This question comes from my lack of understanding of package managers,
I run yum list and get httpd-2.4.6-40.el7.centos.4.x86_64
https://rpmfind.net/linux/RPM/centos/updates/7.2.1511/x86_64/Packages/httpd-2.4.6-40.el7.centos.4.x86_64.html
Build date: Mon Jul 18 17:32:11 2016
I did yum update && yum install httpd, will this get me the latest version of httpd?
where can I check online to confirm my package/build is the latest?
how can I periodically install security patches for my version of httpd?
update
[centos ~]$ httpd -v
Server version: Apache/2.4.6 (CentOS)
Server built: Jul 18 2016 15:30:14
[centos ~]$ rpm -q --changelog httpd | more
* Mon Jul 18 2016 CentOS Sources <bugs#centos.org> - 2.4.6-40.el7.centos.4
- Remove index.html, add centos-noindex.tar.gz
- change vstring
- change symlink for poweredby.png
- update welcome.conf with proper aliases
As Aaron mentioned, package managers like yum will only apply security patches as they prioritise stability (with security) over new features.
So after you do a "yum update" you will be on a patched version of httpd 2.4.6 which should have all the required security patches right up to the latest httpd release (2.4.23 at time of writing) but none of the other non-security changes (e.g. http/2 support or any of the other features and bug fixes unless security related).
So it's not really 2.4.6 anymore, despite the name, but at same time it's definitely not 2.4.23 either.
You can confirm the patches have been applied by running this command (as detailed here):
rpm -q --changelog httpd | more
Or perhaps, to check for a specific CVE:
rpm -q --changelog httpd | grep CVE-Number
And the vulnerabilities fixed in each version of Apache httpd (which should be back ported within a short space of time by Red Hat/Centos) are here:
https://httpd.apache.org/security/vulnerabilities_24.html or here: https://www.cvedetails.com/version-list/45/66/1/Apache-Http-Server.html
The best way to periodically install security updates is to do a "sudo yum update" regularly or consider installing yum-cron to do this for you. There is still some debate as to whether this should be fully automated in prod.
yum uses only the repositories it is configured to use; not just any RPM on the internet. That would be dangerous. If you have an up-to-date version of CentOS, they will release security updates for httpd. Once installed, a yum update will bring in patches.
CentOS is an Enterprise-level OS. They don't always have the "latest and greatest." You'll see they will stay with the same version, e.g. 2.4, but apply patches to it. The next major release of the OS would then have a more current version, e.g. 3.x. There are few exceptions, like Firefox, where they will stay with the ESR versions.
Related
does anyone know how I could check the version of apache2 web server on Linux Suse Enterprise Server 12?
I tried httpd -v and apache2 -v but those options don't work on this version of linux.
I would like to update the apache server, but unfortunately I have not worked with this version of linux until now.
Thanks in advance for your help.
Just check the installed rpm package by
rpm -q -i apache2
and also check the changelog of the package by
rpm -q --changelog apache2
because current security fixes are backported to the originally released version.
I just installed the latest version of Apache (2.4.43) using brew on Mac OS (10.14.5). (Using instructions from this site.) But after restarting the service, httpd -v still shows 2.4.34 running from the Mac OS default. The same old version is shown when I query apachectl -v.
Thinking that perhaps I needed to update with one more step, I ran brew update httpd but it said that "httpd 2.4.43 already installed."
I'm still pretty new to using brew, and this is my first time creating an Apache server, so any help here would be appreciated. Thanks!
Sorry - easy fix. I neglected to update my .bash_profile to include /usr/local/opt/apache2/bin.
This was clear after I ran which apachectl, and it displayed the default directory for the preinstalled version of Apache - /usr/sbin/apachectl.
I ended up stopping the default version and prevented it from starting again on boot:
sudo launchctl unload -w /System/Library/LaunchDaemons/org.apache.httpd.plist
Then, started the newly installed version, and it worked fine.
I am pretty new with this kind of server so please excuse my ignorance.
I asked my company for a Linux Server for hosting a web application and they gave me this system:
Red Hat Enterprise Linux Server release 7.7 (Maipo)
so the first thing I did was trying to install Apache HTTP, which package is called httpd in yum repositories.
Following a tutorial I did:
sudo yum list httpd
Which started returning a series of time out messages coming from a mirror related to my company (Are they hosting rhel repositories? Is this a common practice?)
Anyway I started disabling this mirrors at which point the command
sudo yum list httpd
returned just:
Loaded plugins: langpacks, product-id, search-disabled-repos, subscription-manager
Repository rhel-7-server-rpms is listed more than once in the configuration
Error: No matching Packages to list
I tried adding back some repo without any basic knowledge of the technology so I'll just post the result of this command:
sudo yum repolist enabled
Loaded plugins: langpacks, product-id, search-disabled-repos, subscription-manager
Repository rhel-7-server-rpms is listed more than once in the configuration
repo id repo name status
epel/x86_64 Extra Packages for Enterprise Linux 7 - x86_64 13,457
rhel-7-server-optional-rpms/7Server/x86_64 Red Hat Enterprise Linux 7 Server - Optional (RPMs) 19,380
vmware-tools VMware Tools 1
repolist: 32,838
What should I do? How do I know which repo to add and/or enable to install this common package?
httpd2.4 for RHEL is packaged as a Software Collection, so you have to enable some repos first. See these docs:
Release notes
Installation
Once you "scl enable" the proper repos, then you'll "yum install httpd24"
If you want a shortcut for setup, use step 1 only on this Python Hello World page, then yum install.
I wan to updage my currently active apache v2.4.6 to latest ver 2.4.27. (CentOS 7)
I know how to install from stracth but I just want to upgrade the version with my configurations remain stil.
Would it be okay to remove whole httpd content with /etc/httpd, /run/httpd, and /usr/lib64/httpdwith takin configuration backup, then install 2.4.27 from scratch and paste the old config files?
Thank you in advance for any guidance
You can backup everything and add CodeIT rpm repo:
cd /etc/yum.repos.d && wget https://repo.codeit.guru/codeit.el7.repo
yum install -y epel-release
yum upgrade httpd
Please also be sure to merge your SSL configuration and mpm defaults to have new features like HTTP/2 protocol support enabled.
I'm trying to install libQt5Core from an rpm and I get:
Error: nothing provides libicui18n.so.52.1()(64bit) needed by libQt5Core5-5.5.1-4.1.x86_64
There is newer version:
dnf whatprovides libicui18n*
Last metadata expiration check performed 0:00:14 ago on Fri Jan 29 13:58:14 2016.
libicu-54.1-5.fc23.x86_64 : International Components for Unicode - libraries
Repo : #System
Where do you install the libQt5Core from? The official repositories should not require packages versions that are not available.
Don't use that RPM to install the QT 5 core libraries. I'm guessing that you have a package for openSUSE (because that's what comes up when I Google for "libQt5Core rpm"). In Fedora, the package you want is qt5-qtbase. Install that with:
sudo dnf install qt5-qtbase
It happens that our version in Fedora 23 is also version 5.5.1, so I think that'll be what you really need here.
If you're doing software development, you might want to pull in the KDE Frameworks 5 development group, which is mostly QT stuff and which will get you set up for building programs against that, which might be what you're trying to do:
sudo dnf groupinstall kf5-software-development