Updated on 2024-09-14 GMT+08:00

Installing Security Updates

  • Run the yum upgrade --security command to install all security updates.
    [root@localhost ~]# yum upgrade --security
    Last metadata expiration check: 5:21:24 ago on Tue 13 Sep 2022 09:43:13 AM CST.
    Dependencies resolved.
    =================================================================
    Package		Arch		Version			      Repository	Size
    =================================================================
    Installing:
    Kernel		x86_64		5.10.0-60.18.0.50.h498_2.hce2	hce2		49 M
    Upgrading:
    Curl	        x86_64		7.79.1-2.h6.hce2	        hce2		147 k
    ...
    Transaction Summary
    =================================================================
    Install   1 Package
    Upgrade  22 Packages
    Total download size: 69 M
    Is this ok [y/N]:
  • Run the yum upgrade --sec-severity={Critical,Important,Moderate,Low} command to install security updates of the specified level.

    Values in the brackets can be any combination of security update levels.

    [root@localhost ~]# yum upgrade --sec-severity=Moderate
    Last metadata expiration check: 0:32:27 ago on Thu 08 Sep 2022 05:30:23 PM CST.
    Dependencies resolved.
    =================================================================
    Package	                Architecture	        Version			 Repository	    Size
    =================================================================
    Upgrading:
    gnupg2		        x86_64		        2.2.32-1.h6.hce2	  hce2		    2.2 M
    python3-unbound         x86_64                  1.13.2-3.h2.hce2          hce2              96 k
    unbound-libs            x86_64	                1.13.2-3.h2.hce2	  hce2		    505 k
    Transaction Summary
    =================================================================Upgrade		3 Packages
    Total download size: 2.8 M
    Is this ok [y/N]:
  • Run the yum upgrade --advisory =<SA ID> command to install security updates of a specific advisory.

    Multiple packages are separated by commas (,).

    root@localhost ~]# yum upgrade --advisory=HCE2-SA-2022-0033
    Last metadata expiration check: 1:48:44 ago on Tue 13 Sep 2022 09:43:13 AM CST.
    Dependencies resolved.
    =================================================================
    Package              Architecture            Version	            Repository	       Size
    =================================================================
    Upgrading:
    python3-rpm	        x86_64		4.17.0-8.h13.hce2		hce2		87 k
    rpm			x86_64		4.17.0-8.h13.hce2		hce2		498 k
    rpm-libs		x86_64		4.17.0-8.h13.hce2		hce2		376 k
    Transaction Summary
    =================================================================
    Upgrade  3 Packages
    Total download size: 962 k
    Is this ok [y/N]:
  • Run the yum upgrade --cve=<CVE ID> command to install security updates of a specific CVE.

    Multiple packages are separated by commas (,).

    [root@localhost ~]# yum upgrade --cve=CVE-2021-28861
    Last metadata expiration check: 5:16:36 ago on Tue 13 Sep 2022 09:43:13 AM CST.
    Dependencies resolved.
    =================================================================
    Package			      Architecture	Version			Repository	Size
    =================================================================
    Upgrading:
    python3				x86_64	       3.9.9-7.h10.hce2	        hce2	        8.0 M
    python3-unversioned-command	x86_64	       3.9.9-7.h10.hce2	        hce2	        3.9 k
    Transaction Summary
    =================================================================
    Upgrade  2 Packages
    Total download size: 8.0 M
    Is this ok [y/N]: