adobe-reader: add knownVulnerabilities

We should really avoid that people unknowingly use Adobe Reader, it has literally tens of known high-score code execution vulnerabilities, probably exploited in the wild.
2020-09-01 08:39:36 +02:00 · 2020-09-01 08:39:36 +02:00 · 4b07b00c0d
commit 4b07b00c0d
parent 555cb2491c
1 changed files with 4 additions and 0 deletions
--- a/pkgs/applications/misc/adobe-reader/default.nix
+++ b/pkgs/applications/misc/adobe-reader/default.nix
@ -28,5 +28,9 @@ stdenv.mkDerivation {
    description = "Adobe Reader, a viewer for PDF documents";
    homepage = "http://www.adobe.com/products/reader";
    license = stdenv.lib.licenses.unfree;
+    knownVulnerabilities = [
+      "Numerous unresolved vulnerabilities"
+      "See: https://www.cvedetails.com/product/497/Adobe-Acrobat-Reader.html?vendor_id=53"
+    ];
  };
 }