Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Track Red Hat Security Advisories (RHSA) and verifying systems for compliance

branch: master
README
DOWNLOADING ERRATA
^^^^^^^^^^^^^^^^^^
Sarah currently requires a stuffed directory of advisories from RHN as XML
files.

You can download these files automatically by using the aerrate.py script
from Tim Rupp. Available from:

	svn co http://caphrim.net/svn/fermi/aerrate/trunk aerrate

And issue the following command to scrape the RHN website for the most
up-to-date advisories:

	cd aerrate
	./aerrate.py -r --source=site --type=all --release=enterprise
	cd -

This will copy all errata as XML files into ./aerrata/advisories/

USING SARAH
^^^^^^^^^^^
sarah currently expects the advisories to be available from ./advisories/.
So making a symlink from aerrate/advisories to ./advisories is probably
easiest.

	ln -sf aerrate/advisories .

Then create an sqlite database out of these XML files, by doing:

	./sarahdb.py

You should now have a sarahdb.sqlite file in your current directory.
To create some statistics from this database, use:

	./sarahinfo.py

The sarahinfo utility currently shows how to query the database. Not all
information is currently available in the XML files. Red Hat will be releasing
these XML files in the future with more information we can get out of the 
RHN website.

I also added sarahsql to allow to query the database on the commandline, you
can do queries in bash, like:

        ### Print filenames related to advisory
        ./sarahsql.py 'select distinct filename from rpm where advid == "RHSA-2005:039" order by filename'

        ### Show last 10 updated advisories
        ./sarahsql.py 'select advid, issued, updated, severity, synopsis from adv order by updated' | tail

	### Show last 10 updated security advisories
	./sarahsql.py 'select advid, issued, updated, severity, synopsis from adv where type == "RHSA" order by updated' | tail

	### Show last 10 updates security advisories for 4AS
	./sarahsql.py 'select distinct adv.advid,updated,severity,synopsis from adv,rpm where adv.advid == rpm.advid and type == "RHSA" and prodshort == "4AS" order by updated' | tail

	### Show all files related to 3AS order by issue date
	./sarahsql.py 'select issued,filename from rpm,adv where adv.advid == rpm.advid and prodshort == "3AS" and arch == "i386" order by issued'

Help is welcome to extend sarah much further. The TODO file is the first stop
for interesting parties.


PROXY PROBLEMS ?
^^^^^^^^^^^^^^^^
If you're behind a proxy that only allows SSL Proxy access (CONNECT method)
for HTTPS sites, you're currently out of luck. The urllib2 implementation of
python only has the HTTPS GET method implemented. More information at:

	https://devel.linux.duke.edu/bugzilla/show_bug.cgi?id=543
	http://aspn.activestate.com/ASPN/Cookbook/Python/Recipe/456195

A work-around would be to set up an HTTP-tunnel over your proxy by using
proxytunnel, and then create a dynamic forwarding over SSH. And use
dante or tocks to socksify aerrate's requests.

	http_proxy="" https_proxy="" dsocksify ./aerrate.py -r --source=site --type=all --release=enterprise


MORE INFORMATION
^^^^^^^^^^^^^^^^
You can find more information about errata and errata classification at:

	http://www.redhat.com/security/updates/classification/

A live RSS feed to the latest security errata is available from:

	http://rhn.redhat.com/rpc/recent-errata.pxt

Some information and statistics from the Red Hat security team:

	http://www.redhat.com/security/transparent/oval/
	http://people.redhat.com/mjc/
	http://people.redhat.com/mjc/oval/

General security information:

	http://cve.mitre.org/
	http://oval.mitre.org/
Something went wrong with that request. Please try again.