Re: [users@httpd] Apache Timeouts, fastcgi, etc settings recommendations for Wordpress site servers?
Yann httpd-2.4.6-88.el7.x86_64 Thanks From: Yann Ylavic Sent: Tuesday, April 2, 2019 4:29:04 PM To: users@httpd.apache.org Subject: Re: [users@httpd] Apache Timeouts, fastcgi, etc settings recommendations for Wordpress site servers? Or better, the httpd-2.4.6 rpm version. On Tue, Apr 2, 2019 at 10:25 PM Yann Ylavic wrote: > > Well, possibly, but then I need the Redhat version.. > > On Tue, Apr 2, 2019 at 10:09 PM Rose, John B wrote: > > > > 2.4.6 but that can be a bit misleading from what I understand if it is Red > > Hat. Apparently they piecemeal add the functionality of later versions of > > Apache if you can guess what it is > > > > > > From: Yann Ylavic > > Sent: Tuesday, April 2, 2019 4:02:15 PM > > To: users@httpd.apache.org > > Subject: Re: [users@httpd] Apache Timeouts, fastcgi, etc settings > > recommendations for Wordpress site servers? > > > > Hi, > > > > On Tue, Apr 2, 2019 at 8:38 PM Rose, John B wrote: > > > > > > The result afterwards are a bunch of this type, until we reboot … > > > > > > [Mon Apr 01 14:26:45.998971 2019] [proxy_fcgi:error] [pid 26422:tid > > > 139964645857024] (70007)The timeout specified has expired: [client > > > xxx.xxx.xxx.xxx:63031] AH01075: Error dispatching request to :, referer: > > > https://somesite.com/sub1/sub2/ > > > > > > > > > Linux > > > > > > Apache > > > > Which version of httpd are you running? > > > > Regards, > > Yann. > > > > - > > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > > For additional commands, e-mail: users-h...@httpd.apache.org > > - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Re: CVE-2019-0211 - Apache 2.2
Hello, Am 03.04.2019 um 11:06 schrieb Rainer Canavan: On Wed, Apr 3, 2019 at 10:18 AM LuKreme wrote: On Apr 3, 2019, at 02:05, Hajo Locke wrote: Is apache 2.2 exploitable by CVE-2019-0211 ? Description says that first affected version is 2.4.17, but may be 2.2 was not analyzed. “Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38” seems clear. Since Apache httpd 2.2 is not supported anymore, it is quite possible that nobody has checked if 2.2 is affected. However, it looks like redhat has checked for their old RHEL releases that ship with 2.2 and they appear to be unaffected: https://access.redhat.com/security/cve/cve-2019-0211 rainer thanks Reiner, i hoped but did not know that some LTS distribution still supports 2.2 - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org Thanks, Hajo - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Apache httpd 2.4.39 has a problem while rpmbuid
Hi, thanks for your feedbacks on each release! On Wed, Apr 3, 2019 at 10:48 AM kohmoto wrote: > > I found the following module statement was missing in httpd.spec. > %{_libdir}/httpd/modules/mod_socache_redis.so I just backported the change to 2.4.x (was trunk only so far), so it will be in the next release. Regards, Yann. - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Re: CVE-2019-0211 - Apache 2.2
On Wed, Apr 3, 2019 at 11:06 AM Rainer Canavan wrote: > > On Wed, Apr 3, 2019 at 10:18 AM LuKreme wrote: > > > > On Apr 3, 2019, at 02:05, Hajo Locke wrote: > > > Is apache 2.2 exploitable by CVE-2019-0211 ? > > > Description says that first affected version is 2.4.17, but may be 2.2 > > > was not analyzed. > > > > “Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38” seems clear. > > Since Apache httpd 2.2 is not supported anymore, it is quite possible > that nobody has > checked if 2.2 is affected. However, it looks like redhat has checked > for their old > RHEL releases that ship with 2.2 and they appear to be unaffected: > https://access.redhat.com/security/cve/cve-2019-0211 Indeed, 2.2 is not affected... by this one. Regards, Yann. - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Re: CVE-2019-0211 - Apache 2.2
On Wed, Apr 3, 2019 at 10:18 AM LuKreme wrote: > > On Apr 3, 2019, at 02:05, Hajo Locke wrote: > > Is apache 2.2 exploitable by CVE-2019-0211 ? > > Description says that first affected version is 2.4.17, but may be 2.2 was > > not analyzed. > > “Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38” seems clear. Since Apache httpd 2.2 is not supported anymore, it is quite possible that nobody has checked if 2.2 is affected. However, it looks like redhat has checked for their old RHEL releases that ship with 2.2 and they appear to be unaffected: https://access.redhat.com/security/cve/cve-2019-0211 rainer - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[users@httpd] Apache httpd 2.4.39 has a problem while rpmbuid
Hi, Platform: CentOS Linux release 7.6.1810 (Core) kernel version: 3.10.0-957.10.1.el7.x86_64 I met a trouble during rpmbuild. RPM buid error: A installed, but not contained in the package ,file was found: (The message was given in Japanese, so the above text was translated one.) /usr/lib64/httpd/modules/mod_socache_redis.so I found the following module statement was missing in httpd.spec. %{_libdir}/httpd/modules/mod_socache_redis.so Then, I could rpmbuild successfully using the changed spec file with the above line. Thank you all contributors to this project for this important update. Thank you. Yours truly, Kazuhiko Kohmoto
[users@httpd] Re: CVE-2019-0211 - Apache 2.2
On Apr 3, 2019, at 02:05, Hajo Locke wrote: > Is apache 2.2 exploitable by CVE-2019-0211 ? > Description says that first affected version is 2.4.17, but may be 2.2 was > not analyzed. “Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38” seems clear. -- My main job is trying to come up with new and innovative and effective ways to reject even more mail. I'm up to about 97% now. - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[users@httpd] CVE-2019-0211 - Apache 2.2
Hello, i have still a bunch of apache 2.2 servers. ;( Is apache 2.2 exploitable by CVE-2019-0211 ? Description says that first affected version is 2.4.17, but may be 2.2 was not analyzed. Thanks, Hajo