gnu: icecat: Update to 68.6.0-guix0-preview1 [security fixes].

Includes fixes for CVE-2019-20503, CVE-2020-6805, CVE-2020-6806, CVE-2020-6807, CVE-2020-6811, CVE-2020-6812, and CVE-2020-6814. * gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update. (icecat-source): Update gnuzilla commit, base version, and hashes. * gnu/packages/patches/icecat-makeicecat.patch: Adapt to new version.
2020-03-09 14:48:21 -04:00 · 2020-03-09 14:48:21 -04:00 · c90c0bd538
commit c90c0bd538
parent 09844816c7
2 changed files with 8 additions and 8 deletions
--- a/gnu/packages/gnuzilla.scm
+++ b/gnu/packages/gnuzilla.scm
@ -554,8 +554,8 @@ from forcing GEXP-PROMISE."
                      #:system system
                      #:guile-for-build guile)))

-(define %icecat-version "68.5.0-guix0-preview1")
-(define %icecat-build-id "20200211000000") ;must be of the form YYYYMMDDhhmmss
+(define %icecat-version "68.6.0-guix0-preview1")
+(define %icecat-build-id "20200309000000") ;must be of the form YYYYMMDDhhmmss

 ;; 'icecat-source' is a "computed" origin that generates an IceCat tarball
 ;; from the corresponding upstream Firefox ESR tarball, using the 'makeicecat'
@ -577,11 +577,11 @@ from forcing GEXP-PROMISE."
                  "firefox-" upstream-firefox-version ".source.tar.xz"))
            (sha256
             (base32
-              "1ld6jinnln0si6p8qy93v5nzd21ckhl266vz425lwqipibwq9rsj"))))
+              "17qwfq9hwra8jarawy8k2sqfa6hdhwa9qk84ndr6gjvmxcy22a14"))))

-         (upstream-icecat-base-version "68.5.0") ; maybe older than base-version
+         (upstream-icecat-base-version "68.6.0") ; maybe older than base-version
         ;;(gnuzilla-commit (string-append "v" upstream-icecat-base-version))
-         (gnuzilla-commit "2dc3c0bed6f8a41a8426ae66db92729af5c27c70")
+         (gnuzilla-commit "9dcb24d885eae5973eb2245b532b158c685d707a")
         (gnuzilla-source
          (origin
            (method git-fetch)
@ -593,7 +593,7 @@ from forcing GEXP-PROMISE."
                                      (string-take gnuzilla-commit 8)))
            (sha256
             (base32
-              "1xwr1xjs4j2i6skm8hknh37gzsd6r396n0lchbwlahig7w6z506y"))))
+              "1y3jmh055vmx44gsjgwxvwv3zcyvz8pc5mhgrwkzm0ybbwpp2pqi"))))

         (makeicecat-patch
          (local-file (search-patch "icecat-makeicecat.patch"))))
--- a/gnu/packages/patches/icecat-makeicecat.patch
+++ b/gnu/packages/patches/icecat-makeicecat.patch
@ -25,7 +25,7 @@ index 8be2362..48716f2 100755
 -wget -N https://ftp.mozilla.org/pub/mozilla.org/firefox/releases/${FFVERSION}esr/source/firefox-${FFVERSION}esr.source.tar.xz.asc
 -gpg --recv-keys --keyserver keyserver.ubuntu.com 14F26682D0916CDD81E37B6D61B7B526D98F0353
 -gpg --verify firefox-${FFVERSION}esr.source.tar.xz.asc
-echo -n 52e784f98a37624e8b207f1b23289c2c88f66dd923798cae891a586a6d94a6d1 firefox-${FFVERSION}esr.source.tar.xz |sha256sum -c -
+-echo -n 2428213ceb75cb6772b3044d9c14870d1ae5b0161379aeb29248650e13761c9f firefox-${FFVERSION}esr.source.tar.xz |sha256sum -c -
 -
 -echo Extracting Firefox tarball
 -tar -xf firefox-${FFVERSION}esr.source.tar.xz
@ -37,7 +37,7 @@ index 8be2362..48716f2 100755
 +# wget -N https://ftp.mozilla.org/pub/mozilla.org/firefox/releases/${FFVERSION}esr/source/firefox-${FFVERSION}esr.source.tar.xz.asc
 +# gpg --recv-keys --keyserver keyserver.ubuntu.com 14F26682D0916CDD81E37B6D61B7B526D98F0353
 +# gpg --verify firefox-${FFVERSION}esr.source.tar.xz.asc
-+# echo -n 52e784f98a37624e8b207f1b23289c2c88f66dd923798cae891a586a6d94a6d1 firefox-${FFVERSION}esr.source.tar.xz |sha256sum -c -
+# echo -n 2428213ceb75cb6772b3044d9c14870d1ae5b0161379aeb29248650e13761c9f firefox-${FFVERSION}esr.source.tar.xz |sha256sum -c -
 +# 
 +# echo Extracting Firefox tarball
 +# tar -xf firefox-${FFVERSION}esr.source.tar.xz