* [bug#66069] Update Icecat to FF 102.15.1 to fix mfsa2023-40
@ 2023-09-18 10:58 Dr. Arne Babenhauserheide
2023-09-18 14:28 ` bug#66069: " Tobias Geerinckx-Rice via Guix-patches via
0 siblings, 1 reply; 2+ messages in thread
From: Dr. Arne Babenhauserheide @ 2023-09-18 10:58 UTC (permalink / raw)
To: 66069
[-- Attachment #1.1: Type: text/plain, Size: 170 bytes --]
Hi,
the attached patch updates the base version of icecat to 102.15.1 to get
the fix of the critical webp vulnerability in Firefox (and every other
browser out there).
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1.2: 0001-Update-icecat-to-FF-102.15.1-to-fix-mfsa2023-40.patch --]
[-- Type: text/x-patch, Size: 4062 bytes --]
From 21a46f22b9b0d49e5d556e296716fc3b6db6b2e0 Mon Sep 17 00:00:00 2001
Message-ID: <21a46f22b9b0d49e5d556e296716fc3b6db6b2e0.1695034689.git.arne_bab@web.de>
From: Arne Babenhauserheide <arne_bab@web.de>
Date: Mon, 18 Sep 2023 12:56:18 +0200
Subject: [PATCH] Update icecat to FF 102.15.1 to fix mfsa2023-40
* gnu/packages/gnuzilla.scm (%icecat-base-version): update to 102.15.1 to fix
https://www.mozilla.org/en-US/security/advisories/mfsa2023-40/
* gnu/packages/gnuzilla.scm (icecat-source): update upstream hash to 102.15.1
---
gnu/packages/gnuzilla.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/gnu/packages/gnuzilla.scm b/gnu/packages/gnuzilla.scm
index 6e2f9729cf..e700931d28 100644
--- a/gnu/packages/gnuzilla.scm
+++ b/gnu/packages/gnuzilla.scm
@@ -518,7 +518,7 @@ (define all-mozilla-locales
;; XXXX: Workaround 'snippet' limitations.
(define computed-origin-method (@@ (guix packages) computed-origin-method))
-(define %icecat-base-version "102.15.0")
+(define %icecat-base-version "102.15.1")
(define %icecat-version (string-append %icecat-base-version "-guix0-preview1"))
(define %icecat-build-id "20230829000000") ;must be of the form YYYYMMDDhhmmss
@@ -540,7 +540,7 @@ (define icecat-source
"firefox-" upstream-firefox-version ".source.tar.xz"))
(sha256
(base32
- "1bs6hxfsb77cbi238wvizq2iw4mlgz29m0sd027sz8zm1025kyl1"))))
+ "04q1fjninm9lw721xgv0c2fknicc24s8iaimkabwcfwmcnvly689"))))
;; The upstream-icecat-base-version may be older than the
;; %icecat-base-version.
