Scanning offline RHEL6 for missing security updates
 

Greetings,

I have an offline RHEL6 server, and I need to scan it for missing updates. What is the best method for determining which security relevant updates I need to apply? Thanks in advance for your help.

Nate
ISSO/SysAdmin

I am renewing my RHN (RHSN) this week, so I'll have paid support, but in the meantime I'd like to be able to determine which security relevant updates my offline system needs, if possible. I have to provide documentation to the government regarding which updates I plan to install, and when I install them. If I can't determine what updates I need before my subscription is renewed, then so be it, but I didn't realize that was the case.

More context: I just inherited this out of date system, so my priority is to bring it current asap.

Thanks for your time.

Thank you for explaining your situation, but please lead with such details in the future. Context always helps people answer questions. Once your subscription is paid for, you can just list the available updates for both packages and just security related ones, and not apply them. This is covered in the Red Hat knowledgebase:
https://access.redhat.com/documentat..._Packages.html
https://access.redhat.com/solutions/10021
https://access.redhat.com/solutions/258973

"yum list available" is a good thing to run. Also, you need to be aware that just pretty much ANY update is 'security relevant'...an old package may have vulnerabilities that you don't think about. Getting things current is your best bet.