It looks like the most recent version of apache available via aptitude is 2.2.14 (as shown here). However, we have a requirement from the customer to upgrade to 2.2.17, which is the latest version available on the apache site.
Is there a way to upgrade to version 2.2.17 via aptitude? If not, what's the best way to upgrade? I'm comfortable building from source, but would much prefer having the package manager take care of it if possible.
Also, I read on some other posts that the security vulnerabilities that have been fixed between 2.2.14 and 2.2.17 may have already been patched by the Ubuntu OS? If that's true, is there a way I can verify this on my system? Or just have to take Ubuntu's word for it?
Thanks for any advice!
The typical way to get a newer version than the stable that's used on your OS would be to use the backports repository.. but it doesn't look like lucid (I'm assuming you're on Ubuntu 10.04, since you're on 2.2.14?) has newer versions of Apache in backports.
Since there's no backport, the management by the package manager probably isn't in the cards. You may be stuck with manual install of specific versioned packages (and manual upgrades), or compiling from source.
To find which security updates have been applied, select the version (lucid) from the package list you linked. Then, on the right-hand side, there's a "Ubuntu Changelog" link. This contains all the security updates that have been applied to the current version of the package. Here's the changelog for the current package: version 2.2.14-5ubuntu8.4.
Edit: If you're not tied to a specific version of Ubuntu, then keep in mind that 11.04 comes out in a few weeks; it has 2.2.17 by default.
According the site you linked, Ubuntu 10.10 (Maverick Meerkat) uses 2.2.16, and 11.04 (Natty Narwal) will use 2.2.17.
So, the short answer would be to wait 4 weeks until the release of Natty, do a dist-upgrade and you are done ;)
The long answer is that it is usually recommendable to stick with the version shipped with your distribution, because it makes managing your system much easier. Ubuntu fixes security holes found during the guaranteed support times for a release (which is 5 years for the server variant of an LTS version, which you are likely using).
If you manually install a non-supported version of Apache, fixing security holes will be your own responsibility and you will have to compile, test and install it whenever a security hole was found and if you are not really careful, this often means you are less secure than if you use the packaged version of Ubuntu and keep your system updated via apt.