Hello and I'm a first time poster here and thanks a head of time for your time.

Moved to a new department and found that I'm the new proud administrator for several pre-production and production RHEL servers. I have some background in Linux but not enough to solve a timing issue with patching.

Issue:
I patch once a month. I'm finding that once I've patched my preprods and a day or two later patching the production I have more patches than the day before. So I understand that Linux patches can come in at anytime.


Question:
How does an administrator manage patches that were done on preprods that are the same patches on production? Then next month, picking up the patches that were released the day after patching the preprods?


Again, thank you for your help.
GS

1: Patch pre_prod ahead of PROD, not the other way around. That way, if you have an issue with a patch (and if you patch long enough, you'll have an issue) it saves the screaming and threats to your life/reputation/employment status that invariably ensue when you hose down prod with a bad patch (trust me, it's unpleasant).
2: How you manage your patching has a lot to do with how large and diverse your environment is. If you can tell me more about that, I might be able to make a suggestion.
Are you managing servers or instances?
How many of each?
What tools do you have available to do this?
3: Security patches should be implemented on an accelerated schedule to PROD. How accellerated depends on how serious you percieve the issue they address to be. The recent Bash patch went into prod three days after RH released it, it went into "PRE_PROD" the day it was released. The latest "bug fix" patch ground around in "Pre_Prod" for a quarter before I moved it over to prod. What the patch addresses has a lot to do with how much you need to bend your patching schedule to implement it.