jbig2dec: bugfix 0.13 -> 0.14

Many of the fixes seem to have potential to be vulnerabilities, though most aren't labeled with a CVE number. /cc #32459
2017-12-09 19:16:36 +01:00 · 2017-12-09 19:16:36 +01:00 · 8f4f9b6223
commit 8f4f9b6223
parent 6d7ceedaf9
1 changed files with 2 additions and 10 deletions
--- a/pkgs/development/libraries/jbig2dec/default.nix
+++ b/pkgs/development/libraries/jbig2dec/default.nix
@ -1,21 +1,13 @@
 { stdenv, fetchurl, fetchpatch }:

 stdenv.mkDerivation rec {
-  name = "jbig2dec-0.13";
+  name = "jbig2dec-0.14";

  src = fetchurl {
    url = "http://downloads.ghostscript.com/public/jbig2dec/${name}.tar.gz";
-    sha256 = "04akiwab8iy5iy34razcvh9mcja9wy737civ3sbjxk4j143s1b2s";
+    sha256 = "0k01hp0q4275fj4rbr1gy64svfraw5w7wvwl08yjhvsnpb1rid11";
  };

-  patches =
-    [ (fetchpatch {
-        url = "http://git.ghostscript.com/?p=jbig2dec.git;a=patch;h=e698d5c11d27212aa1098bc5b1673a3378563092";
-        sha256 = "1fc8xm1z98xj2zkcl0zj7dpjjsbz3vn61b59jnkhcyzy3iiczv7f";
-        name = "CVE-2016-9601.patch";
-      })
-    ];
-
  meta = {
    homepage = https://www.ghostscript.com/jbig2dec.html;
    description = "Decoder implementation of the JBIG2 image compression format";