Package: guix-patches;
Reported by: André Batista <nandre <at> riseup.net>
Date: Wed, 26 Jun 2024 13:39:02 UTC
Severity: normal
Tags: patch
Done: Ludovic Courtès <ludo <at> gnu.org>
Bug is archived. No further changes may be made.
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 71782 in the body.
You can then email your comments to 71782 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
View this report as an mbox folder, status mbox, maintainer mbox
guix-patches <at> gnu.org:bug#71782; Package guix-patches.
(Wed, 26 Jun 2024 13:39:02 GMT) Full text and rfc822 format available.André Batista <nandre <at> riseup.net>:guix-patches <at> gnu.org.
(Wed, 26 Jun 2024 13:39:02 GMT) Full text and rfc822 format available.Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
From: André Batista <nandre <at> riseup.net> To: guix-patches <at> gnu.org Cc: André Batista <nandre <at> riseup.net> Subject: [PATCH 0/3] gnu: torbrowser: Update to 13.5. Date: Wed, 26 Jun 2024 10:38:17 -0300
This patch series updates torbrowser to its latest stable version. In order to
do so, it also updates
go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-lyrebird to
0.2.0, which now depends on the new
go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-webtunnel.
Bridge logic has been changed upstream and we don't need the old add-bridges
phase.
ld became unsupported, but lld only breaks cargo rustc invocations, so we now
use the lld-as-ld-wrapper (thanks).
llvm was updated to version 16 to mimick what upstream does.
Cheers,
André Batista (3):
gnu: Add
go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-webtunnel.
gnu:
go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-lyrebird:
Update to 0.2.0.
gnu: torbrowser: Update to 13.5.
gnu/packages/golang.scm | 33 ++++++++++++++++++++++++++++++---
gnu/packages/tor-browsers.scm | 35 ++++++++++++++++-------------------
2 files changed, 46 insertions(+), 22 deletions(-)
--
2.45.1
guix-patches <at> gnu.org:bug#71782; Package guix-patches.
(Wed, 26 Jun 2024 13:48:03 GMT) Full text and rfc822 format available.Message #8 received at 71782 <at> debbugs.gnu.org (full text, mbox):
From: André Batista <nandre <at> riseup.net> To: 71782 <at> debbugs.gnu.org Cc: André Batista <nandre <at> riseup.net> Subject: [PATCH 1/3] gnu: Add go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-webtunnel. Date: Wed, 26 Jun 2024 10:46:41 -0300
* gnu/packages/golang.scm
(go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-webtunnel):
New variable.
Change-Id: I0f0a78458467600ad70374f4224aa6ad1e371ad8
---
gnu/packages/golang.scm | 25 +++++++++++++++++++++++++
1 file changed, 25 insertions(+)
diff --git a/gnu/packages/golang.scm b/gnu/packages/golang.scm
index 4e3fe5bd10..705b5d3b03 100644
--- a/gnu/packages/golang.scm
+++ b/gnu/packages/golang.scm
@@ -2387,6 +2387,31 @@ (define-public go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports
incorporates ideas and concepts from Philipp Winter's ScrambleSuit protocol.")
(license (list license:bsd-2 license:bsd-3))))
+(define-public go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-webtunnel
+ (let ((commit "3b6faa48163782c1e5420bcb4b068cd38c401ea7")
+ (revision "0"))
+ (package
+ (name "go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-webtunnel")
+ (version (git-version "0.0.0" revision commit))
+ (source
+ (origin
+ (method git-fetch)
+ (uri
+ (git-reference
+ (url "https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/webtunnel")
+ (commit commit)))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32 "08k108h1fh9mq0m5kr866s2n0lsif0dpbi8ffb62g5ghg7jaai89"))))
+ (build-system go-build-system)
+ (arguments
+ `(#:import-path "gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/webtunnel"))
+ (home-page "https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/webtunnel")
+ (synopsis "Go webtunnel library")
+ (description "WebTunnel is a library for XXXXXX Tor pluggable transports in
+Go.")
+ (license license:bsd-2))))
+
(define-public go-github-com-sevlyar-go-daemon
(package
(name "go-github-com-sevlyar-go-daemon")
--
2.45.1
guix-patches <at> gnu.org:bug#71782; Package guix-patches.
(Wed, 26 Jun 2024 13:48:03 GMT) Full text and rfc822 format available.Message #11 received at 71782 <at> debbugs.gnu.org (full text, mbox):
From: André Batista <nandre <at> riseup.net> To: 71782 <at> debbugs.gnu.org Cc: André Batista <nandre <at> riseup.net> Subject: [PATCH 2/3] gnu: go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-lyrebird: Update to 0.2.0. Date: Wed, 26 Jun 2024 10:47:14 -0300
* gnu/packages/golang.scm (go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-lyrebird):
Update to 0.2.0.
[arguments] <#:go>: Use go-1.21.
[propagated-inputs]: Add go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-webtunnel.
Change-Id: I28bc797602f8d262f4281dcb76d7ca3833a5f434
---
gnu/packages/golang.scm | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/gnu/packages/golang.scm b/gnu/packages/golang.scm
index 705b5d3b03..1a68d35663 100644
--- a/gnu/packages/golang.scm
+++ b/gnu/packages/golang.scm
@@ -45,6 +45,7 @@
;;; Copyright © 2023 Clément Lassieur <clement <at> lassieur.org>
;;; Copyright © 2024 Troy Figiel <troy <at> troyfigiel.com>
;;; Copyright © 2024 Greg Hogan <code <at> greghogan.com>
+;;; Copyright © 2024 André Batista <nandre <at> riseup.net>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -2342,7 +2343,7 @@ (define-public go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports
(define-public go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-lyrebird
(package
(name "go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-lyrebird")
- (version "0.1.0")
+ (version "0.2.0")
(source (origin
(method git-fetch)
(uri (git-reference
@@ -2351,12 +2352,12 @@ (define-public go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports
(file-name (git-file-name name version))
(sha256
(base32
- "0rifg5kgqp4c3b44j48fjmx00m00ai7fa4gaqrgphiqs1fc5586s"))))
+ "0imdf11ldkmbkp74gl1bcbvzmrl7jmkcfhpn6377r99gkf0zk28j"))))
(build-system go-build-system)
(arguments
`(#:unpack-path "gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/lyrebird"
#:import-path "gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/lyrebird/cmd/lyrebird"
- #:go ,go-1.20
+ #:go ,go-1.21
#:phases
(modify-phases %standard-phases
(add-after 'unpack 'substitutions
@@ -2378,6 +2379,7 @@ (define-public go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports
go-github-com-refraction-networking-utls
go-gitlab-com-yawning-edwards25519-extra
go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-goptlib
+ go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-webtunnel
go-golang-org-x-crypto
go-golang-org-x-net
go-golang-org-x-text))
--
2.45.1
guix-patches <at> gnu.org:bug#71782; Package guix-patches.
(Wed, 26 Jun 2024 13:49:02 GMT) Full text and rfc822 format available.Message #14 received at 71782 <at> debbugs.gnu.org (full text, mbox):
From: André Batista <nandre <at> riseup.net> To: 71782 <at> debbugs.gnu.org Cc: André Batista <nandre <at> riseup.net> Subject: [PATCH 3/3] gnu: torbrowser: Update to 13.5. Date: Wed, 26 Jun 2024 10:47:48 -0300
* gnu/packages/tor-browsers.scm (%torbrowser-build-date): Update to
20240611120000.
(%torbrowser-version): Update to 13.5.
(%torbrowser-firefox-version): Update to 115.12.0esr-13.5-1-build3.
(torbrowser-translation-base): Update to
dc59db634f066298e903142227834da483ec197d.
(torbrowser-translation-specific): Update to
de4f91a5020d637ab5d66459718525a5f9207be2.
(lld-as-ld-wrapper-16): New variable.
(make-torbrowser)[native-inputs]: Add lld-as-ld-wrapper-16. Use
llvm-16 and clang-16. [arguments] <#:phases>: Remove add-bridges.
Change-Id: Ic08578fa1b0f33a8f426c60ca65db3c9102ad554
---
gnu/packages/tor-browsers.scm | 35 ++++++++++++++++-------------------
1 file changed, 16 insertions(+), 19 deletions(-)
diff --git a/gnu/packages/tor-browsers.scm b/gnu/packages/tor-browsers.scm
index 3d01346c8c..0407cc39dc 100644
--- a/gnu/packages/tor-browsers.scm
+++ b/gnu/packages/tor-browsers.scm
@@ -151,16 +151,16 @@ (define %torbrowser-locales
;; We copy the official build id, which is defined at
;; tor-browser-build/rbm.conf (browser_release_date).
-(define %torbrowser-build-date "20240510190000")
+(define %torbrowser-build-date "20240611120000")
;; To find the last version, look at https://www.torproject.org/download/.
-(define %torbrowser-version "13.0.16")
+(define %torbrowser-version "13.5")
;; To find the last Firefox version, browse
;; https://archive.torproject.org/tor-package-archive/torbrowser/<%torbrowser-version>
;; There should be only one archive that starts with
;; "src-firefox-tor-browser-".
-(define %torbrowser-firefox-version "115.12.0esr-13.0-1-build1")
+(define %torbrowser-firefox-version "115.12.0esr-13.5-1-build3")
;; See tor-browser-build/projects/translation/config.
(define torbrowser-translation-base
@@ -168,11 +168,11 @@ (define torbrowser-translation-base
(method git-fetch)
(uri (git-reference
(url "https://gitlab.torproject.org/tpo/translation.git")
- (commit "f28525699864f4e3d764c354130bd898ce5b20aa")))
+ (commit "dc59db634f066298e903142227834da483ec197d")))
(file-name "translation-base-browser")
(sha256
(base32
- "1vf6nl7fdmlmg2gskf3w1xlsgcm0pxi54z2daz5nwr6q9gyi0lkf"))))
+ "11lbw2lpsjm0r2lwmy8i2db40r5ypf8fhn4jh59l927g40ch6dxw"))))
;; See tor-browser-build/projects/translation/config.
(define torbrowser-translation-specific
@@ -180,11 +180,11 @@ (define torbrowser-translation-specific
(method git-fetch)
(uri (git-reference
(url "https://gitlab.torproject.org/tpo/translation.git")
- (commit "b5d79336411e5a59c4861341ef9aa7353e0bcad9")))
+ (commit "de4f91a5020d637ab5d66459718525a5f9207be2")))
(file-name "translation-tor-browser")
(sha256
(base32
- "0ahz69pxhgik7ynmdkbnx7v5l2v392i6dswjz057g4hwnd7d34fb"))))
+ "0q8nnqf4zhqivv3rjlvcsbac5254ingw98qwrbnhz3m5gl78vpcf"))))
(define torbrowser-assets
;; This is a prebuilt Torbrowser from which we take the assets we need.
@@ -200,7 +200,7 @@ (define torbrowser-assets
version "/tor-browser-linux-x86_64-" version ".tar.xz"))
(sha256
(base32
- "1kffam66bsaahzx212hw9lb03jwfr24hivzg067iyzilsldpc9c1"))))
+ "0fqqzrwpqzadgi24qarpnj8aac5w57qlfb4vy2cwga5h40dsp6ly"))))
(arguments
(list
#:install-plan
@@ -215,6 +215,10 @@ (define torbrowser-assets
Browser.")
(license license:silofl1.1)))
+;;; A LLD wrapper that can be used as a (near) drop-in replacement to GNU ld.
+(define lld-as-ld-wrapper-16
+ (make-lld-wrapper lld-16 #:lld-as-ld? #t))
+
(define* (make-torbrowser #:key
moz-app-name
moz-app-remotingname
@@ -238,7 +242,7 @@ (define* (make-torbrowser #:key
".tar.xz"))
(sha256
(base32
- "1b70zyjyai6kk4y1kkl8jvrs56gg7z31kkad6bmdpd8jw4n71grx"))))
+ "0i5fmippmzhd1nlhzk46rnhv2rgb2ari071m8yww7gk8lfnn5x5f"))))
(build-system mozilla-build-system)
(inputs
(list go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-lyrebird
@@ -293,8 +297,9 @@ (define* (make-torbrowser #:key
rust
`(,rust "cargo")
rust-cbindgen
- llvm-15
- clang-15
+ lld-as-ld-wrapper-16 ; for cargo rustc
+ llvm-16
+ clang-16
perl
node-lts
python-wrapper
@@ -632,14 +637,6 @@ (define (runpaths-of-input label)
(substitute*
"toolkit/locales/en-US/toolkit/about/aboutAddons.ftl"
(("addons.mozilla.org") "gnuzilla.gnu.org"))))
- (add-before 'build 'add-bridges ;see deploy.sh
- (lambda _
- (let ((port (open-file
- "browser/app/profile/000-tor-browser.js" "a")))
- (display
- "#include ../../../tools/torbrowser/bridges.js" port)
- (newline port)
- (close port))))
(replace 'build
(lambda* (#:key (make-flags '()) (parallel-build? #t)
#:allow-other-keys)
--
2.45.1
guix-patches <at> gnu.org:bug#71782; Package guix-patches.
(Thu, 27 Jun 2024 16:06:01 GMT) Full text and rfc822 format available.Message #17 received at 71782 <at> debbugs.gnu.org (full text, mbox):
From: André Batista <nandre <at> riseup.net> To: 71782 <at> debbugs.gnu.org Cc: André Batista <nandre <at> riseup.net> Subject: [PATCHv2 1/3] gnu: Add go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-webtunnel. Date: Thu, 27 Jun 2024 13:05:36 -0300
* gnu/packages/golang.scm
(go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-webtunnel):
New variable.
Change-Id: I0f0a78458467600ad70374f4224aa6ad1e371ad2
---
gnu/packages/golang.scm | 25 +++++++++++++++++++++++++
1 file changed, 25 insertions(+)
diff --git a/gnu/packages/golang.scm b/gnu/packages/golang.scm
index 4e3fe5bd10..705b5d3b03 100644
--- a/gnu/packages/golang.scm
+++ b/gnu/packages/golang.scm
@@ -2387,6 +2387,31 @@ (define-public go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports
incorporates ideas and concepts from Philipp Winter's ScrambleSuit protocol.")
(license (list license:bsd-2 license:bsd-3))))
+(define-public go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-webtunnel
+ (let ((commit "3b6faa48163782c1e5420bcb4b068cd38c401ea7")
+ (revision "0"))
+ (package
+ (name "go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-webtunnel")
+ (version (git-version "0.0.0" revision commit))
+ (source
+ (origin
+ (method git-fetch)
+ (uri
+ (git-reference
+ (url "https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/webtunnel")
+ (commit commit)))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32 "08k108h1fh9mq0m5kr866s2n0lsif0dpbi8ffb62g5ghg7jaai89"))))
+ (build-system go-build-system)
+ (arguments
+ `(#:import-path "gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/webtunnel"))
+ (home-page "https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/webtunnel")
+ (synopsis "Go WebTunnel Pluggable Transport")
+ (description "WebTunnel is a Go Pluggable Transport that attempts to imitate
+web browsing activities based on HTTP Upgrade (HTTPT).")
+ (license license:expat))))
+
(define-public go-github-com-sevlyar-go-daemon
(package
(name "go-github-com-sevlyar-go-daemon")
--
2.45.1
guix-patches <at> gnu.org:bug#71782; Package guix-patches.
(Tue, 16 Jul 2024 23:43:01 GMT) Full text and rfc822 format available.Message #20 received at 71782 <at> debbugs.gnu.org (full text, mbox):
From: André Batista <nandre <at> riseup.net> To: 71782 <at> debbugs.gnu.org Cc: André Batista <nandre <at> riseup.net> Subject: [PATCHv3 0/4] Update torbrowser and mullvadbrowser to v13.5.1. Date: Tue, 16 Jul 2024 20:41:43 -0300
This patch series updates both torbrowser and mullvadbrowser to version
13.5.1.
Besides what has been said in the previous cover regarding changes to the
bridge logic, ld, llvm and lyrebird, all of which are still applicable,
this patch series makes important changes to the locale variables and
phases of both browsers.
Upstream has changed its own upstream localization repository to github
(firefox-locales), which means mozilla-locales can be discarded and guix
package definition update routines have been simplified. Other than that,
torbrowser global localization directories have also changed.
Considering that those changes are incompatible with the previous build
logic and that these browser definitions are intertwined, upgrading one
browser would break the other or the gymnastics to preserve the remainder
would be useless since both need to follow the new procedure from now on.
Because of that, the following patches are meant to be applied together.
Finally, this patch series also incorporates #71181, which can be closed
once this is applied.
Cheers,
André Batista (4):
gnu: Add
go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-webtunnel.
gnu:
go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-lyrebird:
Update to 0.2.0.
gnu: torbrowser: Update to 13.5.1 [security fixes].
gnu: mullvadbrowser: Update to 13.5.1 [security fixes].
gnu/packages/golang.scm | 33 +++++-
gnu/packages/tor-browsers.scm | 200 ++++++++++++----------------------
2 files changed, 100 insertions(+), 133 deletions(-)
base-commit: 2d6a3799fcda5c017f653c6e96b91964b07a7ee0
--
2.45.1
guix-patches <at> gnu.org:bug#71782; Package guix-patches.
(Tue, 16 Jul 2024 23:43:02 GMT) Full text and rfc822 format available.Message #23 received at 71782 <at> debbugs.gnu.org (full text, mbox):
From: André Batista <nandre <at> riseup.net> To: 71782 <at> debbugs.gnu.org Cc: André Batista <nandre <at> riseup.net> Subject: [PATCHv3 1/4] gnu: Add go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-webtunnel. Date: Tue, 16 Jul 2024 20:42:06 -0300
* gnu/packages/golang.scm
(go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-webtunnel):
New variable.
Change-Id: Icee28357fd2b40744f5e4699a6aeaec4d2746759
---
gnu/packages/golang.scm | 25 +++++++++++++++++++++++++
1 file changed, 25 insertions(+)
diff --git a/gnu/packages/golang.scm b/gnu/packages/golang.scm
index eed7126873..d847c347a4 100644
--- a/gnu/packages/golang.scm
+++ b/gnu/packages/golang.scm
@@ -2258,6 +2258,31 @@ (define-public go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports
incorporates ideas and concepts from Philipp Winter's ScrambleSuit protocol.")
(license (list license:bsd-2 license:bsd-3))))
+(define-public go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-webtunnel
+ (let ((commit "3b6faa48163782c1e5420bcb4b068cd38c401ea7")
+ (revision "0"))
+ (package
+ (name "go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-webtunnel")
+ (version (git-version "0.0.0" revision commit))
+ (source
+ (origin
+ (method git-fetch)
+ (uri
+ (git-reference
+ (url "https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/webtunnel")
+ (commit commit)))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32 "08k108h1fh9mq0m5kr866s2n0lsif0dpbi8ffb62g5ghg7jaai89"))))
+ (build-system go-build-system)
+ (arguments
+ `(#:import-path "gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/webtunnel"))
+ (home-page "https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/webtunnel")
+ (synopsis "Go WebTunnel Pluggable Transport")
+ (description "WebTunnel is a Go Pluggable Transport that attempts to imitate
+web browsing activities based on HTTP Upgrade (HTTPT).")
+ (license license:bsd-2))))
+
(define-public go-github-com-sevlyar-go-daemon
(package
(name "go-github-com-sevlyar-go-daemon")
--
2.45.1
guix-patches <at> gnu.org:bug#71782; Package guix-patches.
(Tue, 16 Jul 2024 23:43:02 GMT) Full text and rfc822 format available.Message #26 received at 71782 <at> debbugs.gnu.org (full text, mbox):
From: André Batista <nandre <at> riseup.net> To: 71782 <at> debbugs.gnu.org Cc: André Batista <nandre <at> riseup.net> Subject: [PATCHv3 2/4] gnu: go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-lyrebird: Update to 0.2.0. Date: Tue, 16 Jul 2024 20:42:19 -0300
* gnu/packages/golang.scm (go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-lyrebird):
Update to 0.2.0.
