CEFS: CentOS Errata for Spacewalk

This fine piece of software allows you to import errata information from the CentOS-Announce mailing list into your Spacewalk-Server.
For security announcements details from Red Hat (RHSA) can be imported optionally.


  • 2018-01-01: Happy New Year! As a new year is a good opportunity for a retrospect, I have done so and found an off-by-one bug in the mailing-list parser. This bug caused some postings to the mailing-list to be ignored when they should not have been. Therefore, many errata are updated and also some newly created (that only have one RPM associated). Sorry for any inconvenience this may have caused.
  • 2018-03-06: The errata-import script has been updated to fix Issue #4
  • 2018-04-19: The errata-import script has been updated to support Spacewalk 2.8 and set the newly added severity field
  • 2018-05-09: I am currently testing BunnyCDN to deliver the uncompressed XML file instead of linking to GitHub. Let me know if you encounter any problems.
  • 2018-05-23: The XML file delivered through the CDN is now limited to the last 180 days, due to size. The bz2 compressed version (see below) and the GitHub repository still contain all data should you need it.
  • 2018-05-23: Issue #10, related to the CDN, has been fixed.
  • 2018-05-26: After reducing the XML file to 180 days of content, the checksums (MD5/SHA1) were incorrect. This has been fixed. (Thanks, Andrew)
  • 2018-05-31: There was an issue with uploading the XML to the CDN. This is now fixed.
  • 2018-07-10: There seems to have been an issue with the CDN delivering an old version of the XML. This should now be fixed.
  • 2018-12-17: As the year comes to a close, I use my spare time to futher improve data quality. Merry Christmas to everybody!
  • 2019-01-25: The errata-import script has been updated to support Spacewalk 2.9 (see Issue #15)
  • 2019-02-11: This page is now hosted on AWS CloudFront
  • 2019-04-26: An Apache configuration error may have temporarily made this site inaccessible.

  • Usage

  • Download the latest errata XML file HERE (uncompressed) or bz2 compressed (last updated: September 11, 2019)
  • Download the latest Red Hat OVAL file HERE (optional)
  • Download the errata-import.tar script HERE or the included script HERE
  • Extract the downloaded tarball in an empty directory (tar xf errata-import.tar)
  • Make the main script executeable (chmod 755 errata-import.pl)
  • Run the script and follow the instructions (./errata-import.pl)
  • Notes

  • Depending on the performance of your server the inventory process may take multiple minutes per channel (Hint: use --include-channels)
  • All errata are created but not published so you can review them (Hint: look at --publish)
  • You can publish errata via the Web and/or API

  • Frequently Asked Questions (FAQ)

  • How (often) is the XML file generated?

    The file is generated by first parsing the CentOS-Announce Archives. A few glitches I found are then fixed and information for CentOS 5.8 (sent unparseable) is added. Finally there are a few sanity checks before the file is released. This process is now fully automated.

  • Can I download the file regularly?

    Yes, of course. If you use wget please use -N to download only if it has changed.

  • Can I get the script that generates the XML file?


  • Something isn't working. Where can I get help?

    Please run the script with --debug and send me the output via email or upload it to some place like Pastebin and send me a link to it. I will try to help you as time permits.

  • How do I set username and password for the script?

    Set the environment variables SPACEWALK_USER and SPACEWALK_PASS accordingly. Example:

    export SPACEWALK_USER='admin'
    export SPACEWALK_PASS='supersecret'

  • I get a "500 read timeout" error when importing errata. Why?

    Your server is likely underpowered. Spacewalk runs a webserver, an application server and a database, all of which need RAM and I/O resources. Check the prerequisites section in the Spacewalk Wiki.

  • I get "Authentication FAILED" errors but the password is correct?

    Make sure that you put your password in parantheses. Otherwise your shell will turn PASSWORD=super$ecret into "super" as $ecret is not defined. Bummer, I know.
    Also note that the script requires a username/password combination for the Spacewalk API and NOT for the underlying Postgres/Oracle database.

  • I don't have Spacewalk. Can I still use this?

    Yes, you actually can. I have recently (October 2017) created a designated yum repository that includes the errata information.
    You can find more information about this repository here.

  • Can I use this with Spacewalk 6 / Katello?

    I have received feedback that pulp_centos_errata_import does the trick. I have not tried this myself nor do I have any experience with these tools.
    A user has also reported that katello-centos-errata-import works for him.

  • Will you support CentOS 8?

    Support for CentOS 8 is planned. As there is currently no release date for it, I can not provide more details right now.

  • Can I use this with Uyuni?

    I have recevied feedback that importing the Errata into Uyuni 4.02 works with no changes.

  • Feedback

    I would like to hear how this tool works for you. You can contact me via email: email (at) steve (dash) meier (dot) de

    If you find this tool helpful and would like to show your appreciation you can do so via PayPal:

    Alternatively, you can donate Bitcoin to 1DftUtWs8XRNqmWwq6ENXfGUbwEDMneTYs.