CentOS 8: How to Only Apply Security Updates

[cuilo@test-box ~]# sudo yum --security update
CentOS-8 - AppStream                                                        12 kB/s | 4.3 kB     00:00
CentOS-8 - Base                                                             20 kB/s | 3.9 kB     00:00
CentOS-8 - Extras                                                          2.7 kB/s | 1.5 kB     00:00
Extra Packages for Enterprise Linux Modular 8 - x86_64                      36 kB/s |  19 kB     00:00
Extra Packages for Enterprise Linux 8 - x86_64                              33 kB/s |  13 kB     00:00
Extra Packages for Enterprise Linux 8 - x86_64                             3.9 MB/s | 6.8 MB     00:01
No security updates needed, but 2 updates available
Dependencies resolved.
Nothing to do.
Complete!

That’s it. I bet you’ve expected to see more from an ‘article.’ Here are some hints on how to NOT BREAK a Linux box while keeping it relatively up to date.

# Checking available updates:
[cuilo@test-box ~]# yum list updates
Last metadata expiration check: 0:02:23 ago on Sat 30 May 2020 09:54:38 PM PDT.
Available Upgrades
proftpd.x86_64                                         1.3.6c-3.el8                                    epel
proftpd-utils.x86_64                                   1.3.6c-3.el8                                    epel

# Applying all updates, except the kernel and a specific software such as proftpd
[cuilo@test-box ~]# sudo yum -x 'kernel*' -x 'proftpd*' update
Last metadata expiration check: 0:00:45 ago on Sat 30 May 2020 10:01:43 PM PDT.
Dependencies resolved.
Nothing to do.
Complete!

# How to apply a specific security patch per VCE number
vceNumber=CVE-2017-1000253
yum update --cve $vceNumber
Posted on Categories Linux

Leave a Reply

Your email address will not be published. Required fields are marked *