jasper: 2.0.12 -> 2.0.13, fixes CVE-2017-6850

pkgs/development/libraries/jasper/default.nix

@@ -1,14 +1,14 @@
-{ stdenv, fetchurl, fetchpatch, libjpeg, cmake }:
+{ stdenv, fetchFromGitHub, fetchpatch, libjpeg, cmake }:
 
 stdenv.mkDerivation rec {
-  name = "jasper-2.0.12";
+  name = "jasper-${version}";
+  version = "2.0.13";
 
-  src = fetchurl {
-    # You can find this code on Github at https://github.com/mdadams/jasper
-    # however note at https://www.ece.uvic.ca/~frodo/jasper/#download
-    # not all tagged releases are for distribution.
-    url = "http://www.ece.uvic.ca/~mdadams/jasper/software/${name}.tar.gz";
-    sha256 = "1njdbxv7d4anzrd476wjww2qsi96dd8vfnp4hri0srrqxpszl92v";
+  src = fetchFromGitHub {
+    repo = "jasper";
+    owner = "mdadams";
+    rev = "version-${version}";
+    sha256 = "1kd2xiszg9bxfavs3fadi4gi27m876d9zjjy0ns6mmbcjk109c0a";
   };
 
   # newer reconf to recognize a multiout flag
@@ -29,5 +29,6 @@ stdenv.mkDerivation rec {
     homepage = https://www.ece.uvic.ca/~frodo/jasper/;
     description = "JPEG2000 Library";
     platforms = platforms.unix;
+    maintainers = with maintainers; [ pSub ];
   };
 }