p7zip: Update CVE-2016-9296 patch URL.

The debian source for this patch file has gone away, rendering this derivation unbuildable from scratch. This change updates the URL to a src.fedoraproject.org location that is still serving a p7zip patch. This file is not the same bytewise, so I'm also updating the hash; I didn't manage to find a location still serving a file with the original hash, and my best guess is that this one is functionally equivalent.
7 years ago · 674e46d643
parent c5e314dabe
commit 674e46d643
1 changed files with 2 additions and 2 deletions
--- a/pkgs/tools/archivers/p7zip/default.nix
+++ b/pkgs/tools/archivers/p7zip/default.nix
@ -11,8 +11,8 @@ stdenv.mkDerivation rec {

  patches = [
    (fetchpatch {
-      url = "https://sources.debian.net/data/main/p/p7zip/16.02+dfsg-2/debian/patches/12-CVE-2016-9296.patch";
-      sha256 = "1i7099h27gmb9dv0lb7jnqfm504gs1c3129r6kvi94yb2gzrzk41";
+      url = "https://src.fedoraproject.org/cgit/rpms/p7zip.git/plain/CVE-2016-9296.patch";
+      sha256 = "09wbkzai46bwm8zmplsz0m4jck3qn7snr68i9p1gsih300zidj0m";
    })
  ];