[CentOS] Timeframe for httpd update (CVE-2011-3192)

Timo Schoeler timo.schoeler at riscworks.net
Thu Sep 1 06:15:34 EDT 2011


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

is there any time frame foreseeable for KB providing an update for httpd?

Upstream provided their SRPM yesterday, i.e. Aug 31 19:40. [0] [1]

It builds flawless on several machines I tried (Scientific Linux 6,
CentOS 5 and 6).

Question is: Should one deploy a self-build RPM or will there be an
update in the next... "time"?

(Given that 5.7 is still to be done, 6.1, etc., and due to the fact
there is "no such thing as a CentOS community", as was discussed end of
2010/early 2011. That's why I'm *not* going to provide my diff -- I'm
not willing to spend my work into an entity that denies transparency.)

Cheers.

[0] --
ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/httpd-2.2.3-53.el5_7.1.src.rpm

[1] -- https://rhn.redhat.com/errata/RHSA-2011-1245.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFOX1tGfg746kcGBOwRAvAdAJ44tVJVjL2V6MPsSVNkUjC/JEvXMwCgvRSP
Z08Y333AW1CYsrKcKlaDIFY=
=2s2l
-----END PGP SIGNATURE-----


More information about the CentOS mailing list