diff options
| author | Thomas Gerbet <thomas@gerbet.me> | 2024-04-10 22:43:57 +0200 |
|---|---|---|
| committer | Thomas Gerbet <thomas@gerbet.me> | 2024-04-10 22:43:57 +0200 |
| commit | bc4dc452fa3ce8895a31273e6d541fbc6abfc2af (patch) | |
| tree | 75b2776d59f1f556ee05554dfa39fdcfb831a838 /pkgs/servers/http | |
| parent | ddcd5f27629170e0f2d408a52ed6e90727f74de1 (diff) | |
envoy: flag as vulnerable to CVE-2024-30255
Envoy 1.27.4 [0] contains the fix but upgrading it is not straightforward as the build of the current version is already broken and only thanks to the caching of the deps (seems to be the case since the removal of Go 1.20). Fixing the build seems to require more Bazel knownledge than I have and the the usual maintainer is currently not available. [0] https://github.com/envoyproxy/envoy/releases/tag/v1.27.4
Diffstat (limited to 'pkgs/servers/http')
| -rw-r--r-- | pkgs/servers/http/envoy/default.nix | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/pkgs/servers/http/envoy/default.nix b/pkgs/servers/http/envoy/default.nix index bb8a5e6a575cc..50067d7dd6220 100644 --- a/pkgs/servers/http/envoy/default.nix +++ b/pkgs/servers/http/envoy/default.nix @@ -197,5 +197,6 @@ buildBazelPackage { license = licenses.asl20; maintainers = with maintainers; [ lukegb ]; platforms = [ "x86_64-linux" "aarch64-linux" ]; + knownVulnerabilities = [ "CVE-2024-30255" ]; }; } |