-
Task
-
Resolution: Done
-
Major
-
1.5.1, 1.6.1, 1.7.0
-
None
-
2
-
False
-
-
False
-
-
-
RHDH COPE 3274, RHDH COPE 3275, RHDH COPE 3276
New doc requirement is to provide a link to each RHSA for each RHDH release.
You can find the RHSA by searching for CVEs that were fixed in a given release. For example https://access.redhat.com/security/cve/CVE-2025-29775 links to the RHDH 1.6 errata, relased on 14 May 2025: https://access.redhat.com/errata/RHSA-2025:7626
What we'd like to do is:
for the list of CVEs in a given release.yaml, extract the CVE URLs, then open each one looking for links to RHSAs associated with RHDH (eg., with curl -k)
$➔ curl -sSkLo- https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-29775.json | grep 1.6:registry -B3 -A3 | grep errata/RHSA "url": "https://access.redhat.com/errata/RHSA-2025:7626"
--> https://gitlab.cee.redhat.com/rhidp/rhdh/-/merge_requests/266
Relesae guide updated: https://gitlab.cee.redhat.com/rhidp/rhdh/-/blob/rhdh-1-rhel-9/docs/RELEASE_GUIDE.adoc?ref_type=heads#user-content-collect-rhsa-link-for-release-notes
Followup tasks moved to RHIDP-7886:
generate a PR like https://github.com/redhat-developer/red-hat-developers-documentation-rhdh/pull/1170/files or https://github.com/redhat-developer/red-hat-developers-documentation-rhdh/pull/1190/files (but not using floating attributes that move with every .z update)
- is cloned by
-
RHIDP-7886 [release notes] [automation] Use getAdvisoryForCVE.sh to generate docs PR for RN updates
-
- New
-
- relates to
-
RHIDP-7413 RHDH 1.6.1 Release
-
- Closed
-
- mentioned on