Most of the security issues are to do with the kernel, and you can upgrade it without all the rest.
The problem with upgrading the whole thing is glibc. every thing depends on it and nothing much works without it.
So if you urpmi a current source but leave out glibc (in the urpmi skip list, I usually have kde, kernel glibc and xorg listed in there so as not to break my system, minor updates not upgrade.) it should be ok.
But as the ppl above said, you'd be quicker and safer to get a whole distro.
BTW, kat seems to work for me, You just have to leave it(can take all day) to catalog everything into it's database
And your searches will be swift.
Otherwise as Ixthusdan said, your in for some "fun"
(edit) Here,
ftp://ftp.planetmirror.com/pub/mandr.../main_updates/
you can find a kernel and kernel-sources ver 2.6.12. If you have a standard PC with only one processor and less than a gig of ram I'd go for this one,
ftp://ftp.planetmirror.com/pub/mandr...-1mdk.i586.rpm
A nice rule of thumb, go for even numbers.
There are newer versions available but you start getting into cooker/developement territory.
Hope that helps.