From 12284fff17e96f31250669b5c8fc8dcecb2f2add Mon Sep 17 00:00:00 2001
From: Joachim Fasting <joachifm@fastmail.fm>
Date: Tue, 7 Feb 2017 03:06:30 +0100
Subject: jbig2dec: 0.11 -> 0.13, new upstream location

The most recent version on the sourceforge page is 0.11 which is quite
old; the official upstream site has 0.13; judging by the commit delta,
there've been quite a few bug fixes etc since 0.11.
---
 pkgs/development/libraries/jbig2dec/default.nix | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/pkgs/development/libraries/jbig2dec/default.nix b/pkgs/development/libraries/jbig2dec/default.nix
index 123379d788dc..8828d0057f36 100644
--- a/pkgs/development/libraries/jbig2dec/default.nix
+++ b/pkgs/development/libraries/jbig2dec/default.nix
@@ -1,15 +1,15 @@
 { stdenv, fetchurl }:
 
 stdenv.mkDerivation rec {
-  name = "jbig2dec-0.11";
+  name = "jbig2dec-0.13";
 
   src = fetchurl {
-    url = "mirror://sourceforge/jbig2dec/${name}.tar.xz";
-    sha256 = "1xddc30garsg5j8p348cz5l8vn8j7723c0sykv0kc1w5ihaghsq1";
+    url = "http://downloads.ghostscript.com/public/jbig2dec/${name}.tar.gz";
+    sha256 = "04akiwab8iy5iy34razcvh9mcja9wy737civ3sbjxk4j143s1b2s";
   };
 
   meta = {
-    homepage = http://jbig2dec.sourceforge.net/;
+    homepage = https://www.ghostscript.com/jbig2dec.html;
     description = "Decoder implementation of the JBIG2 image compression format";
     license = stdenv.lib.licenses.gpl2Plus;
     platforms = stdenv.lib.platforms.unix;
-- 
cgit 1.4.1


From 83f83ca4345be7221dd63e4451e3cf5ef1374117 Mon Sep 17 00:00:00 2001
From: Joachim Fasting <joachifm@fastmail.fm>
Date: Tue, 7 Feb 2017 03:08:04 +0100
Subject: jbig2dec: patch for CVE-2016-9601

Upstream bug: https://bugs.ghostscript.com/show_bug.cgi?id=697457

A new release containing this fix is expected in march; until then,
apply patch from upstream. Note that there have been essentially no
changes between 0.13 and this patch.
---
 pkgs/development/libraries/jbig2dec/default.nix | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/pkgs/development/libraries/jbig2dec/default.nix b/pkgs/development/libraries/jbig2dec/default.nix
index 8828d0057f36..45df4876be1f 100644
--- a/pkgs/development/libraries/jbig2dec/default.nix
+++ b/pkgs/development/libraries/jbig2dec/default.nix
@@ -1,4 +1,4 @@
-{ stdenv, fetchurl }:
+{ stdenv, fetchurl, fetchpatch }:
 
 stdenv.mkDerivation rec {
   name = "jbig2dec-0.13";
@@ -8,6 +8,14 @@ stdenv.mkDerivation rec {
     sha256 = "04akiwab8iy5iy34razcvh9mcja9wy737civ3sbjxk4j143s1b2s";
   };
 
+  patches =
+    [ (fetchpatch {
+        url = "http://git.ghostscript.com/?p=jbig2dec.git;a=patch;h=e698d5c11d27212aa1098bc5b1673a3378563092";
+        sha256 = "1fc8xm1z98xj2zkcl0zj7dpjjsbz3vn61b59jnkhcyzy3iiczv7f";
+        name = "CVE-2016-9601.patch";
+      })
+    ];
+
   meta = {
     homepage = https://www.ghostscript.com/jbig2dec.html;
     description = "Decoder implementation of the JBIG2 image compression format";
-- 
cgit 1.4.1