jasper: 1.900.2 -> 1.900.21 (security)

Incorporates fixes from all patches for the CVEs listed and some more
security-related issues like:

  http://www.openwall.com/lists/oss-security/2016/11/04/11

1 files changed, 2 insertions, 16 deletions

diff --git a/pkgs/development/libraries/jasper/default.nix b/pkgs/development/libraries/jasper/default.nix
index e2061df88f094..895d72dd7a0ac 100644
--- a/pkgs/development/libraries/jasper/default.nix
+++ b/pkgs/development/libraries/jasper/default.nix
@@ -1,27 +1,13 @@
 { stdenv, fetchurl, fetchpatch, libjpeg, autoreconfHook }:
 
 stdenv.mkDerivation rec {
-  name = "jasper-1.900.2";
+  name = "jasper-1.900.21";
 
   src = fetchurl {
     url = "http://www.ece.uvic.ca/~mdadams/jasper/software/${name}.tar.gz";
-    sha256 = "0bkibjhq3js2ldxa2f9pss84lcx4f5d3v0qis3ifi11ciy7a6c9a";
+    sha256 = "1cypmlzq5vmbacsn8n3ls9p7g64scv3fzx88qf8c270dz10s5j79";
   };
 
-  patches = [
-    ./jasper-CVE-2014-8137-variant2.diff
-    ./jasper-CVE-2014-8137-noabort.diff
-
-    (fetchpatch { # CVE-2016-2089
-      url = "https://github.com/mdadams/jasper/commit/aa6d9c2bbae9155f8e1466295373a68fa97291c3.patch";
-      sha256 = "1pxnm86zmbq6brfwsm5wx3iv7s92n4xilc52lzp61q266jmlggrf";
-    })
-    (fetchpatch { # CVE-2015-5203
-      url = "https://github.com/mdadams/jasper/commit/e73bb58f99fec0bf9c5d8866e010fcf736a53b9a.patch";
-      sha256 = "1r6hxbnhpnb7q6p2kbdxc1cpph3ic851x2hy477yv5c3qmrbx9bk";
-    })
-  ];
-
   # newer reconf to recognize a multiout flag
   nativeBuildInputs = [ autoreconfHook ];
   propagatedBuildInputs = [ libjpeg ];