[Nix-dev] Policy for updates in 14.04
Vladimír Čunát
vcunat at gmail.com
Mon Sep 1 10:54:58 CEST 2014
On 08/31/2014 11:40 PM, Chris Double wrote:
> This seems a great policy when there are people backporting security
> fixes to older versions of software. I don't believe this is the case for NixOS.
That is a misunderstanding. The main purpose of the stable YY.MM
branches *is* to apply security backports, especially for the more
important packages, such as kernel, glibc, etc. In case the upstream
doesn't provide them, we just take patches from distros that do the
backporting ;-)
Safe bugfix-only updates are also suitable for stable branch, although
AFAIK we currently apply only small part of non-security suitable
updates from master. Perhaps it's even better to be conservative.
Vladimir
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3251 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.science.uu.nl/pipermail/nix-dev/attachments/20140901/f99f4677/attachment.bin
More information about the nix-dev
mailing list