Loading ...
Sorry, an error occurred while loading the content.
 

2 Simples Questions on upgrading/patching

Expand Messages
  • Ismael Touama
    Hi, Is upgrading my Apache Server impose a complete reinstallation of mod_perl and Apache::ASP ? I ll say yes cause installation of its use apache s sources...
    Message 1 of 11 , Jun 27, 2002
      Hi,

      Is upgrading my Apache Server impose a complete
      reinstallation of mod_perl and Apache::ASP ?
      I'll say yes cause installation of its use apache's sources...

      <OT>
      And about patch ? I guess i must stop httpd, apply, and then
      start...???
      <notOT>
      And what about my actual configuration now, will it take
      care of additionnal informations of my files ?
      </notOT>
      <OT>

      Thank you all,
      bbsc
      ism

      ---------------------------------------------------------------------
      To unsubscribe, e-mail: asp-unsubscribe@...
      For additional commands, e-mail: asp-help@...
    • Ellers
      ... possibly... what version are you using currently and what version are you going to? ... what sort of patch... are you applying a source patch? ... Not sure
      Message 2 of 11 , Jun 27, 2002
        6/27/02 9:52:13 PM, "Ismael Touama" <ismael.touama@...> wrote:

        >Hi,
        >
        >Is upgrading my Apache Server impose a complete
        >reinstallation of mod_perl and Apache::ASP ?
        >I'll say yes cause installation of its use apache's sources...

        possibly... what version are you using currently and what version are you going to?



        >And about patch ? I guess i must stop httpd, apply, and then
        >start...???

        what sort of patch... are you applying a source patch?


        >And what about my actual configuration now, will it take
        >care of additionnal informations of my files ?

        Not sure what you mean here

        Ellers



        ---------------------------------------------------------------------
        To unsubscribe, e-mail: asp-unsubscribe@...
        For additional commands, e-mail: asp-help@...
      • Joshua Chamas
        ... I am going through an upgrade now of my apache web server to 1.3.26 because of a recently announced remote exploit that affects apache on unix servers.
        Message 3 of 11 , Jun 27, 2002
          Ismael Touama wrote:
          > Hi,
          >
          > Is upgrading my Apache Server impose a complete
          > reinstallation of mod_perl and Apache::ASP ?
          > I'll say yes cause installation of its use apache's sources...
          >
          > <OT>
          > And about patch ? I guess i must stop httpd, apply, and then
          > start...???
          > <notOT>
          > And what about my actual configuration now, will it take
          > care of additionnal informations of my files ?
          > </notOT>
          > <OT>
          >

          I am going through an upgrade now of my apache web server
          to 1.3.26 because of a recently announced remote exploit
          that affects apache on unix servers.

          What this means is that I have to rebuild my server from
          scratch from the source like I did the first time.
          If this is a minor apache upgrade, I would not fear any problems,
          and "make install" from apache httpd will not overwrite your
          configuration files, usually. But its always good to make
          a backup before you do an upgrade. Its always good to make
          backups period. Things can always go wrong that you have to
          recover from.

          There will not be a patch if you are installing from the source.

          Now, if you are using rpms to do your package management,
          things may be different for you, but I have little
          experience in this area.

          --Josh
          _________________________________________________________________
          Joshua Chamas Chamas Enterprises Inc.
          NodeWorks Founder Huntington Beach, CA USA
          http://www.nodeworks.com 1-714-625-4051



          ---------------------------------------------------------------------
          To unsubscribe, e-mail: asp-unsubscribe@...
          For additional commands, e-mail: asp-help@...
        • Ismael Touama
          Hi, It s just in case I upgrade my apache. Here s in fact is due to the recent Security Advisory. I speak about the changes added to my sources files that
          Message 4 of 11 , Jun 28, 2002
            Hi,

            It's just in case I upgrade my apache.
            Here's in fact is due to the recent Security Advisory.

            I speak about the changes added to my sources files
            that truncate the fail in apache.

            Thank you,
            bbsc
            ism

            -----Message d'origine-----
            De : Ellers [mailto:ellers@...]
            Envoyé : vendredi 28 juin 2002 02:59
            À : asp@...
            Objet : Re: 2 Simples Questions on upgrading/patching


            6/27/02 9:52:13 PM, "Ismael Touama" <ismael.touama@...> wrote:

            >Hi,
            >
            >Is upgrading my Apache Server impose a complete
            >reinstallation of mod_perl and Apache::ASP ?
            >I'll say yes cause installation of its use apache's sources...

            possibly... what version are you using currently and what version are you
            going to?



            >And about patch ? I guess i must stop httpd, apply, and then
            >start...???

            what sort of patch... are you applying a source patch?


