From 751c22c7f5937903638b7bfae04fe30437c13c92 Mon Sep 17 00:00:00 2001
From: Robert Scott <code@humanleg.org.uk>
Date: Wed, 6 Oct 2021 18:32:43 +0100
Subject: [PATCH] onionshare: mark as vulnerable to CVE-2021-41867,
 CVE-2021-41868

bumping to a fixed version would require bumping tor, and patching
doesn't appear simple.
---
 pkgs/applications/networking/onionshare/default.nix | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/pkgs/applications/networking/onionshare/default.nix b/pkgs/applications/networking/onionshare/default.nix
index 124ee9a20ea..91f8cdcd1cc 100644
--- a/pkgs/applications/networking/onionshare/default.nix
+++ b/pkgs/applications/networking/onionshare/default.nix
@@ -52,6 +52,8 @@ let
 
     license = licenses.gpl3Plus;
     maintainers = with maintainers; [ lourkeur ];
+
+    knownVulnerabilities = [ "CVE-2021-41867" "CVE-2021-41868" ];
   };
 
 in rec {