libvorbis: fix 404'ing patch

Also use full commit for the other patch, just in case there's ever a collision, as unlikely as that may be.
author: Cole Helbling <cole.e.helbling@outlook.com> 2020-04-30 18:21:03 -0700
committer: Frederik Rietdijk <freddyrietdijk@fridh.nl> 2020-05-01 08:49:14 +0200
commit: 90c503237a242aaa043cd1b3ddbb81c92a36a9ae (patch)
tree: 6f63496e69ee069679196aa2cde1dce1a02af464 /pkgs/development/libraries/libvorbis
parent: ed2ac0dcfaa5ed5028bce88d7ff47c4e1af4345b (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/pkgs/development/libraries/libvorbis/default.nix b/pkgs/development/libraries/libvorbis/default.nix
index c867b73c31709..28c5536d626d6 100644
--- a/pkgs/development/libraries/libvorbis/default.nix
+++ b/pkgs/development/libraries/libvorbis/default.nix
@@ -12,12 +12,12 @@ stdenv.mkDerivation rec {
 
   patches = [
     (fetchpatch {
-      url = "https://gitlab.xiph.org/xiph/vorbis/uploads/a68cf70fa10c8081a633f77b5c6576b7/0001-CVE-2017-14160-make-sure-we-don-t-overflow.patch";
-      sha256 = "0v21p59cb3z77ch1v6q5dcrd733h91f3m8ifnd7kkkr8gzn17d5x";
+      url = "https://gitlab.xiph.org/xiph/vorbis/commit/018ca26dece618457dd13585cad52941193c4a25.patch";
+      sha256 = "18k4vp0nmrxxpis641ylnw6dgwxrymh5bf74njr6v8dizmmz1bkj";
       name = "CVE-2017-14160+CVE-2018-10393.patch";
     })
     (fetchpatch {
-      url = "https://gitlab.xiph.org/xiph/vorbis/commit/112d3bd0aaa.diff";
+      url = "https://gitlab.xiph.org/xiph/vorbis/commit/112d3bd0aaacad51305e1464d4b381dabad0e88b.diff";
       sha256 = "1k77y3q36npy8mkkz40f6cb46l2ldrwyrd191m29s8rnbhnafdf7";
       name = "CVE-2018-10392.patch";
     })
author	Cole Helbling <cole.e.helbling@outlook.com>	2020-04-30 18:21:03 -0700
committer	Frederik Rietdijk <freddyrietdijk@fridh.nl>	2020-05-01 08:49:14 +0200
commit	90c503237a242aaa043cd1b3ddbb81c92a36a9ae (patch)
tree	6f63496e69ee069679196aa2cde1dce1a02af464 /pkgs/development/libraries/libvorbis
parent	ed2ac0dcfaa5ed5028bce88d7ff47c4e1af4345b (diff)