Satellite API not returning solution information from the errata.getDetails() method
Environment
- Red Hat Satellite
- Red Hat Network
Issue
- The Satellite API documentation states that the errata.getDetails method returns solution information:
Namespace: errata
Method: getDetails
Description
Retrieves the details for the erratum matching the given advisory name.
Parameters
The following parameters are available for this method:
string sessionKey
string advisoryName
Returns
The following return values are available for this method:
struct - erratum
string issue_date
string update_date
string last_modified_date - This date is only included for published erratum and represents the erratum's late date of modification
string synopsis
int release
string type
string product
string errataFrom
string topic
string description
string references
string notes
string solution
- However the output from my script does not show "string solution"
{'errata_description': 'Wireshark is a network protocol analyzer. It is used to capture and browse\nthe traffic running on a computer network.\n\nTwo flaws were found in Wireshark. If Wireshark read a malformed packet off\na network or opened a malicious dump file, it could crash or, possibly,\nexecute arbitrary code as the user running Wireshark. (CVE-2014-2281,\nCVE-2014-2299)\n\nSeveral denial of service flaws were found in Wireshark. Wireshark could\ncrash or stop responding if it read a malformed packet off a network, or\nopened a malicious dump file. (CVE-2013-6336, CVE-2013-6337, CVE-2013-6338,\nCVE-2013-6339, CVE-2013-6340, CVE-2014-2283, CVE-2013-7112, CVE-2013-7114)\n\nAll Wireshark users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. All running instances\nof Wireshark must be restarted for the update to take effect.\n',
'errata_issue_date': '3/31/14',
'errata_last_modified_date': '2014-03-31 12:34:19.0',
'errata_notes': '',
'errata_references': 'https://access.redhat.com/security/updates/classification/#moderate',
'errata_severity': 'Moderate',
'errata_synopsis': 'Moderate: wireshark security update',
'errata_topic': 'Updated wireshark packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.\n',
'errata_type': 'Security Advisory',
'errata_update_date': '3/31/14'}
- Where can I get the "solution"?
Resolution
- Modify your script to query the Satellite API instead of the the RHN API.
- That is, modify these lines from:
url = "http://xmlrpc.rhn.redhat.com/rpc/api"
username = "rhn-username"
password = "rhn-passwd"
... to ...
url = "http://satellite.example.redhat.com/rpc/api"
username = "sat-username"
password = "sat-passwd"
Root Cause
- The Satellite API returns solution information from its errata.getDetails() method
- However the RHN API doesn't return solution information from its errata.getDetails()
- The problem script was querying the RHN API rather than their Satellite's API
Diagnostic Steps
- Looking at the script, it can be seen that it's querying RHN rather than a Satellite:
$ cat getErrataDetails.py
#!/usr/bin/python
import xmlrpclib, pprint
pp = pprint.PrettyPrinter(indent=4)
saturl = "http://xmlrpc.rhn.redhat.com/rpc/api"
username = "username"
password = "passwd"
sat = xmlrpclib.Server(saturl, verbose=0)
key = sat.auth.login(username, password)
print pp.pprint(sat.errata.getDetails(key, 'RHSA-2014:0342'))
sat.auth.logout(key)
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.
Comments