swendel/nixpkgs
1
0
Fork 0
mirror of https://github.com/SebastianWendel/nixpkgs.git synced 2024-09-30 00:50:17 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #82023 from zowoq/rkt-cve

Browse source 
rkt: add CVEs
This commit is contained in:
Mario Rodas 2020-03-08 20:29:53 -05:00 committed by GitHub
parent 791a24da1b c4c936f2f7
commit 65731ad634
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
pkgs/applications/virtualization/rkt/default.nix
View file

@ -69,5 +69,10 @@ in stdenv.mkDerivation rec {
license = licenses.asl20;
maintainers = with maintainers; [ ragge steveej ];
platforms = [ "x86_64-linux" ];
knownVulnerabilities = [
"CVE-2019-10144: processes run with `rkt enter` are given all capabilities during stage 2"
"CVE-2019-10145: processes run with `rkt enter` do not have seccomp filtering during stage 2"
"CVE-2019-10147: processes run with `rkt enter` are not limited by cgroups during stage 2"
];
};
}