diff options
-rw-r--r-- | pkgs/development/libraries/botan/default.nix | 4 | ||||
-rw-r--r-- | pkgs/development/libraries/botan/generic.nix | 2 |
2 files changed, 6 insertions, 0 deletions
diff --git a/pkgs/development/libraries/botan/default.nix b/pkgs/development/libraries/botan/default.nix index 8bcc6aaa8ef..c494fa25f77 100644 --- a/pkgs/development/libraries/botan/default.nix +++ b/pkgs/development/libraries/botan/default.nix @@ -9,4 +9,8 @@ callPackage ./generic.nix (args // { postPatch = '' sed -e 's@lang_flags "@&--std=c++11 @' -i src/build-data/cc/{gcc,clang}.txt ''; + knownVulnerabilities = [ + # https://botan.randombit.net/security.html#id1 + "2020-03-24: Side channel during CBC padding" + ]; }) diff --git a/pkgs/development/libraries/botan/generic.nix b/pkgs/development/libraries/botan/generic.nix index 33f9daf7b50..2fc5abc2928 100644 --- a/pkgs/development/libraries/botan/generic.nix +++ b/pkgs/development/libraries/botan/generic.nix @@ -4,6 +4,7 @@ , sourceExtension ? "tar.xz" , extraConfigureFlags ? "" , postPatch ? null +, knownVulnerabilities ? [ ] , CoreServices , Security , ... @@ -49,6 +50,7 @@ stdenv.mkDerivation rec { maintainers = with maintainers; [ raskin ]; platforms = platforms.unix; license = licenses.bsd2; + inherit knownVulnerabilities; }; passthru.updateInfo.downloadPage = "http://files.randombit.net/botan/"; } |