[CentOS-devel] yum-plugin-security and shellshock

Tue Sep 30 16:52:03 UTC 2014
Nux! <nux at li.nux.ro>

Very nice, Pat, thanks.
Is there anything stopping the CentOS devs using this?

Lucian

--
Sent from the Delta quadrant using Borg technology!

Nux!
www.nux.ro

----- Original Message -----
> From: "Pat Riehecky" <riehecky at fnal.gov>
> To: centos-devel at centos.org
> Sent: Tuesday, 30 September, 2014 17:28:44
> Subject: yum-plugin-security and shellshock

> On 09/30/2014 11:10 AM, Kevin Stange wrote:
>> On 09/30/2014 10:03 AM, Nux! wrote:
>>> What needs to happen for that?
>> We had a short discussion about it here:
>>
>> http://lists.centos.org/pipermail/centos-devel/2014-September/011893.html
>>
>> The issue is that something during the issuance of new updates has to
>> build a persistent list of CExAs and then regenerate the updateinfo.xml
>> while building the repo update.
>>
>> Right now CentOS pushes the update notices directly to the mailing list
>> and doesn't store that data anywhere to generate the XML file.  The only
>> way I know to build historical updateinfo.xml would be to scrape the
>> mailing list for all previous data.  Needed are release ID, package
>> (name, version, release, arch), SHA sum, release type (bug, enhancement,
>> new package, security), severity (if security), reference URL, summary,
>> additional description (if any).
>>
>> SL publishes updateinfo.xml so if someone has insight into how they
>> manage it, perhaps we could make use of the process to shoehorn into
>> CentOS. See:
>>
>> http://ftp.scientificlinux.org/linux/fermi/scientific/6x/x86_64/updates/security/repodata/updateinfo.xml
>>
> 
> All the SL tools are published at:
> https://cdcvs.fnal.gov/redmine/projects/python-updateinfo
> 
> Pat
> 
> --
> Pat Riehecky
> 
> Scientific Linux developer
> http://www.scientificlinux.org/
> 
> _______________________________________________
> CentOS-devel mailing list
> CentOS-devel at centos.org
> http://lists.centos.org/mailman/listinfo/centos-devel