about summary refs log tree commit diff
path: root/pkgs/applications/networking/instant-messengers/armcord/default.nix
diff options
context:
space:
mode:
authorPierre Bourdon <delroth@gmail.com>2023-09-30 17:29:34 +0200
committerPierre Bourdon <delroth@gmail.com>2023-09-30 17:29:34 +0200
commitdddf103e809579a24346098f49fc9530454a492d (patch)
tree77bba083d5d7e504c324197dfb993db63d56589c /pkgs/applications/networking/instant-messengers/armcord/default.nix
parent7ac382de2411ac1af20c98941c354bf0e6861492 (diff)
armcord,mailspring: mark as insecure (CVE-2023-4863)
See #254798. Upstream has not provided any update for this critical
vulnerability in > 2 weeks. These programs are also likely vulnerable to
many more old vulnerabilities due to using EOL versions of Electron.
Diffstat (limited to 'pkgs/applications/networking/instant-messengers/armcord/default.nix')
-rw-r--r--pkgs/applications/networking/instant-messengers/armcord/default.nix1
1 files changed, 1 insertions, 0 deletions
diff --git a/pkgs/applications/networking/instant-messengers/armcord/default.nix b/pkgs/applications/networking/instant-messengers/armcord/default.nix
index 1f0d01b6f905f..1c7342c143df3 100644
--- a/pkgs/applications/networking/instant-messengers/armcord/default.nix
+++ b/pkgs/applications/networking/instant-messengers/armcord/default.nix
@@ -138,5 +138,6 @@ stdenv.mkDerivation rec {
     maintainers = with maintainers; [ ludovicopiero wrmilling ];
     platforms = [ "x86_64-linux" "aarch64-linux" ];
     mainProgram = "armcord";
+    knownVulnerabilities = [ "CVE-2023-4863" ];
   };
 }
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-01 03:32:27 +0000