From 4ca1c4bcd544703064906f43e67f7ee67d10916f Mon Sep 17 00:00:00 2001
From: Robert Hensing <robert@roberthensing.nl>
Date: Thu, 18 Feb 2021 11:44:25 +0100
Subject: cassandra_2*: mark as insecure

---
 pkgs/servers/nosql/cassandra/2.1.nix     | 4 ++++
 pkgs/servers/nosql/cassandra/2.2.nix     | 4 ++++
 pkgs/servers/nosql/cassandra/generic.nix | 3 ++-
 3 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/pkgs/servers/nosql/cassandra/2.1.nix b/pkgs/servers/nosql/cassandra/2.1.nix
index 4511fbcd040..63d89a29d13 100644
--- a/pkgs/servers/nosql/cassandra/2.1.nix
+++ b/pkgs/servers/nosql/cassandra/2.1.nix
@@ -4,4 +4,8 @@ callPackage ./generic.nix (args // {
   version = "2.1.22";
   sha256 = "1wk57dz0kmc6d5y8d8dkx269lzh3ark3751z734gxncwdlclcyz3";
   generation = "2_1";
+  extraMeta.knownVulnerabilities = [
+    # Fixed in 3.* but 2.* hasn't been released since
+    "CVE-2020-17516"
+  ];
 })
diff --git a/pkgs/servers/nosql/cassandra/2.2.nix b/pkgs/servers/nosql/cassandra/2.2.nix
index 5cec13e4cd1..dc04c374b3d 100644
--- a/pkgs/servers/nosql/cassandra/2.2.nix
+++ b/pkgs/servers/nosql/cassandra/2.2.nix
@@ -4,4 +4,8 @@ callPackage ./generic.nix (args // {
   version = "2.2.14";
   sha256 = "1b2x3q1ach44qg07sh8wr7d8a10n36w5522drd3p35djbiwa3d9q";
   generation = "2_2";
+  extraMeta.knownVulnerabilities = [
+    # Fixed in 3.* but 2.* hasn't been released since
+    "CVE-2020-17516"
+  ];
 })
diff --git a/pkgs/servers/nosql/cassandra/generic.nix b/pkgs/servers/nosql/cassandra/generic.nix
index 4d9f09637e9..f343e20bee5 100644
--- a/pkgs/servers/nosql/cassandra/generic.nix
+++ b/pkgs/servers/nosql/cassandra/generic.nix
@@ -3,6 +3,7 @@
 # generation is the attribute version suffix such as 3_11 in pkgs.cassandra_3_11
 , generation
 , version, sha256
+, extraMeta ? {}
 , ...
 }:
 
@@ -104,5 +105,5 @@ stdenv.mkDerivation rec {
     platforms = platforms.unix;
     license = licenses.asl20;
     maintainers = [ maintainers.roberth ];
-  };
+  } // extraMeta;
 }
-- 
cgit 1.4.1