Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Vincent Danen (vdanenmandrakesoft.com)
Date: Mon Sep 24 2001 - 17:44:43 CDT
On Mon Sep 24, 2001 at 10:51:18PM +0200, Oden Eriksson wrote:
> > What I do know is that the mod_ssl version has to match the apache version,
> > these two packages has to be compiled against the 0.9.5a-3.1mdk devel
> > package when apache has been patched with the right EAPI patch. It is also
> > somewhat a good idea that the latest mm is installed too. (guess this is no
> > news to you but...)
> > I usally make this manually as suggested in the mod_ssl docs.
> Heys guys, I just checked the apache src rpm and it lacks the EAPI patch.
> And, the security patch in there just fixes rarely used (?) userspace
> programs (temp race fix) .
May be rarely used, but is still a problem. The EAPI patch is (I
believe) a part of the SGI patches which is no longer a part of Apache
(SGI stopped doing their optimization patches quite a few versions
> My suggestion is that you rebuild mm (v1.13), OpenSSL, OpenSSH, Apache, and
> mod_ssl from the 7.2 updates SRMPS repository. Quite simple.
Not so simple. A rebuild of openssl requires other updates. I don't
know what else may/may not depend on mm.
If you want to try this (rebuild everything from 7.2) and test it, let
me know how it works (if it works). The other thing is that 7.1 uses
/home/httpd whereas 7.2+ use /var/www. This makes a direct rebuild
from 7.2 not entirely compatible with what users may expect for 7.1
(and indeed how 7.1 used to work).
If this is the only option, we will rework the 7.2 specs to match 7.1
and do what needs to be done (hopefully without requiring an openssl
rebuild to save us from updating openssh).
-- vdanenmandrakesoft.com, OpenPGP key available on www.keyserver.net 1024D/FE6F2AFD 88D8 0D23 8D4B 3407 5BD7 66F9 2043 D0E5 FE6F 2AFD - Danen Consulting Services www.danen.net, www.freezer-burn.org - MandrakeSoft, Inc. Security www.linux-mandrake.com
Current Linux kernel 2.4.8-26mdk uptime: 15 hours 45 minutes.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org
iD8DBQE7r7dbIEPQ5f5vKv0RAlEbAJ0Xw3IhX9pwJA5EtV4ytTXJQUbnswCfdYvs IAS+O7pkdPHMHgy2TF6kSnU= =08LX -----END PGP SIGNATURE-----