Am 02.03.2016 um 17:42 schrieb Mark Milhollan mlm@pixelgate.net:
I understand that some people might be trying to cherry-pick their updates and the assertion that doing so is not supported. But that is not the only way in which --security can be used and it is a bit boring to continually see whining about the assumptive use.
For me it is about scheduling -- it would answer the question: Does this system need updating immediately, vs scheduled for / deferred until a convenient time.
I wish --security was functional and I do not accept that because it can be abused that it should therefore never be. That CentOS as yet has no way to make it functional is sad, and I hope that the lack is not due to the assumed use resulting in it being ignored.
As it was said, "yum check-update/update" is the way to go (also for RHEL).
We do not need here something like SCAP, therefore
http://search.gmane.org/?query=CESA&group=gmane.linux.centos.announce&am...
gives enough informations to schedule the security activities.
-- LF