diff --git a/pkgs/development/libraries/gd/CVE-2016-3074.patch b/pkgs/development/libraries/gd/CVE-2016-3074.patch
deleted file mode 100644
index 76994697729b..000000000000
--- a/pkgs/development/libraries/gd/CVE-2016-3074.patch
+++ /dev/null
@@ -1,13 +0,0 @@
-diff --git a/src/gd_gd2.c b/src/gd_gd2.c
-index 6f28461..a50b33d 100644
---- a/src/gd_gd2.c
-+++ b/src/gd_gd2.c
-@@ -165,6 +165,8 @@ _gd2GetHeader (gdIOCtxPtr in, int *sx, int *sy,
- 			if (gdGetInt (&cidx[i].size, in) != 1) {
- 				goto fail2;
- 			};
-+			if (cidx[i].offset < 0 || cidx[i].size < 0)
-+				goto fail2;
- 		};
- 		*chunkIdx = cidx;
- 	};
diff --git a/pkgs/development/libraries/gd/default.nix b/pkgs/development/libraries/gd/default.nix
index bb06893e712e..68c713c235e9 100644
--- a/pkgs/development/libraries/gd/default.nix
+++ b/pkgs/development/libraries/gd/default.nix
@@ -3,6 +3,7 @@
 , zlib
 , libjpeg
 , libpng
+, libwebp
 , libtiff ? null
 , libXpm ? null
 , fontconfig
@@ -11,19 +12,15 @@
 
 stdenv.mkDerivation rec {
   name = "gd-${version}";
-  version = "2.1.1";
+  version = "2.2.1";
 
   src = fetchurl {
     url = "https://github.com/libgd/libgd/releases/download/${name}/libgd-${version}.tar.xz";
-    sha256 = "11djy9flzxczphigqgp7fbbblbq35gqwwhn9xfcckawlapa1xnls";
+    sha256 = "0xmrqka1ggqgml84xbmkw1y0r0lg7qn657v5b1my8pry92p651vh";
   };
 
-  patches = [
-    ./CVE-2016-3074.patch
-  ];
-
   nativeBuildInputs = [ pkgconfig ];
-  buildInputs = [ zlib fontconfig freetype libjpeg libpng libtiff libXpm ];
+  buildInputs = [ zlib fontconfig freetype libjpeg libpng libwebp libtiff libXpm ];
 
   outputs = [ "dev" "out" "bin" ];