smart flags and errata updates
Anders F Björklund
afb at algonet.se
Thu Jun 26 01:04:34 PDT 2008
Gustavo Niemeyer wrote:
>> I've made an addition to the rpm-md and urpmi parsers,
>> so that they will read the repodata "updateinfo.xml" or
>> media_info "descriptions" file and flag the packages...
>> The smart flags are: security, bugfix, enhancement (etc)
>> as noted by the separate file with the security advisories
>> (sadly not yet available for CentOS, only Fedora and RHEL*)
>
> Interesting idea!
And for the DEB-based channels, those usually provide security
updates in a separate repository already (like "hardy-security")
so the APT loader could probably flag all packages from such
a location with "security" (not sure about bugfix/enhancement)
I've made a small patch to the Smart backend for PackageKit,
so that these flags will show in the update viewing interface...
Like in http://www.packagekit.org/img/gpk-updates-overview.png,
patch is at http://bugs.freedesktop.org/show_bug.cgi?id=16525
>> There is currently "no place" in Smart to store the other
>> related information, such as the update description or the
>> references to other resources - such as CVEs or bugzilla:
>
> Right, we should understand if some of that information should
> actually become part of the PackageInfo.
I've done the parser part, for the ID and the main three items:
title/pre (= summary), description, issued/update (= the date)
Remaining is the list of URLs, both from CVE and from Bugzilla.
There's also a impact/severity, that goes from Low to Critical.
--anders
More information about the Smart
mailing list