Merge pull request #235895 from mweinelt/hdb5_1_10-vulnerable

hdf5_1_10: mark vulnerable
author: Martin Weinelt <mweinelt@users.noreply.github.com> 2023-06-08 16:25:55 +0200
committer: GitHub <noreply@github.com> 2023-06-08 16:25:55 +0200
commit: d56e6a4da342c5de58158bfd8c5d85383da071bf (patch)
tree: 1dd679c5ca735ba041a66c26948d474aac9c790b /pkgs/tools
parent: 107ad50f571c83228222d56d69c08f846a69ebd6 (diff)
parent: 04b8795d8ee09dbca2a1c7e9ec14911ddc23c35e (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/pkgs/tools/misc/hdf5/1.10.nix b/pkgs/tools/misc/hdf5/1.10.nix
index fbfac18414c88..1ff4b392d769e 100644
--- a/pkgs/tools/misc/hdf5/1.10.nix
+++ b/pkgs/tools/misc/hdf5/1.10.nix
@@ -51,5 +51,11 @@ stdenv.mkDerivation rec {
     license = lib.licenses.bsd3; # Lawrence Berkeley National Labs BSD 3-Clause variant
     homepage = "https://www.hdfgroup.org/HDF5/";
     platforms = lib.platforms.unix;
+    knownVulnerabilities = [
+      "CVE-2020-10809"
+      "CVE-2020-10810"
+      "CVE-2020-10811"
+      "CVE-2020-10812"
+    ];
   };
 }
author	Martin Weinelt <mweinelt@users.noreply.github.com>	2023-06-08 16:25:55 +0200
committer	GitHub <noreply@github.com>	2023-06-08 16:25:55 +0200
commit	d56e6a4da342c5de58158bfd8c5d85383da071bf (patch)
tree	1dd679c5ca735ba041a66c26948d474aac9c790b /pkgs/tools
parent	107ad50f571c83228222d56d69c08f846a69ebd6 (diff)
parent	04b8795d8ee09dbca2a1c7e9ec14911ddc23c35e (diff)