[PATCH] gnu: mullvadbrowser: Update to 13.0.15 [security fixes].

  • Done
  • quality assurance status badge
Details
2 participants
  • Christopher Baines
  • André Batista
Owner
unassigned
Submitted by
André Batista
Severity
normal
A
A
André Batista wrote on 1 Jun 17:11 +0200
(address . guix-patches@gnu.org)(name . Maxim Cournoyer)(address . maxim.cournoyer@gmail.com)
Zls6K4GZe_mI4wHX@andel
Hi Guix,

I'm resending the attached patch on behalf of Cl�ment who is currently
unable to commit it[*].

I've only added the references to mozilla security fixes that apply to
this update and myself on a Reviewed-by tag.


---
A
A
André Batista wrote on 12 Jun 20:31 +0200
[PATCH v2] gnu: mullvadbrowser: Update to 13.0.16 [security fixes].
(address . 71308@debbugs.gnu.org)(name . André Batista)(address . nandre@riseup.net)
20240612183122.2683-1-nandre@riseup.net
Fixes CVEs 2024-5702, 2024-5688, 2024-5690, 2024-5691, 2024-5692,
2024-5693, 2024-5696 and 2024-5700. See the Mozilla Foundation Security
for details.

* gnu/packages/mullvad-browsers.scm (%mullvadbrowser-locales): Update
changesets.
(%mullvadbrowser-build-date): Update to 20240510190000.
(%mullvadbrowser-version): Update to 13.0.16.
(%mullvadbrowser-firefox-version): Update to 115.12.0esr-13.0-1-build1.
(mullvadbrowser-translation-base): Update to
f28525699864f4e3d764c354130bd898ce5b20aa.
(mullvadbrowser-translation-specific): Update to
bff8092bbe5ae93b2c162ade300d739b2cd9e92d.
---
gnu/packages/tor-browsers.scm | 60 +++++++++++++++++------------------
1 file changed, 30 insertions(+), 30 deletions(-)

