From 674e46d643a46eda2079b7cc387f3f34da796831 Mon Sep 17 00:00:00 2001
From: es_github <es_github@keiko.sh.s>
Date: Sun, 25 Jun 2017 22:12:02 +0100
Subject: [PATCH 1/2] p7zip: Update CVE-2016-9296 patch URL.

The debian source for this patch file has gone away, rendering this derivation
unbuildable from scratch.
This change updates the URL to a src.fedoraproject.org location that is still
serving a p7zip patch. This file is not the same bytewise, so I'm also updating
the hash; I didn't manage to find a location still serving a file with the
original hash, and my best guess is that this one is functionally equivalent.
---
 pkgs/tools/archivers/p7zip/default.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pkgs/tools/archivers/p7zip/default.nix b/pkgs/tools/archivers/p7zip/default.nix
index 8e9db09147e..8d6216cb5ac 100644
--- a/pkgs/tools/archivers/p7zip/default.nix
+++ b/pkgs/tools/archivers/p7zip/default.nix
@@ -11,8 +11,8 @@ stdenv.mkDerivation rec {
 
   patches = [
     (fetchpatch {
-      url = "https://sources.debian.net/data/main/p/p7zip/16.02+dfsg-2/debian/patches/12-CVE-2016-9296.patch";
-      sha256 = "1i7099h27gmb9dv0lb7jnqfm504gs1c3129r6kvi94yb2gzrzk41";
+      url = "https://src.fedoraproject.org/cgit/rpms/p7zip.git/plain/CVE-2016-9296.patch";
+      sha256 = "09wbkzai46bwm8zmplsz0m4jck3qn7snr68i9p1gsih300zidj0m";
     })
   ];
 

From 6cad339a0eb0d052c8f5e4a88ce89c49792feee5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Vladim=C3=ADr=20=C4=8Cun=C3=A1t?= <vcunat@gmail.com>
Date: Mon, 3 Jul 2017 08:19:20 +0200
Subject: [PATCH 2/2] p7zip: add commit ID to the patch

We still do mirror the patch (I think), as `nix-build -Q -A p7zip.patches`
downloaded it on my machine.  I verified that only the diff headers differ;
it's still better to have another working download and Fedora's URLs are
less likely to disappear than Debian's.
/cc #27075.
---
 pkgs/tools/archivers/p7zip/default.nix | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/pkgs/tools/archivers/p7zip/default.nix b/pkgs/tools/archivers/p7zip/default.nix
index 8d6216cb5ac..3550b7d7de3 100644
--- a/pkgs/tools/archivers/p7zip/default.nix
+++ b/pkgs/tools/archivers/p7zip/default.nix
@@ -10,8 +10,9 @@ stdenv.mkDerivation rec {
   };
 
   patches = [
-    (fetchpatch {
-      url = "https://src.fedoraproject.org/cgit/rpms/p7zip.git/plain/CVE-2016-9296.patch";
+    (fetchpatch rec {
+      name = "CVE-2016-9296.patch";
+      url = "https://src.fedoraproject.org/cgit/rpms/p7zip.git/plain/${name}?id=4b3973f6a5d";
       sha256 = "09wbkzai46bwm8zmplsz0m4jck3qn7snr68i9p1gsih300zidj0m";
     })
   ];