From 580724655e1b50c9802ffa84de6c9389396d996d Mon Sep 17 00:00:00 2001
From: Andreas Rammhold <andreas@rammhold.de>
Date: Thu, 14 Jun 2018 19:43:48 +0200
Subject: [PATCH] webkitgtk: 2.20.2 -> 2.20.3

This addresses several issues with webkitgtk 2.20.2:

- CVE-2018-4190, information leak (credentials)
- CVE-2018-4199, arbitrary code execution
- CVE-2018-4218, arbitrary code execution
- CVE-2018-4222, arbitrary code execution
- CVE-2018-4232, cookies might be overriden
- CVE-2018-4233, arbitrary code execution
- CVE-2018-11646, application crash
- CVE-2018-12293, heap buffer overflow
---
 pkgs/development/libraries/webkitgtk/2.20.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pkgs/development/libraries/webkitgtk/2.20.nix b/pkgs/development/libraries/webkitgtk/2.20.nix
index 8b25a20d8eb9..7c94e824ccc4 100644
--- a/pkgs/development/libraries/webkitgtk/2.20.nix
+++ b/pkgs/development/libraries/webkitgtk/2.20.nix
@@ -15,7 +15,7 @@ assert stdenv.isDarwin -> !enableGtk2Plugins;
 with stdenv.lib;
 stdenv.mkDerivation rec {
   name = "webkitgtk-${version}";
-  version = "2.20.2";
+  version = "2.20.3";
 
   meta = {
     description = "Web content rendering engine, GTK+ port";
@@ -28,7 +28,7 @@ stdenv.mkDerivation rec {
 
   src = fetchurl {
     url = "http://webkitgtk.org/releases/${name}.tar.xz";
-    sha256 = "1qi6nnj4qidzija1am9xscwjxwfqwhiy7x39ndriqgzh86i97znz";
+    sha256 = "1n0dy94bm7wvxln4jis1gp8plv8n4a01g41724zsf5psg1yk16sp";
   };
 
   patches = optionals stdenv.isDarwin [