Question: Is it possible to limit yum so that it lists or installs only security updates? How to patch the system only with security errata?
Install the yum-security plugin
It is now possible to limit yum to install only security updates (as opposed to bug fixes or enhancements) by installing the yum-security plugin. Contrary to RHEL 7, in RHEL 6 the yum-security plugin is not part of yum. So to install the plugin use :
# yum install yum-plugin-security
listing available erratas
To list all available erratas without installing them, run:
# yum updateinfo list available
Listing available security updates
To list all available security updates without installing them, run:
# yum updateinfo list security all # yum updateinfo list sec
To list all available security updates with verbose descriptions of the issues they apply to:
# yum info-sec
Listing currently installed security updates
To get a list of the currently installed security updates this command can be used:
# yum updateinfo list security installed
Installing available security updates
Run the following command to download and apply all available security updates :
# yum -y update --security
To only install the packages that have a security errata use
# yum update-minimal --security -y
For more commands consult the manual pages of yum-security with
# man yum-security