CentOS repository httpd packages outdated and incorrect dates

The virtualmin repository for CentOS seems to currently contain three outdated packages for http, httpd-tools, and mod_ssl.

I disabled the virtualmin repository and reinstalled http, httpd-tools, and mod_ssl last night, because for weeks the latest version I was able to update to was 2.2.15-29. But the latest version available from CentOS was 2.2.15-30. And the update to 30 is important because it fixes a security issue.

Problem was with the virtualmin repository. Disabling it, uninstalling the virtualmin-based package and reinstalling with the CentOS repository version fixed my issue.

However:

After re-enabling the virtualmin repository, Update Packages is now reporting an inconsistent package update!

It wants to update from 2.2.15-30 to 2.2.15-29. It thinks 29 is a later version than 30, and this is wrong.

Here's what the Update Packages page tells me this morning, trying to "update" from the old 30 to the new 29.


Package name Old New Update description
httpd 2.2.15-30.el6.centos 2.2.15-29.el6.vm.1 Apache HTTP Server
httpd-tools 2.2.15-30.el6.centos 2.2.15-29.el6.vm.1 Tools for use with the Apache HTTP Server
mod_ssl 2.2.15-30.el6.centos 2.2.15-29.el6.vm.1 SSL/TLS module for the Apache HTTP Server

Can the virtualmin developers confirm that there is an inconsistency in the packages and dependencies for these modules in the virtualmin repository?

Thanks,
Kevin

Status: 
Active

Comments

Howdy -- I'm not sure what's causing the specific behavior you're seeing, Joe would need to comment on that.

However, the Apache package not being up to date is indeed a problem, and I'll ask Joe to push out an update for that.

I've sent that information to Joe, we should have that updated shortly. Thanks for the heads up!

The latest version of Apache HTTPD is actually 2.4.9. The 2.2.x series is considered the "old stable" series and all current HTTPD 2.2.x users are encouraged to upgrade to the 2.4.9 release which offers many new features and performance enhancements over the 2.2.x series. Personally, rather than using Virtualmin or CentOS repositories and running the risk of getting into packaging problems like the one mentioned in this issue, I just build the most important components of my servers, including HTTPD and PHP, from source (using the same configure command each time for consistency unless something needs changing) to ensure I have the latest versions of each component available on my system. If you don't want to deal with issues like this in the future, I'd look at building from source as a great way to go. It's much simpler than people think it is and, after downloading a source archive, only takes 3 commands to configure the component, build the component, and then install it.

For more information about the HTTPD 2.4.9 release or the 2.4.x series, please see the Apache HTTPD Web site at http://httpd.apache.org.