diff --git a/pkgs/servers/web-apps/discourse/default.nix b/pkgs/servers/web-apps/discourse/default.nix
index 17f79f75054..07bab2c9aa2 100644
--- a/pkgs/servers/web-apps/discourse/default.nix
+++ b/pkgs/servers/web-apps/discourse/default.nix
@@ -2,8 +2,9 @@
 , fetchFromGitHub, bundlerEnv, callPackage
 
 , ruby, replace, gzip, gnutar, git, cacert, util-linux, gawk
-, imagemagick, optipng, pngquant, libjpeg, jpegoptim, gifsicle, libpsl
-, redis, postgresql, which, brotli, procps, rsync, nodePackages, v8
+, imagemagick, optipng, pngquant, libjpeg, jpegoptim, gifsicle, jhead
+, libpsl, redis, postgresql, which, brotli, procps, rsync
+, nodePackages, v8
 
 , plugins ? []
 }@args:
@@ -41,6 +42,7 @@ let
     jpegoptim
     gifsicle
     nodePackages.svgo
+    jhead
   ];
 
   runtimeEnv = {
@@ -241,9 +243,6 @@ let
       # Add a noninteractive admin creation task
       ./admin_create.patch
 
-      # Disable jhead, which is currently marked as vulnerable
-      ./disable_jhead.patch
-
       # Add the path to the CA cert bundle to make TLS work
       ./action_mailer_ca_cert.patch
 
diff --git a/pkgs/servers/web-apps/discourse/disable_jhead.patch b/pkgs/servers/web-apps/discourse/disable_jhead.patch
deleted file mode 100644
index a7ee56ff185..00000000000
--- a/pkgs/servers/web-apps/discourse/disable_jhead.patch
+++ /dev/null
@@ -1,12 +0,0 @@
-diff --git a/lib/file_helper.rb b/lib/file_helper.rb
-index d87da5a85e..f5323292d7 100644
---- a/lib/file_helper.rb
-+++ b/lib/file_helper.rb
-@@ -127,6 +127,7 @@ class FileHelper
-         jpegrecompress: false,
-         # Skip looking for gifsicle, svgo binaries
-         gifsicle: false,
-+        jhead: false,
-         svgo: false
-       )
-     end