summary refs log tree commit diff
path: root/pkgs/applications/graphics
diff options
context:
space:
mode:
authorAndreas Rammhold <andreas@rammhold.de>2018-10-16 00:16:17 +0200
committerAndreas Rammhold <andreas@rammhold.de>2018-10-26 12:17:58 +0200
commit1103b3fbe6e7349a1f95e7eb2f6f17af8210ab6e (patch)
tree96bde68ef7b31cca81181b7b48cc1bfb47dc8714 /pkgs/applications/graphics
parent6ad3088b124504c873e239002b044e4b66607986 (diff)
downloadnixlib-1103b3fbe6e7349a1f95e7eb2f6f17af8210ab6e.tar
nixlib-1103b3fbe6e7349a1f95e7eb2f6f17af8210ab6e.tar.gz
nixlib-1103b3fbe6e7349a1f95e7eb2f6f17af8210ab6e.tar.bz2
nixlib-1103b3fbe6e7349a1f95e7eb2f6f17af8210ab6e.tar.lz
nixlib-1103b3fbe6e7349a1f95e7eb2f6f17af8210ab6e.tar.xz
nixlib-1103b3fbe6e7349a1f95e7eb2f6f17af8210ab6e.tar.zst
nixlib-1103b3fbe6e7349a1f95e7eb2f6f17af8210ab6e.zip
batik: mark as insecure
The package hasn't been updated in a long time. There have been several
issues with the package. There is no dependant  package in the
repository so marking it as insecure until someone maintains it sounds
reasonable.
Diffstat (limited to 'pkgs/applications/graphics')
-rw-r--r--pkgs/applications/graphics/batik/default.nix6
1 files changed, 6 insertions, 0 deletions
diff --git a/pkgs/applications/graphics/batik/default.nix b/pkgs/applications/graphics/batik/default.nix
index 4032e2e3fee3..51156dea4a17 100644
--- a/pkgs/applications/graphics/batik/default.nix
+++ b/pkgs/applications/graphics/batik/default.nix
@@ -15,5 +15,11 @@ stdenv.mkDerivation {
     homepage = https://xmlgraphics.apache.org/batik;
     license = licenses.asl20;
     platforms = platforms.unix;
+    knownVulnerabilities = [
+      # vulnerabilities as of 16th October 2018 from https://xmlgraphics.apache.org/security.html:
+      "CVE-2018-8013"
+      "CVE-2017-5662"
+      "CVE-2015-0250"
+    ];
   };
 }