[CentOS-devel] yum-plugin-security and shellshock
Kevin Stange
kevin at steadfast.netTue Sep 30 16:10:02 UTC 2014
- Previous message: [CentOS-devel] yum-plugin-security and shellshock
- Next message: [CentOS-devel] yum-plugin-security and shellshock
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 09/30/2014 10:03 AM, Nux! wrote: > What needs to happen for that? We had a short discussion about it here: http://lists.centos.org/pipermail/centos-devel/2014-September/011893.html The issue is that something during the issuance of new updates has to build a persistent list of CExAs and then regenerate the updateinfo.xml while building the repo update. Right now CentOS pushes the update notices directly to the mailing list and doesn't store that data anywhere to generate the XML file. The only way I know to build historical updateinfo.xml would be to scrape the mailing list for all previous data. Needed are release ID, package (name, version, release, arch), SHA sum, release type (bug, enhancement, new package, security), severity (if security), reference URL, summary, additional description (if any). SL publishes updateinfo.xml so if someone has insight into how they manage it, perhaps we could make use of the process to shoehorn into CentOS. See: http://ftp.scientificlinux.org/linux/fermi/scientific/6x/x86_64/updates/security/repodata/updateinfo.xml -- Kevin Stange Chief Technology Officer Steadfast | http://steadfast.net Phone: 312-602-2689 ext. 203 | Fax: 312-602-2688
- Previous message: [CentOS-devel] yum-plugin-security and shellshock
- Next message: [CentOS-devel] yum-plugin-security and shellshock
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS-devel mailing list