Ensure liblzma stays pinned to 5.4.4

2024-03-29 18:25:42 -04:00 · 2024-03-29 18:25:42 -04:00 · 57d029f087
parent 8afeea4ce9
commit 57d029f087
1 changed files with 5 additions and 0 deletions
--- a/vcpkg.json
+++ b/vcpkg.json
@ -62,6 +62,11 @@
    {
      "name": "ngspice",
      "version": "42"
    },
    {
      "name": "liblzma",
      "version": "5.4.4",
      "$comment": "liblzma & xz were compromised upstream: CVE-2024-3094."
    }
  ]
 }