guix - Guix

	Commit message (Collapse)	Author	Age
*	gnu: librewolf: Update to 131.0.2-1 [security fixes].	Ian Eure	2024-10-11
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Updates the package and changes how the .desktop file is generated. The .desktop file the package had been using was removed upstream. Fixes: CVE-2024-9391: Prevent users from exiting full-screen mode in Firefox Focus for Android CVE-2024-9392: Compromised content process can bypass site isolation CVE-2024-9393: Cross-origin access to PDF contents through multipart responses CVE-2024-9394: Cross-origin access to JSON contents through multipart responses CVE-2024-9395: Specially crafted filename could be used to obscure download type CVE-2024-9396: Potential memory corruption may occur when cloning certain objects CVE-2024-9397: Potential directory upload bypass via clickjacking CVE-2024-9398: External protocol handlers could be enumerated via popups CVE-2024-9399: Specially crafted WebTransport requests could lead to denial of service CVE-2024-9400: Potential memory corruption during JIT compilation CVE-2024-9401: Memory safety bugs fixed in Firefox 131, Firefox ESR 115.16, Firefox ESR 128.3, Thunderbird 131, and Thunderbird 128.3 CVE-2024-9402: Memory safety bugs fixed in Firefox 131, Firefox ESR 128.3, Thunderbird 131, and Thunderbird 128.3 CVE-2024-9403: Memory safety bugs fixed in Firefox 131 and Thunderbird 131 CVE-2024-9680: Use-after-free in Animation timeline * gnu/packages/librewolf.scm (%librewolf-build-id): Update. (librewolf): Update to 131.0.2-1. [arguments]<#:phases>: Adjust 'install-desktop-entry for new .desktop file. Change-Id: I03f8a405c454a5bc3c8a1fc9f94d0ec9b41e92ec Modified-by: Hilton Chain <hako@ultrarare.space> Signed-off-by: Hilton Chain <hako@ultrarare.space>
*	gnu: librewolf: Revert video acceleration fix.	Ian Eure	2024-10-08
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	This patch partly reverts #73429, because that change makes livestreaming video refuse to play. * gnu/packages/librewolf.scm (librewolf) [source]: Remove the librewolf-add-paths-to-rdd-allowlist patch. [phases] <wrap-program>: Reinstate previous LD_LIBRARY_PATH wrapping. * gnu/packages/patches/librewolf-add-paths-to-rdd-allowlist.patch: Delete file. * gnu/local.mk (dist_patch_DATA): De-register it. Modified-by: Maxim Cournoyer <maxim.cournoyer@gmail.com> Change-Id: Iaf36c64464cd078538fda677ea4fa7b13e7c110f
*	gnu: librewolf: Fix broken context menu.	Ian Eure	2024-10-08
\| \| \| \| \| \| \| \| \| \|	This patch fixes a reported bug where context (right-click) menus contain many duplicate and incorrect entries. * gnu/packages/librewolf.scm (librewolf) [phases] <neuter-genai>: Reinstate the genai browser component. Change-Id: I288545ce80b9a7e854edfc26a7ffe43433303458
*	gnu: librewolf-source: Turn into a procedure.	Ian Eure	2024-09-24
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	This patch changes the `librewolf-source' variable into the `make-librewolf-source' prodecure. This procedure accepts a LibreWolf version, source hash, and Firefox source hash. The Firefox source version is derived from the provided LibreWolf version. This eases package updates, since the hashes are inside the `librewolf' package, rather than `librewolf-source'; and the version no longer needs to be specified in three places. It also removes a blank line between the file header and `define-module'. * gnu/packages/librewolf.scm (librewolf-source): Turn into a procedure. Change-Id: I96ab1304acde246c179e7aa5dad9ff621be3de82 Signed-off-by: Andrew Tropin <andrew@trop.in>
*	gnu: librewolf: Update to 130.0.1-1. [security fixes]	Ian Eure	2024-09-24
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	This patch: - Updates LibreWolf to the latest version - Removes the code which disabled encoding_rs.patch from upstream. It’s no longer in the repo, so the code did nothing, and the underlying issue (Guix being stuck with an old Rust version) has been fixed. - Integrates changes from #72265 with some slight tweaks. This should allow LibreWolf to use accelerated video decoding on supported hardware. - Neuters the GenAI chat feature, which direcly integrates with non-free services, by excluding it from the build and locking the preferences which would enable it. Fixes: CVE-2024-8385: WASM type confusion involving ArrayTypes CVE-2024-8381: Type confusion when looking up a property name in a "with" block CVE-2024-8388: Fullscreen notice on Android could be hidden under various panels and OS prompts CVE-2024-8382: Internal event interfaces were exposed to web content when browser EventHandler listener callbacks ran CVE-2024-8383: Firefox did not ask before openings news: links in an external application CVE-2024-8384: Garbage collection could mis-color cross-compartment objects in OOM conditions CVE-2024-8386: SelectElements could be shown over another site if popups are allowed CVE-2024-8387: Memory safety bugs fixed in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2 CVE-2024-8389: Memory safety bugs fixed in Firefox 130 * gnu/packages/librewolf.scm (librewolf): Update to 130.0.1-1. Change-Id: I764e6e66c5bfdc14a87b7ea59c29780a1f16769a Signed-off-by: Andrew Tropin <andrew@trop.in>
