Please keep your replies on the mailing list so that everyone can benefit from the discussion.
What is your "threat model" in which this way is less safe? For example: Are you worried that the packaged version from someone else has been modified with a backdoor? Are you worried that you would not be able to get RPMs for new versions in a timely fashion when a security issue is announced? There are different ways to address different concerns, but if you are more specific, we can make sure you get the best answer. - Y Sent from a device with a very small keyboard and hyperactive autocorrect. On Tue, Mar 1, 2022, 11:18 AM Jeroen Verhoeckx <j.verhoe...@protonmail.com> wrote: > > Since you don't have paid support from RedHat, there is absolutely no > reason to not install your own version of httpd. > > I don't mind doing that but I'm afraid it's less safe? > > > Thanks for thinking along! > > Jeroen Verhoeckx > > > > -------------------------------------------------------- > *Support the independent web, use **Firefox* > <https://www.mozilla.org/en-US/firefox/new/> > > > > ------- Original Message ------- > On Thursday, February 24th, 2022 at 10:41 PM, Yehuda Katz < > yeh...@ymkatz.net> wrote: > > In terms of getting a RedHat eningeer, it looks like you have done all you > can do. There are RedHat developers on this list and on the RedHat forums > and they also look at Bugzilla, so there probably isn't much more you can > do. > > Since you don't have paid support from RedHat, there is absolutely no > reason to not install your own version of httpd. > > - Y > > On Thu, Feb 24, 2022 at 9:37 AM Jeroen Verhoeckx < > j.verhoe...@protonmail.com> wrote: > >> Hello Yehuda, >> >> First: sorry for my very late reply! >> >> > You mention in the bug report that you are running an old version of >> HTTPD because you are using the version packaged by RedHat. >> > Your bug report asks RedHat to backport the specific fixes for your >> issue. >> >> Yes, that's a really good summary of what I try to achieve! >> >> >> About the two options: >> >> >> 1. I have the 'Red Hat Developer Subscription for Individuals' and >> thus I'm not entitled to get any official support. >> 2. Red Hat strongly discourages the installation of a different >> version of Apache (https://access.redhat.com/solutions/445713) . >> >> >> >> I asked the same question on Red Hat Community portal ( >> https://access.redhat.com/discussions/6756211) but so far I didn't get >> any reaction. >> >> >> Does someone know where the Apache developers of Red Hat hang out? >> >> >> >> Jeroen Verhoeckx >> >> >> >> -------------------------------------------------------- >> *Support the independent web, use **Firefox* >> <https://www.mozilla.org/en-US/firefox/new/> >> >> >> >> ------- Original Message ------- >> On Friday, February 18th, 2022 at 8:38 PM, Yehuda Katz <yeh...@ymkatz.net> >> wrote: >> >> >> I see two options for you going forward: >> 1. Contacting RedHat: You need a subscription to do this. Posting to the >> upstream HTTPD mailing list probably won't help. >> >> 2. Use a different package: There are newer rpms available if you don't >> want to build your own. You can look at rpmfind or build the rpm yourself ( >> https://httpd.apache.org/docs/2.4/platform/rpm.html) >> >> - Y >> >> On Fri, Feb 18, 2022 at 1:02 PM Jeroen Verhoeckx >> <j.verhoe...@protonmail.com.invalid> wrote: >> >>> Hello Apache Administrators, >>> >>> On 6 January I reported a possible bug of Apache on Red Hat's Bugzilla, but >>> no one has responded since then. >>> >>> It's about this bug report: >>> https://bugzilla.redhat.com/show_bug.cgi?id=2037967 >>> >>> >>> Does someone have an idea about what I could do next? >>> Does someone know I place where I can contact RHEL Apache >>> developers/administrators? >>> Or is there another friendly way to get attention for this bug report? >>> >>> >>> Yours sincerely, >>> >>> Jeroen Verhoeckx >>> >>> >>> >>> -------------------------------------------------------- >>> *Support the independent web, use **Firefox* >>> <https://www.mozilla.org/en-US/firefox/new/> >>> >>> >>> >> >
