Dawoox/nixpkgs
1
1
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

mbedtls_2: mark as vulnerable because EOL

Browse Source 
Mbed TLS 2 is no longer maintained [^1]. This is a security relevant
package, so we should inform our users that it might be vulnerable.

^1: https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-2.28.10
This commit is contained in:
Leona Maroni
2025-10-10 16:22:07 +02:00
parent e62cc622bd
commit 915eda78ce
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
pkgs/development/libraries/mbedtls/generic.nix
View File

@@ -72,5 +72,8 @@ stdenv.mkDerivation rec {
];
platforms = platforms.all;
maintainers = with maintainers; [ raphaelr ];
knownVulnerabilities = lib.optionals (lib.versionOlder version "3.0") [
"Mbed TLS 2 is not maintained anymore. Please migrate to newer versions"
];
};
}