intel-media-sdk: mark vulnerable

The upstream repo was archived on 2023-05-17 with the following comment: > This project has been identified as having known security escapes. It is now clear what (some) of these are, which prompts marking this package as vulnerable. This is now safe to do, as it is not a default part of our ffmpeg-full package any longer.
2025-07-10 16:04:27 +02:00 · 2025-07-10 16:04:27 +02:00 · c7a9aa54ec
commit c7a9aa54ec
parent 4eacb1412e
1 changed files with 10 additions and 0 deletions
--- a/pkgs/by-name/in/intel-media-sdk/package.nix
+++ b/pkgs/by-name/in/intel-media-sdk/package.nix
@ -69,6 +69,16 @@ stdenv.mkDerivation rec {
      midchildan
      pjungkamp
    ];
+    knownVulnerabilities = [
+      ''
+        End of life with various local privilege escalation vulnerabilites:
+          - CVE-2023-22656
+          - CVE-2023-45221
+          - CVE-2023-47169
+          - CVE-2023-47282
+          - CVE-2023-48368
+      ''
+    ];
    platforms = [ "x86_64-linux" ];
  };
 }