第11章 Managing Errata
As a part of Red Hat’s quality control and release process, we provide customers with updates for each release of official Red Hat RPMs. Red Hat compiles groups of related package into an erratum along with an advisory that provides a description of the update. There are three types of advisories (in order of importance):
- Security Advisory
- Describes fixed security issues found in the package. The security impact of the issue can be Low, Moderate, Important, or Critical.
- Bug Fix Advisory
- Describes bug fixes for the package.
- Product Enhancement Advisory
- Describes enhancements and new features added to the package.
Red Hat Satellite 6 imports this errata information when synchronizing repositories with Red Hat’s Content Delivery Network (CDN). Red Hat Satellite 6 also provides tools to inspect and filter errata, allowing for precise update management. This way, you can select relevant updates and propagate them through Content Views to selected content hosts.
Errata are labeled according to the most important advisory type they contain. Therefore, errata labeled as Product Enhancement Advisory can contain only enhancement updates, while Bug Fix Advisory errata can contain both bug fixes and enhancements, and Security Advisory can contain all three types.
In Red Hat Satellite, there are two keywords that describe an erratum’s relationship to the available content hosts:
- Applicable
- An erratum that applies to one or more content hosts, which means it updates packages present on the content host. Although these errata apply to content hosts, until their state changes to Installable, the errata are not ready to be installed. Installable errata are automatically applicable.
- Installable
- An erratum that applies to one or more content hosts and is available to install on the content host. Installable errata are available to a content host from life cycle environment and the associated Content View, but are not yet installed.
This chapter shows how to manage errata and apply them to either a single host or multiple hosts.
11.1. Inspecting Available Errata
The following procedure describes how to view and filter the available errata and how to display metadata of the selected advisory.
- Navigate to Content > Errata to view the list of available errata.
Use the filtering tools at the top of the page to limit the number of displayed errata:
- Select the repository to be inspected from the list. All Repositories is selected by default.
- The Applicable check box is selected by default to view only errata applicable to the selected repository. Select the Installable check box to view only errata marked as installable.
To search the table of errata, type the query in the Search field in the form of:
parameter operator valueSee 表11.1「Parameters Available for Errata Search」 for the list of parameters available for search. Find the list of applicable operators in Supported Operators for Granular Search in Administering Red Hat Satellite. Automatic suggestion works as you type. You can also combine queries with the use of and and or operators. For example, to display only security advisories related to the kernel package, type:
type = security and package_name = kernel
Press Enter to start the search.
Click the Errata ID of the erratum you want to inspect:
- The Details tab contains the description of the updated package as well as documentation of important fixes and enhancements provided by the update.
- On the Content Hosts tab, you can apply the erratum to selected content hosts as described in 「Applying Errata to Multiple Hosts」.
- The Repositories tab lists repositories that already contain the erratum. You can filter repositories by the environment and Content View, and search for them by the repository name.
For CLI Users
To view errata that are available for all organizations, enter the following command:
# hammer erratum list
To view details of a specific erratum, enter the following command:
# hammer erratum info --id erratum_IDYou can search errata by entering the query with the
--searchoption. For example, to view applicable errata for the selected product that contains the specified bugs ordered so that the security errata are displayed on top, enter the following command:# hammer erratum list \ --product-id 7 \ --search "bug = 1213000 or bug = 1207972" \ --errata-restrict-applicable 1 \ --order "type desc"
表11.1 Parameters Available for Errata Search
| Parameter | Description | Example |
|---|---|---|
| bug | Search by the Bugzilla number. | bug = 1172165 |
| cve | Search by the CVE number. | cve = CVE-2015-0235 |
| id | Search by the errata ID. The auto-suggest system displays a list of available IDs as you type. | id = RHBA-2014:2004 |
| issued | Search by the issue date. You can specify the exact date, like "Feb16,2015", or use keywords, for example "Yesterday", or "1 hour ago". The time range can be specified with the use of the "<" and ">" operators. | issued < "Jan 12,2015" |
| package | Search by the full package build name. The auto-suggest system displays a list of available packages as you type. | package = glib2-2.22.5-6.el6.i686 |
| package_name | Search by the package name. The auto-suggest system displays a list of available packages as you type. | package_name = glib2 |
| severity | Search by the severity of the issue fixed by the security update. Specify Critical, Important, or Moderate. | severity = Critical |
| title | Search by the advisory title. | title ~ openssl |
| type | Search by the advisory type. Specify security, bugfix, or enhancement. | type = bugfix |
| updated |
Search by the date of the last update. You can use the same formats as with the | updated = "6 days ago" |
