No, it's not too early. Other distros immediately packaged the new version and provided it in their security channel. It's never too early when it concerns security.
On Thu, Jun 5, 2014 at 8:04 PM, Peter Simons <[email protected]> wrote: > Hi Luca, > > > It takes too much time to deliver the new packages from the nixos > > channel, and it would take equally long to compile them on production > > servers. > > that OpenSSL update was committed 5 hours ago. Isn't it a wee bit early > to say that the update takes "too much time"? > > Also, note that you don't have to wait for the channel to update to get > binaries. Running > > $ nix-build nixos -A system -I nixpkgs=$PWD --dry-run --option > binary-caches http://hydra.nixos.org > > in a checked-out copy of the release-14.04 branch shows that a good > portion of Nixpkgs has been compiled by Hydra already, and compiling the > rest locally is not a serious problem, IMHO. > > I agree that the ability to make quick-and-dirty replacements of core > libraries in a running system would be nice to have. Personally, I doubt > I'd ever bother with that kind of hackery though, because the normal > update channels are quick enough, IMHO. > > Best regards, > Peter > > _______________________________________________ > nix-dev mailing list > [email protected] > http://lists.science.uu.nl/mailman/listinfo/nix-dev > -- www.debian.org - The Universal Operating System
_______________________________________________ nix-dev mailing list [email protected] http://lists.science.uu.nl/mailman/listinfo/nix-dev
