EthernetServers
Verified User
- Joined
- Dec 5, 2020
- Messages
- 141
Apache httpd 2.4.59 Released (INCLUDES SECURITY FIXES)
- Thread starter EthernetServers
- Start date
Please see below:It's already in the alpha build of DirectAdmin, thank you for the report, and thanks @fln for the alpha build
Apache Down After Update to 2.4.59 - URGENT
I don't understand why this has happened, I've updated Apache so many times without issues. Yet another DA change? Apr 15 14:21:24 ***.co.uk systemd[1]: Starting The Apache HTTP Server... Apr 15 14:21:24 ***.co.uk httpd[25251]: AH00526: Syntax error on line 136 of...
forum.directadmin.com
Something has changed, I'm no longer alone, more and more of your customers are having a failed Apache process following the update. The server SSL files are being overwritten when Apache is built (should not happen, obviously) and server.ca is being zeroed.
Richard G
Verified User
That is explained in your other thread and is caused by customisation. Until now I didn't hear of any others having zeroed server.ca files. Please keep that issue in that thread. It's not related to the vulnerability.Please see below:
Apache Down After Update to 2.4.59 - URGENT
I don't understand why this has happened, I've updated Apache so many times without issues. Yet another DA change? Apr 15 14:21:24 ***.co.uk systemd[1]: Starting The Apache HTTP Server... Apr 15 14:21:24 ***.co.uk httpd[25251]: AH00526: Syntax error on line 136 of...
Something has changed, I'm no longer alone, more and more of your customers are having a failed Apache process following the update. The server SSL files are being overwritten when Apache is built (should not happen, obviously) and server.ca is being zeroed.
Last night I updated 5 servers and non had any issues with Apache or server.ca certificates.
I feel like this is an issue that underscores why tying stack application updates to DirectAdmin updates is a bad idea.
In order to get this Apache update, you have to be using the just released DirectAdmin v1.662.
But how many "fixes" does v1.662 have to go through before it's stable and fixed? The thread on these forums every time a new DirectAdmin version is released always has at least a couple of pages of issues being discovered that require hot fixes.
Perhaps DirectAdmin should consider pushing security fixes, such as this Apache fix, to a handful of the previous DirectAdmin releases. I know I can't be the only one that prefers stable (as in a DirectAdmin that doesn't have various "fixes" pushed out all the time) over a bleeding edge feature release model.
In order to get this Apache update, you have to be using the just released DirectAdmin v1.662.
But how many "fixes" does v1.662 have to go through before it's stable and fixed? The thread on these forums every time a new DirectAdmin version is released always has at least a couple of pages of issues being discovered that require hot fixes.
Perhaps DirectAdmin should consider pushing security fixes, such as this Apache fix, to a handful of the previous DirectAdmin releases. I know I can't be the only one that prefers stable (as in a DirectAdmin that doesn't have various "fixes" pushed out all the time) over a bleeding edge feature release model.