[CentOS] Equivalent RHEL package for CentOS httpd package?

Tue May 8 00:43:26 UTC 2012
Johnny Hughes <johnny at centos.org>

On 05/07/2012 07:16 PM, Mitch Patenaude wrote:
> I'm trying to find out if a particular RedHat patch has been ported to
> CentOS yet.
>
> In particular, this vulnerability: CVE-2011-3607
>
> According to this: https://rhn.redhat.com/errata/RHSA-2012-0323.html it
> has been patched as of httpd-2.2.3-63.el5_8.1.x86_64.rpm
>
> Now, in the latest CentOS repository, I find
> httpd-2.2.3-63.el5.centos.1.x86_64.rpm
>
> Is this the same (or later) release?  I suspect not, because the el5 !=
> el5_8.1, but I'm not 100% sure I understand the mapping between the two
> sets of RPM names.

You suspect wrong :)

We keep the dist tags the same for packages that we do not modify for
branding ... so if that was an unmodified package, it would have a
.el5_8 dist tag, just like upstream.

BUT ... for packages that we modify ... we always use a ".el5.centos"
dist tag unless forced to use something else for some reason.

So, since httpd is a modified package,
"httpd-2.2.3-63.el5.centos.1.x86_64.rpm" ==
"httpd-2.2.3-63.el5_8.1.x86_64.rpm"



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://lists.centos.org/pipermail/centos/attachments/20120507/dd6c7eb2/attachment-0005.sig>