Page 1 of 1

Update apache version to 2.2.31

Posted: 2016/01/08 11:01:06
by Cuizhe
Hi,
My server is CentOs5.1. Apache 2.2.3 installed on this server. But I want to update my apache version to 2.2.31.

So I downloaded apache2.2.31 source and build it. But when I get apache version using "apachectl -v", apache version is 2.2.3 yet. I think reset apache2.2.31 binary files.

How can I update version?

Thanks.

Re: Update apache version to 2.2.31

Posted: 2016/01/08 11:24:16
by TrevorH
That's not how CentOS works. The versions are set at the initial release and Redhat backport security patches to it even though the version number does not change. If you are attempting this upgrade for security purposes then it's most likely pointless since the 2.2.3 version on CentOS 5 should already be patched against all known exploits. To get there you need to regularly run yum update and keep your system up to date. CentOS 5.1 is NOT up to date (it came out in November 2007!). The latest version is 5.11 and the latest Apache httpd package on 5.11 is 2.2.3-91.el5.centos

Please see https://access.redhat.com/security/updates/backporting for more information on how and why this is done.

Re: Update apache version to 2.2.31

Posted: 2016/01/08 12:11:07
by Cuizhe
Then I can't upgrade my apache version?
I will upgrade my apache version to 2.2.12+.
Is it impossible?

How can I update my apache 2.2.3 to 2.2.12+ on CentOS5.1.

Posted: 2016/01/08 13:37:02
by Cuizhe
Hi,
I'm going to use SNI(Server Name Indication) service.
My server is CentOS5.1_x86.
My apache version is 2.2.3.
I will upgrade my apache version to 2.2.12+.
How can I do it?
Thanks.

[edit/avij: moved this message to this topic from elsewhere -- please don't open multiple topics for the same problem]

Re: Update apache version to 2.2.31

Posted: 2016/01/08 14:54:11
by TrevorH
SNI is not supported on CentOS 5 (it requires a newer openssl than is supplied by CentOS 5 and upgrading that would be a nightmare). Since it only has 1 year of life left before it is orphaned and no more security updates are produced you would be better off installing a newer version entirely - CentOS 6 is OK until 2020 and CentOS 7 until 2024. C6 comes with 2.2.15 and should work with SNI, CentOS 7 comes with 2.4.7 and that works with SNI too.

CentOS 5.1 is positively dangerous to run. It's 8 years old and is missing fixes for every single security vulnerability that has been discovered since 2007. You need to update it at the very minimum to CentOS 5.11 but that will not get you working SNI.