Hi All :)
Is usage of
1) # unattended-upgrade --dry-run
command with proper configuration of /etc/apt/apt.conf.d/50unattended-upgrades file the best choice for checking available security updates?
Another options as I found are:
2) #apt-get -s dist-upgrade | grep "^Inst" | grep -i security"
3) put all security repositories to a dedicated file (for example /etc/apt/security.sources.list) and run
#apt-get -u upgrade --assume-no -o Dir::Etc::SourceList=/etc/apt/security.sources.list
I found that in CentOS for example checking of available security updates is broken because of lack of errata info in their official repositories. So I want to be SURE that I am using the best command for the task :)
How are you performing such checking?
BR,
Rafal.