Hey, thanks for the helpful info Bill...
Honestly though, thanks to the other people who actually gave me some
useful info. The choice of "Scanalert"'s (I'm going to use quotes where
appropriate) scan is not my choice. Users like to see it, the boss likes
to see it, that's what I have to go with; regardless of the quality of
the scan itself. _I_ know that my site is well secured (I just wasn't
aware of the backporting), but users like to see happy little images on
websites.
-Jesse
Bill Campbell wrote:
On Fri, Oct 05, 2007, Ray Van Dolson wrote:
On Fri, Oct 05, 2007 at 07:29:12PM -0400, Jesse Cantara wrote:
Hello,
I am looking for some advice on a way to update some packages to newer
releases than are available in the standard CentOS repositories.
Specifically, I am trying to update apache and PHP to conform to
"Scanalert"'s "Hacker Safe" website security scan, and the required
versions do not exist in the CentOS repositories. I'm using CentOS 5.
Are you sure there are actually issues with your versions of PHP? The
upstream vendor backports security fixes:
http://www.redhat.com/security/updates/backporting/
Security scanning tools often have no clue of this.
You could have left off `` of this''.
Several of the security scanning companies I've dealt with seem
to be seriously lacking in clues.
Bill
--
INTERNET: bill@xxxxxxxxxxxxx Bill Campbell; Celestial Software LLC
URL: http://www.celestial.com/ PO Box 820; 6641 E. Mercer Way
FAX: (206) 232-9186 Mercer Island, WA 98040-0820; (206) 236-1676
Our Foreign dealings are an Open Book, generally a Check Book.
Will Rogers
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
