tightvnc: mark as insecure (fixes #150704)

2021-12-17 21:32:54 +01:00 · 2021-12-17 21:32:54 +01:00 · 034d277c6e
parent 64bbe28843
commit 034d277c6e
1 changed files with 4 additions and 0 deletions
--- a/pkgs/tools/admin/tightvnc/default.nix
+++ b/pkgs/tools/admin/tightvnc/default.nix
@ -82,5 +82,9 @@ stdenv.mkDerivation rec {

    maintainers = [];
    platforms = lib.platforms.unix;
+
+    knownVulnerabilities = [ "CVE-2021-42785" ];
+    # Unfortunately, upstream doesn't maintain the 1.3 branch anymore, and the
+    # new 2.x branch is substantially different (requiring either Windows or Java)
  };
 }