Using YUM I installed apache. Installed apache version is 2.2.3
Our security guy wants that we use 2.2.21 apache
When I try yum update 'httpd' nothing happens – No Packages marked for Update
I checked Apache home page (http://www.apache.org/dist/httpd/patches/) regarding patches. Based on their written instruction I try to install 2.2.4 patch (http://www.apache.org/dist/httpd/patches/apply_to_2.2.4/)
patch -s < /usr/local/src/hack-msvc8-httpd-2.2.4.patch
And I got such message:
The text leading up to this was:
|###
|### A trivial hack to copy the .manifest files along with the binaries
|### when building from the command line on Visual Studio 2005
|###
|### Courtesy of Gustavo Lopes
|### Posted to dev@httpd.apache.org,
|### Message-ID: <006901c731ae$97bec180$0201a8c0@cataphract>
|###
|--- Makefile.win.orig 2006-12-07 11:09:37.000000000 -0600
|+++ Makefile.win 2007-01-08 23:55:56.000000000 -0600
File to patch:
What I am doing incorrect? Why I can not update Apatche to 2.2.21 version?
Best Answer
In order to run 2.2.x you would either need to source another RPM - or build it from source.
I would suspect however since you are running 2.2.3 that you are running RedHat Enterprise Linux 5 or one of its derivatives (CentOS 5 etc). You will find that a sizeable number of penetration testing companies or security officers don't take into account that whilst you are running 2.2.3 you have actually got security fixes from later revisions of Apache.
This is known as 'backporting'. RedHat has a good description here. I would suggest requesting from your security persons the specific CVE's that they are interested in ensuring that are patched, and then use this redhat tool to identify if these are fixed in the version of apache that you are running. You can get the version number by preforming
rpm -qa httpd.