Question: Is it possible to limit yum so that it lists or installs only security updates? How to patch the system only with security errata?
This post explains how to list and install security updates using yum on CentOS/RHEL 6 and 7.
1. Install needed plugin:
# yum install yum-plugin-security
Once you have yum-security plugin installed on the server, you get multiple command option to list, update, get the information like list, update, information related to security patches. For Example:
1. To list all updates that are security relevant, and get a return code on whether there are security updates use:
# yum --security check-update
2. To upgrade packages that have security errata (upgrades to the latest available package) use:
# yum --security update
3. To upgrade packages that have security errata (upgrades to the last security errata package) use:
# yum --security update-minimal
4. To get a list of all security advisories, including the ones you have already installed use:
# yum updateinfo list security all
5. To list all available security updates with verbose descriptions of the issues they apply to:
# yum info-sec
One should check the man page of yum-security for all options available.
# man yum-security