On Tue, Apr 26, 2016 at 02:40:56PM -0600, Doran Barton wrote: > Our security folks are curious how actively maintained the httpd24 > collection is and how soon we can expect updates to it to be made available > in the event of, say, a zero-day exploit.
Hi Doran. We've tried to keep httpd24 reasonably close to upstream 2.4 and have rebased it once (last year, from 2.4.6 to 2.4.12); I can't talk about future product plans. On the security side, for httpd we'll generally backport patches as per RHEL where we need to do errata (Critical and Important issues), and those errata get shipped ASAP in the RHN channels. We have a bit more information here: https://access.redhat.com/support/policy/updates/rhscl/ For community builds, everything is best effort. Regards, Joe _______________________________________________ SCLorg mailing list [email protected] https://www.redhat.com/mailman/listinfo/sclorg
