smart flags and errata updates
Anders F Björklund
afb at algonet.se
Tue Jun 24 03:31:29 PDT 2008
I've made an addition to the rpm-md and urpmi parsers,
so that they will read the repodata "updateinfo.xml" or
media_info "descriptions" file and flag the packages...
The smart flags are: security, bugfix, enhancement (etc)
as noted by the separate file with the security advisories
(sadly not yet available for CentOS, only Fedora and RHEL*)
Then I added a new --flag parameter to query and upgrade,
so that you can filter the query lists by errata severity
or (for instance) only do the security-related upgrades:
smart query --name firefox --flag enhancement
smart upgrade --flag security
smart flag --show
Tested with Fedora 9, openSUSE 11 and Mandriva 2008.1.
Not the actual distros, but with the metadata available
from the RPM package repositories for each distribution:
http://download.fedora.redhat.com/pub/fedora/linux/updates/9/i386/
repodata/
http://download.opensuse.org/update/11.0/repodata/
ftp://ftp.sunet.se/pub/Linux/distributions/Mandriva/official/2008.1/
i586/media/main/updates/media_info/
There is currently "no place" in Smart to store the other
related information, such as the update description or the
references to other resources - such as CVEs or bugzilla:
http://www.redhat.com/archives/fedora-package-announce/
http://lists.opensuse.org/opensuse-security-announce/
http://archives.mandrivalinux.com/security-announce/
If it was added in a future release, they could be parsed too.
Another thing that would be useful would be to add the flag
filtering capability (generically) to the --gui interface...
--anders
* https://rhn.redhat.com/errata/ and the announcement for RHEL 5.1:
http://www.redhatmagazine.com/2008/01/16/tips-and-tricks-yum-security/
But the updateinfo data file doesn't seem to be publicly available ?
More information about the Smart
mailing list