[Nix-dev] Security channel proposal

Domen Kožar domen at dev.si
Fri Sep 26 18:55:06 CEST 2014


On Fri, Sep 26, 2014 at 6:53 PM, Christian Theune <ct at gocept.com> wrote:

>
> On 25. Sep2014, at 20:00, Domen Kožar <domen at dev.si> wrote:
>
> > Note that from business perspective server admin usually wants to do
> following two things:
> >
> > 1) to be notified if any of software packages has a security vuln
> > 2) to take automated/manual actions to upgrade ONLY those packages and
> not bump and versions
> >
> > Having faster hydra doesn't solve 2)
>
> I might be missing something from a newbie perspective: how would it solve
> 1)?
>

It doesn't, but that issue has nothing to do with hydra. More with mapping
CVEs to packages in nix store and sending notifications.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.science.uu.nl/pipermail/nix-dev/attachments/20140926/286829a3/attachment.html 


More information about the nix-dev mailing list