From 66fad9ba442fc4f9992274c7451253633d7856c3 Mon Sep 17 00:00:00 2001
From: Thomas Gerbet <thomas@gerbet.me>
Date: Wed, 1 Sep 2021 12:11:44 +0200
Subject: [PATCH] fig2dev: 3.2.8a -> 3.2.8b

This appears to fix a serie of buffer overflow.
https://sourceforge.net/p/mcj/fig2dev/ci/8f11139e53174e90e5132cc7633327ae92b65322/

(cherry picked from commit 4cacbf474659a9bb5af4ad8a8474f2dfda2067cf)
---
 pkgs/applications/graphics/fig2dev/default.nix | 14 ++------------
 1 file changed, 2 insertions(+), 12 deletions(-)

diff --git a/pkgs/applications/graphics/fig2dev/default.nix b/pkgs/applications/graphics/fig2dev/default.nix
index 31d14185dcd..8fa85803bfd 100644
--- a/pkgs/applications/graphics/fig2dev/default.nix
+++ b/pkgs/applications/graphics/fig2dev/default.nix
@@ -1,7 +1,6 @@
 { lib
 , stdenv
 , fetchurl
-, fetchpatch
 , ghostscript
 , libpng
 , makeWrapper
@@ -14,22 +13,13 @@
 
 stdenv.mkDerivation rec {
   pname = "fig2dev";
-  version = "3.2.8a";
+  version = "3.2.8b";
 
   src = fetchurl {
     url = "mirror://sourceforge/mcj/fig2dev-${version}.tar.xz";
-    sha256 = "1bm75lf9j54qpbjx8hzp6ixaayp1x9w4v3yxl6vxyw8g5m4sqdk3";
+    sha256 = "1jv8rg71dsy00lpg434r5zqs5qrg8mxqvv2gpcjjvmzsm551d2j1";
   };
 
-  patches = [
-    (fetchpatch {
-      name = "CVE-2021-3561.patch";
-      # Using Debian patch since it is not possible to download it directly from Sourceforge
-      url = "https://sources.debian.org/data/main/f/fig2dev/1:3.2.8-3/debian/patches/33_sanitize-color.patch";
-      sha256 = "1bppr3li03nj4qjibnddr2f38mpk55pcn5z6k98pf00gabq33fgs";
-    })
-  ];
-
   nativeBuildInputs = [ makeWrapper ];
   buildInputs = [ libpng ];