From 160f9124310268ef8151d2cb2dca1b1b601488ad Mon Sep 17 00:00:00 2001
From: Christian Kauhaus <kc@flyingcircus.io>
Date: Tue, 22 Sep 2020 12:17:12 +0200
Subject: [PATCH] libvorbis: 1.3.6 -> 1.3.7

New release contains various security fixes. Among others for:
* CVE-2017-14160
* CVE-2018-10392
* CVE-2018-10393
---
 .../libraries/libvorbis/default.nix           | 19 +++----------------
 1 file changed, 3 insertions(+), 16 deletions(-)

diff --git a/pkgs/development/libraries/libvorbis/default.nix b/pkgs/development/libraries/libvorbis/default.nix
index 28c5536d626..2a9f97cf67f 100644
--- a/pkgs/development/libraries/libvorbis/default.nix
+++ b/pkgs/development/libraries/libvorbis/default.nix
@@ -1,28 +1,15 @@
-{ stdenv, fetchurl, libogg, pkgconfig, fetchpatch }:
+{ stdenv, fetchurl, libogg, pkgconfig }:
 
 stdenv.mkDerivation rec {
-  name = "libvorbis-1.3.6";
+  name = "libvorbis-1.3.7";
 
   src = fetchurl {
     url = "http://downloads.xiph.org/releases/vorbis/${name}.tar.xz";
-    sha256 = "05dlzjkdpv46zb837wysxqyn8l636x3dw8v8ymlrwz2fg1dbn05g";
+    sha256 = "0jwmf87x5sdis64rbv0l87mdpah1rbilkkxszipbzg128f9w8g5k";
   };
 
   outputs = [ "out" "dev" "doc" ];
 
-  patches = [
-    (fetchpatch {
-      url = "https://gitlab.xiph.org/xiph/vorbis/commit/018ca26dece618457dd13585cad52941193c4a25.patch";
-      sha256 = "18k4vp0nmrxxpis641ylnw6dgwxrymh5bf74njr6v8dizmmz1bkj";
-      name = "CVE-2017-14160+CVE-2018-10393.patch";
-    })
-    (fetchpatch {
-      url = "https://gitlab.xiph.org/xiph/vorbis/commit/112d3bd0aaacad51305e1464d4b381dabad0e88b.diff";
-      sha256 = "1k77y3q36npy8mkkz40f6cb46l2ldrwyrd191m29s8rnbhnafdf7";
-      name = "CVE-2018-10392.patch";
-    })
-  ];
-
   nativeBuildInputs = [ pkgconfig ];
   propagatedBuildInputs = [ libogg ];