summary refs log tree commit diff
path: root/pkgs/development
diff options
context:
space:
mode:
authorGraham Christensen <graham@grahamc.com>2017-02-23 07:12:18 -0500
committerGitHub <noreply@github.com>2017-02-23 07:12:18 -0500
commit037c489b107dd5af163ded65202d48ade6f83ccd (patch)
treea03f0c1f1bb1c12a0b958d71583f6b606fbbcfdc /pkgs/development
parent0c50a629122c39b1f561b9e0a784b18b20287398 (diff)
parentc8859b7264ec8b3dc8c5e9750cf461ac20615e52 (diff)
downloadnixpkgs-037c489b107dd5af163ded65202d48ade6f83ccd.tar
nixpkgs-037c489b107dd5af163ded65202d48ade6f83ccd.tar.gz
nixpkgs-037c489b107dd5af163ded65202d48ade6f83ccd.tar.bz2
nixpkgs-037c489b107dd5af163ded65202d48ade6f83ccd.tar.lz
nixpkgs-037c489b107dd5af163ded65202d48ade6f83ccd.tar.xz
nixpkgs-037c489b107dd5af163ded65202d48ade6f83ccd.tar.zst
nixpkgs-037c489b107dd5af163ded65202d48ade6f83ccd.zip
Merge pull request #22890 from grahamc/mark-as-insecure
nixpkgs: allow packages to be marked insecure
Diffstat (limited to 'pkgs/development')
-rw-r--r--pkgs/development/libraries/libplist/default.nix7
1 files changed, 7 insertions, 0 deletions
diff --git a/pkgs/development/libraries/libplist/default.nix b/pkgs/development/libraries/libplist/default.nix
index 4de5a23569e..b98fdbdb470 100644
--- a/pkgs/development/libraries/libplist/default.nix
+++ b/pkgs/development/libraries/libplist/default.nix
@@ -28,5 +28,12 @@ in stdenv.mkDerivation rec {
     homepage = http://github.com/JonathanBeck/libplist;
     platforms = stdenv.lib.platforms.all;
     maintainers = [ stdenv.lib.maintainers.urkud ];
+    knownVulnerabilities = [
+      "CVE-2017-5209: base64decode function in base64.c allows attackers to obtain sensitive information from process memory or cause a denial of service"
+      "CVE-2017-5545: attackers to obtain sensitive information from process memory or cause a denial of service"
+      "CVE-2017-5834: A heap-buffer overflow in parse_dict_node"
+      "CVE-2017-5835: A memory allocation error leading to DoS"
+      "CVE-2017-5836: A type inconsistency in bplist.c"
+    ];
   };
 }