From faed026cd4e0532cb19b1d9d83e84fc9052b396e Mon Sep 17 00:00:00 2001
From: Franz Pletz <fpletz@fnordicwalking.de>
Date: Thu, 28 Sep 2017 15:59:40 +0200
Subject: [PATCH] fossil: 2.2 -> 2.3

Fixes XSS vulnerability on the /help webpage. No CVE known.
---
 pkgs/applications/version-management/fossil/default.nix | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/pkgs/applications/version-management/fossil/default.nix b/pkgs/applications/version-management/fossil/default.nix
index cefdc1108bf..80c4401f170 100644
--- a/pkgs/applications/version-management/fossil/default.nix
+++ b/pkgs/applications/version-management/fossil/default.nix
@@ -2,15 +2,16 @@
 , tcllib, withJson ? true}:
 
 stdenv.mkDerivation rec {
-  name = "fossil-2.2";
+  name = "fossil-${version}";
+  version = "2.3";
 
   src = fetchurl {
-    urls = 
+    urls =
       [
-        https://www.fossil-scm.org/index.html/uv/fossil-src-2.2.tar.gz
+        "https://www.fossil-scm.org/index.html/uv/fossil-src-${version}.tar.gz"
       ];
     name = "${name}.tar.gz";
-    sha256 = "0wfgacfg29dkl0c3l1rp5ji0kraa64gcbg5lh8p4m7mqdqcq53wv";
+    sha256 = "0paalvb4rdyr79v6rwspaha5n4dqb92df9irijha13m3apsanwzh";
   };
 
   buildInputs = [ zlib openssl readline sqlite which ed ]