[Nix-dev] Re: [Nix-commits] SVN commit: nix - r24751 - nixpkgs/trunk/pkgs/development/libraries/openssl
Lluís Batlle i Rossell
viriketo at gmail.com
Thu Nov 18 10:05:45 CET 2010
On Thu, Nov 18, 2010 at 05:05:17AM +0200, Evgeny Egorochkin wrote:
> On Thursday 18 November 2010 02:17:43 Lluís Batlle i Rossell wrote:
> > On Wed, Nov 17, 2010 at 10:17:36PM +0000, Evgeny Egorochkin wrote:
> > > Author: egorochkin
> > > Date: Wed Nov 17 22:17:36 2010
> > > New Revision: 24751
> > > URL: https://svn.nixos.org/websvn/nix/?rev=24751&sc=1
> > >
> > > Log:
> > > openSSL: bump due to security issues
> >
> > In the past we used to discuss changes like this, that cause a massive
> > rebuild.
> >
> > The bug report says specifically that apache is not vulnerable, for
> > example. Maybe it's not that risky to have that bug for a few time.
> >
> > What do you think, nix-dev?
>
> If it's decided that there are "unimportant" security holes, how about
> introducing a staging branch for these? stdenv-updates looks like it can have
> potentially much more invasive changes than bugfixes.
I agree. stdenv-updates should have the fixes, but it usually has much more
changes (and more failing builds). Unless it's close to being ready for merging
to trunk.
OTH I'll update stdenv-updates from trunk to get that openssl change there.
More information about the nix-dev
mailing list