aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages
diff options
context:
space:
mode:
authorMark H Weaver <mhw@netris.org>2020-06-30 19:12:18 -0400
committerMark H Weaver <mhw@netris.org>2020-07-01 12:45:08 -0400
commitf74e9277c186be4bd8101fa3c6924f0cb04e4c13 (patch)
tree86e21a3f46edb86d55885bd41d0da660c269de6b /gnu/packages
parentade0f8ea0cbcabcd94cb4212abebd8c143c7d69d (diff)
downloadguix-f74e9277c186be4bd8101fa3c6924f0cb04e4c13.tar
guix-f74e9277c186be4bd8101fa3c6924f0cb04e4c13.tar.gz
gnu: icecat: Update to 68.10.0-guix0-preview1 [security-fixes].
Includes fixes for CVE-2020-12417, CVE-2020-12418, CVE-2020-12419, CVE-2020-12420, and CVE-2020-12421. * gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update. (icecat-source): Update gnuzilla commit, base version, and hashes. Remove code that deleted the Onion Browser Button extension, which is no longer bundled upstream. * gnu/packages/patches/icecat-makeicecat.patch: Adapt to new version.
Diffstat (limited to 'gnu/packages')
-rw-r--r--gnu/packages/gnuzilla.scm18
-rw-r--r--gnu/packages/patches/icecat-makeicecat.patch4
2 files changed, 8 insertions, 14 deletions
diff --git a/gnu/packages/gnuzilla.scm b/gnu/packages/gnuzilla.scm
index 3bffe12577..cc3acd6b9b 100644
--- a/gnu/packages/gnuzilla.scm
+++ b/gnu/packages/gnuzilla.scm
@@ -556,8 +556,8 @@ from forcing GEXP-PROMISE."
#:system system
#:guile-for-build guile)))
-(define %icecat-version "68.9.0-guix0-preview1")
-(define %icecat-build-id "20200602000000") ;must be of the form YYYYMMDDhhmmss
+(define %icecat-version "68.10.0-guix0-preview1")
+(define %icecat-build-id "20200630000000") ;must be of the form YYYYMMDDhhmmss
;; 'icecat-source' is a "computed" origin that generates an IceCat tarball
;; from the corresponding upstream Firefox ESR tarball, using the 'makeicecat'
@@ -579,11 +579,11 @@ from forcing GEXP-PROMISE."
"firefox-" upstream-firefox-version ".source.tar.xz"))
(sha256
(base32
- "01s41p985g6v544lf08zch3myssn5c76jwmkzzd68zd9m3hhalck"))))
+ "0azdinwqjfv2q37gqpxmfvzsk86pvsi6cjaq1310zs26gric5j1f"))))
- (upstream-icecat-base-version "68.9.0") ; maybe older than base-version
+ (upstream-icecat-base-version "68.10.0") ; maybe older than base-version
;;(gnuzilla-commit (string-append "v" upstream-icecat-base-version))
- (gnuzilla-commit "d7acf32ad905a3382cb2353577a96d29aa58f589")
+ (gnuzilla-commit "76dced64ce0e72fe3030dc2f7b22cda8e36b165e")
(gnuzilla-source
(origin
(method git-fetch)
@@ -595,7 +595,7 @@ from forcing GEXP-PROMISE."
(string-take gnuzilla-commit 8)))
(sha256
(base32
- "0m49zm05m3n95diij2zyvpm74q66zxjhv9rp8zvaab0h7v2s09n9"))))
+ "0xcg6h0da63qyv7h575xjrbkzqqcjhwjd45x9h9qmpxiaibi9g3d"))))
(makeicecat-patch
(local-file (search-patch "icecat-makeicecat.patch")))
@@ -648,12 +648,6 @@ from forcing GEXP-PROMISE."
"-p1" "--input" #+makeicecat-patch)
(invoke "patch" "--force" "--no-backup-if-mismatch"
"-p1" "--input" #+gnuzilla-fixes-patch)
-
- ;; Remove the bundled tortm-browser-button extension,
- ;; which doesn't seem to be working properly.
- (delete-file-recursively
- "data/extensions/tortm-browser-button@jeremybenthum")
-
(patch-shebang "makeicecat")
(substitute* "makeicecat"
(("^FFMAJOR=(.*)" all ffmajor)
diff --git a/gnu/packages/patches/icecat-makeicecat.patch b/gnu/packages/patches/icecat-makeicecat.patch
index d3d95cbf28..cff0b7ad45 100644
--- a/gnu/packages/patches/icecat-makeicecat.patch
+++ b/gnu/packages/patches/icecat-makeicecat.patch
@@ -25,7 +25,7 @@ index 8be2362..48716f2 100755
-wget -N https://ftp.mozilla.org/pub/mozilla.org/firefox/releases/${FFVERSION}esr/source/firefox-${FFVERSION}esr.source.tar.xz.asc
-gpg --recv-keys --keyserver keyserver.ubuntu.com 14F26682D0916CDD81E37B6D61B7B526D98F0353
-gpg --verify firefox-${FFVERSION}esr.source.tar.xz.asc
--echo -n 935105e1a8a97d64daffb372690e2b566b5f07641f01470929dbbc82d20d4407 firefox-${FFVERSION}esr.source.tar.xz |sha256sum -c -
+-echo -n 2ec8c2627e46e80fc208584966a2ded7a0a9ff76b55ffccec0623b89b98ded2b firefox-${FFVERSION}esr.source.tar.xz |sha256sum -c -
-
-echo Extracting Firefox tarball
-tar -xf firefox-${FFVERSION}esr.source.tar.xz
@@ -37,7 +37,7 @@ index 8be2362..48716f2 100755
+# wget -N https://ftp.mozilla.org/pub/mozilla.org/firefox/releases/${FFVERSION}esr/source/firefox-${FFVERSION}esr.source.tar.xz.asc
+# gpg --recv-keys --keyserver keyserver.ubuntu.com 14F26682D0916CDD81E37B6D61B7B526D98F0353
+# gpg --verify firefox-${FFVERSION}esr.source.tar.xz.asc
-+# echo -n 935105e1a8a97d64daffb372690e2b566b5f07641f01470929dbbc82d20d4407 firefox-${FFVERSION}esr.source.tar.xz |sha256sum -c -
++# echo -n 2ec8c2627e46e80fc208584966a2ded7a0a9ff76b55ffccec0623b89b98ded2b firefox-${FFVERSION}esr.source.tar.xz |sha256sum -c -
+#
+# echo Extracting Firefox tarball
+# tar -xf firefox-${FFVERSION}esr.source.tar.xz