Coworkers think latest Django 3.1.7 needs a mod_wsgi newer than the 3.4.18 provided by Centos 7.9

My coworkers are asking me why we are using the Centos 7.9 provided apache + mod_wsgi for the sake of Django 3.1.7

VERSUS

hand assembling a custom build of either Centos 7.9's apache or a custom apache, and the latest or a more recent version of mod_wsgi (which is apparently on version 4.7.0 per https://modwsgi.readthedocs.io/en/master/release-notes.html) which makes the 3.4.18 (which dates back to December 2012 but has been patched as late as August 2018) used by Centos 7.9 seem ancient.

NOTE: Bitnami's Django Stack uses mod_wsgi 3.5 and Django 3.1.7 https://bitnami.com/stack/django/changelog.txt

Questions:

1. Am I looking at this wrong? I thought older is tested and stable?

2. Does Django check the underlying Apache + mod_wsgi installed for incompatibility at installation or runtime?

3. Can I trust the Centos team to keep this patched? Don't they just pull the latest from RHEL?

Comments of my objecting co-workers:

• i think version 3.5 and below has some vulnerabilities
• my only concern is it's way behind
• 3.4 is like 2014 or something
• there has been many bug fixes since then
• me: "As far as stability, older is almost always better" him: "like windows 95? :) "
• him: "i would agree if we're on at least version 4.5 or 6"
• Django would not necessarily throw errors telling us what's wrong
• don't want to get stuck with old version and face challenges later migrating to new version...