From 47aefa51ccf896247c72dd3b6b2860f309282b32 Mon Sep 17 00:00:00 2001
From: Thomas Gerbet <thomas@gerbet.me>
Date: Tue, 29 Nov 2022 22:02:17 +0100
Subject: [PATCH] mujs: 1.2.0 -> 1.3.2

Fixes CVE-2022-44789.

https://git.ghostscript.com/?p=mujs.git;a=shortlog;h=refs/tags/1.3.2
---
 pkgs/development/interpreters/mujs/default.nix | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/pkgs/development/interpreters/mujs/default.nix b/pkgs/development/interpreters/mujs/default.nix
index 062647416b15..1c0db241c1c8 100644
--- a/pkgs/development/interpreters/mujs/default.nix
+++ b/pkgs/development/interpreters/mujs/default.nix
@@ -1,14 +1,24 @@
-{ lib, stdenv, fetchurl, readline }:
+{ lib, stdenv, fetchurl, fetchpatch, readline }:
 
 stdenv.mkDerivation rec {
   pname = "mujs";
-  version = "1.2.0";
+  version = "1.3.2";
 
   src = fetchurl {
     url = "https://mujs.com/downloads/mujs-${version}.tar.xz";
-    sha256 = "sha256-ZpdtHgajUnVKI0Kvc9Guy7U8x82uK2jNoBO33c+SMjM=";
+    sha256 = "sha256-SIZZP8aIsM3M0x5ey+Wv560b7iOqaeZnuHGv1d/GQMM=";
   };
 
+  patches = lib.optionals stdenv.isDarwin [
+    (fetchpatch {
+      # ld: library not found for -l:libmujs.a
+      name = "darwin-failures.patch";
+      url = "https://git.ghostscript.com/?p=mujs.git;a=patch;h=d592c785c0b2f9fea982ac3fe7b88fdd7c4817fc";
+      sha256 = "sha256-/57A7S65LWZFyQIGe+LtqDMu85K1N/hbztXB+/nCDJk=";
+      revert = true;
+    })
+  ];
+
   buildInputs = [ readline ];
 
   makeFlags = [ "prefix=$(out)" ];