[arguments] <#:go>: Use go-1.21.
[propagated-inputs]: Add go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-webtunnel.
Change-Id: I68a859e0980200b50aaa9d300ffaf1e1bce2a5bc
---
gnu/packages/golang.scm | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/gnu/packages/golang.scm b/gnu/packages/golang.scm
index d847c347a4..1f7f17a580 100644
--- a/gnu/packages/golang.scm
+++ b/gnu/packages/golang.scm
@@ -46,6 +46,7 @@
;;; Copyright © 2024 Troy Figiel <troy <at> troyfigiel.com>
;;; Copyright © 2024 Greg Hogan <code <at> greghogan.com>
;;; Copyright © 2024 Brennan Vincent <brennan <at> umanwizard.com>
+;;; Copyright © 2024 André Batista <nandre <at> riseup.net>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -2213,7 +2214,7 @@ (define-public go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports
(define-public go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-lyrebird
(package
(name "go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-lyrebird")
- (version "0.1.0")
+ (version "0.2.0")
(source (origin
(method git-fetch)
(uri (git-reference
@@ -2222,12 +2223,12 @@ (define-public go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports
(file-name (git-file-name name version))
(sha256
(base32
- "0rifg5kgqp4c3b44j48fjmx00m00ai7fa4gaqrgphiqs1fc5586s"))))
+ "0imdf11ldkmbkp74gl1bcbvzmrl7jmkcfhpn6377r99gkf0zk28j"))))
(build-system go-build-system)
(arguments
`(#:unpack-path "gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/lyrebird"
#:import-path "gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/lyrebird/cmd/lyrebird"
- #:go ,go-1.20
+ #:go ,go-1.21
#:phases
(modify-phases %standard-phases
(add-after 'unpack 'substitutions
@@ -2249,6 +2250,7 @@ (define-public go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports
go-github-com-refraction-networking-utls
go-gitlab-com-yawning-edwards25519-extra
go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-goptlib
+ go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-webtunnel
go-golang-org-x-crypto
go-golang-org-x-net
go-golang-org-x-text))
--
2.45.1
guix-patches <at> gnu.org:bug#71782; Package guix-patches.
(Tue, 16 Jul 2024 23:44:02 GMT) Full text and rfc822 format available.Message #29 received at 71782 <at> debbugs.gnu.org (full text, mbox):
From: André Batista <nandre <at> riseup.net> To: 71782 <at> debbugs.gnu.org Cc: André Batista <nandre <at> riseup.net> Subject: [PATCHv3 3/4] gnu: torbrowser: Update to 13.5.1 [security fixes]. Date: Tue, 16 Jul 2024 20:42:50 -0300
Fixes CVEs 2024-6600, 2024-6601, 2024-6602, 2024-6603 and 2024-6604.
See the Mozilla Foundation Security advisory
<https://www.mozilla.org/en-US/security/advisories/mfsa2024-30/>
for details.
* gnu/packages/tor-browsers.scm (%torbrowser-build-date): Update to
20240708120000.
(%torbrowser-version): Update to 13.5.1.
(%torbrowser-firefox-version): Update to 115.13.0esr-13.5-1-build2.
(%torbrowser-locales): Change it to be a plain list of supported locales.
(firefox-locales): New variable.
(torbrowser-translation-base): Update to
6ff73b6f7a6cec4849c2cd1e1ee1dc6fc8894169.
(torbrowser-translation-specific): Update to
427819f80eaca95645bf0c1876d6a728d6ce7093.
(lld-as-ld-wrapper-16): New variable.
(make-torbrowser)[native-inputs]: Add lld-as-ld-wrapper-16. Use
llvm-16 and clang-16.
[inputs]: Add firefox-locales.
[arguments] <#:phases>: Remove add-bridges.
setenv, copy-firefox-locales: Update MOZ_CHROME_MULTILOCALE to the
new %torbrowser-locales format.
copy-basebrowser-locales, copy-torbrowser-locales: Likewise and ajust
fluent file path.
deploy-fonts: Ajust regex expression.
autoconfig: Remove file-picker configuration workaround. See #71181.
Change-Id: Ia1f84bc55beed42580b1eaabcbb685b1cc2a7d51
---
gnu/packages/tor-browsers.scm | 142 ++++++++++++++--------------------
1 file changed, 60 insertions(+), 82 deletions(-)
diff --git a/gnu/packages/tor-browsers.scm b/gnu/packages/tor-browsers.scm
index 3d01346c8c..8172083957 100644
--- a/gnu/packages/tor-browsers.scm
+++ b/gnu/packages/tor-browsers.scm
@@ -21,7 +21,7 @@
;;; Copyright © 2021 Baptiste Strazzul <bstrazzull <at> hotmail.fr>
;;; Copyright © 2022 SeerLite <seerlite <at> disroot.org>
;;; Copyright © 2024 Aleksandr Vityazev <avityazew <at> gmail.com>
-;;; Copyright © 2020, 2021 André Batista <nandre <at> riseup.net>
+;;; Copyright © 2020, 2021, 2024 André Batista <nandre <at> riseup.net>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -104,63 +104,48 @@ (define-syntax-rule (mozilla-locales (hash-string changeset locale) ...)
#~(list (cons #$locale #$(mozilla-locale locale changeset hash-string))
...))
-;; See tor-browser-build/rbm.conf for the list.
-;; See browser/locales/l10n-changesets.json for the changeset.
-;; See update-mozilla-locales in gnuzilla.scm to automate updating changeset.
-(define %torbrowser-locales
- (mozilla-locales
- ;; sha256 changeset locale
- ;;---------------------------------------------------------------------------
- ("1218mldjxybhgzdi0myzkwjr2fgnysl71pl847kr7wyn1j8wk3a5" "c25d00080479" "ar")
- ("11c96jhfzd3h46qhblhvn2acsn895ykynarai8r5pf0655nfjs0j" "2de60e3d6d0c" "ca")
- ("0yhycgb3s3kydbzy6f2q7f7g2lp975spr092prf9xp8ha62ghby7" "609edd15f9a9" "cs")
- ("1kzx94n36c5vv954j7w65djvb37c178zazy25b35l71q2rvhmlhj" "2197a99c9a08" "da")
- ("13h7hk11bbd0yq8gqdv7ndbizkgwlm3ybz225l3x2b5cnyjxyg14" "b7a533e5edc9" "de")
- ("13ay27vdrqfv2ysyi7c2jmz50lps7rff9rmnws1z7jkj0a5chwrn" "20baf15379d8" "el")
- ("0mdr5b6pqxjmg9c8064x3hpf53h6w9j8ghl32655sx9jh4v3ykza" "beff1baac7c5" "es-ES")
- ("1pnyg09j6r15w8m62lwj89x6rz4br877z60p8s1hlrb9hj2s3vdx" "ebe0b60b0b36" "fa")
- ("067r505626cvlrsalnndf2ykz3nnkiy0b8yaxzf1rracpzmp0hni" "d5ae6a933d71" "fi")
- ("0026zzjv2bqc8sg06yvyd0mhny6mwwvhpvzjrhv2fi5v4wkxapdj" "496c2eb73b82" "fr")
- ("1dxcp26y8siap4k54zsw7mqa7k0l4f1505rdf4hnnxrzf9a643g5" "2fcccb5b19b3" "ga-IE")
- ("14v6xnlyj65hzaz2rmzxcl4skjgm48426jgr9mwkwiqis587lp4a" "c53cea027f8f" "he")
- ("04fdw2gzb64fb51bvs0bwsidzlvkdahmcy76vdg3gfcxslnlpi3y" "5a76dd3b5d5c" "hu")
- ("0bpyxpclfy74bcsjrs1ajh2am4zv6j6j9q4gc4vz8pgvzy9354zp" "6e6de17dcac4" "id")
- ("131ph8n235kr6nj1pszk0m00nh6kl360r4qvx4hjm8s22mw0k8qd" "536265635dfe" "is")
- ("03fbp4vgkwyimfmbm4n8blx1m16yhms2wm8j4wlx2h3cpxp5r71k" "91951e37e2b8" "it")
- ("0ncm531d7ih7phcn9d83zwq0dfphvmzg3gmhqmrrkkbydi1g3pbb" "895dcf8bb524" "ja")
- ("1x3110v730ak522zfm8j3r3v1x5lq3ig82kcgyxkc49xywajy0ni" "d0819a64fc40" "ka")
- ("14rc9mr4ngxdzwpjagzhz47jazgp1a6vwb0vbwj31yxv9iwkrgzi" "6ef881aff44b" "ko")
- ("1gl85z550amhbaxp39zdj6yyvashj9xd4ampfhm9jdpbf6n5j2l8" "afcbc29a15e5" "lt")
- ("1hz5g3iprfkbd88ncppyksbhlws73lhs75nf62hangw8l73wdn69" "84f3d6c7e2da" "mk")
- ("14aq37ngnav5m2kcb4wavxwhp28ad4jzdkzc7i64h0qvvxq5n3hf" "c9ec27a5db3d" "ms")
- ("0h7dlnawm5mbcx4qdlz5c7n4axz2dpa677v13ljdgm2b5w76msmq" "5c1480ccc040" "my")
- ("1b12azc1n8j1i2l20v66r74q79zqjvc5sf9pd8rmj3xd0fkxzdp2" "fc1896a0a24d" "nb-NO")
- ("1fh4dhlb6hynlpb2997gssv9v8zk5b7qrw0sclggczb5pcpjk6wc" "7e6da4f01bdb" "nl")
- ("1w8x3jjrd28f6g6ywwxldizpiipfkr63dzqd74kjpg24s2lqzp80" "e86a451a9cb5" "pl")
- ("1v3v4n82sn7a4h2d9n653fmgc31mikacf59lvdj6gbwvzpjb5yfa" "94c3dbb67a5d" "pt-BR")
- ("061a4z0lffgks3wlr6yh5z7x9arcn804mjwvffcmibs106vzamyq" "470b13b5805b" "ro")
- ("1fxgh7nfxpg2zknvfff8igq9q1vm5n4q033v7lm2c0xn3dbl8m28" "402b2ecbf04d" "ru")
- ("1i119g6dnhzxmpaz5r2jr9yzm1v24v2q6m3z6bfz2yihj0w7m133" "f637484e72b6" "sq")
- ("1nllh3ax323sxwhj7xvwvbfnh4179332pcmpfyybw1vaid3nr39k" "bb2d5d96d69e" "sv-SE")
- ("136m68fd0641k3qqmsw6zp016cvvd0sipsyv6rx2b9nli56agz57" "0e6c56bf2ac9" "th")
- ("0q8p8bwq8an65yfdwzm4dhl6km68r83bv5i17kay2gak8msxxhsb" "91e611ae3f19" "tr")
- ("1f2g7rnxpr2gjzngfsv19g11vk9zqpyrv01pz07mw2z3ffbkxf0j" "99d5ffa0b81e" "uk")
- ("1rizwsfgr7vxm31bin3i7bwhcqa67wcylak3xa387dvgf1y9057i" "5fd44724e22d" "vi")
- ("02ifa94jfii5f166rwdvv8si3bazm4bcf4qhi59c8f1hxbavb52h" "081aeb1aa308" "zh-CN")
- ("0qx9sh56pqc2x5qrh386cp1fi1gidhcmxxpvqkg9nh2jbizahznr" "9015a180602e" "zh-TW")))
-
;; We copy the official build id, which is defined at
;; tor-browser-build/rbm.conf (browser_release_date).
-(define %torbrowser-build-date "20240510190000")
+(define %torbrowser-build-date "20240708120000")
;; To find the last version, look at https://www.torproject.org/download/.
-(define %torbrowser-version "13.0.16")
+(define %torbrowser-version "13.5.1")
;; To find the last Firefox version, browse
;; https://archive.torproject.org/tor-package-archive/torbrowser/<%torbrowser-version>
;; There should be only one archive that starts with
;; "src-firefox-tor-browser-".
-(define %torbrowser-firefox-version "115.12.0esr-13.0-1-build1")
+(define %torbrowser-firefox-version "115.13.0esr-13.5-1-build2")
+
+;; See tor-browser-build/rbm.conf for the list.
+(define %torbrowser-locales (list "ar" "ca" "cs" "da" "de" "el" "es-ES" "fa" "fi" "fr"
+ "ga-IE" "he" "hu" "id" "is" "it" "ja" "ka" "ko" "lt"
+ "mk" "ms" "my" "nb-NO" "nl" "pl" "pt-BR" "ro" "ru"
+ "sq" "sv-SE" "th" "tr" "uk" "vi" "zh-CN" "zh-TW"))
+
+;; See browser/locales/l10n-changesets.json for the commit.
+(define firefox-locales
+ (let ((commit "15d15edddfbd4611b4922fa1976e753c5be548ca")
+ (revision "0"))
+ (package
+ (name "firefox-locales")
+ (version (git-version "0.0.0" revision commit))
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/mozilla-l10n/firefox-l10n")
+ (commit commit)))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32
+ "1rxck15vyhlwzjzn4l5zn7slbhjjj1ncm22b5mjhdb056sqhna17"))))
+ (build-system copy-build-system)
+ (home-page "https://github.com/mozilla-l10n/firefox-l10n")
+ (synopsis "Firefox Locales")
+ (description "This package contains localized messages for all
+Firefox locales.")
+ (license license:mpl2.0))))
;; See tor-browser-build/projects/translation/config.
(define torbrowser-translation-base
@@ -168,11 +153,11 @@ (define torbrowser-translation-base
(method git-fetch)
(uri (git-reference
(url "https://gitlab.torproject.org/tpo/translation.git")
- (commit "f28525699864f4e3d764c354130bd898ce5b20aa")))
+ (commit "6ff73b6f7a6cec4849c2cd1e1ee1dc6fc8894169")))
(file-name "translation-base-browser")
(sha256
(base32
- "1vf6nl7fdmlmg2gskf3w1xlsgcm0pxi54z2daz5nwr6q9gyi0lkf"))))
+ "11s4px6izzvja11qrr7g8whbmcn6yrvk2yc0k7jx628562hjwi3d"))))
;; See tor-browser-build/projects/translation/config.
(define torbrowser-translation-specific
@@ -180,11 +165,11 @@ (define torbrowser-translation-specific
(method git-fetch)
(uri (git-reference
(url "https://gitlab.torproject.org/tpo/translation.git")
- (commit "b5d79336411e5a59c4861341ef9aa7353e0bcad9")))
+ (commit "427819f80eaca95645bf0c1876d6a728d6ce7093")))
(file-name "translation-tor-browser")
(sha256
(base32
- "0ahz69pxhgik7ynmdkbnx7v5l2v392i6dswjz057g4hwnd7d34fb"))))
+ "1yq1aqdzwyiqvj918i9q7x27i37rm7090bjnimh2ai8ss3xc8jpf"))))
(define torbrowser-assets
;; This is a prebuilt Torbrowser from which we take the assets we need.
@@ -200,7 +185,7 @@ (define torbrowser-assets
version "/tor-browser-linux-x86_64-" version ".tar.xz"))
(sha256
(base32
- "1kffam66bsaahzx212hw9lb03jwfr24hivzg067iyzilsldpc9c1"))))
+ "12na110krw60d067x1dbwfnsk6vbx9l4vai0qvaasxydd0np2g6m"))))
(arguments
(list
#:install-plan
@@ -215,6 +200,10 @@ (define torbrowser-assets
Browser.")
(license license:silofl1.1)))
+;;; A LLD wrapper that can be used as a (near) drop-in replacement to GNU ld.
+(define lld-as-ld-wrapper-16
+ (make-lld-wrapper lld-16 #:lld-as-ld? #t))
+
(define* (make-torbrowser #:key
moz-app-name
moz-app-remotingname
@@ -238,10 +227,11 @@ (define* (make-torbrowser #:key
".tar.xz"))
(sha256
(base32
- "1b70zyjyai6kk4y1kkl8jvrs56gg7z31kkad6bmdpd8jw4n71grx"))))
+ "1p83mmv5gq1nvpqs5w6151b7b8s3pbp9nn7jcrhbgwr7a9ffypi8"))))
(build-system mozilla-build-system)
(inputs
(list go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-lyrebird
+ firefox-locales
tor-client
alsa-lib
bash-minimal ;for wrap-program
@@ -293,8 +283,9 @@ (define* (make-torbrowser #:key
rust
`(,rust "cargo")
rust-cbindgen
- llvm-15
- clang-15
+ lld-as-ld-wrapper-16 ; for cargo rustc
+ llvm-16
+ clang-16
perl
node-lts
python-wrapper
@@ -540,8 +531,7 @@ (define (runpaths-of-input label)
;; $HOME/.mozbuild).
(setenv "MOZBUILD_STATE_PATH"
(in-vicinity (getcwd) ".mozbuild"))
- (setenv "MOZ_CHROME_MULTILOCALE"
- (string-join (map car #$locales)))
+ (setenv "MOZ_CHROME_MULTILOCALE" (string-join (list #$@locales)))
;; Make build reproducible.
(setenv "MOZ_BUILD_DATE" #$build-date)))
(add-before 'configure 'mozconfig
@@ -555,14 +545,14 @@ (define (runpaths-of-input label)
;; See tor-browser-build/projects/firefox/build.
(add-before 'configure 'copy-firefox-locales
(lambda _
- (let ((l10ncentral ".mozbuild/l10n-central"))
+ (let ((l10ncentral ".mozbuild/l10n-central")
+ (ff-locales #$(this-package-input "firefox-locales")))
(mkdir-p l10ncentral)
(for-each
(lambda (lang)
- (copy-recursively (cdr lang)
- (in-vicinity l10ncentral
- (car lang))))
- #$locales))))
+ (copy-recursively (string-append ff-locales "/" lang)
+ (in-vicinity l10ncentral lang)))
+ (list #$@locales)))))
(add-after 'copy-firefox-locales 'copy-basebrowser-locales
(lambda _
(let ((l10ncentral ".mozbuild/l10n-central"))
@@ -577,7 +567,7 @@ (define (runpaths-of-input label)
#f (string-join
'("mv"
"translation-base-browser/~a/base-browser.ftl"
- "~a/~a/browser/browser/"))
+ "~a/~a/toolkit/toolkit/global/"))
lang l10ncentral lang))
(system
(format
@@ -586,7 +576,7 @@ (define (runpaths-of-input label)
"translation-base-browser/~a/*"
"~a/~a/browser/chrome/browser/"))
lang l10ncentral lang)))
- (map car #$locales)))))
+ (list #$@locales)))))
(add-after 'copy-basebrowser-locales 'copy-torbrowser-locales
(lambda _
(let ((l10ncentral ".mozbuild/l10n-central"))
@@ -601,7 +591,7 @@ (define (runpaths-of-input label)
#f (string-join
'("mv"
"translation-tor-browser/~a/tor-browser.ftl"
- "~a/~a/browser/browser/"))
+ "~a/~a/toolkit/toolkit/global/"))
lang l10ncentral lang))
(system
(format
@@ -623,7 +613,7 @@ (define (runpaths-of-input label)
(format port " locale/~a/ (chrome/locale/~a/*)~%"
lang lang)
(close port)))
- (map car #$locales)))))
+ (list #$@locales)))))
(replace 'configure
(lambda _
(invoke "./mach" "configure")))
@@ -632,14 +622,6 @@ (define (runpaths-of-input label)
(substitute*
"toolkit/locales/en-US/toolkit/about/aboutAddons.ftl"
(("addons.mozilla.org") "gnuzilla.gnu.org"))))
- (add-before 'build 'add-bridges ;see deploy.sh
- (lambda _
- (let ((port (open-file
- "browser/app/profile/000-tor-browser.js" "a")))
- (display
- "#include ../../../tools/torbrowser/bridges.js" port)
- (newline port)
- (close port))))
(replace 'build
(lambda* (#:key (make-flags '()) (parallel-build? #t)
#:allow-other-keys)
@@ -739,7 +721,7 @@ (define (runpaths-of-input label)
(copy-recursively (in-vicinity #$assets "fontconfig")
(in-vicinity lib "fontconfig"))
(substitute* (in-vicinity lib "fontconfig/fonts.conf")
- (("<dir>fonts</dir>")
+ (("<dir prefix=\"cwd\">fonts</dir>")
(format #f "<dir>~a</dir>" (in-vicinity lib "fonts"))))
(delete-file-recursively (in-vicinity lib "fonts"))
(copy-recursively (in-vicinity #$assets "fonts")
@@ -805,11 +787,7 @@ (define (runpaths-of-input label)
"https://gnuzilla.gnu.org/mozzarella")
(format #t "pref(~s, ~s);~%"
"lightweightThemes.getMoreURL"
- "https://gnuzilla.gnu.org/mozzarella")
- ;; FIXME: https://github.com/NixOS/nixpkgs/issues/307095
- (format #t "pref(~s, ~a);~%"
- "widget.use-xdg-desktop-portal.file-picker"
- "1"))))))
+ "https://gnuzilla.gnu.org/mozzarella"))))))
(add-after 'autoconfig 'autoconfig-tor
(lambda* (#:key inputs #:allow-other-keys)
(let ((lib (in-vicinity #$output "lib/torbrowser"))
--
2.45.1
guix-patches <at> gnu.org:bug#71782; Package guix-patches.
(Tue, 16 Jul 2024 23:44:02 GMT) Full text and rfc822 format available.Message #32 received at 71782 <at> debbugs.gnu.org (full text, mbox):
From: André Batista <nandre <at> riseup.net> To: 71782 <at> debbugs.gnu.org Cc: André Batista <nandre <at> riseup.net> Subject: [PATCHv3 4/4] gnu: mullvadbrowser: Update to 13.5.1 [security fixes]. Date: Tue, 16 Jul 2024 20:43:06 -0300
Fixes CVEs 2024-6600, 2024-6601, 2024-6602, 2024-6603 and 2024-6604.
See the Mozilla Foundation Security advisory
<https://www.mozilla.org/en-US/security/advisories/mfsa2024-30/>
for details.
* gnu/packages/mullvad-browsers.scm (mozilla-locale): Remove it.
(mozilla-locales): Likewise.
(firefox-locales): Move to the top.
(%mullvadbrowser-locales): Change it to be a plain list of supported
locales.
(%mullvadbrowser-build-date): Update to 20240708190000.
(%mullvadbrowser-version): Update to 13.5.1.
(%mullvadbrowser-firefox-version): Update to 115.13.0esr-13.5-1-build3.
(mullvadbrowser-translation-base): Update to
6ff73b6f7a6cec4849c2cd1e1ee1dc6fc8894169.
(mullvadbrowser) [arguments] <#:phases>: Adjust copy-torbrowser-locales
replacement accordingly.
Change-Id: I221788e6028375ee40ad7fcfb1d52cb95fc67759
---
gnu/packages/tor-browsers.scm | 98 +++++++++++------------------------
1 file changed, 30 insertions(+), 68 deletions(-)
diff --git a/gnu/packages/tor-browsers.scm b/gnu/packages/tor-browsers.scm
index 8172083957..3d17f6d566 100644
--- a/gnu/packages/tor-browsers.scm
+++ b/gnu/packages/tor-browsers.scm
@@ -90,39 +90,6 @@ (define-module (gnu packages tor-browsers)
#:use-module (ice-9 regex)
#:use-module (guix utils))
-(define (mozilla-locale locale changeset hash-string)
- (origin
- (method hg-fetch)
- (uri (hg-reference
- (url (string-append "https://hg.mozilla.org/l10n-central/"
- locale))
- (changeset changeset)))
- (file-name (string-append "mozilla-locale-" locale))
- (sha256 (base32 hash-string))))
-
-(define-syntax-rule (mozilla-locales (hash-string changeset locale) ...)
- #~(list (cons #$locale #$(mozilla-locale locale changeset hash-string))
- ...))
-
-;; We copy the official build id, which is defined at
-;; tor-browser-build/rbm.conf (browser_release_date).
-(define %torbrowser-build-date "20240708120000")
-
-;; To find the last version, look at https://www.torproject.org/download/.
-(define %torbrowser-version "13.5.1")
-
-;; To find the last Firefox version, browse
-;; https://archive.torproject.org/tor-package-archive/torbrowser/<%torbrowser-version>
-;; There should be only one archive that starts with
-;; "src-firefox-tor-browser-".
-(define %torbrowser-firefox-version "115.13.0esr-13.5-1-build2")
-
-;; See tor-browser-build/rbm.conf for the list.
-(define %torbrowser-locales (list "ar" "ca" "cs" "da" "de" "el" "es-ES" "fa" "fi" "fr"
- "ga-IE" "he" "hu" "id" "is" "it" "ja" "ka" "ko" "lt"
- "mk" "ms" "my" "nb-NO" "nl" "pl" "pt-BR" "ro" "ru"
- "sq" "sv-SE" "th" "tr" "uk" "vi" "zh-CN" "zh-TW"))
-
;; See browser/locales/l10n-changesets.json for the commit.
(define firefox-locales
(let ((commit "15d15edddfbd4611b4922fa1976e753c5be548ca")
@@ -147,6 +114,25 @@ (define firefox-locales
Firefox locales.")
(license license:mpl2.0))))
+;; We copy the official build id, which is defined at
+;; tor-browser-build/rbm.conf (browser_release_date).
+(define %torbrowser-build-date "20240708120000")
+
+;; To find the last version, look at https://www.torproject.org/download/.
+(define %torbrowser-version "13.5.1")
+
+;; To find the last Firefox version, browse
+;; https://archive.torproject.org/tor-package-archive/torbrowser/<%torbrowser-version>
+;; There should be only one archive that starts with
+;; "src-firefox-tor-browser-".
+(define %torbrowser-firefox-version "115.13.0esr-13.5-1-build2")
+
+;; See tor-browser-build/rbm.conf for the list.
+(define %torbrowser-locales (list "ar" "ca" "cs" "da" "de" "el" "es-ES" "fa" "fi" "fr"
+ "ga-IE" "he" "hu" "id" "is" "it" "ja" "ka" "ko" "lt"
+ "mk" "ms" "my" "nb-NO" "nl" "pl" "pt-BR" "ro" "ru"
+ "sq" "sv-SE" "th" "tr" "uk" "vi" "zh-CN" "zh-TW"))
+
;; See tor-browser-build/projects/translation/config.
(define torbrowser-translation-base
(origin
@@ -831,47 +817,23 @@ (define-public torbrowser
;; See tor-browser-build/rbm.conf for the list.
-;; See browser/locales/l10n-changesets.json for the changeset.
-;; See update-mozilla-locales in gnuzilla.scm to automate updating changeset.
-(define %mullvadbrowser-locales
- (mozilla-locales
- ;; sha256 changeset locale
- ;;---------------------------------------------------------------------------
- ("1218mldjxybhgzdi0myzkwjr2fgnysl71pl847kr7wyn1j8wk3a5" "c25d00080479" "ar")
- ("1kzx94n36c5vv954j7w65djvb37c178zazy25b35l71q2rvhmlhj" "2197a99c9a08" "da")
- ("13h7hk11bbd0yq8gqdv7ndbizkgwlm3ybz225l3x2b5cnyjxyg14" "b7a533e5edc9" "de")
- ("0mdr5b6pqxjmg9c8064x3hpf53h6w9j8ghl32655sx9jh4v3ykza" "beff1baac7c5" "es-ES")
- ("1pnyg09j6r15w8m62lwj89x6rz4br877z60p8s1hlrb9hj2s3vdx" "ebe0b60b0b36" "fa")
- ("067r505626cvlrsalnndf2ykz3nnkiy0b8yaxzf1rracpzmp0hni" "d5ae6a933d71" "fi")
- ("0026zzjv2bqc8sg06yvyd0mhny6mwwvhpvzjrhv2fi5v4wkxapdj" "496c2eb73b82" "fr")
- ("03fbp4vgkwyimfmbm4n8blx1m16yhms2wm8j4wlx2h3cpxp5r71k" "91951e37e2b8" "it")
- ("0ncm531d7ih7phcn9d83zwq0dfphvmzg3gmhqmrrkkbydi1g3pbb" "895dcf8bb524" "ja")
- ("14rc9mr4ngxdzwpjagzhz47jazgp1a6vwb0vbwj31yxv9iwkrgzi" "6ef881aff44b" "ko")
- ("0h7dlnawm5mbcx4qdlz5c7n4axz2dpa677v13ljdgm2b5w76msmq" "5c1480ccc040" "my")
- ("1b12azc1n8j1i2l20v66r74q79zqjvc5sf9pd8rmj3xd0fkxzdp2" "fc1896a0a24d" "nb-NO")
- ("1fh4dhlb6hynlpb2997gssv9v8zk5b7qrw0sclggczb5pcpjk6wc" "7e6da4f01bdb" "nl")
- ("1w8x3jjrd28f6g6ywwxldizpiipfkr63dzqd74kjpg24s2lqzp80" "e86a451a9cb5" "pl")
- ("1v3v4n82sn7a4h2d9n653fmgc31mikacf59lvdj6gbwvzpjb5yfa" "94c3dbb67a5d" "pt-BR")
- ("1fxgh7nfxpg2zknvfff8igq9q1vm5n4q033v7lm2c0xn3dbl8m28" "402b2ecbf04d" "ru")
- ("1nllh3ax323sxwhj7xvwvbfnh4179332pcmpfyybw1vaid3nr39k" "bb2d5d96d69e" "sv-SE")
- ("136m68fd0641k3qqmsw6zp016cvvd0sipsyv6rx2b9nli56agz57" "0e6c56bf2ac9" "th")
- ("0q8p8bwq8an65yfdwzm4dhl6km68r83bv5i17kay2gak8msxxhsb" "91e611ae3f19" "tr")
- ("02ifa94jfii5f166rwdvv8si3bazm4bcf4qhi59c8f1hxbavb52h" "081aeb1aa308" "zh-CN")
- ("0qx9sh56pqc2x5qrh386cp1fi1gidhcmxxpvqkg9nh2jbizahznr" "9015a180602e" "zh-TW")))
+(define %mullvadbrowser-locales (list "ar" "da" "de" "es-ES" "fa" "fi" "fr" "it"
+ "ja" "ko" "my" "nb-NO" "nl" "pl" "pt-BR"
+ "ru" "sv-SE" "th" "tr" "zh-CN" "zh-TW"))
;; We copy the official build id, which can be found there:
;; https://cdn.mullvad.net/browser/update_responses/update_1/release.
-(define %mullvadbrowser-build-date "20240510190000")
+(define %mullvadbrowser-build-date "20240708190000")
;; To find the last version, look at
;; https://mullvad.net/en/download/browser/linux.
-(define %mullvadbrowser-version "13.0.16")
+(define %mullvadbrowser-version "13.5.1")
;; To find the last Firefox version, browse
;; https://archive.torproject.org/tor-package-archive/mullvadbrowser/<%mullvadbrowser-version>
;; There should be only one archive that starts with
;; "src-firefox-mullvad-browser-".
-(define %mullvadbrowser-firefox-version "115.12.0esr-13.0-1-build1")
+(define %mullvadbrowser-firefox-version "115.13.0esr-13.5-1-build3")
;; See tor-browser-build/projects/translation/config.
(define mullvadbrowser-translation-base
@@ -879,11 +841,11 @@ (define mullvadbrowser-translation-base
(method git-fetch)
(uri (git-reference
(url "https://gitlab.torproject.org/tpo/translation.git")
- (commit "f28525699864f4e3d764c354130bd898ce5b20aa")))
+ (commit "6ff73b6f7a6cec4849c2cd1e1ee1dc6fc8894169")))
(file-name "translation-base-browser")
(sha256
(base32
- "1vf6nl7fdmlmg2gskf3w1xlsgcm0pxi54z2daz5nwr6q9gyi0lkf"))))
+ "11s4px6izzvja11qrr7g8whbmcn6yrvk2yc0k7jx628562hjwi3d"))))
;; See tor-browser-build/projects/translation/config.
(define mullvadbrowser-translation-specific
@@ -911,7 +873,7 @@ (define mullvadbrowser-assets
version "/mullvad-browser-linux-x86_64-" version ".tar.xz"))
(sha256
(base32
- "1bpchiz12zjyrzpgyk71naf1jdf3msjcjwggb1mziyawc6pyxj7v"))))
+ "1g0929852dicdrij5s8bpp97bci0clydg1q4s2sysarjnqki6hk1"))))
(arguments
(list
#:install-plan
@@ -954,7 +916,7 @@ (define-public mullvadbrowser
%mullvadbrowser-firefox-version ".tar.xz"))
(sha256
(base32
- "1xs4qwa3c6nfq6cj5q6asfrzki4brafg65g6hbn0fc9qqcmrhkv5"))))
+ "19hidpywdiz15q4443jsphd8hbbcz6qajvyivja0vqhy1d6s0avd"))))
(arguments
(substitute-keyword-arguments (package-arguments mullvadbrowser-base)
((#:phases phases)
@@ -976,7 +938,7 @@ (define-public mullvadbrowser
(system
(format #f "cp -Lr ~a/~a .mozbuild/l10n-central/"
#$mullvadbrowser-translation-specific lang)))
- (map car #$%mullvadbrowser-locales))))
+ (list #$@%mullvadbrowser-locales))))
(add-before 'build 'fix-profiles
;; Otherwise the profile would change every time the install
;; location changes, that is: at every package update. These
--
2.45.1
guix-patches <at> gnu.org:bug#71782; Package guix-patches.
(Wed, 07 Aug 2024 00:16:01 GMT) Full text and rfc822 format available.Message #35 received at 71782 <at> debbugs.gnu.org (full text, mbox):
From: André Batista <nandre <at> riseup.net> To: 71782 <at> debbugs.gnu.org Cc: André Batista <nandre <at> riseup.net> Subject: [PATCH v4 0/4] Update torbrowser and mullvadbrowser to v13.5.2. Date: Tue, 6 Aug 2024 21:14:13 -0300
This patch series updates both torbrowser and mullvadbrowser to version
13.5.2.
See previous covers for the complete rationale. No further changes this
time around besides updating commits, versions and hashes.
A full upgrade depends on #72501 and #72502, which updates noscript and
ublock-origin extensions.
However, considering these extensions:
1. are useful and can be used on other browsers;
2. their update patches are more straightforward to review; and
3. commiting them would also benefit torbrowser and mullvadbrowser users
regardless of this current patch series state,
I've decided to send them separately.
Cheers,
André Batista (4):
gnu: Add
go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-webtunnel.
gnu:
go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-lyrebird:
Update to 0.2.0.
gnu: torbrowser: Update to 13.5.2 [security fixes].
gnu: mullvadbrowser: Update to 13.5.2 [security fixes].
gnu/packages/golang.scm | 31 +++++-
gnu/packages/tor-browsers.scm | 199 ++++++++++++----------------------
2 files changed, 99 insertions(+), 131 deletions(-)
base-commit: 856492962773434281814e42209e97e153357e2c
--
2.45.2
guix-patches <at> gnu.org:bug#71782; Package guix-patches.
(Wed, 07 Aug 2024 00:16:02 GMT) Full text and rfc822 format available.Message #38 received at 71782 <at> debbugs.gnu.org (full text, mbox):
From: André Batista <nandre <at> riseup.net> To: 71782 <at> debbugs.gnu.org Cc: André Batista <nandre <at> riseup.net> Subject: [PATCH v4 1/4] gnu: Add go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-webtunnel. Date: Tue, 6 Aug 2024 21:15:03 -0300
* gnu/packages/golang.scm
(go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-webtunnel):
New variable.
---
gnu/packages/golang.scm | 25 +++++++++++++++++++++++++
1 file changed, 25 insertions(+)
diff --git a/gnu/packages/golang.scm b/gnu/packages/golang.scm
index 1298a8c58b..541aeb02c3 100644
--- a/gnu/packages/golang.scm
+++ b/gnu/packages/golang.scm
@@ -2260,6 +2260,31 @@ (define-public go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports
incorporates ideas and concepts from Philipp Winter's ScrambleSuit protocol.")
(license (list license:bsd-2 license:bsd-3))))
+(define-public go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-webtunnel
+ (let ((commit "3b6faa48163782c1e5420bcb4b068cd38c401ea7")
+ (revision "0"))
+ (package
+ (name "go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-webtunnel")
+ (version (git-version "0.0.0" revision commit))
+ (source
+ (origin
+ (method git-fetch)
+ (uri
+ (git-reference
+ (url "https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/webtunnel")
+ (commit commit)))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32 "08k108h1fh9mq0m5kr866s2n0lsif0dpbi8ffb62g5ghg7jaai89"))))
+ (build-system go-build-system)
+ (arguments
+ `(#:import-path "gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/webtunnel"))
+ (home-page "https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/webtunnel")
+ (synopsis "Go WebTunnel Pluggable Transport")
+ (description "WebTunnel is a Go Pluggable Transport that attempts to imitate
+web browsing activities based on HTTP Upgrade (HTTPT).")
+ (license license:bsd-2))))
+
(define-public go-github-com-sevlyar-go-daemon
(package
(name "go-github-com-sevlyar-go-daemon")
--
2.45.2
guix-patches <at> gnu.org:bug#71782; Package guix-patches.
(Wed, 07 Aug 2024 00:17:01 GMT) Full text and rfc822 format available.Message #41 received at 71782 <at> debbugs.gnu.org (full text, mbox):
From: André Batista <nandre <at> riseup.net> To: 71782 <at> debbugs.gnu.org Cc: André Batista <nandre <at> riseup.net> Subject: [PATCH v4 2/4] gnu: go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-lyrebird: Update to 0.2.0. Date: Tue, 6 Aug 2024 21:15:37 -0300
* gnu/packages/golang.scm (go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-lyrebird):
Update to 0.2.0.
[propagated-inputs]: Add go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-webtunnel.
---
gnu/packages/golang.scm | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/gnu/packages/golang.scm b/gnu/packages/golang.scm
index 541aeb02c3..931c00bef2 100644
--- a/gnu/packages/golang.scm
+++ b/gnu/packages/golang.scm
@@ -46,6 +46,7 @@
;;; Copyright © 2024 Troy Figiel <troy <at> troyfigiel.com>
;;; Copyright © 2024 Greg Hogan <code <at> greghogan.com>
;;; Copyright © 2024 Brennan Vincent <brennan <at> umanwizard.com>
+;;; Copyright © 2024 André Batista <nandre <at> riseup.net>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -2216,7 +2217,7 @@ (define-public go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports
(define-public go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-lyrebird
(package
(name "go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-lyrebird")
- (version "0.1.0")
+ (version "0.2.0")
(source (origin
(method git-fetch)
(uri (git-reference
@@ -2225,7 +2226,7 @@ (define-public go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports
(file-name (git-file-name name version))
(sha256
(base32
- "0rifg5kgqp4c3b44j48fjmx00m00ai7fa4gaqrgphiqs1fc5586s"))))
+ "0imdf11ldkmbkp74gl1bcbvzmrl7jmkcfhpn6377r99gkf0zk28j"))))
(build-system go-build-system)
(arguments
`(#:unpack-path "gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/lyrebird"
@@ -2251,6 +2252,7 @@ (define-public go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports
go-github-com-refraction-networking-utls
go-gitlab-com-yawning-edwards25519-extra
go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-goptlib
+ go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-webtunnel
go-golang-org-x-crypto
go-golang-org-x-net
go-golang-org-x-text))
--
2.45.2
guix-patches <at> gnu.org:bug#71782; Package guix-patches.
(Wed, 07 Aug 2024 00:17:02 GMT) Full text and rfc822 format available.Message #44 received at 71782 <at> debbugs.gnu.org (full text, mbox):
From: André Batista <nandre <at> riseup.net> To: 71782 <at> debbugs.gnu.org Cc: André Batista <nandre <at> riseup.net> Subject: [PATCH v4 3/4] gnu: torbrowser: Update to 13.5.2 [security fixes]. Date: Tue, 6 Aug 2024 21:15:57 -0300
Fixes CVEs 2024-6600, 2024-6601, 2024-6602, 2024-6603, 2024-6604,
2024-7519, 2024-7521, 2024-7522, 2024-7524, 2024-7525, 2024-7526,
2024-7527, 2024-7529 and 2024-7531.
See the Mozilla Foundation Security advisories
<https://www.mozilla.org/en-US/security/advisories/mfsa2024-30/> and
<https://www.mozilla.org/en-US/security/advisories/mfsa2024-34/>
for details.
* gnu/packages/tor-browsers.scm (%torbrowser-build-date): Update to
20240805090000.
(%torbrowser-version): Update to 13.5.2.
(%torbrowser-firefox-version): Update to 115.14.0esr-13.5-1-build2.
(%torbrowser-locales): Change it to be a plain list of supported locales.
(firefox-locales): New variable.
(torbrowser-translation-base): Update to
64b325861da514cd681533dcd368b351d2eb5f6c.
(torbrowser-translation-specific): Update to
36af545865b83e790019195095544d9eec133a49.
(lld-as-ld-wrapper-16): New variable.
(make-torbrowser)[native-inputs]: Add lld-as-ld-wrapper-16. Use
llvm-16 and clang-16.
[inputs]: Add firefox-locales.
[arguments] <#:phases>: Remove add-bridges.
setenv, copy-firefox-locales: Update MOZ_CHROME_MULTILOCALE to the
new %torbrowser-locales format.
copy-basebrowser-locales, copy-torbrowser-locales: Likewise and adjust
fluent file path.
deploy-fonts: Adjust regex expression.
autoconfig: Remove file-picker configuration workaround. See #71181.
---
gnu/packages/tor-browsers.scm | 141 +++++++++++++++-------------------
1 file changed, 60 insertions(+), 81 deletions(-)
diff --git a/gnu/packages/tor-browsers.scm b/gnu/packages/tor-browsers.scm
index 3d01346c8c..bde95a8428 100644
--- a/gnu/packages/tor-browsers.scm
+++ b/gnu/packages/tor-browsers.scm
@@ -21,7 +21,7 @@
;;; Copyright © 2021 Baptiste Strazzul <bstrazzull <at> hotmail.fr>
;;; Copyright © 2022 SeerLite <seerlite <at> disroot.org>
;;; Copyright © 2024 Aleksandr Vityazev <avityazew <at> gmail.com>
-;;; Copyright © 2020, 2021 André Batista <nandre <at> riseup.net>
+;;; Copyright © 2020, 2021, 2024 André Batista <nandre <at> riseup.net>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -104,63 +104,48 @@ (define-syntax-rule (mozilla-locales (hash-string changeset locale) ...)
#~(list (cons #$locale #$(mozilla-locale locale changeset hash-string))
...))
-;; See tor-browser-build/rbm.conf for the list.
-;; See browser/locales/l10n-changesets.json for the changeset.
-;; See update-mozilla-locales in gnuzilla.scm to automate updating changeset.
-(define %torbrowser-locales
- (mozilla-locales
- ;; sha256 changeset locale
- ;;---------------------------------------------------------------------------
- ("1218mldjxybhgzdi0myzkwjr2fgnysl71pl847kr7wyn1j8wk3a5" "c25d00080479" "ar")
- ("11c96jhfzd3h46qhblhvn2acsn895ykynarai8r5pf0655nfjs0j" "2de60e3d6d0c" "ca")
- ("0yhycgb3s3kydbzy6f2q7f7g2lp975spr092prf9xp8ha62ghby7" "609edd15f9a9" "cs")
- ("1kzx94n36c5vv954j7w65djvb37c178zazy25b35l71q2rvhmlhj" "2197a99c9a08" "da")
- ("13h7hk11bbd0yq8gqdv7ndbizkgwlm3ybz225l3x2b5cnyjxyg14" "b7a533e5edc9" "de")
- ("13ay27vdrqfv2ysyi7c2jmz50lps7rff9rmnws1z7jkj0a5chwrn" "20baf15379d8" "el")
- ("0mdr5b6pqxjmg9c8064x3hpf53h6w9j8ghl32655sx9jh4v3ykza" "beff1baac7c5" "es-ES")
- ("1pnyg09j6r15w8m62lwj89x6rz4br877z60p8s1hlrb9hj2s3vdx" "ebe0b60b0b36" "fa")
- ("067r505626cvlrsalnndf2ykz3nnkiy0b8yaxzf1rracpzmp0hni" "d5ae6a933d71" "fi")
- ("0026zzjv2bqc8sg06yvyd0mhny6mwwvhpvzjrhv2fi5v4wkxapdj" "496c2eb73b82" "fr")
- ("1dxcp26y8siap4k54zsw7mqa7k0l4f1505rdf4hnnxrzf9a643g5" "2fcccb5b19b3" "ga-IE")
- ("14v6xnlyj65hzaz2rmzxcl4skjgm48426jgr9mwkwiqis587lp4a" "c53cea027f8f" "he")
- ("04fdw2gzb64fb51bvs0bwsidzlvkdahmcy76vdg3gfcxslnlpi3y" "5a76dd3b5d5c" "hu")
- ("0bpyxpclfy74bcsjrs1ajh2am4zv6j6j9q4gc4vz8pgvzy9354zp" "6e6de17dcac4" "id")
- ("131ph8n235kr6nj1pszk0m00nh6kl360r4qvx4hjm8s22mw0k8qd" "536265635dfe" "is")
- ("03fbp4vgkwyimfmbm4n8blx1m16yhms2wm8j4wlx2h3cpxp5r71k" "91951e37e2b8" "it")
- ("0ncm531d7ih7phcn9d83zwq0dfphvmzg3gmhqmrrkkbydi1g3pbb" "895dcf8bb524" "ja")
- ("1x3110v730ak522zfm8j3r3v1x5lq3ig82kcgyxkc49xywajy0ni" "d0819a64fc40" "ka")
- ("14rc9mr4ngxdzwpjagzhz47jazgp1a6vwb0vbwj31yxv9iwkrgzi" "6ef881aff44b" "ko")
- ("1gl85z550amhbaxp39zdj6yyvashj9xd4ampfhm9jdpbf6n5j2l8" "afcbc29a15e5" "lt")
- ("1hz5g3iprfkbd88ncppyksbhlws73lhs75nf62hangw8l73wdn69" "84f3d6c7e2da" "mk")
- ("14aq37ngnav5m2kcb4wavxwhp28ad4jzdkzc7i64h0qvvxq5n3hf" "c9ec27a5db3d" "ms")
- ("0h7dlnawm5mbcx4qdlz5c7n4axz2dpa677v13ljdgm2b5w76msmq" "5c1480ccc040" "my")
- ("1b12azc1n8j1i2l20v66r74q79zqjvc5sf9pd8rmj3xd0fkxzdp2" "fc1896a0a24d" "nb-NO")
- ("1fh4dhlb6hynlpb2997gssv9v8zk5b7qrw0sclggczb5pcpjk6wc" "7e6da4f01bdb" "nl")
- ("1w8x3jjrd28f6g6ywwxldizpiipfkr63dzqd74kjpg24s2lqzp80" "e86a451a9cb5" "pl")
- ("1v3v4n82sn7a4h2d9n653fmgc31mikacf59lvdj6gbwvzpjb5yfa" "94c3dbb67a5d" "pt-BR")
- ("061a4z0lffgks3wlr6yh5z7x9arcn804mjwvffcmibs106vzamyq" "470b13b5805b" "ro")
- ("1fxgh7nfxpg2zknvfff8igq9q1vm5n4q033v7lm2c0xn3dbl8m28" "402b2ecbf04d" "ru")
- ("1i119g6dnhzxmpaz5r2jr9yzm1v24v2q6m3z6bfz2yihj0w7m133" "f637484e72b6" "sq")
- ("1nllh3ax323sxwhj7xvwvbfnh4179332pcmpfyybw1vaid3nr39k" "bb2d5d96d69e" "sv-SE")
- ("136m68fd0641k3qqmsw6zp016cvvd0sipsyv6rx2b9nli56agz57" "0e6c56bf2ac9" "th")
- ("0q8p8bwq8an65yfdwzm4dhl6km68r83bv5i17kay2gak8msxxhsb" "91e611ae3f19" "tr")
- ("1f2g7rnxpr2gjzngfsv19g11vk9zqpyrv01pz07mw2z3ffbkxf0j" "99d5ffa0b81e" "uk")
- ("1rizwsfgr7vxm31bin3i7bwhcqa67wcylak3xa387dvgf1y9057i" "5fd44724e22d" "vi")
- ("02ifa94jfii5f166rwdvv8si3bazm4bcf4qhi59c8f1hxbavb52h" "081aeb1aa308" "zh-CN")
- ("0qx9sh56pqc2x5qrh386cp1fi1gidhcmxxpvqkg9nh2jbizahznr" "9015a180602e" "zh-TW")))
-
;; We copy the official build id, which is defined at
;; tor-browser-build/rbm.conf (browser_release_date).
-(define %torbrowser-build-date "20240510190000")
+(define %torbrowser-build-date "20240805090000")
;; To find the last version, look at https://www.torproject.org/download/.
-(define %torbrowser-version "13.0.16")
+(define %torbrowser-version "13.5.2")
;; To find the last Firefox version, browse
;; https://archive.torproject.org/tor-package-archive/torbrowser/<%torbrowser-version>
;; There should be only one archive that starts with
;; "src-firefox-tor-browser-".
-(define %torbrowser-firefox-version "115.12.0esr-13.0-1-build1")
+(define %torbrowser-firefox-version "115.14.0esr-13.5-1-build2")
+
+;; See tor-browser-build/rbm.conf for the list.
+(define %torbrowser-locales (list "ar" "ca" "cs" "da" "de" "el" "es-ES" "fa" "fi" "fr"
+ "ga-IE" "he" "hu" "id" "is" "it" "ja" "ka" "ko" "lt"
+ "mk" "ms" "my" "nb-NO" "nl" "pl" "pt-BR" "ro" "ru"
+ "sq" "sv-SE" "th" "tr" "uk" "vi" "zh-CN" "zh-TW"))
+
+;; See browser/locales/l10n-changesets.json for the commit.
+(define firefox-locales
+ (let ((commit "d8d587117c7b9dcc6a4fbc38407ed2c831bb008f")
+ (revision "0"))
+ (package
+ (name "firefox-locales")
+ (version (git-version "0.0.0" revision commit))
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/mozilla-l10n/firefox-l10n")
+ (commit commit)))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32
+ "0a2ly29lli02jflqw78zjk7bp7h18fz935cc9csavi0cpdiixjv1"))))
+ (build-system copy-build-system)
+ (home-page "https://github.com/mozilla-l10n/firefox-l10n")
+ (synopsis "Firefox Locales")
+ (description "This package contains localized messages for all
+Firefox locales.")
+ (license license:mpl2.0))))
;; See tor-browser-build/projects/translation/config.
(define torbrowser-translation-base
@@ -168,11 +153,11 @@ (define torbrowser-translation-base
(method git-fetch)
(uri (git-reference
(url "https://gitlab.torproject.org/tpo/translation.git")
- (commit "f28525699864f4e3d764c354130bd898ce5b20aa")))
+ (commit "64b325861da514cd681533dcd368b351d2eb5f6c")))
(file-name "translation-base-browser")
(sha256
(base32
- "1vf6nl7fdmlmg2gskf3w1xlsgcm0pxi54z2daz5nwr6q9gyi0lkf"))))
+ "0sz60q60839waq8af021635il0v0s4nah6c7krssx12720zxcl5f"))))
;; See tor-browser-build/projects/translation/config.
(define torbrowser-translation-specific
@@ -180,11 +165,11 @@ (define torbrowser-translation-specific
(method git-fetch)
(uri (git-reference
(url "https://gitlab.torproject.org/tpo/translation.git")
- (commit "b5d79336411e5a59c4861341ef9aa7353e0bcad9")))
+ (commit "36af545865b83e790019195095544d9eec133a49")))
(file-name "translation-tor-browser")
(sha256
(base32
- "0ahz69pxhgik7ynmdkbnx7v5l2v392i6dswjz057g4hwnd7d34fb"))))
+ "02kc9b554p3ykm0vvybf2yr3fkmnm06czbdfbc5yapcfdrmwsly3"))))
(define torbrowser-assets
;; This is a prebuilt Torbrowser from which we take the assets we need.
@@ -200,7 +185,7 @@ (define torbrowser-assets
version "/tor-browser-linux-x86_64-" version ".tar.xz"))
(sha256
(base32
- "1kffam66bsaahzx212hw9lb03jwfr24hivzg067iyzilsldpc9c1"))))
+ "1m8rjjqm93ggqfra99xpxgqgjn4b37l63hhrv2gf67mbd12wm9kz"))))
(arguments
(list
#:install-plan
@@ -215,6 +200,10 @@ (define torbrowser-assets
Browser.")
(license license:silofl1.1)))
+;;; A LLD wrapper that can be used as a (near) drop-in replacement to GNU ld.
+(define lld-as-ld-wrapper-16
+ (make-lld-wrapper lld-16 #:lld-as-ld? #t))
+
(define* (make-torbrowser #:key
moz-app-name
moz-app-remotingname
@@ -238,10 +227,11 @@ (define* (make-torbrowser #:key
".tar.xz"))
(sha256
(base32
- "1b70zyjyai6kk4y1kkl8jvrs56gg7z31kkad6bmdpd8jw4n71grx"))))
+ "1v81y5grhzk5gdzryyyvf97g7li9rasvjdj2nkridi18694qrykh"))))
(build-system mozilla-build-system)
(inputs
(list go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-lyrebird
+ firefox-locales
tor-client
alsa-lib
bash-minimal ;for wrap-program
@@ -293,8 +283,9 @@ (define* (make-torbrowser #:key
rust
`(,rust "cargo")
rust-cbindgen
- llvm-15
- clang-15
+ lld-as-ld-wrapper-16 ; for cargo rustc
+ llvm-16
+ clang-16
perl
node-lts
python-wrapper
@@ -541,7 +532,7 @@ (define (runpaths-of-input label)
(setenv "MOZBUILD_STATE_PATH"
(in-vicinity (getcwd) ".mozbuild"))
(setenv "MOZ_CHROME_MULTILOCALE"
- (string-join (map car #$locales)))
+ (string-join (list #$@locales)))
;; Make build reproducible.
(setenv "MOZ_BUILD_DATE" #$build-date)))
(add-before 'configure 'mozconfig
@@ -555,14 +546,14 @@ (define (runpaths-of-input label)
;; See tor-browser-build/projects/firefox/build.
(add-before 'configure 'copy-firefox-locales
(lambda _
- (let ((l10ncentral ".mozbuild/l10n-central"))
+ (let ((l10ncentral ".mozbuild/l10n-central")
+ (ff-locales #$(this-package-input "firefox-locales")))
(mkdir-p l10ncentral)
(for-each
(lambda (lang)
- (copy-recursively (cdr lang)
- (in-vicinity l10ncentral
- (car lang))))
- #$locales))))
+ (copy-recursively (string-append ff-locales "/" lang)
+ (in-vicinity l10ncentral lang)))
+ (list #$@locales)))))
(add-after 'copy-firefox-locales 'copy-basebrowser-locales
(lambda _
(let ((l10ncentral ".mozbuild/l10n-central"))
@@ -577,7 +568,7 @@ (define (runpaths-of-input label)
#f (string-join
'("mv"
"translation-base-browser/~a/base-browser.ftl"
- "~a/~a/browser/browser/"))
+ "~a/~a/toolkit/toolkit/global/"))
lang l10ncentral lang))
(system
(format
@@ -586,7 +577,7 @@ (define (runpaths-of-input label)
"translation-base-browser/~a/*"
"~a/~a/browser/chrome/browser/"))
lang l10ncentral lang)))
- (map car #$locales)))))
+ (list #$@locales)))))
(add-after 'copy-basebrowser-locales 'copy-torbrowser-locales
(lambda _
(let ((l10ncentral ".mozbuild/l10n-central"))
@@ -601,7 +592,7 @@ (define (runpaths-of-input label)
#f (string-join
'("mv"
"translation-tor-browser/~a/tor-browser.ftl"
- "~a/~a/browser/browser/"))
+ "~a/~a/toolkit/toolkit/global/"))
lang l10ncentral lang))
(system
(format
@@ -623,7 +614,7 @@ (define (runpaths-of-input label)
(format port " locale/~a/ (chrome/locale/~a/*)~%"
lang lang)
(close port)))
- (map car #$locales)))))
+ (list #$@locales)))))
(replace 'configure
(lambda _
(invoke "./mach" "configure")))
@@ -632,14 +623,6 @@ (define (runpaths-of-input label)
(substitute*
"toolkit/locales/en-US/toolkit/about/aboutAddons.ftl"
(("addons.mozilla.org") "gnuzilla.gnu.org"))))
- (add-before 'build 'add-bridges ;see deploy.sh
- (lambda _
- (let ((port (open-file
- "browser/app/profile/000-tor-browser.js" "a")))
- (display
- "#include ../../../tools/torbrowser/bridges.js" port)
- (newline port)
- (close port))))
(replace 'build
(lambda* (#:key (make-flags '()) (parallel-build? #t)
#:allow-other-keys)
@@ -739,7 +722,7 @@ (define (runpaths-of-input label)
(copy-recursively (in-vicinity #$assets "fontconfig")
(in-vicinity lib "fontconfig"))
(substitute* (in-vicinity lib "fontconfig/fonts.conf")
- (("<dir>fonts</dir>")
+ (("<dir prefix=\"cwd\">fonts</dir>")
(format #f "<dir>~a</dir>" (in-vicinity lib "fonts"))))
(delete-file-recursively (in-vicinity lib "fonts"))
(copy-recursively (in-vicinity #$assets "fonts")
@@ -805,11 +788,7 @@ (define (runpaths-of-input label)
"https://gnuzilla.gnu.org/mozzarella")
(format #t "pref(~s, ~s);~%"
"lightweightThemes.getMoreURL"
- "https://gnuzilla.gnu.org/mozzarella")
- ;; FIXME: https://github.com/NixOS/nixpkgs/issues/307095
- (format #t "pref(~s, ~a);~%"
- "widget.use-xdg-desktop-portal.file-picker"
- "1"))))))
+ "https://gnuzilla.gnu.org/mozzarella"))))))
(add-after 'autoconfig 'autoconfig-tor
(lambda* (#:key inputs #:allow-other-keys)
(let ((lib (in-vicinity #$output "lib/torbrowser"))
--
2.45.2
guix-patches <at> gnu.org:bug#71782; Package guix-patches.
(Wed, 07 Aug 2024 00:17:02 GMT) Full text and rfc822 format available.Message #47 received at 71782 <at> debbugs.gnu.org (full text, mbox):
From: André Batista <nandre <at> riseup.net> To: 71782 <at> debbugs.gnu.org Cc: André Batista <nandre <at> riseup.net> Subject: [PATCH v4 4/4] gnu: mullvadbrowser: Update to 13.5.2 [security fixes]. Date: Tue, 6 Aug 2024 21:16:17 -0300
Fixes CVEs 2024-6600, 2024-6601, 2024-6602, 2024-6603, 2024-6604,
2024-7519, 2024-7521, 2024-7522, 2024-7524, 2024-7525, 2024-7526,
2024-7527, 2024-7529 and 2024-7531.
See the Mozilla Foundation Security advisories
<https://www.mozilla.org/en-US/security/advisories/mfsa2024-30/> and
<https://www.mozilla.org/en-US/security/advisories/mfsa2024-34/>
for details.
* gnu/packages/mullvad-browsers.scm (mozilla-locale): Remove it.
(mozilla-locales): Likewise.
(firefox-locales): Move to the top.
(%mullvadbrowser-locales): Change it to be a plain list of supported
locales.
(%mullvadbrowser-build-date): Update to 20240805090000.
(%mullvadbrowser-version): Update to 13.5.2.
(%mullvadbrowser-firefox-version): Update to 115.14.0esr-13.5-1-build2.
(mullvadbrowser-translation-base): Update to
64b325861da514cd681533dcd368b351d2eb5f6c.
(mullvadbrowser) [arguments] <#:phases>: Adjust copy-torbrowser-locales
replacement accordingly.
---
gnu/packages/tor-browsers.scm | 98 +++++++++++------------------------
1 file changed, 30 insertions(+), 68 deletions(-)
diff --git a/gnu/packages/tor-browsers.scm b/gnu/packages/tor-browsers.scm
index bde95a8428..1898f8b2c4 100644
--- a/gnu/packages/tor-browsers.scm
+++ b/gnu/packages/tor-browsers.scm
@@ -90,39 +90,6 @@ (define-module (gnu packages tor-browsers)
#:use-module (ice-9 regex)
#:use-module (guix utils))
-(define (mozilla-locale locale changeset hash-string)
- (origin
- (method hg-fetch)
- (uri (hg-reference
- (url (string-append "https://hg.mozilla.org/l10n-central/"
- locale))
- (changeset changeset)))
- (file-name (string-append "mozilla-locale-" locale))
- (sha256 (base32 hash-string))))
-
-(define-syntax-rule (mozilla-locales (hash-string changeset locale) ...)
- #~(list (cons #$locale #$(mozilla-locale locale changeset hash-string))
- ...))
-
-;; We copy the official build id, which is defined at
-;; tor-browser-build/rbm.conf (browser_release_date).
-(define %torbrowser-build-date "20240805090000")
-
-;; To find the last version, look at https://www.torproject.org/download/.
-(define %torbrowser-version "13.5.2")
-
-;; To find the last Firefox version, browse
-;; https://archive.torproject.org/tor-package-archive/torbrowser/<%torbrowser-version>
-;; There should be only one archive that starts with
-;; "src-firefox-tor-browser-".
-(define %torbrowser-firefox-version "115.14.0esr-13.5-1-build2")
-
-;; See tor-browser-build/rbm.conf for the list.
-(define %torbrowser-locales (list "ar" "ca" "cs" "da" "de" "el" "es-ES" "fa" "fi" "fr"
- "ga-IE" "he" "hu" "id" "is" "it" "ja" "ka" "ko" "lt"
- "mk" "ms" "my" "nb-NO" "nl" "pl" "pt-BR" "ro" "ru"
- "sq" "sv-SE" "th" "tr" "uk" "vi" "zh-CN" "zh-TW"))
-
;; See browser/locales/l10n-changesets.json for the commit.
(define firefox-locales
(let ((commit "d8d587117c7b9dcc6a4fbc38407ed2c831bb008f")
@@ -147,6 +114,25 @@ (define firefox-locales
Firefox locales.")
(license license:mpl2.0))))
+;; We copy the official build id, which is defined at
+;; tor-browser-build/rbm.conf (browser_release_date).
+(define %torbrowser-build-date "20240805090000")
+
+;; To find the last version, look at https://www.torproject.org/download/.
+(define %torbrowser-version "13.5.2")
+
+;; To find the last Firefox version, browse
+;; https://archive.torproject.org/tor-package-archive/torbrowser/<%torbrowser-version>
+;; There should be only one archive that starts with
+;; "src-firefox-tor-browser-".
+(define %torbrowser-firefox-version "115.14.0esr-13.5-1-build2")
+
+;; See tor-browser-build/rbm.conf for the list.
+(define %torbrowser-locales (list "ar" "ca" "cs" "da" "de" "el" "es-ES" "fa" "fi" "fr"
+ "ga-IE" "he" "hu" "id" "is" "it" "ja" "ka" "ko" "lt"
+ "mk" "ms" "my" "nb-NO" "nl" "pl" "pt-BR" "ro" "ru"
+ "sq" "sv-SE" "th" "tr" "uk" "vi" "zh-CN" "zh-TW"))
+
;; See tor-browser-build/projects/translation/config.
(define torbrowser-translation-base
(origin
@@ -832,47 +818,23 @@ (define-public torbrowser
;; See tor-browser-build/rbm.conf for the list.
-;; See browser/locales/l10n-changesets.json for the changeset.
-;; See update-mozilla-locales in gnuzilla.scm to automate updating changeset.
-(define %mullvadbrowser-locales
- (mozilla-locales
- ;; sha256 changeset locale
- ;;---------------------------------------------------------------------------
- ("1218mldjxybhgzdi0myzkwjr2fgnysl71pl847kr7wyn1j8wk3a5" "c25d00080479" "ar")
- ("1kzx94n36c5vv954j7w65djvb37c178zazy25b35l71q2rvhmlhj" "2197a99c9a08" "da")
- ("13h7hk11bbd0yq8gqdv7ndbizkgwlm3ybz225l3x2b5cnyjxyg14" "b7a533e5edc9" "de")
- ("0mdr5b6pqxjmg9c8064x3hpf53h6w9j8ghl32655sx9jh4v3ykza" "beff1baac7c5" "es-ES")
- ("1pnyg09j6r15w8m62lwj89x6rz4br877z60p8s1hlrb9hj2s3vdx" "ebe0b60b0b36" "fa")
- ("067r505626cvlrsalnndf2ykz3nnkiy0b8yaxzf1rracpzmp0hni" "d5ae6a933d71" "fi")
- ("0026zzjv2bqc8sg06yvyd0mhny6mwwvhpvzjrhv2fi5v4wkxapdj" "496c2eb73b82" "fr")
- ("03fbp4vgkwyimfmbm4n8blx1m16yhms2wm8j4wlx2h3cpxp5r71k" "91951e37e2b8" "it")
- ("0ncm531d7ih7phcn9d83zwq0dfphvmzg3gmhqmrrkkbydi1g3pbb" "895dcf8bb524" "ja")
- ("14rc9mr4ngxdzwpjagzhz47jazgp1a6vwb0vbwj31yxv9iwkrgzi" "6ef881aff44b" "ko")
- ("0h7dlnawm5mbcx4qdlz5c7n4axz2dpa677v13ljdgm2b5w76msmq" "5c1480ccc040" "my")
- ("1b12azc1n8j1i2l20v66r74q79zqjvc5sf9pd8rmj3xd0fkxzdp2" "fc1896a0a24d" "nb-NO")
- ("1fh4dhlb6hynlpb2997gssv9v8zk5b7qrw0sclggczb5pcpjk6wc" "7e6da4f01bdb" "nl")
- ("1w8x3jjrd28f6g6ywwxldizpiipfkr63dzqd74kjpg24s2lqzp80" "e86a451a9cb5" "pl")
- ("1v3v4n82sn7a4h2d9n653fmgc31mikacf59lvdj6gbwvzpjb5yfa" "94c3dbb67a5d" "pt-BR")
- ("1fxgh7nfxpg2zknvfff8igq9q1vm5n4q033v7lm2c0xn3dbl8m28" "402b2ecbf04d" "ru")
- ("1nllh3ax323sxwhj7xvwvbfnh4179332pcmpfyybw1vaid3nr39k" "bb2d5d96d69e" "sv-SE")
- ("136m68fd0641k3qqmsw6zp016cvvd0sipsyv6rx2b9nli56agz57" "0e6c56bf2ac9" "th")
- ("0q8p8bwq8an65yfdwzm4dhl6km68r83bv5i17kay2gak8msxxhsb" "91e611ae3f19" "tr")
- ("02ifa94jfii5f166rwdvv8si3bazm4bcf4qhi59c8f1hxbavb52h" "081aeb1aa308" "zh-CN")
- ("0qx9sh56pqc2x5qrh386cp1fi1gidhcmxxpvqkg9nh2jbizahznr" "9015a180602e" "zh-TW")))
+(define %mullvadbrowser-locales (list "ar" "da" "de" "es-ES" "fa" "fi" "fr" "it"
+ "ja" "ko" "my" "nb-NO" "nl" "pl" "pt-BR"
+ "ru" "sv-SE" "th" "tr" "zh-CN" "zh-TW"))
;; We copy the official build id, which can be found there:
;; https://cdn.mullvad.net/browser/update_responses/update_1/release.
-(define %mullvadbrowser-build-date "20240510190000")
+(define %mullvadbrowser-build-date "20240805090000")
;; To find the last version, look at
;; https://mullvad.net/en/download/browser/linux.
-(define %mullvadbrowser-version "13.0.16")
+(define %mullvadbrowser-version "13.5.2")
;; To find the last Firefox version, browse
;; https://archive.torproject.org/tor-package-archive/mullvadbrowser/<%mullvadbrowser-version>
;; There should be only one archive that starts with
;; "src-firefox-mullvad-browser-".
-(define %mullvadbrowser-firefox-version "115.12.0esr-13.0-1-build1")
+(define %mullvadbrowser-firefox-version "115.14.0esr-13.5-1-build2")
;; See tor-browser-build/projects/translation/config.
(define mullvadbrowser-translation-base
@@ -880,11 +842,11 @@ (define mullvadbrowser-translation-base
(method git-fetch)
(uri (git-reference
(url "https://gitlab.torproject.org/tpo/translation.git")
- (commit "f28525699864f4e3d764c354130bd898ce5b20aa")))
+ (commit "64b325861da514cd681533dcd368b351d2eb5f6c")))
(file-name "translation-base-browser")
(sha256
(base32
- "1vf6nl7fdmlmg2gskf3w1xlsgcm0pxi54z2daz5nwr6q9gyi0lkf"))))
+ "0sz60q60839waq8af021635il0v0s4nah6c7krssx12720zxcl5f"))))
;; See tor-browser-build/projects/translation/config.
(define mullvadbrowser-translation-specific
@@ -912,7 +874,7 @@ (define mullvadbrowser-assets
version "/mullvad-browser-linux-x86_64-" version ".tar.xz"))
(sha256
(base32
- "1bpchiz12zjyrzpgyk71naf1jdf3msjcjwggb1mziyawc6pyxj7v"))))
+ "1mvhasy70yhndibrb4m8cslkbz2gn08p6kirilnqzqq6p0j1lxq9"))))
(arguments
(list
#:install-plan
@@ -955,7 +917,7 @@ (define-public mullvadbrowser
%mullvadbrowser-firefox-version ".tar.xz"))
(sha256
(base32
- "1xs4qwa3c6nfq6cj5q6asfrzki4brafg65g6hbn0fc9qqcmrhkv5"))))
+ "0w5xy4cxcnxn6vzp5jbzxcssy9r69pgby0gl04m33fh9fl26pkkq"))))
(arguments
(substitute-keyword-arguments (package-arguments mullvadbrowser-base)
((#:phases phases)
@@ -977,7 +939,7 @@ (define-public mullvadbrowser
(system
(format #f "cp -Lr ~a/~a .mozbuild/l10n-central/"
#$mullvadbrowser-translation-specific lang)))
- (map car #$%mullvadbrowser-locales))))
+ (list #$@%mullvadbrowser-locales))))
(add-before 'build 'fix-profiles
;; Otherwise the profile would change every time the install
;; location changes, that is: at every package update. These
--
2.45.2
guix-patches <at> gnu.org:bug#71782; Package guix-patches.
(Thu, 05 Sep 2024 23:10:02 GMT) Full text and rfc822 format available.Message #50 received at 71782 <at> debbugs.gnu.org (full text, mbox):
From: André Batista <nandre <at> riseup.net> To: 71782 <at> debbugs.gnu.org Cc: André Batista <nandre <at> riseup.net>, mhw <at> netris.org, jonathan.brielmaier <at> web.de, ian <at> retrospec.tv Subject: [PATCH v5 0/4] Update torbrowser and mullvadbrowser to v. 13.5.3. Date: Thu, 5 Sep 2024 20:08:01 -0300
This patch series updates both torbrowser and mullvadbrowser to version
13.5.3.
See previous covers for the complete rationale. No further changes this
time around besides updating commits, versions and hashes.
A full upgrade depends on #73012, which updates noscript extension.
André Batista (4):
gnu: Add
go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-webtunnel.
gnu:
go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-lyrebird:
Update to 0.3.0.
gnu: torbrowser: Update to 13.5.3 [security fixes].
gnu: mullvadbrowser: Update to 13.5.3 [security fixes].
gnu/packages/golang.scm | 31 +++++-
gnu/packages/tor-browsers.scm | 199 ++++++++++++----------------------
2 files changed, 99 insertions(+), 131 deletions(-)
base-commit: 68d069ccaf1e7988058dc937d391a1262d927acc
--
2.45.2
guix-patches <at> gnu.org:bug#71782; Package guix-patches.
(Thu, 05 Sep 2024 23:19:02 GMT) Full text and rfc822 format available.Message #53 received at 71782 <at> debbugs.gnu.org (full text, mbox):
From: André Batista <nandre <at> riseup.net> To: 71782 <at> debbugs.gnu.org Cc: sharlatanus <at> gmail.com, jonathan.brielmaier <at> web.de, ian <at> retrospec.tv, André Batista <nandre <at> riseup.net>, mhw <at> netris.org, cox.katherine.e+guix <at> gmail.com Subject: [PATCH v5 1/4] gnu: Add go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-webtunnel. Date: Thu, 5 Sep 2024 20:17:07 -0300
* gnu/packages/golang.scm
(go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-webtunnel):
New variable.
Change-Id: I84ef723ea03822bd5abf655914f44fb53fd865e2
---
gnu/packages/golang.scm | 25 +++++++++++++++++++++++++
1 file changed, 25 insertions(+)
diff --git a/gnu/packages/golang.scm b/gnu/packages/golang.scm
index 9f04b8e423..af2acc909e 100644
--- a/gnu/packages/golang.scm
+++ b/gnu/packages/golang.scm
@@ -2241,6 +2241,31 @@ (define-public go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports
incorporates ideas and concepts from Philipp Winter's ScrambleSuit protocol.")
(license (list license:bsd-2 license:bsd-3))))
+(define-public go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-webtunnel
+ (let ((commit "e64b1b3562f3ab50d06141ecd513a21ec74fe8c6")
+ (revision "0"))
+ (package
+ (name "go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-webtunnel")
+ (version (git-version "0.0.0" revision commit))
+ (source
+ (origin
+ (method git-fetch)
+ (uri
+ (git-reference
+ (url "https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/webtunnel")
+ (commit commit)))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32 "0nvd0qp1mdy7w32arnkhghxm5k2g6gy33cxlarxc6vdm4yh6v5nv"))))
+ (build-system go-build-system)
+ (arguments
+ `(#:import-path "gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/webtunnel"))
+ (home-page "https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/webtunnel")
+ (synopsis "Go WebTunnel Pluggable Transport")
+ (description "WebTunnel is a Go Pluggable Transport that attempts to imitate
+web browsing activities based on HTTP Upgrade (HTTPT).")
+ (license license:bsd-2))))
+
(define-public go-github-com-sevlyar-go-daemon
(package
(name "go-github-com-sevlyar-go-daemon")
--
2.45.2
guix-patches <at> gnu.org:bug#71782; Package guix-patches.
(Thu, 05 Sep 2024 23:20:02 GMT) Full text and rfc822 format available.Message #56 received at 71782 <at> debbugs.gnu.org (full text, mbox):
From: André Batista <nandre <at> riseup.net> To: 71782 <at> debbugs.gnu.org Cc: sharlatanus <at> gmail.com, jonathan.brielmaier <at> web.de, ian <at> retrospec.tv, André Batista <nandre <at> riseup.net>, mhw <at> netris.org, cox.katherine.e+guix <at> gmail.com Subject: [PATCH v5 2/4] gnu: go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-lyrebird: Update to 0.3.0. Date: Thu, 5 Sep 2024 20:17:34 -0300
* gnu/packages/golang.scm (go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-lyrebird):
Update to 0.3.0.
[propagated-inputs]: Add go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-webtunnel.
Change-Id: Iac17163aab6e6010f9fa569fcaf51b217084a572
---
gnu/packages/golang.scm | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/gnu/packages/golang.scm b/gnu/packages/golang.scm
index af2acc909e..ccb94aadf7 100644
--- a/gnu/packages/golang.scm
+++ b/gnu/packages/golang.scm
@@ -46,6 +46,7 @@
;;; Copyright © 2024 Troy Figiel <troy <at> troyfigiel.com>
;;; Copyright © 2024 Greg Hogan <code <at> greghogan.com>
;;; Copyright © 2024 Brennan Vincent <brennan <at> umanwizard.com>
+;;; Copyright © 2024 André Batista <nandre <at> riseup.net>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -2197,7 +2198,7 @@ (define-public go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports
(define-public go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-lyrebird
(package
(name "go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-lyrebird")
- (version "0.1.0")
+ (version "0.3.0")
(source (origin
(method git-fetch)
(uri (git-reference
@@ -2206,7 +2207,7 @@ (define-public go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports
(file-name (git-file-name name version))
(sha256
(base32
- "0rifg5kgqp4c3b44j48fjmx00m00ai7fa4gaqrgphiqs1fc5586s"))))
+ "1bmljd81vc8b4kzmpgmx1n1vvjn5y1s2w01hjxwplmnchv9dndkl"))))
(build-system go-build-system)
(arguments
`(#:unpack-path "gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/lyrebird"
@@ -2232,6 +2233,7 @@ (define-public go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports
go-github-com-refraction-networking-utls
go-gitlab-com-yawning-edwards25519-extra
go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-goptlib
+ go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-webtunnel
go-golang-org-x-crypto
go-golang-org-x-net
go-golang-org-x-text))
--
2.45.2
guix-patches <at> gnu.org:bug#71782; Package guix-patches.
(Thu, 05 Sep 2024 23:20:02 GMT) Full text and rfc822 format available.Message #59 received at 71782 <at> debbugs.gnu.org (full text, mbox):
From: André Batista <nandre <at> riseup.net> To: 71782 <at> debbugs.gnu.org Cc: André Batista <nandre <at> riseup.net>, mhw <at> netris.org, jonathan.brielmaier <at> web.de, ian <at> retrospec.tv Subject: [PATCH v5 3/4] gnu: torbrowser: Update to 13.5.3 [security fixes]. Date: Thu, 5 Sep 2024 20:18:03 -0300
Fixes CVEs 2024-6600, 2024-6601, 2024-6602, 2024-6603, 2024-6604,
2024-7519, 2024-7521, 2024-7522, 2024-7524, 2024-7525, 2024-7526,
2024-7527, 2024-7529, 2024-7531, 2024-8381, 2024-8382, 2024-8383 and
2024-8384.
See the Mozilla Foundation Security advisories
<https://www.mozilla.org/en-US/security/advisories/mfsa2024-30/>,
<https://www.mozilla.org/en-US/security/advisories/mfsa2024-34/> and
<https://www.mozilla.org/en-US/security/advisories/mfsa2024-41/>
for details.
* gnu/packages/tor-browsers.scm (%torbrowser-build-date): Update to
20240903073000.
(%torbrowser-version): Update to 13.5.3.
