On 27.01.22 17:24, Jim Henderson wrote:
On Wed, 26 Jan 2022 07:06:09 +0100, Stefan Seyfried wrote:
On 26.01.22 00:49, Jim Henderson wrote:
Cool, thanks. I think it would be nice if there was someplace to get a changelog rather than having to rebuild to see if it's in the patch.
osc ls SUSE:SLE-15:Update/polkit # shows the code osc less SUSE:SLE-15:Update/polkit polkit.changes
That last piece is what I was looking for. Thanks for that.
I wasn't really thinking about the build log there, more "here's the code that was specifically used to build this package so you can inspect it" - or "here's a changelog that shows what has changed and when" - while that's included in the polkit.changes output, it's not in the RPM itself, so users who want to make sure something is patched don't really have an obvious place to look to see if a security issue has been fixed.
rpm -q --changelog polkit
the newest entries of polkit.changes (either a fixed time interval or
after a cut-off date configured somewhere, I'm not sure) are embedded
into the RPM.
If you want to know before installing if it is worth the hassle, you can do
zypper up --download-only polkit
rpm -qp --changelog /var/cache/zypp/<....>/polkit-