jasper: remove, abandoned upstream.

Jasper has been marked insecure for a while, and upstream has not been responsive to CVEs for over a year. Fixes #55388. Signed-off-by: David Anderson <dave@natulte.net>
2020-03-14 01:30:31 -07:00
parent 9c11454182
commit 3a38cef8f9
12 changed files with 9 additions and 83 deletions
--- a/pkgs/development/libraries/jasper/default.nix
+++ b/pkgs/development/libraries/jasper/default.nix
@@ -1,51 +0,0 @@
-{ stdenv, fetchFromGitHub, fetchpatch, libjpeg, cmake }:
-
-stdenv.mkDerivation rec {
-  pname = "jasper";
-  version = "2.0.16";
-
-  src = fetchFromGitHub {
-    repo = "jasper";
-    owner = "mdadams";
-    rev = "version-${version}";
-    sha256 = "05l75yd1zsxwv25ykwwwjs8961szv7iywf16nc6vc6qpby27ckv6";
-  };
-
-  patches = [
-    (fetchpatch {
-      name = "CVE-2018-9055.patch";
-      url = "http://paste.opensuse.org/view/raw/330751ce";
-      sha256 = "0m798m6c4v9yyhql7x684j5kppcm6884n1rrb9ljz8p9aqq2jqnm";
-    })
-  ];
-
-
-  # newer reconf to recognize a multiout flag
-  nativeBuildInputs = [ cmake ];
-  propagatedBuildInputs = [ libjpeg ];
-
-  configureFlags = [ "--enable-shared" ];
-
-  outputs = [ "bin" "dev" "out" "man" ];
-
-  enableParallelBuilding = true;
-
-  doCheck = false; # fails
-
-  postInstall = ''
-    moveToOutput bin "$bin"
-  '';
-
-  meta = with stdenv.lib; {
-    homepage = "https://www.ece.uvic.ca/~frodo/jasper/";
-    description = "JPEG2000 Library";
-    platforms = platforms.unix;
-    license = licenses.jasper;
-    maintainers = with maintainers; [ pSub ];
-    knownVulnerabilities = [
-      "Numerous CVE unsolved upstream"
-      "See: https://github.com/NixOS/nixpkgs/pull/57681#issuecomment-475857499"
-      "See: https://github.com/mdadams/jasper/issues/208"
-    ];
-  };
-}