pyrox.dev / nixpkgs
lol
fork atom

JBoss AS: list known vulnerability

CVE-2015-7501

Warning in JBoss module

Renaud 72619a86 665a89c4

options
unified split
Changed files
+4 -1
nixos
modules
services
web-servers
jboss
default.nix
pkgs
servers
http
jboss
default.nix
+1 -1
nixos/modules/services/web-servers/jboss/default.nix 
···

       
25

       
25

       
 

       



     

       
26

       
26

       
 

       
      enable = mkOption {


     

       
27

       
27

       
 

       
        default = false;


     

       
28

       

       
-

       
        description = "Whether to enable jboss";


     

       

       
28

       
+

       
        description = "Whether to enable JBoss. WARNING : this package is outdated and is known to have vulnerabilities.";


     

       
29

       
29

       
 

       
      };


     

       
30

       
30

       
 

       



     

       
31

       
31

       
 

       
      tempDir = mkOption {
+3
pkgs/servers/http/jboss/default.nix 
···

       
22

       
22

       
 

       
    license = licenses.lgpl21;


     

       
23

       
23

       
 

       
    maintainers = [ maintainers.sander ];


     

       
24

       
24

       
 

       
    platforms = platforms.unix;


     

       

       
25

       
+

       
    knownVulnerabilities = [


     

       

       
26

       
+

       
      "CVE-2015-7501: remote code execution in apache-commons-collections: InvokerTransformer during deserialisation"


     

       

       
27

       
+

       
    ];


     

       
25

       
28

       
 

       
  };


     

       
26

       
29

       
 

       
}