From 61b8bf948e14dbe468eaf98c0509fcb73ea6168b Mon Sep 17 00:00:00 2001
From: Pontus Stenetorp <pontus@stenetorp.se>
Date: Tue, 18 May 2021 07:35:11 +0000
Subject: [PATCH] julia: mark julia_10-bin as insecure

---
 pkgs/development/compilers/julia/1.0-bin.nix | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/pkgs/development/compilers/julia/1.0-bin.nix b/pkgs/development/compilers/julia/1.0-bin.nix
index 50c421bbd431..dfda8da9e4de 100644
--- a/pkgs/development/compilers/julia/1.0-bin.nix
+++ b/pkgs/development/compilers/julia/1.0-bin.nix
@@ -68,5 +68,13 @@ stdenv.mkDerivation rec {
     license = lib.licenses.gpl2Plus;
     maintainers = with lib.maintainers; [ ninjin raskin ];
     platforms = [ "x86_64-linux" ];
+    knownVulnerabilities = [
+      # Built with libgit2 v0.27.2:
+      #   https://github.com/JuliaLang/julia/blob/e0837d1e64a9e4d17534a9f981e9a2a3f221356f/deps/libgit2.version
+      # https://nvd.nist.gov/vuln/detail/CVE-2020-12278
+      "CVE-2020-12278"
+      # https://nvd.nist.gov/vuln/detail/CVE-2020-12279
+      "CVE-2020-12279"
+    ];
   };
 }