Merge pull request #253954 from dotlambda/nixops_unstable-insecure

nixops_unstable: mark cryptography insecure
2023-09-09 22:22:12 +00:00 · 2023-09-09 22:22:12 +00:00 · c52f7e84b4
commit c52f7e84b4
parent c9bf6dd5f0 e7aa53bad0
1 changed files with 6 additions and 9 deletions
--- a/pkgs/applications/networking/cluster/nixops/default.nix
+++ b/pkgs/applications/networking/cluster/nixops/default.nix
@ -74,15 +74,12 @@ let
          cryptography = super.cryptography.overridePythonAttrs (old: {
            meta = old.meta // {
              knownVulnerabilities = old.meta.knownVulnerabilities or [ ]
-                ++ lib.optionals (lib.versionOlder old.version "39.0.1") [
-                  "CVE-2022-4304"
-                  "CVE-2023-0215"
-                  "CVE-2023-0216"
-                  "CVE-2023-0217"
-                  "CVE-2023-0401"
-                  "CVE-2022-4203"
-                  "CVE-2022-4450"
-                  "CVE-2023-23931"
+                ++ lib.optionals (lib.versionOlder old.version "41.0.0") [
+                  "CVE-2023-2650"
+                  "CVE-2023-2975"
+                  "CVE-2023-3446"
+                  "CVE-2023-3817"
+                  "CVE-2023-38325"
                ];
            };
          });