From 8b5b3acab3c98bf58e14fc55399a8b3a098094ef Mon Sep 17 00:00:00 2001
From: Marius Bakke <mbakke@fastmail.com>
Date: Wed, 1 May 2019 22:39:23 +0200
Subject: [PATCH] gnu: libpng: Remove graft for 1.6.37.

* gnu/packages/image.scm (libpng): Update to 1.6.37.
[replacement]: Remove field.
(libpng-1.6.37): Remove variable.
---
 gnu/packages/image.scm | 24 ++----------------------
 1 file changed, 2 insertions(+), 22 deletions(-)

diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm
index 9adbf78390..10c2f82153 100644
--- a/gnu/packages/image.scm
+++ b/gnu/packages/image.scm
@@ -86,8 +86,7 @@
 (define-public libpng
   (package
    (name "libpng")
-   (version "1.6.36")
-   (replacement libpng-1.6.37)
+   (version "1.6.37")
    (source (origin
             (method url-fetch)
             (uri (list (string-append "mirror://sourceforge/libpng/libpng16/"
@@ -100,7 +99,7 @@
                         "/libpng16/libpng-" version ".tar.xz")))
             (sha256
              (base32
-              "06d35a3xz2a0kph82r56hqm1fn8fbwrqs07xzmr93dx63x695szc"))))
+              "1jl8in381z0128vgxnvn33nln6hzckl7l7j9nqvkaf1m9n1p0pjh"))))
    (build-system gnu-build-system)
 
    ;; libpng.la says "-lz", so propagate it.
@@ -113,25 +112,6 @@ library.  It supports almost all PNG features and is extensible.")
    (license license:zlib)
    (home-page "http://www.libpng.org/pub/png/libpng.html")))
 
-;; This graft exists to fix CVE-2018-14048, CVE-2018-14550, and CVE-2019-7317.
-(define-public libpng-1.6.37
-  (package
-    (inherit libpng)
-    (version "1.6.37")
-    (source (origin
-              (method url-fetch)
-              (uri (list (string-append "mirror://sourceforge/libpng/libpng16/"
-                                        version "/libpng-" version ".tar.xz")
-                         (string-append
-                          "ftp://ftp.simplesystems.org/pub/libpng/png/src"
-                          "/libpng16/libpng-" version ".tar.xz")
-                         (string-append
-                          "ftp://ftp.simplesystems.org/pub/libpng/png/src/history"
-                          "/libpng16/libpng-" version ".tar.xz")))
-              (sha256
-               (base32
-                "1jl8in381z0128vgxnvn33nln6hzckl7l7j9nqvkaf1m9n1p0pjh"))))))
-
 ;; libpng-apng should be updated when the APNG patch is released:
 ;; <https://bugs.gnu.org/27556>
 (define-public libpng-apng