[lug] Where to get security-patched rpms?
Bill Thoen
bthoen at gisnet.com
Sat Jul 24 15:07:12 MDT 2004
Thanks for the help yesterday on compiling source RPMs. I did manage to
rebuild PHP 4.2.2, adding in MySQL support, and it works great now. The
source RPM had some patch files which I applied with 'patch' before
recompiling manually, and for once, I had no problems!
But I noticed that the newest patches were dated some time last year and I
understand that there's been a new security hole found in PHP within the
last month, which has been fixed in PHP 5. Because PHP 5 wants a newer
version of Apache than I have on my RH 9 box, I wasn't able to compile
this PHP 5 source (which I'd need to do to get MySQL support) and I'm not
yet brave enough to try to rebuild Apache. (There seems to be a lot of
other RPMs that depend on the httpd RPM.)
So, is there any place where source RPMs are available with the latest
security fixes, but not necessarily any new features? I'm perfectly happy
with PHP 4.2.2, but only if I can be sure it's not going to get hacked. I
searched around on RedHat.com but I couldn't find anywhere where they
support RH 9 errata. Do they no longer support version 9?
- Bill Thoen
More information about the LUG
mailing list