From a3eccfd5b0a77f1ea040bb125d28743475c2c595 Mon Sep 17 00:00:00 2001
From: Will Dietz <w@wdtz.org>
Date: Sun, 3 Mar 2019 22:37:13 -0600
Subject: [PATCH] cracklib: 2.9.6 -> 2.9.7

https://github.com/cracklib/cracklib/releases/tag/v2.9.7

I haven't looked into the details but notes mention:

> apply patch to fix CVE-2016-6318 Stack-based buffer overflow when parsing large GECOS field
> fix a buffer overflow processing long words
---
 pkgs/development/libraries/cracklib/default.nix | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/pkgs/development/libraries/cracklib/default.nix b/pkgs/development/libraries/cracklib/default.nix
index b75f03fab7c..a2670bff6b7 100644
--- a/pkgs/development/libraries/cracklib/default.nix
+++ b/pkgs/development/libraries/cracklib/default.nix
@@ -1,11 +1,12 @@
 { stdenv, fetchurl, zlib, gettext }:
 
 stdenv.mkDerivation rec {
-  name = "cracklib-2.9.6";
+  pname = "cracklib";
+  version = "2.9.7";
 
   src = fetchurl {
-    url = "https://github.com/cracklib/cracklib/releases/download/${name}/${name}.tar.gz";
-    sha256 = "0hrkb0prf7n92w6rxgq0ilzkk6rkhpys2cfqkrbzswp27na7dkqp";
+    url = "https://github.com/${pname}/${pname}/releases/download/v${version}/${pname}-${version}.tar.bz2";
+    sha256 = "1rimpjsdnmw8f5b7k558cic41p2qy2n2yrlqp5vh7mp4162hk0py";
   };
 
   buildInputs = [ zlib gettext ];