1
Fork 0
mirror of https://https.git.savannah.gnu.org/git/guix.git/ synced 2025-07-10 08:30:39 +02:00

gnu: librewolf: Update to 139.0-1 [security-fixes].

Contains fixes for:

CVE-2025-5263: Error handling for script execution was incorrectly
               isolated from web content
CVE-2025-5264: Potential local code execution in “Copy as cURL”
               command
CVE-2025-5265: Potential local code execution in “Copy as cURL”
               command
CVE-2025-5266: Script element events leaked cross-origin resource
               status
CVE-2025-5270: SNI was sometimes unencrypted
CVE-2025-5271: Devtools' preview ignored CSP headers
CVE-2025-5267: Clickjacking vulnerability could have led to leaking
               saved payment card details
CVE-2025-5268: Memory safety bugs fixed in Firefox 139, Thunderbird
               139, Firefox ESR 128.11, and Thunderbird 128.11
CVE-2025-5272: Memory safety bugs fixed in Firefox 139 and Thunderbird
               139

* gnu/packages/librewolf.scm (librewolf): Update to 139.0-1.

Change-Id: I42b2e98f49a99f0b5259e02726e9f521a19932b8
This commit is contained in:
Ian Eure 2025-05-28 15:13:16 -07:00
parent 0a46617a4c
commit c68d482a9e
No known key found for this signature in database
GPG key ID: 8499AC88F1A71CF2

View file

@ -211,17 +211,17 @@
;; Update this id with every update to its release date.
;; It's used for cache validation and therefore can lead to strange bugs.
;; ex: date '+%Y%m%d%H%M%S'
(define %librewolf-build-id "20250518101454")
(define %librewolf-build-id "20250528102458")
(define-public librewolf
(package
(name "librewolf")
(version "138.0.4-1")
(version "139.0-1")
(source
(make-librewolf-source
#:version version
#:firefox-hash "0mjh2if31ibx68a66cvxh5sa20xb78gdn9wdw0wv745dinq0vlrz"
#:librewolf-hash "1g4r2k8z5i25gcc8gfspixbi21dddyk4yg6wv7nya44swy51j7r9"
#:firefox-hash "12si1538mdgmvkpsqkc42x7rdll7mmapkczx8vipp53qbwafgp4c"
#:librewolf-hash "1jva43idhsya00j871rpiv73b7ylnd9c88mjix8f3804922vs63n"
#:l10n firefox-l10n))
(build-system gnu-build-system)
(arguments