[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#32026: [PATCH 10/10] gnu: icecat: Unbundle nss and nspr.
From: |
Mark H Weaver |
Subject: |
bug#32026: [PATCH 10/10] gnu: icecat: Unbundle nss and nspr. |
Date: |
Thu, 16 Feb 2023 17:14:33 -0500 |
Hi Maxim,
Maxim Cournoyer <maxim.cournoyer@gmail.com> writes:
> * gnu/packages/gnuzilla.scm (icecat-minimal) [inputs]: Add nspr-next and
> nss-next.
> [configure-flags]: Re-instate the "--with-system-nspr" and "--with-system-nss"
> configure flags.
> [phases] {remove-bundled-libraries}: Update comment.
This is really great, thank you!
There's just one transient issue that makes me want to hold off on this:
As I recently reported to guix-security, a Mozilla security advisory
<https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/>
published on Tuesday mentions "CVE-2023-0767: Arbitrary memory write via
PKCS 12 in NSS". I'd like someone to confirm that this issue has been
fixed in 'nss-next' before applying this commit. I don't have time to
check it myself right now.
Thanks,
Mark
- bug#32026: [PATCH 09/10] gnu: icecat: Remove gtk+-2 input., (continued)
bug#32026: [PATCH 07/10] gnu: Add language packs to icecat and icedove., Maxim Cournoyer, 2023/02/15
bug#32026: [PATCH 08/10] gnu: icedove: Use the locale of the system., Maxim Cournoyer, 2023/02/15
bug#32026: [PATCH 10/10] gnu: icecat: Unbundle nss and nspr., Maxim Cournoyer, 2023/02/15
- bug#32026: [PATCH 10/10] gnu: icecat: Unbundle nss and nspr.,
Mark H Weaver <=
bug#32026: [PATCH 01/10] gnu: Add a 'update-mozilla-locales' helper for maintenance., Mark H Weaver, 2023/02/16