botan: mark as insecure

This commit is contained in:
Robert Schütz 2021-04-29 15:32:10 +02:00
parent 45d492b3b3
commit d4c033a206
2 changed files with 6 additions and 0 deletions

View File

@ -9,4 +9,8 @@ callPackage ./generic.nix (args // {
postPatch = ''
sed -e 's@lang_flags "@&--std=c++11 @' -i src/build-data/cc/{gcc,clang}.txt
'';
knownVulnerabilities = [
# https://botan.randombit.net/security.html#id1
"2020-03-24: Side channel during CBC padding"
];
})

View File

@ -4,6 +4,7 @@
, sourceExtension ? "tar.xz"
, extraConfigureFlags ? ""
, postPatch ? null
, knownVulnerabilities ? [ ]
, CoreServices
, Security
, ...
@ -49,6 +50,7 @@ stdenv.mkDerivation rec {
maintainers = with maintainers; [ raskin ];
platforms = platforms.unix;
license = licenses.bsd2;
inherit knownVulnerabilities;
};
passthru.updateInfo.downloadPage = "http://files.randombit.net/botan/";
}