From 73c375787c959e427750c1776b17e0b34377f4f5 Mon Sep 17 00:00:00 2001
From: Jonathan Brielmaier <jonathan.brielmaier@web.de>
Date: Tue, 14 Dec 2021 16:35:03 +0100
Subject: nongnu: firefox: Update to 95.0 [security fixes].

Fixes CVE-2021-43536, CVE-2021-43537, CVE-2021-43538, CVE-2021-43539,
CVE-2021-43540, CVE-2021-43541, CVE-2021-43542, CVE-2021-43543,
CVE-2021-43544, CVE-2021-43545, CVE-2021-43546 and MOZ-2021-0009.

* nongnu/packages/mozilla.scm (firefox): Update to 95.0.
[arguments]: Disable WASM sandbox for now as it requires further
packaging.
---
 nongnu/packages/mozilla.scm | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/nongnu/packages/mozilla.scm b/nongnu/packages/mozilla.scm
index f92cc97..7c1cc7e 100644
--- a/nongnu/packages/mozilla.scm
+++ b/nongnu/packages/mozilla.scm
@@ -84,19 +84,19 @@
 
 ;; Update this id with every firefox update to it's release date.
 ;; It's used for cache validation and therefor can lead to strange bugs.
-(define %firefox-build-id "20211120000000")
+(define %firefox-build-id "20211207000000")
 
 (define-public firefox
   (package
     (name "firefox")
-    (version "94.0.2")
+    (version "95.0")
     (source
      (origin
        (method url-fetch)
        (uri (string-append "https://archive.mozilla.org/pub/firefox/releases/"
                            version "/source/firefox-" version ".source.tar.xz"))
        (sha256
-        (base32 "0xg596bd6lynycag6f03h4y7hpc49hzsb33y7mwk942l0v4a36w9"))))
+        (base32 "1pk493blyndvk49llg7jy62kvlan79qxp68fpbmv4467dqzy98vz"))))
     (build-system gnu-build-system)
     (arguments
      `(#:configure-flags
@@ -130,6 +130,8 @@
            "--disable-updater"
            "--enable-pulseaudio"
            "--disable-crashreporter"
+           ;; TODO: requires some work
+           "--without-wasm-sandboxed-libraries"
 
            ;; Build details
            "--disable-debug"
-- 
cgit v1.2.3