Merge pull request #228163 from mweinelt/openslp-insecure

openslp: Mark known vulnerable
2025-02-06 12:14:40 +00:00 · 2023-04-26 14:27:08 +03:00 · 2023-04-26 14:27:08 +03:00 · 95c168d353
commit 95c168d353
parent f95db0ee14 aa8c9e7d23
2 changed files with 5 additions and 2 deletions
--- a/pkgs/applications/kde/kio-extras.nix
+++ b/pkgs/applications/kde/kio-extras.nix
@ -3,7 +3,7 @@
  exiv2, kactivities, kactivities-stats, karchive, kbookmarks, kconfig, kconfigwidgets,
  kcoreaddons, kdbusaddons, kdsoap, kguiaddons, kdnssd, kiconthemes, ki18n, kio,
  khtml, kpty, syntax-highlighting, libmtp, libssh, openexr, libtirpc,
-  ilmbase, openslp, phonon, qtsvg, samba, solid, gperf, taglib
+  ilmbase, phonon, qtsvg, samba, solid, gperf, taglib
 }:

 mkDerivation {
@ -16,7 +16,7 @@ mkDerivation {
  buildInputs = [
    exiv2 kactivities kactivities-stats karchive kbookmarks kconfig kconfigwidgets kcoreaddons
    kdbusaddons kdsoap kguiaddons kdnssd kiconthemes ki18n kio khtml
-    kpty syntax-highlighting libmtp libssh openexr libtirpc openslp
+    kpty syntax-highlighting libmtp libssh openexr libtirpc
    phonon qtsvg samba solid gperf taglib
  ];

--- a/pkgs/development/libraries/openslp/default.nix
+++ b/pkgs/development/libraries/openslp/default.nix
@ -32,6 +32,9 @@ stdenv.mkDerivation rec {
    platforms = platforms.all;
    # never built on aarch64-darwin since first introduction in nixpkgs
    broken = stdenv.isDarwin && stdenv.isAarch64;
+    knownVulnerabilities = [
+      "CVE-2023-29552: UDP Reflection Attack with ampliciation factor of up to 2200"
+    ];
  };

 }