I have been searching around in the net and in StackExchange as well, and found out
yum-plugin-security although can be installed but it is actually not functioning for Centos-base repositories, back to 2013 and 2014. Referring to this and this.
I have tested again myself with my Centos 6.6 and found out as in 2016 now,
yum-plugin-security is still not functioning. This can be tested using the latest most heat issue of the DROWN attack of openssl.
First get the version of openssl installed:
4977-20[13:59:19 root@lye-vm ~]# rpm -qa openssl openssl-1.0.1e-30.el6_6.5.x86_64
Then find any updates available for openssl:
4978-21[14:09:37 root@lye-vm ~]# yum list updates openssl* Loaded plugins: security Updated Packages openssl.x86_64 1.0.1e-42.el6_7.4 updates
Ok, so there is one. Then find it with
4979-22[14:09:42 root@lye-vm ~]# yum updateinfo list security Loaded plugins: security updateinfo list done 4980-23[14:09:46 root@lye-vm ~]#
So there is none shown by ‘updateinfo’. (If using
yum --security check-update it will list out all updates available, which is not functioning so well).
I wish to know is it true there is NO WAY we can get the Security Updates by using
yum commands ? or there is a way and I did something wrong ?
My purpose is to only update Centos with security related updates. At the moment what I can do is manually subscribe to Centos-announce mailing list and look for those thread with keyword Security Update, such as this for the openssl DROWN attack.
Just use the
# yum --security update Loaded plugins: etckeeper, fastestmirror, security Setting up Update Process Loading mirror speeds from cached hostfile * base: mirror.cs.pitt.edu * epel: mirror.us.leaseweb.net * extras: mirror.dattobackup.com * updates: mirror.cogentco.com Resolving Dependencies Limiting packages to security relevant ones No packages needed for security; 1 packages available
But keep in mind that if you use third party repos, they might not tag all of their security updates as such. So you may need to apply additional updates.
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.