mod_security, mod_perl, mod_python, php-pear, mysql updated

September 21, 2007 by · 16 Comments 

Earlier today I rolled out a bunch of updates to the packages in the repo. If you use any of these you'll need to run a "yum update" to pull them in. Complete details on the updates are at the bottom of this post.

The only update I would consider "critical" is MySQL. Bug #31001 was found after the release of the sources and is probably a deal-breaker for anyone using InnoDB tables as "ORDER BY DESC" no longer works. This respin includes a patch to fix that glitch.

Packages Updated:

  • php-pear 1.5.0 -> 1.6.2
  • mod_security 2.1.2 -> 2.1.3
  • mod_perl 2.0.2 -> 2.0.3
  • mod_python 3.2.8 -> 3.3.1
  • mysql 5.0.48 (respin)

Comments

16 Responses to “mod_security, mod_perl, mod_python, php-pear, mysql updated”
  1. Dave Mc says:

    Jason

    Just want to say thanks for all the help you've given me in getting this n00b's LAMP server up and running. Your repositories have everything, and your advice has been flawless, unlike so many others.
    Without it, I think I would have given up. Now get on and do your masters!

    Dave Mc

  2. Jason says:

    @Dave,

    Thanks! Kind words are always welcome.

  3. Reivax says:

    Would you be willing to make your SRPMS repository browsable as well ?
    Appreciate all your work.

  4. Jason says:

    @Reviax,

    That is something I am planning on doing eventually. The reason the SRPMS folder isn't browsable is because it does not actually contain all of the SRPMS that I use. For now, if there is a file you would like, just let me know and I'll post a link.

  5. Toby Johnson says:

    Jason, do you create your own .spec files or do you use the SRPMs from Fedora and just rebuild? I'm currently using PHP 5.2.3 with Apache 2.0.52 on CentOS 4.5; I've always just used the Fedora/Rawhide SRPMs but for some reason when I upgraded using their PHP 5.2.4 SRPM I'm getting segfaults in the child processes.

    If I understand correctly I can't use your binary RPM since it's compiled against Apache 2.2, correct? Have you had any problems with segfaults in 5.2.4?

  6. Jason says:

    @Toby,

    Some of the SRPMS I use come from Fedora, some are my own, and some are a combination of the two. In this case, my PHP 5.2.4 Source RPM is based off of the 5.2.3 src.rpm from Fedora Devel with updated patches to reflect source changes made in 5.2.4 (the Fedora 5.2.4 src.rpm was not available at the time of my original release). My src.rpm should be basically identical to the current 5.2.4 package available in Fedora Devel.

    As to your second question, no, I have not had any issues with 5.2.4 segfaulting. Have you tried rebuilding my package (link below)?

    http://www.jasonlitka.com/2007/09/05/upgrading-to-php-524-on-rhel-and-centos/

  7. Toby Johnson says:

    Thanks for the reply; no, I hadn't tried rebuilding your pkg, I didn't realize the SRPM was avialable. I'll try that now...

  8. Jason says:

    @Toby,

    Let me know how it goes. If you're still experiencing issues then it's got to be something else as I run my build on close to two dozen boxes.

  9. toby johnson says:

    I just checked the logs and I'm still getting segfaults using the 5.2.4 built from your SRPM. I thought the culprit might be the Suhosin patch[1] since I have been including that in my PHP builds but I built yours without it so that's not it. I've also disabled eAccelerator/xcache.

    I may try disabling more dynamic modules when I get the chance to try to narrow it down...

    [1] http://www.hardened-php.net/suhosin/

  10. Jason says:

    @Toby,

    If you're using the Zend Optimizer or Ioncube loaders then remove those as well and see if the problem goes away. If it does then you were probably loading them in the wrong order.

  11. James says:

    Hi Jason, I had a couple things I wanted to ask you.

    First off, thank you so much for your repositories! I have been searching for a way to update my CentOS 5's PHP to 5.2.5 and after hours of searching, I stumbled into your site and with the help of your repository, got PHP upgraded to 5.2.5.

    Also, I was wondering if I could get some advice from you regarding mod_security (yeah, I am a newbie to this stuff). I issued the command yum install mod_security and it looks like it installed it through your repository. The only problem is I am not sure what to do with it next. I've read instructions at about 5 different areas, and they all seem to be different. That being said, I thought it would be best to just check it out with you since I installed it via your repository.

  12. Jason says:

    @James,

    mod_security will block many attacks and vulnerabilities out of the box courtesy of the core rules so you don't actually NEED to change anything. If you notice that you are seeing a lot of traffic in your logs for URLs that don't exist or are obviously attempts at intrusion, you could write an additional rule to block them.

    The newest documentation for mod_security can be found at the URL below.
    http://www.modsecurity.org/documentation/index.html

  13. BestWebHosting says:

    It is true, mod_security is really helpful in protecting web security, especially when many websites in a box that is still using old/outdated php script that is open for hacking.

    Good post.

  14. jaafar says:

    i followed all the step of the link
    http://www.jasonlitka.com/yum-repository/
    but i can't update my centos 5.1 with the rpm package
    The console shows me the following message

    Setting up Update Process
    Setting up repositories
    Reading repository metadata in from local files
    No Packages marked for Update/Obsoletion

  15. Francis Mathew says:

    Dear Jason,

    Thanks for the trouble you have taken to help me.

    With best wishes,

    Francis Mathew

  16. Simon says:

    thanx for your info dude.

Speak Your Mind

Tell us what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!

You must be logged in to post a comment.