[CentOS] BUG in httpd 2.2.3-22.el5.centos.2

Mark Hedges hedges at scriptdolphin.com
Sat Aug 8 03:00:29 UTC 2009 

> You can report problems on the CentOS bug tracker at:
> http://bugs.centos.org/

Umm, as I said, I couldn't sign up to file a bug report.
Nope, still broken.

   APPLICATION ERROR #2800
   Invalid form security token. Did you submit the form
   twice by accident?

> If the problem is reproducible in RHEL as well, you might
> as well report it directly at:
> https://bugzilla.redhat.com/

I don't have an RHEL to test I use Debian at home, but
thanks for the link, since it is the same source according
to Johnny below.

> > I feel like it's pointless to ask why don't
> > distributions upgrade within the minor revision number
> > of the stable 2.2 series anyway.  2.2.3 is certainly not
> > as "stable" as 2.2.11 and the API is supposed to be the
> > same.  Oh right the "big picture."  :-(
>
> 2.2.3 in CentOS/RHEL is not the same as 2.2.3 upstream...
> it's only the base release after which patches are
> applied. The name 2.2.3 is kept because potentially not
> all the upstream patches that went to 2.2.11 will go into
> CentOS/RHEL's 2.2.3, in theory only security updates are
> applied inside a minor OS release and RedHat might decide
> to skip some of the patches introduced between 2.2.3 and
> 2.2.11 if they believe they are not relevant to their
> product.

Yeah it doesn't make sense to me why it's an advantage for
RedHat to selectively backport patches instead of keeping up
what the developers believe is a stable API for all callers.
It's the same corporate cargo cult they were in when they
made the mod_perl1 "compatibility" interface for Apache2...
just made life harder for everyone in the end, if I'd wanted
to use 1.3 handler API I would have installed 1.3... but
that is ancient history.

> Second: from that link it seems that you have installed
> Perl modules directly from CPAN. Is that true? If you did
> and your system broke, well, you got to keep the pieces...
> It's known that CPAN modules and RPM modules do not play
> together well and will tend to break in upgrades. I
> suggest you install a CentOS 5.3 machine from scratch and
> try to reproduce the problem there. If it still happens,
> then report it to CentOS's bug tracker and/or to the
> mailing list.

Yes I removed all of perl, made sure all libs were gone and
started from scratch.

On Fri, 7 Aug 2009, nate wrote:
> I don't think I'm able to help on this one but am curious
> how much of the components your working with are built
> from outside sources? I get the impression that your using
> quite a few modules directly from CPAN, are you using
> sqlite and mod_perl stuff from outside CentOS as well?

I use httpd, httpd-devel, sqlite, sqlite-devel, mod_perl,
mod_perl-devel, apr etc. from CentOS.

DBD::SQLite is not available in yum so I make it with CPAN.

libapreq2 (Apache2::Cookie/Apache2::Request) is not
available in yum and does not run the tests right with the
CPAN installer as root so I make it from source.


On Fri, 7 Aug 2009, Johnny Hughes wrote:
>
> Well ... here is what I can tell you:
>
>
http://www.redhat.com/security/updates/backporting/?sc_cid=3093
>
> They do roll in bug fixes.  I know it can be frustrating
> (it is for me to and I build this stuff) ...
>
> WRT the httpd package ... if you look at the RHEL and
> CentOS httpd SRPMs you will see that the change in the
> spec file is cosmetic and only controls CentOS being
> displayed instead of Red Hat as required by their
> trademark restrictions.

Excellent info I will swim upstream thank you.


Mark

More information about the CentOS mailing list