[The contents mostly apply to Scientific Linux 6 as well. CentOS users should see the Notes below]
In Enterprise Linux, it is often desirable to minimize the number of updates to install. Many admins just want to apply security-related updates. This is easily done using yum security plugin. First, install the plugin:
yum install yum-plugin-security
To install only the security updates :
yum --security update
You’ll see something similar to:
===================================================================================
Package Arch Version Repository Size
===================================================================================
Updating:
mysql x86_64 5.1.69-1.el6_4 rhel-x86_64-server-6 907 k
mysql-libs x86_64 5.1.69-1.el6_4 rhel-x86_64-server-6 1.2 M
mysql-server x86_64 5.1.69-1.el6_4 rhel-x86_64-server-6 8.7 M
Transaction Summary
===================================================================================
That’s it. But there are many other things you can do. For example, yum updateinfo has some handy options. Try the following:
yum updateinfo summary
yum updateinfo list security
yum updateinfo list available
yum updateinfo list bugzillas
The first command may show:
Updates Information Summary: available
3 Important Security notice(s)
2 Bugfix notice(s)
updateinfo summary done
The second command will display the advisory info such as:
RHSA-2013:0772 Important/Sec. mysql-5.1.69-1.el6_4.x86_64
Then you can apply the update based on the advisory:
yum update --advisory RHSA-2013:0772
Notes for CentOS users
At the time of this writing, CentOS does not have the yum security feature implemented. This might change in a future. Stay tuned.
Notes for Scientific Linux users
Scientific Linux has been providing the package updates in two repositories, sl-security and sl-fastbugs. The sl-security repo contains security-related packages plus their dependencies and is shipped enabled by default. The sl-fastbugs repository is for non-security updates which is shipped disabled. Thus, applying security only updates is the default behavior.