base-commit: e2a7c227dea5b361e2ebdbba24b923d1922a79d0
prerequisite-patch-id: e26acb8280f31db9b663b6fc444a2229fc5b588e
prerequisite-patch-id: db5cc62f7d04f3ed3014ae984fe732f3b6db8d17
prerequisite-patch-id: 3a0bf9ef6f27f1d92537c5e9ee5c38c7d6ced99e
prerequisite-patch-id: 088a72da8c11e5d1c7087b4a5e8bb9c4a3b9b2af
prerequisite-patch-id: 1b4787e17ec6ab62978615e1d3804a1024c5e1a0
prerequisite-patch-id: f814d9756faa5d91a68b81654606c66b4cf389e5
prerequisite-patch-id: f2dbed3e6da49472bd141c9fa40de2d2208130fb
prerequisite-patch-id: 2dbf557994da4a264566b67294f7f3f8e2931f5f
prerequisite-patch-id: 912a76fac540b98d5683ba1886a7d62f0963cd9f
prerequisite-patch-id: f6a9bfd16b8952c73b7a6d97be70013a290815d7
prerequisite-patch-id: e50c1aaa1d401bba32a49d2e1fb1661746543d09
prerequisite-patch-id: 1f63cb516bc5c9772ae808371528006fca20dcad
prerequisite-patch-id: 1ac04f0120fb6c4f106d05bee88103debb815b41
prerequisite-patch-id: eeff242fb5e41c8c83b3daadd0965e58eb6670ba
prerequisite-patch-id: 3812c9ac1252d9d20e8485462be155156f302a54
prerequisite-patch-id: 9d3dd155c91ab334999c03fefab04f361ea4d8b5
prerequisite-patch-id: f5b09b934b65fe45bdfd1273baa3bb949ed52cca
prerequisite-patch-id: 61a9b3943bdbe5cb6a4aa978888ceb64088f9a14
prerequisite-patch-id: 3f9d50361fb537607c33d09115366aec05160688
prerequisite-patch-id: 765c77b7c31f24491149665a066d2906f8da8d33
prerequisite-patch-id: 2b92c37e3aa74152a7aa226e1fbd5f2735037dc0
prerequisite-patch-id: 2a3123ab0786108f26e25c45fc4c545b99b6dd27
prerequisite-patch-id: 891a2458a90ea90113c576df5029514f5143366e
prerequisite-patch-id: 1a08957a2fd3e3637ed7f3cf3f44c9f8194d6668
prerequisite-patch-id: d382210c915c0a809cb709cba45a4542d60c4d20
prerequisite-patch-id: d424ad2c4c4bf14becb025c67757f48d4a6ae6b5
prerequisite-patch-id: 07e1c90231819e0b963645b041522e53891fd344
prerequisite-patch-id: 124009dec6dad63add19bf258f71bdb127078ecb
prerequisite-patch-id: 0afa33c8e0e2aca07da2782e04d259d3f8c498c5
prerequisite-patch-id: 205bb6c05a145eb9137e8623687418089351e73e
prerequisite-patch-id: 7138f72403701b9749a0a587f1807030d730c00d
prerequisite-patch-id: 39bd665160a5e62aaa4ea94ad2e3ca30f31e2127
prerequisite-patch-id: d5d0cdab2914d5d4b80f7e9e541c8f76b6e313d6
prerequisite-patch-id: 9b22cdb1bd10f6f0231168f7223d5b700830ad48
prerequisite-patch-id: cd1ddd3e6d24b1488271cfbdc28dc6619552306e
prerequisite-patch-id: 8b5cef14cf4c6b27783c8f5ed9b8802bf11b15c5
--
2.41.0
[-- Attachment #1.3: Type: text/plain, Size: 101 bytes --]
Best wishes,
Arne
--
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 1125 bytes --]
^ permalink raw reply related [flat|nested] 2+ messages in thread
* bug#66069: Update Icecat to FF 102.15.1 to fix mfsa2023-40
2023-09-18 10:58 [bug#66069] Update Icecat to FF 102.15.1 to fix mfsa2023-40 Dr. Arne Babenhauserheide
@ 2023-09-18 14:28 ` Tobias Geerinckx-Rice via Guix-patches via
0 siblings, 0 replies; 2+ messages in thread
From: Tobias Geerinckx-Rice via Guix-patches via @ 2023-09-18 14:28 UTC (permalink / raw)
To: 66069-done
Hi Arne,
Pushed to master as 3d9ebc7b2ed24312fd6a0916c203f7b86d57753d, with the
commit message edited to better respect our conventions:
gnu: icecat: Update to 102.15.1 [security fixes].
This fixes fix mfsa2023-40, a critical webp vulnerability.
See https://www.mozilla.org/en-US/security/advisories/mfsa2023-40/
* gnu/packages/gnuzilla.scm (%icecat-base-version, icecat-source):
Update to 102.15.1.
Thanks for the prompt fix!
T G-R
Sent from a Web browser. Excuse or enjoy my brevity.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2023-09-18 14:30 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-09-18 10:58 [bug#66069] Update Icecat to FF 102.15.1 to fix mfsa2023-40 Dr. Arne Babenhauserheide
2023-09-18 14:28 ` bug#66069: " Tobias Geerinckx-Rice via Guix-patches via
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).