            >And what about my actual configuration now, will it take
            >care of additionnal informations of my files ?

            Not sure what you mean here

            Ellers



            ---------------------------------------------------------------------
            To unsubscribe, e-mail: asp-unsubscribe@...
            For additional commands, e-mail: asp-help@...


            ---------------------------------------------------------------------
            To unsubscribe, e-mail: asp-unsubscribe@...
            For additional commands, e-mail: asp-help@...
          • Ismael Touama
            Hi, Josh to my understood, upgrading to 1.3.26 won t eliminate the failure. From RHSA-2002:103-13 : Versions of the Apache Web server up to and including
            Message 5 of 11 , Jun 28, 2002
              Hi,

              Josh to my understood, upgrading to 1.3.26 won't eliminate
              the failure.
              From RHSA-2002:103-13 :
              "Versions of the Apache Web server up to and including 1.3.24 contain a bug
              in the routines which deal with requests encoded using "chunked" encoding."

              Tell if i'm wrong...


              So go on !!
              I'll just apply the patch and see what i'll see.
              If I had to rebuild, I'll report to the list.
              Take care I'm kind of slow guy...

              Thanks
              bbsc
              ism
              PS: Didn't use RPMs cause TFM ;op

              -----Message d'origine-----
              De : Joshua Chamas [mailto:joshua@...]
              Envoye : vendredi 28 juin 2002 04:36
              A : Ismael Touama
              Cc : asp@...
              Objet : Re: 2 Simples Questions on upgrading/patching


              Ismael Touama wrote:
              > Hi,
              >
              > Is upgrading my Apache Server impose a complete
              > reinstallation of mod_perl and Apache::ASP ?
              > I'll say yes cause installation of its use apache's sources...
              >
              > <OT>
              > And about patch ? I guess i must stop httpd, apply, and then
              > start...???
              > <notOT>
              > And what about my actual configuration now, will it take
              > care of additionnal informations of my files ?
              > </notOT>
              > <OT>
              >

              I am going through an upgrade now of my apache web server
              to 1.3.26 because of a recently announced remote exploit
              that affects apache on unix servers.

              What this means is that I have to rebuild my server from
              scratch from the source like I did the first time.
              If this is a minor apache upgrade, I would not fear any problems,
              and "make install" from apache httpd will not overwrite your
              configuration files, usually. But its always good to make
              a backup before you do an upgrade. Its always good to make
              backups period. Things can always go wrong that you have to
              recover from.

              There will not be a patch if you are installing from the source.

              Now, if you are using rpms to do your package management,
              things may be different for you, but I have little
              experience in this area.

              --Josh
              _________________________________________________________________
              Joshua Chamas Chamas Enterprises Inc.
              NodeWorks Founder Huntington Beach, CA USA
              http://www.nodeworks.com 1-714-625-4051



              ---------------------------------------------------------------------
              To unsubscribe, e-mail: asp-unsubscribe@...
              For additional commands, e-mail: asp-help@...
            • Alexander Shipitsyn
              Friends, whether and at you arose the following problem: By the same machine we have 2 different virtual sites; their files are located in different
              Message 6 of 11 , Jun 28, 2002
                Friends, whether and at you arose the following problem:

                By the same machine we have 2 different virtual sites; their files are
                located in different catalogues.

                In http.conf full freedom for .htaccess is given.

                Configuration Apache::ASP occurs through .htaccess #1 for a site #1
                and .htaccess #2 for a site #2.

                ---------------------------------------------------------------------
                And so, scripts, executed on a site #2, for some reason see modules
                .pm which are used only on a site #1.
                ---------------------------------------------------------------------

                .htaccess #1 location: /home/site1/site/docs/.htaccess
                .htaccess #1 content: PerlSetVar Global/home/site1/site/lib/pm

                .htaccess #2 location: /home/site2/site/docs/.htaccess
                .htaccess #2 content: PerlSetVar Global/home/site2/site/lib/pm


                httpd.conf:

                PerlWarn On

                <VirtualHost *>
                ServerName linux.domain.xx
                DocumentRoot /usr/local/apache/htdocs
                </VirtualHost>

                <VirtualHost *>
                ServerName site1.domain.xx
                DocumentRoot /home/site1/site/docs
                ErrorLog /usr/local/apache/logs/site1_error_log
                </VirtualHost>

                <Directory /home/site1/site/docs>
                Options All
                AllowOverride All
                </Directory>

                <VirtualHost *>
                ServerName site2.domain.xx
                DocumentRoot /home/site2/site/docs
                ErrorLog /usr/local/apache/logs/site2_error_log
                </VirtualHost>

