From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp1.migadu.com ([2001:41d0:1008:1e59::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms1.migadu.com with LMTPS id kIdpM4g6W2bHqQAAA41jLg (envelope-from ) for ; Sat, 01 Jun 2024 17:13:12 +0200 Received: from aspmx1.migadu.com ([2001:41d0:403:58f0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp1.migadu.com with LMTPS id gHXILYg6W2aSYgEA62LTzQ (envelope-from ) for ; Sat, 01 Jun 2024 17:13:12 +0200 X-Envelope-To: larch@yhetil.org Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=riseup.net header.s=squak header.b=Uu9t9xpF; dmarc=fail reason="SPF not aligned (relaxed)" header.from=riseup.net (policy=none); spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org" ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1717254792; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding:resent-cc: resent-from:resent-sender:resent-message-id:list-id:list-help: list-unsubscribe:list-subscribe:list-post:dkim-signature; bh=rFh1EYX9xhWQN+akajuxekM3Kt9hHBRgaH/ALtg5ADs=; b=rt7PzOBgNk8hxsoxWzxT9ZlDrRoukOSkRPyEqPosyJvrjRnLF5CcxnJCqYmYey/btg+qra zRINH6ioB+J9t2V0M5tkZTSb6Fk5YtH7ob2aQe6X8WjYfz0gxelho33ne9bavhGOPbzrey Q6UNZ/G2gHEYn1XuFuA9w5bSkTE/VOVbyfIr0XAIfHo6Y+a5YmayZAxispF/qQiAwfWn0E 5r1eYeoz4yCu8S/eLQGkHzJwt3l+58TErgWobpXn7l+jgKVZ5dk4uwAVIhLukWwNRIjkuu KYWJCeOgEfWyoJhZjd6YlhSzis28r6ZB0TZwXfGcPI5i+v3XvG6CMNjciGy1lg== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1717254792; a=rsa-sha256; cv=none; b=If5ES8txlq0nn+6v/A1viOXLx0g343n6XPu4t16pZzicTXdua6r9YEfTMcDJQl+7sVBMMS HnBpeoUngB+V2+zXW/FYj5Ji2STM7adW8fyhKFcTJOsUl4MEYnhzF6e9TmeBIZqAEzeAEV K5YLYEn4EtG7UlZR4fR6UbNYmffiwD0/uNnV+XdlLTO5jlXxOMYlzsXcq6+L1eYYQx2Ov0 vNWYME7DNPaAbF2yXvOPqfMdorTzrsBC2ogMWw/hKCteJ7BWJiVkSTDyYlkdc1G12ZW7VO 87ZiUrdWn1TpBYb42lfA4otGztmpddKYiMIsZBwZKqvgS/Dye1CDcUMCz8irmQ== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=riseup.net header.s=squak header.b=Uu9t9xpF; dmarc=fail reason="SPF not aligned (relaxed)" header.from=riseup.net (policy=none); spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org" Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id A8A9862A7A for ; Sat, 01 Jun 2024 17:13:11 +0200 (CEST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sDQPj-0002fz-2f; Sat, 01 Jun 2024 11:12:59 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sDQPb-0002Yi-0A for guix-patches@gnu.org; Sat, 01 Jun 2024 11:12:54 -0400 Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sDQPa-0003XF-Jt for guix-patches@gnu.org; Sat, 01 Jun 2024 11:12:50 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1sDQPm-0002u9-02 for guix-patches@gnu.org; Sat, 01 Jun 2024 11:13:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#71308] [PATCH] gnu: mullvadbrowser: Update to 13.0.15 [security fixes]. Resent-From: =?UTF-8?Q?Andr=C3=A9?