For RHEL 6 , need to check yum-security-plugin is installed (for RHEL 7 it has been incorporated into yum)

 #rpm -qa | grep yum-plugin-security
 yum-plugin-security-1.1.30-14.el6.noarch

Check for critical security updates

 # yum --security --sec-severity=Critical check-update
 Loaded plugins: package_upload, product-id, security, subscription-manager
 This system is receiving updates from Red Hat Subscription Management.
 rhel-6-server-rpms                                                                                       | 2.0 kB     00:00
 rhel-6-server-rpms/primary                                                                               |  29 MB     00:00
 rhel-6-server-rpms                                                                                                  18431/18431
 Limiting package lists to security relevant ones
 rhel-6-server-rpms/updateinfo                                                                            | 3.3 MB     00:00
 23 package(s) needed for security, out of 585 available
 
 glibc.i686                                                  2.12-1.192.el6                       rhel-6-server-rpms
 glibc.x86_64                                                2.12-1.192.el6                       rhel-6-server-rpms
 glibc-common.x86_64                                         2.12-1.192.el6                       rhel-6-server-rpms
 glibc-devel.x86_64                                          2.12-1.192.el6                       rhel-6-server-rpms
 glibc-headers.x86_64                                        2.12-1.192.el6                       rhel-6-server-rpms
 java-1.6.0-openjdk.x86_64                                   1:1.6.0.41-1.13.13.1.el6_8           rhel-6-server-rpms
 java-1.7.0-openjdk.x86_64                                   1:1.7.0.121-2.6.8.1.el6_8            rhel-6-server-rpms
 libsmbclient.x86_64                                         3.6.23-36.el6_8                      rhel-6-server-rpms
 nscd.x86_64                                                 2.12-1.192.el6                       rhel-6-server-rpms
 nspr.x86_64                                                 4.11.0-1.el6                         rhel-6-server-rpms
 nss.x86_64                                                  3.21.3-2.el6_8                       rhel-6-server-rpms
 nss-sysinit.x86_64                                          3.21.3-2.el6_8                       rhel-6-server-rpms
 nss-tools.x86_64                                            3.21.3-2.el6_8                       rhel-6-server-rpms
 nss-util.x86_64                                             3.21.3-1.el6_8                       rhel-6-server-rpms
 ruby.x86_64                                                 1.8.7.374-4.el6_6                    rhel-6-server-rpms
 ruby-libs.x86_64                                            1.8.7.374-4.el6_6                    rhel-6-server-rpms
 samba.x86_64                                                3.6.23-36.el6_8                      rhel-6-server-rpms
 samba-client.x86_64                                         3.6.23-36.el6_8                      rhel-6-server-rpms
 samba-common.x86_64                                         3.6.23-36.el6_8                      rhel-6-server-rpms
 samba-winbind.x86_64                                        3.6.23-36.el6_8                      rhel-6-server-rpms
 samba-winbind-clients.x86_64                                3.6.23-36.el6_8                      rhel-6-server-rpms
 samba4-libs.x86_64                                          4.2.10-7.el6_8                       rhel-6-server-rpms
 xulrunner.x86_64                                            17.0.10-1.el6_4                      rhel-6-server-rpms