                <Directory /home/site2/site/docs>
                Options All
                AllowOverride All
                </Directory>


                ---------------------------------------------------------------------
                To unsubscribe, e-mail: asp-unsubscribe@...
                For additional commands, e-mail: asp-help@...
              • Joshua Chamas
                ... This is typical when modules of the same name are located if different places, for example, for both sites the modules used are: use SiteConfig.pm Because
                Message 7 of 11 , Jun 28, 2002
                  Alexander Shipitsyn wrote:
                  > Friends, whether and at you arose the following problem:
                  >
                  > By the same machine we have 2 different virtual sites; their files are
                  > located in different catalogues.
                  >
                  > In http.conf full freedom for .htaccess is given.
                  >
                  > Configuration Apache::ASP occurs through .htaccess #1 for a site #1
                  > and .htaccess #2 for a site #2.

                  This is typical when modules of the same name are located
                  if different places, for example, for both sites the modules
                  used are:

                  use SiteConfig.pm

                  Because the perl interpreter is shared globally across sites,
                  after site 1 module loads, site 2 will use it if it is
                  the same name. One way around this is to have all the
                  local site config data in the local global.asa. Another
                  is to have a per site naming convention like:

                  use Site1::Config.pm;
                  use Site2::Config.pm;

                  or other way around:

                  use Config::Site1;
                  use Config::Site2;

                  It may be that this works if you subclass off a base class.

                  You can also consider more drastic measures like

                  MaxRequestsPerChild 1

                  or doing a &CORE::exit(); in a Apache->register_cleanup()
                  to kill the process after executing. But this
                  might defeat much of the point of using mod_perl.

                  --Josh

                  >
                  > ---------------------------------------------------------------------
                  > And so, scripts, executed on a site #2, for some reason see modules
                  > .pm which are used only on a site #1.
                  > ---------------------------------------------------------------------
                  >
                  > .htaccess #1 location: /home/site1/site/docs/.htaccess
                  > .htaccess #1 content: PerlSetVar Global/home/site1/site/lib/pm
                  >
                  > .htaccess #2 location: /home/site2/site/docs/.htaccess
                  > .htaccess #2 content: PerlSetVar Global/home/site2/site/lib/pm
                  >
                  >
                  > httpd.conf:
                  >
                  > PerlWarn On
                  >
                  > <VirtualHost *>
                  > ServerName linux.domain.xx
                  > DocumentRoot /usr/local/apache/htdocs
                  > </VirtualHost>
                  >
                  > <VirtualHost *>
                  > ServerName site1.domain.xx
                  > DocumentRoot /home/site1/site/docs
                  > ErrorLog /usr/local/apache/logs/site1_error_log
                  > </VirtualHost>
                  >
                  > <Directory /home/site1/site/docs>
                  > Options All
                  > AllowOverride All
                  > </Directory>
                  >
                  > <VirtualHost *>
                  > ServerName site2.domain.xx
                  > DocumentRoot /home/site2/site/docs
                  > ErrorLog /usr/local/apache/logs/site2_error_log
                  > </VirtualHost>
                  >
                  > <Directory /home/site2/site/docs>
                  > Options All
                  > AllowOverride All
                  > </Directory>
                  >
                  >
                  > ---------------------------------------------------------------------
                  > To unsubscribe, e-mail: asp-unsubscribe@...
                  > For additional commands, e-mail: asp-help@...
                  >
                  >



                  ---------------------------------------------------------------------
                  To unsubscribe, e-mail: asp-unsubscribe@...
                  For additional commands, e-mail: asp-help@...
                • Alexander Shipitsyn
                  Hello Joshua, Friday, June 28, 2002, 3:13:21 PM, you wrote: JC Friends, whether and at you arose the following problem: JC JC By the same machine
                  Message 8 of 11 , Jun 28, 2002
                    Hello Joshua,

                    Friday, June 28, 2002, 3:13:21 PM, you wrote:

                    JC> > Friends, whether and at you arose the following problem:
                    JC> >
                    JC> > By the same machine we have 2 different virtual sites; their files are
                    JC> > located in different catalogues.
                    JC> >
                    JC> > In http.conf full freedom for .htaccess is given.
                    JC> >
                    JC> > Configuration Apache::ASP occurs through .htaccess #1 for a site #1
                    JC> > and .htaccess #2 for a site #2.

                    JC> This is typical when modules of the same name are located
                    JC> if different places, for example, for both sites the modules
                    JC> used are:

                    JC> use SiteConfig.pm

                    Yes, absolutely right about same names of modules !

