From dde9e8d0706159a58f6cb985b3140f5bec33cf01 Mon Sep 17 00:00:00 2001
From: K900 <me@0upti.me>
Date: Fri, 11 Mar 2022 17:26:45 +0300
Subject: [PATCH] yandex-browser: mark insecure

---
 .../networking/browsers/yandex-browser/default.nix         | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/pkgs/applications/networking/browsers/yandex-browser/default.nix b/pkgs/applications/networking/browsers/yandex-browser/default.nix
index 0ea0c5515270..7df9b6b1e7a4 100644
--- a/pkgs/applications/networking/browsers/yandex-browser/default.nix
+++ b/pkgs/applications/networking/browsers/yandex-browser/default.nix
@@ -132,5 +132,12 @@ stdenv.mkDerivation rec {
     license = licenses.unfree;
     maintainers = with maintainers; [ dan4ik605743 ];
     platforms = [ "x86_64-linux" ];
+
+    knownVulnerabilities = [
+      ''
+      Trusts a Russian government issued CA certificate for some websites.
+      See https://habr.com/en/company/yandex/blog/655185/ (Russian) for details.
+      ''
+    ];
   };
 }