From e872de9a9e1fffd865a8e8ff72b6d420abd1f3e0 Mon Sep 17 00:00:00 2001
From: Martin Weinelt <hexa@darmstadt.ccc.de>
Date: Thu, 18 May 2023 01:15:13 +0200
Subject: [PATCH] openssl_1_1: mark end-of-life

https://www.openssl.org/blog/blog/2023/03/28/1.1.1-EOL/

Closes: #210452
---
 pkgs/development/libraries/openssl/default.nix | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/pkgs/development/libraries/openssl/default.nix b/pkgs/development/libraries/openssl/default.nix
index bbc9353a0c8..699f97c4d00 100644
--- a/pkgs/development/libraries/openssl/default.nix
+++ b/pkgs/development/libraries/openssl/default.nix
@@ -232,6 +232,11 @@ in {
        else ./use-etc-ssl-certs.patch)
     ];
     withDocs = true;
+    extraMeta = {
+      knownVulnerabilities = [
+        "OpenSSL 1.1 is reaching its end of life on 2023/09/11 and cannot be supported through the NixOS 23.05 release cycle. https://www.openssl.org/blog/blog/2023/03/28/1.1.1-EOL/"
+      ];
+    };
   };
 
   openssl_3 = common {