libvorbis: 1.3.6 -> 1.3.7

New release contains various security fixes. Among others for: * CVE-2017-14160 * CVE-2018-10392 * CVE-2018-10393
2025-01-18 19:03:28 +00:00 · 2020-09-22 12:17:12 +02:00 · 2020-09-22 12:17:12 +02:00 · 160f912431
commit 160f912431
parent 23370afced
1 changed files with 3 additions and 16 deletions
--- a/pkgs/development/libraries/libvorbis/default.nix
+++ b/pkgs/development/libraries/libvorbis/default.nix
@ -1,28 +1,15 @@
-{ stdenv, fetchurl, libogg, pkgconfig, fetchpatch }:
+{ stdenv, fetchurl, libogg, pkgconfig }:

 stdenv.mkDerivation rec {
-  name = "libvorbis-1.3.6";
+  name = "libvorbis-1.3.7";

  src = fetchurl {
    url = "http://downloads.xiph.org/releases/vorbis/${name}.tar.xz";
-    sha256 = "05dlzjkdpv46zb837wysxqyn8l636x3dw8v8ymlrwz2fg1dbn05g";
+    sha256 = "0jwmf87x5sdis64rbv0l87mdpah1rbilkkxszipbzg128f9w8g5k";
  };

  outputs = [ "out" "dev" "doc" ];

-  patches = [
-    (fetchpatch {
-      url = "https://gitlab.xiph.org/xiph/vorbis/commit/018ca26dece618457dd13585cad52941193c4a25.patch";
-      sha256 = "18k4vp0nmrxxpis641ylnw6dgwxrymh5bf74njr6v8dizmmz1bkj";
-      name = "CVE-2017-14160+CVE-2018-10393.patch";
-    })
-    (fetchpatch {
-      url = "https://gitlab.xiph.org/xiph/vorbis/commit/112d3bd0aaacad51305e1464d4b381dabad0e88b.diff";
-      sha256 = "1k77y3q36npy8mkkz40f6cb46l2ldrwyrd191m29s8rnbhnafdf7";
-      name = "CVE-2018-10392.patch";
-    })
-  ];
-
  nativeBuildInputs = [ pkgconfig ];
  propagatedBuildInputs = [ libogg ];