While ago, I pushed a mod_security security update (one line patch for
CVE-2013-5705) without testing it thoroughly on EL5, which turns out
to be broken (httpd does not start) .
I usually test all packages before pushing updates, but at that time
I didn't have access to my build box (which has all my test VMs)
If you're going to update mod_security on EL5 box, you should get the
one from epel5-testing:
Sorry for any inconvenience caused.