Paul Howarth wrote:
On Thu, 2005-06-09 at 14:04 -0400, Michael E. Webster wrote:I agree that direct version checking is a broken idea considering that backporting happens usually. http://www.redhat.com/advice/speaks_backport.html
Sorry if it's been posted before. I've google'd and searched the forum archives and didn't find any answers.
I'm currently running FC3 with Apache 2.0.52 on about 20 servers.
Several different security
scan programs are showing two vulnerabilities and want me to 'upgrade
apache' to the latest and greatest version (2.0.54)
Remember that version numbers can be misleading, and that Red Hat often backport security fixes to older versions for stability reasons.
Fedora packages usually gets updated to the upstream version rather than backports though. On a related note, http://www.advogato.org/person/mjcox/diary.html?start=132
regards Rahul