To find the advisory references

 # yum --sec-severity=Critical updateinfo list
 Loaded plugins: package_upload, product-id, security, subscription-manager
 This system is receiving updates from Red Hat Subscription Management.
 rhel-6-server-rpms                                                                                           | 2.0 kB    0:00
 RHSA-2016:0175 Critical/Sec. glibc-2.12-1.166.el6_7.7.i686
 RHSA-2016:0175 Critical/Sec. glibc-common-2.12-1.166.el6_7.7.x86_64
 RHSA-2016:0175 Critical/Sec. glibc-devel-2.12-1.166.el6_7.7.x86_64
 RHSA-2016:0175 Critical/Sec. glibc-headers-2.12-1.166.el6_7.7.x86_64
 RHSA-2013:0605 Critical/Sec. java-1.6.0-openjdk-1:1.6.0.0-1.57.1.11.9.el6_4.x86_64
 RHSA-2013:0602 Critical/Sec. java-1.7.0-openjdk-1:1.7.0.9-2.3.8.0.el6_4.x86_64
 RHSA-2013:0751 Critical/Sec. java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el6_4.x86_64
 RHSA-2013:0957 Critical/Sec. java-1.7.0-openjdk-1:1.7.0.25-2.3.10.3.el6_4.x86_64
 RHSA-2013:1451 Critical/Sec. java-1.7.0-openjdk-1:1.7.0.45-2.4.3.2.el6_4.x86_64
 RHSA-2014:0026 Critical/Sec. java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64
 RHSA-2014:0406 Critical/Sec. java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el6_5.x86_64
 RHSA-2016:0053 Critical/Sec. java-1.7.0-openjdk-1:1.7.0.95-2.6.4.0.el6_7.x86_64
 RHSA-2016:0511 Critical/Sec. java-1.7.0-openjdk-1:1.7.0.99-2.6.5.0.el6_7.x86_64
 RHSA-2016:0675 Critical/Sec. java-1.7.0-openjdk-1:1.7.0.101-2.6.6.1.el6_7.x86_64
 RHSA-2015:0251 Critical/Sec. libsmbclient-3.6.23-14.el6_6.x86_64
 RHSA-2016:0611 Critical/Sec. libsmbclient-3.6.23-30.el6_7.x86_64
 RHSA-2016:0175 Critical/Sec. nscd-2.12-1.166.el6_7.7.x86_64
 RHSA-2014:0917 Critical/Sec. nspr-4.10.6-1.el6_5.x86_64
 RHSA-2014:0917 Critical/Sec. nss-3.16.1-4.el6_5.x86_64
 RHSA-2014:0917 Critical/Sec. nss-sysinit-3.16.1-4.el6_5.x86_64
 RHSA-2014:0917 Critical/Sec. nss-tools-3.16.1-4.el6_5.x86_64
 RHSA-2014:0917 Critical/Sec. nss-util-3.16.1-1.el6_5.x86_64
 RHSA-2013:1764 Critical/Sec. ruby-1.8.7.352-13.el6.x86_64
 RHSA-2013:1764 Critical/Sec. ruby-libs-1.8.7.352-13.el6.x86_64
 RHSA-2015:0251 Critical/Sec. samba-3.6.23-14.el6_6.x86_64
 RHSA-2016:0611 Critical/Sec. samba-3.6.23-30.el6_7.x86_64
 RHSA-2015:0251 Critical/Sec. samba-client-3.6.23-14.el6_6.x86_64
 RHSA-2016:0611 Critical/Sec. samba-client-3.6.23-30.el6_7.x86_64
 RHSA-2015:0251 Critical/Sec. samba-common-3.6.23-14.el6_6.x86_64
 RHSA-2016:0611 Critical/Sec. samba-common-3.6.23-30.el6_7.x86_64
 RHSA-2015:0251 Critical/Sec. samba-winbind-3.6.23-14.el6_6.x86_64
 RHSA-2016:0611 Critical/Sec. samba-winbind-3.6.23-30.el6_7.x86_64
 RHSA-2015:0251 Critical/Sec. samba-winbind-clients-3.6.23-14.el6_6.x86_64
 RHSA-2016:0611 Critical/Sec. samba-winbind-clients-3.6.23-30.el6_7.x86_64
 RHSA-2015:0250 Critical/Sec. samba4-libs-4.0.0-66.el6_6.rc4.x86_64
 RHSA-2013:0614 Critical/Sec. xulrunner-17.0.3-2.el6_4.x86_64
 RHSA-2013:0696 Critical/Sec. xulrunner-17.0.5-1.el6_4.x86_64
 RHSA-2013:0820 Critical/Sec. xulrunner-17.0.6-2.el6_4.x86_64
 RHSA-2013:0981 Critical/Sec. xulrunner-17.0.7-1.el6_4.x86_64
 RHSA-2013:1140 Critical/Sec. xulrunner-17.0.8-3.el6_4.x86_64
 RHSA-2013:1268 Critical/Sec. xulrunner-17.0.9-1.el6_4.x86_64
 RHSA-2013:1476 Critical/Sec. xulrunner-17.0.10-1.el6_4.x86_64
 updateinfo list done

To find out detailed information about an update

 #yum updateinfo RHSA-2016:0175
 Loaded plugins: package_upload, product-id, security, subscription-manager
 This system is receiving updates from Red Hat Subscription Management.
 rhel-6-server-rpms                                                                                                | 2.0 kB     00:00
 
 ===============================================================================
   Critical: glibc security and bug fix update
 ===============================================================================
   Update ID : RHSA-2016:0175
     Release :
        Type : security
      Status : final
      Issued : 2016-02-16 00:00:00
        Bugs : 1293532 - CVE-2015-7547 glibc: getaddrinfo stack-based buffer overflow
        CVEs : CVE-2015-7547
 Description : The glibc packages provide the standard C libraries (libc),

etc…

Recent Changes

Contribute to this wiki

Why not help others by sharing your knowledge? Contribute something to this wiki and join out hall of fame!
Contact us for a user name and password