Very nice, Pat, thanks. Is there anything stopping the CentOS devs using this? Lucian -- Sent from the Delta quadrant using Borg technology! Nux! www.nux.ro ----- Original Message ----- > From: "Pat Riehecky" <riehecky at fnal.gov> > To: centos-devel at centos.org > Sent: Tuesday, 30 September, 2014 17:28:44 > Subject: yum-plugin-security and shellshock > On 09/30/2014 11:10 AM, Kevin Stange wrote: >> On 09/30/2014 10:03 AM, Nux! wrote: >>> What needs to happen for that? >> We had a short discussion about it here: >> >> http://lists.centos.org/pipermail/centos-devel/2014-September/011893.html >> >> The issue is that something during the issuance of new updates has to >> build a persistent list of CExAs and then regenerate the updateinfo.xml >> while building the repo update. >> >> Right now CentOS pushes the update notices directly to the mailing list >> and doesn't store that data anywhere to generate the XML file. The only >> way I know to build historical updateinfo.xml would be to scrape the >> mailing list for all previous data. Needed are release ID, package >> (name, version, release, arch), SHA sum, release type (bug, enhancement, >> new package, security), severity (if security), reference URL, summary, >> additional description (if any). >> >> SL publishes updateinfo.xml so if someone has insight into how they >> manage it, perhaps we could make use of the process to shoehorn into >> CentOS. See: >> >> http://ftp.scientificlinux.org/linux/fermi/scientific/6x/x86_64/updates/security/repodata/updateinfo.xml >> > > All the SL tools are published at: > https://cdcvs.fnal.gov/redmine/projects/python-updateinfo > > Pat > > -- > Pat Riehecky > > Scientific Linux developer > http://www.scientificlinux.org/ > > _______________________________________________ > CentOS-devel mailing list > CentOS-devel at centos.org > http://lists.centos.org/mailman/listinfo/centos-devel