diff options
| author | Ian Eure <ian@retrospec.tv> | 2025-11-21 13:00:05 -0800 |
|---|---|---|
| committer | Ian Eure <ian@retrospec.tv> | 2025-11-25 21:45:56 -0800 |
| commit | c93b89e5914daf2cde806247ec49928f3712e2ad (patch) | |
| tree | b6436497e80533ecd3bc986cd41b0521f8b2e83d /gnu | |
| parent | 60b6c5bdc277c1e2d22b3b9897b0590ba279e5ca (diff) | |
gnu: librewolf: Update to 145.0.1-2 [security-fixes].
Contains fixes for:
CVE-2025-13021: Incorrect boundary conditions in the Graphics: WebGPU
component
CVE-2025-13022: Incorrect boundary conditions in the Graphics: WebGPU
component
CVE-2025-13012: Race condition in the Graphics component
CVE-2025-13023: Sandbox escape due to incorrect boundary conditions in
the Graphics: WebGPU component
CVE-2025-13016: Incorrect boundary conditions in the JavaScript:
WebAssembly component
CVE-2025-13024: JIT miscompilation in the JavaScript Engine: JIT
component
CVE-2025-13025: Incorrect boundary conditions in the Graphics: WebGPU
component
CVE-2025-13026: Sandbox escape due to incorrect boundary conditions in
the Graphics: WebGPU component
CVE-2025-13017: Same-origin policy bypass in the DOM: Notifications
component
CVE-2025-13018: Mitigation bypass in the DOM: Security component
CVE-2025-13019: Same-origin policy bypass in the DOM: Workers
component
CVE-2025-13013: Mitigation bypass in the DOM: Core & HTML component
CVE-2025-13020: Use-after-free in the WebRTC: Audio/Video component
CVE-2025-13014: Use-after-free in the Audio/Video component
CVE-2025-13015: Spoofing issue in Firefox
CVE-2025-13027: Memory safety bugs fixed in Firefox 145 and
Thunderbird 145
* gnu/packages/librewolf.scm (librewolf): Update to 145.0.1-2.
Change-Id: Ibc74847cb0bbf3ca31cd91ebead1459199a1b364
Diffstat (limited to 'gnu')
| -rw-r--r-- | gnu/packages/librewolf.scm | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/gnu/packages/librewolf.scm b/gnu/packages/librewolf.scm index b9ad8b0d200..4700fcebaf6 100644 --- a/gnu/packages/librewolf.scm +++ b/gnu/packages/librewolf.scm @@ -220,17 +220,17 @@ ;; It's used for cache validation and therefore can lead to strange bugs. ;; ex: date '+%Y%m%d%H%M%S' ;; or: (format-time-string "%Y%m%d%H%M%S") -(define %librewolf-build-id "20251031125342") +(define %librewolf-build-id "20251121090137") (define-public librewolf (package (name "librewolf") - (version "144.0.2-1") + (version "145.0.1-2") (source (make-librewolf-source #:version version - #:firefox-hash "0sw0cbgm28w10msy450xcqn70w98ip0r8j3c01rqs02rs8p75i7a" - #:librewolf-hash "0yqibva76c20rri6ijmhld84q38fl9jv4zmr5995m1mq4r98navi" + #:firefox-hash "0mzlkymgp1dcyjlv30xaq96f0ls0mxn25264xygidw2g62yib0dl" + #:librewolf-hash "0vicz6kb2d28d736rlmj776sv5p2xk1ilabs2ihxnifs8g9ab8ya" #:l10n firefox-l10n)) (build-system gnu-build-system) (arguments |