nheko: mark as insecure (#48281)

The package is no longer maintained and includes potential security
vulnerabilities (a use-after-free and several crashes) that are known
and not fixed in the version present in nixpkgs. They don't look too bad
judging from the trigger vectors mentioned in the changelog, but with
the project going unmaintained one of them becoming a security
vulnerability would likely not be noticed.
This commit is contained in:
Léo Gaspard 2018-10-13 04:28:30 +09:00 committed by xeji
parent e2d857a332
commit ad992cbde1

View File

@ -70,5 +70,6 @@ stdenv.mkDerivation rec {
maintainers = with maintainers; [ ekleog fpletz ]; maintainers = with maintainers; [ ekleog fpletz ];
platforms = platforms.unix; platforms = platforms.unix;
license = licenses.gpl3Plus; license = licenses.gpl3Plus;
knownVulnerabilities = [ "No longer maintained" ];
}; };
} }