From 4cacbf474659a9bb5af4ad8a8474f2dfda2067cf Mon Sep 17 00:00:00 2001 From: Thomas Gerbet Date: Wed, 1 Sep 2021 12:11:44 +0200 Subject: [PATCH] fig2dev: 3.2.8a -> 3.2.8b This appears to fix a serie of buffer overflow. https://sourceforge.net/p/mcj/fig2dev/ci/8f11139e53174e90e5132cc7633327ae92b65322/ --- pkgs/applications/graphics/fig2dev/default.nix | 14 ++------------ 1 file changed, 2 insertions(+), 12 deletions(-) diff --git a/pkgs/applications/graphics/fig2dev/default.nix b/pkgs/applications/graphics/fig2dev/default.nix index 31d14185dcd9..8fa85803bfd8 100644 --- a/pkgs/applications/graphics/fig2dev/default.nix +++ b/pkgs/applications/graphics/fig2dev/default.nix @@ -1,7 +1,6 @@ { lib , stdenv , fetchurl -, fetchpatch , ghostscript , libpng , makeWrapper @@ -14,22 +13,13 @@ stdenv.mkDerivation rec { pname = "fig2dev"; - version = "3.2.8a"; + version = "3.2.8b"; src = fetchurl { url = "mirror://sourceforge/mcj/fig2dev-${version}.tar.xz"; - sha256 = "1bm75lf9j54qpbjx8hzp6ixaayp1x9w4v3yxl6vxyw8g5m4sqdk3"; + sha256 = "1jv8rg71dsy00lpg434r5zqs5qrg8mxqvv2gpcjjvmzsm551d2j1"; }; - patches = [ - (fetchpatch { - name = "CVE-2021-3561.patch"; - # Using Debian patch since it is not possible to download it directly from Sourceforge - url = "https://sources.debian.org/data/main/f/fig2dev/1:3.2.8-3/debian/patches/33_sanitize-color.patch"; - sha256 = "1bppr3li03nj4qjibnddr2f38mpk55pcn5z6k98pf00gabq33fgs"; - }) - ]; - nativeBuildInputs = [ makeWrapper ]; buildInputs = [ libpng ];