From 6c83c48391ebc2b08ca4704c437de4f1e59fca9a Mon Sep 17 00:00:00 2001
From: Mark H Weaver <mhw@netris.org>
Date: Tue, 9 Jul 2019 16:30:13 -0400
Subject: [PATCH] gnu: icecat: Update to 60.8.0-guix1 [security fixes].

Includes fixes for CVE-2019-9811, CVE-2019-11709, CVE-2019-11711,
CVE-2019-11712, CVE-2019-11713, CVE-2019-11715, CVE-2019-11717,
CVE-2019-11719, CVE-2019-11729, and CVE-2019-11730.

* gnu/packages/gnuzilla.scm (%icecat-version): Update to 60.8.0-guix1.
(icecat-source)[upstream-firefox-source]: Update hash.
(icecat): Refresh some stale comments.
---
 gnu/packages/gnuzilla.scm | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/gnu/packages/gnuzilla.scm b/gnu/packages/gnuzilla.scm
index a874878feaa..ff382b23888 100644
--- a/gnu/packages/gnuzilla.scm
+++ b/gnu/packages/gnuzilla.scm
@@ -426,7 +426,7 @@ (define* (computed-origin-method gexp-promise hash-algo hash
                       #:system system
                       #:guile-for-build guile)))
 
-(define %icecat-version "60.7.2-guix1")
+(define %icecat-version "60.8.0-guix1")
 
 ;; 'icecat-source' is a "computed" origin that generates an IceCat tarball
 ;; from the corresponding upstream Firefox ESR tarball, using the 'makeicecat'
@@ -448,7 +448,7 @@ (define icecat-source
                   "firefox-" upstream-firefox-version ".source.tar.xz"))
             (sha256
              (base32
-              "1hkaq8mavmn2wphfbrlq3v56jvmvfi2nyvrkjgr28rc01jkqx4ca"))))
+              "1gkz90clarbhgfxhq91s0is6lw6bfymyjb0xbyyswdg68kcqfcy1"))))
 
          (upstream-icecat-base-version "60.7.0") ; maybe older than base-version
          (upstream-icecat-gnu-version "1")
@@ -627,7 +627,7 @@ (define-public icecat
        ("mesa" ,mesa)
        ("mit-krb5" ,mit-krb5)
        ;; See <https://bugs.gnu.org/32833>
-       ;;   and related comments in the 'snippet' above.
+       ;;   and related comments in the 'remove-bundled-libraries' phase.
        ;; UNBUNDLE-ME! ("nspr" ,nspr)
        ;; UNBUNDLE-ME! ("nss" ,nss)
        ("sqlite" ,sqlite)
@@ -720,7 +720,8 @@ (define-public icecat
                            "--with-system-icu"
                            
                            ;; See <https://bugs.gnu.org/32833>
-                           ;;   and related comments in the 'snippet' above.
+                           ;;   and related comments in the
+                           ;;   'remove-bundled-libraries' phase below.
                            ;; UNBUNDLE-ME! "--with-system-nspr"
                            ;; UNBUNDLE-ME! "--with-system-nss"
                            
-- 
GitLab