From 99f41189cfcd7b781904e983ddd63c0e8ca8f22a Mon Sep 17 00:00:00 2001
From: Florian Klink <flokli@flokli.de>
Date: Sat, 11 Jul 2020 12:50:07 +0200
Subject: [PATCH] fontconfig_210: remove

fontconfig 2.10.x hasn't had a relase in years, is nowhere used inside
nixpkgs and vulnerable to CVE-2016-5384.
---
 .../development/libraries/fontconfig/2.10.nix | 47 -------------------
 pkgs/top-level/aliases.nix                    |  1 +
 pkgs/top-level/all-packages.nix               |  2 -
 3 files changed, 1 insertion(+), 49 deletions(-)
 delete mode 100644 pkgs/development/libraries/fontconfig/2.10.nix

diff --git a/pkgs/development/libraries/fontconfig/2.10.nix b/pkgs/development/libraries/fontconfig/2.10.nix
deleted file mode 100644
index f4cc29892451b..0000000000000
--- a/pkgs/development/libraries/fontconfig/2.10.nix
+++ /dev/null
@@ -1,47 +0,0 @@
-{ stdenv, fetchurl, pkgconfig, freetype, expat
-}:
-
-stdenv.mkDerivation rec {
-  name = "fontconfig-2.10.2";
-
-  src = fetchurl {
-    url = "http://fontconfig.org/release/${name}.tar.bz2";
-    sha256 = "0llraqw86jmw4vzv7inskp3xxm2gc64my08iwq5mzncgfdbfza4f";
-  };
-
-  outputs = [ "bin" "dev" "lib" "out" ]; # $out contains all the config
-
-  propagatedBuildInputs = [ freetype ];
-  nativeBuildInputs = [ pkgconfig ];
-  buildInputs = [ expat ];
-
-  configureFlags = [
-    "--with-arch=${stdenv.hostPlatform.parsed.cpu.name}"
-    "--sysconfdir=/etc"
-    "--with-cache-dir=/var/cache/fontconfig"
-    "--disable-docs"
-    "--with-default-fonts="
-  ] ++ stdenv.lib.optionals (stdenv.hostPlatform != stdenv.buildPlatform) [
-    "--with-arch=${stdenv.hostPlatform.parsed.cpu.name}"
-  ];
-
-  enableParallelBuilding = true;
-
-  doCheck = true;
-
-  # Don't try to write to /var/cache/fontconfig at install time.
-  installFlags = [ "sysconfdir=$(out)/etc" "fc_cachedir=$(TMPDIR)/dummy" "RUN_FC_CACHE_TEST=false" ];
-
-  passthru = {
-    # Empty for backward compatibility, there was no versioning before 2.11
-    configVersion = "";
-  };
-
-  meta = with stdenv.lib; {
-    description = "A library for font customization and configuration";
-    homepage = "http://fontconfig.org/";
-    license = licenses.bsd2; # custom but very bsd-like
-    platforms = platforms.all;
-    maintainers = [ maintainers.vcunat ];
-  };
-}
diff --git a/pkgs/top-level/aliases.nix b/pkgs/top-level/aliases.nix
index a68232fef04a9..e6a585bb2368e 100644
--- a/pkgs/top-level/aliases.nix
+++ b/pkgs/top-level/aliases.nix
@@ -149,6 +149,7 @@ mapAliases ({
     fontconfig-ultimate has been removed. The repository has been archived upstream and activity has ceased for several years.
     https://github.com/bohoomil/fontconfig-ultimate/issues/171.
   '';
+  fontconfig_210 = throw "fontconfig 2.10.x hasn't had a relase in years, is nowhere used inside nixpkgs and vulnerable to CVE-2016-5384"; # 2020-07-11
   font-droid = throw "font-droid has been deprecated by noto-fonts"; # 2019-04-12
   foomatic_filters = foomatic-filters;  # 2016-08
   fuse_exfat = exfat;                   # 2015-09-11
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index f75b3a41a2e63..152c840fdad67 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -11914,8 +11914,6 @@ in
 
   cfitsio = callPackage ../development/libraries/cfitsio { };
 
-  fontconfig_210 = callPackage ../development/libraries/fontconfig/2.10.nix { };
-
   fontconfig = callPackage ../development/libraries/fontconfig { };
 
   fontconfig-penultimate = callPackage ../data/fonts/fontconfig-penultimate {};