02/02: gnu: librewolf: Update to 144.0-1 [security-fixes].

Tue, 21 Oct 2025 16:59:57 -0700 

guix_mirror_bot pushed a commit to branch master
in repository guix.

commit 08b7a614489308cce8096755b7013fde0b68b926
Author: Ian Eure <[email protected]>
AuthorDate: Wed Oct 15 09:50:20 2025 -0700

    gnu: librewolf: Update to 144.0-1 [security-fixes].
    
    Firefox 144.0 contains fixes for:
    CVE-2025-11708: Use-after-free in MediaTrackGraphImpl::GetInstance()
    CVE-2025-11709: Out of bounds read/write in a privileged process
                    triggered by WebGL textures
    CVE-2025-11710: Cross-process information leaked due to malicious IPC
                    messages
    CVE-2025-11711: Some non-writable Object properties could be modified
    CVE-2025-11716: Sandboxed iframes allowed links to open in external
                    apps (Android only)
    CVE-2025-11717: The password edit screen was not hidden in Android
                    card view
    CVE-2025-11712: An OBJECT tag type attribute overrode browser behavior
                    on web resources without a content-type
    CVE-2025-11718: Address bar could be spoofed on Android using
                    visibilitychange
    CVE-2025-11713: Potential user-assisted code execution in “Copy as
                    cURL” command
    CVE-2025-11719: Use-after-free caused by the native messaging web
                    extension API on Windows
    CVE-2025-11720: Spoofing risk in Android custom tabs
    CVE-2025-11714: Memory safety bugs fixed in Firefox ESR 115.29,
                    Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144
                    and Thunderbird 144
    CVE-2025-11715: Memory safety bugs fixed in Firefox ESR 140.4,
                    Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144
    CVE-2025-11721: Memory safety bug fixed in Firefox 144 and Thunderbird
                    144
    
    * gnu/packages/librewolf.scm (librewolf): Update to 144.0-1.
    
    Change-Id: I39e97cde24d820882c79a137997a5252e6e70421
---
 gnu/packages/librewolf.scm | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/gnu/packages/librewolf.scm b/gnu/packages/librewolf.scm
index 39380704da..f8800b1925 100644
--- a/gnu/packages/librewolf.scm
+++ b/gnu/packages/librewolf.scm
@@ -220,17 +220,17 @@
 ;; It's used for cache validation and therefore can lead to strange bugs.
 ;; ex: date '+%Y%m%d%H%M%S'
 ;; or: (format-time-string "%Y%m%d%H%M%S")
-(define %librewolf-build-id "20251008123641")
+(define %librewolf-build-id "20251015084146")
 
 (define-public librewolf
   (package
     (name "librewolf")
-    (version "143.0.4-1")
+    (version "144.0-1")
     (source
      (make-librewolf-source
       #:version version
-      #:firefox-hash "06mnr0shigjnqckx2jzmi3q959i1h2n4jcxhgxzsc08f9krcjiwy"
-      #:librewolf-hash "1sisxagfz2qd6qmmnmar3iyh21sj4b4k3gy6kb0aa0mnqzkg68j7"
+      #:firefox-hash "07vb15fwi3aiw230rmqbnj9pavx1pqq1js7zzgfxzw0hasjn8831"
+      #:librewolf-hash "1cg1flmjgqb7v5cy29nnwggan01ipg33g6grjyyfcllh89akrcg4"
       #:l10n firefox-l10n))
     (build-system gnu-build-system)
     (arguments

Reply via email to