[CentOS-devel] yum-plugin-security and shellshock
Pat Riehecky
riehecky at fnal.govTue Sep 30 16:28:44 UTC 2014
- Previous message: [CentOS-devel] yum-plugin-security and shellshock
- Next message: [CentOS-devel] yum-plugin-security and shellshock
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 09/30/2014 11:10 AM, Kevin Stange wrote: > On 09/30/2014 10:03 AM, Nux! wrote: >> What needs to happen for that? > We had a short discussion about it here: > > http://lists.centos.org/pipermail/centos-devel/2014-September/011893.html > > The issue is that something during the issuance of new updates has to > build a persistent list of CExAs and then regenerate the updateinfo.xml > while building the repo update. > > Right now CentOS pushes the update notices directly to the mailing list > and doesn't store that data anywhere to generate the XML file. The only > way I know to build historical updateinfo.xml would be to scrape the > mailing list for all previous data. Needed are release ID, package > (name, version, release, arch), SHA sum, release type (bug, enhancement, > new package, security), severity (if security), reference URL, summary, > additional description (if any). > > SL publishes updateinfo.xml so if someone has insight into how they > manage it, perhaps we could make use of the process to shoehorn into > CentOS. See: > > http://ftp.scientificlinux.org/linux/fermi/scientific/6x/x86_64/updates/security/repodata/updateinfo.xml > All the SL tools are published at: https://cdcvs.fnal.gov/redmine/projects/python-updateinfo Pat -- Pat Riehecky Scientific Linux developer http://www.scientificlinux.org/
- Previous message: [CentOS-devel] yum-plugin-security and shellshock
- Next message: [CentOS-devel] yum-plugin-security and shellshock
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS-devel mailing list