Ian Eure <ian@HIDDEN>
to control <at> debbugs.gnu.org
.
Full text available.Received: (at 78249) by debbugs.gnu.org; 15 May 2025 14:16:33 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Thu May 15 10:16:33 2025 Received: from localhost ([127.0.0.1]:54768 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1uFZNw-0003hl-M7 for submit <at> debbugs.gnu.org; Thu, 15 May 2025 10:16:33 -0400 Received: from fhigh-b3-smtp.messagingengine.com ([202.12.124.154]:37633) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from <ian@HIDDEN>) id 1uFZNc-0003gZ-TY for 78249 <at> debbugs.gnu.org; Thu, 15 May 2025 10:16:13 -0400 Received: from phl-compute-09.internal (phl-compute-09.phl.internal [10.202.2.49]) by mailfhigh.stl.internal (Postfix) with ESMTP id 5EC5425400E7; Thu, 15 May 2025 10:16:07 -0400 (EDT) Received: from phl-mailfrontend-01 ([10.202.2.162]) by phl-compute-09.internal (MEProxy); Thu, 15 May 2025 10:16:07 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=retrospec.tv; h= cc:cc:content-transfer-encoding:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to; s=fm2; t=1747318567; x= 1747404967; bh=uNZpeLIiKUKup4o08XEoA4RHUcRL+wp0x2RERJMcj5k=; b=f HaWUqc/NOIV2dqd5cX3EyaXpZWdDixJ5lEjOPUMuSZmumJG0pWSgkymiZ7g2kwaQ C2/vyhJB4DfUuNvv9EP3QRyZ9quIGwenr2BVxt7Qrow1auF9KbVopA7a3k4ikK72 ym47QOR4H+1th+gibgehpwTgOeKK5J/9o6plB+StXBeqvtrDlH0S32m6hZDlAD2U PSK53EYnShkJETnYf6y1TvFisyUflIJWAKQ7+YZYhX6v2yAdZDjsFXhardNO5iMN hM4z2GAdpSupW2h9Cg2DTobgbHKamcZYh0m70Lp3QEMiV/42lAHWvAlo7EYNddrR iQivn8P7MnO198vwT8/iA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm3; t=1747318567; x=1747404967; bh=u NZpeLIiKUKup4o08XEoA4RHUcRL+wp0x2RERJMcj5k=; b=VMHBIi3e3GsWvVdx6 XP0b2qbY7CT2+zPjDrLCMLSZsBWtJ/jGEnpSuCVqSc85tevZzfo4/g6dP5Y5x4oG AY4bWBHKNR/5pP6yubQxJIQ+nVCXUUcOSK7AkxGuz0HBXHXr/bQgixmY4t158e/m rtxi8WOX8gHI53WSNp9mNVJoQG8IzKmA6ZMNeMmzSTLqNSruEScJy7lrvsB0owLs SswZY8IGyi/77N/X8UoMufY9krfixP1A3gwv/42nJWB3PtZAHElfkGdELsro57XR a4q/DJa+Hg4UhJjmKvvA5nQyzGYGwcfd+I0eAu4YQ7Eb7Cg2H3uUiaGbG9VvMsQz a3aRg== X-ME-Sender: <xms:J_claMpDnQfzBPJZCSpaYdwZ_mCJCS8ExtPrsmXGnshT4t683yHlow> <xme:J_claCp1C3uRN5IR5Mm57RCp5RNe5quVOBansTH1YYIVsqHi4pn8cMxiw15EpawQb EXHUe2-7YS7gIGzVw> X-ME-Received: <xmr:J_claBP3PBWv2pCb06QHRaHepxtx7MmfESZKm-Nx_s6x_BIYRDHB5Arh4m07JASZ337q5FYgWhCPQkjc3eorV_6l-KP5U0xlM_8RJ7tq1mbr> X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeefvddrtddtgdefuddttdekucetufdoteggodetrf dotffvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdggtfgfnhhsuhgsshgtrhhisggv pdfurfetoffkrfgpnffqhgenuceurghilhhouhhtmecufedttdenucenucfjughrpefhvf evufffkffojghfggfgsedtkeertdertddtnecuhfhrohhmpefkrghnucfguhhrvgcuoehi rghnsehrvghtrhhoshhpvggtrdhtvheqnecuggftrfgrthhtvghrnhepveevjeffuddvte eiueetgfeukedvfeeiuedvveelfeeghfduleeftedvgfefgeejnecuvehluhhsthgvrhfu ihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhepihgrnhesrhgvthhrohhsphgvtg drthhvpdhnsggprhgtphhtthhopedvpdhmohguvgepshhmthhpohhuthdprhgtphhtthho peejkedvgeelseguvggssghughhsrdhgnhhurdhorhhgpdhrtghpthhtohepihgrnhesrh gvthhrohhsphgvtgdrthhv X-ME-Proxy: <xmx:J_claD6xV1WjfVPSqyW6M0OeTCrVsIEEuiE1FphNXi0_l_pNvX0ilA> <xmx:J_claL7v_4QcbBxPoH29AOlbyLZvkFT1Q1WJdgg9NHecnSgLAfX79w> <xmx:J_claDhkbNpn3gezsbmqyWg1OLkaOojcB573MF7krkGQUo1Qwjm9kQ> <xmx:J_claF6NbsiNvkSRXlpmuXUpZMqBErb1XE6y2uXDiMmsEiRX552CdA> <xmx:J_claJ6fjeLd1fu0Z9v7Bx21UMQyHOYyTQxRYFDNU6_cLIzJXN_cg2DZ> Feedback-ID: id9014242:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Thu, 15 May 2025 10:16:06 -0400 (EDT) From: Ian Eure <ian@HIDDEN> To: 78249 <at> debbugs.gnu.org Subject: [PATCH v5 3/3] gnu: librewolf: Update to 138.0.3-1 [security fixes]. Date: Thu, 15 May 2025 07:16:00 -0700 Message-ID: <20250515141600.4759-3-ian@HIDDEN> X-Mailer: git-send-email 2.49.0 In-Reply-To: <20250515141600.4759-1-ian@HIDDEN> References: <20250515141600.4759-1-ian@HIDDEN> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 78249 Cc: Ian Eure <ian@HIDDEN> X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.7 (-) Contains fixes for: CVE-2025-2817: Privilege escalation in Firefox Updater CVE-2025-4082: WebGL shader attribute memory corruption in Firefox for macOS CVE-2025-4083: Process isolation bypass using "javascript:" URI links in cross-origin frames CVE-2025-4085: Potential information leakage and privilege escalation in UITour actor CVE-2025-4086: Specially crafted filename could be used to obscure download type CVE-2025-4087: Unsafe attribute access during XPath parsing CVE-2025-4088: Cross-site request forgery via storage access API redirects CVE-2025-4089: Potential local code execution in "copy as cURL" command CVE-2025-4090: Leaked library paths in Firefox for Android CVE-2025-4091: Memory safety bugs fixed in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10 CVE-2025-4092: Memory safety bugs fixed in Firefox 138 and Thunderbird 138 * gnu/packages/librewolf.scm (librewolf): Update to 138.0.3-1. * gnu/packages/patches/librewolf-compare-paths.patch: New file. Change-Id: I2cc11b758dbc77f7ec3451faa89918b08c890729 --- gnu/packages/librewolf.scm | 14 +++++++------- .../patches/librewolf-compare-paths.patch | 15 +++++++++++++++ 2 files changed, 22 insertions(+), 7 deletions(-) create mode 100644 gnu/packages/patches/librewolf-compare-paths.patch diff --git a/gnu/packages/librewolf.scm b/gnu/packages/librewolf.scm index bcacbf8dd15..063a89420fe 100644 --- a/gnu/packages/librewolf.scm +++ b/gnu/packages/librewolf.scm @@ -191,7 +191,7 @@ (define* (make-librewolf-source #:key version firefox-hash librewolf-hash l10n) #$output))))) (patches (search-patches - "torbrowser-compare-paths.patch" + "librewolf-compare-paths.patch" "librewolf-use-system-wide-dir.patch" "librewolf-add-store-to-rdd-allowlist.patch"))))) @@ -207,17 +207,17 @@ (define rust-librewolf rust-1.82) ;; Update this id with every update to its release date. ;; It's used for cache validation and therefore can lead to strange bugs. ;; ex: date '+%Y%m%d%H%M%S' -(define %librewolf-build-id "20250416062358") +(define %librewolf-build-id "20250502155055") (define-public librewolf (package (name "librewolf") - (version "137.0.2-1") + (version "138.0.3-1") (source (make-librewolf-source #:version version - #:firefox-hash "01yd5cq6qgww6w2kq1bchy9j81blim15kdz7bvx8n512m2x3mz06" - #:librewolf-hash "0vy1xvjwgc4vd9q3laakx6lrsy4ghpdr98vm9lmx86amg9gak5ix" + #:firefox-hash "1r0kam26cz5rz39n6zcc2hrbav6dxlfrsa0qhhfjlnv33ns3lzx2" + #:librewolf-hash "1bf9sa5radjr7g6ng7kqy2ss13c0q6vkq9dfzj5y998ifxw19s4c" #:l10n firefox-l10n)) (build-system gnu-build-system) (arguments @@ -639,7 +639,7 @@ (define (runpaths-of-input label) libxt mesa mit-krb5 - nspr + nspr-4.36 nss-rapid pango pciutils @@ -665,7 +665,7 @@ (define (runpaths-of-input label) pkg-config python rust-librewolf - rust-cbindgen-0.26 + rust-cbindgen-0.28 which yasm)) (native-search-paths diff --git a/gnu/packages/patches/librewolf-compare-paths.patch b/gnu/packages/patches/librewolf-compare-paths.patch new file mode 100644 index 00000000000..8e880bf3908 --- /dev/null +++ b/gnu/packages/patches/librewolf-compare-paths.patch @@ -0,0 +1,15 @@ +See comment in gnu/build/icecat-extension.scm. +This is only needed while icecat and torbrowser remain on +different ESR versions as the patched file has changed its +name. + +--- a/toolkit/mozapps/extensions/internal/XPIDatabase.sys.mjs ++++ b/toolkit/mozapps/extensions/internal/XPIDatabase.sys.mjs +@@ -3753,6 +3753,7 @@ + if ( + newAddon || + oldAddon.updateDate != xpiState.mtime || ++ oldAddon.path != xpiState.path || + (aUpdateCompatibility && this.isAppBundledLocation(installLocation)) || + // update addon metadata if the addon in bundled into + // the omni jar and version or the resource URI pointing -- 2.49.0
guix-patches@HIDDEN
:bug#78249
; Package guix-patches
.
Full text available.Received: (at 78249) by debbugs.gnu.org; 15 May 2025 14:16:21 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Thu May 15 10:16:21 2025 Received: from localhost ([127.0.0.1]:54766 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1uFZNk-0003hF-TH for submit <at> debbugs.gnu.org; Thu, 15 May 2025 10:16:21 -0400 Received: from fout-b5-smtp.messagingengine.com ([202.12.124.148]:41385) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from <ian@HIDDEN>) id 1uFZNc-0003gX-0G for 78249 <at> debbugs.gnu.org; Thu, 15 May 2025 10:16:13 -0400 Received: from phl-compute-09.internal (phl-compute-09.phl.internal [10.202.2.49]) by mailfout.stl.internal (Postfix) with ESMTP id 40BDB1140163; Thu, 15 May 2025 10:16:06 -0400 (EDT) Received: from phl-mailfrontend-01 ([10.202.2.162]) by phl-compute-09.internal (MEProxy); Thu, 15 May 2025 10:16:06 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=retrospec.tv; h= cc:cc:content-transfer-encoding:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to; s=fm2; t=1747318566; x= 1747404966; bh=7u0av8IJDVDlm2tYtLJIaDV/yYqYO8uQSMaWwKsaycY=; b=K dwiPNenQhjjK04d22rSD0DO45ulhWppUBnS+NsRsc5toHqmryIH42qSkjZ2QJBSr S6PU3pxC5o30LIT1fHRiSziWQw9y4u8IbRgqTxc+FydBVtPYtgf+1Aq9gpQ6vhkr xf2OiUfuvBOtFb/3Nu94VWDl+efaiIhSy3dJ74tHGnciNQ4Egh3AQwlCTAydb51g awonuZsd8D63nfXoI6c4B3bFapcvEaIgLm1ld2jnwjeiHRo7EKNzYMnIVXnwpvwt l4hIA9xVHNHbGfaKKDqWOjLg3QceWpY4kQfjtSc0DwaercBY/mBj4wPJxh11fgEV YnSVVRUwwVBj3SojotyKw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm3; t=1747318566; x=1747404966; bh=7 u0av8IJDVDlm2tYtLJIaDV/yYqYO8uQSMaWwKsaycY=; b=XDhtF6i3yTMGsiBip EuznkrpLG9YxqrppwMp58o7SNLPL6fxwDVA7BSKBrrW6BpaDUiZpy1SoIuE76IyN 5NcLT2+kO6inEaEFWYmFguuRPVjSu/qmIVv7VRtXlPD8wjk3obUDyXTWsMh5wtG/ JI5SlhH8gT4grZucpR/TA10sq7kT7AsN6uCovJkBOkhbWjpLSwG7NkPzLVocd5Ll uJipG5pOk9ELbFJKGT3GJ9Cxs8m42z0+9vsFl+x9VVJvgufM8DW1bEaOuJbRWWuD sj01kIIvWyipGZIstccNEeTumlvUQDsHMQg/TuqSOTrKlAKY6trxn9RoB7NIyXTs cZhaw== X-ME-Sender: <xms:JfclaNm0ycVuuUXXp4btTFPejfGBDlA8NC4ApjcfAK2gMz2yDaWggQ> <xme:JfclaI0SX50zhQRvUlKjykyZPOFU9GTxShjYu74BzFPxEmHIP4kotR4MLhOSHEFop 0QVmdziWA4xbodnWg> X-ME-Received: <xmr:JfclaDrsgcMFQROcn--5J4y1zhtvRPPOpM23aAItALfVO8ES5Mob9JHadZ6Js9oAzC_DHEo0MKC0uAMubkuRrnkth7Xfeqw55Pjsfc-sywQU> X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeefvddrtddtgdefuddttdekucetufdoteggodetrf dotffvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdggtfgfnhhsuhgsshgtrhhisggv pdfurfetoffkrfgpnffqhgenuceurghilhhouhhtmecufedttdenucenucfjughrpefhvf evufffkffojghfggfgsedtkeertdertddtnecuhfhrohhmpefkrghnucfguhhrvgcuoehi rghnsehrvghtrhhoshhpvggtrdhtvheqnecuggftrfgrthhtvghrnhepvdfgveffvdekle dttdetjeektdevteegfefhvdefhfffffejudetkeduieekudelnecuffhomhgrihhnpegs rggushhslhdrtghomhdpmhhoiihilhhlrgdrohhrghenucevlhhushhtvghrufhiiigvpe dtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehirghnsehrvghtrhhoshhpvggtrdhtvhdp nhgspghrtghpthhtohepvddpmhhouggvpehsmhhtphhouhhtpdhrtghpthhtohepjeekvd egleesuggvsggsuhhgshdrghhnuhdrohhrghdprhgtphhtthhopehirghnsehrvghtrhho shhpvggtrdhtvh X-ME-Proxy: <xmx:JvclaNkc6U6XvHofHDDYHKGDGpUd7CWgp9n2Ay48ue-f-62dv8dTfQ> <xmx:JvclaL0CfAsxssaBBRwN1WIv1_Z24EBfLLaSRw75Oog81J4QjAjjww> <xmx:JvclaMuUZTs8yrX_0MhIX1M43VL2RgPPeGr4SkuZ7ykSb3t774AXzA> <xmx:JvclaPVNsDXPGKVYhVM1K7oocq2YZU8lb3l95qp86xYktzAxXrL9Vw> <xmx:JvclaNVHRINHwLIEG1xEMBIJXQWVI1fPaK290vkrcwwiNkiGBxRr92tX> Feedback-ID: id9014242:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Thu, 15 May 2025 10:16:05 -0400 (EDT) From: Ian Eure <ian@HIDDEN> To: 78249 <at> debbugs.gnu.org Subject: [PATCH v5 2/3] gnu: nss-rapid: Update to 3.110. Date: Thu, 15 May 2025 07:15:59 -0700 Message-ID: <20250515141600.4759-2-ian@HIDDEN> X-Mailer: git-send-email 2.49.0 In-Reply-To: <20250515141600.4759-1-ian@HIDDEN> References: <20250515141600.4759-1-ian@HIDDEN> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 78249 Cc: Ian Eure <ian@HIDDEN> X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.7 (-) * gnu/packages/nss.scm (nss-rapid): Update to 3.110. [phase 'check]: Use datefudge on 32-bit systems. Change-Id: Ibdae3c70066a70cdde560c5d8f9bac797cd2cd99 --- gnu/packages/nss.scm | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/gnu/packages/nss.scm b/gnu/packages/nss.scm index 7a8c6b075d7..80444e80386 100644 --- a/gnu/packages/nss.scm +++ b/gnu/packages/nss.scm @@ -347,7 +347,7 @@ (define-public nss-rapid (package (inherit nss) (name "nss-rapid") - (version "3.109") + (version "3.110") (source (origin (inherit (package-source nss)) (uri (let ((version-with-underscores @@ -358,11 +358,19 @@ (define-public nss-rapid "nss-" version ".tar.gz"))) (sha256 (base32 - "12y156frnhaqvwkla1c07gqr2lnp4yb3619g4088kk8qc4jnr95y")))) + "09xfndqj07wy28l7jnk01gqa4bh55nz6cldlp5qpg8120k211mlw")))) (arguments (substitute-keyword-arguments (package-arguments nss) ((#:phases phases) #~(modify-phases #$phases + (add-after 'unpack 'neutralize-network-test + ;; Test tries to resolve `wrong.host.badssl.com' which fails due + ;; to no networking in the build environment. + ;; Behavior changed as of 3.110. + (lambda _ + (substitute* "nss/tests/ssl/ssl.sh" + ((" ssl_policy_pkix_ocsp" all) + (string-append "#" all))))) (replace 'check (lambda* (#:key tests? #:allow-other-keys) (if tests? @@ -390,8 +398,12 @@ (define-public nss-rapid ;; leading to test failures: ;; <https://bugzilla.mozilla.org/show_bug.cgi?id=609734>. To ;; work around that, set the time to roughly the release date. - (invoke "faketime" "2025-03-01" "./nss/tests/all.sh")) + (invoke #$(if (target-64bit?) "faketime" "datefudge") + "2025-03-28" "./nss/tests/all.sh")) (format #t "test suite not run~%")))))))) + (propagated-inputs + (modify-inputs (package-propagated-inputs nss) + (replace "nspr" nspr-4.36))) (synopsis "Network Security Services (Rapid Release)") (description "Network Security Services (@dfn{NSS}) is a set of libraries designed to -- 2.49.0
guix-patches@HIDDEN
:bug#78249
; Package guix-patches
.
Full text available.Received: (at 78249) by debbugs.gnu.org; 15 May 2025 14:16:20 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Thu May 15 10:16:20 2025 Received: from localhost ([127.0.0.1]:54764 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1uFZNk-0003h7-6b for submit <at> debbugs.gnu.org; Thu, 15 May 2025 10:16:20 -0400 Received: from fhigh-b3-smtp.messagingengine.com ([202.12.124.154]:51103) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from <ian@HIDDEN>) id 1uFZNa-0003gV-Tc for 78249 <at> debbugs.gnu.org; Thu, 15 May 2025 10:16:12 -0400 Received: from phl-compute-09.internal (phl-compute-09.phl.internal [10.202.2.49]) by mailfhigh.stl.internal (Postfix) with ESMTP id 85AC925400C6; Thu, 15 May 2025 10:16:04 -0400 (EDT) Received: from phl-mailfrontend-01 ([10.202.2.162]) by phl-compute-09.internal (MEProxy); Thu, 15 May 2025 10:16:04 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=retrospec.tv; h= cc:cc:content-transfer-encoding:content-type:date:date:from:from :in-reply-to:message-id:mime-version:reply-to:subject:subject:to :to; s=fm2; t=1747318564; x=1747404964; bh=rme3XHFYtHl35B5X5XoHA dJZFxGgI71f5XKddJ7fAXU=; b=nRbxe6k1fA45HBSeC4aYGFBYJ46DeUqYhA/Fi DXyGu6ZiuqrXUzPevuTgsgM70ysAuExef2wtw5DVEkTZPP2wzHOKsoEcz2QibgOi NVdtK60g+wPAfks9go3gypUv/7CXhsjQungrxo3iQ6E75Igx0fEZel9AYFsXHkHv QrRQpWkSUf8pvSok2neR6JnFPFYIgtSgDWWrpt8daf2X0gXyagVsGBOoimO6eoEd ob7yqvS0pZl5PvdZ32wpkkmmGlVbRljJfEAy22xY6UI996SIMc4mqABTtONNbHqH apf+HiUFYHe12G8h0GhVIVHtrXeiDQTRYFLCjC56ab9qrg7bw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:message-id:mime-version:reply-to:subject:subject:to :to:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t= 1747318564; x=1747404964; bh=rme3XHFYtHl35B5X5XoHAdJZFxGgI71f5XK ddJ7fAXU=; b=lWRACFx98mLcMLwt29oFCUmYFFf3rl4InerGIQGTfSu3M8Wu0/9 m/LgyMiImSmlFm7W+UDvUtw4vFElwO3lbEMvpJ3I7nr8Cm7bKuUcnwCzf30YH3uU Fu2Z0OJQjwetf4pHfwzqQZb64Msz1jpMtzOICphX/tGkmMBbD92wCNsCefxAsHD9 muoEsddkftPfxMzwbiNg4pYh+oKmsirlUubVYlyXsuLT9xnuXeAdNLh2/jZoY6Li ykPnfNjl3Kjyh31iukxCm4BnGkWwjGfCjF9I2MO6l2YOOHgg0YhQ1fzfsBBohYWt Z9KRYYp0FMJ9VO/lt2k7+RaD/AND+HEgRMw== X-ME-Sender: <xms:I_claAbu5h5MT7WvUc0mU1nnzKgVh-D2FCIGYbWAOHsTkM-pBBDwAQ> <xme:I_claLbYqosyje9XREkCKHgEkISuadfKIfimPdlF_1Rg7IpREsK0t-a_kubi9hBLj AuThq3rBKrynuIHUg> X-ME-Received: <xmr:I_claK8hmonRX6qEMPayRhcRyi2caNIoK6alvqjLLBmkYGRF4d-42p6piatlCwkhX748aOvXdj0MZ25ZUAUK0ASZ5w1C8Glny55pnaGOJlW9> X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeefvddrtddtgdefuddttdekucetufdoteggodetrf dotffvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdggtfgfnhhsuhgsshgtrhhisggv pdfurfetoffkrfgpnffqhgenuceurghilhhouhhtmecufedttdenucenucfjughrpefhvf evufffkffoggfgsedtkeertdertddtnecuhfhrohhmpefkrghnucfguhhrvgcuoehirghn sehrvghtrhhoshhpvggtrdhtvheqnecuggftrfgrthhtvghrnhepgfdvjefhlefhfedtie elleefvdfhfeffteefueetlefgvdelffelvefgfeeukeejnecuffhomhgrihhnpehmohii ihhllhgrrdhorhhgnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilh hfrhhomhepihgrnhesrhgvthhrohhsphgvtgdrthhvpdhnsggprhgtphhtthhopedvpdhm ohguvgepshhmthhpohhuthdprhgtphhtthhopeejkedvgeelseguvggssghughhsrdhgnh hurdhorhhgpdhrtghpthhtohepihgrnhesrhgvthhrohhsphgvtgdrthhv X-ME-Proxy: <xmx:I_claKr9GiUvteUMOP8vUoaj3f3bCOhzXaMENY69syc8oPR7q4V1rQ> <xmx:I_claLqBYI2x46iur0fyFSG6omz0IyiQ9hWwlKCbL_06yQMxAq8IXA> <xmx:I_claIT0Akus9MT_1VRi5mYVy0ji38V6P7oi2rLxW9Z9OmK00D_SRg> <xmx:I_claLpFPuzHZN80wgS6UJt3mdBHa2RF6QZqOyMl7zWs5weGNs55vg> <xmx:JPclaHo2m6lrUNomVdrXiJ-rCJoE06fY73kOC8f5UkHk1nIIgEtz7oBs> Feedback-ID: id9014242:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Thu, 15 May 2025 10:16:03 -0400 (EDT) From: Ian Eure <ian@HIDDEN> To: 78249 <at> debbugs.gnu.org Subject: [PATCH v5 1/3] gnu: Add nspr-4.36. Date: Thu, 15 May 2025 07:15:58 -0700 Message-ID: <20250515141600.4759-1-ian@HIDDEN> X-Mailer: git-send-email 2.49.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 78249 Cc: Ian Eure <ian@HIDDEN> X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.7 (-) * gnu/packages/nss.scm (nspr-4.36): New variable. Change-Id: I5c7c4f5f96e3b9ed763c63c9b5b5996a63d45985 --- gnu/packages/nss.scm | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/gnu/packages/nss.scm b/gnu/packages/nss.scm index 8bcb593ed75..7a8c6b075d7 100644 --- a/gnu/packages/nss.scm +++ b/gnu/packages/nss.scm @@ -95,6 +95,19 @@ (define-public nspr in the Mozilla clients.") (license license:mpl2.0))) +(define-public nspr-4.36 + (package + (inherit nspr) + (version "4.36") + (source (origin + (method url-fetch) + (uri (string-append + "https://ftp.mozilla.org/pub/mozilla.org/nspr/releases/v" + version "/src/nspr-" version ".tar.gz")) + (sha256 + (base32 + "15b83ipjxrmw0909l5qqz13pbarhp50d6i58vgjx4720y4bw7pjm")))))) + (define-public nspr-4.32 (package (inherit nspr) -- 2.49.0
guix-patches@HIDDEN
:bug#78249
; Package guix-patches
.
Full text available.Received: (at 78249) by debbugs.gnu.org; 15 May 2025 05:11:41 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Thu May 15 01:11:40 2025 Received: from localhost ([127.0.0.1]:49513 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1uFQsd-0006X8-Fq for submit <at> debbugs.gnu.org; Thu, 15 May 2025 01:11:40 -0400 Received: from fhigh-b6-smtp.messagingengine.com ([202.12.124.157]:44711) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from <ian@HIDDEN>) id 1uFQsS-0006UZ-3F for 78249 <at> debbugs.gnu.org; Thu, 15 May 2025 01:11:29 -0400 Received: from phl-compute-03.internal (phl-compute-03.phl.internal [10.202.2.43]) by mailfhigh.stl.internal (Postfix) with ESMTP id A214725400BF; Thu, 15 May 2025 01:11:22 -0400 (EDT) Received: from phl-mailfrontend-01 ([10.202.2.162]) by phl-compute-03.internal (MEProxy); Thu, 15 May 2025 01:11:22 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=retrospec.tv; h= cc:cc:content-transfer-encoding:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to; s=fm2; t=1747285882; x= 1747372282; bh=uNZpeLIiKUKup4o08XEoA4RHUcRL+wp0x2RERJMcj5k=; b=W ibTRcLK9o/FGxesLQ+QWzt/X8VbN8TNEow3JzIFb7NI89zkCBvGjrgUxCzM1IKXc HCB9ahqj9vUmbLdmZAepQgP3Ps1YsvtRX5UbLqEnNih/+4TF/oN4Sfya1X/KNA+3 5LiikISjKW+mpdS4aAh24F8yBNtps5SjeklpwvhxqTohekJ0nrJhx/b1W+Z+Q4RL 2/SwMP/5yu81sLcGRuA9hHMpL2LK1it4yq59+XqRjU297Y6cLOmoYPdLvpYqbvQ6 Cn4Hrv6MMqVA+GJ9efSdrJYem5Ibn4qrVXNyVcEQhthQxLPAUvefsugtcIEpuCbZ hETI3rgckKCfvfguh0JuQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm3; t=1747285882; x=1747372282; bh=u NZpeLIiKUKup4o08XEoA4RHUcRL+wp0x2RERJMcj5k=; b=An/ZjsRdpwO65QaXT UpDGaFm290ZsAX+n1RHnDfPAB43de2v0oAS3DLkS4NzRwu9+AK3T2sCa7FZzHeOC WCZZah7npw2yj3Pka+rMymcClnbTpNUF0JkHWv019QPyqHBWpZIZPnISFNRYgyK/ YnPXXo7jg0qC/CJcdS0gm6AxeE7rizbtNbmwBBiIU5nVnwpqkCTWIwVGqrEEzDss b8Q6QWLyRBLUuzVjDSWRiSIB9qEY4P/bIMdqNF2Mht8aO9d0usr6uIM7a6TyRDhR dHRPLS3ZMsYKOLlqLKw6R1dsptOVHnOw5d//x4mDn7X5W46e66qK0nDqJdaloTja kwGpg== X-ME-Sender: <xms:enclaC9k5I2M03ILSGK1V9BL1jwynddMaNAoz6jyEuCIIFpZf5TZcA> <xme:enclaCv-igFJ7rwJfJJmi6FMDIFqq8CHCHcj73ow4I8BeaLdVYdsQjYodZS9EoN8O 8147xOxPiJE7DukJw> X-ME-Received: <xmr:enclaIAyjRnzqnsOqmglyOVaL5B_UDJzLvuDVb2WBbQ72o5_HzVcUwPtlVZh0-xU6XmjCi3wjINiSOzrMJxqoCO-raFHTNfMCLhmyUvvMuGd> X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeefvddrtddtgdeftdekleelucetufdoteggodetrf dotffvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdggtfgfnhhsuhgsshgtrhhisggv pdfurfetoffkrfgpnffqhgenuceurghilhhouhhtmecufedttdenucenucfjughrpefhvf evufffkffojghfggfgsedtkeertdertddtnecuhfhrohhmpefkrghnucfguhhrvgcuoehi rghnsehrvghtrhhoshhpvggtrdhtvheqnecuggftrfgrthhtvghrnhepveevjeffuddvte eiueetgfeukedvfeeiuedvveelfeeghfduleeftedvgfefgeejnecuvehluhhsthgvrhfu ihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhepihgrnhesrhgvthhrohhsphgvtg drthhvpdhnsggprhgtphhtthhopedvpdhmohguvgepshhmthhpohhuthdprhgtphhtthho peejkedvgeelseguvggssghughhsrdhgnhhurdhorhhgpdhrtghpthhtohepihgrnhesrh gvthhrohhsphgvtgdrthhv X-ME-Proxy: <xmx:enclaKfsYI_Q36tbdWDt8mdm8pjhVW1vTeERd-NcLHfJDMdotd-seg> <xmx:enclaHORGlnpgytKOd5hJ1_tKDYBOvPdmj3wS4xC9w3J1OX63luV4w> <xmx:enclaEnc5x_g1vsbKmXCLet4EZZ3irXRRwh2HB1nA1KXogIrU9f3kw> <xmx:enclaJvyi7n2pO-5Ywoh2Z_yPB7FdrjdSQT_Tz2sYviXqUaLW2JPYA> <xmx:enclaLtACSVoEdDQUuDNTtNZde7Ltbs8tZGnzc6mdBd0fF7JxYjtCsmB> Feedback-ID: id9014242:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Thu, 15 May 2025 01:11:21 -0400 (EDT) From: Ian Eure <ian@HIDDEN> To: 78249 <at> debbugs.gnu.org Subject: [PATCH v4 3/3] gnu: librewolf: Update to 138.0.3-1 [security fixes]. Date: Wed, 14 May 2025 22:11:13 -0700 Message-ID: <20250515051113.2978-3-ian@HIDDEN> X-Mailer: git-send-email 2.49.0 In-Reply-To: <20250515051113.2978-1-ian@HIDDEN> References: <20250515051113.2978-1-ian@HIDDEN> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 78249 Cc: Ian Eure <ian@HIDDEN> X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.7 (-) Contains fixes for: CVE-2025-2817: Privilege escalation in Firefox Updater CVE-2025-4082: WebGL shader attribute memory corruption in Firefox for macOS CVE-2025-4083: Process isolation bypass using "javascript:" URI links in cross-origin frames CVE-2025-4085: Potential information leakage and privilege escalation in UITour actor CVE-2025-4086: Specially crafted filename could be used to obscure download type CVE-2025-4087: Unsafe attribute access during XPath parsing CVE-2025-4088: Cross-site request forgery via storage access API redirects CVE-2025-4089: Potential local code execution in "copy as cURL" command CVE-2025-4090: Leaked library paths in Firefox for Android CVE-2025-4091: Memory safety bugs fixed in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10 CVE-2025-4092: Memory safety bugs fixed in Firefox 138 and Thunderbird 138 * gnu/packages/librewolf.scm (librewolf): Update to 138.0.3-1. * gnu/packages/patches/librewolf-compare-paths.patch: New file. Change-Id: I2cc11b758dbc77f7ec3451faa89918b08c890729 --- gnu/packages/librewolf.scm | 14 +++++++------- .../patches/librewolf-compare-paths.patch | 15 +++++++++++++++ 2 files changed, 22 insertions(+), 7 deletions(-) create mode 100644 gnu/packages/patches/librewolf-compare-paths.patch diff --git a/gnu/packages/librewolf.scm b/gnu/packages/librewolf.scm index bcacbf8dd15..063a89420fe 100644 --- a/gnu/packages/librewolf.scm +++ b/gnu/packages/librewolf.scm @@ -191,7 +191,7 @@ (define* (make-librewolf-source #:key version firefox-hash librewolf-hash l10n) #$output))))) (patches (search-patches - "torbrowser-compare-paths.patch" + "librewolf-compare-paths.patch" "librewolf-use-system-wide-dir.patch" "librewolf-add-store-to-rdd-allowlist.patch"))))) @@ -207,17 +207,17 @@ (define rust-librewolf rust-1.82) ;; Update this id with every update to its release date. ;; It's used for cache validation and therefore can lead to strange bugs. ;; ex: date '+%Y%m%d%H%M%S' -(define %librewolf-build-id "20250416062358") +(define %librewolf-build-id "20250502155055") (define-public librewolf (package (name "librewolf") - (version "137.0.2-1") + (version "138.0.3-1") (source (make-librewolf-source #:version version - #:firefox-hash "01yd5cq6qgww6w2kq1bchy9j81blim15kdz7bvx8n512m2x3mz06" - #:librewolf-hash "0vy1xvjwgc4vd9q3laakx6lrsy4ghpdr98vm9lmx86amg9gak5ix" + #:firefox-hash "1r0kam26cz5rz39n6zcc2hrbav6dxlfrsa0qhhfjlnv33ns3lzx2" + #:librewolf-hash "1bf9sa5radjr7g6ng7kqy2ss13c0q6vkq9dfzj5y998ifxw19s4c" #:l10n firefox-l10n)) (build-system gnu-build-system) (arguments @@ -639,7 +639,7 @@ (define (runpaths-of-input label) libxt mesa mit-krb5 - nspr + nspr-4.36 nss-rapid pango pciutils @@ -665,7 +665,7 @@ (define (runpaths-of-input label) pkg-config python rust-librewolf - rust-cbindgen-0.26 + rust-cbindgen-0.28 which yasm)) (native-search-paths diff --git a/gnu/packages/patches/librewolf-compare-paths.patch b/gnu/packages/patches/librewolf-compare-paths.patch new file mode 100644 index 00000000000..8e880bf3908 --- /dev/null +++ b/gnu/packages/patches/librewolf-compare-paths.patch @@ -0,0 +1,15 @@ +See comment in gnu/build/icecat-extension.scm. +This is only needed while icecat and torbrowser remain on +different ESR versions as the patched file has changed its +name. + +--- a/toolkit/mozapps/extensions/internal/XPIDatabase.sys.mjs ++++ b/toolkit/mozapps/extensions/internal/XPIDatabase.sys.mjs +@@ -3753,6 +3753,7 @@ + if ( + newAddon || + oldAddon.updateDate != xpiState.mtime || ++ oldAddon.path != xpiState.path || + (aUpdateCompatibility && this.isAppBundledLocation(installLocation)) || + // update addon metadata if the addon in bundled into + // the omni jar and version or the resource URI pointing -- 2.49.0
guix-patches@HIDDEN
:bug#78249
; Package guix-patches
.
Full text available.Received: (at 78249) by debbugs.gnu.org; 15 May 2025 05:11:39 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Thu May 15 01:11:39 2025 Received: from localhost ([127.0.0.1]:49511 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1uFQsc-0006X2-IQ for submit <at> debbugs.gnu.org; Thu, 15 May 2025 01:11:39 -0400 Received: from fhigh-b6-smtp.messagingengine.com ([202.12.124.157]:37111) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from <ian@HIDDEN>) id 1uFQsQ-0006UN-8I for 78249 <at> debbugs.gnu.org; Thu, 15 May 2025 01:11:29 -0400 Received: from phl-compute-01.internal (phl-compute-01.phl.internal [10.202.2.41]) by mailfhigh.stl.internal (Postfix) with ESMTP id C88BD25400AB; Thu, 15 May 2025 01:11:20 -0400 (EDT) Received: from phl-mailfrontend-01 ([10.202.2.162]) by phl-compute-01.internal (MEProxy); Thu, 15 May 2025 01:11:20 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=retrospec.tv; h= cc:cc:content-transfer-encoding:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to; s=fm2; t=1747285880; x= 1747372280; bh=+Mw2i03h6v2+ZLt8kmlYhentcr620cttQxkSycYFbzE=; b=W rESALW2rWRFDkrsym19rs2+UyBt+usmqclvH+3tPmJFp27vuy6Dd9h87clcogZzo jNMZCid/4xgY4KUpcM73JqT+CfJ3oJEu14x1+f0w+hkDr630jA11CdzNDlqsHE3W /nlSXFHGs34DXybW9Co3M1AUEsEFXne1nosGEx63D99LOpvphdKyOikUBxbLD/3k dfFCXOPg8JJj2OyNfE57c1XPmg3vCoZB7QNBARs9YxCeAYLjaVix/aVdjndYIefJ GN+Sh51NnEeQlxY2NlpdJYrqWI714fy0mpLU5VdbcdF9XTfn3cTwaIaGc/n9EWJA lzNnDJcErqkyQZHIGDAEg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm3; t=1747285880; x=1747372280; bh=+ Mw2i03h6v2+ZLt8kmlYhentcr620cttQxkSycYFbzE=; b=smhFrMsREQy5IPSsj vwr6ytT8YlV9iOR6k8qzAcQcL8Z5DNGwQuxCGabKEEILjX+Azb8tNmPVUaPnzLFT pOhtfybOYFnGvmp7TgZK3k8b5zqDf+HWW3Ck/es9YQbeAEMqT4/+beds5ME1/L8H 1IoAo1vhw6V6+LzncAWJCTjz8QeQUdStQrA0i8IvqtLO32c+aHstpkBopcdEYVHx nM6sSTtf/f9bca6TFtOQhEGBvgsrA0u1jiKQWLzoRiSYo7k2TRG/JRzm0Qvn7xms lREuxyIq5KoaJGDepVoY9MrkkLir2RWTmzMX2yIwykdb4QCeLlLpzttTIDhRsgIo GD9vg== X-ME-Sender: <xms:eHclaNZ_5YNfOpOjoVMelGOjEHs7pKmhdHXxXcf90zZaLc6rylytfQ> <xme:eHclaEbOzw5oP6C_-nOc4EpRq4k9gSygh6GfIQKn2-MD6Qwzoqrm20ZZi-FCAZQHn ckaJWy5iSFL9zWtfg> X-ME-Received: <xmr:eHclaP8PttVQdLiCXqm1yuauZ2aggwWW7MdqKeRKYvqh1P7lhZUnYwnb1L3aSobtR3_7kUG4iDpx8uY8CSYCJVqjF0au1hnblnuCeTG4ypm3> X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeefvddrtddtgdeftdekleelucetufdoteggodetrf dotffvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdggtfgfnhhsuhgsshgtrhhisggv pdfurfetoffkrfgpnffqhgenuceurghilhhouhhtmecufedttdenucenucfjughrpefhvf evufffkffojghfggfgsedtkeertdertddtnecuhfhrohhmpefkrghnucfguhhrvgcuoehi rghnsehrvghtrhhoshhpvggtrdhtvheqnecuggftrfgrthhtvghrnhepvdfgveffvdekle dttdetjeektdevteegfefhvdefhfffffejudetkeduieekudelnecuffhomhgrihhnpegs rggushhslhdrtghomhdpmhhoiihilhhlrgdrohhrghenucevlhhushhtvghrufhiiigvpe dtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehirghnsehrvghtrhhoshhpvggtrdhtvhdp nhgspghrtghpthhtohepvddpmhhouggvpehsmhhtphhouhhtpdhrtghpthhtohepjeekvd egleesuggvsggsuhhgshdrghhnuhdrohhrghdprhgtphhtthhopehirghnsehrvghtrhho shhpvggtrdhtvh X-ME-Proxy: <xmx:eHclaLpV27Y17UM7d4NV27NFJIfUjEZuKr-obEEs2cKHDRU8X_KY8g> <xmx:eHclaIpgJHpjJH7R3XgNY2FVnbiweKnOf1LqUCYyl9xeypOMaXo3Yw> <xmx:eHclaBSzV9wPhwCRD8tZD-OPJvxMmZdGlv-oe9am9uqqVrqfNFI-Tg> <xmx:eHclaArJSH2cSD-vlWrZNsrN1ye3JipdlmbGKnXlmmdDdp7V9iYwfQ> <xmx:eHclaMrH9ucjfrzhnpgtrOe6wFal-0GiRMLsrx4ttk-XKkihnRxFXf9t> Feedback-ID: id9014242:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Thu, 15 May 2025 01:11:19 -0400 (EDT) From: Ian Eure <ian@HIDDEN> To: 78249 <at> debbugs.gnu.org Subject: [PATCH v4 2/3] gnu: nss-rapid: Update to 3.110. Date: Wed, 14 May 2025 22:11:12 -0700 Message-ID: <20250515051113.2978-2-ian@HIDDEN> X-Mailer: git-send-email 2.49.0 In-Reply-To: <20250515051113.2978-1-ian@HIDDEN> References: <20250515051113.2978-1-ian@HIDDEN> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 78249 Cc: Ian Eure <ian@HIDDEN> X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.7 (-) * gnu/packages/nss.scm (nss-rapid): Update to 3.110. Change-Id: Ibdae3c70066a70cdde560c5d8f9bac797cd2cd99 --- gnu/packages/nss.scm | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/gnu/packages/nss.scm b/gnu/packages/nss.scm index 7a8c6b075d7..24f4b603694 100644 --- a/gnu/packages/nss.scm +++ b/gnu/packages/nss.scm @@ -347,7 +347,7 @@ (define-public nss-rapid (package (inherit nss) (name "nss-rapid") - (version "3.109") + (version "3.110") (source (origin (inherit (package-source nss)) (uri (let ((version-with-underscores @@ -358,11 +358,19 @@ (define-public nss-rapid "nss-" version ".tar.gz"))) (sha256 (base32 - "12y156frnhaqvwkla1c07gqr2lnp4yb3619g4088kk8qc4jnr95y")))) + "09xfndqj07wy28l7jnk01gqa4bh55nz6cldlp5qpg8120k211mlw")))) (arguments (substitute-keyword-arguments (package-arguments nss) ((#:phases phases) #~(modify-phases #$phases + (add-after 'unpack 'neutralize-network-test + ;; Test tries to resolve `wrong.host.badssl.com' which fails due + ;; to no networking in the build environment. + ;; Behavior changed as of 3.110. + (lambda _ + (substitute* "nss/tests/ssl/ssl.sh" + ((" ssl_policy_pkix_ocsp" all) + (string-append "#" all))))) (replace 'check (lambda* (#:key tests? #:allow-other-keys) (if tests? @@ -390,8 +398,11 @@ (define-public nss-rapid ;; leading to test failures: ;; <https://bugzilla.mozilla.org/show_bug.cgi?id=609734>. To ;; work around that, set the time to roughly the release date. - (invoke "faketime" "2025-03-01" "./nss/tests/all.sh")) + (invoke "faketime" "2025-03-28" "./nss/tests/all.sh")) (format #t "test suite not run~%")))))))) + (propagated-inputs + (modify-inputs (package-propagated-inputs nss) + (replace "nspr" nspr-4.36))) (synopsis "Network Security Services (Rapid Release)") (description "Network Security Services (@dfn{NSS}) is a set of libraries designed to -- 2.49.0
guix-patches@HIDDEN
:bug#78249
; Package guix-patches
.
Full text available.Received: (at 78249) by debbugs.gnu.org; 15 May 2025 05:11:32 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Thu May 15 01:11:32 2025 Received: from localhost ([127.0.0.1]:49509 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1uFQsT-0006Vc-7T for submit <at> debbugs.gnu.org; Thu, 15 May 2025 01:11:32 -0400 Received: from fhigh-b6-smtp.messagingengine.com ([202.12.124.157]:50841) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from <ian@HIDDEN>) id 1uFQsP-0006UF-U8 for 78249 <at> debbugs.gnu.org; Thu, 15 May 2025 01:11:27 -0400 Received: from phl-compute-12.internal (phl-compute-12.phl.internal [10.202.2.52]) by mailfhigh.stl.internal (Postfix) with ESMTP id A39B525400A7; Thu, 15 May 2025 01:11:19 -0400 (EDT) Received: from phl-mailfrontend-01 ([10.202.2.162]) by phl-compute-12.internal (MEProxy); Thu, 15 May 2025 01:11:19 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=retrospec.tv; h= cc:cc:content-transfer-encoding:content-type:date:date:from:from :in-reply-to:message-id:mime-version:reply-to:subject:subject:to :to; s=fm2; t=1747285879; x=1747372279; bh=rme3XHFYtHl35B5X5XoHA dJZFxGgI71f5XKddJ7fAXU=; b=WUNnp3UMdfBPhJ0LCLOpYHHf85YyB5U7TBZH+ WSIa94wFNvAeEuNxXzyWk1ESmbWJjUKAZDnCvq68lOliS6PGsDpAjM2hkpVbxsby CXOK8t2KT32itNuPYBI2cenActcBHQDBBOux+GBUP4WGqXl/N4rqZshOb1GiF+EH 61y44R/0mps735TAwSULpCjOFIhnudG9R1rBStpqtEtu8pGkxxifCSbD15Lbg9jl V0uH31BJvxj94z8Mfxnrd5x+EXhIB2lqhtEQHq/0bwC3UktGNNVAWuF4J0264Kmp pH9D34lbvEkdWLoYAs1tGhQOiirY0pJpTUL5A340BpLykz4sQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:message-id:mime-version:reply-to:subject:subject:to :to:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t= 1747285879; x=1747372279; bh=rme3XHFYtHl35B5X5XoHAdJZFxGgI71f5XK ddJ7fAXU=; b=GOg/+K/6p+wEslI53pTF8gaUoE+zJlGG+HerOkiZCsE3onKsHKU vh0byagDsPN/kwczWWruPesETp4c3CfTf9WjfEhpXbdEMNmbxFSDLn0LBmRwzPyf eHJqu9zhDBd9lrAHJeHL75cp3NysQfqN6b12z1jHxFtxGTSKw1fKZ0fXJL5XHDHd V+P3/EcUVOWxoZ8Piq1scEMx/o8OSsZ/c6oH8JWRw4klBx9XUCWH17CuJ1o7QcSO H6t0VonY3sZ/KVlxPJo2kljPb52Eg/sVMixq+aKNKkQsjT3saWY/ayeMad7adejf 7tEQmrThk3URgp6XYZWgfD5SV4ua9HYYcXw== X-ME-Sender: <xms:d3claFJMQz2PvQ8APJpZMhTEfFJ9ueFauzf7-F2jJW-GVIcQQKU1kw> <xme:d3claBJHx0ux2kZhg-fTCnHhzQexzH5vTGDkaXkVzE9FujLkQ17HmOBGA23qiFy66 Wr6l3djEbvwxgwV_w> X-ME-Received: <xmr:d3claNvGq2WGf0uYYD3Rp0BH8IRI4nB7L9fvJzjLq6qhcXm2pEj2twtQDJGs6kFd2ondIBfdnmoa6QmbJBPWoxrt0AXz1fb5Dic8eSYYx8Uw> X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeefvddrtddtgdeftdekleelucetufdoteggodetrf dotffvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdggtfgfnhhsuhgsshgtrhhisggv pdfurfetoffkrfgpnffqhgenuceurghilhhouhhtmecufedttdenucenucfjughrpefhvf evufffkffoggfgsedtkeertdertddtnecuhfhrohhmpefkrghnucfguhhrvgcuoehirghn sehrvghtrhhoshhpvggtrdhtvheqnecuggftrfgrthhtvghrnhepgfdvjefhlefhfedtie elleefvdfhfeffteefueetlefgvdelffelvefgfeeukeejnecuffhomhgrihhnpehmohii ihhllhgrrdhorhhgnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilh hfrhhomhepihgrnhesrhgvthhrohhsphgvtgdrthhvpdhnsggprhgtphhtthhopedvpdhm ohguvgepshhmthhpohhuthdprhgtphhtthhopeejkedvgeelseguvggssghughhsrdhgnh hurdhorhhgpdhrtghpthhtohepihgrnhesrhgvthhrohhsphgvtgdrthhv X-ME-Proxy: <xmx:d3claGbZkx_HE6OY2_-z04EXFsN-Z-EG1qBPmuqd1pzMIjxjh_wsGQ> <xmx:d3claMb4kGE8IqRfR3n8u2CRy_m1ZyPaHp4QtQFlH-F7xV4Bjh9onw> <xmx:d3claKBsqlXumwWdmugx0UC0jfWsaCa2wOGQADSE01EaGURqRMHnGA> <xmx:d3claKaRRe3Pz6hW3MTJ8G1t_vGbZEaEnil0NJ5aZTo42881RF7g6A> <xmx:d3claObGkeu7f82RGzfeNvGBvb7L8lz_Laf8OU95mNXHTVYFljJ4-5L-> Feedback-ID: id9014242:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Thu, 15 May 2025 01:11:18 -0400 (EDT) From: Ian Eure <ian@HIDDEN> To: 78249 <at> debbugs.gnu.org Subject: [PATCH v4 1/3] gnu: Add nspr-4.36. Date: Wed, 14 May 2025 22:11:11 -0700 Message-ID: <20250515051113.2978-1-ian@HIDDEN> X-Mailer: git-send-email 2.49.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 78249 Cc: Ian Eure <ian@HIDDEN> X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.7 (-) * gnu/packages/nss.scm (nspr-4.36): New variable. Change-Id: I5c7c4f5f96e3b9ed763c63c9b5b5996a63d45985 --- gnu/packages/nss.scm | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/gnu/packages/nss.scm b/gnu/packages/nss.scm index 8bcb593ed75..7a8c6b075d7 100644 --- a/gnu/packages/nss.scm +++ b/gnu/packages/nss.scm @@ -95,6 +95,19 @@ (define-public nspr in the Mozilla clients.") (license license:mpl2.0))) +(define-public nspr-4.36 + (package + (inherit nspr) + (version "4.36") + (source (origin + (method url-fetch) + (uri (string-append + "https://ftp.mozilla.org/pub/mozilla.org/nspr/releases/v" + version "/src/nspr-" version ".tar.gz")) + (sha256 + (base32 + "15b83ipjxrmw0909l5qqz13pbarhp50d6i58vgjx4720y4bw7pjm")))))) + (define-public nspr-4.32 (package (inherit nspr) -- 2.49.0
guix-patches@HIDDEN
:bug#78249
; Package guix-patches
.
Full text available.Received: (at 78249) by debbugs.gnu.org; 14 May 2025 00:25:23 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Tue May 13 20:25:23 2025 Received: from localhost ([127.0.0.1]:37024 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1uEzw2-0004CF-Vw for submit <at> debbugs.gnu.org; Tue, 13 May 2025 20:25:23 -0400 Received: from fhigh-a2-smtp.messagingengine.com ([103.168.172.153]:37215) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from <ian@HIDDEN>) id 1uEzvv-00046i-Cn for 78249 <at> debbugs.gnu.org; Tue, 13 May 2025 20:25:16 -0400 Received: from phl-compute-01.internal (phl-compute-01.phl.internal [10.202.2.41]) by mailfhigh.phl.internal (Postfix) with ESMTP id 1A1E711400B1; Tue, 13 May 2025 20:25:10 -0400 (EDT) Received: from phl-mailfrontend-01 ([10.202.2.162]) by phl-compute-01.internal (MEProxy); Tue, 13 May 2025 20:25:10 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=retrospec.tv; h= cc:cc:content-transfer-encoding:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to; s=fm2; t=1747182310; x= 1747268710; bh=+Mw2i03h6v2+ZLt8kmlYhentcr620cttQxkSycYFbzE=; b=d 2KGB0vIpiLESU94gLBqn5d+FqqYVhEBJdbyJFudLbMgznGRHUlS87Bd0iF1oJwX/ HS96JBP/ZEFjc1rJjWbRiTHhphP640FpK1YPweO2ABs/3I6H1kz4rOLo9MeFUApb tj76FM4JDdAsf7futx2/EJmiy3jaSdWUwvlJ5+ImszUkAcXmx4Nvr0lVC8hBt2lD va192oEdxQdHwveiqFEGvBqojKwVRfWjLcNO/593h/W7t/PTzaPD5MofPkq55i20 w0+3PUG3hG6AFBfnLKj9QgynoKcJHdXBGAQ3rlWpEb7EOJ+FCEunEvn8J1B6bYIY VNVWxch6LHXCXaiQK65mA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm3; t=1747182310; x=1747268710; bh=+ Mw2i03h6v2+ZLt8kmlYhentcr620cttQxkSycYFbzE=; b=PBV5QCFS3lNKRulV8 k1vYmSa1J+2uj7aW4CWRdSGevdXNG4nYkCp5xyRzWFPbL9BocVRk6A8A83mEsOeP +23kOTbFy06pr+m+xwcJZNaV7/h5xvq2SMrX6KpMQiJ+eNxwM1sWN4KYyK0/mp8X T/AsrhvN1CyQRKSZZrtzsFXeWg5iAi6/M+sDDeF+IhlrE8VO7S4bsNb7SIglP8BU psnQTv9gTTnZK+9V7MVBola17rPoc7atDSoELhkpGPp525Pvu4ZkWP/0jeZDnpHj aFRgINVtSt2Dn1QH5ZACQQso504vVNMVbuezccYvNHYepDu+OUmyA+NE+vdyaFM5 4zKsQ== X-ME-Sender: <xms:5eIjaN11-uXYchFVA4Le56I04eomZ9-0GM19e7u-SOChtCuxJOHESA> <xme:5eIjaEHZOofHqOcChuoq2WYbNEFCY3pIt7OBnoNQDZrUi8kRviyx7TXldIgRSKoTw a5_ForG3QkB2bIYXA> X-ME-Received: <xmr:5eIjaN4-ixDezioko4eDcu0qimNDarkMZhjagL5SbpYhvZZMUvKv7zZaJfLga0FlLlmyBe37ouCQoc75klEkZ0BT_7H2HGTj6p8keu1VUdZX> X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeefvddrtddtgdeftdehheegucetufdoteggodetrf dotffvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdggtfgfnhhsuhgsshgtrhhisggv pdfurfetoffkrfgpnffqhgenuceurghilhhouhhtmecufedttdenucenucfjughrpefhvf evufffkffojghfggfgsedtkeertdertddtnecuhfhrohhmpefkrghnucfguhhrvgcuoehi rghnsehrvghtrhhoshhpvggtrdhtvheqnecuggftrfgrthhtvghrnhepvdfgveffvdekle dttdetjeektdevteegfefhvdefhfffffejudetkeduieekudelnecuffhomhgrihhnpegs rggushhslhdrtghomhdpmhhoiihilhhlrgdrohhrghenucevlhhushhtvghrufhiiigvpe dtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehirghnsehrvghtrhhoshhpvggtrdhtvhdp nhgspghrtghpthhtohepvddpmhhouggvpehsmhhtphhouhhtpdhrtghpthhtohepjeekvd egleesuggvsggsuhhgshdrghhnuhdrohhrghdprhgtphhtthhopehirghnsehrvghtrhho shhpvggtrdhtvh X-ME-Proxy: <xmx:5eIjaK2kUOMwJytsLFk8lwS0ckCr5mxzWcGxyk98Kx_poGCxxaN10w> <xmx:5eIjaAFQCU_9WF4veVOSoLGXoSWuiujvsR7pqpGlhU-_YAiIGEAuGQ> <xmx:5eIjaL-SqiTTCQj4uEmVkUSF-UEMyAMKe4JlDyNzuu-QpS1ikjR0OA> <xmx:5eIjaNmmKTnGCasR4tgKnytHPGuyfTAfNTpQWLPV555BaMqRZRcEGg> <xmx:5uIjaDl6CTpWbVhp5i8pjmrfl8rTZiompj2ANSg8lgNmd_G5tF-PkKOM> Feedback-ID: id9014242:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Tue, 13 May 2025 20:25:09 -0400 (EDT) From: Ian Eure <ian@HIDDEN> To: 78249 <at> debbugs.gnu.org Subject: [PATCH v3 2/3] gnu: nss-rapid: Update to 3.110. Date: Tue, 13 May 2025 17:25:04 -0700 Message-ID: <20250514002505.19495-2-ian@HIDDEN> X-Mailer: git-send-email 2.49.0 In-Reply-To: <20250514002505.19495-1-ian@HIDDEN> References: <20250514002505.19495-1-ian@HIDDEN> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 78249 Cc: Ian Eure <ian@HIDDEN> X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.7 (-) * gnu/packages/nss.scm (nss-rapid): Update to 3.110. Change-Id: Ibdae3c70066a70cdde560c5d8f9bac797cd2cd99 --- gnu/packages/nss.scm | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/gnu/packages/nss.scm b/gnu/packages/nss.scm index 7a8c6b075d7..24f4b603694 100644 --- a/gnu/packages/nss.scm +++ b/gnu/packages/nss.scm @@ -347,7 +347,7 @@ (define-public nss-rapid (package (inherit nss) (name "nss-rapid") - (version "3.109") + (version "3.110") (source (origin (inherit (package-source nss)) (uri (let ((version-with-underscores @@ -358,11 +358,19 @@ (define-public nss-rapid "nss-" version ".tar.gz"))) (sha256 (base32 - "12y156frnhaqvwkla1c07gqr2lnp4yb3619g4088kk8qc4jnr95y")))) + "09xfndqj07wy28l7jnk01gqa4bh55nz6cldlp5qpg8120k211mlw")))) (arguments (substitute-keyword-arguments (package-arguments nss) ((#:phases phases) #~(modify-phases #$phases + (add-after 'unpack 'neutralize-network-test + ;; Test tries to resolve `wrong.host.badssl.com' which fails due + ;; to no networking in the build environment. + ;; Behavior changed as of 3.110. + (lambda _ + (substitute* "nss/tests/ssl/ssl.sh" + ((" ssl_policy_pkix_ocsp" all) + (string-append "#" all))))) (replace 'check (lambda* (#:key tests? #:allow-other-keys) (if tests? @@ -390,8 +398,11 @@ (define-public nss-rapid ;; leading to test failures: ;; <https://bugzilla.mozilla.org/show_bug.cgi?id=609734>. To ;; work around that, set the time to roughly the release date. - (invoke "faketime" "2025-03-01" "./nss/tests/all.sh")) + (invoke "faketime" "2025-03-28" "./nss/tests/all.sh")) (format #t "test suite not run~%")))))))) + (propagated-inputs + (modify-inputs (package-propagated-inputs nss) + (replace "nspr" nspr-4.36))) (synopsis "Network Security Services (Rapid Release)") (description "Network Security Services (@dfn{NSS}) is a set of libraries designed to -- 2.49.0
guix-patches@HIDDEN
:bug#78249
; Package guix-patches
.
Full text available.Received: (at 78249) by debbugs.gnu.org; 14 May 2025 00:25:23 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Tue May 13 20:25:23 2025 Received: from localhost ([127.0.0.1]:37022 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1uEzw2-0004BP-F7 for submit <at> debbugs.gnu.org; Tue, 13 May 2025 20:25:22 -0400 Received: from fhigh-a2-smtp.messagingengine.com ([103.168.172.153]:39211) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from <ian@HIDDEN>) id 1uEzvw-00046m-0M for 78249 <at> debbugs.gnu.org; Tue, 13 May 2025 20:25:16 -0400 Received: from phl-compute-01.internal (phl-compute-01.phl.internal [10.202.2.41]) by mailfhigh.phl.internal (Postfix) with ESMTP id D2B4411400E7; Tue, 13 May 2025 20:25:10 -0400 (EDT) Received: from phl-mailfrontend-01 ([10.202.2.162]) by phl-compute-01.internal (MEProxy); Tue, 13 May 2025 20:25:10 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=retrospec.tv; h= cc:cc:content-transfer-encoding:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to; s=fm2; t=1747182310; x= 1747268710; bh=EcSFHWKfAT+gJZ8K1AZajM6ba6NoTAnkILbbrO3ZJM4=; b=J sSHJotcqq6tocvyn3bRv22dXbEsv+8pi+ajirE1OeiGaDFfAkBi7yOOYvQy2vUOd WegXbdTvJf/JsCIMly0nBBR/i3ylKm92m410ytiTYlTfMv2/rUKsvUOOKavkTGDP RicMU7Ve5ogatrttVb9BnyNDSMHkFYsj/MPJyaALu4X1JT3Xxkp/lGvVtL/BSUlf iad0WkmvMx+FBMnjlr+cKmvKL7fsQ7LQtZK/F+CzdPEZJHnk1HawLm1wMur6RAOY 04nDImO9c40sldMuSGyeyrW3AR4vE/8lHqkmkEBOKwjqdHqH66wAH3Mih8B7d0sz 2EK9QMOzPSprXKTrrAm3w== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm3; t=1747182310; x=1747268710; bh=E cSFHWKfAT+gJZ8K1AZajM6ba6NoTAnkILbbrO3ZJM4=; b=FuBHQiTnjswRvE1LJ ncja4WvLtIr6z3zYLTiJB8bPWh/FcWxQ2YPYn6yQPzCTB2I5keEKRnLaXlzvYebq 8dISj6HwHTrLNC7S/Pvbw+iY4FmDU/XFqyswSYIV184TWjBnNLGvaliXhJlzcsTc rXpmM1W3AJ8uGgcKHjdX5i/Bx7yI+/1cts/E9Njzzv0VYaM/F11aB6Ww/riAoxaO YILbMHdB0CyV7NShMLLbvGzrK+9Ufion55SRshqlok3YJMdHSoYMPb7fRMKplN/r 33jFqAK8fcumaTBN7N7Un4OQouygBIFfviNCH/IU23jvyvUYrQ5Gx9kaAsDph2Xe qv3+A== X-ME-Sender: <xms:5uIjaN6mk-G0uTzVck5dSAJmsO3ftRbeO35BL36yh8UckmGnc9R_zA> <xme:5uIjaK6cZ1RylFsLtAEjtG7KrtCBWJaU0rGcxeIfKTigtDjyuQBqPaZc9W4-OYIbW 0Le5TKlB-p_VHZp6w> X-ME-Received: <xmr:5uIjaEdiqlJlQ1alEAZtPlMjPm-k-PaiG5NpGN2he5ZwK0vJO4NMFc0uWl-9PAnWStR6ZG87trWTzgCEtSg07bhXVBeXbbHDynpV_wJfAgL8> X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeefvddrtddtgdeftdehheegucetufdoteggodetrf dotffvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdggtfgfnhhsuhgsshgtrhhisggv pdfurfetoffkrfgpnffqhgenuceurghilhhouhhtmecufedttdenucenucfjughrpefhvf evufffkffojghfggfgsedtkeertdertddtnecuhfhrohhmpefkrghnucfguhhrvgcuoehi rghnsehrvghtrhhoshhpvggtrdhtvheqnecuggftrfgrthhtvghrnhepveevjeffuddvte eiueetgfeukedvfeeiuedvveelfeeghfduleeftedvgfefgeejnecuvehluhhsthgvrhfu ihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhepihgrnhesrhgvthhrohhsphgvtg drthhvpdhnsggprhgtphhtthhopedvpdhmohguvgepshhmthhpohhuthdprhgtphhtthho peejkedvgeelseguvggssghughhsrdhgnhhurdhorhhgpdhrtghpthhtohepihgrnhesrh gvthhrohhsphgvtgdrthhv X-ME-Proxy: <xmx:5uIjaGIOL7d37Bf9cSXmDcIpqwL46EIc4Y3eis17e9FDrDVvdsFaGQ> <xmx:5uIjaBLwkMBzVyViTAz10cAwg0alhPoEMJIK9uCYVkdmARwLzuacAA> <xmx:5uIjaPz_5KItmNZnGQ6jv9Lk6kwHQ9VTtYbb8jyR0gJuMxFuq0SCUw> <xmx:5uIjaNL3ahDOBO25KcwcT5j-R2RG6XKeCjOX0Ucwb3MTGJsINFXEIg> <xmx:5uIjaJKJBBDEqid2_keDkf6VzIaxzeN9oQz21aASgpYtad3OUw5iPOIM> Feedback-ID: id9014242:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Tue, 13 May 2025 20:25:10 -0400 (EDT) From: Ian Eure <ian@HIDDEN> To: 78249 <at> debbugs.gnu.org Subject: [PATCH v3 3/3] gnu: librewolf: Update to 138.0.1-2 [security fixes]. Date: Tue, 13 May 2025 17:25:05 -0700 Message-ID: <20250514002505.19495-3-ian@HIDDEN> X-Mailer: git-send-email 2.49.0 In-Reply-To: <20250514002505.19495-1-ian@HIDDEN> References: <20250514002505.19495-1-ian@HIDDEN> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 78249 Cc: Ian Eure <ian@HIDDEN> X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.7 (-) Contains fixes for: CVE-2025-2817: Privilege escalation in Firefox Updater CVE-2025-4082: WebGL shader attribute memory corruption in Firefox for macOS CVE-2025-4083: Process isolation bypass using "javascript:" URI links in cross-origin frames CVE-2025-4085: Potential information leakage and privilege escalation in UITour actor CVE-2025-4086: Specially crafted filename could be used to obscure download type CVE-2025-4087: Unsafe attribute access during XPath parsing CVE-2025-4088: Cross-site request forgery via storage access API redirects CVE-2025-4089: Potential local code execution in "copy as cURL" command CVE-2025-4090: Leaked library paths in Firefox for Android CVE-2025-4091: Memory safety bugs fixed in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10 CVE-2025-4092: Memory safety bugs fixed in Firefox 138 and Thunderbird 138 * gnu/packages/librewolf.scm (librewolf): Update to 138.0.1-2. * gnu/packages/patches/librewolf-compare-paths.patch: New file. Change-Id: I2cc11b758dbc77f7ec3451faa89918b08c890729 --- gnu/packages/librewolf.scm | 14 +++++++------- .../patches/librewolf-compare-paths.patch | 15 +++++++++++++++ 2 files changed, 22 insertions(+), 7 deletions(-) create mode 100644 gnu/packages/patches/librewolf-compare-paths.patch diff --git a/gnu/packages/librewolf.scm b/gnu/packages/librewolf.scm index bcacbf8dd15..5b3c3a4a837 100644 --- a/gnu/packages/librewolf.scm +++ b/gnu/packages/librewolf.scm @@ -191,7 +191,7 @@ (define* (make-librewolf-source #:key version firefox-hash librewolf-hash l10n) #$output))))) (patches (search-patches - "torbrowser-compare-paths.patch" + "librewolf-compare-paths.patch" "librewolf-use-system-wide-dir.patch" "librewolf-add-store-to-rdd-allowlist.patch"))))) @@ -207,17 +207,17 @@ (define rust-librewolf rust-1.82) ;; Update this id with every update to its release date. ;; It's used for cache validation and therefore can lead to strange bugs. ;; ex: date '+%Y%m%d%H%M%S' -(define %librewolf-build-id "20250416062358") +(define %librewolf-build-id "20250502155055") (define-public librewolf (package (name "librewolf") - (version "137.0.2-1") + (version "138.0.1-2") (source (make-librewolf-source #:version version - #:firefox-hash "01yd5cq6qgww6w2kq1bchy9j81blim15kdz7bvx8n512m2x3mz06" - #:librewolf-hash "0vy1xvjwgc4vd9q3laakx6lrsy4ghpdr98vm9lmx86amg9gak5ix" + #:firefox-hash "0aybkr6zan7klybc1r455lgzz524rmhzj85g6xv88vw70dibk54q" + #:librewolf-hash "0c98hjhfklfbi2biib7bk5qijp6x77hmp8ska2fy3lzi78lsz08z" #:l10n firefox-l10n)) (build-system gnu-build-system) (arguments @@ -639,7 +639,7 @@ (define (runpaths-of-input label) libxt mesa mit-krb5 - nspr + nspr-4.36 nss-rapid pango pciutils @@ -665,7 +665,7 @@ (define (runpaths-of-input label) pkg-config python rust-librewolf - rust-cbindgen-0.26 + rust-cbindgen-0.28 which yasm)) (native-search-paths diff --git a/gnu/packages/patches/librewolf-compare-paths.patch b/gnu/packages/patches/librewolf-compare-paths.patch new file mode 100644 index 00000000000..8e880bf3908 --- /dev/null +++ b/gnu/packages/patches/librewolf-compare-paths.patch @@ -0,0 +1,15 @@ +See comment in gnu/build/icecat-extension.scm. +This is only needed while icecat and torbrowser remain on +different ESR versions as the patched file has changed its +name. + +--- a/toolkit/mozapps/extensions/internal/XPIDatabase.sys.mjs ++++ b/toolkit/mozapps/extensions/internal/XPIDatabase.sys.mjs +@@ -3753,6 +3753,7 @@ + if ( + newAddon || + oldAddon.updateDate != xpiState.mtime || ++ oldAddon.path != xpiState.path || + (aUpdateCompatibility && this.isAppBundledLocation(installLocation)) || + // update addon metadata if the addon in bundled into + // the omni jar and version or the resource URI pointing -- 2.49.0
guix-patches@HIDDEN
:bug#78249
; Package guix-patches
.
Full text available.Received: (at 78249) by debbugs.gnu.org; 14 May 2025 00:25:18 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Tue May 13 20:25:18 2025 Received: from localhost ([127.0.0.1]:37019 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1uEzvy-00048i-0k for submit <at> debbugs.gnu.org; Tue, 13 May 2025 20:25:18 -0400 Received: from fout-a7-smtp.messagingengine.com ([103.168.172.150]:56669) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from <ian@HIDDEN>) id 1uEzvu-00046c-MS for 78249 <at> debbugs.gnu.org; Tue, 13 May 2025 20:25:16 -0400 Received: from phl-compute-06.internal (phl-compute-06.phl.internal [10.202.2.46]) by mailfout.phl.internal (Postfix) with ESMTP id 28613138019F; Tue, 13 May 2025 20:25:09 -0400 (EDT) Received: from phl-mailfrontend-01 ([10.202.2.162]) by phl-compute-06.internal (MEProxy); Tue, 13 May 2025 20:25:09 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=retrospec.tv; h= cc:cc:content-transfer-encoding:content-type:date:date:from:from :in-reply-to:message-id:mime-version:reply-to:subject:subject:to :to; s=fm2; t=1747182309; x=1747268709; bh=rme3XHFYtHl35B5X5XoHA dJZFxGgI71f5XKddJ7fAXU=; b=HbzGZVk0QB4jCSP9xeiokVJR7ma4YjKzilqRr XOYsukQNN4Czu3yGAAgdwi/kZi+0n2cjfYduUJc+GrVxowmYq47b9UcIVjaRGPOP raP+Vr40kyj9jg+/I9KRfRlR38zQcZndjo5Xu1U93JEjcumu8UQZlTo/JjM8fivs +YgLrnExqaGLBo5GRI9+Bqqcy3cW4Vt1CBI52KFmLXk01RthbGtPu3fbKUOrd8+u 3k7Ef1Pa+yPk+pSsoNSBasKPA56tmC8WuLBZm0Fw0XkwPbr3xkMIi8IBON/islcr 5VCKJ07PkrIQf7AAmz/va8ubI51gh9uOlX2VW0JH8hv8Nfqsw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:message-id:mime-version:reply-to:subject:subject:to :to:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t= 1747182309; x=1747268709; bh=rme3XHFYtHl35B5X5XoHAdJZFxGgI71f5XK ddJ7fAXU=; b=rat5ODwyc9GICPf/RfjBiNQPlxPKBfEf1kplvslaFM6lv8iaeHF mGzjWZxZEFyb+gElx+ygvFZKawb/6DAbKx9PCaBVaAq+KVMhylSrryI/g1yZUGDh 27at9ANgHQZ44i5VWY0lb96OmTklBbDR9UAzugx+sv+b6siwCGn+GZtomayqUDy6 Ng2izyeMYEN/iSAXYq5u5aqpEUysuYUwJXjp4/i+T9PQ2ZCj7ve//uRbrDPdWbRM HBqbpAj6wy1Q85fDuD+LPui2TMd1or3CxfLpL76gop84fntbfo487UHm9oE4FwI7 YlZrXf9I7Qubn4dKIEKj6R/Jx0Dezn4y7xQ== X-ME-Sender: <xms:5OIjaBqaNLEd_TBQXQsxW5FBhKdFmFjU2R6hoMXkNNDvSAqaOlrhKw> <xme:5OIjaDoVx5nYVD0p_VbaUZutUn1077z-2zTqhd1bRwWVixhhdukK4otyZjlUMUDEY LunWJm3FtyBctO8Jg> X-ME-Received: <xmr:5OIjaON9riuuukhE6VWzMAvPsRCUu21W_kL6keq9LoMFqw0StVUfMcPwVSXZFMrxnsLmvY6X4yQA5Y8CbhM6jCHIlIjCnOhNuBLtwyfKISMQ> X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeefvddrtddtgdeftdehheegucetufdoteggodetrf dotffvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdggtfgfnhhsuhgsshgtrhhisggv pdfurfetoffkrfgpnffqhgenuceurghilhhouhhtmecufedttdenucenucfjughrpefhvf evufffkffoggfgsedtkeertdertddtnecuhfhrohhmpefkrghnucfguhhrvgcuoehirghn sehrvghtrhhoshhpvggtrdhtvheqnecuggftrfgrthhtvghrnhepgfdvjefhlefhfedtie elleefvdfhfeffteefueetlefgvdelffelvefgfeeukeejnecuffhomhgrihhnpehmohii ihhllhgrrdhorhhgnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilh hfrhhomhepihgrnhesrhgvthhrohhsphgvtgdrthhvpdhnsggprhgtphhtthhopedvpdhm ohguvgepshhmthhpohhuthdprhgtphhtthhopeejkedvgeelseguvggssghughhsrdhgnh hurdhorhhgpdhrtghpthhtohepihgrnhesrhgvthhrohhsphgvtgdrthhv X-ME-Proxy: <xmx:5OIjaM73jIo2zdf86S0bSIY12W-FKveiPuieM3p_75U1FijAByAuNA> <xmx:5OIjaA5b1PYKE-udki1ENnU3rD3AI8c6d7WasXbxNK2vGLnmYlWaSQ> <xmx:5OIjaEj1B3gPBXXv31EoK2b5XqNlJe0EMCcq-jzwgxkYSGiDrDXtpg> <xmx:5OIjaC6xv0LgAUtKKvd8KQ8uoT48DcCz9n0Rr_l86aea0GMuqrhIfA> <xmx:5eIjaG6BIORfSBuoreBhHS1cb3ofp2LmL8hbA4xk1Qqaw94K-PkEuOWI> Feedback-ID: id9014242:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Tue, 13 May 2025 20:25:08 -0400 (EDT) From: Ian Eure <ian@HIDDEN> To: 78249 <at> debbugs.gnu.org Subject: [PATCH v3 1/3] gnu: Add nspr-4.36. Date: Tue, 13 May 2025 17:25:03 -0700 Message-ID: <20250514002505.19495-1-ian@HIDDEN> X-Mailer: git-send-email 2.49.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 78249 Cc: Ian Eure <ian@HIDDEN> X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.7 (-) * gnu/packages/nss.scm (nspr-4.36): New variable. Change-Id: I5c7c4f5f96e3b9ed763c63c9b5b5996a63d45985 --- gnu/packages/nss.scm | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/gnu/packages/nss.scm b/gnu/packages/nss.scm index 8bcb593ed75..7a8c6b075d7 100644 --- a/gnu/packages/nss.scm +++ b/gnu/packages/nss.scm @@ -95,6 +95,19 @@ (define-public nspr in the Mozilla clients.") (license license:mpl2.0))) +(define-public nspr-4.36 + (package + (inherit nspr) + (version "4.36") + (source (origin + (method url-fetch) + (uri (string-append + "https://ftp.mozilla.org/pub/mozilla.org/nspr/releases/v" + version "/src/nspr-" version ".tar.gz")) + (sha256 + (base32 + "15b83ipjxrmw0909l5qqz13pbarhp50d6i58vgjx4720y4bw7pjm")))))) + (define-public nspr-4.32 (package (inherit nspr) -- 2.49.0
guix-patches@HIDDEN
:bug#78249
; Package guix-patches
.
Full text available.Received: (at 78249) by debbugs.gnu.org; 7 May 2025 23:05:36 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Wed May 07 19:05:36 2025 Received: from localhost ([127.0.0.1]:49512 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1uCnpY-000693-45 for submit <at> debbugs.gnu.org; Wed, 07 May 2025 19:05:36 -0400 Received: from fhigh-a1-smtp.messagingengine.com ([103.168.172.152]:47911) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from <ian@HIDDEN>) id 1uCnpQ-00067v-3G for 78249 <at> debbugs.gnu.org; Wed, 07 May 2025 19:05:30 -0400 Received: from phl-compute-04.internal (phl-compute-04.phl.internal [10.202.2.44]) by mailfhigh.phl.internal (Postfix) with ESMTP id B3FBA114014B; Wed, 7 May 2025 19:05:22 -0400 (EDT) Received: from phl-mailfrontend-01 ([10.202.2.162]) by phl-compute-04.internal (MEProxy); Wed, 07 May 2025 19:05:22 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=retrospec.tv; h= cc:cc:content-transfer-encoding:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to; s=fm2; t=1746659122; x= 1746745522; bh=Dp7zaMQWt6URMcPb3tC9Ds+ZCAzjo2greSPd7frV1U8=; b=f +NOLY7smgy5pHa46APdvX4/Cy73beJBUR+bALzjygfa8tAK3PNZ/9l4gMrttdBal v8YVKPsZtyv3tpVf9BehzQbFLI4Nt2xgZQIkb2RBUDwjRqd6hqynasPFyEdKxhm6 Ue6Mqyryti+uOLVfyx217oPK8Q3yNQ+LOEj5dfEoJZbTaNjXbAr6+eIevPLfuLiN LdXgxa1CoAse1hc5hNsEGFlWdsmSiGLt74Y502Gj8uWsUi0TcJz6N9JcdQ90aYqw 1IrIS6z5f8gk5Vh+JmUPhuo98k4ZM+TXiO5pwE0SyEWmwQ2GP6rbqIdPCw993Pll tWyN3bva06nqVGjRudwPg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm3; t=1746659122; x=1746745522; bh=D p7zaMQWt6URMcPb3tC9Ds+ZCAzjo2greSPd7frV1U8=; b=MqAu4+t5DYtOXsGit +neg1t8MFp66qW+AJmviNQ3GG6jIXlgee8trke4RX5SnLEQEkvHUbNrKpz1pFuP/ VqP6EjHILGI+BJYwTokSRWwF9DdbLCrOzGYieqiV9UG2ksa3FAOlG/nfA+Kz8mL+ jzzbMgjy2ke7PK2wVWNFuuT/Oz52W301ua2GK3QilEuITETYs4zn0xZ9CsbkpeYn vegftYWZAniMJgC0ZrwF7vFDMhltFxdNDYS3yr/YXMoiHd5GpvHWXjLKNoWCm5O1 GiNExstQsljk08+8DsGNLSfURpxZ6k9rYTUpkBGG93CSgnHhqxQWo6yQU134G86H W19rQ== X-ME-Sender: <xms:MucbaN3dXY28f5Y-SvWOQupVmqwTSg_MGoTlokdJ0zfVSkgpbe0YEg> <xme:MucbaEEh_vvOgBJrjxgYvJddKPqL9UiUvvsHKoKFnYB2Ep0NQSxCa9TNLUDr_AyNg m_lktK43B0Yx0tmsA> X-ME-Received: <xmr:MucbaN7mYJrKkDdzR2YGOMkEfOH8xWUKSRIpgBaanh8OSb8Rj_6hJQowYu2lemR0eH-7j2-y6hcvLJVP9ogBH4KRpeWm0B4-6PStSBGHvXkM> X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeefvddrtddtgddvkeekudefucetufdoteggodetrf dotffvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdggtfgfnhhsuhgsshgtrhhisggv pdfurfetoffkrfgpnffqhgenuceurghilhhouhhtmecufedttdenucenucfjughrpefhvf evufffkffojghfggfgsedtkeertdertddtnecuhfhrohhmpefkrghnucfguhhrvgcuoehi rghnsehrvghtrhhoshhpvggtrdhtvheqnecuggftrfgrthhtvghrnhepveevjeffuddvte eiueetgfeukedvfeeiuedvveelfeeghfduleeftedvgfefgeejnecuvehluhhsthgvrhfu ihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhepihgrnhesrhgvthhrohhsphgvtg drthhvpdhnsggprhgtphhtthhopedvpdhmohguvgepshhmthhpohhuthdprhgtphhtthho peejkedvgeelseguvggssghughhsrdhgnhhurdhorhhgpdhrtghpthhtohepihgrnhesrh gvthhrohhsphgvtgdrthhv X-ME-Proxy: <xmx:MucbaK0sOWjONeIMkypEDwlteWAYucxQdGm-1qO01I29FMmnUVGsgg> <xmx:MucbaAE4OzD9qnJ43xgl8e1ANuOPmPA3_ZLRq70sv9tKtslJvo6Kkw> <xmx:MucbaL9aWr1u2yPeMbyEbqMHG00h_tMsg6mmK-9cqWn4cPC4nm6peg> <xmx:MucbaNnOsYlKpPDvRjfIMYl4KcA_MKfvqiWljUlyEJ3GyRZWz-25UQ> <xmx:MucbaDmiCHiSIa8mX5yVrec11rY8oRx5h989Kds8LXwVXZwsIKr7vc_H> Feedback-ID: id9014242:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Wed, 7 May 2025 19:05:22 -0400 (EDT) From: Ian Eure <ian@HIDDEN> To: 78249 <at> debbugs.gnu.org Subject: [PATCH v2 3/3] gnu: librewolf: Update to 138.0.1-2 [security fixes]. Date: Wed, 7 May 2025 16:05:16 -0700 Message-ID: <20250507230516.3882-3-ian@HIDDEN> X-Mailer: git-send-email 2.49.0 In-Reply-To: <20250507230516.3882-1-ian@HIDDEN> References: <20250507230516.3882-1-ian@HIDDEN> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 78249 Cc: Ian Eure <ian@HIDDEN> X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.7 (-) Contains fixes for: CVE-2025-2817: Privilege escalation in Firefox Updater CVE-2025-4082: WebGL shader attribute memory corruption in Firefox for macOS CVE-2025-4083: Process isolation bypass using "javascript:" URI links in cross-origin frames CVE-2025-4085: Potential information leakage and privilege escalation in UITour actor CVE-2025-4086: Specially crafted filename could be used to obscure download type CVE-2025-4087: Unsafe attribute access during XPath parsing CVE-2025-4088: Cross-site request forgery via storage access API redirects CVE-2025-4089: Potential local code execution in "copy as cURL" command CVE-2025-4090: Leaked library paths in Firefox for Android CVE-2025-4091: Memory safety bugs fixed in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10 CVE-2025-4092: Memory safety bugs fixed in Firefox 138 and Thunderbird 138 * gnu/packages/librewolf.scm (librewolf): Update to 138.0.1-2. * gnu/packages/patches/torbrowser-compare-paths.patch: Adjust for new version. Change-Id: I2cc11b758dbc77f7ec3451faa89918b08c890729 --- gnu/packages/librewolf.scm | 12 ++++++------ .../patches/torbrowser-compare-paths.patch | 17 ++++------------- 2 files changed, 10 insertions(+), 19 deletions(-) diff --git a/gnu/packages/librewolf.scm b/gnu/packages/librewolf.scm index bcacbf8dd1..8a8dbd05ad 100644 --- a/gnu/packages/librewolf.scm +++ b/gnu/packages/librewolf.scm @@ -207,17 +207,17 @@ (define rust-librewolf rust-1.82) ;; Update this id with every update to its release date. ;; It's used for cache validation and therefore can lead to strange bugs. ;; ex: date '+%Y%m%d%H%M%S' -(define %librewolf-build-id "20250416062358") +(define %librewolf-build-id "20250502155055") (define-public librewolf (package (name "librewolf") - (version "137.0.2-1") + (version "138.0.1-2") (source (make-librewolf-source #:version version - #:firefox-hash "01yd5cq6qgww6w2kq1bchy9j81blim15kdz7bvx8n512m2x3mz06" - #:librewolf-hash "0vy1xvjwgc4vd9q3laakx6lrsy4ghpdr98vm9lmx86amg9gak5ix" + #:firefox-hash "0aybkr6zan7klybc1r455lgzz524rmhzj85g6xv88vw70dibk54q" + #:librewolf-hash "0c98hjhfklfbi2biib7bk5qijp6x77hmp8ska2fy3lzi78lsz08z" #:l10n firefox-l10n)) (build-system gnu-build-system) (arguments @@ -639,7 +639,7 @@ (define (runpaths-of-input label) libxt mesa mit-krb5 - nspr + nspr-4.36 nss-rapid pango pciutils @@ -665,7 +665,7 @@ (define (runpaths-of-input label) pkg-config python rust-librewolf - rust-cbindgen-0.26 + rust-cbindgen-0.28 which yasm)) (native-search-paths diff --git a/gnu/packages/patches/torbrowser-compare-paths.patch b/gnu/packages/patches/torbrowser-compare-paths.patch index 7d4d5fdb78..8e880bf390 100644 --- a/gnu/packages/patches/torbrowser-compare-paths.patch +++ b/gnu/packages/patches/torbrowser-compare-paths.patch @@ -5,20 +5,11 @@ name. --- a/toolkit/mozapps/extensions/internal/XPIDatabase.sys.mjs +++ b/toolkit/mozapps/extensions/internal/XPIDatabase.sys.mjs -@@ -3606,6 +3606,7 @@ +@@ -3753,6 +3753,7 @@ if ( newAddon || oldAddon.updateDate != xpiState.mtime || + oldAddon.path != xpiState.path || - (aUpdateCompatibility && this.isAppBundledLocation(installLocation)) - ) { - newAddon = this.updateMetadata( -@@ -3614,8 +3615,6 @@ - xpiState, - newAddon - ); -- } else if (oldAddon.path != xpiState.path) { -- newAddon = this.updatePath(installLocation, oldAddon, xpiState); - } else if (aUpdateCompatibility || aSchemaChange) { - newAddon = this.updateCompatibility( - installLocation, + (aUpdateCompatibility && this.isAppBundledLocation(installLocation)) || + // update addon metadata if the addon in bundled into + // the omni jar and version or the resource URI pointing -- 2.49.0
guix-patches@HIDDEN
:bug#78249
; Package guix-patches
.
Full text available.Received: (at 78249) by debbugs.gnu.org; 7 May 2025 23:05:35 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Wed May 07 19:05:34 2025 Received: from localhost ([127.0.0.1]:49510 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1uCnpW-00068v-7M for submit <at> debbugs.gnu.org; Wed, 07 May 2025 19:05:34 -0400 Received: from fout-a7-smtp.messagingengine.com ([103.168.172.150]:47143) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from <ian@HIDDEN>) id 1uCnpP-00067u-5W for 78249 <at> debbugs.gnu.org; Wed, 07 May 2025 19:05:28 -0400 Received: from phl-compute-01.internal (phl-compute-01.phl.internal [10.202.2.41]) by mailfout.phl.internal (Postfix) with ESMTP id 013F9138020E; Wed, 7 May 2025 19:05:22 -0400 (EDT) Received: from phl-mailfrontend-01 ([10.202.2.162]) by phl-compute-01.internal (MEProxy); Wed, 07 May 2025 19:05:22 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=retrospec.tv; h= cc:cc:content-transfer-encoding:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to; s=fm2; t=1746659121; x= 1746745521; bh=tIzC2m8An8ToCGxELMUH4vlJ0uGGHcAVLwIelyymRfc=; b=b CZ+ChaMLXN4cFbZV8CawCRxAFbbnI80/Dbxb872u5I9XbkSy5S7Qh0VmypV/Dhmz 3dBzM7PmCYCGczVt7QnkkkE0p4Kj5EWhr4Gp8HmsyD67EHqwkjosjQYbraycTBbQ oZ3EQr6uQ1Gswyt2NJOWpffi3bxHNkldQLu/MOpViV9957rhyhhFr6qYuSYRCVTA vTOrMtIRmeGNE5hxP9w6M58eJ6fEX/t3Xl57az5GCjVcjQ6LR0CS26FFGOb71ea2 y3IvPSGQt2clsHeSg+pm/zxhSfIo5kxO+4dKRqFVxKMiN6KFi14hvRCu2KfkjWxT 8Z6rFNIqa0zTvVA7O6jzg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm3; t=1746659121; x=1746745521; bh=t IzC2m8An8ToCGxELMUH4vlJ0uGGHcAVLwIelyymRfc=; b=LcA8Bz0gvQDPTYYlF 5zuNAOgspuaWd5x78IQUP/qdK24VpePF2ffENuz3DySHkikL8PT2lOJqq7+tZ2oP TCspM6K83eKkVSq4dUtJgrf1oJN7swY4WfXQWPdVehv0ipr4Cz5zcnJU2bottiLE YTS5MCltNUBLux2+8e7K8loc1p3cJJx8JZAVPMslW/tgZOgZrWPAIyR+d/c4Lq5l ufD/EaTiUmwBn79ewkFD3LBCDED0yeAnCFEJyp1uB1AM/mmq5Vtog5zFiJh/qZk7 i7ob9Met2lfLVlTdd9OykkKz7aQUOgKe2tgZ0p1qIZNh1/bVKgQqzNzS5mjl4l4r qpE0A== X-ME-Sender: <xms:MecbaGpCthX1sLNF-dcaHxhxBkkgX2aEJmFpY5OtzpqUQs2K-bZ7uA> <xme:MecbaEqf82v3Ib1zWzqlPNLAXPcXQvlBfC9ceabXH_qCrdeJ3mrj2zGyOPbXGB1bf HW5GMyB5yyobBSC6Q> X-ME-Received: <xmr:MecbaLOmb9MiT9Vbs8K5HePNnWFqHB6RF1s6OGvpAMt21DW9jACXJ1HtlZjt2kLss8DUf3cUOoPhquN3cy17X7ttZ6vRCbwwWfRkzhd1mQSg> X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeefvddrtddtgddvkeekudefucetufdoteggodetrf dotffvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdggtfgfnhhsuhgsshgtrhhisggv pdfurfetoffkrfgpnffqhgenuceurghilhhouhhtmecufedttdenucenucfjughrpefhvf evufffkffojghfggfgsedtkeertdertddtnecuhfhrohhmpefkrghnucfguhhrvgcuoehi rghnsehrvghtrhhoshhpvggtrdhtvheqnecuggftrfgrthhtvghrnhepvdfgveffvdekle dttdetjeektdevteegfefhvdefhfffffejudetkeduieekudelnecuffhomhgrihhnpegs rggushhslhdrtghomhdpmhhoiihilhhlrgdrohhrghenucevlhhushhtvghrufhiiigvpe dtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehirghnsehrvghtrhhoshhpvggtrdhtvhdp nhgspghrtghpthhtohepvddpmhhouggvpehsmhhtphhouhhtpdhrtghpthhtohepjeekvd egleesuggvsggsuhhgshdrghhnuhdrohhrghdprhgtphhtthhopehirghnsehrvghtrhho shhpvggtrdhtvh X-ME-Proxy: <xmx:MecbaF44NoJp35ts79wRnnuxI_gONlsK9t4fDckVHmrvMtuWJTnDWg> <xmx:MecbaF44pt5szGcZTto4bH5ptxeifMjGTfnuoQfqUiY8s4je_MfUyw> <xmx:MecbaFgQ-R6VuA7PUiLeclpmc-12S8EzTEftNY69bcg819w8T7J-Ng> <xmx:MecbaP6WeMj6bzdgC3GkA6NrKty6cWUeD-CMGmug-qKC_YHY14eoxQ> <xmx:MecbaD7lFXVStYpUZg1pi5-eEwHN2fgVKjtR0c8NdFOIauPAe-jLsEbu> Feedback-ID: id9014242:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Wed, 7 May 2025 19:05:21 -0400 (EDT) From: Ian Eure <ian@HIDDEN> To: 78249 <at> debbugs.gnu.org Subject: [PATCH v2 2/3] gnu: nss-rapid: Update to 3.110. Date: Wed, 7 May 2025 16:05:15 -0700 Message-ID: <20250507230516.3882-2-ian@HIDDEN> X-Mailer: git-send-email 2.49.0 In-Reply-To: <20250507230516.3882-1-ian@HIDDEN> References: <20250507230516.3882-1-ian@HIDDEN> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 78249 Cc: Ian Eure <ian@HIDDEN> X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.7 (-) * gnu/packages/nss.scm (nss-rapid): Update to 3.110. Change-Id: Ibdae3c70066a70cdde560c5d8f9bac797cd2cd99 --- gnu/packages/nss.scm | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/gnu/packages/nss.scm b/gnu/packages/nss.scm index 7a8c6b075d..24f4b60369 100644 --- a/gnu/packages/nss.scm +++ b/gnu/packages/nss.scm @@ -347,7 +347,7 @@ (define-public nss-rapid (package (inherit nss) (name "nss-rapid") - (version "3.109") + (version "3.110") (source (origin (inherit (package-source nss)) (uri (let ((version-with-underscores @@ -358,11 +358,19 @@ (define-public nss-rapid "nss-" version ".tar.gz"))) (sha256 (base32 - "12y156frnhaqvwkla1c07gqr2lnp4yb3619g4088kk8qc4jnr95y")))) + "09xfndqj07wy28l7jnk01gqa4bh55nz6cldlp5qpg8120k211mlw")))) (arguments (substitute-keyword-arguments (package-arguments nss) ((#:phases phases) #~(modify-phases #$phases + (add-after 'unpack 'neutralize-network-test + ;; Test tries to resolve `wrong.host.badssl.com' which fails due + ;; to no networking in the build environment. + ;; Behavior changed as of 3.110. + (lambda _ + (substitute* "nss/tests/ssl/ssl.sh" + ((" ssl_policy_pkix_ocsp" all) + (string-append "#" all))))) (replace 'check (lambda* (#:key tests? #:allow-other-keys) (if tests? @@ -390,8 +398,11 @@ (define-public nss-rapid ;; leading to test failures: ;; <https://bugzilla.mozilla.org/show_bug.cgi?id=609734>. To ;; work around that, set the time to roughly the release date. - (invoke "faketime" "2025-03-01" "./nss/tests/all.sh")) + (invoke "faketime" "2025-03-28" "./nss/tests/all.sh")) (format #t "test suite not run~%")))))))) + (propagated-inputs + (modify-inputs (package-propagated-inputs nss) + (replace "nspr" nspr-4.36))) (synopsis "Network Security Services (Rapid Release)") (description "Network Security Services (@dfn{NSS}) is a set of libraries designed to -- 2.49.0
guix-patches@HIDDEN
:bug#78249
; Package guix-patches
.
Full text available.Received: (at 78249) by debbugs.gnu.org; 7 May 2025 23:05:30 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Wed May 07 19:05:30 2025 Received: from localhost ([127.0.0.1]:49507 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1uCnpS-00068k-6L for submit <at> debbugs.gnu.org; Wed, 07 May 2025 19:05:30 -0400 Received: from fout-a7-smtp.messagingengine.com ([103.168.172.150]:34757) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from <ian@HIDDEN>) id 1uCnpO-00067s-Qt for 78249 <at> debbugs.gnu.org; Wed, 07 May 2025 19:05:28 -0400 Received: from phl-compute-01.internal (phl-compute-01.phl.internal [10.202.2.41]) by mailfout.phl.internal (Postfix) with ESMTP id 4CE251380205; Wed, 7 May 2025 19:05:21 -0400 (EDT) Received: from phl-mailfrontend-01 ([10.202.2.162]) by phl-compute-01.internal (MEProxy); Wed, 07 May 2025 19:05:21 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=retrospec.tv; h= cc:cc:content-transfer-encoding:content-type:date:date:from:from :in-reply-to:message-id:mime-version:reply-to:subject:subject:to :to; s=fm2; t=1746659121; x=1746745521; bh=wqaVfWfvz647olqDuK+Oq JFdwi/euGdeu0kPoRDVbsA=; b=TIHARlxKbSndIAV8Jk0WlS+h8YxjFsSCVKdZX w8JyD1EJmNM+1IFgwSqxFRxGLLFxCx1lHl8VUbzjHZ4/uleELt8WnHzGgWTrWm/f LW2YIEgX7YyQ4w2GuZUxldBXhtKqOJsFA5+IDIBGyaHo5oVzWTm4DBIaeWWPo+Ha HtzleKiL71pmpeXPiN4VSZVoS7/UXJy2hbK04BjsQUPQ8cMXRNfDbf/OYD8SIRe9 gnfoubkbTncCju0LoRqZSK0i3PN/s6wfk7zeSSWhOX4Fbl8ni94NI+zdbjPuPXvu rIsT6yRJwOCLViwq0YNxifkgQF4o9dh+fH291pr8d64PS4rJw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:message-id:mime-version:reply-to:subject:subject:to :to:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t= 1746659121; x=1746745521; bh=wqaVfWfvz647olqDuK+OqJFdwi/euGdeu0k PoRDVbsA=; b=W/hZeECsfQfS+QtuPiyLYQmIKYEa9CIpM9Y03uu1wzmMGvuQxAv a8ylnCqHe9cllTdCMsQdg5TnnHwfYkLFZCgjy+Zc/TFt+cbMb0zoUd7fS3her1TN 9OXh6awt1P5K2oQBzxLGl/UZm0u6Y4rfpqvvUF0R3uwgNO+G+NRslOace+W9aedB fB2S+6zJRwdh74vSIS0rBWdd+gReL82xmuKn4wJ7yk9+XMLJhVYIA3f6Wfafwjq7 58FysFMM9h8tYBzKkiSFt7diSWphGadNotr999ixxcJh6EztJlNukp7OiZo1crDL pYq7QSF/Mc01QEXTS/NbJL4OIGBAqarMfig== X-ME-Sender: <xms:MOcbaCz4sImSvU4Nfto7VA_3K553GtZC7-hOmt8XITmVnZBrfQWf7g> <xme:MOcbaORO19d20V1zjQwFWbYdTS1hQeascHxNHEQbRV9g7ShjERD5dj6g4i53iWTvy NnG9sGe1MqOWHfiEw> X-ME-Received: <xmr:MOcbaEXHHcGnbXd4IfmdhogUPLFdHiQamhXlcbptRpSIK2isjpAuiZd3kOTFa8lrPyV0C8m1LiTVkkwUjgrGKma1RCHfbXSvURFj0V_NJbqs> X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeefvddrtddtgddvkeekudefucetufdoteggodetrf dotffvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdggtfgfnhhsuhgsshgtrhhisggv pdfurfetoffkrfgpnffqhgenuceurghilhhouhhtmecufedttdenucenucfjughrpefhvf evufffkffoggfgsedtkeertdertddtnecuhfhrohhmpefkrghnucfguhhrvgcuoehirghn sehrvghtrhhoshhpvggtrdhtvheqnecuggftrfgrthhtvghrnhepgfdvjefhlefhfedtie elleefvdfhfeffteefueetlefgvdelffelvefgfeeukeejnecuffhomhgrihhnpehmohii ihhllhgrrdhorhhgnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilh hfrhhomhepihgrnhesrhgvthhrohhsphgvtgdrthhvpdhnsggprhgtphhtthhopedvpdhm ohguvgepshhmthhpohhuthdprhgtphhtthhopeejkedvgeelseguvggssghughhsrdhgnh hurdhorhhgpdhrtghpthhtohepihgrnhesrhgvthhrohhsphgvtgdrthhv X-ME-Proxy: <xmx:MOcbaIhCNcm2TbjBRE7JHucPI8b5Q4vBgT6djxP3B32K7DlokViCUA> <xmx:MOcbaEBIFwctebfMHHE_DST9McKOpTtLBD17lRE2oM6ION2ZV9LHkA> <xmx:MOcbaJLfuYvdn8zbcrtfDhcDYsM3iKcGAB1isuIgIU2S7W8PkopOlg> <xmx:MOcbaLDuNqa93xsokGeUfExu4-R_2EnKAlR-nNnSYjC9DVkL0RlnAw> <xmx:MecbaLCh54vtw8myxxm4LX1BNKZvt6Pd84iumjPmA8MUK6W4WPPrFTX6> Feedback-ID: id9014242:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Wed, 7 May 2025 19:05:20 -0400 (EDT) From: Ian Eure <ian@HIDDEN> To: 78249 <at> debbugs.gnu.org Subject: [PATCH v2 1/3] gnu: Add nspr-4.36. Date: Wed, 7 May 2025 16:05:14 -0700 Message-ID: <20250507230516.3882-1-ian@HIDDEN> X-Mailer: git-send-email 2.49.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 78249 Cc: Ian Eure <ian@HIDDEN> X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.7 (-) * gnu/packages/nss.scm (nspr-4.36): New variable. Change-Id: I5c7c4f5f96e3b9ed763c63c9b5b5996a63d45985 --- gnu/packages/nss.scm | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/gnu/packages/nss.scm b/gnu/packages/nss.scm index 8bcb593ed7..7a8c6b075d 100644 --- a/gnu/packages/nss.scm +++ b/gnu/packages/nss.scm @@ -95,6 +95,19 @@ (define-public nspr in the Mozilla clients.") (license license:mpl2.0))) +(define-public nspr-4.36 + (package + (inherit nspr) + (version "4.36") + (source (origin + (method url-fetch) + (uri (string-append + "https://ftp.mozilla.org/pub/mozilla.org/nspr/releases/v" + version "/src/nspr-" version ".tar.gz")) + (sha256 + (base32 + "15b83ipjxrmw0909l5qqz13pbarhp50d6i58vgjx4720y4bw7pjm")))))) + (define-public nspr-4.32 (package (inherit nspr) -- 2.49.0
guix-patches@HIDDEN
:bug#78249
; Package guix-patches
.
Full text available.Received: (at 78249) by debbugs.gnu.org; 4 May 2025 23:19:49 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Sun May 04 19:19:49 2025 Received: from localhost ([127.0.0.1]:35034 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1uBice-00084X-OH for submit <at> debbugs.gnu.org; Sun, 04 May 2025 19:19:49 -0400 Received: from fhigh-b1-smtp.messagingengine.com ([202.12.124.152]:60477) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from <ian@HIDDEN>) id 1uBicb-00083h-9j for 78249 <at> debbugs.gnu.org; Sun, 04 May 2025 19:19:45 -0400 Received: from phl-compute-01.internal (phl-compute-01.phl.internal [10.202.2.41]) by mailfhigh.stl.internal (Postfix) with ESMTP id CD070254022E; Sun, 4 May 2025 19:19:39 -0400 (EDT) Received: from phl-mailfrontend-02 ([10.202.2.163]) by phl-compute-01.internal (MEProxy); Sun, 04 May 2025 19:19:39 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=retrospec.tv; h= cc:cc:content-transfer-encoding:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to; s=fm2; t=1746400779; x= 1746487179; bh=Dp7zaMQWt6URMcPb3tC9Ds+ZCAzjo2greSPd7frV1U8=; b=J urFwoMdI8q9fyA4Z0u4UhWta3wjWZ3RHjh8+hq43uliwjnqemw93oe9g0XN/nos2 Mq2tzTA6hSOH0VL4n3zeLtIrOHAfh1Ouqvy8pqmfrUFMkjxybcufqhsed6xahAOs Rp8c5/WQVjuBFI5wZ3he3oOLEnvoGeo7mFVr8N1b8+JEcPkuyuZDIEupo/PiqUnw u8BF7/pR+8MLft8wHhtp3X7CKKzkG8p/hIGw8rL8GpmJo7OYfIPVn5dbwoviPoHQ zyH/0+c4mITo0MHVWLjnNB8YEkM/QVvfQ8m/iKk/PWUjY8+wEEi8AsloOlfhw+/p 4MZCkyHkVZ3yykhrPdYMg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm3; t=1746400779; x=1746487179; bh=D p7zaMQWt6URMcPb3tC9Ds+ZCAzjo2greSPd7frV1U8=; b=ksceVhPgqS25mCQJH rDvQpN7qv5aHz6ZFwP6O8Dzy/2pRKFNaZ2BCkTTpNOBWGzE46tYeZ/BXbuc4cOBU voYvmiOa9fSwNThnBCAoFfAkXBKcbXmYRu7IOZaAP9pLeEKbR65CY+FEuYYzW7R2 WqTRmGUdYxjBWYQexH2BCgvmSndStJIJbWkDs36DAIgKKHlQs7YkACnydz2/7gHx GeIXpDFVoZ+38AGq7yh8CRWoHWK4D2df9MJWRsIINbxsXEFwxZuFsHzDPyI5bRvd /TTgqueZ+BlUqgNP7dGa2SRu0CbnqpbuOONuKaK+ApTs1zexWsBuKYCnzdCqeGmH i4gxw== X-ME-Sender: <xms:C_YXaG2PM1TU7IgdYyUyV24ssjU_Sbwa8uhbPAp5yIlrByGPhKZn4g> <xme:C_YXaJEbQjMlEwBznSQNT8a8ZjaF3rGpmhXDAlcvRRuBQKD6B20_iMp9Rw_XdeVgR 4IXw8vfEk07eDLVLg> X-ME-Received: <xmr:C_YXaO5a9lYMsezzIkvGfbWZMfD2cSBpe9WGYv20yWPEWEFXf4BW3PuG-lfRZdTihPpVswv-NVYATmWO9KAFf8USLDhPuD6W0T-_JJnnzLfa> X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeefvddrtddtgddvjeelheduucetufdoteggodetrf dotffvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdggtfgfnhhsuhgsshgtrhhisggv pdfurfetoffkrfgpnffqhgenuceurghilhhouhhtmecufedttdenucenucfjughrpefhvf evufffkffojghfggfgsedtkeertdertddtnecuhfhrohhmpefkrghnucfguhhrvgcuoehi rghnsehrvghtrhhoshhpvggtrdhtvheqnecuggftrfgrthhtvghrnhepveevjeffuddvte eiueetgfeukedvfeeiuedvveelfeeghfduleeftedvgfefgeejnecuvehluhhsthgvrhfu ihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhepihgrnhesrhgvthhrohhsphgvtg drthhvpdhnsggprhgtphhtthhopedvpdhmohguvgepshhmthhpohhuthdprhgtphhtthho peejkedvgeelseguvggssghughhsrdhgnhhurdhorhhgpdhrtghpthhtohepihgrnhesrh gvthhrohhsphgvtgdrthhv X-ME-Proxy: <xmx:C_YXaH334dhkSh0RM2HNB7Qx-xjEVfJhy7uEr5E6fNAN-Q8rucIu8g> <xmx:C_YXaJFyECbIHqS3v9Ounu-xo7DPGQdqN8Ck3EXFNu3l5U1HndiKyQ> <xmx:C_YXaA-qgdi16Kqx9lhYHI4YYEvmOGA0JHEulLAs0kRNLPVrsTZoZg> <xmx:C_YXaOlzcOgWSWWgwTgS8dUXgeCBT7x7z_Y6qQu1lRPu3-Youubiqw> <xmx:C_YXaEm9LECw8Feo-DUgRWtcWkw7dWz8TfKhokyizM_jSN_Kders2X_4> Feedback-ID: id9014242:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Sun, 4 May 2025 19:19:39 -0400 (EDT) From: Ian Eure <ian@HIDDEN> To: 78249 <at> debbugs.gnu.org Subject: [PATCH 3/3] gnu: librewolf: Update to 138.0.1-2 [security fixes]. Date: Sun, 4 May 2025 16:19:32 -0700 Message-ID: <20250504231932.20519-4-ian@HIDDEN> X-Mailer: git-send-email 2.49.0 In-Reply-To: <20250504231932.20519-1-ian@HIDDEN> References: <20250504231932.20519-1-ian@HIDDEN> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 78249 Cc: Ian Eure <ian@HIDDEN> X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.7 (-) Contains fixes for: CVE-2025-2817: Privilege escalation in Firefox Updater CVE-2025-4082: WebGL shader attribute memory corruption in Firefox for macOS CVE-2025-4083: Process isolation bypass using "javascript:" URI links in cross-origin frames CVE-2025-4085: Potential information leakage and privilege escalation in UITour actor CVE-2025-4086: Specially crafted filename could be used to obscure download type CVE-2025-4087: Unsafe attribute access during XPath parsing CVE-2025-4088: Cross-site request forgery via storage access API redirects CVE-2025-4089: Potential local code execution in "copy as cURL" command CVE-2025-4090: Leaked library paths in Firefox for Android CVE-2025-4091: Memory safety bugs fixed in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10 CVE-2025-4092: Memory safety bugs fixed in Firefox 138 and Thunderbird 138 * gnu/packages/librewolf.scm (librewolf): Update to 138.0.1-2. * gnu/packages/patches/torbrowser-compare-paths.patch: Adjust for new version. Change-Id: I2cc11b758dbc77f7ec3451faa89918b08c890729 --- gnu/packages/librewolf.scm | 12 ++++++------ .../patches/torbrowser-compare-paths.patch | 17 ++++------------- 2 files changed, 10 insertions(+), 19 deletions(-) diff --git a/gnu/packages/librewolf.scm b/gnu/packages/librewolf.scm index bcacbf8dd1..8a8dbd05ad 100644 --- a/gnu/packages/librewolf.scm +++ b/gnu/packages/librewolf.scm @@ -207,17 +207,17 @@ (define rust-librewolf rust-1.82) ;; Update this id with every update to its release date. ;; It's used for cache validation and therefore can lead to strange bugs. ;; ex: date '+%Y%m%d%H%M%S' -(define %librewolf-build-id "20250416062358") +(define %librewolf-build-id "20250502155055") (define-public librewolf (package (name "librewolf") - (version "137.0.2-1") + (version "138.0.1-2") (source (make-librewolf-source #:version version - #:firefox-hash "01yd5cq6qgww6w2kq1bchy9j81blim15kdz7bvx8n512m2x3mz06" - #:librewolf-hash "0vy1xvjwgc4vd9q3laakx6lrsy4ghpdr98vm9lmx86amg9gak5ix" + #:firefox-hash "0aybkr6zan7klybc1r455lgzz524rmhzj85g6xv88vw70dibk54q" + #:librewolf-hash "0c98hjhfklfbi2biib7bk5qijp6x77hmp8ska2fy3lzi78lsz08z" #:l10n firefox-l10n)) (build-system gnu-build-system) (arguments @@ -639,7 +639,7 @@ (define (runpaths-of-input label) libxt mesa mit-krb5 - nspr + nspr-4.36 nss-rapid pango pciutils @@ -665,7 +665,7 @@ (define (runpaths-of-input label) pkg-config python rust-librewolf - rust-cbindgen-0.26 + rust-cbindgen-0.28 which yasm)) (native-search-paths diff --git a/gnu/packages/patches/torbrowser-compare-paths.patch b/gnu/packages/patches/torbrowser-compare-paths.patch index 7d4d5fdb78..8e880bf390 100644 --- a/gnu/packages/patches/torbrowser-compare-paths.patch +++ b/gnu/packages/patches/torbrowser-compare-paths.patch @@ -5,20 +5,11 @@ name. --- a/toolkit/mozapps/extensions/internal/XPIDatabase.sys.mjs +++ b/toolkit/mozapps/extensions/internal/XPIDatabase.sys.mjs -@@ -3606,6 +3606,7 @@ +@@ -3753,6 +3753,7 @@ if ( newAddon || oldAddon.updateDate != xpiState.mtime || + oldAddon.path != xpiState.path || - (aUpdateCompatibility && this.isAppBundledLocation(installLocation)) - ) { - newAddon = this.updateMetadata( -@@ -3614,8 +3615,6 @@ - xpiState, - newAddon - ); -- } else if (oldAddon.path != xpiState.path) { -- newAddon = this.updatePath(installLocation, oldAddon, xpiState); - } else if (aUpdateCompatibility || aSchemaChange) { - newAddon = this.updateCompatibility( - installLocation, + (aUpdateCompatibility && this.isAppBundledLocation(installLocation)) || + // update addon metadata if the addon in bundled into + // the omni jar and version or the resource URI pointing -- 2.49.0
guix-patches@HIDDEN
:bug#78249
; Package guix-patches
.
