tagline: From openSUSE
Patch info files for security updates are normally written by the security team.
A patch info file contains the following information:
- user name of the packager who is responsible for the update
- bugzilla ids
- category of the update (
- rating describing the urgency of the update (
- one line summary, display in the list in
yast2 online update
- description that can be understood by non-technical users
- list of CVE numbers (security updates only)
- potentially additional flags: reboot_needed (for kernels), zypp_restart_needed (for the package management stack)
When using osc patchinfo an xml representation of the information is used.
<patchinfo> <packager>JoePackager</packager> <category>normal</category> <rating>low</rating> <summary>Recommended update of foopackage</summary> <description>This update fixes the bar feature of foopackage when using it with a snafu server.... </description> <issue tracker="bnc" id="123456">foopackage has broken bar</issue> <issue id="CVE-YYYY-12345" tracker="cve" /> </patchinfo>