mirror of
https://git.in.rschanz.org/ryan77627/guix.git
synced 2024-12-24 21:38:07 -05:00
gnu: icecat: Rebundle NSPR and NSS [security fix].
Works around <https://bugs.gnu.org/32833>. * gnu/packages/gnuzilla.scm (icecat)[source]: In snippet, don't remove NSS. [inputs]: Remove 'nspr' and 'nss'. [arguments]: Remove --with-system-{nspr,nss} from configure flags.
This commit is contained in:
parent
94e96f7f68
commit
6d32887937
1 changed files with 17 additions and 5 deletions
|
@ -519,6 +519,13 @@ (define-public icecat
|
||||||
;; FIXME: A script from the bundled nspr is used.
|
;; FIXME: A script from the bundled nspr is used.
|
||||||
;;"nsprpub"
|
;;"nsprpub"
|
||||||
;;
|
;;
|
||||||
|
;; FIXME: With the update to IceCat 60, using system NSS
|
||||||
|
;; broke certificate validation. See
|
||||||
|
;; <https://bugs.gnu.org/32833>. For now, we use
|
||||||
|
;; the bundled NSPR and NSS. TODO: Investigate,
|
||||||
|
;; and try to unbundle these libraries again.
|
||||||
|
;; UNBUNDLE-ME! "security/nss"
|
||||||
|
;;
|
||||||
;; TODO: Use more system media libraries. See:
|
;; TODO: Use more system media libraries. See:
|
||||||
;; <https://bugzilla.mozilla.org/show_bug.cgi?id=517422>
|
;; <https://bugzilla.mozilla.org/show_bug.cgi?id=517422>
|
||||||
;; * libtheora: esr60 wants v1.2, not yet released.
|
;; * libtheora: esr60 wants v1.2, not yet released.
|
||||||
|
@ -541,7 +548,6 @@ (define-public icecat
|
||||||
"media/libvorbis"
|
"media/libvorbis"
|
||||||
;; "media/libtheora" ; wants theora-1.2, not yet released
|
;; "media/libtheora" ; wants theora-1.2, not yet released
|
||||||
"media/libtremor"
|
"media/libtremor"
|
||||||
"security/nss"
|
|
||||||
"gfx/harfbuzz"
|
"gfx/harfbuzz"
|
||||||
"gfx/graphite2"
|
"gfx/graphite2"
|
||||||
"js/src/ctypes/libffi"
|
"js/src/ctypes/libffi"
|
||||||
|
@ -588,8 +594,10 @@ (define-public icecat
|
||||||
("pulseaudio" ,pulseaudio)
|
("pulseaudio" ,pulseaudio)
|
||||||
("mesa" ,mesa)
|
("mesa" ,mesa)
|
||||||
("mit-krb5" ,mit-krb5)
|
("mit-krb5" ,mit-krb5)
|
||||||
("nspr" ,nspr)
|
;; See <https://bugs.gnu.org/32833>
|
||||||
("nss" ,nss)
|
;; and related comments in the 'snippet' above.
|
||||||
|
;; UNBUNDLE-ME! ("nspr" ,nspr)
|
||||||
|
;; UNBUNDLE-ME! ("nss" ,nss)
|
||||||
("sqlite" ,sqlite)
|
("sqlite" ,sqlite)
|
||||||
("startup-notification" ,startup-notification)
|
("startup-notification" ,startup-notification)
|
||||||
("unzip" ,unzip)
|
("unzip" ,unzip)
|
||||||
|
@ -653,8 +661,12 @@ (define-public icecat
|
||||||
;; "--with-system-theora" ; wants theora-1.2, not yet released
|
;; "--with-system-theora" ; wants theora-1.2, not yet released
|
||||||
"--with-system-libvpx"
|
"--with-system-libvpx"
|
||||||
"--with-system-icu"
|
"--with-system-icu"
|
||||||
"--with-system-nspr"
|
|
||||||
"--with-system-nss"
|
;; See <https://bugs.gnu.org/32833>
|
||||||
|
;; and related comments in the 'snippet' above.
|
||||||
|
;; UNBUNDLE-ME! "--with-system-nspr"
|
||||||
|
;; UNBUNDLE-ME! "--with-system-nss"
|
||||||
|
|
||||||
"--with-system-harfbuzz"
|
"--with-system-harfbuzz"
|
||||||
"--with-system-graphite2"
|
"--with-system-graphite2"
|
||||||
"--enable-system-pixman"
|
"--enable-system-pixman"
|
||||||
|
|
Loading…
Reference in a new issue