From 4e2b190d52830ee2e11c51bba8c4e1c187b83978 Mon Sep 17 00:00:00 2001
From: Peter Hoeg <peter@hoeg.com>
Date: Wed, 24 May 2017 13:07:28 +0800
Subject: [PATCH] vlc: 2.2.4 -> 2.2.5.1

Fixes a nasty vulnerability caused by broken subtitle handling:

http://blog.checkpoint.com/2017/05/23/hacked-in-translation/
---
 pkgs/applications/video/vlc/default.nix | 10 ++--------
 1 file changed, 2 insertions(+), 8 deletions(-)

diff --git a/pkgs/applications/video/vlc/default.nix b/pkgs/applications/video/vlc/default.nix
index c52d1439012..48e5af7162d 100644
--- a/pkgs/applications/video/vlc/default.nix
+++ b/pkgs/applications/video/vlc/default.nix
@@ -20,19 +20,13 @@ assert (!withQt5 -> qt4 != null);
 
 stdenv.mkDerivation rec {
   name = "vlc-${version}";
-  version = "2.2.4";
+  version = "2.2.5.1";
 
   src = fetchurl {
     url = "http://get.videolan.org/vlc/${version}/${name}.tar.xz";
-    sha256 = "1gjkrwlg8ab3skzl67cxb9qzg4187ifckd1z9kpy11q058fyjchn";
+    sha256 = "1k51vm6piqlrnld7sxyg0s4kdkd3lan97lmy3v5wdh3qyll8m2xj";
   };
 
-  patches = optional withQt5 (fetchurl {
-    name = "Fix-build-using-old-GCC-intrinsics.patch";
-    url = "https://patches.videolan.org/patch/14061/raw/";
-    sha256 = "16v4k7378a590diz11bdvdaqi9cpf6333hp5wr6v5sfrsma8qvpx";
-  });
-
   # Comment-out the Qt 5.5 version check, as we do apply the relevant patch.
   # https://trac.videolan.org/vlc/ticket/16497
   postPatch = if (!withQt5) then null else