Topic: remi-php74 When will Apache be upgraded?

hello.

environment
OS: CentOS7.9

I'm using remi-php74 from the remi repository and using apache mod_php in it.

Then, it has the following configuration now.
- php7.4
- apache 2.4.6

A serious vulnerability has been reported in apache 2.4.53 and below, and it is recommended to upgrade to 2.4.54.

When will the vulnerable apache be released in the remi-php74 repository?

Thank you.

Re: remi-php74 When will Apache be upgraded?

> When will the vulnerable apache be released in the remi-php74 repository?

Sorry, but Never

My packages rely on system apache.
Maintaining php is enough work, apache is another big project.

1/ I recommend you upgrade from the 8 years old distro to a more modern one (EL-8 or even EL-9)

2/ I recommend you read how security fixes are fixed in RHEL (so in CentOS)

https://access.redhat.com/security/updates/backporting/

3/ I recommend you stop using mod_php

See https://developers.redhat.com/blog/2017 … tion-tips/

Else, on EL-7, you can switch to httpd24 SCL which is a more recent version, with more features (but same comment about security, see 2)

Desktop: Fedora 35 + rpmfusion + remi-test + remi-dev
Laptop:  Fedora 36 + rpmfusion + remi (SCL only)
Hosting Server: CentOS 8 Stream with EPEL, rpmfusion, remi

Re: remi-php74 When will Apache be upgraded?

Thank you for your advice.

Consider reviewing my environment.

Thank you.