Mailinglist Archive: opensuse-security (499 mails)

< Previous Next >
Re: [suse-security] SuSE Apache patch sufficient?
  • From: Steffen Dettmer <steffen@xxxxxxx>
  • Date: Sat, 22 Jun 2002 17:13:02 +0200
  • Message-id: <20020622171302.B4231@xxxxxxxxx>
* Frank Steiner wrote on Fri, Jun 21, 2002 at 10:21 +0200:
> so, would it mean much work to compile RPMs for a 3.1.26 apache for
> all SuSE versions? Or are there just to many dependencies?

I think the main problem would be the (probably) changed behavior
of apache and/or it's mod_packages. If someone uses i.e. mod_php
and upgraded a larger site, she would know what I mean. In such
upgrades, you can have i.e. a function does something different
(nothing special in PHP's history :)). Well, after upgrade, some
functions of some scripts are broken... Hope you'll enjoy
debugging :) Well, and the new PHP version usually require the
very newest pre-alpha anything libs...

> For a quick fix I just compiled apache 3.1.26 using the
> config.status from SuSE and exhanged the binary and the
> modules, seems to run fine.

Well, usually that works if you have a not too old installation,
and you compiled the binaries on a very similar system. But if
you make a binary RPM after i.e. upgrading a used package, you
would need this upgrade package on the RPM targets, too...

> However, I don't use much additional mod packages like php4

Yes, I wouldn't do also, but I don't think that SuSE could ommit
it :) And the millions of functions of the millions of modules
cannot be tested... Well, and usually i.e. new mod_php's don't
work with older apache's and so on...

oki,

Steffen

--
Dieses Schreiben wurde maschinell erstellt,
es trägt daher weder Unterschrift noch Siegel.

< Previous Next >