UPDATE: I haven’t used CentOS in several years, and from the comment in the Comments section below, it appears that the approach I wrote about in this tutorial (several years ago) no longer works. I’m keeping the original contents here only to provide some context. Please see this CentOS forum link for current information.
*** everything below here is out of date ***
If you want to install only security-related updates to your CentOS Linux installation using the
yum command, it looks like the
yum-plugin-security plugin might be a good option. (I’m having a few problems with it at the moment, so I can’t say that this is the absolute solution.) I found it on this page and this page.
A short version of the commands shown on the second page are this:
# install the security plugin yum -y install yum-plugin-security # display all security-related updates yum --security check-update # list all bugs fixed yum updateinfo list bugzillas # summary of advisories yum updateinfo summary # upgrade all packages with security info to latest available package yum --security update # upgrade all packages with security info to last security update # (as opposed to the latest possible update) yum --security update-minimal # help man 8 yum-security
See the first link (the Red Hat URL) for more detailed commands.
The beginning of the
yum-security man page look like this:
NAME yum security plugin SYNOPSIS yum [options] [command] [package ...] DESCRIPTION This plugin extends yum to allow lists and updates to be limited using security relevant criteria added yum commands are: yum update-minimal This works like the update command, but if you have the the package foo-1 installed and have foo-2 and foo-3 available with updateinfo.xml then update-minimal will update you to foo-3. yum updateinfo info yum updateinfo list yum updateinfo summary all of the last three take these sub-commands: yum updateinfo * all yum updateinfo * available yum updateinfo * installed yum updateinfo * updates and then: * <advisory> [advisory...] * <package> * bugzillas * cves * enhancement * security * new-packages
In summary, if you want to install only security-related updates to your CentOS Linux installation, I hope this article has been a good starting point.