a6f8d497d650bfc02b4c952 (diff) | |
download | guix-ae71cd8ac93245360ffe73d6ab260975ec0d742f.tar guix-ae71cd8ac93245360ffe73d6ab260975ec0d742f.tar.gz |
gnu: icecat: Add fixes from upstream mozilla-esr60 [security fixes].
Includes fixes for CVE-2018-12383 and CVE-2018-12385.
* gnu/packages/patches/icecat-CVE-2018-12383.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/patches/icecat-avoid-bundled-libraries.patch: Adapt to apply
cleanly to IceCat 60.
* gnu/packages/gnuzilla.scm (mozilla-patch): Update to fetch from
mozilla-esr60.
(icecat): Add selected changesets from upstream mozilla-esr60.
Diffstat (limited to 'gnu/packages/gnuzilla.scm')
-rw-r--r-- | gnu/packages/gnuzilla.scm | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/gnu/packages/gnuzilla.scm b/gnu/packages/gnuzilla.scm index db8f85cfb1..653cee93d5 100644 --- a/gnu/packages/gnuzilla.scm +++ b/gnu/packages/gnuzilla.scm @@ -469,10 +469,10 @@ security standards.") (license license:mpl2.0))) (define (mozilla-patch file-name changeset hash) - "Return an origin for CHANGESET from the mozilla-esr52 repository." + "Return an origin for CHANGESET from the mozilla-esr60 repository." (origin (method url-fetch) - (uri (string-append "https://hg.mozilla.org/releases/mozilla-esr52/raw-rev/" + (uri (string-append "https://hg.mozilla.org/releases/mozilla-esr60/raw-rev/" changeset)) (sha256 (base32 hash)) (file-name file-name))) @@ -498,7 +498,9 @@ security standards.") (search-patch "icecat-avoid-bundled-libraries.patch") ;; FIXME (search-patch "icecat-use-system-harfbuzz.patch") ;; FIXME (search-patch "icecat-use-system-graphite2.patch") - )) + (mozilla-patch "icecat-CVE-2018-12385.patch" "80a4a7ef2813" "1vgcbimpnfjqj934v0cryq1g13xac3wfmd4jyhcb5s60x8xyssf5") + (search-patch "icecat-CVE-2018-12383.patch") + (mozilla-patch "icecat-bug-1489744.patch" "6546ee839d30" "11mhvj77r789b428bfxqq5wdx8yr7lbrdjzr8qjj6fw197pldn51"))) (modules '((guix build utils))) (snippet '(begin |