summary refs log tree commit diff
path: root/pkgs
diff options
context:
space:
mode:
authorRobert Schütz <dev@schuetz-co.de>2021-04-29 15:32:10 +0200
committerRobert Schütz <dev@schuetz-co.de>2021-04-29 15:33:01 +0200
commitd4c033a206e7c275232e7d8c7724988f16b2250b (patch)
treebe56559d0524834f88d3cd5d43d1da179697e505 /pkgs
parent45d492b3b3967ca965e3741386fd2f59e3d9e126 (diff)
downloadnixpkgs-d4c033a206e7c275232e7d8c7724988f16b2250b.tar
nixpkgs-d4c033a206e7c275232e7d8c7724988f16b2250b.tar.gz
nixpkgs-d4c033a206e7c275232e7d8c7724988f16b2250b.tar.bz2
nixpkgs-d4c033a206e7c275232e7d8c7724988f16b2250b.tar.lz
nixpkgs-d4c033a206e7c275232e7d8c7724988f16b2250b.tar.xz
nixpkgs-d4c033a206e7c275232e7d8c7724988f16b2250b.tar.zst
nixpkgs-d4c033a206e7c275232e7d8c7724988f16b2250b.zip
botan: mark as insecure
Diffstat (limited to 'pkgs')
-rw-r--r--pkgs/development/libraries/botan/default.nix4


-rw-r--r--pkgs/development/libraries/botan/generic.nix2


2 files changed, 6 insertions, 0 deletions
diff --git a/pkgs/development/libraries/botan/default.nix b/pkgs/development/libraries/botan/default.nix
index 8bcc6aaa8ef..c494fa25f77 100644
--- a/pkgs/development/libraries/botan/default.nix
+++ b/pkgs/development/libraries/botan/default.nix
@@ -9,4 +9,8 @@ callPackage ./generic.nix (args // {
   postPatch = ''
     sed -e 's@lang_flags "@&--std=c++11 @' -i src/build-data/cc/{gcc,clang}.txt
   '';
+  knownVulnerabilities = [
+    # https://botan.randombit.net/security.html#id1
+    "2020-03-24: Side channel during CBC padding"
+  ];
 })
diff --git a/pkgs/development/libraries/botan/generic.nix b/pkgs/development/libraries/botan/generic.nix
index 33f9daf7b50..2fc5abc2928 100644
--- a/pkgs/development/libraries/botan/generic.nix
+++ b/pkgs/development/libraries/botan/generic.nix
@@ -4,6 +4,7 @@
 , sourceExtension ? "tar.xz"
 , extraConfigureFlags ? ""
 , postPatch ? null
+, knownVulnerabilities ? [ ]
 , CoreServices
 , Security
 , ...
@@ -49,6 +50,7 @@ stdenv.mkDerivation rec {
     maintainers = with maintainers; [ raskin ];
     platforms = platforms.unix;
     license = licenses.bsd2;
+    inherit knownVulnerabilities;
   };
   passthru.updateInfo.downloadPage = "http://files.randombit.net/botan/";
 }

 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-23 12:17:51 +0000