From 067314d87fef67f713a06b64042da4e7442c851f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=BCtz?= <nix@dotlambda.de>
Date: Sun, 12 Jun 2022 04:43:20 +0000
Subject: [PATCH] archivebox: mark insecure

Django 3.1 has reached the end of extended support and all
vulnerabilities listed on [1] as affecting Django 3.2 should be assumed
to also affect Django 3.1.

[1]: https://www.djangoproject.com/weblog/2022/apr/11/security-releases/
---
 pkgs/applications/misc/archivebox/default.nix | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/pkgs/applications/misc/archivebox/default.nix b/pkgs/applications/misc/archivebox/default.nix
index a59b3b8ef44..2d0990bab43 100644
--- a/pkgs/applications/misc/archivebox/default.nix
+++ b/pkgs/applications/misc/archivebox/default.nix
@@ -11,6 +11,17 @@ let
           inherit version;
           sha256 = "72a4a5a136a214c39cf016ccdd6b69e2aa08c7479c66d93f3a9b5e4bb9d8a347";
         };
+        meta = old.meta // {
+          knownVulnerabilities = [
+            "CVE-2021-45115"
+            "CVE-2021-45116"
+            "CVE-2021-45452"
+            "CVE-2022-23833"
+            "CVE-2022-22818"
+            "CVE-2022-28347"
+            "CVE-2022-28346"
+          ];
+        };
       });
     };
   };