= Batista Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Sat, 01 Jun 2024 15:13:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 71308 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 71308@debbugs.gnu.org Cc: Maxim Cournoyer X-Debbugs-Original-To: guix-patches@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.171725473211105 (code B ref -1); Sat, 01 Jun 2024 15:13:01 +0000 Received: (at submit) by debbugs.gnu.org; 1 Jun 2024 15:12:12 +0000 Received: from localhost ([127.0.0.1]:57093 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sDQOx-0002t1-Ov for submit@debbugs.gnu.org; Sat, 01 Jun 2024 11:12:12 -0400 Received: from lists.gnu.org ([209.51.188.17]:54800) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sDQOu-0002ss-AE for submit@debbugs.gnu.org; Sat, 01 Jun 2024 11:12:09 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sDQOi-00026X-Ax for guix-patches@gnu.org; Sat, 01 Jun 2024 11:11:56 -0400 Received: from mx0.riseup.net ([198.252.153.6]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sDQOg-0003Ps-7u for guix-patches@gnu.org; Sat, 01 Jun 2024 11:11:56 -0400 Received: from fews02-sea.riseup.net (fews02-sea-pn.riseup.net [10.0.1.112]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx0.riseup.net (Postfix) with ESMTPS id 4Vs3P32CDJz9sMF; Sat, 1 Jun 2024 15:11:51 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak; t=1717254711; bh=NZjHMK5qoPkgENQapTlGY9IW/9rBxels6Z4poF473Ig=; h=Date:From:To:Cc:Subject:From; b=Uu9t9xpFduMW4X2oZu+zn0mcie59oXkiyJ8tDKTGfFdziW/33Hijmo9oYkog3n4j0 E/JJA1wivi/RWQkpyp6z6R8Q2mWG8BdZl1EvRTNuAqsTCq9DWjTcx2sd/BpIuj4kRh Kmeqt95AfuB8LFYLWUqQc69K3uYhhD4s144InX0o= X-Riseup-User-ID: 0B9F0D7E8D5AA724604C81D2C3C22DA7BAFDE8A913BEA6BD4D38F9A46A7ECF18 Received: from [127.0.0.1] (localhost [127.0.0.1]) by fews02-sea.riseup.net (Postfix) with ESMTPSA id 4Vs3P16VMtzFtGR; Sat, 1 Jun 2024 15:11:49 +0000 (UTC) Date: Sat, 1 Jun 2024 12:11:39 -0300 From: =?UTF-8?Q?Andr=C3=A9?= Batista Message-ID: MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="8uSoPLsv3MKf3EIw" Content-Disposition: inline Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=198.252.153.6; envelope-from=nandre@riseup.net; helo=mx0.riseup.net X-Spam_score_int: -27 X-Spam_score: -2.8 X-Spam_bar: -- X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: guix-patches-bounces+larch=yhetil.org@gnu.org X-Migadu-Flow: FLOW_IN X-Migadu-Country: US X-Migadu-Spam-Score: -2.04 X-Spam-Score: -2.04 X-Migadu-Queue-Id: A8A9862A7A X-Migadu-Scanner: mx11.migadu.com X-TUID: OTYfXCT0rT3A --8uSoPLsv3MKf3EIw Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit Hi Guix, I'm resending the attached patch on behalf of Clément who is currently unable to commit it[*]. I've only added the references to mozilla security fixes that apply to this update and myself on a Reviewed-by tag. * https://lists.gnu.org/archive/html/guix-patches/2024-05/msg01794.html --- --8uSoPLsv3MKf3EIw Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline; filename="0001-gnu-mullvadbrowser-Update-to-13.0.15.patch" Content-Transfer-Encoding: 8bit >From fd26c390e84365327b664777600242d5f651d845 Mon Sep 17 00:00:00 2001 Message-ID: From: =?UTF-8?q?Cl=C3=A9ment=20Lassieur?