guix/gnu at 56f909eefd1f7a160b799efd358e52bfad197df4 - guix

mirror of https://git.savannah.gnu.org/git/guix.git synced 2026-04-07 21:50:35 +02:00

Files

Ian Eure 56f909eefd gnu: librewolf: Update to 143.0-1 [security-fixes].

Contains fixes for:
CVE-2025-10527: Sandbox escape due to use-after-free in the Graphics:
                Canvas2D component
CVE-2025-10528: Sandbox escape due to undefined behavior, invalid
                pointer in the Graphics: Canvas2D component
CVE-2025-10529: Same-origin policy bypass in the Layout component
CVE-2025-10530: Spoofing issue in the WebAuthn component in Firefox
                for Android
CVE-2025-10531: Mitigation bypass in the Web Compatibility: Tooling
                component
CVE-2025-10532: Incorrect boundary conditions in the JavaScript: GC
                component
CVE-2025-10533: Integer overflow in the SVG component
CVE-2025-10534: Spoofing issue in the Site Permissions component
CVE-2025-10535: Information disclosure, mitigation bypass in the
                Privacy component in Firefox for Android
CVE-2025-10536: Information disclosure in the Networking: Cache
                component
CVE-2025-10537: Memory safety bugs fixed in Firefox ESR 140.3,
                Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143

* gnu/packages/librewolf.scm (librewolf): Update to 143.0-1.

Change-Id: Idaa54a67f36b10e990363371505437159add938d

2025-09-25 16:37:21 -07:00