[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Update only of security vulnerabilities?

Hi All :)

Is usage of

1) # unattended-upgrade --dry-run

command with proper configuration of /etc/apt/apt.conf.d/50unattended-upgrades file the best choice for checking available security updates?

Another options as I found are: 

2) #apt-get -s dist-upgrade | grep "^Inst" | grep -i security"
3) put all security repositories to a dedicated file (for example /etc/apt/security.sources.list) and run

#apt-get -u upgrade --assume-no -o Dir::Etc::SourceList=/etc/apt/security.sources.list

I found that in CentOS for example checking of available security updates is broken because of lack of errata info in their official repositories. So I want to be SURE that I am using the best command for the task :)

How are you performing such checking?


Reply to: