Re: Security Vulnerabilities with Nginx v1.14.2 and GNOME Evolution

To: debian-user@lists.debian.org
Subject: Re: Security Vulnerabilities with Nginx v1.14.2 and GNOME Evolution
From: Eduardo M KALINOWSKI <eduardo@kalinowski.com.br>
Date: Tue, 15 Sep 2020 10:56:57 -0300
Message-id: <[🔎] fc1e0356-b745-e241-0dc5-50cf3a2360f7@kalinowski.com.br>
In-reply-to: <[🔎] 20200915134416.GX931@eeg.ccf.org>
References: <[🔎] CH2PR10MB42965D9F4805370301F2F78787200@CH2PR10MB4296.namprd10.prod.outlook.com> <[🔎] 20200915080145.GA27634@singvogel.net> <[🔎] CH2PR10MB42967FFEDE13ABB03FD3BE8F87200@CH2PR10MB4296.namprd10.prod.outlook.com> <[🔎] 20200915093940.GA29994@singvogel.net> <[🔎] CH2PR10MB4296061D4E3FFF04E7D7E16B87200@CH2PR10MB4296.namprd10.prod.outlook.com> <[🔎] 20200915133833.GA3463@singvogel.net> <[🔎] 20200915134416.GX931@eeg.ccf.org>

On 15/09/2020 10:44, Greg Wooledge wrote:
> Another choice would be to run Debian stable, but don't install Debian's
> version of nginx.  Use upstream's releases, compile them yourself, and
> update them yourself whenever you need to (for security reasons or
> otherwise).

If one chooses to do so, it might be better to fetch the debian source
package of the newer version and create a .deb out of it. At least the
benefits of the debian packaging are retained.

(In other words, you create your own backport.)

But if the versions of libraries required for building the newer version
are not available in stable, the process becomes much more difficult.
(But so would be building from the upstream source, probably.)

-- 
I enjoy the time that we spend together.

Eduardo M KALINOWSKI
eduardo@kalinowski.com.br

Reply to:

References:
- Security Vulnerabilities with Nginx v1.14.2 and GNOME Evolution
  - From: "Suryadevara, Revanth" <Revanth.Suryadevara@arcserve.com>
- Re: Security Vulnerabilities with Nginx v1.14.2 and GNOME Evolution
  - From: Klaus Singvogel <deb-user-ml@singvogel.net>
- RE: Security Vulnerabilities with Nginx v1.14.2 and GNOME Evolution
  - From: "Suryadevara, Revanth" <Revanth.Suryadevara@arcserve.com>
- Re: Security Vulnerabilities with Nginx v1.14.2 and GNOME Evolution
  - From: Klaus Singvogel <deb-user-ml@singvogel.net>
- RE: Security Vulnerabilities with Nginx v1.14.2 and GNOME Evolution
  - From: "Suryadevara, Revanth" <Revanth.Suryadevara@arcserve.com>
- Re: Security Vulnerabilities with Nginx v1.14.2 and GNOME Evolution
  - From: Klaus Singvogel <deb-user-ml@singvogel.net>
- Re: Security Vulnerabilities with Nginx v1.14.2 and GNOME Evolution
  - From: Greg Wooledge <wooledg@eeg.ccf.org>

Prev by Date: Re: Security Vulnerabilities with Nginx v1.14.2 and GNOME Evolution
Next by Date: cron consolekit pam_ck_connector.so: no such file
Previous by thread: Re: Security Vulnerabilities with Nginx v1.14.2 and GNOME Evolution
Next by thread: Re: Security Vulnerabilities with Nginx v1.14.2 and GNOME Evolution
Index(es):
- Date
- Thread