DevHeads.net

yum security update issue

Hi all,

I have used <a href="http://cefs.steve-meier.de/" title="http://cefs.steve-meier.de/">http://cefs.steve-meier.de/</a> plus <a href="https://github.com/vmfarms/generate_updateinfo" title="https://github.com/vmfarms/generate_updateinfo">https://github.com/vmfarms/generate_updateinfo</a> to insert
some security-information into my os-updates - mirror.

This seems to work, but only partially.

On my 7.4 test server,
The nss-packages are all of "severity = Important"

But there are more of this type of packages, e.g. emacs. The centos-announce mails as well as the
errata of Steve Meier as well as the generated updateinfo.xml all contain "CESA-2017:2771 Important
CentOS 7 emacs Security Update"
Just like the mentioned nss-packages, emacs is also labeled "severity = Important". But yum doesn't
like it ;-(

The output of
--> 1:emacs-24.3-20.el7_4.x86_64 from os-updates excluded (updateinfo)

Neither dnsmasq nor the nss-packages are listed, in particular not as excluded -?

And at the end it says

Btw, "yum info emacs" lists the installed and wanted emacs versions correctly.

What did I miss?

Regards,
Thomas

Comments

Re: yum security update issue

By Johnny Hughes at 10/10/2017 - 14:17

I have no idea how that script works (not maintained by CentOS Project)

.. BUT ..

If it does not also look at the CR announce list, it will miss those.
We do not double annonuce:

<a href="https://lists.centos.org/pipermail/centos-cr-announce/" title="https://lists.centos.org/pipermail/centos-cr-announce/">https://lists.centos.org/pipermail/centos-cr-announce/</a>

(August 2017 and September 2017 were for the updates released into CR
for the 7.4.1708 cycle)

On 10/10/2017 08:19 AM, Thomas Roth wrote: