Question
Can you update the default nginx package from 1.4.6 to 1.6.2?
- Posted on January 23, 2015
Asked by chwhite2000
Running a new Ubuntu 14.04 instance @ DO
$ apt-get update $ apt-get install nginx $ nginx -V
nginx version: nginx/1.4.6
Can you guys update your nginx package to 1.6.2? I haven’t checked the other One-click installers or O/S instances to check which nginx versions they are running.
1.6.2 includes fixes for SSL/TLS exploits as well as other things like SPDY 3.1 support
Thanks!!
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Well I prefer to install the project repository and install the latest stable package. Here are instructions on how to install the repository and the signing key for nginx. http://nginx.org/en/linux_packages.html
Thank you for the quick reply and detailed answer. That explains it very well, thanks!
Just found this, now the light bulb turns on lol http://packages.ubuntu.com/trusty/nginx
Hi,
This isn’t quite how it works.
DigitalOcean doesn’t decide what version of software ends up on your droplet - you choose that yourself by picking a distribution such as Ubuntu.
Now, the people who make Ubuntu (canonical as well as the open source community) decide on what version of packages they’ll support for a given version of Ubuntu. This is why you’re getting 1.4.6 rather than the latest 1.6.2.
Thus, there are obviously no security issues to worry about. It’s part of the work of a distribution’s team to ensure that the particular version of the software that they decide to bundle is security bug free - you’ll find that literally every piece of software on your Linux computer is the same way. Your version of ‘top’ isn’t the latest, your version of ‘gcc’ isn’t the latest either, etc.
Ubuntu 14.04 is a Long Term Support version, which means such fixes will happen for the next couple years.
Hope this answers your question.