<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"></head><body><div>Just another example of how long in the tooth jessie is getting. </div><div><br></div><div><br></div><div><br></div><div id="composer_signature"><div style="font-size:85%;color:#575757" dir="auto">Sent from my Samsung Galaxy smartphone.</div></div><div><br></div><div style="font-size:100%;color:#000000"><!-- originalMessage --><div>-------- Original message --------</div><div>From: Adam Holt <holt@laptop.org> </div><div>Date: 2/16/17 10:53 PM (GMT-05:00) </div><div>To: xsce-devel <xsce-devel@googlegroups.com>, server-devel <server-devel@lists.laptop.org> </div><div>Subject: [XSCE] Re: Apache 2.4.10 from July 2014 is part of XSCE 6.2: is this safe? </div><div><br></div></div><div dir="ltr">On Mon, Feb 6, 2017 at 6:51 PM, Adam Holt <span dir="ltr"><<a href="mailto:holt@laptop.org" target="_blank">holt@laptop.org</a>></span> wrote:<br><div class="gmail_extra"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div>Did Raspbian or we/others make this choice of Apache 2.4.10 out of curiosity?<br><br></div><div>Is Apache 2.4.10 safe in general, despite being more than 2.5 years old?<br><br>(Compared to Apache 2.4.25 released Dec 2016 etc...)<br></div></div>
</blockquote></div><br></div><div class="gmail_extra">Tim has made a strong case for moving to Nginx this morning on our community call, but I'm still curious about the above if others might know how Apache's security profile has evolved over the past 2.5 years?<br></div></div>
</body></html>