Uploaded image for project: 'Red Hat Internal Developer Platform'
  1. Red Hat Internal Developer Platform
  2. RHIDP-7619

Create script that takes as input a CVE and computes the list of RHSAs that include the CVE fix

    • RHDH COPE 3274, RHDH COPE 3275, RHDH COPE 3276

      New doc requirement is to provide a link to each RHSA for each RHDH release.

      You can find the RHSA by searching for CVEs that were fixed in a given release. For example https://access.redhat.com/security/cve/CVE-2025-29775 links to the RHDH 1.6 errata, relased on 14 May 2025: https://access.redhat.com/errata/RHSA-2025:7626

      What we'd like to do is:

      • for the list of CVEs in a given release.yaml, extract the CVE URLs, then open each one looking for links to RHSAs associated with RHDH (eg., with curl -k)
      $➔ curl -sSkLo- https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-29775.json | grep 1.6:registry -B3 -A3 | grep errata/RHSA
                "url": "https://access.redhat.com/errata/RHSA-2025:7626"
      

      --> https://gitlab.cee.redhat.com/rhidp/rhdh/-/merge_requests/266

      Relesae guide updated: https://gitlab.cee.redhat.com/rhidp/rhdh/-/blob/rhdh-1-rhel-9/docs/RELEASE_GUIDE.adoc?ref_type=heads#user-content-collect-rhsa-link-for-release-notes

      Followup tasks moved to RHIDP-7886:

              nickboldt Nick Boldt
              nickboldt Nick Boldt
              RHIDP - Cope
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: