Hi Mark,
Mark H Weaver <m...@netris.org> writes:
> Hi Maxim,
>
> Maxim Cournoyer <maxim.courno...@gmail.com> writes:
>
>> * gnu/packages/gnuzilla.scm (icecat-minimal) [inputs]: Add nspr-next and
>> nss-next.
>> [configure-flags]: Re-instate the "--with-system-nspr" and
>> "--with-system-nss"
>> configure flags.
>> [phases] {remove-bundled-libraries}: Update comment.
>
> This is really great, thank you!
>
> There's just one transient issue that makes me want to hold off on this:
> As I recently reported to guix-security, a Mozilla security advisory
> <https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/>
> published on Tuesday mentions "CVE-2023-0767: Arbitrary memory write via
> PKCS 12 in NSS". I'd like someone to confirm that this issue has been
> fixed in 'nss-next' before applying this commit. I don't have time to
> check it myself right now.
I've updated nss-next to 3.88.1 on master, which is supposed to fix this
CVE, and pushed the whole revised series as v3.
--
Thanks,
Maxim
