diff mbox series

[bug#78487] gnu: librewolf: Update to 138.0.4-1 [security fixes].

Message ID 20250518214321.26115-1-ian@retrospec.tv
State New
Headers
Series [bug#78487] gnu: librewolf: Update to 138.0.4-1 [security fixes]. |

Commit Message

Ian Eure May 18, 2025, 9:43 p.m. UTC 
  Fixes:

CVE-2025-4918: Out-of-bounds access when resolving Promise objects
CVE-2025-4919: Out-of-bounds access when optimizing linear sums

* gnu/packages/librewolf.scm (librewolf): Update to 138.0.4-1.

Change-Id: I2c2b7b5a043b37b60f0378f115f0f31fa3993618
---
 gnu/packages/librewolf.scm | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)
diff mbox series

Patch

diff --git a/gnu/packages/librewolf.scm b/gnu/packages/librewolf.scm
index 063a89420fe..db4a7673858 100644
--- a/gnu/packages/librewolf.scm
+++ b/gnu/packages/librewolf.scm
@@ -207,17 +207,17 @@  (define rust-librewolf rust-1.82)
 ;; Update this id with every update to its release date.
 ;; It's used for cache validation and therefore can lead to strange bugs.
 ;; ex: date '+%Y%m%d%H%M%S'
-(define %librewolf-build-id "20250502155055")
+(define %librewolf-build-id "20250518101454")
 
 (define-public librewolf
   (package
     (name "librewolf")
-    (version "138.0.3-1")
+    (version "138.0.4-1")
     (source
      (make-librewolf-source
       #:version version
-      #:firefox-hash "1r0kam26cz5rz39n6zcc2hrbav6dxlfrsa0qhhfjlnv33ns3lzx2"
-      #:librewolf-hash "1bf9sa5radjr7g6ng7kqy2ss13c0q6vkq9dfzj5y998ifxw19s4c"
+      #:firefox-hash "0mjh2if31ibx68a66cvxh5sa20xb78gdn9wdw0wv745dinq0vlrz"
+      #:librewolf-hash "1g4r2k8z5i25gcc8gfspixbi21dddyk4yg6wv7nya44swy51j7r9"
       #:l10n firefox-l10n))
     (build-system gnu-build-system)
     (arguments