diff options
author | Mark H Weaver <mhw@netris.org> | 2020-09-06 21:48:00 -0400 |
---|---|---|
committer | Mark H Weaver <mhw@netris.org> | 2020-09-22 11:32:12 -0400 |
commit | c7011ff850420fdbe1319b3d218bd362f2f9d618 (patch) | |
tree | beb720ec94c555f8cf2c472aa395626482359fef /gnu/packages/patches/icecat-68-makeicecat.patch | |
parent | ce642b8f066292b2ef382bb23a245ea7dffcbb65 (diff) | |
download | guix-c7011ff850420fdbe1319b3d218bd362f2f9d618.tar guix-c7011ff850420fdbe1319b3d218bd362f2f9d618.tar.gz |
gnu: icecat: Update to 78.3.0-guix0-preview1 [security-fixes].
Includes fixes for CVE-2020-15673, CVE-2020-15676, CVE-2020-15677, and
CVE-2020-15678.
* gnu/packages/gnuzilla.scm (mozilla-compare-locales): Update to
RELEASE_8_0_0.
(all-mozilla-locales): Update to newer versions.
(mozilla-patch): Remove vestigial procedure.
(%icecat-version, %icecat-build-id): Update to 78.3.0-guix0-preview1.
(icecat-source): Update 'upstream-icecat-base-version', 'gnuzilla-commit', and
hashes. Reverse order of makeicecat-patch and gnuzilla-fixes-patch.
(icecat)[inputs]: Remove libogg, libvorbis, libvpx, icu4c, sqlite,
startup-notification, and zlib. Add several "UNBUNDLE-ME!" comments.
[native-inputs]: Update 'rust' and 'cargo' dependencies to version 1.41.
Update 'rust-cbindgen' dependency to version 0.14. Update 'node' dependency
to 10.22.
[arguments]<configure-flags>: Change --enable-default-toolkit value to
"cairo-gtk3-wayland". Change --with-unsigned-addon-scopes value to
"app,system". Add "--allow-addon-sideload". Remove
"--enable-startup-notification" and "--disable-gconf". Comment out
"--with-system-zlib", "--with-system-bz2", and "--with-system-icu".
<phases>: In the 'remove-bundled-libaries' phase, remove "modules/zlib" from
the list of directories to delete. Update the 'patch-cargo-checksums' phase
to update more modules.
(mozilla-68-compare-locales, all-mozilla-68-locales, %icecat-68-version)
(icecat-68-source): New variables preserving the previous icecat 68 source.
(icedove)[source]: Use 'icecat-68-source'.
* gnu/packages/patches/icecat-makeicecat.patch: Adapt to IceCat 78.
* gnu/packages/patches/icecat-68-makeicecat.patch: New file containing
the previous 'icecat-makeicecat.patch'.
* gnu/local.mk: Add 'icecat-68-makeicecat.patch'.
Diffstat (limited to 'gnu/packages/patches/icecat-68-makeicecat.patch')
-rw-r--r-- | gnu/packages/patches/icecat-68-makeicecat.patch | 110 |
1 files changed, 110 insertions, 0 deletions
diff --git a/gnu/packages/patches/icecat-68-makeicecat.patch b/gnu/packages/patches/icecat-68-makeicecat.patch new file mode 100644 index 0000000000..265725ce36 --- /dev/null +++ b/gnu/packages/patches/icecat-68-makeicecat.patch @@ -0,0 +1,110 @@ +Make some of the changes needed to the 'makeicecat' script, to allow it to run +in a snippet without network access. After this patch is applied, some +additional changes will be made using 'substitute*'. + +diff --git a/makeicecat b/makeicecat +index 8be2362..48716f2 100755 +--- a/makeicecat ++++ b/makeicecat +@@ -31,55 +31,55 @@ SOURCEDIR=icecat-$FFVERSION + + DATA="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"/data + +-mkdir -p output +-cd output ++# mkdir -p output ++# cd output + + ############################################################################### + # Retrieve FF source code + ############################################################################### + +-rm mozilla-esr${FFMAJOR} $SOURCEDIR -rf +- +-wget -N https://ftp.mozilla.org/pub/mozilla.org/firefox/releases/${FFVERSION}esr/source/firefox-${FFVERSION}esr.source.tar.xz +-wget -N https://ftp.mozilla.org/pub/mozilla.org/firefox/releases/${FFVERSION}esr/source/firefox-${FFVERSION}esr.source.tar.xz.asc +-gpg --recv-keys --keyserver keyserver.ubuntu.com 14F26682D0916CDD81E37B6D61B7B526D98F0353 +-gpg --verify firefox-${FFVERSION}esr.source.tar.xz.asc +-echo -n ae692bf2a15908cacbb9d4c7ccf78525a87410ff3f13befedc1926f849bc27cc firefox-${FFVERSION}esr.source.tar.xz |sha256sum -c - +- +-echo Extracting Firefox tarball +-tar -xf firefox-${FFVERSION}esr.source.tar.xz +- +-mv firefox-${FFVERSION} $SOURCEDIR ++# rm mozilla-esr${FFMAJOR} $SOURCEDIR -rf ++# ++# wget -N https://ftp.mozilla.org/pub/mozilla.org/firefox/releases/${FFVERSION}esr/source/firefox-${FFVERSION}esr.source.tar.xz ++# wget -N https://ftp.mozilla.org/pub/mozilla.org/firefox/releases/${FFVERSION}esr/source/firefox-${FFVERSION}esr.source.tar.xz.asc ++# gpg --recv-keys --keyserver keyserver.ubuntu.com 14F26682D0916CDD81E37B6D61B7B526D98F0353 ++# gpg --verify firefox-${FFVERSION}esr.source.tar.xz.asc ++# echo -n ae692bf2a15908cacbb9d4c7ccf78525a87410ff3f13befedc1926f849bc27cc firefox-${FFVERSION}esr.source.tar.xz |sha256sum -c - ++# ++# echo Extracting Firefox tarball ++# tar -xf firefox-${FFVERSION}esr.source.tar.xz ++# ++# mv firefox-${FFVERSION} $SOURCEDIR + + ############################################################################### + # Retrieve l10n + ############################################################################### + +-mkdir l10n +-cd l10n +-while read line;do +- line=$(echo $line |cut -d' ' -f1) +- #[ $line = "es-ES" ] || continue # To speed up testing +- [ $line = "en-US" ] && continue +- hg clone https://hg.mozilla.org/l10n-central/$line +- mkdir -p $line/browser/chrome/browser/preferences +- touch $line/browser/chrome/browser/preferences/advanced-scripts.dtd +- rm -rf $line/.hg* +-done < ../$SOURCEDIR/browser/locales/shipped-locales +-cd .. +- +-mv l10n $SOURCEDIR +- +-hg clone http://hg.mozilla.org/l10n/compare-locales/ +-cd compare-locales/ +-hg checkout RELEASE_3_3_0 +-cd .. +-rm compare-locales/.hg* compare-locales/.git* -rf +-mv compare-locales $SOURCEDIR/l10n ++# mkdir l10n ++# cd l10n ++# while read line;do ++# line=$(echo $line |cut -d' ' -f1) ++# #[ $line = "es-ES" ] || continue # To speed up testing ++# [ $line = "en-US" ] && continue ++# hg clone https://hg.mozilla.org/l10n-central/$line ++# mkdir -p $line/browser/chrome/browser/preferences ++# touch $line/browser/chrome/browser/preferences/advanced-scripts.dtd ++# rm -rf $line/.hg* ++# done < ../$SOURCEDIR/browser/locales/shipped-locales ++# cd .. ++# ++# mv l10n $SOURCEDIR ++# ++# hg clone http://hg.mozilla.org/l10n/compare-locales/ ++# cd compare-locales/ ++# hg checkout RELEASE_3_3_0 ++# cd .. ++# rm compare-locales/.hg* compare-locales/.git* -rf ++# mv compare-locales $SOURCEDIR/l10n + + ####################################################### + +-cd $SOURCEDIR ++# cd $SOURCEDIR + + shopt -s nullglob + for patch in $DATA/patches/*.patch; do +@@ -603,6 +603,6 @@ sed 's/777/755/;' -i toolkit/crashreporter/google-breakpad/Makefile.in + # Fix CVE-2012-3386 + /bin/sed 's/chmod a+w/chmod u+w/' -i ./js/src/ctypes/libffi/Makefile.in ./toolkit/crashreporter/google-breakpad/Makefile.in ./toolkit/crashreporter/google-breakpad/src/third_party/glog/Makefile.in || true + +-cd .. +-echo Packaging tarball +-tar cfj icecat-$ICECATVERSION.tar.bz2 $SOURCEDIR ++# cd .. ++# echo Packaging tarball ++# tar cfj icecat-$ICECATVERSION.tar.bz2 $SOURCEDIR |