Skip to content
Track Red Hat Security Advisories (RHSA) and verifying systems for compliance
Python Shell
Find file
Latest commit c49cae1 Apr 20, 2007 @dagwieers Small updates for RHEL5.
Failed to load latest commit information.
patches Updates Mar 14, 2006
AUTHORS Updates Jan 11, 2006
COPYING Updates Jan 11, 2006
Makefile Added Makefile to help downloading errata. Feb 6, 2007
README Updates Jan 22, 2007
TODO Updates Jan 22, 2007
check-system.py Small changes and temporary progress. Jan 25, 2007
consistency.sh
cve-check.sh Updates Jan 22, 2007
rhsa-check.sh Updates Jan 22, 2007
rpmqa-lxcdns001.txt Small changes and temporary progress. Jan 25, 2007
rpmqa-pylnet1.txt Small changes and temporary progress. Jan 25, 2007
sarahdb.py Small updates for RHEL5. Apr 20, 2007
sarahdbo.py
sarahinfo.py Small updates for RHEL5. Apr 20, 2007
sarahlib.py Small updates for RHEL5. Apr 20, 2007
sarahrpm.py Small changes and temporary progress. Jan 25, 2007
sarahsql.py Small updates for RHEL5. Apr 20, 2007
sarahxml.py

README

DOWNLOADING ERRATA
^^^^^^^^^^^^^^^^^^
Sarah currently requires a stuffed directory of advisories from RHN as XML
files.

You can download these files automatically by using the aerrate.py script
from Tim Rupp. Available from:

	svn co http://caphrim.net/svn/fermi/aerrate/trunk aerrate

And issue the following command to scrape the RHN website for the most
up-to-date advisories:

	cd aerrate
	./aerrate.py -r --source=site --type=all --release=enterprise
	cd -

This will copy all errata as XML files into ./aerrata/advisories/

USING SARAH
^^^^^^^^^^^
sarah currently expects the advisories to be available from ./advisories/.
So making a symlink from aerrate/advisories to ./advisories is probably
easiest.

	ln -sf aerrate/advisories .

Then create an sqlite database out of these XML files, by doing:

	./sarahdb.py

You should now have a sarahdb.sqlite file in your current directory.
To create some statistics from this database, use:

	./sarahinfo.py

The sarahinfo utility currently shows how to query the database. Not all
information is currently available in the XML files. Red Hat will be releasing
these XML files in the future with more information we can get out of the 
RHN website.

I also added sarahsql to allow to query the database on the commandline, you
can do queries in bash, like:

        ### Print filenames related to advisory
        ./sarahsql.py 'select distinct filename from rpm where advid == "RHSA-2005:039" order by filename'

        ### Show last 10 updated advisories
        ./sarahsql.py 'select advid, issued, updated, severity, synopsis from adv order by updated' | tail

	### Show last 10 updated security advisories
	./sarahsql.py 'select advid, issued, updated, severity, synopsis from adv where type == "RHSA" order by updated' | tail

	### Show last 10 updates security advisories for 4AS
	./sarahsql.py 'select distinct adv.advid,updated,severity,synopsis from adv,rpm where adv.advid == rpm.advid and type == "RHSA" and prodshort == "4AS" order by updated' | tail

	### Show all files related to 3AS order by issue date
	./sarahsql.py 'select issued,filename from rpm,adv where adv.advid == rpm.advid and prodshort == "3AS" and arch == "i386" order by issued'

Help is welcome to extend sarah much further. The TODO file is the first stop
for interesting parties.


PROXY PROBLEMS ?
^^^^^^^^^^^^^^^^
If you're behind a proxy that only allows SSL Proxy access (CONNECT method)
for HTTPS sites, you're currently out of luck. The urllib2 implementation of
python only has the HTTPS GET method implemented. More information at:

	https://devel.linux.duke.edu/bugzilla/show_bug.cgi?id=543
	http://aspn.activestate.com/ASPN/Cookbook/Python/Recipe/456195

A work-around would be to set up an HTTP-tunnel over your proxy by using
proxytunnel, and then create a dynamic forwarding over SSH. And use
dante or tocks to socksify aerrate's requests.

	http_proxy="" https_proxy="" dsocksify ./aerrate.py -r --source=site --type=all --release=enterprise


MORE INFORMATION
^^^^^^^^^^^^^^^^
You can find more information about errata and errata classification at:

	http://www.redhat.com/security/updates/classification/

A live RSS feed to the latest security errata is available from:

	http://rhn.redhat.com/rpc/recent-errata.pxt

Some information and statistics from the Red Hat security team:

	http://www.redhat.com/security/transparent/oval/
	http://people.redhat.com/mjc/
	http://people.redhat.com/mjc/oval/

General security information:

	http://cve.mitre.org/
	http://oval.mitre.org/
Something went wrong with that request. Please try again.