Hi Daryl, you need the mentioned script only, if the "RPM" based repository "repomd.xml" file does NOT contain information about "updates". There should be an "updateinfo" section within "repomd.xml". The xml file referenced there includes information about "errata" (Name of errata, CVEs, which packages are included, etc.).
Just look at the EPEL 7 repo for example here https://dl.fedoraproject.org/pub/epel/7/x86_64/repodata/ The repomd.xml contains an "updateinfo" section pointing to ......updateinfo.xml.bz2. All "errata" information is there. When you look at the centos base or extra repos, you won't find that "updateinfo" section within "repomd.xml" This is what the wonderful script from Steve does. It parses the security mailing list of CentOS to do this "manually". @philicious also did a great job to modify this script further to download and parse errata information from "ubuntu" and "slackware". I also forked this "project" and been working to also modify this script to parse the debian security mailing list. This works (in my testing) quite good right now, and when I cleaned up all "customer" specific code, I'll also provide this on Github (or this might get merged to @philicious repo). This is how it looks, when you synchronise the repos via spacewalk. CentOS7 Extra Sync started: Wed Aug 10 15:38:08 2016 ['/usr/bin/spacewalk-repo-sync', '--channel', 'centos_7_extra', '--type', 'yum'] Repo URL: http://ftp.hosteurope.de/mirror/centos.org/7/extras/x86_64/ Packages in repo: 375 Packages already synced: 0 Packages to sync: 375 1/375 : centos-release-qemu-ev-1.0-1.el7-0.noarch 2/375 : cockpit-pcp-0.103-1.el7.centos-0.x86_64 3/375 : docker-logrotate-1.9.1-40.el7.centos-0.x86_64 4/375 : python-gunicorn-18.0-2.el7-0.noarch 5/375 : python-websocket-client-0.32.0-116.el7-0.noarch 6/375 : cockpit-doc-0.108-1.el7.centos-0.x86_64 ... ... 375/375 : centos-packager-0.5.2-1.el7.centos-0.noarch Linking packages to channel. Repo http://ftp.hosteurope.de/mirror/centos.org/7/extras/x86_64/ has 0 errata. Sync completed. Total time: 0:05:12 Now look at the EPEL 7 repo Sync started: Wed Aug 10 12:58:58 2016 ['/usr/bin/spacewalk-repo-sync', '--channel', 'epel_7', '--type', 'yum'] Repo URL: https://dl.fedoraproject.org/pub/epel/7/x86_64/ Packages in repo: 10419 Packages already synced: 0 Packages to sync: 10419 1/10419 : perl-Math-Int64-0.52-1.el7-0.x86_64 2/10419 : dnf-langpacks-conf-0.15.1-1.el7-0.noarch 3/10419 : ghc-xml-devel-1.3.13-1.el7-0.x86_64 ... ... Linking packages to channel. Repo https://dl.fedoraproject.org/pub/epel/7/x86_64/ has comps file 9d21be3ccf77a70416edafa23e02c075dbc53d2d60edb89203c5b9c69f21f66a-comps-epel7.xml.xz. Repo https://dl.fedoraproject.org/pub/epel/7/x86_64/ has 3042 errata. <<<==== ERRATAS Sync completed. Total time: 2:31:48 Hope this helped. Regards, Robert
_______________________________________________ Spacewalk-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/spacewalk-list
