nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-02-23 04:25:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

authentik: flag with knownVulnerabilities

Browse Source 
The bump to 2024.10.x is currently stalled in #345940.

The fix for CVE-2024-52289 involves a backward incompatible
API and DB change so it is also not great for a backport even
if we cherry-picks the security fixes.

Given no NixOS module is available in nixpkgs marking the package
with `knownVulnerabilities` should have a limited impact.
This commit is contained in:
Thomas Gerbet 2024-12-03 22:45:06 +01:00
parent 16873e4e8b
commit 384f6f592b
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
pkgs/by-name/au/authentik/package.nix
View File

@ -30,6 +30,12 @@ let
license = licenses.mit;
platforms = platforms.linux;
maintainers = with maintainers; [ jvanbruegge risson ];
knownVulnerabilities = [
"CVE-2024-52307"
"CVE-2024-52287"
"CVE-2024-52289"
"Authentik 2024.6.x is end-of-life, consider using https://github.com/nix-community/authentik-nix for an up-to-date alternative"
];
};
website = buildNpmPackage {