Track Red Hat Security Advisories (RHSA) and verifying systems for compliance
Python Shell
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.


Sarah currently requires a stuffed directory of advisories from RHN as XML

You can download these files automatically by using the script
from Tim Rupp. Available from:

	svn co aerrate

And issue the following command to scrape the RHN website for the most
up-to-date advisories:

	cd aerrate
	./ -r --source=site --type=all --release=enterprise
	cd -

This will copy all errata as XML files into ./aerrata/advisories/

sarah currently expects the advisories to be available from ./advisories/.
So making a symlink from aerrate/advisories to ./advisories is probably

	ln -sf aerrate/advisories .

Then create an sqlite database out of these XML files, by doing:


You should now have a sarahdb.sqlite file in your current directory.
To create some statistics from this database, use:


The sarahinfo utility currently shows how to query the database. Not all
information is currently available in the XML files. Red Hat will be releasing
these XML files in the future with more information we can get out of the 
RHN website.

I also added sarahsql to allow to query the database on the commandline, you
can do queries in bash, like:

        ### Print filenames related to advisory
        ./ 'select distinct filename from rpm where advid == "RHSA-2005:039" order by filename'

        ### Show last 10 updated advisories
        ./ 'select advid, issued, updated, severity, synopsis from adv order by updated' | tail

	### Show last 10 updated security advisories
	./ 'select advid, issued, updated, severity, synopsis from adv where type == "RHSA" order by updated' | tail

	### Show last 10 updates security advisories for 4AS
	./ 'select distinct adv.advid,updated,severity,synopsis from adv,rpm where adv.advid == rpm.advid and type == "RHSA" and prodshort == "4AS" order by updated' | tail

	### Show all files related to 3AS order by issue date
	./ 'select issued,filename from rpm,adv where adv.advid == rpm.advid and prodshort == "3AS" and arch == "i386" order by issued'

Help is welcome to extend sarah much further. The TODO file is the first stop
for interesting parties.

If you're behind a proxy that only allows SSL Proxy access (CONNECT method)
for HTTPS sites, you're currently out of luck. The urllib2 implementation of
python only has the HTTPS GET method implemented. More information at:

A work-around would be to set up an HTTP-tunnel over your proxy by using
proxytunnel, and then create a dynamic forwarding over SSH. And use
dante or tocks to socksify aerrate's requests.

	http_proxy="" https_proxy="" dsocksify ./ -r --source=site --type=all --release=enterprise

You can find more information about errata and errata classification at:

A live RSS feed to the latest security errata is available from:

Some information and statistics from the Red Hat security team:

General security information: