tightvnc: mark as insecure (fixes #150704)

pkgs/tools/admin/tightvnc/default.nix

@@ -82,5 +82,9 @@ stdenv.mkDerivation rec {
 
     maintainers = [];
     platforms = lib.platforms.unix;
+
+    knownVulnerabilities = [ "CVE-2021-42785" ];
+    # Unfortunately, upstream doesn't maintain the 1.3 branch anymore, and the
+    # new 2.x branch is substantially different (requiring either Windows or Java)
   };
 }