Legacy Version support or unsupported

Fri Sep 10 08:06:48 UTC 2021

Thank you for your reply.
😇😇😇

On Fri, Sep 10, 2021 at 3:59 PM Maxim Konovalov <maxim at nginx.com> wrote:

> Hi,
>
> On 10.09.2021 09:42, 暗花 wrote:
> > Dear Sir/ Madam,
> >
> > I'm a college student from Malaysia, I would like to develop a secure
> > web application for my final year project, I love nginx so much. So I
> > got a question about the nginx legacy versions(e.g nginx 1.14.0), it's
> > still supported by the nginx team.
> >
> > I mean if some bug hunter found some cve or hacker attack, or
> > vulnerability found for the legacy version, will I be able to get the
> > security patch release from your official web?
> >
> > It's wise to use the legacy version? or should i choose the latest
> > version, as i am building a secure web app.
> >
> Any releases from the nginx-1.14 branch are not supported for sure.
>
> For nginx open source we support the mainline and stable branches, which
> are 1.21 and 1.20 at the moment.
>
> You can learn more about how the mainline and stable nginx branches work
> in the blog post written a couple of years ago and dedicated to nginx
> 1.18 and 1.19 branches.
>
> https://www.nginx.com/blog/nginx-1-18-1-19-released/
>
> I personally see no reasons to choose 1.14 releases these days and would
> encourage you to use the latest releases from the current mainline or
> stable (which is much more more conservative comparing to the mainline)
> branches such as nginx-1.21.3 or nginx-1.20.1, see
>
> http://nginx.org/en/download.html
>
> Just a reminder that we have a service that exposes the latest versions
> of various products we develop and maintain, i.e.:
>
> http://version.nginx.com/nginx/mainline
> http://version.nginx.com/nginx/stable
>
> --
> Maxim Konovalov
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx-devel/attachments/20210910/0e70102c/attachment.htm>