03/03: gnu: librewolf: Update to 146.0-2 [security-fixes].

Tue, 16 Dec 2025 08:29:04 -0800 

guix_mirror_bot pushed a commit to branch master
in repository guix.

commit 8cef389d35c105653c3f1a330004b0ca7d4c2478
Author: Ian Eure <[email protected]>
AuthorDate: Thu Dec 11 22:00:27 2025 -0800

    gnu: librewolf: Update to 146.0-2 [security-fixes].
    
    Contains fixes for:
    CVE-2025-14321: Use-after-free in the WebRTC: Signaling component
    CVE-2025-14322: Sandbox escape due to incorrect boundary conditions in
                    the Graphics: CanvasWebGL component
    CVE-2025-14323: Privilege escalation in the DOM: Notifications
                    component
    CVE-2025-14324: JIT miscompilation in the JavaScript Engine: JIT
                    component
    CVE-2025-14325: JIT miscompilation in the JavaScript Engine: JIT
                    component
    CVE-2025-14326: Use-after-free in the Audio/Video: GMP component
    CVE-2025-14327: Spoofing issue in the Downloads Panel component
    CVE-2025-14328: Privilege escalation in the Netmonitor component
    CVE-2025-14329: Privilege escalation in the Netmonitor component
    CVE-2025-14330: JIT miscompilation in the JavaScript Engine: JIT
                    component
    CVE-2025-14331: Same-origin policy bypass in the Request Handling
                    component
    CVE-2025-14332: Memory safety bugs fixed in Firefox 146 and
                    Thunderbird 146
    CVE-2025-14333: Memory safety bugs fixed in Firefox ESR 140.6,
                    Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146
    
    * gnu/packages/librewolf.scm (librewolf): Update to 146.0-2.
---
 gnu/packages/librewolf.scm | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/gnu/packages/librewolf.scm b/gnu/packages/librewolf.scm
index f2f0bcc434..ec58dafb2e 100644
--- a/gnu/packages/librewolf.scm
+++ b/gnu/packages/librewolf.scm
@@ -220,17 +220,17 @@
 ;; It's used for cache validation and therefore can lead to strange bugs.
 ;; ex: date '+%Y%m%d%H%M%S'
 ;; or: (format-time-string "%Y%m%d%H%M%S")
-(define %librewolf-build-id "20251130211358")
+(define %librewolf-build-id "20251211220123")
 
 (define-public librewolf
   (package
     (name "librewolf")
-    (version "145.0.2-2")
+    (version "146.0-2")
     (source
      (make-librewolf-source
       #:version version
-      #:firefox-hash "13c5hk7v71kzqw8zmqqyc8n0gcakmzpksh28npr52yylnp3b9ifp"
-      #:librewolf-hash "160mdkdqzff7kcrn7xi5hjsjsz52zf21mq4fcplhdnm1xrwwn4p2"
+      #:firefox-hash "05nz4b2063z7j1k80v5nsdi8xnl13xfil2blxw1idhxb23hcmm08"
+      #:librewolf-hash "0x6i0bi1p0s1wcdhmffchd39n0imljw2dv171pzl2my0dkr76zbl"
       #:l10n firefox-l10n))
     (build-system gnu-build-system)
     (arguments
@@ -678,7 +678,7 @@
                          pkg-config
                          python
                          rust-librewolf
-                         rust-cbindgen-0.28
+                         rust-cbindgen-0.29
                          which
                          yasm))
     (native-search-paths

Reply via email to