Installing security updates only with CentOS yum
If you want to install only security-related updates to your CentOS Linux installation using the yum command, it looks like the yum-plugin-securityplugin might be a good option. (I’m having a few problems with it at the moment, so I can’t say that this is the absolute solution.) I found it on this page and this page.
A short version of the commands shown on the second page are this:
# install the security plugin yum -y install yum-plugin-security # display all security-related updates yum --security check-update # list all bugs fixed yum updateinfo list bugzillas # summary of advisories yum updateinfo summary # upgrade all packages with security info to latest available package yum --security update # upgrade all packages with security info to last security update # (as opposed to the latest possible update) yum --security update-minimal # help man 8 yum-security
See the first link (the Red Hat URL) for more detailed commands.
The beginning of the yum-security man page look like this:
NAME
yum security plugin
SYNOPSIS
yum [options] [command] [package ...]
DESCRIPTION
This plugin extends yum to allow lists and updates to be limited using security relevant criteria
added yum commands are:
yum update-minimal
This works like the update command, but if you have the the package foo-1 installed and
have foo-2 and foo-3 available with updateinfo.xml then update-minimal will update you to foo-3.
yum updateinfo info
yum updateinfo list
yum updateinfo summary
all of the last three take these sub-commands:
yum updateinfo * all
yum updateinfo * available
yum updateinfo * installed
yum updateinfo * updates
and then:
* <advisory> [advisory...]
* <package>
* bugzillas
* cves
* enhancement
* security
* new-packages
In summary, if you want to install only security-related updates to your CentOS Linux installation, I hope this article has been a good starting point.