Legacy Version support or unsupported

Maxim Konovalov maxim at nginx.com
Fri Sep 10 07:59:05 UTC 2021


Hi,

On 10.09.2021 09:42, 暗花 wrote:
> Dear Sir/ Madam,
> 
> I'm a college student from Malaysia, I would like to develop a secure
> web application for my final year project, I love nginx so much. So I
> got a question about the nginx legacy versions(e.g nginx 1.14.0), it's
> still supported by the nginx team.
> 
> I mean if some bug hunter found some cve or hacker attack, or
> vulnerability found for the legacy version, will I be able to get the
> security patch release from your official web?
> 
> It's wise to use the legacy version? or should i choose the latest
> version, as i am building a secure web app.
> 
Any releases from the nginx-1.14 branch are not supported for sure.

For nginx open source we support the mainline and stable branches, which
are 1.21 and 1.20 at the moment.

You can learn more about how the mainline and stable nginx branches work
in the blog post written a couple of years ago and dedicated to nginx
1.18 and 1.19 branches.

https://www.nginx.com/blog/nginx-1-18-1-19-released/

I personally see no reasons to choose 1.14 releases these days and would
encourage you to use the latest releases from the current mainline or
stable (which is much more more conservative comparing to the mainline)
branches such as nginx-1.21.3 or nginx-1.20.1, see

http://nginx.org/en/download.html

Just a reminder that we have a service that exposes the latest versions
of various products we develop and maintain, i.e.:

http://version.nginx.com/nginx/mainline
http://version.nginx.com/nginx/stable

-- 
Maxim Konovalov


More information about the nginx-devel mailing list