Running a production web server with Ubuntu 12.04 which ships Tomcat 7.0.26. Should I care about updating the tomcat installation to latest 7.0.42 version or should I stick with what's provided? If I stick then am I not vulnerable to threats & bugs in 7.0.26 version ? I've been suggested to always use the latest minor version for things like JRE 7, Tomcat 7 etc, does it not hold good here ?
Should I be installing the latest version by downloading the tar & untar-ing it instead of using apt-get install to download from ubuntu repositories an older version? How would I be updating those installations later then ?
Edit:
I just have single webapp running on a single server. While I don't have any specific feature requirements for Tomcat or JRE that force me to use a particular newer version. I'm asking this just to ensure that if I'm running an older version supplied by ubuntu(installed from through apt-get install
), am I safe in terms of security & quality of software? Do these software packages will be updated to a newer minor version later while I m sticking to a particular LTS version ?