From aa80b4780d849a00d86c28d6b3c78a777dd02e9a Mon Sep 17 00:00:00 2001
From: Daniel Frank <git@danielfrank.net>
Date: Thu, 30 Apr 2020 20:18:40 +0200
Subject: [PATCH] p7zip: mark as insecure

---
 pkgs/tools/archivers/p7zip/default.nix | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/pkgs/tools/archivers/p7zip/default.nix b/pkgs/tools/archivers/p7zip/default.nix
index 7e384902098..b7a97b3766b 100644
--- a/pkgs/tools/archivers/p7zip/default.nix
+++ b/pkgs/tools/archivers/p7zip/default.nix
@@ -57,6 +57,11 @@ stdenv.mkDerivation rec {
     description = "A port of the 7-zip archiver";
     platforms = stdenv.lib.platforms.unix;
     maintainers = [ stdenv.lib.maintainers.raskin ];
+    knownVulnerabilities = [
+      # p7zip is abandoned, according to this thread on its forums:
+      # https://sourceforge.net/p/p7zip/discussion/383043/thread/fa143cf2/#1817
+      "p7zip is abandoned and may not receive important security fixes"
+    ];
     # RAR code is under non-free UnRAR license, but we remove it
     license = if enableUnfree then lib.licenses.unfree else lib.licenses.lgpl2Plus;
   };