mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-11-16 23:03:40 +01:00
xen: mark unsupported versions as vulnerable
Our support for Xen lacks maintenance and since Xen has monthly security advisories it is reasonable to assume our version is affected by a multitude of security problems that are fixed upstream. How many advisories? Browsing oss-security shows the following number of advisories in each of the following years: 2022: 3 2021: 53 2020: 54 2019: 46 <-- we are *here* https://xenbits.xen.org/docs/unstable/support-matrix.html
This commit is contained in:
parent
a147b46130
commit
39341ed38b
1 changed files with 4 additions and 0 deletions
|
@ -254,5 +254,9 @@ stdenv.mkDerivation (rec {
|
|||
platforms = [ "x86_64-linux" ];
|
||||
maintainers = with lib.maintainers; [ eelco tstrobel oxij ];
|
||||
license = lib.licenses.gpl2;
|
||||
# https://xenbits.xen.org/docs/unstable/support-matrix.html
|
||||
knownVulnerabilities = lib.optionals (lib.versionOlder version "4.13") [
|
||||
"This version of Xen has reached its end of life. See https://xenbits.xen.org/docs/unstable/support-matrix.html"
|
||||
];
|
||||
} // (config.meta or {});
|
||||
} // removeAttrs config [ "xenfiles" "buildInputs" "patches" "postPatch" "meta" ])
|
||||
|
|
Loading…
Reference in a new issue