Is there a way to create a package to errata correlation?

Latest response

I am analyzing a system remote to my satellite infrastructure with no internet access to the box itself. I need to come up (for regulatory reasons) with a list of security updates on that box.

Is there any way that I could take a list of packages with versions and come up with a list of RHEL errata? Something like a list of errata with the corresponding packages for each that I could use to correlate each package version with an RHxA indentifier (if there is one), then sort and unique to get a list of errata effectively on that system.

Could I create such a list accessing the PULP database on Satellite (hammer command? python script? I'm open to methodologies).


if I understand correctly you should be able to use openscap with the oval definitions from

other way if your satellite has latest packages you can also just use it's internal functionality hammer host errata list --host host_name

Have you considered oscap/oval? it may fill in some of the information you need and can be run offline:

Red Hat oval files are here: