From 9213d0cfa54883311462b82938bf05fad0ff2465 Mon Sep 17 00:00:00 2001
From: Andreas Rammhold <andreas@rammhold.de>
Date: Thu, 11 Jan 2018 12:26:50 +0100
Subject: [PATCH] spark: mark versions <= 2.2.0 && <= 2.1.2 as insecure due to
 CVE-2017-12612

Details can be retrieve at [1].

[1] https://spark.apache.org/security.html
---
 pkgs/applications/networking/cluster/spark/default.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/pkgs/applications/networking/cluster/spark/default.nix b/pkgs/applications/networking/cluster/spark/default.nix
index 79500a33bf8..60625a40741 100644
--- a/pkgs/applications/networking/cluster/spark/default.nix
+++ b/pkgs/applications/networking/cluster/spark/default.nix
@@ -67,6 +67,7 @@ stdenv.mkDerivation rec {
     license          = stdenv.lib.licenses.asl20;
     platforms        = stdenv.lib.platforms.all;
     maintainers      = with maintainers; [ thoughtpolice offline ];
+    knownVulnerabilities = optional (!((versionAtLeast version "2.2.0") || (versionOlder version "2.2.0" && versionAtLeast version "2.1.2"))) "CVE-2017-12612";
     repositories.git = git://git.apache.org/spark.git;
   };
 }