I run a Ubuntu 11.10 server at my house and in the past I have been using apt-get
to keep all my packages up to date. Recently I noticed that when I run apt-get update/upgrade
the version of some software is usually not the latest. Apache for instance is a good x.2.x versions behind the latest on Apache's website. The change logs that Apache provides indicates that the version on their site has updated several security vulnerabilities. This means that there are vulnerabilities for the version I have installed using apt-get
.
In simple terms, is it better to download and compile essential software from source such as SSH and Apache to have the most secure and up-to-date version or is using a package manager such as apt-get
a better option? I run only 1-2 servers so automating or updating multiple machines does not apply to me. Thank you!