LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 12-29-2011, 01:53 AM   #1
hahacc
Member
 
Registered: Oct 2010
Posts: 93

Rep: Reputation: 1
Question how should I upgrade httpd server if no rpm source has the latest package


Hi,
As we all know, there's always bug for any software(include httpd). For example, to fix bug CVE-2011-3348, we should install/upgrade httpd to version 2.2.21.
Now on my server, httpd version is 2.2.15. When using yum list|grep httpd, I can see this 2.2.15 is now the latest version, which means yum update httpd won't upgrade httpd.
What should I do about this? Should I download the source package(.tar.gz one) and transform it into a rpm package and then use rpm -Uvh to upgrade it?(And how to transform it?)
Thanks very much!
PS:
I know there's a software management system called spacewalk which can install one update to several servers at one time, I'm thinking whether we should transform the source package to rpm one in order to take the advantage of spacewalk.
 
Old 12-29-2011, 03:21 AM   #2
TenTenths
Senior Member
 
Registered: Aug 2011
Location: Dublin
Distribution: Centos 5 / 6 / 7
Posts: 3,461

Rep: Reputation: 1552Reputation: 1552Reputation: 1552Reputation: 1552Reputation: 1552Reputation: 1552Reputation: 1552Reputation: 1552Reputation: 1552Reputation: 1552Reputation: 1552
If you know what you are doing, or are willing to take the time to learn then you can download the source and configure / compile whatever version of apache you want. There are plenty of how-to's around, Google Is Your Friend!

If you're not confident about configuring / compiling packages then you might want to consider waiting until your upstream distro releases an RPM.
 
Old 12-29-2011, 07:31 AM   #3
hahacc
Member
 
Registered: Oct 2010
Posts: 93

Original Poster
Rep: Reputation: 1
Smile

Quote:
Originally Posted by TenTenths View Post
If you know what you are doing, or are willing to take the time to learn then you can download the source and configure / compile whatever version of apache you want. There are plenty of how-to's around, Google Is Your Friend!

If you're not confident about configuring / compiling packages then you might want to consider waiting until your upstream distro releases an RPM.
Thanks.
I know we can just download/compile httpd etc using their source packages, but I think rpm one can be more convenient for software management.
Maybe everything has it's pros and cons.
 
Old 12-29-2011, 07:57 AM   #4
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600
Quote:
Originally Posted by hahacc View Post
For example, to fix bug CVE-2011-3348, we should install/upgrade httpd to version 2.2.21. Now on my server, httpd version is 2.2.15. When using yum list|grep httpd, I can see this 2.2.15 is now the latest version, which means yum update httpd won't upgrade httpd.
As per https://bugzilla.redhat.com/show_bug.cgi?id=736690 you must be running something other than RHEL-5 as httpd-2.2.3-53.el5 is current because http://cve.mitre.org/cgi-bin/cvename...=CVE-2011-3348 was introduced in version 2.2.12:
Code:
~]$ rpm -q httpd --changelog|awk '/CVE-2011/ {print $6}'
CVE-2011-3368
CVE-2011-3192
It was fixed in https://rhn.redhat.com/errata/RHSA-2011-1391.html so you could try rebuilding the RHEL-6 httpd-2.2.15-9.el6 RPM?..
 
Old 12-30-2011, 08:40 PM   #5
hahacc
Member
 
Registered: Oct 2010
Posts: 93

Original Poster
Rep: Reputation: 1
Quote:
Originally Posted by unSpawn View Post
As per https://bugzilla.redhat.com/show_bug.cgi?id=736690 you must be running something other than RHEL-5 as httpd-2.2.3-53.el5 is current because http://cve.mitre.org/cgi-bin/cvename...=CVE-2011-3348 was introduced in version 2.2.12:
Code:
~]$ rpm -q httpd --changelog|awk '/CVE-2011/ {print $6}'
CVE-2011-3368
CVE-2011-3192
It was fixed in https://rhn.redhat.com/errata/RHSA-2011-1391.html so you could try rebuilding the RHEL-6 httpd-2.2.15-9.el6 RPM?..
I think maybe we can just compile the rpm by ourselves using source package. Httpd has it's own SPEC. And
EPEL repo

http://fedoraproject.org/wiki/EPEL/FAQ#howtouse

Rpmforge ( many packages )

http://dag.wieers.com/rpm/FAQ.php#B1

these two repos are good
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
How to remove existing rpm and install latest downloaded package samiksha Linux - Software 9 12-08-2010 04:49 AM
How to build httpd-2.2.3-22 as a relocatable rpm package in RHEL 5.3 renjunix Linux - Server 3 11-02-2009 09:04 AM
is there any latest gcc version available in .rpm package anushineforever Linux - Software 1 01-04-2009 01:20 AM
Not able to upgrade the version of the rpm package manohare Red Hat 1 08-16-2007 08:40 AM
Installed a package via rpm YaST, now overwrite-upgrade to new with source? hgb SUSE / openSUSE 3 11-14-2005 01:13 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 05:32 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration