zeronet: mark as vulnerable

2 years ago · 39f2cce8ca
parent 686d176637
commit 39f2cce8ca
1 changed files with 4 additions and 0 deletions
--- a/pkgs/applications/networking/p2p/zeronet/default.nix
+++ b/pkgs/applications/networking/p2p/zeronet/default.nix
@ -37,5 +37,9 @@ python3Packages.buildPythonApplication rec {
    homepage = "https://zeronet.io/";
    license = licenses.gpl2;
    maintainers = with maintainers; [ fgaz ];
+    knownVulnerabilities = [ ''
+      Unmaintained. Probable XSS/code injection vulnerability.
+      Switching to the maintained zeronet-conservancy package is recommended
+    '' ];
  };
 }