Karanbir Singh wrote, On 07/05/2010 04:12 PM: > Hi Alexander, > > On 02/07/2010 13:49, Alexander Dalloz wrote: >> with other words you are working on making the yum-security plugin usable >> on CentOS? That would be great! > > Thats where this whole thing started from. The problem is that the > yum-security plugin needs some specific info available in the CentOS > repo's and the place where its generated has licensing issues with us > just using it as is. > Am I being overly optimistic here, in hoping the portions the 'place where its generated has licensing issues' is just with copying verbatim the collated data from their database (CVEs & bugs fields) and the written prose (Description field)? would they be OK with those fields being done like the announce messages, i.e. just point to the URL for the info, not replicate it? That is, at least for an early usable version set title :announce msg subject info post the CESA-number Update ID: CESA-from announce message Issued : when did the announce msg get generated? Type : as appropriate, and known from message Bugs & CVEs: see URL, yes or empty (unless fills a CentOS tracker item too). Description : Upstream details URL from announce msg. Files: Well, what did the build from SRPM produce for this arch? Over all at least have it so yum update-minimal would work, and full details elsewhere? -- Todd Denniston Crane Division, Naval Surface Warfare Center (NSWC Crane) Harnessing the Power of Technology for the Warfighter