David Hrbáč wrote: > there's nothing to patch unless we provide some info on packages that we > can extract from and finally build updateinfo.xml.gz. So as the majority > of CentOS community knows nothing about how packages are produced and > how CESA are produced, we do not have CESA RRS feed, we don´t have > CVE-to-CESA. So you can´t expect someone from community to step in. I > can see the only way to create updateinfo.xml.gz now - browse the repo > and extract these info/tags from change logs, which are often > incomplete. And I'm not sure it's worth. repo-rss, included in yum-utils will give you a rss feed for any repo you like. beyond that - any info that I can see, is the same as what you can see. - KB