pyrox.dev
+4
-38
doc/contributing/vulnerability-roundup.chapter.md
+4
-38
doc/contributing/vulnerability-roundup.chapter.md
···-[github.com/NixOS/nixpkgs/issues?q=is:issue+is:open+"Vulnerability+roundup"](https://github.com/NixOS/nixpkgs/issues?q=is%3Aissue+is%3Aopen+%22Vulnerability+roundup%22)-<link to relevant package search on search.nix.gsc.io>, <link to relevant files in Nixpkgs on GitHub>+This section has been moved to [pkgs/README.md](https://github.com/NixOS/nixpkgs/blob/master/pkgs/README.md).-Note that there can be an extra comment containing links to previously reported (and still open) issues for the same package.+This section has been moved to [pkgs/README.md](https://github.com/NixOS/nixpkgs/blob/master/pkgs/README.md).-**Note**: An issue can be a "false positive" (i.e. automatically opened, but without the package it refers to being actually vulnerable).-If you find such a "false positive", comment on the issue an explanation of why it falls into this category, linking as much information as the necessary to help maintainers double check.-- Is the issue already patched (version up-to-date or patch applied manually) in Nixpkgs's `master` branch?-- Once the fix is merged into `master`, [submit the change to the vulnerable release branch(es)](https://nixos.org/manual/nixpkgs/stable/#submitting-changes-stable-release-branches);-- **Yes**: [Backport the change to the vulnerable release branch(es)](https://nixos.org/manual/nixpkgs/stable/#submitting-changes-stable-release-branches).-- When the patch has made it into all the relevant branches (`master`, and the vulnerable releases), close the relevant issue(s).+This section has been moved to [pkgs/README.md](https://github.com/NixOS/nixpkgs/blob/master/pkgs/README.md).
+46
pkgs/README.md
+46
pkgs/README.md
···If a security fix applies to both master and a stable release then, similar to regular changes, they are preferably delivered via master first and cherry-picked to the release branch.Critical security fixes may by-pass the staging branches and be delivered directly to release branches such as `master` and `release-*`.+[github.com/NixOS/nixpkgs/issues?q=is:issue+is:open+"Vulnerability+roundup"](https://github.com/NixOS/nixpkgs/issues?q=is%3Aissue+is%3Aopen+%22Vulnerability+roundup%22)+<link to relevant package search on search.nix.gsc.io>, <link to relevant files in Nixpkgs on GitHub>+Note that there can be an extra comment containing links to previously reported (and still open) issues for the same package.+**Note**: An issue can be a "false positive" (i.e. automatically opened, but without the package it refers to being actually vulnerable).+If you find such a "false positive", comment on the issue an explanation of why it falls into this category, linking as much information as the necessary to help maintainers double check.+- Is the issue already patched (version up-to-date or patch applied manually) in Nixpkgs's `master` branch?+- Once the fix is merged into `master`, [submit the change to the vulnerable release branch(es)](https://nixos.org/manual/nixpkgs/stable/#submitting-changes-stable-release-branches);+- **Yes**: [Backport the change to the vulnerable release branch(es)](https://nixos.org/manual/nixpkgs/stable/#submitting-changes-stable-release-branches).+- When the patch has made it into all the relevant branches (`master`, and the vulnerable releases), close the relevant issue(s).