zlib: 1.2.11 -> 1.2.12 (security, CVE-2018-25032)

This version bump is the official fix for CVE-2018-25032. Release Notes: https://zlib.net/
2 years ago · 8cd9c041b4
parent be4f006d3c
commit 8cd9c041b4
2 changed files with 2 additions and 25 deletions
--- a/pkgs/development/libraries/zlib/default.nix
+++ b/pkgs/development/libraries/zlib/default.nix
@ -23,26 +23,16 @@ assert splitStaticOutput -> static;

 stdenv.mkDerivation (rec {
  pname = "zlib";
-  version = "1.2.11";
+  version = "1.2.12";

  src = fetchurl {
    urls =
      [ "https://www.zlib.net/fossils/zlib-${version}.tar.gz"  # stable archive path
        "mirror://sourceforge/libpng/zlib/${version}/zlib-${version}.tar.gz"
      ];
-    sha256 = "c3e5e9fdd5004dcb542feda5ee4f0ff0744628baf8ed2dd5d66f8ca1197cb1a1";
+    sha256 = "91844808532e5ce316b3c010929493c0244f3d37593afd6de04f71821d5136d9";
  };

-  patches = [
-    # https://nvd.nist.gov/vuln/detail/CVE-2018-25032
-    # https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531
-    ./CVE-2018-25032-1.patch
-    # https://github.com/madler/zlib/commit/4346a16853e19b45787ce933666026903fb8f3f8
-    ./CVE-2018-25032-2.patch
-  ] ++ lib.optionals stdenv.hostPlatform.isCygwin [
-    ./disable-cygwin-widechar.patch
-  ];
-
  postPatch = lib.optionalString stdenv.hostPlatform.isDarwin ''
    substituteInPlace configure \
      --replace '/usr/bin/libtool' '${stdenv.cc.targetPrefix}ar' \
--- a/pkgs/development/libraries/zlib/disable-cygwin-widechar.patch
+++ b/pkgs/development/libraries/zlib/disable-cygwin-widechar.patch
@ -1,13 +0,0 @@
-diff --git a/gzguts.h b/gzguts.h
-index 990a4d2..6378d46 100644
--- a/gzguts.h
-+++ b/gzguts.h
-@@ -39,7 +39,7 @@
- #  include <io.h>
- #endif
- 
-#if defined(_WIN32) || defined(__CYGWIN__)
-+#if defined(_WIN32)
- #  define WIDECHAR
- #endif
-