On 03/02/2016 03:24 AM, Anthony K wrote: > On Tue, 2016-03-01 at 21:58 -0600, Johnny Hughes wrote: >> On 03/01/2016 09:41 PM, Johnny Hughes wrote: >>> BUt the security plugins do not work for CentOS and they never have, >>> Peter is correct, you need to run yum update or call out the specific >>> packages you want updated. >>> > > I totally understand the necessity of a full system update. However, this begs > the question "Why code an option into yum that is of no use?" Was there a time > when this option was functional? If yes, what caused its removal? Was it a > system compromise at some big corporation and someone got sued/fired? What? > Don't spare any gory details either! > yum does not need to be restricted to vendor repositories. You can add package repositories maintained by anyone, and some of them may choose to distinguish between security and non-security updates, so it is appropriate for yum as packaged in CentOS to retain that feature even if the CentOS repositories themselves do not make use of it. Personally I think it is a dumb option and is in contrast to KISS. KISS says keep your system up to date. RHEL/CentOS works really hard to prevent updates from breaking a system. That's why many of us use it. So it doesn't make sense to not update when an update is available, making security specific updates kind of worthless.