                    JC> Because the perl interpreter is shared globally across sites,
                    JC> after site 1 module loads, site 2 will use it if it is
                    JC> the same name. One way around this is to have all the
                    JC> local site config data in the local global.asa. Another
                    JC> is to have a per site naming convention like:

                    JC> use Site1::Config.pm;
                    JC> use Site2::Config.pm;

                    JC> or other way around:

                    JC> use Config::Site1;
                    JC> use Config::Site2;

                    Yes, will come to give different names to modules which carry out
                    approximately identical functions on different sites.

                    JC> It may be that this works if you subclass off a base class.

                    JC> You can also consider more drastic measures like

                    JC> MaxRequestsPerChild 1

                    JC> or doing a &CORE::exit(); in a Apache->register_cleanup()
                    JC> to kill the process after executing. But this
                    JC> might defeat much of the point of using mod_perl.

                    I think, that in most cases such approach will be very inefficient.

                    Many thanks!

                    It is a pity, that there is no beautiful decision of such problem.
                    Though, nevertheless exists is to use pure(clean) CGI.

                    --
                    Best regards,
                    Alexander mailto:ship@...


                    ---------------------------------------------------------------------
                    To unsubscribe, e-mail: asp-unsubscribe@...
                    For additional commands, e-mail: asp-help@...
                  • Joshua Chamas
                    ... You might also take a look at Apache::PerlVINC, but I cannot vouch for how well it works. This module was written to specifically address your issue & I
                    Message 9 of 11 , Jun 28, 2002
                      Alexander Shipitsyn wrote:
                      > It is a pity, that there is no beautiful decision of such problem.
                      > Though, nevertheless exists is to use pure(clean) CGI.
                      >

                      You might also take a look at Apache::PerlVINC, but I cannot
                      vouch for how well it works. This module was written to
                      specifically address your issue & I forgot to mention
                      it before.

                      -- Josh
                      _________________________________________________________________
                      Joshua Chamas Chamas Enterprises Inc.
                      NodeWorks Founder Huntington Beach, CA USA
                      http://www.nodeworks.com 1-714-625-4051



                      ---------------------------------------------------------------------
                      To unsubscribe, e-mail: asp-unsubscribe@...
                      For additional commands, e-mail: asp-help@...
                    • Ismael Touama
                      I am going through an upgrade now of my apache web server to 1.3.26 because of a recently announced remote exploit that affects apache on unix servers.
                      Message 10 of 11 , Jun 28, 2002
                        <Josh>
                        I am going through an upgrade now of my apache web server
                        to 1.3.26 because of a recently announced remote exploit
                        that affects apache on unix servers.
                        </Josh>

                        Ok Sorry the apache site tells that need to upgrade to 1.3.26:
                        "This version of Apache is principally a security and bug fix release. Of
                        particular note is that 1.3.26 addresses and fixes the issues noted in
                        CAN-2002-0392 (mitre.org) [CERT VU#944335] regarding a vulnerability in the
                        handling of chunked transfer encoding as described above."

                        Really confused,
                        ism
                        ps:
                        I just saw that, but after having patching my server...
                        It seems OK, the real problem is that I'd like to know
                        if I correctly do the thing [if someone know...]


                        ---------------------------------------------------------------------
                        To unsubscribe, e-mail: asp-unsubscribe@...
                        For additional commands, e-mail: asp-help@...
                      • Joshua Chamas
                        ... To verify what version of apache you have running, look in your error_log for a line like: [Thu Jun 27 04:02:22 2002] [notice] Apache/1.3.20 (Unix)
                        Message 11 of 11 , Jun 28, 2002
                          Ismael Touama wrote:
                          >
                          > I just saw that, but after having patching my server...
                          > It seems OK, the real problem is that I'd like to know
                          > if I correctly do the thing [if someone know...]
                          >

                          To verify what version of apache you have running,
                          look in your error_log for a line like:

                          [Thu Jun 27 04:02:22 2002] [notice] Apache/1.3.20 (Unix) (Red-Hat/Linux) mod_python/2.7.6 Python/1.5.2 mod_ssl/2.8.4 OpenSSL/0.9.6b DAV/1.0.2
                          PHP/4.0.6 mod_perl/1.26 mod_throttle/3.1.2 configured -- resuming normal operations

                          This line occurs after you start the server.

                          -- Josh
                          _________________________________________________________________
                          Joshua Chamas Chamas Enterprises Inc.
                          NodeWorks Founder Huntington Beach, CA USA
                          http://www.nodeworks.com 1-714-625-4051



                          ---------------------------------------------------------------------
                          To unsubscribe, e-mail: asp-unsubscribe@...
                          For additional commands, e-mail: asp-help@...
                        Your message has been successfully submitted and would be delivered to recipients shortly.