[CentOS] Need httpd / apache RPM > 2.2.3 for 5.3
R P Herrold
herrold at centos.org
Fri Aug 28 17:38:04 UTC 2009
On Fri, 28 Aug 2009, Alan McKay wrote:
> Is there a document that will tell me what patch levels were shipped
> with the different releases of CentOS? In particular 5.2?
Two come to mind that we ship with every binary we alter,
evey package we build:
- one is the SRPM, which contains all sources
and patches, etc
- two is a summary of varying detail, and carried with
every binary under RPM installation (here for
the apache webserver, carried in the package: httpd):
rpm -q --changelog httpd
The first requires some 'diff' reading skills, but is the most
accurate
As to the second method, I see the following recent entries:
* Tue Jul 14 2009 Karanbir Singh <kbsingh at centos.org> 2.2.3-22.el5.centos.2
- Roll in CentOS Branding
* Mon Jul 06 2009 Joe Orton <jorton at redhat.com> 2.2.3-22.el5_3.2
- add security fixes for CVE-2009-1890, CVE-2009-1891
(#509782)
* Thu May 07 2009 Joe Orton <jorton at redhat.com> 2.2.3-22.el5_3.1
- add security fixes for CVE-2008-1678, CVE-2009-1195
(#499284)
* Wed Nov 12 2008 Joe Orton <jorton at redhat.com> 2.2.3-22.el5
- add security fixes for CVE-2008-2939 (#468841)
- note that the mod_proxy 2.2.9 rebase fixed CVE-2008-2634
-------------------------
CVE may be explored down:
http://cve.mitre.org/cve/
The values of the form (#NNNNNN) are down:
https://bugzilla.redhat.com/
In this case, re-branding is so common as to not pick up a
centos bug number, but might and if so would be at:
http://bugs.centos.org/main_page.php
-- Russ herrold
More information about the CentOS
mailing list