subject:"\[Server\-devel\] Apache 2.4.10 from July 2014 is part of XSCE 6.2\: is this safe\?"

Re: [Server-devel] Apache 2.4.10 from July 2014 is part of XSCE 6.2: is this safe?

2017-02-16 Thread James Cameron

Security updates to the Jessie apache2 package have been happening, as patches are backported, and they are in Rasbian, see https://anonscm.debian.org/cgit/pkg-apache/apache2.git/log/?id=refs/heads/jessie for the list of changes, many of which have CVEs. But yeah, Nginx vs Apache2, doesn't matter

Re: [Server-devel] Apache 2.4.10 from July 2014 is part of XSCE 6.2: is this safe?

2017-02-16 Thread Adam Holt

On Mon, Feb 6, 2017 at 6:51 PM, Adam Holt wrote: > Did Raspbian or we/others make this choice of Apache 2.4.10 out of > curiosity? > > Is Apache 2.4.10 safe in general, despite being more than 2.5 years old? > > (Compared to Apache 2.4.25 released Dec 2016 etc...) > Tim has