[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: apache >= 2.2.15 backported?



On Thu, 2 Dec 2010 18:51:28 +0100
Stefan Fritsch <sf@sfritsch.de> wrote:

> On Wednesday 24 November 2010, Markus Manzke wrote:
> > just wanted to ask if there is a chance that
> > apache >= 2.2.15 will be backported to lenny?
> > there're some nice security-functions
> > that migth help to pevent the ddos-scenarios described here[1],
> > and i think we'll stay with lenny 6-12 months after squeeze is
> > out (small, specialized hosting)
> 
> No, a backport of apache is unlikely (at least I am not going to do 
> it). Several significant new features of squeeze's apache would only 
> be available if openssl was backported, too.
> 
> But you should be able to just extract mod_reqtimeout.so and the 
> relevant config files from the squeeze apache2 packages and use them 
> with lenny's Apache. That would give you most of the protection you 
> get with squeeze's Apache.
> 

FYI, I've uploaded a newer apache2 (and its deps, including openssl)
to lenny-backports.  It's waiting in the NEW queue.



Reply to: