fig2dev: 3.2.8a -> 3.2.8b

This appears to fix a serie of buffer overflow. 8f11139e53/
2021-09-01 12:11:44 +02:00 · 2021-09-01 12:11:44 +02:00 · 4cacbf4746
commit 4cacbf4746
parent ed48b35991
1 changed files with 2 additions and 12 deletions
--- a/pkgs/applications/graphics/fig2dev/default.nix
+++ b/pkgs/applications/graphics/fig2dev/default.nix
@ -1,7 +1,6 @@
 { lib
 , stdenv
 , fetchurl
-, fetchpatch
 , ghostscript
 , libpng
 , makeWrapper
@ -14,22 +13,13 @@

 stdenv.mkDerivation rec {
  pname = "fig2dev";
-  version = "3.2.8a";
+  version = "3.2.8b";

  src = fetchurl {
    url = "mirror://sourceforge/mcj/fig2dev-${version}.tar.xz";
-    sha256 = "1bm75lf9j54qpbjx8hzp6ixaayp1x9w4v3yxl6vxyw8g5m4sqdk3";
+    sha256 = "1jv8rg71dsy00lpg434r5zqs5qrg8mxqvv2gpcjjvmzsm551d2j1";
  };

-  patches = [
-    (fetchpatch {
-      name = "CVE-2021-3561.patch";
-      # Using Debian patch since it is not possible to download it directly from Sourceforge
-      url = "https://sources.debian.org/data/main/f/fig2dev/1:3.2.8-3/debian/patches/33_sanitize-color.patch";
-      sha256 = "1bppr3li03nj4qjibnddr2f38mpk55pcn5z6k98pf00gabq33fgs";
-    })
-  ];
-
  nativeBuildInputs = [ makeWrapper ];
  buildInputs = [ libpng ];