diff options
author | Graham Christensen <graham@grahamc.com> | 2017-02-22 21:09:14 -0500 |
---|---|---|
committer | Graham Christensen <graham@grahamc.com> | 2017-02-22 21:09:14 -0500 |
commit | c8859b7264ec8b3dc8c5e9750cf461ac20615e52 (patch) | |
tree | 4deedb5e5665222774a60bc687266cf32d216f40 /pkgs/development/libraries/libplist | |
parent | 38771badd3bd4e6a46495577506a3eacb299726c (diff) | |
download | nixlib-c8859b7264ec8b3dc8c5e9750cf461ac20615e52.tar nixlib-c8859b7264ec8b3dc8c5e9750cf461ac20615e52.tar.gz nixlib-c8859b7264ec8b3dc8c5e9750cf461ac20615e52.tar.bz2 nixlib-c8859b7264ec8b3dc8c5e9750cf461ac20615e52.tar.lz nixlib-c8859b7264ec8b3dc8c5e9750cf461ac20615e52.tar.xz nixlib-c8859b7264ec8b3dc8c5e9750cf461ac20615e52.tar.zst nixlib-c8859b7264ec8b3dc8c5e9750cf461ac20615e52.zip |
libplist: mark as insecure
Patches currently available don't seem to apply.
Diffstat (limited to 'pkgs/development/libraries/libplist')
-rw-r--r-- | pkgs/development/libraries/libplist/default.nix | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/pkgs/development/libraries/libplist/default.nix b/pkgs/development/libraries/libplist/default.nix index 4de5a23569e8..b98fdbdb470d 100644 --- a/pkgs/development/libraries/libplist/default.nix +++ b/pkgs/development/libraries/libplist/default.nix @@ -28,5 +28,12 @@ in stdenv.mkDerivation rec { homepage = http://github.com/JonathanBeck/libplist; platforms = stdenv.lib.platforms.all; maintainers = [ stdenv.lib.maintainers.urkud ]; + knownVulnerabilities = [ + "CVE-2017-5209: base64decode function in base64.c allows attackers to obtain sensitive information from process memory or cause a denial of service" + "CVE-2017-5545: attackers to obtain sensitive information from process memory or cause a denial of service" + "CVE-2017-5834: A heap-buffer overflow in parse_dict_node" + "CVE-2017-5835: A memory allocation error leading to DoS" + "CVE-2017-5836: A type inconsistency in bplist.c" + ]; }; } |