yum install yum-changelog -y yum changelog httpd yum install -y wget epel-release -y cd /etc/yum.repos.d && wget https://repo.codeit.guru/codeit.el`rpm -q --qf "%{VERSION}" $(rpm -q --whatprovides redhat-release)`.repo yum info httpd yum install httpd -y
Ed On Tue, May 5, 2020 at 8:04 AM Richard <lists-apa...@listmail.innovate.net> wrote: > > > > Date: Tuesday, May 05, 2020 18:09:47 +0530 > > From: Kushagra Bindal <bindal.kusha...@gmail.com> > > > > Hi Experts, > > > > I am new to HTTP Server. We are currently running on centos 7.7 > > version and we are currently using > > httpd-2.4.6-90.el7.centos.x86_64 version. > > > > This version is having multiple vulnerabilities and thus we need to > > upgrade our system to latest available version i.e. 2.4.43. But I > > am not able to found any rpm file which I can use on my centos 7.7 > > environment. > > > > The current release of centos is 7.8, which includes > httpd-2.4.6-93.el7. The RH (and so centos) approach is to keep the > base release of a package as stable as possible over the life of the > RH release. To do this they backport security, bug fixes and > enhancements into the package base -- hence the "-93" on their > current httpd 2.4.6 package naming. They tend to be very good and > current on these updates, so I suspect (without going through all the > CVEs) that the announced security issues have been dealt with in the > current RH/centos -93 release. You can check any CVEs you have > specific concern about against their announcements and change logs. > > There may be other, functional, reasons to move to 2.4.43, but I > don't think that open CVEs is likely one of them. > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > >