Skip to content


Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Track Red Hat Security Advisories (RHSA) and verifying systems for compliance
Python Shell
tree: c6df3581c0

Fetching latest commit…

Cannot retrieve the latest commit at this time

Failed to load latest commit information.


Sarah currently requires a stuffed directory of advisories from RHN as XML files.

You can download these files automatically by using the script from
Tim Rupp. Available from:

	svn co aerrate

And issuing the following script:

	cd aerrate
	for release in rh{el4,el3,21}{as,es,ws} rhel{4,3}-extras rh-desktop-{4,3} rhel3{cluster,devsuite} rh21aw rhshas; do
		for type in security; do
			echo "== $release / $type =="
			python ./ -r --source=site --type=$type --release=$release
	cd -

This will copy all errata as XML files into ./aerrata/advisories/

Currently aerrate only implements security advisories, not bugs or enhancements.

sarah currently expects the advisories to be available from ./advisories/. So making
a symlink from aerrate/advisories to ./advisories is probably easiest.

	ln -sf aerrate/advisories .

Then to create an sqlite database out of these XML files, run:


You should now have a sarahdb.sqlite file in your current directory.
To create some statistics from this database, use:


The sarahinfo utility currently shows how to query the database. Not all information
is currently available in the XML files. Red Hat will be releasing these XML files
in the future with much more info.

I also added sarahsql to allow to query the database on the commandline, you can
things in bash, like:

        ### Print filenames related to advisory
        ./ 'select distinct filename from rpm where advid == "RHSA-2005:039" order by filename'

        ### Show last 10 updated advisories
        ./ 'select advid, issuedate, updatedate, severitylevel from adv order by updatedate' | tail

Help is welcome to extend sarah much further. The TODO file is the first stop for
interesting parties.

If you're behind a proxy that only allows SSL Proxy access (CONNECT method) for HTTPS sites,
you're currently out of luck. The urllib2 implementation of python only has the HTTPS GET
method implemented. More information at:

You can find more information about errata and errata classification at:

A live RSS feed to the latest security errata is available from:

Some information and statistics from the Red Hat security team:

General security information:
Something went wrong with that request. Please try again.