optipng: 0.7.7 -> 0.7.8

Fixes CVE-2023-43907.

Changelog:
```
 * Upgraded libpng to version 1.6.40.
 * Upgraded zlib to version 1.3-optipng.
 * Upgraded cexcept to version 2.0.2-optipng.
!! Fixed a global-buffer-overflow vulnerability in the GIF reader.
   [Reported by Zeng Yunxiang; fixed by Thomas Hurst]
 ! Fixed a stack-print-after-scope defect in the error handler.
 ! Fixed an assertion failure in the image reduction module.
 ! Fixed the command-line wildargs expansion in the Windows port.
 * Raised the minimum required libpng version from 1.2.9 to 1.6.35.
 * Raised the minimum required zlib version from 1.2.1 to 1.2.8.
 * Refactored the structured exception handling.
```

https://optipng.sourceforge.net/history.txt

1 files changed, 7 insertions, 3 deletions

diff --git a/pkgs/tools/graphics/optipng/default.nix b/pkgs/tools/graphics/optipng/default.nix
index 3e9127a9a9aec..2f70dec897c04 100644
--- a/pkgs/tools/graphics/optipng/default.nix
+++ b/pkgs/tools/graphics/optipng/default.nix
@@ -6,22 +6,26 @@
 
 stdenv.mkDerivation rec {
   pname = "optipng";
-  version = "0.7.7";
+  version = "0.7.8";
 
   src = fetchurl {
     url = "mirror://sourceforge/optipng/optipng-${version}.tar.gz";
-    sha256 = "0lj4clb851fzpaq446wgj0sfy922zs5l5misbpwv6w7qrqrz4cjg";
+    hash = "sha256-JaO9aEgfIVAsyqD0wT+E3PayAzjkxOjFHyzvvYUTOYw=";
   };
 
   buildInputs = [ libpng ];
 
-  LDFLAGS = lib.optional static "-static";
   # Workaround for crash in cexcept.h. See
   # https://github.com/NixOS/nixpkgs/issues/28106
   preConfigure = ''
     export LD=$CC
   '';
 
+  # OptiPNG does not like --static, --build or --host
+  dontDisableStatic = true;
+  dontAddStaticConfigureFlags = true;
+  configurePlatforms = [ ];
+
   configureFlags = [
     "--with-system-zlib"
     "--with-system-libpng"