*	build-systems: gnu: Export %default-gnu-imported-modules and ↵	Maxim Cournoyer	2024-08-31
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	%default-gnu-modules. Until now users would have to cargo cult or inspect the private %default-modules variable of (guix build-systems gnu) to discover which modules to include when extending the used modules via the #:modules argument. The renaming was automated via the command: $ git grep -l %gnu-build-system-modules \| xargs sed 's/%gnu-build-system-modules/%default-gnu-imported-modules/' -i * guix/build-system/gnu.scm (%gnu-build-system-modules): Rename to... (%default-gnu-imported-modules): ... this. (%default-modules): Rename to... (%default-gnu-modules): ... this. Export. (dist-package, gnu-build, gnu-cross-build): Adjust accordingly. Change-Id: Idef307fff13cb76f3182d782b26e1cd3a5c757ee
*	gnu: librewolf: Update to 129.0.1-1.	Ian Eure	2024-08-19
\| \| \| \| \| \| \|	* gnu/packages/librewolf.scm (librewolf): Update to 129.0.1-1. Change-Id: Iefeff2ea7016e8d55313b55dd97179f80bcead1b Signed-off-by: Vagrant Cascadian <vagrant@debian.org>
*	gnu: librewolf: Use distinct WM Class.	Ashvith Shetty	2024-08-11
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	Make desktop environments properly render the icon and not conflate LibreWolf with other browsers with the "Navigator" class. A similar fix to IceCat was pushed as commit be1d05c10766a979dd0720b677889ed950d3b895. * gnu/packages/librewolf.scm (librewolf)[arguments]: Set both the MOZ_APP_REMOTINGNAME environment variable and librewolf.desktop's StartupWMClass to "LibreWolf". Change-Id: I3e117f99ee25321fe3a40ad67450460971579d71
*	gnu: librewolf: Fix building on aarch64-linux.	Remco van 't Veer	2024-07-08
\| \| \| \| \| \| \| \| \|	* gnu/packages/librewolf.scm (librewolf)[arguments]: On non-x86-linux systems the "--disable-eme" switch is not available because EME is not available. Change-Id: I0f397570249b1bc6a0182d2744a8d3c459c1bafa Signed-off-by: Andreas Enge <andreas@enge.fr>
*	gnu: librewolf: Update to 126.0.1-1.	Ian Eure	2024-06-11
\| \| \| \| \| \| \|	* gnu/packages/librewolf.scm (librewolf): Update to 126.0.1-1. Change-Id: Ie2cda543b3de76226d1d6959711b955d22c74fef Signed-off-by: Christopher Baines <mail@cbaines.net>
*	gnu: librewolf: Update to 126.0-1 [security fixes].	Ian Eure	2024-05-31
\| \| \| \| \| \| \| \| \| \| \|	* gnu/packages/librewolf.scm (librewolf): Update to 126.0-1. Fixes CVE-2024-4367, CVE-2024-4764, CVE-2024-4765, CVE-2024-4766, CVE-2024-4767, CVE-2024-4768, CVE-2024-4769, CVE-2024-4770, CVE-2024-4771, CVE-2024-4772, CVE-2024-4773, CVE-2024-4774, CVE-2024-4775, CVE-2024-4776, CVE-2024-4777, CVE-2024-4778. Change-Id: Iec010e516651588da389f747074cbd10f8c14377 Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
*	gnu: librewolf: Generate source tarball.	Ian Eure	2024-05-31
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	This patch removes an intermediate step in the build chain. The upstream source tarball is created with an automated build process, where Firefox sources are fetched, patched, and repacked. Rather than download the output of that process, as the package has been, it’s now replicated within the build process, similar to how IceCat works. * gnu/packages/librewolf.scm (firefox-source-origin): New procedure. (librewolf-source-origin): Likewise. (computed-origin-method): New variable. (librewolf-source): Likewise. (librewolf) [source]: Use it. Change-Id: I0f1c2a10252cbbff9b3b3140f6ea3a594df0c97b Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com> Modified-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
*	gnu: librewolf: Update to 125.0.2-1.	Ian Eure	2024-04-28
\| \| \| \| \| \| \| \|	* gnu/packages/librewolf.scm (librewolf): Update to 125.0.2-1. Build with LLVM/Clang 18; LLVM 13 (the default) segfaults on build. Minor style tweaks. Change-Id: Ib515f1596b3ce2dd192baebf1a877b3c2dc8d7e2 Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
*	gnu: nss: Graft with version 3.98 [security fixes].	Maxim Cournoyer	2024-04-26
\| \| \| \| \| \| \| \| \| \| \| \|	This fixes CVE-2023-5388, CVE-2023-6135 and CVE-2024-0743. * gnu/packages/nss.scm (nss) [replacement]: New field. (nss-3.98): Rename variable to... (nss/fixed): ... this. Make it a hidden package. * gnu/packages/librewolf.scm (librewolf) [inputs]: Replace nss-3.98 with nss/fixed. Change-Id: I8cc667c53a270dfe00738bf731923f1342036624
*	gnu: Add librewolf.	Ian Eure	2024-04-12
	* gnu/packages/librewolf.scm (librewolf): New variable. * gnu/local.mk (dist_patch_DATA): Add it. Change-Id: I98b6410582b856ede83b79637a58e66d6e5832e6 Signed-off-by: Andrew Tropin <andrew@trop.in>