similar to: When will CentOS Publish Errata?

David, The CentOS team has taken the stance that they do not understand what is required for this, so, they will not be including it under any circumstances. I am unable to locate the thread in the archive: http://lists.centos.org/pipermail/centos-devel/2014-September/thread.html However, luckily, Gmane archives everything just fine.

> However, luckily, Gmane archives everything just fine. > http://thread.gmane.org/gmane.linux.centos.devel/12370/focus=12375 Thanks Steven for bringing this thread to my attention. So it looks like there was already a discussion about this in September, and it ended with two action items. 1. Write code to automatically put the following into updateinfo.xml a. Link to RH web site b.

> 1. Blatant screen scraping is a violation of the terms of service for RHN .. > so where is a SOURCE of information for something like this: > > https://rhn.redhat.com/errata/RHSA-2014-2024.html > > If you read this: > https://access.redhat.com/help/terms/ > > then, one can not just grab all the info on that errata page and distribute it .. > which is why we LINK

On 01/06/2015 04:25 AM, Liam O'Toole wrote: > On 2015-01-06, Somers-Harris, David | David | OPS > <david.somers-harris at mail.rakuten.com> wrote: >>> 1. Blatant screen scraping is a violation of the terms of service >>> for RHN .. so where is a SOURCE of information for something like >>> this: >>> >>>

On 2015-01-06, Somers-Harris, David | David | OPS <david.somers-harris at mail.rakuten.com> wrote: >> 1. Blatant screen scraping is a violation of the terms of service >> for RHN .. so where is a SOURCE of information for something like >> this: >> >> https://rhn.redhat.com/errata/RHSA-2014-2024.html >> >> If you read this:

On 01/04/2015 06:00 PM, Somers-Harris, David | David | OPS wrote: >> However, luckily, Gmane archives everything just fine. >> http://thread.gmane.org/gmane.linux.centos.devel/12370/focus=12375 > > Thanks Steven for bringing this thread to my attention. > So it looks like there was already a discussion about this in September, and it ended with two action items. > > 1.

Hi all, I have used http://cefs.steve-meier.de/ plus https://github.com/vmfarms/generate_updateinfo to insert some security-information into my os-updates - mirror. This seems to work, but only partially. On my 7.4 test server, > yum --security -v check-update gives me dnsmasq, nss, nss-sysinit and nss-tools as the packages to install. The nss-packages are all of "severity =

This is not abit issue just a minor annoyance. I use Foreman to provision my systems and to keep control I remove all the default *.repo files andkeep away from installing more *.repo files so I can control the content via the foreman(katello) provided redhat.repo. I would argue that the *-release-*.rpm should not contain any setup code but just the stuff in /etc/yum.repos.d. -- Alvin

On 2015-07-22 13:34, Thomas Eriksson wrote: > The upstream project is called Katello, http://www.katello.org/ > It has nothing to do with Spacewalk as far as I can tell. Katello is just one piece. Satellite 6 also integrates Candlepin, Puppet and more. What I'm wondering is if the entire set of software - Satellite 6 as one piece - is going to get a new upstream project. > I have

I actually move the default *.repo files and replace them with "". The thing is that Katello turns all the downloaded yum content into a single redhat.repo file and I don't have to install any more *-release-* rpms any more. I would argue that I should not need to install any *-release-* rpms at all to get all the required software. On 03/22/2017 09:34 AM, -=X.L.O.R.D=- wrote:

> On 2015-01-06, Keith Keller wrote: >> On Mon, Jan 05, 2015 at 10:37:46AM -0600, Johnny Hughes wrote: >>> 2. If someone comes up with a place to get said data, THEN we could >>> properly publish that data in some way. >> >> It would be a hack, but you could probably subscribe an automated >> account to the enterprise-watch-list mailing list:

On 2015-01-06, Johnny Hughes <johnny at centos.org> wrote: > This is an OpenPGP/MIME signed message (RFC 4880 and 3156) > --===============4697670779706124595== Content-Type: multipart/signed; > micalg=pgp-sha1; protocol="application/pgp-signature"; > boundary="MBFscW2dH0g022mxj8O937qiaWFFIRB5O" > > This is an OpenPGP/MIME signed message (RFC 4880 and

The subscription-manager dnf plugin is disabled by default as part of our debranding in both CentOS Linux and CentOS Stream. c8: https://git.centos.org/rpms/subscription-manager/blob/580aca8629536c64577e6a443b9349ecb629cc17/f/SPECS/subscription-manager.spec#_850 c8s:

Hello, we would like to sync all files from http://oirase.annexia.org/virt-p2v/ with Foreman/Katello. Is it possible to provide "repodata" for this public directory? Without it we can not sync it. Greets, Denis

Hi All :) What is the best way to get a list of available security updates? I found several commands for that: 1) yum updateinfo list updates -q --security 2) yum list-security --security -q 3) yum --security check-update -q Based on the sample output below I think I can use any of the three with some awk to get a list of packages. yum updateinfo list updates -q --security FEDORA-EPEL-2014-0525

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 13.01.2015 04:25, Somers-Harris, David | David | OPS wrote: >> On 2015-01-06, Keith Keller wrote: >>> On Mon, Jan 05, 2015 at 10:37:46AM -0600, Johnny Hughes wrote: >>>> 2. If someone comes up with a place to get said data, THEN >>>> we could properly publish that data in some way. >>> >>>

On 04/08/2020 23:50, Jon Pruente wrote: > On Tue, Aug 4, 2020 at 11:34 AM <centos at niob.at> wrote: > >> Q5) If the answer to the last question is "no": shouldn't there be such >> a resource? >> > CentOS doesn't publish security errata. If you need it then you should > either buy RHEL, or deal with putting together your own set up with >

Hello Everyone I'm looking into the best way to have locked version repos for my CentOS systems. The systems are all set up with Chef and have a couple different recopies/roles. I'd like to have locked version repos for each role with tested RPMs. Then perhaps quarterly apply any updates. It would be nice to have something showing which updates are available for these locked repos.

Dear List, I have spent some time playing around with oscap and the RHEL OVAL feed (https://www.redhat.com/security/data/oval/v2/RHEL8/, also check Chapter 16 of the RHEL 8 Design Guide). Because I could not find an existing OVAL file for CentOS, I downloaded one of the RHEL8 files and managed to modify (eg. the rhel-8.1-e4s.oval.xml) it to make it work on a CentOS machine. Basically I just

Hi Everyone, Since Satellite 6 is an amalgam of other F/OSS projects and is no longer solely based on Spacewalk, is a new upstream project for Satellite 6 going to be created? BEtter yet, is a new upstream project already available? Ranbir -- Kanwar R.S. Sandhu