Upgrading Apache 2.2.16 (package version) to the latest version 2.2.26 (compiled vers
DebianThis forum is for the discussion of Debian Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Upgrading Apache 2.2.16 (package version) to the latest version 2.2.26 (compiled vers
Hi everyone,
I have Debian Squeeze which is shipped with Apache 2.2.16, the latest version of the package. For PCI compliance I need to upgrade to the latest 2.2.26. But this version does not exist as a binary package so I need to compile and install it manually.
The problem is I have no experience in compiling (not so much experience in Linux to be honest), and I wonder how I can compile and install the 2.2.26 version at the same location as the existing version, and keeping all the config files.
How can I do this? I don't know where exactly Apache2 is installed, and how to configure the config file to point to that location.
I don't know what PCI is, so I wonder is this a security issue or a feature issue.
If it is a security issue you need to understand Debian backports all security fixes in its stable releases. Therefore, the Apache 2.2.16 you have in Debian is as secure (and possibly more secure since new versions often introduce new bugs) than a stock 2.2.26.
They want me to upgrade to 2.2.26 because there are some security issues/bugs in the previous Apache versions.
Since Debian 6 is still supported, the fixes to those issues/bugs will have already back ported to your Apache version. Check the changelog.Debian.gz for confirmation. Its very scary to think that a standards body for internet banking is not aware of such basic security practices. Please do a little research to confirm what I have told you is legit and then try to explain it to The PCI people.
On a related topic Debian 6 will EOL soon, so you should make preparations to upgrade to Debian 7.
PCI compliance is the stupidist thing I have ever had to deal with a bunch of ridiculous automated scan reports that come from a company who has no idea what the report even means. I had a customer who was not able to obtain PCI complaince due to a CVE that had 0 potential for any sort of exploit or security vulnerability.
Getting PCI compliant is a pain and you will more than likely have to switch to another OS distro that you can be complaint with. They are more lenient with Windows only because the community is not as strong as it is with Linux and people do not report bugs the minute they discover them as its not an open source product. So with Windows Server 08R2 all you really have to do is run windows update, make sure you have the latest version of Apache installed and turn on the Windows Firewall.
With Linux you have to spend time patching every single thing that a bug has been identified with. Just an FYI from my personal experience, and no matter what you say to the PCI scan company about a specific bug they will not change what their scan identifies.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.