(%torbrowser-firefox-version): Update to 115.15.0esr-13.5-1-build3.
(%torbrowser-locales): Change it to be a plain list of supported locales.
(firefox-locales): New variable.
(torbrowser-translation-base): Update to
daed2afc487d1b20efc17feb153156524c6f714b.
(torbrowser-translation-specific): Update to
6374e3b09c0894b8452fa1ba0b99c807722fc805.
(lld-as-ld-wrapper-16): New variable.
(make-torbrowser)[native-inputs]: Add lld-as-ld-wrapper-16. Use
llvm-16 and clang-16.
[inputs]: Add firefox-locales.
[arguments] <#:phases>: Remove add-bridges.
setenv, copy-firefox-locales: Update MOZ_CHROME_MULTILOCALE to the
new %torbrowser-locales format.
copy-basebrowser-locales, copy-torbrowser-locales: Likewise and adjust
fluent file path.
deploy-fonts: Adjust regex expression.
autoconfig: Remove file-picker configuration workaround. See #71181.
Change-Id: Idf182607798d9111c30db63fe926b7f8cb3ce300
---
gnu/packages/tor-browsers.scm | 141 +++++++++++++++-------------------
1 file changed, 60 insertions(+), 81 deletions(-)
diff --git a/gnu/packages/tor-browsers.scm b/gnu/packages/tor-browsers.scm
index ba6bbaa873..180dae6317 100644
--- a/gnu/packages/tor-browsers.scm
+++ b/gnu/packages/tor-browsers.scm
@@ -21,7 +21,7 @@
;;; Copyright © 2021 Baptiste Strazzul <bstrazzull <at> hotmail.fr>
;;; Copyright © 2022 SeerLite <seerlite <at> disroot.org>
;;; Copyright © 2024 Aleksandr Vityazev <avityazew <at> gmail.com>
-;;; Copyright © 2020, 2021 André Batista <nandre <at> riseup.net>
+;;; Copyright © 2020, 2021, 2024 André Batista <nandre <at> riseup.net>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -104,63 +104,48 @@ (define-syntax-rule (mozilla-locales (hash-string changeset locale) ...)
#~(list (cons #$locale #$(mozilla-locale locale changeset hash-string))
...))
-;; See tor-browser-build/rbm.conf for the list.
-;; See browser/locales/l10n-changesets.json for the changeset.
-;; See update-mozilla-locales in gnuzilla.scm to automate updating changeset.
-(define %torbrowser-locales
- (mozilla-locales
- ;; sha256 changeset locale
- ;;---------------------------------------------------------------------------
- ("1218mldjxybhgzdi0myzkwjr2fgnysl71pl847kr7wyn1j8wk3a5" "c25d00080479" "ar")
- ("11c96jhfzd3h46qhblhvn2acsn895ykynarai8r5pf0655nfjs0j" "2de60e3d6d0c" "ca")
- ("0yhycgb3s3kydbzy6f2q7f7g2lp975spr092prf9xp8ha62ghby7" "609edd15f9a9" "cs")
- ("1kzx94n36c5vv954j7w65djvb37c178zazy25b35l71q2rvhmlhj" "2197a99c9a08" "da")
- ("13h7hk11bbd0yq8gqdv7ndbizkgwlm3ybz225l3x2b5cnyjxyg14" "b7a533e5edc9" "de")
- ("13ay27vdrqfv2ysyi7c2jmz50lps7rff9rmnws1z7jkj0a5chwrn" "20baf15379d8" "el")
- ("0mdr5b6pqxjmg9c8064x3hpf53h6w9j8ghl32655sx9jh4v3ykza" "beff1baac7c5" "es-ES")
- ("1pnyg09j6r15w8m62lwj89x6rz4br877z60p8s1hlrb9hj2s3vdx" "ebe0b60b0b36" "fa")
- ("067r505626cvlrsalnndf2ykz3nnkiy0b8yaxzf1rracpzmp0hni" "d5ae6a933d71" "fi")
- ("0026zzjv2bqc8sg06yvyd0mhny6mwwvhpvzjrhv2fi5v4wkxapdj" "496c2eb73b82" "fr")
- ("1dxcp26y8siap4k54zsw7mqa7k0l4f1505rdf4hnnxrzf9a643g5" "2fcccb5b19b3" "ga-IE")
- ("14v6xnlyj65hzaz2rmzxcl4skjgm48426jgr9mwkwiqis587lp4a" "c53cea027f8f" "he")
- ("04fdw2gzb64fb51bvs0bwsidzlvkdahmcy76vdg3gfcxslnlpi3y" "5a76dd3b5d5c" "hu")
- ("0bpyxpclfy74bcsjrs1ajh2am4zv6j6j9q4gc4vz8pgvzy9354zp" "6e6de17dcac4" "id")
- ("131ph8n235kr6nj1pszk0m00nh6kl360r4qvx4hjm8s22mw0k8qd" "536265635dfe" "is")
- ("03fbp4vgkwyimfmbm4n8blx1m16yhms2wm8j4wlx2h3cpxp5r71k" "91951e37e2b8" "it")
- ("0ncm531d7ih7phcn9d83zwq0dfphvmzg3gmhqmrrkkbydi1g3pbb" "895dcf8bb524" "ja")
- ("1x3110v730ak522zfm8j3r3v1x5lq3ig82kcgyxkc49xywajy0ni" "d0819a64fc40" "ka")
- ("14rc9mr4ngxdzwpjagzhz47jazgp1a6vwb0vbwj31yxv9iwkrgzi" "6ef881aff44b" "ko")
- ("1gl85z550amhbaxp39zdj6yyvashj9xd4ampfhm9jdpbf6n5j2l8" "afcbc29a15e5" "lt")
- ("1hz5g3iprfkbd88ncppyksbhlws73lhs75nf62hangw8l73wdn69" "84f3d6c7e2da" "mk")
- ("14aq37ngnav5m2kcb4wavxwhp28ad4jzdkzc7i64h0qvvxq5n3hf" "c9ec27a5db3d" "ms")
- ("0h7dlnawm5mbcx4qdlz5c7n4axz2dpa677v13ljdgm2b5w76msmq" "5c1480ccc040" "my")
- ("1b12azc1n8j1i2l20v66r74q79zqjvc5sf9pd8rmj3xd0fkxzdp2" "fc1896a0a24d" "nb-NO")
- ("1fh4dhlb6hynlpb2997gssv9v8zk5b7qrw0sclggczb5pcpjk6wc" "7e6da4f01bdb" "nl")
- ("1w8x3jjrd28f6g6ywwxldizpiipfkr63dzqd74kjpg24s2lqzp80" "e86a451a9cb5" "pl")
- ("1v3v4n82sn7a4h2d9n653fmgc31mikacf59lvdj6gbwvzpjb5yfa" "94c3dbb67a5d" "pt-BR")
- ("061a4z0lffgks3wlr6yh5z7x9arcn804mjwvffcmibs106vzamyq" "470b13b5805b" "ro")
- ("1fxgh7nfxpg2zknvfff8igq9q1vm5n4q033v7lm2c0xn3dbl8m28" "402b2ecbf04d" "ru")
- ("1i119g6dnhzxmpaz5r2jr9yzm1v24v2q6m3z6bfz2yihj0w7m133" "f637484e72b6" "sq")
- ("1nllh3ax323sxwhj7xvwvbfnh4179332pcmpfyybw1vaid3nr39k" "bb2d5d96d69e" "sv-SE")
- ("136m68fd0641k3qqmsw6zp016cvvd0sipsyv6rx2b9nli56agz57" "0e6c56bf2ac9" "th")
- ("0q8p8bwq8an65yfdwzm4dhl6km68r83bv5i17kay2gak8msxxhsb" "91e611ae3f19" "tr")
- ("1f2g7rnxpr2gjzngfsv19g11vk9zqpyrv01pz07mw2z3ffbkxf0j" "99d5ffa0b81e" "uk")
- ("1rizwsfgr7vxm31bin3i7bwhcqa67wcylak3xa387dvgf1y9057i" "5fd44724e22d" "vi")
- ("02ifa94jfii5f166rwdvv8si3bazm4bcf4qhi59c8f1hxbavb52h" "081aeb1aa308" "zh-CN")
- ("0qx9sh56pqc2x5qrh386cp1fi1gidhcmxxpvqkg9nh2jbizahznr" "9015a180602e" "zh-TW")))
-
;; We copy the official build id, which is defined at
;; tor-browser-build/rbm.conf (browser_release_date).
-(define %torbrowser-build-date "20240510190000")
+(define %torbrowser-build-date "20240903073000")
;; To find the last version, look at https://www.torproject.org/download/.
-(define %torbrowser-version "13.0.16")
+(define %torbrowser-version "13.5.3")
;; To find the last Firefox version, browse
;; https://archive.torproject.org/tor-package-archive/torbrowser/<%torbrowser-version>
;; There should be only one archive that starts with
;; "src-firefox-tor-browser-".
-(define %torbrowser-firefox-version "115.12.0esr-13.0-1-build1")
+(define %torbrowser-firefox-version "115.15.0esr-13.5-1-build3")
+
+;; See tor-browser-build/rbm.conf for the list.
+(define %torbrowser-locales (list "ar" "ca" "cs" "da" "de" "el" "es-ES" "fa" "fi" "fr"
+ "ga-IE" "he" "hu" "id" "is" "it" "ja" "ka" "ko" "lt"
+ "mk" "ms" "my" "nb-NO" "nl" "pl" "pt-BR" "ro" "ru"
+ "sq" "sv-SE" "th" "tr" "uk" "vi" "zh-CN" "zh-TW"))
+
+;; See browser/locales/l10n-changesets.json for the commit.
+(define firefox-locales
+ (let ((commit "d8d587117c7b9dcc6a4fbc38407ed2c831bb008f")
+ (revision "0"))
+ (package
+ (name "firefox-locales")
+ (version (git-version "0.0.0" revision commit))
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/mozilla-l10n/firefox-l10n")
+ (commit commit)))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32
+ "0a2ly29lli02jflqw78zjk7bp7h18fz935cc9csavi0cpdiixjv1"))))
+ (build-system copy-build-system)
+ (home-page "https://github.com/mozilla-l10n/firefox-l10n")
+ (synopsis "Firefox Locales")
+ (description "This package contains localized messages for all
+Firefox locales.")
+ (license license:mpl2.0))))
;; See tor-browser-build/projects/translation/config.
(define torbrowser-translation-base
@@ -168,11 +153,11 @@ (define torbrowser-translation-base
(method git-fetch)
(uri (git-reference
(url "https://gitlab.torproject.org/tpo/translation.git")
- (commit "f28525699864f4e3d764c354130bd898ce5b20aa")))
+ (commit "daed2afc487d1b20efc17feb153156524c6f714b")))
(file-name "translation-base-browser")
(sha256
(base32
- "1vf6nl7fdmlmg2gskf3w1xlsgcm0pxi54z2daz5nwr6q9gyi0lkf"))))
+ "0psmmgw9dnjwdhjbqkd69q5q7sdwyjcwagh93ffrjk0v7ybc79dq"))))
;; See tor-browser-build/projects/translation/config.
(define torbrowser-translation-specific
@@ -180,11 +165,11 @@ (define torbrowser-translation-specific
(method git-fetch)
(uri (git-reference
(url "https://gitlab.torproject.org/tpo/translation.git")
- (commit "b5d79336411e5a59c4861341ef9aa7353e0bcad9")))
+ (commit "6374e3b09c0894b8452fa1ba0b99c807722fc805")))
(file-name "translation-tor-browser")
(sha256
(base32
- "0ahz69pxhgik7ynmdkbnx7v5l2v392i6dswjz057g4hwnd7d34fb"))))
+ "1wd9iwcj2h70bp017pcdhgfiw2bs8zi68kljmpnk69pssd6cn8l3"))))
(define torbrowser-assets
;; This is a prebuilt Torbrowser from which we take the assets we need.
@@ -200,7 +185,7 @@ (define torbrowser-assets
version "/tor-browser-linux-x86_64-" version ".tar.xz"))
(sha256
(base32
- "1kffam66bsaahzx212hw9lb03jwfr24hivzg067iyzilsldpc9c1"))))
+ "0laz6yrm310iidddnas2w1s5wad183n9axjkgrf5cm5paj615343"))))
(arguments
(list
#:install-plan
@@ -215,6 +200,10 @@ (define torbrowser-assets
Browser.")
(license license:silofl1.1)))
+;;; A LLD wrapper that can be used as a (near) drop-in replacement to GNU ld.
+(define lld-as-ld-wrapper-16
+ (make-lld-wrapper lld-16 #:lld-as-ld? #t))
+
(define* (make-torbrowser #:key
moz-app-name
moz-app-remotingname
@@ -238,10 +227,11 @@ (define* (make-torbrowser #:key
".tar.xz"))
(sha256
(base32
- "1b70zyjyai6kk4y1kkl8jvrs56gg7z31kkad6bmdpd8jw4n71grx"))))
+ "13b9ni6anv279drhbb5m95nnmgslrp6frsm0y4028nfqiprs7vj5"))))
(build-system mozilla-build-system)
(inputs
(list go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-lyrebird
+ firefox-locales
tor-client
alsa-lib
bash-minimal ;for wrap-program
@@ -293,8 +283,9 @@ (define* (make-torbrowser #:key
rust
`(,rust "cargo")
rust-cbindgen
- llvm-15
- clang-15
+ lld-as-ld-wrapper-16 ; for cargo rustc
+ llvm-16
+ clang-16
perl
node-lts
python-wrapper
@@ -541,7 +532,7 @@ (define (runpaths-of-input label)
(setenv "MOZBUILD_STATE_PATH"
(in-vicinity (getcwd) ".mozbuild"))
(setenv "MOZ_CHROME_MULTILOCALE"
- (string-join (map car #$locales)))
+ (string-join (list #$@locales)))
;; Make build reproducible.
(setenv "MOZ_BUILD_DATE" #$build-date)))
(add-before 'configure 'mozconfig
@@ -555,14 +546,14 @@ (define (runpaths-of-input label)
;; See tor-browser-build/projects/firefox/build.
(add-before 'configure 'copy-firefox-locales
(lambda _
- (let ((l10ncentral ".mozbuild/l10n-central"))
+ (let ((l10ncentral ".mozbuild/l10n-central")
+ (ff-locales #$(this-package-input "firefox-locales")))
(mkdir-p l10ncentral)
(for-each
(lambda (lang)
- (copy-recursively (cdr lang)
- (in-vicinity l10ncentral
- (car lang))))
- #$locales))))
+ (copy-recursively (string-append ff-locales "/" lang)
+ (in-vicinity l10ncentral lang)))
+ (list #$@locales)))))
(add-after 'copy-firefox-locales 'copy-basebrowser-locales
(lambda _
(let ((l10ncentral ".mozbuild/l10n-central"))
@@ -577,7 +568,7 @@ (define (runpaths-of-input label)
#f (string-join
'("mv"
"translation-base-browser/~a/base-browser.ftl"
- "~a/~a/browser/browser/"))
+ "~a/~a/toolkit/toolkit/global/"))
lang l10ncentral lang))
(system
(format
@@ -586,7 +577,7 @@ (define (runpaths-of-input label)
"translation-base-browser/~a/*"
"~a/~a/browser/chrome/browser/"))
lang l10ncentral lang)))
- (map car #$locales)))))
+ (list #$@locales)))))
(add-after 'copy-basebrowser-locales 'copy-torbrowser-locales
(lambda _
(let ((l10ncentral ".mozbuild/l10n-central"))
@@ -601,7 +592,7 @@ (define (runpaths-of-input label)
#f (string-join
'("mv"
"translation-tor-browser/~a/tor-browser.ftl"
- "~a/~a/browser/browser/"))
+ "~a/~a/toolkit/toolkit/global/"))
lang l10ncentral lang))
(system
(format
@@ -623,7 +614,7 @@ (define (runpaths-of-input label)
(format port " locale/~a/ (chrome/locale/~a/*)~%"
lang lang)
(close port)))
- (map car #$locales)))))
+ (list #$@locales)))))
(replace 'configure
(lambda _
(invoke "./mach" "configure")))
@@ -632,14 +623,6 @@ (define (runpaths-of-input label)
(substitute*
"toolkit/locales/en-US/toolkit/about/aboutAddons.ftl"
(("addons.mozilla.org") "gnuzilla.gnu.org"))))
- (add-before 'build 'add-bridges ;see deploy.sh
- (lambda _
- (let ((port (open-file
- "browser/app/profile/000-tor-browser.js" "a")))
- (display
- "#include ../../../tools/torbrowser/bridges.js" port)
- (newline port)
- (close port))))
(replace 'build
(lambda* (#:key (make-flags '()) (parallel-build? #t)
#:allow-other-keys)
@@ -739,7 +722,7 @@ (define (runpaths-of-input label)
(copy-recursively (in-vicinity #$assets "fontconfig")
(in-vicinity lib "fontconfig"))
(substitute* (in-vicinity lib "fontconfig/fonts.conf")
- (("<dir>fonts</dir>")
+ (("<dir prefix=\"cwd\">fonts</dir>")
(format #f "<dir>~a</dir>" (in-vicinity lib "fonts"))))
(delete-file-recursively (in-vicinity lib "fonts"))
(copy-recursively (in-vicinity #$assets "fonts")
@@ -805,11 +788,7 @@ (define (runpaths-of-input label)
"https://gnuzilla.gnu.org/mozzarella")
(format #t "pref(~s, ~s);~%"
"lightweightThemes.getMoreURL"
- "https://gnuzilla.gnu.org/mozzarella")
- ;; FIXME: https://github.com/NixOS/nixpkgs/issues/307095
- (format #t "pref(~s, ~a);~%"
- "widget.use-xdg-desktop-portal.file-picker"
- "1"))))))
+ "https://gnuzilla.gnu.org/mozzarella"))))))
(add-after 'autoconfig 'autoconfig-tor
(lambda* (#:key inputs #:allow-other-keys)
(let ((lib (in-vicinity #$output "lib/torbrowser"))
--
2.45.2
guix-patches <at> gnu.org:bug#71782; Package guix-patches.
(Thu, 05 Sep 2024 23:20:03 GMT) Full text and rfc822 format available.Message #62 received at 71782 <at> debbugs.gnu.org (full text, mbox):
From: André Batista <nandre <at> riseup.net> To: 71782 <at> debbugs.gnu.org Cc: André Batista <nandre <at> riseup.net>, mhw <at> netris.org, jonathan.brielmaier <at> web.de, ian <at> retrospec.tv Subject: [PATCH v5 4/4] gnu: mullvadbrowser: Update to 13.5.3 [security fixes]. Date: Thu, 5 Sep 2024 20:18:25 -0300
Fixes CVEs 2024-6600, 2024-6601, 2024-6602, 2024-6603, 2024-6604,
2024-7519, 2024-7521, 2024-7522, 2024-7524, 2024-7525, 2024-7526,
2024-7527, 2024-7529, 2024-7531, 2024-8381, 2024-8382, 2024-8383 and
2024-8384.
See the Mozilla Foundation Security advisories
<https://www.mozilla.org/en-US/security/advisories/mfsa2024-30/>,
<https://www.mozilla.org/en-US/security/advisories/mfsa2024-34/> and
<https://www.mozilla.org/en-US/security/advisories/mfsa2024-41/>
for details.
* gnu/packages/mullvad-browsers.scm (mozilla-locale): Remove it.
(mozilla-locales): Likewise.
(firefox-locales): Move to the top.
(%mullvadbrowser-locales): Change it to be a plain list of supported
locales.
(%mullvadbrowser-build-date): Update to 20240903073000.
(%mullvadbrowser-version): Update to 13.5.3.
(%mullvadbrowser-firefox-version): Update to 115.15.0esr-13.5-1-build2.
(mullvadbrowser-translation-base): Update to
daed2afc487d1b20efc17feb153156524c6f714b.
(mullvadbrowser) [arguments] <#:phases>: Adjust copy-torbrowser-locales
replacement accordingly.
Change-Id: I5acf486d5f22da9145827b12b48c6c764daaa9bf
---
gnu/packages/tor-browsers.scm | 98 +++++++++++------------------------
1 file changed, 30 insertions(+), 68 deletions(-)
diff --git a/gnu/packages/tor-browsers.scm b/gnu/packages/tor-browsers.scm
index 180dae6317..7f601737b1 100644
--- a/gnu/packages/tor-browsers.scm
+++ b/gnu/packages/tor-browsers.scm
@@ -90,39 +90,6 @@ (define-module (gnu packages tor-browsers)
#:use-module (ice-9 regex)
#:use-module (guix utils))
-(define (mozilla-locale locale changeset hash-string)
- (origin
- (method hg-fetch)
- (uri (hg-reference
- (url (string-append "https://hg.mozilla.org/l10n-central/"
- locale))
- (changeset changeset)))
- (file-name (string-append "mozilla-locale-" locale))
- (sha256 (base32 hash-string))))
-
-(define-syntax-rule (mozilla-locales (hash-string changeset locale) ...)
- #~(list (cons #$locale #$(mozilla-locale locale changeset hash-string))
- ...))
-
-;; We copy the official build id, which is defined at
-;; tor-browser-build/rbm.conf (browser_release_date).
-(define %torbrowser-build-date "20240903073000")
-
-;; To find the last version, look at https://www.torproject.org/download/.
-(define %torbrowser-version "13.5.3")
-
-;; To find the last Firefox version, browse
-;; https://archive.torproject.org/tor-package-archive/torbrowser/<%torbrowser-version>
-;; There should be only one archive that starts with
-;; "src-firefox-tor-browser-".
-(define %torbrowser-firefox-version "115.15.0esr-13.5-1-build3")
-
-;; See tor-browser-build/rbm.conf for the list.
-(define %torbrowser-locales (list "ar" "ca" "cs" "da" "de" "el" "es-ES" "fa" "fi" "fr"
- "ga-IE" "he" "hu" "id" "is" "it" "ja" "ka" "ko" "lt"
- "mk" "ms" "my" "nb-NO" "nl" "pl" "pt-BR" "ro" "ru"
- "sq" "sv-SE" "th" "tr" "uk" "vi" "zh-CN" "zh-TW"))
-
;; See browser/locales/l10n-changesets.json for the commit.
(define firefox-locales
(let ((commit "d8d587117c7b9dcc6a4fbc38407ed2c831bb008f")
@@ -147,6 +114,25 @@ (define firefox-locales
Firefox locales.")
(license license:mpl2.0))))
+;; We copy the official build id, which is defined at
+;; tor-browser-build/rbm.conf (browser_release_date).
+(define %torbrowser-build-date "20240903073000")
+
+;; To find the last version, look at https://www.torproject.org/download/.
+(define %torbrowser-version "13.5.3")
+
+;; To find the last Firefox version, browse
+;; https://archive.torproject.org/tor-package-archive/torbrowser/<%torbrowser-version>
+;; There should be only one archive that starts with
+;; "src-firefox-tor-browser-".
+(define %torbrowser-firefox-version "115.15.0esr-13.5-1-build3")
+
+;; See tor-browser-build/rbm.conf for the list.
+(define %torbrowser-locales (list "ar" "ca" "cs" "da" "de" "el" "es-ES" "fa" "fi" "fr"
+ "ga-IE" "he" "hu" "id" "is" "it" "ja" "ka" "ko" "lt"
+ "mk" "ms" "my" "nb-NO" "nl" "pl" "pt-BR" "ro" "ru"
+ "sq" "sv-SE" "th" "tr" "uk" "vi" "zh-CN" "zh-TW"))
+
;; See tor-browser-build/projects/translation/config.
(define torbrowser-translation-base
(origin
@@ -832,47 +818,23 @@ (define-public torbrowser
;; See tor-browser-build/rbm.conf for the list.
-;; See browser/locales/l10n-changesets.json for the changeset.
-;; See update-mozilla-locales in gnuzilla.scm to automate updating changeset.
-(define %mullvadbrowser-locales
- (mozilla-locales
- ;; sha256 changeset locale
- ;;---------------------------------------------------------------------------
- ("1218mldjxybhgzdi0myzkwjr2fgnysl71pl847kr7wyn1j8wk3a5" "c25d00080479" "ar")
- ("1kzx94n36c5vv954j7w65djvb37c178zazy25b35l71q2rvhmlhj" "2197a99c9a08" "da")
- ("13h7hk11bbd0yq8gqdv7ndbizkgwlm3ybz225l3x2b5cnyjxyg14" "b7a533e5edc9" "de")
- ("0mdr5b6pqxjmg9c8064x3hpf53h6w9j8ghl32655sx9jh4v3ykza" "beff1baac7c5" "es-ES")
- ("1pnyg09j6r15w8m62lwj89x6rz4br877z60p8s1hlrb9hj2s3vdx" "ebe0b60b0b36" "fa")
- ("067r505626cvlrsalnndf2ykz3nnkiy0b8yaxzf1rracpzmp0hni" "d5ae6a933d71" "fi")
- ("0026zzjv2bqc8sg06yvyd0mhny6mwwvhpvzjrhv2fi5v4wkxapdj" "496c2eb73b82" "fr")
- ("03fbp4vgkwyimfmbm4n8blx1m16yhms2wm8j4wlx2h3cpxp5r71k" "91951e37e2b8" "it")
- ("0ncm531d7ih7phcn9d83zwq0dfphvmzg3gmhqmrrkkbydi1g3pbb" "895dcf8bb524" "ja")
- ("14rc9mr4ngxdzwpjagzhz47jazgp1a6vwb0vbwj31yxv9iwkrgzi" "6ef881aff44b" "ko")
- ("0h7dlnawm5mbcx4qdlz5c7n4axz2dpa677v13ljdgm2b5w76msmq" "5c1480ccc040" "my")
- ("1b12azc1n8j1i2l20v66r74q79zqjvc5sf9pd8rmj3xd0fkxzdp2" "fc1896a0a24d" "nb-NO")
- ("1fh4dhlb6hynlpb2997gssv9v8zk5b7qrw0sclggczb5pcpjk6wc" "7e6da4f01bdb" "nl")
- ("1w8x3jjrd28f6g6ywwxldizpiipfkr63dzqd74kjpg24s2lqzp80" "e86a451a9cb5" "pl")
- ("1v3v4n82sn7a4h2d9n653fmgc31mikacf59lvdj6gbwvzpjb5yfa" "94c3dbb67a5d" "pt-BR")
- ("1fxgh7nfxpg2zknvfff8igq9q1vm5n4q033v7lm2c0xn3dbl8m28" "402b2ecbf04d" "ru")
- ("1nllh3ax323sxwhj7xvwvbfnh4179332pcmpfyybw1vaid3nr39k" "bb2d5d96d69e" "sv-SE")
- ("136m68fd0641k3qqmsw6zp016cvvd0sipsyv6rx2b9nli56agz57" "0e6c56bf2ac9" "th")
- ("0q8p8bwq8an65yfdwzm4dhl6km68r83bv5i17kay2gak8msxxhsb" "91e611ae3f19" "tr")
- ("02ifa94jfii5f166rwdvv8si3bazm4bcf4qhi59c8f1hxbavb52h" "081aeb1aa308" "zh-CN")
- ("0qx9sh56pqc2x5qrh386cp1fi1gidhcmxxpvqkg9nh2jbizahznr" "9015a180602e" "zh-TW")))
+(define %mullvadbrowser-locales (list "ar" "da" "de" "es-ES" "fa" "fi" "fr" "it"
+ "ja" "ko" "my" "nb-NO" "nl" "pl" "pt-BR"
+ "ru" "sv-SE" "th" "tr" "zh-CN" "zh-TW"))
;; We copy the official build id, which can be found there:
;; https://cdn.mullvad.net/browser/update_responses/update_1/release.
-(define %mullvadbrowser-build-date "20240510190000")
+(define %mullvadbrowser-build-date "20240903073000")
;; To find the last version, look at
;; https://mullvad.net/en/download/browser/linux.
-(define %mullvadbrowser-version "13.0.16")
+(define %mullvadbrowser-version "13.5.3")
;; To find the last Firefox version, browse
;; https://archive.torproject.org/tor-package-archive/mullvadbrowser/<%mullvadbrowser-version>
;; There should be only one archive that starts with
;; "src-firefox-mullvad-browser-".
-(define %mullvadbrowser-firefox-version "115.12.0esr-13.0-1-build1")
+(define %mullvadbrowser-firefox-version "115.15.0esr-13.5-1-build2")
;; See tor-browser-build/projects/translation/config.
(define mullvadbrowser-translation-base
@@ -880,11 +842,11 @@ (define mullvadbrowser-translation-base
(method git-fetch)
(uri (git-reference
(url "https://gitlab.torproject.org/tpo/translation.git")
- (commit "f28525699864f4e3d764c354130bd898ce5b20aa")))
+ (commit "daed2afc487d1b20efc17feb153156524c6f714b")))
(file-name "translation-base-browser")
(sha256
(base32
- "1vf6nl7fdmlmg2gskf3w1xlsgcm0pxi54z2daz5nwr6q9gyi0lkf"))))
+ "0psmmgw9dnjwdhjbqkd69q5q7sdwyjcwagh93ffrjk0v7ybc79dq"))))
;; See tor-browser-build/projects/translation/config.
(define mullvadbrowser-translation-specific
@@ -912,7 +874,7 @@ (define mullvadbrowser-assets
version "/mullvad-browser-linux-x86_64-" version ".tar.xz"))
(sha256
(base32
- "1bpchiz12zjyrzpgyk71naf1jdf3msjcjwggb1mziyawc6pyxj7v"))))
+ "17sqin4fnvq96plarv0iv8r801i19gh7v7szg2vrmcynay8qx4mc"))))
(arguments
(list
#:install-plan
@@ -955,7 +917,7 @@ (define-public mullvadbrowser
%mullvadbrowser-firefox-version ".tar.xz"))
(sha256
(base32
- "1xs4qwa3c6nfq6cj5q6asfrzki4brafg65g6hbn0fc9qqcmrhkv5"))))
+ "1c6jjw0x8bjz74q15a7vskrd0ji5ic19mzr9f2laivhznjy0r12c"))))
(arguments
(substitute-keyword-arguments (package-arguments mullvadbrowser-base)
((#:phases phases)
@@ -977,7 +939,7 @@ (define-public mullvadbrowser
(system
(format #f "cp -Lr ~a/~a .mozbuild/l10n-central/"
#$mullvadbrowser-translation-specific lang)))
- (map car #$%mullvadbrowser-locales))))
+ (list #$@%mullvadbrowser-locales))))
(add-before 'build 'fix-profiles
;; Otherwise the profile would change every time the install
;; location changes, that is: at every package update. These
--
2.45.2
guix-patches <at> gnu.org:bug#71782; Package guix-patches.
(Fri, 06 Sep 2024 15:13:01 GMT) Full text and rfc822 format available.Message #65 received at 71782 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: André Batista <nandre <at> riseup.net> Cc: mhw <at> netris.org, jonathan.brielmaier <at> web.de, 71782 <at> debbugs.gnu.org Subject: Re: [PATCH v5 3/4] gnu: torbrowser: Update to 13.5.3 [security fixes]. Date: Fri, 06 Sep 2024 08:05:28 -0700
Hi André,
This all looks good to me. I built and ran both browsers and they
seem to be working how I’d expect.
My only question is around the locale handling -- (gnu packages
gnuzilla) has a setup for these which I was able to reuse for
LibreWolf. Is that possible for mullvad and torbrowser? It would
be nice to have a unified way of handling this, instead of each
browser implementing its own strategy.
That work can follow the merge of this patch series, but I think
it’s worth discussing.
Thanks,
— Ian
André Batista <nandre <at> riseup.net> writes:
> Fixes CVEs 2024-6600, 2024-6601, 2024-6602, 2024-6603,
> 2024-6604,
> 2024-7519, 2024-7521, 2024-7522, 2024-7524, 2024-7525,
> 2024-7526,
> 2024-7527, 2024-7529, 2024-7531, 2024-8381, 2024-8382, 2024-8383
> and
> 2024-8384.
>
> See the Mozilla Foundation Security advisories
> <https://www.mozilla.org/en-US/security/advisories/mfsa2024-30/>,
> <https://www.mozilla.org/en-US/security/advisories/mfsa2024-34/>
> and
> <https://www.mozilla.org/en-US/security/advisories/mfsa2024-41/>
> for details.
>
> * gnu/packages/tor-browsers.scm (%torbrowser-build-date): Update
> to
> 20240903073000.
> (%torbrowser-version): Update to 13.5.3.
> (%torbrowser-firefox-version): Update to
> 115.15.0esr-13.5-1-build3.
> (%torbrowser-locales): Change it to be a plain list of supported
> locales.
> (firefox-locales): New variable.
> (torbrowser-translation-base): Update to
> daed2afc487d1b20efc17feb153156524c6f714b.
> (torbrowser-translation-specific): Update to
> 6374e3b09c0894b8452fa1ba0b99c807722fc805.
> (lld-as-ld-wrapper-16): New variable.
> (make-torbrowser)[native-inputs]: Add lld-as-ld-wrapper-16. Use
> llvm-16 and clang-16.
> [inputs]: Add firefox-locales.
> [arguments] <#:phases>: Remove add-bridges.
> setenv, copy-firefox-locales: Update MOZ_CHROME_MULTILOCALE
> to the
> new %torbrowser-locales format.
> copy-basebrowser-locales, copy-torbrowser-locales: Likewise
> and adjust
> fluent file path.
> deploy-fonts: Adjust regex expression.
> autoconfig: Remove file-picker configuration workaround. See
> #71181.
>
> Change-Id: Idf182607798d9111c30db63fe926b7f8cb3ce300
> ---
> gnu/packages/tor-browsers.scm | 141
> +++++++++++++++-------------------
> 1 file changed, 60 insertions(+), 81 deletions(-)
>
> diff --git a/gnu/packages/tor-browsers.scm
> b/gnu/packages/tor-browsers.scm
> index ba6bbaa873..180dae6317 100644
> --- a/gnu/packages/tor-browsers.scm
> +++ b/gnu/packages/tor-browsers.scm
> @@ -21,7 +21,7 @@
> ;;; Copyright © 2021 Baptiste Strazzul <bstrazzull <at> hotmail.fr>
> ;;; Copyright © 2022 SeerLite <seerlite <at> disroot.org>
> ;;; Copyright © 2024 Aleksandr Vityazev <avityazew <at> gmail.com>
> -;;; Copyright © 2020, 2021 André Batista <nandre <at> riseup.net>
> +;;; Copyright © 2020, 2021, 2024 André Batista
> <nandre <at> riseup.net>
> ;;;
> ;;; This file is part of GNU Guix.
> ;;;
> @@ -104,63 +104,48 @@ (define-syntax-rule (mozilla-locales
> (hash-string changeset locale) ...)
> #~(list (cons #$locale #$(mozilla-locale locale changeset
> hash-string))
> ...))
>
> -;; See tor-browser-build/rbm.conf for the list.
> -;; See browser/locales/l10n-changesets.json for the changeset.
> -;; See update-mozilla-locales in gnuzilla.scm to automate
> updating changeset.
> -(define %torbrowser-locales
> - (mozilla-locales
> - ;; sha256
> changeset locale
> -
> ;;---------------------------------------------------------------------------
> - ("1218mldjxybhgzdi0myzkwjr2fgnysl71pl847kr7wyn1j8wk3a5"
> "c25d00080479" "ar")
> - ("11c96jhfzd3h46qhblhvn2acsn895ykynarai8r5pf0655nfjs0j"
> "2de60e3d6d0c" "ca")
> - ("0yhycgb3s3kydbzy6f2q7f7g2lp975spr092prf9xp8ha62ghby7"
> "609edd15f9a9" "cs")
> - ("1kzx94n36c5vv954j7w65djvb37c178zazy25b35l71q2rvhmlhj"
> "2197a99c9a08" "da")
> - ("13h7hk11bbd0yq8gqdv7ndbizkgwlm3ybz225l3x2b5cnyjxyg14"
> "b7a533e5edc9" "de")
> - ("13ay27vdrqfv2ysyi7c2jmz50lps7rff9rmnws1z7jkj0a5chwrn"
> "20baf15379d8" "el")
> - ("0mdr5b6pqxjmg9c8064x3hpf53h6w9j8ghl32655sx9jh4v3ykza"
> "beff1baac7c5" "es-ES")
> - ("1pnyg09j6r15w8m62lwj89x6rz4br877z60p8s1hlrb9hj2s3vdx"
> "ebe0b60b0b36" "fa")
> - ("067r505626cvlrsalnndf2ykz3nnkiy0b8yaxzf1rracpzmp0hni"
> "d5ae6a933d71" "fi")
> - ("0026zzjv2bqc8sg06yvyd0mhny6mwwvhpvzjrhv2fi5v4wkxapdj"
> "496c2eb73b82" "fr")
> - ("1dxcp26y8siap4k54zsw7mqa7k0l4f1505rdf4hnnxrzf9a643g5"
> "2fcccb5b19b3" "ga-IE")
> - ("14v6xnlyj65hzaz2rmzxcl4skjgm48426jgr9mwkwiqis587lp4a"
> "c53cea027f8f" "he")
> - ("04fdw2gzb64fb51bvs0bwsidzlvkdahmcy76vdg3gfcxslnlpi3y"
> "5a76dd3b5d5c" "hu")
> - ("0bpyxpclfy74bcsjrs1ajh2am4zv6j6j9q4gc4vz8pgvzy9354zp"
> "6e6de17dcac4" "id")
> - ("131ph8n235kr6nj1pszk0m00nh6kl360r4qvx4hjm8s22mw0k8qd"
> "536265635dfe" "is")
> - ("03fbp4vgkwyimfmbm4n8blx1m16yhms2wm8j4wlx2h3cpxp5r71k"
> "91951e37e2b8" "it")
> - ("0ncm531d7ih7phcn9d83zwq0dfphvmzg3gmhqmrrkkbydi1g3pbb"
> "895dcf8bb524" "ja")
> - ("1x3110v730ak522zfm8j3r3v1x5lq3ig82kcgyxkc49xywajy0ni"
> "d0819a64fc40" "ka")
> - ("14rc9mr4ngxdzwpjagzhz47jazgp1a6vwb0vbwj31yxv9iwkrgzi"
> "6ef881aff44b" "ko")
> - ("1gl85z550amhbaxp39zdj6yyvashj9xd4ampfhm9jdpbf6n5j2l8"
> "afcbc29a15e5" "lt")
> - ("1hz5g3iprfkbd88ncppyksbhlws73lhs75nf62hangw8l73wdn69"
> "84f3d6c7e2da" "mk")
> - ("14aq37ngnav5m2kcb4wavxwhp28ad4jzdkzc7i64h0qvvxq5n3hf"
> "c9ec27a5db3d" "ms")
> - ("0h7dlnawm5mbcx4qdlz5c7n4axz2dpa677v13ljdgm2b5w76msmq"
> "5c1480ccc040" "my")
> - ("1b12azc1n8j1i2l20v66r74q79zqjvc5sf9pd8rmj3xd0fkxzdp2"
> "fc1896a0a24d" "nb-NO")
> - ("1fh4dhlb6hynlpb2997gssv9v8zk5b7qrw0sclggczb5pcpjk6wc"
> "7e6da4f01bdb" "nl")
> - ("1w8x3jjrd28f6g6ywwxldizpiipfkr63dzqd74kjpg24s2lqzp80"
> "e86a451a9cb5" "pl")
> - ("1v3v4n82sn7a4h2d9n653fmgc31mikacf59lvdj6gbwvzpjb5yfa"
> "94c3dbb67a5d" "pt-BR")
> - ("061a4z0lffgks3wlr6yh5z7x9arcn804mjwvffcmibs106vzamyq"
> "470b13b5805b" "ro")
> - ("1fxgh7nfxpg2zknvfff8igq9q1vm5n4q033v7lm2c0xn3dbl8m28"
> "402b2ecbf04d" "ru")
> - ("1i119g6dnhzxmpaz5r2jr9yzm1v24v2q6m3z6bfz2yihj0w7m133"
> "f637484e72b6" "sq")
> - ("1nllh3ax323sxwhj7xvwvbfnh4179332pcmpfyybw1vaid3nr39k"
> "bb2d5d96d69e" "sv-SE")
> - ("136m68fd0641k3qqmsw6zp016cvvd0sipsyv6rx2b9nli56agz57"
> "0e6c56bf2ac9" "th")
> - ("0q8p8bwq8an65yfdwzm4dhl6km68r83bv5i17kay2gak8msxxhsb"
> "91e611ae3f19" "tr")
> - ("1f2g7rnxpr2gjzngfsv19g11vk9zqpyrv01pz07mw2z3ffbkxf0j"
> "99d5ffa0b81e" "uk")
> - ("1rizwsfgr7vxm31bin3i7bwhcqa67wcylak3xa387dvgf1y9057i"
> "5fd44724e22d" "vi")
> - ("02ifa94jfii5f166rwdvv8si3bazm4bcf4qhi59c8f1hxbavb52h"
> "081aeb1aa308" "zh-CN")
> - ("0qx9sh56pqc2x5qrh386cp1fi1gidhcmxxpvqkg9nh2jbizahznr"
> "9015a180602e" "zh-TW")))
> -
> ;; We copy the official build id, which is defined at
> ;; tor-browser-build/rbm.conf (browser_release_date).
