Best Regards,
John Gates, CISSP
Let’s Connect!
This email may contain information that is confidential or attorney-client privileged and may constitute inside information. The contents of this email are intended only for the recipient(s) listed above. If you are not the intended recipient, you are directed not to read, disclose, distribute or otherwise use this transmission. If you have received this email in error, please notify the sender immediately and delete the transmission. Delivery of this message is not intended to waive any applicable privileges.
On Sun, Nov 6, 2016 at 3:36 PM, Stefan Fritsch <sf@sfritsch.de> wrote:
On Sunday, 6 November 2016 09:27:18 CET John Gates wrote:
> I have a server that needs to stay PCIDSS compliant and it is complaining
> that apache 2.4.10 is running... When is an update going to be
> available... Do I have to compile my own Apache version? Seems odd that
> stability is favored over security... Please advise.
Debian back-ports individual security fixes, not complete new upstream
versions. See https://www.debian.org/security/faq#oldversion
An overview over the security issues that have been fixed in apache2 is
available via
https://security-tracker.debian.org/tracker/source- package/apache2