Full text available.Received: (at 78249) by debbugs.gnu.org; 4 May 2025 23:19:48 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Sun May 04 19:19:48 2025 Received: from localhost ([127.0.0.1]:35032 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1uBice-00084P-7f for submit <at> debbugs.gnu.org; Sun, 04 May 2025 19:19:48 -0400 Received: from fhigh-b1-smtp.messagingengine.com ([202.12.124.152]:47465) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from <ian@HIDDEN>) id 1uBica-00083f-8w for 78249 <at> debbugs.gnu.org; Sun, 04 May 2025 19:19:44 -0400 Received: from phl-compute-01.internal (phl-compute-01.phl.internal [10.202.2.41]) by mailfhigh.stl.internal (Postfix) with ESMTP id D18E02540224; Sun, 4 May 2025 19:19:38 -0400 (EDT) Received: from phl-mailfrontend-02 ([10.202.2.163]) by phl-compute-01.internal (MEProxy); Sun, 04 May 2025 19:19:38 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=retrospec.tv; h= cc:cc:content-transfer-encoding:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to; s=fm2; t=1746400778; x= 1746487178; bh=tIzC2m8An8ToCGxELMUH4vlJ0uGGHcAVLwIelyymRfc=; b=C cx5YVgR/H4FyGyhFguSQpFpbacda04rjpcQtyESkv+PfPdIVGacoAoTj+LRfoFJc 4nC1ir0BGh2/+GYsmcLnJlVy+ROjIpw8Zt+xhnptDS6uRqCH56zsc1rra9Vv95qb k0gln+tZEhML8hf8jjc9oGqHT0Ju2KTNCXyiEZZoBRKY8l674T1WZef6eJjPP0W5 A/z5OZIrC58vRbpiCyZqe3cSXB0HVWyNTzZzNUkqWbytvHGPD1NNwTaLAWp/0uxa 1GoUZsFkQrcADlmlFkOSrPDUA8OnLokAASmxGd6MJ8SdG6J5fjgMopZndFsnzF1h DHxgU/7xzJ1tyLKXHKaXw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm3; t=1746400778; x=1746487178; bh=t IzC2m8An8ToCGxELMUH4vlJ0uGGHcAVLwIelyymRfc=; b=q7DEuHZQOlSMV0J6E sktCHuEUWSjtmcT/r17VTT5xHkDvV8sQwq3gUtGmKfjGZ1NzISR8y1L7o2spGn9P CE3zUhDEko/6D2Vx/bHkw8hAbcjwUeIWNzuqBceLCShwICb4k2Ckfw43x5lXkEYo 51OipANNylpIMgdYLomujPUcAZxqNfTaaYW5wV7A8Pvr3xAZDA0mkwwrLAxZyma6 0APqs+hSLxH+MQXt5Cs2x4D60FPqlPE9cd/DKlDJW/XEiND6ZVsZIzbnrPtD98Z0 +JLZYB5n4zy7Fs5kuzJx72Eb9RsaP1W8aTeZjU+PUll4Ofc3SE5RwqSUWLe6I9xW HGPpA== X-ME-Sender: <xms:CvYXaGFHVCIHLR1r4cNNI4dp3iwICb82v9A2FiAASA8SkQ3UVXE2KQ> <xme:CvYXaHWmZYkV3QXJAFUTv1UWvbIbPtMZ9DGaNUVjDh4ESe1nT50n1HJDnVg8lW0Of CfHt-30_nOx-vwySQ> X-ME-Received: <xmr:CvYXaAJWEbXwx93kipFb_FWhS0vT75MW4vy9snGuTNvjynXNwuu49mtiAkHSdN9QL3KY_LTeWjGLKG9sOzwUUTT295fZkWRMbqXzxS2kH9V8> X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeefvddrtddtgddvjeelheduucetufdoteggodetrf dotffvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdggtfgfnhhsuhgsshgtrhhisggv pdfurfetoffkrfgpnffqhgenuceurghilhhouhhtmecufedttdenucenucfjughrpefhvf evufffkffojghfggfgsedtkeertdertddtnecuhfhrohhmpefkrghnucfguhhrvgcuoehi rghnsehrvghtrhhoshhpvggtrdhtvheqnecuggftrfgrthhtvghrnhepvdfgveffvdekle dttdetjeektdevteegfefhvdefhfffffejudetkeduieekudelnecuffhomhgrihhnpegs rggushhslhdrtghomhdpmhhoiihilhhlrgdrohhrghenucevlhhushhtvghrufhiiigvpe dtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehirghnsehrvghtrhhoshhpvggtrdhtvhdp nhgspghrtghpthhtohepvddpmhhouggvpehsmhhtphhouhhtpdhrtghpthhtohepjeekvd egleesuggvsggsuhhgshdrghhnuhdrohhrghdprhgtphhtthhopehirghnsehrvghtrhho shhpvggtrdhtvh X-ME-Proxy: <xmx:CvYXaAHXYvY_g5HSZi3qusGkrA-Mv8yb1_nIY0qNxilf-ImZ1SdkGQ> <xmx:CvYXaMU1cARkC6VqGk2UrMAwQQL7XvsS4E3TO1gCdL65hzL848B_fA> <xmx:CvYXaDN_mJxxAG58aXIkxDHf-NPKiTdGrhnGsfrz-Bq5RyibZJttuw> <xmx:CvYXaD2M155HTvjPX5ktpr6DAnpmp7RPrWznSJVIxxG2SF7zmnnHgQ> <xmx:CvYXaB1p-Kq5MqaRQvM0MT0fOZVo1jyu_jOM9d1Mm1Yx_HWkFRK_XhvQ> Feedback-ID: id9014242:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Sun, 4 May 2025 19:19:37 -0400 (EDT) From: Ian Eure <ian@HIDDEN> To: 78249 <at> debbugs.gnu.org Subject: [PATCH 2/3] gnu: nss-rapid: Update to 3.110. Date: Sun, 4 May 2025 16:19:31 -0700 Message-ID: <20250504231932.20519-3-ian@HIDDEN> X-Mailer: git-send-email 2.49.0 In-Reply-To: <20250504231932.20519-1-ian@HIDDEN> References: <20250504231932.20519-1-ian@HIDDEN> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 78249 Cc: Ian Eure <ian@HIDDEN> X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.7 (-) * gnu/packages/nss.scm (nss-rapid): Update to 3.110. Change-Id: Ibdae3c70066a70cdde560c5d8f9bac797cd2cd99 --- gnu/packages/nss.scm | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/gnu/packages/nss.scm b/gnu/packages/nss.scm index 7a8c6b075d..24f4b60369 100644 --- a/gnu/packages/nss.scm +++ b/gnu/packages/nss.scm @@ -347,7 +347,7 @@ (define-public nss-rapid (package (inherit nss) (name "nss-rapid") - (version "3.109") + (version "3.110") (source (origin (inherit (package-source nss)) (uri (let ((version-with-underscores @@ -358,11 +358,19 @@ (define-public nss-rapid "nss-" version ".tar.gz"))) (sha256 (base32 - "12y156frnhaqvwkla1c07gqr2lnp4yb3619g4088kk8qc4jnr95y")))) + "09xfndqj07wy28l7jnk01gqa4bh55nz6cldlp5qpg8120k211mlw")))) (arguments (substitute-keyword-arguments (package-arguments nss) ((#:phases phases) #~(modify-phases #$phases + (add-after 'unpack 'neutralize-network-test + ;; Test tries to resolve `wrong.host.badssl.com' which fails due + ;; to no networking in the build environment. + ;; Behavior changed as of 3.110. + (lambda _ + (substitute* "nss/tests/ssl/ssl.sh" + ((" ssl_policy_pkix_ocsp" all) + (string-append "#" all))))) (replace 'check (lambda* (#:key tests? #:allow-other-keys) (if tests? @@ -390,8 +398,11 @@ (define-public nss-rapid ;; leading to test failures: ;; <https://bugzilla.mozilla.org/show_bug.cgi?id=609734>. To ;; work around that, set the time to roughly the release date. - (invoke "faketime" "2025-03-01" "./nss/tests/all.sh")) + (invoke "faketime" "2025-03-28" "./nss/tests/all.sh")) (format #t "test suite not run~%")))))))) + (propagated-inputs + (modify-inputs (package-propagated-inputs nss) + (replace "nspr" nspr-4.36))) (synopsis "Network Security Services (Rapid Release)") (description "Network Security Services (@dfn{NSS}) is a set of libraries designed to -- 2.49.0
guix-patches@HIDDEN
:bug#78249
; Package guix-patches
.
Full text available.Received: (at 78249) by debbugs.gnu.org; 4 May 2025 23:19:46 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Sun May 04 19:19:46 2025 Received: from localhost ([127.0.0.1]:35030 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1uBicb-000846-Cx for submit <at> debbugs.gnu.org; Sun, 04 May 2025 19:19:46 -0400 Received: from fhigh-b1-smtp.messagingengine.com ([202.12.124.152]:60525) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from <ian@HIDDEN>) id 1uBicZ-00083b-60 for 78249 <at> debbugs.gnu.org; Sun, 04 May 2025 19:19:43 -0400 Received: from phl-compute-04.internal (phl-compute-04.phl.internal [10.202.2.44]) by mailfhigh.stl.internal (Postfix) with ESMTP id C0563254022B; Sun, 4 May 2025 19:19:37 -0400 (EDT) Received: from phl-mailfrontend-02 ([10.202.2.163]) by phl-compute-04.internal (MEProxy); Sun, 04 May 2025 19:19:37 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=retrospec.tv; h= cc:cc:content-transfer-encoding:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to; s=fm2; t=1746400777; x= 1746487177; bh=nuVsU1Tfvz2ogHhqXDLH3VIqkIInhRTA7dvEFOj0G/4=; b=o qgJD/kSZK0MNzf2vnKkpW24tjRvjkjwmqZ/hrMTQNEjjjn+uTa6dIDaLbw/S7wVB 6L2VEchroqv4iC78Oxx0CfhZowl/x2nR1Dyo3mLE61oCeIf3j0SiDodZ+U5ChnVM EphudN8uKCE33sShO2xfDXUql0Dv1l7uSadK/MEh7mlbLIQaNibHSgV2Wd6JdzFs 5f2bE9bvc4zQS8XpyH6r3wPBpGjc55fe/KWfIQRoByg4LXtvZU+sD+12GLwXW6Cs DY3OD1kUlc5HnAL4kdLI2TZyhh2acGrqMTbdw7mROfmFPsaj31J91DFg8g4LSNDM qNBFbqI8Nq9G0hhhUKBDA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm3; t=1746400777; x=1746487177; bh=n uVsU1Tfvz2ogHhqXDLH3VIqkIInhRTA7dvEFOj0G/4=; b=dzfF3tuqgg74seTie c++9A6fHKxkKBYNCJhYP/wQ9f5gkRJeqze9QOrYBP+7oaix18Y0+yaGLuKFgRUk1 DBagawqYiakVwOnKxk7kqQxk1dodHmcq4gYwj0cV4T8xtmK2NC2PQ3i1ycNP7XnI aybkCVgckpEqZa8g/JmX6l3k6/N+axMwhN4uPBpkYbxJmiXanNyXoKQDxBDRL+SL 2hfKJT15K2aIxNYy0v7TBBHB5w8qQFUe5/xjtnr0jYJYdV1g/TpSZxTeYeTdlMqu GCBKsucY251yeXyu6XB+u7Ege5VOGltKsh6MT+aalxyjTOI/4zYGMdSL6pm7BaEd nb3tA== X-ME-Sender: <xms:CfYXaHGLIUAzYGu5DL4ar2sw4qFgHzKOJDCobjXKiWxmQ0Kf4LDIog> <xme:CfYXaEUBskNjAO3WIsMlvN8nbN0mx6uRzCoEn79jAmJbB2zhfc7lJl5GI_G6XbwtC 3Pi7yPyZB7kjkARxg> X-ME-Received: <xmr:CfYXaJLg6rjBOoW10FngoTS2gJkOJ5MwWQG8uz-xCYWYxFlxiYpLaj8q6DovBKJK_nXhXAU__5ReG3wdbNP8JyJIIdTnJYkf4k5tHLJsoqQm> X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeefvddrtddtgddvjeelheduucetufdoteggodetrf dotffvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdggtfgfnhhsuhgsshgtrhhisggv pdfurfetoffkrfgpnffqhgenuceurghilhhouhhtmecufedttdenucenucfjughrpefhvf evufffkffojghfggfgsedtkeertdertddtnecuhfhrohhmpefkrghnucfguhhrvgcuoehi rghnsehrvghtrhhoshhpvggtrdhtvheqnecuggftrfgrthhtvghrnhepudekudeuiefgue dtteelveekvefhhfdvudegteduleduledutedtledtvdejgffgnecuffhomhgrihhnpehg nhhurdhorhhgpdhmohiiihhllhgrrdhorhhgnecuvehluhhsthgvrhfuihiivgeptdenuc frrghrrghmpehmrghilhhfrhhomhepihgrnhesrhgvthhrohhsphgvtgdrthhvpdhnsggp rhgtphhtthhopedvpdhmohguvgepshhmthhpohhuthdprhgtphhtthhopeejkedvgeelse guvggssghughhsrdhgnhhurdhorhhgpdhrtghpthhtohepihgrnhesrhgvthhrohhsphgv tgdrthhv X-ME-Proxy: <xmx:CfYXaFE2QKnmf6K0Kxtlsp3PxtJSHb2kg6rYh1KIU_MTv-NdA8MQBQ> <xmx:CfYXaNWqE04mCrZKOsTvh3u5vIqWpGRbAEpDI9TderdV17KTJ1gAxQ> <xmx:CfYXaAO3HZ2vLm_cR-zzP7-PiB5ydbVi4Pt-RpzQ2TCgZjuOfOkqlQ> <xmx:CfYXaM0vdVtu5kXpQNE4Ku9ISE-4pRDPbaGgbxD9RUTsBFQBeGVTmg> <xmx:CfYXaK1yHRw0CQS_96M3s5cNd6byBwrG6298kQCujJYcKZzXsp4EqSwD> Feedback-ID: id9014242:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Sun, 4 May 2025 19:19:36 -0400 (EDT) From: Ian Eure <ian@HIDDEN> To: 78249 <at> debbugs.gnu.org Subject: [PATCH] gnu: librewolf: Update to 137.0-1 [security fixes]. Date: Sun, 4 May 2025 16:19:30 -0700 Message-ID: <20250504231932.20519-2-ian@HIDDEN> X-Mailer: git-send-email 2.49.0 In-Reply-To: <20250504231932.20519-1-ian@HIDDEN> References: <20250504231932.20519-1-ian@HIDDEN> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 78249 Cc: Ian Eure <ian@HIDDEN> X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.7 (-) Contains fixes for: CVE-2025-3028: Use-after-free triggered by XSLTProcessor CVE-2025-3031: JIT optimization bug with different stack slot sizes CVE-2025-3032: Leaking file descriptors from the fork server CVE-2025-3029: URL bar spoofing via non-BMP Unicode characters CVE-2025-3035: Tab title disclosure across pages when using AI chatbot CVE-2025-3033: Opening local .url files could lead to another file being opened CVE-2025-3030: Memory safety bugs fixed in Firefox 137, Thunderbird 137, Firefox ESR 128.9, and Thunderbird 128.9 CVE-2025-3034: Memory safety bugs fixed in Firefox 137 and Thunderbird 137 * gnu/packages/librewolf.scm (librewolf): Update to 137.0-1. Change-Id: I23d8cbefc242e57c19b4e98660fd22bd1dda8d6a --- gnu/packages/librewolf.scm | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/gnu/packages/librewolf.scm b/gnu/packages/librewolf.scm index 1cb7084f23..ae4d64534c 100644 --- a/gnu/packages/librewolf.scm +++ b/gnu/packages/librewolf.scm @@ -206,17 +206,17 @@ (define rust-librewolf rust-1.82) ;; Update this id with every update to its release date. ;; It's used for cache validation and therefore can lead to strange bugs. ;; ex: date '+%Y%m%d%H%M%S' -(define %librewolf-build-id "20250327215540") +(define %librewolf-build-id "20250401171639") (define-public librewolf (package (name "librewolf") - (version "136.0.4-1") + (version "137.0-1") (source (make-librewolf-source #:version version - #:firefox-hash "0hn2ywyacgg8n47qz1q2l8bf32mszj3vnpkl6kag3wmqqbhvja2a" - #:librewolf-hash "045il4xrji2zh1scx3aiy6hx6jv098232aycda6bhsh27szbsrfa" + #:firefox-hash "07d9rdxmp48gbk41y1c6gggzziv9aqdhjwgi6c0hrf6chcppxi0y" + #:librewolf-hash "164bvissxzhzlwjafp9pdyhhg8hhdxh8w61ifkak497qm4yf8af7" #:l10n firefox-l10n)) (build-system gnu-build-system) (arguments @@ -236,8 +236,6 @@ (define-public librewolf "--with-system-ffi" "--enable-system-pixman" "--enable-jemalloc" - - ;; see https://bugs.gnu.org/32833 "--with-system-nspr" "--with-system-nss" @@ -312,7 +310,7 @@ (define (write-setting key value) (libavcodec (string-append ffmpeg "/lib/libavcodec.so"))) ;; Arrange to load libavcodec.so by its absolute file name. - (substitute* + (substitute* "dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp" (("libavcodec\\.so") libavcodec))))) @@ -405,7 +403,7 @@ (define (write-setting key value) (string-append all ", icu-uc >= 76.1"))) (if (string=? old-content (pk (call-with-input-file file get-string-all))) - (error + (error "substitute did nothing, phase requires an update"))))) (replace 'configure (lambda* (#:key inputs outputs configure-flags @@ -478,7 +476,7 @@ (define write-flags (invoke "./mach" "configure"))) (add-before 'build 'fix-addons-placeholder (lambda _ - (substitute* + (substitute* "toolkit/locales/en-US/toolkit/about/aboutAddons.ftl" (("addons.mozilla.org") "gnuzilla.gnu.org")))) -- 2.49.0
guix-patches@HIDDEN
:bug#78249
; Package guix-patches
.
