On 09/16/2014 10:46 AM, Karanbir Singh wrote:
On 09/16/2014 04:39 PM, Kevin Stange wrote:
On 09/16/2014 05:41 AM, Karanbir Singh wrote:
My question still remains : where is this data going to come from and who is taking ownership of validating the CVE's and bugfix's etc ?
That is unimportant to me.
There's already "data", a link to the RH web site, along with a list of packages that are updated, and a CESA, CEBA or CEEA number, which flags the type of fix as bug, security, or enhancement. That's all I care about having in updateinfo.xml. I don't care, if you can't list every individual CVE and fix in the description.
sounds good, do you want to propose some code that helps make this happen ? there is the update-repo scripts already there, those can be overloaded to make this happen.
I'll give this a look and see what can be done. The question is how and where to store the previous errata content. Is it already kept somewhere or would we just have to scrape it all off the mailing list to recover what's already been sent?
sha256sum * > mail centos-announce@centos.org
Somehow you get a link to RH and issue a CEXA number for each update. Where does that come from?
thats a manual process, someone hasto go look and find it :(
Is there a script that assembles the email or is it a copy and paste job?