Includes fixes for CVE-2021-38503, CVE-2021-38504, CVE-2021-38506,
CVE-2021-38507, CVE-2021-38508, CVE-2021-38509, MOZ-2021-0007, and
MOZ-2021-0008.
* gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update.
(icecat-source): Update gnuzilla commit, base version, and hashes.
Mitigates <https://bugs.gnu.org/51478#29>.
* gnu/packages/gnuzilla.scm (icecat)[arguments]: In the
'build-sandbox-whitelist' phase, add
"/run/current-system/profile/share/fonts/" to the whitelist.
* gnu/packages/gnuzilla.scm (mozilla-compare-locales)
(all-mozilla-locales, %icecat-version, %icecat-build-id): Update.
(icecat-source): Update upstream source hash. Update to latest gnuzilla
commit. Remove the hack that provided 'rename' as 'prename'; set RENAME_CMD
environment variable instead. Add python to PATH. Set PYTHONPATH
appropriately. Adapt substitutions for the reorganized 'makeicecat' script.
Run 'makeicecat' outside of the IceCat source directory.
(icecat)[inputs]: Add cairo, font-dejavu, libpng-apng, libvpx, pciutils,
hunspell, libnotify, sqlite, and zlib. Update icu4c to version 69.
[native-inputs]: Update rust and cargo to 1.51. Update rust-cbindgen to 0.19.
Update llvm and clang to 11. Add m4. Remove autoconf.
[description]: Update embedded version number to 91.
[arguments]: Remove "#:out-of-source? #t". Add "#:validate-runpath? #f". In
configure-flags, add "--enable-application=browser", "--enable-rust-simd",
"--enable-release", "--enable-optimize", "--enable-strip",
"--disable-elf-hack", "--with-system-png", and "--with-system-zlib". Adjust
the set of modules. Remove the 'link-libxul-with-libraries' and 'bootstrap'
phases. Remove the sandbox whitelist population code from the
'fix-ffmpeg-runtime-linker' phase. Add a new 'build-sandbox-whitelist' phase.
The new whitelist code now adds <font-dejavu>/share/fonts to the whitelist,
and also the runpaths of all libraries in the 'mesa' package. Update the
'configure' phase to use clang-11 and llvm-11 for compilation (previously we
used gcc), to create a 'mozconfig' file and run './mach configure' (previously
we passed flags to './configure'). Update the 'build' and 'install' phases to
use './mach'. Update and simplify the 'neutralise-store-references' phase.
Move the 'install-desktop-entry' phase to happen after 'wrap-program', whereas
previously it was run after 'configure'. In the 'wrap-program' phase, add
libpng-apng and libnotify to LD_LIBRARY_PATH.
(mozilla-78-compare-locales, all-mozilla-78-locales, %icecat-78-version)
(icecat-78-source): New variables, containing the previous values of
mozilla-compare-locales, all-mozilla-locales, %icecat-version, and
icecat-source, respectively.
(icedove)[source]: Use 'icecat-78-source'.
* gnu/packages/patches/icecat-makeicecat.patch: Adapt to the reorganized
'makeicecat' script.
* gnu/packages/patches/icecat-78-makeicecat.patch: New file,
containing previous contents of icecat-makeicecat.patch.
* gnu/local.mk: Add icecat-78-makeicecat.patch.
The 'computed-origin-method' had been introduced to work around
limitations of the 'snippet' mechanism. The procedure was duplicated,
which made it hard to automatically detect packages using it.
* guix/packages.scm (computed-origin-method): Move procedure from...
* gnu/packages/gnuzilla.scm: ...here and...
* gnu/packages/gnuzilla.scm: ...there.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/packages/gnuzilla.scm (icedove)[inputs]: Add eudev.
[phases]: Add eudev to the wrapper.
Signed-off-by: Jonathan Brielmaier <jonathan.brielmaier@web.de>
This saves us a full build of icedove-wayland analogue to
chromium-wayland.
* gnu/packages/gnuzilla.scm (icedove-wayland)[inputs]: Add bash and
icedove.
[arguments]: Copy the binary over and wrap it for Wayland. As well as
the desktop-file and the license file.
Includes fixes for CVE-2021-23953, CVE-2021-23954, CVE-2020-26976,
CVE-2021-23960, and CVE-2021-23964.
* gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update.
(icecat-source): Update gnuzilla commit, base version, and hashes.
* gnu/packages/patches/icecat-makeicecat.patch: Adapt to new version.
* gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update.
(icecat-source): Update gnuzilla commit, base version, and hashes.
* gnu/packages/patches/icecat-makeicecat.patch: Adapt to new version.
Includes fixes for CVE-2020-16042, CVE-2020-26971, CVE-2020-26973,
CVE-2020-26974, CVE-2020-26978, CVE-2020-35111, CVE-2020-35112, and
CVE-2020-35113.
* gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update.
(icecat-source): Update gnuzilla commit, base version, and hashes.
* gnu/packages/patches/icecat-makeicecat.patch: Adapt to new version.
This follows up on 3eb34c66b4 which left an
unbound "nghttp2-1.41" variable.
* gnu/packages/node.scm (node): Update to 10.22.1.
(node-10.22): Remove variable.
* gnu/packages/gnuzilla.scm (icecat)[native-inputs]: Change from NODE-10.22 to
NODE.
(icedove)[native-inputs]: Likewise.
Includes fixes for CVE-2020-15999, CVE-2020-16012, CVE-2020-26951,
CVE-2020-26953, CVE-2020-26956, CVE-2020-26958, CVE-2020-26959,
CVE-2020-26960, CVE-2020-26961, CVE-2020-26965, CVE-2020-26966, and
CVE-2020-26968.
* gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update.
(icecat-source): Update gnuzilla commit, base version, and hashes.
* gnu/packages/patches/icecat-makeicecat.patch: Adapt to new version.
* gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update.
(icecat-source): Update gnuzilla commit, base version, and hashes.
* gnu/packages/patches/icecat-makeicecat.patch: Adapt to new version.
Mark H Weaver
Jonathan Brielmaier
zimoun
Brice Waegeneire
Efraim Flashner
Leo Famulari
Marius Bakke