aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages/gnuzilla.scm
diff options
context:
space:
mode:
authorMark H Weaver <mhw@netris.org>2018-09-22 04:47:54 -0400
committerMark H Weaver <mhw@netris.org>2018-09-22 13:48:32 -0400
commitae71cd8ac93245360ffe73d6ab260975ec0d742f (patch)
tree12a825e14b608919122460c22328461c5439d76e /gnu/packages/gnuzilla.scm
parent91294b53619995712a6f8d497d650bfc02b4c952 (diff)
downloadguix-ae71cd8ac93245360ffe73d6ab260975ec0d742f.tar
guix-ae71cd8ac93245360ffe73d6ab260975ec0d742f.tar.gz
gnu: icecat: Add fixes from upstream mozilla-esr60 [security fixes].
Includes fixes for CVE-2018-12383 and CVE-2018-12385. * gnu/packages/patches/icecat-CVE-2018-12383.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/patches/icecat-avoid-bundled-libraries.patch: Adapt to apply cleanly to IceCat 60. * gnu/packages/gnuzilla.scm (mozilla-patch): Update to fetch from mozilla-esr60. (icecat): Add selected changesets from upstream mozilla-esr60.
Diffstat (limited to 'gnu/packages/gnuzilla.scm')
-rw-r--r--gnu/packages/gnuzilla.scm8
1 files changed, 5 insertions, 3 deletions
diff --git a/gnu/packages/gnuzilla.scm b/gnu/packages/gnuzilla.scm
index db8f85cfb1..653cee93d5 100644
--- a/gnu/packages/gnuzilla.scm
+++ b/gnu/packages/gnuzilla.scm
@@ -469,10 +469,10 @@ security standards.")
(license license:mpl2.0)))
(define (mozilla-patch file-name changeset hash)
- "Return an origin for CHANGESET from the mozilla-esr52 repository."
+ "Return an origin for CHANGESET from the mozilla-esr60 repository."
(origin
(method url-fetch)
- (uri (string-append "https://hg.mozilla.org/releases/mozilla-esr52/raw-rev/"
+ (uri (string-append "https://hg.mozilla.org/releases/mozilla-esr60/raw-rev/"
changeset))
(sha256 (base32 hash))
(file-name file-name)))
@@ -498,7 +498,9 @@ security standards.")
(search-patch "icecat-avoid-bundled-libraries.patch")
;; FIXME (search-patch "icecat-use-system-harfbuzz.patch")
;; FIXME (search-patch "icecat-use-system-graphite2.patch")
- ))
+ (mozilla-patch "icecat-CVE-2018-12385.patch" "80a4a7ef2813" "1vgcbimpnfjqj934v0cryq1g13xac3wfmd4jyhcb5s60x8xyssf5")
+ (search-patch "icecat-CVE-2018-12383.patch")
+ (mozilla-patch "icecat-bug-1489744.patch" "6546ee839d30" "11mhvj77r789b428bfxqq5wdx8yr7lbrdjzr8qjj6fw197pldn51")))
(modules '((guix build utils)))
(snippet
'(begin