[CentOS] httpd RPM newer than 2.0.63 avail for CentOS 4.x?

Fri Nov 12 20:44:00 UTC 2010
Philip Amadeo Saeli <psaeli at zorodyne.com>

* Robert Heller <heller at deepsoft.com> [2010-11-07 07:13:27 -0500]:
> 
> At Sun, 7 Nov 2010 00:17:31 -0500 CentOS mailing list <centos at centos.org> wrote:
> 
> > I'm maintaining an internet-facing web server which is now running httpd
> > 2.0.63 (httpd-2.0.63-2.el4s1.centos.2) which is now neary 2.5 years
> > old(!?!).  I need to move to either 2.0.64 or 2.2.12 or later.  However,
> > I've been unable to find available RPMs for such releases for CentOS
> > 4.x.
> > 
> > I have to believe that others have these needs also.  In light of this,
> > how do others keep up with security upgrades for the httpd?  I'm rather
> > new to this aspect of things, so am still in the process of sorting
> > things out in this regard.
> 
> Red Hat backports security updates (from newer versions).  So long as
> you have been applying the standard O/S updates (eg 'yum update')
> regularly, your http is up-to-date WRT security updates.

This is true for vendor-supported version.  However, for technical
reasons (i.e., need for additional features or capabilities), we are
running versions more recent than the vendor-supported ones.  Up until
recently, I have been able to obtain the needed versions (of, e.g.,
httpd, mysql, and php) from available third-party CentOS repos.
However, this is no longer the case.

My question in this regard is to find out how this problem is generally
handled by others.  I know anyone who has internet-facing, secure
servers has to deal with these same issues.  Up until now, I've been
able to trust that the community response would result in the needed
RPMs showing up in public repos.  That model seems to now be broken (if
indeed it was ever truly viable).

In particular, I need the following package versions (for CentOS 4.x),
none of which I've been able to locate in any publicly available repo:

 1. httpd-2.0.64        # released: 2010-10-19
 2. php-5.2.14          # released: 2010-07-22

I have been able to locate packages for php-5.3.3 and am in the process
of testing them.  However, things would be *much* simpler in the short
term if we could move first to php-5.2.14.

Our longer-range plan is to upgrade the server to CentOS 5, which will
help quite a bit in this regard.  However, in the mean time I'm stuck
with CentOS 4 on this server due to severe time, resource, and budget
constraints.
 
> > Any help would be appreciated.
> > 
> > Thanks!
> > 
> > --Phil
> > 
> 
> -- 
> Robert Heller             -- 978-544-6933 / heller at deepsoft.com
> Deepwoods Software        -- http://www.deepsoft.com/
> ()  ascii ribbon campaign -- against html e-mail
> /\  www.asciiribbon.org   -- against proprietary attachments

Any info would be appreciated.

Thanks!

--Phil

-- 
Philip Amadeo Saeli
openSUSE, RHEL, CentOS
psaeli at zorodyne.com