diff options
author | Katharina Fey <kookie@spacekookie.de> | 2020-03-24 10:15:32 +0100 |
---|---|---|
committer | Katharina Fey <kookie@spacekookie.de> | 2020-03-24 10:15:32 +0100 |
commit | 96f063dd321abc80ecaa156226cfb7cf9540315a (patch) | |
tree | 7a53ef61484fc7bfff6419b1fd635c67199f27d2 /nixpkgs/pkgs/applications/virtualization/rkt/default.nix | |
parent | af58f08d3d524e7b008b73a8497ea710915ffaf1 (diff) | |
parent | d96bd3394b734487d1c3bfbac0e8f17465e03afe (diff) |
Merge commit 'd96bd3394b734487d1c3bfbac0e8f17465e03afe'
Diffstat (limited to 'nixpkgs/pkgs/applications/virtualization/rkt/default.nix')
-rw-r--r-- | nixpkgs/pkgs/applications/virtualization/rkt/default.nix | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/nixpkgs/pkgs/applications/virtualization/rkt/default.nix b/nixpkgs/pkgs/applications/virtualization/rkt/default.nix index fd0bd92faa6..bacd175197d 100644 --- a/nixpkgs/pkgs/applications/virtualization/rkt/default.nix +++ b/nixpkgs/pkgs/applications/virtualization/rkt/default.nix @@ -69,5 +69,10 @@ in stdenv.mkDerivation rec { license = licenses.asl20; maintainers = with maintainers; [ ragge steveej ]; platforms = [ "x86_64-linux" ]; + knownVulnerabilities = [ + "CVE-2019-10144: processes run with `rkt enter` are given all capabilities during stage 2" + "CVE-2019-10145: processes run with `rkt enter` do not have seccomp filtering during stage 2" + "CVE-2019-10147: processes run with `rkt enter` are not limited by cgroups during stage 2" + ]; }; } |