On Mon, Sep 1, 2014 at 3:57 AM, Peter Simons <[email protected]> wrote: > > the stable release branch is not supposed to have up-to-date software. > Its purpose is to provide a software environment that is *stable*. > Packages in the release branch should be modified only if the update > fixes an important bug, like a security vulnerability, i.e. when the > cost of sticking to the old version is obviously higher than the risk of > breaking someone's system with an update. If that is not the case, then > the update should probably not go to the release branch.
This seems a great policy when there are people backporting security fixes to older versions of software. I don't believe this is the case for NixOS. This means that if a security fix is required it may be many versions ahead of what is in 14.04 and has more chance of causing breakage. What's worse is it will happen at a bad time - when a security fix is needed. For a distro that doesn't backport security fixes I would think that updating minor versions of the software to take those fixes from the software provider would be an ok strategy. What is the policy with regards to security updates with NixOS? _______________________________________________ nix-dev mailing list [email protected] http://lists.science.uu.nl/mailman/listinfo/nix-dev