Toggle diff (120 lines)
diff --git a/gnu/packages/tor-browsers.scm b/gnu/packages/tor-browsers.scm
index 07b7967404..6be746725d 100644
--- a/gnu/packages/tor-browsers.scm
+++ b/gnu/packages/tor-browsers.scm
@@ -857,41 +857,41 @@ (define %mullvadbrowser-locales
(mozilla-locales
;; sha256 changeset locale
;;---------------------------------------------------------------------------
- ("14wnjv13alaj04pd8i8ysillbr3ic2jqa867rbj5ncz8h4hxxfxc" "4c7e24ef78bd" "ar")
- ("0is7qbykv2pj0z9ll9r35vwjp0x29vmfr10yjl3s0amfaqzjqpqc" "0a0b774407cc" "da")
- ("0yq7m4v7d7ayg90m66j73mflrnp709qw9n7skhpsl9h1wbhrd7q7" "633986260777" "de")
- ("018qi9zn24kzfcidsj9lbqfg5n97r295yr8fs953nyfdbim9jsfv" "accf5e4506c0" "es-ES")
- ("11prhmh2cp95dpv6z0k479mb11zbfm541bvigs3gnkh3nazjvc8q" "37aa71d77cb6" "fa")
- ("1lv9l98q88ixb0ph970yzphahgzbl97x0w069bkxa54kblkv1ch1" "dc40a4fd5d0e" "fi")
- ("0wx4k7mwhvpv5w0wa4y5pca2q3jac62jv804nxqnfwh1bvi90wv0" "415c1f0e84bd" "fr")
- ("1n7l5idw9399n8ih1r1d6m8vzpzhwmnxmr9i7jvygkdc8d6adp1k" "07d5e1ff5f9b" "it")
- ("1w6nw9cd92p1ndy82wwlq9xizyq3i8rq0nj7118gbxbx368mk2kj" "e6f9db9ce3e6" "ja")
- ("116a8s0k2yvijy7qf0xpqm5w66gdzs32jhc06364sdar5v34lyhh" "805b85981696" "ko")
- ("0kk3cjlpghbi7j3ndb2s0c7g838fzd2mpzg01bp0cra8lzd0n2ac" "4ab6f0d05aa6" "my")
- ("1i3r2ici95mazw07m2mrf192fc6bfa3x6j3c2pcc1zg7z9srihgh" "561b0cd86ec1" "nb-NO")
- ("1c0m8jhn52h1dif5bswrdwrlzppgga01y61wlii4aaaw15imd6yd" "2a55df0cc389" "nl")
- ("1gssvg306b80drp7kvc35kvcxwldb5sga0bapaxhv362irq1nya8" "a64a7dab01c4" "pl")
- ("1dzh13x85a7src8szbrq5pjmrbak4isln9xdwjk7a1yq4g9h7jgs" "33bf2a9f4c49" "pt-BR")
- ("09x2jirf04kgc118a70z0xrb3msbm7vr4f41ig4xrwf2s5b816r3" "528b76d6aaca" "ru")
- ("1cyimbd42aaq2amyhdbbx26jwsns77lsfl8g9a70bsjlpwzwzryg" "cc8e8962e59c" "sv-SE")
- ("03mqrvcal7i172gf9239q9fnynfp5kg9b3r1w8gr9iz7rkr22gw5" "d361502c559e" "th")
- ("12srgqkqwaidcwbz0y7zr59165f7aq5k5s3b81ql7ixdbwia91pm" "f6173aca4762" "tr")
- ("1dl2dpif4wwrlpx7zkz5qf8kk4vhxyf63016xcfpbhxizqqwc1ki" "df2d025ed631" "zh-CN")
- ("1c63ngff9lsc1x3pi6lnkyxw19gdc65yc67p7alzvrka3cv292ia" "11f8d68148a4" "zh-TW")))
+ ("1218mldjxybhgzdi0myzkwjr2fgnysl71pl847kr7wyn1j8wk3a5" "c25d00080479" "ar")
+ ("1kzx94n36c5vv954j7w65djvb37c178zazy25b35l71q2rvhmlhj" "2197a99c9a08" "da")
+ ("13h7hk11bbd0yq8gqdv7ndbizkgwlm3ybz225l3x2b5cnyjxyg14" "b7a533e5edc9" "de")
+ ("0mdr5b6pqxjmg9c8064x3hpf53h6w9j8ghl32655sx9jh4v3ykza" "beff1baac7c5" "es-ES")
+ ("1pnyg09j6r15w8m62lwj89x6rz4br877z60p8s1hlrb9hj2s3vdx" "ebe0b60b0b36" "fa")
+ ("067r505626cvlrsalnndf2ykz3nnkiy0b8yaxzf1rracpzmp0hni" "d5ae6a933d71" "fi")
+ ("0026zzjv2bqc8sg06yvyd0mhny6mwwvhpvzjrhv2fi5v4wkxapdj" "496c2eb73b82" "fr")
+ ("03fbp4vgkwyimfmbm4n8blx1m16yhms2wm8j4wlx2h3cpxp5r71k" "91951e37e2b8" "it")
+ ("0ncm531d7ih7phcn9d83zwq0dfphvmzg3gmhqmrrkkbydi1g3pbb" "895dcf8bb524" "ja")
+ ("14rc9mr4ngxdzwpjagzhz47jazgp1a6vwb0vbwj31yxv9iwkrgzi" "6ef881aff44b" "ko")
+ ("0h7dlnawm5mbcx4qdlz5c7n4axz2dpa677v13ljdgm2b5w76msmq" "5c1480ccc040" "my")
+ ("1b12azc1n8j1i2l20v66r74q79zqjvc5sf9pd8rmj3xd0fkxzdp2" "fc1896a0a24d" "nb-NO")
+ ("1fh4dhlb6hynlpb2997gssv9v8zk5b7qrw0sclggczb5pcpjk6wc" "7e6da4f01bdb" "nl")
+ ("1w8x3jjrd28f6g6ywwxldizpiipfkr63dzqd74kjpg24s2lqzp80" "e86a451a9cb5" "pl")
