Tim Duncklee asked:
A security vulnerability was found in Apache in April 2012 that is a PCI compliance issue:
I have always kept my servers (CentOS) up to date with yum. I’ve been unable to find a repo with httpd-2.2.23 (currently running 2.2.22). It’s been a really long time since I’ve built anything from source so I’m not thrilled about doing it but will if needed.
My question is, how do I go about this and NOT break the yum update process?
You have nothing to do to your server.
You do need to provide this information to your PCI compliance auditor.
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.