@Yehuda Katz: what do you think of my e-mail/comment below?
--- Original Message ---
On Tuesday, March 1st, 2022 at 8:11 PM, Jeroen Verhoeckx
wrote:
>> Please keep your replies on the mailing list so that everyone can benefit
>> from the discussion.
>
> Oh, sorry, I probably click on
> Please keep your replies on the mailing list so that everyone can benefit
> from the discussion.
Oh, sorry, I probably click on Reply and not Reply All! Will keep an eye on
that in the future!
I'm worried that the version of Apache released by The Apache Software
Foundation is less safe
Please keep your replies on the mailing list so that everyone can benefit
from the discussion.
What is your "threat model" in which this way is less safe?
For example: Are you worried that the packaged version from someone else
has been modified with a backdoor? Are you worried that you would
>
> Since you don't have paid support from RedHat, there is absolutely no
> reason to not install your own version of httpd.
>
I agree. The days of relying on a lts distribution are coming to an end. I have
the impression that RedHat is not the place to be anymore. Moving packages from
the
In terms of getting a RedHat eningeer, it looks like you have done all you
can do. There are RedHat developers on this list and on the RedHat forums
and they also look at Bugzilla, so there probably isn't much more you can
do.
Since you don't have paid support from RedHat, there is absolutely no
You mention in the bug report that you are running an old version of HTTPD
because you are using the version packaged by RedHat.
Your bug report asks RedHat to backport the specific fixes for your issue.
I see two options for you going forward:
1. Contacting RedHat: You need a subscription to do
Hello Apache Administrators,
On 6 January I reported a possible bug of Apache on Red Hat's Bugzilla, but no
one has responded since then.
It's about this bug report:
https://bugzilla.redhat.com/show_bug.cgi?id=2037967
Does someone have an idea about what I could do next?
Does someone know I