On Thu, Oct 31, 2013 at 10:50 AM, Kaplan, Andrew H.
<AHKAPLAN at partners.org> wrote:> Hello --
>
> We are running CentOS 6.3 64-bit distribution on one of our servers, and I
am involved in upgrading the Apache and OpenSSL packages.
> I completed an upgrade to both where the version of each that is installed
on the server is the following:
>
> httpd 2.2.15-29.el6.centos
> httpd-manual 2.2.15-29.el6.centos
> httpd-tools 2.2.15-29.el6.centos
> openssl 1.0.0-27.el6_4.2
> openssl-devel 1.0.0-27.el6_4.2
>
> Are these the latest versions of Apache and OpenSSL that are available to
CentOS in package format?
> If not, what repository can I go to for the latest versions?
First, why aren't you doing a full 'yum update' to bring the whole
system up to 6.4?
Also, are you updating these packages to get new features or
bug/security fixes? CentOS tracks the updates in RHEL exactly and
RHEL backports many security and bug fixes without changing the base
package version numbers. You can see these with:
rpm -q --changelog package_name
where the CVE numbers will be mentioned, if you are checking for some
particular security issue.
If you need new features, you may have to go to newer versions found
elsewhere, but be very careful about replacing any base packages in
your system - it is almost always the wrong thing to do. You need to
know more about Linux than the Red Hat engineers...
--
Les Mikesell
lesmikesell at gmail.com