+ ("1v3v4n82sn7a4h2d9n653fmgc31mikacf59lvdj6gbwvzpjb5yfa" "94c3dbb67a5d" "pt-BR")
+ ("1fxgh7nfxpg2zknvfff8igq9q1vm5n4q033v7lm2c0xn3dbl8m28" "402b2ecbf04d" "ru")
+ ("1nllh3ax323sxwhj7xvwvbfnh4179332pcmpfyybw1vaid3nr39k" "bb2d5d96d69e" "sv-SE")
+ ("136m68fd0641k3qqmsw6zp016cvvd0sipsyv6rx2b9nli56agz57" "0e6c56bf2ac9" "th")
+ ("0q8p8bwq8an65yfdwzm4dhl6km68r83bv5i17kay2gak8msxxhsb" "91e611ae3f19" "tr")
+ ("02ifa94jfii5f166rwdvv8si3bazm4bcf4qhi59c8f1hxbavb52h" "081aeb1aa308" "zh-CN")
+ ("0qx9sh56pqc2x5qrh386cp1fi1gidhcmxxpvqkg9nh2jbizahznr" "9015a180602e" "zh-TW")))
;; We copy the official build id, which can be found there:
;; https://cdn.mullvad.net/browser/update_responses/update_1/release.
-(define %mullvadbrowser-build-date "20240408204645")
+(define %mullvadbrowser-build-date "20240510190000")
;; To find the last version, look at
;; https://mullvad.net/en/download/browser/linux.
-(define %mullvadbrowser-version "13.0.14")
+(define %mullvadbrowser-version "13.0.16")
;; To find the last Firefox version, browse
;; https://archive.torproject.org/tor-package-archive/mullvadbrowser/<%mullvadbrowser-version>
;; There should be only one archive that starts with
;; "src-firefox-mullvad-browser-".
-(define %mullvadbrowser-firefox-version "115.10.0esr-13.0-1-build1")
+(define %mullvadbrowser-firefox-version "115.12.0esr-13.0-1-build1")
;; See tor-browser-build/projects/translation/config.
(define mullvadbrowser-translation-base
@@ -899,11 +899,11 @@ (define mullvadbrowser-translation-base
(method git-fetch)
(uri (git-reference
(url "https://gitlab.torproject.org/tpo/translation.git")
- (commit "d31e6b16c372e2eb235c4f2b0eae0b573a5515ba")))
+ (commit "f28525699864f4e3d764c354130bd898ce5b20aa")))
(file-name "translation-base-browser")
(sha256
(base32
- "0pyd49v0ivxbw2lbzi5vz9kl78i972p2kcaaahympaf6x5i0q1xd"))))
+ "1vf6nl7fdmlmg2gskf3w1xlsgcm0pxi54z2daz5nwr6q9gyi0lkf"))))
;; See tor-browser-build/projects/translation/config.
(define mullvadbrowser-translation-specific
@@ -911,11 +911,11 @@ (define mullvadbrowser-translation-specific
(method git-fetch)
(uri (git-reference
(url "https://gitlab.torproject.org/tpo/translation.git")
- (commit "c5361cb496ae7e047fd9226139537f1fcfc7938d")))
+ (commit "bff8092bbe5ae93b2c162ade300d739b2cd9e92d")))
(file-name "translation-mullvad-browser")
(sha256
(base32
- "0kxna8hcn6xyj9mq0k8pzmj0xh6drq6fs69vjhk31g9wjjm99hss"))))
+ "0742ylhz80445a28ssp2hpshy0dvr12h2c1mcv5pjdipzcwhgil8"))))
(define mullvadbrowser-assets
;; This is a prebuilt Mullvad Browser from which we take the assets we need.
@@ -931,7 +931,7 @@ (define mullvadbrowser-assets
version "/mullvad-browser-linux-x86_64-" version ".tar.xz"))
(sha256
(base32
- "1qq1bmknnq9ycfqgslwpwdflpzdl8sl3a4bgx0i817m3myvdkdyg"))))
+ "1bpchiz12zjyrzpgyk71naf1jdf3msjcjwggb1mziyawc6pyxj7v"))))
(arguments
(list
#:install-plan
@@ -974,7 +974,7 @@ (define-public mullvadbrowser
%mullvadbrowser-firefox-version ".tar.xz"))
(sha256
(base32
- "07lwjl8569ck0fm3fq0hsh1zd65zph06vpfm4r8mjzqpn7bcny75"))))
+ "1xs4qwa3c6nfq6cj5q6asfrzki4brafg65g6hbn0fc9qqcmrhkv5"))))
(arguments
(substitute-keyword-arguments (package-arguments mullvadbrowser-base)
((#:phases phases)

base-commit: 9b851ade18bc00dc42607b3fcaf26c923d47c2eb
--
2.41.0
C
C
Christopher Baines wrote on 22 Jun 18:57 +0200
(name . André Batista)(address . nandre@riseup.net)(address . 71308-done@debbugs.gnu.org)
8734p47w4s.fsf@cbaines.net
André Batista <nandre@riseup.net> writes:

Toggle quote (18 lines)
> Fixes CVEs 2024-5702, 2024-5688, 2024-5690, 2024-5691, 2024-5692,
> 2024-5693, 2024-5696 and 2024-5700. See the Mozilla Foundation Security
> advisory <https://www.mozilla.org/en-US/security/advisories/mfsa2024-26/>
> for details.
>
> * gnu/packages/mullvad-browsers.scm (%mullvadbrowser-locales): Update
> changesets.
> (%mullvadbrowser-build-date): Update to 20240510190000.
> (%mullvadbrowser-version): Update to 13.0.16.
> (%mullvadbrowser-firefox-version): Update to 115.12.0esr-13.0-1-build1.
> (mullvadbrowser-translation-base): Update to
> f28525699864f4e3d764c354130bd898ce5b20aa.
> (mullvadbrowser-translation-specific): Update to
> bff8092bbe5ae93b2c162ade300d739b2cd9e92d.
> ---
> gnu/packages/tor-browsers.scm | 60 +++++++++++++++++------------------
> 1 file changed, 30 insertions(+), 30 deletions(-)

Thanks for the patch, I've pushed this to master as
b97b43dc1ec7542abb2a7b0a658208d0c5c5e6a9.

Chris
-----BEGIN PGP SIGNATURE-----

iQKlBAEBCgCPFiEEPonu50WOcg2XVOCyXiijOwuE9XcFAmZ3ApNfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDNF
ODlFRUU3NDU4RTcyMEQ5NzU0RTBCMjVFMjhBMzNCMEI4NEY1NzcRHG1haWxAY2Jh
aW5lcy5uZXQACgkQXiijOwuE9XfhZQ//dCoK3rAYNEXGdWZ1vT3+MSes/RUJgKR8
h8927jfvEiKhf/oRBTE/pXDsjwLUnUYepl0yLCfGAqWfACbWVWUmzNcIgXonEiWh
X8i+esDkCllcnoKjlRNBHhrsvFIrQe4JovHXmBOHIMOR1DL5Hu1UPT8pnXBSRUib
wvru4NcLivqGpqHSfxTwuvq11QLVyBaLiZRU3BVp5IW0naJBw1DzBrfyiI0DTrg2
oFJ3WuIdkDOYAemO/sSlLFdqbJw4Lfp/lbDQZG/C0awkByJBYQTxIt0y2Sd2kjVv
taO9vK/dYCTOo9y0uHDWX2axi7CmEOU4xKADL/2H6epeRS08Vpijf2ykYLoFCTOv
SKgke4LtxcwEzghNq5u4IsrCETzj4FYGf1bZu2wAqGS5n3tcnqJgNSodbzM5BUxe
5PxyHFfTOa0NQAyUo5XnEzohhl6ZvK+zmxEoAbB01uWoC+yeCAfnKdJ1xpHEiWqb
Az2cucGOkKGsPBTJPE1d3ZksVEJsQjv+0+8NqYkdIMVZ/M/GCxTOZqK7I2nz3kq7
dbW9aGG0soCHBJN8rG+9RS6lDZuJ3jtfR57UJmPeAKv7WdDc3tyQeeMZHjILutiy
jd+oO8ZOHQIzJur4mfvb3n2pwb0rLcQFejz066b3fF6twGqnbHy6+U4s979V8dX7
p5N+MIXJfmQ=
=P+SQ
-----END PGP SIGNATURE-----

Closed
?
Your comment

This issue is archived.

To comment on this conversation send an email to 71308@debbugs.gnu.org

To respond to this issue using the mumi CLI, first switch to it
mumi current 71308
Then, you may apply the latest patchset in this issue (with sign off)
mumi am -- -s
Or, compose a reply to this issue
mumi compose
Or, send patches to this issue
mumi send-email *.patch