guix_mirror_bot pushed a commit to branch librewolf-updates in repository guix.
commit c7cc333c91f1161193c754aa9b2e6e883a977656 Author: Ian Eure <[email protected]> AuthorDate: Sat Jun 28 10:21:41 2025 -0700 gnu: librewolf: Update to 140.0.2-1 [security-fixes]. Contains fixes for: CVE-2025-6424: Use-after-free in FontFaceSet CVE-2025-6425: The WebCompat WebExtension shipped with Firefox exposed a persistent UUID CVE-2025-6426: No warning when opening executable terminal files on macOS CVE-2025-6427: connect-src Content Security Policy restriction could be bypassed CVE-2025-6428: Firefox for Android opened URLs specified in a link querystring parameter CVE-2025-6429: Incorrect parsing of URLs could have allowed embedding of youtube.com CVE-2025-6430: Content-Disposition header ignored when a file is included in an embed or object tag CVE-2025-6431: The prompt in Firefox for Android that asks before opening a link in an external application could be bypassed CVE-2025-6432: DNS Requests leaked outside of a configured SOCKS proxy CVE-2025-6433: WebAuthn would allow a user to sign a challenge on a webpage with an invalid TLS certificate CVE-2025-6434: HTTPS-Only exception screen lacked anti-clickjacking delay CVE-2025-6435: Save as in Devtools could download files without sanitizing the extension CVE-2025-6436: Memory safety bugs fixed in Firefox 140 and Thunderbird 140 * gnu/packages/librewolf.scm (librewolf): Update to 140.0.2-1. * gnu/packages/patches/librewolf-use-system-wide-dir.patch: Adjust. Change-Id: I786706575e04f32054f6a1142d606eb3ba6b22e3 --- gnu/packages/librewolf.scm | 8 ++++---- .../patches/librewolf-use-system-wide-dir.patch | 20 ++++++++++---------- 2 files changed, 14 insertions(+), 14 deletions(-) diff --git a/gnu/packages/librewolf.scm b/gnu/packages/librewolf.scm index 9d08a43ebd..5ea454431c 100644 --- a/gnu/packages/librewolf.scm +++ b/gnu/packages/librewolf.scm @@ -212,17 +212,17 @@ ;; It's used for cache validation and therefore can lead to strange bugs. ;; ex: date '+%Y%m%d%H%M%S' ;; or: (format-time-string "%Y%m%d%H%M%S") -(define %librewolf-build-id "20250613072513") +(define %librewolf-build-id "20250628094930") (define-public librewolf (package (name "librewolf") - (version "139.0.4-1") + (version "140.0.2-1") (source (make-librewolf-source #:version version - #:firefox-hash "1xc7481g9adrn98ivqgigvdjcpkyk6sa183qvpbwcjgrqczhapjk" - #:librewolf-hash "1izrhzzzdighcjm4mmdkalqzxzypn30fyxnbi8y0a489kdsn4j5c" + #:firefox-hash "00swi8y46r7yibi2klc0z23j33blydx60972fim6bmgm82l5bbkh" + #:librewolf-hash "06v57209s38sqzr77bk2jq3nzd3qjbxd736rwir8x8f0ff19j8n4" #:l10n firefox-l10n)) (build-system gnu-build-system) (arguments diff --git a/gnu/packages/patches/librewolf-use-system-wide-dir.patch b/gnu/packages/patches/librewolf-use-system-wide-dir.patch index c8a4d8cb12..c1b36af58d 100644 --- a/gnu/packages/patches/librewolf-use-system-wide-dir.patch +++ b/gnu/packages/patches/librewolf-use-system-wide-dir.patch @@ -5,33 +5,33 @@ diff --git a/toolkit/xre/nsXREDirProvider.cpp b/toolkit/xre/nsXREDirProvider.cpp index 0cbc825738..5c0bf6ae7f 100644 --- a/toolkit/xre/nsXREDirProvider.cpp +++ b/toolkit/xre/nsXREDirProvider.cpp -@@ -280,25 +280,11 @@ nsresult nsXREDirProvider::GetBackgroundTasksProfilesRootDir( - static nsresult GetSystemParentDirectory(nsIFile** aFile) { +@@ -282,25 +282,10 @@ + nsCString aName = "LibreWolf"_ns) { nsresult rv; nsCOMPtr<nsIFile> localDir; -# if defined(XP_MACOSX) - rv = GetOSXFolderType(kOnSystemDisk, kApplicationSupportFolderType, - getter_AddRefs(localDir)); - if (NS_SUCCEEDED(rv)) { -- rv = localDir->AppendNative("LibreWolf"_ns); +- rv = localDir->AppendNative(aName); - } -# else -- constexpr auto dirname = +- ToLowerCase(aName); +- nsCString dirname = -# ifdef HAVE_USR_LIB64_DIR -- "/usr/lib64/librewolf"_ns +- "/usr/lib64/"_ns + aName -# elif defined(__OpenBSD__) || defined(__FreeBSD__) -- "/usr/local/lib/librewolf"_ns +- "/usr/local/lib/"_ns + aName -# else -- "/usr/lib/librewolf"_ns +- "/usr/lib/"_ns + aName -# endif - ; - rv = NS_NewNativeLocalFile(dirname, getter_AddRefs(localDir)); -# endif + const char* systemParentDir = getenv("ICECAT_SYSTEM_DIR"); + if (!systemParentDir || !*systemParentDir) return NS_ERROR_FAILURE; - + rv = NS_NewNativeLocalFile(nsDependentCString(systemParentDir), + getter_AddRefs(localDir)); + if (NS_SUCCEEDED(rv)) { - localDir.forget(aFile); - } + localDir.forget(aFile); \ No newline at end of file
