1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-12-23 07:26:54 +00:00
nixpkgs/pkgs/development/python-modules/django/1_8.nix
Robert Schütz c6e08579c5
python.pkgs.django_1_8: mark as insecure (#54937)
Since CVE-2018-14574 and CVE-2019-3498 affect 1.11, it is very likely
they also apply to 1.8. However, Django 1.8 has reached EOL in April
2018 and the patches were not backported.
2019-01-30 23:57:50 +01:00

36 lines
934 B
Nix

{ stdenv
, buildPythonPackage
, fetchurl
, pythonOlder
}:
buildPythonPackage rec {
name = "Django-${version}";
version = "1.8.19";
src = fetchurl {
url = "http://www.djangoproject.com/m/releases/1.8/${name}.tar.gz";
sha256 = "0iy0ni9j1rnx9b06ycgbg2dkrf3qid3y2jipk9x28cykz5f4mm1k";
};
# too complicated to setup
doCheck = false;
# patch only $out/bin to avoid problems with starter templates (see #3134)
postFixup = ''
wrapPythonProgramsIn $out/bin "$out $pythonPath"
'';
meta = with stdenv.lib; {
description = "A high-level Python Web framework";
homepage = https://www.djangoproject.com/;
license = licenses.bsd0;
knownVulnerabilities = [
# The patches were not backported due to Django 1.8 having reached EOL
https://www.djangoproject.com/weblog/2018/aug/01/security-releases/
https://www.djangoproject.com/weblog/2019/jan/04/security-releases/
];
};
}