[Nix-dev] Re: NixOS and security issues

[Ludovic Courtès]

Hi,

Wolfgang Jeltsch
<g9ks157k at acme.softbase.org> writes:

> how are security holes fixed in NixOS?

Eventually, hopefully.  :-)

> Should I take care of fixing them myself?

Yes, unless someone else happened to fix it before you.

> Is there an efficient way to do so like monitoring some security
> mailing list and changing URLs and hashes in Nix expressions in order
> to access patched versions of software?

Presumably you could monitor security mailing lists, CERT vulnerability
reports, and suchlike sources of info.

Thanks,
Ludo’.