22 Mar
2009
22 Mar
'09
7:40 p.m.
http://httpd.apache.org/security/vulnerabilities_20.html
states that Apache 2.0.52 is 4 years old and the latest version is 2.0.68. i am no longer a httpd expert, but at least one of the security fixes involves XSS attacks via malformed ftp commands. I also realize that redhat / centos may patch things separately from Apache and that the sysadmin has a great deal to do with how secure things are, but almost 5 years?
Does the sysadmin for www.centos.org get paid?