gador/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

whisper: set knownVulnerabilities due to dated vendored libraries (#457885)

Browse Source
This commit is contained in:
Vladimír Čunát
2025-11-17 09:17:05 +00:00
committed by GitHub
parent 5c7408b3fe afc8879d24
commit 30d55d2ae3
1 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
pkgs/by-name/wh/whisper/package.nix
View File

@@ -51,6 +51,15 @@ stdenv.mkDerivation rec {
broken = stdenv.hostPlatform.isDarwin; broken = stdenv.hostPlatform.isDarwin;
description = "Short read sequence mapper"; description = "Short read sequence mapper";
license = licenses.gpl3; license = licenses.gpl3;
# vendored libraries acof, aelf, deflate, bzip2, zlib
# https://github.com/refresh-bio/Whisper/issues/18
knownVulnerabilities = [
# src/libs/libz.a from 2017
"CVE-2018-25032"
"CVE-2022-37434"
# src/libs/libbzip2.lib
"CVE-2019-12900"
];
homepage = "https://github.com/refresh-bio/whisper"; homepage = "https://github.com/refresh-bio/whisper";
maintainers = with maintainers; [ jbedo ]; maintainers = with maintainers; [ jbedo ];
platforms = platforms.x86_64; platforms = platforms.x86_64;