From a64e9269fb0ce5c0eb4ff3f357580e60577bfa6d Mon Sep 17 00:00:00 2001
From: Franz Pletz <fpletz@fnordicwalking.de>
Date: Thu, 3 Nov 2016 05:31:24 +0100
Subject: [PATCH] gitlab: 8.12.6 -> 8.12.8, fix CVE-2016-9086

https://about.gitlab.com/2016/11/02/cve-2016-9086-patches/
(cherry picked from commit a7d35fdff34563ca8ccac09e9c4db2fcaa9ef076)
---
 pkgs/applications/version-management/gitlab/Gemfile   |  2 +-
 .../version-management/gitlab/Gemfile.lock            |  3 ++-
 .../version-management/gitlab/default.nix             |  4 ++--
 .../applications/version-management/gitlab/gemset.nix | 11 ++++++++++-
 4 files changed, 15 insertions(+), 5 deletions(-)

diff --git a/pkgs/applications/version-management/gitlab/Gemfile b/pkgs/applications/version-management/gitlab/Gemfile
index eb3054dfd5b52f..f9d95e121f5f9a 100644
--- a/pkgs/applications/version-management/gitlab/Gemfile
+++ b/pkgs/applications/version-management/gitlab/Gemfile
@@ -103,7 +103,7 @@ gem 'seed-fu', '~> 2.3.5'
 # Markdown and HTML processing
 gem 'html-pipeline', '~> 1.11.0'
 gem 'task_list',     '~> 1.0.2', require: 'task_list/railtie'
-gem 'github-markup', '~> 1.4'
+gem 'gitlab-markup', '~> 1.5.0'
 gem 'redcarpet',     '~> 3.3.3'
 gem 'RedCloth',      '~> 4.3.2'
 gem 'rdoc',          '~>3.6'
diff --git a/pkgs/applications/version-management/gitlab/Gemfile.lock b/pkgs/applications/version-management/gitlab/Gemfile.lock
index 69f2af4f6f0385..0dd9b47ff3e498 100644
--- a/pkgs/applications/version-management/gitlab/Gemfile.lock
+++ b/pkgs/applications/version-management/gitlab/Gemfile.lock
@@ -281,6 +281,7 @@ GEM
       diff-lcs (~> 1.1)
       mime-types (>= 1.16, < 3)
       posix-spawn (~> 0.3)
+    gitlab-markup (1.5.0)
     gitlab_git (10.6.6)
       activesupport (~> 4.0)
       charlock_holmes (~> 0.7.3)
@@ -868,8 +869,8 @@ DEPENDENCIES
   gemnasium-gitlab-service (~> 0.2)
   gemojione (~> 3.0)
   github-linguist (~> 4.7.0)
-  github-markup (~> 1.4)
   gitlab-flowdock-git-hook (~> 1.0.1)
+  github-markup (~> 1.5.0)
   gitlab_git (~> 10.6.6)
   gitlab_meta (= 7.0)
   gitlab_omniauth-ldap (~> 1.2.1)
diff --git a/pkgs/applications/version-management/gitlab/default.nix b/pkgs/applications/version-management/gitlab/default.nix
index 7d6a85a81aa64b..92b5b552ec6e65 100644
--- a/pkgs/applications/version-management/gitlab/default.nix
+++ b/pkgs/applications/version-management/gitlab/default.nix
@@ -24,7 +24,7 @@ in
 
 stdenv.mkDerivation rec {
   name = "gitlab-${version}";
-  version = "8.12.6";
+  version = "8.12.8";
 
   buildInputs = [ env ruby bundler tzdata git nodejs procps ];
 
@@ -32,7 +32,7 @@ stdenv.mkDerivation rec {
     owner = "gitlabhq";
     repo = "gitlabhq";
     rev = "v${version}";
-    sha256 = "14dbr8a1il75xz83hkdjm3yq49168mkn62l86bi36n5pfw44kcvh";
+    sha256 = "1l2r3mjyra53wpq724d974zv9ax5hb1qrdsz4071b2p34s70gbl3";
   };
 
   patches = [
diff --git a/pkgs/applications/version-management/gitlab/gemset.nix b/pkgs/applications/version-management/gitlab/gemset.nix
index bf552b5d4eff9e..a87d4f92c626d6 100644
--- a/pkgs/applications/version-management/gitlab/gemset.nix
+++ b/pkgs/applications/version-management/gitlab/gemset.nix
@@ -937,6 +937,7 @@
       type = "gem";
     };
     version = "1.4.0";
+    meta.priority = 10; # lower priority, exectuable conflicts with gitlab-markdown
   };
   gitlab-flowdock-git-hook = {
     dependencies = ["flowdock" "gitlab-grit" "multi_json"];
@@ -955,6 +956,14 @@
     };
     version = "2.8.1";
   };
+  gitlab-markup = {
+    source = {
+      remotes = ["https://rubygems.org"];
+      sha256 = "0yxwp4q0dwiykxv24x2yhvnn59wmw1jv0vz3d8hjw44nn9jxn25a";
+      type = "gem";
+    };
+    version = "1.5.0";
+  };
   gitlab_git = {
     source = {
       remotes = ["https://rubygems.org"];
@@ -2821,4 +2830,4 @@
     };
     version = "2.0.0";
   };
-}
\ No newline at end of file
+}