> -(define %torbrowser-build-date "20240510190000")
> +(define %torbrowser-build-date "20240903073000")
>
> ;; To find the last version, look at
> https://www.torproject.org/download/.
> -(define %torbrowser-version "13.0.16")
> +(define %torbrowser-version "13.5.3")
>
> ;; To find the last Firefox version, browse
> ;;
> https://archive.torproject.org/tor-package-archive/torbrowser/<%torbrowser-version>
> ;; There should be only one archive that starts with
> ;; "src-firefox-tor-browser-".
> -(define %torbrowser-firefox-version
> "115.12.0esr-13.0-1-build1")
> +(define %torbrowser-firefox-version
> "115.15.0esr-13.5-1-build3")
> +
> +;; See tor-browser-build/rbm.conf for the list.
> +(define %torbrowser-locales (list "ar" "ca" "cs" "da" "de" "el"
> "es-ES" "fa" "fi" "fr"
> + "ga-IE" "he" "hu" "id" "is"
> "it" "ja" "ka" "ko" "lt"
> + "mk" "ms" "my" "nb-NO" "nl"
> "pl" "pt-BR" "ro" "ru"
> + "sq" "sv-SE" "th" "tr" "uk"
> "vi" "zh-CN" "zh-TW"))
> +
> +;; See browser/locales/l10n-changesets.json for the commit.
> +(define firefox-locales
> + (let ((commit "d8d587117c7b9dcc6a4fbc38407ed2c831bb008f")
> + (revision "0"))
> + (package
> + (name "firefox-locales")
> + (version (git-version "0.0.0" revision commit))
> + (source
> + (origin
> + (method git-fetch)
> + (uri (git-reference
> + (url
> "https://github.com/mozilla-l10n/firefox-l10n")
> + (commit commit)))
> + (file-name (git-file-name name version))
> + (sha256
> + (base32
> +
> "0a2ly29lli02jflqw78zjk7bp7h18fz935cc9csavi0cpdiixjv1"))))
> + (build-system copy-build-system)
> + (home-page
> "https://github.com/mozilla-l10n/firefox-l10n")
> + (synopsis "Firefox Locales")
> + (description "This package contains localized messages
> for all
> +Firefox locales.")
> + (license license:mpl2.0))))
>
> ;; See tor-browser-build/projects/translation/config.
> (define torbrowser-translation-base
> @@ -168,11 +153,11 @@ (define torbrowser-translation-base
> (method git-fetch)
> (uri (git-reference
> (url
> "https://gitlab.torproject.org/tpo/translation.git")
> - (commit "f28525699864f4e3d764c354130bd898ce5b20aa")))
> + (commit "daed2afc487d1b20efc17feb153156524c6f714b")))
> (file-name "translation-base-browser")
> (sha256
> (base32
> -
> "1vf6nl7fdmlmg2gskf3w1xlsgcm0pxi54z2daz5nwr6q9gyi0lkf"))))
> +
> "0psmmgw9dnjwdhjbqkd69q5q7sdwyjcwagh93ffrjk0v7ybc79dq"))))
>
> ;; See tor-browser-build/projects/translation/config.
> (define torbrowser-translation-specific
> @@ -180,11 +165,11 @@ (define torbrowser-translation-specific
> (method git-fetch)
> (uri (git-reference
> (url
> "https://gitlab.torproject.org/tpo/translation.git")
> - (commit "b5d79336411e5a59c4861341ef9aa7353e0bcad9")))
> + (commit "6374e3b09c0894b8452fa1ba0b99c807722fc805")))
> (file-name "translation-tor-browser")
> (sha256
> (base32
> -
> "0ahz69pxhgik7ynmdkbnx7v5l2v392i6dswjz057g4hwnd7d34fb"))))
> +
> "1wd9iwcj2h70bp017pcdhgfiw2bs8zi68kljmpnk69pssd6cn8l3"))))
>
> (define torbrowser-assets
> ;; This is a prebuilt Torbrowser from which we take the
> assets we need.
> @@ -200,7 +185,7 @@ (define torbrowser-assets
> version "/tor-browser-linux-x86_64-" version
> ".tar.xz"))
> (sha256
> (base32
> -
> "1kffam66bsaahzx212hw9lb03jwfr24hivzg067iyzilsldpc9c1"))))
> +
> "0laz6yrm310iidddnas2w1s5wad183n9axjkgrf5cm5paj615343"))))
> (arguments
> (list
> #:install-plan
> @@ -215,6 +200,10 @@ (define torbrowser-assets
> Browser.")
> (license license:silofl1.1)))
>
> +;;; A LLD wrapper that can be used as a (near) drop-in
> replacement to GNU ld.
> +(define lld-as-ld-wrapper-16
> + (make-lld-wrapper lld-16 #:lld-as-ld? #t))
> +
> (define* (make-torbrowser #:key
> moz-app-name
> moz-app-remotingname
> @@ -238,10 +227,11 @@ (define* (make-torbrowser #:key
> ".tar.xz"))
> (sha256
> (base32
> -
> "1b70zyjyai6kk4y1kkl8jvrs56gg7z31kkad6bmdpd8jw4n71grx"))))
> +
> "13b9ni6anv279drhbb5m95nnmgslrp6frsm0y4028nfqiprs7vj5"))))
> (build-system mozilla-build-system)
> (inputs
> (list
> go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-lyrebird
> + firefox-locales
> tor-client
> alsa-lib
> bash-minimal ;for wrap-program
> @@ -293,8 +283,9 @@ (define* (make-torbrowser #:key
> rust
> `(,rust "cargo")
> rust-cbindgen
> - llvm-15
> - clang-15
> + lld-as-ld-wrapper-16 ; for cargo rustc
> + llvm-16
> + clang-16
> perl
> node-lts
> python-wrapper
> @@ -541,7 +532,7 @@ (define (runpaths-of-input label)
> (setenv "MOZBUILD_STATE_PATH"
> (in-vicinity (getcwd) ".mozbuild"))
> (setenv "MOZ_CHROME_MULTILOCALE"
> - (string-join (map car #$locales)))
> + (string-join (list #$@locales)))
> ;; Make build reproducible.
> (setenv "MOZ_BUILD_DATE" #$build-date)))
> (add-before 'configure 'mozconfig
> @@ -555,14 +546,14 @@ (define (runpaths-of-input label)
> ;; See tor-browser-build/projects/firefox/build.
> (add-before 'configure 'copy-firefox-locales
> (lambda _
> - (let ((l10ncentral ".mozbuild/l10n-central"))
> + (let ((l10ncentral ".mozbuild/l10n-central")
> + (ff-locales #$(this-package-input
> "firefox-locales")))
> (mkdir-p l10ncentral)
> (for-each
> (lambda (lang)
> - (copy-recursively (cdr lang)
> - (in-vicinity l10ncentral
> - (car lang))))
> - #$locales))))
> + (copy-recursively (string-append ff-locales
> "/" lang)
> + (in-vicinity l10ncentral
> lang)))
> + (list #$@locales)))))
> (add-after 'copy-firefox-locales
> 'copy-basebrowser-locales
> (lambda _
> (let ((l10ncentral ".mozbuild/l10n-central"))
> @@ -577,7 +568,7 @@ (define (runpaths-of-input label)
> #f (string-join
> '("mv"
> "translation-base-browser/~a/base-browser.ftl"
> - "~a/~a/browser/browser/"))
> + "~a/~a/toolkit/toolkit/global/"))
> lang l10ncentral lang))
> (system
> (format
> @@ -586,7 +577,7 @@ (define (runpaths-of-input label)
> "translation-base-browser/~a/*"
> "~a/~a/browser/chrome/browser/"))
> lang l10ncentral lang)))
> - (map car #$locales)))))
> + (list #$@locales)))))
> (add-after 'copy-basebrowser-locales
> 'copy-torbrowser-locales
> (lambda _
> (let ((l10ncentral ".mozbuild/l10n-central"))
> @@ -601,7 +592,7 @@ (define (runpaths-of-input label)
> #f (string-join
> '("mv"
> "translation-tor-browser/~a/tor-browser.ftl"
> - "~a/~a/browser/browser/"))
> + "~a/~a/toolkit/toolkit/global/"))
> lang l10ncentral lang))
> (system
> (format
> @@ -623,7 +614,7 @@ (define (runpaths-of-input label)
> (format port " locale/~a/
> (chrome/locale/~a/*)~%"
> lang lang)
> (close port)))
> - (map car #$locales)))))
> + (list #$@locales)))))
> (replace 'configure
> (lambda _
> (invoke "./mach" "configure")))
> @@ -632,14 +623,6 @@ (define (runpaths-of-input label)
> (substitute*
> "toolkit/locales/en-US/toolkit/about/aboutAddons.ftl"
> (("addons.mozilla.org") "gnuzilla.gnu.org"))))
> - (add-before 'build 'add-bridges ;see deploy.sh
> - (lambda _
> - (let ((port (open-file
> -
> "browser/app/profile/000-tor-browser.js" "a")))
> - (display
> - "#include
> ../../../tools/torbrowser/bridges.js" port)
> - (newline port)
> - (close port))))
> (replace 'build
> (lambda* (#:key (make-flags '()) (parallel-build?
> #t)
> #:allow-other-keys)
> @@ -739,7 +722,7 @@ (define (runpaths-of-input label)
> (copy-recursively (in-vicinity #$assets
> "fontconfig")
> (in-vicinity lib
> "fontconfig"))
> (substitute* (in-vicinity lib
> "fontconfig/fonts.conf")
> - (("<dir>fonts</dir>")
> + (("<dir prefix=\"cwd\">fonts</dir>")
> (format #f "<dir>~a</dir>" (in-vicinity lib
> "fonts"))))
> (delete-file-recursively (in-vicinity lib
> "fonts"))
> (copy-recursively (in-vicinity #$assets
> "fonts")
> @@ -805,11 +788,7 @@ (define (runpaths-of-input label)
> "https://gnuzilla.gnu.org/mozzarella")
> (format #t "pref(~s, ~s);~%"
> "lightweightThemes.getMoreURL"
> -
> "https://gnuzilla.gnu.org/mozzarella")
> - ;; FIXME:
> https://github.com/NixOS/nixpkgs/issues/307095
> - (format #t "pref(~s, ~a);~%"
> -
> "widget.use-xdg-desktop-portal.file-picker"
> - "1"))))))
> +
> "https://gnuzilla.gnu.org/mozzarella"))))))
> (add-after 'autoconfig 'autoconfig-tor
> (lambda* (#:key inputs #:allow-other-keys)
> (let ((lib (in-vicinity #$output
> "lib/torbrowser"))
guix-patches <at> gnu.org:bug#71782; Package guix-patches.
(Sat, 07 Sep 2024 15:37:02 GMT) Full text and rfc822 format available.Message #68 received at 71782 <at> debbugs.gnu.org (full text, mbox):
From: André Batista <nandre <at> riseup.net> To: Ian Eure <ian <at> retrospec.tv> Cc: mhw <at> netris.org, jonathan.brielmaier <at> web.de, 71782 <at> debbugs.gnu.org Subject: Re: [PATCH v5 3/4] gnu: torbrowser: Update to 13.5.3 [security fixes]. Date: Sat, 7 Sep 2024 12:36:21 -0300
Hi Ian, sex 06 set 2024 às 08:05:28 (1725620728), ian <at> retrospec.tv enviou: > > This all looks good to me. I built and ran both browsers and they seem to > be working how I’d expect. Great, thanks! > My only question is around the locale handling -- (gnu packages gnuzilla) > has a setup for these which I was able to reuse for LibreWolf. Is that > possible for mullvad and torbrowser? It would be nice to have a unified way > of handling this, instead of each browser implementing its own strategy. > I'm not sure I understand why you think this to be desirable, could you elaborate? I'm also not sure if this is possible (without incuring in glitches) and in my opinion this is not desirable for both torbrowser and mullvad because: I. Both these browsers have modified pristine firefox in a number of non-trivial ways. Eg.: if you go to about:preferences you will see that there are various user settings which are specific to this browsers or even when you first launch torbrowser the connection settings page is unknown to firefox. I believe that's the reason why these browsers do not support 'all-mozilla-locales', but just a subset which has been worked upon by the torproject. II. In order to avoid guix users having a different fingerprint, we try to be as close as possible to what upstream does. I'm not sure if locale version could be somehow infered from the network, but I guess using the same version is the safest bet; III. Currently on guix master, these browsers are using code copied from gnuzilla.scm, but with a subset of locales and different changesets that are based on torproject settings. However, torproject has moved from mercurial to the unified github firefox locales[1] which has immensily simplified the work required to update the changesets (now actually commits) and all locales supported on those browsers now have only one commit, instead of various changesets on single locale repos; IV. Moreover, I believe mozilla itself is on the way of deprecating mercurial l10n-central in favor of firefox-locales git repo, since this is where all work has been happening[2], while l10n-central has stopped at 2024-07-10[2]. So probably in a not so distant future gnuzilla will have to move on to that as well. So I stand by the changes proposed on this patch series, at least as things stand. Thanks! 1. https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/55ad6ca216c086fb297af456ed0606ab88c1acdc 2. https://github.com/mozilla-l10n/firefox-l10n 3. https://hg.mozilla.org/l10n-central/
guix-patches <at> gnu.org:bug#71782; Package guix-patches.
(Sun, 08 Sep 2024 04:05:01 GMT) Full text and rfc822 format available.Message #71 received at 71782 <at> debbugs.gnu.org (full text, mbox):
From: Ian Eure <ian <at> retrospec.tv> To: André Batista <nandre <at> riseup.net> Cc: mhw <at> netris.org, jonathan.brielmaier <at> web.de, 71782 <at> debbugs.gnu.org Subject: Re: [PATCH v5 3/4] gnu: torbrowser: Update to 13.5.3 [security fixes]. Date: Sat, 07 Sep 2024 20:54:39 -0700
Hi André, André Batista <nandre <at> riseup.net> writes: > Hi Ian, > > sex 06 set 2024 às 08:05:28 (1725620728), ian <at> retrospec.tv > enviou: >> >> This all looks good to me. I built and ran both browsers and >> they seem to >> be working how I’d expect. > > Great, thanks! > >> My only question is around the locale handling -- (gnu packages >> gnuzilla) >> has a setup for these which I was able to reuse for LibreWolf. >> Is that >> possible for mullvad and torbrowser? It would be nice to have >> a unified way >> of handling this, instead of each browser implementing its own >> strategy. >> > > I'm not sure I understand why you think this to be desirable, > could you > elaborate? > There’s a lot of duplication between the Firefox-derived browsers in Guix, and I think it would be good to reduce it where it makes sense. Because the locales are a separate package used as an input, this seems like a part of them which could be handled in a uniform way, to the benefit of all (assuming they use the same locale data). > I'm also not sure if this is possible (without incuring in > glitches) and > in my opinion this is not desirable for both torbrowser and > mullvad > because: > > I. Both these browsers have modified pristine firefox in a > number of > non-trivial ways. Eg.: if you go to about:preferences you will > see that > there are various user settings which are specific to this > browsers or > even when you first launch torbrowser the connection settings > page is > unknown to firefox. I believe that's the reason why these > browsers do > not support 'all-mozilla-locales', but just a subset which has > been > worked upon by the torproject. > I see, now that I read the patch more closely, it looks like the upstream locale data wasn’t being used, despite reusing the `mozilla-locale' code from Gnuzilla. > II. In order to avoid guix users having a different fingerprint, > we try > to be as close as possible to what upstream does. I'm not sure > if locale > version could be somehow infered from the network, but I guess > using the > same version is the safest bet; > > III. Currently on guix master, these browsers are using code > copied from > gnuzilla.scm, but with a subset of locales and different > changesets > that are based on torproject settings. However, torproject has > moved > from mercurial to the unified github firefox locales[1] which > has > immensily simplified the work required to update the changesets > (now > actually commits) and all locales supported on those browsers > now have > only one commit, instead of various changesets on single locale > repos; > This makes sense to me with the additonal context. > IV. Moreover, I believe mozilla itself is on the way of > deprecating > mercurial l10n-central in favor of firefox-locales git repo, > since > this is where all work has been happening[2], while l10n-central > has > stopped at 2024-07-10[2]. So probably in a not so distant future > gnuzilla will have to move on to that as well. > I wasn’t aware of this, but that’s great news, as it’ll make reproducible builds much easier. Thank you for letting me know. > So I stand by the changes proposed on this patch series, at > least as > things stand. > Makes sense. I’m still in favor of merging them. Thank you for taking the time to explain. Thanks, — Ian
Ludovic Courtès <ludo <at> gnu.org>:André Batista <nandre <at> riseup.net>:Message #76 received at 71782-done <at> debbugs.gnu.org (full text, mbox):
From: Ludovic Courtès <ludo <at> gnu.org> To: Ian Eure <ian <at> retrospec.tv> Cc: André Batista <nandre <at> riseup.net>, mhw <at> netris.org, 71782-done <at> debbugs.gnu.org, jonathan.brielmaier <at> web.de Subject: Re: [bug#71782] [PATCH v5 3/4] gnu: torbrowser: Update to 13.5.3 [security fixes]. Date: Mon, 30 Sep 2024 22:32:54 +0200
Hello, Ian Eure <ian <at> retrospec.tv> skribis: > This all looks good to me. I built and ran both browsers and they > seem to be working how I’d expect. Based on your feedback I applied v5 of this patch series. Thanks to the two of you! BTW, one of you might want to consider applying for commit rights to speed up the process of applying patches in your scope. Mark H Weaver does have commit rights but he tends to pay less attention to email. Thanks, Ludo’.
Debbugs Internal Request <help-debbugs <at> gnu.org>
to internal_control <at> debbugs.gnu.org.
(Tue, 29 Oct 2024 11:24:12 GMT) Full text and rfc822 format available.
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.