openjpeg: 2.1.2 -> 2.3.0 for multiple CVEs

Fixes: * CVE-2016-10504 * CVE-2016-10505 * CVE-2016-10506 * CVE-2016-10507 * CVE-2016-9112 * CVE-2016-9113 * CVE-2016-9114 * CVE-2016-9115 * CVE-2016-9116 * CVE-2016-9117 * CVE-2016-9118 cc #30959 (cherry picked from commit 4e57256)
NixOS · Nov 19, 2017 · 4370e93 · 4370e93
1 parent d9620e9
commit 4370e93
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 275 deletions.
diff --git a/pkgs/development/libraries/openjpeg/2.1.nix b/pkgs/development/libraries/openjpeg/2.1.nix
@@ -1,37 +1,8 @@
 { callPackage, fetchpatch, ... } @ args:
 
 callPackage ./generic.nix (args // rec {
-  version = "2.1.2";
-  branch = "2.1";
-  revision = "v2.1.2";
-  sha256 = "0kdcl9sqjz0vagli4ad6bxq1r8ma086m0prpkm5x3dxp37hpjp8h";
-
-  patches = [
-    # Fetched from https://github.com/szukw000/openjpeg/commit/cadff5fb6e73398de26a92e96d3d7cac893af255
-    # Referenced from https://bugzilla.redhat.com/show_bug.cgi?id=1405135
-    # Put in our source code to make sure we don't lose it, since that
-    # referenced commit is someone else's fork, and not actually up-stream.
-    ./CVE-2016-9580-and-CVE-2016-9581.patch
-
-    (fetchpatch {
-      url = "https://bugzilla.suse.com/attachment.cgi?id=707359&action=diff&context=patch&collapsed=&headers=1&format=raw";
-      name = "CVE-2016-9112.patch";
-      sha256 = "18hqx73wdzfybr5n5k6pzhbhdlmawiqbjci8n82zykxiyfgp18pd";
-    })
-    (fetchpatch {
-      url = "https://bugzilla.suse.com/attachment.cgi?id=707354&action=diff&context=patch&collapsed=&headers=1&format=raw";
-      name = "CVE-2016-9114.patch";
-      sha256 = "0qam3arw9kdbh4501xim2pyldl708dnpyjwvjmwc9gc7hcq4gfi3";
-    })
-    (fetchpatch {
-      url = "https://bugzilla.suse.com/attachment.cgi?id=707356&action=diff&context=patch&collapsed=&headers=1&format=raw";
-      name = "CVE-2016-9116.patch";
-      sha256 = "0yyb3pxqi5sr44a48bacngzp206j4z49lzkg6hbkz1nra9na61a3";
-    })
-    (fetchpatch {
-      url = "https://bugzilla.suse.com/attachment.cgi?id=707358&action=diff&context=patch&collapsed=&headers=1&format=raw";
-      name = "CVE-2016-9118.patch";
-      sha256 = "125n8bmh07y7697s0y82ypb39rxgj0bdn8rcywbvamscagwg2wy9";
-    })
-  ];
+  version = "2.3.0";
+  branch = "2.3";
+  revision = "v${version}";
+  sha256 = "08plxrnfl33sn2vh5nwbsngyv6b1sfpplvx881crm1v1ai10m2lz";
 })
diff --git a/pkgs/development/libraries/openjpeg/CVE-2016-9580-and-CVE-2016-9581.patch b/pkgs/development/libraries/openjpeg/CVE-2016-9580-and-CVE-2016-9581.patch