Page 1 of 1

yum-security-plugin in Centos

Posted: 2015/02/26 06:19:20
by amjadcsu

I am using Centos 7 in some of servers here.

Our management decided to update only critical/security patches to installed patches.

RHEL has yum-security plugin that installs only security/critical patches and not bug fixes and enhancements

Does Centos has anything something like this?

Re: yum-security-plugin in Centos

Posted: 2015/02/26 08:48:51
by TrevorH
We do have the plugin but it's non-functional as it depends on metadata being present in the yum repositories to tell it what is a security fix and what is not. That metadata is not present and judging by the length of time it has been discussed, it probably never will be.

Re: yum-security-plugin in Centos

Posted: 2016/06/27 14:02:47
by MichaelH
Does this mean that # yum --security check-update is no use on CentOS7?

Re: yum-security-plugin in Centos

Posted: 2016/06/27 14:11:39
by TrevorH

Re: yum-security-plugin in Centos

Posted: 2018/11/30 14:11:53
by nikhilplr
Is there any solution for this, How I can install security updates , I want to upgrade following packages that have other dependencies

"Remote package installed : kernel-3.10.0-862.3.2.el7
Should be : kernel-3.10.0-957.el7
Remote package installed : kernel-headers-3.10.0-862.11.6.el7
Should be : kernel-headers-3.10.0-957.el7
Remote package installed : kernel-tools-3.10.0-862.3.2.el7
Should be : kernel-tools-3.10.0-957.el7
Remote package installed : kernel-tools-libs-3.10.0-862.3.2.el7
Should be : kernel-tools-libs-3.10.0-957.el7
Remote package installed : python-perf-3.10.0-862.3.2.el7
Should be : python-perf-3.10.0-957.el7"
"Remote package installed : glibc-2.17-222.el7
Should be : glibc-2.17-260.el7
Remote package installed : glibc-common-2.17-222.el7
Should be : glibc-common-2.17-260.el7
Remote package installed : glibc-devel-2.17-222.el7
Should be : glibc-devel-2.17-260.el7
Remote package installed : glibc-headers-2.17-222.el7
Should be : glibc-headers-2.17-260.el7"

Re: yum-security-plugin in Centos

Posted: 2018/11/30 15:29:17
by TrevorH
The same answer still applies: yum-plugin-security is non-functional on CentOS due to the lack of the necessary metadata in the yum repositories. It does not work now and almost certainly never will.

The packages you list are all part of 7.6 which is not yet released for CentOS (though it's close). The packages that go to make up 7.6 are however already available for use if you enable the CR repo - e.g. yum --enablerepo=cr update