bartronx7/guix
1
0
Fork 0
mirror of https://codeberg.org/guix/guix.git synced 2026-01-25 12:05:19 -06:00
Code Issues Projects Releases Packages Wiki Activity Actions

gnu: librewolf: Update to 144.0-1 [security-fixes].

Browse source 
Firefox 144.0 contains fixes for:
CVE-2025-11708: Use-after-free in MediaTrackGraphImpl::GetInstance()
CVE-2025-11709: Out of bounds read/write in a privileged process
                triggered by WebGL textures
CVE-2025-11710: Cross-process information leaked due to malicious IPC
                messages
CVE-2025-11711: Some non-writable Object properties could be modified
CVE-2025-11716: Sandboxed iframes allowed links to open in external
                apps (Android only)
CVE-2025-11717: The password edit screen was not hidden in Android
                card view
CVE-2025-11712: An OBJECT tag type attribute overrode browser behavior
                on web resources without a content-type
CVE-2025-11718: Address bar could be spoofed on Android using
                visibilitychange
CVE-2025-11713: Potential user-assisted code execution in “Copy as
                cURL” command
CVE-2025-11719: Use-after-free caused by the native messaging web
                extension API on Windows
CVE-2025-11720: Spoofing risk in Android custom tabs
CVE-2025-11714: Memory safety bugs fixed in Firefox ESR 115.29,
                Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144
                and Thunderbird 144
CVE-2025-11715: Memory safety bugs fixed in Firefox ESR 140.4,
                Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144
CVE-2025-11721: Memory safety bug fixed in Firefox 144 and Thunderbird
                144

* gnu/packages/librewolf.scm (librewolf): Update to 144.0-1.

Change-Id: I39e97cde24d820882c79a137997a5252e6e70421
This commit is contained in:
Ian Eure 2025-10-15 09:50:20 -07:00
parent 093cf92d0c
commit 08b7a61448
No known key found for this signature in database
GPG key ID: 8499AC88F1A71CF2
1 changed files with 4 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
gnu/packages/librewolf.scm
View file

@ -220,17 +220,17 @@
;; It's used for cache validation and therefore can lead to strange bugs.
;; ex: date '+%Y%m%d%H%M%S'
;; or: (format-time-string "%Y%m%d%H%M%S")
(define %librewolf-build-id "20251008123641")
(define %librewolf-build-id "20251015084146")
(define-public librewolf
(package
(name "librewolf")
(version "143.0.4-1")
(version "144.0-1")
(source
(make-librewolf-source
#:version version
#:firefox-hash "06mnr0shigjnqckx2jzmi3q959i1h2n4jcxhgxzsc08f9krcjiwy"
#:librewolf-hash "1sisxagfz2qd6qmmnmar3iyh21sj4b4k3gy6kb0aa0mnqzkg68j7"
#:firefox-hash "07vb15fwi3aiw230rmqbnj9pavx1pqq1js7zzgfxzw0hasjn8831"
#:librewolf-hash "1cg1flmjgqb7v5cy29nnwggan01ipg33g6grjyyfcllh89akrcg4"
#:l10n firefox-l10n))
(build-system gnu-build-system)
(arguments