[CentOS] Update only of security vulnerabilities?

Wed Apr 8 16:15:35 UTC 2015
Jonathan Billings <billings at negate.org>

On Wed, Apr 08, 2015 at 03:54:18PM +0200, Rafał Radecki wrote:
> What is the best way to get a list of available security updates?
> I found several commands for that:
> 1) yum updateinfo list updates -q --security
> 2) yum list-security --security -q
> 3) yum --security check-update -q
> Based on the sample output below I think I can use any of the three with
> some awk to get a list of packages.

Keep in mind: when using the yum-plugin-security package which
provides the --security option, you're only going to see security
updates in EPEL (which I see you have enabled) and not in CentOS's
repos.  As of yet, there are no errata data in the CentOS repos.

See previous discussion here:
http://lists.centos.org/pipermail/centos/2015-January/148839.html
and on centos-devel:
http://lists.centos.org/pipermail/centos-devel/2014-September/011893.html

So, --security is pretty much a no-op, even when there are packages
that fix security issues are available in the CentOS repos.

-- 
Jonathan Billings <billings at negate.org>