Full text available.Received: (at 78249) by debbugs.gnu.org; 4 May 2025 23:19:45 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Sun May 04 19:19:45 2025 Received: from localhost ([127.0.0.1]:35025 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1uBica-00083x-Qm for submit <at> debbugs.gnu.org; Sun, 04 May 2025 19:19:45 -0400 Received: from fhigh-b1-smtp.messagingengine.com ([202.12.124.152]:52053) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from <ian@HIDDEN>) id 1uBicY-00083Z-Ab for 78249 <at> debbugs.gnu.org; Sun, 04 May 2025 19:19:43 -0400 Received: from phl-compute-05.internal (phl-compute-05.phl.internal [10.202.2.45]) by mailfhigh.stl.internal (Postfix) with ESMTP id AF896254021A; Sun, 4 May 2025 19:19:36 -0400 (EDT) Received: from phl-mailfrontend-02 ([10.202.2.163]) by phl-compute-05.internal (MEProxy); Sun, 04 May 2025 19:19:36 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=retrospec.tv; h= cc:cc:content-transfer-encoding:content-type:date:date:from:from :in-reply-to:message-id:mime-version:reply-to:subject:subject:to :to; s=fm2; t=1746400776; x=1746487176; bh=wqaVfWfvz647olqDuK+Oq JFdwi/euGdeu0kPoRDVbsA=; b=Gy3fawUj9VK3T2dyEnz8eFeFRVBVj9fKwgXvw VlLNxBJJSsZAadsPUsg0JrpUC7vsUuCk5XS/6urEzMX5RojxM+GWpnyrAE9E27T2 wnNcZ9SgacXZ5uyoqzLefEvlCLeZychsl9LHzopfk4XgFi9+6x3xpZsBrugD2Ouf 0f8pB69Ddfp7uX/faDfGNqSiJtaqL+WYIpP8I3HUUk+plGIzs7kOcJzyIghdfYn4 PbNc+eej8YbQUk4uRJiRo8Ufv0l6Mmr0tq7I6zAgsCxP7rsE0JR8lurAf1c8rLeL iAGFFjTrQ/lKFwBSw9jdjpwQWTXLBr1Poq22VPNcmLgiXcKsA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:message-id:mime-version:reply-to:subject:subject:to :to:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t= 1746400776; x=1746487176; bh=wqaVfWfvz647olqDuK+OqJFdwi/euGdeu0k PoRDVbsA=; b=vTxZSXvq5nOeVy7xKZ+F00cNVQHyVIanzbYsTBmvrlUkQTIeAje JCfof0FxD5GnBV94GslEDbqGKsZZTkZZNjElCo+2quJXDdk2pD5YKcTpSaDtXBUT EaotvVIgDmoAiMfjCbs52H1KmjiDR2gAFurXUVaPHGjFaHa6apdAHrWA7Y18YJ+S 1cl6caBuTVIEleabIkCW9faMg7gdACvvbFQCD4uXNwIIkX0ivAMwPRFoya/5VYD5 tGUz8qT1T42ByUZ81sJU/SBOqEZGUFA5L4XRGHyYNPaovdncbFT3mT6iRYOrBqHG ACExcBdhlvTQhJei+mRwCqO8DNHF+ImB3ZQ== X-ME-Sender: <xms:CPYXaHxC0wCHctFO5-3-ay1UIS9xcY9NqOc9uH5ngpC13Jp0AzsWPg> <xme:CPYXaPTS9EE97SYDp14iSCFBk4FLTdowbs_RAod_cSp1xpzGBLAgzHmwlPPe5X9Yc kRecQ8rV3XwUbsC3Q> X-ME-Received: <xmr:CPYXaBViFRPCv_aLu61WniCbfknSdhpEerIxmudO_JEur1nbarMNAbjw23XMDRzaADITmAnkYM7EjKEm3EN1Jm30xf_q6qC0U0v2WrgdRRNG> X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeefvddrtddtgddvjeelheduucetufdoteggodetrf dotffvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdggtfgfnhhsuhgsshgtrhhisggv pdfurfetoffkrfgpnffqhgenuceurghilhhouhhtmecufedttdenucenucfjughrpefhvf evufffkffoggfgsedtkeertdertddtnecuhfhrohhmpefkrghnucfguhhrvgcuoehirghn sehrvghtrhhoshhpvggtrdhtvheqnecuggftrfgrthhtvghrnhepgfdvjefhlefhfedtie elleefvdfhfeffteefueetlefgvdelffelvefgfeeukeejnecuffhomhgrihhnpehmohii ihhllhgrrdhorhhgnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilh hfrhhomhepihgrnhesrhgvthhrohhsphgvtgdrthhvpdhnsggprhgtphhtthhopedvpdhm ohguvgepshhmthhpohhuthdprhgtphhtthhopeejkedvgeelseguvggssghughhsrdhgnh hurdhorhhgpdhrtghpthhtohepihgrnhesrhgvthhrohhsphgvtgdrthhv X-ME-Proxy: <xmx:CPYXaBgNeTyNCyEutLhXenhRK5ywjqQq0CUA5Y-W60moXSnLqmYg-g> <xmx:CPYXaJDnsZ_FpNL1xTel5FU1S8meCbfN9rdwZKmSXTUe2dlQpG7kcQ> <xmx:CPYXaKKUca6KPCXuLC-S_NdemIANiUdakI56qFudhA-ukjsmiKz-ZQ> <xmx:CPYXaIBm20Vnk30h428zre2EODfV5J_1Sl34RIz9lhlM1aVwsNcnFQ> <xmx:CPYXaIBXgWBI6m3H3UosqCX-iMHjsRECrwdY0uyKD8agjI-Vnd_GtTgn> Feedback-ID: id9014242:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Sun, 4 May 2025 19:19:35 -0400 (EDT) From: Ian Eure <ian@HIDDEN> To: 78249 <at> debbugs.gnu.org Subject: [PATCH 1/3] gnu: Add nspr-4.36. Date: Sun, 4 May 2025 16:19:29 -0700 Message-ID: <20250504231932.20519-1-ian@HIDDEN> X-Mailer: git-send-email 2.49.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 78249 Cc: Ian Eure <ian@HIDDEN> X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.7 (-) * gnu/packages/nss.scm (nspr-4.36): New variable. Change-Id: I5c7c4f5f96e3b9ed763c63c9b5b5996a63d45985 --- gnu/packages/nss.scm | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/gnu/packages/nss.scm b/gnu/packages/nss.scm index 8bcb593ed7..7a8c6b075d 100644 --- a/gnu/packages/nss.scm +++ b/gnu/packages/nss.scm @@ -95,6 +95,19 @@ (define-public nspr in the Mozilla clients.") (license license:mpl2.0))) +(define-public nspr-4.36 + (package + (inherit nspr) + (version "4.36") + (source (origin + (method url-fetch) + (uri (string-append + "https://ftp.mozilla.org/pub/mozilla.org/nspr/releases/v" + version "/src/nspr-" version ".tar.gz")) + (sha256 + (base32 + "15b83ipjxrmw0909l5qqz13pbarhp50d6i58vgjx4720y4bw7pjm")))))) + (define-public nspr-4.32 (package (inherit nspr) -- 2.49.0
guix-patches@HIDDEN
:bug#78249
; Package guix-patches
.
Full text available.Received: (at submit) by debbugs.gnu.org; 4 May 2025 23:18:51 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Sun May 04 19:18:51 2025 Received: from localhost ([127.0.0.1]:35012 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1uBibj-00081Z-1e for submit <at> debbugs.gnu.org; Sun, 04 May 2025 19:18:51 -0400 Received: from lists.gnu.org ([2001:470:142::17]:45770) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from <ian@HIDDEN>) id 1uBibf-00081F-Ql for submit <at> debbugs.gnu.org; Sun, 04 May 2025 19:18:48 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <ian@HIDDEN>) id 1uBibZ-0007Yr-B7 for guix-patches@HIDDEN; Sun, 04 May 2025 19:18:41 -0400 Received: from fout-b2-smtp.messagingengine.com ([202.12.124.145]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <ian@HIDDEN>) id 1uBibX-0004T4-4f for guix-patches@HIDDEN; Sun, 04 May 2025 19:18:41 -0400 Received: from phl-compute-01.internal (phl-compute-01.phl.internal [10.202.2.41]) by mailfout.stl.internal (Postfix) with ESMTP id 7FA29114020B; Sun, 4 May 2025 19:18:35 -0400 (EDT) Received: from phl-mailfrontend-02 ([10.202.2.163]) by phl-compute-01.internal (MEProxy); Sun, 04 May 2025 19:18:35 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=retrospec.tv; h= cc:cc:content-transfer-encoding:content-type:date:date:from:from :in-reply-to:message-id:mime-version:reply-to:subject:subject:to :to; s=fm2; t=1746400715; x=1746487115; bh=tsWh5a7lMUFXJSdVlr8I7 e3q+XLvP0Ef++e/fSLwvCI=; b=eRuFRiYHpab+yR3U6NmwmSshcMwlJRXJKRQ0S tVvNmKhA0jVnt6Fm5YPpZGVdms7DWPMUJKuL2n3LIy5QZRs+R7MivVSLwGAcgAqa oBuXARJVSPvvwmB7dbwksi93FK9hq19CCvzg0dW3bEg8cyfdwd+FeZ6nyPuMKlUS lwM76a5j1+QSTdVA5TVrj/WrGZ7PZdz7V1rTO/C5F/lC/a57PctvIqVmQizZqMla 0xib8V5Do4LhEa/tvwlNAD5ffxnMkJRedGqwZWqsjlO+fiOsXeS4JtMPwBLf1jXh cSrhs7wPtgjmP+ou7+op/kJGEpQG88LyJj5sRz9DrxszXI3MQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:message-id:mime-version:reply-to:subject:subject:to :to:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t= 1746400715; x=1746487115; bh=tsWh5a7lMUFXJSdVlr8I7e3q+XLvP0Ef++e /fSLwvCI=; b=KUy/sOhQof9rVH2RJ1Bf6aou2OFLguFz7o/DFZVTnl2y2TxkLd4 z5zQZz2h1aGg1MoOLLYQlvZ4cTdnpPbkPGW4kAPAWoDrzD2ZVauatMa+RXi3NmEr AopqP0R6USslzOh7+nl+Vdpv0/EwOra7XCi3OB+Iwxo/xqJRCbCtEBjP7JdByEhu eTpwZ/edd1InlQ3766A/TrOGq6fWYWtywQHENvnEFHeXdd+KaaC3nF2eJhoKVGTr 57vsj2Xkr3IfBahiNZ2iL5kV6G1lFxdC28wyMdznsUELa94X0ioQiNT3FQHug8O4 cT30R7lIAi3kAiRkozujDNSmyJMsuXnPm9A== X-ME-Sender: <xms:y_UXaO0fc_nck4n1Yd3xhu5DMvVBzvqMtR8V4URn-4GIXT6cOYi0XA> <xme:y_UXaBGiJeGZzZYA2XRP8zA7rjXKT5LRxfA1VDeE1xoQm0o0KhrMkDifHv8h1PnUf NGWopu4eLm0EpRC_A> X-ME-Received: <xmr:y_UXaG6frcllMyTeTqNXTZtTWJwlE_bhRmPcUN_3HiLimdXCoftyd66_Mvr90pR8O7j3EhG-Pq7qX3rTPGYjgOjC7pkWn-yXJsrvz2TLDVy5> X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeefvddrtddtgddvjeelheduucetufdoteggodetrf dotffvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdggtfgfnhhsuhgsshgtrhhisggv pdfurfetoffkrfgpnffqhgenuceurghilhhouhhtmecufedttdenucenucfjughrpefhvf evufffkffoggfgsedtkeertdertddtnecuhfhrohhmpefkrghnucfguhhrvgcuoehirghn sehrvghtrhhoshhpvggtrdhtvheqnecuggftrfgrthhtvghrnhephfeiveeliedukeffhe fhleeijedtveelleetgefggfehkeeljeehtdeguddvvefgnecuvehluhhsthgvrhfuihii vgeptdenucfrrghrrghmpehmrghilhhfrhhomhepihgrnhesrhgvthhrohhsphgvtgdrth hvpdhnsggprhgtphhtthhopedvpdhmohguvgepshhmthhpohhuthdprhgtphhtthhopehg uhhigidqphgrthgthhgvshesghhnuhdrohhrghdprhgtphhtthhopehirghnsehrvghtrh hoshhpvggtrdhtvh X-ME-Proxy: <xmx:y_UXaP0hdX4fwyYvRjcg3ylwP184LWPu_xUF4Oyb5AoZVOORJh-_fA> <xmx:y_UXaBGL6AuFG7rBwERQVqXT8O6PSvVkF67OTOmh0RGQo-g_9IR_PA> <xmx:y_UXaI8Yh3HrvgY8QBWcUWS7hk2No47kcVBAFUyafoV9KkMFRIDkeQ> <xmx:y_UXaGmAB89n7j5Lh_RPl4R4f6laahQeVi2Vxkwj_Juo7RHdcGYVXQ> <xmx:y_UXaMn5KKosUZl5vIwtkpGJjN2QaxaWDaJLiXJS6KQAzGuO0Fu_WTPF> Feedback-ID: id9014242:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Sun, 4 May 2025 19:18:34 -0400 (EDT) From: Ian Eure <ian@HIDDEN> To: guix-patches@HIDDEN Subject: [PATCH 0/3] gnu: librewolf: Update to 138.0.1-2 [security fixes]. Date: Sun, 4 May 2025 16:18:31 -0700 Message-ID: <20250504231831.20420-1-ian@HIDDEN> X-Mailer: git-send-email 2.49.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=202.12.124.145; envelope-from=ian@HIDDEN; helo=fout-b2-smtp.messagingengine.com X-Spam_score_int: -27 X-Spam_score: -2.8 X-Spam_bar: -- X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: 0.7 (/) X-Debbugs-Envelope-To: submit Cc: Ian Eure <ian@HIDDEN> X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -0.3 (/) The 138.x series needs both nspr and nss bumps. This adds nspr 4.36 to avoid a large rebuild. I have a WIP v2 patch for #73152 which includes that update, and I'll clean this stuff up after that merges. Ian Eure (3): gnu: Add nspr-4.36. gnu: nss-rapid: Update to 3.110. gnu: librewolf: Update to 138.0.1-2 [security fixes]. gnu/packages/librewolf.scm | 12 ++++---- gnu/packages/nss.scm | 30 +++++++++++++++++-- .../patches/torbrowser-compare-paths.patch | 17 +++-------- 3 files changed, 37 insertions(+), 22 deletions(-) -- 2.49.0
Ian Eure <ian@HIDDEN>
:guix-patches@HIDDEN
.
Full text available.guix-patches@HIDDEN
:bug#78249
; Package guix-patches
.
Full text available.
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997 nCipher Corporation Ltd,
1994-97 Ian Jackson.