[CentOS] can i get .spec file for apache httpd of centos?

Sat May 23 18:26:22 UTC 2015
Vijendra Agarwal (vijagarw) <vijagarw at cisco.com>

Thanks for the response. I will look into the details.

Thanks
Vijendra. 
On 22/05/15 6:42 pm, "Johnny Hughes" <johnny at centos.org> wrote:

>On 05/22/2015 04:37 AM, Vijendra Agarwal (vijagarw) wrote:
>> Hi All,
>> Currently my system is using httpd 2.2.27. As there were many
>>Vulnerability fixes released under 2.2.29, I would like to upgrade the
>>Apache httpd.
>> My system is having CentOS 6.5.
>> 
>> I checked on CentOS Repos using yum but could not find the latest httpd
>>rpm from there. So I am building the httpd rpm from the source tar ball
>>downloaded from apache site.
>> I am able to build the rpm successfully but after installation I am
>>facing lot many different issues such as
>> 1. new rpm does not show anything for below command
>> rpm ­q httpd ‹changelog
>> 2. If I check the compiler option used in httpd 2.2.27 and 2.2.29 are
>>very different.
>> For 2.2.27 :- httpd: -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2
>>-fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64
>>-mtune=generic (Build by CentOS)
>> For 2.2.29 :- httpd: -O2 ­g (Build by myself)
>> 
>> Query
>> =====
>> 
>> 
>>   1.  How to provide the above compiler option so that the rpm get
>>build with them?
>>   2.  Is it possible to get httpd.spec file using which CentOS has
>>build the httpd rpm?
>> 
>
>As Leon said earlier ..
>
>You need to read his link about backporting.  Red Hat backports security
>changes to older versions, so if you think you are vulnerable to a
>security issue, please look it up here:
>
>https://access.redhat.com/security/cve/
>
>And you will find the RH version that fixes the specific CVE.
>
>As to your original question, all CentOS RPMs are build using 'rpmbuild
>-ba <srpm>' in a chroot system called mock.
>
>If you look at the  command "rpmbuild --showrc" you can see what is
>going to be passed in as variables:
>
>rpmbuild --showrc | grep ^optflags
>
>That is what would be passed into all packages .. plus whatever is set
>up in the SPEC file, which you can see from looking at it.
>
>All sources live on:  http://vault.centos.org/ under the specific
>version (5.11, 6.5, etc) and branch (os, updates, extras, etc.).  You
>would get the SRPM and then install or extract it to get the spec file.
>
>Note:  CentOS has not released any httpd-2.2.27 that I cane see.
>CentOS-5 is httpd-2.2.3
>CentOS-6 is httpd-2.2.15
>CentOS-7 is httpd-2.4.6
>
>So you likely did not get those 2.2.27 packages from CentOS Linux.
>
>From CentOS-7 on, we publish all build logs as well on:
>
>http://buildlogs.centos.org/
>
>In the c7* directories .. you can look at any build.
>
>Thanks,
>Johnny Hughes
>
>
>