John Gates, CISSP
This email may contain information that is confidential or attorney-client privileged and may constitute inside information. The contents of this email are intended only for the recipient(s) listed above. If you are not the intended recipient, you are directed not to read, disclose, distribute or otherwise use this transmission. If you have received this email in error, please notify the sender immediately and delete the transmission. Delivery of this message is not intended to waive any applicable privileges.
On Sunday, 6 November 2016 09:27:18 CET John Gates wrote:
> I have a server that needs to stay PCIDSS compliant and it is complaining
> that apache 2.4.10 is running... When is an update going to be
> available... Do I have to compile my own Apache version? Seems odd that
> stability is favored over security... Please advise.
Debian back-ports individual security fixes, not complete new upstream
versions. See https://www.debian.org/
An overview over the security issues that have been fixed in apache2 is