diff options
| author | Graham Christensen <graham@grahamc.com> | 2017-02-22 21:09:14 -0500 |
|---|---|---|
| committer | Graham Christensen <graham@grahamc.com> | 2017-02-24 07:41:11 -0500 |
| commit | 30cea5f02245a20022ea93f8eec2f4fe053ad97a (patch) | |
| tree | c324ddb6ffeb40f1e233c594fd44f7d70c75acf3 /pkgs/development/libraries/libplist | |
| parent | a9c875fc2e65e80324ce1e624abd2a765ae815f8 (diff) | |
| download | nixlib-30cea5f02245a20022ea93f8eec2f4fe053ad97a.tar nixlib-30cea5f02245a20022ea93f8eec2f4fe053ad97a.tar.gz nixlib-30cea5f02245a20022ea93f8eec2f4fe053ad97a.tar.bz2 nixlib-30cea5f02245a20022ea93f8eec2f4fe053ad97a.tar.lz nixlib-30cea5f02245a20022ea93f8eec2f4fe053ad97a.tar.xz nixlib-30cea5f02245a20022ea93f8eec2f4fe053ad97a.tar.zst nixlib-30cea5f02245a20022ea93f8eec2f4fe053ad97a.zip | |
libplist: mark as insecure
Patches currently available don't seem to apply.
Diffstat (limited to 'pkgs/development/libraries/libplist')
| -rw-r--r-- | pkgs/development/libraries/libplist/default.nix | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/pkgs/development/libraries/libplist/default.nix b/pkgs/development/libraries/libplist/default.nix index 4de5a23569e8..b98fdbdb470d 100644 --- a/pkgs/development/libraries/libplist/default.nix +++ b/pkgs/development/libraries/libplist/default.nix @@ -28,5 +28,12 @@ in stdenv.mkDerivation rec { homepage = http://github.com/JonathanBeck/libplist; platforms = stdenv.lib.platforms.all; maintainers = [ stdenv.lib.maintainers.urkud ]; + knownVulnerabilities = [ + "CVE-2017-5209: base64decode function in base64.c allows attackers to obtain sensitive information from process memory or cause a denial of service" + "CVE-2017-5545: attackers to obtain sensitive information from process memory or cause a denial of service" + "CVE-2017-5834: A heap-buffer overflow in parse_dict_node" + "CVE-2017-5835: A memory allocation error leading to DoS" + "CVE-2017-5836: A type inconsistency in bplist.c" + ]; }; } |