From: Ian Eure <ian@retrospec.tv>
To: Roman Scherer <roman@burningswell.com>
Cc: "André Batista" <nandre@riseup.net>,
"Mark H Weaver" <mhw@netris.org>,
"Jonathan Brielmaier" <jonathan.brielmaier@web.de>,
74648@debbugs.gnu.org
Subject: [bug#74648] [PATCH] gnu: librewolf: Add %u to Exec option to open URLs.
Date: Mon, 02 Dec 2024 08:30:12 -0800 [thread overview]
Message-ID: <87cyiam4iz.fsf@retrospec.tv> (raw)
In-Reply-To: <875xo2f6ii.fsf@burningswell.com> (Roman Scherer's message of "Mon, 02 Dec 2024 16:29:09 +0100")
Hi Roman, André,
Roman Scherer <roman@burningswell.com> writes:
> André Batista <nandre@riseup.net> writes:
>
> Hi André,
>
> thanks for taking a look. So this is fixing a security issue?
> Which one
> exactly? Is it this one?
>
This isn’t a security issue, the concern was created in a change
which also had security updates. The current nature of the
browser ecosystem means nearly every Firefox update contains
security fixes, so presence of them isn’t a very useful signal.
>
>> Hi Roman,
>>
>> seg 02 dez 2024 às 13:20:20 (1733156420),
>> roman@burningswell.com enviou:
>>> * gnu/packages/librewolf.scm (librewolf): Add %u to Exec
>>> option to open URLs.
>>>
>>> Change-Id: I8cf5d3886eaf7805209cf12eae0cc875bef6d5dd
>>> ---
>>> gnu/packages/librewolf.scm | 2 +-
>>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>>
>>> diff --git a/gnu/packages/librewolf.scm
>>> b/gnu/packages/librewolf.scm
>>> index 5d432cfad8..42d212e9f9 100644
>>> --- a/gnu/packages/librewolf.scm
>>> +++ b/gnu/packages/librewolf.scm
>>> @@ -605,7 +605,7 @@ (define-public librewolf
>>> (substitute* desktop-file
>>> (("^Exec=@MOZ_APP_NAME@")
>>> (string-append "Exec="
>>> - #$output
>>> "/bin/librewolf"))
>>> + #$output
>>> "/bin/librewolf %u"))
>>> (("@MOZ_APP_DISPLAYNAME@")
>>>
>>
>> This was its previous state and was removed on commit
>> 280aa6b57d7b741a7d8b076e1afa3dff23569332. See also #74070.
>>
>> Copying Ian, who was the author of that change and has been
>> maintaining
>> Librewolf.
>>
The context behind this change is that Firefox used to ship a
taskcluster/docker/firefox-snap/firefox.desktop file which had an
Exec line like this:
Exec=@MOZ_APP_NAME@ %u
The Guix package would use that file, replacing the token with the
path to the binary. The presence of %u in the package definition
is because the substitute* regexp is sloppy and replaces the whole
line instead of @MOZ_APP_NAME@ only. For reasons unknown to me,
Firefox stopped shipping this file and deleted it from their repo.
I looked around the repo and found
toolkit/mozapps/installer/linux/rpm/mozilla.desktop, for the rpm
package. Its Exec line is:
Exec=@MOZ_APP_NAME@
So I updated the package to use that, and the regexp to match.
The patch in #74648 looks fine to me, and I think it should be
pushed.
Thanks,
— Ian
next prev parent reply other threads:[~2024-12-02 16:31 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-12-02 12:20 [bug#74648] [PATCH] gnu: librewolf: Add %u to Exec option to open URLs Roman Scherer
2024-12-02 14:31 ` André Batista
2024-12-02 15:29 ` Roman Scherer
2024-12-02 16:30 ` Ian Eure [this message]
2024-12-03 9:31 ` Roman Scherer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87cyiam4iz.fsf@retrospec.tv \
--to=ian@retrospec.tv \
--cc=74648@debbugs.gnu.org \
--cc=jonathan.brielmaier@web.de \
--cc=mhw@netris.org \
--cc=nandre@riseup.net \
--cc=roman@burningswell.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).