From 3e29dd00fc43f585995dc470e7bb9717f6d9f46e Mon Sep 17 00:00:00 2001
From: Franz Pletz <fpletz@fnordicwalking.de>
Date: Fri, 27 Oct 2017 11:50:31 +0200
Subject: [PATCH] wget: 1.19.1 -> 1.19.2 for multiple CVEs

Fixes CVE-2017-13089, CVE-2017-13090.
---
 pkgs/tools/networking/wget/default.nix | 15 +++++----------
 1 file changed, 5 insertions(+), 10 deletions(-)

diff --git a/pkgs/tools/networking/wget/default.nix b/pkgs/tools/networking/wget/default.nix
index 1a260f910e20..b6bbae65e695 100644
--- a/pkgs/tools/networking/wget/default.nix
+++ b/pkgs/tools/networking/wget/default.nix
@@ -1,24 +1,19 @@
 { stdenv, fetchurl, gettext, pkgconfig, perl
 , libidn2, zlib, pcre, libuuid, libiconv
-, IOSocketSSL, LWP, python3
+, IOSocketSSL, LWP, python3, lzip
 , libpsl ? null
 , openssl ? null }:
 
 stdenv.mkDerivation rec {
-  name = "wget-1.19.1";
+  name = "wget-1.19.2";
 
   src = fetchurl {
-    url = "mirror://gnu/wget/${name}.tar.xz";
-    sha256 = "1ljcfhbkdsd0zjfm520rbl1ai62fc34i7c45sfj244l8f6b0p58c";
+    url = "mirror://gnu/wget/${name}.tar.lz";
+    sha256 = "01yzal7xm85543x02bij3capnigr063d6c5vc039f8n5s9d796nm";
   };
 
   patches = [
     ./remove-runtime-dep-on-openssl-headers.patch
-    (fetchurl {
-      name = "CVE-2017-6508";
-      url = "http://git.savannah.gnu.org/cgit/wget.git/patch/?id=4d729e322fae359a1aefaafec1144764a54e8ad4";
-      sha256 = "14r0c5y3w3gavxp2d9yq8xji82izi5sx0sjv6jpmk6zp6cnr7cjf";
-    })
   ];
 
   preConfigure = ''
@@ -34,7 +29,7 @@ stdenv.mkDerivation rec {
     export LIBS="-liconv -lintl"
   '';
 
-  nativeBuildInputs = [ gettext pkgconfig perl ];
+  nativeBuildInputs = [ gettext pkgconfig perl lzip ];
   buildInputs = [ libidn2 libiconv zlib pcre libuuid ]
     ++ stdenv.lib.optionals doCheck [ IOSocketSSL LWP python3 ]
     ++ stdenv.lib.optional (openssl != null) openssl