* [bug#67512] [PATCH v7 0/3] Add LibreWolf
[not found] ` <87jzl27ml2.fsf@trop.in>
@ 2024-04-27 10:46 ` Clément Lassieur
2024-04-27 17:19 ` bug#67512: " Ian Eure
0 siblings, 1 reply; 4+ messages in thread
From: Clément Lassieur @ 2024-04-27 10:46 UTC (permalink / raw)
To: 67512; +Cc: guix-devel, Mark H Weaver, ian, guix-security, andrew
On Fri, Apr 12 2024, Andrew Tropin via Guix-patches via wrote:
> On 2024-04-06 08:04, Ian Eure wrote:
>
>> Moves nss update to nss-3.98 / nss-certs-3.98 to avoid rebuilding thousands of packages.
>>
>> Rebases.
>>
>> Ian Eure (3):
>> gnu: Add nss-3.98.
>> gnu: Add nss-certs-3.98.
>> gnu: Add librewolf.
>>
>> gnu/packages/certs.scm | 16 +
>> gnu/packages/librewolf.scm | 621 +++++++++++++++++++++++++++++++++++++
>> gnu/packages/nss.scm | 45 +++
>> 3 files changed, 682 insertions(+)
>> create mode 100644 gnu/packages/librewolf.scm
>>
>>
>> base-commit: ade6845da6cec99f3bca46faac9b2bad6877817e
>
> Hi Ian,
>
> tested those patches, didn't notice any issues.
>
> Added pipewire to LD_LIBRARY_PATH to make screensharing on wayland to
> work.
>
> Added librewolf.scm to gnu/local.mk.
>
> Pushed as
> https://git.savannah.gnu.org/cgit/guix.git/commit/?id=3dc26b4eae
>
> Thank you very much for you work!
Thank you Andrew for reviewing.
Now that this is pushed, is there anyone maintaining this "librewolf"
package? This is serious work, with security updates quite often.
Right now the package is subject to
CVE-2024-3852 (high)
CVE-2024-3853 (high)
CVE-2024-3854 (high)
CVE-2024-3855 (high)
CVE-2024-3856 (high)
CVE-2024-3857 (high)
CVE-2024-3858 (high)
CVE-2024-3859 (moderate)
CVE-2024-3860 (moderate)
CVE-2024-3861 (moderate)
CVE-2024-3862 (moderate)
CVE-2024-3302 (low)
CVE-2024-3864 (high)
CVE-2024-3865 (high)
Thanks,
Clément
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: bug#67512: [PATCH v7 0/3] Add LibreWolf
2024-04-27 10:46 ` [bug#67512] [PATCH v7 0/3] Add LibreWolf Clément Lassieur
@ 2024-04-27 17:19 ` Ian Eure
2024-04-27 18:21 ` [bug#67512] " Ian Eure
0 siblings, 1 reply; 4+ messages in thread
From: Ian Eure @ 2024-04-27 17:19 UTC (permalink / raw)
To: Clément Lassieur
Cc: 67512, andrew, guix-devel, Mark H Weaver, guix-security
Clément Lassieur <clement@lassieur.org> writes:
> On Fri, Apr 12 2024, Andrew Tropin via Guix-patches via wrote:
>
>> On 2024-04-06 08:04, Ian Eure wrote:
>>
>>> Moves nss update to nss-3.98 / nss-certs-3.98 to avoid
>>> rebuilding thousands of packages.
>>>
>>> Rebases.
>>>
>>> Ian Eure (3):
>>> gnu: Add nss-3.98.
>>> gnu: Add nss-certs-3.98.
>>> gnu: Add librewolf.
>>>
>>> gnu/packages/certs.scm | 16 +
>>> gnu/packages/librewolf.scm | 621
>>> +++++++++++++++++++++++++++++++++++++
>>> gnu/packages/nss.scm | 45 +++
>>> 3 files changed, 682 insertions(+)
>>> create mode 100644 gnu/packages/librewolf.scm
>>>
>>>
>>> base-commit: ade6845da6cec99f3bca46faac9b2bad6877817e
>>
>> Hi Ian,
>>
>> tested those patches, didn't notice any issues.
>>
>> Added pipewire to LD_LIBRARY_PATH to make screensharing on
>> wayland to
>> work.
>>
>> Added librewolf.scm to gnu/local.mk.
>>
>> Pushed as
>> https://git.savannah.gnu.org/cgit/guix.git/commit/?id=3dc26b4eae
>>
>> Thank you very much for you work!
>
> Thank you Andrew for reviewing.
>
> Now that this is pushed, is there anyone maintaining this
> "librewolf"
> package? This is serious work, with security updates quite
> often.
>
Hi Clement,
I’m planning to continue sending patches for updates and the like.
Getting a working updater is close to the top of my list.
> Right now the package is subject to
>
> CVE-2024-3852 (high)
> CVE-2024-3853 (high)
> CVE-2024-3854 (high)
> CVE-2024-3855 (high)
> CVE-2024-3856 (high)
> CVE-2024-3857 (high)
> CVE-2024-3858 (high)
> CVE-2024-3859 (moderate)
> CVE-2024-3860 (moderate)
> CVE-2024-3861 (moderate)
> CVE-2024-3862 (moderate)
> CVE-2024-3302 (low)
> CVE-2024-3864 (high)
> CVE-2024-3865 (high)
>
The version in Guix is the latest available. I’ll send in a patch
when the next release happens; I’m waiting on upstream for that.
Thanks,
— Ian
^ permalink raw reply [flat|nested] 4+ messages in thread
* [bug#67512] [PATCH v7 0/3] Add LibreWolf
2024-04-27 17:19 ` bug#67512: " Ian Eure
@ 2024-04-27 18:21 ` Ian Eure
2024-04-28 8:59 ` Clément Lassieur
0 siblings, 1 reply; 4+ messages in thread
From: Ian Eure @ 2024-04-27 18:21 UTC (permalink / raw)
To: Clément Lassieur
Cc: 67512, guix-devel, guix-security, Mark H Weaver, andrew
Ian Eure <ian@retrospec.tv> writes:
> Clément Lassieur <clement@lassieur.org> writes:
>
>> On Fri, Apr 12 2024, Andrew Tropin via Guix-patches via wrote:
>>
>>> On 2024-04-06 08:04, Ian Eure wrote:
>>>
>>>> Moves nss update to nss-3.98 / nss-certs-3.98 to avoid
>>>> rebuilding
>>>> thousands of packages.
>>>>
>>>> Rebases.
>>>>
>>>> Ian Eure (3):
>>>> gnu: Add nss-3.98.
>>>> gnu: Add nss-certs-3.98.
>>>> gnu: Add librewolf.
>>>>
>>>> gnu/packages/certs.scm | 16 +
>>>> gnu/packages/librewolf.scm | 621
>>>> +++++++++++++++++++++++++++++++++++++
>>>> gnu/packages/nss.scm | 45 +++
>>>> 3 files changed, 682 insertions(+)
>>>> create mode 100644 gnu/packages/librewolf.scm
>>>>
>>>>
>>>> base-commit: ade6845da6cec99f3bca46faac9b2bad6877817e
>>>
>>> Hi Ian,
>>>
>>> tested those patches, didn't notice any issues.
>>>
>>> Added pipewire to LD_LIBRARY_PATH to make screensharing on
>>> wayland
>>> to
>>> work.
>>>
>>> Added librewolf.scm to gnu/local.mk.
>>>
>>> Pushed as
>>> https://git.savannah.gnu.org/cgit/guix.git/commit/?id=3dc26b4eae
>>>
>>> Thank you very much for you work!
>>
>> Thank you Andrew for reviewing.
>>
>> Now that this is pushed, is there anyone maintaining this
>> "librewolf"
>> package? This is serious work, with security updates quite
>> often.
>>
>
> Hi Clement,
>
> I’m planning to continue sending patches for updates and the
> like. Getting a working updater is close to the top of my list.
>
>
>> Right now the package is subject to
>>
>> CVE-2024-3852 (high)
>> CVE-2024-3853 (high)
>> CVE-2024-3854 (high)
>> CVE-2024-3855 (high)
>> CVE-2024-3856 (high)
>> CVE-2024-3857 (high)
>> CVE-2024-3858 (high)
>> CVE-2024-3859 (moderate)
>> CVE-2024-3860 (moderate)
>> CVE-2024-3861 (moderate)
>> CVE-2024-3862 (moderate)
>> CVE-2024-3302 (low)
>> CVE-2024-3864 (high)
>> CVE-2024-3865 (high)
>>
>
> The version in Guix is the latest available. I’ll send in a
> patch
> when the next release happens; I’m waiting on upstream for that.
>
Okay, I see that I’m incorrect about this -- LibreWolf is moving
onto Codeberg, but I was looking at their GitLab project, which
doesn’t have the recent releases. I’ll get this updated.
Thanks,
— Ian
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [bug#67512] [PATCH v7 0/3] Add LibreWolf
2024-04-27 18:21 ` [bug#67512] " Ian Eure
@ 2024-04-28 8:59 ` Clément Lassieur
0 siblings, 0 replies; 4+ messages in thread
From: Clément Lassieur @ 2024-04-28 8:59 UTC (permalink / raw)
To: Ian Eure; +Cc: 67512, guix-devel, guix-security, Mark H Weaver, andrew
On Sat, Apr 27 2024, Ian Eure wrote:
>> The version in Guix is the latest available. I’ll send in a patch
>> when the next release happens; I’m waiting on upstream for that.
>>
>
> Okay, I see that I’m incorrect about this -- LibreWolf is moving onto
> Codeberg, but I was looking at their GitLab project, which doesn’t have the
> recent releases. I’ll get this updated.
Great, thank you Ian!
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2024-04-28 9:00 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <cover.1701186634.git.ian@retrospec.tv>
[not found] ` <cover.1712415593.git.ian@retrospec.tv>
[not found] ` <87jzl27ml2.fsf@trop.in>
2024-04-27 10:46 ` [bug#67512] [PATCH v7 0/3] Add LibreWolf Clément Lassieur
2024-04-27 17:19 ` bug#67512: " Ian Eure
2024-04-27 18:21 ` [bug#67512] " Ian Eure
2024-04-28 8:59 ` Clément Lassieur
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).