furlongm
commented
1 year ago Looks like the API is documented here: https://gist.github.com/mstg/16dec9f3f63ce16bce79816575ab9791
Open rmdashrfslash opened 1 year ago
furlongm
commented
1 year ago Looks like the API is documented here: https://gist.github.com/mstg/16dec9f3f63ce16bce79816575ab9791
furlongm
commented
1 year ago N.B. using the existing errata mechanism will also work for Rocky and Alma, as the packages and updates are subject to the same CVEs etc.
furlongm
commented
1 year ago For future reference, API urls for security
Red Hat Linux https://access.redhat.com/hydra/rest/securitydata/cvrf.json https://access.redhat.com/hydra/rest/securitydata/cve.json https://access.redhat.com/hydra/rest/securitydata/oval.json https://access.redhat.com/hydra/rest/securitydata/oval/ovalstreams.json
Rocky Linux https://apollo.build.resf.org/api/v3/osv/ (see https://github.com/resf/distro-tools/blob/main/apollo/server/server.py )
Alma Linux https://errata.almalinux.org/8/errata.full.json https://errata.almalinux.org/9/errata.full.json
mzoleko
commented
1 year ago Hi. Any chance to get errata lists for Oracle Linux ?
Hi - This is a great tool. Just spent some time rolling it out in my environment. One thing that would be super useful is to pull in the rocky linux errata to identify security vs bug updates. Looks like the rocky errata is publicly available at:
https://errata.rockylinux.org/ - from what I can tell, this simply pulls from an API, which I think could be used by patchman as well.