= Date: Thu, 30 May 2024 11:39:43 +0200 Subject: [PATCH] gnu: mullvadbrowser: Update to 13.0.15 [security fixes]. To: guix-patches@gnu.org Fixes CVEs 2024-4367, 2024-4767, 2024-4768, 2024-4769, 2024-4770 and 2024-4777. See the Mozilla Foundation Security Advisory for details. * gnu/packages/mullvad-browsers.scm (%mullvadbrowser-locales): Update them. (%mullvadbrowser-build-date): Update to 20240510150000. (%mullvadbrowser-version): Update to 13.0.15. (%mullvadbrowser-firefox-version): Update to 115.11.0esr-13.0-1-build2. (mullvadbrowser-translation-base): Update to a28a8b2cb9e207d12fca11181818c0a0694b56af. Reviewed-by: André Batista Change-Id: I61990b163b93af593091d45107d0cfa8d454f4f3 --- gnu/packages/tor-browsers.scm | 56 +++++++++++++++++------------------ 1 file changed, 28 insertions(+), 28 deletions(-) diff --git a/gnu/packages/tor-browsers.scm b/gnu/packages/tor-browsers.scm index 830b6b247c3c..86815827955a 100644 --- a/gnu/packages/tor-browsers.scm +++ b/gnu/packages/tor-browsers.scm @@ -859,41 +859,41 @@ (define %mullvadbrowser-locales (mozilla-locales ;; sha256 changeset locale ;;--------------------------------------------------------------------------- - ("14wnjv13alaj04pd8i8ysillbr3ic2jqa867rbj5ncz8h4hxxfxc" "4c7e24ef78bd" "ar") - ("0is7qbykv2pj0z9ll9r35vwjp0x29vmfr10yjl3s0amfaqzjqpqc" "0a0b774407cc" "da") - ("0yq7m4v7d7ayg90m66j73mflrnp709qw9n7skhpsl9h1wbhrd7q7" "633986260777" "de") - ("018qi9zn24kzfcidsj9lbqfg5n97r295yr8fs953nyfdbim9jsfv" "accf5e4506c0" "es-ES") - ("11prhmh2cp95dpv6z0k479mb11zbfm541bvigs3gnkh3nazjvc8q" "37aa71d77cb6" "fa") - ("1lv9l98q88ixb0ph970yzphahgzbl97x0w069bkxa54kblkv1ch1" "dc40a4fd5d0e" "fi") - ("0wx4k7mwhvpv5w0wa4y5pca2q3jac62jv804nxqnfwh1bvi90wv0" "415c1f0e84bd" "fr") - ("1n7l5idw9399n8ih1r1d6m8vzpzhwmnxmr9i7jvygkdc8d6adp1k" "07d5e1ff5f9b" "it") - ("1w6nw9cd92p1ndy82wwlq9xizyq3i8rq0nj7118gbxbx368mk2kj" "e6f9db9ce3e6" "ja") - ("116a8s0k2yvijy7qf0xpqm5w66gdzs32jhc06364sdar5v34lyhh" "805b85981696" "ko") - ("0kk3cjlpghbi7j3ndb2s0c7g838fzd2mpzg01bp0cra8lzd0n2ac" "4ab6f0d05aa6" "my") - ("1i3r2ici95mazw07m2mrf192fc6bfa3x6j3c2pcc1zg7z9srihgh" "561b0cd86ec1" "nb-NO") - ("1c0m8jhn52h1dif5bswrdwrlzppgga01y61wlii4aaaw15imd6yd" "2a55df0cc389" "nl") - ("1gssvg306b80drp7kvc35kvcxwldb5sga0bapaxhv362irq1nya8" "a64a7dab01c4" "pl") - ("1dzh13x85a7src8szbrq5pjmrbak4isln9xdwjk7a1yq4g9h7jgs" "33bf2a9f4c49" "pt-BR") - ("09x2jirf04kgc118a70z0xrb3msbm7vr4f41ig4xrwf2s5b816r3" "528b76d6aaca" "ru") - ("1cyimbd42aaq2amyhdbbx26jwsns77lsfl8g9a70bsjlpwzwzryg" "cc8e8962e59c" "sv-SE") - ("03mqrvcal7i172gf9239q9fnynfp5kg9b3r1w8gr9iz7rkr22gw5" "d361502c559e" "th") - ("12srgqkqwaidcwbz0y7zr59165f7aq5k5s3b81ql7ixdbwia91pm" "f6173aca4762" "tr") - ("1dl2dpif4wwrlpx7zkz5qf8kk4vhxyf63016xcfpbhxizqqwc1ki" "df2d025ed631" "zh-CN") - ("1c63ngff9lsc1x3pi6lnkyxw19gdc65yc67p7alzvrka3cv292ia" "11f8d68148a4" "zh-TW"))) + ("1218mldjxybhgzdi0myzkwjr2fgnysl71pl847kr7wyn1j8wk3a5" "c25d00080479" "ar") + ("1kzx94n36c5vv954j7w65djvb37c178zazy25b35l71q2rvhmlhj" "2197a99c9a08" "da") + ("13h7hk11bbd0yq8gqdv7ndbizkgwlm3ybz225l3x2b5cnyjxyg14" "b7a533e5edc9" "de") + ("0mdr5b6pqxjmg9c8064x3hpf53h6w9j8ghl32655sx9jh4v3ykza" "beff1baac7c5" "es-ES") + ("1pnyg09j6r15w8m62lwj89x6rz4br877z60p8s1hlrb9hj2s3vdx" "ebe0b60b0b36" "fa") + ("067r505626cvlrsalnndf2ykz3nnkiy0b8yaxzf1rracpzmp0hni" "d5ae6a933d71" "fi") + ("0026zzjv2bqc8sg06yvyd0mhny6mwwvhpvzjrhv2fi5v4wkxapdj" "496c2eb73b82" "fr") + ("03fbp4vgkwyimfmbm4n8blx1m16yhms2wm8j4wlx2h3cpxp5r71k" "91951e37e2b8" "it") + ("0ncm531d7ih7phcn9d83zwq0dfphvmzg3gmhqmrrkkbydi1g3pbb" "895dcf8bb524" "ja") + ("14rc9mr4ngxdzwpjagzhz47jazgp1a6vwb0vbwj31yxv9iwkrgzi" "6ef881aff44b" "ko") + ("0h7dlnawm5mbcx4qdlz5c7n4axz2dpa677v13ljdgm2b5w76msmq" "5c1480ccc040" "my") + ("1b12azc1n8j1i2l20v66r74q79zqjvc5sf9pd8rmj3xd0fkxzdp2" "fc1896a0a24d" "nb-NO") + ("1fh4dhlb6hynlpb2997gssv9v8zk5b7qrw0sclggczb5pcpjk6wc" "7e6da4f01bdb" "nl") + ("1w8x3jjrd28f6g6ywwxldizpiipfkr63dzqd74kjpg24s2lqzp80" "e86a451a9cb5" "pl") + ("1v3v4n82sn7a4h2d9n653fmgc31mikacf59lvdj6gbwvzpjb5yfa" "94c3dbb67a5d" "pt-BR") + ("1fxgh7nfxpg2zknvfff8igq9q1vm5n4q033v7lm2c0xn3dbl8m28" "402b2ecbf04d" "ru") + ("1nllh3ax323sxwhj7xvwvbfnh4179332pcmpfyybw1vaid3nr39k" "bb2d5d96d69e" "sv-SE") + ("136m68fd0641k3qqmsw6zp016cvvd0sipsyv6rx2b9nli56agz57" "0e6c56bf2ac9" "th") + ("0q8p8bwq8an65yfdwzm4dhl6km68r83bv5i17kay2gak8msxxhsb" "91e611ae3f19" "tr") + ("02ifa94jfii5f166rwdvv8si3bazm4bcf4qhi59c8f1hxbavb52h" "081aeb1aa308" "zh-CN") + ("0qx9sh56pqc2x5qrh386cp1fi1gidhcmxxpvqkg9nh2jbizahznr" "9015a180602e" "zh-TW"))) ;; We copy the official build id, which can be found there: ;; https://cdn.mullvad.net/browser/update_responses/update_1/release. -(define %mullvadbrowser-build-date "20240408204645") +(define %mullvadbrowser-build-date "20240510150000") ;; To find the last version, look at ;; https://mullvad.net/en/download/browser/linux. -(define %mullvadbrowser-version "13.0.14") +(define %mullvadbrowser-version "13.0.15") ;; To find the last Firefox version, browse ;; https://archive.torproject.org/tor-package-archive/mullvadbrowser/<%mullvadbrowser-version> ;; There should be only one archive that starts with ;; "src-firefox-mullvad-browser-". -(define %mullvadbrowser-firefox-version "115.10.0esr-13.0-1-build1") +(define %mullvadbrowser-firefox-version "115.11.0esr-13.0-1-build2") ;; See tor-browser-build/projects/translation/config. (define mullvadbrowser-translation-base @@ -901,11 +901,11 @@ (define mullvadbrowser-translation-base (method git-fetch) (uri (git-reference (url "https://gitlab.torproject.org/tpo/translation.git") - (commit "d31e6b16c372e2eb235c4f2b0eae0b573a5515ba"))) + (commit "a28a8b2cb9e207d12fca11181818c0a0694b56af"))) (file-name "translation-base-browser") (sha256 (base32 - "0pyd49v0ivxbw2lbzi5vz9kl78i972p2kcaaahympaf6x5i0q1xd")))) + "159wza7mvz53bjvdj8nnipz9ya5150pymjz5x3jz2qpkz8ansxws")))) ;; See tor-browser-build/projects/translation/config. (define mullvadbrowser-translation-specific @@ -933,7 +933,7 @@ (define mullvadbrowser-assets version "/mullvad-browser-linux-x86_64-" version ".tar.xz")) (sha256 (base32 - "1qq1bmknnq9ycfqgslwpwdflpzdl8sl3a4bgx0i817m3myvdkdyg")))) + "1i4awa3v24z96mjzkaa04wki9pnw5walvhgw32xm39r4y1x4yajg")))) (arguments (list #:install-plan @@ -976,7 +976,7 @@ (define-public mullvadbrowser %mullvadbrowser-firefox-version ".tar.xz")) (sha256 (base32 - "07lwjl8569ck0fm3fq0hsh1zd65zph06vpfm4r8mjzqpn7bcny75")))) + "19im2arl2jdq6cqr547gal4bz8m3nfi8rh6bgswnbc4lbxkbiqr9")))) (arguments (substitute-keyword-arguments (package-arguments mullvadbrowser-base) ((#:phases phases) base-commit: 5b2ee0f3d2575e7c3983c241bcd96e696e1f25f3 prerequisite-patch-id: a08056eeee61783ba7c116e652c41dd8de047181 -- 2.41.0 --8uSoPLsv3MKf3EIw--