From bcfec5c7738f0fa96e50301468fef3ff8c793dee Mon Sep 17 00:00:00 2001
From: Robert Schütz <dev@schuetz-co.de>
Date: Mon, 1 Feb 2021 16:41:11 +0100
Subject: libsixel: mark as insecure

---
 pkgs/development/libraries/libsixel/default.nix | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/pkgs/development/libraries/libsixel/default.nix b/pkgs/development/libraries/libsixel/default.nix
index e82ecde5ddd..0d5a54f9693 100644
--- a/pkgs/development/libraries/libsixel/default.nix
+++ b/pkgs/development/libraries/libsixel/default.nix
@@ -22,5 +22,9 @@ stdenv.mkDerivation rec {
     maintainers = with maintainers; [ vrthra ];
     license = licenses.mit;
     platforms = with platforms; unix;
+    knownVulnerabilities = [
+      "CVE-2020-11721" # https://github.com/saitoha/libsixel/issues/134
+      "CVE-2020-19668" # https://github.com/saitoha/libsixel/issues/136
+    ];
   };
 }
-- 
cgit 1.4.1