From ce097085f779e7f7c0c6743409eebd9934bab8c6 Mon Sep 17 00:00:00 2001 From: Robert Scott Date: Wed, 31 Mar 2021 19:01:12 +0100 Subject: [PATCH] python2Packages.pillow: mark as vulnerable to many CVEs --- pkgs/development/python-modules/pillow/6.nix | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/pkgs/development/python-modules/pillow/6.nix b/pkgs/development/python-modules/pillow/6.nix index 51833edfd0b0..61242c894a89 100644 --- a/pkgs/development/python-modules/pillow/6.nix +++ b/pkgs/development/python-modules/pillow/6.nix @@ -25,5 +25,23 @@ import ./generic.nix (rec { ''; license = "http://www.pythonware.com/products/pil/license.htm"; maintainers = with maintainers; [ goibhniu prikhi SuperSandro2000 ]; + knownVulnerabilities = [ + "CVE-2020-10177" + "CVE-2020-10378" + "CVE-2020-10379" + "CVE-2020-10994" + "CVE-2020-11538" + "CVE-2020-35653" + "CVE-2020-35654" + "CVE-2020-35655" + "CVE-2021-25289" + "CVE-2021-25290" + "CVE-2021-25291" + "CVE-2021-25292" + "CVE-2021-25293" + "CVE-2021-27921" + "CVE-2021-27922" + "CVE-2021-27923" + ]; }; } // args )