I have used http://cefs.steve-meier.de/ plus https://github.com/vmfarms/generate_updateinfo to insert some security-information into my os-updates – mirror.
This seems to work, but only partially.
On my 7.4 test server,
> yum –security -v check-update gives me dnsmasq, nss, nss-sysinit and nss-tools as the packages to install.
The nss-packages are all of “severity = Important”
But there are more of this type of packages, e.g. emacs. The CentOS-announce mails as well as the errata of Steve Meier as well as the generated updateinfo.xml all contain “CESA-2017:2771 Important CentOS 7 emacs Security Update”
Just like the mentioned nss-packages, emacs is also labeled “severity = Important”. But yum doesn’t like it ;-(
The output of
> yum –security -v check-update tells me more, of course:
–> 1:emacs-24.3-20.el7_4.x86_64 from os-updates excluded (updateinfo)
Neither dnsmasq nor the nss-packages are listed, in particular not as excluded -?
And at the end it says
> Nothing matches emacs.x86_64 1:24.3-20.el7_4 from update
Btw, “yum info emacs” lists the installed and wanted emacs versions correctly.
What did I miss?