nixpkgs/pkgs/applications/graphics/batik/default.nix
Andreas Rammhold 1103b3fbe6 batik: mark as insecure
The package hasn't been updated in a long time. There have been several
issues with the package. There is no dependant  package in the
repository so marking it as insecure until someone maintains it sounds
reasonable.
2018-10-26 12:17:58 +02:00

25 lines
677 B
Nix

{stdenv, fetchurl, unzip}:
stdenv.mkDerivation {
name = "batik-1.6";
builder = ./builder.sh;
src = fetchurl {
url = http://tarballs.nixos.org/batik-1.6.zip;
sha256 = "0cf15dspmzcnfda8w5lbsdx28m4v2rpq1dv5zx0r0n99ihqd1sh6";
};
buildInputs = [unzip];
meta = with stdenv.lib; {
description = "Java based toolkit for handling SVG";
homepage = https://xmlgraphics.apache.org/batik;
license = licenses.asl20;
platforms = platforms.unix;
knownVulnerabilities = [
# vulnerabilities as of 16th October 2018 from https://xmlgraphics.apache.org/security.html:
"CVE-2018-8013"
"CVE-2017-5662"
"CVE-2015-0250"
];
};
}