[thelist] Just moved from Vista to Ubuntu -Web Dev Help???
Hassan Schroeder
hassan.schroeder at gmail.com
Wed Sep 30 09:58:34 CDT 2009
On Tue, Sep 29, 2009 at 11:55 PM, Martin Burns <martin at easyweb.co.uk> wrote:
>> Example: Debian's package list has Tomcat 5.5.26
>> -- 5.5.28 has been
>> out quite a while, and the actual current Tomcat is 6.0.20 ...
> 5.5.26 is the *supported* version for Debian.
You cited package management as a way to ensure "security" fixes
were immediately available. That's obviously not true, as 5.5.26 has
vulnerabilities fixed in 5.5.27, which in turn has vulnerabilities fixed
in 5.5.28, which was released 2009-06-19.
<http://tomcat.apache.org/security-5.html>
IMO, it's far better -- and safer -- to install software properly yourself
in a way that facilitates having multiple versions in parallel so you can
upgrade and test without depending on the "packaging" schedule of
someone else.
FWIW,
--
Hassan Schroeder ------------------------ hassan.schroeder at gmail.com
twitter: @hassan
More information about the thelist
mailing list