archivebox: mark insecure

Django 3.1 has reached the end of extended support and all vulnerabilities listed on [1] as affecting Django 3.2 should be assumed to also affect Django 3.1. [1]: https://www.djangoproject.com/weblog/2022/apr/11/security-releases/
2 years ago · 067314d87f
parent aedd39d869
commit 067314d87f
1 changed files with 11 additions and 0 deletions
--- a/pkgs/applications/misc/archivebox/default.nix
+++ b/pkgs/applications/misc/archivebox/default.nix
@ -11,6 +11,17 @@ let
          inherit version;
          sha256 = "72a4a5a136a214c39cf016ccdd6b69e2aa08c7479c66d93f3a9b5e4bb9d8a347";
        };
+        meta = old.meta // {
+          knownVulnerabilities = [
+            "CVE-2021-45115"
+            "CVE-2021-45116"
+            "CVE-2021-45452"
+            "CVE-2022-23833"
+            "CVE-2022-22818"
+            "CVE-2022-28347"
+            "CVE-2022-28346"
+          ];
+        };
      });
    };
  };