From 62b0017f8675d2407979260f78a27595572bbce9 Mon Sep 17 00:00:00 2001
From: Thomas Gerbet <thomas@gerbet.me>
Date: Thu, 4 May 2023 23:10:57 +0200
Subject: [PATCH] envoy: mark with `knownVulnerabilities`

Attempts to update `envoy` have not been successful.
Nobody with enough Bazel skills has step up to untangle
the build issues with the latest version.
---
 pkgs/servers/http/envoy/default.nix | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/pkgs/servers/http/envoy/default.nix b/pkgs/servers/http/envoy/default.nix
index ad518e43aa87..d9236d531139 100644
--- a/pkgs/servers/http/envoy/default.nix
+++ b/pkgs/servers/http/envoy/default.nix
@@ -176,5 +176,13 @@ buildBazelPackage rec {
     license = licenses.asl20;
     maintainers = with maintainers; [ lukegb ];
     platforms = [ "x86_64-linux" "aarch64-linux" ];
+    knownVulnerabilities = [
+      "CVE-2023-27487"
+      "CVE-2023-27488"
+      "CVE-2023-27491"
+      "CVE-2023-27492"
+      "CVE-2023-27493"
+      "CVE-2023-27496"
+    ];
   };
 }