Sarah is a tool to track Red Hat Security Advisories (RHSA) and verify systems for compliance. It allows you to keep track of security updates and plan maintenance windows.
Sarah is still under development, this is a placeholder for the final website. My aim is to to write a python tool that (in the first implementation) harvests Red Hat website and can update a local database (XML) with all information regarding RHSAs (what packages, bug information, ...). (Red Hat is going to export this information as well in XML format soon)

And another tool to allows to query this database and extract interesting information either from that database and the local rpmdb, or the database and a provided list of packages. (So you can validate other systems based on a list of packages).

Of course this can be a single tool as well, I haven't thought about the use-cases, commandline options and all that stuff. That's normally the first thing I do: think about how I would like to use it ideally and then look at what requires that, before making a design and doing a real implementation.

If you have something to add about this tool, design-decision, example code, thoughts, anything really. You can subscribe to:

You can download a few useful scripts and some documentation at: