[CentOS] Apache RPM's
Barry Brimer
lists at brimer.org
Wed Feb 13 05:28:44 UTC 2008
> I love CentOS, but I am seriously regretting selecting Centos 4.4 for my
> production hosting servers. The current situation with CentOS 4.4 and being
> stuck at Apache 2.0.52 is a huge problem because of the new requirements for
> the Credit Card industry PCI scan. Apache 2.0.52 does not pass PCI
> compliance scans. which means no ecommerce on any of these servers - MAJOR
> ISSUE. So my question to the community is: when are new Apache RPM's going
> to be released or at minimum a backported version that plugs these security
> holes so we can pass PCI scans. Apache 2.0.52 has some major issues that
> need to be dealt with?
>
> Help us out here. I know I am not the only one in this situation. every
> hosting company that uses Ensim Pro X is just where I am.
> Any insight or better yet a solution to this would be great.
Are you actually using CentOS 4.4 or are you using a fully updated version
of CentOS 4.6? If you are fully updated, or simply download the latest
CentOS 4 httpd package and run "rpm -q --changelog httpd | less" for an
installed package or "rpm -qp --changelog /path/to/httpd/package | less"
for a downloaded, but not yet installed package, you can see all of the
changes, complete with which CVE issues have been addressed in each
package build.
Barry
More information about the CentOS
mailing list