* Basic blacklist checker. Each element in a user environment is

checked against every item in a blacklist.
2005-03-04 11:12:48 +00:00 · 2005-03-04 11:12:48 +00:00 · 9a7f95882c
commit 9a7f95882c
parent 4bbdcfbb45
2 changed files with 122 additions and 3 deletions
--- a/blacklisting/blacklist.xml
+++ b/blacklisting/blacklist.xml
@ -16,13 +16,25 @@

 <item id='zlib-1.2.1-security'>
  <condition>
+    <containsSource
+        hash="sha256:0yp7z8ask4b8m2ia253apnnxdk0z0zrs70yr079m2rjd4297chgv"
+        origin="zlib-1.2.1.tar.gz" />
+<!--
    <or>
-      <containsSource
-          hash="sha256:0yp7z8ask4b8m2ia253apnnxdk0z0zrs70yr079m2rjd4297chgv"
-          origin="zlib-1.2.1.tar.gz" />
+      <and>
+        <containsSource
+            hash="sha256:0yp7z8ask4b8m2ia253apnnxdk0z0zrs70yr079m2rjd4297chgv"
+            origin="zlib-1.2.1.tar.gz" />
+        <not>
+          <containsSource
+              hash="..."
+              origin="zlib-1.2.1-dos.patch" />
+        </not>
+      </and>
      <containsOutput
          name="/nix/store/gxbdsvlwz6ixin94jhdw7rwdbb5mxxq3-zlib-1.2.1" />
    </or>
+    -->
  </condition>
  <reason>
    Zlib 1.2.1 is vulnerable to a denial-of-service condition.  See