Comments on: Tips and tricks: yum-security

by: Indy

Sun, 16 Mar 2008 16:00:38 +0000

I realize RHEL 3 and 4 don’t come stock w/ YUM but if you install YUM yourself on these versions what specifically prohibits you from using this there? Is it that RH doesn’t have the necessary content for those versions?

by: ciphernaut

Mon, 03 Mar 2008 23:18:32 +0000

@indy

RHEL3 and 4 use up2date instead of yum.

by: covex

Mon, 03 Mar 2008 15:07:30 +0000

Is it possible to place this option somehow in yum.conf?

by: Indy

Tue, 29 Jan 2008 02:13:44 +0000

Why is this limited to RHEL 5 only? If you install the latest yum distro on RHEL 4 or 3 would it work? Is RH specifically limiting content to the RHEL 5 channels?

by: Γριφεγ Γθωαφ

Thu, 24 Jan 2008 06:16:20 +0000

Thank you. I commented too early. I tried installing yum-security on Fedora, but this happened:

[root@localhost ~]# yum install yum-security
livna-development 100% |=========================| 2.1 kB 00:00
adobe-linux-i386 100% |=========================| 951 B 00:00
development 100% |=========================| 2.2 kB 00:00
Setting up Install Process
Parsing package install arguments
No package yum-security available.
Nothing to do
[root@localhost ~]#

But later on it worked. At first I thought it’s not available, but it must have been a glitch with a mirror.

by: Steve Bonneville

Wed, 23 Jan 2008 16:11:38 +0000

As Rahul mentioned, this has been in Fedora since about Fedora 7, so yes, it can work with yum repositories. The yum-security package is included in Fedora 8.

However, when creating yum repositories, there are no tags in an RPM packages’s metadata that store the information about the CVEs / Advisories / Bugzilla bugs fixed by a package (or more likely, a SET of packages, which complicates the issue even more). So, you can’t regenerate this information automatically with createrepo. For Fedora, the updateinfo.xml.gz file which contains this information is managed, generated, and inserted into the updates repository by the open source system used by contributors to manage package updates, bodhi.

The Scientific Linux repository Troy tested in his comment above probably doesn’t have an updateinfo.xml.gz file in their repository, so the information isn’t available.

by: Rahul Sundaram

Wed, 23 Jan 2008 13:05:42 +0000

It has been available in Fedora for a while as part of yum-utils package FYI.

by: Γριφεγ Γθωαφ

Sat, 19 Jan 2008 06:51:55 +0000

Any hope this will be available for Fedora?

by: Tom

Fri, 18 Jan 2008 10:05:56 +0000

Does this work with Satellite?

by: Dulles

Fri, 18 Jan 2008 02:49:06 +0000

REDHAT HAS UPDATED YUM?

That’s great news. Now the RHEL 5.1 account I just canceled might actually update my systems without a screen-full of yum “dependency” errors?

You Redhat programmers are really good, and smart. My 5.0 version of “Software Updater” has absolutely no menu or features on the GUI (never did).

This reminds me of the RHEL 4.5 “Print Manager” with no menu or features on the GUI. Redhat just lost another customer (since RH8), and it’s business as usual.