I have a requirement to be able to Patch customer SLES11 machines in a CVE basis.
As per I have understand after reading BSA documentation, the contributions of Bill Robinson on some threads in the communities [ https://communities.bmc.com/message/324789#324789 and https://communities.bmc.com/message/291945#291945 ] and doing some checks in my local deployments, I understand that it will not be possible to do it OOTB since novell is not providing this info when we do a Catalog Update from BSA.
In order to fulfill my requirements, I am planning to do some customization [still considering (and depending of the source I will use to get the info) via nsh script or BAO workflows] in order to be able to extract the CVEs to specific rpm package responds and set it as a custom property (simial as what we have with Windows Patches).
Possible sources I am thinking to obtain this information are the SUSE zypper utility or the novell website reports themselves [does anyone know of any official, simpler CVE->RPM mapping list source?]
So my first question would be, has anybody implemented something similar lately?