[LWN Logo] 

Date: Tue, 22 Dec 1998 14:26:59 -0500 (EST)
From: Cristian Gafton <gafton@redhat.com>
To: redhat-watch-list@redhat.com
Subject: Red Hat Secure Server updates

-----BEGIN PGP SIGNED MESSAGE-----

This is a general errata update for Secure Web Server 2.0.  The server
is now based on Apache 1.3.3 instead of Apache 1.3.1.  PHP(2) and PHP3
have been updated, as well as mod_perl.  Several severe bugs in the
secureweb-devel package which made building third party Dynamic Shared
Object modules difficult have been fixed.

The secureweb packages are distributed as a rhmask file to comply with
our patent licensing agreements with RSA Data Security, Inc. for their
encryption technology. To use them, you need to use the 'rhmask'
utility which is distributed as a part of Red Hat Linux.  If you do
not already have it installed, please install it from your Red Hat
Linux CD or ftp site before proceeding.  The other packages are normal RPMs.

The new packages can be found on ftp.redhat.com in the directory
/pub/redhat/updates/secureweb/2.0/i386.

To produce installable RPM files from the rhmask files, retrieve the
rhmask files via ftp and do the following, depending on which version
of Red Hat Linux you are using:

Red Hat 5.x:
- ------------
rhmask secureweb-2.0-1libc6.i386.rpm \
	secureweb-2.0-2libc6.i386.rpm.rhmask

The original RPM is located only on your Secure Web Server CD, and
cannot be obtained via the Internet. Note: if you do not have the original
RPM located in the same directory as the rhmask file, you will need to
prefix the name of the RPM with the full path name to its location
(i.e. on your installation CD).

Once the new package has been created, you can upgrade with:

rpm -Uvh secureweb-2.0-2libc6.i386.rpm

If you wish to upgrade any of the Secure Web Server development
packages, you can do so as follows:

rpm -Uvh ftp://updates.redhat.com/secureweb/2.0/i386/secureweb-devel-2.0-2libc6.i386.rpm

rpm -Uvh ftp://updates.redhat.com/secureweb/2.0/i386/secureweb-source-2.0-2libc6.i386.rpm

If you are using PHP(2), PHP3, or mod_perl, upgrade them as follows:

rpm -Uvh ftp://updates.redhat.com/secureweb/2.0/i386/mod_perl-1.16-1libc6.i386.rpm

rpm -Uvh ftp://updates.redhat.com/secureweb/2.0/i386/mod_php-2.0.1-6libc6.i386.rpm

rpm -Uvh ftp://updates.redhat.com/secureweb/2.0/i386/mod_php3-3.0.5-3libc6.i386.rpm


Red Hat 4.2:
- ------------
rhmask secureweb-2.0-1libc5.i386.rpm \
       secureweb-2.0-2libc5.i386.rpm.rhmask

The original RPM is located only on your Secure Web Server CD, and
cannot be obtained via the Internet. Note: if you do not have the original
RPM located in the same directory as the rhmask file, you will need to
prefix the name of the RPM with the full path name to its location
(i.e. on your installation CD).

Once the new package has been created, you can upgrade with:

rpm -Uvh secureweb-2.0-2libc5.i386.rpm

If you wish to upgrade any of the Secure Web Server development
packages, you can do so as follows:

rpm -Uvh ftp://updates.redhat.com/secureweb/2.0/i386/secureweb-devel-2.0-2libc5.i386.rpm

rpm -Uvh ftp://updates.redhat.com/secureweb/2.0/i386/secureweb-source-2.0-2libc5.i386.rpm

If you are using PHP(2), PHP3, or mod_perl, upgrade them as follows:

rpm -Uvh ftp://updates.redhat.com/secureweb/2.0/i386/mod_perl-1.16-1libc5.i386.rpm

rpm -Uvh ftp://updates.redhat.com/secureweb/2.0/i386/mod_php-2.0.1-4libc5.i386.rpm

rpm -Uvh ftp://updates.redhat.com/secureweb/2.0/i386/mod_php3-3.0.5-2libc5.i386.rpm


- -------------------------------------------------------------------------------

Note: two Apache modules which were previously compiled as Shared
Objects (.so files) have now been directly included into the apache
binary, as is the default for apache 1.3.3.  They are mod_log_config
and mod_proxy.  If you have LoadModule directives for these two
modules in your /etc/httpd/conf/httpd.conf file, Secure Web Server
will give errors at startup time and refuse to run until the offending
lines are commented out or removed.  The standard httpd.conf file that
is shipped in the new packages does not have these lines, but if you
are keeping your own configuration file, you will have to make this
change manually.

To restart your Secure Web Server, do the following:

/etc/rc.d/init.d/httpsd restart

These packages have been PGP signed by Red Hat for security.

Cristian
- --
- ----------------------------------------------------------------------
Cristian Gafton   --   gafton@redhat.com   --   Red Hat Software, Inc.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 UNIX is user friendly. It's just selective about who its friends are.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBNn/yjPGvxKXU9NkBAQE6mgP+PvqBzEij8Y2c49aQSHDeW9o+q0FzBQsd
qBusKi061BB7yMT1l7ynqrpby9rFJQV63PJT2H8UB42nmruQBtJe0wrW0kX56+oA
RAhXa+i5hbFy6qR/gg+ISiahIYiUamFQzKobN3rDPlj4+U1HWIgymFTMMRmicBNm
zkQoDVnhiiU=
=Jlva
-----END PGP SIGNATURE-----


-- 
         To unsubscribe: mail redhat-watch-list-request@redhat.com with 
                       "unsubscribe" as the Subject.